<html xmlns="http://www.w3.org/1999/xhtml" xmlns:html="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title> Cyberflex – OpenSC </title><style type="text/css"> @import url(trac.css); </style></head><body><div id="content" class="wiki"> <div class="wikipage searchable"> <h1 id="SchlumbergerAxaltoCyberflex">Schlumberger / Axalto Cyberflex</h1> <p> Earlier versions of Cyberflex cards have the same or a very similiar filesystem interface like the Cryptoflex cards. Those cards work well with OpenSC. </p> <p> Newer versions however are pure JavaCards and will not work without a JavaApplet. </p> <p> <a class="ext-link" href="http://www.musclecard.com/" shape="rect"><span class="icon"> </span>MuscleCard</a> is an open source software containing a Java Cardlet for several smart cards implementing the JavaCard standard. Starting with OpenSC 0.11.2 support for MuscleCard has been added. </p> <p> Current Test Status: Only for the brave! This might kill your card! No warranty whatsoever! But initialization with OpenSC works. </p> <h2 id="Readerconfiguration">Reader configuration</h2> <p> If you have an e-gate token, you need to <a class="wiki" href="e-gate.html" shape="rect">configure it for PC/SC</a> properly, as the tools used for loading the applet into the card only speak PC/SC. </p> <h2 id="InstallingGlobalPlatformtools">Installing GlobalPlatform tools</h2> <p> First you need to install gpshell from the <a class="ext-link" href="http://sourceforge.net/projects/globalplatform/" shape="rect"><span class="icon"> </span>GlobalPlatform open source project</a>: </p> <pre class="wiki" xml:space="preserve">wget http://heanet.dl.sourceforge.net/sourceforge/globalplatform/globalplatform-5.0.0.tar.gz tar xfvz globalplatform-5.0.0.tar.gz cd globalplatform-5.0.0 ./configure --prefix=/usr make sudo make install cd .. wget http://heanet.dl.sourceforge.net/sourceforge/globalplatform/gpshell-1.4.0.tar.gz tar xfvz gpshell-1.4.0.tar.gz cd gpshell-1.4.0 ./configure --prefix=/usr make sudo make install cd .. </pre><p> Note: gpshell 1.4.1 and later <strong>do not</strong> work with these instructions and give an error: </p> <pre class="wiki" xml:space="preserve">install -file CardEdgeII.ijc -nvDataLimit 12000 -instParam 00 -priv 2 Command --> 80E602001B05A00000000107A0000000030000000AEF08C6023100C8022EE00000 Wrapped command --> 84E602002305A00000000107A0000000030000000AEF08C6023100C8022EE0002C197064B44B6AC700 Response <-- 6A80 install_for_load() returns 0x80206A80 (6A80: Wrong data / Incorrect values in command data.) </pre><p> Bug @ sf.net: <a class="ext-link" href="https://sourceforge.net/tracker2/?func=detail&aid=2406176&group_id=143343&atid=755201" shape="rect"><span class="icon"> </span>https://sourceforge.net/tracker2/?func=detail&aid=2406176&group_id=143343&atid=755201</a> </p> <h2 id="LoadingMuscleCardApplet">Loading MuscleCard Applet</h2> <p> The Muscle Web page is at <a class="ext-link" href="http://www.musclecard.com/" shape="rect"><span class="icon"> </span>http://www.musclecard.com/</a> but you can download the Applet directly from <a class="ext-link" href="http://www.identityalliance.com/CardEdgeII.ijc" shape="rect"><span class="icon"> </span>http://www.identityalliance.com/CardEdgeII.ijc</a>. A recent copy is also attached to this wiki <a class="attachment" href="/opensc/attachment/wiki/Cyberflex/CardEdgeII.ijc" title="Attachment 'CardEdgeII.ijc' in Cyberflex" shape="rect">attachment:CardEdgeII.ijc</a><span class="noprint"> <a class="trac-rawlink" href="/opensc/raw-attachment/wiki/Cyberflex/CardEdgeII.ijc" title="Download" shape="rect"><img src="/opensc/chrome/common/download.png" alt="Download"></img></a></span> </p> <p> You need to run gpshell with these commands: </p> <pre class="wiki" xml:space="preserve">$ gpshell mode_201 enable_trace establish_context card_connect -readerNumber 1 // Depends on your reader select -AID a0000000030000 open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f // Open secure channel delete -AID A0000003230101 delete -AID A00000032301 delete -AID A00000000101 delete -AID A000000001 install -file CardEdgeII.ijc -nvDataLimit 12000 -instParam 00 -priv 2 card_disconnect release_context </pre><p> The last two "delete" commands will remove an older version of the applet. </p> <p> Next you need to set the PIN codes to "00000000", so you can initialize the card. </p> <pre class="wiki" xml:space="preserve">opensc-tool -s 00:A4:04:00:06:A0:00:00:00:01:01 -s B0:2A:00:00:38:08:4D:75:73:63:6C:65:30:30:04:01:08:30:30:30:30:30:30:30:30:08:30:30:30:30:30:30:30:30:05:02:08:30:30:30:30:30:30:30:30:08:30:30:30:30:30:30:30:30:00:00:17:70:00:02:01 </pre><p> Now the token has a working MuscleCard Applet and is ready for use with OpenSC. </p> <h2 id="UsingtheTokenwithOpenSC">Using the Token with OpenSC</h2> <pre class="wiki" xml:space="preserve">pkcs15-init -EC -p pkcs15+onepin </pre><p> If you're asked for "Unspecified PIN [reference 1] required", use "00000000". </p> <pre class="wiki" xml:space="preserve">$ pkcs15-init -EC -p pkcs15+onepin --pin 1234 --puk 12345678 Using reader with a card: Eutron SIM Pocket Combo 01 00 Unspecified PIN [reference 1] required. Please enter Unspecified PIN [reference 1]: $ pkcs15-tool -D Using reader with a card: Eutron SIM Pocket Combo 01 00 PKCS#15 Card [MUSCLE]: Version : 1 Serial number : 0000 Manufacturer ID: Identity Alliance Last update : 20081207120153Z Flags : EID compliant PIN [User PIN] Com. Flags: 0x3 ID : 01 Flags : [0x10], initialized Length : min_len:4, max_len:8, stored_len:8 Pad char : 0x00 Reference : 1 Type : ascii-numeric Path : 3f005015 </pre><h1 id="FAQ">FAQ</h1> <h3 id="WhattodoonWindows">What to do on Windows ?</h3> <p> <a class="ext-link" href="http://sourceforge.net/projects/globalplatform" shape="rect"><span class="icon"> </span>http://sourceforge.net/projects/globalplatform</a> has a download package of GPShell.exe for windows, so no need to compile it on your own. </p> <p> Download </p> <ul><li><a class="ext-link" href="http://mesh.dl.sourceforge.net/sourceforge/globalplatform/GPShell-1.3.1.zip" shape="rect"><span class="icon"> </span>http://mesh.dl.sourceforge.net/sourceforge/globalplatform/GPShell-1.3.1.zip</a> </li><li><a class="ext-link" href="http://www.identityalliance.com/CardEdgeII.ijc" shape="rect"><span class="icon"> </span>http://www.identityalliance.com/CardEdgeII.ijc</a> </li></ul><p> and unzip both in the current directory. Run the same commands mentioned above and you should be fine. Note however that this is 100% untested, please report back if it works (or not) on the opensc-user or opensc-devel <a class="wiki" href="MailingLists.html" shape="rect">MailingLists</a>. Thanks for your feedback! </p> <h3 id="Isthereatoolforit">Is there a tool for it?</h3> <p> A small tool to get some information about the cards can be found here: <a class="ext-link" href="http://www.contrib.andrew.cmu.edu/~cg2v/jcop-opensc-0.2.tar.gz" shape="rect"><span class="icon"> </span>http://www.contrib.andrew.cmu.edu/~cg2v/jcop-opensc-0.2.tar.gz</a> It was written for IBM JCop cards but should work as well with Cyberflex cards. Note: Does not work with latest OpenSC as sc_check_sw symbol is not exported from libopensc. </p> <h3 id="HowcanIformatorupdatecardswiththeoldapplet">How can I format or update cards with the old applet?</h3> <p> If you use ID Ally - it will delete the old applet before installation of the new. gpshell should allow you to delete: first A00000000101 then A000000001 </p> <h3 id="WhatcanIdoifIspecifiedatoosmallsize">What can I do if I specified a too small size?</h3> <p> Delete A00000000101 (instance) and reinstantiate to a larger size. (this will delete all data / key / ... ) </p> <h3 id="ImaskedaboutUnspecifiedPINReference1">I'm asked about Unspecified PIN [Reference 1]</h3> <p> There are two APDUs that have to be run first if you use GPShell (which sets the default pins, puks, etc): </p> <p> <tt>00 A4 04 00 06 A0 00 00 00 01 01</tt> and <tt>B0 2A 00 00 38 08 4D 75 73 63 6C 65 30 30 04 01 08 30 30 30 30 30 30 30 30 08 30 30 30 30 30 30 30 30 05 02 08 30 30 30 30 30 30 30 30 08 30 30 30 30 30 30 30 30 00 00 17 70 00 02 01</tt> </p> <p> Both need to be send in one go - without card reset in between. The first selects the muscle applet, the second sets the default pins to "00000000". You can copypaste the above opensc-tool line to execute these commands. </p> </div><ul class="tags"><li class="header">Tags</li><li><a href="/opensc/tags/%27card%27" rel="tag" shape="rect">card</a> </li><li><a href="/opensc/tags/%27javacard%27" rel="tag" shape="rect">javacard</a> </li><li><a href="/opensc/tags/%27supported%27" rel="tag" shape="rect">supported</a> </li></ul> <h3>Attachments</h3> <ul> <li> <a href="/opensc/attachment/wiki/Cyberflex/CardEdgeII.ijc" title="View attachment" shape="rect">CardEdgeII.ijc</a> <a href="/opensc/raw-attachment/wiki/Cyberflex/CardEdgeII.ijc" title="Download" class="trac-rawlink" shape="rect"><img src="/trac/download.png" alt="Download"></img></a> (<span title="12532 bytes">12.2 KB</span>) - added by <em>martin</em> <a class="timeline" href="/opensc/timeline?from=2008-12-07T10%3A52%3A01Z&precision=second" title="2008-12-07T10:52:01Z in Timeline" shape="rect">15 months</a> ago. <q>Applet to load onto the card</q> </li> </ul> </div><div class="footer"><hr></hr><p><a href="index.html">Back to Index</a></p></div></body></html>