====== Postbank BestSign / SealOne USB ======
===== USB-Stick um Transaktionen zu verifizieren / autorisieren =====
* Angebot der Postbank: [[http://www.postbank.de/privatkunden/pk_infocenter_bestsign_geraete.html]]
* Ausgangsprodukt: [[http://www.seal-one.com/solutions-summary.de-DE.html]]
* Diskussion rund um Postbank BestSign [[https://groups.google.com/group/de.etc.finanz.banken+broker/browse_frm/thread/5120b31bb3e1a37b/1d612a92d34f4b3c?hl=de&lnk=gst&q=bestsign#1d612a92d34f4b3c|Google Groups]]
===== Innere Werte =====
{{:projekte:diverses:p1.jpg?detail&200|}}
{{:projekte:diverses:p2.jpg?detail&200|}}
{{:projekte:diverses:p3.jpg?detail&200|}}
===== Markante Bau- & Bestandteile =====
* ARM Microcontroller [[http://www.st.com/internet/mcu/product/189786.jsp|STM32F103T8]]
* Serial NOR Flash [[http://www.mxic.com.tw/QuickPlace/hq/PageLibrary4825740B00298A3B.nsf/h_Index/6F878CF760C559BD482576E00022E6CC/?OpenDocument&EPN=MX25L1606E|MX25L1606E]]
* SmartCard, vermutlich [[http://www.gemalto.com/products/top_javacard/|Gealto TOP IM GX4]], ATR: 3B FD 96 00 00 81 31 20 43 80 31 80 65 B0 83 11 48 C8 83 00 90 00 5D
===== Software =====
==== dmesg ====
usb 6-2: New USB device found, idVendor=219c, idProduct=0010
usb 6-2: New USB device strings: Mfr=1, Product=2, SerialNumber=0
usb 6-2: Product: SecureSignToken
usb 6-2: Manufacturer: SEALONE AG
scsi13 : usb-storage 6-2:1.0
generic-usb 0003:219C:0010.0008: hiddev0,hidraw0: USB HID v1.11 Device [SEALONE AG SecureSignToken] on usb-0000:00:1d.0-2/input1
scsi 13:0:0:0: CD-ROM SEALONE SecureSignToken 1.17 PQ: 0 ANSI: 2
sr1: scsi-1 drive
sr 13:0:0:0: Attached scsi CD-ROM sr1
sr 13:0:0:0: Attached scsi generic sg2 type 5
==== sr-Filesystem (unterschiedlich nach einhängendem (!) OS) ====
1792 2 dr-xr-xr-x 3 2048 Mai 25 2011 .
1856 2 dr-xr-xr-x 3 2048 Mai 25 2011 ./.bin
1920 2 dr-xr-xr-x 3 2048 Mai 25 2011 ./.bin/.locale
1984 2 dr-xr-xr-x 3 2048 Mai 25 2011 ./.bin/.locale/de
2048 2 dr-xr-xr-x 2 2048 Mai 25 2011 ./.bin/.locale/de/LC_MESSAGES
2054 5 -r--r--r-- 1 4564 Mai 25 2011 ./.bin/.locale/de/LC_MESSAGES/S1GUI.mo
1866 120 -r-xr-xr-x 1 122540 Mai 25 2011 ./.bin/S1GUI
1803 4 -r--r--r-- 1 3146 Mai 25 2011 ./README.txt
1807 192 -r-xr-xr-x 1 196028 Mai 25 2011 ./SealOne
==== SealOne Binary ====
* strings ./SealOne => kann Spuren von libcurl enthalten
* HTTP statt HTTPS; vermutlich Crypto in der Payload
* schickt SCSI-Kommandos (ioctl) an den USB-Stick
* gibt zumindest Antworten des Sticks per HTTP-Post an Server (SealOne) weiter
* hält HTTP-Verbindung mit gw1.seal-one.com, gw2.seal-one.com oder gw3.seal-one.com offen
* Request-Header ohne POST-Daten:
POST /S1CLGetMessage HTTP/1.1
User-Agent: SealOne USB-Connector/1.1
Host: gw2.seal-one.com
Accept: */*
Content-Type: multipart/form-data; boundary=*S1*
Content-Length: 402
==== lsusb ====
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 2.00
bDeviceClass 0 (Defined at Interface level)
bDeviceSubClass 0
bDeviceProtocol 0
bMaxPacketSize0 64
idVendor 0x219c
idProduct 0x0010
bcdDevice 1.00
iManufacturer 1 SEALONE AG
iProduct 2 SecureSignToken
iSerial 0
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 64
bNumInterfaces 2
bConfigurationValue 1
iConfiguration 2 SecureSignToken
bmAttributes 0x80
(Bus Powered)
MaxPower 96mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 2
bInterfaceClass 8 Mass Storage
bInterfaceSubClass 6 SCSI
bInterfaceProtocol 80 Bulk (Zip)
iInterface 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 1x 64 bytes
bInterval 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02 EP 2 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 1x 64 bytes
bInterval 0
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 1
bAlternateSetting 0
bNumEndpoints 2
bInterfaceClass 3 Human Interface Device
bInterfaceSubClass 0 No Subclass
bInterfaceProtocol 0 None
iInterface 0
HID Device Descriptor:
bLength 9
bDescriptorType 33
bcdHID 1.11
bCountryCode 0 Not supported
bNumDescriptors 1
bDescriptorType 34 Report
wDescriptorLength 52
Report Descriptors:
** UNAVAILABLE **
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x83 EP 3 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 1x 64 bytes
bInterval 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x04 EP 4 OUT
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 1x 64 bytes
bInterval 1
Device Status: 0x0000
(Bus Powered)