1、 Reference numberISO/IEC 7816-8:2004(E)ISO/IEC 2004Identification cards Integrated circuit cards Part 8: Commands for security operations Cartes didentification Cartes circuit intgr Partie 8: Commandes pour des operations de scurit National Standard of CanadaCAN/CSA-ISO/IEC 7816-8:05(ISO/IEC 7816-8:
2、2004)International Standard ISO/IEC 7816-8:2004 (second edition, 2004-06-01) has been adopted withoutmodification (IDT) as CSA Standard CAN/CSA-ISO/IEC 7816-8:05, which has been approved as a NationalStandard of Canada by the Standards Council of Canada.ISBN 1-55397-918-4 October 2005The Canadian St
3、andards Association (CSA), under whose auspices this National Standard has been produced, was chartered in 1919 and accredited by the Standards Council of Canada to the National Standards system in 1973. It is a not-for-profit, nonstatutory, voluntary membership association engaged in standards deve
4、lopment and certification activities. CSA standards reflect a national consensus of producers and users including manufacturers, consumers, retailers, unions and professional organizations, and governmental agencies. The standards are used widely by industry and commerce and often adopted by municip
5、al, provincial, and federal governments in their regulations, particularly in the fields of health, safety, building and construction, and the environment. Individuals, companies, and associations across Canada indicate their support for CSAs standards development by volunteering their time and skil
6、ls to CSA Committee work and supporting the Associations objectives through sustaining memberships. The more than 7000 committee volunteers and the 2000 sustaining memberships together form CSAs total membership from which its Directors are chosen. Sustaining memberships represent a major source of
7、income for CSAs standards development activities. The Association offers certification and testing services in support of and as an extension to its standards development activities. To ensure the integrity of its certification process, the Association regularly and continually audits and inspects p
8、roducts that bear the CSA Mark. In addition to its head office and laboratory complex in Toronto, CSA has regional branch offices in major centres across Canada and inspection and testing agencies in eight countries. Since 1919, the Association has developed the necessary expertise to meet its corpo
9、rate mission: CSA is an independent service organization whose mission is to provide an open and effective forum for activities facilitating the exchange of goods and services through the use of standards, certification and related services to meet national and international needs.For further inform
10、ation on CSA services, write toCanadian Standards Association5060 Spectrum Way, Suite 100Mississauga, Ontario, L4W 5N6CanadaThe Standards Council of Canada is the coordinating body of the National Standards system, a federation of independent, autonomous organizations working towards the further dev
11、elopment and improvement of voluntary standardization in the national interest. The principal objects of the Council are to foster and promote voluntary standardization as a means of advancing the national economy, benefiting the health, safety, and welfare of the public, assisting and protecting th
12、e consumer, facilitating domestic and international trade, and furthering international cooperation in the field of standards. A National Standard of Canada is a standard which has been approved by the Standards Council of Canada and one which reflects a reasonable agreement among the views of a num
13、ber of capable individuals whose collective interests provide to the greatest practicable extent a balance of representation of producers, users, consumers, and others with relevant interests, as may be appropriate to the subject in hand. It normally is a standard which is capable of making a signif
14、icant and timely contribution to the national interest. Approval of a standard as a National Standard of Canada indicates that a standard conforms to the criteria and procedures established by the Standards Council of Canada. Approval does not refer to the technical content of the standard; this rem
15、ains the continuing responsibility of the accredited standards development organization. Those who have a need to apply standards are encouraged to use National Standards of Canada whenever practicable. These standards are subject to periodic review; therefore, users are cautioned to obtain the late
16、st edition from the organization preparing the standard.The responsibility for approving National Standards of Canada rests with theStandards Council of Canada270 Albert Street, Suite 200Ottawa, Ontario, K1P 6N7CanadaAlthough the intended primary application of this Standard is stated in its Scope,
17、it is importantto note that it remains the responsibility of the users to judge its suitability for their particular purpose.Registered trade-mark of Canadian Standards AssociationCette norme est offerte en anglais seulement pour le moment. La CSA publiera la version enfranais ds quelle sera produit
18、e par lorganisme rdacteur.CAN/CSA-ISO/IEC 7816-8:05Identification cards Integrated circuit cards Part 8: Commands for security operationsOctober 2005 Canadian Standards Association CSA/1CAN/CSA-ISO/IEC 7816-8:05Identification cards Integrated circuit cards Part 8: Commands for security operationsCSA
19、 PrefaceStandards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Info
20、rmation Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephon
21、e Consultative Committee (ITU-T).This Standard supersedes CAN/CSA-ISO/IEC 7816-8:02 (adoption of ISO/IEC 7816-8:1999). At the time of publication, ISO/IEC 7816-8:2004 is available from ISO and IEC in English only. CSA will publish the French version when it becomes available from ISO and IEC.This In
22、ternational Standard was reviewed by the CSA TCIT under the jurisdiction of the Strategic Steering Committee on Information Technology and deemed acceptable for use in Canada. (A committee membership list is available on request from the CSA Project Manager.) From time to time, ISO/IEC may publish a
23、ddenda, corrigenda, etc. The CSA TCIT will review these documents for approval and publication. For a listing, refer to the CSA Information Products catalogue or CSA Info Update or contact a CSA Sales representative. This Standard has been formally approved, without modification, by the Technical Co
24、mmittee and has been approved as a National Standard of Canada by the Standards Council of Canada.October 2005 Canadian Standards Association 2005All rights reserved. No part of this publication may be reproduced in any form whatsoever without the prior permission ofthe publisher. ISO/IEC material i
25、s reprinted with permission. Where the words “this International Standard” appear in the text, they should be interpreted as “this National Standard of Canada”.Inquiries regarding this National Standard of Canada should be addressed toCanadian Standards Association5060 Spectrum Way, Suite 100, Missi
26、ssauga, Ontario, Canada L4W 5N61-800-463-6727 416-747-4044www.csa.caReference numberISO/IEC 7816-8:2004(E)ISO/IEC 2004INTERNATIONAL STANDARD ISO/IEC7816-8Second edition2004-06-01Identification cards Integrated circuit cards Part 8: Commands for security operations Cartes didentification Cartes circu
27、it intgr Partie 8: Commandes pour des operations de scurit ISO/IEC 7816-8:2004(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed t
28、o and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the sof
29、tware products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it
30、is found, please inform the Central Secretariat at the address given below. ISO/IEC 2004 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without per
31、mission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org ii ISO/IEC 2004 All rights reservedISO/IEC 7816-8:2
32、004(E) ISO/IEC 2004 All rights reserved iiiContents Page Foreword iv Introduction v 1 Scope 1 2 Normative references . 1 3 Terms and definitions. 1 4 Abbreviations and notation 2 5 Interindustry commands for cryptographic operations 2 5.1 GENERATE ASYMMETRIC KEY PAIR command . 2 5.2 PERFORM SECURITY
33、 OPERATION command 5 5.3 COMPUTE CRYPTOGRAPHIC CHECKSUM operation. 6 5.4 COMPUTE DIGITAL SIGNATURE operation 6 5.5 HASH operation. 7 5.6 VERIFY CRYPTOGRAPHIC CHECKSUM operation. 8 5.7 VERIFY DIGITAL SIGNATURE operation 8 5.8 VERIFY CERTIFICATE operation 9 5.9 ENCIPHER operation 9 5.10 DECIPHER opera
34、tion 10 Annex A (informative) Examples of operations related to digital signature 11 Annex B (informative) Examples of certificates interpreted by the card 14 Annex C (informative) Examples of asymmetric key import/export 16 Bibliography . 19 ISO/IEC 7816-8:2004(E) iv ISO/IEC 2004 All rights reserve
35、dForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through techn
36、ical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take par
37、t in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare Inter
38、national Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some
39、of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 7816-8 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identi
40、fication. This second edition, together with the second editions of ISO/IEC 7816-4, ISO/IEC 7816-5, ISO/IEC 7816-6 and ISO/IEC 7816-9, after an in-depth reorganization of these five parts, cancels and replaces ISO/IEC 7816-4:1995, ISO/IEC 7816-5:1994, ISO/IEC 7816-6:1996, ISO/IEC 7816-8:1999 and ISO
41、/IEC 7816-9:2000. It also incorporates the Amendments ISO/IEC 7816-4:1995/Amd.1:1997, ISO/IEC 7816-5:1994/Amd.1:1996 and ISO/IEC 7816-6:1996/Amd.1:2000 and the Technical Corrigendum ISO/IEC 7816-6:1996/Cor.1:1998. ISO/IEC 7816 consists of the following parts, under the general title Identification c
42、ards Integrated circuit cards: Part 1: Cards with contacts Physical characteristics Part 2: Cards with contacts Dimensions and location of the contacts Part 3: Cards with contacts Electrical interface and transmission protocols Part 4: Organization, security and commands for interchange Part 5: Regi
43、stration of application providers Part 6: Interindustry data elements for interchange Part 7: Interindustry commands for Structured Card Query Language (SCQL) Part 8: Commands for security operations Part 9: Commands for card management Part 10: Cards with contacts Electronic signals and answer to r
44、eset for synchronous cards Part 11: Personal verification through biometric methods Part 15: Cryptographic information application ISO/IEC 7816-8:2004(E) ISO/IEC 2004 All rights reserved vIntroduction ISO/IEC 7816 is a series of International Standards specifying integrated circuit cards and the use
45、 of such cards for interchange. These cards are identification cards intended for information exchange negotiated between the outside world and the integrated circuit in the card. As a result of an information exchange, the card delivers information (computation result, stored data), and/or modifies
46、 its content (data storage, event memorization). Five parts are specific to cards with galvanic contacts and three of them specify electrical interfaces. ISO/IEC 7816-1 specifies physical characteristics for cards with contacts. ISO/IEC 7816-2 specifies dimensions and location of the contacts. ISO/I
47、EC 7816-3 specifies electrical interface and transmission protocols for asynchronous cards. ISO/IEC 7816-10 specifies electrical interface and answer to reset for synchronous cards. ISO/IEC 7816-12 specifies electrical interface and operating procedures for USB cards. All the other parts are indepen
48、dent from the physical interface technology. They apply to cards accessed by contacts and/or by radio frequency. ISO/IEC 7816-4 specifies organization, security and commands for interchange. ISO/IEC 7816-5 specifies registration of application providers. ISO/IEC 7816-6 specifies interindustry data e
49、lements for interchange. ISO/IEC 7816-7 specifies commands for structured card query language. ISO/IEC 7816-8 specifies commands for security operations. ISO/IEC 7816-9 specifies commands for card management. ISO/IEC 7816-11 specifies personal verification through biometric methods. ISO/IEC 7816-15 specifies cryptographic information application. ISO/IEC 10536 specifies access by close coupling. ISO/IEC 14443 and 15693 specify access by radio frequen