智能卡中的逻辑通道
好用户
下面的图片是输出pcsc_scan在Ubuntu的,当你在看ATR分析,我java卡支持3逻辑信道。
这是ISO 7816-4的一部分,提到CLA中的低半字节,指示逻辑通道号:
问题是:为什么当我想通过除基本逻辑通道之外的另一个逻辑通道发送INITIAL-UPDATE APDU命令时,它失败了?
使用CLA = 80[基本逻辑通道]进行初始更新
< 80 50 00 00 08 00
< 00 00 00 00 00 00 00 00
> 611C
< 00 C0 00 00 00 1C
> 00 11 60 01 03 8A 79 0A F9 FF 02 00 35 F3 92 EC 2B 6F F5 10 2E BD 74 41 2F 25 B4
> 90 00
使用CLA = 81 or 82[补充逻辑通道]进行初始更新
< 81 50 00 00 08 00
< 00 00 00 00 00 00 00 00
> 6881
< 82 50 00 00 08 00
< 00 00 00 00 00 00 00 00
> 6881
As you see, I received SW = 6881, [= Logical channel not supported]. why?
Update :
"If a javacard has two/three logical channel, that mean we can select two/three applet in simultaneously", And is this right? if yes, what is other benefits of having more than one channel? if no, what is this channels for?
Maarten Bodewes
It rather depends on the interpretation of ISO 7816-4 how this is handled. ISO 7816-4 specifies very little about the internal state of smart cards. It is certainly sufficiently vague to leave this specific issue open to interpretation.
Now normally you can have multiple logical channels by using the MANAGE CHANNEL (INS = 70h) APDU. You cannot simply switch over to another channel by specifying the bits in the CLA byte; the channel needs to be open first. Furthermore, it isn't said that the authentication or file system state is taken over by the new channel.
You should see the logical channel as an option to run multiple applications at the same time, where the logical channels are used to interleave commands over the single (half-duplex) communication channel. This is useful if you have different services requiring smart card communication on your terminal (PC).
Obviously logical channels have big drawbacks; you need to keep state for each logical channel. Possibly, you may need to mix state as well (i.e. a PIN VERIFY may be used for both channels). This is very specifically an issue with regards to transient memory (RAM) usage.
Normally you see only cards with 2 logical channels. Most of the time, only one of them will be used. 99% of the time it is better to only allow exclusive access to a single service, and let the smart card services run in sequence. Note that many cards now run at 30 MHz or over, but still have only 8 KiB of RAM in total.
您可以尝试使用MANAGE CHANNEL,但可能是您的ATR对您说谎,并且并非所有应用程序都支持逻辑通道(例如Global Platform Card Manager)。还要注意,Global Platform使用专有的APDU命令/响应(在CLA中设置的最高位= 80h),因此正式而言,您仅需要参考Global Platform规范。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
编辑于
相关文章
Related 相关文章
- 1
智能卡中的多线程和逻辑通道
- 2
智能卡发行
- 3
如何使用存储在智能卡中的密钥生成CSR
- 4
回复智能卡中T = 1的区块链
- 5
如何在SCOSTA智能卡中创建EF
- 6
智能卡中不同类型的序列号
- 7
在Chrome中安装智能卡阅读器
- 8
回复智能卡中T = 1的区块链
- 9
智能卡CMS解密
- 10
智能卡相互认证
- 11
智能卡访问速度
- 12
读取智能卡的UID
- 13
EMV智能卡TLV格式错误?
- 14
编写和读取智能卡的证书
- 15
智能卡及其文件
- 16
PCSC-智能卡获取UID
- 17
智能卡阅读器命名
- 18
如何从智能卡获取CPLC数据?
- 19
处理智能卡文件结构
- 20
什么是特定的智能卡传输协议?
- 21
通过RDP使用智能卡(Raspberry)
- 22
如何读写未知的智能卡?
- 23
智能卡读卡器命名
- 24
处理智能卡文件结构
- 25
斯洛伐克eVRC智能卡(AID)
- 26
尝试使用智能卡签名pdf
- 27
Firefox智能卡证书导入错误
- 28
智能卡:无法获得 ATR
- 29
智能卡无法获得 ATR
我来说两句