smartcard 0.4.1 → 0.4.2

data/lib/smartcard/iso/iso_card_mixin.rb

@@ -28,7 +28,16 @@ module IsoCardMixin
   def iso_apdu!(apdu_data)
     response = self.iso_apdu apdu_data
     return response[:data] if response[:status] == 0x9000
-    raise "JavaCard response has error status 0x#{'%04x' % response[:status]}"
+    IsoCardMixin.raise_response_exception response
+  end
+  
+  # Raises an exception in response to an error status in an APDU.
+  #
+  # :call_seq:
+  #   IsoCardMixin.raise_response_exception(response)
+  def self.raise_response_exception(response)
+    raise "JavaCard response has error status 0x#{'%04x' % response[:status]}" +
+          " - #{response[:data].map { |ch| '%02x' % ch }.join(' ')}"    
   end
 
   # Performs an APDU exchange with the ISO7816 card.
@@ -47,7 +56,7 @@ module IsoCardMixin
   # Serializes an APDU for wire transmission.
   #
   # :call-seq:
-  #   transport.wire_apdu(apdu_data) -> array
+  #   IsoCardMixin.serialize_apdu(apdu_data) -> array
   #
   # The following keys are recognized in the APDU hash:
   #   cla:: the CLA byte in the APDU (optional, defaults to 0) 
@@ -73,13 +82,14 @@ module IsoCardMixin
     else
       apdu << 0
     end
+    apdu << (apdu_data[:le] || 0)
     apdu
   end
   
   # De-serializes a ISO7816 response APDU.
   # 
   # :call-seq:
-  #   transport.deserialize_response(response) -> hash
+  #   IsoCardMixin.deserialize_response(response) -> hash
   #
   # The response contains the following keys:
   #   status:: the 2-byte status code (e.g. 0x9000 is OK)

data/lib/smartcard/iso/jcop_remote_server.rb

@@ -42,6 +42,13 @@ module JcopRemoteServingStubs
     # Dumb implementation that always returns OK.
     [0x90, 0x00]
   end
+  
+  # The smartcard's APDU.
+  def card_apdu
+    # ATR from the card simulator in JCOP 3.2.7.
+    [0x3B, 0xF8, 0x13, 0x00, 0x00, 0x81, 0x31, 0xFE, 0x45, 0x4A, 0x43, 0x4F,
+     0x50, 0x76, 0x32, 0x34, 0x31, 0xB7].pack('C*')
+  end
 end  # module JcopRemoteServingStubs
     
 
@@ -161,15 +168,17 @@ class JcopRemoteServer
     
     case request[:type]
     when 0
-      # Wait for card; no-op, because that should have happen when the client
-      # connected.
-      send_message socket, :type => 0, :node => 0, :data => [3, 1, 4, 1, 5, 9]
+      # Wait for card (no-op, happened when the client connected) and return
+      # card ATR.
+      send_message socket, :type => 0, :node => 0,
+                           :data => @logic.card_atr.unpack('C*')
     when 1
-      # ATR exchange; the class' bread and butter
+      # APDU exchange; the class' bread and butter
       response = @logic.exchange_apdu request[:data]
       send_message socket, :type => 1, :node => 0, :data => response
     else
-      send_message socket, :type => request[:type], :node => 0, :data => []
+      send_message socket, :type => request[:type], :node => 0,
+                           :data => @logic.card_atr.unpack('C*')
     end
   end
   private :process_request    

data/lib/smartcard/iso/pcsc_transport.rb

@@ -18,7 +18,8 @@ class PcscTransport
   def initialize(options)
     @options = options
     @context = nil
-    @card = nil
+    @card = nil    
+    @atr = nil
   end
 
   def exchange_apdu(apdu)
@@ -27,6 +28,10 @@ class PcscTransport
     return result_string.unpack('C*')
   end
   
+  def card_atr
+    @atr
+  end
+  
   def connect
     @context = PCSC::Context.new(PCSC::SCOPE_SYSTEM) if @context.nil?
     
@@ -62,6 +67,7 @@ class PcscTransport
     # build the transmit / receive IoRequests
     status = @card.status
     @xmit_ioreq = @@xmit_iorequest[status[:protocol]]
+    @atr = status[:atr]
     if RUBY_PLATFORM =~ /win/ and (not RUBY_PLATFORM =~ /darwin/)
       @recv_ioreq = nil
     else
@@ -73,6 +79,7 @@ class PcscTransport
     unless @card.nil?
       @card.disconnect PCSC::DISPOSITION_LEAVE
       @card = nil
+      @atr = nil
     end
     unless @context.nil?
       @context.release

data/smartcard.gemspec

@@ -2,23 +2,23 @@
 
 Gem::Specification.new do |s|
   s.name = %q{smartcard}
-  s.version = "0.4.1"
+  s.version = "0.4.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Victor Costan"]
-  s.date = %q{2009-08-19}
+  s.date = %q{2009-11-01}
   s.description = %q{Interface with ISO 7816 smart cards.}
   s.email = %q{victor@costan.us}
   s.extensions = ["ext/smartcard_pcsc/extconf.rb"]
-  s.extra_rdoc_files = ["BUILD", "CHANGELOG", "ext/smartcard_pcsc/extconf.rb", "ext/smartcard_pcsc/pcsc.h", "ext/smartcard_pcsc/pcsc_card.c", "ext/smartcard_pcsc/pcsc_constants.c", "ext/smartcard_pcsc/pcsc_context.c", "ext/smartcard_pcsc/pcsc_exception.c", "ext/smartcard_pcsc/pcsc_io_request.c", "ext/smartcard_pcsc/pcsc_main.c", "ext/smartcard_pcsc/pcsc_multi_strings.c", "ext/smartcard_pcsc/pcsc_namespace.c", "ext/smartcard_pcsc/pcsc_reader_states.c", "ext/smartcard_pcsc/pcsc_surrogate_reader.h", "ext/smartcard_pcsc/pcsc_surrogate_wintypes.h", "lib/smartcard/gp/gp_card_mixin.rb", "lib/smartcard/iso/auto_configurator.rb", "lib/smartcard/iso/iso_card_mixin.rb", "lib/smartcard/iso/jcop_remote_protocol.rb", "lib/smartcard/iso/jcop_remote_server.rb", "lib/smartcard/iso/jcop_remote_transport.rb", "lib/smartcard/iso/pcsc_transport.rb", "lib/smartcard/iso/transport.rb", "lib/smartcard/pcsc/pcsc_exception.rb", "lib/smartcard.rb", "LICENSE", "README"]
-  s.files = ["BUILD", "CHANGELOG", "ext/smartcard_pcsc/extconf.rb", "ext/smartcard_pcsc/pcsc.h", "ext/smartcard_pcsc/pcsc_card.c", "ext/smartcard_pcsc/pcsc_constants.c", "ext/smartcard_pcsc/pcsc_context.c", "ext/smartcard_pcsc/pcsc_exception.c", "ext/smartcard_pcsc/pcsc_io_request.c", "ext/smartcard_pcsc/pcsc_main.c", "ext/smartcard_pcsc/pcsc_multi_strings.c", "ext/smartcard_pcsc/pcsc_namespace.c", "ext/smartcard_pcsc/pcsc_reader_states.c", "ext/smartcard_pcsc/pcsc_surrogate_reader.h", "ext/smartcard_pcsc/pcsc_surrogate_wintypes.h", "lib/smartcard/gp/gp_card_mixin.rb", "lib/smartcard/iso/auto_configurator.rb", "lib/smartcard/iso/iso_card_mixin.rb", "lib/smartcard/iso/jcop_remote_protocol.rb", "lib/smartcard/iso/jcop_remote_server.rb", "lib/smartcard/iso/jcop_remote_transport.rb", "lib/smartcard/iso/pcsc_transport.rb", "lib/smartcard/iso/transport.rb", "lib/smartcard/pcsc/pcsc_exception.rb", "lib/smartcard.rb", "LICENSE", "Manifest", "Rakefile", "README", "smartcard.gemspec", "test/gp/gp_card_mixin_test.rb", "test/iso/auto_configurator_test.rb", "test/iso/iso_card_mixin_test.rb", "test/iso/jcop_remote_test.rb", "test/pcsc/containers_test.rb", "test/pcsc/smoke_test.rb", "tests/ts_pcsc_ext.rb"]
+  s.extra_rdoc_files = ["BUILD", "CHANGELOG", "LICENSE", "README", "ext/smartcard_pcsc/extconf.rb", "ext/smartcard_pcsc/pcsc.h", "ext/smartcard_pcsc/pcsc_card.c", "ext/smartcard_pcsc/pcsc_constants.c", "ext/smartcard_pcsc/pcsc_context.c", "ext/smartcard_pcsc/pcsc_exception.c", "ext/smartcard_pcsc/pcsc_io_request.c", "ext/smartcard_pcsc/pcsc_main.c", "ext/smartcard_pcsc/pcsc_multi_strings.c", "ext/smartcard_pcsc/pcsc_namespace.c", "ext/smartcard_pcsc/pcsc_reader_states.c", "ext/smartcard_pcsc/pcsc_surrogate_reader.h", "ext/smartcard_pcsc/pcsc_surrogate_wintypes.h", "lib/smartcard.rb", "lib/smartcard/gp/asn1_ber.rb", "lib/smartcard/gp/cap_loader.rb", "lib/smartcard/gp/des.rb", "lib/smartcard/gp/gp_card_mixin.rb", "lib/smartcard/iso/auto_configurator.rb", "lib/smartcard/iso/iso_card_mixin.rb", "lib/smartcard/iso/jcop_remote_protocol.rb", "lib/smartcard/iso/jcop_remote_server.rb", "lib/smartcard/iso/jcop_remote_transport.rb", "lib/smartcard/iso/pcsc_transport.rb", "lib/smartcard/iso/transport.rb", "lib/smartcard/pcsc/pcsc_exception.rb"]
+  s.files = ["BUILD", "CHANGELOG", "LICENSE", "Manifest", "README", "Rakefile", "ext/smartcard_pcsc/extconf.rb", "ext/smartcard_pcsc/pcsc.h", "ext/smartcard_pcsc/pcsc_card.c", "ext/smartcard_pcsc/pcsc_constants.c", "ext/smartcard_pcsc/pcsc_context.c", "ext/smartcard_pcsc/pcsc_exception.c", "ext/smartcard_pcsc/pcsc_io_request.c", "ext/smartcard_pcsc/pcsc_main.c", "ext/smartcard_pcsc/pcsc_multi_strings.c", "ext/smartcard_pcsc/pcsc_namespace.c", "ext/smartcard_pcsc/pcsc_reader_states.c", "ext/smartcard_pcsc/pcsc_surrogate_reader.h", "ext/smartcard_pcsc/pcsc_surrogate_wintypes.h", "lib/smartcard.rb", "lib/smartcard/gp/asn1_ber.rb", "lib/smartcard/gp/cap_loader.rb", "lib/smartcard/gp/des.rb", "lib/smartcard/gp/gp_card_mixin.rb", "lib/smartcard/iso/auto_configurator.rb", "lib/smartcard/iso/iso_card_mixin.rb", "lib/smartcard/iso/jcop_remote_protocol.rb", "lib/smartcard/iso/jcop_remote_server.rb", "lib/smartcard/iso/jcop_remote_transport.rb", "lib/smartcard/iso/pcsc_transport.rb", "lib/smartcard/iso/transport.rb", "lib/smartcard/pcsc/pcsc_exception.rb", "test/gp/asn1_ber_test.rb", "test/gp/cap_loader_test.rb", "test/gp/des_test.rb", "test/gp/gp_card_mixin_test.rb", "test/gp/hello.apdu", "test/gp/hello.cap", "test/iso/auto_configurator_test.rb", "test/iso/iso_card_mixin_test.rb", "test/iso/jcop_remote_test.rb", "test/pcsc/containers_test.rb", "test/pcsc/smoke_test.rb", "tests/ts_pcsc_ext.rb", "smartcard.gemspec"]
   s.homepage = %q{http://www.costan.us/smartcard}
   s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Smartcard", "--main", "README"]
   s.require_paths = ["lib", "ext"]
   s.rubyforge_project = %q{smartcard}
   s.rubygems_version = %q{1.3.5}
   s.summary = %q{Interface with ISO 7816 smart cards.}
-  s.test_files = ["test/gp/gp_card_mixin_test.rb", "test/iso/auto_configurator_test.rb", "test/iso/iso_card_mixin_test.rb", "test/iso/jcop_remote_test.rb", "test/pcsc/containers_test.rb", "test/pcsc/smoke_test.rb"]
+  s.test_files = ["test/gp/asn1_ber_test.rb", "test/gp/cap_loader_test.rb", "test/gp/des_test.rb", "test/gp/gp_card_mixin_test.rb", "test/iso/auto_configurator_test.rb", "test/iso/iso_card_mixin_test.rb", "test/iso/jcop_remote_test.rb", "test/pcsc/containers_test.rb", "test/pcsc/smoke_test.rb"]
 
   if s.respond_to? :specification_version then
     current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION

data/test/gp/asn1_ber_test.rb

@@ -0,0 +1,116 @@
+# Author:: Victor Costan
+# Copyright:: Copyright (C) 2008 Massachusetts Institute of Technology
+# License:: MIT
+
+require 'smartcard'
+
+require 'test/unit'
+
+class Asn1BerTest < Test::Unit::TestCase
+  Asn1Ber = Smartcard::Gp::Asn1Ber
+  
+  def test_tag
+    prefix = [0x03, 0x14, 0x15]
+    [
+      [[0x82], {:primitive => true, :class => :context, :number => 2}],
+      [[0x29], {:primitive => false, :class => :universal, :number => 9}],
+      [[0xD9], {:primitive => true, :class => :private, :number => 0x19}],
+      [[0x9F, 0x65], {:primitive => true, :class => :context, :number => 0x65}],
+      [[0x5F, 0x81, 0x65], {:primitive => true, :class => :application,
+                            :number => 0xE5}],
+    ].each do |test_case|
+      offset, tag = Asn1Ber.decode_tag prefix + test_case.first, prefix.length
+      assert_equal((prefix + test_case.first).length, offset,
+                   "Offset for #{test_case.inspect}")
+      assert_equal test_case.last, tag,
+                   "Decoded tag information for #{test_case.inspect}"
+      assert_equal test_case.first, Asn1Ber.encode_tag(test_case.last),
+                   "Encoded tag for #{test_case.inspect}"       
+    end
+  end
+  
+  def test_length
+    prefix = [0x03, 0x14, 0x15]
+    [
+      [[0x12], 0x12],
+      [[0x82, 0x05, 0x39], 0x539],
+      [[0x80], :indefinite],
+    ].each do |test_case|
+      offset, length = Asn1Ber.decode_length prefix + test_case.first,
+                                             prefix.length
+      assert_equal((prefix + test_case.first).length, offset,
+                   "Offset for #{test_case.inspect}")
+      assert_equal test_case.last, length,
+                   "Decoded length for #{test_case.inspect}"      
+      assert_equal test_case.first, Asn1Ber.encode_length(test_case.last),
+                   "Encoded length for #{test_case.inspect}"       
+    end
+  end
+  
+  def test_value
+    data = (0...20).to_a
+    offset, value = Asn1Ber.decode_value data, 7, 4
+    assert_equal 7 + 4, offset, 'Offset with definite length'
+    assert_equal [7, 8, 9, 10], value, 'Value with definite length'
+    
+    data = [0x03, 0x14, 0x15, 0x92, 0x65, 0x35, 0x00, 0x00, 0x01, 0x02, 0x03]
+    offset, value = Asn1Ber.decode_value data, 4, :indefinite
+    assert_equal 8, offset, 'Offset with indefinite length'
+    assert_equal [0x65, 0x35], value, 'Value with definite length'
+    offset, value = Asn1Ber.decode_value data, 6, :indefinite
+    assert_equal 8, offset, 'Offset for empty value with  indefinite length'
+    assert_equal [], value, 'Empty value with indefinite length'        
+  end
+  
+  def test_tlv
+    golden_tlv = {:primitive => true, :class => :context, :number => 4,
+                  :value => [0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00]}
+    prefix = [0x03, 0x14, 0x15]
+    ber_tlv = [0x84, 0x08, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00]
+    offset, tlv = Asn1Ber.decode_tlv prefix + ber_tlv, prefix.length
+    assert_equal golden_tlv, tlv, 'Decoded TLV data'
+    assert_equal((prefix + ber_tlv).length, offset, 'Offset')
+    assert_equal ber_tlv, Asn1Ber.encode_tlv(golden_tlv), 'Encoded TLV data'
+  end
+  
+  def test_tlv_sequence
+    golden = [
+        {:number => 0x0F, :class => :application, :primitive => false,
+         :value => [
+           {:number => 4, :class => :context, :primitive => true,
+            :value => [0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00]},
+           {:number => 5, :class => :context, :primitive => false,
+            :value => [
+              {:number => 0x65, :class => :context, :primitive => true,
+               :value => [0xFF]}]}]}]
+    ber = [0x6F, 16, 0x84, 8, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00,
+           0xA5, 4, 0x9F, 0x65, 1, 0xFF]    
+    assert_equal golden, Asn1Ber.decode(ber), 'Decoded sequence'
+    assert_equal ber, Asn1Ber.encode(golden), 'Encoded sequence'
+  end
+  
+  def test_visit
+    tlvs = [
+        {:number => 0x0F, :class => :application, :primitive => false,
+         :value => [
+           {:number => 4, :class => :context, :primitive => true,
+            :value => [0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00]},
+           {:number => 5, :class => :context, :primitive => false,
+            :value => [
+              {:number => 0x65, :class => :context, :primitive => true,
+               :value => [0xFF]}]}]}]
+    
+    paths = []
+    Asn1Ber.visit tlvs do |path, value|
+      paths << path
+      case path
+      when [0x6F, 0xA5, 0x9F65]
+        assert_equal [0xFF], value
+      when [0x6F, 0x84]
+        assert_equal [0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00], value
+      end
+    end
+    assert_equal [[0x6F], [0x6F, 0x84], [0x6F, 0xA5], [0x6F, 0xA5, 0x9F65]],
+                 paths, 'Visited paths'
+  end
+end

data/test/gp/cap_loader_test.rb

@@ -0,0 +1,24 @@
+# Author:: Victor Costan
+# Copyright:: Copyright (C) 2008 Massachusetts Institute of Technology
+# License:: MIT
+
+require 'smartcard'
+
+require 'test/unit'
+
+class CapLoaderTest < Test::Unit::TestCase
+  CapLoader = Smartcard::Gp::CapLoader
+  
+  def setup
+    @cap_file = File.join(File.dirname(__FILE__), 'hello.cap')
+    @apdu_file = File.join(File.dirname(__FILE__), 'hello.apdu')
+  end
+  
+  def test_load_data
+    load_data = CapLoader.cap_load_data(@cap_file)
+    assert_equal File.read(@apdu_file),
+        load_data[:data].map { |ch| "%02x" % ch }.join(' ')
+    assert_equal [{:aid => [0x19, 0x83, 0x12, 0x29, 0x10, 0xDE, 0xAD],
+                   :install_method => 8}], load_data[:applets]
+  end
+end

data/test/gp/des_test.rb

@@ -0,0 +1,39 @@
+# Author:: Victor Costan
+# Copyright:: Copyright (C) 2008 Massachusetts Institute of Technology
+# License:: MIT
+
+require 'smartcard'
+
+require 'test/unit'
+
+class DesTest < Test::Unit::TestCase
+  Des = Smartcard::Gp::Des
+  
+  def test_crypt
+    key = "@ABCDEFGHIJKLMNO"
+    data = "Quick brown fox "
+    iv = "0123456789ABCDEF"
+    golden = [0xC3, 0x21, 0xFE, 0x0D, 0xD1, 0x26, 0x34, 0xBE, 0xA6, 0x27, 0x7A,
+              0x00, 0x27, 0x26, 0xF0, 0xAA].pack('C*')
+    assert_equal golden, Des.crypt(key, data, iv)
+  end
+  
+  def test_mac_3des
+    key = "@ABCDEFGHIJKLMNO"
+    data = "Quick brown fox "
+    golden = [0x99, 0xB8, 0x86, 0x86, 0x16, 0xBF, 0xDE, 0x01].pack('C*')
+
+    assert_equal golden, Des.mac_3des(key, data)    
+  end
+  
+  def test_mac_retail
+    data = [0x72, 0xC2, 0x9C, 0x23, 0x71, 0xCC, 0x9B, 0xDB, 0x65, 0xB7, 0x79,
+        0xB8, 0xE8, 0xD3, 0x7B, 0x29, 0xEC, 0xC1, 0x54, 0xAA, 0x56, 0xA8, 0x79,
+        0x9F, 0xAE, 0x2F, 0x49, 0x8F, 0x76, 0xED, 0x92, 0xF2].pack('C*')
+    key = [0x79, 0x62, 0xD9, 0xEC, 0xE0, 0x3D, 0x1A, 0xCD, 0x4C, 0x76, 0x08,
+           0x9D, 0xCE, 0x13, 0x15, 0x43].pack('C*')
+    golden = [0x5F, 0x14, 0x48, 0xEE, 0xA8, 0xAD, 0x90, 0xA7].pack('C*')
+    
+    assert_equal golden, Des.mac_retail(key, data)
+  end
+end

data/test/gp/gp_card_mixin_test.rb

@@ -16,18 +16,207 @@ class GpCardMixinTest < Test::Unit::TestCase
   # The sole purpose of this class is wrapping the mixin under test.
   class MixinWrapper
     include GpCardMixin
-    include Smartcard::Iso::IsoCardMixin
   end
   
   def setup
+    @file_aid = [0x19, 0x83, 0x12, 0x29, 0x10, 0xFA, 0xCE]
+    @app_aid = [0x19, 0x83, 0x12, 0x29, 0x10, 0xBA, 0xBE]
+    @host_auth = [0x00, 0x65, 0x07, 0x37, 0xD4, 0xB8, 0xDF, 0xDE, 0xD0, 0x7B,
+                  0xAA, 0xA2, 0xDE, 0xDE, 0x82, 0x8B]    
+    @host_challenge = [0x20, 0xBB, 0xE0, 0x4A, 0x1C, 0x6B, 0x6F, 0x50]
+    @file_data = [0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA,
+                  0xBB, 0xCC, 0xDD, 0xEE, 0xFF, 0x21, 0x32, 0x43, 0x54, 0x65,
+                  0x76, 0x87, 0x98]
+    @max_apdu_length = 0x0F
+  end
+
+  def mock_card_manager_select(channel_mock)
+    flexmock(channel_mock).should_receive(:exchange_apdu).
+        with([0x00, 0xA4, 0x04, 0x00, 0x08, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x00,
+              0x00, 0x00, 0x00]).
+        and_return([0x6F, 16, 0x84, 8, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00,
+                    0x00, 0xA5, 4, 0x9F, 0x65, 1, 0x0F, 0x90, 0x00])    
   end
     
   def test_select_application
     mock = MixinWrapper.new
+    mock_card_manager_select mock
+    app_data = mock.select_application mock.gp_card_manager_aid
+
+    golden = { :aid => mock.gp_card_manager_aid, :max_apdu_length => 0x0F }
+    assert_equal golden, app_data
+  end
+  
+  def mock_channel_setup(channel_mock)
+    flexmock(channel_mock).should_receive(:exchange_apdu).
+       with([0x80, 0x50, 0x00, 0x00, 0x08, 0x20, 0xBB, 0xE0, 0x4A, 0x1C, 0x6B,
+             0x6F, 0x50, 0x00]).
+       and_return([0x00, 0x00, 0x81, 0x29, 0x00, 0x76, 0x76, 0x91, 0x36, 0x54,
+                   0xFF, 0x02, 0x00, 0x02, 0x59, 0x8D, 0xD3, 0x96, 0x1B, 0xFD,
+                   0x04, 0xB5, 0xCF, 0x5A, 0xD0, 0x08, 0x3C, 0x01, 0x90, 0x00]) 
+    flexmock(Smartcard::Gp::Des).should_receive(:random_bytes).with(8).
+                                 and_return(@host_challenge.pack('C*'))    
+  end
+  
+  def test_gp_setup_secure_channel
+    mock = MixinWrapper.new
+    mock_channel_setup mock
+    golden = {
+        :key_diversification => [0x00, 0x00, 0x81, 0x29, 0x00, 0x76, 0x76, 0x91,
+                                 0x36, 0x54],
+        :key_version => 0xFF, :protocol_id => 2, :counter => 2,
+        :challenge => [0x59, 0x8D, 0xD3, 0x96, 0x1B, 0xFD],
+        :auth => [0x04, 0xB5, 0xCF, 0x5A, 0xD0, 0x08, 0x3C, 0x01]
+    }
+    assert_equal golden, mock.gp_setup_secure_channel(@host_challenge)
+  end
+  
+  def mock_channel_lock(channel_mock)
+    flexmock(channel_mock).should_receive(:exchange_apdu).
+       with([0x84, 0x82, 0x00, 0x00, 0x10, 0x00, 0x65, 0x07, 0x37, 0xD4, 0xB8,
+             0xDF, 0xDE, 0xD0, 0x7B, 0xAA, 0xA2, 0xDE, 0xDE, 0x82, 0x8B, 0x00]).
+       and_return([0x90, 0x00])  
+  end
+  
+  def test_secure_channel
+    mock = MixinWrapper.new
+    mock_channel_setup mock
+    mock_channel_lock mock
+
+    mock.secure_channel
+  end
+  
+  def mock_get_status_files_modules(channel_mock)
+    flexmock(channel_mock).should_receive(:exchange_apdu).
+        with([0x80, 0xF2, 0x10, 0x00, 0x02, 0x4F, 0x00, 0x00]).
+        and_return([0x07, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x53, 0x50, 0x01, 0x00,
+                    0x01, 0x08, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x53, 0x50, 0x41,
+                    0x63, 0x10])
+    flexmock(channel_mock).should_receive(:exchange_apdu).
+        with([0x80, 0xF2, 0x10, 0x01, 0x02, 0x4F, 0x00, 0x00]).
+        and_return([0x07, 0x19, 0x83, 0x12, 0x29, 0x10, 0xFA, 0xCE, 0x01, 0x00,
+                    0x01, 0x07, 0x19, 0x83, 0x12, 0x29, 0x10, 0xBA, 0xBE, 0x90,
+                    0x00])    
+  end
+  
+  def test_gp_get_status
+    mock = MixinWrapper.new
+    flexmock(mock).should_receive(:exchange_apdu).once.
+        with([0x80, 0xF2, 0x80, 0x00, 0x02, 0x4F, 0x00, 0x00]).
+        and_return([0x08, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x01,
+                    0x9E, 0x90, 0x00])
+    golden = [{ :lifecycle => :op_ready, :aid => [0xA0, 0, 0, 0, 3, 0, 0, 0],
+        :permissions => Set.new([:cvm_management, :card_reset, :card_terminate,
+                                 :card_lock, :security_domain]) }]
+    assert_equal golden, mock.gp_get_status(:issuer_sd),
+                 'Issuer security domain'
+                 
+    mock = MixinWrapper.new
+    mock_get_status_files_modules mock
+    golden = [
+        { :aid => [0xA0, 0x00, 0x00, 0x00, 0x03, 0x53, 0x50],
+          :permissions => Set.new, :lifecycle => :loaded,
+          :modules => [
+               {:aid => [0xA0, 0x00, 0x00, 0x00, 0x03, 0x53, 0x50, 0x41]}]},
+        { :aid => [0x19, 0x83, 0x12, 0x29, 0x10, 0xFA, 0xCE],
+          :permissions => Set.new, :lifecycle => :loaded,
+          :modules => [{:aid => [0x19, 0x83, 0x12, 0x29, 0x10, 0xBA, 0xBE]}]},
+    ]
+  
+    assert_equal golden, mock.gp_get_status(:files_modules),
+                 'Executable load files and modules'
+  end
+  
+  def test_gp_applications
+    mock = MixinWrapper.new
+    mock_card_manager_select mock
+    mock_channel_setup mock
+    mock_channel_lock mock
+
+    flexmock(mock).should_receive(:exchange_apdu).once.
+        with([0x80, 0xF2, 0x40, 0x00, 0x02, 0x4F, 0x00, 0x00]).
+        and_return([0x07, 0x19, 0x83, 0x12, 0x29, 0x10, 0xBA, 0xBE, 0x07, 0x00,
+                    0x90, 0x00])
+    golden = [{ :aid => @app_aid,
+                :permissions => Set.new, :lifecycle => :selectable }]
+    assert_equal golden, mock.applications
+  end
+  
+  def mock_delete_file(channel_mock)
+    flexmock(channel_mock).should_receive(:exchange_apdu).
+       with([0x80, 0xE4, 0x00, 0x80, 0x09, 0x4F, 0x07, 0x19, 0x83, 0x12, 0x29,
+             0x10, 0xFA, 0xCE, 0x00]).and_return([0x00, 0x90, 0x00])  
+  end
+  
+  def test_gp_delete_file
+    mock = MixinWrapper.new
+    mock_delete_file mock
+    assert_equal [], mock.gp_delete_file(@file_aid)
+  end
+  
+  def test_delete_application
+    mock = MixinWrapper.new
+    mock_card_manager_select mock
+    mock_channel_setup mock
+    mock_channel_lock mock
+    mock_get_status_files_modules mock
+    mock_delete_file mock
+    
+    assert mock.delete_application([0x19, 0x83, 0x12, 0x29, 0x10, 0xBA, 0xBE])
+  end
+  
+  def test_gp_install_load
+    mock = MixinWrapper.new
+    flexmock(mock).should_receive(:exchange_apdu).
+       with([0x80, 0xE6, 0x02, 0x00, 0x14, 0x07, 0x19, 0x83, 0x12, 0x29, 0x10,
+             0xFA, 0xCE, 0x08, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00]).and_return([0x00, 0x90, 0x00])
+    assert mock.gp_install_load(@file_aid, mock.gp_card_manager_aid)
+  end
+  
+  def test_gp_install_install
+    mock = MixinWrapper.new
+    flexmock(mock).should_receive(:exchange_apdu).
+       with([0x80, 0xE6, 0x0C, 0x00, 0x1E, 0x07, 0x19, 0x83, 0x12, 0x29, 0x10,
+             0xFA, 0xCE, 0x07, 0x19, 0x83, 0x12, 0x29, 0x10, 0xBA, 0xBE, 0x07,
+             0x19, 0x83, 0x12, 0x29, 0x10, 0xBA, 0xBE, 0x01, 0x80, 0x02, 0xC9,
+             0x00, 0x00, 0x00]).and_return([0x00, 0x90, 0x00])
+    assert mock.gp_install_selectable(@file_aid, @app_aid, @app_aid,
+                                      [:security_domain])
+  end
+  
+  def test_gp_load_file
+    mock = MixinWrapper.new
+    flexmock(mock).should_receive(:exchange_apdu).
+       with([0x80, 0xE8, 0x00, 0x00, 0x0A, 0xC4, 0x17, 0x11, 0x22, 0x33, 0x44,
+             0x55, 0x66, 0x77, 0x88, 0x00]).and_return([0x00, 0x90, 0x00])
     flexmock(mock).should_receive(:exchange_apdu).
-                   with([0x00, 0xA4, 0x04, 0x00, 0x05,
-                         0x19, 0x83, 0x12, 0x29, 0x10]).
-                   and_return([0x90, 0x00])
-    mock.select_application([0x19, 0x83, 0x12, 0x29, 0x10])
+       with([0x80, 0xE8, 0x00, 0x01, 0x0A, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE,
+             0xFF, 0x21, 0x32, 0x43, 0x00]).and_return([0x00, 0x90, 0x00])
+    flexmock(mock).should_receive(:exchange_apdu).
+       with([0x80, 0xE8, 0x80, 0x02, 0x05, 0x54, 0x65, 0x76, 0x87, 0x98, 0x00]).
+       and_return([0x00, 0x90, 0x00])
+    assert mock.gp_load_file @file_data, @max_apdu_length
+  end
+  
+  def test_install_applet_live
+    # Establish transport to live card.
+    transport = Smartcard::Iso.auto_transport
+    class <<transport
+      include GpCardMixin      
+    end
+    
+    # Install applet.
+    applet_aid = [0x19, 0x83, 0x12, 0x29, 0x10, 0xDE, 0xAD]
+    cap_file = File.join File.dirname(__FILE__), 'hello.cap'
+    transport.install_applet cap_file,
+        [0x19, 0x83, 0x12, 0x29, 0x10, 0xDE, 0xAE]
+
+    # Ensure applet works.
+    transport.select_application applet_aid
+    assert_equal "Hello!", transport.iso_apdu!(:ins => 0x00).pack('C*')
+    
+    # Uninstall applet.
+    transport.delete_application applet_aid
   end
 end