Examples of secure messaging

B.1 Cryptographic checksum

This clause shows the use of secure messaging (see 6) and cryptographic checksums for each of the four cases of command-response pairs defined in ISO/IEC 7816-3.

In the examples, the notation CLA* means the use of secure messaging in the data fields: in CLA, either bits 8, 7 and 6 set to 000 and bit 4 set to 1, or bits 8, 7 and 6 set to 011.

In the examples, the notation CLA** means that bits 8, 7 and 6 of CLA are set to 000 and bits 4 and 3 to 11, i.e., that the command header shall be included in the computation of a data element for authentication.

Alternately the header may be encapsulated in a data object with tag ’89′, i.e., a SM data object to be included in the computation of a data element for authentication.

In the examples, the notation T* means that bit 1 of the last byte of the tag field is set to 1 (an odd tag number), i.e., that the SM data object shall be included in the computation of a data element for authentication.

 Case 1 — No command data, no response data

The unsecured command-response pair is as follows. Command header Command body

CLA INS P1 P2 Absent

Response body Response trailer

Absent SW1-SW2
Case 1.a — Status not protected

The secured command APDU is as follows. Command header Command body

CLA* INS P1 P2 {New Lc field} – {New data field (= T – L – Cryptographic checksum)}

If the length of the cryptographic checksum is four bytes, then the new Lc field is set to ’06′. New data field = One data object = {T – L – Cryptographic checksum} Data covered by the cryptographic checksum (bit 3 of CLA* set to 1) =

One block = {CLA** INS P1 P2 Padding}

The secured response APDU is as follows. Response body Response trailer

Absent SW1-SW2

 

Case 1.b — Status protected

The secured command APDU is as follows. Command header Command body

CLA* INS P1 P2 {New Lc field} – {New data field (= T – L – Cryptographic checksum)} – {New Le field (= ’00′)}

New data field = One data object = {T – L- Cryptographic checksum}

Data covered by the cryptographic checksum (bit 3 of CLA* set to 1) = One block = {CLA** INS P1 P2 Padding}

The secured response APDU is as follows. Response body Response trailer

New data field (={T* – L – SW1-SW2} – {T – L – Cryptographic checksum}) SW1-SW2

New data field = Two data objects = {T* – L – SW1-SW2} – {T – L – Cryptographic checksum} Data covered by the cryptographic checksum = One block = {T* – L -SW1-SW2 – Padding}

Case 2 — No command data, response data

The unsecured command-response pair is as follows. Command header Command body

CLA INS P1 P2 L e field

Response body Response trailer

Data field SW1-SW2

The secured command APDU is as follows. Command header Command body

CLA* INS P1 P2 New Lc field – New data field – {New Le field (one or two bytes set to ’00′)}

New data field = Two data objects = {T* – L – Le} – {T – L – Cryptographic checksum} Data covered by the cryptographic checksum = ⎯ One block = {T* – L – Le – Padding} if bit 3 of CLA* set to 0 ⎯ Two blocks = {CLA** INS P1 P2 Padding} – {T* – L – Le – Padding} if bit 3 of CLA* set to 1

The secured response APDU is as follows. Response body Response trailer

New data field SW1-SW2
(={T* – L – Plain value} – {T* – L – SW1-SW2} – {T – L – Cryptographic checksum})  

New data field = Three data objects = {T* – L – Plain value} – {T* – L – SW1-SW2} – {T – L – Cryptographic checksum}

Data covered by the cryptographic checksum = One or more blocks = {T* -L – Plain value – T* – L -SW1-SW2 – Padding}

 

Case 3 — Command data, no response data The unsecured command-response pair is as follows. Command header Command body  
Response body   Response trailer
CLA INS P1 P2     L c field – Data field
Absent SW1-SW2