Gemalto Prox–DU Reference Manual
  1. Manuals
  2. Brands
  3. Gemalto Manuals
  4. Card Reader
  5. Prox-DU
  6. Reference manual

Gemalto Prox–DU Reference Manual

Usb smart card reader/writer
Hide thumbs Also See for Prox–DU:
Table of Contents

Advertisement

Quick Links

See also: Installation Manual , Manual
Reference Manual
Prox–DU & Prox–SU
Prox–DU & Prox–SU
Dual interface USB smart card reader
Reference Manual
www.gemalto.com
DOC118569D
Public Use
Page 1/145

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Prox–DU and is the answer not in the manual?

Questions and answers

Related Manuals for Gemalto Prox–DU

Summary of Contents for Gemalto Prox–DU

  • Page 1 Reference Manual Prox–DU & Prox–SU Prox–DU & Prox–SU Dual interface USB smart card reader Reference Manual www.gemalto.com DOC118569D Public Use Page 1/145...
  • Page 2 All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep the sole right to file patent applications or any other kind of intellectual property protection in connection with such information.
  • Page 3 Extended APDU supported by the contactless CCID interface HID report descriptor correction Warning related to the use of the native commands of ® the MIFARE DESFire smart card BSI TR-03119 conformity paragraph added www.gemalto.com DOC118569D Public Use Page 3/145...

  • Page 5: Table Of Contents

    RF Power Attenuation ....................36 RF ISO level 2 control for BSI analog tests.............. 36 RF parameters for ISO14443-A cards ................37 RF parameters for ISO14443-B cards ................37 EEPROM Parameters Validity ..................37 www.gemalto.com DOC118569D Public Use Page 5/145...
  • Page 6 CCID protocol and parameters selection ..............72 TPDU level of exchange................... 72 APDU level of exchange ..................73 Character level of exchange ..................73 Suspend behavior ......................74 CCID ................ 74 DEVICE FOR THE CONTACT INTERFACE www.gemalto.com DOC118569D Public Use Page 6/145...
  • Page 7 CCID Escape Control Code for Linux and Mac Operating Systems ...... 103 HID DEVICES ........................104 .................. 104 EMALTO PROPRIETARY COMMANDS Proprietary commands ....................105 Firmware version request command ..............105 Read EEPROM parameters command ..............106 Write EEPROM parameters command ..............106 www.gemalto.com DOC118569D Public Use Page 7/145...
  • Page 8 Device Descriptor ....................... 127 Configuration Descriptor ..................... 127 Interface descriptor ..................... 127 HID class descriptor....................127 HID endpoint descriptor ....................127 HID report descriptor ....................127 String descriptors ......................128 LangID string descriptor ..................128 www.gemalto.com DOC118569D Public Use Page 8/145...
  • Page 9 Table 19 – ATR for contact smart cards ................66 Table 20 – Clock rate conversion factor F ................68 Table 21 – Bit rate adjustment factor D ................. 69 Table 22 – clock stop indicator X ..................70 www.gemalto.com DOC118569D Public Use Page 9/145...
  • Page 10 Figure 12 – The contact SIM/SAM card is inserted into the Prox–SU connector ....19 Figure 13 – USB devices (Windows XP example) ..............22 Figure 14 – Contactless logo of the landing zone ..............22 Figure 15 – Contact card slot (Prox–DU and Prox–SU) ............23 www.gemalto.com DOC118569D Public Use Page 10/145...
  • Page 11 Figure 9 – Two Prox–DU PC/SC names (Linux) ..............44 Figure 33 – Information provided by T0 ................67 Figure 34 – Information provided by TDi ................67 Figure 35 – Push button PCB location (S1) ................ 123 www.gemalto.com DOC118569D Public Use Page 11/145...

  • Page 12: Introduction

    Contact Our Hotline If you do not find the information you need in this document, or if you find errors, contact the Gemalto hotline at http://support.gemalto.com/. Please note the document reference number, your job function, and the name of your company.

  • Page 13: Overview

    Reference Manual Prox–DU & Prox–SU Overview Description The Prox–DU and the Prox–SU are Gemalto smart card reader/writers embedding the Prox and the GemCore technologies developed by Gemalto to interface contactless and contact smart cards: • The Prox–DU is a dual interface (contact and contactless) USB smart card...

  • Page 14: Main Features

    Embedded protection against dual interface smart card damage and switch feature to select the active interface (contact or contactless) Prox and GemCore are Gemalto proprietary technologies developed for contactless and contact reader/writers. It is based on a specific operating system that interfaces with contactless and contact smart cards.

  • Page 15: Bsi Tr-03119 Conformity

    Prox–DU & Prox–SU BSI TR-03119 Conformity The BSI TR-03119 certificate N° BSI-K-TR-0078-2010 recognizes the ability of the Gemalto Prox-SU and Prox-DU smart card readers to interface with the new German electronic identity cards called nPA (neue Personalausweiss) as a “Basic Chip Card Reader Category B”.

  • Page 16: Prox-Du And Prox-Su Differences

    Dual interface protection Can be disabled according to No management device configuration Switch interface command Available Not useful Product name in the string Gemalto Prox-DU Gemalto Prox-SU version Product string in USB Prox Dual USB Prox SU USB descriptor PC Link Reader...

  • Page 17: Smart Card Protection And Switch Feature

    As it is no ot possible to o have a dua al interface S IM/SAM card d, the smart card protecti is n not active wit th the Prox–S SU device. w.gemalto.com OC118569D Public Use Page 17/1...

  • Page 18: Using Smart Cards

    To activate the contactless smart card when it is fully inserted into the slot, the switch feature of the device should be activated. Refer to the switch feature paragraph below for more information. www.gemalto.com DOC118569D Public Use Page 18/145...

  • Page 19: Figure 10 – The Contact Smart Card Is Fully Inserted Into The Prox–Du Slot

    Figure 12 – The contact SIM/SAM card is inserted into the Prox–SU connector Note: the SIM/SAM card cannot be installed or removed without opening the casing. The SIM/SAM card is permanently installed into the Prox–SU reader. www.gemalto.com DOC118569D Public Use...

  • Page 20: Environmental Characteristics

    Operating RF On Power Supply Current < 50 mA Operating RF Off Power Supply Current < 2.5 mA Suspend EMC Regulations FCC Part 15 Class B Safety UL 60950 Recognized Table 3 – Environmental Characteristics www.gemalto.com DOC118569D Public Use Page 20/145...

  • Page 21: Interface Capability

    ISO7816-2 8 pins ISO7816-2 8 pins Landing zone Landing zone Contactless card (No connector) (No connector) One blue LED One blue LED Visual Indicators One yellow LED One yellow LED Table 4 – Interface capability www.gemalto.com DOC118569D Public Use Page 21/145...

  • Page 22: Interface Features

    The contactless antenna is integrated into the device. It consists of inductive loops and a matching circuit mounted into the printed circuit board. This contactless interface complies with the ISO14443-A&B standard. The characteristics for the contactless interface are as follows: www.gemalto.com DOC118569D Public Use Page 22/145...

  • Page 23: Contact Interface

    15 mm 15 mm 85.6 mm 85.6 mm Figure 16 – ID-1 and ID-000 card size • Card baud rate: up to 500 kbps (TA1 = 97h for a clock frequency of 4 MHz) www.gemalto.com DOC118569D Public Use Page 23/145...

  • Page 24: Led Interface

    The card is present and inactive (powered off) The card is present and active (powered on) Flashing The card communication is in progress Note: When no SIM/SAM card is inserted into the Prox–SU, the yellow indicator will always be off. www.gemalto.com DOC118569D Public Use Page 24/145...

  • Page 25: Installing The Reader/Writer

    Debian in stallation lease 5.0x an nd higher package ava ailable in the e web site Inbox http://suppo rt.gemalto.co 2 and 64 bit v versions) ux Ubuntu d istribution Use the late est Ubuntu in stallation lease 9.04 a...
  • Page 26 Prox–DU and d the Prox–S SU reader/wr riter are the ndard drivers s available in nto the opera ating system . No Gemalto o proprietary y drivers are eded, Micros soft Windows s CE R5.0 & R6.0 except r Windows op...

  • Page 27: Windows Xp Installation

    Found New Hardware USB Human Interface Device USB Human Interface Device Found New Hardware Found New Hardware Prox-DU Contactless_xxxxxxxx Prox-DU Contactless_xxxxxxxx Found New Hardware Found New Hardware USB Smart Card reader USB Smart Card reader www.gemalto.com DOC118569D Public Use Page 27/145...

  • Page 28: Windows Xp Installation Using The Windows Update Procedure

    When the USB cable is plugged into the USB port of the computer the previous popup windows and the following wizard will appear: Figure 19 – Windows XP Installation wizard: first window • Click the “Yes, this time only” button to start the Windows Update procedure www.gemalto.com DOC118569D Public Use Page 28/145...

  • Page 29: Figure 20 – Windows Xp Installation Wizard: Second Window

    Click the “Next” button to continue Figure 21 – Windows XP Installation wizard: third window The Windows Update procedure will be running. Wait until the installation is completed: Figure 22 – Windows XP Installation wizard: final window www.gemalto.com DOC118569D Public Use Page 29/145...

  • Page 30: Checking The Installation

    To check if the Prox–DU or the Prox–SU reader/writer is able to detect contactless smart cards put a smart card near the reader/writer antenna: The blue LED should be set to an enlightened state. Figure 25 – Contactless smart card check www.gemalto.com DOC118569D Public Use Page 30/145...

  • Page 31: Figure 26 – Contact Smart Card Check

    Note: The yellow LED should return to the blinking state after a short time depending on the computer operating system. The smart card used for the check should be of course ISO7816-3 compliant. Otherwise, no LED change will occur. The second test is not available for the Prox–SU model. www.gemalto.com DOC118569D Public Use Page 31/145...

  • Page 32: Configuring The Reader/Writer

    General RF parameters RF reset time RF on delay RF parameters use RF power attenuation 29 to 31 RFU (3 bytes) RF ISO level 2 control for BSI analog tests RF parameters for ISO14443-A cards www.gemalto.com DOC118569D Public Use Page 32/145...

  • Page 33: Control Parameters

    The contact smart card cannot be supplied with a VCC voltage while the RF field is The RF field cannot be set on while a contact smart card is supplied with a VCC voltage. www.gemalto.com DOC118569D Public Use Page 33/145...

  • Page 34: Card Notification Delay

    106 kbps. Bit rate 212 kbps reader to card allowed 424 kbps reader to card allowed 848 kbps reader to card allowed 212 kbps card to reader allowed www.gemalto.com DOC118569D Public Use Page 34/145...

  • Page 35: T=Cl Card Presence Check Behavior

    Deactivation with a Deselect and a RF reset The card serial number is not checked on reactivation Deactivation with a RF reset The card serial number is not checked on reactivation RFU bit must be set to 0 www.gemalto.com DOC118569D Public Use Page 35/145...

  • Page 36: Miscellaneous Parameters

    00h : ISO normal behavior X0h : force bit rate = 106 kbps X1h : force bit rate = 212 kbps X2h : force bit rate = 424 kbps X3h : force bit rate = 848 kbps www.gemalto.com DOC118569D Public Use Page 36/145...

  • Page 37: Rf Parameters For Iso14443-A Cards

    * unsigned char *_puc_in - pointer to first byte * unsigned char *_puc_out - pointer to store CRC computed * Response : * ERR_OK compute CRC is OK * ERR_MAD_CRC compute CRC is not OK www.gemalto.com DOC118569D Public Use Page 37/145...
  • Page 38 (*_puc_out & 0x80) *_puc_out = (*_puc_out << 1) ^ 0x1D; else *_puc_out = *_puc_out << 1; if (*_puc_out) uc_status = ERR_MAD_CRC; return (uc_status); // 0x00 if last byte is the CRC of the previous bytes www.gemalto.com DOC118569D Public Use Page 38/145...

  • Page 39: Using Pc/Sc Application

    PC environment. The next figure shows the PC/SC architecture: Smart Card - Aware Applications Service Provider Smart Card Resource Manager Smart Card Reader Handler Smart Card Reader Smart Card Figure 27 – PC/SC Architecture www.gemalto.com DOC118569D Public Use Page 39/145...

  • Page 40: Table 7 – Smart Card Database Query Functions

    Resource Manager Context Functions: Manage the context of the resource manager's database operations SCardEstablishContext Establishes a context for accessing the smart card database SCardReleaseContext Closes an established context Table 9 – Resource Manager Context Functions www.gemalto.com DOC118569D Public Use Page 40/145...

  • Page 41: Table 10 – Resource Manager Support Function

    Provide direct control of the reader SCardGetAttrib Get reader attributes SCardSetAttrib Set reader attribute Table 13 – Direct Card Access Functions To get more information about these commands please refer to the “Prox–DU & Prox–SU PC/SC Guide”. www.gemalto.com DOC118569D Public Use Page 41/145...

  • Page 42: Gem_Pc/Sc Software Tool

    Reference Manual Prox–DU & Prox–SU Gem_PC/SC software tool The Gemalto Gem_PCSC tool may help to become familiar with the PC/SC environment: Figure 28 – Gem_PCSC window The Gem_PCSC tool is available for download in the Gemalto support website: http://support.gemalto.com. www.gemalto.com...

  • Page 43: Prox-Du And Prox-Su Pc/Sc Reader Name

    The string name depends on the operating system. Windows operating systems The name will comply with the following string format: • “Gemalto Prox-DU Contactless_xxxxxxxx N1” for the Prox–DU contactless interface • “Gemalto Prox-DU Contact_xxxxxxxx N2” for the Prox–DU contact interface •...

  • Page 44: Linux And Mac Os Xoperating Systems

    Linux and Mac OS X operating systems The name will comply with the following string format: • “Gemalto Prox-DU (xxxxxxxx) N1 00” for the Prox–DU contactless interface • “Gemalto Prox-DU (xxxxxxxx) N1 01” for the Prox–DU contact interface •...

  • Page 45: Pc/Sc Limitations

    Consequently the application shall not use the two interfaces simultaneously. Else communication errors can occur. For more information about the known issues and limitations please refer to the “Prox–DU and Prox–SU Release Notes” document. www.gemalto.com DOC118569D Public Use Page 45/145...

  • Page 46: Interfacing With Contactless Cards

    I-block to be repeated (according to the ISO14443-4 standards). When a smart card removal is detected, a CCID removal notification message will be generated and the blue LED of the contactless reader/writer will blink slowly. www.gemalto.com DOC118569D Public Use...

  • Page 47: Atr For Contactless Smart Cards

    3Bh 8Fh 80h 01h 80h 80h 65h B0h 07h 02h 02h 89h 83h 00h 90h 00h 00h 00h 00h With: n = Fh (15 historical bytes) Historical bytes from the ATS response = 80h 80h 65h B0h 07h 02h 02h 89h 83h 00h 90h 00h 00h 00h 00h www.gemalto.com DOC118569D Public Use Page 47/145...
  • Page 48 83h 00h UU = E3h (TCK) • The ATR returned by a GemCombi CDLite smart card will be: 3Bh 80h 80h 01h 01h With: n = 0h (no historical byte) UU = 01h (TCK) www.gemalto.com DOC118569D Public Use Page 48/145...

  • Page 49: Interfacing With Mifare ® Desfire Cards

    As an example, to get the version of the DESFire smart card, the following native command should be send: 60h The proprietary command to consider is the following: FFh DEh 00h 00h 01h 60h The response will be: www.gemalto.com DOC118569D Public Use Page 49/145...
  • Page 50 Reference Manual Prox–DU & Prox–SU AFh 04h 01h 01h 00h 02h 18h 05h (example) Refer to the DESFire datasheet for more information about the response. www.gemalto.com DOC118569D Public Use Page 50/145...

  • Page 51: Requesting Contactless Smart Card Information

    44h 03h 04h 26h 47h 09h 48h E8h 10h 20h 90h 00h (example) ATQA = 44h 03h 04h SN = 26h 47h 09h 48h E8h 10h (7 bytes) SAK = 20h Refer to the DESFire datasheet for more information about the response. www.gemalto.com DOC118569D Public Use Page 51/145...

  • Page 52: Interfacing With Mifare ® Cards

    ® When the smart card is in the MIFARE mode, the only way to retrieve the MIFARE type ® (1K-4K-UL-Mini) is to reconnect the smart card. The appropriate MIFARE ATR will then be returned. www.gemalto.com DOC118569D Public Use Page 52/145...

  • Page 53: Atr For Mifare ® Cards

    2 bytes for Card Name RFU: Shall be set to zero. Assigned by PC/SC for future extensions. 3 + n Exclusive-OR of bytes T0 to Tk ® Table 15 – ATR for MIFARE cards www.gemalto.com DOC118569D Public Use Page 53/145...

  • Page 54: Table 16 – Ss Byte For Standard

    LL = 0Ch (12 bytes) SS = 03h (ISO14443-A, part 3) ® NN NN = 00h 02h (MIFARE Standard 4K) UU = 69h (TCK) ® • The ATR returned by a MIFARE Ultralight will be: www.gemalto.com DOC118569D Public Use Page 54/145...

  • Page 55: Get Data Command

    INF = 00h means: Card serial Info type number (UID or PUPI) is returned INF = 01h means: All historical bytes from the ATS of a ISO14443 A card without CRC are returned Expected length of the data www.gemalto.com DOC118569D Public Use Page 55/145...

  • Page 56: Load Keys Command

    ® If the Load MIFARE key security bit is set to one in the configuration EEPROM, a Transport ® secret key should be added to the MIFARE key: The command is formatted as follows: www.gemalto.com DOC118569D Public Use Page 56/145...
  • Page 57 ® MIFARE Secret Key The MIFARE key value Should be followed by the Gemalto ® Transport key if the Load MIFARE security bit is set on. The byte order must be the same as the byte order in the card sector trailer...

  • Page 58: General Authenticate Command

    Mini it is mandatory to perform the General Authenticate command before each read or write memory block operation. Otherwise, an authentication error will occur. ® For MIFARE Ultralight the General Authenticate operation is not required. www.gemalto.com DOC118569D Public Use Page 58/145...
  • Page 59 Others Refer to the error codes table below The authentication is performed for a memory sector. As each memory sector is composed of four memory blocks, the authentication will be done for all the four memory blocks. www.gemalto.com DOC118569D Public Use...

  • Page 60: Read Binary Command

    1K, 4K, Mini 16-byte of data ® MIFARE Ultralight 4-byte of data The first byte of the block is byte 0 Present only when there is no error in the status report. SW1-SW2 Command execution status www.gemalto.com DOC118569D Public Use Page 60/145...

  • Page 61: Update Binary Command

    04h (size of the memory page) Data ® MIFARE 1K, 4K, Mini 16-byte of data ® MIFARE Ultralight 4-byte of data The first byte of the block is byte 0 Present only when there is no error www.gemalto.com DOC118569D Public Use Page 61/145...

  • Page 62: Error Code List Summary

    Key type not known Key number not valid Function not supported Wrong parameter P1-P2 Instruction code not supported Read Binary error codes End of data reach before Le bytes (Le is greater than data length) www.gemalto.com DOC118569D Public Use Page 62/145...

  • Page 63: Table 18 – Memory Card Error Codes

    Wrong length (wrong number Le; XX is the exact number) if Le is less than the available data length Update Binary error codes Wrong length Security not satisfied Address out of range Function not supported Table 18 – Memory card error codes www.gemalto.com DOC118569D Public Use Page 63/145...

  • Page 64: Interfacing With Contact Cards

    The Prox–DU and the Prox–SU will return the smart card ATR after a smart card power up. The ATR is as follows: Byte Value Designation Description Number Initial header (Mandatory) 3Bh or Direct or inverse convention www.gemalto.com DOC118569D Public Use Page 64/145...
  • Page 65 Specific to T after T from 0 to 14 in TDi–1 Global after T=15 in TDi–1 Interface characters (Optional) Yi+1-T Interface characters (Optional) Structural, encodes Yi+1 and T Historical characters (Optional): max 15 bytes www.gemalto.com DOC118569D Public Use Page 65/145...

  • Page 66: Structures And Content

    ONE the presence of subsequent characters TA1, TB1, TC1, TD1 respectively. • The least significant half byte (b3 to b0) is named K and indicates the number (0 to 15) of historical characters. www.gemalto.com DOC118569D Public Use Page 66/145...

  • Page 67: Interface Characters Tai, Tbi, Tci, Tdi

    If present, T=0 shall be first, T=15 shall be last. T=15 is invalid in TD1. Historical characters T1, T2, ... ,TK When K is not null, the answer to reset is continued by transmitting K historical characters T1, T2, ... , TK. www.gemalto.com DOC118569D Public Use Page 67/145...

  • Page 68: Check Character Tck

    0000 0001 0010 0011 0100 0101 0110 0111 1116 1488 1860 Fs (max) 1000 1001 1010 1011 1100 1101 1110 1111 1024 1536 2048 Fs (max) Table 20 – Clock rate conversion factor F www.gemalto.com DOC118569D Public Use Page 68/145...

  • Page 69: Tb1 And Tb2

    If bit 4 is set to 0, then the integers Fi and Di defined above by TA1 shall apply. • If bit 4 is set to 1, then implicit values (not defined by the interface bytes) shall apply. Bits 3 to 0 encode a type T. www.gemalto.com DOC118569D Public Use Page 69/145...

  • Page 70: The First Ta1 For T=15

    1). The value '00' indicates that the smart card does not use SPU. Any other value where bit 7 is set to 0 are reserved for future use. For additional information about the ATR contents please refer to the ISO7816-3 standard. www.gemalto.com DOC118569D Public Use...

  • Page 71: Ccid Devices

    Prox–DU, and optional for a CCID with cards that are always inserted and not removable as the Prox–SU. • A bulk-in and bulk-out pipe The host command is sent on the bulk-out endpoint The device sends the answer on the bulk-in endpoint www.gemalto.com DOC118569D Public Use Page 71/145...

  • Page 72: Ccid Protocol And Parameters Selection

    - Form 2, data expected from the smart card: Command TPDU = CLA INS P1 P2 Le, Le=P3 from 00h to FFh (00h means 100h) Response TPDU = Data(Le) SW1 SW2, Data(Le) is for the Le data www.gemalto.com DOC118569D Public Use Page 72/145...

  • Page 73: Apdu Level Of Exchange

    Character level of exchanges is selected when none of the TPDU, Short APDU or Short and extended APDU is selected. The CCID sends the characters in the command (maybe none) then waits for the number of www.gemalto.com DOC118569D Public Use...

  • Page 74: Suspend Behavior

    • PC_to_RDR_GetParameters • PC_to_RDR_ResetParameters • PC_to_RDR_Escape • PC_to_RDR_Abort The following CCID commands are not implemented: • PC_to_RDR_IccClock • PC_to_RDR_T0APDU • PC_to_RDR_Secure • PC_to_RDR_Mechanical • PC_to_RDR_SetDataRateAndClockFrequency In the following paragraphs for all the command messages: www.gemalto.com DOC118569D Public Use Page 74/145...

  • Page 75: Pc_To_Rdr_Iccpoweron Command

    The response to this command message is RDR_to_PC_DataBlock response message. PC_to_RDR_IccPowerOff command This command powers off the smart card. Offset Field Size Value Description bMessageType PC_to_RDR_IccPowerOff bwLength 00000000h bSlot Slot 0 bSeq 00-FFh Sequence number for the www.gemalto.com DOC118569D Public Use Page 75/145...

  • Page 76: Pc_To_Rdr_Getslotstatus Command

    The Data format for a PPS exchange is: PPSS PPS0 [PPS1] [PPS2] [PPS3] PCK With PPSS = FFh Refer to ISO 7816-3 for more information. Offset Field Size Value Description bMessageType PC_to_RDR_XfrBlock bwLength Size of the abData field www.gemalto.com DOC118569D Public Use Page 76/145...

  • Page 77: Pc_To_Rdr_Getparameters Command

    Reserved for future used The response to this command message is the RDR_to_PC_Parameters response message. PC_to_RDR_SetParameters command This command is used to change the slot parameters such as the baud rate, the protocol, etc. www.gemalto.com DOC118569D Public Use Page 77/145...
  • Page 78 = 1b – Checksum CRC b1 = 0 - direct convention b1 = 1 - inverse convention CCID ignores bit b1 bGuardTimeT1 00-FFh Extra Guard Time between two characters. If value FFh, then www.gemalto.com DOC118569D Public Use Page 78/145...

  • Page 79: Pc_To_Rdr_Escape Command

    Size of the Data field bInferface 01h,02h 01h = Switch to contactless interface 02h = Switch to contact interface The response format is the following: Offset Field Size Value Description abStatus XX XX Command Status execution www.gemalto.com DOC118569D Public Use Page 79/145...

  • Page 80: Pc_To_Rdr_Abort Command

    X = 0 card present and active X = 1 card present and inactive X = 2 card not present bError 00h-FFh Slot error register: Error when bStatus = 4Xh Time multiplier when bStatus = www.gemalto.com DOC118569D Public Use Page 80/145...

  • Page 81: Rdr_To_Pc_Slotstatus

    X = 0 card present and active X = 1 card present and inactive X = 2 card not present bError 00h-FFh Slot error register: Error when bStatus = 4Xh bProtocolNum 00h, 01h Specifies what protocol data structure follows. www.gemalto.com DOC118569D Public Use Page 81/145...

  • Page 82: Rdr_To_Pc_Escape

    ICC clock stop support 00h = Stopping the clock is not allowed bIfsc 00-FEh Size of negotiated IFSC bNadValue NAD value used by CCID RDR_to_PC_Escape This message is the response to the PC_to_RDR_Escape command. www.gemalto.com DOC118569D Public Use Page 82/145...

  • Page 83: Reporting Slot Error And Slot Status Registers In Bulk-In Messages For The Contact Interface

    Parity error while talking to the ICC XFR_OVERRUN Overrun error while talking to the ICC HW_ERROR An all inclusive hardware error occurred BAD_ATR_TS BAD_ATR_TCK ICC_PROTOCOL_NOT_SUPPORTED ICC_CLASS_NOT_SUPPORTED PROCEDURE_BYTE_CONFLICT DEACTIVATED_PROTOCOL BUSY_WITH_AUTO_SEQUENCE Automatic Sequence Ongoing PIN_TIMEOUT PIN_CANCELED www.gemalto.com DOC118569D Public Use Page 83/145...

  • Page 84: Table 24 – Slot Error Register When Bmcommandstatus = 1

    Command failed (error code provided by the error register): Slot Status register = 4xh Time extension is requested (slot error register = time multiplier): Slot Status register = 80h x = 0 : Card present and active x = 1 : Card present and inactive www.gemalto.com DOC118569D Public Use Page 84/145...

  • Page 85: Interrupt In Messages For The Contact Card Interface

    (0b = no change, 1b = change). If no slot exists for a given location, the field returns 00b in those 2 bits. Example: A 3 slot CCID reports a single byte with the following format: www.gemalto.com DOC118569D Public Use Page 85/145...
  • Page 86 01h: ICC present, no change since the last RDR_to_PC_NotifySlotChange message was sent 02h: no present, slot changed state since last RDR_to_PC_NotifySlotChange message was sent 03h: ICC present, slot changed state since last RDR_to_PC_NotifySlotChange message was sent www.gemalto.com DOC118569D Public Use Page 86/145...

  • Page 87: Ccid Device For The Contactless Interface

    00000000h bSlot Slot 0 bSeq 00-FFh Sequence number for the command bPowerSelect 00h-03h Voltage that is applied to the ICC 00h – automatic voltage selection 01h – 5.0V 02h – 3.0v 03h – 1.8V www.gemalto.com DOC118569D Public Use Page 87/145...

  • Page 88: Pc_To_Rdr_Iccpoweroff Command

    The parameter bBWI is not managed because this parameter is only use by CCIDs which use the character level and TPDU level of exchange (as reported in the dwFeature parameter in the CCID functional descriptor) and only for T=1 transfers. www.gemalto.com DOC118569D Public Use...
  • Page 89 For a T=CL card this data are send “as it” using the T=CL protocol. For a Mifare card: the data must be a Short APDU command as defined in PC/SC specification. The command message length = 10 + Card command length. www.gemalto.com DOC118569D Public Use Page 89/145...

  • Page 90: Pc_To_Rdr_Getparameters Command

    Other parameters are not used but are and stored to be send back in the response message RDR_to_PC_Parameters. The response to this command message is the RDR_to_PC_Parameters response message. PC_to_RDR_SetParameters command This command is used to change the slot parameters. Offset Field Size Value Description www.gemalto.com DOC118569D Public Use Page 90/145...
  • Page 91 = 0 - direct convention CCID ignores bit b1 bGuardTimeT1 00-FFh Extra Guard Time between two characters. If value FFh, then guard time is reduced by 1 etu. bWaitingIntegersT1 00-9Fh b7-b4 = BWI value 0-9 valid www.gemalto.com DOC118569D Public Use Page 91/145...

  • Page 92: Pc_To_Rdr_Escape Command

    Commands on the HID Interface” and the format in the abData field is the same. Get firmware version This command is useful for the Gemalto CCID driver. The format is the same than the command of the GemCore POS Pro chip.

  • Page 93: Response Pipe Bulk-In Messages For The Contactless Interface

    Sequence number : Same as Bulk- Out message bStatus 00h, 01h, Slot status register: 02h, 40h, 0Xh = no error 41h, 42h, 4Xh = command failed 80h Time extension request X = 0 card present and active www.gemalto.com DOC118569D Public Use Page 93/145...

  • Page 94: Rdr_To_Pc_Slotstatus Command

    Other parameters are not used but are stored with the command PC_to_RDR_SetParameter or set to default value with the command PC_toRDR_ResetParameter to be send back in the response message RDR_to_PC_Parameters. Offset Field Size Value Description www.gemalto.com DOC118569D Public Use Page 94/145...
  • Page 95 Protocol data structure for protocol T=1 (bProtocolNum = 1) (dwLength = 00000007h): Offset Field Size Value Description bmFindexDindex b7-4 – FI selecting a clock rate conversion factor b3-0 – DI selecting a baud rate conversion factor www.gemalto.com DOC118569D Public Use Page 95/145...

  • Page 96: Rdr_To_Pc_Escape Command

    X = 1 card present and inactive X = 2 card not present bError 00h-FFh Slot error register: Error when bStatus = 4Xh bRFU Reserved for Future Used abData Byte Data sent from CCID array www.gemalto.com DOC118569D Public Use Page 96/145...

  • Page 97: Reporting Slot Error And Slot Status Registers In Bulk-In Messages For The Contactless Interface

    Bit 1 = Slot 0 changed status Bit 2 = Slot 1 current state Bit 3 = Slot 1 changed status Bit 4 = Slot 2 current state Bit 5 = Slot 2 changed status Bit 6 = 0b www.gemalto.com DOC118569D Public Use Page 97/145...
  • Page 98 01h: ICC present, no change since the last RDR_to_PC_NotifySlotChange message was sent 02h: no present, slot changed state since last RDR_to_PC_NotifySlotChange message was sent 03h: ICC present, slot changed state since last RDR_to_PC_NotifySlotChange message was sent www.gemalto.com DOC118569D Public Use Page 98/145...

  • Page 99: Usb Ccid Class Driver Details

    Support for multiple slots on readers. If the reader has multiple slots, only slot 0 will be used. Devices that wish to expose multiple readers may develop a composite device (a CCID-compliant interface would then be required for each reader). www.gemalto.com DOC118569D Public Use...

  • Page 100: Enabling The Ccid Escape Command Feature Into The Microsoft Driver

    Double click on the first icon to get the properties of the first device: The USB information is “USB\VID_08E6&PID_5503&MI_01\6&1CE7978&3&0001” in the previous picture. • Double click on the second icon to get the properties of the second device: The USB information is “USB\VID_08E6&PID_5503&MI_02\6&1CE7978&3&0002” in the previous picture. www.gemalto.com DOC118569D Public Use Page 100/145...
  • Page 101 Double click the new key to edit it and set the value to “1” • Perform the operation for the first USB Smart Card readers: (USB\VID_08E6&PID_5503&MI_01\6&1CE7978&3&0001 in the example) • Perform the operation with the second USB Smart Card readers: (USB\VID_08E6&PID_5503&MI_02\6&1CE7978&3&0002 in the example) www.gemalto.com DOC118569D Public Use Page 101/145...

  • Page 102: Ccid Escape Control Code For Microsoft Operating Systems

    PIN entry ifd PIN properties MCT reader direct • Data rates list • LCD display (Gemalto GemPC PIN PAD) • Extended APDU (for T=1 cards only and if your reader is in TPDU mode or extended APDU mode) • SCardGetAttrib() attributes •...

  • Page 103: Ccid Escape Control Code For Linux And Mac Operating Systems

    The application should use the following control code to send the escape command: • #define IOCTL_CCID_ESCAPE SCARD_CTL_CODE(1) Defining the vendor IOCTL for the CCID Escape Commands supported by the Prox–DU or Prox–SU reader/writer: • Get firmware version • Switch interface www.gemalto.com DOC118569D Public Use Page 103/145...

  • Page 104: Hid Devices

    The Prox–DU and Prox–SU reader/writers use a vendor defined HID interface for the device administration. Gemalto proprietary commands The HID interface is used for device administration using Gemalto proprietary commands. The commands are coded using the following format: Offset Field...

  • Page 105: Proprietary Commands

    Size of the Data field The response format is the following: Offset Field Size Value Description abStatus XX XX Command Status execution 2, 3 wLength XXXX Size of the Data field abData firmware version string www.gemalto.com DOC118569D Public Use Page 105/145...

  • Page 106: Read Eeprom Parameters Command

    The response format is the following: Offset Field Size Value Description abStatus XX XX Command Status execution 2, 3 wLength 0000h Size of the Data field The abStatus field can report a possible execution error. www.gemalto.com DOC118569D Public Use Page 106/145...

  • Page 107: Switch Interface Command

    Current interfaces switch state = 02h when no contactless card is detected and a contact card is inserted in the reader slot. This corresponds to the state 2 of the dual power security manager. www.gemalto.com DOC118569D Public Use Page 107/145...

  • Page 108: Reset Reader Command

    0000h Size of the Data field The abStatus field can report a possible execution error. Download firmware file command This command is used to download the file that contains the reader firmware data. www.gemalto.com DOC118569D Public Use Page 108/145...

  • Page 109: End Download Command

    Linux • Mac OS X This library supports all the commands listed in the previous paragraph. The HID libraries are available in the following web link http://support.gemalto.com. HID Commands Error Codes In the following table: • The MSB byte correspond to the first byte reported in the abStatus field of the HID response •...

  • Page 110: Firmware Versioning Rules

    “Gemalto_Prox_SU” product name of Prox SU reader Separator: "-" Release version: "Vx.yz" release version number x.yz Separator: "-" Customer: "G" Gemalto Casing/Usage: "XD" Official release "W" working release Order number: "nn" incremental number for each version. "00" to "99 It restarts to 00 when the release version number is...

  • Page 111: Usb Descriptors

    The device has three interfaces (one interface for the contact smart card, one interface for the contactless smart card and one interface for the administration of the device). The device is “Bus Powered” (delivered from the USB cable, no external power). The device doesn’t support remote wake. www.gemalto.com DOC118569D Public Use Page 111/145...

  • Page 112: Interfaces Descriptors

    (No subclass) 0x00 bInterfaceProtocol (none) 0x06 iInterface (index to interface string descriptor = 6) Table 30 – USB Contactless Smart Card Interface Descriptor The interface for the contact smart card has three endpoints. www.gemalto.com DOC118569D Public Use Page 112/145...

  • Page 113: Device Class Descriptors

    (03h =Interrupt endpoint) 0x08 wMaxPacketSize (8 bytes max) 0x00 0xFE bInterval (254ms) Table 33 – USB HID Interface Endpoint Descriptor HID report descriptor HID Report Descriptor Offset Value Field Usage page (Vendor defined) www.gemalto.com DOC118569D Public Use Page 113/145...

  • Page 114: Table 34 – Usb Hid Report Descriptor

    Logical Maximum (255) Feature Report Report Size (8) 8bits per data Feature Report Report Count (0x116) 278 x 8 bits Feature (Data, Variable, Absolute) End of Collection (Application) Table 34 – USB HID Report Descriptor www.gemalto.com DOC118569D Public Use Page 114/145...

  • Page 115: Contactless Smart Card Device Class Descriptor

    NAD presence. Don’t care in ADPU mode and automatic IFSD 0x00 exchange) 0x00 0x00 0x00 dwSynchProtocols (no synchronous card) 0x00 0x00 0x00 0x00 dwMechanical (no special characteristics) 0x00 0x00 dwFeatures = 00040672h 0x72 00000002h: Automatic parameter configuration based on ATR data www.gemalto.com DOC118569D Public Use Page 115/145...

  • Page 116: Contactless Smart Card Interface Endpoint Descriptors

    Offset Value Field 0x07 bLength (7 bytes) 0x05 bDescriptorType (Endpoint) 0x86 bEndpointAddress (b7=1 IN, b3-b0 address 6) 0x03 bmAttributes (Interrupt endpoint) 0x08 wMaxPacketSize (8 bytes max) 0x00 0x18 bInterval (Polling Interval = 24 ms) www.gemalto.com DOC118569D Public Use Page 116/145...

  • Page 117: Contact Smart Card Device Class Descriptor

    0x07 0x00 0x00 bNumDataRatesSupported (manual setting not allowed) 0xFE 0x00 dwMaxIFSD (254 bytes) 0x00 0x00 0x00 0x00 dwSynchProtocols (no synchronous card) 0x00 0x00 0x00 0x00 dwMechanical (no special characteristics) 0x00 0x00 0x30 TPDU/ISO mode www.gemalto.com DOC118569D Public Use Page 117/145...

  • Page 118: Contact Smart Card Interface Endpoint Descriptors

    (For full speed : Ignored) Table 41 – USB Contact Smart Card Interface Endpoint Descriptor (Bulk In) Contact Smart Card Interface Endpoint Descriptor (endpoint 7 Interrupt IN) Offset Value Field 0x07 bLength (7 bytes) www.gemalto.com DOC118569D Public Use Page 118/145...

  • Page 119: String Descriptors

    Offset Value Field 0x10 bLength 0x03 bDescriptorType (String) ‘G,0 ‘e’,0 ‘m’,0 ‘a’,0 bString = "Gemalto" ‘l’,0 ‘t’,0 ‘o’,0 Table 44 – USB Manufacturer String Descriptor Product string descriptor String02 (index iProduct of device descriptor) Offset Value Field 0x3A bLength (58 bytes for Prox DU or 54 bytes for Prox SU )

  • Page 120: Serial Number String Descriptor

    The serial number value is the 8 ASCII characters string of the SN3,0x00, serial number printed on the reader label and bar code SN3,0x00, SN2,0x00, SN2,0x00, SN1,0x00, SN1,0x00, SN0,0x00, SN0,0x00, Table 46 – USB Serial Number String Descriptor www.gemalto.com DOC118569D Public Use Page 120/145...

  • Page 121: Hid Interface String Descriptor

    (String) ‘P’,0x00 ‘r’,0x00 ‘o’,0x00 ‘x’,0x00 ‘-‘,0x00 bString = “Prox-DU Contactless_xxxxxxxx” ‘D’,0x00 ‘U’,0x00 “Prox-SU Contactless_xxxxxxxx” ‘ ‘,0x00 ‘C’,0x00, where xxxxxxxx is the reader serial number printed on the label ‘o’,,0x00, ‘n’,0x00, ‘t’,0x00, ‘a’,0x00, ‘c’,0x00, www.gemalto.com DOC118569D Public Use Page 121/145...

  • Page 122: Contact Smart Card Interface String Descriptor

    “Prox-SU Contact_xxxxxxxx” ‘a’,0x00, ‘c’,0x00, where xxxxxxxx is the reader serial number printed on the label ‘t’,0x00, ‘_’,0x00, ‘x’,0x00, ‘x’,0x00, ‘x’,0x00, ‘x’,0x00, ‘x’,0x00, ‘x’,0x00, ‘x’,0x00, ‘x’,0x00, Table 49 – USB Contact Smart Card Interface String Descriptor www.gemalto.com DOC118569D Public Use Page 122/145...

  • Page 123: Boot-Loader

    2 - If the push button is activated (rescue start up) The device is not started and the boot-loader continues to run. The boot-loader is enumerated by the USB bus and then the download operation can be executed. www.gemalto.com DOC118569D Public Use Page 123/145...

  • Page 124: Boot-Loader Download Operations

    The command format is the following: Offset Field Size Value Description bCommandFamily Bootloader command bCommandType Download Management bCommand Load firmware file 3, 4 wLength XXXX Size of the Data field dwPacketId Packet identifier abDataPacket Firmware file packet (TDES www.gemalto.com DOC118569D Public Use Page 124/145...

  • Page 125: End Download Command

    = 0x0000 and reboots. If the two CRC are different, the bootloader answers with an error code and stay in the boot mode. Boot-loader version request command This command enables the user to determine the Boot-loader version. www.gemalto.com DOC118569D Public Use Page 125/145...

  • Page 126: Reset Reader Command

    The “End download” command is used to complete the download operation • The “Reset reader” command is used to activate the new firmware. Downloaded File Format The beginning of the file must contain the information needed to program the firmware and to verify it. www.gemalto.com DOC118569D Public Use Page 126/145...

  • Page 127: Boot-Loader Usb Descriptors

    Refer to the “USB Descriptors” paragraph for more information. HID endpoint descriptor This is the same descriptor than the HID Endpoint descriptor for the reader firmware. Refer to the “USB Descriptors” paragraph for more information. HID report descriptor www.gemalto.com DOC118569D Public Use Page 127/145...

  • Page 128: String Descriptors

    0x2E bLength (46 bytes) 0x03 bDescriptorType (String) ‘H’,0x00, ‘I’,0x00, ‘D’,0x00, ‘ ’,0x00, ‘D’,0x00, ‘o’,0x00, ‘w’,0x00, ‘n’,0x00, ‘l’,0x00, ‘o’,0x00, bString = “HID Download Interface” ‘a’,0x00, ‘d’,0x00, ‘ ’,0x00, ‘I’,0x00, ‘n’,0x00, ‘t’,0x00, ‘e’,0x00, ‘r’,0x00, ‘f’,0x00, ‘a’,0x00, www.gemalto.com DOC118569D Public Use Page 128/145...

  • Page 129: Leds States For The Boot Loader

    Blink 3: 50 ms on every 100 ms. (When the yellow LED is on, the blue LED is on). Blink 4: the yellow LED is on and the blue LED is off for 400 ms every 500 ms. www.gemalto.com DOC118569D...

  • Page 130: Downloading A Firmware

    The latest firmware binary file to download should be used (.bin extension file). The two items are available in the following web link http://support.gemalto.com. The Gemalto downloader tool performs the operations listed in the “Typical download operations” with additional commands to display the firmware and the boot-loader string version.
  • Page 131 (SWF118323F.bin in the example hereafter): • Click the “Download” button. The download process is running until its termination. The next figure will be displayed: www.gemalto.com DOC118569D Public Use Page 131/145...
  • Page 132 Then a reset of the device is performed to start the new firmware. • Click the “Get Version” button to check the new string version of the device. The next figure displays the new string “Gemato_Prox_DU-V1.01-GXD05”: www.gemalto.com DOC118569D Public Use Page 132/145...
  • Page 133 Reference Manual Prox–DU & Prox–SU The download operation is now completed. Note: the download duration is about 15 seconds. www.gemalto.com DOC118569D Public Use Page 133/145...

  • Page 134: Mifare ® Cards Mapping

    Each contactless smart card consists of a 16-byte memory block assembled in sectors. The first block of the first sector contains manufacturing information. The last block of each sector is the sector trailer containing the keys and the access conditions of the blocks. www.gemalto.com DOC118569D Public Use Page 134/145...

  • Page 135: Mifare ® Mini Memory Mapping

    Each contactless smart card consists of a 16-byte memory block assembled in sectors. The first block of the first sector contains manufacturing information. The last block of each sector is the sector trailer containing the keys and the access conditions of the blocks. www.gemalto.com DOC118569D Public Use Page 135/145...

  • Page 136: Mifare

    – – – – – – – – – – – – – – – Data Data Data Key A Access Bits Key B Sector Trailer 31 Data Data Data Data Data Data Data www.gemalto.com DOC118569D Public Use Page 136/145...
  • Page 137 Each contactless smart card consists of a 16-byte memory block assembled in sectors. The first block of the first sector contains manufacturing information. The last block of each sector is the sector trailer containing the keys and the access www.gemalto.com DOC118569D Public Use...

  • Page 138: Mifare ® Ul M Emory M Apping

    SN0-SN7 is the 7 bytes serial number according to ISO14443-3. BCC0 and BCC1 are the check bytes according to ISO14443-3. Internal byte is reserved for internal data. These 10 bytes are write-protected after having been programmed by the chip manufacturer after production. www.gemalto.com DOC118569D Public Use Page 138/145...

  • Page 139: Lock Bytes Area

    Pages 4 to 15 constitute the user read/write area. After production the data pages are initialized to all “0” (zeroes). ® MIFARE UL Read/Write Operation ® ® The MIFARE Ultralight chip does not embed the MIFARE Classic security. So no authentication operation is required before any read/write operation. www.gemalto.com DOC118569D Public Use Page 139/145...

  • Page 140: Mifare ® Memory Organization

    Key A, user can set the access bits where the memory space of the optional authentication Key B can be used for data storage. In this case when the authentication key, Key B can no longer be used for authentication, www.gemalto.com DOC118569D Public Use...

  • Page 141: Access Bits

    The access condition for every block is dependant on the sector number as explained in the following table: Sector Block Description - C2 - C1 - C2 - C1 (0 – 31) - C2 - C1 www.gemalto.com DOC118569D Public Use Page 141/145...
  • Page 142 Never Never Key A | B /Subtract Value block A or B Read only Key A | B Never Never Never memory block B Read /Write Key B Key B Never Never memory block www.gemalto.com DOC118569D Public Use Page 142/145...

  • Page 143: Sector Trailer Access Conditions

    Key A | B indicates the access for this sector is only possible after an authentication using either Key A or Key B. Access Bits Access Condition Comments Authentication Authentication Access Bits Key A Key B www.gemalto.com DOC118569D Public Use Page 143/145...

  • Page 144: Table 59 – Access To Sector Trailer

    The access bits can also be blocked by the user to prohibit any further changes to the access conditions. As the access bits can be altered by the user, special care should be taken during personalization phase. www.gemalto.com DOC118569D Public Use Page 144/145...

  • Page 145: For More Information

    Universal Serial Bus - Device Class: Smart Card CCID - Specification for Integrated Circuit(s) Cards Interface Devices - Revision 1.1 • PC/SC V2 specifications: Part 3. Requirements for PC-Connected Interface Devices - Revision 2.01.09 End of Document www.gemalto.com DOC118569D Public Use Page 145/145...

This manual is also suitable for:

Prox-su

Table of Contents