Check PIN using keypad and some smartcardio-classes are different?
Hello,
I started testing with javacards a few weeks ago. I started using the OCF in my application, but now I want to use the Java6-classes, but I am new to this.
My first problem: there are different classes in the java docs online then in my java6. E.g. I do not have a class called CardTerminals. factory.terminals() returns a List<CardTerminal>.
Do I use the wrong Environment?
My second question: how can I ask for my cards PIN? For entering it I want to use my card-readers (Kobil Kaan Advanced) pinpad.
Thank you in advance for any help,
Susanne
# 1
I use the javadocs found a the JSR site. I don't believe since this is a javax class that it made it into the JDK6 release. (javax are extensions that aren't necessarily part of the Sun JDK release. Also since it's an extension you may want to extend it further)
As far as PIN, your applet manages the PIN. So you'll need to write middleware, hence the JSR, to prompt for a PIN. Pass that PIN to the selected applet.
Susanne,
I'm glad to see you are using the JSR-268 APIs !!!!
# 2
I have to correct myself. I do not have any problem to verify my pin. I only cannot enter the pin via my card-readers pinpad. I thought the method transmitControlCommand(int controlCode, byte[] command)
should be used, but I do not know how.
Or do I have to use PC/SC2 or CT_API to use a card-readers pinpad?
Susanne
Message was edited by:
susikaufmann
# 4
Ok, but what CommandAPDU do I have to use, so the terminals keypad gets "asked"? I took a look at the ISO/IEC 7816-4 to build a apdu command, but it is all a little bit confusing to me :(.
I know have got an APDU that orders the card to verify the given PIN, but still without the PINpad :(
byte [] pin = "0000".getBytes();
byte arg0 = (byte)0x01;
byte arg1 = (byte)0x20;
byte arg2 = (byte)0x00;
byte arg3 = (byte)0x00;
CommandAPDU command = new CommandAPDU(arg0, arg1, arg2, arg3, pin, 2);
ResponseAPDU request = channel.transmit(command);
# 6
Oh...ok, my misunderstanding. But....is this way secure? Perhaps "prompt" was the wrong expression. I want, that the user has to enter his PIN with the build-in pinpad. I am not sure, but isn'T it that way, that the entered pin is not send back to my application? Because then the pinpad would be senseless and i could use the pcs keyboard.
So I thought there is an (apdu)command, that "says" to the cardreader: let the user enter his PIN (my cardreader then makes a "beep" and you can enter the pin via pinpad). After that the card sends back "ok" (90 00 or so). So the application can continue.
The "prompt" I thought of, should never get the real numbers from the pinpad, but only displays * or so when a key is pressed on keypad.
