I am trying to write an Android App to read/write an NFC Card which supports the ISO 14443 Type A standard. After a thorough search it seems that the only option left now for me is to use the IsoDep class and its transceive method by sending the APDU commands. The card that I have is a SmartCafe dual interface card supporting the ISO 14443 and ISO 7816 standards.
Then I stated to look for APDUs for the 14443 standard. I have found this page with a good resource regarding this. However, the problem is the lack of any example APDUs.
There are several questions and answers with APDUs (e.g. this) in the stackoverflow which I tried with no luck.
A brute force attempt revealed the following result with a select command: 6F108408A000000003000000A5049F6501FF9000 which looks like a file control information for the card. But I am struggling on how to interpret this information.
I am also struggling with the flow to work with the card. So far I have understood:
The card is a new one and might not have any other file or information other than the file control information. So which PDU can be used to create a file in a specific location and which PDU can be used to read from that file?
The card you are using (SmartCafe dual interface) is a JavaCard.
Your attempted SELECT command must have been something like:
00 A4 04 00 00
or
00 A4 04 00 08 A000000003000000 00
What you see in response to that SELECT command is the FCI of the GlobalPlatform card manager:
6F 10 (FCI template) 84 08 (Application DF name) A000000003000000 A5 04 (Proprietary data) 9F65 01 (Maximum length of data field in command message) FF (256) 9000 (status=no error)
With that type of card, the concept of files does not really exist by default (so just selecting a file and reading/writing to it won't normally work). Instead this card contains Java-based applications that you can interact with using APDU commands.
So the typical flow to interact with an application would be:
SELECT an application based on its AID (application identifier). In terms of ISO 7816-4, the AID can be seen as a DF name and you issue a SELECT command for that specific DF name.
Send arbitrary APDUs (according to ISO 7816-4, with either inter-industry or proprietary coding) to the selected application.
The Java-based (actually JavaCard-based, where JavaCard is an extended sub-set of the Java language) application receives the command, decodes and processes it and generates a response.
The card sends the application's response back to the reader.
Now there is several possiblities:
The card is pre-prorgammed for a specific purpose and you don't have the keys to access the card manager.
In that case, you would need to know how to interface the application that's on the card. Ideally, the application documentation would show you what AID you need to select and what commands you can send.
The card is pre-programmed for a specific purpose but you do have the keys to access the card manager -- and, of course, you do not want to use the pre-programmed application but want to use your own application (otherwise the same as in 1. applies).
In that case, you could create your own JavaCard application (or use some ready-made application that fits your purpose) and install it onto the card (e.g. using open tools like GPShell). Then you can access the card using the interface you defined yourself.
The card is not pre-programmed for a specific purpose and you do have the keys to access the card manager.
In that case, the only option you have is to create your own application as in 2.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With