CN111241017B - Data transmission method and device of multi-channel PSAM card and multi-channel PSAM card - Google Patents

Data transmission method and device of multi-channel PSAM card and multi-channel PSAM card Download PDF

Info

Publication number
CN111241017B
CN111241017B CN202010016138.6A CN202010016138A CN111241017B CN 111241017 B CN111241017 B CN 111241017B CN 202010016138 A CN202010016138 A CN 202010016138A CN 111241017 B CN111241017 B CN 111241017B
Authority
CN
China
Prior art keywords
channel
instruction information
instruction
psam card
logic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010016138.6A
Other languages
Chinese (zh)
Other versions
CN111241017A (en
Inventor
闫鸣生
安刚
任昭晶
王金贵
赵云辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING JN TASS TECHNOLOGY CO LTD
Original Assignee
BEIJING JN TASS TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING JN TASS TECHNOLOGY CO LTD filed Critical BEIJING JN TASS TECHNOLOGY CO LTD
Priority to CN202010016138.6A priority Critical patent/CN111241017B/en
Publication of CN111241017A publication Critical patent/CN111241017A/en
Application granted granted Critical
Publication of CN111241017B publication Critical patent/CN111241017B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/382Information transfer, e.g. on bus using universal interface adapter
    • G06F13/387Information transfer, e.g. on bus using universal interface adapter for adaptation of different data processing systems to different peripheral devices, e.g. protocol converters for incompatible systems, open system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/40Bus structure
    • G06F13/4004Coupling between buses
    • G06F13/4022Coupling between buses using switching circuits, e.g. switching matrix, connection or expansion network
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/40Bus structure
    • G06F13/4063Device-to-bus coupling
    • G06F13/4068Electrical coupling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2213/00Indexing scheme relating to interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F2213/0024Peripheral component interconnect [PCI]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2213/00Indexing scheme relating to interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F2213/0026PCI express
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2213/00Indexing scheme relating to interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F2213/0042Universal serial bus [USB]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Physics (AREA)
  • Techniques For Improving Reliability Of Storages (AREA)

Abstract

The invention provides a data transmission method of a multi-channel PSAM card, wherein the PSAM card comprises a high-speed channel for instruction information transmission and is divided into a plurality of logic channels, and the high-speed channel does not use the traditional ISO7816 low-speed interface, but directly uses a high-speed computer interface. The logical channel is realized by adding an optional channel label in front of the APDU instruction, wherein the channel label comprises a channel identifier and a channel number. The invention makes one multi-channel PSAM card replace a plurality of traditional PSAM cards by arranging a plurality of logic channels, adding a channel judgment logic unit and a plurality of parallel in-card file systems in one PSAM card. Meanwhile, the multi-channel PSAM card provided by the invention adopts a common high-speed computer interface, can be directly connected with an upper computer, does not need to use conversion equipment, such as additional equipment like a card reader and the like, is convenient to use, and greatly improves the communication speed.

Description

Data transmission method and device of multi-channel PSAM card and multi-channel PSAM card
Technical Field
The present application relates to the field of computer interaction, and in particular, to a data transmission method and apparatus for a multi-channel PSAM card, and a multi-channel PSAM card.
Background
The psam (purchase Secure Access module) card, i.e. the security Access module of the point-of-sale terminal, is widely used in the retail terminal security module in the consumption field. The method can support the applications of bank card consumption, card swiping, money deduction and the like. The PSAM card generally conforms to the Chinese financial integrated circuit (IC card) PSAM card specification and the Chinese people bank PSAM card specification.
According to the standard requirement, the PSAM card is an electronic card with the same appearance as the IC card, an integrated circuit supporting the PSAM standard is contained in the PSAM card, and the interface of the PSAM card is an ISO7816 interface. The instruction format is an APDU instruction.
The device actually using the PSAM card needs to support the ISO7816 standard, and the ISO7816 standard is a low-speed interface standard which is quasi-duplex (IO data lines cannot transmit and receive at the same time) and only has 1 data line. Since the general upper computer does not support the ISO7816 interface, in practical applications, the upper computer needs to be connected with the PSAM card through a converter (such as a card reader), as shown in fig. 1. The converter has an upper computer interface (such as a USB interface), and also has a 7816 interface connected with the PSAM card. The workflow can be roughly described as:
(1) the upper computer sends a C-APDU instruction to the PSAM through the converter;
(2) the PSAM card completes related file operation and calculation according to the APDU command;
(3) and the PSAM card returns the execution result R-APDU to the upper computer through conversion.
Compared with the currently commonly used upper computer interface (such as a 32-bit PCI bus interface), the ISO7816 interface of the PSAM card has the following disadvantages:
(1) parallel transmission is not supported, and the transmission efficiency is low;
(2) slow transmission rates (low speed cards are hundreds of KHz, high speed cards are several megabits to tens of megabits Hz);
(3) the common upper computer does not support an ISO7816 interface and needs conversion equipment for conversion.
Due to the limitation of the ISO7816 interface standard, although the clock frequency is greatly improved, the access speed of the PSAM card is still greatly restricted due to the limitation of serial and simplex IO. On the other hand, the development of computers is very fast, and the computing speed and the access speed of peripherals have been improved by hundreds of times or even tens of thousands of times. With the increase of applications and the increase of transaction requirements, many scenarios have exposed the disadvantage of slow transaction speed of the conventional PSAM card. Namely: computer power is sufficient, but the processing speed of the PSAM card becomes a bottleneck.
At present, under the condition of multiple concurrencies, in order to meet the actual requirement, the actual requirement can only be relieved by adopting a parallel mode of a plurality of PSAM cards, as shown in FIG. 2.
However, in the current multi-PSAM card approach, the following disadvantages still exist:
(1) during single task execution, although the computer speed is high, the PSAM is still low-speed operation, and the overall completion time is not improved;
(2) in multitasking, even if the business requirements can be met, the overall architecture is complex, and a plurality of converters (card readers) and a plurality of PSAM cards are needed;
(3) for systems with fast transaction speed requirements, this parallel architecture is still not satisfactory.
Disclosure of Invention
In order to solve one of the above technical problems, the present invention provides a data transmission method and apparatus for a multi-channel PSAM card, and a multi-channel PSAM card.
A first aspect of an embodiment of the present invention provides a data transmission method for a multi-channel PSAM card, where a high-speed channel for instruction information transmission is built in the multi-channel PSAM card, the high-speed channel is divided into multiple logic channels, the high-speed channel uses a commonly-used computer peripheral interface, the commonly-used computer peripheral interface is a 32-bit PCI bus interface or a PCI-E high-speed bus interface, the multi-channel PSAM card includes multiple mutually independent file systems with the same number as the logic channels, and the logic channels correspond to the file systems one-to-one, where:
acquiring instruction information sent by an upper computer through the computer peripheral interface, wherein the instruction information comprises an APDU instruction and an optional channel tag added in front of the APDU instruction, the channel tag comprises a channel identifier and a channel number field, the channel identifier is any pre-agreed fixed numerical value which is not used by a first byte of the APDU instruction, and the channel number field is a channel number of a logic channel corresponding to the instruction information;
judging a logic channel corresponding to the instruction information according to a channel number field in the instruction information;
transmitting the instruction information to an instruction execution unit through a logic channel corresponding to the instruction information, and processing the instruction information in the instruction execution unit by using a file system corresponding to the instruction information;
and sending the processing result output by the instruction execution unit according to the instruction information to an upper computer through a logic channel corresponding to the instruction information and a computer peripheral interface.
Preferably, the method further comprises:
when the instruction information does not contain the channel tag, judging that the instruction information is 0 channel instruction information, and the processing result does not contain the channel tag;
when the instruction information contains the channel label, judging a logic channel N corresponding to the instruction information according to the content N of a channel number field in the instruction information, wherein N is more than or equal to 0 and less than or equal to N-1, and N is the number of the logic channels;
and judging the accuracy of the channel label content contained in the instruction information, and when the channel label content contained in the instruction information has an error, directly returning an error code without transmitting the instruction information to an instruction execution unit.
Preferably, any one of the logic channels in the multi-channel PSAM card corresponds to one PSAM card on an application layer, and the method further includes: and when the instruction information is an instruction requiring key operation or data file operation, the channel number field corresponds to the corresponding PSAM card file structure, the key structure and the card information.
A second aspect of the embodiments of the present invention provides a data transmission device for a multi-channel PSAM card, where a high-speed channel for instruction information transmission is built in the multi-channel PSAM card, the high-speed channel is divided into multiple logic channels, the multi-channel PSAM card includes multiple mutually independent file systems, the number of which is the same as that of the logic channels, and the logic channels correspond to the file systems one to one, and the device includes an interface unit, a channel determination logic unit, and an instruction execution unit;
the interface unit is used for acquiring instruction information sent by an upper computer and sending a processing result output by the instruction execution unit to the upper computer, the interface unit is a commonly-used computer peripheral interface, the commonly-used computer peripheral interface is a 32-bit PCI bus interface or a PCI-E high-speed bus interface, the instruction information comprises an APDU instruction and an optional channel tag added in front of the APDU instruction, the channel tag comprises a channel identifier and a channel number field, the channel identifier is any pre-agreed fixed numerical value which is not used by a first byte of the APDU instruction, and the channel number field is a channel number of a logic channel corresponding to the instruction information;
the channel judgment logic unit is used for judging a logic channel corresponding to the instruction information according to a channel number field in the instruction information and transmitting the instruction information to an instruction execution unit through the logic channel corresponding to the instruction information;
and the instruction execution unit is used for determining the selection of a file system according to the channel number field, outputting a processing result according to the instruction information, and sending the processing result to an interface unit through a logic channel corresponding to the instruction information.
Preferably, the channel determination logic unit is further specifically configured to:
when the instruction information does not contain the channel tag, judging that the APDU instruction is 0 channel instruction information, and the processing result does not contain the channel tag;
when the instruction information contains the channel label, judging a logic channel N corresponding to the instruction information according to the content N of a channel number field in the instruction information, wherein N is more than or equal to 0 and less than or equal to N-1, and N is the number of the logic channels;
and judging the accuracy of the channel label content contained in the instruction information, and when the channel label content contained in the instruction information has an error, directly returning an error code without transmitting the instruction information to an instruction execution unit.
Preferably, any one of the logic channels in the multi-channel PSAM card corresponds to one PSAM card on an application level, and when the instruction information is an instruction requiring key operation or data file operation, the channel number field corresponds to a corresponding PSAM card file structure, key structure, and card information.
A third aspect of the embodiments of the present invention provides a multi-channel PSAM card including the data transmission apparatus of the multi-channel PSAM card according to the second aspect of the embodiments of the present invention.
The invention has the following beneficial effects: the invention uses high-speed computer interface in one PSAM card and logically divides the PSAM card into a plurality of channels, so that one multi-channel PSAM card can replace a plurality of traditional PSAM cards. In addition, the invention can directly use the common high-speed interface of the computer because the traditional ISO7816 low-speed interface is not used. The instruction information of the invention divides the logic channel by adding an optional channel label mode before the APDU instruction, when the instruction information is only the APDU instruction, namely: when the channel tag is not included, the channel is automatically judged to be 0, and meanwhile, the processing result output does not include the channel tag, so that the original PSAM instruction can be directly compatible in an instruction layer. Meanwhile, the multichannel PSAM card provided by the invention can be directly connected with an upper computer, and conversion equipment, such as additional equipment such as a card reader and the like, is not needed, so that the multichannel PSAM card is convenient to use.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
FIG. 1 is a schematic diagram of a conventional PSAM card connected to an upper computer;
FIG. 2 is a schematic diagram of a plurality of conventional PSAM cards connected to an upper computer;
fig. 3 is a flowchart of a data transmission method of a multi-channel PSAM card according to embodiment 1 of the present invention;
fig. 4 is a schematic diagram of a data transmission apparatus of a multi-channel PSAM card according to embodiment 2 of the present invention;
fig. 5 is a schematic diagram of a multi-channel PSAM card according to embodiment 3 of the present invention;
fig. 6 is a schematic diagram of a single-channel PSAM card with a 32-bit PCI interface according to embodiment 3 of the present invention;
fig. 7 is a schematic connection diagram of a single-channel PSAM card of a 32-bit PCI interface according to embodiment 3 of the present invention and an upper computer;
fig. 8 is a schematic diagram of a 10-channel PSAM card of a PCI-E interface according to embodiment 3 of the present invention.
Detailed Description
In order to make the technical solutions and advantages of the embodiments of the present application more apparent, the following further detailed description of the exemplary embodiments of the present application with reference to the accompanying drawings makes it clear that the described embodiments are only a part of the embodiments of the present application, and are not exhaustive of all embodiments. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
Example 1
As shown in fig. 3, this embodiment proposes a data transmission method for a multi-channel PSAM card, where a computer high-speed transmission channel in the PSAM card is divided into multiple logical channels, the PSAM card includes multiple channel interfaces for transmitting instruction information, and the method includes:
and S101, acquiring instruction information sent by an upper computer through a computer peripheral interface.
Specifically, the PSAM card proposed in this embodiment is provided with a plurality of logical channels, and each channel transmits instruction information through a high-speed computer interface. The interface does not use the traditional ISO7816 low speed interface, but directly uses the common high speed interface of the computer. In this embodiment, the instruction information is sent to the multi-channel PSAM card by the upper computer. The instruction information comprises an optional channel tag and an APDU instruction, the channel tag comprises a channel identification field and a channel number field, the channel tag identification field is a fixed numerical value which is not used by a first byte of the APDU instruction, and the channel number field is a channel number of a logic channel corresponding to the instruction information. In the embodiment, by adding the optional channel tag, one multi-channel PSAM card can replace the functions of a plurality of traditional PSAM cards at present, the transaction speed is improved, the connection mode of the PSAM card and an upper computer is greatly simplified, and the reliability is greatly improved.
And S102, judging the logic channel corresponding to the instruction information according to the instruction information, and transmitting the instruction information to the instruction execution unit and the file system corresponding to the logic channel through the logic channel corresponding to the instruction information.
Specifically, in step S101, command information transmitted by the upper computer is acquired. It should be noted that, in this embodiment, there is only one instruction message sent by the upper computer, and it is also possible that multiple instruction messages are sent to the PSAM card at the same time. Since the PSAM card proposed in this embodiment has a plurality of logical channels therein, it is first necessary to determine which logical channel the instruction information sent by the upper computer is specifically input data.
The instruction information sent by the upper computer comprises a channel number field, and the channel number field comprises a channel number of a logic channel corresponding to the instruction information. In the multi-channel application, the embodiment can identify the logic channel corresponding to the instruction information according to the channel number field, and then transmit the instruction information to the instruction execution unit and the file system corresponding to the logic channel through the logic channel corresponding to the instruction information. If the instruction information sent by the upper computer does not have the channel label, the channel number field does not exist. At this time, the channel 0 is defaulted, namely, the card is completely compatible with the traditional PSAM card.
And S103, sending the processing result output by the instruction execution unit according to the instruction information to an upper computer through a logic channel corresponding to the instruction information and a computer peripheral interface.
Specifically, the process is similar to that of a traditional PSAM card, namely, the process of analyzing, judging, executing and the like is carried out on the instruction information, and then a processing result is returned to the upper computer. However, the difference from the conventional PSAM card is that the conventional PSAM cannot achieve a higher processing speed due to the limitation of standards such as power consumption and volume. The present embodiment is not limited thereto, and faster processors, operators and logic units may be used to implement the execution of the high speed PSAM instructions.
In this embodiment, the logical channel transmitted when the processing result is output to the upper computer is the same as the logical channel transmitted by the instruction information. In addition, the number of the instruction execution units may be one or more, and the number may be determined according to specific situations.
Example 2
Corresponding to embodiment 1, as shown in fig. 4, this embodiment proposes a data transmission apparatus for a multi-channel PSAM card, where the PSAM card includes a plurality of logical channels and a file system for transmitting instruction information, and the apparatus includes an interface unit, a channel determination logical unit, and an instruction execution unit;
the interface unit is used for acquiring instruction information sent by the upper computer and sending an execution result output by the instruction execution unit to the upper computer;
the channel judgment logic unit is used for judging a logic channel corresponding to the instruction information according to the instruction information and transmitting the instruction information to an instruction execution unit and a file system corresponding to the logic channel through the logic channel corresponding to the instruction information;
and the instruction execution unit is used for outputting a processing result according to the instruction information and sending the processing result to the interface unit through the logic channel corresponding to the instruction information.
Specifically, the interface unit provided in this embodiment is used for directly connecting the multi-channel PSAM card with the upper computer, and does not need to use an auxiliary device such as a converter or a card reader for connection. The interface unit mainly functions to realize the input/output communication between the multi-channel PSAM card and the computer. Including DMA, data input buffer, and data output buffer.
The interface unit, in cooperation with a corresponding driver and interface API, may enable a user to access the multi-channel PSAM card. The interface unit adopts a common standard computer high-speed interface, including but not limited to: 32-bit/64-bit PCI parallel interface, PCI Express high-speed interface, or USB2.0/USB3.0 general purpose device interface.
In this embodiment, the interface instruction format of the interface unit is specifically an optional channel tag + APDU instruction format, where the channel tag includes a channel identification field and a channel number field, the channel identification field is a fixed value that is not used by the first byte of the APDU instruction, and the channel number field is a channel number of a logic channel corresponding to the instruction information. By expanding the interface instruction format, the PSAM card provided by the embodiment can support multiple channels, and the effect is equivalent to that of using multiple traditional PSAM cards.
In this embodiment, the instruction information sent by the upper computer includes a channel number field, and the channel number field includes a channel number of a logical channel corresponding to the instruction information. In the multi-channel application, the channel determination logic unit in this embodiment may identify the logic channel corresponding to the instruction information according to the channel number field, and then transmit the instruction information to the instruction execution unit and the file system corresponding to the logic channel through the logic channel corresponding to the instruction information. If the instruction information sent by the upper computer does not have the channel label, the channel number field does not exist. At this time, the channel 0 is defaulted, namely, the card is completely compatible with the traditional PSAM card.
The instruction execution unit and the file system provided in the embodiment are the main bodies of the PSAM card instructions, are similar to the traditional PSAM card, perform the processes of analyzing, judging, executing and the like on instruction information, and then return the execution result to the upper computer. However, the difference from the conventional PSAM card is that the conventional PSAM cannot achieve a higher processing speed due to the limitation of standards such as power consumption and volume. The present embodiment is not limited thereto, and faster processors, operators and logic units may be used to implement the execution of the high speed PSAM instructions. In this embodiment, the instruction execution unit is completed by an intelligent programmable device, which includes but is not limited to: SOC singlechip, DSP treater or FPGA programmable device.
Example 3
The embodiment provides a multi-channel PSAM card which comprises a data transmission device of the multi-channel PSAM card. The structure and the working principle of the data transmission device of the multi-channel PSAM card may refer to the content described in embodiment 2, and this embodiment is not described again. In addition, the multi-channel PSAM card described in this embodiment may further include an auxiliary unit that provides a circuit or a function of the basic circuit support for the data transmission apparatus of the multi-channel PSAM card. Auxiliary units include, but are not limited to: power supply circuits, clock circuits or storage and reset circuits, etc., as shown in fig. 5.
In order to more intuitively represent the difference between the multi-channel PSAM card proposed in this embodiment and the conventional PSAM card, the comparison can be made with reference to the contents shown in table 1.
TABLE 1
Traditional PSAM card Multi-channel PSAM card
Physical layer 7816-1 specification for IC card Specification of upper computer interface
Link layer 7816-2 IC card link specification Host computer interface link specification
Transport layer 7816-3 TTL Channel label +7816-3 TTL
Application layer 7816-4 application protocol 7816-4 application protocol
More specifically, the physical layer and the link layer of the multi-channel PSAM card proposed in this embodiment no longer conform to the specification of ISO7816, but adopt standards of high-speed computer interfaces, such as: the interface of the multi-channel PSAM card of the PCI interface accords with the specifications of a physical layer and a link layer of the PCI interface of a computer; the interface of the multi-channel PSAM card of the PCI-E interface accords with the specifications of a physical layer and a link layer of the PCI-E interface of a computer; such a change is intended to provide faster physical transfer performance (e.g., high speed transfer in 32-bit parallel) while allowing easier interfacing with the computer.
The transport layer basically conforms to the ISO7816-3 standard, but a channel label is added, so that the channel judgment logic unit can identify which channel the instruction is through the channel identification and the channel number. The function of a multi-channel PSAM card can be realized by adding a channel tag, and the transmission content behind the channel tag conforms to the ISO7816-3 standard, and meanwhile, the channel tag is optional for the channel 0, so that the PSAM card can be well compatible with instructions.
The application layer can be completely the same as the traditional PSAM, so that the application program, the instruction format and the like do not need to be modified on the basis of high-speed transmission, and the application system can be more easily migrated to a new high-speed transaction system.
The working principle and implementation of the multi-channel PSAM card proposed in this embodiment are further described below by two specific application examples.
Example 1: single-channel PSAM card with 32-bit PCI interface
Although the PSAM card proposed in this embodiment has multiple channels, a single channel may be used by changing the interface type. The schematic diagram of the single-channel PSAM card with the 32-bit PCI interface is shown in fig. 6, in which:
SOC device: the high-speed PSAM instruction execution unit is realized by adopting an SOC device SSX1702 supporting a cryptographic algorithm, and the device is provided with a hardware cryptographic algorithm and realizes the instruction of an APDU through firmware programming. The SOC device communicates with the FPGA at high speed through an 8-bit bus. The flash memory area in the chip is used as a safe memory unit of a plurality of file systems, and the file memory areas of different channels are divided according to different address spaces.
The FPGA is a Cyclone IV series FPGA of Intel corporation, and the device mainly completes the function of a PCI interface of an upper computer, and completes data input and output cache of the upper computer and data conversion from 32 bits to 8 bits so as to facilitate the SOC to complete communication with the upper computer through reading and writing of the cache. The 33M clock provided by the PCI generates the working clock required by the SOC through a frequency synthesis circuit.
The secondary power supply realizes the function of an auxiliary unit, inputs a 5V power supply provided for the PCI, and outputs different working voltages required by the FPGA and the SOC circuit for power supply through DC-DC conversion.
In actual use, as shown in fig. 7. The single-channel PSAM card of the 32-bit PCI interface is the same as extension cards of other PCI interfaces and upper computers in appearance, and hardware installation and adaptation can be completed as long as the single-channel PSAM card is inserted into a PCI slot of an upper computer and a driver is installed.
And the upper computer sends a C-APDU instruction to the single-channel PSAM card of the 32-bit PCI interface through the PCI interface, and the single-channel PSAM card of the 32-bit PCI interface executes the instruction and returns an R-APDU result.
The single-channel PSAM card with the 32-bit PCI interface adopts a standard upper computer PCI interface as the PSAM interface, and does not use a traditional ISO7816 interface any more. Meanwhile, a high-speed parallel bus is used as an interface between the upper computer and the PSAM card and between different units in the card, so that the transmission rate is greatly improved. The high-speed SOC chip is used for realizing a high-speed PSAM instruction execution unit and a file system, so that the instruction execution time is greatly shortened.
The single-channel PSAM card of the 32-bit PCI interface is convenient to install and is the same as an upper computer adding extension. Meanwhile, the actual completion of the MAC1 calculation and the MAC2 verification by the single-channel PSAM card with the 32-bit PCI interface can be completed within 50uS, whereas the traditional PSAM card with the ISO7817 interface generally requires tens of milliseconds, and even the PSAM card with the high-speed ISO7817 interface also requires tens of milliseconds. The single-channel PSAM card with the 32-bit PCI interface is simple to upgrade, an application program does not need to be changed, and the single-channel PSAM card with the 32-bit PCI interface can be upgraded by only removing a card reader and a PSAM of an original system.
Example 2: 10-channel PSAM card with PCI-E interface
The PCI-Express interface is a high-speed interface of a standard upper computer, and has a wider application range. The schematic diagram of the 10-channel PSAM card of the PCI-E interface is shown in FIG. 8. The main device comprises an FPGA to realize the following functions:
PCI Express interface unit: the PCI Express slot is used for connecting with a PCI Express slot of an upper computer and realizing high-speed communication;
(1) with input and output data buffers: for buffering input data and output data;
(2) a high-speed execution unit: for performing C-APDU execution;
(3) and (3) key pool: temporarily storing all keys of 10-channel PSAM cards;
(4) a CPU: the function of the real channel judging logic unit is to analyze the data content of the input data buffer area, analyze which channel instruction is according to the data content, read the key of the corresponding channel after analysis, send to the high-speed execution unit to execute the instruction, and send the result R-APDU after execution to the output data buffer area.
The key management unit is a security chip with a cryptographic algorithm, completes the secure storage of the key filling machine, and safely stores the application keys and the file systems of the 10 channels into a key pool in the FPGA after completing the power-on self-test after the PSAM card of the 10 channels is powered on.
The function of the secondary power supply is a DCDC chip, and the primary power supply (12V) provided by the PCI Express interface is converted into a low-voltage secondary power supply required by the FPGA and the key management unit for supplying power.
The functions of 10 PSAM cards can be completed by the functions of one 10-channel PSAM card. The host computer accesses the 10-channel PSAM card and can directly pass through PCI Express, and the instruction content is as follows: channel tag + C-APDU, as shown in Table 2:
TABLE 2
Figure GDA0003025947090000121
More specifically, in the 10-channel PSAM card, the extension field is composed of two bytes, the first byte is channel identification fixed data (0x5A), and the second byte represents a channel number (0x00-0x 09). The channel number indicates which of the 10 channels is accessed this time. In practical application, different channels may be different applications, and may also be PSAM cards corresponding to different front-end processing devices.
The APDU command is identical to the conventional PSAM card command. Thus, the 10-channel PSAM card realizes that 1 piece of 10-channel PSAM card completes the function of 10 pieces of PSAM cards by adding the channel identifier, and the CPU reads data from the input buffer and judges whether the channel identifier is legal or not at first. And under the legal premise, reading the key value of the corresponding channel from the key pool according to the channel number field of the channel tag, and sending the key value to the high-speed execution unit to execute the C-APDU instruction. After the execution is finished, the CPU adds the same channel label in front of the R-APDU and sends the label to an output buffer area, and sends the label to an upper computer through a PCI Express interface.
Further, since the first byte of the APDU instruction is CLA, the valid data is limited data content determined by preselection, in this example, the CLA valid values are five classes, i.e., 0x0n,0x8n,0xAn,0xCn and 0xEn, where n is 0-f. When the input command does not include a channel tag, and is only a C-APDU, the possible value of the first byte is one of five types of values, namely 0x0n,0x8n,0xAn,0xCn and 0 xEn. In this case, the CPU makes a judgment as shown in table 3:
TABLE 3
First byte data The judgment result
0x5A Channel identification
0x0n,0x8n,0xAn,0xCn,0xEn C-APDU directive
Other values Illegal instruction
The 10-channel PSAM card is fully compatible with a conventional PSAM card in terms of instructions, and the C-APDU command is executed according to the 0-channel instruction. Namely: and when the instruction format is channel identification + C-APDU, executing the APDU command according to the channel specified by the channel number in the channel identification. And when the command format is C-APDU, executing the APDU command according to the 0 channel.
The 10-channel PSAM card directly uses a high-speed upper computer interface PCI Express as an interface of the multi-channel PSAM card, is convenient to use, and does not need conversion equipment to be directly inserted into an upper computer for use. The APDU instruction is quickly executed by adopting the high-speed execution unit and can be transmitted by the PCI Express of the high-speed upper computer, so that the APDU instruction can be finished at high speed. By adding channel identification including channel numbers of 0-9 to identify which channel, various PSAM card commands are completed by matching with the key of the corresponding channel, so that one card replaces 10 traditional PSAM cards. Full compatibility with instructions of a conventional PSAM card can be readily achieved by using a value different from the CLA content as the first byte of the extension field. In this case, the default is a channel 0 instruction.
In actual use, a card swiping service originally completed by 10 devices at ten cashier counters of a large store can be realized by using one server in a centralized manner, and a 10-channel PSAM card can be inserted into the server instead of the server. Its advantages are saving equipment, short execution time of PSAM card and short transaction time.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.

Claims (5)

1. A data transmission method of a multi-channel PSAM card is characterized in that a high-speed channel used for instruction information transmission is arranged in the multi-channel PSAM card, the high-speed channel is divided into a plurality of logic channels, the high-speed channel uses a common computer peripheral interface, the common computer peripheral interface is a 32-bit PCI bus interface or a PCI-E high-speed bus interface, the multi-channel PSAM card comprises a plurality of mutually independent file systems with the same number as the logic channels, and the logic channels are in one-to-one correspondence with the file systems, and the method comprises the following steps:
acquiring instruction information sent by an upper computer through the computer peripheral interface, wherein the instruction information comprises an APDU instruction and an optional channel tag added in front of the APDU instruction, the channel tag comprises a channel identifier and a channel number field, the channel identifier is any pre-agreed fixed numerical value which is not used by a first byte of the APDU instruction, and the channel number field is a channel number of a logic channel corresponding to the instruction information;
judging a logic channel corresponding to the instruction information according to a channel number field in the instruction information;
transmitting the instruction information to an instruction execution unit through a logic channel corresponding to the instruction information, and processing the instruction information in the instruction execution unit by using a file system corresponding to the instruction information;
sending a processing result output by the instruction execution unit according to the instruction information to an upper computer through a logic channel corresponding to the instruction information and a computer peripheral interface;
when the instruction information does not contain the channel tag, judging that the instruction information is 0 channel instruction information, and the processing result does not contain the channel tag;
when the instruction information contains the channel label, judging a logic channel N corresponding to the instruction information according to the content N of a channel number field in the instruction information, wherein N is more than or equal to 0 and less than or equal to N-1, and N is the number of the logic channels;
and judging the accuracy of the channel label content contained in the instruction information, and when the channel label content contained in the instruction information has an error, directly returning an error code without transmitting the instruction information to an instruction execution unit.
2. The method of claim 1, wherein any logical channel of the multi-channel PSAM card corresponds to a PSAM card at an application level, the method further comprising: and when the instruction information is an instruction requiring key operation or data file operation, the channel number field corresponds to the corresponding PSAM card file structure, the key structure and the card information.
3. A data transmission device of a multi-channel PSAM card is characterized in that a high-speed channel for instruction information transmission is arranged in the multi-channel PSAM card, the high-speed channel is divided into a plurality of logic channels, the multi-channel PSAM card comprises a plurality of mutually independent file systems with the same number as the logic channels, the logic channels correspond to the file systems one by one, and the device comprises an interface unit, a channel judgment logic unit and an instruction execution unit;
the interface unit is used for acquiring instruction information sent by an upper computer and sending a processing result output by the instruction execution unit to the upper computer, the interface unit is a commonly-used computer peripheral interface, the commonly-used computer peripheral interface is a 32-bit PCI bus interface or a PCI-E high-speed bus interface, the instruction information comprises an APDU instruction and an optional channel tag added in front of the APDU instruction, the channel tag comprises a channel identifier and a channel number field, the channel identifier is any pre-agreed fixed numerical value which is not used by a first byte of the APDU instruction, and the channel number field is a channel number of a logic channel corresponding to the instruction information;
the channel judgment logic unit is used for judging a logic channel corresponding to the instruction information according to a channel number field in the instruction information and transmitting the instruction information to an instruction execution unit through the logic channel corresponding to the instruction information;
the instruction execution unit is used for determining the selection of a file system according to the channel number field, executing an instruction according to the instruction information, outputting a processing result and sending the processing result to an interface unit through a logic channel corresponding to the instruction information;
the channel determination logic unit is specifically further configured to:
when the instruction information does not contain the channel tag, judging that the APDU instruction is 0 channel instruction information, and the processing result does not contain the channel tag;
when the instruction information contains the channel label, judging a logic channel N corresponding to the instruction information according to the content N of a channel number field in the instruction information, wherein N is more than or equal to 0 and less than or equal to N-1, and N is the number of the logic channels;
and judging the accuracy of the channel label content contained in the instruction information, and when the channel label content contained in the instruction information has an error, directly returning an error code without transmitting the instruction information to an instruction execution unit.
4. The apparatus according to claim 3, wherein any one of the logical channels in the multi-channel PSAM card corresponds to one PSAM card at an application level, and when the instruction information is an instruction requiring key operation or data file operation, the channel number field corresponds to a corresponding PSAM card file structure, key structure, and card information.
5. A multi-channel PSAM card, characterized in that it comprises the data transmission means of a multi-channel PSAM card as claimed in claim 3 or 4.
CN202010016138.6A 2020-01-08 2020-01-08 Data transmission method and device of multi-channel PSAM card and multi-channel PSAM card Active CN111241017B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010016138.6A CN111241017B (en) 2020-01-08 2020-01-08 Data transmission method and device of multi-channel PSAM card and multi-channel PSAM card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010016138.6A CN111241017B (en) 2020-01-08 2020-01-08 Data transmission method and device of multi-channel PSAM card and multi-channel PSAM card

Publications (2)

Publication Number Publication Date
CN111241017A CN111241017A (en) 2020-06-05
CN111241017B true CN111241017B (en) 2021-07-09

Family

ID=70864140

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010016138.6A Active CN111241017B (en) 2020-01-08 2020-01-08 Data transmission method and device of multi-channel PSAM card and multi-channel PSAM card

Country Status (1)

Country Link
CN (1) CN111241017B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101321336A (en) * 2007-06-06 2008-12-10 凤凰微电子(中国)有限公司 High-capacity data interchange method between mobile terminal and smart card
CN102289696A (en) * 2011-08-31 2011-12-21 广州致远电子有限公司 Multichannel parallel access method based on PC/SC (Personal Computer/Smart Card) standard
CN205176866U (en) * 2015-11-29 2016-04-20 恒宝股份有限公司 General card reader with but expansion interface
CN106682905A (en) * 2015-11-09 2017-05-17 北京速通科技有限公司 Application unlocking method
CN107017993A (en) * 2017-04-01 2017-08-04 北京江南天安科技有限公司 A kind of multi-party joint key is produced and digital signature method and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8209753B2 (en) * 2001-06-15 2012-06-26 Activcard, Inc. Universal secure messaging for remote security tokens
CN101567109B (en) * 2009-06-03 2012-01-04 普天信息技术研究院有限公司 Device integrating payment and gathering functions, system and trade method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101321336A (en) * 2007-06-06 2008-12-10 凤凰微电子(中国)有限公司 High-capacity data interchange method between mobile terminal and smart card
CN102289696A (en) * 2011-08-31 2011-12-21 广州致远电子有限公司 Multichannel parallel access method based on PC/SC (Personal Computer/Smart Card) standard
CN106682905A (en) * 2015-11-09 2017-05-17 北京速通科技有限公司 Application unlocking method
CN205176866U (en) * 2015-11-29 2016-04-20 恒宝股份有限公司 General card reader with but expansion interface
CN107017993A (en) * 2017-04-01 2017-08-04 北京江南天安科技有限公司 A kind of multi-party joint key is produced and digital signature method and system

Also Published As

Publication number Publication date
CN111241017A (en) 2020-06-05

Similar Documents

Publication Publication Date Title
US9940038B2 (en) Composite solid state drive identification and optimization technologies
EP2241978A1 (en) Computer system, interrupt relay circuit and interrupt relay method
US8745304B2 (en) USB to SD bridge
CN102841870B (en) General direct memory access (DMA) structure based on high-speed serial bus and pre-read method
CN101436171B (en) Modular communication control system
CN109948383B (en) Method and device for improving read-write speed of non-contact card and terminal equipment
CN114327975A (en) System on chip
CN108256852A (en) Information processing method, device and information processing system
CN101706878A (en) Passive RFID system
CN111241017B (en) Data transmission method and device of multi-channel PSAM card and multi-channel PSAM card
JP3537680B2 (en) Integrated circuit for protocol control
US20130013851A1 (en) Data stream dispatching method, memory controller, and memory storage apparatus
CN100432926C (en) Method and apparatus for processing transactions in a data processing system
CN107463829B (en) Processing method, system and the relevant apparatus of DMA request in a kind of cipher card
CN111753562A (en) Label identification method and device, electronic equipment and readable medium
CN110555763A (en) financial data processing method and device based on block chain
CN201449614U (en) Multimode card reader
CN102375698B (en) Method for assigning and transmitting data strings, memory controller and memory storage device
CN108595245A (en) Java card peripheral access method and Java card virtual machine
CN113141603B (en) Data communication method, system, master terminal device and slave terminal device
CN101436134A (en) Method and system for setting state of hardware apparatus
CN102013000A (en) Universal bank card reader
CN107657191B (en) Bank card damage prompting method and system and terminal equipment
CN202632300U (en) Card reader
CN116978172A (en) Data storage method supporting multiple card organization kernels and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant