# scard2

1937人阅读 评论(4)

10月20日

#### ISO 7816(1-3) Smart Card Standard(二)

ISO7816 3.2.c - Deactivation of the contacts

When informations exchange is terminated or aborted (unresponsive card or detection of card removal), the electrical contacts shall be desactivated.

The deactivation by the interface device shall consist of the consecutive operations:

- State L on RST;
- State L on CLK;
- Vpp inactive;
- State A on I/O;
- VCC inactive;

## ISO7816 3.3 Answer to Reset

Two types of transmissions are considered:

* Asynchronous transmission:
In this type of transmission, characters are transmitted on the I/O line in an asynchronous half duplex mode. Each character includes an 8bit byte.

* Synchronous transmission:
In this type of transmission, a series of bits is transmitted on the I/O line in half duplex mode in synchronisation with the clock signal on CLK.

### ISO7816 3.1.a - Answer to Reset in asynchronous transmission

* Bit duration
""""""""""""
The nominal bit duration used on I/O is defined as one Elementary Time Unit (etu).

For cards having internal clock, the initial etu is 1/9600 s.

For cards using the external clock, there is a linear relationship between the Elementary Time Unit used on I/O and the period provided by the interface device on CLK.

The initial etu is 372/fi s where fi is in Hertz.

The initial frequency fi is provided by the interface device on CLK during the Answer to Reset.

In order to read the initial character (TS), all cards shall initially be operated with fi in the range of 1 MHz to 5 MHz.

* Character frame during answer to reset
""""""""""""""""""""""""""""""""""""""
Prior to the transmission of a character, I/O shall be in state Z.

A character consists of ten consecutive bits:

- a start bit in state A;
- eight bits of information, designated ba to bh and conveying a data byte;
- a tenth bit bi used for even parity checking.

A data byte consists of 8 bits designated b1 to b8, from the least significant bit (lsb, b1) to the most significant bit (msb, b8).

Conventions (level coding, connecting levels Z/A to digits 1 or 0: and a bit significance, connecting ba...bh to b1...b8) are specified in the initial character, call TS, which is transmitted by the card in response to reset.

Parity is correct when the number of ONES is even in the sequence from ba to bi.

Whithin a character, the time from the leading edge of the start bit to the trailing edge of the nth bit shall equal (n+/-0.2) etu.

When searching for a start, the receiver samples I/O periodically. The time origin being the mean between last observation of level Z and first observation of level A, the start shall be verified before 0.7 etu, and then ba is received at (1.5 +/-0.2) etu. Parity is checked on the fly.

NOTE : When searching for a start, the sampling time shall be less than 0.2 etu so that all the test zones are distinct from the transition zones.

The delay between two consecutives characters (between start leading edges) is at least 12 etu, including a character duration (10+/-0.2) etu plus a guardtime, the interface device and the card reamain both in reception, so that I/O is in state Z.

            Start                          Parity             Next
bit <----- 8 data bits -----> bit              Start bit
Z   ____     ________________________________......______     __
|   |  |  |  |  |  |  |  |  |  |                 |   |
I/O     |   |ba|bb|bc|bd|be|bf|bg|bh|bi|     Guardtime   |   |
|___|__|__|__|__|__|__|__|__|__|                 |___|_
A       :   :                    :     :
0   t1                   :    t10
:                        :
:<---- (n+/-0.2) etu --->:

Figure 3: Character frame



During the Answer to Reset, the delay between the start leading edges of two consecutives characters from the card shall not exeed 9600 etu. This maximum is named initial waiting time.

* Error detection and character repetition
""""""""""""""""""""""""""""""""""""""""
During the answer to reset, the following characters repetition procedure depends on the protocol type. This procedure is mandatory for cards using the protocol type T=0; it is optional for the interface device and for the other cards.

The transmitter tests I/O (11+/-0.2) etu after the start leading edge:
- If I/O is in state Z, the correct reception is assumed.
- If I/O is in state A, the transmission is assumed to have been incorrect. The disputed character shall be repeated after a delay of at least 2 etu after detection of the error signal.

When parity is incorrect, from (10.5+/-0.2) etu, the receiver transmits an error signal at state A for 1 etu minimum and 2 etu maximum. The receiver then shall expect a repetition of the disputed character (see figure 8).

If no character repetition is provided by the card, - The card ignores and shall not suffer damage from the error signal coming from the interface device.
- The interface device shall be able to initiate the reception and the whole Answer to Reset response sequence.

* Structures and content
""""""""""""""""""""""
A reset operation results in the answer from the card consisting of the initial character TS followed by at most 32 characters in the following order:

         - T0 ................... Format character     (Mandatory)
- TAi, TBi, TCi, TDi ... Interface characters  (Optional)
- T1, T2, ... ,TK ...... Historical characters (Optional)
- TCK .................. Check character    (Conditional)

Reset
|
|    _________________________________________         _______   _________
|   |   |   |   |   |   |   |   |   |   |   |           |   |     |   |   |
'-->| TS| T0|TA1|TB1|TC1|TD1|TA2|TB2|TC2|TD2| ......... | T1| ... | TK|TCK|
|___|___|___|___|___|___|___|___|___|___|_         _|___|_   _|__ |___|

TS  : Initial character
TO  : Format character
TAi : Interface character [ codes FI,DI ]
TBi : Interface character [ codes II,PI1 ]
TCi : Interface character [ codes N ]
TDi : Interface character [ codes Yi+1, T ]
T1, ... , TK : Historical characters (max,15)
TCK : Check character

Figure 4 : General configuration of the Answer to Reset


The interface characters specify physical parameters of the integrated circuit in the card and logical characteristics of the subsequent exchange protocol.

The historical characters designate general information, for example, the card manufacturer, the chip inserted in the card, the masked ROM in the chip, the state of the life of the card. The specification of the historical characters falls outside the scope of this part of ISO/IEC7816.

For national simplicity, T0, TAi, ... ,TCK will designate the bytes as well as the characters in which they are contained.

Structure of TS, the initial character
--------------------------------------
The initial character TS provides a bit shynchronisation sequence and defines the conventions to code data bytes in all subsequent characters. These conventions refer to ISO1177.

I/O is initially in state Z. A bit synchronisation sequence (Z)AZZA is defined for the start bit and bits ba bb bc (see figure 5).

The last 3 bits bg bh bi shall be AAZ for checking parity.

NOTE : This allows the interface device to determinate the etu initially used by the card. An alternate measurement of etu is a third of the delay between the first two falling edges in TS. Transmission and reception mechanisms in the card shall be consistent with the alternate
definition of etu.

The two possible values of TS (ten consecutive bits from start to bi and corresponding hexadecimal value) are

- Inverse convention : (Z)ZZAAAAAZ
where logic level ONE is A, ba is b8 (msb is first), equal to $3F when decoded by inverse convention. - Direct convention : (Z)ZZAZZZAAZ where logic level ONE is Z, ba is b1 (lsb first), equal to$3B when decoded by direct convention.

                 Start  ba  bb  bc  bd  be  bf  bg  bh  bi
Z   ____     _______     ___________         ______
|   |   |   |   | Z   Z   Z |       |       |   |
(Z)| A | Z   Z | A |     or    |       | Z  (Z)
A       |___|       |___|_A___A___A_|___|___|

Figure 5 : Initial character TS
--------


Structure of the subsequent characters in the Answer to Reset
-------------------------------------------------------------
The initial character TS is followed by a variable number of subsequent characters in the following order: The format character T0 and, optionally the interface characters TAi, TBi, TCi, TDi and the
historical characters T1, T2, ... , TK and conditionally, the check character TCK.

The presence of the interface characters is indicated by a bit map technique explained below.

The presence of the historical characters is indicated by the number of bytes as specified in the format character defined below.

The presence of the check character TCK depends on the protocol type(s) as defined as below.

- Format character T0
-------------------
The T0 character contains two parts:

- The most significant half byte (b5, b6, b7, b8) is named Y1 and indicates with a logic level ONE the presence of subsequent characters TA1, TB1, TC1, TD1 respectively.

- The least significant half byte (b4 to b1) is named K and indicates the number (0 to 15) of historical characters.

         ,----,----,----,----,----,----,----,----,
| b8 | b7 | b6 | b5 | b4 | b3 | b2 | b1 |
'----'----'----'----'----'----'----'----'
:<------- Y1 ------>:<-------- K ------>:

Y1 : indicator for the presence of the interface characters
TA1 is transmitted when b5=1
TB1 is transmitted when b6=1
TC1 is transmitted when b7=1
TD1 is transmitted when b8=1

K : number of hitorical characters

Figure 6 : Informations provided by T0
--------


- Interface characters TAi, TBi, TCi, TDi
---------------------------------------

TAi, TBi, TCi (i=1, 2, 3, ... ) indicate the protocol parameters.
TDi indicates the protocol type T and the presence of subsequent
characters.

Bits b5, b6, b7, b8 of the byte containing Yi (T0 contains Y1; TDi contains Yi+1) state whelther character TAi for b5, character TBi for b6, character TCi for b7, character TDi for b8 are or are not (depending on whether the relevant bit is 1 or 0) transmitted subsequently in this
order after the character containing Yi.

When needed, the interface device shall attribute a default value to information corresponding to a non transmitted interface character.

When TDi is not transmitted, the default value of Yi+1 is null, indicating that no further interface characters TAi+j, TBi+j, TCi+j, TDi+j will be transmitted.

         ,----,----,----,----,----,----,----,----,
| b8 | b7 | b6 | b5 | b4 | b3 | b2 | b1 |
'----'----'----'----'----'----'----'----'
:<------ Yi+1 ----->:<------- T ------->:

Yi+1 : indicator for the presence of the interface characters
TAi+1 is transmitted when b5=1
TBi+1 is transmitted when b6=1
TCi+1 is transmitted when b7=1
TDi+1 is transmitted when b8=1

T : Protocol type for subsequent transmission.

Figure 7 : Informations provided by TDi
--------


- Historical characters T1, T2, ... ,TK
-------------------------------------

When K is not null, the answer to reset is continued by transmitting K historical characters T1, T2, ... , TK.

- Check character TCK
-------------------

The value of TCK shall be such that the exclusive-oring of all bytes from T0 to TCK included is null.

The answer to reset is complete 12 etu after the leading edge of the last character.

Protocol type T
---------------
The four least significant bits of any interface character TDi indicate a protocol type T, specifying rules to be used to process transmission protocols. When TDi is not transmitted, T=0 is used.

T=0 is the asynchronous half duplex character transmission protocol.
T=1 is the asynchronous half duplex block transmission protocol.
T=2 and T=3 are reserved for future full duplex operations.
T=4 is reserved for an enhanced asynchronous half duplex character
transmission protocol.
T=5 to T=13 are reserved for future use.
T=14 is reserved for protocols standardized by ISO.
T=15 is reserved for future extension.

NOTE : If only T=0 is indicated, TCK shall not be sent. In all other cases TCK shall be sent.

Specifications of the global interface bytes
--------------------------------------------
Among the interface bytes possibly transmitted by the card in answering to reset, this subclaus defines only the global interface bytes TA1,TB1, TC1, TD1.

These global interface bytes convey information to determine parameters which the interface device shall take into account.

- Parameters F, D, I, P, N
------------------------

This initial etu is used during answer to reset is replaced by the work etu during subsequent transmission. F is the clock rate conversion factor and D is the bit rate adjustment factor to determine the work etu in subsequent transmissions.

For internal clock cards:

initial etu = 1/9600 s work etu = (1/D)*(1/9600) s

For external clock cards:

initial etu = 372/fi s work etu = (1/D)*(F/fs) s

The minimum value of fs shall be 1MHz.
The maximum value of fs is given by table 6.

I and P define the active state at VPP.
- Maximum programming current : Ipp = 1mA
- Programming voltage : Vpp = P.V

N is an extra guardtime requested by the card. Before receiving the next character, the card requires a delay of at least (12+N) etu from the start leading edge of the previous character. No extra guardtme is used to send characters from the card to the interface device.

The default values of these parameters are:
F = 372 ; D = 1 ; I = 50 ; P = 5 ; N = 0

- Integer values in global interface bytes
----------------------------------------

The global interface bytes, TA1, TB1, TC1, TB2 code integer values FI, DI II, PI1, N, PI2 which are either equal to or used to compute the values of the parameters F, D, I, P, N presented above.

TA1 codes FI over the most significant half byte (b8 to b5) and DI over the least significant half byte (b4 to b1).

TB1 codes II over the bits b7 and b6, and PI1 over the 5 least significant bits b5 to b1. The most significant bit b8 equals to 0.

NOTE : The interface device may ignore the bit b8 of TB1.

TC1 codes N over the eight bits (b8 to b1).

TB2 codes PI2 over the eight bits (b8 to b1).

Table 6: Clock rate conversion factor F
-------

----------------------------------------------------------------------
FI     |     0000      0001  0010  0011  0100  0101  0110  0111
--------------+-------------------------------------------------------
F      | Internal clk   372   558   744  1116  1488  1860  RFU
--------------+-------------------------------------------------------
fs (max) MHz |      -           5     6     8    12    16    20   -
----------------------------------------------------------------------

---------------------------------------------------------------
FI     | 1000  1001  1010  1011  1100  1101  1110  1111
--------------+------------------------------------------------
F      |  RFU   512   768  1024  1536  2048   RFU  RFU
--------------+------------------------------------------------
fs (max) MHz |  -       5   7.5    10    15    20    -    -
---------------------------------------------------------------
RFU : Reserved for Future Use

Table 7: Bit rate afjustment factor D
-------

-------------------------------------------------------
DI | 0000  0001  0010  0011  0100  0101  0110  0111
------+------------------------------------------------
D  |  RFU     1     2     4     8    16   RFU   RFU
-------------------------------------------------------

-------------------------------------------------------
DI | 1000  1001  1010  1011  1100  1101  1110  1111
------+------------------------------------------------
D  |  RFU   RFU   1/2   1/4   1/8  1/16  1/32  1/64
-------------------------------------------------------
RFU : Reserved for Future Use


- Programming voltage factor P
----------------------------

PI1 from 5 to 25 gives the value of P in volts. PI1=0 indicates that VPP is connected in the card which generates an internal programming voltage from VCC. Other values of PI1 are reserved for future use.

When PI2 is present, the indication of PI1 should be ignores. PI2 from 50 to 250 gives the value of P in 0.1V. Other values of PI2 are reserved for future use.

Table 8 : Maximum programming current factor I
-------
-------------------------------
II  |   00    01    10    11
-----+-------------------------
I   |   25    50   100   RFU
-------------------------------


- Extra guardtime N
-----------------

N codes directly the extra guard time, from 0 to 254 etu. N=255 indicates that the minimum delay between the start edges of two consecutives characters is reduced to 11 etu.

#### ISO 7816(1-3) Smart Card Standard(一)

Part1: Physical Charcteristics of Integrated Circuit Cards

This part describes the physical charcteristics of integrated circuit cards. It includes accomodation of exposure limits for a number of electromagnetic phenomena such as X-rays, UV light, elacromagnetic fields, static electrical fields, and ambient temperature of the card.

Furthermore ISO7816-1 defines the characteristics of a card when it is bent or flexed. This is to make sure that plastic cards with embedded chips are manufactured in a way that guarantees flawless operation over the expected life time of a card. Connections beween the surface connectors and the I/O pins of the embedded silicon die must be maintaned and withstand mechanical stress. Bending and flexing procedures are standardised in ISO 7816.

This part of ISO7816 is important for card manufacturers. They are the ones that choose the materials and establish a process that embeds the integrated circuit into the card.

Part 2: Dimensions and Location of the Contacts

ISO 7816 part 2 defines the dimensions and location of the contacts. This part includes standards about number, function and position of the electrical contacts.

The integrated circuit card (ICC) has 8 electrical contacts . They are referred to as C1 through C8. However, not all 8 contacts are electrically connected to the embedded microprocessor chip and therefore unused at the present time.

The following table contains the contact definition according to ISO7816-2

 Contact Designation Use C1 Vcc Power connection through which operating power is supplied to the microprocessor chip in the card C2 RST Reset line through which the IFD can signal to the smart card's microprocessor chip to initiate its reset sequence of instructions C3 CLK Clock signal line t hrough which a clock signal can be provided to the microprocessor chip. This line controls the operation speed and provides a common framework for data communication between the IFD and the ICC C4 RFU Reserved for future use C5 GND Ground line providing common electrical ground between the IFD and the ICC C6 Vpp Programming power connection used to program EEPROM of first generation ICCs. C7 I/O Input/output line that provides a half-duplex communication channel between the reader and the smart card C8 RFU Reserved for future use

Remark:

Some smart cards issued before 1990 were adherent to a different standard for the contact location and therefore can't be used with today's ISO7816-2 compliant smart card readers. These cards were deployed primarily in Europe.

Part 3: Electronic Signals and Transmission Protocols (1)

Most of ISO7816 3 is important for reader manufacturers or developers who want to establish a communication with a smart card on a very low level, the signal level. Going through ISO 7816-3 you will see what's involved in writing your own I/O software. This can be either to communicate from a microcontroller or a PC's serial/parallel/USB/PCMCIA port. Even if you don't go that far, it is quite interesting to read about what you can get out of an Answer to Reset (ATR).

There are many tools out there to read an ATR. Even on this site we put a remote version of a free ATR probing tool that reads and interprets an ATR over the Internet. All you need is a PCSC compliant smart card reader attached to a PC with an Internet connection.

## Electrical Signals Description

I/O : Input or Output for serial data to the integrated circuit inside the card.

VPP : Programing voltage input (optional use by the card).

GND : Ground (reference voltage).

CLK : Clocking or timing signal (optional use by the card).

RST : Either used itself (reset signal supplied from the interface device) or in combination with an interal reset control circuit (optional use by the card). If internal reset is implemented, the voltage
supply on Vcc is mandatory.

VCC : Power supply input (optional use by the card).

NOTE - The use of th two remaining contacts will be defined in the appropriate application standards.

## ISO7816 3.1 Voltage and current values

Abbreviations:

Vih : High level input voltage
Vil : Low level input voltage
Vcc : Power supply voltage at VCC
Vpp : Programming voltage at VPP
Voh : High level output voltage
Vol : Low level output voltage
tr : Rise time between 10% and 90% of signal amplitude
tf : Fall time between 90% and 10% of signal amplitude
Iih : High level input current
Iil : Low level input current
Icc : Supply current at VCC
Ipp : Programming current at VPP
Ioh : High level output current
Iol : Low level output current
Cin : Input capacitance
Cout: Output capacitance

* I/O

This contact is used as input (reception mode) or output (transmission mode) for data exchange. Two possible states exist for I/O:

- mark or high state (State Z), if the card and the interface device are in reception mode or if the state is imposed by the transmitter.

- space or low state (State A), if this state is imposed by the
transmitter.

When the two ends of the line are in reception mode, the line shall be maintained in state Z. When the two ends are in non-matced transmit mode, the logic state of the line may be indeterminate. During operations, the interface device and the card shall not both be in transmit mode.

Table 1 - Electrical characteristics of I/O under normal operation conditions.

,--------+--------------------------------+---------+---------+------,
| Symbol |          Conditions            | Minimum | Maximum | Unit |
+--------+--------+-----------------------+---------+---------+------+
|        | Either | Iih max = +/- 500uA   |    2    |    VCC  |   V  |
|  Vih   |   (1)  +-----------------------+---------+---------+------+
|        |   or   | Iih max = +/- 50uA    | 0.7 VCC | VCC (3) |   V  |
+--------+--------+-----------------------+---------+---------+------+
|  Vil   |          Iil max = 1mA         |    0    |    0.8  |   V  |
+--------+--------------------------------+---------+---------+------+
|        | Either | Iol max = +/- 100uA   |   2.4   |    VCC  |   V  |
|  Voh   |        +-----------------------+---------+---------+------+
|    (2) |   or   | Iol max = +/- 20uA    |   3.8   |    VCC  |   V  |
+--------+--------+-----------------------+---------+---------+------+
|  Vol   |          Iol max = 1mA         |    0    |    0.4  |   V  |
+--------+--------------------------------+---------+---------+------+
| tr, tf | Cin = 30pF;   Cout = 30pF      |         |      1  |   us |
+--------+--------------------------------+---------+---------+------+
| (1) For the interface device, take into account both conditions.   |
| (2) It is assumed that a pull up resistor is used in the interface |
|     device (recommended value 20k Ohm.                             |
| (3) The voltage on I/O shall remain between 0.3V and VCC+0.3V.     |
'--------------------------------------------------------------------'


* VPP
This contact may be to supply the voltage required to program or to erase the internal non-volatile memory. Two possible states exists for VPP: Idle state and active state, as defined in table 2. The idle state shall be maintained by the interface device unless the active state is required.

Table 2 : Electrical characteristics of VPP under normal operation conditions.

,--------+--------------------------------+---------+---------+------,
| Symbol |          Conditions            | Minimum | Maximum | Unit |
+--------+--------------------------------+---------+---------+------+
|  Vpp   |         Idle State             | 0.95*Vcc| 1.05*Vcc|   V  |
|  Ipp   |   (programming non active)     |         |   20    |  mA  |
+--------+--------------------------------+---------+---------+------+
|  Vpp   |        Active State            | 0.975*P | 1.025*P |   V  |
|  Ipp   |    (programming the card)      |         |     I   |  mA  |
+--------+--------------------------------+---------+---------+------+
| The card provides the interface with the values of P and I         |
| (default values: P=5 and I=50)                                     |
'--------------------------------------------------------------------'


Rise of fall time : 200 us maximum. The rate of change of Vpp shall not exceed 2V/us.
The maximum power Vpp*Ipp shall not exceed 1.5W when averaged over any period of 1s.

* CLK

The actual frequency, delivered by the interface device on CLK, is designated either by fi the initial frequency during the answer to reset, or by fs the subsequent frequency during subsequent transmission.

Duty cycle for asynchronous operations shall be between 45% and 55% of the period during stable operation. Care shall be taken when switching frequencies (from fi to fs) to ensure that no pulse is shorter than 45% of the shorter period.

Table 3 - Electrical characteristics of CLK under normal operation conditions.

     ,--------+--------------------------------+---------+---------+------,
| Symbol |          Conditions            | Minimum | Maximum | Unit |
+--------+--------+-----------------------+---------+---------+------+
|        | Either | Iih max = +/- 200uA   |   2.4   | VCC (2) |   V  |
|        |   (1)  +-----------------------+---------+---------+------+
|  Vih   |   or   | Iih max = +/- 20uA    | 0.7*VCC | VCC (2) |   V  |
|        |   (1)  +-----------------------+---------+---------+------+
|        |   or   | Iih max = +/- 10uA    | VCC-0.7 | VCC (2) |   V  |
+--------+--------+-----------------------+---------+---------+------+
|  Vil   |          Iil max = +/-200 uA   |   0 (2) |    0.5  |   V  |
+--------+--------------------------------+---------+---------+------+
| tr, tf |          Cin = 30pF            |         |9% of the period|
|        |                                |         |with a max:0.5us|
+--------+--------------------------------+---------+---------+------+
| (1) For the interface device, take into account three conditions.  |
| (2) The voltage on CLK shall remain between 0.3V and Vcc+0.3V.     |
'--------------------------------------------------------------------'


* RST

Table 4 - Electrical characteristics of RST under normal operation conditions.

     ,--------+--------------------------------+---------+---------+------,
| Symbol |          Conditions            | Minimum | Maximum | Unit |
+--------+--------+-----------------------+---------+---------+------+
|        | Either | Iih max = +/- 200uA   |    4    | VCC (2) |   V  |
|  Vih   |   (1)  +-----------------------+---------+---------+------+
|        |   or   | Iih max = +/- 10uA    | VCC-0.7 | VCC (2) |   V  |
+--------+--------+-----------------------+---------+---------+------+
|  Vil   |          Iil max = +/- 200uA   |   0 (2) |    0.6  |   V  |
+--------+--------------------------------+---------+---------+------+
| (1) For the interface device, take into account both conditions.   |
| (2) The voltage on RST shall remain between 0.3V and VCC+0.3V.     |
'--------------------------------------------------------------------'


* VCC

This contact is used to supply the power voltage Vcc.

Table 5 - Electrical characteristics of VCC under normal operation conditions.

              ,--------+---------+---------+-------,
| Symbol | Minimum | Maximum |  Unit |
+--------+---------+---------+-------+
|  Vcc   |   4.75  |   5.25  |   V   |
|  Icc   |         |    200  |  mA   |
'--------+---------+---------+-------'

## ISO7816 3.2 Operating procedure for integrated circuit(s) cards

This operating procedure applies to every integrated circuit(s) card with contacts:

The dialogue between the interface device and the the card shall be conducted through the consecutive operations:

- connection and activation of the contacts by the interface device.
- reset of the card.
- answer to reset by the card.
- subsequent information exchange between the card and the interface device.
- desactivation of the contacts by the interface device.

These operations are specified in the following subclauses.

NOTE :
An active state on VPP should not only be provided and maintained when requested by the card.

### ISO7816 3.2.a - Connection and activation of the contacts

The electrical circuits shall not be activated until the contacts are connected to the interface device so as to avoid possible damage to any card meeting these standards.

The activation of the contacts by the interface device shall consist of the consecutive operations:

- RST is in state L;
- VCC shall be powered;
- I/O in the interface device shall be put in reception mode;
- VPP shall be raised to idle state;
- CLK shallbe provided with a suitable and stable clock.

### ISO7816 3.2.b - Reset of the card

A card reset is initiated by the interface device, whereupon the card shall respond with an Answer to Reset as describe in 2.4.

By the end of the activation of the contacts (RST is in L, VCC powered and stable, I/O in reception mode in the interface device, VPP stable at idle level, CLK provided with a suitable and stable clock), the card answering asynchronously is ready for reset.

The clock signal is applied to CLK at time T0. The I/O line shall be set to state Z within 200 clcok cycles of the clock signal (t2) being applied to CLK (time t2 after T0).

An internally reset card reset after a few cycles of clock signal. The Answer to Reset on I/O shall begin between 400 and 40 000 clock cycles (t1) after the clock signal is applied to CLK (time t1 after T0).

A card with an active low reset is reset by maintaining RST in state L for at least 40 000 clock cycles (t3) after the clock signal is applied on CLK (time t3 after T0). Thus if no Answer to Reset begind within 40 000 clock cycles (t3) with RST in state L, RST is put to state H (at time T1). The
Answer to Reset on I/O shall begin between 400 and 40 000 clock cycles (t1) after the rising edge of the signal on RST (time t1 after T1).

If the Anwser to Reset does not begin within 40 000 clock cycles (t3) with RST in state H (t3 after T1), the signal on RST shall be returned to state L (at time T2) and the contacts shall be desactivated by the interface device.

GND ________________________________________________________________________
__________________________________________________________________
VCC _| :                                                               :|___
:_______________________________________________________________:
VPP __|:                                                               |____
:             t3                            t3                  :
:<--------------------------->:<------------------------------->:
:                             :_________________________________:
RST ___:_____________________________|                                 |____
:                             :                                 :
CLK ___|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||____
:       t1                    :                                 :
:<-------------->:            :                                 :
:      __________:____________:_________________________________:
(IR)   :      :                      :                                 :
:  t2  :                      :      t1                         :
:<---->:                      :<---------->:                    :
:      _______________________:_________________________________:
(AL)   :  t2  :                      :                                 :
:<---->:                      :                                 :
:                             :_________________________________:
I/O __XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:                                 :XXXXX
(SH)   :                             :                                 :
T0                            T1                                T2
IR : Internal Reset                t2 <= 200/fi
AL : Asynchronous Reset            400/fi <= t1 <= 40000/fi
SH : Syncronous Reset              40000/fi <= t3

Figure1 : Reset of the card


With a card answering synchonously, the interface device sets all the lines to state L (See figure 2). VCC is the powered, VPP is set to idle state, CLK and RST remain in L state, I/O is put in reception mode in the interface device, RST shall be maintained in state H for at least 50 us (t12), before returning to state L again.

The clock pulse is applied after an interval (t10) from the rising edge of the reset signal. The duration of the state H of the clock pulse can be any value between 10 us and 50 us ; no more than one clock pulse during reset high is allowed. The time interval between the falling edges on CLK
and RST is t11.

The first data bit is obtained as an answer to reset on I/O while CLK is in state L and is valid after an interval t13 from the falling edge on RST.

      ______________________________________________________________________
VCC__/

_____________________________________________________________________
VPP___/
t12
:<---------------->:
:__________________:
RST_____/:                   /_______________________________________________
:                    :
:  t10           t11 :          t15      t16
:<---->:      :<---->:  t14   :<---->: :<---->:
: ____ :      :<---->: :______: :      : _______
CLK_____________:/  1 /:______:______:/   2    /:______:/   3   /_______
:                 :
: t13             :  t17
:<---->:          :<---->:
_____________________________ :______________   :______________   ___
I/O___///////////////////////////////:_______1______X-X_______2_______X-X___

5us  <= t10                          10us <= t14 <= 100us Clock low after RST
5us  <= t11                          10us <= t15 <= 50us  Clock High
50us <= t12 ........ Reset High      10us <= t16 <= 100us Clock Low
t13  <= 10us  Propagation delay      t17 <= 10us  Propagation delay

Figure2 : Reset of the card when a synchronous answer is expected.


NOTES:

1 - The internal state of the card is assumed not to be defined before reset. Therefore the design of the card has to avoid inproper operation.

2 - In order to continue the dialogue with the card, RST shall be maintained in the state where an answer occurs on I/O.

3 - Reset of a card can be initiated by the interface device at its discetion at any time.

4 - Interface devices may support one or more of these types of reset behaviour. The priority of testing for asynchronous or synchronous cards is not defined in this standard.

#### 智能卡的操作系统——COS

1 COS概述

COS的全称是Chip Operating System(片内操作系统)，它一般是紧紧围绕着它所服务的智能卡的特点而开发的。由于不可避免地受到了智能卡内微处理器芯片的性能及内存容量的影响，因此，COS在很大程度上不同于我们通常所能见到的微机上的操作系统(例如DOS、UNIX等)。首先，COS是一个专用系统而不是通用系统。即：一种COS一般都只能应用于特定的某种(或者是某些)智能卡，不同卡内的COS一般是不相同的。因为coS一般都是根据某种智能卡的特点及其应用范围而特定设计开发的，尽管它们在所实际完成的功能上可能大部分都遵循着同一个国际标准。其次，与那些常见的微机上的操作系统相比较而言，COS在本质上更加接近于监控程序、而不是一个通常所谓的真正意义上的操作系统，这一点至少在目前看来仍是如此。因为在当前阶段，COS所需要解决的主要还是对外部的命令如何进行处理、响应的问题，这其中一般并不涉及到共享、并发的管理及处理，而且就智能卡在目前的应用情况而盲，并发和共享的工作也确实是不需要曲。COS在设计时一般都是紧密结合智能卡内存储器分区的情况，按照国际标准(ISO／IEC7816系列标准)中所规定的一些功能进行设计、开发。但是由于目前智能卡的发展速度很快，而国际标准的制定周期相对比较长一些，因而造成了当前的智能卡国际标准还不太完善的情况，据此，许多厂家又各自都对自己开发的COS作了一些扩充。就目前而言，还没有任何一家公司的CoS产品能形成一种工业标准。因此本章将主要结合现有的(指1994年以前)国际标准，重点讲述CO5的基本原理以及基本功能，在其中适当地列举它们在某些产品中的实现方式作为例子。
COs的主要功能是控制智能卡和外界的信息交换，管理智能卡内的存储器并在卡内部完成各种命令的处理。其中，与外界进行信息交换是coS最基本的要求。在交换过程中，COS所遵循的信息交换协议目前包括两类：异步字符传输的 T＝0协议以及异步分组传输的T=l协议。这两种信息交换协议的具体内容和实现机制在ISO／IEC7816—3和ISO／IEC7816—3A3标准中作了规定；而COS所应完成的管理和控制的基中功能则是在ISO／IEC7816—4标准中作出规定的。在该国际标准中，还对智能卡的数据结构以及COS的基本命令集作出了较为详细的说明。至于ISO／IEC7816—1和2，则是对智能卡的物理参数、外形尺寸作了规定，它们与COS的关系不是很密切。

2 COS的体系结构

1．传送管理(Transmission Manaeer)

2．安全体系(—SecvritySCructure)

(1)鉴别与核实：鉴别与核实其实是两个不同的概念，但是由于它们二者在所实现的功能上十分地相似，所以我们同时对它们进行讨论，这样也有利于在比较中掌握这两个概念。

(2)密码管理：目前智能卡中常用的数据加密算法是DES算法。采用DES算法的原因是因为该算法已被证明是一个十分成功的加密算法，而且算法的运算复杂度相对而言也较小，比较适用于智能卡这样运算能力不是很强的情况。 DES算法的密码(或称密钥)长度是64位的。 COS把数据加密时要用到的密码组织在一起，以文件的形式储存起来，称为密码文件。最简单的密码文件就是长度为8个字节的记录的集合，其中的每个记录对应着一个DES密码；较为复杂的密码文件的记录中则可能还包含着该记录所对应的密码的各种属性和为了保证每个记录的完整性而附加的校验和信息，其结构如图6．37所示。

Key = DES(CTC， K(a))

3．应用管理器(Application Manager)

4．文件管理器(File Manager)

(l)文件系统：COS的文件按照其所处的逻辑层次可以分为三类；主文件(MasterFile)，专用文件(Dedicated File)以及基本文件(EIementary File)。其中，主文件对任何COS都是必不可少的，它是包含有文件控制信息及可分配存储区的唯一文件，其作用相当于是COS文件系统的根文件，处于COS文件系统的最高层；基本文件也是必不可少的一个部分，它是实际用来存储备应用的数据单元或记录的文件，处于文件系统的最底层，而专用文件是可选的，它存储的主要是文件的控制信息、文件的位置、大小等数据信息。我们可以用图6．38的树状结构来形象地描述一个COS的文件系统的基本结构。

主文件（MF）----------专用文件（DF）----------基本文件（EF）
|                                   |                           |---------EF
|                                    |-----------------DF--------EF
|                            |-----------EF
|----------EF
|----------EF
图：6.38

cos文件有四种逻辑结构：透明结构，线性定长结构，线性变长结构，定长循环结构。它们的定义及特点可以参阅ISO／IEC7816—4协议中的有关部分，这里不再详述。不过．无论采取的是什么样的逻辑结构，cos中的文件在智能卡的存储器中都是物理上连续存放的。卡中数据的存取方式、记录的编号方法、数据单元的大小等作为文件系统的特征，在智能卡的复位应答过程中由卡给出。职过一般而言，在智能卡中最为重要的数据存取方式还是随机存取方式，也就是卡的用户在得到授权后，可以直接地任意访问文件中的某个数据单元或记录。至于COS具体对文件可以进行什么样的操作．我们将在C()3的命令系统中进行讨论。

(2)文件访问安全：对文件访问的安全性控制是COS系统中的一个十分重要的部分，由于目前的国际标准(ISO／IEC7816-4)在这方面基本没有作出什么实质性的规定，因此，现有的文件访问的安全控制机制的具体实现方式多种多样。我们在这里准备介绍其中比较有代表性的两种实现方式：鉴别寄存器方式以及状态机方式。其中，采用鉴别寄存貉方式的有PCOS、ME2000等产品：采用状态机方式的产品有STARCOS。

(转自：≡中国电子技术信息网≡ 网址：www.EC66.com)

#### 智能卡概论

1．1智能卡基础知识
1．1．1什么是智能卡

IC卡的概念是7O年代初提出来的，法国布尔(BULL)公司于1976年首先创造出 IC卡产品，并将这项技术应用到金融、交通、医疗、身份证明等多个行业，它将徽电子技术和计算机技术结合在一起，提高了人们生活和工作的现代化程度。
IC卡芯片具有写入数据和存储数据的能力，IC卡存储器中的内容根据需要可以有条件地供外部读取，成供内部信息处理和判定之用。根据卡中所镶嵌的集成电路的不同可以分成以下三类：
1.存储器卡 卡中的集成电路为EEPROM(可用电擦除的可编程只读存储器
2.逻辑加密卡 卡中的集成电路具有加密逻辑和ZEPROM。
3.CPU卡 卡中的集成电路包括中央处理器CPU、EEPROM、随机存储器RAM以及固化在只读存储器ROM中的片内操作系统COS(ChiPOperatingSystem)。

1．1．IC卡的接口设备

1．2金融卡的应用基础
IC卡主要用作金融卡，金融卡的主要功能是存储数据和处理数据。
1．2．1 IC卡提供的信息
1．印在卡上的可供人阅读的信息 用以标识卡发行人的标志、使用期限、客户姓名、帐号和签名等，这些信息是卡能作为金融交易中的支付工具的基础。
2．机器可读数据 卡上的凸出字符用于压印帐单，以便向售货商和客户提供交易凭证。卡上还可提供金融交易的帐目。
3．提供机器可读的授权和数据收集系统的标识符。
1．2．2举例：在自动柜员机上实现取款

1．插入金融卡；
2．输入个人标识码(PIN)；
3．选择交易类型(取款)；
4．给出申请提取的金额。

ATM是安装在柜里的计算机系统，它要处理卡片、货币、收据和信封(存款用)四种介质，并能与相连接的远程计算机相互通信。它的内部有严密的可靠的物理和逻辑安全措施。它的每一笔交易通常接受正确纳授权和严格的控制，因此ATM系统既是一个操作简单的系统，又是一个构造复杂的系统。
ATM将磁条上(对磁卡)的数据，诸如发行人和客户帐号识别码(用来获取自动授权信息的基础)通过通信线路与发卡单位的计算机及其帐户数据库相连，用以检查金融卡的编号(查对黑名单)，以防止他人使用已挂失的或偷窃来的金融卡，同时核对客户的帐面记录，以查明可供支用的金额，并根据交易的金额随即更新帐面记录滁金融卡下次使用。此外，为了避免某些可能发生的弊端(如已挂失但尚未列入黑名单)，还要限制金融卡在一天内允许使用的次数和一天内允许提取现金的总金额。

1．2．3 IC卡存储区的分配和功能简介
IC卡的存储量比磁卡大得多，一般分四个存储区。
1．公开的(不保密的)存储区 内含公用信息，诸如发行标识符，持卡人的帐号等。
2．外部不可读的存储区 存储的内容是供内部决策用的，如PIN值，该值是在卡片发行时进行个人化处理写入的，用户在输入正确的PIN值后，允许输入新PIN值进行修改，但在任何情况下，都不允许将存储在卡中的PIN值向外界传送。在本存储区内还可能存放密钥。
3．保密存储区 内含帐面余额、允许卡使用的服务类型及限额等。当持卡人输入正确的PIN值后，允许读取本存储区数据，并根据应用情况写入正确数据(如修改余额)。
4．记录区 内含每次交易细节，称为日志，可供查询。

1．2．4接口设备存储器内容简介

1．交易数据 内含每次交易记录，一般于每天晚上将当天交易细节汇总后传送到开户银行或发卡银行，供转帐和清算之用。银行应保证及时将应付款存入售货商帐户。
2．非法卡表(或称为黑名单、止付名单)列出所有挂失、被窃或透支超过限额的帐户清单，在每天向银行递交交易细节时，也递交此清单。同时银行经汇总后，应将修改后的黑名单提供给售货商。凡登在黑名单上的帐户或透支超额的帐户要进行交易时，须由售货商用专用电话和银行进一步授权核实后，方可受理。也可拒绝处理，甚至可根据实际情况将卡没收。
3．保密数据 密钥和授权电话号码即属于保密数据，密钥用以生成校验码以防交易日志被修改。至于授权电话，在售货商希望成交某些超额交易时，用它接通用户银行，经银行授权后方可受理，如果电话通信线路很忙，那么等待授权的时间可能很长，甚至能让客户觉得无法容忍，这就会影响到金融卡的推广应用。较先进的系统应靠计算机网络和通信线路来完成授权功能。
1．2．5使用智能卡完成一次购物的操作过程

1．客户拿着金融卡和购买的商品来到付款处。并将金融卡插入能输入PIN的小疑盘设备中。
2．售货员通过他本人工作的键盘输入交易金额。
3．交易金额显示在小键盘设备的显示板上。
4．客户在小键盘上按—下某个指定键，表示对交易金额的认可。
5．小键盘设备的显示板上指示客户输入PIN。然后客户输入PIN。输入后自动与卡中的PIN比较，如一致，就将金融卡自身打开，准备受理交易。
6．接着接口设备内部进行一连串处理，如查对黑名单、核实资金是否够用、计算交易后的余额，将它登人交易日志记录里并计算出安全校验码加在日忘记录中以保证数据的安全。同时把这笔交易记录也写到金融卡中。最后给客户打印收据。
7．显示板指示交易结束，客户取走商品和卡。
1．2．6发展智能卡与人有关的因素

1．持卡人或用户

·使用方便：装置的地点、使用的时间和操作的步骤等力求方便。操作一学就会。
·启用手续简易：发行和基于PIN号的卡片个人化处理手续简易。
·加快交易时间：进行一次交易或授权等待时间尽量缩短。
·安全可靠：每次交易正确无误，操作错误后的重新启动方便可靠，卡片的丢失、被窃和 PIN值的更换等容易处理。
·清焚筒单的操作提示：卡片上清楚表明接口方向，显示屏幕清楚易读，避免使用计算机术语和复杂的交互式操作。
2．商店

·人员培养容易，操作过程和例外处理简单。
·故障处理简单：故障处理包括出错后的重新启动，例外情况或交易被矩绝时的处理，以及在正常的解决办法失灵时，其他可供选择的措施。
·安全可靠：对丢失、被窃以及未付帐款的卡片处理办法简单且安全，对各类不安全因素易于检测。
3．卡片的发行者和销售部门

4．设计者、出售商及安全维护

1．2．7智能卡的种类

1．信用卡 卡中预先建立允许透支的限额，即预先设置好可借用的资金额度，承谱到期归还并支讨利息的责仟。根据持卡人信用程度的不同，有两种信用卡：金卡和普j园长。前者的透支限额高。
2．现金卡(付款卡)供储蓄帐户使用，持卡使用的资金是窖户已经存放在银行中的存款。
3．ATM卡 只能在ATM中使用的现金卡或信用卡。
4．预付卡 按卡面价值购买，先购买后使用，例如电话和公共系统用的预付卡，电表预付卡等。

1．3智能卡的安全问题

1．3．1影响智能卡安全的若干基本问题

1．智能卡和接口设备之间的信息流j恿 这些流通的信息可以被截取分析，从而可被复制或插入假信号。
2．模拟智能卡(或伪造智能卡)模拟智能卡与接口设备之间的情息，使接口设备无法判断出是合法的还是模拟的智能卡。
3．在交易中司更换智能卡 在授权过程个使用的是合法的智能卡，而在交易数据写入之前更换成另一张卡，因此将交易数据写入替代卡中。
4．修改信用卡中控制余额更新的日期 信用卡使用时需要输入当天日期，以供卡判断是否是当天第一次使用，即是否应将有效余额项更新为最高授权余额(也即是前面讲到的，允许一天内支取的最大金额)，如果修改控制余额更新的日期(郧上次使用的日期)，并将它提前，则输入当天日期后，接口设备会误认为是当天第一次取款，于是将有效余额更新为最高授权余额，因此利用窃来的卡可取定最高授权的金额，其危害性还在于(在银行提出新的黑名单之前)可重复多次作弊。
5．商店雇员的作弊行为 接口设备写入卡中的数据不正确，或雇员私下将一笔交易写成两笔交易，因此接口设备不允许被借用、私自拆卸或改装。

1．3．2安全措施

1．对持卡人、卡和接口设备的合法性的相互检验，
2．重要数据加密后传送。
3．卡和接口设备中设置安全区，在安全区中包含有逻辑电路或外部不可读的存储区，任何有害的不合规范的操作，将自动禁止卡的进一步操作。
4．有关人员明确各自的责任，并严格遵守。
5．设置止付名单(黑名单)。

1．3．3密钥与认证

1．IC卡系统中常用的两种密码算法
(1)对称密钥密码算法或秘密密钥密码算法(DES)
(2)非对称密钥密码算法或公共密钥密码算法(RSA)

2．认证

(1)信息验证 防止信息被篡改，保护信息的完整性，要求在接收时能发现被策改的数据，例如可采用一定的算法产生附加的校验炳，在接收点进行检验。
(2)数字签名(电子签名)要求：收方能确认发方的签名；发方签名后，不能否认自己的签名；发生矛盾时，公证人(第二方)能仲裁收发方的问题。

1．3．4卡片的作弊问题

1．呆帐 持卡人到时不付帐。
2．作弊 是由于犯罪行为引起的，因此在塑料卡亡采取厂一些防范措施。例如VISA卡采取了以下措施：正面有全息飞鸽图形；精细的底版印刷；非凸形的标识号，卡片上有签字条，当签字被更改时，签字条立即显示出 VOID(作废)。

1．4识别卡的国际标准

1．4．1磁卡的国际标准

1．物理特性 包括卡的材料、构造、特性、标称尺寸等均应符合国际标准ISO7816：1985。
2．凸印 卡正面显著地凸起的字符称为凸印，用于数据传送，这种传送可以通过压印机，也可以用目视或机器阅读。凸印字符包含标识号，持卡人的姓名和地址。常用的ID—l型卡上凸印字符的位置应符合国际标准SO7SII—3：1985的规定。

3．磁条 磁条上磁性材料的物理特性和性能特性、编码技术和编码字符集有相应的国际标准ISO7811—2：1985。磁条上：共有三个磁道，第一、二磁道为只读磁道，第三磁道为读写磁道，分别有国际标准ISO7811—4：1985和 ISO7811—5：1985。

1．4．2 IC卡(接触型)的国际标准

1．物理特性 符合ISO7816：1987中规定的各类识别卡的物理特性和ISO7813中规定的金融交易卡的全部尺寸要求，此外还应符合国际标准ISO7816—1：1987规定的附加特性、机械强度和静电测试方法。
2．触点尺寸与位置。

3电信号与传输协议。
IC卡与接口设备之间电源及信息交换应符合 ISO／IEC7816—3：1989的规定。
4．行业间交换用命令。

5．应用标识符的编号系统和注册过程 应符合国际标准ISO／IEC7816—5：1994中的规定。
IC卡的国际标准是本书重点之一，将在第3章和第4章中描述。

(转自：≡中国电子技术信息网≡ 网址：www.EC66.com)

0
0

* 以上用户言论只代表其个人观点，不代表CSDN网站的观点或立场
个人资料
• 访问：1492414次
• 积分：24519
• 等级：
• 排名：第273名
• 原创：638篇
• 转载：550篇
• 译文：2篇
• 评论：260条
文章分类
评论排行