-1

I want to use Java to get access to smart card by Omnikey reader. I found couple solutions like a smartcardio, but it didn't help enough. Basically I connected with reader, but it uses APDU when I don't need it. I have an idea to open stream to my reader by USB and by stream put binary commands to device and then get answer the same way, but technically how can I write it in Java?

I also found libraries like a usb4java, but also bad opinion about that. Maybe someone had any experience with this device and could give me some tips?

On the internet there aren't many tutorials about programming smart cards. I tried also use pyApduTool or HID Omnikey Sync API V2.0., but that only for test. I have to write simple requests to get information from card.

XtrEmE
  • 13
  • 6
  • 1
    I don't exactly understand your problem "uses APDU when I don't need it". Communication with a **card** is done via APDU's and this is by far the easiest way. The more exotic tasks for which you would have to communicate with the **reader** are typically also mapped to APDU's for simplicity. Take a look at [this question](https://stackoverflow.com/q/53274903/1435475) and its answer for a start. – guidot Mar 02 '19 at 12:53
  • 1
    There is a lot in this question, but what is not in there is what you're trying to do. – Maarten Bodewes Mar 03 '19 at 23:23
  • @MaartenBodewes what you mean? – XtrEmE Mar 04 '19 at 18:51
  • @guidot I have to send specific requests for this card, so I want to open stream and then send binary requests. But thanks for link. – XtrEmE Mar 04 '19 at 18:51

1 Answers1

0

There are basically two ways around your issue:

  1. don't use the PC/SC interface used by java.smartcardio but use native, proprietary libraries from the card reader manufacturer, for instance using a wrapper (JNI based, but there are better / higher level alternatives out there);

  2. keep using APDU's, but use CLA byte set to FF hex, opening a connection to the reader. FF is reserved, but it is generally reserved for this kind of card reader access, e.g. to access memory cards without ISO/IEC 7816-4 layer that are supported by the reader manufacturer.

  3. out of two (for completeness only): many card readers have been created using a USB to serial interface chip, which means that you can directly connect to the (virtual) serial interface; needless to say, you will have to know what commands to send and program everything yourself, if this interface is present at all (Omnikey 3121 is relatively new, so I would be surprised).

Both options rely on card reader specific functions, so you will have find the information for the reader to see what is possible. To my knowledge there is no way to request what functionality is provided. Don't expect too much from standardization for this kind of functionality.

Did you check your card reader specific documentation?

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Thanks, I will try it. I have one more thing which I don't understand. I found solutions for get response (basically that was to get "hello" from card, as I know the command is the same for each card), and there in first step before use the commands was "Select applet". I didn't know what is AID of my card, so I tried know that by "PyApduTool" and after connect, I switch to "Applet" tab. After refresh got information "List applets failed. Error: GP init update failed. recv: 6D 00". Maybe you know what that means? (I know what is 6D 00 code and my card is for sure programmed in Java) – XtrEmE Mar 04 '19 at 21:00
  • 6D00 is unknown instruction. You need to perform these things inside the card manager, which you can select by AID. It's either the VISA one (OpenPlatform as is was first called was by VISA/Mastercard) or the GP one for newer cards. However, for INIT UPDATE / EXT AUTH you need to know the keys of the security domain. Those are generally not known for released cards. E.g. POS terminals know the AID's of banking apps, the don't need to list them. – Maarten Bodewes Mar 04 '19 at 22:13
  • Unfortunately, I got "Unable to open USB device: Operation not supported or unimplemented on this platform" by using usb4java library. – XtrEmE Mar 06 '19 at 17:07
  • Yeah, too new, didn't remember it to have one of the FTDI chips in there. Probably a single chip solution, integrating it would already be too expensive. – Maarten Bodewes Mar 07 '19 at 20:57
  • Anyway.. I finally used APDU protocol to send requests. I get responses but data is returned as ISO 7816. I've tryin' parse responses to string but some data is parsed as unrecognized characters.. as �. Could you recommend a good way in Java to decode apdu responses? – XtrEmE Mar 10 '19 at 21:17
  • @XtrEmE: Thats a different question; but if you are trying to interpret as string (let alone unicode?), what is a simple byte sequence, you have a java problem (no longer related to smartcard). – guidot Mar 10 '19 at 22:16