Previous Table of Contents Next


EZ Component

EZ Component from Strategic Analysis is a plug-in for Borland’s Delphi (Pascal) programming environment. It is especially useful because it externalizes the interface descriptions of smart cards and smart card readers so that you can relatively easily add a new card or a new reader to the system. Further, the external descriptions are what you program against when building a smart card application. So, in a sense, you can build your own smart card and smart card reader API with this package.

Here’s a simple example of how you can use this external description capability to connect a smart card application that has been written independently of any particular smart card to a specific smart card at hand. Consider the command Verify used to present a key value to the card. The application would use this command to gain authorization to do certain card operations such as creating a new file. In the card description file for a specific smart card, the Verify command might have the following representation:

[Verify]
Instruction=F0 2A 00 xKeyNumber 08 zKeyValuecode

where xKeyNumber represents the index, in hex, of the key value to be presented and zKeyValue represents the actual key value in ASCII. To check whether key 1 is the word mizpixie, the application would include the following line of code:

ExecuteCommand(['Verify', '1', 'mizpixie'])

When this function is executed, EZ Component uses the expansion of the Verify command found in the card’s description file to send the following byte stream to the card:

F0 2A 00 01 08 6D 69 7A 70 69 78 69 65

Using Borland Delphi, you could build this tiny application by putting the EZ Component and Verify button on a form as shown in Figure 6.13.


Figure 6.13.  A very simple smart card application program window.

Then you attach the code shown in Figure 6.14 to the Verify button.


Figure 6.14.  The Borland Delphi code control screen.

Besides the initialization function, there is only one function on the EZ Component API: ExecuteCommand. This function simply builds byte streams according to the recipe’s description file using the arguments provided in the function call and sends the streams to the card.

EZ Component comes with description files for a number of popular smart card readers and smart cards, so you can get going right away. You have some good examples to use in extending the system when necessary. The package also comes with the source code for a simple smart card browser written using EZ Component, which can be a starting point for your application.

Smart Card Reader Interfaces

Smart card readers connect a smart card to a personal computer or a workstation. The connection can be through a serial port, a parallel port, a PCMCIA port, a keyboard port or even the floppy disk slot on the computer. A smart card reader provides power and clock to the smart card and opens up a communication channel between application software on the computer and the operating system on the smart card. Almost all smart card readers are actually reader/writers in that they allow your application to write on the card as well as to read it.

Some smart card readers are called pass-along readers because they just pass along to the smart card the byte sequences that are provided by the host application and pass back to the host application bytes that come out of the smart card. Other readers support their own command set so that your application has to be prepared to communicate with the reader as well as with the card. These smart smart card readers typically come with a software library that is intended to make communicating with the reader as well as the card inserted into the reader easy.

As you will see in the next descriptions of smart card reader APIs, there is no general consensus today of how much functionality belongs in a smart card reader. Some readers, such as the pass-along Litronic 210, provide no added semantics to the communication between the host and the card. Others, such as the Oki Value Checker Plus, are computers in their own right complete with keyboard and display. It is not difficult to imagine smart card applications for which one or the other of these readers would be appropriate.

As smart cards become integrated into operating systems, smart card reader interfaces will go away. Just as your application program doesn’t know or care about the manufacturer of the hard disk controller in your PC, it will not need to know or care about the manufacturer of the smart card reader.


Previous Table of Contents Next