"God made the integers; all else is the work of man" Leonard Kronecker
This B log will be about Java Card and Information Security
because Marisa Fagan dewzi says you gotta have a blog & a twitter
right now twitter is overloaded and cant/isnt send/ing my conformation
referred to by lavamunky
____________________________________________________________________
About Me:
I wrote an 80386 Assembler Modular Division (from Knuth, naturally) pre 1990 which may have been the fastest PC RSA in the world for a few months.
____________________________________________________________________
Here are some Java Card links :
jcManager
frombrokenmill
Loads and registers a CAP!
__________________________________________________________
Jaccal:
jaccal
comes with anubis.exe: program send commands to card.. saush shows how to use it to read your bank account number from EMV card (VISA card with a chip)
__________________________________________________________
BER/ASN decoder: asn1ve.exe
the free version is a neat decoder. asn1ve
Card data is sometimes BER encoded, hint: cut and paste into asn1ve to see if it decodes.
The Java TLV class is typically abstruse...
...
My comment on this coment posted in 0x9000
"CPLC data is Visa proprietary. At the beginning (OP 2.0.1) they used to maintain a list for all the tags, but not anymore. " sun
[Still not published it seems]
Note CPLC is not actually "tagged" it is arranged in blocks of 4 or 8 bytes
__________________________________________
Java Card tools cont... #2 (why cant I paste WinWords silly "hyperlinks" here???)
emvlab ...<<< Recommended
decodes tlv, does DESede, does kcv, derives session keys from the card master key,
as specd in in EMV 4.1, Book 2, Part III, Annex A1.3.
__________________________________________
[EMV seem to have moved on to 4.2
emvco emvco.com
__________________________________________
ttfn http://www.ttfn.net/techno/smartcards/iso7816_4.html
is a neat layout of iso7816
__________________________________________
free-books-online http://free-books-online.net/emv-iso-7816-6-tlv-pdf-7
a good search engine for docs
__________________________________________
seen: Several Python 'hello world' caps - ...
__________________________________________
Omnikey diagnostic tool:
get ATR and UID
hidglobal hidglobal.com/driver << 1st step in examining a card
__________________________________________
All you want to know about ATR .. and more
(you dont need to know anything about ATR except: it often has some descriptive text "historical data"
eg
ATR 3B 8A 80 01 4A 43 4F 50 33 31 56 32 33 32 7A
.... J C O P 3 1 V 2 3 2 z
satxpress http://www.sat.su/satxpress/SmartCard/ISO7816-3.htm
also describes T=0 and T=1 differences, oddly enough, would have been usefull to know
__________________________________________
Accecss Java Card from a web page .springcard.com
05/07/2010, 05:23 by johann.d
I wont be deleting spam so expect the usual crapola
ReplyDelete