C.I.E – Carta di Identità Elettronica Functional Specification Version 2.0

More documents

Recommendations

Info

This command computes the digital signature (DS) of the input data.The DS is given in the response data field.To use this command it is necessary to load in memory a current security environment (CSE) byusing a MSE command. The CSE has to refer to a DS component and to an object type:• RSA KPRI SIGNThe input data are the digest of the hashed data.The card performs a PKCS#1 BT1 padding on the input data before computing the signature.Security:The access condition to satisfy is AC_USE of relevant BSO.12.19 Optional commandsMain Digital Signature schemes need files (EF and DF) to be deactivable / activable after thesignature has reached a certain level of authentication within the card.In the next sections two optional ISO standard APDU commands are described as a suggestion forimplementing such requirement.The implementation of these commands is absolutely optional. Cards manufacturers are free tofulfil Digital Signature requirements with proprietary commands.12.19.1 AC bytes extensionBytes 4 and 5 in MF/DF and EF ACs (See Table7 and Table8 for coding) are used in the followingway:Byte Nr. ACProtected Commands... ... ...4 AC_ DEACTIVATE DEACTIVATE FILE5 AC_ ACTIVATE ACTIVATE FILE... ... ..Table 58: MF/DF and EF AC bytes modification12.19.2 DEACTIVATE FILECLA INS P1 P2 P3 Data FieldCIE - Functional Specification v 2.0 -Page 70/76
0X 04 00 00 LC = 00 EmptyTable 59: DEACTIVATE FILE commandThis command acts on the currently selected file.It changes the status of the current file to "Deactivated".A deactivated file can only be selected or activated. All other operations on this file will result in anerror message.If a DF has been deactivated, its content is deactivated as well.Security:AC_DEACTIVATE has to be fulfilled.12.19.3 ACTIVATE FILECLA INS P1 P2 P3 Data Field0X 44 00 00 LC = 00 EmptyTable 60: ACTIVATE FILE commandThis command acts on the currently selected file.It changes the status of the current file to "Activated".Security:AC_ACTIVATE has to be fulfilled.CIE - Functional Specification v 2.0 -Page 71/76
Page 1 and 2:
C.I.E. - Carta di Identità Elettro
Page 3 and 4:
Table of Contents1. Revision Histor
Page 5 and 6:
12.17 GENERATE KEY PAIR ...........
Page 7 and 8:
2. IntroductionThis document is the
Page 9 and 10:
4. Reference Documents1. ISO/IEC 78
Page 11 and 12:
Public Key - That key of an entity
Page 13 and 14:
lsbLSBMACMFmsbMSBMSEMTSCOSOCIPINPPP
Page 15 and 16:
6. Electrical ParametersFor all ele
Page 17 and 18:
8. Answer To Reset (ATR)The Answer
Page 19 and 20: XXh XXh H5/H6 Y02h H7 Y49h H8 Y54h
Page 21 and 22: 9. Application SelectionNo explicit
Page 23 and 24: Record structure:The EF is seen at
Page 25 and 26: Linear Variable TLV or Cyclic EFSiz
Page 27 and 28: The card maintains an internal Secu
Page 29 and 30: BSO ID 1 01h to 1FhOPTION 1 See Tab
Page 31 and 32: RSA public key Exponent for Authent
Page 33 and 34: 11.4 Secure MessagingThe Secure Mes
Page 35 and 36: Byte Nr. SM Condition1 ENC USE IN2
Page 37 and 38: • Step 4: APDU command set up in
Page 39 and 40: 11.4.5 SM Response in SM_ENCOrigina
Page 41 and 42: 11.4.7 SM Response in SM_ENC_SIGOri
Page 43 and 44: 12. APDU ReferenceThe CIE supports
Page 45 and 46: 6A 86 Incorrect P1-P26A 87 Lc incon
Page 47 and 48: The PUT DATA - DATA_OCI acts on the
Page 49 and 50: 3DES - SM Cipher 10h 83h 03h3DES -
Page 51 and 52: 3 8Fh 6 BYTE 1: Not used - MUST be
Page 53 and 54: Table35Table 34: SELECT FILE Comman
Page 55 and 56: The operation is possible if the ac
Page 57 and 58: n has to be different from FFh.P1=0
Page 59 and 60: First and NextLast and PreviousSecu
Page 61 and 62: acktrackingallowed.b6 = 0b5 = 0b4 -
Page 63 and 64: 12.13 RESET RETRY COUNTERCLA INS P1
Page 65 and 66: 12.15 GIVE RANDOMCLA INS P1 P2 P3 D
Page 67 and 68: Security:The access condition to sa
Page 69: The access condition to satisfy is
Page 73 and 74: • The length in bits of the priva
Page 75 and 76: • a sequence of q cipher text blo
show all

C.I.E – Carta di Identità Elettronica Functional Specification Version 2.0

Create successful ePaper yourself

Delete template?

Save as template?