Search code examples
javanfchcepcscacr122

Apdu error while send TgInitAsTarget command to the PN532 (ACR122u)

I'm trying to send the TgInitAsTarget command to the PN532 in card-emulation mode. When i try to send this:

FF000000 27 D48C 05 0400 123456 20 000000000000000000000000000000000000 00000000000000000000 00 00

I get an apdu error:

  • Exception in thread "main" java.lang.IllegalArgumentException: apdu must be at least 2 bytes long
  • at javax.smartcardio.ResponseAPDU.check(Unknown Source)
  • at javax.smartcardio.ResponseAPDU.(Unknown Source)
  • at sun.security.smartcardio.ChannelImpl.transmit(Unknown Source)

The code below is the code i use. Is this code wrong?

//TgInitAsTarget
byte[] bytes4           = { (byte) 0xD4,(byte) 0x8C,(byte) 0x05,(byte) 0x04,(byte) 0x00,
                            (byte) 0x12,(byte) 0x34,(byte) 0x56,(byte) 0x20,
                            (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                            (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                            (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                            (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                            (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                            (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00 };
CommandAPDU command4    = new CommandAPDU(0xFF,0x00,0x00,0x00, bytes4);
ResponseAPDU response4  = channel.transmit(command4);
System.out.println(bytesToHex(response4.getBytes()));

It looks like the Readregister, WriteRegister and SetParams parts give a good response back following this post. The hole code:

    List<CardTerminal>  terminals   = null; 
    TerminalFactory factory         = TerminalFactory.getDefault();
    terminals                       = factory.terminals().list();

    CardTerminal terminal   = terminals.get(0);
    Card card               = terminal.connect("*");

    CardChannel channel     = card.getBasicChannel();

    //Read register
    byte[] bytes1           = {(byte) 0xD4, 0x06, 0x63, 0x05, 0x63, 0x0D, 0x63, 0x38 };
    CommandAPDU command1    = new CommandAPDU(0xFF,0x00,0x00,0x00, bytes1);
    ResponseAPDU response1  = channel.transmit(command1);
    System.out.println(bytesToHex(response1.getBytes()));       

    //Update registers
    int xx = 47;    
    int yy = 00;
    int zz = 01;
    xx = xx | 0x004; 
    yy = yy & 0x0EF; 
    zz = zz & 0x0F7;  

    byte xxByte = toByte(hexStringToByteArray("0x"+Integer.toHexString(xx)));
    byte yyByte = toByte(hexStringToByteArray("0x0"+Integer.toHexString(yy)));
    byte zzByte = toByte(hexStringToByteArray("0x0"+Integer.toHexString(zz)));

    //WriteRegister
    byte[] bytes2           = { (byte) 0xD4, 0x08, 0x63, 0x02, (byte) 0x80, 
                                0x63, 0x03, (byte) 0x80, (byte) 0x63, (byte) 0x05,
                                xxByte, 0x63, 0x0D,yyByte, 0x63, 0x38, zzByte};
    CommandAPDU command2    = new CommandAPDU(0xFF,0x00,0x00,0x00, bytes2);
    ResponseAPDU response2  = channel.transmit(command2);
    System.out.println(bytesToHex(response2.getBytes()));   

    //SetParameters
    byte[] bytes3           = {(byte) 0xD4,(byte) 0x12,(byte) 0x30};
    CommandAPDU command3    = new CommandAPDU(0xFF,0x00,0x00,0x00, bytes3);
    ResponseAPDU response3  = channel.transmit(command3);
    System.out.println(bytesToHex(response3.getBytes()));


    //TgInitAsTarget
    byte[] bytes4           = { (byte) 0xD4,(byte) 0x8C,(byte) 0x05,(byte) 0x04,(byte) 0x00,
                                (byte) 0x12,(byte) 0x34,(byte) 0x56,(byte) 0x20,
                                (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                                (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                                (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                                (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                                (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,
                                (byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00,(byte) 0x00 };
    CommandAPDU command4    = new CommandAPDU(0xFF,0x00,0x00,0x00, bytes4);
    ResponseAPDU response4  = channel.transmit(command4);
    System.out.println(bytesToHex(response4.getBytes()));

Any help, response or advice is appreciated!!

Many thanks in advance!

Solution

  • Finally, i have the solution. I will answer my own question in case there are other people with the same problem.

    I connected the terminal with direct instead of *. See this answer. The second thing is there need to be a card placed on the top of the reader. When i place my Galaxy 5 on the reader it worked with the following code:

    byte[] commandAPDU4     = {(byte)0xFF, 0x00, 0x00, 0x00 , 0x27 , (byte)0xD4, (byte)0x8C , 0x05 , 0x04, 0x00 , 0x12, 0x34, 0x56 , 0x20 , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 , 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 , 0x00}; 
byte[] responseAPDU4    = card.transmitControlCommand(IOCTL_SMARTCARD_ACR122_ESCAPE_COMMAND, commandAPDU4 );                
System.out.println(bytesToHex(responseAPDU4) + "...");  

//Response: D58D08E0809000...