0

I am new to APDU and smartcard communications and I can't figure out how to successfully send APDU commands. When I try for example this command:

00 A4 00 00 02 3F 00 00

I get a 6E 00 response. I tried to figure out which class I had to use for my card, but for every class I tried in in the range 00-FF, I always get the 'Class not supported' error.

I figured this maybe has to do with some authentication in the card, but I have no idea how to do this right.

I used the following Python (pyscard) code:

from smartcard.System import readers
from smartcard.util import toHexString

r = readers()
con = r[0].createConnection()
con.connect()

for c in range(0x00, 0xFF):
    comm = [c, 0xA4, 0x00, 0x00, 0x02, 0x3F00, 0x00]
    data, sw1, sw2 = con.transmit(comm)

    if sw1 != 0x6e:
        print comm
        print 'Response:'
        print data, '\n'
        print 'Status:'
        print '%x %x' % (sw1, sw2)

EDIT: The ATR of the card is 3B 04 49 32 43 2E

Sten Wessel
  • 95
  • 2
  • 9
  • Does the card with any other application? Otherwise, it might be brand new, e. g. still in transport protection mode where it does not yet understand standard commands. – guidot Jan 11 '15 at 10:46
  • It does. It is used by a progam to put data on it, such that other (simple) machines can read it and adjust to the user's needs. – Sten Wessel Jan 11 '15 at 10:48
  • Do you have any documentation for the card? It might be a stupid memory card like SLE55 or a javacard not having the MF you try to select. – guidot Jan 11 '15 at 10:51
  • No, I don't have an'y documentation unfortunately. It is a card used by specific software and I would like to know what the software exactly writes onto the card, the only thing I know is that is uses a ISO 7816 chip. Would such a stupid card make things easier, then? – Sten Wessel Jan 11 '15 at 10:55
  • For memory card look at this question, which gives a reference: http://stackoverflow.com/questions/12110148/i-cant-find-apdu-commands-for-sle5542. Thngs are a little bit easier if it is a memory card, since you are always able to dump the contents. With a properly designed smart card chances are that one can find out very little or even nothing. – guidot Jan 11 '15 at 11:04
  • From that answer I understand that those memory cards don't give an ATR. My card does. Does that mean it is in fact a smartcard? – Sten Wessel Jan 11 '15 at 12:44
  • The ATR you see might also be synthesized by the driver software, but searching for it or posting it might give a first idea what kind of card you have. – guidot Jan 11 '15 at 12:54
  • See my edit for the ATR – Sten Wessel Jan 11 '15 at 13:03
  • I found that my ATR matches a " German Health Insurance Card "LogCard" from concept2.com (a indoor rower manufacturer) I2C card". Does that help any of you guys? – Sten Wessel Jan 11 '15 at 21:35
  • The old "Krankenversichertenkarte" (KVK) was a memory card. At least German documentation should be easy to find, but since all information can simply be dumped, it should be not necessary. In your case it seems to have the I2C interface. Take at look at your readers documentation, how to handle memory cards. A select may be required, but READ BINARY is the main commmand you will need. – guidot Jan 12 '15 at 07:54
  • Allright, thanks @guidot. I will try it as soon as possible to get this working. – Sten Wessel Jan 12 '15 at 11:18
  • Which smart card reader, you are using. – jiten Jan 20 '15 at 11:03
  • I am using a Cherry SmartTerminal XX44. But I found out it was just a I2C card and I got it working with Omnisoft's synchronous API. – Sten Wessel Jan 20 '15 at 15:15

3 Answers3

2

Solved the issue, my card is a I2C card, so the APDU commands won't work with it. I got it working with the Synchronous API of Omnisoft, via C++. Not really what I had in mind, but so far it seems the only option.

Thanks to all who helped me!

Sten Wessel
  • 95
  • 2
  • 9
0

Not an expert, but looking at the pyscard documentation, I think you are playing with the wrong bytes. In the given example (which your code appears to be based on), it says

SELECT = [0xA0, 0xA4, 0x00, 0x00, 0x02]
DF_TELECOM = [0x7F, 0x10]
data, sw1, sw2 = connection.transmit( SELECT + DF_TELECOM )

where it looks like A0 A4 00 00 02 is the command (which should not be modified) and 7F 10 identifies the type of card to talk to (which is almost certainly different depending on what sort of card you have).

Try instead:

from itertools import product

for x,y in product(range(256), repeat=2):
    data, sw1, sw2 = con.transmit([0xA0, 0xA4, 0x00, 0x00, 0x02, x, y])

    if sw1 != 0x6e:
        print("Your card responds to {:02X} {:02X}".format(x, y))
        print("Response: {}".format(data))
        print("Status: {:02X} {:02X}".format(sw1, sw2))

I also found a summary table of commands; hope you find it useful.

Hugh Bothwell
  • 55,315
  • 8
  • 84
  • 99
  • I tried your suggestion, but it still doesn't give me a response other than 6E00. I think the problem is in the first class byte, but I have no idea how and what it is supposed to be. Thanks for the help anyways, the table of commands is very useful!! – Sten Wessel Jan 11 '15 at 08:25
0

Since you are attempting to send a SELECT APDU, why not try the simplest one, i.e. selecting the Issuer Security Domain?

Try this command:

00 A4 04 00 00

You don't need to be concerned about authentication at this point. SELECT should work in all security levels.

mictter
  • 1,358
  • 1
  • 10
  • 13
  • That also didn't work unfortunately. I tried it for all the possible class numbers, but all still give a 6E00 error. – Sten Wessel Jan 11 '15 at 09:21
  • Sorry, I wrote the wrong P1 parameter, it should be 04 (instead of '40' as originally written). I have edited my answer. Can you try it now with 00 A4 04 00 00 ? – mictter Jan 11 '15 at 12:45
  • It doesn't make a difference. Still only 6E00. – Sten Wessel Jan 11 '15 at 12:49