Trying to read and write a string to smartcard using smartcard I/O API

4
votes

I'm using an ACS AET65 card reader trying to store a string into a smart card, and then read it back. I'm using the smartcard IO API and I'm able to get the terminal and connect with the card. However, I've been reading through the ISO 7816 specification and I'm really lost.

All I need to do is write a 3K string to the card, and then read it back. That's it. From what I researched, it seems these cards are supposed to have applets installed on them, but I'm sure there's gotta be a way to just write a plain byte array to it and get it back.

I don't know ho to build the APDU commands for that. I tried the READ BINARY, WRITE BINARY, ERASE BINARY, but I'm certainly doing something wrong. It always returns 0x6E and 0x00 as the SW1 and SW2 bytes of the response, which means error. Here is a snipplet of the part where I send test commands to the applet with a small string:

Card card = cardTerminal.connect("*");
card.beginExclusive();
System.out.println("Card protocol: "+card.getProtocol());
CardChannel channel = card.getBasicChannel();

String jsonStr = "small test string";

byte[] totalData = new byte[256];

byte[] data = jsonStr.getBytes();

System.arraycopy(data, 0, totalData, 0, data.length);

CommandAPDU eraseCommand = new CommandAPDU(0x00, 0x0E, 0x00, 0x00, data, 0x00);
ResponseAPDU eraseCommandResponse = channel.transmit(eraseCommand);

int eSw1 = eraseCommandResponse.getSW1();
int eSw2 = eraseCommandResponse.getSW2();


// returns 6E00, error
System.out.println("Erase Response SW1: " + toHexString(eSw1) + " and SW2: " + toHexString(eSw2));


CommandAPDU writeCommand = new CommandAPDU(0x00, 0xD0, 0x00, 0x00, data, 0x00);
ResponseAPDU commandResponse = channel.transmit(writeCommand);

int sw1 = commandResponse.getSW1();
int sw2 = commandResponse.getSW2();

// returns 6E00, error    
System.out.println("Write Response SW1: " + toHexString(sw1) + " and SW2: " + toHexString(sw2));

byte[] totalReadData = new byte[255];
CommandAPDU readCommand = new CommandAPDU(0x00, 0xB0, 0x00, 0x00, totalReadData, 0);
ResponseAPDU readCommandResponse = channel.transmit(readCommand);

int rSw1 = readCommandResponse.getSW1();
int rSw2 = readCommandResponse.getSW2();

// returns 6E00, error
System.out.println("Read Response SW1: " + toHexString(rSw1) + " and SW2: " + toHexString(rSw2));

byte[] totalReadData2 = readCommandResponse.getData();

// always returns an empty array
System.out.println("Total data read: "+totalReadData2.length);

card.endExclusive();

How can I accomplish this using the smartcard API?

Thank you!! Eduardo

1
javasmartcardsmartcard-reader
+Edy Bourne did you ever made some process with this?JefClaes
I did, but it was a long time ago.. I never had to deal with these again so I don't remember how I moved forward with it. I guess the take away is that it can be done with the smartcard API.Edy Bourne

1 Answers

3
votes

Smart cards are there in various forms. The ISO 7816-4 specification specifies a framework for file and record based cards. Many cards and applets comply to this specification, at least to a certain degree.

Smart cards are basically systems-on-a-chip, although they are in general extremely limited regarding I/O functionality and specifications. These smart cards run operating systems. Sometimes these operating systems are fused with the application layer, providing the base ISO 7816-4 functionality and file system. Other cards only offer an operating system that provides an API for applications, and load / execute functionality for those applications. Java Card is an example for this; basically all the command APDU's that you send are handled by the Java Card applets, with the exception of those specified by Global Platform (which takes care of card management and application upload on most Java Cards).

With this information you will understand that just sending any command APDU - including the ERASE BINARY (often not supported on new cards),READ BINARY or UPDATE BINARY APDU's - is not the way to go. You will need more information about your card to proceed, and yes, you may need to upload an Applet if you've got a Java Card implementation before you can send any application level APDU.