G&D SmartCafe (Sm@rtCafé) Expert 3.2 72K is a trick master #28
Description
So I've done the naive thing and bought 3 "Giesecke and Devrient Sm@rtCafé Expert 3.2 72K". AKA SmartCafe Expert 3.2 Java card 72k Specifically because the keying was called out and made to look easy at this here and GPP's readmes. And also because US DOE is thinking about G+D cards but that's my own work trauma that started this adventure and I don't want to go into it too much.
I'm going to keep the GlobalPlatformPros discussion prompts as structure to avoid restating a lot of things. Also lol, you can tell I'm considering filing this against GPP.
If you can't authenticate to the card, first read this
If you are sure that this is a bug or missing feature (with available documentation/specification), do open an issue. If you do not know the exact keying information, please ask your card vendor.
-- I thought I would know this as it is called out explicitly here in Gids and there in GlobalPlatformPro. But the feedback when I actually run the commands is weird and hard to understand which I'll get to below. The weird feedback between two different versions of GPP probably is be a bug in GPP not Gids. HOWEVER:
https://www.mysmartlogon.com/generic-identity-device-specification-gids-smart-card/tested-cards/ says that this "Needs and unpublished version of the applet" <- Is that out of date or still real?!
Describe the bug
using two different versions of GPP I get two different confusing command prompts back. (lack of feedback really, like maybe it worked but then I can't list things so I'm pretty sure it didn't.)
Information about your card and used reader
GlobalplatformPro Version: I've gotten both the 2018 release (which supports the proper short opts as documented) and the 2020 release which I was having some troubles translating its long options into what is written on both here and GPPs README. :/ This if this is where my troubles start I'll move this over to GPP's discussion forum instead.
Card Platform Version: These Smartcafe Expert 3.2s are Javacard 2.2.1 and GlobalPlatform 2.1.1. That means they were last state of the art in ~2006!! (Eesh)
Reader model/name: SCR3310 by Identive. The UFO puck. I also have a HID 3121 is that helps.
Expected behavior/ of what you expected to happen.
After running
gp -unlock -emv like as described both on the readme and the Testedcards bit
and
gp -install GidsApplet.cap -default
❯ globalplatformpro -install Downloads/GidsApplet.cap -default -d -v -i
Warning: no keys given, using default test key 404142434445464748494A4B4C4D4E4F
I expected it to just work. As the -unlock is supposed to remove the key diversification. But it only get the below message when I try to list my card. And nothing else!! I'm just following the directions. I'm left with a headscratcher.
(this is using the older 2018 release of gpp as it doesn't just fail with the help syntax)
❯ globalplatformpro -l -d -v -i
Warning: no keys given, using default test key 404142434445464748494A4B4C4D4E4F
I think I'm getting the keying correct because before I did the proper key stuff I used to get errors like described in these posts like this
"Error: At position 1 the len is more then 3 [32]" from GlobalPlatformPro.
https://stackoverflow.com/questions/68087131/cannot-list-or-install-cap-files-in-javacard-after-unlocking-why-and-how-to-so
https://muscle.musclecard.narkive.com/AWWgaYSL/get-error-while-loading-applet-on-smartcafe-expert-3-2-72k-smart-card
kaoh/globalplatform#48