ETSI TS 102 240-2011 Smart Cards UICC Application Programming Interface and Loader Requirements Service description (V11 1 0 Release 11)《智能卡 UICC应用编程接口和装入程序要求 业务描述(版本11 0 0 第11次发布).pdf

1、 ETSI TS 102 240 V11.1.0 (2011-12) Smart Cards; UICC Application Programming Interface and Loader Requirements; Service description (Release 11) Technical Specification ETSI ETSI TS 102 240 V11.1.0 (2011-12)2Release 11 Reference RTS/SCP-R0263vb10 Keywords API, smart card ETSI 650 Route des Lucioles

2、F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www

3、.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printin

4、g on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/por

5、tal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the

6、foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2011. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for

7、the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 240 V11.1.0 (2011-12)3Release 11 Contents Intellectual Property Rights 5g3Foreword . 5g31 Scope 6g32 References 6g32.1 Normative refe

8、rences . 6g32.2 Informative references 7g33 Definitions and abbreviations . 7g33.1 Definitions 7g33.2 Abbreviations . 8g34 Description . 9g34.1 Design of UICC based applications using the UICC API 10g34.2 UICC API architecture . 11g34.3 UICC file data access . 12g34.4 UICC BER-TLV file access . 12g3

9、5 Card interoperability. 12g35.1 Loader requirements . 12g35.2 Application transport 13g36 Applet activation 13g36.1 Applet triggering 13g36.2 Applet selection 14g37 Applet life cycle management 14g37.1 Applet preparation 14g37.2 Loading 15g37.2.1 Arbitration. 15g37.2.2 Transport . 15g37.2.3 Verific

10、ation . 15g37.2.4 Linking 15g37.3 Installation/registration/reactivation . 15g37.4 Configuration . 15g37.5 Execution 16g37.6 Deactivation . 16g37.7 Removal . 16g38 Security management . 16g38.1 Management of applets 16g38.2 Applet certification . 16g39 API compatibility . 16g39.1 Level of compatibil

11、ity 16g39.2 Compatibility at the interface . 16g39.3 Compatibility at the programming interface 17g39.4 Accessibility of the programming interface . 17g310 API extensibility . 17g310.1 Evolution of UICC/terminal interface (TS 102 221) 17g310.2 Evolution of CAT application toolkit (TS 102 223) . 17g3

12、10.3 Interworking with other systems 17g310.4 Evolution of UICC/terminal contactless interface (TS 102 622 and TS 102 613) 17g310.5 HCI low-level support 18g310.5.1 Use case 18g310.5.2 Requirements 18g310.6 Application API for Secure messaging over HTTPS . 19g310.6.1 Use Cases (informative) 19g3ETSI

13、 ETSI TS 102 240 V11.1.0 (2011-12)4Release 11 10.6.2 Requirements (normative) 19g310.7 Machine to machine (M2M) UICC applications 19g310.8 Secure Channel between UICC and terminal . 19g311 Data and function sharing and access control 20g311.1 Sharing resources between applets . 20g311.2 Access to da

14、ta . 20g312 Technology considerations . 20g312.1 UICC hardware requirements . 20g312.2 Technology limitations . 21g312.2.1 Memory recovery 21g312.3 Evolution 21g312.3.1 Remote Procedure Call (RPC) 21g313 Enhanced Runtime Environment 21g313.1 Interworking between multiple hardware and logical UICC/te

15、rminal interfaces . 21g313.2 Support for TCP and UDP 21g313.3 Support for HTTP . 22g313.4 Support for Card Application Toolkit (CAT) . 22g313.5 Secure communication . 22g313.6 Events . 22g313.7 Access to the enhanced UICC API framework 22g313.8 Inter-application communication 22g313.9 Backward compa

16、tibility . 22g3Annex A (informative): Change history . 23g3History 24g3ETSI ETSI TS 102 240 V11.1.0 (2011-12)5Release 11 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if

17、 any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are availabl

18、e on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or

19、may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Smart Card Platform (SCP). It is based on work originally done by the 3GPP group in “TSG-Terminals WG3“ and by “ETSI Special Mobile Group (SMG)“. The pre

20、sent document details the stage 1 aspects (overall service description) for the support of a UICC Application Programming Interface (API). The contents of the present document are subject to continuing work within ETSI SCP and may change following formal ETSI SCP approval. Should ETSI SCP modify the

21、 contents of the present document it will then be republished by ETSI with an identifying change of release date and an increase in version number as follows: Version x.y.z where: x the first digit: 0 early working draft; 1 presented to TC SCP for information; 2 presented to TC SCP for approval; 3 o

22、r greater indicates TC SCP approved document under change control. y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is incremented when editorial only changes have been incorporated in the document. ETSI ETSI TS

23、 102 240 V11.1.0 (2011-12)6Release 11 1 Scope The present document defines the service description of the UICC Application Programming Interface (UICC API) internal to the UICC. Stage one is an overall service description, and does not deal with the implementation details of the API. The present doc

24、ument includes information applicable to network operators, service providers and terminal, UICC, Network Access Application (NAA) providers, switch and database manufacturers. The present document contains the core requirements, which are sufficient to provide a complete service. It is highly desir

25、able however, that technical solutions for a UICC API should be sufficiently flexible to allow for possible enhancements. Additional functionalities not documented in the present document may implement requirements which are considered outside the scope of the present document. This additional funct

26、ionality may be on a network wide basis, nation-wide basis or particular to a group of users. Such additional functionality shall not compromise conformance to the core requirements of the service. 2 References References are either specific (identified by date of publication and/or edition number o

27、r version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might b

28、e found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. In the case of a reference to a TC SCP document, a non specific reference implicitly refers to the latest version of t

29、hat document in the same Release as the present document. 2.1 Normative references The following referenced documents are necessary for the application of the present document. 1 ETSI TS 102 221: “Smart cards; UICC-Terminal interface; Physical and logical characteristics (Release 7)“. 2 ETSI TS 102

30、223: “Smart cards; Card Application Toolkit (CAT) (Release 7)“. 3 ISO/IEC 7816-4: “Identification cards - Integrated circuit cards Part 4: Organization, security and commands for interchange“. 4 ETSI TS 102 622: “Smart Cards; UICC - Contactless Front-end (CLF) Interface; Host Controller Interface (H

31、CI)“. 5 ETSI TS 102 613: “Smart Cards; UICC - Contactless Front-end (CLF) Interface; Part 1: Physical and data link layer characteristics“. 6 ETSI TS 102 600: “Smart Cards; UICC-Terminal interface; Characteristics of the USB interface“. 7 ETSI TS 102 483: “Smart cards; UICC-Terminal interface; Inter

32、net Protocol connectivity between UICC and terminal“. 8 ETSI TS 102 484: “Smart Cards; Secure channel between a UICC and an end-point terminal“. 9 OMA: “Smartcard Web Server Enabler Architecture“, OMA-AD-Smartcard-Web-Server-V1-0-20070209-C. ETSI ETSI TS 102 240 V11.1.0 (2011-12)7Release 11 10 ETSI

33、TS 102 412: “Smart Cards; Smart Card Platform Requirements Stage 1“. 11 ETSI TS 102 127: “Smart Cards; Transport protocol for CAT applications; Stage 2“. 12 ETSI TS 102 225: “Smart Cards; Secured packet structure for UICC based applications“. 13 ETSI TS 102 226: “Smart Cards; Remote APDU structure f

34、or UICC based applications“. 14 ETSI TS 131 130: “Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); LTE; (U)SIM Application Programming Interface (API); (U)SIM API for Java Card (3GPP TS 31.130 Release 9)“. 15 ETSI TS 102 267: “Smart Cards; Con

35、nection Oriented Service API for the Java Card(TM) platform“. 16 ETSI TS 102 241: “Smart Cards; UICC Application Programming Interface (UICC API) for Java Card (TM)“. 2.2 Informative references The following referenced documents are not necessary for the application of the present document but they

36、assist the user with regard to a particular subject area. Not applicable. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: applet: application built up using a number of modules which will run under the control of a

37、virtual machine application: in the scope of the present document either an applet or a web-application. bytecode: machine independent code generated by a bytecode compiler and executed by a bytecode interpreter data structure: collection of related data values such as the age, birth date and height

38、 of an individual framework: defines a set of Application Programming Interface (API) functions and data structures for developing applications and for providing system services to those applications function: callable and executable body of computer instructions which perform a specific computation

39、 or data processing task module: collection of functions and data structures which implement an entire application or a particular application feature or capability UICC API framework: part of the UICC responsible for the handling of applications (including triggering and loading) NOTE: It also cont

40、ains the library for the proactive API. Servlet: application built up using a number of modules responding to incoming Internet protocol request (e.g. TCP, HTTP, HTTPS, etc.) NOTE: A Servlet runs under the control of a Servlet engine. Servlet engine: part of the enhanced UICC API framework, responsi

41、ble for handling incoming requests via the TCP/IP protocol (e.g. HTTP/HTTPS) and dispatching them to the web-application ETSI ETSI TS 102 240 V11.1.0 (2011-12)8Release 11 toolkit applet: applet loaded onto the UICC seen by the mobile as being part of the UICC toolkit application and containing only

42、the code necessary to run the application NOTE: These applets might be downloaded over the radio interface. trusted party: entity trusted by the card issuer with respect to security related services and activities virtual machine: part of the run-time environment responsible for interpreting the byt

43、ecode web-application: at least one Servlet or a combination of one or more Servlets, additional modules, applets, and static content 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: AID Applet IDentifier APDU Application Protocol Data Unit API Applicati

44、on Programming Interface AVN Applet Version Number BER Bit Error Rate CAD Card Acceptance Device CAT Card Application Toolkit CLF Contactless Front-endEPOS Electronic Point Of Sale HCI Host Controller Interface HTTP Hypertext Transfer Protocol IFD InterFace Device IP Internet ProtocolMExE Mobile Exe

45、cution Environment NAA Network Access Application P2P Peer to peer RPC Remote Procedure Call TCP Transmission Control Protocol TLS Transport Layer Security TLV Tag, Length, Value UDP User Datagram Protocol UICC Universal Integrated Circuit Card WAP Wireless Application ProtocolETSI ETSI TS 102 240 V

46、11.1.0 (2011-12)9Release 11 4 Description The present document describes the high level requirements for an API for the UICC. This API shall allow application programmers easy access to the functions and data described in TS 102 221 1 and TS 102 223 2, such that UICC based services can be developed

47、and loaded onto UICCs, quickly and, if necessary, remotely, after the UICC has been issued. Card Operator Management Communication Applet1 AID1,TAR1 Applet2 TAR2 Trusted Appletn AIDn,TARn AIDx. TARx Application AIDApplication Application AID Card Trusted UICC AIDx TARx Terminal Figure 1: Toolkit app

48、let management and communication ETSI ETSI TS 102 240 V11.1.0 (2011-12)10Release 11 4.1 Design of UICC based applications using the UICC API Figure 2 shows how UICC applications can be developed in a standard development environment and converted into an interpreted format, then loaded into the UICC

49、. Development Environment API; (e.g. Visual Basic API, C API, Java API) Smart Card Application platform; ( e.g. Java Card, Multos, Smart Card for Windows) Source code; e.g. C, Java, Visual Basic, etc. Bytecode Toolkit Applet File Applet file stored in non volatile memory Execution environment Runnable (activated) applet Executed applet compile (including libraries) optimise (optional) download install activate trigger Terminal Figure 2: Flow diagram of the development of a UICC application ETSI ETSI TS 102 240 V11.1.0 (2011-12)1