On Mar 12, 2010, at 9:09 AM, Ray Caruso wrote:
Interesting. How many different cards does your product support?
We support hundreds of different cards but really a large handful of
card families, so that, for example, when we say we support OpenPlatform
cards, you can either count that as one card family or go out and find
all
the OpenPlatform cards you can and count each of those separately. It
all depends on if you are an engineer or a marketing person ;-)
What do you do when a new type of card comes out?
I'm guessing you really mean what do we do when a new type of card comes
out that is not supported by the Sun Ray (since a new OP-based JavaCard
card could come out and it would be recognized as a OP or CAC or
whatever type card).
Do you patch?
Someone has to modify an existing smartcard config file or write a new
one,
and then that new file can be installed on a Sun Ray server by the
server
admin or we may include it in a future patch. The delivery method for
a new
smartcard config file has more to do with business decisions than it
does
with technical ones.
mike
----
On 3/11/2010 12:44 PM, Michael Bender wrote:
Yes, that's what we do on Sun Ray (the Oracle thin client). That is
the only
approach that I could determine would work - each card or card
family has
unique methods to be identified and to extract a unique ID from the
card so
the rules for identifying a card and extracting a unique id need to
be customized
for each card/card family.
OpenPlatform cards make things much easier since in most (all?)
cases they
contain a unique ID that can be extracted from the Card Manager.
mike
----
On Mar 11, 2010, at 4:23 AM, Sébastien Lorquet wrote:
Yes, I feel it's the right way too.
good luck!
Sebastien
On Thu, Mar 11, 2010 at 1:08 PM, Ray Caruso GMAIl <[email protected]
> wrote:
Thank you all for your answers. You have pointed me in the right
direction. I found a resource for each card I need to support that
provides the specific PDUs I need to send to get the data I am need.
Beat regards,
On Mar 10, 2010, at 11:53 PM, Sébastien Lorquet
<[email protected]> wrote:
Hi,
Does this data have a link with what is returned by INIT UPDATE?
In this case this identifier may not be unique.
Sebastien
On Thu, Mar 11, 2010 at 2:52 AM, Michael StJohns <[email protected]
> wrote:
If your card is a global platform card -
1) Select the default security domain
2) do a get data on 00 42 and 00 45 (80 CA 00 42 , 80 CA 00
45). The first is the issuer identification number, the second
is the card image number.
Either or both of these may be set depending on the issuer of the
card. Pre-issue cards probably don't have these set.
Also (both for GP and non GP cards), if the ATR historical bytes
begin with 80, those bytes may include an issuer and card number
or may point to a file on the card which contains them - get a
copy of ISO 7816-4 for details.
Later, Mike
At 01:30 PM 3/10/2010, Ray Caruso wrote:
Thank you for the reply. I am sorry about mis-forming the get
data PDU- I truely doubt it required that type of response- it
did seem a little rude. I should have written XX CA 00 00 00
where XX being the class and I am not sure which instruction
class to use. I used FF as a bitmask way of indicated wild
carding because all 1's can always be OR'd in.
I am reading a manual that states the following:
"The appliance will query the smart card for a unique ID, which
is a portion of a reply from a “get data†application
protocol data unit (APDU) command. The ID contains unique
information such as the smart card manufacturer, smart card chip
manufacturer, chip type, batch number, etc that identifies a
particular card from other cards."
I need to emulate the behavior of the appliance. I am able to
verify the card token during development.
Thanks Again.
On 3/10/2010 11:13 AM, Sébastien Lorquet wrote:
Hi,
Â
As I understand, every smart card has a unique IDÂ
Unfortunately, that single statement is not true.
Well, it's not even true at the chip level (I guess every
manufacturer has its own system) but there is no standard way
to get this "unique number" in the same manner for all cards in
the world.
Each card model *may* support an unique id, but it is specific
to the card model, as well as the method to retrieve it.
that is accessible without security.
Â
I need to read this ID from any card within a reader. I have
spent some, but not enough, quality time with the ISO 7816-4
spec and understand the formation of smart card request and
response APDUs (at least I think I do). I have read that I need
to use the get data command as follows:
FF CA 00 00 00
Nice. You need to spend more time on ISO7816 as the FF class
is invalid, it's not a card command but (maybe) a reader
command or something else.
Moreover if such a magic command existed, someone would have
mentioned it somewhere in google.
Â
However, this fails to provide the correct ID.
Sure. Do you at least know what *is* the correct ID you're
expecting? :-)
Â
Any help on this would be greatly appreciated.
First detect the card model in some way, then pray for the card
to provide a mean to identify itself, then issue the
appropriate valid commands to get it.
Regards
Sebastien
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
