Length of Install Parameters field is not coded correctly for install_for_install

[davidmru]

The length of the parameters field is not coded as ber-len in the command install_for_install
Ref 11.5.2.3.2 Data Field for INSTALL [for install]
GlobalPlatform Technology
Card Specification
Version 2.3.1

[koh-osug]

Only a single byte is used which is good enough for 128 bytes. So far this was always sufficient. Do you have a card supporting more? Then I would need one to verify a patch for this.

[davidmru]

I have an applet which install Parameters field is more than 128 bytes (147 0x93).
The install for install command is successful when the Length is coded as berlen (8193).
I have a card which accept Length of Install Parameters field > 0x80

[koh-osug]

So, this means you have already patched the source code? Can you please share the code snippet?

[davidmru]

No, I built the apdu command install for install manually, then I used the command send_apdu to send it to the card.
However I checked the source code [ https://github.com/kaoh/globalplatform/blob/master/globalplatform/src/globalplatform.c#L3261 ]
I think the correction below might solve the issue:

//[line 3291] buf[i++] = 0x02; // install parameter field length hiByte = 0x02; // tag C9 + length byte (C9LL) if (installParametersLength > 0) { hiByte += (BYTE)installParametersLength; } if (uiccSystemSpecParamsLength > 0) { hiByte += 2; hiByte += (BYTE)uiccSystemSpecParamsLength; }

if (nonVolatileDataSpaceLimit > 0 || volatileDataSpaceLimit > 0 || simSpecParamsLength > 0) {
	hiByte += 2; // 0xEF LL
}
if (nonVolatileDataSpaceLimit > 0) {
	hiByte += 4;
}
if (volatileDataSpaceLimit > 0) {
	hiByte += 4;
}
if (simSpecParamsLength > 0) {
	hiByte += (BYTE)simSpecParamsLength + 2;
}

//Set Length of Install Parameters field
if(hiByte > 255){
buf[i++] = 0x82
buf[i++] = hiByte >> 8;
buf[i++] = hiByte & 0x00FF;
}else if(hiByte > 127){
buf[i++] = 0x81;
buf[i++] = hiByte;
}else{
buf[i++] = hiByte;
}


But I have not tested

[koh-osug]

I have pushed a fix to the branch https://github.com/kaoh/globalplatform/tree/install_params_size. Do you need a binary to test it or can you compile it on your own for testing it?
The README in https://github.com/kaoh/globalplatform/tree/install_params_size should give the instructions how to build it, Windows build be more involved.

[davidmru]

I checked the fix, I noticed that it is the Application Specific Parameters (tag C9) which length has been coded as ber-tlv.
However the tag C9 should never be greater than (127 - LV(ControlInfo) - LV(InstanceAID) [ see install method ] . May be the comment:
hiByte = 0x02; // tag C9 + length byte (C9LL) in the snippet I posted is confusing. The value 02 represent the tag and the length byte of the tag C9.

The length which has to be corrected is the length of the parameters field (see table 11-43 in the first post). The table below show the content of the parameters field:

REF:
GlobalPlatform Technology
Card Specification
Version 2.3.1

[koh-osug]

Next try. Pushed an update.