This discussion is archived
10 Replies Latest reply: Aug 9, 2012 3:57 AM by Valentino RSS

Read Certificate

Valentino Newbie
Currently Being Moderated
Hi,

I want to read certificate from smart card. The certificate EF have FID: 5401h + n, where 0<=n<FFh. So I select the file as new CommandAPDU(0X00, 0XA4, 0X00, 0X00, new byte[]{0x54, 0x01}), after this i read it as Binary EF with new CommandAPDU(0x00, 0xB0, 0x00, 0x00).
From response I get 256 /the response body/ bytes which are correct, but these bytes are just beginning part of the whole certificate. If i do new String( response data bytes ); i see the correct thing from the certificate.
So I guess I am missing something fundamental in reading Binary EF from smart card. Could you please tell me what I am doing wrong?

Thank you
  • 1. Re: Read Certificate
    Umer Journeyer
    Currently Being Moderated
    From response I get 256 /the response body/ bytes which are correct, but these bytes are just beginning part of the whole certificate.
    You should get 255 bytes of data in one APDU response like you are getting as T=0 protocol only supports 255 bytes of data to be sent or receive from smart card.
    If i do new String( response data bytes ); i see the correct thing from the certificate.
    what thing ? The initial part of the certificate i guess !!
  • 2. Re: Read Certificate
    Valentino Newbie
    Currently Being Moderated
    You can see the code and result HERE . This is from Eclipse Juno. On the picture the code is below the result console.
    Thank you
  • 3. Re: Read Certificate
    Umer Journeyer
    Currently Being Moderated
    You should paste your code here using
     tages                                                                                                                                                                                                                
  • 4. Re: Read Certificate
    Umer Journeyer
    Currently Being Moderated
    Also, I have pinpointed your problem that why you are not getting your whole certificate data.
  • 5. Re: Read Certificate
    Valentino Newbie
    Currently Being Moderated
    Thank you for your responses Umer. This code
                   // Select First Certificate 
                   ResponseAPDU resp4 = ch.transmit( new CommandAPDU(0X00, 0XA4, 0X00, 0X00, new byte[]{0x54, 0x01}) );
                   System.out.print("Select First Certificate status -> " + Integer.toHexString( resp4.getSW() ) + ", returned FCI -> " );EntryPoint.printBytes( resp4.getData() );
                   
                   ByteArrayOutputStream baos = new ByteArrayOutputStream();
                   // Read BINARY
                   ResponseAPDU resp5 = ch.transmit( new CommandAPDU(0x00, 0xB0, 0x00, 0x00) );
                   byte [] data = resp5.getData();
                   System.out.println("Read Binary status-> " + Integer.toHexString( resp5.getSW() ) );
                   System.out.println("Data response lenght -> " +  data.length);
                   EntryPoint.printBytes( data );
                   System.out.println("Data look -> " +  new String( data ) );
    Produces this result
    Select First Certificate status -> 9000, returned FCI -> 6f 13 80 02 08 73 82 01 01 83 02 54 01 86 06 00 01 01 ff ff 01 
    Read Binary status-> 9000
    Data response lenght -> 256
    30 82 08 6f 30 82 06 57 a0 03 02 01 02 02 04 00 99 00 88 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 82 01 0b 31 0b 30 09 06 03 55 04 06 13 02 42 47 31 0e 30 0c 06 03 55 04 08 13 05 53 6f 66 69 61 31 0e 30 0c 06 03 55 04 07 13 05 53 6f 66 69 61 31 2f 30 2d 06 03 55 04 0a 13 26 42 4f 52 49 43 41 20 2d 20 42 41 4e 4b 53 45 52 56 49 43 45 20 41 44 2c 20 45 49 4b 20 32 30 31 32 33 30 34 32 36 31 10 30 0e 06 03 55 04 0b 13 07 42 2d 54 72 75 73 74 31 23 30 21 06 03 55 04 03 13 1a 42 2d 54 72 75 73 74 20 4f 70 65 72 61 74 69 6f 6e 61 6c 20 43 41 20 51 45 53 31 27 30 25 06 03 55 04 09 13 1e 62 75 6c 2e 20 54 73 61 72 69 67 72 61 64 73 6b 6f 20 73 68 6f 73 65 20 4e 6f 20 31 31 37 31 0d 30 0b 06 03 55 04 11 13 04 31 37 38 34 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 
    Data look -> UBG10USofia10USofia1/0 BORICA - BANKSERVICE AD, EIK 20123042610UB-Trust1#0!UB-Trust Operational CA QES1'0%U     bul. Tsarigradsko shose No 1171 
    I do not understand you very well. I know that the certificate should be 2163 bytes, here iam getting the first 255/6 bytes.
  • 6. Re: Read Certificate
    Valentino Newbie
    Currently Being Moderated
    I understood what I have made wrong. I actually have not change the offset (P1) so I read only the first 256 bytes every time. I have to increment the P1 to read the next portions of 256 bytes an so on until the end. Here is the code
                   ResponseAPDU resp4 = ch.transmit( new CommandAPDU(0X00, 0XA4, 0X00, 0X00, new byte[]{0x54, cert_number}) );
                   
                   byte HI_offset = resp4.getData()[4];
                   ByteArrayOutputStream baos = new ByteArrayOutputStream();
                   byte offset = 0x00;
                   
                   while (offset <= HI_offset ){
                        
                        // Read BINARY
                        ResponseAPDU resp5 = ch.transmit( new CommandAPDU(0x00, 0xB0, offset, 0x00) );
                        baos.write( resp5.getData() );
                        offset++;
                   }
  • 7. Re: Read Certificate
    Umer Journeyer
    Currently Being Moderated
    good to hear. But can you mentioned the standard which you are using ?
  • 8. Re: Read Certificate
    Valentino Newbie
    Currently Being Moderated
    Hi,

    I'm not sure what you mean, but I use a regular Java card which adhere to ISO 7816 and global platform standards.
    If the answer is not what you expect please could you clear the question.
    Thank you
  • 9. Re: Read Certificate
    Umer Journeyer
    Currently Being Moderated
    I am sorry i could not make it clear.
    I could not see any command APDU yet which you have used to it will be good for me if you can explain that in which section of GP or ISO7816 it is mentioned.
  • 10. Re: Read Certificate
    Valentino Newbie
    Currently Being Moderated
    Umer wrote:
    I could not see any command APDU yet which you have used to
    What APDU you can not see? I have shown all my APDU commands in my posts above!
    All is mentioned in ISO 7816 part 4

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points