eecs 598-2:smartcards
lecture 6

peter honeyman
citi

iso 7816-4
  o  file system api
  o  security api

file system api
  o  hierarchical file system
  o  file types: MF, DF, and EF
  o  MF: master file (root), 3F00
  o  DF: dedicated file (directory)
  o  EF: elementary (regular) file

file names
  o  16 bit, relative
  o  DF name
  o  path
  o  short ID

elementary file
  o  transparent 
     o  bytestream
     o  addressed by (offset, length)

linear file
  o  linear fixed
     o  fixed-length records
     o  cursor-based addressing: first, last, next, current, previous
  o  linear variable
     o  variable-length records
     o  cursor-based addressing: first, last, next, current, previous

cyclic file
  o  linear + circular
  o  midlife kicker for eeprom storage

select file
  o  combination of chdir, open, and stat
  o  APDU header
     o  CLA INS P1 P2: C0 A4 00 00
  o  body
     o  P3: 02
     o  two-byte FID
  o  response
     o  first byte: 61
     o  second byte: length of response data

file i/o
  o  read, write, update, erase binary
     o  TF only
     o  write is akin to set (or clear) bits
     o  update is actual write (erase, write)
  o  read, write, append, update record
  o  get, put data

security api
  o  verify
     o  check password
     o  cleartext

internal authenticate
  o  according to scdk: decrypt (encrypted) nonce
  o  according to rankl & effing: encrypt nonce
     o  iso 7816-4 is opaque
  o  reader-side verifies

external authenticate
  o  preceded by get challenge
  o  decrypt challenge, verify on card

miscellany
  o  envelope
     o  used to tunnel an apdu through secure messaging
  o  get response
     o  used with T=0
     o  T=1 has native method