2

I'm really confused to get a firmware form my smart card reader. My smart card reader is ACR122U. This is my program in QT to read my smart card reader firmware. 

#define BULK_EP_OUT    0x02
#define BULK_EP_IN     0x82
QByteArray readFirmware()
{
    QByteArray array;

    array.append(sendByte(0xFF)); //class
    array.append(sendByte(0x00)); //INS
    array.append(sendByte(0x48)); //P1
    array.append(sendByte(0x00)); //P2
    array.append(sendByte(0x00)); //Le
    /*for(int i=0; i<59; i++)
    {
        array.append(sendByte(0x00));
    }*/

    return array;
}

void WriteSmartCard()
{
    int rc=0, claim=0;
    rc = libusb_init(NULL);
    if(rc < 0)
        qDebug() << "failed to initialise libusb.";

    libusb_device_handle *handle = NULL;
    handle = libusb_open_device_with_vid_pid(NULL, 0x072F, 0x2200);
    if(handle == NULL)
        qDebug() << "Error in device opening!";
    else
        qDebug() << "Device opened.";

    libusb_set_configuration(handle, 1); // set device to be I/O
    if(libusb_kernel_driver_active(handle, 0) == 1)
    {
        qDebug() << "Kernel driver is active. Libusb cannot peform to be I/O.";
        if(libusb_detach_kernel_driver(handle, 0) == 0)
            qDebug() << "Kernel driver detached!";
    }
    else
        qDebug() << "No kernel driver is active. Libusb ready to be I/O.";

    claim = libusb_claim_interface(handle, 0);
    if(claim == 0)
        qDebug() << "Claim interface.";
    else
        qDebug() << "Cannot claim interface.";

    // Communicate
    int nbytes=256;
    unsigned char *my_string1=0, *my_string2=0;
    int transferred=0;
    my_string1 = (unsigned char *) malloc(nbytes+1);
    my_string2 = (unsigned char *) malloc(nbytes+1);

    QByteArray dataSend = readFirmware();
    my_string1 = reinterpret_cast<unsigned char*>(dataSend.data());

    claim = libusb_bulk_transfer(handle, BULK_EP_OUT, my_string1, 5, &transferred, 5000);
    if(claim == 0 && transferred == 5)
    {
        qDebug() << "write successful";
        qDebug() << "Returned with : " + QString::number(claim);
        qDebug() << "How many bytes to be written : " + QString::number(transferred);
        for(int j=0; j<transferred; j++)
        {
            qDebug() << sendByte(my_string1[j]).toHex();
        }
    }
    else
    {
        qDebug() << "write error!";
    }

    claim = libusb_bulk_transfer(handle, BULK_EP_IN, my_string2, 64, &transferred, 5000);
    if(claim == 0)
    {
        qDebug() << "Returned with : " + QString::number(claim);
        qDebug() << "How many bytes to be written : " + QString::number(transferred);
        for(int j=0; j<transferred; j++)
        {
            qDebug() << sendByte(my_string2[j]).toHex();
        }
    }
    else
    {
        qDebug() << "Read error.";
        qDebug() << "Returned with : " + QString::number(claim);
        qDebug() << "How many bytes to be written : " + QString::number(transferred);
    }

    claim = libusb_release_interface(handle, 0);
    libusb_close(handle);
    libusb_exit(NULL);
}

I run this program in terminal. I have answer "write successful" and "Read error." How can i solve this??

when i check with lsusb -v in terminal i get this,

Bus 001 Device 010: ID 072f:2200 Advanced Card Systems, Ltd 
Couldn't open device, some information will be missing
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               1.10
  bDeviceClass            0 (Defined at Interface level)
  bDeviceSubClass         0 
  bDeviceProtocol         0 
  bMaxPacketSize0         8
  idVendor           0x072f Advanced Card Systems, Ltd
  idProduct          0x2200 
  bcdDevice            2.14
  iManufacturer           1 
  iProduct                2 
  iSerial                 0 
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           93
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0x80
      (Bus Powered)
    MaxPower              200mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           3
      bInterfaceClass        11 Chip/SmartCard
      bInterfaceSubClass      0 
      bInterfaceProtocol      0 
      iInterface              0 
      ChipCard Interface Descriptor:
        bLength                54
        bDescriptorType        33
        bcdCCID              1.00
        nMaxSlotIndex           0
        bVoltageSupport         7  5.0V 3.0V 1.8V 
        dwProtocols             2  T=1
        dwDefaultClock       4000
        dwMaxiumumClock      4000
        bNumClockSupported      0
        dwDataRate          10752 bps
        dwMaxDataRate      250000 bps
        bNumDataRatesSupp.      0
        dwMaxIFSD             256
        dwSyncProtocols  00000000 
        dwMechanical     00000000 
        dwFeatures       00020040
          Auto parameter negotation made by CCID
          Short APDU level exchange
        dwMaxCCIDMsgLen       271
        bClassGetResponse      00
        bClassEnvelope         00
        wlcdLayout           none
        bPINSupport             0 
        bMaxCCIDBusySlots       1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0008  1x 8 bytes
        bInterval              50
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x02  EP 2 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               1

Am i wrong with endpoint address for read and write to my smart card?? Do i have some mistake with my protocol??

SkyFrotza
  • 97
  • 11
  • Have you looked at the endpoint descriptors whether your read endpoint is right? What does it return as error? – dryman Apr 28 '16 at 08:39
  • yes, i have looked on my endpoint address in terminal. i get thats number. but i still have no solution for this one. Do you have any idea? I don't really know why it return as error. – SkyFrotza Apr 29 '16 at 01:20
  • First question would be what error is returned. What value is claim after the read error? Also how do you know what values are to write and read? Have you used a sniffer or how do you know? – dryman Apr 29 '16 at 08:39
  • When i check again, error has returned -7 for read value and 0 for write value. I don't understand what it is. i don't use sniffer because i don't know what it does. – SkyFrotza May 02 '16 at 04:25
  • This means there was a timeout or in other words: Your device has nothing to tell you. If the device has no data to send to the host the read will timeout. But here is where my knowledge ends. Why the device has no data to send is only a matter of the device you use. I don't rellay know anything about the smart card reader. – dryman May 02 '16 at 07:26

0 Answers0