Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Get Data APDU command different tags and response format

As you may know, Gloabal Platform Card Specification defines a command named Get Data to retrieve some information from the smart card.

GlobalPlatformPro is one of the popular tools for communication with smart cards. When I list the installed applets on the card using this tool, I have the following output:

D:\3-TestTools\SmartCard>GP -list -d -v -i
//Useless Info Censored
ATR: 3B6800000073C84012009000
//Select APDU Command
A>> T=0 (4+0000) 00A40400 00
A<< (0018+2) (48ms) 6F108408A000000003000000A5049F6501FF 9000

***** Card info:
A>> T=0 (4+0000) 80CA9F7F 00
A<< (0045+2) (65ms) 9F7F2A4250010C425102902610116000099A5A0AF9425211694253117E00000000000000000000000000000000 9000
Card CPLC:
ICFabricator: 4250
ICType: 010C
OperatingSystemID: 4251
OperatingSystemReleaseDate: 0290
OperatingSystemReleaseLevel: 2610
ICFabricationDate: 1160
ICSerialNumber: 00099A5A
ICBatchIdentifier: 0AF9
ICModuleFabricator: 4252
ICModulePackagingDate: 1169
ICCManufacturer: 4253
ICEmbeddingDate: 117E
ICPrePersonalizer: 0000
ICPrePersonalizationEquipmentDate: 0000
ICPrePersonalizationEquipmentID: 00000000
ICPersonalizer: 0000
ICPersonalizationDate: 0000
ICPersonalizationEquipmentID: 00000000

***** CARD DATA
A>> T=0 (4+0000) 80CA0066 00
A<< (0078+2) (95ms) 664C734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A864886FC6B040215650B0609
2B8510864864020103660C060A2B060104012A026E0102 9000
GlobalPlatform card
Version: 2.1.1
TAG3: 1.2.840.114283.3
SCP version: SCP_02_15
TAG5: 1.3.656.840.100.2.1.3
TAG6: 1.3.6.1.4.1.42.2.110.1.2

***** KEY INFO
A>> T=0 (4+0000) 80CA00E0 00
A<< (0020+2) (47ms) E012C00401018010C00402018010C00403018010 9000
VER:1 ID:1 TYPE:DES3 LEN:16
VER:1 ID:2 TYPE:DES3 LEN:16
VER:1 ID:3 TYPE:DES3 LEN:16

//Useless Info Censored

As you see above, the tool extracted Card Info, Card Data and Key Info from the card using following APDU commands:

  • Card Info : 80 CA 9F 7F
  • Card Data : 80 CA 00 66
  • Key Info : 80 CA 00 E0

Questions:

  1. Tags E0 and 66 are mentioned in Global Platform Card Specification, but the tag 9F 7F don't! Where is it specification?

  2. As it is mentioned in the Global Platform Specification, the format of Card Data (Tag 66) is defined in ISO/IEC 7816 Part 6. But in this document there is only a table as below:

enter image description here

As you see above, the contents of this table is really different from the output that I can see in GPP tool output. How I can interpret the outputs (Get Data APDU command responses)?

like image 856
EbraHim Avatar asked Jun 05 '16 08:06

EbraHim


People also ask

What are APDU commands?

A command APDU is sent by the reader to the card – it contains a mandatory 4-byte header (CLA, INS, P1, P2) and from 0 to 65 535 bytes of data. A response APDU is sent by the card to the reader – it contains from 0 to 65 536 bytes of data, and 2 mandatory status bytes (SW1, SW2).

What is CLA in APDU?

Command APDUThe CLA byte defines an application-specific class of instructions. According to the ISO7816 standard, byte values between 0xB0 and CF can be used. The INS byte defines a specific instruction within the class of instructions defined by the CLA byte.

What is APDU in EMV?

APDU - Application Protocol Data Unit.

What is the meaning of APDU?

In the context of smart cards, an APDU is the communication unit between a smart card reader and a smart card. The structure of the APDU is defined by [ISO 7816-4]. Source(s): NIST SP 800-157 under Application Protocol Data Unit.


1 Answers

(In context of Global Platform 2.2.1 and ISO/IEC 7816-6:2004)

  • Tag 'E0' (Key Information Template):

    • Defined in Global Platform (see section 11.3.3.1 and tables 11-27 and 11-28).
  • Tag '66' (Card data):

    • Defined in ISO 7816-6 -- it may contain tag '73' called "Discretionary Data Objects" described as "Concatenation of data objects not defined in ISO/IEC 7816" (see Table 6).

    • Global Platform defines the contents of tag '73' within tag '66' (Card data) as "Card Recognition Data" (see section 7.4.1.3, appendix H.2 and Table H-1). This definition is in line with ISO 7816.

  • Tag '9F7F' (CPLC / Card Production Life Cycle Data):

    • Defined in "Visa Integrated Circuit Card / Card Specification" which is not public (but might be found using google). The Open Platform 2.0.1 (predecessor of GP) defines that CPLC should be retrievable with the GET DATA command -- but it does not tell the particular tag.

Hope this makes some sense...good luck!

like image 55
vlp Avatar answered Sep 17 '22 15:09

vlp