OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Peter Tomlinson (pwtiosis.co.uk)
Date: Thu Aug 02 2001 - 13:15:20 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    The clean way to organise this is:

    (a) An application in the terminal issues APDUs

    (b) The software layer receiving the APDU knows whether the card is being
    operated with T=0 or T=1, and sends information down to the card driver as
    appropriate; if T=0 and a case 4 APDU, the APDU is split into a Case 3 TPDU
    (which sends data to the card) and a Case 2 GET RESPONSE

    (c) The card driver interfaces with a card reader driver

    (d) The card reader driver handles the interface out to the card reader

    Change the card - change only the card driver in the PC; change the card
    reader - change only the card reader driver in the PC

    Write the layer below the application strictly to 7816-4 rules, and cards
    that don't comply (e.g cards that require a GET RESPONSE as part of
    processing every APDU (if that really is true)) are not acceptable.

    Its sad that we cannot yet have a universal card driver, but its going to be
    true for some time to come.

    Regards,

    Peter T
    Bristol UK

    ----- Original Message -----
    From: "Laurent Boulard" <laurent.boulardlouveciennes.tt.slb.com>
    To: <sclinuxlinuxnet.com>
    Sent: Wednesday, August 01, 2001 8:08 AM
    Subject: Re: MUSCLE Is 61xx handled in your driver?

    > David Corcoran wrote:
    >
    > >I think you should handle the Get Response if your APDU looks like the
    > >following:
    > >
    > >CLA INS p1 p2 p3 lentx xx xx xx xx xx lenrx
    > >
    > >Is this correct ?
    > >
    >
    > In the perfect world yes ! but, sadly, people sometimes doesn't follow
    > correctly the ISO7816 or misunderstood it. I have cards (W4SC as an
    > example) which send back a GET RESPONSE even for a APDU without data.
    > This is really annoying as I have to modify my application to take care
    > of this kind of cards.
    >
    > May be the highler level must be modify to hide this behaviour. But,
    > from another point of view, it is interesting to know that you have a
    > card with GET RESPONSE because sometimes those cards must run in
    > terminals without management of the GET REPONSE apdus.
    >
    > --
    > Laurent Boulard
    > Research Engineer
    > Advanced Research
    > SchlumbergerSema (Louveciennes)
    > Tel: +33 (0)1 30 08 45 97
    > Fax: +33 (0)1 30 08 45 24
    > perl -e 'print(pack("h38","34f6e67627164757c6164796f6e63702b3d292"))'
    >
    >
    >
    >
    > ***************************************************************
    > Linux Smart Card Developers - M.U.S.C.L.E.
    > (Movement for the Use of Smart Cards in a Linux Environment)
    > http://www.linuxnet.com/smartcard/index.html
    > ***************************************************************
    >

    ***************************************************************
    Unix Smart Card Developers - M.U.S.C.L.E.
    (Movement for the Use of Smart Cards in a Linux Environment)
    http://www.linuxnet.com/
    To unsubscribe send an email to majordomolinuxnet.com with
    unsubscribe sclinux
    ***************************************************************