1、BS ISO/IEC 7816-8:2016 Identification cards Integrated circuit cards Part 8: Commands and mechanisms for security operations BSI Standards Publication WB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06BS ISO/IEC 7816-8:2016 BRITISH STANDARD National foreword This British Standard is the UK imp
2、lementation of ISO/IEC 7816-8:2016. It supersedes BS ISO/IEC 7816-8:2004 which is withdrawn. The UK participation in its preparation was entrusted to Technical Committee IST/17, Cards and personal identification. A list of organizations represented on this committee can be obtained on request to its
3、 secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2016. Published by BSI Standards Limited 2016 ISBN 978 0 580 85939 7 ICS 35.240.15 Compliance with a British Stand
4、ard cannot confer immunity from legal obligations. This British Standard was published under the authority of the Standards Policy and Strategy Committee on 30 November 2016. Amendments/corrigenda issued since publication Date T e x t a f f e c t e dBS ISO/IEC 7816-8:2016 Identification cards Integr
5、ated circuit cards Part 8: Commands and mechanisms for security operations Cartes didentification Cartes circuit intgr Partie 8: Commandes et mcanismes pour les oprations de scurit INTERNATIONAL STANDARD ISO/IEC 7816-8 Reference number ISO/IEC 7816-8:2016(E) Third edition 2016-11-01 ISO/IEC 2016 BS
6、ISO/IEC 7816-8:2016ii ISO/IEC 2016 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2016, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, inclu
7、ding photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Switzerland T
8、el. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.org www.iso.org ISO/IEC 7816-8:2016(E)BS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E)Foreword iv Introduction v 1 Scope .1 2 Normative references 1 3 Terms and definitions .1 4 Symbols and abbreviated terms . 2 5 Interindustry commands for security
9、 operations .3 5.1 General . 3 5.2 generate asymmetric key pair command 3 5.3 perform security operation command 7 5.3.1 General 7 5.3.2 compute cryptographic checksum operation .10 5.3.3 compute digital signature operation .10 5.3.4 hash operation11 5.3.5 verify cryptographic checksum operation .11
10、 5.3.6 verify digital signature operation .11 5.3.7 verify certificate operation .12 5.3.8 encipher operation 13 5.3.9 decipher operation 13 Annex A (informative) Examples of operations related to digital signature .14 Annex B (informative) Examples of certificates interpreted by the card 20 Annex C
11、 (informative) Examples of asymmetric key transfer .25 Annex D (informative) Alternatives to achieve the reversible change of security context .28 Annex E (informative) Example of uses for generate asymmetric key pair command 30 Bibliography .36 ISO/IEC 2016 All rights reserved iii Contents PageBS I
12、SO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E) Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development
13、of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in
14、 liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives,
15、 Part 1. In particular the different approval criteria needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the e
16、lements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarati
17、ons received (see www.iso.org/patents). Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information abou
18、t ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. This third edition
19、cancels and replaces the second edition (ISO/IEC 7816-8:2004), which has been technically revised. A list of all parts in the ISO/IEC 7816 series can be found on the ISO website.iv ISO/IEC 2016 All rights reservedBS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E) Introduction ISO/IEC 7816 is a series of s
20、tandards specifying integrated circuit cards and the use of such cards for interchange. These cards are identification cards intended for information exchange negotiated between the outside world and the integrated circuit in the card. As a result of an information exchange, the card delivers inform
21、ation (computation result, stored data), and/or modifies its content (data storage, event memorization). Five parts are specific to cards with galvanic contacts and three of them specify electrical interfaces: ISO/IEC 7816-1 specifies physical characteristics for cards with contacts; ISO/IEC 7816-2
22、specifies dimensions and location of the contacts; ISO/IEC 7816-3 specifies electrical interface and transmission protocols for asynchronous cards; ISO/IEC 7816-10 specifies electrical interface and answer to reset for synchronous cards; ISO/IEC 7816-12 specifies electrical interface and operating p
23、rocedures for USB cards. All the other parts are independent from the physical interface technology. They apply to cards accessed by contacts and/or by radio frequency: ISO/IEC 7816-4 specifies organization, security and commands for interchange; ISO/IEC 7816-5 specifies registration of application
24、providers; ISO/IEC 7816-6 specifies interindustry data elements for interchange; ISO/IEC 7816-7 specifies commands for structured card query language; ISO/IEC 7816-8 specifies commands for security operations; ISO/IEC 7816-9 specifies commands for card management; ISO/IEC 7816-11 specifies personal
25、verification through biometric methods; ISO/IEC 7816-13 specifies commands for handling the life cycle of applications; ISO/IEC 7816-15 specifies cryptographic information application. ISO/IEC 10536 (all parts) specifies access by close coupling. ISO/IEC 14443 (all parts) and ISO/IEC 15693 (all part
26、s) specify access by radio frequency. Such cards are also known as contactless cards. ISO/IEC 2016 All rights reserved vBS ISO/IEC 7816-8:2016BS ISO/IEC 7816-8:2016Identification cards Integrated circuit cards Part 8: Commands and mechanisms for security operations 1 Scope This document specifies in
27、terindustry commands that may be used for security operations. This document also provides informative directives on how to construct security mechanisms with ISO/IEC 7816-4 defined commands. The choice and conditions of use of cryptographic mechanism in security operations may affect card exportabi
28、lity. The evaluation of the suitability of algorithms and protocols is outside the scope of this document. It does not cover the internal implementation within the card and/or the outside world. 2 Normative references The following documents are referred to in the text in such a way that some or all
29、 of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 7816-4:2013, Identification cards Integrated circuit cards Part 4: Orga
30、nization, security and commands for interchange 3 Terms and definitions For the purposes of this document, the following terms and definitions apply ISO and IEC maintain terminological databases for use in standardization at the following addresses: IEC Electropedia: available at http:/ /www.electro
31、pedia.org/ ISO Online browsing platform: available at http:/ /www.iso.org/obp 3.1 asymmetric key pair pair of elements belonging to cryptographic techniques that use two related operations: a public operation defined by public numbers or by a public key and a private operation defined by private num
32、bers or by a private key Note 1 to entry: The two operations have the property that, given the public operation, it is computationally infeasible to derive the private operation. 3.2 certificate digital signature (3.3) binding a particular person or object and its associated public key Note 1 to ent
33、ry: The entity issuing the certificate also acts as tag allocation authority with respect to the data elements in the certificate. SOURCE: ISO/IEC 7816-4:2012, 3.11, modified INTERNATIONAL ST ANDARD ISO/IEC 7816-8:2016(E) ISO/IEC 2016 All rights reserved 1BS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E)
34、 3.3 digital signature data appended to, or cryptographic transformation of, a data string that proves the origin and the integrity of the data string and protect against forgery, e.g. by the recipient of the data string SOURCE: ISO/IEC 7816-4:2012, 3.21 3.4 key sequence of symbols controlling a cry
35、ptographic operation (e.g. encipherment, decipherment, a private or a public operation in a dynamic authentication, signature production, signature verification) SOURCE: ISO/IEC 7816-4:2012, 3.32 3.5 non-self-descriptive certificate certificate (3.2) consisting of a concatenation of data elements as
36、sociated to a header list or extended header list, describing the structure of the certificate 3.6 self-descriptive certificate certificate (3.2) consisting of a concatenation of data objects 3.7 secure messaging set of means for cryptographic protection of (parts of) command-response pairs SOURCE:
37、ISO/IEC 7816-4:2012, 3.50 4 Symbols and abbreviated terms BER basic encoding rules of ASN.1 (see ISO/IEC 8825-1) CCT control reference template for cryptographic checksum CRT control reference template CT control reference template for confidentiality DSA digital signature algorithm DST control refe
38、rence template for digital signature ECDSA elliptic curve digital signature algorithm HT control reference template for hash-code MSE manage security environment command PSO perform security operation command pso hash PSO command with hash operation pso checksum PSO command with compute cryptographi
39、c checksum operation pso sign PSO command with compute digital signature operation pso verify checksum PSO command with verify cryptographic checksum operation pso verify sign PSO command with verify digital signature2 ISO/IEC 2016 All rights reservedBS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E) pso
40、verify certificate PSO command with verify certificate pso encipher PSO command with encipher operation pso decipher PSO command with decipher operation GQ2 modified Guillou-Quisquater protocol for zero knowledge proof RFU reserved for future use for ISO/IEC JTC 1/SC 17 RSA Rivest, Shamir, Adleman S
41、E security environment SEID security environment identifier TLV tag, length, value 5 Interindustry commands for security operations 5.1 General An ICC compliant with this document may support any of the commands and/or options provided in the following clauses and subclauses. NOTE In addition to the
42、 use of logical channels, there are other alternatives that may be used for switching the security context. Annex D provides information about this functionality. 5.2 generate asymmetric key pair command The generate asymmetric key pair command initiates either the generation and storing of an asymm
43、etric key pair, i.e. a public key and a private key, in the card, the generation, storing of an asymmetric key pair and extracting generated public key, or the extracting previously generated public key. The command may be preceded by a manage security environment command in order to set key generat
44、ion related parameters (e.g. algorithm reference). The command may be performed in one or several steps, possibly using command chaining (see ISO/IEC 7816-4). ISO/IEC 2016 All rights reserved 3BS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E) Table 1 generate asymmetric key pair command-response pair CLA
45、 As defined in ISO/IEC 7816-4 INS 46 or 47 P1 See Table 2 P2 00 (no information provided) or reference of the private key to be generated coded according to ISO/IEC 7816-4:2013, Table 94 L cfield Absent for encoding N c= 0, present for encoding N c 0 Data field Absent, or Proprietary data if P1-P2 s
46、et to 0000, or One or more CRTs associated to the key generation if P1-P2 different from 0000 (see notes) A CRT may include an extended header list L efield Absent for encoding N e= 0, present for encoding N e 0 Data field Absent, or Public key as a sequence of data elements (INS=46), or Public key
47、as a sequence of data objects (INS=47), or Public key as a sequence of data objects according to an extended header list (INS=47) SW1-SW2 See ISO/IEC 7816-4:2013, Tables 5 and 6 where relevant, e.g. 6 985 NOTE 1 Several CRTs are present when the key pair is generated for several uses. In a data fiel
48、d, a CRT may have a zero length. Table 2 P1 coding b8 b7 b6 b5 b4 b3 b2 b1 Value 0 0 0 0 0 0 0 0 No information given 1 x x x Additional information given 1 x Key generation 1 0 - Generate asymmetric key pair 1 1 - Access to an existing public key 1 x Format of returned public key data 1 0 - Proprie
49、tary format 1 1 - Output format according to extended header list 1 x Output indicator 1 0 - Public key data in response data field 1 1 - No response data if Le field absent or proprietary if Le field present x x x x 0000, other values are RFU NOTE 2 The private key may be stored in an internal EF the