1

I'm trying to use NFC to emulate a card.

What I expect is that when I pass the phone on an NFC reader the reader reads the data (this data then I would modify in the future).

Passing the phone on the reader, for what I understand, the entry point should be in the Java class CardService.java. But the method processCommandApdu is never called (I have tried to insert a breakpoint there and even a toast, but that code is never called).

So at the moment the main thing that I can not understand is: Did I do something wrong? This thing can be done?

Michael Roland
  • 39,663
  • 10
  • 99
  • 206
Riccardo
  • 135
  • 3
  • 11
  • What did you do on the reader side to interact with the emulated card? – Michael Roland Feb 19 '17 at 15:04
  • About the reader I have just installed the drivers in order to make it works – Riccardo Feb 19 '17 at 19:03
  • So why would you expect the reader to read anything if you don't program it to do so? – Michael Roland Feb 20 '17 at 06:57
  • Because i think that with the sample project "CardEmulation" be able to emulate the device as if it were a card. At least i think it should call the method – Riccardo Feb 20 '17 at 07:42
  • That's correct. That sample project will make the phone emulate a contactless smartcard. But you will also need some software that uses the reader hardware to actually *read* that emulated card. Without such software the reader won't know how to interact with the card and, consequently, the CardEmulator application won't be invoked. – Michael Roland Feb 20 '17 at 22:38
  • I use a driver of the reader acs acr128. I tested it with NFC cards and works fine. I also use a GUI program called "cardpeek" and this is a screenshot of what the reader reads hovering on the reader with the app open: [screen reader of the phone](http://oi67.tinypic.com/2ywhddz.jpg) In this case I run atr read but my aim is to emulate a calypso card. (I think first I have to understand the basic reading) (another information: the reader reads perfectly a calypso card) – Riccardo Feb 21 '17 at 08:51
  • So you **do** use some reader software after all. Android HCE starts at the ISO 8716-4 (APDUs, smartcard application) layer. You won't be able to control parameters used for anti-collision and protocol activation, such as the UID or the ATS (see also http://stackoverflow.com/a/20068329/2425802). In order to interact with cardpeek, you would need to know what application IDs (AIDs/DF names) it tries to select. Once you know that information, you can register the CardEmulation samle application for those AIDs. Only then, Android will forward communication to your HCE application. – Michael Roland Feb 22 '17 at 07:41
  • Ok, how do I figure out which select does Cardpeek? I tried to see in the command log running when reading a Calypso card but I did not understand. So if I understand correctly, I have to figure out which does the reader select (id) and then add it to the app file called "aid_list.xml"? (So the reader call is taking charge from the app) – Riccardo Feb 22 '17 at 09:41
  • That's correct. – Michael Roland Feb 22 '17 at 22:49
  • any suggestions to give the command of cardpeek that makes the select? (in lua language) – Riccardo Feb 23 '17 at 08:49
  • Ok I understand and it works. But I have a doubt, you can change APDU HEADER in an Android phone? – Riccardo Feb 27 '17 at 16:19
  • Why would you want to change the APDU header on the Android side? That's part of the command that you **receive** from the reader. I don't see the point in changing that at the receiver. – Michael Roland Feb 27 '17 at 17:16
  • I need change header on the device because i need to emulate a Calypso card. if you use the header default the device detects the select. But if I do a select like a Calypso Card then it does not detect anything. – Riccardo Mar 03 '17 at 10:33

1 Answers1

3

In order for the method processCommandApdu() to be called for incoming APDU commands, the reader needs to select your application first. Selection is done using the SELECT (by AID / DF name) command according to ISO/IEC 8716-4:

00 A4 04 00  <Lc>  <AID>  00

Where <Lc> is the length of <AID> and <AID> is the application identifier registered for your app.

The ISO/IEC 8716-4 application structure (i.e. application selection through a SELECT (by AID) command) is the only way Android allows to start interaction with an app over HCE. Consequently, it's not possible to emulate cards (card applications) that use different mechanisms. (At least not without modifying the Android system itself; e.g. though a customized ROM or through Xposed.)

AIDs for the CardEmulation sample app are registered through a file named res/xml/aid_list.xml in the example project. In this file you register AID groups, which in turn contain AID filter entries:

<aid-group android:description="@string/card_title" android:category="other">
    <aid-filter android:name="F222222222"/>
</aid-group>

Therefore, the default AID that is registered in the example app is F222222222. Hence, you can use the following SELECT (byte AID) command to select the application:

00 A4 04 00  05  F2 22 22 22 22  00
Michael Roland
  • 39,663
  • 10
  • 99
  • 206