CODEWITHSUNDEEP
javacardapducontactless-smartcardglobalplatformpersonalization
Larry Martin
Larry Martin

Reputation: 101

What am I doing wrong: Global Platform StoreData on javacard

I am working with a Java Card for a closed payment application. My sample card has application A0000000041010 containing TLV 9F14, not in a record. I am unable to write that TLV to a blank card. My software can make, select and authenticate the application, but it cannot write the TLV using Store Data (cryptograms are struck out with xx):

Creating application: A0000000041010 OK
A0000000041010 Select: status [00] request string [00A4040007A000000004101000] return string [0200006F009000]
ApduSend EMV3:InitializeUpdate: status [00] request string [8050000008xxxxxxxxxxxxxxxx00] return string [02000000000000000000000000Fxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx9000]
ApduSend EMV3:ExternalAuthenticate: status [00] request string [8482000010xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx] return string [0200009000]
APDU failed: Referenced data or reference data not found (exact meaning depending on the command)
ApduSend GPCS:StoreData: status [00] request string [80E20000059010020303] return string [0200006A88]
Perso Bad
PROXMARK view:
73476256 |   73539712 | Rdr | 02  80  e6  0c  00  2e  0f  a0  00  00  03  96  54  53  00  00  |     |
         |            |     | 00  01  00  04  04  00  10  a0  00  00  03  96  54  53  00  00  |     |
         |            |     | 00  01  00  04  04  00  00  07  a0  00  00  00  04  10  10  01  |     |
         |            |     | 00  02  c9  00  00  84  e1                                      |  ok | ?
83668948 |   83675988 | Tag | 02  00  90  00  2b  76                                          |  ok |
93062352 |   93080944 | Rdr | 02  00  a4  04  00  07  a0  00  00  00  04  10  10  00  77  68  |  ok | ?
93323028 |   93331156 | Tag | 02  6f  00  90  00  9e  24                                      |  ok |
93355200 |   93374880 | Rdr | 03  80  50  00  00  08  xxxxxxxxxxxxxxxx  f3  |     |
         |            |     | 65                                                              |  ok | ?
95096548 |   95134628 | Tag | 03  00  00  00  00  00  00  00  00  00  00  ff  02  00  5d  xx  |     |
         |            |     | xxxxxxxxxxxxxxxx  90  00  a0  |     |
         |            |     | d8                                                              |  ok |
95352592 |   95380400 | Rdr | 02  84  82  00  00  10  xxxxxxxxxxxxxxxx    |     |
         |            |     | xxxxxxxxxxxxxxxx    ab  75                                  |  ok | ?
96440244 |   96446068 | Tag | 02  90  00  f1  09                                              |     |
96478816 |   96493952 | Rdr | 03  80  e2  00  00  05  90  10  02  03  03  d1  0e              |  ok | ?
96581172 |   96587060 | Tag | 03  6a  88  15  da                                              |     |

My references are Global Platform Card Spec, EMV Books 2 and 3, and ISO7816-4 and -9. I have a sample perso script showing APDUs that should work. Here is a short one:

# Log: Writing DGI0x9010
# SendApdu: CPS.StoreData
=> 80 E2 00 0C [05] 9010|02 <0303>
<= [9000]

I tried sending 9010020303 instead of my actual TLV, with the same result.

So what am I doing wrong with these APDUs?

Upvotes: 1

Views: 307

Answers (1)

Larry Martin
Larry Martin

Reputation: 101

It turns out that my APDUs are fine by the standard, but the payment applet is not standard. It expects the TLVs to be wrapped in DGIs that address the data on the chip. Details are specific to the applet and confidential.

Upvotes: 1

Related Questions