CODEWITHSUNDEEP
androidsmartcardapdusmartcard-readereid
Florien Flament
Florien Flament

Reputation: 51

Verify the PIN code of a belgian EID card on a reader with PINPAD

All my attemps to verify a PIN code on a PINPAD reader ends up in failure, here is my situation:

Setup

Situation

I've used APDU command to select and read files, to set the secure environment (MSE : SET), and after numerous research and merging of different solutions from different documentation, I can make the reader ask for my PIN code. But with my pseudo-APDU command, I receive a 69|C# response. The same process (reading files, set secure environment and verify the PIN) works fine on a USB reader with no PINPAD, so I guess that the APDU command is ok, but not the pseudo-APDU command that precedes.

Documentation used

The BEID documentation, PC/SC Spec part 10 (2.5.2) and supplement (2.2.1) and USB Smart Card devices for chapter from 6.1.11.3 to 6.1.11.6.

What did I understand?

The first part should be FF C2 01 06 for direct PIN verification on reader, followed by the size of the subsequent data. Next should follow the structure from PC/SC part 10, with:

  1. Timeout 1 & 2 (00 for default);
  2. Format (should be 89 for me, as it should be 10001001 for 1 byte offset PIN, justified left and BCD);
  3. PIN block format (should be 48 because 4 bit length included and 8 byte for the PIN block);
  4. PIN length format (04: 4 bit offset in the PIN block);
  5. Min/Max PIN length : 040C (but didn't work like that, 0404 is sure to work);
  6. Validation condition is 02 for ok button;
  7. Number of messages : 01 to use the one in the command;
  8. Language is 0409 for english;
  9. Message to display is 00 for enter PIN;
  10. 000000 because this field isn't used;
  11. The length of the final APDU command to transmit once formatted with the PIN (0000000D is my guess);
  12. And then the APDU command : 0020000108FFFFFFFFFFFFFFFF

Results

I have changed several times some values that I wasn't so sure (2, 3, 4, 11 and 12 for the padding characters already present or not), with no success, just different result codes sometimes.

What do I do wrong here ?

Thx in advance !

Upvotes: 3

Views: 1226

Answers (1)

Florien Flament
Florien Flament

Reputation: 51

After a last round of research and checkup, I found another example showing me my mistake: the PIN block ! It was 47, because it didn't include the control/effective PIN length. So the correct answer for me was :

0xFF, 0xC2, 0x01, 0x06, // Base PPDU command
0x20,                   // Length of the data
0x00,                   // timeout
0x00,                   // timeout
0x89,                   // format
0x47,                   // PIN block
0x04,                   // PIN length format
0x04,                   // Min pin size
0x04,                   // Max pin size
0x02,                   // Entry validation condition
0x01,                   // Number of messages to display
0x04, 0x09,             // English
0x00,                   // Message "Enter pin"
0x00, 0x00, 0x00,       // Non significant here
0x00, 0x00, 0x00, 0x0D, // Length of the apdu once formatted
0x00, 0x20, 0x00, 0x01, // APDU command VERIFY
0x08,                   // APDU command Data length
0x20,                   // APDU command Control data + Effective PIN length
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF // APDU command PIN + filler

Upvotes: 2

Related Questions