ImageVerifierCode 换一换
格式:PDF , 页数:166 ,大小:3.99MB ,
资源ID:396870      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-396870.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(BS ISO IEC 7816-4-2013 Identification cards Integrated circuit cards Organization security and commands for interchange《识别卡 集成电路卡 交换用组织、安全和命令》.pdf)为本站会员(bonesoil321)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

BS ISO IEC 7816-4-2013 Identification cards Integrated circuit cards Organization security and commands for interchange《识别卡 集成电路卡 交换用组织、安全和命令》.pdf

1、BSI Standards Publication BS ISO/IEC 7816-4:2013 Identification cards Integrated circuit cards Part 4: Organization, security and commands for interchange BS ISO/IEC 7816-4:2013 Incorporating corrigendum August 2014BS ISO/IEC 7816-4:2013 BRITISH STANDARD National foreword This British Standard is th

2、e UK implementation of ISO/IEC 7816-4:2013, incorporating corrigendum August 2014. It supersedes BS ISO/IEC 7816-4:2005+A1:2008 which is withdrawn. The start and finish of text introduced or altered by corrigendum is indicated in the text by tags. Text altered by ISO/IEC corrigendum August 2014 is i

3、ndicated in the text by . The UK participation in its preparation was entrusted to Technical Committee IST/17, Cards and personal identification. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the ne

4、cessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2014. Published by BSI Standards Limited 2014 ISBN 978 0 580 87836 7 ICS 35.240.15 Compliance with a British Standard cannot confer immunity from legal obligations. This British Sta

5、ndard was published under the authority of the Standards Policy and Strategy Committee on 30 April 2013. Amendments/corrigenda issued since publication Date Text affected 31 October 2014 Implementation of ISO/IEC corrigendum August 2014BS ISO/IEC 7816-4:2013Reference number ISO/IEC 7816-4:2013(E) IS

6、O/IEC 2013INTERNATIONAL STANDARD ISO/IEC 7816-4 Third edition 2013-04-15 Identification cards Integrated circuit cards Part 4: Organization, security and commands for interchange Cartes didentification Cartes circuit intgr Partie 4: Organisation, scurit et commandes pour les changes BS ISO/IEC 7816-

7、4:2013 ISO/IEC 7816-4:2013(E) COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2013 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writin

8、g from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2013 All rights reservedBS ISO/I

9、EC 7816-4:2013 ISO/IEC 7816-4:2013(E) ISO/IEC 2013 All rights reserved iiiContents Page Foreword . vii Introduction viii 1 Scope . . 1 2 Normative references 1 3 Terms and definitions . 2 4 Symbols and abbreviated terms 7 5 Command-Response pairs . 8 5.1 Conditions of operation . . 8 5.2 Syntax . 9

10、5.3 Chaining procedures . 10 5.3.1 General . 10 5.3.2 Payload fragmentation . . 10 5.3.3 Command chaining . 10 5.3.4 Response chaining 11 5.4 Class byte . 12 5.4.1 Coding 12 5.4.2 Logical channels . 13 5.5 Instruction byte 14 5.6 Status bytes . 14 6 Data objects . 17 6.1 SIMPLE-TLV data objects . 18

11、 6.2 BER-TLV data objects . 18 6.3 Constructed DOs versus primitive DOs 18 7 Structures for applications and data . 19 7.1 Available structures 19 7.2 Validity area . 20 7.2.1 Definitions and attributes . 20 7.2.2 Basic rules for VA handling and use . 20 7.3 Structure selection . . 21 7.3.1 Structur

12、e selection methods . . 21 7.3.2 File reference data element and DO 22 7.3.3 General reference data element and DO . 23 7.3.4 Data referencing methods in elementary files . 23 7.4 File and data control information 23 7.4.1 File control information retrieval . 23 7.4.2 Data control information retrie

13、val 24 7.4.3 Control parameters . 24 7.4.4 Short EF identifier . 26 7.4.5 File descriptor byte . 26 7.4.6 Profile indicator . 27 7.4.7 Data descriptor byte 27 7.4.8 DF and EF list data elements . 27 7.4.9 Instance number data element . 28 7.4.10 Life cycle status . 28 7.4.11 Indirect referencing by

14、short EF identifier using DOA2 28 7.4.12 Interface and life cycle status dependent security attribute template . 29 8 Specific use of DOs and related concepts 30 8.1 BER-TLV payloads and padding . 30 BS ISO/IEC 7816-4:2013 ISO/IEC 7816-4:2013(E) iv ISO/IEC 2013 All rights reserved8.1.1 Padding condi

15、tions30 8.1.2 Padding procedure 30 8.2 Current template and data object generations .31 8.2.1 Current template and current DO .31 8.2.2 Template extension .31 8.2.3 Data object sub-tree 31 8.2.4 Data object life cycle .32 8.3 Identification of data elements and data objects .32 8.3.1 Principles 32 8

16、.3.2 Tag interpretation in command and response data fields or payloads .32 8.3.3 Tag allocation .32 8.3.4 Standard tag allocation scheme .33 8.3.5 Compatible tag allocation scheme .33 8.3.6 Coexistent tag allocation scheme 34 8.3.7 Avoidance of independent tag allocation schemes .34 8.4 Referencing

17、 and retrieval of DOs and data elements 34 8.4.1 General 34 8.4.2 Element list .35 8.4.3 Tag list 35 8.4.4 Header list .35 8.4.5 Extended header and extended header list 35 8.4.6 Resolving an extended header .36 8.4.7 Resolving an extended header list .37 8.4.8 Wrapper 37 8.4.9 Tagged wrapper .38 9

18、Security architecture .38 9.1 General 38 9.2 Cryptographic mechanism identifier template .39 9.3 Security attributes .40 9.3.1 Security attributes targets 40 9.3.2 Compact format .40 9.3.3 Expanded format 44 9.3.4 Access rule references .48 9.3.5 Security attributes for data objects .49 9.3.6 Securi

19、ty parameters template 49 9.3.7 Security attributes for logical channels 55 9.4 Security support data elements .56 10 Secure messaging .57 10.1 SM fields and SM DOs .57 10.1.1 SM protection of command payloads 57 10.1.2 SM protection of chained commands and responses .57 10.1.3 SM DOs .57 10.2 Basic

20、 SM DOs .58 10.2.1 SM DOs for encapsulating plain values 58 10.2.2 SM DOs for confidentiality 59 10.2.3 SM DOs for authentication 60 10.3 Auxiliary SM DOs .61 10.3.1 Control reference templates .61 10.3.2 Control reference DOs in control reference templates 61 10.3.3 Security environments 63 10.3.4

21、Response descriptor template .65 10.4 SM impact on command-response pairs 65 11 Commands for interchange 67 11.1 Selection .67 11.1.1 SELECT command 67 11.1.2 MANAGE CHANNEL command .69 11.2 Data unit handling70 11.2.1 Data units 70 BS ISO/IEC 7816-4:2013 ISO/IEC 7816-4:2013(E) ISO/IEC 2013 All righ

22、ts reserved v11.2.2 General . 70 11.2.3 READ BINARY command . 71 11.2.4 WRITE BINARY command . 71 11.2.5 UPDATE BINARY command . 72 11.2.6 SEARCH BINARY command . 72 11.2.7 ERASE BINARY command . 72 11.2.8 COMPARE BINARY function . 73 11.3 Record handling . . 73 11.3.1 Records . . 73 11.3.2 General

23、. 74 11.3.3 READ RECORD (S) command 74 11.3.4 WRITE RECORD command 76 11.3.5 UPDATE RECORD command . 77 11.3.6 APPEND RECORD command . 77 11.3.7 SEARCH RECORD command . 78 11.3.8 ERASE RECORD (S) command 79 11.3.9 ACTIVATE RECORD (s) command . 80 11.3.10 DEACTIVATE RECORD (s) command . 80 11.3.11 CO

24、MPARE RECORD function 81 11.4 Data object handling . 81 11.4.1 General . 81 11.4.2 SELECT DATA command 82 11.4.3 GET DATA/GET NEXT DATA commands - even INS code 86 11.4.4 GET DATA/GET NEXT DATA command - odd INS codes . 87 11.4.5 General properties of PUT/PUT NEXT/UPDATE DATA commands 89 11.4.6 PUT

25、DATA command 89 11.4.7 PUT NEXT DATA command . 90 11.4.8 UPDATE DATA command 91 11.4.9 COMPARE DATA function . . 91 11.5 Basic security handling . . 91 11.5.1 General . 91 11.5.2 INTERNAL AUTHENTICATE command 92 11.5.3 GET CHALLENGE command 92 11.5.4 EXTERNAL AUTHENTICATE command 93 11.5.5 GENERAL A

26、UTHENTICATE command . 94 11.5.6 VERIFY command 95 11.5.7 CHANGE REFERENCE DATA command . 96 11.5.8 ENABLE VERIFICATION REQUIREMENT command . 96 11.5.9 DISABLE VERIFICATION REQUIREMENT command 97 11.5.10 RESET RETRY COUNTER command . 97 11.5.11 MANAGE SECURITY ENVIRONMENT command 97 11.6 Miscellaneou

27、s . . 99 11.6.1 COMPARE command 99 11.6.2 GET ATTRIBUTE command . 101 11.7 Transmission handling . 101 11.7.1 GET RESPONSE command 101 11.7.2 ENVELOPE command . 101 12 Application-independent card services . . 102 12.1 Card identification . 102 12.1.1 Historical bytes 102 12.1.2 Initial data string

28、recovery 106 12.2 Application identification and selection . 107 12.2.1 EF.DIR . 107 12.2.2 EF.ATR/INFO . . 107 12.2.3 Application identifier . 108 12.2.4 Application template and related data elements 109 12.2.5 Application selection . . 110 12.3 Selection by path . 111 12.4 Data retrieval 111 BS I

29、SO/IEC 7816-4:2013 ISO/IEC 7816-4:2013(E) vi ISO/IEC 2013 All rights reserved12.5 Card-originated byte strings 111 12.5.1 Triggering by the card 112 12.5.2 Queries and replies 112 12.5.3 Formats 112 12.6 General feature management 112 12.6.1 On-card services . 113 12.6.2 Interface services 113 12.6.

30、3 Profile services . 113 12.6.4 Provision of additional information 114 12.7 APDU management 114 12.7.1 Extended length information . 114 12.7.2 List of supported INS codes 114 Annex A (informative) Examples of object identifiers and tag allocation schemes 115 A.1 Object identifiers . 115 A.2 Tag al

31、location schemes . 115 Annex B (informative) Examples of secure messaging . 117 B.1 Cryptographic checksum . 117 B.2 Cryptograms 121 B.3 Control references 121 B.4 Response descriptor 121 B.5 ENVELOPE command 122 B.6 Synergy between secure messaging and security operations 122 Annex C (informative)

32、Examples of AUTHENTICATE functions by GENERAL AUTHENTICATE commands . 125 C.1 GENERAL AUTHENTICATE using witness-challenge-response triples . 125 C.2 GENERAL AUTHENTICATE for a multi-step authentication protocol . 129 NA.1.1 Terminal Authentication protocol 131 NA.1.2 Chip Authentication protocol .

33、132 Annex D (informative) Application identifiers using issuer identification numbers . 133 D.1 Background information 133 D.2 Format 133 Annex E (informative) BER Encoding Rules . 134 E.1 BER-TLV tag fields 134 E.2 BER-TLV length fields . 135 E.3 BER-TLV value fields . 135 Annex F (informative) BER

34、-TLV data object handling . 136 F.1 Generations and templates in a constructed DO 136 F.2 Referencing by an extended header . 137 F.3 Use of the UPDATE DATA command . 139 F.4 Security attribute for one DO . 141 F.5 Example of key referencing in a self-controlled DO . 142 Annex G (informative) Templa

35、te extension by tagged wrapper 144 G.1 General . 144 G.2 Referencing within the current EF 144 G.3 Referencing within the current application DF, first example . 145 G.4 Referencing in the current application DF, second example . 146 G.5 Referencing out of the current application DF 147 G.6 Warnings

36、 147 Annex H (informative) Parsing an extended header against its target DO . 148 Bibliography . 149 BS ISO/IEC 7816-4:2013 ISO/IEC 7816-4:2013(E) ISO/IEC 2013 All rights reserved viiForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commiss

37、ion) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO a

38、nd IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/I

39、EC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national

40、bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for id

41、entifying any or all such patent rights. ISO/IEC 7816-4 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. This third edition cancels and replaces the second edition (ISO/IEC 7816-4:2005), and incorporates the Amend

42、ment ISO/IEC 7816-4:2005/Amd.1:2008. ISO/IEC 7816 consists of the following parts, under the general title Identification cards Integrated circuit cards: Part 1: Cards with contacts Physical characteristics Part 2: Cards with contacts Dimensions and location of the contacts Part 3: Cards with contac

43、ts Electrical interface and transmission protocols Part 4: Organization, security and commands for interchange Part 5: Registration of application providers Part 6: Interindustry data elements for interchange Part 7: Interindustry commands for Structured Card Query Language (SCQL) Part 8: Commands f

44、or security operations Part 9: Commands for card management Part 10: Electronic signals and answer to reset for synchronous cards Part 11: Personal verification through biometric methods Part 12: Cards with contacts USB electrical interface and operating procedures Part 13: Commands for application

45、management in a multi-application environment Part 15: Cryptographic information application BS ISO/IEC 7816-4:2013 ISO/IEC 7816-4:2013(E) viii ISO/IEC 2013 All rights reservedIntroduction ISO/IEC 78166is a series of standards specifying integrated circuit cards and the use of such cards for interch

46、ange. These cards are identification cards intended for information exchange negotiated between the outside world and the integrated circuit in the card. As a result of an information exchange, the card delivers information (computation result, stored data), and/or modifies its content (data storage

47、, event memorization). Five parts are specific to cards with galvanic contacts and three of them specify electrical interfaces. ISO/IEC 7816-1 specifies physical characteristics for cards with contacts. ISO/IEC 7816-2 specifies dimensions and location of the contacts. ISO/IEC 7816-3 specifies electr

48、ical interface and transmission protocols for asynchronous cards. ISO/IEC 7816-10 specifies electrical interface and answer to reset for synchronous cards. ISO/IEC 7816-12 specifies electrical interface and operating procedures for USB cards. All the other parts are independent from the physical int

49、erface technology. They apply to cards accessed by contacts and/or by radio frequency. ISO/IEC 7816-4 specifies organization, security and commands for interchange. ISO/IEC 7816-5 specifies registration of application providers. ISO/IEC 7816-6 specifies interindustry data elements for interchange. ISO/IEC 7816-7 specifies commands for structured card query language. ISO/IEC 7816-8 specifies commands for security operations. ISO/IEC 7816-9 specifies commands for card mana

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1