Command APDU returning 6985 (Conditions of use not satisfied) in result












1














I am working on reading a smart card in Java. When I execute the following code below, the card returns 6985 (Conditions of use not satisfied) as a result.



  TerminalFactory factory = TerminalFactory.getDefault();
List<CardTerminal> terminals = factory.terminals().list();
System.out.println("Terminals: " + terminals);

if (terminals != null && !terminals.isEmpty()) {
// Use the first terminal
CardTerminal terminal = terminals.get(0);

// Connect with the card
Card card = terminal.connect("*");
System.out.println("card: " + card);
CardChannel channel = card.getBasicChannel();

CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C,
new byte{0002},0,0x01);

ResponseAPDU responseCheck = channel.transmit(commandApdu);
System.out.println(responseCheck.getSW1()+":"+responseCheck.getSW2()+":"+
commandApdu.toString());


The parameters provided by the client are:




  • CLA = 00

  • INS = A4

  • P1 = 00

  • P2 = 0C

  • LC = 02

  • Data = XXXX (The data passed here is File Identifier),As I want to select EF file so EFID for the file given by client is 0002










share|improve this question




















  • 3




    Are you sure you pasted the code you are trying to run? There seems to be comma missing between P1 and P2. Also your AID seems 4 (or 5) byte long, so you will not have LC=02. Also, is your DF/EF equal to 010201FF or 01000201FF? You have 0x0002 casted to byte so it will be only 0x02. In the end you have just 4 bytes (if this is supposed to be AID I guess it should be at least 5 byte long to be ISO7816-5 compliant).
    – Michal Gluchowski
    Nov 13 '18 at 15:28










  • @MichalGluchowski I have edited and corrected code but there are some queries, as I have to select file and the EF file id given for it is 0002 which should be passed as data parameter. what should be the correct APDU command for it?
    – Pheonix
    Nov 14 '18 at 6:33










  • @MichaelRoland As mentioned, File Identifier should be passed as data parameter, The value is 0002, so how should it be passed?The LC parameter is also necessary as per instruction of client.
    – Pheonix
    Nov 14 '18 at 18:19










  • You should pass it exactly as I showed you new byte{0, 2}.
    – Michael Roland
    Nov 14 '18 at 19:00










  • and what about passing LC parameter , i don't have LE parameter given by Client.@MichaelRoland
    – Pheonix
    Nov 14 '18 at 19:13


















1














I am working on reading a smart card in Java. When I execute the following code below, the card returns 6985 (Conditions of use not satisfied) as a result.



  TerminalFactory factory = TerminalFactory.getDefault();
List<CardTerminal> terminals = factory.terminals().list();
System.out.println("Terminals: " + terminals);

if (terminals != null && !terminals.isEmpty()) {
// Use the first terminal
CardTerminal terminal = terminals.get(0);

// Connect with the card
Card card = terminal.connect("*");
System.out.println("card: " + card);
CardChannel channel = card.getBasicChannel();

CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C,
new byte{0002},0,0x01);

ResponseAPDU responseCheck = channel.transmit(commandApdu);
System.out.println(responseCheck.getSW1()+":"+responseCheck.getSW2()+":"+
commandApdu.toString());


The parameters provided by the client are:




  • CLA = 00

  • INS = A4

  • P1 = 00

  • P2 = 0C

  • LC = 02

  • Data = XXXX (The data passed here is File Identifier),As I want to select EF file so EFID for the file given by client is 0002










share|improve this question




















  • 3




    Are you sure you pasted the code you are trying to run? There seems to be comma missing between P1 and P2. Also your AID seems 4 (or 5) byte long, so you will not have LC=02. Also, is your DF/EF equal to 010201FF or 01000201FF? You have 0x0002 casted to byte so it will be only 0x02. In the end you have just 4 bytes (if this is supposed to be AID I guess it should be at least 5 byte long to be ISO7816-5 compliant).
    – Michal Gluchowski
    Nov 13 '18 at 15:28










  • @MichalGluchowski I have edited and corrected code but there are some queries, as I have to select file and the EF file id given for it is 0002 which should be passed as data parameter. what should be the correct APDU command for it?
    – Pheonix
    Nov 14 '18 at 6:33










  • @MichaelRoland As mentioned, File Identifier should be passed as data parameter, The value is 0002, so how should it be passed?The LC parameter is also necessary as per instruction of client.
    – Pheonix
    Nov 14 '18 at 18:19










  • You should pass it exactly as I showed you new byte{0, 2}.
    – Michael Roland
    Nov 14 '18 at 19:00










  • and what about passing LC parameter , i don't have LE parameter given by Client.@MichaelRoland
    – Pheonix
    Nov 14 '18 at 19:13
















1












1








1







I am working on reading a smart card in Java. When I execute the following code below, the card returns 6985 (Conditions of use not satisfied) as a result.



  TerminalFactory factory = TerminalFactory.getDefault();
List<CardTerminal> terminals = factory.terminals().list();
System.out.println("Terminals: " + terminals);

if (terminals != null && !terminals.isEmpty()) {
// Use the first terminal
CardTerminal terminal = terminals.get(0);

// Connect with the card
Card card = terminal.connect("*");
System.out.println("card: " + card);
CardChannel channel = card.getBasicChannel();

CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C,
new byte{0002},0,0x01);

ResponseAPDU responseCheck = channel.transmit(commandApdu);
System.out.println(responseCheck.getSW1()+":"+responseCheck.getSW2()+":"+
commandApdu.toString());


The parameters provided by the client are:




  • CLA = 00

  • INS = A4

  • P1 = 00

  • P2 = 0C

  • LC = 02

  • Data = XXXX (The data passed here is File Identifier),As I want to select EF file so EFID for the file given by client is 0002










share|improve this question















I am working on reading a smart card in Java. When I execute the following code below, the card returns 6985 (Conditions of use not satisfied) as a result.



  TerminalFactory factory = TerminalFactory.getDefault();
List<CardTerminal> terminals = factory.terminals().list();
System.out.println("Terminals: " + terminals);

if (terminals != null && !terminals.isEmpty()) {
// Use the first terminal
CardTerminal terminal = terminals.get(0);

// Connect with the card
Card card = terminal.connect("*");
System.out.println("card: " + card);
CardChannel channel = card.getBasicChannel();

CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C,
new byte{0002},0,0x01);

ResponseAPDU responseCheck = channel.transmit(commandApdu);
System.out.println(responseCheck.getSW1()+":"+responseCheck.getSW2()+":"+
commandApdu.toString());


The parameters provided by the client are:




  • CLA = 00

  • INS = A4

  • P1 = 00

  • P2 = 0C

  • LC = 02

  • Data = XXXX (The data passed here is File Identifier),As I want to select EF file so EFID for the file given by client is 0002







java format smartcard apdu smartcardio






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 30 '18 at 9:25









Michael Roland

29.5k851108




29.5k851108










asked Nov 13 '18 at 6:16









PheonixPheonix

184215




184215








  • 3




    Are you sure you pasted the code you are trying to run? There seems to be comma missing between P1 and P2. Also your AID seems 4 (or 5) byte long, so you will not have LC=02. Also, is your DF/EF equal to 010201FF or 01000201FF? You have 0x0002 casted to byte so it will be only 0x02. In the end you have just 4 bytes (if this is supposed to be AID I guess it should be at least 5 byte long to be ISO7816-5 compliant).
    – Michal Gluchowski
    Nov 13 '18 at 15:28










  • @MichalGluchowski I have edited and corrected code but there are some queries, as I have to select file and the EF file id given for it is 0002 which should be passed as data parameter. what should be the correct APDU command for it?
    – Pheonix
    Nov 14 '18 at 6:33










  • @MichaelRoland As mentioned, File Identifier should be passed as data parameter, The value is 0002, so how should it be passed?The LC parameter is also necessary as per instruction of client.
    – Pheonix
    Nov 14 '18 at 18:19










  • You should pass it exactly as I showed you new byte{0, 2}.
    – Michael Roland
    Nov 14 '18 at 19:00










  • and what about passing LC parameter , i don't have LE parameter given by Client.@MichaelRoland
    – Pheonix
    Nov 14 '18 at 19:13
















  • 3




    Are you sure you pasted the code you are trying to run? There seems to be comma missing between P1 and P2. Also your AID seems 4 (or 5) byte long, so you will not have LC=02. Also, is your DF/EF equal to 010201FF or 01000201FF? You have 0x0002 casted to byte so it will be only 0x02. In the end you have just 4 bytes (if this is supposed to be AID I guess it should be at least 5 byte long to be ISO7816-5 compliant).
    – Michal Gluchowski
    Nov 13 '18 at 15:28










  • @MichalGluchowski I have edited and corrected code but there are some queries, as I have to select file and the EF file id given for it is 0002 which should be passed as data parameter. what should be the correct APDU command for it?
    – Pheonix
    Nov 14 '18 at 6:33










  • @MichaelRoland As mentioned, File Identifier should be passed as data parameter, The value is 0002, so how should it be passed?The LC parameter is also necessary as per instruction of client.
    – Pheonix
    Nov 14 '18 at 18:19










  • You should pass it exactly as I showed you new byte{0, 2}.
    – Michael Roland
    Nov 14 '18 at 19:00










  • and what about passing LC parameter , i don't have LE parameter given by Client.@MichaelRoland
    – Pheonix
    Nov 14 '18 at 19:13










3




3




Are you sure you pasted the code you are trying to run? There seems to be comma missing between P1 and P2. Also your AID seems 4 (or 5) byte long, so you will not have LC=02. Also, is your DF/EF equal to 010201FF or 01000201FF? You have 0x0002 casted to byte so it will be only 0x02. In the end you have just 4 bytes (if this is supposed to be AID I guess it should be at least 5 byte long to be ISO7816-5 compliant).
– Michal Gluchowski
Nov 13 '18 at 15:28




Are you sure you pasted the code you are trying to run? There seems to be comma missing between P1 and P2. Also your AID seems 4 (or 5) byte long, so you will not have LC=02. Also, is your DF/EF equal to 010201FF or 01000201FF? You have 0x0002 casted to byte so it will be only 0x02. In the end you have just 4 bytes (if this is supposed to be AID I guess it should be at least 5 byte long to be ISO7816-5 compliant).
– Michal Gluchowski
Nov 13 '18 at 15:28












@MichalGluchowski I have edited and corrected code but there are some queries, as I have to select file and the EF file id given for it is 0002 which should be passed as data parameter. what should be the correct APDU command for it?
– Pheonix
Nov 14 '18 at 6:33




@MichalGluchowski I have edited and corrected code but there are some queries, as I have to select file and the EF file id given for it is 0002 which should be passed as data parameter. what should be the correct APDU command for it?
– Pheonix
Nov 14 '18 at 6:33












@MichaelRoland As mentioned, File Identifier should be passed as data parameter, The value is 0002, so how should it be passed?The LC parameter is also necessary as per instruction of client.
– Pheonix
Nov 14 '18 at 18:19




@MichaelRoland As mentioned, File Identifier should be passed as data parameter, The value is 0002, so how should it be passed?The LC parameter is also necessary as per instruction of client.
– Pheonix
Nov 14 '18 at 18:19












You should pass it exactly as I showed you new byte{0, 2}.
– Michael Roland
Nov 14 '18 at 19:00




You should pass it exactly as I showed you new byte{0, 2}.
– Michael Roland
Nov 14 '18 at 19:00












and what about passing LC parameter , i don't have LE parameter given by Client.@MichaelRoland
– Pheonix
Nov 14 '18 at 19:13






and what about passing LC parameter , i don't have LE parameter given by Client.@MichaelRoland
– Pheonix
Nov 14 '18 at 19:13














1 Answer
1






active

oldest

votes


















1














CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0002},0,0x01);


won't do what you expect it to do.



new byte{0002} will give you a byte array with one byte of value 2. Also, the ,0,0x01); (last two parameters) will make the constructor only pick that one byte from the DATA array. So your APDU will look like this:




+------+------+------+------+------+------+------+
| CLA | INS | P1 | P2 | Lc | DATA | Le |
| 0x00 | 0xA4 | 0x00 | 0x0C | 0x01 | 0x02 | --- |
+------+------+------+------+------+------+------+


This is probably not what you expected. Did you want new byte{0, 2} instead? Using



CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2}, 256)


would result in the following APDU (note that Le is present and set to 0 (Ne = 256); Lc is automatically infered from the size of the DATA array):




+------+------+------+------+------+-----------+------+
| CLA | INS | P1 | P2 | Lc | DATA | Le |
| 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | 0x00 |
+------+------+------+------+------+-----------+------+


Or using



CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2})


would result in the following APDU (note that Le is absent (Ne = 0); Lc is automatically infered from the size of the DATA array):




+------+------+------+------+------+-----------+------+
| CLA | INS | P1 | P2 | Lc | DATA | Le |
| 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | --- |
+------+------+------+------+------+-----------+------+





share|improve this answer





















    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53274903%2fcommand-apdu-returning-6985-conditions-of-use-not-satisfied-in-result%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0002},0,0x01);


    won't do what you expect it to do.



    new byte{0002} will give you a byte array with one byte of value 2. Also, the ,0,0x01); (last two parameters) will make the constructor only pick that one byte from the DATA array. So your APDU will look like this:




    +------+------+------+------+------+------+------+
    | CLA | INS | P1 | P2 | Lc | DATA | Le |
    | 0x00 | 0xA4 | 0x00 | 0x0C | 0x01 | 0x02 | --- |
    +------+------+------+------+------+------+------+


    This is probably not what you expected. Did you want new byte{0, 2} instead? Using



    CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2}, 256)


    would result in the following APDU (note that Le is present and set to 0 (Ne = 256); Lc is automatically infered from the size of the DATA array):




    +------+------+------+------+------+-----------+------+
    | CLA | INS | P1 | P2 | Lc | DATA | Le |
    | 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | 0x00 |
    +------+------+------+------+------+-----------+------+


    Or using



    CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2})


    would result in the following APDU (note that Le is absent (Ne = 0); Lc is automatically infered from the size of the DATA array):




    +------+------+------+------+------+-----------+------+
    | CLA | INS | P1 | P2 | Lc | DATA | Le |
    | 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | --- |
    +------+------+------+------+------+-----------+------+





    share|improve this answer


























      1














      CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0002},0,0x01);


      won't do what you expect it to do.



      new byte{0002} will give you a byte array with one byte of value 2. Also, the ,0,0x01); (last two parameters) will make the constructor only pick that one byte from the DATA array. So your APDU will look like this:




      +------+------+------+------+------+------+------+
      | CLA | INS | P1 | P2 | Lc | DATA | Le |
      | 0x00 | 0xA4 | 0x00 | 0x0C | 0x01 | 0x02 | --- |
      +------+------+------+------+------+------+------+


      This is probably not what you expected. Did you want new byte{0, 2} instead? Using



      CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2}, 256)


      would result in the following APDU (note that Le is present and set to 0 (Ne = 256); Lc is automatically infered from the size of the DATA array):




      +------+------+------+------+------+-----------+------+
      | CLA | INS | P1 | P2 | Lc | DATA | Le |
      | 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | 0x00 |
      +------+------+------+------+------+-----------+------+


      Or using



      CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2})


      would result in the following APDU (note that Le is absent (Ne = 0); Lc is automatically infered from the size of the DATA array):




      +------+------+------+------+------+-----------+------+
      | CLA | INS | P1 | P2 | Lc | DATA | Le |
      | 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | --- |
      +------+------+------+------+------+-----------+------+





      share|improve this answer
























        1












        1








        1






        CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0002},0,0x01);


        won't do what you expect it to do.



        new byte{0002} will give you a byte array with one byte of value 2. Also, the ,0,0x01); (last two parameters) will make the constructor only pick that one byte from the DATA array. So your APDU will look like this:




        +------+------+------+------+------+------+------+
        | CLA | INS | P1 | P2 | Lc | DATA | Le |
        | 0x00 | 0xA4 | 0x00 | 0x0C | 0x01 | 0x02 | --- |
        +------+------+------+------+------+------+------+


        This is probably not what you expected. Did you want new byte{0, 2} instead? Using



        CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2}, 256)


        would result in the following APDU (note that Le is present and set to 0 (Ne = 256); Lc is automatically infered from the size of the DATA array):




        +------+------+------+------+------+-----------+------+
        | CLA | INS | P1 | P2 | Lc | DATA | Le |
        | 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | 0x00 |
        +------+------+------+------+------+-----------+------+


        Or using



        CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2})


        would result in the following APDU (note that Le is absent (Ne = 0); Lc is automatically infered from the size of the DATA array):




        +------+------+------+------+------+-----------+------+
        | CLA | INS | P1 | P2 | Lc | DATA | Le |
        | 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | --- |
        +------+------+------+------+------+-----------+------+





        share|improve this answer












        CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0002},0,0x01);


        won't do what you expect it to do.



        new byte{0002} will give you a byte array with one byte of value 2. Also, the ,0,0x01); (last two parameters) will make the constructor only pick that one byte from the DATA array. So your APDU will look like this:




        +------+------+------+------+------+------+------+
        | CLA | INS | P1 | P2 | Lc | DATA | Le |
        | 0x00 | 0xA4 | 0x00 | 0x0C | 0x01 | 0x02 | --- |
        +------+------+------+------+------+------+------+


        This is probably not what you expected. Did you want new byte{0, 2} instead? Using



        CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2}, 256)


        would result in the following APDU (note that Le is present and set to 0 (Ne = 256); Lc is automatically infered from the size of the DATA array):




        +------+------+------+------+------+-----------+------+
        | CLA | INS | P1 | P2 | Lc | DATA | Le |
        | 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | 0x00 |
        +------+------+------+------+------+-----------+------+


        Or using



        CommandAPDU commandAPDU = new CommandAPDU(0x00, 0xA4, 0x00, 0x0C, new byte{0, 2})


        would result in the following APDU (note that Le is absent (Ne = 0); Lc is automatically infered from the size of the DATA array):




        +------+------+------+------+------+-----------+------+
        | CLA | INS | P1 | P2 | Lc | DATA | Le |
        | 0x00 | 0xA4 | 0x00 | 0x0C | 0x02 | 0x00 0x02 | --- |
        +------+------+------+------+------+-----------+------+






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 30 '18 at 9:22









        Michael RolandMichael Roland

        29.5k851108




        29.5k851108






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53274903%2fcommand-apdu-returning-6985-conditions-of-use-not-satisfied-in-result%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            這個網誌中的熱門文章

            Xamarin.form Move up view when keyboard appear

            Post-Redirect-Get with Spring WebFlux and Thymeleaf

            Anylogic : not able to use stopDelay()