Is there any way to open all logical channels by default?

Question

Here there is a simple test applet that I've wrote and installed on my Javacard as "default selected applet". As you see, it throw 0x6a6a on reception of any APDU command with INS = 0X00:

package testPack;

import javacard.framework.*;

public class TestApplet extends Applet implements MultiSelectable
{
    public boolean select(boolean appInstAlreadySelected) { 
        return true;
    }

    public void deselect(boolean appInstStillSelected) { 
    }
    public static void install(byte[] bArray, short bOffset, byte bLength) 
    {
        new TestApplet().register(bArray, (short) (bOffset + 1), bArray[bOffset]);
    }

    public void process(APDU apdu)
    {
        if (selectingApplet())
        {
            return;
        }

        byte[] buf = apdu.getBuffer();
        switch (buf[ISO7816.OFFSET_INS])
        {
        case (byte)0x00:
            ISOException.throwIt((short)0x6A6A);
            break;
        default:
            ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
        }
    }

}

As you see below, after a card warm reset, I sent some APDU commands to the card:

Reset successful.

Send: 00 00 00 00 01
Recv: 6A 6A

Send: 10 00 00 00 01
Recv: 6A 6A

Send: 80 00 00 00 01
Recv: 6A 6A

Send: E0 00 00 00 01
Recv: 68 81  <====

Question 1: Why I receive 0x6881 for CLA = 0XE0?

And below you can see another sequence of commands after a card warm reset:

Reset successful.

Send: 00 00 00 00 00
Recv: 6A 6A

Send: 01 00 00 00 00  // Try to send commands with logical channel 1 instead of 0
Recv: 68 81  //Error because the channel is not open.

Send: 00 70 00 01 00  // Opening the channel with MANAGE CHANNEL APDU command
Recv: 90 00

Send: 01 00 00 00 00
Recv: 6A 6A

Send: 11 00 00 00 00
Recv: 6A 6A

Send: 81 00 00 00 00
Recv: 6A 6A

Send: E1 00 00 00 00 
Recv: 68 81  <== Same Error as before!

Question 2: Is there any way to make all logical channels open by default? I mean is there any way to delete the MANAGE CHANNEL APDU command from the sequence?

Question 3: Why CLA = 0xE1 returns 0x6881?

Question 4: My applet is the default selected applet. So I except my applet to receive all APDU commands other than SELECT APDU command instead of Card Manager (Security Domain). So does MANAGE CHANNEL APDU command work? I mean, Why Card Manager receive that command instead of my applet? Which commands will be parsed by Card Manager instead of my applet?

Answer 1

According to ISO 7816-4 Section 5 Clause 5.4.1 Class byte, the CLA byte D0 to FE should be handled independently.

Coding and meaning of nibble X in the class byte should not be just interpreted as SM, Chaining or Logical Channel information. It can be anything.

Therefore, it should be a way to handle the CLA byte 'manually', instead of just getting 6881 byte default.

Answer 2

All your answers are given in the Java Card Runtime Environment Specification(JCRE)!
You should read Chapter 4: "Logical Channels and Applet Selection"

• Regarding Question 1: What logcial Channel is this class byte referring to?
• Regarding Question 2: Logical Channels can be opened either by a SELECT or by a MANAGE CHANNEL command(read the spec for all specifics).

I mean is there any way to delete the MANAGE CHANNEL APDU command from the sequence?

No.

• Regarding Question 3: What logcial Channel is this class byte referring to?
• Regarding Question 4: You are trying to do something that does not comply with the Java Card idea. You should read the JCRE spec, to have an understanding what commands are interpreted by the card manager for what reason.

Answer 3

Though there are so many questions you have asked, but here are some of my views on it.

Question 1: Why I receive 0x6881 for CLA = 0XE0?

Behavior of card is fine.

• The CLA byte has bit8: 1 (Proprietary Class Space)
• The CLA byte has bit7: 1 (Type 16, SM, last or only command in chain)

In short, not every command is directly send to the selected applet (or default selected here in your case). It is pre-processed by JC-Runtime.

Only commands with class byte as '0X' '8X' '9X' 'AX' are forwarded to the selected applet.

Question 2: Is there any way to make all logical channels open by default? I mean is there any way to delete the MANAGE CHANNEL APDU command from the sequence?

No, you have to open them individually.

Question 3: Why CLA = 0xE1 returns 0x6881?

Same reason as question 1.

My applet is the default selected applet. So I except my applet to receive all APDU commands other than SELECT APDU command instead of Card Manager (Security Domain). So does MANAGE CHANNEL APDU command work? I mean, Why Card Manager receive that command instead of my applet? Which commands will be parsed by Card Manager instead of my applet?

SELECT APDU and MANAGE CHANNEL APDU is always processed by JCRE and if required (like in SELECT APDU), it is forwarded to the respected applet.