KOBIL Smart Card Terminal Manual

friedrich

Notiz

KOBIL Smart Card Terminal Manual

Copyright © 2000-2002 KOBIL Systems GmbH. All rights reserved. This manual may not be copied, or reproduced in any other way, without prior permission by KOBIL System GmbH. This applies equally to any part of the manual. Every effort has been made to guarantee the correctness of this manual. Nonetheless, KOBIL Systems GmbH assumes no warranty regarding its correctness or completeness. The serviceability and suitability for any specific purposes is not guaranteed. Information contained in this manual is subject to change without prior notification, with no legal claims arising out of this fact. Information that was unavailable until after this manual went into print may be found – where applicable – In the file README.TXT on the enclosed data medium. For further information on KOBIL smart card terminals, technical assistance, and other KOBIL security products, confer the internet under www.kobil.de. Edition: May 12, 2003 Version: 2.3 Editor: mt All brand and product name identified here are trademarks or registered trademarks the

rights to which are held by their respective legal rights owners.

Published by KOBIL Systems GmbH

Copyright © 2000-2002


1 Contents 1 Contents ............................................................................................................... 3 2 Abbreviations........................................................................................................ 5 3 General Information.............................................................................................. 6 4 Installation and Start-up........................................................................................ 6

4.1 Items Included in the Package ..................................................................... 6 4.2 System Requirements .................................................................................. 6 4.3 Connecting the Terminal ............................................................................ 10 4.4 Installing the Software ................................................................................ 10 4.5 Default Behavior of the LED....................................................................... 10

5 Security-relevant Functions ................................................................................ 11 5.1 Secure PIN Input ........................................................................................ 12 5.2 Secure PIN Change ................................................................................... 13 Internet Payment Using the GeldKarte Cash Card ................................................ 14

5.2.1 Normal Mode of Payment ....................................................................... 15 5.2.2 Incremental Mode of Payment ................................................................ 16 5.2.3 Fast Incremental Mode of Payment ........................................................ 18 5.2.4 Data Logging .......................................................................................... 21

5.3 Updates...................................................................................................... 21 5.3.1 Driver Updates........................................................................................ 21 5.3.2 Firmware Updates .................................................................................. 22 5.3.3 Key Updates ........................................................................................... 24

5.4 SecOVID .................................................................................................... 25 5.4.1 SecOVID Online Mode ........................................................................... 25 5.4.2 SecOVID Offline Mode ........................................................................... 26

6 System Overview................................................................................................ 27 7 The CT–API........................................................................................................ 29

7.1 Functions.................................................................................................... 29 7.2 CT_init........................................................................................................ 30 7.3 CT_data ..................................................................................................... 31 7.4 CT_close .................................................................................................... 32 7.5 General Return Values for CT-API Functions ............................................ 32 7.6 Using the CT-API: The Example of the Public Health Insurance Card ....... 33

8 Tag Length Value (TLV) Representation ............................................................ 35 8.1 Set-up of a TLV Field ................................................................................. 35 8.2 Coding Rules.............................................................................................. 35 8.3 Coding the Tags......................................................................................... 36

9 The Smart card terminal File System.................................................................. 39 9.1 File Control Information .............................................................................. 39 9.2 Directories .................................................................................................. 40 9.3 Hierarchical Set-up..................................................................................... 41 9.4 HOST Configuration File ............................................................................ 41 9.5 HOST Status File ....................................................................................... 42 9.6 CT Configuration File ................................................................................. 42 9.7 HOST / CT Configuration File .................................................................... 43 9.8 HOST / CT Status File................................................................................ 43 9.9 Freeze Configuration File ........................................................................... 43 9.10 Freeze Status File ...................................................................................... 44

Seite 3


9.11 ICC Configuration File ................................................................................ 44 9.12 ICC Status File ........................................................................................... 44

10 Application Commands....................................................................................... 45 10.1 CT Application Commands......................................................................... 45 10.2 Overview of Commands ............................................................................. 46 10.3 Status Bytes SW1 and SW2....................................................................... 47 10.4 Erase Binary............................................................................................... 48 10.5 Verify .......................................................................................................... 49 10.6 Select File .................................................................................................. 50 10.7 Read Binary ............................................................................................... 51 10.8 Write Binary................................................................................................ 52 10.9 Reset.......................................................................................................... 53 10.10 Reset CT ................................................................................................ 54 10.11 Request ICC ........................................................................................... 55 10.12 Deactivate............................................................................................... 56 10.13 Eject ICC ................................................................................................ 57 10.14 Get Status............................................................................................... 58 10.15 Input........................................................................................................ 59 10.16 Output..................................................................................................... 60 10.17 Perform Verification ................................................................................ 61 10.18 Modify Verification Data.......................................................................... 63 10.19 Display Texts .......................................................................................... 64 10.20 Reset 1 ................................................................................................... 66 10.21 Set Interface Parameter.......................................................................... 67 10.22 Set Mode ................................................................................................ 68 10.23 Freeze .................................................................................................... 69 10.24 Wait Freeze ............................................................................................ 70 10.25 ICC Application Commands.................................................................... 71 10.26 Selecting a Synchronous ICC................................................................. 72 10.27 Commands for Selecting a Synchronous ICC ........................................ 72 10.28 File Types ............................................................................................... 73 10.29 Handling the Public Health Insurance Card ............................................ 73

11 Transparent Mode .............................................................................................. 74

Seite 4


2 Abbreviations

API Application Programming Interface

ATR Answer To Reset

B1 Product name of smart card terminal type

CLA Class Byte

CT Smart card terminal

CTN Card Terminal Number

CWT Character Waiting Time

DAD Device Address; here: Destination Address

DO Data Object (also confer: TLV)

GKAPI GeldKarte Application Programming Interface (for German cash card type)

HTSI Host Transport Service Interface

IA5 International Alphabet No. 5

ICC Integrated Circuit Card

ID Identification

INS Instruction Byte

KVK Kranken-Versicherten-Karte (German public health insurance card)

LED Light Emitting Diode

P1 Parameter Byte 1

P2 Parameter Byte 2

PTS Protocol Type Select

SAD Device Address; here: Source Address

SW1 Status Byte 1

SW2 Status Byte 2

TLV Tag Length Value

Table 1: Abbreviations

Seite 5


3 General Information This manual describes the performance features, installation, operation, and programming of the KOBIL smart card terminals KAAN Professional and B1 Professional. Sections 6 though 11 serve exclusively the documentation of the programming interfaces.

Important information is highlighted in bold type.

4 Installation and Start-up

4.1 Items Included in the Package

Included in your KOBIL smart card terminal package are:

• KOBIL smart card terminal KAAN Standard Plus or B1 Professional, respectively • Data media including manual, drivers and test applications • Set of cables (either a serial cable or a USB cable) • Device base station

Image 1 shows the two security labels of the smart card terminal. Since the smart card terminal offers a variety of security-related functions, it is essential for the two decals displayed on the bottom and the right-hand side of the smart card terminal (“security labels”) to show that the housing has not been tampered with. Please make sure that neither of the two security labels has been removed or destroyed. This is the only way to guarantee that the smart card terminal functions properly. The security labels protect you as a consumer against unauthorized manipulation of the hardware and/or software of the smart card terminal. Please be sure to read up on the security features of the smart card terminal under Section 5. Image 1 also shows the function buttons of the smart card terminal (cancel-, correct-, function-, and confirm buttons).

4.2 System Requirements

You will need a free COM port and a (sliding contact) PS/2 socket, or a USB port. Software drivers for MS-DOS versions 5.0 and higher, as well as for MS Windows 3.1, are enclosed. You will find other drivers as well as updated versions in the internet under www.kobil.de.

Seite 6


Image 1: Arrangement of Buttons and Security Labels

Image 2: Ports Used for the Smart card terminal (Serial Version)

Seite 7


Image 3: Port Used for the smart card terminal (USB Version)

Image 4: Inserting the smart card

Seite 8


Image 5: Inserting a ID-000 smart card (only B1 Professional)

Seite 9


4.3 Connecting the Terminal

Please be sure to switch off your computer before connecting the smart card terminal lest the both computer and the smart card terminal sustain damages!

The smart card terminal must be connected to a free interface. Image 2 shows the pin-out diagram for the serial version. The smart card terminal draws its power from the PS/2 interface of keyboard or mouse. If your computer uses an older type keyboard port in AT format (5-pin) you can get a suitable adapter from your electronics dealer. The pin-out diagram for the USB version is shown in Image 3. After the start-up, the smart card terminal assumes a defined initial state with preset basic settings. Therefore, the smart card terminal is instantly operational – requiring no special knowledge of functions and setting options. Image 4 and Image 5 illustrate how to insert smart cards into the terminal.

4.4 Installing the Software

Start the file “setup-exe“ from the enclosed data medium (diskette or CD-ROM), and follow the instructions on the screen. Updated versions of the driver software can be downloaded under www.kobil.de . Optionally, you may install the files for software development on your computer. You will need these files only if you intend to program your smart card terminal yourself. To this end you will have to install the corresponding header files CT_API.H and the respective import library and DLL into a directory of your choice. For details on how to use the GeldKarte cash card for internet payment, confer Section 0.

4.5 Default Behavior of the LED

The colors of the two LED have the following significance:

Left LED yellow LED

Significance

off blinking The auto-test of the card reader has detected an error. The smart card terminal is not operational.

green on / off An application authorized by the ZKA is active

off The smart card terminal is operational. The interface to the ICC is not activated.

on The smart card terminal is operational. The interface to the ICC is activated.

Table 2: Significance of the LED

More information is provided on the LCD display.

Seite 10


5 Security-relevant Functions The KOBIL smart card terminals KAAN Professional and B1 Professional come with several security-relevant functions designed to protect you as a user. From this perspective it is important for you to verify that the smart card terminal has not been subject to manipulation. Please make sure that neither of the two security labels has been removed or destroyed. This is the only way to guarantee that the smart card terminal functions properly. The security labels protect you as a consumer against unauthorized manipulation of the hardware and/or software of the smart card terminal. Any application authorized by the Committee of the German Financial Sector (ZKA), such as e.g. internet payment with the GeldKarte cash card, will prompt the LEDs to light up (confer Table 2). Please make sure before taking any security-relevant functions into operation that your KOBIL smart card terminal is equipped with a certified firmware for the purpose. The respective firmware version is identified on the display whenever the power is switched on. Example:

KOBIL KAAN Pro V2.08 GK 1.04

Certified Firmware Versions of KOBIL smart card terminals: KOBIL smart card terminal Certification / Evaluation Version KAAN Professional ZKA internet customer

terminal for internet payment using the GeldKarte cash card

1.04 GK 1.04 2.07 GK 1.04 2.08 GK 1.04

KAAN Professional, B1 Professional

ITSEC “E2-high,” confirmed in compliance with the German Signature Act (SigG)

2.08 GK 1.04

Note: The version ID may possibly include the character ‘P’ (as in “2.08p GK 1.04“). It indicates only that the Plug & Play functionality is active, while the firmware version remains identical. The individual security-relevant features have been detailed in this chapter.

Seite 11


5.1 Secure PIN Input

The smart card terminal KAAN Standard Plus SecOVID / B1 Professional supports the secure input of your smart card PINs. This application allows you, for instance, to enter the PIN (personal identification number) of your smart card – such as for smart cards compliant with the German Signature Act – directly into the smart card terminal. The advantage of doing so is that no virus or malicious software can intercept the PIN on your PC. Make sure when buying security-relevant software that it supports secure PIN input according to the MKT standard.

Image 6: Sequence of Secure PIN Input Image 6 shows the sequence of a secure PIN input. The secure input of the PIN is characterized by the fact that a special character in the form of a padlock will show in the display (confer Image 6). Whenever you see the padlock symbol on display, you can safely enter your PIN

through the keyboard of the smart card terminal. Never enter your PIN into the keyboard of the smart card terminal if this symbol fails to appear!

The display default message is “Please enter PIN.” Depending on the software used, the text can be changed though. Nevertheless, the security symbol in the form of a padlock will always remain on display. The input can be aborted by using the cancel button, and may be corrected by using the correct button. You may have to confirm your PIN input with the confirm button. For the arrangement of buttons, please confer Image 1.

Seite 12


5.2 Secure PIN Change

The smart card terminal KAAN Standard Plus SecOVID / B1 Professional supports the secure input of your smart card PINs. This application allows you, for instance, to enter the PIN of your smart card – such as for smart cards compliant with the German Signature Act – directly at the smart card terminal. The advantage here is that no virus or malicious software can intercept the PIN on your PC. Make sure when buying security-relevant software that it supports secure PIN changes according to the MKT standard. Image 7 shows the procedure for secure PIN change. Like the previous procedure, the secure changing of your PIN is equally indicated by the special character in the form of a padlock in the display (confer Image 7). Whenever you see the padlock on display, you may safely enter your PIN into the keyboard of the smart card terminal. Never enter your PIN through the keyboard of the smart card terminal if the symbol fails to appear! First of all, you will have to enter your old PIN through the keyboard (displayed message: “Please enter PIN”). Next, enter your new PIN twice in succession (“Enter new PIN” or “Retype PIN”, respectively). If you fail to retype the new PIN correctly, the process will abort, and the PIN will remain unchanged. Depending on the software used, you may vary the display messages. Nevertheless, the security symbol of the padlock will always remain on display. The input can be aborted by using the cancel button, and may be corrected by using the correct button. You may possibly have to confirm your PIN input with the confirm button. For the arrangement of buttons, please confer Image 1.

Seite 13


Image 7: Sequence of Secure PIN Change

Internet Payment Using the GeldKarte Cash Card

KAAN Professional and B1 Professional support internet payment using the GeldKarte cash card as specified by the Committee of the German Financial Sector (ZKA) in the directive “GeldKarte – Customer Terminal.“ The specification protects you as a customer who wishes to pay on the internet with your GeldKarte cash card against hacker attacks on your GeldKarte. The fact that all security-relevant functions are handled directly by the smart card terminal guarantees effective protection against unauthorized use – such as caused by viruses. Nevertheless, there are a few aspects regarding the operation of the terminal that you should observe. Installation of the smart card terminal begins with the set-up of the so-called GKAPI interface on your computer. The interface will permit the pay software to access the smart card terminal in order to conduct financial transactions. The pay software is obtained from the respective provider of the goods or the service at issue, it is not included in the package of the smart card terminal.

Seite 14


Three different modes of payment are offered, such as there are normal-, incremental-, and fast incremental payment. If your payment software requests key administration from you, please confer Section 5.3. If a given application was authorized by the Committee of the German Financial Sector (ZKA), such as e.g. internet payment with the GeldKarte cash card, it will prompt the LEDs to light up (confer Table 2).

5.2.1 Normal Mode of Payment

As soon as the payment transaction has been initiated, the display will request you to insert your GeldKarte cash card, followed by the message “GeldKarte Charge.“ Next, the name of the recipient and the amount of payment, including the currency, will be displayed in plain text. You will have to confirm this information input with the confirm button. Otherwise the transaction will be aborted, and your GeldKarte cash card will not be charged. Image 8 shows the sequence of a normal transaction, including the typical display messages. If the transaction was successfully concluded, the message “Payment Transacted” will be displayed. Possible error will also be displayed by the pay software. Therefore always monitor the display message even in cases of error. In some rare instances of errors you will be requested to contact the financial institution that issued your card. Only information on display will actually enter into the transaction of payment. Possible displays on your computer screen are not subject to the same degree of security! Verify the identity of the recipient as well as the amount of payment displayed by the smart card terminal, and – If correct – confirm it with the confirm button. You can also abort the transaction by using the cancel button. In this case your GeldKarte will not be charged.

Seite 15


Image 8: Sequence of Normal Payment

5.2.2 Incremental Mode of Payment

During the incremental mode of payment, a given transaction can subdivide into several consecutive steps of deduction, e.g. in order to pay for service on the basis of elapsing time. To this end, the recipient and each installment have to be displayed and confirmed – as with any normal transaction. As soon as an incremental transaction of payment has been initiated, the request to insert your GeldKarte cash card will be displayed first of all, followed by the message “GeldKarte Charge”. Next, the name of the respective recipient and the partial amount to be paid will be displayed in plain text for each installment. You will have to confirm the information for each installment to be made. If you fail to confirm a given installment or use the cancel button to abort, the smart card terminal will automatically terminate the transaction. In this case, only those amounts that were previously authorized for payment, if any, will be charged to your GeldKarte. You will also find the information displayed whether the merchandise has already been dispatched by the respective dealer or not. Verify the information and confirm the transaction only if the information is correct. Image 9 shows the sequence of an incremental transaction of payment.

Seite 16


If the transaction was successfully concluded, the message “Payment Transacted” will be displayed. Possible error will also be displayed by the pay software. Therefore always monitor the display message even in cases of error. In some rare instances of error you will be requested to contact the financial institution that issued your card. Only information on display will actually enter into the transaction of payment. Possible displays on your computer screen are not subject to the same degree of security! Verify the identity of the recipient as well as the amount of payment displayed by the smart card terminal, and – If correct – confirm it with the confirm button. You can also abort the transaction by using the cancel button. In this case, your GeldKarte will not be charged.

Image 9: Sequence of Incremental Payment

Seite 17


5.2.3 Fast Incremental Mode of Payment

Fast incremental payment is principally transacted just like the incremental payment. However, you will not have to confirm each installment of a given transaction individually. In order to guarantee security against unauthorized charges to your GeldKarte cash card nonetheless, you will have to set a ceiling for the total amount as well as for each installment. Use the keyboard of the smart card terminal to enter this ceiling as soon as you are requested to do so. Once you have set the ceiling, the smart card terminal will automatically check each installment against the ceiling set for installments, and the total against the ceiling set for the total charge. If the ceiling for an installment is exceeded, the smart card terminal will automatically abort the transaction. In this case, only those amounts previously authorized by you, if any, are charged to your GeldKarte cash card. If the ceiling for the total is exceeded, you will again have the option of raising the ceiling or canceling the transaction.

Image 10 (below) shows the sequence of Fast Incremental Payment.

Seite 18


During the payment of the first installment you will find the information displayed whether the merchandise has already been dispatched by the respective dealer or not. Verify the information, and confirm the transaction only if the information is correct. If the transaction was successfully concluded, the message “Payment Transacted” will be displayed. Possible error will also be displayed by your pay software. Therefore always monitor the display messages even in cases of error. In some rare instances of error you will be requested to contact the financial institution that issued your card. Only information on display will actually enter into the transaction of payment. Possible displays on your computer screen are not subject to the same degree of security! Verify the identity of the recipient as well as the amount of payment displayed by the smart card terminal, and – If correct – confirm it with the confirm button. You can also abort the transaction by using the cancel button. In this case, your only the amount previously authorized by you will be charged to GeldKarte.

Seite 19


Image 10: Sequence of Fast Incremental Payment

Seite 20


5.2.4 Data Logging

For each payment transaction, the GKAPI interface created a “receipt” in the form of an entry in a log file. The log registers every concluded transaction of payment, as well as every transaction of payment that was aborted or aborted due to errors. It is located in the system file of your operating system and has the name gkapi.log. If complaints arise in the context of a transaction of payment, you can use this log file to prove the transaction of payment vis-à-vis the your bank. You should therefore take care to save this file. The enclosed program called GKAPI Manager manages the log file and provides a simple exporting option, giving you the possibility to make your log file available to your bank in the form of a diskette or in hard copy. Use the path Start Menu – Programs – KOBIL Systems – GKAPI Manager to start the GKAPI Manager.

5.3 Updates

The KOBIL smart card terminal KAAN Professional and B1 Professional are equipped with an update mechanism that allows you to import new functions and corrections on available smart card terminals.

5.3.1 Driver Updates

Updated versions of the driver software can be obtained under www.kobil.de. Start the file setup.exe, and follow the instructions on the screen.

Seite 21


5.3.2 Firmware Updates

Under www.kobil.de you will find the current firmware for your smart card terminal, as well as information updates. Use the enclosed program CT Manager to import higher software versions. The program CT Manager is accessed via the path.

Start Menu Programs KOBIL Systems CT-Manager

To download new firmware, use the menu

File Open...

The new firmware version will now appear in the menu view. Use our right mouse button to click on the firmware of your choice, and select Send to Card Terminal.

Seite 22


During the software update, the following message will be displayed by the smart card terminal:

“Software Update. Please Wait.“ CAUTION: Never switch off the smart card terminal while the software update is in progress. Also, never quit the program CT Manager while running. The software update process may take up to 2 minutes. Only if the smart card terminal fails to react after this time has elapsed you may quit the program CT Manager and restart the process. If the software update was successfully concluded you will get the following message:

“Software Update Successful.“ If the software update was not successfully concluded you will get one of the following messages:

“Software Update Denied.“ or

“Software Update Failed.“ In the first case, the security verification during the importation of the higher software failed, in the second case the failure was subject to a general error. In either event, contact:

[email protected]

Seite 23


5.3.3 Key Updates

If key administration is requested from you in the context of a GeldKarte transaction, you will also find updated key data sets under www.kobil.de that you can import into the smart card terminal, using the enclosed program CT Manager. The keys are intended for customer protection when paying with the GeldKarte cash card. That is why the keys are updated at regular intervals. Access the program CT-Manager via the path

Start Menu Programs KOBIL Systems CT-Manager

Open the update file via the menu item

File Open...

and identify the update file. Use the right mouse button to click on the key update set of your choice, and select the menu item Send to Card Terminal. If the software update was successfully concluded you will get the following message:

“Software Update Successful.“ If the software update was not successfully concluded you will get the message:

“Software Update Failed.“ In this case, the security verification during the importation of the higher software failed. In such cases, please contact:

[email protected]

Seite 24


5.4 SecOVID

KAAN Professional and B1 Professional support the authentication system SecOVID made by KOBIL Systems. The following section describes the use of the smart card terminal in combination with this authentication system. If you choose not to use the authentication system, you may skip this section. Note, however, that the SecOVID functionality of the smart card terminal is provided only in combination with a SecOVID authentication system. There are two different ways for generating SecOVID one-time passwords: the online mode and the offline mode. Which mode you use depends on the SecOVID system installed on your computer. When in doubt, contact your system administrator regarding this point.

5.4.1 SecOVID Online Mode

This mode presupposes that a special application software is installed on your computer that will initiate the application SecOVID on your smart card terminal. As soon as a one-time password needs to be generated for a given authentication process, the display will show a message prompting you to insert your SecOVID smart card. Next, the secure PIN input (confer Section 5.1) is used to accept the PIN of your SecOVID smart card. If your SecOVID-secured application supports more than one generator, the proper generator will automatically be selected and need not be defined. The SecOVID one-time password will then be forwarded to the application you called. No further input will be required from you. The complete procedure is displayed in Image 11. There, you will also find possible error messages.

Image 11: Sequence of SecOVID Online

Seite 25


5.4.2 SecOVID Offline Mode

In this mode, the smart card terminal can autonomously generate a SecOVID one-time password without having to be initiated by a special application software from your computer. Make sure that no other application is trying to access the smart card terminal from your computer. Otherwise, the smart card terminal will not be able to execute SecOVID in the offline mode! Activate the SecOVID offline mode of the smart card terminal, using the sequence of buttons F-1. In consequence, the display message shown in Image 12 will appear. Use the digit buttons to select a SecOVID generator, where applicable. The default setting is generator 0. Contact your system administrator to find out whether your system uses a generator, and if so, which one. Use the star button to change the PIN of your SecOVID smart card. Doing so will automatically call the change PIN change as described in Section 5.2. The cancel button will cause the SecOVID offline process to abort. Use the confirm button to start the SecOVID online mode, described in Section 5.4.1. This will cause the smart card terminal to display the new one-time password that you can take over for your SecOVID-protected application.

Image 12: SecOVID Offline

Seite 26


6 System Overview Thanks to the CPU integrated into the card terminal, one single driver suffices to address the most diverse smart card types. The implementation of the protocol interfaced between smart card terminal and card is effected in transparent form, so that merely the protocol for the PC input needs to be defined. This is effected in compliance with T=1 ISO 7816-3 Amd 1. Deviations exist only in regard to a few aspects, in which the T=1 protocol was adapted to the special situation at the V.24 interface. For instance, the Answer-to-Reset (ATR) and the Protocol-Type-Select (PTS) are dispensed with. Values deviating from the default settings of the transmission parameters can be set with the help of an application command (‘Select Parameter’) from the API.

Image 13: System Overview

During operation you can switch back and forth between different types of smart cards, i.e. diverse applications can be operated with the same hardware. At present, smart cards using the following protocols are supported:

Seite 27


Protocol Reference

T=0 ISO 7816-3

T=1 ISO 7816-3 Amd. 1

T=14 FTZ 1 TR 15, the joint proportion made by GZS and German Telekom for a national asynchronous block transmission protocol.

2-wire protocol Siemens data sheet t SLE 4432 and SLE 4442

3-wire protocol Siemens data sheet SLE 4418 and SLE 4428

I2C Bus Phillips data sheet PCF8582E-2

Telephone cards SLE 4401, SLE 4402, SLE 4403, SLE 4433

Table 3: Supported Protocols The flexible addressing of the T=1 protocol allows you to address various components of the card reader with the same ISO 7814-4-structured commands.

CT-API driver

Image 14: Addressing the Card Reader Components via the API

Seite 28


7 The CT–API The CT-API – being an application-independent Card Terminal Application Programming Interface for smart card applications – is subject to the copyrights held by the following authors, from whom further documentation and amendments can be obtained:

German Telekom AG / PZ Telesec GMD - Forschungszentrum Informationstechnik GmbH

RWTÜV Anlagentechnik GmbH TeleTrusT Deutschland e.V.

The proper implementation for this smart card terminal is based on version dated July 20, 1995 and is functionally compatible with the CT-API dated October 19, 1993. The CT-API is subsequently quoted in excerpts. A full version may be obtained from the manufacturer. The software enclosed contains a CT-API driver in the form of a Windows DLL (for 16 bit and 32 bit), as well as a DOS library. This must be interlinked with your own applications. Versions for Solaris und Linux can also be included upon request.

7.1 Functions

The Card Terminal Application Programming Interface (CT-API) provides three functions used to communicate with the smart card terminal on the application layer.

CT-API Functions Significance

CT_init Initializing the PC- and smart card terminal interface

CT_data Sending commands to the smart card terminal or to the smart card, respectively.

CT_close Terminating the communication

Table 4: CT-API Functions

Seite 29


7.2 CT_init

Use this function to select the serial interface, needed for communication purposes, to which the card reader is connected. The default settings for communication are automatically set. The CT_init function should be called during the start of each program. If an error occurs during the initialization of the interface, the function will return the value -1, otherwise the value 0. Function:

char CT_init(unsigned short ctn, unsigned short pn) Parameters:

Parameter Name Parameter Type Significance

ctn Input parameter logical card terminal number

pn Input parameter Interface (Port number)

Table 5: Parameters for CT_init For return values, confer Table 9.

Seite 30


7.3 CT_data

This function serves the sending of card control- or card reading application commands, and it will return the response to the command back to the called program. Function:

char CT_data(unsigned short ctn, unsigned char *dad, unsigned char *sad, unsigned short lenc, unsigned char *command, unsigned short *lenr,

unsigned char *response) Parameters:


ctn Input parameter Card Terminal Number 0 - 255

dad Input / output parameter

Destination Address (confer Table 7)

sad Input / output parameter

Source address (confer Table 7)

lenc Input parameter Length of command in bytes

command Input parameter CT control- or application command

lenr Input / output parameter

Length of response in bytes

response Input parameter Response to command

Table 6: Parameters for CT_data

Device Addresses (dad, sad):

Address Value Device

0 ICC (smart card)

1 CT (smart card terminal)

2 HOST (PC)

3 ICC 2 (second smart card) (not implemented)

4 Security module (not implemented)

5 REMOTE HOST (not implemented)

Table 7: dad / sad Device Addresses

For return values, confer Table 9.

Seite 31


7.4 CT_close

This function will terminate the communication with the card reader and release the interface. It must be called up when quitting the program. Function:

char CT_close(unsigned short ctn)

Parameters:


ctn Input parameter Logical card terminal number

Table 8: Parameters for CT_close

For return values, confer Table 9.

7.5 General Return Values for CT-API Functions

The return codes of all functions are homogenously listed in the following table.

Return Code Value Significance

OK 0 Function call-up successful

ERR_INVALID -1 Invalid parameter or value

ERR_CT -8 CT error (terminal not operational)

ERR_TRANS -10 Irremediable transmission error

ERR_HTSI -128 Host transport service interface error

Table 9: Return Codes of the CT-API Functions

Seite 32


7.6 Using the CT-API: The Example of the Public Health Insurance Card

The following example demonstrates the use of the functions CT_init, CT_data, as well as CT_close (without discussing the return codes). /* Example of Reading a Public Health Insurance Card */ #inlcude <windows.h> /* platform-spezific */ #include <stdio.h> #include "ct_api.h" int main(void) { unsigned char sad, dad; /* source address, destination address, are transmitted as pointers so that these can be evaluated as responses as well */ unsigned char response[300]; /* Field for the Response of Function */ unsigned char command[300]; /* Length of command here: max. 300 characters */ int i; unsigned int lenr; int ct_port = 2; /* Example: COM 2 */ int ctn = 1; /* first Terminal */ /* Select logical terminal number and port COM2 */ if(CT_init(ctn, ct_port) != OK) { /* Return code OK ? */ printf(“\nCard Reader cannot be Reached. Port?”); return(1); /* Quit Program */ } /* RESET CT */ sad = 2; /* source = Host (PC) */ dad = 1; /* destination = CardTerminal (Card Reader) */ lenr = sizeof(response); /* Set maximum length of response*/ command[0] = 0x20; /* CLA */ command[1] = 0x11; /* INS */ command[2] = 0x00; /* P1 */ command[3] = 0x00; /* P2 */ command[4] = 0x00; /* LEN */ /* Call up Function CT_data and Display Return Code */ printf("Reset CT Returnwert: %d\nSW1-SW2:", CT_data(ctn, &dad, &sad, 5, command, &lenr, response));

Seite 33


/* Issue Response*/ for(i=0;i<lenr;i++) printf("%02x ",response[i]); printf("\nInsert Card and Press Button!\n"); getch(); /* RESET ICC */ sad = 2; /* source = Host (PC) */ dad = 1; /* destination = CardTerminal */ lenr = sizeof(response); /* maximum length of response */ command[0] = 0x20; /* CLA */ command[1] = 0x12; /* INS */ command[2] = 0x01; /* P1 */ command[3] = 0x01; /* P2 */ command[4] = 0x00; /* LEN */ printf("Reset ICC Return Code:%d\nSW1-SW2:", CT_data(ctn, &dad, &sad, 5, command, &lenr, response)); for(i=0;i<lenr;i++) printf("%02x ",response[i]); /* READ BINARY */ printf("\n\nKVK Data:\n"); sad = 2; /* source = Host (PC) */ dad = 0; /* destination = card */ lenr = sizeof(response); /* maximum length of response */ command[0] = 0x00; /* CLA */ command[1] = 0xb0; /* INS */ command[2] = 0x00; /* P1 */ command[3] = 0x00; /* P2 */ command[4] = 0x00; /* Le */ printf("Read Binary Return Code:%d\nData:",CT_data(ctn, &dad, &sad, 5, command, &lenr, response)); for(i=0;i<lenr;i++) printf("%02x ",response[i]); /* DEACTIVATE ICC */ sad = 2; /* source = HOST */ dad = 1; /* destination = CardTerminal */ lenr = sizeof(response); /* maximum length of response */ command[0] = 0x20; /* CLA */ command[1] = 0x14; /* INS */ command[2] = 0x01; /* P1 */ command[3] = 0x00; /* P2 */ printf("\n\nDeactivate Returnwert:%d\nSW1-SW2:",CT_data(ctn, &dad, &sad, 4, command, &lenr, response)); for(i=0;i<lenr;i++) printf(" %02x ", response[i]); /* Close interface */ printf("\nCT_close Return Code:%d\n",CT_close(ctn)); printf("\nRemove Card!"); return(0); }

Seite 34


8 Tag Length Value (TLV) Representation

8.1 Set-up of a TLV Field

A TLV representation is frequently used for coding the files of smart cards as well as of card readers. This form of representation is set up homogeneously according to the following structure.

Tag LEN Value

1 byte 1 or 3 byte(s) LEN bytes

8.2 Coding Rules

Tags Tags represent values of a single byte in the range of 0 through 254. The value 255 is reserved for future extensions. The defined tags have the same significance for all files and commands of the card reader.

Length Length is coded in one or three bytes. If the value of the first byte is somewhere in the range between 0 and 254, this reflects the length. The value 255 indicates that the subsequent two bytes will state the length in the form of Hi-Byte, Lo-Byte.

Value The value field uses various coding rules that are precisely defined by the tag.

IA5 A sequence of IA5 (ASCII) characters whose length is defined by the length field.

Integer The integer value is two bytes in length, coded in the two’s complement. The first byte is the more significant one, with the most significant one serving as sign bit.

Enumeration A string of bytes.

Matrix The subsequent bytes are interlinked as table.

Seite 35


8.3 Coding the Tags

The contents of the TLV files is precisely defined by the tag definition and the corresponding values. At present, the following tags and values are used

Tag Value

Value

Significance Coding rule Value Significance

'01' Version IA5

'02' Module (if a given value exists more than once, then the corresponding module also exists more than once.)

Enumeration '00' ICC module

'01' CT file system

'20' Read-only protection for public health insurance card

'10' Freeze

'30' Serial switch of the CT

'40' Software update

'03' Memory size Integer (The module to which the memory size refers is identified by the context)

'08' Update Key Integer Index of the keys for software updates

'0E' Software revision

IA5

'0F' Card Terminal Number (CTN) / Port assignment (This tag can also occur more than once, that is, if the driver supports several ports and CTs.)

Matrix 1. Byte = card terminal number

2. Byte = physical port 3. Byte = interface type

'01' = serial interface

'02' = parallel interface

'03' = PC card (PCMCIA)

'10' Host / CT protocol

Enumeration '00' Protocol in accordance with Telesec layer 1, layer 2 Specification

'11' Baud rates Enumeration '00' 9600 Baud

'01' 19200 Baud

'02' 28800 Baud

'03' 38400 Baud

'04' 57600 Baud

'05' 115200 Baud

'06' 64000 Baud

Seite 36


'07' 12800 Baud

'12' Options for character component

Enumeration '00' Default values (9600 baud, 8 data bit, 1 stop bit, even parity)

'01' 1 stop bit

'02' 2 stop bits

'03' No parity

'04' Even parity

'05' Odd parity

'10' CWT may be changed

'11' BWT may be changed

'13' Options for block component

Enumeration '00' LRC

'01' CRC

'1C' IFSC Integer Length of information field for the reception of the CT

'1D' IFSD Integer Length of information field for the reception of the HOST (PC)

'1E' CWT Integer CWT in ms

'1F' BWT Integer BWT in ms

'20' Physical properties of the smart cardreading unit

Enumeration '10' Ejector

'30' Locking mechanism

'40' Mini ICC

'80' unicolored LED

'81' bicolored LED

'90' Acoustic signal

'A0' Transparent mode is supported

'21' Status of smart cardreading unit

Enumeration '00' No ICC is reading unit

'01' ICC in reading unit, not activated

'02' ICC in reading unit, electric interface activated

'80' Default behavior of LED

'81' Color 1 off / LED 1 off

'82' Color 2 off / LED 2 off

'89' Color 1 on / LED 1 on

'8A' Color 2 on / LED 2 on

'90' Acoustic signal off

'98' Acoustic signal on

'A0' Transparent mode active

'22' CT / ICC protocols

Enumeration '00' No protocols

'01' T=0 protocol

'02' T=1 protocol

Seite 37


'03' T=14 protocol

'80' I2C bus protocol

'81' 3-wire bus

'82' 2-wire bus

'90' Smart cardtype 4401




'23' DI Byte Parameter for PTS in compliance with ISO 7816-3

'24' FI Byte Parameter for PTS in compliance with ISO 7816-3

'25' PTS Parameter Enumeration '00' Extra Guard Time (N=255)

'26' Protocol status Byte '00' Not ready

'01' PTS

'02' Ready

'03' Active

'04' Error

'05' Fatal error

'27' Protocol parameter

Enumeration t.b.d.

'30' Freeze events Enumeration '01' ICC in contact unit 1

'02' ICC in contact unit t 2

'03' No ICC in contact unit 1

'04' No ICC in contact unit 2

'40' Bit length Integer Bit length in machine cycles

'41' CGT Integer CGT in etu

'42' BWT Integer BWT in machine cycles

'43' CWT Integer CWT in machine cycles

'44' Protocol parameter in transparent mode

Enumeration '00' Direct convention

'01' Indirect convention

'02' Switch on error remediation in compliance with ISO 7816-3 6.1.3

'03' Switch off error remediation in compliance with ISO 7816-3 6.1.3

'04' Switch on 'Active Low Reset'

'05' Switch off 'Active Low Reset'

Table 10: Coding the Tags

Seite 38


9 The Smart card terminal File System The smart card terminal (CT) file system serves the representation and configuration of special properties of smart card terminals. It has a hierarchical set-up and the following properties:

• You can assign reading and/or writing privileges to files or directories. • You can assign a password to any file or any directory in order to protect the reading-

and/or writing access. The length of the password is limited to 256 bytes. • The length of files or directories is limited to 65,535 bytes. • Aside from normal files, special files controlling the device access are supported as

well.

The file system always contains an active file that is referenced for the commands 'Read Binary', 'Write Binary', 'Erase Binary' and 'Verify'. The active file is selected with the command ‘Select File.’ The active file can also be a directory. After the reset the master file is set as active file.

9.1 File Control Information

The file control information consists of 10 bytes, and has the following structure:

Byte Significance Coding

1 -2 Current size 16 Bit binary

3 -4 Size of reserved memory space

16 Bit binary

5,00 Displays (flags) Bit 1 (LSB) Password-protected reading access

Bit 2 Reading access

Bit 3 Password-protected reading access

Bit 4 Reading access

Bit 5 Password verified

Bit 6 0 (reserved)

Bit 7 0 (reserved)

Bit 8 (MSB)

File is a directory

6,00 Reserved z.Zt. 0

7 - 8 Internal use 16 Bit binary (pointer)


Table 11: Coding the File Control Information

The file control information is displayed in the response for the ‘Select File’-command.

Seite 39


9.2 Directories

Directories are special files the system needs in order to be able to manage and structure the data. They contain directory entries describing the files and sub directories they contain. A directory entry consists of five bytes, and has the following structure:

Byte Significance Coding

1 - 2 ID 16 Bit binary

3 Displays (flags) Bit 1 (LSB) File located in ROM

Bit 2 File located in RAM

Bit 3 0 (reserved)

Bit 4 0 (reserved)

Bit 5 0 (reserved)

Bit 6 0 (reserved)

Bit 7 0 (reserved)

Bit 8 (MSB)

0 (reserved)


Table 12: Coding the Directory Entries

The first entry of a given directory refers to the super-ordinate directory (parent). At the root of the file system – which is the master file – the master file itself serves as super-ordinate directory. Directories can be read like normal files, but not be inscribed by the user. At any time, the file system has an active directory that the command ‘Select File’ causes to be searched. If a file that is a directory is selected under the ‘Select File’-command, the file becomes the active directory. A reset will set the master file to be the active directory.

Seite 40


9.3 Hierarchical Set-up

The card reader file system consists of the files listed in Table 13. Master File, ID = 3F 00

CT Configuration File, ID = 00 20

CT directory, ID = 7F 60

HOST / CT configuration file, ID = 60 20

HOST / CT status file, ID = 60 21

Freeze configuration File, ID = 60 30

Freeze ctatus file, ID = 60 31

ICC1 directory, ID = 7F 70

ICC1 configuration file, ID = 70 20

ICC1 status file, ID = 70 21

ICC2 directory, ID =7F 71

ICC2 configuration file,ID= 71 20 ICC2 status file,ID = 71 21

Files directly addressed in the host driver: Host configuration file ID = FF 10 Host status file ID = FF 11

Table 13: Card Reader File System

One needs to differentiate between configuration files and status files. Configuration files describe the properties of the card reader, of a module, or of a function unit. They are not writable, and their contents will not change. Status files show the status of the card reader, of a given module, or of a function unit. They are not writable. Their contents will change along with their status.

9.4 HOST Configuration File

The HOST configuration file describes the HOST driver, and is therefore located at the PC end while being addressed directly by the DAD = 01. HOST Configuration File

ID = FF 10 Description of the configuration and the properties of the HOST driver.

Tag Significance

'01' Driver version

'02' Available hardware- and software modules

Table 14: HOST Configuration File

Seite 41


9.5 HOST Status File

The HOST status file describes the HOST driver status, and is therefore located at the PC end while being directly addressed by the DAD = 01. The tag ‘0F’ may occur more than once if the driver supports more than one card reader. It describes the interface type (serial port) with the corresponding port that has been assigned to the card terminal number (CTN). HOST Status File

ID = FF 11 Description of the configuration and the properties of the HOST driver.

Tag Significance

'0F' Matrix for the representation of the link between the logical card terminal number, the physical port, and the type of interface.

'1C' IFSC - information field size for reception at the card reader end.

'1D' IFSD - information field size for reception at the host end.

Table 15: HOST Status File

9.6 CT Configuration File

CT Configuration File

ID = 00 20 Description of the configuration and the properties of the card reader.

Tag Significance

'01' Card terminal version

'02' Available hardware- and software modules

'03' Card terminal RAM size

'08' Index of update keys

'0E' Software revision

Table 16: CT Configuration File

Seite 42


9.7 HOST / CT Configuration File

The tags '11', '12' und '13' may occur more than once, in which case they apply to the previously identified type of protocol. If the tags are listed ahead of a given protocol, they apply to all protocols. HOST / CT Configuration File

ID = 60 20 Description of supported properties at the HOST / CT interface.

Tag Significance

'03' Size of protocol buffer

'10' Supported protocols

'11' Supported baud rates+

'12' Options for the character component

'13' Options for the block component

'1E' CWT

'1F' BWT

Table 17: HOST / CT Configuration File

9.8 HOST / CT Status File

HOST / CT Status File

ID = 60 21 Set parameters of the HOST / CT interface

Tag Significance



'11' Baud rate

'12' Options for the character component

'13' Options for the block component

'1E' CWT

'1F' BWT

Table 18: HOST / CT Status File

9.9 Freeze Configuration File

Freeze Configuration File

ID = 60 30 Description of the supported freeze options

Tag Significance

'30' Freeze Options

Tabelle 19: Freeze Configuration File Seite 43


9.10 Freeze Status File

The freeze status is erased by a freeze command. After the termination of the freeze command, the freeze status will identify the event that terminated the freeze command. Freeze Status File

ID = 60 31 Freeze-Status

Tag Significance

'30' Freeze option that terminated the previous freeze command

Table 20: Freeze Status File

9.11 ICC Configuration File

ICC Configuration File

ID = 70 20 Description of the supported properties of the ICC1 interface

ID = 71 20 Description of the supported properties of the ICC2 interface

Tag Significance

'03' Size of the protocol buffer

'20' Supported options


Table 21: ICC Configuration File

9.12 ICC Status File

ICC Status File

ID = 70 21 Status at the ICC1 interface

ID = 71 21 Status at the ICC2 interface

Tag Significance


'21' Status of the smart cardreading unit

'22' Protocol

'23' DI parameter for PTS

'24' FI parameter for PTS

'25' PTS parameter

'26' Protocol status

'27' Protocol parameter

Table 22: ICC Status File

Seite 44


10 Application Commands All commands issued to the card terminal require the structure of the CT-API that was specified for the public German healthcare system. The application commands subdivide into commands for card terminals (CT) and commands for smart cards (ICC). The CT commands are characterized by the fact that the destination address (DAD) is set to the value ‘01.’ The ICC application commands have the destination address ‘00’, provided a smart card is inserted in contact unit 1. In the case of card terminals having several switching options, the non-communicating interfaces are deactivated by sending a command.

10.1 CT Application Commands

The syntax of the commands and the responses complies with ISO 7816-4. The commands also support the expanded file format. The command structure, as well as the response structure, are represented in the two following tables:

Header (mandatory) Body (optional)

CLA INS P1 P2 Lc Data Le

Command class

Command Parameter 1 Parameter 2 Command length Daten Anticipated length of response

Table 23: Command structure

Body (optional) Trailer (mandatory)

Data SW1 SW2

Data Status byte 1 Status byte 2

Table 24: Response Structure

Seite 45


10.2 Overview of Commands

The following table provides an overview of the commands and their coding.

Command Coding

CLA INS P1 P2 Lc Parameter Le

Erase Binary '00' '0E' offset var. var. -

Verify '00' '20' '00' '00' var. PIN -

Select File '00' 'A4' '00' '00' 2,00 File ID -

Read Binary '00' 'B0' offset - - var.

Write Binary '00' 'D0' offset var. data -

Reset '20' '10' device rsp. type - - var.

Reset CT '20' '11' device rsp. type - - -

Request ICC '20' '12' device var. var. Time in sec. -

Get Status '20' '13' device var. - - -

Deactivate ICC '20' '14' device '00' - - -

Eject ICC '20' '15' device var. var. Time in sec. -

Input '20' '16' '50' var. var. Parameter var.

Output '20' '17' '40' '00' var. Parameter -

Perform Verification '20' '18' device '00' var. Parameter -

Modify Verif. Data '20' '19' device '00' var. Parameter -

Reset1 '20' '1F' device rsp. type - - var.

Set Interf. Parameter '80' '60' device '00' var. Parameter -

Set Mode '80' '61' device mode - - -

Freeze '80' '70' '00' '00' var. freeze events -

Wait Freeze '80' '71' var. var. - Timeout -

Table 25: Command Overview of CT Application Commands

Seite 46


10.3 Status Bytes SW1 and SW2

The response syntax complies with ISO 7816-4. The coding of SW1 and SW2 also complies with ISO 7816-4 as far as possible. However, expansions have been realized in order to be able to signalize error causes in a more differentiated manner. The following tables provides an overview of the general displays provided by SW1 and SW2 as well as their causes. These displays can appear as result of any CT application command. The command-specific displays in SW1 and SW2 are elaborated in the representation of the individual commands. SW1 SW2 Significance Possible Causes

'90 00' Error-free processing

'67 00' Incorrect length The structure of the command does not comply with ISO 7816-4.

'6E 00' CLA is not supported The command class on display is not supported.

'6A 00' Incorrect parameter P1 and/or P2

P1 or P2 shows an invalid value. A value displayed for P1 or P2 is not supported by this implementation.

'6C XX' Incorrect value for Le, SW2 shows incorrect value

'6D 00' INS is not supported The value displayed is not supported for this command class.

'6F 81' Invalid destination address The destination address (DAD) is not supported.

'6F 82' Invalid source address The source address (SAD) is not HOST or REMOTE HOST.

Table 26: General Displays by SW1 and SW2

Seite 47


10.4 Erase Binary

This command will erase the data in the file selected. Note: At present, the ‘Erase Binary’-command is permissible only if the protocol 4402 has been selected for the smart card SLE 4402. It is only possible to erase bits 80 through 111 (bytes 10 through 13) with ‘Erase Binary.’ The bytes 10, 11, and 12, 13 can only be erased collectively. Erasing the user code (bits 64 through 79) is possible only if a new user code (‘Write Binary’-command in the password file) has been set. The erasing of the frame memory (bits 112 through 319) is caused as a side effect of the successful verification of the frame code, using the ‘Verify’-command. Coding:

CLA '00'

INS '0E'

P1, P2 Offset of the first byte to be erased

Lc 0 or 2

Data field Where available (Lc = 2), Offset of the first byte not to be erased. If not available (Lc = 0), all bytes up to the end of the data area will be erased.

Le Empty

Table 27: Coding des Erase Binary Command

Special Status Displays:

SW1 SW2 Significance Possible Causes

'69 85' Command not possible Erasing is not possible for the smart card type selected. Erasing is not possible for the file type selected. There exists no active file or no active directory. Writing access is blocked.

'6A 86' Invalid parameter The specified area to be erased is invalid.

'65 00' Erasing not successful The number of possible erase cycles has been exceeded. The present smart card status does not permit any erasing (e.g. no password was entered, or an incorrect one).

Table 28: Special Status Displays for the Erase Binary Command

Seite 48


10.5 Verify

The ‘Verify’-command will execute a password verification for the active file. If the active file is changed, the status of the password verification will be lost. The parameter P2 of the ‘Verify’-command specifies the reference data. If P2 equals 0, no particular reference data will be specified. Coding:

CLA '00'

INS '20'

P1 '00' – if just a password, otherwise application-specific

P2 '00', '81', '82'

Lc Length of password

Data field Password

Le Empty

Table 29: Coding the Verify Command

The following definitions apply to P2:

P2 Length of Verification Data

Type of Verification

'00' 2 bytes Password verification for the 3-wire bus. No specific reference data are identified.

3 bytes Password verification for the 2-wire bus. No specific reference data are identified.

'80' 2 bytes Verification of the user code (bits 64 - 79) for the 4402 protocol. CAUTION: In case of successful verification, bits 80 through 95 will be erased as a side effect. Among other things, these bits contain the error counter.

'81' 4 bytes Verification of the frame code (bits 320 - 351) for the 4402 protocol. CAUTION: In case of successful verification; the frame memory (bits 112 though 319) will be erased as a side effect.

Table 30: P2 Parameters of the Verify Command

No password file is implemented for smart cards having the 3-wire bus protocol. As far as the access is concerned, the SLE 4428 will treat the operating error counter and the password like any other character. The B1 card reader is not able to distinguish between smart cards of the types SLE 4418 and SLE 4428. If a ‘Verify’-command is executed under SLE 4418, this can lead to an unintended change of data on the smart card. This concerns in particular the character 1021, at which address the operating error counter of the SLE 4428 is located.

Seite 49




'62 00' No password The active file or the active directory are not password-protected.

'63 00' Incorrect password

'69 83' Operating error counter expired

'69 85' Command not possible

There exists no active file or directory. The writing access is blocked.

'6B 00' Offset outside file

'6A 88' No reference data

'63 01' Premature end of file The end of the memory space reserved for the file has been reached before the Lc bytes were written.

Table 31: Special Status Displays for the Verify Command

10.6 Select File

‘Select file’ will select an active file within the CT file system. The new file must be located in the active directory, or must be the master file. (Exempt from this rule are the files in the host driver that can be directly addressed.) If ‘Select File’ fails, there will be no active file. If the new active file is a directory, this directory will become the new active directory. Coding:

CLA '00'

INS 'A4'

P1 '00' (selection by file identifier)

P2 '00' (first or only occurrence, proprietary file control information format)

Lc '02'

Data field File ID (2 bytes)

Le Empty or length of the expected response

Table 32: Coding the Select File Command



'6A 82' File not found File does not exist under the ID displayed or cannot be reached from the active directory.

Table 33: Special Status Displays for the Select File Command

Seite 50


10.7 Read Binary

‘Read binary’ will read data out of the active file of the file system. Coding:

CLA '00'

INS 'B0'

P1, P2 Offset of the first byte to be read

Lc Empty

Data field Empty

Le Number of bytes to be read. If Le = 00 or 000000 applies, the file is read through to its end, with Le = 00 having a maximum of 256 bytes.

Table 34:Coding the Read Binary Command

Special Status Displays: SW1 SW2 Significance Possible Causes

'69 82' No access authorization Reading of the file or the directory is password-protected, and the password verification has not been successfully performed yet.

'69 85' Access not possible There exists no active file or active directory. Reading access is blocked.

'6B 00' Offset outside of file

'62 82' Premature end of file The end of the file was reached before the Le bytes were read.

Table 35: Special Status Displays for the Read Binary Command

Seite 51


10.8 Write Binary

‘Write Binary’ will write data into the active file of the file system. Coding:

CLA '00'

INS 'D0'

P1, P2 Offset of the first byte to be written

Lc Number of bytes to be written

Data field Data to be written

Le Empty

Table 36: Coding the Write Binary Command



'63 01' Premature end of file The end of the memory space reserved for the file was reached before the Lc bytes were written.

'65 00' Writing not possible Memory error

'69 82' No access authorization The writing access to the file is password-protected, and the password verification has not been successfully performed yet.

'69 85' Command not possible There exists no active file or active directory. Writing access is blocked.

'6B 00' Offset outside of file

Table 37: Special Status Displays for the Write Binary Command

Seite 52


10.9 Reset

A reset will be executed on the specified device, and will provide the ATR. In the case of card terminals having more than one interface, the blocked ports will be released again. Coding:

CLA '20'

INS '10'

P1 Device 00 = card reader, 01 = ICC1, 02 = ICC2

P2 00 = no responses 01 = entire ATR 02 = only historical characters as response

Lc Empty

Data field Empty

Le '00'

Table 38: Coding the Reset Command



'90 00' ATR received from synchronous ICC (only with P1 = 01 or 02)

'90 01' ATR received from asynchronous ICC

'62 A5' No protocol selected No ATR was received by a synchronous card, the protocol byte is unknown.

'62 A6' No ATR in compliance with ISO 7816-3

The ATR was received with the I2C protocol, not compliant with ISO 7816-3.

'62 A7' no ATR compliant with ISO 7816-3, no protocol selected

It was not possible to receive an ATR either in compliance with ISO 7816-3, nor to read the ATR with the I2C protocol.

'64 00' Reset unsuccessful It was not possible to execute a successful reset.

'64 A1' No ICC No smart card in the contact unit.

'64 A2' ICC not activated ICC was removed from the contact unit after its activation, and then reinserted.

'64 A3' Protocol not supported The ATR of an asynchronous ICC was received. The protocols displayed in the ATR are not supported.

'64 A8' Protocol error The ATR of an asynchronous ICC was received. The check sum contained errors.

Table 39: Special Status Displays for the Reset Command

Seite 53


10.10 Reset CT

This command has the same effect as ‘Reset.’ It is only implemented for reasons of compatibility within the public German healthcare systems, subject to arrangement. Coding:

CLA '20'

INS '11'

P1 '00' = terminal, '01' = ICC1, '02' = ICC2 (only B1 Professional)

P2 '00' = no responses

'01' = entire ATR

'02' = only historical characters as response

Lc Empty

Data field Empty

Le Empty or '00'

Table 40: Coding the Reset CT Command

Special Status Displays: Confer ‘Reset’-Command.

Seite 54


10.11 Request ICC

‘Request ICC’ prompts the insertion of a smart card – with the option of specifying a waiting period – and will execute a reset once a card has been inserted. Card terminals equipped with display provide the option of displaying an input challenge. Coding:

CLA '20'

INS '12'

P1 Device '01' = ICC1, '02' = ICC2 (only B1 Professional)

P2 Bits b8 - b5:

'0' = standard display text No. 1 (confer Section 10.19)

'F' = no display message

Bits b4 - b1:

'0' = no response data

'1' = entire ATR

'2' = only historical characters

Lc Empty or length of data field

Data field Empty or waiting period in seconds or TLV with the tags:

'50' = display text coded as IA5

'80' = waiting period in seconds (coded integer)

Le Empty or '00'

Table 41: Coding the Request ICC Command

Seite 55




'90 00' ATR received from synchronous ICC

'90 01' ATR received from asynchronous ICC

'62 00' Warning No smart card was inserted during the waiting period.

'62 01' Warning The smart card is already activated.

'62 A5' No protocol selected No ATR from a synchronous card was received, the protocol byte is unknown.

'62 A6' No ATR compliant with ISO 7816-3

The ATR was received with the I2C protocol, not in compliance with ISO 7816-3.

'62 A7' No ATR compliant with ISO 7816-3, no protocol selected

No ATR was received ISO 7816-3, nor was it possible to read the ATR with the I2C protocol.

'64 00' Reset unsuccessful No reset could be executed for the card.

'64 01' Reset break The cancel button was pressed.

'64 A2' ICC not activated ICC was removed from the contact unit after the activation and reinserted.

'64 A3' Protocol not supported

The ATR of an asynchronous ICC was received. The protocols displayed by the ATR are not supported

'64 A8' Protocol error The ATR of an asynchronous ICC was received. The check sum contained errors.

'69 00' Command not permissible

Timeout or LCD output not supported.

Table 42: Special Status Displays for the Request ICC Command

10.12 Deactivate

This command will deactivate the contacts to the smart card. Coding:

CLA '20'

INS '14'

P1 Device: 01 = ICC1, 02 = ICC2

P2 '00'

Lc Empty

Data field Empty

Le '00'

Table 43: Coding the Deactivate Command

Seite 56




'90 00' Command successful

'64 A1' No ICC No ICC was activated.

10.13 Eject ICC

The card was deactivated. A message prompting removal of the card will be displayed whose display time can be defined by the timeout parameter. Coding:

CLA '20'

INS '15'

P1 Device: '01' = ICC1, '02' = ICC2

P2 '00' = standard display text No. 2 (confer Section 10.19)

'F0' = no display message

Lc 0, 1 or length of data field

Data field If available, 1 byte will state the timeout until removal of the card

or TLV structure

'50' = display text coded as IA5 (limited set of characters)


Le Empty

Table 44: Coding the Eject ICC Command




'90 01' Command successful, card was removed

'62 00' Warnung The card was not removed within the timeout period.

Table 45: Special Status Displays for the Eject ICC Command

Seite 57


10.14 Get Status

The ‘Get Status’-command permits queries for status information, which are returned as TLV-coded data objects (DO; confer Table 48).

Coding:

CLA '20'

INS '13'

P1 '00' = smart card terminal

'01' = ICC 1

'02' = ICC 2 (only B1 Professional)

P2 P1 = '00' :

'46' = make of terminal

'80' = status of all ICC interfaces

'81' = functional units

P1 ≠ '00' :

'80' = status of ICC specified in P1

Lc Empty

Data field Empty

Le '00'

Table 46: Coding the Get Status Command Special Status Displays:



Table 47: Special Status Displays for the Get Status Command Response DOs:

Wert von P2

Significance

'46' Manufacturer’s string

'80' For each ICC, one byte b8...b1:

b3b2 = '01' : ICC deactivated

b3b2 = '10' : ICC activated

b1 = 1: ICC available

'81' One byte for each functional unit:

'01' = ICC1, '02' = ICC2, '40' = display, '50' = keyboard

Table 48: Tags in the Response of the Get Status Command

Seite 58


10.15 Input

Use the ‘Input’-command to request input through the card terminal keyboard. Optionally, the requested input text or any other input text can be displayed on the display screen. Coding:

CLA '20'

INS '16'

P1 '50' = keyboard

P2 '00' = no optical feedback of the input

'01' = input is displayed in plain text on the display

'02' = input is shown on the display in the form of the character ’*’ (asterisk)


Data field Empty or TLV with the tags:

'50' = display text coded as IA5


Le '00'

Table 49: Coding the Input Command

The default value for the input timeout is set at 15 seconds prior to the first entered character, and 5 seconds between the input of the other characters. The waiting period option allows you to extend or cut the 15 second period. Special Status Displays:



'64 00' Waiting period expired The waiting period expired.

'64 01' Break The user pressed the cancel button.

Table 50: Special Status Displays for the Input Command

Seite 59


10.16 Output

The output command is used to display the output on the display screen of the card terminal. Coding:

CLA '20'

INS '17'

P1 '40' = Display

P2 '00'


Data field Empty or TLV with the TAGs:

'50' = Display Text coded as IA5


Le Empty

Table 51: Coding the Output Command




Table 52: Special Status Displays for the Output Command

Seite 60


10.17 Perform Verification

This command causes a message to be displayed, requesting PIN input, the acceptance of the PIN input through the smart card terminal keyboard, and the corresponding interaction with the smart card(for a more accurate description of the present smart card terminal, confer Section 5.1). Support for a biometric sensor is not provided at present. The interaction of the smart card consists, on the one hand, of the sending of commands transmitted in the data field or the ‘Perform Verification’-command. In this context, you will either have to enter the PIN or the resetting code of the smart card terminal at the insert position identified in the DO ‘Command-to-Perform’. On the other hand, the interaction consists of the acceptance of the smart card response. Coding:

CLA '20'

INS '18'

P1 '01' = CT/ICC interface 1

'02' = CT/ICC interface 2 (only B1 Professional)

P2 '00' = user authentication via PIN pad

Lc Length of data field

Data field TLV with the tags (confer also ISO/IEC 7816-6 on this point):

'52' = command-to-perform: control byte (see below) || insert position || raw command1

'50' = display text for challenge to enter PIN is being ignored (default = “Please enter PIN”).

'80' = timeout in seconds (BCD coded) is ignored until the first digit is entered

Le Empty

Table 53: Coding the Perform Verification Command Bits Control Byte (Tag '52')

b8-b5 Length of PIN to be entered. '00' for any length (conclude with return key)

b4-b3 '00' = RFU

b2-b1 PIN coding

'00' = BCD

'01' = T.50-coded character with b8=0 (i.e. digit 0 = '30', digit 1 = '31' etc., ASCII)

'10' = format 2 PIN block (2L PP PP PP PP ... PF FF FF .. FF; L=length, P=BCD PIN digit)

'11' = RFU

b8-b1 'FF' for biometric authentication (not implemented)

Table 54: Coding the Control Bytes (Tag '52') The insert position is counted upward, starting at 1. The raw command in ‘Command-to-Perform’ may appear, depending on the application, in one of the two following formats: - Command Header (CLA, INS, P1 P2 = 4 bytes), if the PIN is entered into the data field of

the ICC command without padding.

Seite 61

1 For security reasons, the raw command permits only the INS bytes 0x20, 0x24, 0x26, 0x28 and 0x2c!


- Command Header with length field Lc and with data field pre-formatted with padding bytes.

Examples: 1. VERIFY-command compliant with ISO/IEC 7816-4 ('00 20 00 00'), 4-digit PIN 4712

(BCD) Contents of Tag '52' = '40 06 00 20 00 00' At position '05', starting from the begin of command, the length byte Lc (here: '02') is entered by the card terminal. Insert position is ‘06’, that is, the sixth byte after the beginning of the ‘Verify’-command. After the PIN has been successfully entered, the following command is sent to the card: '00 20 00 00 02 47 12'.

2. ‘Verify’-command compliant with CEN 726-3, 4-digit PIN 4712 (ASCII) with FF padding Contents of Tag '52' = '41 06 A0 20 00 01 08 FF FF FF FF FF FF FF FF' Insert position is ‘06’, that is, the sixth byte after the beginning of the ‘Verify CHV’-command. Once the PIN has been successfully entered, the following command is sent to the card: 'A0 20 00 01 08 34 37 31 32 FF FF FF FF'.

After the input request the PIN to be entered (usually between four and eight digits) is displayed on the screen in the form of a star for each digit entered. The PIN length is defined in the control byte. Next, the PIN is entered in the data field of the ICC command, which is found in the data field of the ‘Perform Verification’-command (‘Command-to-perform’ is entered ahead of the PIN in the Lc field, provided that nothing but the command header is found there). Afterwards the ICC command is transmitted to the smart card. The status bytes returned in the response of the ICC command (if the PIN was entered correctly, SW1-SW2 = ‘9000’) are forwarded to the application system in the form of status bytes of the ‘Perform Verification’-command, and the standard text ‘Action Successful’ will be issued through the display. If the PIN transmitted to the smart cardwas incorrect, the return code from the smart cardSW1-SW2 will differ from ‘9000.’ In this case, the standard display text ‘PIN Incorrect/Blocked’ will be issued, and the return code will be sent back to the application system. If the user presses the cancel button before the PIN input is concluded, the command will be sent back to the smart card, the standard display text ‘Break’ will be issued through the display, the input buffer will be erased, and the return code SW1-SW2 = '6401' will be returned. If the input request is not followed by the input of the next digit within 15 seconds (default value), or if more than 5 seconds expire between the input of the next consecutive digits, no command will be sent to the smart card, the standard display text ‘Break’ will be issued through the display, and the return code SW1-SW2 = '6400' will be returned. If the user simply forgot to press the confirmation button – regardless of the PIN length – the process will be aborted after the expiration of another timeout period. Special Status Displays:

SW1 SW2 Significance Possible Cause

'9000' PIN was successfully transferred.

'6400' Timeout No input during the timeout period

'6401' Break The cancel button was pressed.

Table 55: Special Status Displays for the Perform Verification Command

Seite 62


10.18 Modify Verification Data

This command will prompt the request for the old PIN (or for the resetting code, confer ISO/IEC 7816-8; or for the unblocking key, confer EN 726-3) and the new PIN and the corresponding interaction with the smart card. No biometric support is implemented at present. The interaction with the smart card consists, on the one hand of the transmission of the commands entered into the data field of the ‘Modify Verification Data’-command, and of the acceptance of the smart card response. In the process, the old PIN, or the resetting code of the smart card terminal, will be inserted together with the new PIN into the insert position in the DO ‘Command-to-Perform.’ On the other hand it consists of the acceptance of the smart card response. Coding:

CLA '20'

INS '19'

P1 '01' = CT/ICC interface 1

'02' = CT/ICC interface 2 (only B1 Professional)

P2 '00' = user authentication via PIN pad

Lc Length of data field

Data field TLV with the Tags (confer also ISO/IEC 7816-6 on this point):

'52' = command-to-perform: control byte (see below) || insert position ALT || raw command2

'50' = display text for challenge to enter PIN is being ignored (default = “Please enter PIN”).

'80' = timeout in seconds (BCD coded) is ignored until the first digit is entered

Le Empty

Table 56: Coding the Modify Verification Data Command

The significance and usage of the tags matches the ‘Perform Validation’-command (confer Section 10.17) Examples: 1. ‘Change Reference Data’ compliant with ISO/IEC 7816-8, having old reference data (4-

digit PIN) and new reference data (6-digit PIN), i.e. PINs of variable length, and representation as ASCII characters. The value of the old reference data in the example is 4712, the value of the new reference data is 231546.

Contents of Tag '52' = '01 06 00 00 24 00 00' Insert position for the old reference data: '06', that is the sixth byte after the beginning of the ‘Change Reference Data’-command, insert position for new reference data: byte '00', i.e. immediately following upon the old reference data. The length byte Lc is inserted by the smart card terminal at position 05 after the beginning of the command. The command sent to the smart card has the following coding: '00 24 00 00 0A 34 37 31 32 32 33 31 35 34 36' Note: Under ISO/IEC 7816-8 is assumed that the smart cardknows the length of the old reference data, and that is therefore requires neither a fixed field length of 8 bytes, nor any delimiters!

Seite 63

2 For security reasons, the raw command permits only the INS bytes 0x20, 0x24, 0x26, 0x28 and 0x2c!


2. ‘Change CHV’-command compliant with CEN 726-3, having a 4-digit PIN (old PIN 4712, new PIN 2315) and BCD-coding with FF padding.

Contents of Tag '52' = '40 06 0E A0 24 00 01 10 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF' Insert position for the old PIN: '06', that is, the sixth byte after the beginning of the ‘Change CHV’-command, insert position for the new PIN: byte '0E', that is, the fourteenth byte after the beginning of the ‘Change CHV’-command. The command sent to the smart cardhas the following coding: 'A0 24 00 01 10 47 12 FF FF FF FF FF FF 23 15 FF FF FF FF FF FF'

The execution of the ‘Modify Verification Data’-command in the smart card terminal begins with the output of the standard display text ‘Please enter PIN.’ The data object ‘50’ (Command-to-Perform) should be entered in the data field if no standard display text is supposed to be used for user guidance. The data object ‘52’ (Command-to-Perform’) should always be the last tag in the data field. After the old PIN or the resetting code has been entered, the standard display text ‘Enter new PIN’ is issued. After the new PIN has been entered, the standard display text ‘Retype PIN’ is displayed. Once the PIN input has been repeated, and once it has been verified to match the first input, the two PINs are entered into their respective insert positions in the data field of the ICC command that is supposed to be sent to the smart card. The status bytes SW1-SW2 (usually ‘9000’), returned in the response of the ICC command, are forwarded to the application system as status bytes of the ‘Modify Verification Data’-command, and the standard display text ‘Action Successful’ is issued through the display. If the smart card returns a return code SW1-SW2 other than '9000,' the standard display text 'PIN Incorrect/Blocked' will be issued. If the input during the retyping of the new PIN fails to match the previous input, the display text ‘PIN mismatch. Break’ is issued over the display, and the SW1-SW2 = '6402' will be sent back to the application system as status bytes. In case the timeout period is exceeded during the user input, and if the process is cancelled by the user, the same rules as for the ‘Perform Verification Data’-command apply. Special Status Displays:

SW1-SW2 Significance Possible Cause

'9000' PIN change successfully performed

'6400' Timeout No input within the timeout period

'6401' Break The cancel button was pressed.

'6402' PIN mismatch The new PIN was incorrectly retyped the second time.

Table 57: Special Status Displays for the Modify Verification Data Command

10.19 Display Texts

According to the MKT specification, the following display texts for a display size of 2x16 characters have been defined. The character set supported is the alphabet (including German vowel shift characters) in upper and lower case, as well as the digits and standard special characters, in particular the asterisk. For use as control characters in display texts only CR is permitted. No. Text

Seite 64


1 Please insert card

2 Please remove card

3 Card cannot be read. Wrong position?

4 Please enter PIN

5 Action successful

6 PIN incorrect/blocked

7 Enter new PIN

8 Repeat input

9 PIN mismatch. Break.

10 Please confirm input

11 Please enter data

12 Break

Table 58: Standard-Anzeigetexte

Seite 65


10.20 Reset 1

‘Reset 1’ will execute a reset for asynchronous smart cards, and provides the ATR. If the interface to the smart card has already been activated, it will not be completely deactivated before the reset, and the power supply VCC remains consistent. Note: The Reset1 command was implemented in order to support the non-ISO-compliant protocol switch of some smart cards. Coding:

CLA '20'

INS '1F'

P1 Device 01 = ICC1, 02 = ICC2

P2 00 = no responses 01 = entire ATR 02 = only historical characters as response

Lc Empty

Data field Empty

Le '00'

Table 59: Coding the Reset 1 Command



'90 01' Received ATR from asynchronous ICC


'64 A2' ICC not activated ICC was removed from the contact unit after activation, and then reinserted.

'64 A3' Protocol not supported The ATR of an asynchronous ICC was received. The protocols displayed in the ATR are not supported.


No ATR from an asynchronous ICC was received.

'64 A8' Protocol Error The ATR of an asynchronous ICC was received. The check sum contained errors.

Table 60: Special Status Displays for the Reset 1 Command

Seite 66


10.21 Set Interface Parameter

The ‘Set Interface Parameter’-command effects the reset of the protocol, of the protocol parameters, or of the other adjustable properties at the identified interface. When resetting the HOST / CT interface, the setting of the new parameters is effected after the transmission of the response from the ‘Set Interface Parameters’-command. A resetting of the protocol or of the protocol parameters at the ICC interface is possible only under the protocol status PTS or READY – directly after the reset and prior to the beginning of the data transmission. However, the transparent mode allows for the resetting of parameters at any time. Coding:

CLA '80'

INS '60'

P1 Device: 00 = CT/HOST, 01 = ICC1, 02 = ICC2

P2 '00'

Lc Variable

Data field TLV

Tags '10','11','12','13' for device = 00

Tags '21','22','23','24','25' for device = 01 or 02

Tags '40','41','42',43','44' additional in transparent mode

Le Empty

Table 61: Coding the Set Interface Parameter Command



'69 85' Command not possible in the present status

Protocol settings at the ICC interface are possible only directly after the reset and before the data transmission is begun.

'6A 80' Invalid parameters in the data field

Options not supported, or combination of options not supported, are displayed in the data field. The parameters displayed in the data field are incompatible.

'6A 85' Inconsistent data in the data field

The data transmitted to the data field cannot be interpreted as TLV field.

Table 62: Special Status Displays for the Set Interface Parameter Command

Seite 67


10.22 Set Mode

This command is used to set the transmission mode to handle asynchronous smart cards. Two modes are supported. In the normal mode, the data is transmitted according to the set protocol. In the transparent mode, the transferred data are forward to the smart card in unchanged form. Switching to the transparent mode is possible only prior to activating the smart card, whereas switching from the transparent mode back into the normal mode is possible any time. Coding:

CLA '80'

INS '61'

P1 Device: 01 = ICC1, 02 = ICC2

P2 Mode 00 = normal mode, 01 = transparent mode

Lc Empty

Data field Empty

Le Empty

Table 63: Coding the Set Mode Command


SW1 SW2

Significance Possible Causes

'69 85' Command not possible in the current status

Switching from the normal mode to the transparent mode is possible only if the interface to the smart card is not activated.

'6A A3' Protocol is not supported

No valid asynchronous protocol was set for the switch from transparent mode back to normal mode.

Table 64: Special Status Displays for the Set Mode Command

Seite 68


10.23 Freeze

Freeze commands will convert the card reader into the freeze status. In the freeze status, the card reader retains its current status, and waits for the event identified by the freeze command to occur. The freeze status begins with the transmission of the response to the freeze command. The card reader will show the beginning freeze status by deactivating the DTR line – where available. The freeze status is terminated as soon as one of the events identified by the freeze command has occurred, or if a syntactically correct block of layer 2 (new command) has been received. In either case, termination of the freeze status is indicated by the activation of the DTR line. Coding:

CLA '80'

INS '70'

P1 '00'

P2 '00'

Lc Variable

Data field TLV

Tags '30' freeze events

Le Empty

Table 65: Coding the Freeze Command



'6A 80' Invalid parameters in the data field

An event not supported is displayed in the data field.

'6A 85' Inconsistent data in the data field

The data transmitted to the data field was not interpreted as TLV structure.

Table 66: Special Status Displays for the Freeze Command

Seite 69


10.24 Wait Freeze

'Wait Freeze' is sent after the successful issuance of a ‘freeze’ and will not return until after the event identified in the ‘Freeze’ has occurred, or if an error has manifested itself. Unlike with other commands, CT_data(...'Wait Freeze'...) will block the calling thread of the program. If the respective application has only one thread, the entire process will be blocked. Since this is hardly ever intended, CT_data(...'Wait Freeze'...) should be executed in a separate thread. If CT_close() is called up during a multiple thread process, while CT_data(...'Wait Freeze'...) is being processed, CT_data() will be terminated with the return code ERR_HTSI. Coding:

CLA '80'

INS '71'

P1 Timeout in minutes

P2 Timeout in seconds

Lc Empty

Data field Empty

Le Empty

Table 67: Coding the Wait Freeze Command If the value '00' is entered in P1 and P2, no timeout will be performed. ‘Wait Freeze’ will not return until the freeze event has occurred or in case of an error. Special Status Displays:

SW1-SW2 Significance Possible Causes '62F0' Timeout ‘Wait Freeze’ was terminated by a

timeout, the freeze event was not received.

'64F0' DSR already occupied during call-up The CT does not have freeze status.

Table 68: Special Status Displays for the Freeze Command During the reception of SW1-SW2 = '90 00' the change of the DSR_Line from LO to HI was received. In this case the application should read out the freeze status file or the ICC status file. The signal line could have been set by the activity of another application. In this case, the event did not occur even though DSR was set. After the ICC status file of the B1-CT has been read out, the application has to transmit ‘Freeze’ or ‘Wait Freeze’ once more.

Seite 70


10.25 ICC Application Commands

ICC application commands are characterized by the fact that the destination address (DAD) is set to the value 00 (ICC1) or to the value 02 (ICC2). The card reader attempts principally to forward the data addressed to an ICC, or received from there, to the respective destination address in transparent form. That is, each command to an ICC that is received by the HOST interface generally causes a response by an ICC to be transmitted to the HOST interface. There are two instances that take exception to this principle.

• The card terminal allows for access to synchronous smart cards by presenting them as file to the application layer. You may access such files with ICC commands specified for file operations.

• If an error occurs during the transmission of a command to an ICC, the card terminal will generate an error code. In order to enable the application to recognize that the response was generated by the card terminal, the source address (SAD) is set to the value of 01 (CT) in the response. The error messages generated by the card terminal are represented in the following table.


'62 A5' No protocol selected No ATR from a synchronous card was received. The type of protocol is unknown.

'62 A6' No ATR compliant with ISO 7816-3

The ATR was received with the I2C protocol, not in compliance with ISO 7816-3.


No ATR in compliance with ISO 7816-3 was received, nor could the ATR be read with the I2C protocol.

'64 A0' Unspecified ICC error


'64 A2' ICC not activated ICC was removed from the contact unit after activation , and then reinserted.

'64 A3' Protocol not supported

The ATR of an asynchronous ICC was received. The protocols displayed in the ATR are not supported.

'64 A5' No protocol selected No ICC protocol was selected.

'64 A8' Protocol error A protocol error occurred during the communication with the ICC. The error can possibly be remedied by re-synchronizing the layer 2 protocol. This will automatically be attempted during the next data transmission.

'64 A9' Irremediable ICC Protocol error

An irremediable protocol error occurred during the communication with the ICC.

'64 AA' PTS Protokollfehler An error occurred during the PTS with the ICC.

'64 AB' WTX error Communication with the ICC was interrupted because an extension of the waiting period requested by the HOST was denied.

'65 AB' WTX error, memory contents changed

The communication with the ICC was interrupted because an extension of the waiting period requested by the HOST was denied. The contents of the non-volatile memory may already be changed.

'69 85' Security violation Command was rejected due to security reasons.

'6F 82' Invalid source address.

The source address (SAD) is not 02 (HOST) or 05 (REMOTE HOST).

Table 69: Error Messages of the Smart card terminal when Accessing an ICC

Seite 71


10.26 Selecting a Synchronous ICC

If the card reader recognizes a synchronous ICC during reset, or if the user resets the protocol to process synchronous ICCs, using the command ‘Set Interface Parameter,’ a server module for synchronous ICCs is activated. This module presents synchronous ICCs as files, which allows for the addressing of additional ICC properties by way of selecting different files.

10.27 Commands for Selecting a Synchronous ICC

The following table provides an overview of the commands of the server module. For the coding the descriptions for the CT application commands applies.

Command Coding

CLA INS P1 P2 Lc Parameters Le

Erase Binary '00' '0E' offset var. var. -

Verify '00' '20' '00' '00' var. PIN -

Select File '00' 'A4' '00' '00' 2 File ID -

Read Binary '00' 'B0' offset - - var.

Write Binary '00' 'D0' offset var. data -

Table 70: Overview of the Commands for Synchronous ICCs

Seite 72


10.28 File Types

In order to be able to address additional properties of synchronous ICCs, various file types have been implemented. These are selected with the ‘Select File’-command. At present, the following files types are supported:

File Type File ID Significance

Data File '3F01' The data of the synchronous ICC are treated as a sequence of bytes, the file is implicitly selected during the activation of the server module.

Attribute File

'3F81' The data of the synchronous ICC are treated as a sequence of bytes. Each data byte is followed by an attribute byte. Bit 1 (the bit with the lowest value) of the attribute byte, indicates whether the byte is read-only protected, The significance of the remaining bytes of the attribute bytes remains undefined at present.

Password File

'3F82' The password of the ICC is treated a sequence of bytes. A password file does not exist for all synchronous ICCs.

Table 71: File Types for Operations Involving ICCs

10.29 Handling the Public Health Insurance Card

If the CT configuration file indicates that a read-only module exists, the smart card terminal verifies in the case of synchronous cards whether the inserted card matches the specification of the public German health insurance card. In this case, any writing access to the card is prevented.

Seite 73


11 Transparent Mode The transparent mode allows for data transmission to asynchronous cards outside of protocol regulations. The transparent mode is supported only if indicated accordingly in the ICC configuration file of the respective interface. You switch to the transparent mode by using the ‘Set Mode’-command. Doing so will not be possible if the interface to the smart card has already been activated. If the transparent mode is switched on, the ICC status file will say so. The user may use the ‘Set Interface Parameters’-command to change the following parameters in the transparent mode:

Parameter Significance Unit Default Value

Elementary Time Unit (etu)

Length of a bit Machine cycle 70

Character Guard Time (CGT)

Waiting period when switching from receive to send.

etu 12

Block Waiting Time (BWT)

Waiting period for the first sign of a given block

Machine cycle 4608000

Character Waiting Time (CWT)

Waiting period for the first sign of a given block.

Machine cycle 921600

Conventions direct / inverse conventions in compliance with ISO 1177

direct / inverse direct

Error handling Error remediation in compliance with ISO 7816-3

on / off off

Active low reset Before waiting for ATR, the RST signal is set to HIGH

on / off on

Table 72: Parameters in the Transparent Mode

Once you have switched to the transparent mode, the defined default values will be set. The possible range of parameter values is limited, depending on the implementation. The number of machine cycles for a given time span can be calculated with the help of the following formula. Number of machine cycles = time in ms x 9216 In the transparent mode, the data are sent to the ICC in unchanged form. The waiting time for the first character is defined in machine cycles by the BWT, the waiting time for the next consecutive character by the CWT. Data received by the ICC are saved in the card reader for the time being. Once the waiting period has expired, the card reader will terminate the reception phase. Afterwards, the length of the received data and the data itself are transmitted to the HOST. Use the ‘Set Mode’-command to terminate the transparent mode. If the protocol was set to an asynchronous protocol prior to switching back, you can continue to work with the former protocol afterwards. In the case of block-oriented protocols T=1 and T=14, the card reader will re-synchronize the internal protocol counters.

Seite 74

Date post:	03-Feb-2022
Category:	Documents
Upload:	others
View:	8 times
Download:	0 times

KOBIL Smart Card Terminal Manual

Documents