diff options
author | Jack Magne <jmagne@localhost.localdomain> | 2015-06-25 11:45:13 -0700 |
---|---|---|
committer | Jack Magne <jmagne@localhost.localdomain> | 2015-07-01 17:04:09 -0700 |
commit | 158ae4bfa03c56c02dcba9066c4dc3ff1806e6a0 (patch) | |
tree | ea2825ab86e993e2d472d9dd01a135470648b0ff | |
parent | b253cad196f57e79a5aede53aceffede1c9edfbe (diff) | |
download | pki-158ae4bfa03c56c02dcba9066c4dc3ff1806e6a0.tar.gz pki-158ae4bfa03c56c02dcba9066c4dc3ff1806e6a0.tar.xz pki-158ae4bfa03c56c02dcba9066c4dc3ff1806e6a0.zip |
Add GP211 applet and latest GP201 applet for RSA.
Ticket # 793: Add support for Secure Channel Protocol 02
Properly select the coolkey applet in the "getAppletVersion" routine.
For some reason the gp211 applet revealed this issue.
Tested to work with both gp211 scp02 card and gp201 scp01 card.
-rw-r--r-- | base/tps/shared/applets/1.4.54de790f.ijc | bin | 0 -> 15022 bytes | |||
-rw-r--r-- | base/tps/shared/applets/1.5.558cdcff.ijc | bin | 0 -> 15666 bytes | |||
-rw-r--r-- | base/tps/shared/applets/readme.txt | 30 | ||||
-rw-r--r-- | base/tps/shared/conf/CS.cfg.in | 45 | ||||
-rw-r--r-- | base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java | 2 |
5 files changed, 34 insertions, 43 deletions
diff --git a/base/tps/shared/applets/1.4.54de790f.ijc b/base/tps/shared/applets/1.4.54de790f.ijc Binary files differnew file mode 100644 index 000000000..5da1ddb81 --- /dev/null +++ b/base/tps/shared/applets/1.4.54de790f.ijc diff --git a/base/tps/shared/applets/1.5.558cdcff.ijc b/base/tps/shared/applets/1.5.558cdcff.ijc Binary files differnew file mode 100644 index 000000000..2f2ea60d4 --- /dev/null +++ b/base/tps/shared/applets/1.5.558cdcff.ijc diff --git a/base/tps/shared/applets/readme.txt b/base/tps/shared/applets/readme.txt index 773e3bac5..cdf12a83a 100644 --- a/base/tps/shared/applets/readme.txt +++ b/base/tps/shared/applets/readme.txt @@ -21,32 +21,18 @@ This directory contains a list of CoolKey applets that can be used by the TPS for applet upgrade. - -Applet Information: ------------------ -File Name Creation Date Applet Ver Major Ver Minor Ver Remark -============ ================ ========== ========= ========= ========== -427BDDB8.ijc 2005/05/06 14:12 427BDDB8 1 3 Official Applet +Beta applet: + +RSA / Key Recovery, GP211/SCP02: + +1.5.558cdcff.ijc -Token Information: ------------------ +Additional applets: -Type CUID (Token ID) ATR Remark -======================== ==================== ======= ================== -Old "E" and ealier cards 40900062ff00ssssssss -(Acquired From WebSite) -"F" cards 40900062ff00ssssssss -(Acquired From WebSite) -"G" & later (Oct/Nov) 409000620103ssssssss -(Acquired From WebSite) -Fortezza cards 409000620103ssssssss -(Acquired From WebSite) -Developement Keyed cards 409000620101ssssssss 3B76940000FF6276010000 -where ssssssss is the serial number. +330J/RSA / Key Recovery: +1.4.54de790f.ijc -Remark -====== -1.3.45787308.ijc - this is the unofficial jForte applet with hacks diff --git a/base/tps/shared/conf/CS.cfg.in b/base/tps/shared/conf/CS.cfg.in index ea98a76ad..fdc3510ed 100644 --- a/base/tps/shared/conf/CS.cfg.in +++ b/base/tps/shared/conf/CS.cfg.in @@ -9,7 +9,10 @@ applet._000=######################################### applet._001=# applet information applet._002=# SAF Key: applet._003=# applet.aid.cardmgr_instance=A0000001510000 -applet._004=######################################### +applet._004=# Stock RSA,KeyRecover applet : 1.4.54de790f.ijc +applet._005=# Beta RSA/KeyRecovery/GP211/SCP02 applet : 1.5.558cdcff.ijc +applet._006=# Use GP211 applet only with SCP02 card +applet._007=######################################### applet.aid.cardmgr_instance=A0000000030000 applet.aid.netkey_file=627601FF0000 applet.aid.netkey_instance=627601FF000000 @@ -98,7 +101,7 @@ channel._001=# channel.encryption: channel._002=# channel._003=# - enable encryption for all operation commands to token channel._004=# - default is true -channel._005=# channel.blocksize=242 +channel._005=# channel.blocksize=224 channel._006=# channel.defKeyVersion=0 channel._007=# channel.defKeyIndex=0 channel._008=# @@ -110,7 +113,7 @@ channel._013=# * channel.instanceSize=18000 channel._014=# * channel.appletMemorySize=5000 channel._015=######################################### channel.encryption=true -channel.blocksize=242 +channel.blocksize=224 channel.defKeyVersion=0 channel.defKeyIndex=0 cms.product.version=@APPLICATION_VERSION@ @@ -409,7 +412,7 @@ op.enroll.delegateIEtoken.update.applet.directory=/usr/share/pki/tps/applets op.enroll.delegateIEtoken.update.applet.emptyToken.enable=true op.enroll.delegateIEtoken.update.applet.enable=true op.enroll.delegateIEtoken.update.applet.encryption=true -op.enroll.delegateIEtoken.update.applet.requiredVersion=1.4.4d40a449 +op.enroll.delegateIEtoken.update.applet.requiredVersion=1.4.54de790f op.enroll.delegateIEtoken.update.symmetricKeys.enable=false op.enroll.delegateIEtoken.update.symmetricKeys.requiredVersion=1 op.format.delegateIEtoken.auth.enable=true @@ -430,7 +433,7 @@ op.format.delegateIEtoken.tks.conn=tks1 op.format.delegateIEtoken.update.applet.directory=/usr/share/pki/tps/applets op.format.delegateIEtoken.update.applet.emptyToken.enable=true op.format.delegateIEtoken.update.applet.encryption=true -op.format.delegateIEtoken.update.applet.requiredVersion=1.4.4d40a449 +op.format.delegateIEtoken.update.applet.requiredVersion=1.4.54de790f op.format.delegateIEtoken.update.symmetricKeys.enable=false op.format.delegateIEtoken.update.symmetricKeys.requiredVersion=1 op.enroll.delegateISEtoken._000=######################################### @@ -667,7 +670,7 @@ op.enroll.delegateISEtoken.update.applet.directory=/usr/share/pki/tps/applets op.enroll.delegateISEtoken.update.applet.emptyToken.enable=true op.enroll.delegateISEtoken.update.applet.enable=true op.enroll.delegateISEtoken.update.applet.encryption=true -op.enroll.delegateISEtoken.update.applet.requiredVersion=1.4.4d40a449 +op.enroll.delegateISEtoken.update.applet.requiredVersion=1.4.54de790f op.enroll.delegateISEtoken.update.symmetricKeys.enable=false op.enroll.delegateISEtoken.update.symmetricKeys.requiredVersion=1 op.format.delegateISEtoken.auth.enable=true @@ -688,7 +691,7 @@ op.format.delegateISEtoken.tks.conn=tks1 op.format.delegateISEtoken.update.applet.directory=/usr/share/pki/tps/applets op.format.delegateISEtoken.update.applet.emptyToken.enable=true op.format.delegateISEtoken.update.applet.encryption=true -op.format.delegateISEtoken.update.applet.requiredVersion=1.4.4d40a449 +op.format.delegateISEtoken.update.applet.requiredVersion=1.4.54de790f op.format.delegateISEtoken.update.symmetricKeys.enable=false op.format.delegateISEtoken.update.symmetricKeys.requiredVersion=1 op.enroll.externalRegAddToToken._000=######################################### @@ -748,7 +751,7 @@ op.enroll.externalRegAddToToken.update.applet.directory=/usr/share/pki/tps/apple op.enroll.externalRegAddToToken.update.applet.emptyToken.enable=true op.enroll.externalRegAddToToken.update.applet.enable=false op.enroll.externalRegAddToToken.update.applet.encryption=true -op.enroll.externalRegAddToToken.update.applet.requiredVersion=1.4.4d40a449 +op.enroll.externalRegAddToToken.update.applet.requiredVersion=1.4.54de790f op.enroll.externalRegAddToToken.update.symmetricKeys.enable=false op.enroll.externalRegAddToToken.update.symmetricKeys.requiredVersion=1 op.format.externalRegAddToToken.auth.enable=true @@ -764,7 +767,7 @@ op.format.externalRegAddToToken.issuerinfo.value=http://[PKI_HOSTNAME]:[PKI_UNSE op.format.externalRegAddToToken.update.applet.directory=/usr/share/pki/tps/applets op.format.externalRegAddToToken.update.applet.emptyToken.enable=true op.format.externalRegAddToToken.update.applet.encryption=true -op.format.externalRegAddToToken.update.applet.requiredVersion=1.4.4d40a449 +op.format.externalRegAddToToken.update.applet.requiredVersion=1.4.54de790f op.format.externalRegAddToToken.update.symmetricKeys.enable=false op.format.externalRegAddToToken.update.symmetricKeys.requiredVersion=1 op.enroll.allowUnknownToken=true @@ -1051,7 +1054,7 @@ op.enroll.soKeyTemporary.update.applet.directory=[TPS_DIR]/applets op.enroll.soKeyTemporary.update.applet.emptyToken.enable=true op.enroll.soKeyTemporary.update.applet.enable=true op.enroll.soKeyTemporary.update.applet.encryption=true -op.enroll.soKeyTemporary.update.applet.requiredVersion=1.4.4d40a449 +op.enroll.soKeyTemporary.update.applet.requiredVersion=1.4.54de790f op.enroll.soKeyTemporary.update.symmetricKeys.enable=false op.enroll.soKeyTemporary.update.symmetricKeys.requiredVersion=1 op.enroll.soKey.tks.conn=tks1 @@ -1059,7 +1062,7 @@ op.enroll.soKey.update.applet.directory=[TPS_DIR]/applets op.enroll.soKey.update.applet.emptyToken.enable=true op.enroll.soKey.update.applet.enable=true op.enroll.soKey.update.applet.encryption=true -op.enroll.soKey.update.applet.requiredVersion=1.4.4d40a449 +op.enroll.soKey.update.applet.requiredVersion=1.4.54de790f op.enroll.soKey.update.symmetricKeys.enable=false op.enroll.soKey.update.symmetricKeys.requiredVersion=1 op.enroll.userKey.cuidMustMatchKDD=false @@ -1362,7 +1365,7 @@ op.enroll.userKeyTemporary.update.applet.directory=[TPS_DIR]/applets op.enroll.userKeyTemporary.update.applet.emptyToken.enable=true op.enroll.userKeyTemporary.update.applet.enable=true op.enroll.userKeyTemporary.update.applet.encryption=true -op.enroll.userKeyTemporary.update.applet.requiredVersion=1.4.4d40a449 +op.enroll.userKeyTemporary.update.applet.requiredVersion=1.4.54de790f op.enroll.userKeyTemporary.update.symmetricKeys.enable=false op.enroll.userKeyTemporary.update.symmetricKeys.requiredVersion=1 op.enroll.userKey.tks.conn=tks1 @@ -1370,7 +1373,7 @@ op.enroll.userKey.update.applet.directory=[TPS_DIR]/applets op.enroll.userKey.update.applet.emptyToken.enable=true op.enroll.userKey.update.applet.enable=true op.enroll.userKey.update.applet.encryption=true -op.enroll.userKey.update.applet.requiredVersion=1.4.4d40a449 +op.enroll.userKey.update.applet.requiredVersion=1.4.54de790f op.enroll.userKey.update.symmetricKeys.enable=false op.enroll.userKey.update.symmetricKeys.requiredVersion=1 op.format.allowUnknownToken=true @@ -1393,7 +1396,7 @@ op.format.cleanToken.tks.conn=tks1 op.format.cleanToken.update.applet.directory=[TPS_DIR]/applets op.format.cleanToken.update.applet.emptyToken.enable=true op.format.cleanToken.update.applet.encryption=true -op.format.cleanToken.update.applet.requiredVersion=1.4.4d40a449 +op.format.cleanToken.update.applet.requiredVersion=1.4.54de790f op.format.cleanToken.update.symmetricKeys.enable=false op.format.cleanToken.update.symmetricKeys.requiredVersion=1 op.format.soCleanSOToken.cuidMustMatchKDD=false @@ -1414,7 +1417,7 @@ op.format.soCleanSOToken.tks.conn=tks1 op.format.soCleanSOToken.update.applet.directory=[TPS_DIR]/applets op.format.soCleanSOToken.update.applet.emptyToken.enable=true op.format.soCleanSOToken.update.applet.encryption=true -op.format.soCleanSOToken.update.applet.requiredVersion=1.4.4d40a449 +op.format.soCleanSOToken.update.applet.requiredVersion=1.4.54de790f op.format.soCleanSOToken.update.symmetricKeys.enable=false op.format.soCleanSOToken.update.symmetricKeys.requiredVersion=1 op.format.soCleanUserToken.cuidMustMatchKDD=false @@ -1435,7 +1438,7 @@ op.format.soCleanUserToken.tks.conn=tks1 op.format.soCleanUserToken.update.applet.directory=[TPS_DIR]/applets op.format.soCleanUserToken.update.applet.emptyToken.enable=true op.format.soCleanUserToken.update.applet.encryption=true -op.format.soCleanUserToken.update.applet.requiredVersion=1.4.4d40a449 +op.format.soCleanUserToken.update.applet.requiredVersion=1.4.54de790f op.format.soCleanUserToken.update.symmetricKeys.enable=false op.format.soCleanUserToken.update.symmetricKeys.requiredVersion=1 op.format.soKey.cuidMustMatchKDD=false @@ -1456,7 +1459,7 @@ op.format.soKey.tks.conn=tks1 op.format.soKey.update.applet.directory=[TPS_DIR]/applets op.format.soKey.update.applet.emptyToken.enable=true op.format.soKey.update.applet.encryption=true -op.format.soKey.update.applet.requiredVersion=1.4.4d40a449 +op.format.soKey.update.applet.requiredVersion=1.4.54de790f op.format.soKey.update.symmetricKeys.enable=false op.format.soKey.update.symmetricKeys.requiredVersion=1 op.format.soUserKey.cuidMustMatchKDD=false @@ -1477,7 +1480,7 @@ op.format.soUserKey.tks.conn=tks1 op.format.soUserKey.update.applet.directory=[TPS_DIR]/applets op.format.soUserKey.update.applet.emptyToken.enable=true op.format.soUserKey.update.applet.encryption=true -op.format.soUserKey.update.applet.requiredVersion=1.4.4d40a449 +op.format.soUserKey.update.applet.requiredVersion=1.4.54de790f op.format.soUserKey.update.symmetricKeys.enable=false op.format.soUserKey.update.symmetricKeys.requiredVersion=1 op.format.tokenKey.cuidMustMatchKDD=false @@ -1498,7 +1501,7 @@ op.format.tokenKey.tks.conn=tks1 op.format.tokenKey.update.applet.directory=[TPS_DIR]/applets op.format.tokenKey.update.applet.emptyToken.enable=true op.format.tokenKey.update.applet.encryption=true -op.format.tokenKey.update.applet.requiredVersion=1.4.4d40a449 +op.format.tokenKey.update.applet.requiredVersion=1.4.54de790f op.format.tokenKey.update.symmetricKeys.enable=false op.format.tokenKey.update.symmetricKeys.requiredVersion=1 op.format.userKey.cuidMustMatchKDD=false @@ -1519,7 +1522,7 @@ op.format.userKey.tks.conn=tks1 op.format.userKey.update.applet.directory=[TPS_DIR]/applets op.format.userKey.update.applet.emptyToken.enable=true op.format.userKey.update.applet.encryption=true -op.format.userKey.update.applet.requiredVersion=1.4.4d40a449 +op.format.userKey.update.applet.requiredVersion=1.4.54de790f op.format.userKey.update.symmetricKeys.enable=false op.format.userKey.update.symmetricKeys.requiredVersion=1 op.pinReset.mappingResolver=pinResetProfileMappingResolver @@ -1540,7 +1543,7 @@ op.pinReset.userKey.update.applet.directory=[TPS_DIR]/applets op.pinReset.userKey.update.applet.emptyToken.enable=true op.pinReset.userKey.update.applet.enable=false op.pinReset.userKey.update.applet.encryption=true -op.pinReset.userKey.update.applet.requiredVersion=1.4.4d40a449 +op.pinReset.userKey.update.applet.requiredVersion=1.4.54de790f op.pinReset.userKey.update.symmetricKeys.enable=false op.pinReset.userKey.update.symmetricKeys.requiredVersion=1 os.serverName=cert-[PKI_INSTANCE_NAME] diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java index 22ca7a291..14e8eadbf 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java @@ -354,6 +354,8 @@ public class TPSProcessor { CMS.debug("In TPSProcessor.getAppletVersion"); + selectCoolKeyApplet(); + GetVersionAPDU get_version_apdu = new GetVersionAPDU(); APDUResponse respApdu = handleAPDURequest(get_version_apdu); |