A user reported a problem with a GnuPG v2 card and a OmniKey 4321 ExpressCard smart card reader. The same card works fine with a SCM SCR33x reader.
The card ATR is:
According to the GnuPG v2 specification:
Reader (informative)
The important point is highlighted. Of course you do not read the card user manual before buying a smart card reader for your card. And the notion of "Extended length" can be quiet obscure for a user.
The difference between the two readers is that:
I tried to document the problems with extended APDU in a special page Extended APDU support of the CCID driver.
But this is also obscure for a normal smart card user.
One major problem is that an application at the PC/SC level has no way to know if the reader does or does not support extended APDU.
I tried to propose a mechanism so that an application can know if the reader support extended APDU. The idea is that the application can display a human readable error message. That would avoid me to receive bug reports. But the idea was more or less refused by the PC/SC workgroup. Short APDU should be defined before defining extended APDU. And short APDU are not yet defined by the PC/SC workgroup :-(
One day I will blog about the PC/SC workgroup.
GnuPG v2 card
The card ATR is:
3B DA 18 FF 81 B1 FE 75 1F 03 00 31 C5 73 C0 01 40 00 90 00 0C and is known as GnuPG card V2.According to the GnuPG v2 specification:
Reader (informative)
- A common driver (CCID, PC/SC or CT-API) shall be supported.
- The driver should be available for several platforms (e.g. Win32, Linux, Macin
tosh) - T=1 and T=0 shall be supported for cards with contacts.
- High-Speed protocols should be supported.
- Extended length shall be supported.
The important point is highlighted. Of course you do not read the card user manual before buying a smart card reader for your card. And the notion of "Extended length" can be quiet obscure for a user.
Extended length APDU
The difference between the two readers is that:
- The OMNIKEY CardMan 4321 is a "Short APDU level exchange" reader
- The SCM Microsystems Inc. SCR33x USB Smart Card Reader is a "TPDU level exchange" reader
I tried to document the problems with extended APDU in a special page Extended APDU support of the CCID driver.
But this is also obscure for a normal smart card user.
PC/SC and extended APDU
One major problem is that an application at the PC/SC level has no way to know if the reader does or does not support extended APDU.
I tried to propose a mechanism so that an application can know if the reader support extended APDU. The idea is that the application can display a human readable error message. That would avoid me to receive bug reports. But the idea was more or less refused by the PC/SC workgroup. Short APDU should be defined before defining extended APDU. And short APDU are not yet defined by the PC/SC workgroup :-(
One day I will blog about the PC/SC workgroup.
Conclusion
Extended APDU are more and more common. Maybe I should add a clear indication of the support or not of extended APDU in the reader matrix. If you have an idea of logo or presentation then just tell me.
This is dummy text. It is not meant to be read. Accordingly, it is difficult to figure out when to end it. But then, this is dummy text. It is not meant to be read. Period.
ConversionConversion EmoticonEmoticon