Archive for November, 2008

DECIPHERING THE GEMCLUB MEMO SMART CARD

November 25, 2008 at 9:13 pm · Filed under Smart Cards, Uncategorized ·Tagged

Debian, Redhat, CentOS and Fedora were used as the test systems.

The card used was still in issue mode. The GemClub memo smart card documentation can be downloaded from the following link: https://jwamicha.wordpress.com/?attachment_id=37

1.) Download JSmartCardExplorer from the following URL: http://sourceforge.net/projec/showfiles.php?group_id=233662

2.) Install pcsc-lite, pcsc-lite-libs and pcsc-lite-tools on your system. The PCSC-Lite homepage can be found on the following link: http://pcsclite.alioth.debian.org/

A list of all smart card ATR (Answer To Reset) responses that can be detected by the drivers can be found inside the smartcard_list.txt file: http://ludovic.rousseau.free.fr/softwares/pcsc-tools/smartcard_list.txt

A list of all USB CCID (Chip/Smart Card Interface Devices) and ICCD (Integrated Circuit(s) Card Devices) smart card readers supported by the pcsc-lite drivers can be found on the following link: http://pcsclite.alioth.debian.org/ccid.html

The Gemalto PC Twin Reader was used for my tests.

The logs below show the Gemalto PCT Twin Reader being detected after installation of the pcsc drivers:


Nov 21 14:37:00 localhost pcscd: pcscdaemon.c:464:main() pcsc-lite 1.2.9-beta10 daemon ready.
Nov 21 14:37:01 localhost pcscd: hotplug_libusb.c:406:HPAddHotPluggable() Adding USB device: 002:003
Nov 21 14:37:01 localhost pcscd: readerfactory.c:1098:RFInitializeReader() Attempting startup of Gemplus GemPC Twin 00 00.
Nov 21 14:37:01 localhost pcscd: readerfactory.c:972:RFBindFunctions() Loading IFD Handler 3.0
Nov 21 14:37:01 localhost pcscd: ifdhandler.c:1152:init_driver() LogLevel: 0x0003
Nov 21 14:37:01 localhost pcscd: ifdhandler.c:1162:init_driver() DriverOptions: 0x0000
Nov 21 14:37:01 localhost pcscd: ifdhandler.c:75:IFDHCreateChannelByName() lun: 0, device: usb:08e6/3437:libusb:002:003
Nov 21 14:37:01 localhost pcscd: ccid_usb.c:227:OpenUSBByName() Manufacturer: Ludovic Rousseau (ludovic.rousseau@free.fr)
Nov 21 14:37:01 localhost pcscd: ccid_usb.c:237:OpenUSBByName() ProductString: Generic CCID driver v1.2.4
Nov 21 14:37:01 localhost pcscd: ccid_usb.c:243:OpenUSBByName() Copyright: This driver is protected by terms of the GNU General Public License version 2, or (at your option) any later version.
Nov 21 14:37:01 localhost pcscd: ccid_usb.c:391:OpenUSBByName() Found Vendor/Product: 08E6/3437 (Gemplus GemPC Twin)
Nov 21 14:37:01 localhost pcscd: ccid_usb.c:393:OpenUSBByName() Using USB bus/device: 002/003

Ensure the pcscd daemon is running on your system. Additional serial readers can be configured inside /etc/reader.conf.d.

3.) After installation of the pcsc drivers, we shall now use JSmartCardExplorer to examine the Gemplus smart card.

Start up JSmartCardExplorer:

$java -jar JSmartCardExplorer.jar

4.) Select the protocol type name T0. Connect to the Gemplus Memo Smart card. The Card ATR field should show 0X3B 0X02 0X53 0X01, which is the ATR for the Gemplus Memo smart card.

Our tests may now begin. Page 5 was used to reference the Gemlub Memo Card Memory Map Structure. Page 11 was used to reference for the Area Access Conditions.

Each memory address on the Gemclub Memo smart card will store a WORD. Each word is 4 bytes or 32 bits. While issuing commands to the Gemplus Memo smart card, the length should be the hexadecimal representation of the byte length (not the bit or word length) as we shall see below:

6.) Read Manufacturer area: 0X80 0XBE 0X00 0X00 0X04
0X04 represents one word (4 bytes or 32 bits) inside the memory location address 00 (P2 = 00). The class byte (0x80) and P1 byte (0x00) could be anything since they aren’t tested by the card. See page 17 of the GemClub Memo Card manual for more details.

We will now read continue to read consecutive memory locations from the gemclub memo so we see can see a pattern emerge.

7.) Read Issuer area: 0x80 0xBE 0x00 0x01 0x10
Response: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x40

Find out if card is in issuer or user mode by reading memory location 0x04: 0x80 0xBE 0x00 0x04 0x00 0x04
Response: 0x00 0x00 0x00 0x40

0x40 in binary form = 0100 0000 (01 means that the card is in issuer mode. 10 would mean the card is in user mode. 00 and 11 would mean that the card is blocked. – see page 7 in the manual)

8.) Read Protected Area: 0X80 0XBE 0X00 0X05 0X04
(Memory adress = 0x05)

9.) Read CSC0 Key: 0X80 0XBE 0X00 0X06 0X04
(Memory address = 0x06)

10.) Read CS0 Ratification Counter: 0X80 0XBE 0X00 0X07 0X04

11.) Read CTC1 + CTC1 Backup: 0X80 0XBE 0X00 0X08 0X0C
(0X0C = 12 bytes or 3 four byte words/memory locations)

12.) Read Balance1 + Balance1 Backup: 0X80 0XBE 0X00 0X0B 0X14
(0X14 = 20 bytes or 5 four byte words/memory locations)

13.) Read User Area 1: 0X80 0XBE 0X00 0X10 0X40
(0X40 = 64 bytes or 16 four byte words/memory locations)

14.) Read CTC2 + CTC2 Backup: 0x80 0xBE 0x00 0x20 0x0C

15.) Read Balance2 + Balance2 Backup: 0X80 0XBE 0X00 0X23 0X14

16.) Read User Area 2: 0X80 0XBE 0X00 0X28 0X40

17.) Read CSC1 Key: 0X80 0XBE 0X00 0X38 0X04

18.) Read CS1 Ratification Counter: 0X80 0XBE 0X00 0X39 0X04

19.) Read CSC2 Key: <0X80 0XBE 0X00 0X3B 0X04

20.) Read CS2 Ratification Counter: <0X80 0XBE 0X00 0X3C 0X04

21.) Make the Issuer card emulates the user mode.

Verify CSC0 Key: 0X00 0X20 0X00 0X07 0X04 0XAA 0XAA 0XAA 0XAA
(0x07 = CSC0 Ratification Counter)
(0x04 = Length of data the smart card should expect which in this case is our CSC0 4 byte key)

Send the card into emulated user mode: 0X00 0X20 0X00 0X3A 0X04 0XAA 0XAA 0XAA 0XAA

Now we will continue to use the card as though we were in user mode.

22.) Read User Area 1: 0X80 0XBE 0X00 0X10 0X40

23.) Write to User Area 1:

Verify CSC1 Key: 0x00 0x20 0x00 0x39 0x04 0x11 0x11 0x11 0x11
(0x39 is the CSC1 Ratification counter)
(0x04 = Length of data the smart card should expect which in this case is our 4 byte CSC1 key)

Write 4 bytes to User Area 1: 0x80 0xDE 0x00 0x10 0x04 0x22 0x22 0x22 0x22
0X10 = First Word Address of User Area 1
0x04 = Length of the bytes we want to write to write to the smart card (4 bytes in this case)
0x22 0x22 0x22 0x22 = the 4 bytes we write to the gemclub smart card.

Read User Area 1 to verify our data has been correctly written to the smart card.

24.) Read User Area 2: 0X80 0XBE 0X00 0X28 0X40

25.) Write to User Area 2:

Verify CSC2 Key: 0x00 0x20 0x00 0x3B 0x04 0x22 0x22 0x22 0x22
(0x3B is the CSC2 Ratification counter)

Write 4 bytes to User Area 2: 0x80 0xDE 0x00 0x28 0x04 0x33 0x33 0x33 0x33
0X28 = First Word Address of User Area 2
0x04 = Length of the bytes we want to write to write to the smart card (4 bytes in this case)
0x33 0x33 0x33 0x33 = the 4 bytes we write to the gemclub smart card.

Read User Area 2 to verify our data has been correctly written to the smart card.

GemClub Smart Card successfully deciphered.

REFERENCES:

1.) http://www.gemalto.com
2.) http://pcsclite.alioth.debian.org/
3.) http://jveliot.free.fr/blog/wp-content/smartcardpgonlinuxfornewbies.txt
4.) http://cheef.ru/docs/HowTo/APDU.info
5.) http://cheef.ru/docs/HowTo/SW1SW2.info

Comments (22)

Speed up XUL GUI Development on Linux

November 25, 2008 at 9:22 am · Filed under XUL ·Tagged ,

1.) Install eclipse ganymede: http://www.eclipse.org/downloads/ (Works fastest with SUN’s JDK)


$cd download/path
$tar eclipse-jee-europa-linux-gtk.tar.gz
$vi /usr/local/bin/eclipse

Paste the following text inside to start Eclipse with optimized memory settings: download/path/eclipse/eclipse -clean -configuration download/path/eclipse -vm /path/to/jdk/jdk1.6.0_02/jre/bin/java -vmargs -XX:MaxPermSize=350m -Xms128m -Xmx350m

XX:MaxPermSize and Xmx can be adjusted upwards depending on the amount of memory available on your system. Making -Xms too high seems to make eclipse grow the heap size too high too fast.

2.) Install Eclipse xulbooster plugin; please follow instructions on the link below:

http://cms.xulbooster.org/index.php?option=com_content&task=view&id=14&Itemid=2

You should now have colour coded editors for .xul, .rdf, .js, .dtd and .properties files.

Previews on localized xul documents will not work by default. To enable localized xul document previews using xulbooster, use the trick below:

$cd /etc/gre.d

Open the conf file with the highest version as this is most likely the xulrunner instance the xulbooster plugin is most probably using:

$vi 1.9.0.3.system.conf

4.) Navigate to the location of the xulrunner libs (GRE_PATH) indicated in the gre conf file:


$cd /usr/lib/xulrunner-1.9.0.3
$cd chrome

Find out the exact path of the .dtd files the xul document you want to preview on Eclipse is using for localization. Create a symbolic link to this path inside the chrome folder:


$ln -s /path/to/my/chrome/locale myextension

‘myextension’ can be any name. In our example, myextension will contain the chrome folder within it. The chrome folder will in turn contain the content and locale folders.

5.) Depending on the locale your firefox browser is using, open the corresponding .manifest file. In our case, since we’re using the en-US locale, we open the en-US.manifest file:

$vi en-US.manifest

Append the following line (depending on the name of your symbolink link above and the folder structure within your extension):


locale myextension en-US my_extension/locale/en-US/

The .dtd files (myextension locale files) are now available to the xul instance and by extension the xulbooster plugin. It should now be possible to preview localized xul documents without having to restart firefox. This should hopefully significantly improve one’s speed of xul GUI interface development.

6.) Automatically update your extension by running a script:

$vi /usr/local/sbin/myextension-update

Contents of the script:


#!/bin/sh
cp /path/to/my/extension /home/myhomedirectory/.mozilla/firefox/tame3m4a.default/extensions/{myextension-uuid}/

Now updating your firefox extension with the changes you have made should be as simple as running:

$myextension-update

7.) Install Quick-Restart Firefox extension: https://addons.mozilla.org/en-US/firefox/addon/3559

Now restarting firefox to view the changes you have made to the extension you are developing should be as simple as pressing the Ctrl+Alt+R keys.

XUL Development on Linux is not too well documented on the web yet and any more tips we could add for Linux developers would be highly welcome.

Leave a Comment