stackoom
  简体   繁体   中英

JavaCard SELECT with Next Occurrence Not Received by Applet

 原文  2018-02-28 22:01:07       smartcard/ javacard/ apdu/ jcop

Question

I have an application with RESET Privilege being the default selected application after reset.

My application has a logging mechanism to tell exactly what were the requests made to the card. I have several dynamic responses depending on current state. I also checked the behavior with a card spy.

All APDUs are being correctly forwarded to my application including those SELECTs that don't belong to it and don't match any other application on card.

This however doesn't happen when receiving a SELECT DF Next Occurrence (A4 04 02). Instead, the following SW is returned by the card: 6A85-Conditions not satisfied.

Now.. I understand what the card might be doing, which is to check if there's an application currently selected with the same AID specified and would go try to select the next application with same id. (This is not the case. No conflicting AIDs on card).

My question is : Should the card OS not forward this APDU in case there is no matching application installed? This is the supposed behavior for selects where there is an application already selected.

Another question : Is there a way to fix/circumvent this or you think this could be an OS bug? Or is this not the case at all?

Example: 

Card Reset

-> 00 A4 04 00 07 AIDx7..
<- My Applet 90 00

-> 00 A4 04 02 07 AIDx7...
<- Card 6A 85

Moves on to other selects
My applet is still selected.

I'm using a NXP JCOP3 card.

Thanks in advance.

1 answers

solution1
 3 ACCPTED  2018-03-01 02:00:25

Citing GlobalPlatform Card Specification Version 2.3 , page 68:

6.4.2.1.2 Explicit Selection on Basic Logical Channel

....some paragraphs skipped....

Runtime Behavior

The following requirements apply to the OPEN in the explicit Application selection (SELECT [by name]) process on the Basic Logical Channel (This behavior does not apply if the card Life Cycle State is TERMINATED):

....several cases skipped....

  • If no full or partial match is found at all, the currently selected Application on the Basic Logical Channel shall remain the selected Application and

    • If the SELECT [by name] command has the [first or only occurrence] parameter set, the SELECT command is dispatched to the Application.

    • If the SELECT [by name] command has the [next occurrence] parameter set, the OPEN shall return the appropriate error to the off-card entity.

Which exactly matches the behaviour you describe (it needs to be said that your JCOP is probably subject to some earlier version of GlobalPlatform Card Specification).

For the second question:

  • My bet is that there is no semi-easy way to fix/circumvent this using your particular card.

  • There are other cards that work differently -- which one to use depends on your use-case.

Good luck!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Is there any way to select a javacard applet without using the select APDU command? Installing applet in javacard Deploy javacard applet on a Jcard Hide an applet on javacard Installing an applet on a JavaCard How to reduce the size of javacard applet JavaCard applet emulating DESFireEV1 Update: Personalization of Javacard Applet with GlobalPlatform OpenSC fails to connect javacard with PKCS applet How to Self-Lock a Javacard Applet
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM