You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What's the problem?
Transaction.protocolTransmit() is filtering SW 63xx and issuing GET RESPONSE
command automatically (in SCAPI v2.3.2 Samsung S3 at least). For the SCAPI
3.0.0 I believe code has been changed to just check 6310.
This behaviour works for GP GET STATUS but may trigger unexpected behabious in
other cardlets (in a case we're working on the function returned 6d 00 because
it didn't support GET RESPONSE).
I think this behaviour was introduced to solve issue 13, but it had undesired
secondary effects.
What steps will reproduce the problem?
1. Send any command to SE that returns a 63xx
2.
3.
What is the expected output? What do you see instead?
63xx. In our case it's a 63c2, as it is a VERIFY command that implements SW
from the ISO/IEC 7816-4 standard (it would work in SCAPI 3.0.0 I guess, but
solution implemented there is suboptimal, I think).
What version of the product are you using? On what operating system?
SCAPI v2.3.2 Samsung S3
Please provide any additional information below.
I'd suggest that automatical GET RESPONSE is only issued when we check cmd to
be GP GET STATUS, that is CLA vendor-specific and INS F2.
Can provide a patch to SCAPI 3.0.0 if you want, but i can't test.
Original issue reported on code.google.com by [email protected] on 1 Jul 2013 at 6:43
The text was updated successfully, but these errors were encountered:
The problem with 63Cx return codes was solved in SCAPI-3.0.0 with checking for
6310.
Do you still see the need for verification of the previous command for
INS=0xF2? I have not seen a 6310 response in other cases.
Daniel,
Thank you for answer.
I do think that verifying both for INS==0xf2 *and* CLA bit 8 set
(proprietary class) is needed.
ISO/IEC 7816-4 defines 63XX as "State of non-volatile memory has changed
(further qualification in SW2)".
ISO/IEC 7816-4 also defines some interindustry SW2 (IRRC, for the moment
6300, 63Cx, 6382).
However, this doesn't mean that it doesn't in the future or that any
application can't use non-defined ones, as GP does with 6310.
This is still suboptimal, of course, as another card application could
potentially use a proprietary F2 command and return a 6310 with a
different meaning. But chances of meeting this case are greatly reduced
compared to only checking for 6310.
BTW: Just curious, why isn't the second GET STATUS issued as application
level? Why should seek implement concepts for specific applications?
This case is very different than the ISO/IEC 7816-3 61xx/GET RESPONSE case.
Original issue reported on code.google.com by
[email protected]
on 1 Jul 2013 at 6:43The text was updated successfully, but these errors were encountered: