尝试用智能卡I/O API读取和写入一个字符串到智能卡。

时间:2022-02-20 07:52:27

I'm using an ACS AET65 card reader trying to store a string into a smart card, and then read it back. I'm using the smartcard IO API and I'm able to get the terminal and connect with the card. However, I've been reading through the ISO 7816 specification and I'm really lost.

我使用的是ACS AET65读卡器,它试图将一个字符串存储到智能卡中,然后将其读回来。我正在使用智能卡IO API,我能够获得终端并连接到该卡。然而,我一直在阅读ISO 7816规范,我真的很迷茫。

All I need to do is write a 3K string to the card, and then read it back. That's it. From what I researched, it seems these cards are supposed to have applets installed on them, but I'm sure there's gotta be a way to just write a plain byte array to it and get it back.

我所要做的就是在卡片上写一个3K的字符串,然后把它读回来。就是这样。根据我的研究,这些卡片上似乎应该安装了applet,但我确信一定有一种方法可以将一个普通的字节数组写入卡片中,并将其取回。

I don't know ho to build the APDU commands for that. I tried the READ BINARY, WRITE BINARY, ERASE BINARY, but I'm certainly doing something wrong. It always returns 0x6E and 0x00 as the SW1 and SW2 bytes of the response, which means error. Here is a snipplet of the part where I send test commands to the applet with a small string:

我不知道应该为它构建APDU命令。我尝试了读二进制,写二进制,擦除二进制,但我肯定做错了什么。它总是返回0x6E和0x00作为响应的SW1和SW2字节,这意味着错误。下面是我用一个小字符串向applet发送测试命令的部分的片段:

Card card = cardTerminal.connect("*");
card.beginExclusive();
System.out.println("Card protocol: "+card.getProtocol());
CardChannel channel = card.getBasicChannel();

String jsonStr = "small test string";

byte[] totalData = new byte[256];

byte[] data = jsonStr.getBytes();

System.arraycopy(data, 0, totalData, 0, data.length);

CommandAPDU eraseCommand = new CommandAPDU(0x00, 0x0E, 0x00, 0x00, data, 0x00);
ResponseAPDU eraseCommandResponse = channel.transmit(eraseCommand);

int eSw1 = eraseCommandResponse.getSW1();
int eSw2 = eraseCommandResponse.getSW2();


// returns 6E00, error
System.out.println("Erase Response SW1: " + toHexString(eSw1) + " and SW2: " + toHexString(eSw2));


CommandAPDU writeCommand = new CommandAPDU(0x00, 0xD0, 0x00, 0x00, data, 0x00);
ResponseAPDU commandResponse = channel.transmit(writeCommand);

int sw1 = commandResponse.getSW1();
int sw2 = commandResponse.getSW2();

// returns 6E00, error    
System.out.println("Write Response SW1: " + toHexString(sw1) + " and SW2: " + toHexString(sw2));

byte[] totalReadData = new byte[255];
CommandAPDU readCommand = new CommandAPDU(0x00, 0xB0, 0x00, 0x00, totalReadData, 0);
ResponseAPDU readCommandResponse = channel.transmit(readCommand);

int rSw1 = readCommandResponse.getSW1();
int rSw2 = readCommandResponse.getSW2();

// returns 6E00, error
System.out.println("Read Response SW1: " + toHexString(rSw1) + " and SW2: " + toHexString(rSw2));

byte[] totalReadData2 = readCommandResponse.getData();

// always returns an empty array
System.out.println("Total data read: "+totalReadData2.length);

card.endExclusive();

How can I accomplish this using the smartcard API?

我如何使用智能卡API来完成它?

Thank you!! Eduardo

谢谢你! !爱德华多

1 个解决方案

#1


3  

Smart cards are there in various forms. The ISO 7816-4 specification specifies a framework for file and record based cards. Many cards and applets comply to this specification, at least to a certain degree.

智能卡有多种形式。ISO 7816-4规范指定了文件和记录卡片的框架。许多卡片和小应用程序遵循这个规范,至少在一定程度上是这样。

Smart cards are basically systems-on-a-chip, although they are in general extremely limited regarding I/O functionality and specifications. These smart cards run operating systems. Sometimes these operating systems are fused with the application layer, providing the base ISO 7816-4 functionality and file system. Other cards only offer an operating system that provides an API for applications, and load / execute functionality for those applications. Java Card is an example for this; basically all the command APDU's that you send are handled by the Java Card applets, with the exception of those specified by Global Platform (which takes care of card management and application upload on most Java Cards).

智能卡基本上是一体机的系统,尽管它们在I/O功能和规格方面通常非常有限。这些智能卡运行操作系统。有时,这些操作系统与应用程序层相结合,提供基本的ISO 7816-4功能和文件系统。其他的卡只提供为应用程序提供API的操作系统,并为这些应用程序加载/执行功能。Java Card就是一个例子;基本上,您发送的所有APDU命令都是由Java Card applet处理的,只有全局平台指定的命令除外(全局平台负责管理卡片并在大多数Java卡片上上传应用程序)。

With this information you will understand that just sending any command APDU - including the ERASE BINARY (often not supported on new cards),READ BINARY or UPDATE BINARY APDU's - is not the way to go. You will need more information about your card to proceed, and yes, you may need to upload an Applet if you've got a Java Card implementation before you can send any application level APDU.

有了这些信息,您就会明白,仅仅发送任何命令APDU(包括擦除的二进制文件(通常不支持新卡)、读取二进制文件或更新二进制文件APDU)都不是正确的方法。您将需要关于您的卡的更多信息,是的,您可能需要上传一个Applet,如果您有一个Java卡实现,在您可以发送任何应用程序级别的APDU之前。

#1


3  

Smart cards are there in various forms. The ISO 7816-4 specification specifies a framework for file and record based cards. Many cards and applets comply to this specification, at least to a certain degree.

智能卡有多种形式。ISO 7816-4规范指定了文件和记录卡片的框架。许多卡片和小应用程序遵循这个规范,至少在一定程度上是这样。

Smart cards are basically systems-on-a-chip, although they are in general extremely limited regarding I/O functionality and specifications. These smart cards run operating systems. Sometimes these operating systems are fused with the application layer, providing the base ISO 7816-4 functionality and file system. Other cards only offer an operating system that provides an API for applications, and load / execute functionality for those applications. Java Card is an example for this; basically all the command APDU's that you send are handled by the Java Card applets, with the exception of those specified by Global Platform (which takes care of card management and application upload on most Java Cards).

智能卡基本上是一体机的系统,尽管它们在I/O功能和规格方面通常非常有限。这些智能卡运行操作系统。有时,这些操作系统与应用程序层相结合,提供基本的ISO 7816-4功能和文件系统。其他的卡只提供为应用程序提供API的操作系统,并为这些应用程序加载/执行功能。Java Card就是一个例子;基本上,您发送的所有APDU命令都是由Java Card applet处理的,只有全局平台指定的命令除外(全局平台负责管理卡片并在大多数Java卡片上上传应用程序)。

With this information you will understand that just sending any command APDU - including the ERASE BINARY (often not supported on new cards),READ BINARY or UPDATE BINARY APDU's - is not the way to go. You will need more information about your card to proceed, and yes, you may need to upload an Applet if you've got a Java Card implementation before you can send any application level APDU.

有了这些信息,您就会明白,仅仅发送任何命令APDU(包括擦除的二进制文件(通常不支持新卡)、读取二进制文件或更新二进制文件APDU)都不是正确的方法。您将需要关于您的卡的更多信息,是的,您可能需要上传一个Applet,如果您有一个Java卡实现,在您可以发送任何应用程序级别的APDU之前。