ANSI INCITS ISO IEC 7816-8-1999 Identification cards Integrated circuit(s) cards with contacts Part 8 Security related interindustry commands.pdf

1、B C Reference numberISO/IEC 7816-8:1999(E)INTERNATIONALSTANDARDISO/IEC7816-8First edition1999-10-01Identification cards Integrated circuit(s)cards with contacts Part 8:Security related interindustry commandsCartes didentification Cartes circuit(s) intgr(s) contacts Partie 8: Commandes intersectoriel

2、les de scuritAdopted by INCITS (InterNational Committee for Information Technology Standards) as an American National Standard.Date of ANSI Approval: 12/21/00Published by American National Standards Institute,25 West 43rd Street, New York, New York 10036Copyright 2002 by Information Technology Indus

3、try Council (ITI).All rights reserved.These materials are subject to copyright claims of International Standardization Organization (ISO), InternationalElectrotechnical Commission (IEC), American National Standards Institute (ANSI), and Information Technology Industry Council(ITI). Not for resale. N

4、o part of this publication may be reproduced in any form, including an electronic retrieval system, withoutthe prior written permission of ITI. All requests pertaining to this standard should be submitted to ITI, 1250 Eye Street NW,Washington, DC 20005.Printed in the United States of AmericaISO/IEC

5、7816-8:1999(E) ISO/IEC 1999All rights reserved. Unless otherwise specified, no part of this publication may be reproducedor utilized in any form or by any means, electronic or mechanical, including photocopying andmicrofilm, without permission in writing from the publisher.ISO/IEC Copyright Office C

6、ase postale 56 CH-1211 Genve 20 SwitzerlandPrinted in SwitzerlandiiContents1 Scope 12 Normative references 13 Terms and definitions .24 Symbols (and abbreviated terms) 25 Security environments 26 Extended headerlist DE.47 Security support 58 Secure messaging extensions .79 Command chaining .910 MANA

7、GE SECURITY ENVIRONMENT command 911 PERFORM SECURITY OPERATION command .1112 Manage verification process.1513 GENERATE PUBLIC KEY PAIR command 1814 MUTUAL AUTHENTICATE function .1815 Tags defined in ISO/IEC 7816-8 19Annex A (informative) Structure and usage of certificates interpreted by the card.20

8、Annex B (informative) Usage of digital signature relevant operations.22 ISO/IEC ISO/IEC 7816-8:1999(E)iiiForewordISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission)form the specialized system for worldwide standardization. National bodies

9、that are members of ISO or IECparticipate in the development of International Standards through technical committees established by therespective organization to deal with particular fields of technical activity. ISO and IEC technical committeescollaborate in fields of mutual interest. Other interna

10、tional organizations, governmental and non-governmental, inliaison with ISO and IEC, also take part in the work.In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.Draft International Standards adopted by the joint technical committee are c

11、irculated to national bodies for voting.Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote.International Standard ISO/IEC 7816-8 was prepared by Joint Technical Committee ISO/IEC JTC 1, Informationtechnology, Subcommittee SC 17, Identifi

12、cation cards and related devices.ISO/IEC 7816 consists of the following parts, under the general title Identification cards Integrated circuit(s) cardswith contacts:Part 1: Physical characteristicsPart 2: Dimensions and location of the contactsPart 3: Electronic signals and transmission protocolsPar

13、t 4: Interindustry commands for interchangePart 5: Numbering system and registration procedure for application identifiersPart 6: Interindustry data elementsPart 7: Interindustry commands for Structured Card Query Language (SCQL)Part 8: Security related interindustry commandsPart 9: Additional inter

14、industry commands and security attributesPart 10: Electronic signals and answer to reset for synchronous cardsAnnexes A and B of this part of ISO/IEC 7816 are for information only.ISO/IEC 7816-8:1999(E) ISO/IECivIntroductionThe International Organization for Standardization (ISO) and International E

15、lectrotechnical Commission (IEC) drawattention to the fact that it is claimed that compliance with this part of ISO/IEC 7816 may involve the use of a patentconcerning smart cards and terminals given in the body of the text.The ISO and IEC take no position concerning the evidence, validity and scope

16、of this patent right.The holder of this patent right has assured ISO and IEC that he is willing to negotiate licences under reasonableand non-discriminatory terms and conditions with applicants throughout the world. In this respect, the statement ofthe holder of this patent right is registered with

17、ISO and IEC. Information may be obtained from:Director of Intellectual PropertyBULL CP8, S.A.68, route de VersaillesB.P. 4578431 Louveciennes CdexFranceAttention is drawn to the possibility that some of the elements of this part of ISO/IEC 7816 may be subject of patentrights other than those identif

18、ied above. ISO and IEC shall not be held responsible for identifying any or all suchpatent rights.INTERNATIONAL STANDARD ISO/IEC ISO/IEC 7816-8:1999(E)1Identification cards -Integrated circuit(s) cards withcontacts - Part 8: Securityrelated interindustry1 ScopeThis part of ISO/IEC 7816 specifies:sec

19、urity protocols for use in cards;secure messaging extensions;the mapping of the security mechanisms on tothe cards security functions/services, includinga description of the in-card securitymechanisms;data elements for security support;the use of algorithms implemented on the card(though the algorit

20、hms themselves are notdescribed in detail);the use of certificates;security related commands.This part of ISO/IEC 7816 does not cover the internalimplementation within the card and/or the outsideworld.The choice and conditions of use of cryptographicmechanisms may affect card exportability. Theevalu

21、ation of the suitability of algorithms andprotocols is outside the scope of this part of ISO/IEC7816.It shall not be mandatory for cards complying to thispart of ISO/IEC 7816 to support all the describedcommands or all the options of supportedcommands.2 Normative referencesThe following normative do

22、cuments containprovisions which, through reference in this text,constitute provisions of this part of ISO/IEC 7816. Fordated references, subsequent amendments to, orrevisions of, any of these publications do not apply.However parties to agreements based on this part ofISO/IEC 7816 are encouraged to

23、investigate thepossibility of applying the most recent editions of thenormative documents indicated below. Members ofISO and IEC maintain registers of currently validInternational Standards.ISO/IEC 7816-3:1997, Information technology Identification cards Integrated circuit(s) cards withcontacts Part

24、 3: Electronic signals andtransmission protocols.ISO/IEC 7816-4:1995, Information technology Identification cards Integrated circuit(s) cards withcontacts Part 4: Interindustry commands forinterchange.ISO/IEC 7816-4:1995/Amd.1:1997, Informationtechnology Identification cards Integratedcircuit(s) car

25、ds with contacts Part 4: Interindustrycommands for interchange Amendment 1: Impactof secure messaging on the structures of APDUmessages.ISO/IEC 7816-6:1996, Identification cards Integrated circuit(s) cards with contacts Part 6:Interindustry data elements.ISO/IEC 9796:1991, Information technology Sec

26、urity techniques Digital signature schemegiving message recovery.ISO/IEC 7816-8:1999(E) ISO/IEC2ISO/IEC 9798-2:1994, Information technology Security techniques Entity authenticationmechanisms Part 2: Mechanism using symmetricencipherment algorithms.ISO/IEC 9798:1991, Information technology Security

27、techniques Entity authenticationmechanisms Part 3: Entity authentication using apublic-key algorithm.ISO/IEC 9979:1991, Data cryptographic techniques Procedures for the registration of cryptographicalgorithms.3 Terms and definitionsFor the purposes of this part of ISO/IEC 7816, thefollowing definiti

28、ons apply.3.1Certification AuthorityCAa trusted third party that establishes a proof that linksa public key and other relevant information to itsowner3.2cryptographic mechanismsfunctions provided by the card as a result of its imple-mentation of cryptographic algorithms with a specificset of operati

29、onal parameters e.g. the mode ofoperation and the size of data or keys3.3secure messagingprovides a means for cryptographic protection on thedata exchanged during a command (as described inISO/IEC 7816-4)3.4security environmenta mechanism to specify to the card system thesecurity functions that are

30、available to provideprotection to commands for a specific application ofthe card4 Symbols (and abbreviated terms)For the purposes of this part of ISO/IEC 7816, thefollowing abbreviations applyAPDU Application protocol data unitAT Authentication templateBER-TLV Basic Encoding Rules - Tag Length Value

31、CA Certification authorityCC Cryptographic checksumCCT Cryptographic checksum templateCK Common keyCRDO Control reference data objectCRT Control reference templateCT Confidentiality templateDE Data elementDF Dedicated fileDO Data objectDS Digital signatureDSI Digital signature inputDST Digital signa

32、ture templateEF Elementary fileHT Hash templateIFD Interface devicePK Public keyPSO PERFORM SECURITY OPERATION commandRFU Reserved for future useSE Security environmentSK Secret keySM Secure messagingSST Security support template5 Security environments5.1 DescriptionThe security environment (SE) in

33、a card is the logicalcontainer of a set of fully specified securitymechanisms which are available for reference insecurity related commands and in secure messaging(SM) as defined in this part of ISO/IEC 7816 and inISO/IEC 7816-4.Any SE shall specify references to the cryptographicalgorithm(s) to be

34、executed, the mode(s) ofoperation, the key(s) to be used and any additionaldata needed by a security mechanism. It may specifya template describing data elements (DEs) stored inthe card or resulting from some computation, to beincluded by the algorithms specified in the securityenvironment definitio

35、n. It also may provide directionsfor handling the data resulting from the computation,e.g. storage in the card memory. Any relativereferences to files (keys or data) specified with amechanism in the environment definition shall be ISO/IEC ISO/IEC 7816-8:1999(E)3resolved with respect to the dedicated

36、 file (DF)selected at the time the mechanism is used toperform a computation.Absolute references (e.g. absolute path) need not beresolved.NOTE ISO maintains a register of cryptographicalgorithms (see ISO/IEC 9979) and, separately, providesprotocol standards.5.2 Activation of a security environmentAt

37、 any time during operation of the card a current SEshall be active, either by default or as a result ofcommands from the interface device (IFD). Thedefault SE may be empty. The content of the defaultSE is not defined in this part of ISO/IEC 7816.The current SE may explicitly be set or replaced witht

38、he MANAGE SECURITY ENVIRONMENTcommand (see clause 10). An SE may contain amechanism to perform initialisation of non-persistentdata used by mechanisms in the environment, e.g. asession key.In SM, data objects transmitted in a control referencedata object (CRDO) shall take precedence over anycorrespo

39、nding data object (DO) present in thecurrent SE.Definitions of associated SEs may be grouped intothe following sets:One global SE set, which may be provided bythe card. The first SE of this set is the defaultSE;One or more application specific SE sets whichare provided by applications.The global SE

40、set shall be active by default, unlessotherwise specified. A SE or set of SEs may beassociated with a DF or EF such that after selectingthe DF or EF the associated SE or a specific SE inthe set is implicitly set. The method of specifying thisfunctional association between a file and a set of SEsis o

41、utside the scope of this part of ISO/IEC 7816.The current SE is valid until there is a change ofcontext (e.g. by selecting a different application withthe SELECT FILE command), a MANAGESECURITY ENVIRONMENT command, a warmreset or deactivation of the contacts (see ISO/IEC7816-3).5.3 ComponentsControl

42、 Reference Templates (CRT) may be used todescribe the various components of a SE (see Table2).Five such templates are defined for:cryptographic checksum;digital signature;confidentiality;hash;authentication.Within the SE, components may have two aspects;one being valid for the protection of commandA

43、PDUs (application protocol data units) and the otherfor the protection of response APDUs.SEs may be numbered for storing, restoring (seeclause 10) and referencing, in which case thenumbering is context specific.SE numbers represented by:all zeroes (0) denote an empty environment,where no authenticat

44、ion no SM procedure isdefined;all ones (1) denote that no operation can beperformed in this environment;11101111 is Reserved for Future Use (RFU).The current SE contains one or more:components belonging to the default stored SEassociated with the current DF;components transmitted in SM commands (see

45、ISO/IEC 7816-4);components transmitted in MANAGESECURITY ENVIRONMENT commands (seeclause 10);all the components of a stored SE, invoked by itsnumber in a MANAGE SECURITYENVIRONMENT command.5.4 Algorithm referencingThe Algorithm Object Identifier DO is a data objectwhich identifiers the cryptographic

46、 algorithmassociated with an algorithm reference, as defined inISO/IEC 7816-4. One or more such DOs may beISO/IEC 7816-8:1999(E) ISO/IEC4present in the file control information (FCI) of a DFwith a tag AC.This DO encapsulates two mandatory DOs and anoptional DO, in the following sequence:the first ma

47、ndatory DO is the algorithm referenceDO, tag 80, as used in Table 3;the second mandatory DO is an ASN.1 DOIdentifier, tag 06, referencing the algorithmuniquely;the optional DO (tag dependent on the ObjectIdentifier) indicates the algorithm parameters.Example coding (see ISO/IEC 7816-6, Annex B) -AC

48、II 09 II 80-01-01 II 06-04-28CC4701This Object Identifier (28CC4701) refers to algorithm1 in ISO/IEC 9979, with no parameter.6 Extended headerlist DE6.1 Construction and useAn extended headerlist DE is a concatenation oftag/lengths without delimiters.An extended headerlist is normally used forrefere

49、ncing DOs to be signed.An extended headerlist references a byte string builtas follows:each tag/length is replaced by data referencedby the tag when the DO is primitive;when a tag/length denotes a constructed DO, itsvalue is interpreted as an extended headerlistDE.According to the conditions of use of an extendedheaderlist, the data to include in the byte string areeither the values of the referenced primitiveDOs, truncated according to the length indicatedin the extended headerlist (Case 1) orthe primitive DOs the