Re: MUSCLE VerifyKey using OCF
Hi All, Does anybody here use Cyberflex Access cards with OCF? If so, could you help me with the doubt below? In the Cyberflex Access card we have the idea of identity such as AUT0, AUT1, etc. In OCF to verify a Card Holder we must use the sendVerifyCommand. Now what do I do to verify a identity using OCF?? In CyberflexAccess we have the VerifyKey command (00, 2A, 00, Key_NUMBER, Len, Key). Hi, To do so, you can build a CardService containing these two functions: private ResponseAPDU sendAPDU(byte apdu[]) throws CardTerminalException { CommandAPDU commandAPDU = new CommandAPDU(apdu); System.out.println(commandAPDU); ResponseAPDU responseAPDU = getCardChannel().sendCommandAPDU(commandAPDU); System.out.print(Status Word: + Integer.toHexString(responseAPDU.sw())+\n); return (responseAPDU); } public void verifyKey() { byte[] verapdu = //a byte array containing (00, 2A, 00, Key_NUMBER, Len, Key) ResponseAPDU resapdu; try { allocateCardChannel(); resapdu = sendAPDU(verapdu); } catch (Exception e) {e.printStackTrace(); } finally {releaseCardChannel();} } Hope this helps, Emiliano Ida' *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
RE: MUSCLE Is 61xx handled in your driver?
Most readers wont handle this response code. Some POS terminals will. You should send the get response/data command to retrieve the data. John -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Naomaru Itoi Sent: Monday, July 30, 2001 6:43 PM To: [EMAIL PROTECTED] Subject:MUSCLE Is 61xx handled in your driver? When a card returns 61.xx, it means that the card has xx byte to return to host. Does a smartcard reader driver handle this, usually? Does it automatically send get_response APDU and get the return data, or does it pass the status code 61.xx to the application? I am not trying to find out which the right way is. I am trying to find out how the actual reader drivers do it. Thank you. -- Concentration .. Naomaru Itoi, coding @ home *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Is 61xx handled in your driver?
Hello, Most of the drivers pass the 61 XX back to the application to handle. I think it is bad practice to handle this in the driver since it is a card specific ISO function. This should happen above the reader abstraction where the card abstraction layer occurs. BTW - has anyone done an OSI like modeling for how a smartcard infrastructure should occur ? Regards, Dave On Mon, 30 Jul 2001, Naomaru Itoi wrote: When a card returns 61.xx, it means that the card has xx byte to return to host. Does a smartcard reader driver handle this, usually? Does it automatically send get_response APDU and get the return data, or does it pass the status code 61.xx to the application? I am not trying to find out which the right way is. I am trying to find out how the actual reader drivers do it. Thank you. -- Concentration .. Naomaru Itoi, coding @ home *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE VerifyKey using OCF
Hi Emiliano, Thanks by your tip. But, what I want to know is: The idea of Identities (AUT0, AUT1, etc) that exists en Cyberflex is also valid in the OCF context? Are there others cards that have the same concept the identities? For example, to download a Cardlet to my card I need before authenticate me with the card using for this, the AUT0 identity (In the CyberflexAccess is the Transport Key). Does anybody here use OCF to download applets to the CyberflexAccess? More one time thanks by the answers. [ ]´s Luciano da Silva Coelho [EMAIL PROTECTED] Sun Certified Programmer for JAVA2 Sun Certified Instructor for JAVA2 Diretor de Tecnologia e-Sec Tecnologia em Segurança de Dados www.esec.com.br - Original Message - From: Emiliano Ida' [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, July 31, 2001 5:07 AM Subject: Re: MUSCLE VerifyKey using OCF Hi All, Does anybody here use Cyberflex Access cards with OCF? If so, could you help me with the doubt below? In the Cyberflex Access card we have the idea of identity such as AUT0, AUT1, etc. In OCF to verify a Card Holder we must use the sendVerifyCommand. Now what do I do to verify a identity using OCF?? In CyberflexAccess we have the VerifyKey command (00, 2A, 00, Key_NUMBER, Len, Key). Hi, To do so, you can build a CardService containing these two functions: private ResponseAPDU sendAPDU(byte apdu[]) throws CardTerminalException { CommandAPDU commandAPDU = new CommandAPDU(apdu); System.out.println(commandAPDU); ResponseAPDU responseAPDU = getCardChannel().sendCommandAPDU(commandAPDU); System.out.print(Status Word: + Integer.toHexString(responseAPDU.sw())+\n); return (responseAPDU); } public void verifyKey() { byte[] verapdu = file://a byte array containing (00, 2A, 00, Key_NUMBER, Len, Key) ResponseAPDU resapdu; try { allocateCardChannel(); resapdu = sendAPDU(verapdu); } catch (Exception e) {e.printStackTrace(); } finally {releaseCardChannel();} } Hope this helps, Emiliano Ida' *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Is 61xx handled in your driver?
When a card returns 61.xx, it means that the card has xx byte to return to host. Does a smartcard reader driver handle this, usually? My Todos driver does. It seemed useful at the time. I would like to know whether this is correct or not. Most other reader drivers I have looked at do not. *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Is 61xx handled in your driver?
Hi, I completly agree with Andreas. Get Response is dependant on T=0 transport protocol and must not be handled at application level. This is at least what ISO 7816 says. Towitoko driver 2.0.X handles authomatically the Get Response when the command is Case 3 or Case 4. Also the issues athomatically the Envelope command and cares of extended commands (more that 255 bytes sent/received). --- Andreas Schwier [EMAIL PROTECTED] wrote: Most of the drivers pass the 61 XX back to the application to handle. I think it is bad practice to handle this in the driver since it is a card specific ISO function. GET RESPONSE is a transport level command. It should therefore be invisible for the application. The problem arises if you write applications that work with cards that support either T=0 or T=1 transport via PPS. If the reader hardware is capable of doing either T=0 or T=1, then the application always would need to know what protocol is used. If it is T=0, then it would need to send GET RESPONSE, if it is T=1 then it would not send a GET RESPONSE. ISO7816-4 was specifically rewritten at some point in time to eliminate dependencies on T=0. ISO7816-4 now defines command and response APDU in the first part and defines the mapping of these APDUs onto T=0 or T=1 transport in the annex. Andreas *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Is 61xx handled in your driver?
I agree that the application should not have to deal with this. But I don't think the driver should either. Anything that every driver must do in the same way really belongs at a higher level, in pc/sc. *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Is 61xx handled in your driver?
I think you should handle the Get Response if your APDU looks like the following: CLA INS p1 p2 p3 lentx xx xx xx xx xx lenrx Is this correct ? Dave *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***