lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <7CA5288B1DE54A00B6F6AEAE66AEFFF4@blackbox>
Date: Wed, 21 Jan 2009 12:05:49 +0100
From: "Jeroen van Beek" <jeroen@...lab.nl>
To: <full-disclosure@...ts.grok.org.uk>,
	<bugtraq@...urityfocus.com>
Subject: [ANNOUNCE] ePassport emulator v1.02 released

Hi,

I'm pleased to announce the release of ePassport emulator v1.02. 

Introduction
============
epassport_emulator is an ePassport / eID emulator for JavaCard. It
implements functionality as described in ICAO Doc 9303. Additionally it
implements functionality to write files and key data to the emulator.

Changes
=======
NEW:    added non-BAC support
NEW:    added support for switching mode (BAC / non-BAC) in runtime
NEW:    added "secure element" support for Nokia NFC phones (install /
          upload with an external reader)
NEW:    added support for data group 7 (signature JPG) (16384 bytes)
UPDATE: better BAC reading performance (~80% faster)
UPDATE: better writing performance (~2800% faster)
UPDATE: increased size of data group 11 from 64 to 96 bytes

Supported files
===============
- EF.COM  (32 bytes)
- EF.SOD  (2560 bytes)
- EF.DG1  (96 bytes)
- EF.DG2  (24576 bytes)
- EF.DG7  (16384 bytes)
- EF.DG11 (96 bytes)
- EF.DG12 (96 bytes)
- EF.DG13 (96 bytes)
- EF.DG15 (192 bytes)
If you need support for additional file / larger data groups, please contact
me (see "Contact").

Supported devices
=================
The applet is successfully tested on JCOP 41 cards (72k, GP 2.2.1) and the
Secure Element of a Nokia 6131 and 6212 NFC phone.

Supported instructions
======================
As described in ICAO Doc 9303:
- SELECT FILE (See ISO7816-4)
- READ BINARY (See ISO7816-4)
- EXTERNAL_AUTHENTICATE (See ISO7816-4)
- INTERNAL_AUTHENTICATE (See ISO7816-4)
- GET_CHALLENGE (See ISO7816-4)

Additional:
(name         | CLA  INS  P1   P2   Le          | options)
- SELECT_FILE | 0x10 0xa5 0xXX 0xYY 0x00        | XX, YY = byte 1, 2 of tag
- WRITE       | 0x10 0xa6 0xXX 0xYY 0xLL <DATA> | XX, YY = byte 1, 2 of
              |                                 | offset, LL = length <DATA>

- SET_KEYS    | 0x10 0xa7 0x00 0x00 0x18 <DATA> | <DATA> contains
              |                                 | <DOC#><DOB><DOE> in ASCII 
              |                                 | including check digits
- SET_MODE    | 0x10 0xa8 0x00 0x0M 0x00        | M = mode: 0x00 = plain,
              |                                 | 0x01 = BAC

Writing data to the emulator
============================
Support is integrated in the following software packages:
- eCL0WN by Jeroen van Beek <http://www.dexlab.nl/>
- RFIDIOt by Adam Laurie <http://rfidiot.org/>
- RFIDIOt-vonjeek by vonJeek <http://freeworld.thc.org/thc-epassport/>

Contact
=======
Jeroen van Beek @ jeroen [at] dexlab [dot] nl

Download
========
You can download the latest version of epassport_emulator - including
pointers to other relevant information - at <http://www.dexlab.nl/>.


Happy cl0wning!

--
Jeroen van Beek

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ