2010/11/4 Martin Paljak <[email protected]>:
> Hello,
>
> * Background:
> The Estonian ID card has historically had two ATR-s, a warm and a cold. There
> are several incarnations of the cards where the command interface should be
> "similar" to the original Micardo card but is not always the case.
>
> There are several cards:
> Micardo based with a cold ATR [1] [3] and a warm ATR [2] [4]. Notice that
> cold ATR-s specify both T=1 and T=0 but warm ATR-s don't (which will mean T=0)
> Another incarnation of the card should mimic the Micardo card, but actually
> doesn't. It incorrectly copies the ATR of one of the earlier cards, but in a
> reverse order: the shorter style ATR [5] which other cards use for a warm ATR
> is now used for the cold ATR and the longer cold ATR [6] of a previous card
> used for the warm ATR.
>
> * FYI:
> Some versions of pcsc-lite in the 1.5.x range don't correctly handle such
> situation and truncate the longer warm ATR to the length of the cold ATR
> (which did not pop up with earlier cards).
> This has been fixed in the 1.6.x version, so people who can upgrade should do
> it ASAP :)
>
> * Problem:
> pcsc-lite tries to use T=1 by default, which will cause troubles after a warm
> reset if the two different ATR-s don't specify the same supported protocols
> in the ATR.
pcsc-lite will try to use T=1 if:
- the card ATR says T=1 is supported
AND
- the application uses SCARD_PROTOCOL_T1 (or SCARD_PROTOCOL_T0 |
SCARD_PROTOCOL_T1) in SCardConnect()
Or maybe I misunderstand the problem and pcsc-lite has a bug.
If you know the card T=1 protocol is broken just use SCARD_PROTOCOL_T0.
> To work around it, resetting the card is required. Sadly, one of the cards
> that copies the ATR with both T=1 and T=0 in the warm ATR actually is the one
> who *can't* speak T=1.
> But also, the card is difficult to match because of the copied ATR. This will
> result in needless reset's ("force_protocol" in OpenSC) to get the card to a
> known good state and slows down the already slow communication.
> So with "original" cards the cold ATR claims T=1 support but after a warm
> reset can't be used with T=1 before a card powerdown. With the "broken" card,
> T=1 will be selected by pcsc-lite by default after a warm reset, but T=0
> should be used to make the card work and this will also require a reset.
>
>
> * Question:
> I'm windering if pcsc-lite should only consider the cold ATR (if there are
> two different ATR-s) and the protocols claimed there for protocol agreement?
I don't think that would be correct. PC/SC middleware should respect
what the ATR says.
And using only the cold ATR would not solve your problem. The broken
card has a cold ATR defining T=0 and T=1 but the card does no support
T=1.
> What does the ISO specs say about it? These (IMO broken by design) cards are
> already out there and need the mentioned reset-workarounds, but maybe
> pcsc-lite could be "improved" as well (if it would make sense)
>
>
> [1]
> http://smartcard-atr.appspot.com/parse?ATR=3BFE9400FF80B1FA451F034573744549442076657220312E3043
> [2]
> http://smartcard-atr.appspot.com/parse?ATR=3B6E00FF4573744549442076657220312E30
> [3]
> http://smartcard-atr.appspot.com/parse?ATR=3BDE18FFC080B1FE451F034573744549442076657220312E302B
> [4]
> http://smartcard-atr.appspot.com/parse?ATR=3B5E11FF4573744549442076657220312E30
> [5]
> http://smartcard-atr.appspot.com/parse?ATR=3B6E00004573744549442076657220312E30
> [6]
> http://smartcard-atr.appspot.com/parse?ATR=3BFE9400FF80B1FA451F034573744549442076657220312E3043
>
> All the best,
--
Dr. Ludovic Rousseau
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
