验证和验证之间的区别?

时间:2014-06-21 10:13:58

标签: smartcard javacard apdu

如您所知,我们通过INITIAL UPDATEEXTERNAL AUTHENTICATION命令向卡片证明我们是真实用户,如下所示:

< 80 50 00 00 08 | Host Challenge
> ...
< 84 82 03 00 10 | Host Cryptogram | MAK
> ...

我想知道,此身份验证过程与使用VERIFYING APDU的CLA 20 P1 P2 Lc Data Le进程之间有何区别?

所有卡都支持两种?或者每张卡使用这种机制之一?


更新 如您所见,我成功上传并在卡上安装了我的小程序,[不使用验证]!

为什么我需要verificatin:

C:\Users\ghasemi\Desktop\gpj-20120310>gpj -load e:\helloW.cap -install

C:\Users\ghasemi\Desktop\gpj-20120310>java -jar gpj.jar -load e:\helloW.cap -ins
tall
Found terminals: [PC/SC terminal ACS CCID USB Reader 0]
Found card in terminal: ACS CCID USB Reader 0
ATR: 3B 68 00 00 00 73 C8 40 12 00 90 00
DEBUG: Command  APDU: 00 A4 04 00 07 A0 00 00 01 51 00 00
DEBUG: Response APDU: 6A 82
Failed to select Security Domain GP211 A0 00 00 01 51 00 00 , SW: 6A 82
DEBUG: Command  APDU: 00 A4 04 00 08 A0 00 00 00 18 43 4D 00
DEBUG: Response APDU: 6A 82
Failed to select Security Domain GemaltoXpressPro A0 00 00 00 18 43 4D 00 , SW:
6A 82
DEBUG: Command  APDU: 00 A4 04 00 08 A0 00 00 00 03 00 00 00
DEBUG: Response APDU: 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 01 FF 90 0
0
Successfully selected Security Domain OP201a A0 00 00 00 03 00 00 00
DEBUG: Command  APDU: 80 50 00 00 08 A7 C9 58 B7 D1 B6 84 E9
DEBUG: Response APDU: 00 00 11 60 01 00 8A 79 0A F9 FF 02 00 31 DF AA 47 16 6E 9
7 B8 02 20 8F 8E A0 1B 88 90 00
DEBUG: Command  APDU: 84 82 00 00 10 0D D7 A4 DF 75 E4 CA 5C 9E EE 25 3F 96 A7 8
A 8B
DEBUG: Response APDU: 90 00
DEBUG: Command  APDU: 84 82 00 00 08 0D D7 A4 DF 75 E4 CA 5C
DEBUG: Response APDU: 90 00
DEBUG: packagePath: helloWorldPackage/javacard/
DEBUG: package: helloWorldPackage
DEBUG: package AID: 01 02 03 04 05 06 07 08 09 00
DEBUG: applet AIDs: [01 02 03 04 05 06 07 08 09 00 00 ]
DEBUG: Command  APDU: 80 E6 02 00 17 0A 01 02 03 04 05 06 07 08 09 00 08 A0 00 0
0 00 03 00 00 00 00 00 00
DEBUG: Response APDU: 00 90 00
DEBUG: Command  APDU: 80 E6 02 00 17 0A 01 02 03 04 05 06 07 08 09 00 08 A0 00 0
0 00 03 00 00 00 00 00 00
DEBUG: Response APDU: 00 90 00
DEBUG: Command  APDU: 80 E8 00 00 FF C4 82 01 49 01 00 14 DE CA FF ED 01 02 04 0
0 01 0A 01 02 03 04 05 06 07 08 09 00 02 00 1F 00 14 00 1F 00 0F 00 0B 00 2E 00
0C 00 7D 00 18 00 12 00 00 00 6F 00 02 00 01 00 0B 01 01 00 04 00 0B 01 02 01 07
 A0 00 00 00 62 01 01 03 00 0F 01 0B 01 02 03 04 05 06 07 08 09 00 00 00 08 06 0
0 0C 00 80 03 00 FF 00 07 01 00 00 00 1C 07 00 7D 00 01 10 18 8C 00 00 7A 05 30
8F 00 01 3D 8C 00 02 18 1D 04 41 18 1D 25 8B 00 03 7A 02 23 18 8B 00 04 60 03 7A
 19 8B 00 05 2D 1A 03 25 11 00 FF 53 5B 32 1A 04 25 11 00 FF 53 5B 29 04 1F 60 0
8 11 6E 00 8D 00 06 16 04 73 00 10 00 00 00 00 00 09 18 19 8C 00 07 70 08 11 6D
00 8D 00 06 7A 05 22 19 8B 00 05 2D 7B 00 08 92 32 7B 00 08 03 1A 03 1F 8D 00 09
 3B 19 03 1F 8B 00 0A 7A 08 00 18 00 02 00 01 00 01 03 00 0B 48 65 64 61 79 74 2
0
DEBUG: Response APDU: 00 90 00
DEBUG: Command  APDU: 80 E8 00 00 FF C4 82 01 49 01 00 14 DE CA FF ED 01 02 04 0
0 01 0A 01 02 03 04 05 06 07 08 09 00 02 00 1F 00 14 00 1F 00 0F 00 0B 00 2E 00
0C 00 7D 00 18 00 12 00 00 00 6F 00 02 00 01 00 0B 01 01 00 04 00 0B 01 02 01 07
 A0 00 00 00 62 01 01 03 00 0F 01 0B 01 02 03 04 05 06 07 08 09 00 00 00 08 06 0
0 0C 00 80 03 00 FF 00 07 01 00 00 00 1C 07 00 7D 00 01 10 18 8C 00 00 7A 05 30
8F 00 01 3D 8C 00 02 18 1D 04 41 18 1D 25 8B 00 03 7A 02 23 18 8B 00 04 60 03 7A
 19 8B 00 05 2D 1A 03 25 11 00 FF 53 5B 32 1A 04 25 11 00 FF 53 5B 29 04 1F 60 0
8 11 6E 00 8D 00 06 16 04 73 00 10 00 00 00 00 00 09 18 19 8C 00 07 70 08 11 6D
00 8D 00 06 7A 05 22 19 8B 00 05 2D 7B 00 08 92 32 7B 00 08 03 1A 03 1F 8D 00 09
 3B 19 03 1F 8B 00 0A 7A 08 00 18 00 02 00 01 00 01 03 00 0B 48 65 64 61 79 74 2
0
DEBUG: Response APDU: 00 90 00
DEBUG: Command  APDU: 80 E8 80 01 4E 3A 29 20 20 00 00 00 00 05 00 2E 00 0B 06 8
0 03 00 01 00 00 00 06 00 00 01 03 80 03 02 03 80 03 03 03 80 0A 01 06 80 07 01
06 00 00 5F 05 00 00 00 06 80 10 02 03 80 0A 08 09 00 12 00 00 00 0E 05 06 04 0A
 07 07 1D 10 08 07 04 05 07 07
DEBUG: Response APDU: 00 90 00
DEBUG: Command  APDU: 80 E8 80 01 4E 3A 29 20 20 00 00 00 00 05 00 2E 00 0B 06 8
0 03 00 01 00 00 00 06 00 00 01 03 80 03 02 03 80 03 03 03 80 0A 01 06 80 07 01
06 00 00 5F 05 00 00 00 06 80 10 02 03 80 0A 08 09 00 12 00 00 00 0E 05 06 04 0A
 07 07 1D 10 08 07 04 05 07 07
DEBUG: Response APDU: 00 90 00
DEBUG: Command  APDU: 80 E6 0C 00 29 0A 01 02 03 04 05 06 07 08 09 00 0B 01 02 0
3 04 05 06 07 08 09 00 00 0B 01 02 03 04 05 06 07 08 09 00 00 01 00 02 C9 00 00

DEBUG: Response APDU: 00 90 00
DEBUG: Command  APDU: 80 E6 0C 00 29 0A 01 02 03 04 05 06 07 08 09 00 0B 01 02 0
3 04 05 06 07 08 09 00 00 0B 01 02 03 04 05 06 07 08 09 00 00 01 00 02 C9 00 00

DEBUG: Response APDU: 00 90 00

2 个答案:

答案 0 :(得分:1)

根据:ISO 7816-4:智能卡交换的行业间命令。

VERIFY命令启动从接口设备发送的验证数据卡中的比较,其中包含存储在卡中的参考数据(例如密码)。

AUTHENTICATE命令使用从接口设备发送的质询数据和存储在卡中的相关秘密(例如密钥),通过卡启动验证数据的计算

答案 1 :(得分:0)

初始化update和ext auth命令用于在off card和card实体之间建立安全通道。 而00 20 .... apdu用于验证卡管理器引脚。 因此,所有符合GP标准的卡都将支持这两种卡。 有卡经理是卡的所有者,所以要认证自己或者说要到卡经理你可以使用初始化更新和ext auth。 或者您可以选择卡片管理员并使用00 20 ...命令向卡片管理员验证。