smartcard,apdu,smartcard-reader , Smart Card Reader T0 T1 communication on APDU level

Smart Card Reader T0 T1 communication on APDU level


Tag: smartcard,apdu,smartcard-reader

I am struggle to understand what protocol I have to use to communicate with the card T0 or T1? So, correct me if I am wrong, but the reader actually decides by itself what protocol to use to communicate with the card if the card supports both.

So my logic right now is:

// if ATR(T1) -> set_params(T1 structure) -> T1 APDU communication
// if ATR(T0) -> set_params(T0 structure) -> T0 APDU communication

But it turned out that the logic is wrong and it accidentally worked for majority of readers. I have just discovered the reader that expects T0 communication even if the card ATR returns T1.

Q: What is the logic must be to determine what protocol to use? And if there is a spec behind it, can you please point me out to it.

Edited: I forgot to mention that my code is at pre-boot environment (UEFI) before the OS. So I don't have (use) any APIs whatsoever. My code is at byte-stream APDU level and talks directly to hardware using UEFI UsbIo communication.

Thanks to all!

All the best,



Ok, I re-read the spec (7816-3) again and again, maybe 5 times or more. These are my findings:

According to the Spec there are no such things as "automatic" and "default" protocols whatsoever.

8.2.3 Interface bytes TA TB TC TD

The “first offered transmission protocol” is defined as follows. If TD1 is present, then it encodes the first offered protocol T. If TD1 is absent, then the only offer is T=0.

Ok going further...

6.3.1 Selection of transmission parameters and protocol

... until completion of a successful PPS exchange (see 9.3), after what the interface device shall start the negotiated transmission protocol using the negotiated values of the transmission parameters.

Next one is more interesting in this case:

Otherwise, the interface device shall have started the “first offered transmission protocol” (see TD1 in 8.2.3). The interface device shall do so when the card offers only one transmission protocol and only the default values of the transmission parameters. Such a card need not support PPS exchange.

With Card A it is not entirely true because it does support PPS exchange! It is simply doesn't work with Cherry reader.

Ok, the next key point is in 6.3.1:

NOTE 3 An interface device facing a card in negotiable mode and supporting neither PPS exchange nor the “first offered transmission protocol” can perform either a warm reset or a deactivation.

Thus in case of Cherry reader it doesn't follow the standard! it shell support communication in first offered protocol, which is T1.

I found a really interesting stuff in SmartCard Handbook, 4th Edition 8.2 PROTOCOL PARAMETER SELECTION (PPS) chapter:

The PPS process described above is not suitable for changing protocols with a terminal that has its own specific protocol but cannot execute a PPS.

Figure 8.11 A possible sequence for switching between two transmission protocols supported by a smart card without using a PPS. With the sequence outlined here, the terminal does not have to perform an explicit PPS, but can nevertheless switch between the two protocols by initiating a reset...

...This solution is not ideal from a technical perspective, since a device should always behave the same after each reset, but it is certainly a pragmatic solution for a heterogeneous terminal world.

It doesn't apply to my card though because card doesn't switch the protocol by performing warm reset. But it might be an answer to the weird behavior of the reader.


UID of a NFC/SWP-accessed SIM card

SIM card is used as a secure element in my project. It is accessed through NFC-SWP contactless interface from a terminal device. I need to identify the SIM card somehow with a unique and permanent identifier and I need to be able to read the identifier through NFC. ICCID seems...

Ways of generating a digital signature with .NET Framework

What's the other way of creating a digital signature using a private key (that's on a smart card, with certificate installed in local certificate store) in .NET Framework other than this one, for I have no clue as to how to find out the key container name (and it seems...

ADPU Service in iOS

I'm looking for an NFC solution for iOS similar to HostApduService for Android. Can someone tell me how can I exchange APDU commands in iOS. Thank you....

Is this a bug in Transaction mechanism in javacards?

I wrote the below program and upload it on my card : package transactionMechanismBugCheck; import javacard.framework.APDU; import javacard.framework.Applet; import javacard.framework.ISOException; import javacard.framework.JCSystem; public class TransactionMechanismBugCheck extends Applet { short[] arrayS; byte[] arrayB; private TransactionMechanismBugCheck() { } public static void install(byte bArray[], short bOffset, byte bLength) throws ISOException { new TransactionMechanismBugCheck().register();...

Smart Card Reader T0 T1 communication on APDU level

I am struggle to understand what protocol I have to use to communicate with the card T0 or T1? So, correct me if I am wrong, but the reader actually decides by itself what protocol to use to communicate with the card if the card supports both. So my logic...

Two OwnerPIN object in Java Card

I am working on a Java Card application where our requirement is to keep some static data and balance in the card. For security I was thinking to make 2 object of OwnerPIN. One object is for terminal authentication (i.e. the terminal needs to send 8 bytes of data to...

Cardholder name not included when reading EMV card

I've successfully been able to retrieve the card number and expiry date from a contactless debit/credit card. However, the cardholder name is not being returned in the READ RECORD command response. Am I missing a something? - Select Application # IN_DATA_EXCHANGE >> D4 40 01 00 A4 04 00 07...

How can I extract an X509 certificate from a smart card using Java?

I use the OmniKey 3121 reader and can use the javax.smartcardio API to send APDU commands to the card reader. I'm not sure if there is a standard way to access the certificate stored on the card. Pointers to example code to read the certificate data would greatly help. Also,...

Extended APDUs and T=0/1 communication protocols

I have a JCOP V2.4.2 R3 java card that it is mentioned in its datasheet "The card support both T=1 and T=0 communication protocols" I have also an ACR38 smart card reader that it support both T=0 and T=1 protocols. (I have T=0 communication with one card successfully and T=1...

Sending signature data in response APDU - Java Card

I would like to sign some data (the MESSAGE byte array) on my Java Card and then return the signature in a response APDU. My code works fine (or at least I think it does and it returns 9000) without the line apdu.sendBytes(BAS, sSignLen), but when I uncomment it I...

I got '67 00' error when I create value file for DESFire

I'm working with DESFire cards and I now want create a value file in my application (app has ID 00 00 01). I successfully selected my app with the given ID and then send my command for creating the value file to the isodep.transceive method. My command is here: byte[]...

Javacard applet beginner

I am new to javacard applet development.How many development tools are there now? Which is the simplest for beginners? As simple as possible... Thanks in advance

Smart cards and their files

As far as you know, we can list the applets that reside in a java card using tools such as GlobalPlafromPro as follow: GP: gp -list AID: A000000003000000 (|........|) ISD OP_READY: Security Domain, Card lock, Card terminate, Default selected CVM (PIN) management AID: 010203040506 (|......|) App SELECTABLE: (none) AID: 0102030405...

Make 2 cardlet Java Card communicate

I have 2 cardlets Java Card on the same smart card that I want to make communicate. I could select an applet then send the corresponding APDU and then deselect it and select the other one and etc... I am wondering if it is possible to do it more properly...

Determine Facility Code and Card Number from ATR in C#

I have the following card reader HID Omnikey 5325. I have a contact-less card named HIS Proximity. The number written on this card is 133593 42101044091-3. By reading the card, I get the following ATR hex: 3B050002F10673 Using the folowing applications I have managed to see the following information. I...

Is it possible to program a “Java Card” - enabled smart card in any other language than Java?

I have a Java Card enabled smart card and a card reader that was given by my Lab-instructor. I am supposed to do a project using Java Card 2.1.1 API. I don't like the Java Card API. Is it possible to program my given smart card using any other language...

APDU MIFARE Classic 4K read value at specific sector/block

I'm trying to read some data from my MiFare Classic 4K smartcard. I already know the exact sector/block location of the data (because of a dump via Android), but I don't know how to show it in SpringCard Prox'N'Roll. I know how to access my card and I did a...

JavaCard applet emulating DESFireEV1

My question is simple: is there any existing opensource JavaCard applet emulating the functionality of Mifare DESFireEV1? (the API would have to be a little modified, of course, Select Application 112233 would be for example 80 5A 00 00 03 33 22 11 00 instead of native DESFire command 5A...

Secure Box in JCOP card

JCOP V2.4.2 Revision 3 Security Target: Page 11-12 A Secure Box concept is implemented within JCOP 2.4.2 R3. The Secure Box is a construct which allows to run non certified third party native code and ensures that this code cannot harm, influence or manipulate the JCOP 2.4.2 R3 operating system...

JavaCard - pure software implementation of ECC over GF(2^n)

I have smartcards by NXP that support ECC over GF(p) and that do not support ECC over GF(2^n). In my project I need to use this particular type of smartcard (thousands of instances are used already). However, I need to add verification of EC signature over sect193r1, which is a...

NDEF vs APDU NFC Android

Can you tell me please what is the difference between NDEF (NFC Data Exchange Format) and APDU (Application Protocol Data Unit). I have developed an Android application that reads NDEF messages, and I want to know if it can work for APDU data too....

I got 0x9E parameter error while Credit value file on DESFire card

I now work with value files on DESFire cards. I created a value file in my DESFire card with the following command: byte[] cmdCreateValueFile = new byte[]{ //cmd (byte)0xCC, //file no (byte)0x01, //com.sett. (byte)0x00 , //access rights (byte)0x44 , (byte)0x44, //lower limit (byte)0x00 ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 , //upper limit (byte)0x00...

Promag Card Reader PHP Accessing

I have promag 310 card reader. It is connect to PC with com port. I want to access card ID with PHP xampp in windows platform. I add php_pcsc.dll to extension folder. And I update php.ini with it. then I wrote this code: $context = scard_establish_context(); $readers = scard_list_readers($context); print_r($readers);...

how changing master key or other keys can provide security ?how used session key to keep the further communication between DESFire and reader?

I am working on the ticket electronik that tickets are DESFire cards. I want communications be safe . i now trying change PICC key . Before changing DESFire master key Authenticate with master key is necessary. In desfire sheet about Authenticate at page 31 was described: "This procedure not only...

Sign PDF with smartcard in web context using CAPICOM & iTextSharp

Read through the following references: iText Digital signature white paper, and C# examples. (specifically chapter 4) For those interested, another great and concise summary of the PDF signing process. CAPICOM documentation. Online examples / questions here and on iText mailing list archives, such as here and here. Hashing code: BouncyCastle.X509Certificate[]...

Send APDU commands to USIM/SIM card in android

I was already worked with smart cards and I am familiar with APDU commands (that are defined in ISO/IEC 7816 and Global Platform specifications). Now I want to know if is there any way to send an APDU command to my USIM/SIM card that is inserted to my mobile phone?...

Unable to construct VERIFY_PIN_DIRECT control command

I'm writing a JAVA-app to access my OpenPGP-Card V2.0. The card terminal im using is a "REINER SCT cyberJack RFID standard" which only supports PC/SC under OSX, and now I want to implement the PC/SC 2.0-command "VERIFY_PIN_DIRECT". I tried the following control sequence, the bytes after the | are the...

C on smartcards [closed]

I have the task to write some crypto stuff in C and make it lightweight. The idea behind making it lightweight is, that it could run on a smartcard which doesn't offer much computational power and memory. It won't come to actually running it on a smartcard and it won't...

NFC SWP applet selection returns 6999

I have a simple JavaCard applet installed on my SIM card. I try to communicate with my applet using Omnikey 5121 CL reader and NFC-enabled Sony Xperia L through NFC/SWP (single wire protocol). The problem is I cannot select the applet - as a status word I get 6999. The...

Memory Access Performance in Java Card

Supposing that I instanced a persisant byte array in Java Card with a length of 30 000 (byte[] array = new byte[(short) 0x7530];) that I run through everytime I use my applet. I also instanced an index i that I set everytime I run through my array to 'remember' at...

I got 0x1E error (INTEGRITY_ERROR) while change DESFire master key.What are my mistakes?And How can I resolve?

Whole update1: see question again. I recently am working with DESFire cards .I now decide to change defult master key of PICC. (I already could authenticate with master key all 8 byte 0x00 successfully) 1- Defult master key is 8 byte of zero.It is 00 00 00 00 00 00...

Recovering an ECPublicKey from JavaCard to Java

I am trying to implement ECDH between a terminal (simulated by my computer) and a smart card (Java Card). I fixed the elliptic curve that I want to use, and on the card side I have the following code to run the first part of the protocol : ECPublicKey pubKey...

Performance measures : Java vs JavaCard [closed]

I implemented two algorithms in Java. To compare their effectiveness, I call each function 1000 times and compare the execution time (using System.currentTimeMillis()). It needs 2500 ms to execute the first one and 1300 ms for the second one. With these results, I thought have a significative difference (in term...

How to change master key of DESfire cards?What is deciphered key?

I want to change the master key of a DESfire card. I read mifare DESFire datasheet already, but as I am new in this field, I couldn't understand it. It is explained how to Change the Key at page 37 of above document. Can anybody give me an example or...

ISO7816 - Odd INS codes?

I found these mysterious lines in ISO 7816, ( 5.4.2 Instruction byte The instruction byte INS of a command shall be coded to allow transmission with any of the protocols defined in part 3 of ISO/IEC 7816. Table 10 shows the INS codes that are consequently invalid. Table 10 -...

Howto list files on a smartcard with pyscard

I have to read out a file from a smartcard. The card is written by a digital tachograph that monitors vehicle movements. I could connect to the smartcard reader with psycard ( but then I don't know how to list files on the card and how to download them. I...

How to send a data array to my Applet and manipulation it by Applet and return new data in response apdu?

I want to send a random byte array including for example 24 elements to my JavaCard applet and then my applet is supposed to change that array using a specific method. For example that method XOR each elements with 0x05 and returns the result array in APDU response. To aim...

AID for HID readers

If I want my android phone to emulate a physical card to the following reader: Which AID would I have to use? I was following this example: But when debugging, my code never reaches the public byte[] processCommandApdu(byte[] commandApdu, Bundle extras) { method. Seems the Android device still...

number value to byte[6] array card reader

What's the best way to convert a number to a byte[6] in C#? I'm using MagTek Card reader and trying to display desired amount on device screen, it should be 6-byte array. The amount needs to be used and authorized, EMV Tag 9F02, format n12. Function: int requestSmartCard(int cardType, int...

Recovering an ECPublicKey from Java to JavaCard

This question is related to the one I asked yesterday : Recovering an ECPublicKey from JavaCard to Java I have the same problem but in the opposite way : After sending the public key from my card to my computer (the point is represented as an octet string in uncompressed...

Trying Java Card Application On real smart card

I will write an application for smart card with using Java Card Framework.When I finished my application I want to set up to a real smart card and try it.Which equipment I must have?How can I run my codes on a real smart card?I have to provide a connector between...

Change PIN of a Gemalto Smartcard through a script

We have to use the Gemalto IDPrime .Net card Smartcard. We get these USB Dongles and have to change the PIN. Gemalto says via windows: From the Start menu, choose Run and type PINTool. Insert a IDPrime .Net card in the reader as prompted, and click OK. The change PIN...

Smartcard PKCS11 AES Key Gen Failure

I am attempting to create an AES 256 key on an ACOS5-64 smartcard and OMNIKEY 3121 card reader, using PKCS11 in python (using the PyKCS11 library). So far, all the "standard" operations seem to work with regards to asymmetric crypto. I have run plenty of code samples and pkcs11-tool commands,...