Tech-invite3GPPspaceIETF RFCsSIP
Quick21222324252627282931323334353637384‑5x

Content for  ETSI TS 102 221   PDF version:  17.1.0

Top   Top   Up   Prev   Next
0…   4…   5…   6…   7…   7.3…   8…   9…   10…   10.2…   11…   11.1.2…   11.1.9…   11.1.14…   11.1.19…   11.1.20…   11.1.21…   11.2…   11.3…   12…   13…   14…   15   A   B   C…   D   E…   F…   G…   H…   I   J…   K…   L…   M…

 

11.1.14  DEACTIVATE FILEp. 108

11.1.14.1  Functional descriptionp. 108

This function initiates a reversible deactivation of an EF. After a DEACTIVATE FILE function the respective flag in the file LCSI_DO shall be changed accordingly. This function shall only be performed if the DEACTIVATE FILE access condition for the EF is satisfied.
In case of successful execution of the command, the EF on which the command was applied becomes the current EF.
After an unsuccessful execution, the current EF and current DF shall remain the same as prior to the execution.
The availability of a deactivated file depends on the "Special File Information (File Status Byte)" byte in the CREATE FILE command (see Table 5 of ETSI TS 102 222 [32]) which was used to create the file:
  • if the "Special File Information (File Status Byte)" was not present in the CREATE FILE command or if it was present with b7 set to 0, a deactivated file shall no longer be available within the selected application for any function except for the SELECT and the ACTIVATE FILE functions;
  • if the "Special File Information (File Status Byte)" was present in the CREATE FILE command with b7 set to 1, the file is readable and updatable when deactivated.
Input:
  • File ID, path or empty.
Output:
  • None.
Up

11.1.14.2  Command parametersp. 109

Code Value
CLAAs specified in clause 10.1.1
INSAs specified in clause 10.1.2
P1 selection control, see Table 11.17
P200
LcLength of subsequent data field or empty
DataFile ID or path to file, according to P1
LeNot present
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
00000000Select EF by file id
00001000Select by path from MF
00001001Select by path from current DF
NOTE:
All other values are RFU.
If P1 = P2 = '00' and the data field is empty, then the command applies on the current EF.
Up

11.1.15  ACTIVATE FILEp. 109

11.1.15.1  Functional descriptionp. 109

This function reactivates a deactivated EF. After an ACTIVATE FILE function the respective flag in the file LCSI_DO shall be changed accordingly. This function shall only be performed if the ACTIVATE FILE access condition for the EF is satisfied.
In case of successful execution of the command, the EF on which the command was applied becomes the current EF.
After an unsuccessful execution, the current EF and current DF shall remain the same as prior the execution.
Input:
  • File ID, path or empty.
Output:
  • None.
Up

11.1.15.2  Command parametersp. 109

Code Value
CLAAs specified in clause 10.1.1
INSAs specified in clause 10.1.2
P1As specified for the DEACTIVATE command (see clause 11.1.14.2)
P200
LcLength of subsequent data field or empty
DataFile ID or path to file, according to P1
LeNot present
If P1 = P2 = '00' and the data field is empty, then the command applies on the current EF.
Up

11.1.16  AUTHENTICATEp. 110

11.1.16.1  Functional descriptionp. 110

An appropriate application shall be selected in the UICC before issuing this command. The function initiates the computation of authentication data by the UICC using a challenge sent from the terminal and a secret stored in the UICC. This command can be used with an EVEN or an ODD instruction (INS) code.
The EVEN instruction code can be used when the challenge data provided by the terminal is not TLV encapsulated data and the length of the challenge data provided by the terminal is less than 256 bytes.
The support of the ODD instruction code is application specific. It is used when challenge and response data is TLV encapsulated regardless of their length. Terminals and UICCs that do not support applications requiring TLV format do not have to support AUTHENTICATE command with ODD instruction code.
EVEN INS code
Input:
  • Challenge data.
Output:
  • Authentication and ciphering data.
ODD INS code
The authentication data and the authentication response data are encapsulated in BER-TLV objects structured as defined in clause 11.3 using tag '73' for BER-TLV structured data and tag '53' otherwise.
This command can chain successive blocks of authentication data, with a maximum size of 255 bytes each, required for one authentication operation using P1 to indicate the first/next block. The terminal performs the segmentation of the data, and the UICC the concatenation of the data. The first AUTHENTICATE APDU is sent with P1 indicating "First block of authentication data". Following AUTHENTICATE APDUs are sent with P1 indicating "Next block of authentication data". As long as the UICC has not received all segments of the authentication data it shall answer with SW1 SW2 '63 F1'. When all segments of the authentication data are received, the UICC answer with SW1 SW2 '62 F3'.
The authentication response data is retrieved from the UICC using one or more separate AUTHENTICATE APDUs with the same chaining mechanism as for the authentication data. The UICC performs the segmentation of the data, and the terminal the concatenation of the response data. The first AUTHENTICATE APDU is sent with P1 indicating "First block of authentication response data". When the UICC receives this first AUTHENTICATE APDU with P1 indicating "First block of authentication response data", it shall perform the command and calculate the authentication response. Following AUTHENTICATE APDUs are sent with P1 indicating "Next block of authentication response data". As long as the UICC has not sent all segments of the authentication response data it shall answer with SW1 SW2 '62 F1'. When all segments of the authentication response data are sent, the UICC shall answer with SW1 SW2 '90 00'.
The terminal may issue an AUTHENTICATE APDU indicating "retransmit previous block of authentication data" or "retransmit previous block of authentication response data". Except for P1 the terminal shall use the same parameters as in the previous command.
substantial part of the segmented object was already transmitted.
If P1 indicates "First block of authentication data" or "Next block of authentication data":
Input:
  • Authentication data encapsulated in a BER-TLV data object.
Output:
  • None.
If P1 indicates "First block of authentication response data" or "Next block of authentication response data":
Input:
  • None.
Output:
  • Authentication response data encapsulated in a BER-TLV data object.
Up

11.1.16.2  Command parameters and datap. 111

EVEN INS code:
Code Value
CLAAs specified in clause 10.1.1
INSAs specified in clause 10.1.2
P1'00'
P2 See Table 11.18
LcLength of the subsequent data field
DataAuthentication related data
LeLength of the response data
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
00000000No information given
0-------Global reference data (e.g. MF specific KEY)
1-------Specific reference data (e.g. DF specific/application dependent KEY)
-XX-----'00' (other values are RFU)
---XXXXXReference data number
The five least significant bits of parameter P2 specify the PIN key reference number (see clause 9.5.1 for permissible values).
Command data:
Byte(s) Description Length
1 to LcAuthentication related data (see note)Lc
NOTE:
The command data shall be specified by each application specific document.
Response data (generic):
Byte(s) Description Length
1 to LeAuthentication related data (see note)Le
NOTE:
The response data shall be specified by each application specific document.
ODD INS code:
P1 indicates "First block of authentication data" or "Next block of authentication data":
Code Value
CLAAs specified in clause 10.1.1
INSAs specified in clause 10.1.2
P1 See Table 11.18a
P2 See Table 11.18
LcLength of the subsequent data field
DataAuthentication related data
LeNot present
P1 indicates "First block of authentication response data" or "Next block of authentication response data":
Code Value
CLAAs specified in clause 10.1.1
INSAs specified in clause 10.1.2
P1 See Table 11.18a
P2 See Table 11.18
LcNot present
DataNot present
LeLength of the response data
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
00000Parameter P1 = 'XXX0 0000' indicates that no information on the algorithm is given. The algorithm is implicitly known in the context of the selected application
XXXXXReserved for information on the algorithm to be used by the authenticate command
100-----First block of authentication data
000-----Next block of authentication data
010-----Retransmit previous block of authentication data
101-----First block of authentication response data
001-----Next block of authentication response data
011-----Retransmit previous block of authentication response data
Command data:
Byte(s) Description Length
1 to LcTLV encapsulated authentication related data, possibly segmented (see note)Lc
NOTE:
The command data shall be specified by each application specific document.
Response data (generic):
Byte(s) Description Length
1 to LeTLV encapsulated authentication response related data, possibly segmented (see note)Le
NOTE:
The response data shall be specified by each application specific document.
Up

11.1.17  MANAGE CHANNELp. 113

11.1.17.1  Functional descriptionp. 113

This command opens and closes logical channels. The open function opens a new logical channel other than the basic channel '0'. The UICC shall support channel number assignment by the UICC. If the TERMINAL CAPABILITY command with the tag '81' (Extended logical channels terminal support) is not sent by the terminal then the UICC shall not open more than 3 logical channels in addition to the basic channel. The UICC shall first assign channel numbers in the range 1 to 3 before assigning the extended logical channels number (i.e. from 4 to 19). The close function explicitly closes a logical channel. When a channel has been successfully closed, the channel can be reassigned. The basic logical channel '0' is always available and cannot be closed.
Input:
  • None.
Output:
  • None; or
  • the channel number of the logical channel assigned by the UICC.
Up

11.1.17.2  Command parameters and datap. 113

Code Value
CLAAs specified in clause 10.1.1
INSAs specified in clause 10.1.2
P1 Logical channel operation code, see Table 11.19
P2 See Table 11.20
LcNot present
DataNot present
LeNot present or length of expected data
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
00000000Open logical channel
10000000Close logical channel
NOTE:
All other values are RFU.
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
00000000If P1='00': Logical channel to be internally assigned by the UICC
If P1≠'00': reserved
00000001Logical channel number 1
00000010Logical channel number 2
00000011Logical channel number 3
000-----...
00010011Logical channel number 19
NOTE 1:
All other values are RFU.
NOTE 2:
Values '01', '02', '03', … '13' are valid only with P1='80'.
Response data:
Byte(s) Description Length
1Logical channel number1
Response data shall only be returned if the value of the parameters P1-P2 of the command is '0000'.
Up

11.1.18  GET CHALLENGEp. 114

11.1.18.1  Functional descriptionp. 114

This function is used to create a random number. The generated random number is associated with the logical channel specified in the GET CHALLENGE command CLA. The maximum length of the random number returned by the UICC is specified by the Le parameter in the command parameters data.
The quality of the random number generated by this command is determined by the application and is outside the scope of the present document.
The generated random number may be used internally by the UICC in procedures specified by the application. The validity of the random number is at least for the next command, on the same logical channel, following the GET CHALLENGE command if not specified differently by the application. The random number referenced is always the latest generated on the logical channel specified in the CLA by the command referencing the usage of a generated random number.
Input:
  • None.
Output:
  • Random number.
Up

11.1.18.2  Command parameters and datap. 114

Code Value
CLAAs specified in clause 10.1.1
INSAs specified in clause 10.1.2
P1'00'
P2'00'
LcNot present
DataNot present
LeMaximum length of response data
Response data:
Byte(s) Description Length
1 to LrRandom numberLr
Up

Up   Top   ToC