Java Card

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Extended APDU through T0

921673Mar 5 2012 — edited Mar 10 2012

I tried to send following extended APDU command to my applet:

CLA: 00 INS: 20 P1: 00 P2: 00 LC: 00 03 10 LE: 00 03 
Data: 30 82 03 0C 30 82 01 F4 A0 03 02 01 02 02 03 01 00 20 30 0D 06 09 2A 86 48 86 F7 0D
01 01 05 05 00 30 3E 31 0B 30 09 06 03 55 04 06 13 02 50 4C 31 1B 30 19 06 03 55 04 0A 13
12 55 6E 69 7A 65 74 6F 20 53 70 2E 20 7A 20 6F 2E 6F 2E 31 12 30 10 06 03 55 04 03 13 09
43 65 72 74 75 6D 20 43 41 30 1E 17 0D 30 32 30 36 31 31 31 30 34 36 33 39 5A 17 0D 32 37
30 36 31 31 31 30 34 36 33 39 5A 30 3E 31 0B 30 09 06 03 55 04 06 13 02 50 4C 31 1B 30 19
06 03 55 04 0A 13 12 55 6E 69 7A 65 74 6F 20 53 70 2E 20 7A 20 6F 2E 6F 2E 31 12 30 10 06
03 55 04 03 13 09 43 65 72 74 75 6D 20 43 41 30 82 01 22 30 0D 06 09 2A 86 48 86 F7 0D 01
01 01 05 00 03 82 01 0F 00 30 82 01 0A 02 82 01 01 00 CE B1 C1 2E D3 4F 7C CD 25 CE 18 3E
4F C4 8C 6F 80 6A 73 C8 5B 51 F8 9B D2 DC BB 00 5C B1 A0 FC 75 03 EE 81 F0 88 EE 23 52 E9
E6 15 33 8D AC 2D 09 C5 76 F9 2B 39 80 89 E4 97 4B 90 A5 A8 78 F8 73 43 7B A4 61 B0 D8 58
CC E1 6C 66 7E 9C F3 09 5E 55 63 84 D5 A8 EF F3 B1 2E 30 68 B3 C4 3C D8 AC 6E 8D 99 5A 90
4E 34 DC 36 9A 8F 81 88 50 B7 6D 96 42 09 F3 D7 95 83 0D 41 4B B0 6A 6B F8 FC 0F 7E 62 9F
67 C4 ED 26 5F 10 26 0F 08 4F F0 A4 57 28 CE 8F B8 ED 45 F6 6E EE 25 5D AA 6E 39 BE E4 93
2F D9 47 A0 72 EB FA A6 5B AF CA 53 3F E2 0E C6 96 56 11 6E F7 E9 66 A9 26 D8 7F 95 53 ED
0A 85 88 BA 4F 29 A5 42 8C 5E B6 FC 85 20 00 AA 68 0B A1 1A 85 01 9C C4 46 63 82 88 B6 22
B1 EE FE AA 46 59 7E CF 35 2C D5 B6 DA 5D F7 48 33 14 54 B6 EB D9 6F CE CD 88 D6 AB 1B DA
96 3B 1D 59 02 03 01 00 01 A3 13 30 11 30 0F 06 03 55 1D 13 01 01 FF 04 05 30 03 01 01 FF
30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 82 01 01 00 B8 8D CE EF E7 14 BA CF EE B0
44 92 6C B4 39 3E A2 84 6E AD B8 21 77 D2 D4 77 82 87 E6 20 41 81 EE E2 F8 11 B7 63 D1 17
37 BE 19 76 24 1C 04 1A 4C EB 3D AA 67 6F 2D D4 CD FE 65 31 70 C5 1B A6 02 0A BA 60 7B 6D
58 C2 9A 49 FE 63 32 0B 6B E3 3A C0 AC AB 3B B0 E8 D3 09 51 8C 10 83 C6 34 E0 C5 2B E0 1A
B6 60 14 27 6C 32 77 8C BC B2 72 98 CF CD CC 3F B9 C8 24 42 14 D6 57 FC E6 26 43 A9 1D E5
80 90 CE 03 54 28 3E F7 3F D3 F8 4D ED 6A 0A 3A 93 13 9B 3B 14 23 13 63 9C 3F D1 87 27 79
E5 4C 51 E3 01 AD 85 5D 1A 3B B1 D5 73 10 A4 D3 F2 BC 6E 64 F5 5A 56 90 A8 C7 0E 4C 74 0F
2E 71 3B F7 C8 47 F4 69 6F 15 F2 11 5E 83 1E 9C 7C 52 AE FD 02 DA 12 A8 59 67 18 DB BC 70
DD 9B B1 69 ED 80 CE 89 40 48 6A 0E 35 CA 29 66 15 21 94 2C E8 60 2A 9B 85 4A 40 F3 6B 8A
24 EC 06 16 2C 73

which is:

00 20 00 00 00 03 10 30 82 03 0C 30 82 01 F4 A0 03 02 01 02 02 03 01 00 20 30 0D 06 09 2A
86 48 86 F7 0D 01 01 05 05 00 30 3E 31 0B 30 09 06 03 55 04 06 13 02 50 4C 31 1B 30 19 06
03 55 04 0A 13 12 55 6E 69 7A 65 74 6F 20 53 70 2E 20 7A 20 6F 2E 6F 2E 31 12 30 10 06 03
55 04 03 13 09 43 65 72 74 75 6D 20 43 41 30 1E 17 0D 30 32 30 36 31 31 31 30 34 36 33 39
5A 17 0D 32 37 30 36 31 31 31 30 34 36 33 39 5A 30 3E 31 0B 30 09 06 03 55 04 06 13 02 50
4C 31 1B 30 19 06 03 55 04 0A 13 12 55 6E 69 7A 65 74 6F 20 53 70 2E 20 7A 20 6F 2E 6F 2E
31 12 30 10 06 03 55 04 03 13 09 43 65 72 74 75 6D 20 43 41 30 82 01 22 30 0D 06 09 2A 86
48 86 F7 0D 01 01 01 05 00 03 82 01 0F 00 30 82 01 0A 02 82 01 01 00 CE B1 C1 2E D3 4F 7C
CD 25 CE 18 3E 4F C4 8C 6F 80 6A 73 C8 5B 51 F8 9B D2 DC BB 00 5C B1 A0 FC 75 03 EE 81 F0
88 EE 23 52 E9 E6 15 33 8D AC 2D 09 C5 76 F9 2B 39 80 89 E4 97 4B 90 A5 A8 78 F8 73 43 7B
A4 61 B0 D8 58 CC E1 6C 66 7E 9C F3 09 5E 55 63 84 D5 A8 EF F3 B1 2E 30 68 B3 C4 3C D8 AC
6E 8D 99 5A 90 4E 34 DC 36 9A 8F 81 88 50 B7 6D 96 42 09 F3 D7 95 83 0D 41 4B B0 6A 6B F8
FC 0F 7E 62 9F 67 C4 ED 26 5F 10 26 0F 08 4F F0 A4 57 28 CE 8F B8 ED 45 F6 6E EE 25 5D AA
6E 39 BE E4 93 2F D9 47 A0 72 EB FA A6 5B AF CA 53 3F E2 0E C6 96 56 11 6E F7 E9 66 A9 26
D8 7F 95 53 ED 0A 85 88 BA 4F 29 A5 42 8C 5E B6 FC 85 20 00 AA 68 0B A1 1A 85 01 9C C4 46
63 82 88 B6 22 B1 EE FE AA 46 59 7E CF 35 2C D5 B6 DA 5D F7 48 33 14 54 B6 EB D9 6F CE CD
88 D6 AB 1B DA 96 3B 1D 59 02 03 01 00 01 A3 13 30 11 30 0F 06 03 55 1D 13 01 01 FF 04 05
30 03 01 01 FF 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 82 01 01 00 B8 8D CE EF E7
14 BA CF EE B0 44 92 6C B4 39 3E A2 84 6E AD B8 21 77 D2 D4 77 82 87 E6 20 41 81 EE E2 F8
11 B7 63 D1 17 37 BE 19 76 24 1C 04 1A 4C EB 3D AA 67 6F 2D D4 CD FE 65 31 70 C5 1B A6 02
0A BA 60 7B 6D 58 C2 9A 49 FE 63 32 0B 6B E3 3A C0 AC AB 3B B0 E8 D3 09 51 8C 10 83 C6 34
E0 C5 2B E0 1A B6 60 14 27 6C 32 77 8C BC B2 72 98 CF CD CC 3F B9 C8 24 42 14 D6 57 FC E6
26 43 A9 1D E5 80 90 CE 03 54 28 3E F7 3F D3 F8 4D ED 6A 0A 3A 93 13 9B 3B 14 23 13 63 9C
3F D1 87 27 79 E5 4C 51 E3 01 AD 85 5D 1A 3B B1 D5 73 10 A4 D3 F2 BC 6E 64 F5 5A 56 90 A8
C7 0E 4C 74 0F 2E 71 3B F7 C8 47 F4 69 6F 15 F2 11 5E 83 1E 9C 7C 52 AE FD 02 DA 12 A8 59
67 18 DB BC 70 DD 9B B1 69 ED 80 CE 89 40 48 6A 0E 35 CA 29 66 15 21 94 2C E8 60 2A 9B 85
4A 40 F3 6B 8A 24 EC 06 16 2C 73 00 03

through T0. I used following GPShell script to send the command:

mode_211
enable_trace
enable_timer

establish_context
card_connect
select -AID 6768696A6B01

// Get card status
send_apdu -sc 0 -APDU 0010000003

// Initialize card
send_apdu -sc 0 -APDU 002000000003103082030c308201f4a0030201020203010020300d06092a864886f
70d0101050500303e310b300906035504061302504c311b3019060355040a1312556e697a65746f2053702e20
7a206f2e6f2e311230100603550403130943657274756d204341301e170d3032303631313130343633395a170
d3237303631313130343633395a303e310b300906035504061302504c311b3019060355040a1312556e697a65
746f2053702e207a206f2e6f2e311230100603550403130943657274756d20434130820122300d06092a86488
6f70d01010105000382010f003082010a0282010100ceb1c12ed34f7ccd25ce183e4fc48c6f806a73c85b51f8
9bd2dcbb005cb1a0fc7503ee81f088ee2352e9e615338dac2d09c576f92b398089e4974b90a5a878f873437ba
461b0d858cce16c667e9cf3095e556384d5a8eff3b12e3068b3c43cd8ac6e8d995a904e34dc369a8f818850b7
6d964209f3d795830d414bb06a6bf8fc0f7e629f67c4ed265f10260f084ff0a45728ce8fb8ed45f66eee255da
a6e39bee4932fd947a072ebfaa65bafca533fe20ec69656116ef7e966a926d87f9553ed0a8588ba4f29a5428c
5eb6fc852000aa680ba11a85019cc446638288b622b1eefeaa46597ecf352cd5b6da5df748331454b6ebd96fc
ecd88d6ab1bda963b1d590203010001a3133011300f0603551d130101ff040530030101ff300d06092a864886
f70d01010505000382010100b88dceefe714bacfeeb044926cb4393ea2846eadb82177d2d4778287e6204181e
ee2f811b763d11737be1976241c041a4ceb3daa676f2dd4cdfe653170c51ba6020aba607b6d58c29a49fe6332
0b6be33ac0acab3bb0e8d309518c1083c634e0c52be01ab66014276c32778cbcb27298cfcdcc3fb9c8244214d
657fce62643a91de58090ce0354283ef73fd3f84ded6a0a3a93139b3b142313639c3fd1872779e54c51e301ad
855d1a3bb1d57310a4d3f2bc6e64f55a5690a8c70e4c740f2e713bf7c847f4696f15f2115e831e9c7c52aefd0
2da12a8596718dbbc70dd9bb169ed80ce8940486a0e35ca29661521942ce8602a9b854a40f36b8a24ec06162c
730003

GPShell failed to send the command as follows:

send_apdu -sc 0 -APDU 002000000003103082030c308201f4a0030201020203010020300d0609
2a864886f70d0101050500303e310b300906035504061302504c311b3019060355040a1312556e69
7a65746f2053702e207a206f2e6f2e311230100603550403130943657274756d204341301e170d30
32303631313130343633395a170d3237303631313130343633395a303e310b300906035504061302
504c311b3019060355040a1312556e697a65746f2053702e207a206f2e6f2e311230100603550403
130943657274756d20434130820122300d06092a864886f70d01010105000382010f003082010a02
82010100ceb1c12ed34f7ccd25ce183e4fc48c6f806a73c85b51f89bd2dcbb005cb1a0fc7503ee81
f088ee2352e9e615338dac2d09c576f92b398089e4974b90a5a878f873437ba461b0d858cce16c66
7e9cf3095e556384d5a8eff3b12e3068b3c43cd8ac6e8d995a904e34dc369a8f818850b76d964209
f3d795830d414bb06a6bf8fc0f7e629f67c4ed265f10260f084ff0a45728ce8fb8ed45f66eee255d
aa6e39bee4932fd947a072ebfaa65bafca533fe20ec69656116ef7e966a926d87f9553ed0a8588ba
4f29a5428c5eb6fc852000aa680ba11a85019cc446638288b622b1eefeaa46597ecf352cd5b6da5d
f748331454b6ebd96fcecd88d6ab1bda963b1d590203010001a3133011300f0Command --> 00200
0000003103082030C308201F4A0030201020203010020300D06092A864886F70D0101050500303E3
10B300906035504061302504C311B3019060355040A1312556E697A65746F2053702E207A206F2E6
F2E311230100603550403130943657274756D204341301E170D3032303631313130343633395A170
D3237303631313130343633395A303E310B300906035504061302504C311B3019060355040A13125
56E697A65746F2053702E207A206F2E6F2E311230100603550403130943657274756D20434130820
122300D06092A864886F70D01010105000382010F003082010A0282010100CEB1C12ED34F7CCD25C
E183E4FC48C6F806A73C85B51F89BD2DCBB00
Wrapped command --> 002000000003103082030C308201F4A0030201020203010020300D06092A
864886F70D0101050500303E310B300906035504061302504C311B3019060355040A1312556E697A
65746F2053702E207A206F2E6F2E311230100603550403130943657274756D204341301E170D3032
303631313130343633395A170D3237303631313130343633395A303E310B30090603550406130250
4C311B3019060355040A1312556E697A65746F2053702E207A206F2E6F2E31123010060355040313
0943657274756D20434130820122300D06092A864886F70D01010105000382010F003082010A0282
010100CEB1C12ED34F7CCD25CE183E4FC48C6F806A73C85B51F89BD2DCBB00
send_APDU() returns 0x00000057 (The parameter is incorrect.
)

Then used another tool to send the command and this time get

6D 00

from card.

This is a simplified version of the applet:

public class RCSApplet extends Applet implements ExtendedLength {

    // Card status
    private final static byte ST_UNINITIALIZED     = (byte) 0x01;
    private final static byte ST_INITIALIZED       = (byte) 0x02;

    // Instructions
    private final static byte INS_INIT_UPDATE      = (byte) 0x50;
    private final static byte INS_EXT_AUTH         = (byte) 0x82;

    private final static byte INS_INITIALIZE       = (byte) 0x20;

    // Card is not initialized
    private final static short SW_CARD_ALREADY_INITIALIZED   = (short) 0x9102;

    private Data content;
    private short cardStatus;

	public static void install(byte[] bArray, short bOffset, byte bLength) {
		new RECSApplet( bArray, bOffset, bLength);
	}

    public RECSApplet(byte[] bArray, short bOffset, byte bLength) {
        cardStatus = ST_UNINITIALIZED;
        content = new Data();
        
        byte aidLen = bArray[bOffset];
        if (aidLen== (byte)0){
            register();
        } else {
            register(bArray, (short)(bOffset+1), aidLen);
        }
    }

    public void process(APDU apdu) {
		if (selectingApplet()) {
			return;
		}
        byte[] buffer = apdu.getBuffer();

        byte cla = buffer[ISO7816.OFFSET_CLA];
        byte ins = buffer[ISO7816.OFFSET_INS];
        SecureChannel sc = GPSystem.getSecureChannel();
        if ((byte) (cla & 0x80) == (byte) 0x80) {
            switch (ins) {
                case INS_INIT_UPDATE:
                case INS_EXT_AUTH:
                    apdu.setOutgoingAndSend(ISO7816.OFFSET_CDATA, sc.processSecurity(apdu));
                    return;
            default:
                ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
            }
        } else
            switch (ins) {
                case INS_INITIALIZE:
                    processInitialize(apdu);
                    break;
                default:
                    ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
            }
	}

    private void processInitialize(APDU apdu) {
        if(cardStatus == ST_INITIALIZED)
            ISOException.throwIt(SW_CARD_ALREADY_INITIALIZED);
        byte[] buffer = apdu.getBuffer();
        short lc = apdu.getIncomingLength();
        short rcvLen = apdu.setIncomingAndReceive();

        byte[] data = new byte[lc];
        short destOffset = 0;
        while (rcvLen > 0) {
            short dataOffset = apdu.getOffsetCdata();
            Util.arrayCopy(buffer, dataOffset, data, destOffset, rcvLen);
            destOffset += rcvLen;
            rcvLen = apdu.receiveBytes(dataOffset);
        }
        content.setData(data);
        cardStatus = ST_INITIALIZED;
    }

}

It works well with ordinary APDU. Any idea?

Regards
Mehdi

Locked Post

New comments cannot be posted to this locked post.

Locked on Apr 7 2012

Added on Mar 5 2012

#error, #java-card

25 comments

3,819 views