092-094.html

Smart Card Developer s Kit, a smart card manual for development, English

<!-- Edit EirGrabber 3.01 -->
<HTML>
<HEAD>


<TITLE>Smart Card Developer's Kit:The Schlumberger Multiflex Smart Card</TITLE>





<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="089-092.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="094-096.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<P>Since we don&#146;t have to know any key to read the contents of this file, use a <TT>Read Binary</TT> command to take a look at the 8 bytes in this file. The <TT>Read Binary</TT> command reads bytes from transparent files. The bytes we&#146;ll send to the card are</P>
<P>C0<SUB>16</SUB> B0<SUB>16</SUB> 00<SUB>16</SUB> 00<SUB>16</SUB> 08<SUB>16</SUB></P>
<P>C0<SUB>16</SUB> is the class code and B0<SUB>16</SUB> is the instruction code for the <TT>Read Binary</TT> command. The next two bytes say at what offset from the first byte in the file the read should start and the last byte says how may bytes should be read. Since we want to see all the bytes in the file we&#146;ll read 8 bytes starting at an offset of 0.</P>
<P>The 8 bytes we get back are</P>
<P>00<SUB>16</SUB> 00<SUB>16</SUB> 0E<SUB>16</SUB> 67<SUB>16</SUB> 01<SUB>16</SUB> 00<SUB>16</SUB> 00<SUB>16</SUB> 02<SUB>16</SUB></P>
<P>The first 4 bytes are the serial number of the card (00<SUB>16</SUB> 00<SUB>16</SUB> 0E<SUB>16</SUB> 67<SUB>16</SUB>) and the second 4 bytes are a manufacturer&#146;s code. Taken together, these 8 bytes are guaranteed to be a unique serial number for the smart card.</P>
<P>If we select the transport key file, 0011:</P>
<P>C0<SUB>16</SUB> A4<SUB>16</SUB> 00<SUB>16</SUB> 00<SUB>16</SUB> 02<SUB>16</SUB> 00<SUB>16</SUB> 11<SUB>16</SUB></P>
<P>and get back the status code:</P>
<P>61<SUB>16</SUB> 0F<SUB>16</SUB></P>
<P>and use the <TT>Get Response</TT> command to get the 15 bytes of information about it:</P>
<P>00<SUB>16</SUB> C0<SUB>16</SUB> 00<SUB>16</SUB> 00<SUB>16</SUB> 0F<SUB>16</SUB></P>
<P>we get this:</P>
<P>00<SUB>16</SUB> 00<SUB>16</SUB> 00<SUB>16</SUB> 26<SUB>16</SUB> 00<SUB>16</SUB> 11<SUB>16</SUB> 01<SUB>16</SUB> 00<SUB>16</SUB> F4<SUB>16</SUB> 40<SUB>16</SUB> F4<SUB>16</SUB> 01<SUB>16</SUB> 01<SUB>16</SUB> 00<SUB>16</SUB> 00<SUB>16</SUB></P>
<P>The interpretation of these bytes is given in Table 5.9.</P>
<TABLE WIDTH="100%"><CAPTION ALIGN=LEFT><B>Table 5.9.</B> File control information for the external authentication key file (0011<SUB>16</SUB>).
<TR>
<TH WIDTH="15%" ALIGN="LEFT">Byte
<TH WIDTH="35%" ALIGN="LEFT">Description
<TH WIDTH="15%" ALIGN="LEFT">Value
<TH WIDTH="35%" ALIGN="LEFT">Interpretation of Value
<TR>
<TH COLSPAN="4"><HR>
<TR>
<TD>1-2
<TD>Unused
<TD>00<SUB>16</SUB> 00<SUB>16</SUB>
<TD>Unused.
<TR>
<TD>3-4
<TD>Free bytes in selected file
<TD>00<SUB>16</SUB> 26<SUB>16</SUB>
<TD>There are 38 bytes in this file.
<TR>
<TD VALIGN="TOP">5-6
<TD VALIGN="TOP">Fileld of selected file
<TD VALIGN="TOP">00<SUB>16</SUB> 11<SUB>16</SUB>
<TD>The selected file has fileId 0011<SUB>16</SUB>.
<TR>
<TD VALIGN="TOP">7
<TD VALIGN="TOP">Type of selected file
<TD VALIGN="TOP">01<SUB>16</SUB>
<TD>The selected file is a transparent file.
<TR>
<TD VALIGN="TOP">8 High
<TD>Restriction of <TT>Update</TT>, <TT>Increase</TT>, and <TT>Decrease</TT> commands
<TD VALIGN="TOP">0<SUB>16</SUB>
<TD VALIGN="TOP">Only the <TT>Update</TT> command can be used.
<TR>
<TD>8 Low
<TD>Unused
<TD>0<SUB>16</SUB>
<TD>Unused.
<TR>
<TD VALIGN="TOP">9 High
<TD>Access condition for <TT>Read</TT> and <TT>Seek</TT> commands
<TD VALIGN="TOP">F<SUB>16</SUB>
<TD>Nobody can use the <TT>Read</TT> and <TT>Seek</TT> commands on this file.
<TR>
<TD VALIGN="TOP">9 Low
<TD VALIGN="TOP">Access condition for <TT>Update</TT>, <TT>Decrease</TT>, and <TT>Decrease Stamped</TT> commands
<TD VALIGN="TOP">4<SUB>16</SUB>
<TD>You must know a cryptographic key to update this file. You can&#146;t use <TT>Decrease</TT> or <TT>Decrease Stamped</TT> because of byte 8.
<TR>
<TD VALIGN="TOP">10 High
<TD VALIGN="TOP">Access condition for <TT>Increase</TT> and <TT>Increase Stamped</TT> commands
<TD VALIGN="TOP">4<SUB>16</SUB>
<TD>You&#146;d have to know a cryptographic key to use these commands but you can&#146;t due to byte 8.
<TR>
<TD VALIGN="TOP">10 Low
<TD>Access condition for the <TT>Create Record</TT> command
<TD VALIGN="TOP">0<SUB>16</SUB>
<TD>Anybody can use this command on this file.
<TR>
<TD VALIGN="TOP">11 High
<TD>Access condition for <TT>Rehabilitate</TT> command
<TD VALIGN="TOP">F<SUB>16</SUB>
<TD><TT>Rehabilitate</TT> can never be used on this file.
<TR>
<TD VALIGN="TOP">11 Low
<TD VALIGN="TOP">Access condition for <TT>Invalidate</TT> command
<TD VALIGN="TOP">4<SUB>16</SUB>
<TD VALIGN="TOP">You have to know a cryptographic key to invalidate this file.
<TR>
<TD>12
<TD>Status of the selected file
<TD>01<SUB>16</SUB>
<TD VALIGN="TOP">The file is currently unblocked.
<TR>
<TD VALIGN="TOP">13
<TD>Number of bytes in following data
<TD VALIGN="TOP">01<SUB>16</SUB>
<TD VALIGN="TOP">One byte of data follows.
<TR>
<TD>14
<TD>Unused
<TD>00<SUB>16</SUB>
<TD>Unused.
<TR>
<TD VALIGN="TOP">15
<TD>Length of record in fixed-length record files
<TD VALIGN="TOP">00<SUB>16</SUB>
<TD>
<TR>
<TD COLSPAN="4"><HR>
</TABLE>
<P>If you ignore the access conditions on this file and try to read the contents without successfully presenting the <TT>Authenticate</TT> key to the card, the status return from the card will be</P>
<P>69<SUB>16</SUB> 82<SUB>16</SUB></P>
<P>which means the access condition is not fulfilled for the requested operation. You need to know the key in the transport key file in order to perform useful operations on the card (such as creating new files), but since you can&#146;t read the file, it seems like you are stuck.</P>
<P>As described above, the reason the key in this file is called the <I>transport key</I> is that it is the key that locks the card during transport from the card manufacturer to you. This prevents somebody from breaking into the box containing the cards and possibly, unknown to you, putting something nasty on the cards. The transport key is typically given to you &#147;out of band,&#148; that is by post, fax, telephone, bonded courier, or some way other than how the cards are shipped.</P>
<P>When you receive the cards from the card manufacturer, you will present the transport key to each card and then build the files that describe your application on the card. This process of building a particular application on a generic card is called card <I>personalization</I>. The personalization process might also include writing specific data into the files you create on the card, such as the account number with which the card is associated. The personalization process will most likely overwrite the transport key or delete the transport key file altogether.</P>
<P>Since the card included with this book is for learning and experimentation, we aren&#146;t going to require you to get in touch with the authors to get the transport key for your card. We&#146;re just going to tell it to you here. Just in case you missed it previously, here it is again:</P>
<P>47<SUB>16</SUB> 46<SUB>16</SUB> 58<SUB>16</SUB> 49<SUB>16</SUB> 32<SUB>16</SUB> 56<SUB>16</SUB> 78<SUB>16</SUB> 40<SUB>16</SUB></P><P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="089-092.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="094-096.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>





</BODY>
</HTML>