Hello. I have some Card-Terminals with PinPad (Class 2 and Class 3). I try to do a PIN Verification and send a "Perform Verification"-APDU ("20 18 01 00 ...") to my Readers. It seems to me they don't reach it, because they were never be processed by the Terminals. I don't know where's the reason for that (ccid or pcsc), but please can you enable that on Mac OS X. Greetings Chris -- This e-mail is digital signed. If your e-mail-application doesn't support the verification of digital signatures, just ignore the signature-file.
On Aug 24, 2009, at 8:15 AM, Chris Hauser wrote:
Hello.
I have some Card-Terminals with PinPad (Class 2 and Class 3). I try to do a PIN Verification and send a "Perform Verification"-APDU ("20 18 01 00 ...") to my Readers. It seems to me they don't reach it, because they were never be processed by the Terminals.
I don't know where's the reason for that (ccid or pcsc), but please can you enable that on Mac OS X.
Greetings Chris
Chris, The current CCID Class Driver does not support PinPad Readers as far as the *PinPad* goes, but would support it as a standard reader if it were built on one of the mechanisms supported by the CCID Class Driver. The list of Readers (which I need to get up and maintain on the Wiki) that work with the SmartCardServices is included at the end of this message. You did not state which reader(s) you are working with. - Shawn __________________________________________________ Shawn Geddis geddis@mac.com Security Consulting Engineer MacOSForge Project Lead: Smart Card Services Web: http://smartcardservices.macosforge.org/ Lists: http://lists.macosforge.org/mailman/listinfo __________________________________________________ Gemplus Gem e-Seal Pro Gemplus GemPC Twin Gemplus GemPC Key Gemplus GemPC Pinpad Gemplus GemCore POS Pro Gemplus GemCore SIM Pro Gemplus GemPC Express Gemplus GemPC433 SL Smart Enterprise Guardian Verisign Secure Token VeriSign Secure Storage Token SCM SCR 331-DI SCM SCR 333 SCM SCR 335 SCM SCR 3310 SCM SCR 3320 SCM SCR 3340 ExpressCard54 SCM SCR 3310 NTTCom Axalto Reflex USB v3 SCM SCR 3311 SCM SCR 331-DI NTTCom SCM SDI 010 SCM SCR 331 SCM SCR 355 SCM SPR 532 OmniKey CardMan 1021 OmniKey CardMan 3121 OmniKey CardMan 3621 OmniKey CardMan 3821 OmniKey CardMan 4321 OmniKey CardMan 5121 OmniKey CardMan 5125 OmniKey CardMan 5321 OmniKey CardMan 6121 Teo by Xiring C3PO LTC31 C3PO TLTC2USB C3PO LTC32 USBv2 with keyboard support C3PO KBR36 C3PO LTC32 C3PO TLTC2USB ActivCard USB Reader 3.0 Activkey Sim Silitek SK-3105 Dell keyboard SK-3106 Dell smart card reader keyboard Cherry XX33 Cherry XX44 Cherry ST1044U Cherry SmartTerminal ST-2XXX Cherry SmartBoard XX1X ACS ACR 38U-CCID O2 Micro Oz776 O2 Micro Oz776 KOBIL KAAN Base KOBIL KAAN Advanced KOBIL KAAN SIM III KOBIL EMV CAP - SecOVID Reader III KOBIL mIDentity KOBIL mIDentity Eutron Digipass 860 Eutron SIM Pocket Combo Eutron Smart Pocket Eutron CryptoIdentity Eutron CryptoIdentity Athena ASE IIIe Athena ASEDrive IIIe KB SmartEpad Winbond HP USB Smart Card Keyboard HP USB Smartcard Reader id3 CL1356D id3 CL1356A HID Alcor Micro AU9520 RSA SecurID Fujitsu Siemens SmartCard Keyboard USB 2A Fujitsu Siemens SmartCard USB 2A Sitecom USB simcard reader MD-010 SchlumbergerSema Cyberflex Access Philips JCOP41V221 SafeNet IKey4000 GnD CardToken 350 GnD CardToken 550 Lenovo Integrated Smart Card Reader Charismathics token Blutronics Bludrive II CCID Covadis Alya Covadis Vega Vasco DP905 Validy TokenA sl vt Pro-Active CSB6 Ultimate OCS ID-One Cosmo Card ActivCard USB Reader 2.0 C3PO LTC31 Reiner-SCT cyberJack pinpad(a)
Am 24.08.2009 um 19:00 schrieb Shawn A. Geddis:
On Aug 24, 2009, at 8:15 AM, Chris Hauser wrote:
Hello.
I have some Card-Terminals with PinPad (Class 2 and Class 3). I try to do a PIN Verification and send a "Perform Verification"-APDU ("20 18 01 00 ...") to my Readers. It seems to me they don't reach it, because they were never be processed by the Terminals.
I don't know where's the reason for that (ccid or pcsc), but please can you enable that on Mac OS X.
Greetings Chris
Hi Shawn.
The current CCID Class Driver does not support PinPad Readers as far as the *PinPad* goes,
That's really bad. Do you plan to implement pinpad-support? Where can i find a wishlist for the CCID-Driver? Or start a petition? What's the problem to give those APDUs to the Reader instead the Card?
but would support it as a standard reader if it were built on one of the mechanisms supported by the CCID Class Driver.
But that's needless in Applications or Situations where a Pinpad- -Terminal is required. Like Secoder-Banking. Or when a customer (card-owner) stands on the other Side of the Desk like eGK (German- -Health-Cards), ePA (German eID), Clubcards, etc.
The list of Readers (which I need to get up and maintain on the Wiki) that work with the SmartCardServices is included at the end of this message. You did not state which reader(s) you are working with.
I know this list: <http://pcsclite.alioth.debian.org/supported.html> So i thought if it's listed as a "supported" Cardreader, like the Cherry ST-2000, SCM SCR532, Gemalto GemPCPinpad, etc. it even supports the features like PIN Verification and PIN Modification. Chris -- This e-mail is digital signed. If your e-mail-application doesn't support the verification of digital signatures, just ignore the signature-file.
2009/8/24 Chris Hauser <chris@cat-box.de>:
Am 24.08.2009 um 19:00 schrieb Shawn A. Geddis:
The current CCID Class Driver does not support PinPad Readers as far as the *PinPad* goes,
In fact the CCID driver _does_ support pinpads. You have to follow PC/SC v2 part 10.
What's the problem to give those APDUs to the Reader instead the Card?
That is not how the pinpad mechanism is supposed to work. You should read PC/SC v2 part 10 [1]. You can also have a look at my sample [2]. Do not reuse code from the sample unless you also use the GNU GPL license. Bye [1] http://pcscworkgroup.com/specifications/specdownload.php [2] http://svn.debian.org/wsvn/pcsclite/trunk/Drivers/ccid/examples/scardcontrol... -- Dr. Ludovic Rousseau
Am 25.08.2009 um 09:44 schrieb Ludovic Rousseau:
2009/8/24 Chris Hauser <chris@cat-box.de>:
Am 24.08.2009 um 19:00 schrieb Shawn A. Geddis:
The current CCID Class Driver does not support PinPad Readers as far as the *PinPad* goes,
In fact the CCID driver _does_ support pinpads. You have to follow PC/SC v2 part 10.
Is it V2? Okay! That's good know. pcscd gave me just the versionnumber 1.4.
What's the problem to give those APDUs to the Reader instead the Card?
That is not how the pinpad mechanism is supposed to work. You should read PC/SC v2 part 10 [1].
You can also have a look at my sample [2]. Do not reuse code from the sample unless you also use the GNU GPL license.
A new scardcontrol-sample. Fine. The one I tried I think was dated on 2007. I'll try it. :-) Best Regards Chris
[1] http://pcscworkgroup.com/specifications/specdownload.php [2] http://svn.debian.org/wsvn/pcsclite/trunk/Drivers/ccid/examples/scardcontrol...
-- Dr. Ludovic Rousseau
-- This e-mail is digital signed. If your e-mail-application doesn't support the verification of digital signatures, just ignore the signature-file.
Am 25.08.2009 um 09:44 schrieb Ludovic Rousseau:
2009/8/24 Chris Hauser <chris@cat-box.de>:
Am 24.08.2009 um 19:00 schrieb Shawn A. Geddis:
The current CCID Class Driver does not support PinPad Readers as far as the *PinPad* goes,
In fact the CCID driver _does_ support pinpads. You have to follow PC/SC v2 part 10.
I tried it with those PinPad-Readers: Cherry ST-2000U, SCM SPR 532 (aka Towitoko Chipdrive Pinpad), Kobil KAAN Advanced, Kobil KAAN Tribank, ReinertSCT cyberJack e-com, cyberJack secoder and cyberJack e-com plus. ...and It works! Pin Verification and Pin Modification. It really works with each of the above Readers. I'm totally amazed. :-)
What's the problem to give those APDUs to the Reader instead the Card?
That is not how the pinpad mechanism is supposed to work. You should read PC/SC v2 part 10 [1].
You can also have a look at my sample [2]. Do not reuse code from the sample unless you also use the GNU GPL license.
It works great with a little change. @@ -30,10 +30,11 @@ #ifdef __APPLE__ #include <PCSC/winscard.h> #include <PCSC/wintypes.h> +#include "reader.h" #else #include <winscard.h> -#endif #include <reader.h> +#endif You made my Day. Thank you Chris -- This e-mail is digital signed. If your e-mail-application doesn't support the verification of digital signatures, just ignore the signature-file.
participants (3)
-
Chris Hauser
-
Ludovic Rousseau
-
Shawn A. Geddis