PC/SC Driver updated, from Windows XP to Windows 10

We’ve published a new release of our certified driver for SpringCard PC/SC products.

This new version runs from Windows XP to Windows 10 in 32 and 64 bits.

To download the driver, please go to http://www.springcard.com/en/download/find/file/sd16055

The installer contains both x86 and x64 binaries and will automatically select the most suitable for your system.

This release targets all SpringCard USB CCID readers.

 

New SDK for SpringCard’s RDR products

The SDK for our RDR products has just been released. It concerns the following devices:

Complete programs are included : for example, a program that monitors a lits of readers, and talk to each one independantly (to set a buzzer, or a LED).

There are also more basic examples, like a command line application to retrieve the badge numbers, read on a specific reader.

The SDK provides both source code (in C, C# and java) and the compiled binaries.

It is available through a zip file, downloadable from our website. It can also be tracked and cloned from our Github repository.

Contact us for technical information or for commercial requests.

 

SpringCard PC/SC solution for Android has been released

SpringCard R&D team is proud to release a simple software solution to add support for SpringCard USB PC/SC Couplers to Android tablets (or smartphone).

nexus9-with-springcard-pcsc-reader

A Nexus 9 Android tablet, with a SpringCard Prox’N’Roll PC/SC reader on the USB port, and a Desfire contactless smartcard

The software is made of two parts:

googleplaystore

The SpringCard USB PC/SC Service’s page on Google Play store

This software suite is compliant with all SpringCard USB PC/SC Couplers, for instance SpringCard Prox’N’Roll PC/SC, Prox’N’Roll HSP PC/SC, TwistyWriter HSP, CrazyWriter HSP, CSB HSP… Note that the current version of the Service and Library allows to work only with the Coupler’s contactless slot. Don’t hesitate to contact us if you have an interest into addressing the smartcard / SAM slots of the Couplers.

To communicate with a USB PC/SC Coupler -which is basically a USB device, the Android tablet (or smartphone) must provide a USB Host stack. This should be the case of all tablets running Android 3.1 and higher. We recommend Nexus 7 and Nexus 9 tablets, running Android 5.0 or 5.1, which are the reference platforms we use to develop and test the solution. An adapter cable is required to connect the Coupler if your tablet doesn’t provide a full-size USB host connector.

usb-adapter-for-tablets-proxnroll

The USB adapter to use a SpringCard USB PC/SC smartcard reader with a tablet featuring only an USB on-the-go (OTG) mini type B female port

Tip: if you’re not sure whether your tablet supports USB Host or not, just install the Service and the Demo application from Google Play, and check that your SpringCard Coupler is correctly activated by your tablet’s system. Remember that the Coupler will be powered by the tablet’s battery. Some tablets could be powered (by their mains adapter) even when an USB device is present, but most don’t; choose your tablet accordingly if you’re designing a kiosk or public-use system that should be mains-powered 24/7).

Icon of the SpringCard PC/SC Service for Android

Icon of the SpringCard PC/SC Service for Android

To develop your own application using a SpringCard Coupler from Android, download the library (and the sample Demo application) from GitHub, and follow the Quick Start Guide (ref. SpringCard PMD15240) which is included in the GitHub project, or available directly here.

github

The SpringCard SDK for PC/SC on Android is an open-source project hosted on GitHub

We welcome your feedback!

 

scpcsc_feed completes MultiConf

scpcsc_feed is a command-line utility for Windows which is a companion-tool for MultiConf in case you need to configure numerous SpringCard PC/SC couplers in batch mode, or change the settings quickly without a needing a full-featured GUI.

scpcsc_feed is available at https://files.springcard.com/pub/scpcsc_cfg.zip. Just unzip the archive in the folder you want, and open a command prompt (cmd.exe) in this folder to use the tool from the command line.

Connect a SpringCard PC/SC coupler to your computer, and invoke scpsc_feed without any parameter to see the integrated help:

C:\springcard>scpcsc_feed
SpringCard -- scpcsc_feed
-------------------------
Read/write data in the non-volatile memory of a SpringCard PC/SC Reader

Build : Apr 15 2015
Copyright (c) 2010-2013 Pro Active SAS, France
Go to www.springcard.com for information and updates.

Connected through PC/SC.
Connected, device : SpringCard Prox'N'Roll HSP 2.00 [1]
Firmware features : 0073232F

Usage: scpcsc_feed -d            dump configuration registers
scpcsc_feed -r XX         show value of register XX
scpcsc_feed -s XX=YYYY... write register XX with value YYYY...
scpcsc_feed -e            erase all configuration registers
scpcsc_feed -sf FILE      write register(s) from config FILE
scpcsc_feed -t XX=YYYY... set temporarily register XX with value YYYY...
scpcsc_feed -tf FILE      set temporarily register(s) from config FILE

C:\springcard>

A few interesting commands

Read-back the current configuration

scpcsc_feed -d

Restore the factory configuration (blank all registers)

scpcsc_feed -e

Apply the configuration from a MultiConf project

scpcsc_feed -sf [file.multiconf]

New firmware for all SpringCard PC/SC couplers based on the H663 core

SpringCard has just released a new firmware version, tagged 2.00, for its H663 core.

The H663 core is a versatile contactless+contact module, which supports virtually all proximity/RFID HF chip cards (ISO 14443 & ISO 15693 standards, including Mifare, Calypso, etc), NFC-enabled mobile phones or other objects (ISO 18092, peer-to-peer in initiator mode, passive communication scheme), and could also accept up to 5 contact smartcards (ISO 7816, one ID-1 card and up to 4 SIM/SAM ID-000 cards).

SpringCard H663 is the foundation of the largest family of RFID/NFC USB PC/SC readers on the market:

  • The H663S and H663A “bare” modules (designed respectively for either a Symetrical – balanced or an Asymetrical – unbalanced antenna)
  • The H663-USB OEM PC/SC ready-to-use contactless coupler (H663 core + antenna)
  • The CrazyWriter HSP, a complete multi-slot contactless+5 contact PC/SC coupler made for OEMs
  • The TwistyWriter HSP, a contactless+ID-000 PC/SC coupler made for OEMs
  • The CSB HSP, a desktop PC/SC coupler featuring contactless, 1 smartcard slot and 3 ID-000 slots
  • The Prox’N’Roll HSP, a brand new version of SpringCard’s best selling desktop contactless coupler.

This new firmware version provides only a few new features, but introduces a new software architecture based on FreeRTOS which dramatically increases the device’s performance for a better transaction time – particulary when accessing numerous slots in the same transaction.

freertos

How to upgrade

To upgrade your H663-based product with this new version, please refer to our H663/H512 Firmware Upgrade Procedure.

The 2.00 firmware file is here: uc3b0256_rc663_h663_2-00.hex

(note for future readers: please always use the latest firmware version using this permanent link).

From 30/04/2015, all H663-based products will ship with this version (instead of earlier 1.81).

Some new feature

Adding the reader’s serial number to the slot names under Windows

Starting with version 2.00, the H663 family is able to insert the reader’s serial number in the name of the PC/SC readers as exposed by Windows’ SCardListReaders API call. On machines with numerous readers attached, this makes it possible to know which physical reader is actually bound to a logical slot without querying the reader through a SCardControl call.

To enable this feature, download the latest version of MultifConf; create a new project for the H663-product you own (CrazyWriter HSP typically), and in this project scroll down to “Misc. tricks”. Then find the “Insert the serial number in the name of the slots” entry and turn it ON. apply the configuration to the reader(s) (Project -> Write Configuration into Reader), restart the reader, and enjoy!

multiconf-h663-tricks

 

 

MultiDiag : the all-in-one tool to help SpringCard Support diagnose your configuration

Presentation

SpringCard Support Team is commited into giving the best support service to our customers. In most situations, the first step to solve an issue or only to answer a particular information request is to collect a few technical data regarding the computer – and to clearly identify the SpringCard devices that are involved.

MultiDiag is a small Windows-based tool that retrieves quickly and easily the technical data we need to help you efficiently.

For instance, if you have a Prox’N’Roll PC/SC or any other reader like a CrazyWriter HSP connected to your PC, MultiDiag shows :

  • the status of the PC/SC Service (ScardService)
  • the status of our PC/SC Driver (sd16055)
  • the reader’s serial number and firmware version.

The « copy all to clipboard » button pushes all these information into Windows’ clipboard, so you just have to paste it (Ctrl+V shortcut) into an email to forwared it to out Support Team.

We have tested the program on :

  • Windows XP
  • Windows 7
  • Windows 8

Installation

Download SpringCard MultiDiag setup here.

Run the setup program with administrative priviledges to install MultiDiag.

After installation, launch the application from Start Menu -> SpringCard -> MultiDiag.

Usage

The application displays a single window.

The content of the « General information » and « HID and PC/SC Readers » will be different on your computer.

Multidiag

Multidiag

In the upper right corner you have a button used to copy all system information to the clipboard.
In the top of the screen you have some information about the Scard Service, our PC/SC driver and about your Windows User Account (Control).

The bottom part is used to list the PC/SC and HID readers connected to your PC.
You can double click on each line or click on the « Information » button to get some information about your reader.

Using Mifare Classic EV1 with SpringCard PC/SC readers

NXP has recently started shipping a new generation of Mifare Classic chips, called Mifare Classic EV1 (part numbers MF1S50yyX/V1 for Mifare Classic EV1 1K and MF1S70yyX/V1 for Mifare Classic EV1 4K).

The chips are 100% compliant with earlier Mifare Classic 1K and 4K, with 2 subtle differences:

  • the kind of protocol-level ID to be used must be configured once for all during the pre-personalisation step. Possible choices are 7-byte UID, 4-byte fixed but non-unique ID, and 4-byte random ID,
  • the load modulation level could be set to ‘high’ or ‘low’.

In this short article we’ll show how to configure both the kind of ID and the load modulation.

Personalize UID usage

This command can be only issued once. The choosen configuration is then locked forever. If you have ordered Mifare Classic EV1 with a specific configuration, the command has been issued in factory and will always fail adterwards.

The Mifare Classic EV1′ “personalize UID usage” allows to select one of four different modes:

  1. UIDF0 (value 0x00): anti-collision and selection with the 7-B UID
  2. UIDF1 (value 0x40): anti-collision and selection with the 7-B UID plus a possible shortcut (select only the 4 first bytes and read block 0, bypassing the second step of the selection)
  3. UIDF2 (value 0x20): anti-collision and selection with a 4-B random ID
  4. UIDF3 (value 0x60): anti-collision and selection with a 4-B non-unique ID (calculated out of the 7-B UID)

The command code is 0x40 and must be sent in a CRYPTO1-ciphered stream, after a successfull authentication on sector 0.

To do so, here’s the sequence of commands that must be send to the reader in a SCardTransmit stream (you may for instance write a script for csScriptor). We assume that the card is in transport condition, i.e. that the key A of sector 0 (as well as all other sectors) is the transport key FF FF FF FF FF FF and gives full access to the sector.

# Load the transport key in the reader's volatile memory
FF 82 00 00 06 FF FF FF FF FF FF

# Get authenticated over sector 0 using the transport key as key A
FF 86 00 00 05 01 00 03 60 00

# Check that the authentication is OK by reading block 0
FF B0 00 00 10

# Send the 'personalize UID' command within an ENCAPSULATE APDU
# P1 = 0x01 -> ISO 14443-3
# P2 = 0x08 -> timeout = 125ms
# The last byte is the value to be set, here we choose 0x60 for UIDF3
FF FE 01 08 02 40 60

The reader returns 90 00 if the card acknowledges the command.

If you receive 6F 02 instead (CRC error), it is likely that the card has sent a NACK, meaning that the configuration has already been set and is therefore locked.

Set modulation strength

The Mifare Classic EV1’s “set modulation strength” command allows configuring the chip for either the strong modulation strength (default, value 0x01), or the weak modulation strength (value 0x00).

The command code is 0x43 and must be sent in a CRYPTO1-ciphered stream, after a successfull authentication on sector 0.

To do so, here’s the sequence of commands that must be send to the reader in a SCardTransmit stream (you may for instance write a script for csScriptor). We assume that the card is in transport condition, i.e. that the key A of sector 0 (as well as all other sectors) is the transport key FF FF FF FF FF FF and gives full access to the sector.

# Load the transport key in the reader's volatile memory
FF 82 00 00 06 FF FF FF FF FF FF

# Get authenticated over sector 0 using the transport key as key A
FF 86 00 00 05 01 00 03 60 00

# Check that the authentication is OK by reading block 0
FF B0 00 00 10

# Send the 'set modulation strength' command within an ENCAPSULATE APDU
# P1 = 0x01 -> ISO 14443-3
# P2 = 0x08 -> timeout = 125ms
# The last byte is the value to be set, here we choose 0x00 for weak strength
FF FE 01 08 02 43 00

rfidscan-tool : driving your Prox’N’Roll RFID Scanner’s LEDs and buzzer

The rfidscan-tool command line

The rfidscan-tool command line application is available for any OS that supports libusb, HID-API or hidraw.

We’ve tested it on:

  • Windows XP / Vista / 7 / 8
  • Mac OS X
  • Linux (Ubuntu, Debian, etc)
  • Raspberry Pi (on Raspbian distro)

rfidscan-tool has been inspired by blink1-tool, the command-line application that controls the blink(1) USB notification light. Most of the source code comes from this application. and therefore we use the same licence model.

Note for Mac OS X: currently the tool is able to send commands to the RFID Scanner, but fails to receive its response (IOHIDDeviceGetReport always returns a timeout error — without waiting). This issue is under investigation.

Binary download

To get rfidscan-tool for your machine, visit our github releases page, and search for a version supported by your OS / target CPU.

Here’s 4 direct links to the first public version (v14.11):

Source code download

To compile your own version of rfidscan-tool, just checkout the rfidscan project from github and compile the rfidscan-tool subproject. Something like the below will work 99% of the time:


# git clone https://github.com/springcard/rfidscan-tool.git
# cd rfidscan-tool
# make

For a Windows target, we provide .SLN projects to be opened with the (free of charge) Microsoft Visual C++ 2010 Express IDE.

Usage

On Windows, you may invoke the binary from any command line box without restriction.

On MacOS X and on most versions of Linux (including on Raspberry Pi), you will need to either run as root (sudo rfidscan-tool <...>) or install udev rules as described in https://github.com/springcard/rfidscan-tool/blob/master/51-rfidscan.rules.

When running rfidscan-tool without any argument, it will print a help page like the one below.

rfidscan-tool-win

Here’s the detail of all commands:

rfidscan-tool <cmd> [options]

rfidscan-tool list

List all connected RFID Scanners.

rfidscan-tool version

Show the RFID Scanner’s firmware version.

rfidscan-tool test

Perform a routine test on the RFID Scanner(s).

rfidscan-tool leds <red>,<green>,<blue> [–during <time_ms>]

Drive the RFID Scanner’s LEDs. Allowed values for the red, green and blue parameters are

  • off : the LED is switched OFF
  • on : the LED is switched ON
  • slow : slow blinking
  • fast : fast blinking
  • heart : “heart beat”
  • slowinv : slow blinking, inverted
  • fastinv : fast blinking, inverted
  • heartinv : “heart beat”, inverted

The during parameter is optionnal ans specify how long (in milliseconds) the specified value remains active, before the RFID Scanner goes back to the default sequence.

If this parameter is missing, the LED command lasts forever (at least until another LED command is issued).

rfidscan-tool leds-default

Let the RFID Scanner drives its LEDs itself as usual.

rfidscan-tool beep [during <time_ms>]

Switch ON the RFID Scanner’s buzzer for the specified time (in milliseconds).

rfidscan-tool read <addr>

Read the configuration register at the specified address.

rfidscan-tool write <addr>=<value>

Write the specified value into the configuration register at the specified address. Leavevalue empty to erase the register.

rfidscan-tool dump

Dump all the configuration registers.

Note: the “sensitive” registers (keys for the Master Card and password) are hidden by “XX” chars.

rfidscan-tool write-conf <filename>

Write the configuration registers from the specified file (use a file produced by MultiConf software).

Usage options

Values for [options] are

  • -d <device num> --devices <device num> : perform the command only to this device (from --list), default is all devices (same as -d all)
  • -q --quiet : suppress most output messages
  • -v --verbose : verbose debugging messages
  • -r --reset : reset the RFID Scanner (to apply the new configuration)
  • -p --password <password> : to access a RFID Scanner that is password-protected

Other tool

On this page you will find a Python script used to control the LEDs and Buzzer of a Prox’N’Roll (thanks Armel Esnault)

Reading and writing data in a Mifare UltraLight Card, with a Prox’N’Roll

DOWNLOAD AND READ THE DOCUMENTATIONS

First thing to do is to obtain the documentation of the card from the manufacturer (NXP in this case) and the Prox’N’Roll developer’s reference manual.

From the card’s functional specifications, we can see that the memory is structured in 16 pages of 4 bytes. The four first pages (0-3) contain special bytes: so, we’ll only cover pages 4 to 16.

STEP BY STEP PROCEDURE

The goal is to read and write the card memory.

READ BINARY

In the developer’s reference manual, the READ BINARY instruction is described in §2.2.4 at the time of this writing.

The APDU is :

  • CLA: FF
  • INS: B0
  • P1: Address MSB
  • P2: Address LSB
  • Lc: not needed
  • Data in: not needed
  • Le: number of bytes to be read

The specifics to read Mifare Ultralight cards are detailed in §4.3.3.a (at the time of this writing).
Here, we can see that :

  • P1 must be 00
  • P2 is the address of the first page to be read
  • Le must a multiple of 4.

We want to read the whole memory, starting from page 4: this means we want to read 12 pages of 4 bytes, so 48 bytes (ie: 30 in hexadecimal).
So the APDU is :
FF B0 00 04 30

To send this APDU, please use our PC/SC Diagnostic tool, available on our main site (QuickStart for PC/SC).

Put the card on the reader: its ATR prints. To understand what this means, you can check §4.1.2 (at the time of this writing) in the developer’s reference manual.

ATRNow, double-clic on the line corresponding to the reader and enter the above-mentioned APDU :

read_capduClic on Transmit, or press “Enter”: the APDU is sent to the card and its response is printed in the bottom.

read_rapduThe card has obviously been previously written and the ASCII translation is provided: “Mifare Ultralight card, used with Prox’N’Roll”.
Please note that the card’s reponse ends with “90 00”, which means success.

UPDATE BINARY

In the developer’s reference manual, the UPDATE BINARY instruction is described in §2.2.5 at the time of this writing.

The APDU is :

  • CLA: FF
  • INS: D6
  • P1: Address MSB
  • P2: Address LSB
  • Lc: Lenght of Data In
  • Data in: Bytes to be written
  • Le: not needed

The specifics to write Mifare Ultralight cards are detailed in §4.3.3.b (at the time of this writing).
Here, we can see that :

  • P1 must be 00
  • P2 is the address of the unique page to be written
  • Le must be 4.

We want to replace “Prox’N’Roll” by “SpringCard” in the card memory, so we first have to determine which pages must be updated. Remember that Le must be 4 : this means that we can write exactely 4 bytes at a time (one page), no more, no less.

To determine the content of each page, just use the READ BINARY APDU.
For example, for page 12, the APDU should be : FF B0 00 0C 04

read_single_pageUsing those commands, we can see that:

  • content of page 12 (0x0C) is 68 20 50 72 (in ASCII : “h Pr”)
  • content of page 13 (0x0D) is 6F 78 27 4E (in ASCII: “ox’N”)
  • content of page 14 (0x0E) is 27 52 6F 6C (in ASCII: “‘Rol”)
  • content of page 15 (0x0F) is 6C 00 00 00 (in ASCII: “l” followed by invalid characters)

So, we’ll need to change 4 pages : pages 12, 13, 14 and 15.

SpringCard in ASCII is : “53 70 72 69 6E 67 43 61 72 64”

The 4 APDUs (one for each page) should be:

  • page 12: FF D6 00 0C 04 68 20 53 70 (the first two bytes remain unchanged)
  • page 13: FF D6 00 0D 04 72 69 6E 67
  • page 14: FF D6 00 0E 04 43 61 72 64
  • page 15: FF D6 00 0F 04 00 00 00 00 (we replace the first byte)

Enter those APDUs and click on “Transmit” :

write_single_pageOperation is successful if the card answers 90 00.

Now, you can read back the whole memory, using FF B0 00 04 0C:

final_readWe can see that “Prox’N’Roll” has been replaced by “SpringCard” in the card memory.

 

 

PC/SC Troubleshooting on Windows

Following our PC/SC installation guide on Windows, you’ve installed the appropriate driver, and made sure the “Smart Card” service is running on your Windows computer.
But still, your PC/SC reader doens’t appear on PC/SC Diagnostic.

Please first check in your device manager that your SpringCard PC/SC reader is properly installed (it should appear under Smart Card Reader).

Now, if the drivers are properly installed, the “Smart Card” service is running, but the reader doesn’t show up on the diagnostic tool, the reason must be one of the following :

  1. A third party security-related software or single-login solution takes full control over the PC/SC subsystem
  2. The computer is either running in a virtual machine or in a remote session on a terminal server
  3. Access to PC/SC readers has been disabled by the corporate administrators through a group policy
  4. A driver from one of our competitors has corrupted the registry

For reasons 1 and 2, SpringCard cannot offer any help.

For reason 3 : you should try to run a copy of our PC/SC Diagnostic tool, located on the C: drive, being logged in as Administrator. If this works, your reader is properly installed.

For reason 4, the problem is in the registry permission for LOCAL_SERVICE :
Open the registry editor (“regedit”) :

  1. Right-click on the key HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Cryptography/Calais and select Permissions…
  2. Click Add.
  3. Click Advanced.
  4. Click Locations.
  5. Click on the computer name and click OK.
  6. In the window ‘Select user or groups’, click on Find now.
  7. Select LOCAL SERVICE.
  8. Click OK.
  9. In the window ‘Select user or groups’, click OK.
  10. In the window ‘Permissions for Calais’, click on LOCAL SERVICE and make sure ‘Full control’ , ‘Read’ and ‘special permissions’ are allowed.
  11. In the window “Advance Security Settings for Calais”, deactivate the options “Inherit from parent the permission entries that apply to child objects…”
  12. When the window “Security” appears, click Copy.
  13. In the window “Advance Security Settings for Calais”, activate the option “Replace permission entries on all child objects with entries shown here that apply to child objects” and click OK.
  14. In the window “Security” click Yes
  15. In the window “Permissions for Calais”, click OK.

Restart the computer.