Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2 2/22
Table of contents A. TABLE OF ERRATA AND PRECISIONS............................................................................................................ 3
E. ERRATA ................................................................................................................................................................... 4 E.1. PKCS#1 CORRECTIONS..................................................................................................................................... 4 E.2. REVIEW OF KEY USAGE AND OCE REMOVAL.................................................................................................. 5 E.3. STORE DATA COMMAND ................................................................................................................................ 8 E.4. SUPPORT FOR MULTIPLE PERSONALIZATION SCENARIOS................................................................................. 9 E.5. CORRECT ORDER ON DGI '00A6' AND ‘8010’................................................................................................... 9 E.6. AUTHORITY INTERFACE .................................................................................................................................... 9 E.7. KEY DEFINITION .............................................................................................................................................. 13
P. PRECISIONS.......................................................................................................................................................... 16 P.1. DATA OBJECT TAGS FOR KEY DEFINITION ..................................................................................................... 16 P.2. CIPHERED LOAD FILE DATA BLOCK PRIVILEGE ........................................................................................... 16 P.3. DGI FOR SD KEYS ........................................................................................................................................... 17 P.4. PERSONALIZATION PROCESSDATA() NOTE ON INBUFFER/OUTBUFFER ......................................................... 22
3/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
A.Table of Errata and Precisions The following table classifies all the Errata and Precisions of the different Errata and Precisions Lists released for the A_Confidential_card_content_Management_v1.0 into a sequential order that reflects the Card Specification index. The latest Errata and Precisions are in blue characters.
Errata / Precision
Card Specification reference Description
E.1 Section 1 (Table 1), section 4.5 (Tables 15 and 16), and section 4.7 PKCS#1 Corrections
E.2 Sections 4.2, 4.3, 4.4, and 4.5 Review of Key Usage and OCE Removal
E.3 Section 4.4 STORE DATA command
E.4 Section 4.4 (Table 12) Support for multiple personalization scenarios
E.5 Section 4.5 Remove order restriction on DGI '00A6'
E.6 Sections 5.2 API verifyKey() / recoverKey()
E.7 Table 2 Key Definition
P.1 Section 4.1 Data object tags for Key Definition
P.2 Section 4.9 (new) Ciphered Load File Data Block Privilege
P.3 Section 4.10 (new) DGI for Personalization of CASD Keys
P.4 Section 5.1 Personalization processData() Note on inBuffer/outBuffer
Tables 15 and 16 shall specify PKCS#1 v1.5 padding, and require padding (no longer optional, but now conditional).
The sentence after table 14
“Underlying plain text structure is provided in Table 15. The data content is ciphered using the PK.CASD.AUT. The length of each key is provided by the CRT tag 81 within the DGI ‘00A6‘. The length of the padding depends on the length of public modulus and is known by the CASD.
”
Shall be replaced by
“Underlying plain text structure is provided in Tables 15 and 16. If asymmetric scheme is used the data content is ciphered using the PK.CASD.AUT with encryption scheme RSAES-PKCS1-V1_5 as specified in PKCS#1 [4]. The length of each key is provided by the CRT tag 81 within the DGI ‘00A6‘. If symmetric scheme is used the data content is ciphered, in CBC mode and ICV set to zero, using the KS.CASD.CT. If the plain text data is not a multiple of the encryption block length the last block shall be filled with arbitrary padding bytes.“
Table 15 shall be replaced as:
Data Element Presence ENC key Mandatory MAC key Mandatory DEK key Mandatory
Table 1: Data Content for DGI '8010' – Encrypted Secure Channel Keys Values
Table 16 shall be replaced as:
Data Element Presence Master key Mandatory
Table 2: Data Content for DGI '8010' – Master Key Value
Section 4.7, bullet C.4.1, last sentence shall be modified as follows:
Replace,
"Padding of the data is as defined by the SHA-1 and PKCS#1 mechanism. The signature scheme for tokens is as defined in Annex B.2.1 of the GlobalPlatform Card Specification v2.2 – Secure Hash Algorithm (SHA-1)."
5/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
By
"The signature scheme for tokens is as defined in Annex B.3 of the GlobalPlatform Card Specification v2.2."
E.2. Review of Key Usage and OCE Removal
The purpose of this Erratum is to make GP CS v2.2 Amendment A consistent with the requirements of the UICC Configuration v1.0.
Section 4.2,
“The STORE DATA command can be used in both scenarios – and shall be coded as a case 3 command:
1. Personalization of the Controlling Authority Public Key Certificate.
2. Verification of the Application Provider Public Key Certificate.”
shall be updated as follows:
“The STORE DATA command can be used in both scenarios – and shall be coded as a case 3 command:
3. Personalization of the CASD Public Key Certificate.
4. Verification of the Application Provider Public Key Certificate.”
Section 4.2.1, Paragraph 1,
“Personalization of the Controlling Authority Security Domain i.e. the Controlling Authority Public Key Certificate may take place during pre-issuance or post issuance. The Data Group Identifier for Controlling Authority Public Key Certificate is defined in Table 4.”
shall be updated as follows:
“Personalization of the Controlling Authority Security Domain (i.e. the CASD Public Key Certificate) may take place during pre-issuance or post issuance. The Data Group Identifier for the CASD Public Key Certificate is defined in Table 4”
Section 4.2.2, the title
“Pull Model: DGI for Application Provider Certificate” shall be replaced by:
“DGI for the Application Provider Certificate” Section 4.2.2, Paragraph 1,
“The Controlling Authority verifies the Application Provider Public Key Certificate. The Application Provider Security Domain uses the interface authority to allow CA SD to verify the Application Provider Public Key Certificate. The DGI value of ‘00AE’ is based on the ISO tag value for input template for verification of a certificate; see also the GlobalPlatform Card Specification v2.2 section F.4.7.2. To distinguish between certificates with and without message recovery a 2nd DGI with value of ‘00DE’ is introduced (based on proprietary tag value per ISO).”
Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2 6/22
“The Controlling Authority generates the Application Provider Public Key Certificate. When the APSD receives the certificate, it uses the Authority interface to request the CASD to verify the Application Provider Public Key Certificate. The DGI value of ‘00AE’ is an input template for verification of a certificate. The DGI value of ‘00DE’ is introduced to distinguish between certificates with and without message recovery.”
Section 4.2.2, Paragraph 4,
“The Application Provider Public Key Certificate may be itself encrypted. To support such scenario, the Controlling Authority Security Domain needs to be personalized with a key pair for confidentiality: PK.CASD.CT, SK.CASD.CT. The Application Provider Public Key Certificate is then encrypted with the Controlling Authority Security Domain Confidentiality Public Key: PK.CASD.CT. The Data Group Identifiers for encrypted Application Provider Certificate are defined in Table 6.”
shall be updated as follows:
“The Application Provider Public Key Certificate may be itself encrypted. To support this scenario, the CASD shall be personalized with an asymmetric Private Key for confidentiality: SK.CASD.CT, to decrypt the AP certificate and with the corresponding Public Key Certificate: CERT.CASD.CT that may be retrieved by the Application Provider. The Application Provider Public Key Certificate is then encrypted off-card with the Controlling Authority Security Domain Confidentiality Public Key: PK.CASD.CT. The Data Group Identifiers for the encrypted Application Provider Certificate are defined in Table 6.”
Section 4.2.3, Paragraph 2,
“When using symmetric Controlling Authority keys, there is no Controlling Authority Public Key Certificate to personalize (no DGI ‘7F21’) and the content of DGI ‘00AE’ is the Application Provider encryption Key signed by the Controlling Authority coded in TLV format with a tag value of ‘8E’ (ISO tag value for cryptographic checksum).”
shall be updated as follows:
“When using symmetric Controlling Authority keys, there is no Controlling Authority Public Key Certificate to personalize (no DGI ‘7F21’) and the content of DGI ‘00AE’ is the Application Provider encryption Key, KS.AP.CT, signed by the Controlling Authority coded in TLV format with a tag value of ‘8E’ (ISO tag value for cryptographic checksum).”
Section 4.2.3, Last paragraph
“After the certificate is successfully verified and validated the Application Provider Public key contained in the certificate (PK.AP_OCE.AUTH or KS. AP_OCE.AUTH) shall be used to encrypt the on Security Domain generated key before being exported from the card.”
shall be updated as follows:
“After the content of DGI ‘00AE’ ‘80AE’, ‘00DE’ or ‘80DE’ is successfully verified and validated, the Application Provider key (PK.AP.CT or KS. AP.CT) contained in the DGI shall be used to encrypt the key(s) generated on-card by the Security Domain before they are exported from the card.”
Section 4.3, First paragraph,
“Pulling the Application Provider Security domain key consists of pushing the PK.AP_OCE.AUTH or KS. AP_OCE.AUT to encrypt key generated on card. This DGI is not used when pushing the Application Provider Security Domain Keys.”
shall be replaced by:
“The Pull Model requires that the APSD is provided with the Application Provider Public Key (or Symmetric Key) for confidentiality PK.AP.CT (or KS.AP.CT). This key is used to encrypt the Secure Channel keys generated on-card.”
7/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
Section 4.3
“
• The Application Provider Key is asymmetric (PK.AP_OCE.AUT) or symmetric (KS. AP_OCE.AUT) encrypted and signed by the Controlling Authority. The Controlling Authority provides certificates with message recovery (DGI = ‘00DE’). The CASD verifies the Application Provider Key certificate with PK.CASD.AUT and retrieves PK. AP_OCE.AUT (or KS. AP_OCE.AUT) from the certificate.
• The Application Provider Key is asymmetric (PK. AP_OCE.AUT) or symmetric (KS. AP_OCE.AUT) encrypted and signed by the Controlling Authority. The Controlling Authority provides certificates without message recovery (DGI = ‘00AE’). The CASD verifies the Application Provider Key certificate with PK.CASD.AUT. The PK.AP_OCE.AUT (or KS. AP_OCE.AUT) is provided encrypted in a separate DGI since the certificate is without message recovery.
• The Application Provider Key is symmetric (KS.AP_OCE.AUT) or asymmetric (PK. AP_OCE.AUT) encrypted with the symmetric Controlling Authority Key (KS.CASD.AUT).”
Shall be replaced by
“
• The Application Provider Key is asymmetric (PK.AP.CT). The Controlling Authority provides certificates with message recovery (DGI = ‘00DE’). The CASD verifies the Application Provider Key certificate with PK.CA.AUT and retrieves PK. AP.CT from the certificate.
• The Application Provider Key is asymmetric (PK. AP.CT). The Controlling Authority provides certificates without message recovery (DGI = ‘00AE’). The CASD verifies the Application Provider Key certificate with PK.CA.AUT. The PK.AP.CT is provided encrypted in a separate DGI since the certificate is without message recovery.
• The Application Provider Key is symmetric (KS.AP.CT) and encrypted with the symmetric Controlling Authority Key (KS.CA.CT).”
Section 4.3, Paragraph 5,
“Segregating encrypted and non encrypted DGIs requires a DGI for the encrypted Application Provider Key, either symmetric: KS. AP_OCE.AUT or asymmetric: PK. AP_OCE.AUT. The Data Grouping Identifier for encrypted Application Provider Key is defined in Table 10.”
shall be updated as follows:
“Segregating encrypted and non encrypted DGIs requires a DGI for the encrypted Application Provider Key, either symmetric: KS.AP.CT or asymmetric: PK.AP.CT. The Data Grouping Identifier for encrypted Application Provider Key is defined in Table 10.”
Section 4.3, Paragraph 6,
“The DGI ‘80B8’ contains the (non-TLV coded) cryptogram value of the encrypted Application Provider Key: KS. AP_OCE.AUT or PK. AP_OCE.AUT. “
shall be updated as follows:
“The DGI ‘80B8’ contains the (non-TLV coded) cryptogram value of the encrypted Application Provider Key: KS.AP.CT or PK.AP.CT.”
Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2 8/22
“As opposed to the current case of this command (ISO 7816-4, case 3) this new function permits the command to export the on Security Domain generated key within its response data field. The bit 1 (rightmost bit) of the reference control parameter P1 is used to indicate the card that is an ISO 7816-4, case 4 command, therefore a response data is expected.”
shall be updated as follows:
“As opposed to the current case of this command (ISO 7816-4, case 3) this new function permits the command to export the on-card Security Domain generated keys within its response data field. The bit 1 (rightmost bit) of the reference control parameter P1 is used to indicate to the card that it is an ISO 7816-4 Case 4 command, and therefore, response data is expected.”
Section 4.4, Paragraph 5, 2nd bullet, 4th and 5th bullets,
“
• The RGK shall be encrypted with the Application Provider public key or the Application Provider symmetric key (PK.AP_OCE.AUTH or KS.AP_OCE.AUT)
• The partially encrypted message is signed by the on-card Controlling Authority private key, using Authority interface. The CA SD shall append to the signature its certificate.
• The signed message and the on-card Controlling Authority certificate shall be returned as part of STORE DATA response.”
shall be updated as follows:
“
• The RGK shall be encrypted with the Application Provider public key or the Application Provider symmetric key (PK.AP.CT or KS.AP.CT)
• The partially encrypted message is signed by the on-card CASD private key, using Authority interface. The CASD shall append its certificate to the signature.
• The signed message and the on-card CASD certificate shall be returned as part of STORE DATA response.”
Section 4.5, Paragraph 2, first sentence,
“Underlying plain text structure is provided in Error! Reference source not found.. The data content is ciphered using the PK.CASD.AUT. “
shall be updated as follows:
“The underlying plain text structure is provided in Error! Reference source not found.. The data content is ciphered using the PK.CASD.CT. “
E.3. STORE DATA command
In section 4.4, DGI for Security Domain Symmetric Key, the following paragraph is included as the final sentence in the first paragraph of section 4.4, page 9:
“If b1 is not set in parameter P1, and the application wants to send data back, the security domain processing the STORE DATA command will return the following error code '6A86'; Incorrect P1P2.”
‘96’ ‘01’ Key Access according GP 2.2 Table 11-18 Optional '80' '01' Key Type according GP 2.2 Table 11-16 Mandatory '81' '01' or ‘02’ Key Length Mandatory '82' '01' Key Identifier = '00' - '7F' Optional '83' '01' Key Version Number = '01' - '7F' Optional '91' ''00', '02',
'05', or '08' Initial value of sequence counter Optional
'45' 1-n Security Domain Image Number (SDIN) Optional
Table 3: Data Content for DGI '00A6' – Master Key CRT
Possible values for tag '90' (Scenario Identifier) shall be specified as part of specific configurations. This value allows the Security Domain to decide a course of action when receiving tag 'A6' (e.g. triggering on-card key generation or waiting for other DGI containing keys).
When key access field is not present, the default key access value is ‘00’
E.5. Correct order on DGI '00A6' and ‘8010’.
In section 4.5, replace:
"DGI ‘00A6‘ is used to provide the Keys description for the secure channel symmetric keys. It shall be sent after the DGI containing the encrypted Symmetric keys."
with
"DGI '8010' contains the encrypted symmetric keys and immediately follows the DGI '00A6' which provides the description of the keys.”
E.6. Authority Interface
The Authority interface defined in chapter 5.2 API to support on-card key generation
• The constant “MODE_VERIFY” is renamed “MODE_KEY_RECOVERY”
• The method verifyKey describes below
“ public short verifyKey(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset)
Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2 10/22
This method is used to verify and extract a key. This key could be either a Secret Key or a PKI key. The inBuff contains the key certificate. The verified key structure is set in the outBuff at outOffset and the length of the key structure is returned. The key structure is as defined in GP2.2 in chapter 11.8.4.2. The inBuff and outBuff shall be global array and may be the same. A call to this method resets this Signature object to the state it was in when previously initialized via a call to init(). That is, the object is reset and available to sign another message. Parameters: inBuff - the input buffer of data to be verified inOffset - the offset in input buffer where key certificate starts inLength - the input length to verify outBuff - output buffer containing the verified key structure outOffset – length of key structure. Returns: Length of the key structure if signature is verified, 0 otherwise. Throws: CryptoException - with the following reason codes:
• CryptoException.INVALID_INIT if this Authority interface is not initialized or initialized for signature verify mode.
• CryptoException.ILLEGAL_USE if this Authority algorithm does not pad the message and the message is not block aligned. “
is replaced by recoverkey with the following description
“ public short recoverKey(byte[] inBuff, short inOffset, short inLength, byte[] outBuff, short outOffset) throws CryptoException
This method is used to recover a cryptographic key from a set of data structures provided in the input buffer (inBuff). As a mandatory step, the recovery mechanism includes the verification of the origin and integrity of the recovered key. This method knows, from the set of data structures present in the input buffer, which recovery mechanism is to be used. The recovered key is written in the ouput buffer (outBuff) at specified offset (outOffset), in the form of a key data structure whose format depends on the type of the key. A call to this method resets this instance of the Authority interface to the state it was in when previously initialized via a call to init(). That is, the object is reset and available to recover another key. The input and output buffers may overlap and shall be global arrays.
Parameters:
inBuff - containing input data.
inOffset - offset of input data.
inLength - length of input data.
outBuff - the buffer where recovered key data structure shall be written
outOffset - offset where recovered key data structure shall be written
Returns:
Length of the recovered key data structure written in outBuff at outOffset, or 0 if the recovery mechanism failed (e.g. recovered key was considered invalid).
11/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
CryptoException - with the following reason codes:
• INVALID_INIT if this Authority interface is not initialized or initialized in MODE_SIGN mode.
java.lang.SecurityException - if the inBuff or outBuff are not global array.
”
• The method update described below
“public void update(byte[] inBuff, short inOffset, short inLength) throws CryptoExceptionAccumulates a signature of the input data. When this method is used, temporary storage of intermediate results is required. This method should only be used if all the input data required for the signature is not available in one byte array. The sign/verify methods are recommended whenever possible. Parameters: inBuff - the input buffer of data to be signed inOffset - the offset in input at which to begin signature generation inLength - the length to sign Throws: CryptoException - with the following reason codes:
• CryptoException.INVALID_INIT if this Authority interface is not initialized.
”
is updated as follow “public void update(byte[] inBuff, short inOffset, short inLength) throws CryptoException
Accumulates a signature of the input data. When this method is used, temporary storage of intermediate results is required. This method should only be used if all the input data required for the signature is not available in one byte array. The sign method is recommended whenever possible. The inBuff shall be global array. Parameters: inBuff - the input buffer of data to be signed inOffset - the offset in input at which to begin signature generation inLength - the length to sign Throws: CryptoException - with the following reason codes: • INVALID_INIT if this Authority interface is not initialized or in MODE_KEY_RECOVERY mode. java.lang.SecurityException - if the inBuff is not global array.
”
• The method sign describes below
“public short sign(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff,
Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2 12/22
short sigOffset) throws CryptoException
Generates the signature of all/last input data. A call to this method resets this Authority interface to the state it was in when previously initialized via a call to init(). That is, the object is reset and available to sign another message.
The input and output buffer may overlap. Parameters:
inBuff - the input buffer of data to be signed
inOffset - the offset in input buffer at which the signature starts
inLength - the byte length to sign
sigBuff - the output buffer to store signature data
sigOffset - the offset into sigBuff at which to begin signature generation
Returns:
The number of bytes of signature output in sigBuff
Throws:
CryptoException - with the following reason codes:
• CryptoException.INVALID_INIT if this Authority interface is not initialized or initialized for signature verify mode.
• CryptoException.ILLEGAL_USE if this Authority algorithm does not pad the message and the message is not block aligned.
” is updated as follow
“public short sign(byte[] inBuff, short inOffset, short inLength, byte[] sigBuff, short sigOffset) throws CryptoException
Generates the signature of all/last input data. A call to this method resets this Authority interface to the state it was in when previously initialized via a call to init(). That is, the object is reset and available to sign another message. The input and output buffer may overlap and shall be global arrays. Parameters: inBuff - the input buffer of data to be signed inOffset - the offset in input buffer at which the signature starts inLength - the byte length to sign sigBuff - the output buffer to store signature data sigOffset - the offset into sigBuff at which to begin signature generation Returns: the number of bytes of signature output in sigBuff Throws: CryptoException - with the following reason codes:
13/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
• INVALID_INIT if this Authority interface is not initialized or initialized in MODE_KEY_RECOVERY mode. • ILLEGAL_USE if this Authority algorithm does not pad the message and the message is not block aligned. java.lang.SecurityException - if the inBuff or sigBuff are not global array.
Initializes the Authority interface with the appropriate Mode. This method should be used for algorithms, which do not need initialization parameters or use default parameter values.
Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2 14/22
Abbreviation Meaning KAT Key Agreement Template
KS Secret Key of a symmetric scheme
LPO Link Platform Operator
LPOSD Security Domain of the Link Platform Operator
MAC Message Authentication Code
MIDP Mobile Information Device Profile
OCE Off-Card Entity.
OTA Over-The-Air
OTAPO Over-The-Air Platform Operator
OTASD Security Domain of the Over-The-Air platform operator
PK Public Key of an asymmetric key pair.
PKI Public Key Infrastructure
POR Proof Of Receipt
RAM Remote Applet Management application compliant with ETSI 102-226
R-MAC Response MAC
SK Private key of an asymmetric key pair
shall be replaced by
Abbreviation Meaning
AP Application Provider APDU Application Protocol Data Unit API Application Programming Interface APSD Application Provider Security Domain AUT AUThentication CA Controlling Authority CASD Controlling Authority Security Domain CCT Cryptographic Checksum Template CT Confidential Template ISD Issuer Security Domain KAT Key Agreement Template KS Secret Key of a symmetric scheme LPO Link Platform Operator LPOSD Link Platform Operator Security Domain MAC Message Authentication Code OTA Over-The-Air PK Public Key of an asymmetric key pair PKI Public Key Infrastructure RAM Remote Applet Management application compliant with ETSI TS 102 226
15/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
R-MAC Response MAC SK Private key of an asymmetric key pair CERT.AP.AUT Application Provider Certificate CERT.AP.CT Application Provider Certificate CERT.CASD.AUT CASD Certificate holding a Public Key suitable for Signature Verification CERT.CASD.CT CASD Certificate holding a Public Key suitable for Encryption KS.AP.CT Application Provider Symmetric Key used for Encryption/Decryption KS.CASD.AUT CASD Symmetric Key used for Signature/Verification KS.CASD.CT CASD Symmetric Key used for Encryption/Decryption PK.AP.AUT Application Provider Public Key used for signature verification PK.AP.CT Application Provider Public Key used for encryption PK.CA.AUT CA Public Key used to verify certificates (off-card) PK.CASD.AUT CASD Public Key used for Signature Verification PK.CASD.CT CASD Public Key used for Encryption SK.CA.AUT CA Private Key used to sign certificates (off-card) SK.CASD.AUT CASD Private Key used for Signature SK.CASD.CT CASD Private Key used for Decryption
Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2 16/22
P. Precisions
P.1. Data object tags for Key Definition
An additional sentence shall be added following Table 3, in section 4.1:
"The data object tags defined in section 11.3.2.1 of the GP CS v2.2 [0] shall be used to populate DGI '0070'.
P.2. Ciphered Load File Data Block Privilege
A new section, 4.9, in Amendment A is created as a result of this Precision. The text for section 4.9 is as follows: 4.9 Ciphered Load File Data Block Privilege Section 6.6.1 Table 6-1 shall be updated with.
17 Ciphered Load File Data Block
The Security Domain required that load file being associated to be loaded ciphered.
For details, see section 9.1.3.7
Section 9.1.3 shall be updated with 9.1.3.7 Ciphered Load File Data Block privilege This privilege allows a Security Domain Provider to require that the load file data block being associated to, shall be ciphered. The Section 9.3.5 - Card Content Loading Process shall be modified as follows:
The 5th bullet point in the Load Request Runtime Behavior for the OPEN:
• “If an associated Security Domain AID is present and is not the Security Domain performing the load, check that this AID exists within the GlobalPlatform Registry and is registered with the Security Domain privilege. As this equates to the extradition of the Load File, check that the associated Security Domain accepts this extradition. If no associated Security Domain AID is indicated, the Security Domain performing the load is by default the associated Security Domain;”
Shall be replaced by:
• “If an associated Security Domain AID is present and is not the Security Domain performing the load, check that this AID exists within the GlobalPlatform Registry and is registered with the Security Domain privilege. As this equates to the extradition of the Load File, check that the associated Security Domain accepts this extradition. If the associated Security Domain has Ciphered Load File Data Block privilege, the OPEN shall check that load file data block is sent ciphered i.e. with the tag ‘D4’. If no associated Security Domain AID is indicated, the Security Domain performing the load is by default the associated Security Domain;”
Update table 11-9 to include a second Privilege, in the second row:
17/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
Privilege b8 b7 b6 b5 b4 b3 b2 b1 Meaning Number - 1 - - - - - - Ciphered Load File Data Block 17 - X X X X X X X RFU -
Table 11-9: Privileges (byte 3)
P.3. DGI for SD Keys
This precision provides a homogenous solution to load and update CASD keys using a STORE DATA command. The Data Grouping Identifiers (DGI) defined in this precision allow for the load and update of RSA key pairs in two formats: RSA and RSACRT. It also allows for the load and update of symmetric keys.
Although the aim of this precision is to provide features in support of Amendment A, the attempt is made to make the features as generic as possible so they may be implemented and used to load and update keys on any Security Domain.
Therefore a new section, section 4.10, is added to Amendment A and shall consist of the following:
4.10 DGI for Personalizing SD Keys
All encrypted data grouping content defined in this section shall be padded according to section F.B.4 of the GP CS v2.2 [0] except for DGI '8113' which contains an encrypted secret key for which the length is always a multiple of 8 bytes. The encryption and decryption of the DGI’s content shall be performed using the Data Encryption session key (DEK session key) and the algorithm supported by the secure channel protocol for sensitive data encryption/decryption.
The key format is:
1. Most significant byte first 2. Fixed length related to the length of the modulus, zero-padding to the left. 3. Exception for the public key exponent which is encoded using the shortest byte representation. 4. When ciphering a key component value additional padding shall be added according to the
encryption algorithm used.
The STORE DATA command shall be coded as a Case 3 command.
The Data Group Identifier for the Key Control Reference Template is defined in Table 1:
DGI DGI Length
Data Content Function Encrypt
'00B9' Variable Control Reference Template for confidentiality (CT)
Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2 18/22
When supporting an asymmetric scheme, either the Data Grouping Identifier's ‘8112’ Private Key Exponent, or the Data Grouping Identifier's ‘8121’ to ‘8125’ RSACRT (Chinese Remainder Theorem) constants shall be used to load/update the private component.
The DGI ‘0011’ is used for the Public Key Exponent. The DGI ‘0010’ is used for the Modulus.
The Control Reference Template is used to describe the keys sent in commands and responses to or from the Security Domains. The Usage Qualifier values depend on the key usage and will be coded according to section F.3.1.2 of the GP CS v2.2 [0].
The data content of the DGI for the Key Control Reference Template for the asymmetric key scheme is defined in Table 2:
Tag Length Data Element Presence 'B9' Variable CRT tag (CT) Mandatory
'95' '01' Usage Qualifier values according to section 11.1.9 of GlobalPlatform Card Specification v2.2
Mandatory
'80' '01' Key Type = 'A1' Key Modulus Mandatory '81' '01' or ‘02’ Key Length Mandatory '82' '01' Key Identifier Mandatory '83' '01' Key Version Number Optional
'B9' Variable CRT tag (CT) Conditional '95' '01' Usage Qualifier values according to section 11.1.9
of GlobalPlatform Card Specification v2.2 Mandatory
'80' '01' Key Type = 'A0' Public Key Exponent Mandatory '81' '01' or ‘02’ Key Length Mandatory '82' '01' Key Identifier Mandatory '83' '01' Key Version Number Mandatory
'B9' Variable CRT tag (see following sections) Conditional … … … …
Table 4 – Data Content for DGI '00B9'
4.10.1.1 DGI for the Public Key Exponent and Key Modulus
The following Data Grouping Identifiers are used to populate the Key Modulus and Public Key Exponent and should follow immediately the DGI '00B9'.
DGI DGI Length Data Content Function Encrypt '0010' Variable Key Modulus Asymmetric Key Modulus No '0011' Variable Public Key Exponent Asymmetric Public Key No
Table 5 – Data Content for DGIs ‘0010’ and ‘0011’
19/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
4.10.1.2 DGIs for the Private Key Exponent
When the private key exponent format is used to populate asymmetric keys, the following data content shall be included in the DGI '00B9':
Tag Length Data Element Presence … … … … 'B9' Variable CRT tag (CT) Mandatory
'95' '01' Usage Qualifier values according to section 11.1.9of GlobalPlatform Card Specification v2.2
Mandatory
'80' '01' Key Type = 'A3' Private Key Exponent Mandatory '81' '01' or ‘02’ Key Length Mandatory '82' '01' Key Identifier Mandatory '83' '01' Key Version Number Mandatory
… … … …
Table 6 – Additional Data Content for DGI '00B9'
The following Data Grouping Identifier ('8112') is used to populate the Private Key Exponent when a private key exponent format is used:
DGI DGI Length
Data Content Function Encrypt
'8112' Variable Private Key Exponent Asymmetric Keys in exponent modulus format
Yes
Table 7 – Data Content for DGI ‘8112’
DGI '8112' shall follow DGI '00B9'.
4.10.1.3 DGIs for the Private Key in RSACRT Format
When the Chinese Remainder Theorem (CRT) format is used to populate the asymmetric keys, the following data content shall be included in the DGI '00B9':
Tag Length Data Element Presence … … … … 'B9' Variable CRT tag (CT) Mandatory
'95' '01' Usage Qualifier values according to section 11.1.9of GlobalPlatform Card Specification v2.2
Mandatory
'80' '01' Key Type = 'A6' Private Key q-1 mod p Mandatory '81' '01' or ‘02’ Key Length Mandatory '82' '01' Key Identifier Mandatory '83' '01' Key Version Number Mandatory
'80' '01' Key Type = 'A4' Private Key prime factor p Mandatory '81' '01' or ‘02’ Key Length Mandatory '82' '01' Key Identifier Mandatory '83' '01' Key Version Number Mandatory
… … … …
Table 8 – Additional Data Content for DGI '00B9'
The following Data Grouping Identifiers are used to populate the Private Key when the Chinese Remainder Theorem format is used:
21/22 Errata and Precisions for Amendment A to GlobalPlatform Card Specification v2.2
DGI DGI Length Data Content Function Encrypt '8121'
Variable RSACRT constant q-1 mod p Asymmetric Keys in RSACRT format
Yes
'8122'
Variable RSACRT constant d mod (q – 1) Asymmetric Keys in RSACRT format
Yes
'8123'
Variable RSACRT constant d mod (p – 1) Asymmetric Keys in RSACRT format
Yes
'8124'
Variable RSACRT constant prime factor q Asymmetric Keys in RSACRT format
Yes
'8125'
Variable RSACRT constant prime factor p Asymmetric Keys in RSACRT format
Yes
Table 9 – Data Content for DGI ‘8121’ through ‘8125’
These DGIs shall follow DGI '00B9'.
4.10.2 Symmetric Key Scheme
When supporting a symmetric scheme, the Data Grouping Identifiers ‘00B9’ and ‘8113’ shall be used to load/update a secret key.
The CRT defined in Table 8 is used to describe the symmetric keys sent in responses/commands from/to the Security Domains. The Usage Qualifier values depend on the key usage and will be coded according to section F.3.1.2 of GlobalPlatform Card Specification v2.2.
Tag Length Data Element Presence 'B9' Variable CRT tag (CT) Mandatory
'95' '01' Usage Qualifier values according to section 11.1.9 of GlobalPlatform Card Specification v2.2
Mandatory
‘96’ ‘01’ Key Access according GP 2.2 Table 11-18 Optional '80' '01' Key Type according GP 2.2 Table 11-16 Mandatory '81' '01' or ‘02’ Key Length Mandatory '82' '01' Key Identifier Mandatory '83' '01' Key Version Number Mandatory '84' '03' Key check value Mandatory
'B9' Variable CRT tag (CT) Conditional … … … …
Table 8 – Data Content for DGI '00B9'
When key access field is not present, the default key access value is ‘00’
The decrypted key shall be verified against its associated check value. This is achieved by encrypting binary zeroes (8 bytes of '00') with the plain text value of the key and comparing the left-most 3 bytes with the associated check value. If this comparison fails, a response of '6982' shall be returned.
4.10.2.1 DGI for a Symmetric Scheme in Secret Key Format
The following Data Grouping Identifier is used to populate a secret key:
![TEE Certification Process v1 - GlobalPlatform · [TEE EM] GPD_TEN_045 : GlobalPlatform TEE Security Target Template . Public [TEE ST] GPD_SPE_050 : GlobalPlatform TEE Common Automated](https://static.documents.pub/doc/80x56/6027a08e90016542ee50485b/tee-certification-process-v1-globalplatform-tee-em-gpdten045-globalplatform.jpg)
![Root of Trust Definitions and Requirements v1.0 · GPD_SPE_100 : GlobalPlatform Device Technology TEE Sockets API Specification [TEE Sockets] GlobalPlatform KMS . GlobalPlatform Key](https://static.documents.pub/doc/80x56/5f64aa38c2de63156e600c59/root-of-trust-definitions-and-requirements-v10-gpdspe100-globalplatform-device.jpg)
