Information

SCARD.001 (Initial)
T J Hudson tjh@cryptsoft.com
15 March 1998


Table of Contents


1. Working with Smartcards

1.1. Mini Glossary

ATR Answer to reset
CHV Card Holder Verification - PIN/Passphrase
CLA Class byte
DF Dedicated file
EF Elementary file
MF Master file (also EF)
FCI File control information
INS Instruction byte

When sending raw ISO 7816-3/4 commands to the reader you send the fixed part of the command first and wait for a response with the instruction code before sending the parameters.

A number of commands require you to use GET RESPONSE to get the result of the operation and simply return the appropriate length to use in the call to GET RESPONSE in SW2.

WRITE BINARY actually involves ANDing data with what is stored on the card. This means that you usually end up writing zeros and then the real data (which is a bit strange IMHO).

1.2. Test for Class

1.3. Test for Instruction

To check for the existance of a particular instruction INS in a given class CLA


Note: you might get back CLA on the front if the instruction requires no parameters!

1.4. Test for File

To find out if a given file exists using the 2-byte file id of FileID:


Note: if you don't know the right value for CLA do a full instruction scan and use the CLA value that has A4 listed as a valid command.

1.5. SW1 SW2

The status values returned from command execution in SW1-SW2 can be interpreted according to the following:

Code Meaning
90 00 No further qualification - command successful
61 xx SW2 indicates the number of response bytes still available. Use GET RESPONSE to access this data.
62 xx Warning - state unchanged
62 00 Warning - no information provided
62 81 Warning - part of returned data may be corrupt
62 82 Warning - end of file/record reached (bad cmd)
62 83 Warning - selected file invalidated
62 84 Warning - bad file control information format
63 xx Warning - state unchanged
63 00 Warning - no information provided
63 81 Warning - file filled up with last write
63 Cx Warning - counter value is x
64 xx Error - state unchanged
65 xx Error - state changed
65 00 Error - no information provided
65 81 Error - memory failure
66 xx Security Error
67 00 Check Error - wrong length
68 xx Check Error - CLA function not supported
68 00 Check Error - no information provided
68 81 Check Error - logical channel not supported
68 82 Check Error - secure messaging not supported
69 xx Check Error - command not allowed
69 00 Check Error - no information provided
69 81 Check Error - command incompatible with file structure
69 82 Check Error - security status not satisfied
69 83 Check Error - authentication method blocked
69 84 Check Error - referenced data invalidated
69 85 Check Error - conditions of use not satisfied
69 86 Check Error - command not allowed (no current EF)
69 87 Check Error - expected SM data objects missing
69 88 Check Error - SM data objects incorrect
6A xx Check Error - wrong parameters
6A 00 Check Error - no information provided
6A 80 Check Error - incorrect parameters in data field
6A 81 Check Error - function not supported
6A 82 Check Error - file not found
6A 83 Check Error - record not found
6A 84 Check Error - not enough memory space in the file
6A 85 Check Error - Lc inconsistant with TLV structure
6A 86 Check Error - inconsistant parameters P1-P2
6A 87 Check Error - Lc inconsistant with P1-P2
6A 88 Check Error - referenced data not found
6B 00 Check Error - wrong parameters
6C xx Check Error - wrong length - xx is the correct length
6D 00 Check Error - instruction code not supported or invalid
6E 00 Check Error - Class not supported
6F 00 Check Error - no precise diagnosis

1.6. Standard Instructions

Value Name
0E ERASE BINARY
20 VERIFY
70 MANAGE CHANNEL
82 EXTERNAL AUTHENTICATE
84 GET CHALLENGE
88 INTERNAL AUTHENTICATE
A4 SELECT FILE
B0 READ BINARY
B2 READ RECORD
C0 GET RESPONSE
C2 ENVELOPE
CA GET DATA
D0 WRITE BINARY
D2 WRITE RECORD
D6 UPDATE BINARY
DA PUT DATA
DC UPDATE RECORD
E2 APPEND RECORD

2. Dumb Mouse

Cards are placed in the reader with contacts facing down. Some versions of the dumb mouse have command echo switched on. This has to be supressed in software or things get rather confused.

2.1. Software

2.2. Probing for card


3. Gemplus GCR 400

Cards are placed in the reader with contacts to the front (it is an upright reader).

 9600 8N1 D

Messages are encoded in ASCII and each message has the form:

 <ACK/NACK> <LENGTH-BYTE> <MESSAGE> <CHECKSUM> 03
 ACK=60, NACK=E0

Note that this is messages sent to the reader and all messages returned from the reader.

The checksum is an xor of all the data fields. All fields except the end of message marker (0x03) are encoded in ASCII with a single character representing each 4 bits.

 60 -> 36 30

This procotol is "compatible" with TLP224. The reader appears to need a delay of at least 100usecs between sending a command and starting to read the response.

3.1. Error codes

An error is indicated by a STATUS that is not 0.

Code Meaning
04 command unknown
09 communication error (bad header)
A0 error in card reset response
A2 dead card (reader-card)
A3 parity error (reader-card)
E4 card send invalid procedure byte
E5 card interrupted reader
E7 card returned error (SW1 SW2 != 90 00)
F7 card removed during operation
FB card absent

3.2. Probing for reader

The sequence CONFIGURATION is:

 01 00

The response should be of the form:

 STATUS <CONFIGURATION-BYTE>

3.3. Probing for card

The sequence to POWER ON CARD is:

 6e 01 00 00

The response should be of the form:

 STATUS COUPLER-TYPE CARD-TYPE LEN ATR

If there is no card present the status is 0xfb=card absent (see the error codes list).

The ATR returned appears to get 0x11,0x00 or 0x11 inserted at the second byte for unknown reasons.

The sequence to POWER OFF CARD is:

 4d

The response should be of the form:

 STATUS 90 00


Note: POWER ON CARD turns on the green light and POWER OFF CARD turns off the green light.

3.4. Config

 DEFINE CARD TYPE
 02 CARD-TYPE VOLTAGE [PRESENT]     # use V=0, P=0

3.5. Sending ISO command

 ISO INPUT
 DA CLA INS A1 A2 L <DATA>
 ISO OUTPUT
 DB CLA INS A1 A2 L <DATA>

4. Communication settings

The default (base) communication settings where known for a card are listed below. These are the settings that have to be used if you are operating using a dumbmouse or other such low-level reader.

Card Setting Manufacturer
Cryptoflex 9600 8E2 D Schlumbger
DX 9600 8E2 D Philips
GPK DES? 9600 8E2 I Gemplus
Foxtel 9600 8O2 I Unknown
RG200 9600 8E2 D Racal

For various readers the card-independant settings are:

Reader Setting Manufacturer
GCR400 9600 8N1 D Gemplus