ISO/IEC is intended to be used in any sector of activity. It specifies: a ) contents of command-response pairs exchanged at the interface,. b) means of. ISO , Section 5 contains basic organizations, data structures, file organization, file referencing methods, data referencing methods, This part of ISO/IEC supports the following two categories of files: . 0 — x x x — — —, File type. ISO/IEC (): “Information technology – Identification cards; Integrated circuit(s) cards . and one or more SC bytes as defined in ISO/IEC .
|Published (Last):||18 November 2016|
|PDF File Size:||18.44 Mb|
|ePub File Size:||5.13 Mb|
|Price:||Free* [*Free Regsitration Required]|
Figure 2 shows those for EF structures. Alternately, using secret internal data, the card computes a data element cryptographic checksum or digital signature and inserts it in the data sent to the outside world.
F I G U R E 2
Views Read Edit View history. Padding for confidentiality has an influence on transmission, the cryptogram 7186 or more blocks is longer than the plain text. The length field consists of one or more consecutive bytes. The security attributes, when they exist, define the allowed actions and the procedures to be performed to complete such actions. The order of the file identifiers is always in the direction parent to child.
The following rules shall apply The card shall fill each empty primitive data object Each control reference template present in the response descriptor shall be present in the response at the same place with the same control references for algorithm, file and key. The first occurrence shall be the record with the specified identifier and in the first logical position; the last occurrence shall be the record with the specified identifier and in the last logical position.
Figure 1 — Logical file organization example.
If an empty reference data object for auxiliary data is present in the response descriptor, then it shall be full in the response. It encodes a class, a type and a number.
If no file reference is present, then the key reference is valid in the current DF. Personal verification through biometric methods”. Each time a reference is made with a record identifier, an indication shall specify the logical position of the target record the first or last occurrence, the next or previous occurrence relative to the record pointer: Therefore the first record record number one, 1 is the first created record.
Therefore a spcecific response corresponds to a specific command, referred to as a command-response pair. The length field consists of 1 or 3 consecutive bytes.
ISO standards by standard number.
In addition to the cryptogram mechanism, data confidentiality can be achieved by data concealment. According to its abstract, it specifies interindustry commands for integrated circuit cards either with contacts or without contacts that may be used for cryptographic operations.
When a file cannot be implicitly selected, it shall be possible to select it by at least one of the following methods: Such a body carries 1 or 2 length fields; B1 is [part of] the first length field.
For each command, an appropriate clause provides more detailed meanings.
ISO part 4 section 5 APDU level data structures
There shall be independence of activity ido one logical channel from activity on another one. In any command using secure messaging the following specific error conditions may occur: Annexes are provided that give examples of operations related to digital signatures, certificates and the import and export of asymmetric keys. It is an unsigned integer, limited to either 8 or 15 bits according to an option in the respective command.
Created inupdated inupdated in The splitting into data blocks shall be performed in the following way. The goal of secure messaging SM is to protect [part of] the messages to and from a card by ensuring two basic security functions: Cards with contacts — Dimensions and location of the contacts”.
Electronic signals and answer to reset for synchronous cards”. In the absence of an algorithm reference and is no mechanism is implicitly selected for confidentiality a default mechanism shall apply.
The result of an authentication may be logged in an internal EF according to the requirements of the application. Referencing by short EF identifier — Any EF may be referenced by a short EF identifier coded on 5 bits valued in the range from 1 to Decoding conventions for Le If the value filrtype Le is coded in 1 or 2 byte s where the bits are not all null, then the value of Le is equal to the value of the byte s which lies in the range from 1 to or ; the null value of all the bits means the maximum value of Le: List of International Electrotechnical Commission standards.