locked
How to access a USB security token with windows smart card API functions RRS feed

  • Question

  • Hi experts,

    I know that a USB security token is basically a combination of a card reader and a smart card in one device. (plz correct me if I'm wrong)

    But I've found that functions listed in windows smart card API are only for accessing external card readers. And there is none for a USB communication interface. I tried the SCardConnect function but failed.

    So my scenario is a bit different from the smart card architecture provided by microsoft . In my case, I don't have readers to deal with. Therefore, I need some other functions to tell resource manager (or more precisely, smart card subsystem) to access my USB security token.

    PS: I'm developing application for windows XP.

    Any help would be much appreciated!

    Z.Zen

    Wednesday, June 9, 2010 3:47 AM

Answers

  • Hi,

    All major USB token manufacturers either provide PC/SC drivers for their tokens or they make them CCID compliant so they can be used through Microsoft CCID PC/SC driver. In all cases, USB tokens are accessed through WINSCARD API much like standard PC/SC smart card readers.

    What is the provider of your USB token? Did you ask them for its PC/SC driver?
    Are you sure the USB token you have is indeed a security token with an embedded  smart card chip and not just some secure memory token with a proprietary interface?

    Cheers,
    --
    Mounir IDRASSI
    IDRIX
    http://www.idrix.fr

    • Marked as answer by Z.Zen Saturday, June 12, 2010 3:18 AM
    Thursday, June 10, 2010 5:20 PM

All replies

  • Hi,

    All major USB token manufacturers either provide PC/SC drivers for their tokens or they make them CCID compliant so they can be used through Microsoft CCID PC/SC driver. In all cases, USB tokens are accessed through WINSCARD API much like standard PC/SC smart card readers.

    What is the provider of your USB token? Did you ask them for its PC/SC driver?
    Are you sure the USB token you have is indeed a security token with an embedded  smart card chip and not just some secure memory token with a proprietary interface?

    Cheers,
    --
    Mounir IDRASSI
    IDRIX
    http://www.idrix.fr

    • Marked as answer by Z.Zen Saturday, June 12, 2010 3:18 AM
    Thursday, June 10, 2010 5:20 PM
  • Thanks Mounir,

    I tried CCID compliant driver but got no luck. Thanks for pointing out that the buttom line is that without a PC/SC driver from the manufacturer, there is no other ways to access the device. (correct me if I get this wrong.)

    The provider of my USB token is kinda "vague" on the driver. It's probably a miscommunication. I will try to talk them again.

    Really appreciate your help!

    Z.Zen

    Saturday, June 12, 2010 3:18 AM
  • Hai Every body,

     

    I want to read the information (ICCID,IMSI..) from SIMCARD by OMNIKEY 3121, Any one to help me pls give me an answer if you can pls send a solution to my email ID aboobackerpm@gmail.com....... Its very urgent it will be very thankfull

     

    Thanks in Advance.....

    Friday, April 22, 2011 2:39 PM
  • Hi,

    The ICCID is stored in the EF 0x2FE2 under the MF (0x3F00) whereas the IMSI is store in the EF 0x6F07 under DF GSM (0x7F20). The IMSI EF is generally protected by CHV1 so you have to verify the PIN before attempting to read it.
    Moreover, once you have read the content of these EFs, you will need to remove the padding (if present) and swap the nibbles before getting the real values for ICCID and IMSI.


    Here is a sequence of APDU command that you can send in order to retreive the content of these EFs :

    A0 A4 00 00 02 3F 00                             // Select MF
    A0 A4 00 00 02 2F E2                             // Select ICCID EF
    A0 B0 00 00 0A                                     // Read the 10 bytes of ICCID EF
    A0 A4 00 00 02 7F 20                            // Select DF GSM
    A0 A4 00 00 02 6F 07                            // Select IMSI EF
    A0 20 00 01 08 31 32 33 34 FF FF FF FF   // Verify PIN, here "1234"
    A0 B0 00 00 09                                     // Read the 9 bytes of IMSI EF

     

    I have developed a small tool the reads the ICCID and the IMSI of a SIM card and displays it. You can get here : http://www.idrix.fr/Root/Samples/SimCardManager.zip
    A screenshot is here : http://www.idrix.fr/Root/Samples/SimCardManager.jpg

    I hope this will help.
    --
    Mounir IDRASSI
    IDRIX
    http://www.idrix.fr


    Mounir IDRASSI IDRIX http://www.idrix.fr
    Wednesday, May 4, 2011 2:24 AM
  • Hi,

    I have update the SimCardManager tool with new features :

    • Reading the adress book (ADN)
    • Reading the fixed dialing list (FDN)
    • Reading the SMSs stored in the SIM
    • Exporting ADN, FDN and SMSs to a text file.

    This free tool is always available at the same URL : http://www.idrix.fr/Root/Samples/SimCardManager.zip
    The binary file is digitally signed, so you can check its integrity but looking at the file properties  (mouse right click -> Properties -> Digital Signatures).

    You can see below its new GUI.

    Cheers,
    --
    Mounir IDRASSI
    IDRIX
    http://www.idrix.fr


    Mounir IDRASSI - IDRIX - http://www.idrix.fr


    Saturday, March 9, 2013 5:40 AM
  • Hi,

    I have release the source code of SimCardManager under GPLv2 license on CodePlex and SourceForge.

    Here are the links :

    Feel free to propose ideas or send patches.

    Cheers,
    --
    Mounir IDRASSI
    IDRIX
    http://www.idrix.fr


    Mounir IDRASSI - IDRIX - http://www.idrix.fr

    Saturday, June 29, 2013 5:09 AM