我正在尝试在 iOS 8.1 上使用 Grabba 从军用 ID CAC 中读取 CHUID。
我期待得到成功的回应。首先我运行 SelectPIV。我得到 0x61 & 0x18 作为状态字。然后我使用响应中的状态字 2 来安装 Get Response 命令。
我期待获取响应时出现 0x61。相反,我收到 0x69 和 0x85 。然后我运行一个 selectCHUID 命令。我希望收到 0x61。相反,我收到 0x6D,我的引用代码将其标记为“错误指令”。
无论我发送它们的顺序如何,我都会收到这 3 个命令的相同状态字。使用默认初始化和使用 installGetResponseCommand 和来自响应 SW2 的第二个状态字 LE 的自定义初始化,我得到相同的结果。
我的公司已在其他平台上成功使用此代码,并在同一 CAC 卡上使用其他设备扫描仪。只有使用 iOS 上的 Grabba,我们才能看到这些结果。
- (void)setupAPDUCommands {
unsigned char selectBytes[] = { 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, 0x10, 0x00};
self.selectPIVCommand = [[GRGrabbaCommandAPDU alloc] initWithCLA:0x00
INS:0xA4
P1:0x04
P2:0x00
Data:[NSData dataWithBytes:selectBytes length:9]
Error:nil];
unsigned char chuidBytes[] = { 0x5C,
0x03,
0x5F,
0xC1,
0x02};
self.CHUIDCommand = [[GRGrabbaCommandAPDU alloc] initWithCLA:0x00
INS:0xCB
P1:0x3F
P2:0xFF
Data:[NSData dataWithBytes:chuidBytes length:5]
Le:0
Error:nil];
self.getResponseCommand = [[GRGrabbaCommandAPDU alloc] initWithCLA:0x00
INS:0xC0
P1:0x00
P2:0x00
Data:nil
Le:0x02 Error:nil];
}
- (UInt8)exchangeAPDUCommand:(GRGrabbaCommandAPDU *)command {
self.promptLabel.text = [command.data description];
NSLog(@"***EXCHANGING APDU COMMAND***");
NSLog(@"CLA: %@", [self stringFromUint:command.cla]);
NSLog(@"INS: %@", [self stringFromUint:command.ins]);
NSLog(@"P1: %@", [self stringFromUint:command.p1]);
NSLog(@"P2: %@", [self stringFromUint:command.p2]);
NSLog(@"LC: %@", [self stringFromUint:command.lc]);
NSLog(@"Data: %@", command.data);
NSLog(@"LE: %@", [self stringFromUint:command.le]);
self.currentCommand = command;
NSError *error;
self.session = [[[GRGrabba sharedGrabba] smartcard] startSession:&error] ;
[SVProgressHUD showErrorWithStatus:[NSString stringWithFormat:@"Session started: %@", error.description]];
GRGrabbaResponseAPDU *response = [[GRGrabbaResponseAPDU alloc] initWithData:nil SW1:0 SW2:0];
NSError *e2;
[self.session exchangeAPDUCommand:command withResponse:response error:&e2];
NSLog(@"***APDU COMMAND EXCHANGED***");
NSLog(@"SW1: %@", [self stringFromUint:response.sw1]);
NSLog(@"SW2: %@", [self stringFromUint:response.sw2]);
[self processSmartCardScan:response];
return response.sw1;
}
- (void)viewDidLoad {
[super viewDidLoad];
[self initializeGrabba];
[self setupAPDUCommands];
}
- (void)initializeGrabba {
GRGrabba *grabba = [GRGrabba sharedGrabba];
grabba.barcode.delegate = self;
grabba.buttons.delegate = self;
grabba.smartcard.delegate = self;
}
- (IBAction)selectPivTapped {
[self exchangeAPDUCommand:self.selectPIVCommand];
}
- (IBAction)readCHUIDTapped {
[self exchangeAPDUCommand:self.CHUIDCommand];
}
- (IBAction)getResponseTapped {
[self exchangeAPDUCommand:self.getResponseCommand];
}
- (void)installGetResponseCommand:(GRGrabbaResponseAPDU *)response {
self.getResponseCommand = [[GRGrabbaCommandAPDU alloc] initWithCLA:0x00
INS:0xC0
P1:0x00
P2:0x00
Data:nil
Le:response.sw2
Error:nil];
}
- (void)processSmartCardScan:(GRGrabbaResponseAPDU *)response {
self.statusLabel.text = [NSString stringWithFormat:@"%i %i %@", response.sw1, response.sw2, response.rData];
if (self.currentCommand == self.selectPIVCommand) {
[self installGetResponseCommand:response];
} else if (self.currentCommand == self.CHUIDCommand) {
self.mutableScanData = [NSMutableData data];
if (response.sw1 == 0x61 || response.sw1 == 0x90) {
[self.mutableScanData appendData:response.rData];
[self exchangeAPDUCommand:self.getResponseCommand];
}
} else if (self.currentCommand == self.getResponseCommand) {
if (response.sw1 == 0x61) {
//recreate get response dynamically
[self.mutableScanData appendData:response.rData];
[self exchangeAPDUCommand:self.getResponseCommand];
} else if (response.sw1 == 0x90) {
[self.mutableScanData appendData:response.rData];
[self processExtractedSmartCardData:self.mutableScanData];
} else {
[self alertUserOfFailedScan];
}
}
}
最佳答案
尝试删除 SELECT PIV APDU 的最后两个字节:
unsigned char selectBytes[] = { 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00};
self.selectPIVCommand = [[GRGrabbaCommandAPDU alloc] initWithCLA:0x00
INS:0xA4
P1:0x04
P2:0x00
Data:[NSData dataWithBytes:selectBytes length:7]
Error:nil];
在获取响应命令中,Le 应该为零。
关于ios - 在 iOS 上使用 Grabba 从军事 CAC 读取 CHUID?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31567296/