How to do card response encryption (how to set R_ENCRYPTION)

Guy,

i'm working with Secure Channel Protocol '02' and the JCOP shell. I have no problem to open the secure channel by doing the "init-update" & "ext-auth", and to send encrypted data to the card.

I use the default Security Domain of the simulator for both loading the applet, and process init-update & ext_auth.

byte[] buf = apdu.getBuffer();

switch (buf[ISO7816.OFFSET_INS])

{

case (byte) 0x50:// init-update

sc = GPSystem.getSecureChannel() ;

case (byte) 0x82:// ext-auth

short nbrByte = sc.processSecurity(apdu) ;

apdu.setOutgoingAndSend((short)ISO7816.OFFSET_CDATA,nbrByte);

return ;

}

i also use the same SD to uncyphered command:

case (byte) 0x01:// reload purse

{

if (sc==null)

ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);

byte sc_level = sc.getSecurityLevel() ;

if ((sc_level & 0x83)!=0x83)

ISOException.throwIt(ISO7816.SW_CONDITIONS_NOT_SATISFIED);

// condition fullfilled, get the APDU

byte dataRead = (byte)apdu.setIncomingAndReceive() ;

byte[] buffer = apdu.getBuffer() ;

// uncypher

short clearData = sc.unwrap(buffer,(short)ISO7816.OFFSET_CDATA,dataRead) ;

// send back encyphered data, just for test ...

apdu.setOutgoingAndSend(ISO7816.OFFSET_CDATA,buffer[ISO7816.OFFSET_LC]) ;

return ;

}

My problem is when i want the card the send encrypted response back to JCOP shell.I think the problem come from the "ext-auth", in annexe E.5.2 it say that P1 should indicate the security level, but it doesn't say which value to specify response-encryption.

Thanks.

[2677 byte] By [Enoilla] at [2007-10-3 3:51:17]