C.I.E – Carta di Identità Elettronica Functional Specification Version 2.0

More documents

Recommendations

Info

The record content will then be:The format for the key exponent is:The record content will then be:• ARMT = RFU, MUST be set to 00h• Dif_pq = RFU, MUST be set to 00h• Pub_Exp = is the length in bits of the key exponent. Pub_Exp shall be in the range 16…64bits.Security:The access condition to satisfy is AC_GENKEYPAIR for the Private key BSO.The AC_APPEND of the file that will contain the public key has to be verified.12.18 PERFORM SECURITY OPERATION12.18.1 PSO_DECCLA INS P1 P2 P3 Data Field0X 2A 80 86LC=length of data to be deciphered+ 1 byte for padding indicator00 (padding indicator) || enciphered dataTable 55: PSO_DEC commandThis command deciphers the input data with a symmetric or an asymmetric key. The first byte inthe input data is the indicator of the padding used.The deciphered data is returned in the command response.To use this command it is necessary to load in memory a current security environment (CSE) usingthe MSE command. The CSE CON component has to refer to an object of type:• RSA KPRI CRYPT/DECRYPT• 3DES CRYPT/DECRYPTSecurity:CIE - Functional Specification v 2.0 -Page 68/76
The access condition to satisfy is AC_USE of relevant BSONote:When PSO_DEC is performed with a BSO with Algorithm byte set to 0x0C (RSA_PURE), thecommand doesn’t perform any extra unpadding operation (padding indicator byte is ignored).12.18.2 PSO_ENCCLA INS P1 P2 P3 Data Field LE0X 2A 86h 80hLC = Length of data to beenciphered (plain text)Input data to beencipheredLength of enciphereddataTable 56: PSO_ENC commandThis command enciphers the input data with a key.The enciphered data is returned in the response where the first byte is the used padding indicator:00h (padding indicator) || The enciphered dataTo use this command is necessary to load in memory a current security environment (CSE) byusing a MSE command. The CSE CON component has to refer to an object of type:• RSA KPRI CRYPT/DECRYPT• 3DES CRYPT/DECRYPTSecurity:The access condition to satisfy is AC_USE.Note:When PSO_ENC is performed with a BSO with Algorithm byte set to 0x0C (RSA_PURE), thecommand doesn’t perform any extra padding operation (padding indicator byte is ignored).12.18.3 PSO_CDSCLA INS P1 P2 P3 DataFieldLE0X 2A 9E 9ALC =Length ofdata to besignedInputdatato besignedLength of signeddataTable 57: PSO_CDSCIE - Functional Specification v 2.0 -Page 69/76
Page 1 and 2:
C.I.E. - Carta di Identità Elettro
Page 3 and 4:
Table of Contents1. Revision Histor
Page 5 and 6:
12.17 GENERATE KEY PAIR ...........
Page 7 and 8:
2. IntroductionThis document is the
Page 9 and 10:
4. Reference Documents1. ISO/IEC 78
Page 11 and 12:
Public Key - That key of an entity
Page 13 and 14:
lsbLSBMACMFmsbMSBMSEMTSCOSOCIPINPPP
Page 15 and 16:
6. Electrical ParametersFor all ele
Page 17 and 18: 8. Answer To Reset (ATR)The Answer
Page 19 and 20: XXh XXh H5/H6 Y02h H7 Y49h H8 Y54h
Page 21 and 22: 9. Application SelectionNo explicit
Page 23 and 24: Record structure:The EF is seen at
Page 25 and 26: Linear Variable TLV or Cyclic EFSiz
Page 27 and 28: The card maintains an internal Secu
Page 29 and 30: BSO ID 1 01h to 1FhOPTION 1 See Tab
Page 31 and 32: RSA public key Exponent for Authent
Page 33 and 34: 11.4 Secure MessagingThe Secure Mes
Page 35 and 36: Byte Nr. SM Condition1 ENC USE IN2
Page 37 and 38: • Step 4: APDU command set up in
Page 39 and 40: 11.4.5 SM Response in SM_ENCOrigina
Page 41 and 42: 11.4.7 SM Response in SM_ENC_SIGOri
Page 43 and 44: 12. APDU ReferenceThe CIE supports
Page 45 and 46: 6A 86 Incorrect P1-P26A 87 Lc incon
Page 47 and 48: The PUT DATA - DATA_OCI acts on the
Page 49 and 50: 3DES - SM Cipher 10h 83h 03h3DES -
Page 51 and 52: 3 8Fh 6 BYTE 1: Not used - MUST be
Page 53 and 54: Table35Table 34: SELECT FILE Comman
Page 55 and 56: The operation is possible if the ac
Page 57 and 58: n has to be different from FFh.P1=0
Page 59 and 60: First and NextLast and PreviousSecu
Page 61 and 62: acktrackingallowed.b6 = 0b5 = 0b4 -
Page 63 and 64: 12.13 RESET RETRY COUNTERCLA INS P1
Page 65 and 66: 12.15 GIVE RANDOMCLA INS P1 P2 P3 D
Page 67: Security:The access condition to sa
Page 71 and 72: 0X 04 00 00 LC = 00 EmptyTable 59:
Page 73 and 74: • The length in bits of the priva
Page 75 and 76: • a sequence of q cipher text blo
show all

C.I.E – Carta di Identità Elettronica Functional Specification Version 2.0

Create successful ePaper yourself

Delete template?

Save as template?