1、raising standards worldwide NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAW BSI Standards Publication BS ISO/IEC 20060:2010 Information technology Open Terminal Architecture (OTA) Virtual machineBS ISO/IEC 20060:2010 BRITISH STANDARD National foreword This British Standard is
2、the UK implementation of ISO/IEC 20060:2010. It supersedes BS ISO/IEC 20060:2001 which is withdrawn. The UK participation in its preparation was entrusted to Technical Committee IST/17, Cards and personal identification. A list of organizations represented on this committee can be obtained on reques
3、t to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. BSI 2010 ISBN 978 0 580 69843 9 ICS 35.080; 35.240.15; 35.240.20 Compliance with a British Standard cannot confer immunity from legal obliga
4、tions. This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 July 2010 Amendments issued since publication Date Text affectedBS ISO/IEC 20060:2010Reference number ISO/IEC 20060:2010(E) ISO/IEC 2010INTERNATIONAL STANDARD ISO/IEC 20060 Second edit
5、ion 2010-07-01 Information technology Open Terminal Architecture (OTA) Virtual machine Technologies de linformation Architecture des terminaux ouverte (OTA) Machine virtuelle BS ISO/IEC 20060:2010 ISO/IEC 20060:2010(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with A
6、dobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing poli
7、cy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every c
8、are has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2010 All rights reserved. Unless otherwise specifi
9、ed, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case
10、 postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2010 All rights reservedBS ISO/IEC 20060:2010 ISO/IEC 20060:2010(E) ISO/IEC 2010 All rights reserved iiiContents Page Foreword vi Introduction.vii 1
11、Scope1 2 Normative references1 3 Terms and definitions .1 4 Symbols and abbreviated terms 5 5 Data types, stack notation and flags .6 5.1 Data Types .6 5.2 Stack Notation .7 5.3 Flags .7 6 OTA virtual machine7 6.1 General principles .7 6.2 Virtual Machine CPU .8 6.2.1 Registers 9 6.2.2 Virtual Machi
12、ne Size and Cells.9 6.2.3 Memory.9 6.2.4 Stacks .10 6.2.5 Frame Mechanism and Usage11 6.2.6 Extensible Memory12 6.2.7 User Variables12 6.3 Virtual Machine Execution Features13 6.4 Arithmetic.13 6.5 Exception Handling .14 6.6 Resources 15 6.7 Programs and Tokens.15 7 System Services 16 7.1 Time Handl
13、ing16 7.2 Devices and I/O Services17 7.3 Database Services.17 7.3.1 The Database Parameter Block19 7.3.2 Database Instantiation 21 7.3.3 Database Exception Handling22 7.4 Language and Message Handling .22 7.5 TLV Services 23 7.5.1 Basic Principles.23 7.5.2 TLV Definitions 23 7.5.3 TLV References .24
14、 7.6 Hot Card List Management.25 7.7 Cryptographic Services 25 7.7.1 Modulo Multiplication26 7.7.2 Secure Hash Algorithm (SHA-1) 26 7.7.3 Modulo Exponentiation.27 7.7.4 Long Shift.27 7.7.5 Long Subtract 27 7.7.6 Incremental Secure Hash Algorithm (SHA-1) .27 7.7.7 Cyclic Redundancy Check (CRC) 28 7.7
15、.8 DES Key Schedule.28 7.7.9 DES encryption/decryption 28 BS ISO/IEC 20060:2010 ISO/IEC 20060:2010(E) iv ISO/IEC 2010 All rights reserved7.8 Vectored Execution Sockets 28 7.8.1 CSS Functions .29 7.8.2 Socket Security29 7.8.3 Socket Organisation29 7.9 Module Handling Services 29 7.9.1 Module Loading
16、by MODEXECUTE 30 7.9.2 Module Loading Procedure 32 7.9.3 Module Loading by MODCARDEXECUTE 35 8 Token Set Definition 37 8.1 Overview .37 8.2 Conventions .37 8.2.1 Number Formats 37 8.2.2 Token Descriptions38 8.2.3 Branch and Code Offsets38 8.2.4 Addresses.38 8.3 Data Typing 39 8.4 Token Compression 3
17、9 8.4.1 Optimised Data Access.39 8.4.2 Special Procedure Calls39 8.4.3 Quoting .39 8.5 Prefix Tokens .40 8.6 Stack Manipulation Tokens 41 8.7 Data Access Tokens43 8.8 Literal Tokens.45 8.9 Address Generation Tokens.46 8.10 Arithmetic Tokens47 8.11 Relational Tokens 51 8.12 String Tokens.53 8.13 Fram
18、e Tokens.56 8.14 Extensible Memory Tokens 58 8.15 Flow of Control Tokens.59 8.15.1 Branch Tokens.59 8.15.2 Call Tokens.60 8.15.3 Loop Tokens.61 8.15.4 Hybrid Tokens62 8.15.5 Quoting Tokens63 8.16 Exception Tokens 63 8.17 Date, Time, and Timing Tokens64 8.18 Generic Device I/O Tokens .64 8.19 Formatt
19、ed I/O Tokens68 8.20 Integrated Circuit Card Tokens 69 8.21 Magnetic Stripe Tokens 70 8.22 Socket Tokens71 8.23 Database Services Tokens .72 8.24 Language and Message Tokens.77 8.25 TLV Tokens.78 8.25.1 TLV Buffer Access.78 8.25.2 TLV Processing80 8.25.3 TLV Sequence Access 81 8.26 Hot Card List Tok
20、ens.82 8.27 Cryptographic Algorithm Token.83 8.28 Module Management Tokens83 8.29 Operating System Interface Tokens 84 8.30 Miscellaneous Tokens.84 9 Module Delivery Format 85 9.1 Module ID Format.86 9.2 Socket List86 9.3 Relocation Section.87 9.4 Module Import List.88 BS ISO/IEC 20060:2010 ISO/IEC
21、20060:2010(E) ISO/IEC 2010 All rights reserved v9.5 Module Export List 88 9.6 Module Procedure List89 Annex A (normative) OTA Token Lists .90 Annex B (normative) Exceptions and I/O Return Codes 97 Annex C (normative) Device Control 101 Annex D (normative) Operating System Calls .116 Annex E (normati
22、ve) Rules for Using a Data Object List (DOL).117 Annex F (informative) System Overview 118 Bibliography137 BS ISO/IEC 20060:2010 ISO/IEC 20060:2010(E) vi ISO/IEC 2010 All rights reservedForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Comm
23、ission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. IS
24、O and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, IS
25、O/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to nation
26、al bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for
27、 identifying any or all such patent rights. ISO/IEC 20060 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. This second edition cancels and replaces the first edition (ISO/IEC 20060:2001), which has been technicall
28、y revised. BS ISO/IEC 20060:2010 ISO/IEC 20060:2010(E) ISO/IEC 2010 All rights reserved viiIntroduction This International Standard specifies the Open Terminal Architecture (OTA) consistent with requirements and capabilities defined by documents 1 thru 8 in the Bibliography. The overall architecture
29、 of the OTA is described in Annex F and is based on a virtual machine (VM) that can be programmed using high-level languages such as Forth or C. For compactness and efficiency, a tokenised form has been developed for delivering compiled programs to terminals of all CPU types. This and other virtual
30、machine related issues are explained in Clause 5. This International Standard defines a set of functions to be implemented in terminals in terms of instructions for a virtual machine. With these functions the application programmer is able to generate application software that is compact, portable a
31、nd certifiable on all OTA terminals. The inclusion of a function is determined by three main criteria: core compactness, execution speed, security requirements. In this International Standard, the word “shall” indicates mandatory behaviour. The word “will” indicates predicted or consequential behavi
32、our. The word “may” indicates permitted behaviour. The phrase “may not” indicates prohibited behaviour. BS ISO/IEC 20060:2010BS ISO/IEC 20060:2010 INTERNATIONAL STANDARD ISO/IEC 20060:2010(E) ISO/IEC 2010 All rights reserved 1Information technology Open Terminal Architecture (OTA) Virtual machine 1
33、Scope This International Standard provides the specifications for the standard Open Terminal Architecture (OTA) kernel in several layers: definition of the virtual machine (VM); description of the services provided by the VM to terminal programmers; specification of a set of tokens representing the
34、native machine language of the VM; specification of the format in which token modules are delivered to an OTA kernel for processing. OTA defines a standard software kernel whose functions and programming interface are common across all terminal types. This kernel is based on a standard “virtual mach
35、ine,” which is implemented on each CPU type and which provides drivers for the terminals I/O and all low-level CPU-specific logical and arithmetic functions. High-level libraries, terminal programs and payment applications may be developed using these standard kernel functions. 2 Normative reference
36、s The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. None. 3 Terms and definitions For the purposes
37、of this document, the following terms and definitions apply. 3.1 aligned address address of a memory location at which a character or cell can be accessed NOTE The OTA virtual machine requires that aligned addresses be exact multiples of 4. 3.2 ANS Forth programming language as defined by the Americ
38、an National Standard X3.215, 1994 BS ISO/IEC 20060:2010 ISO/IEC 20060:2010(E) 2 ISO/IEC 2010 All rights reserved3.3 big-endian byte ordering system in which the highest-order byte of a cell is at the lowest address (i.e. appears first in a data stream) NOTE The OTA virtual machine uses big-endian by
39、te order in token modules and card communication. 3.4 binary data element that is a number, to be interpreted as an unsigned integer 3.5 binary bit string 3.6 C C programming language 3.7 card selected services CSS card-resident code providing functions supporting terminal transactions, usually serv
40、ice functions that are used as part of a terminal selected services application 3.8 cell primary unit of information storage in the architecture of an Open Terminal Architecture system NOTE The standard size of a cell in the OTA virtual machine is four bytes. 3.9 compile transform higher-level speci
41、fications of software and/or data into executable form NOTE The executable form for the OTA virtual machine is OTA tokens. 3.10 compressed numeric number represented in binary-coded decimal format, left justified and padded with trailing hexadecimal Fs 3.11 counted string data structure consisting o
42、f one character containing the length followed by zero to 255 data characters 3.12 data space logical area of the virtual machine that can be accessed by Open Terminal Architecture tokens 3.13 data stack stack that may be used for passing parameters between functions cf. return stack (3.28) NOTE Whe
43、n there is no possibility of confusion, the data stack is referred to as “the stack”. BS ISO/IEC 20060:2010 ISO/IEC 20060:2010(E) ISO/IEC 2010 All rights reserved 33.14 EMV Integrated Circuit Card Specification for Payment Systems (see Bibliography 1 4) NOTE EMV is managed, maintained and enhanced b
44、y EMVCo, a consortium of American Express, JCB International, MasterCard Worldwide and Visa Incorporated (see Bibliography 1 - 4). 3.15 exception frame implementation-dependent set of information recording the current execution state necessary for the layered exception processing used in the virtual
45、 machine 3.16 exception stack stack used for the nesting of exception frames NOTE It may be, but need not be, implemented using the return stack. 3.17 execution pointer value that identifies the execution semantics of a function 3.18 implementation conformance statement 1)statement made by the suppl
46、ier of an implementation or system claimed to conform to a given specification, stating which capabilities have been implemented 3.19 instantiate register a local instance of a data structure with the virtual machine NOTE At power-up in a terminal, initialised data items and kernel databases are ins
47、tantiated. Further data, databases and TLV definitions may be instantiated when a module is loaded. 3.20 interpret at run-time identify the function associated with a token value in the code and execute it 3.21 kernel standardised set of functions mandated to be present on every terminal to implemen
48、t the Open Terminal Architecture virtual machine NOTE The kernel implementation for each CPU type is optimised for that processor. 3.22 library module set of software functions in Open Terminal Architecture token code with a published interface, providing general support for Terminal Programs and/or
49、 Applications 3.23 LISP family of programming languages, developed since the late 1960s, which the American National Standard working group X3J13 standardised as Common Lisp, starting 1986 1) For a further discussion, see ISO/IEC 9646 (all parts), Information technology Open Systems Interconnection Conformance testing methodology and framework. BS ISO/IEC 20060:2010 ISO/IEC 20060:2010(E) 4 ISO/IEC 2010 All rights reserved3.24 module collection of software functions and/or data compiled toget
