Embed Size (px)
Citation preview
part 1
Although they looklike any ordinary plas-
tic chipcard of thesynchronous type,
Smartcards are func-tionally very different
because they have aninternal microproces-
sor rather than just anamount of non-
volatile memory.A complete micro-
processor system byitself, the Smartcardcan only function by
means of an asyn-chronous dialogue
with a special readerunit. This article
describes such areader, which, as you
may have guessed,works in combination
with a pe.
Far less expensive than cornmerciallyavailable "development kits' I the sirn-ptified Smartcard reader described inthis first instalment of a two-part arti-ele mainl.y enables YOll to read endwrite frorn/to the majority of Smart-eards currently on the market.
HIGH-SECURITY CARDSMueh dearer than your typical (syn-chronous) chipcard, cards with aninternal microprocessor are reservedfor applications requlring either com-plex functionality, stiff security or both,
38
smartcardreader/writer
so we're talking about credit cards,cards for pay-TV, cellular radio, etc.
The drawing in Figure 1 shows aninternal structure which is used fornearly all Smarteards. Although themicroprocessor at the heart of the cir-cuit may be a special type, it is usuallyjust a "lesser" member from a well-established family.
As with just about any other chip-card, the Smartcard's main function isto guarantee the security of the datastored in its non-volatile memory.
This security is achieved by dis-abling any kind of direet access (fromthe outside) to the cantents of the cardmen1ory, as well as any read operation,write operanon. or temporary authen-tication by the internal rrucroprocessor,which is the one and onIy elementcapable of physica1 access to the mem-ory.
In practice, an instruction Is sent tothe Smartcard, and it is up to themicroprocessor on the card to decidewhether the instruction is executed crnot. For this decision the microproces-
sor looks at the security rules it hasbeen programmed to enforce.
The reply of the card to an instruc-tion typicaUy consists of a kind ofreport giving details of what happenedafter the instruction was received (andaeeepted as valid), possibly followed bya block of data which may beencrypted.
Using present-day teehnology, theabove exchange of Informationbetween the card reader and theSmarteard follows a half-duplex proto-col using a single input/output line(contact IS07 on the eard).
Although the IS07816 standardcovers a number of different comrnu-nication protocols, the card/reader dia-logue is usuaUy based on the followingparameters: 9600 bit/s, 8 data bits,1 panty bit (even), and the equivalentof at least 2 stop bits.
Although we would all very muchlike to connect these Smartcardsstraight to the PC's RS232 port, that is,alas, not possible, and there's no wayto go round a unit called "card coupler"
Elektor Electronics 12/97
to ensure compatibility between thePC port on the one hand and theSmartcard on the other.
A SIMPLIFIED COUPLER111Insiders' [argen, the term ' coupler"is often used to describe a functionwhich Figure 2 atteropts to illustrate.
A coupler has to manage a11inter-facing, electrically and functionally,between the Smartcard and a 'hostsystem'. which is typically a PC sport-ing an R5232 port.
Apart from the circuits that handlethe electrical control of the card con-tacts, a coupler can't work without aninternal microprocessor.
So, an integrated interface circuitwithout a rrucroprocessor (or micro-controller) is not, strictly speaking, acoupler, with due respect to somemanufacturers, while a coupler fittedwith a card connector is not just a cou-pier but a 'card reader'. The currenttendency is towards building couplersby linking a microcontroller to aninterface circuit which may take theform of an ASTC,or, in a simpler way,a dedicated building block such as thePhilips TDA8000.
There is no doubt that Smartcardtechnology will eventually evolvetowards a single-chip coupler whichintegrates a mask-programrned rnicro-controUer and a couple of Interface cir-cuits.
By contrast, there is no reason whyall card control functions can not behandled by the processor in the hostsystem. After all, all you have to do isgive the host system a suitable inter-face, which may be a matter of a cou-pie of discrete components.
The problem Is that writing couplercontrol softwate that complies with allstandards is highly specialised work,not within the capacity of most soft-ware developers whose aim is just toadd a card reader function to a certainproject.
As far as we are concerned, the goalis very clear: being able to perform thehighest possible nurnber of manipula-tions (of an experimental character) onthe highest posstble number of Smart-cards, using any ordinary PC
Because it wouJd be wasteful to usesuch a powerful computer as a dumbterminal only, we decided to make thecoupler as simple as possible, and shift(in a manner of speaking) a number ofits functions to the software whichruns on the PC This approach facili-tates the development of the resultingcombination without calling the'firmware" part into question.
The microcontroller in the couplercircuit, a PIC16C84, performs a num-ber of crucial functions: switching thecard contacts on and off in the properway, supplying the card clock signal,and interfacing between the bidirec-
Elektor Electronics 12/97
Figura 1. Internal strue-ture 0' a typ/eal Smart-eard (asynehronous/ntelligent ehipcard).This type 0' eh/peanlmay be eontrolled bydifferent types 0'mieroproeessor.
tional data line of the card and theTxD/RxD lines on the RS232 port.
Rather than employing a specificintegrated circuit which may suddenlygo obsolete and then into silicon obliv-Ion, the functionality of the electricalinterface is vested in a handful of dis-crete parts which handle their tasksjust fine within this context.
CIRCUIT DESCRIPTIONAll of the definitely original choicesdiscussed above contribute to the cir-cuit diagram shown in Figure 3. Leeslook at the schematic in some detail.
1t is possible to run the circuit offa single +5 V supply rail (available onpin 1 of the 15-way sub-D style jcy-stick connector), in which case youdon't fit diode D7 and capacitor C5(provided for mains adaptor power-ing), omit regulator IC4, and install awire link between the anode of DSand the output of IC4. The circuit hasa separate input marked Vpp for anoptional (external) programrrung volt-age supply.
You should be aware of the factthat a11Smartcards may, in principle,be read if the Vpp Une is held at 5 volts.Consequently, the present circuitarranges for this "default' voltage to beapplied to the Vpp input. Note, how-ever, that some very old cards (notablythose manufactured in NMOSEPROM technology) require a highervoltage for write operations and forthe retrieval of confidential codes,
Only if necessary, a simple labora-tory supply is connected to the Vpp
Figure 2. Funetionaldiagram 0' the eouplerwhieh forms the linkbetween the Smarteardinserted into thereader and the PC'sseria' port.
1501 ~ROM
(program),~I
''''ClOCK •CPU ," er (68HC705, fi-~l..\
TMS370, Yffirl RAMO--~'!!----"
8051,etc.) •~t'"
~EPROM
0'EEPAOM
cryptographlc (data)
co-processor(optlon .. l)
970068·11
1507JS031502
1506
1505
pins. The output voltage of the supplyis then set to the programming voltagerequired by the Smartcard (21 V inmost cases).
As far as the clock signal appUed tothe card is concerned. this is 'stolen'from the PIe oscillator output whichsupplies a Irequency 013.579 MHz (acheap NTSC crystal is used). This dockfrequency sets an ETU (elementarytime unit) of l04jls for most Smart-cards, and, consequently, a fixed datatransfer speed of 9600 bits per second.
According to the 1507816 standard,the microprocessor in the couplershould be in charge of setting up theprogramming voltage, V Pl" the dockfrequency, and various other parame-ters which depend on requirements'formulated' by the Smarteerd. Theseparameters, by the way, even allow thesystem to negotiate a certain protocol.
As far as the author is concerned,the ability to control these parametersdirect1y provides an interesting degreeof liberty, because it enables certainmanipulations to be performed whichare off the beaten track because theyare not normally possible on ready-made couplers.
CONSTRUCTIONRather than fitting the Smartcard con-nector on the same printed circuitboard as the coupler (Interface drcuit)proper, we decided to split the presentcard reader module into two boards:.. a coupler which is directly compat-
ible with the 9-way sub-D connec-tor of the pes RS232 port, and fit-ted with a lO-way pin header ready
~~,.."
~~I ~ I....-
~~~::: I RS232C
erectneet microcontroller interface'.Oe interface (0. slmllar)"<
8~~-,
I I I II .....,I,
I PC, ~~,, ,"', , ho8tsyalem, ,,
Interface,• • 970061l·12
39
5V os+
2x lN4148
~lSCk
5V
+
z-"e •'"'"
,ICl '" •
" "" '" •" '" '"
tü,'" '"
t t
"" '"PIC16C84 ".'" ,,,
~ + 5V
e " K''j'3 ct-
IC,
11 T1IN TIOUT "10 T2IN T20UT r
" Rl0UT R1IN ta
R20UT R21N •",
MAX232 ... ts,,-"
5V
Ier C4~1~125V
IC3 IC3 = 74HCOO
:E 970068 . 13.0~ Kl
~ SMARTCARD
"" 11>I
'" "0'" '"VSUP •• • VSUP
'" '""0 oe,
"0'"•VSUP
'"oe,K'
2 110
5V'4 vpp
+ •8 vsustu
970068 . 13b
Flgure 3, In essence,the e/ectron/cs of theSmartcard reader con-5/5tS of a ItI/crocon-troller and someperipheral c/rcultry.There 15 a phys/calseparation belweenthe unlts reterred toas 'interface/coupler'and 'connector',
to accept a mating lDe socket.... a chipcard connector mod ule which
is compatible with ISO and (rare)AFNOR format cards, also havinga lO-way pinheader for the link tothe coupler eard.
respondlng pin numbers on the twosub-boards by 10 cm or so of flatcablefitted with an IDe socket at either side.
The advantage of this arrangementls that the original card connectormodule is eesüy replaced by othermodels, for example, a miniature typeas used for GSM telephones.
In the not tao ctistant future, youSo, you get a complete Smarteerdreader simply by connecting the cor-
40
COMPONENTS LIST
Aesistors:Rl ~ 27kQR2,R8 ~ 150kQR3 ~ 1kQ8R4,Rl0 ~ 330QR5 ~ 6kQ8R6,R9 ~ 12QR7 ~ 15kQ
Capacitors:Cl-C4 = 11lF 25V radialC5 ~ 1OOI,F 63V radialC6,C7,C11,C12 ~ 100nFC8,C9 ~ 27pFClO ~ 47pF 25V radialC13 ~ 1O/,F 25V radial
Semiconductors01 ,D2 = zener diode 6V2 400mW03 ~ green LEO06 = red LEO04,05 ~ lN414807 ~ 1N4001Tl ,T3 ~ BC560T2 ~ BC547IC1 = PIC16C84 (order code
976512-1)IC2 ~ MAX232 (Maxim)IC3 ~ 74HCOOIC4 ~ 7805
Miscellaneous:K1 = Smartcard connector, 1807816
layout, with card detection switch.ITI Cannon code 160-5230, or RSComponents code 453-791.
Xl ~ 3,579545MHz quartz crystalK2 = 9-way sub-D socket, PCS
mount, angled pins.K3,K4 = 2-way PCB terminal block,
pitch 5mmK5, K6 = 10-way boxheader,
straight.Length of 10-way flatcable with 10-
way IDC socket at eitner end.JP1,JP2 = 3-way pinheader wlth
jumperPCS, disk and programmed PIC:
order code 970068·COisk only: order code 976014-1
Elektor Electronics 12/97
'-:O,.=-Kl ------,~
0~0 +
~0 ..luaw6aS ro~·e9001.6 ..
may even be able to replace the COI1-
nector with a receiver/transmitter unitcapable of cornmunicating with COI1-
tactless chip cards which are rapidlygaining acceptance.
Figure 4 supplies the copper tracklayout and component loeation plan ofthe single-sided printed circuit boarddesigned for the Smartcard reader. Th.isboard is available ready-mede through
our Readers Services, together with thepre-programmed PIC16C84 and thesoftware utilities diskette, as order code970068-C. The three components mayalso corne as part of a kit supplied toyou by one of Dur advertisers.
As you can see, the board consistsof two seetions: to the right, the sub-board with the eard connector module(I1T-Cannon) on if to the left, the sub-
Elektor Electronics 12/97
Figure 4. Copper tracklayout and componentmounting plan of thesingle-sided printedcircuit boarddesigned for theSmartcard reader(board availableready-made). Beforeyou start fitting theparts, cut the board in!wo to separate thelinterface/coupler'section from the 'eon-nector' section.
board with the coupler (interface) cir-cuit on it and the rest of the electron-ics.
There ts little to say about the actualconstruction of this project. AB a mat-ter of course, you start by separatingthe two sub-boards. Fitting the com-ponents onto these boards should bemostly plain sailing. Be sure, however,not to overlook any of the six (4 and 2)wire links on the two boards. Also con-centrate on the polarity of thepolertsed components (capacitors,diodes, LEDs and integrated circuits).Some components are mountedupright.
The 3-way pinheaders identified asJPl end JP2 allow you to choosebetween two versions of the card con-
41
nector module. The difference arisesfrom the internal card detector switch,which is either a normally open (n.o.)or a normally closed (n.c.) type. Notethat the actual jumper posittons forn.o. and n.c. are not the same on thetwo plnheaders!
The PIC rnicrocontroller comes pre-programmed through our ReadersServices or YOUT kit supplier. lf youneed it as a sepa.rate part, its ordercode is 976512-1.
ANSWER TO RESET(ATR)To be able to actually use the presentcircuit and the associated software util-ities, it is essential to know the 'Ian-guage' used by Smartcards to COID-
municate with reader units.A1though full details of this Ian-
guage are specified at length in the1507816 standard, there are only acouple of really essential points toobserve.
The first, rather fundamental, prin-ci pie involves a term you have toknow because it is frequently ueed:ATR for Answer to Reset.
After a suitable signal is applied tothe RESET contact of the card (1502)with the supply voltage and a cIocksignal present, a Smartcard normallycomplies with the standard by trans-mitting a message consisting of up to33 bytes. This message contains a cer-tain amount of normalised informa-tion which serves to enable the cou-pler circuitry to recognize the charae-teristics of the card it will becommunieating with shortly.
The very first charaeter of the AIRward is especially interesting becauseit indicates if the ensuing traffic(exchange of data) is compliant withthe straight-ISO or inverted-ISO con-ventions.
Using the 'straight' convention,bytes are Iransmitted sequentially, LSB(least significant bit) first, via the 1507eontaet, with a logic 1 represented bya 'high-impedance' state.
The 'inverted' eonvention, by con-trast. rules that the bytes are headedby the MSB (most significant bit),while logic ls are encoded as 'Iow' lev-els (0 volt).
If we use the symbol '2' to indicatethe high-impedanee state, and '1\ toindicate the Iogic low level, then thefirst character of the ATRword (indud-i.ng start bit and parity bit) may bewritten as follows:
- AZ ZAAAAAAZ
for eards of the 'inverted-ISO' type, or
- AZ ZAZ Z ZAAZ
for cards of the 'straight-ISO' type.
After conversion to hexadecimal, andobserving the relevant standard, these
Elektor Electronics 12/97
characters read 3FH and 3BH respee-tively.
Any other eharacter heading theATR sequence, or no ATR at all, shouldbe taken to mean that the eard is eitherfaulty, non-standard, or of the syn-ehronous type.
ABOUT THE SOFTWAREThe suite of smaIl programs (utilities)to be described here and in nextmonth's final instalment is available i.nthe form of executable files on a floppydisk which you may obtain throughour Readers Services, or as part of akit. The order code of the 3.5-inchdiskette Is 976014-1.
The utility ATREAD was writtenwith the rum of (1) capturing the ATRof any Smarteard which is insertedinto the reader module, (2) deterrnin-ing its standard, and (3) building a diskfile (ATR.CAR)which reflects the con-ten ts of the card.
Like aIl other programs in the"toolkit' on the disk, ATREAD is pro-vided with a security function whichprevents any risk of voltage beinguntimely applied to the card. Thissecurity provision works on the fol-lowi.ng prindples:
.. As long as the program is notstarted, the coupler is disabled fromapplying any voltage to the card,even if a eard is inserted andremoved several times.
.. Onee the program fs up and run-ning, inserting a card into thereader causes the supply voltage tobe applied. If a card is already pre-sent in the reader unit the momentthe program is launched, it has tobe removed and re-inse.rted.
.. Once the program has eompletedits task (er if it is interrupted), itarranges for the eard supply to beswitched off completely.
.. If a card is pulled from the readerunit before a communication is fin-ished. the coupler still arranges forthe eard to be switched off properly.
When a Smartcard has finished trans-mitting its Answer to Reset message,the program displays the applicebleformat and the complete ATR messagein hexadecirnal notation.
For example, in the case of a bankeard using the inverted-ISO formet,the resulting message may read
3F 65 15 OB31 04 6C 90 00,
By contrast, a Smartcard for a GSMphone ustng the strrught-ISO formatmay produce a message like this:
3B JB 11 00 00 19 Cl 01 05 00 IE 55 00 00 90 00,
alten, but not always. the ATR mes-
sage ends with 90 00. This pair of bytesgenerally indicates that a11 is weIlInside the Smartcard.
In fact, the sigruftcance of the lasttwo characters of the ATR is not regu-lated by the ISO standard. These char-acters are 'historie remnants', and theiruse is not regulated. Consequently, thecharacters may differ depending onthe applieation of the Smartcard.
The decoding of the really mean-ingful part of the ATR message is han-dled by a second software utility calledATRDEC, which employs the datastored in the file ATR.CAR (which isbasically an ASen text reprodudng theATR message in binary form).
In this way, you may discover(from the TBI parameter) the value ofthe external programming voltage (ifapplicable) which the card may requirefor write operations into the memory.The information also indudes the typeof protocol (parameter T) to use for therest of the dialogue.
T=O is the most commonly foundinformation, indicating the oldest ha.lfduplex protocol laid down in theISO 7816-3 standard (c1ause 8 to beprecise). In any case, tt is the defaultprotocol which is applied when noneis specified, and also the one sup-ported by our software utilities. A spe-cific feature of the T =0 protocoI is thatbytes are transmitted one by one.
Certain reeent applications start tomake use of the T=l protocol. whiehis based on transmission by the bleck,and, eonsequently, potentially fasterthan the T =0 protocol.
T=4 is reserved for a future,improved half-duplex protocol whilethe values T=2 and T=3 indicate half-duplex protoeols yet to be defined.
T=l4 bundles all non-standard ISOprotocols, whieh, in practice, are fewand far between.
The appearanee of a TAl charactermay indicate that the Smartcard youhave inserted needs a partieuJar clockfrequency, arid/er a eommunicationspeed other than 9600bits/so In eithercase, you should eonsult the ISO 78]6standard to check for compatibilitywith the default characteristics of thereader unit.
Finall y, a TCl character ma yimpose a 'guard deley', which meansa delay to be inse.rted between thetransmission of two successive bytes.
That bring us to the end of the firstinstalment of this artide. In the secondinstalment, to be published nextmonth, we will be looking at the 'soft-ware' aspect of this project, discussingthe various utilities which are availableon the diskette mentioned earlier on.These utilities allow you to strike up aeonversation with the Smartcardinserted into the reader unit.
(970068-1)
43
4 ~O:-,-,-,-Kl ---~
may even be able to replace the con-nector with a receiver/transmitter unitcapable of communicating with con-tactless chip cards which are rapidlygaining acceptance.
Figure 4 supplies the copper tracklayout and component location plan ofthe single-sided printed circuit boarddesigned for the Smartcard reader. Thisboard is available ready-made through
our Readers Services, together with thepre-programmed PIC16C84 and thesoftware utilities diskette, as order code970068-C. The three components mayalso come as part of a kit supplied toyou by one of our advertisers.
As you can see, the board consistsof two seetions: to the right, the sub-board with the card connector module(ITT-Cannon) on it; to the left, the sub-
Elektor Electronics 12/97
o~
o~ ..
I Figure 4. Copper track
Ilayout andcomponentmounting plan of the
I,single-sided printedcircuit boarddesigned for the
'I Smartcard,reader ,, (board availablei ready-made). 8eforeI you start fitting the1
1
parts, cutthe board intwo to separate the
I 'interface/coupler'I !~ct;ontrom the 'con-ector' section.
board with the coupler (interface) cir-cuit on it and the rest of the electron-ics.
There is little to say about the actualconstruction of this project. As a mat-ter of course, you start by separatingthe two sub-boards, Fitting the com-ponents onto these boards should bemostly plain sailing. Be sure, however,not to overlook any of the six (4 and 2)wire links on the two boards. Also con-centrate on the polarity of thepolarised components (capacitors,diodes, LEDs and integrated circuits).Some components are mountedupright.
The 3-way pinheaders identified asJPl and JP2 allow you to choosebetween two versions of the card con-
41 LA
