GermanDie Smart Card Tables sind eine Sammlung von interessanten Daten in Tabellenform rund um Chipkarten. Die Smart Card Tables waren ursprünglich Teil des Handbuchs der Chipkarten. In der 5. deutschen Auflage entschloß ich mich jedoch diese Tabellen auf meiner Homepage unterzubringen, da man auf einer Webseite viel einfacher suchen kann und auch leicht aktualisiert werden können.

GermanThe Smart Card Tables are a collection of interesting data in tabular form around smart cards. The Smart Card Tables were originally part of the Smart Card Handbook. In the 5th German edition, I decided, however, these tables to accommodate at my homepage, because such information on a website is much easier to find and easier to update.

Inhalt der Smart Card Tables / Content of the Smart Card Tables:

Registered Application Identifier (RID) and Application Identifier (AID)

GermanDer 5 bis 16 Byte lange AID (application identifier) ist ein eindeutiges Kennzeichen für eine Anwendung auf einer Chipkarte und in der ISO/IEC 7816-5 definiert. Ein Teil des AID (der RID) kann national oder international registriert werden und ist dann für die registrierte Anwendung reserviert und weltweit eindeutig. Der AID setzt sich selber wiederum aus zwei Datenelementen zusammen. Das erste Datenelement ist der Registered Application Identifier (RID) mit einer festen Länge von 5 Byte. Er wird entweder von einer nationalen oder internationalen Registrierungsstelle vergeben und beinhaltet einen Ländercode, eine Anwendungskategorie und eine Nummer für den Anwendungsanbieter. Dieser Zahlencode führt zu einer nur ein einziges Mal vergebenen RID, die weltweit zur Identifizierung einer bestimmten Anwendung benutzt werden kann. Falls es notwendig ist, kann der Anwendungsanbieter der RID eine Proprietary Application Identifier Extension (PIX) nachstellen, die der optionale zweite Teil des AID ist. Die bis zu 11 Byte lange PIX kann zum Beispiel eine Serien- und Versionsnummer sein und damit zur Verwaltung der Anwendung benutzt werden.

Manche Chipkarten haben unter dem MF ein EF.DIR mit der FID '2F00'. Dieses EF besitzt die Struktur linear fixed und besteht aus mindestens einem Record. Jeder Record ist wiederum ein constructed Datenobjekt, das Informationen über eine bestimmte Anwendung auf der Chipkarte enthält. Typischerweise sind dies die AID und eine textuelle Bezeichnung der jeweiligen Anwendung. Das EFDIR kann auch noch weitere Daten wie beispielsweise den Pfad zur Anwendung enthalten. Der Zweck des EFDIR ist es, einem Terminal die auf der Chipkarte befindlichen Anwendungen in einem standardisierten Format anzuzeigen.

GermanThe 5 to 16 bytes long AID (application identifier) is a unique number for an application on a smart card. It is defined in the ISO/IEC 7816-5. A portion of the AID (the RID) can be nationally or internationally registered. The AID is in turn itself from two data elements. The first data element is the Registered Application Identifier (RID) with a fixed length of 5 bytes. It is either a national or international registration body awarded and includes a country code, an application category and a number for the application provider. This numerical code leads to only one RID allocated time in the world to identify a particular application. If it is necessary, the application provider can add to the RID the optional Proprietary Application Identifier Extension (PIX). The up to 11 bytes long PIX can be, for example, a serial and version number in order to manage the application used.

Some smart cards have direct under the MF EF.DIR (directory) with the FID '2F00'. This EF hava a linear fixed file structure and consists of at least one record. Each record is a constructed data object, with information about a specific application on the smart card. Typically, these information consist of the AID and a textual description of the application. The record in the EF.DIR can have also include further data such as the path to the application. The purpose of the EF.DIR to give the terminal information a standardized format about applications on the card.

Registered Application Identifier (RID) Proprietary Application Identifier Extension (PIX) Description
'A' || ... international registration ---
'D' || XXX national registration, 3 digit county code in line with ISO 3166 coding in line with ISO 3166
‘276’: Germany
'A0 00 00 00 63' '50 4B 43 53 2D 31 35' ID-card in Finland
'A0 00 00 00 63' '50 4B 43 53 2D 31 35' = "PKCS-15" PKCS #15
'A0 00 00 00 63' '57 41 50 2D 57 49 4D' = "WAP-WIM" WIM
'A0 00 00 00 87' specific to card issuer RID of 3GPP (UICC, USIM, USAT)
‘A0 00 00 02 47’ ‘1001’: issuer stored data application
‘2001’: application for hashes, digital signature, and certificate
The last three digits of the PIX shall be used to denote future version levels.
machine readable travel documents (MRTD)
'D2 76 00 00 05' specific Giesecke & Devrient
'D2 76 00 01 18' specific Giesecke & Devrient Java Card Telecommunikation
'D2 76 00 00 25' '45 50 01 00' Girocard (Geldkarte) in Germany
'D2 76 00 00 60 specific Wolfgang Rankl

Table of the most important Smart Card Commands

The following table list the most important smart card commands with a short explanation of the function. The following standards were considered: ISO/IEC 7816, EMV, TS 51.011, TS 51.014, TS 31.111, TS 102.221, TS 102.222, TS 102.223, GP (global platform) and EN 1546.

Command Function Instruction (INS) Standard
ACTIVATE FILE Reversibly unblock a file. ‘44’ ISO/IEC 7816-9
APPEND RECORD Insert a new record in a file with a linear fixed structure. ‘E2’ ISO/IEC 7816-4
APPLICATION BLOCK Reversibly block an application. ‘1E’ EMV
APPLICATION UNBLOCK Unblock an application. ‘18’ EMV
ASK RANDOM Request a random number from the smart card. ‘84’ EN 726-3
CHANGE CHV Change the PIN. ‘24’ TS 51.011
CHANGE REFERENCE DATA Change the data used for user identification (e.g., a PIN). ‘24’ ISO/IEC 7816-8
CLOSE APPLICATION Reset all attained access condition levels. ‘AC’ EN 726-3
CONVERT IEP CURRENCY Convert currency. ‘56’ EN 1546-3
CREATE FILE Create a new file. ‘E0’ ISO/IEC 7816-9
CREATE RECORD Create a new record in a record-oriented file. ‘E2’ EN 726-3
CREDIT IEP Load the purse (IEP). ‘52’ EN 1546-3
CREDIT PSAM Pay from IEP to the PSAM. ‘72’ EN 1546-3
DEACTIVATE FILE Reversibly block a file. ‘04’ ISO/IEC 7816-9
DEBIT IEP Pay from the purse ‘54’ EN 1546-
DECREASE Reduce the value of a counter in a file. ‘30’ EN 726-3
DECREASE STAMPED Reduce the value of a counter in a file that is protected using a cryptographic checksum. ‘34’ EN 726-3
DELETE Delete a uniquely identifiable object (such as a load file, application or key). ‘E4’ OP
DELETE FILE Delete a file. ‘E4’ ISO/IEC 7816-9
DISABLE CHV Disable PIN queries. ‘26’ TS 51.011
DISABLE VERIFICATION REQUIREMENT Disable user identification (e.g., PIN queries). ‘26’ ISO/IEC 7816-8
ENABLE CHV Enable PIN queries. ‘28’ TS 51.011, EN 726-3
ENABLE VERIFICATION REQUIREMENT Enable user identification (e.g., PIN queries). ‘28’ ISO/IEC 7816-8
ENVELOPE Embed a command in a smart card command. ‘C2’ EN 726-3, ISO/IEC 7816-4
ERASE BINARY Set the content of a file with a transparent structure to the erased state. ‘0E’ ISO/IEC 7816-4
EXECUTE Execute a file. ‘AE’ EN 726-3
EXTEND Extend a file. ‘D4’ EN 726-3
EXTERNAL AUTHENTICATE Authenticate the outside world with respect to the smart card. ‘82’ ISO/IEC 7816-4
GENERATE AUTHORISATION CRYPTOGRAM Generate a signature for a payment transaction. ‘AE’ EMV
GENERATE PUBLIC KEY PAIR Generate a key pair for an asymmetric cryptographic algorithm. ‘46’ ISO/IEC 7816-8
GET CHALLENGE Request a random number from the smart card. ‘84’ ISO/IEC 7816-4
GET DATA Read TLV-coded data objects. ‘CA’ ISO/IEC 7816-4
GET PREVIOUS IEP SIGNATURE Repeat the computation and output of the last signature received IEP. ‘5A’ EN 1546-3
GET PREVIOUS PSAM SIGNATURE Repeat the computation and output of the last signature received from the PSAM. ‘86’ EN 1546-3
GET RESPONSE Request data from the smart card (used with the T = 0 transmission protocol). ‘C0’ TS 51.011
GET STATUS Read the life-cycle state information of the card manager, application and load file. ‘F2’ ISO/IEC 7816-4, OP
GIVE RANDOM Send a random number to the smart card. ‘86’ EN 726-3
INCREASE Increase the value of a counter in a file. ‘32’ TS 51.011
INCREASE STAMPED Increase the value of a counter in a file that is protected using a cryptographic checksum. ‘36’ EN 726-3
INITIALIZE IEP Initialize IEP for a subsequent purse command. ‘50’ EN 1546-3
INITIALIZE PSAM Initialize PSAM for a subsequent purse command. ‘70’ EN 1546-3
INITIALIZE PSAM for Offline Collection Initialize PSAM for offline booking of the amount. ‘7C’ EN 1546-3
INITIALIZE PSAM for Online Collection Initialize PSAM for online booking of the amount. ‘76’ EN 1546-3
INITIALIZE PSAM for Update INSTALL INTERNAL AUTHENTICATE Initialize PSAM for changing the parameters. Install an application by invoking various oncard functions of the card manager and/or security domain. Authenticate the smart card with respect to the outside world. ‘80’ ‘E6’ ‘88’ EN 1546-3, OP, ISO/IEC 7816-4
INVALIDATE Reversibly block a file. ‘04’ TS 51.011, EN 726-3
ISSUER AUTHENTICATE Verify a signature of the card issuer. ‘82’ EMV-2
LOAD Load an application by transferring the load file. ‘E8’ OP
??? LOAD KEY FILE LOCK MANAGE CHANNEL Load keys in files using cryptographic protection. Irreversibly block a file. Control the logical channels of a smart card. ‘D8’ ‘76’ ‘70’ EN 726-3, EN 726-3 ISO/IEC 7816-4
??? LOAD KEY FILE LOCK MANAGE CHANNEL Load keys in files using cryptographic protection. Irreversibly block a file. Control the logical channels of a smart card. ‘D8’ ‘76’ ‘70’ EN 726-3, EN 726-3 ISO/IEC 7816-4
MANAGE SECURITY ENVIRONMENT Change the parameters for using cryptographic algorithms in the smart card. ‘22’ ISO/IEC 7816-8
MUTUAL AUTHENTICATE Mutually authenticate the smart card and the terminal. ‘82’ ISO/IEC 7816-8
PERFORM SCQL OPERATION Execute an SCQL instruction. ‘10’ ISO/IEC 7816-7
PERFORM SECURITY OPERATION Execute a cryptographic algorithm in the smart card. ‘2A’ ISO/IEC 7816-8
PERFORM TRANSACTION OPERATION Execute an SCQL transaction instruction. ‘12’ ISO/IEC 7816-7
PERFORM USER OPERATION Manage users in the context of SCQL. ‘14’ ISO/IEC 7816-7
PSAM COLLECT Execute PSAM online booking of an amount. ‘78’ EN 1546-3
PSAM COLLECT End PSAM online booking of an amount. ‘7A’ EN 1546-3
PSAM COMPLETE End paying the IEP against the PSAM. ‘74’ EN 1546-3
PSAM VERIFY COLLECTION End PSAM offline booking of an amount. ‘7E’ EN 1546-3
PUT DATA Write TLV-coded data objects. ‘DA’ ISO/IEC 7816-4
PUT KEY Write one or more new keys or replace existing keys. ‘D8’ OP
REACTIVATE FILE Unblock a file. ‘44’ ISO/IEC 7816-9
READ BINARY Read from a file with a transparent structure. ‘B0’ TS 51.011
READ BINARY STAMPED Read data from a file with a transparent structure that is secured with a cryptographic checksum. ‘B4’ ISO/IEC 7816-4
READ RECORD Read data from a file with a record-oriented structure. ‘B2’ TS 51.011
READ RECORD(S) Read data from a file with a record-oriented structure. ‘B2’ ISO/IEC 7816-4
READ RECORD STAMPED Read data from a file with a record-oriented structure that is secured with a cryptographic checksum. ‘B6’ EN 726-3
REHABILITATE Unblock a file. ‘44’ TS 51.011 EN ???
RESET RETRY COUNTER Reset an error counter. ‘2C’ ISO/IEC 7816-8
RUN GSM ALGORITHM Execute a GSM-specific cryptographic algorithm. ‘88’ TS 51.011
SEARCH BINARY Search for a text string in a file with a transparent structure. ‘A0’ ISO/IEC 7816-9
SEARCH RECORD Search for a text string in a file with a record-oriented structure. ‘A2’ ISO/IEC 7816-9
SEEK Search for a text string in a file with a record-oriented structure. ‘A2’ TS 51.011, EN 726-3
SELECT Select a file. ‘A4’ TS 51.011
SELECT (FILE) Select a file. ‘A4’ ISO/IEC 7816-4
SET STATUS Write life-cycle state data for the card manager, application and load file. ‘F0’ OP
SLEEP Obsolete command for setting the smart card in a power-saving state. ‘FA’ TS 51.011
STATUS Read various data from the currently selected file. ‘F2’ TS 51.011
TERMINATE CARD USAGE Irreversibly block a smart card. ‘FE’ ISO/IEC 7816-9
TERMINATE DF Irreversibly block a DF. ‘E6’ ISO/IEC 7816-9
TERMINATE EF Irreversibly block an EF. ‘E8’ ISO/IEC 7816-9
UNBLOCK CHV Reset a PIN retry counter that has reached its maximum value. ‘2C’ TS 51.011 EN
UPDATE BINARY Write to a file with a transparent structure. ‘D6’ TS 51.011, ISO/IEC7816-4
UPDATE IEP PARAMETER Change the general parameters of a purse. ‘58’ EN 1546-3
UPDATE PSAM Parameter (offline) Modify the parameters in the PSAM (offline). ‘84’ EN 1546-3
UPDATE PSAM Parameter (online) Modify the parameters in the PSAM (online). ‘82’ EN 1546-3
UPDATE RECORD Write to a file with a linear fixed, linear variable or cyclic structure. ‘DC’ TS 51.011, ISO/IEC 7816-4
VERIFY Verify the transferred data (such as a PIN). ‘20’ ISO/IEC 7816-4, EMV
VERIFY CHV Verify the PIN. ‘20’ TS 51.011
WRITE BINARY Write to a file with a transparent structure using a logical AND/OR process. ‘D0’ ISO/IEC 7816-4
WRITE RECORD Write to a file with a record-oriented structure using a logical AND/OR process. ‘D2’ ISO/IEC 7816-4

Input/Output Parameters of important Smart Card Commands

The following table contain a list of the most important smart card commands with a short explanation of the function. The following standards were considered: ISO/IEC 7816-4, -7, -8, -9, EMV, TS 51.011, TS 51.014, TS 31,111, TS 102,221, TS 102,222, TS 102,223, GP (global platform) and EN 1546.

Smart Card Command SELECT (ISO/IEC 7816-4)

bla bla

Data Element Coding Meaning
CLA '00' Command successfully executed; ‘xx’ bytes of data are available and can be requested using GET RESPONSE.
INS 'B2' The returned data may be erroneous.
P1 ... The returned data may be erroneous.
P2 ... The returned data may be erroneous.
Le ... Le = 0     Lese alle Bytes bis zum Ende des Records/der Records.
Le > 0     Le ist die Länge des Records/der Records.

????????????????????????????????? xxxxxxxxxx

Smart Card Command READ BINARY (ISO/IEC 7816-4)

bla bla

Data Element Coding Meaning
CLA '00' Command successfully executed; ‘xx’ bytes of data are available and can be requested using GET RESPONSE.
INS 'B2' The returned data may be erroneous.
P1 ... The returned data may be erroneous.
P2 ... The returned data may be erroneous.
Le ... Le = 0     Lese alle Bytes bis zum Ende des Records/der Records.
Le > 0     Le ist die Länge des Records/der Records.

??????????

???????????

???????????

???????????

???????????

???????????

Table of the most important Smart Card Returncodes

The following table contain a list of the most important smart card commands with a short explanation of the function. The following standards were considered: ISO/IEC 7816, EMV, TS 51.011, TS 51.014, TS 31.111, TS 102.221, TS 102.222, TS 102.223, GP (global platform) and EN 1546.  The return codes described in this table are classified according to the scheme used in the ISO/IEC 7816-4 standard with the following status codes:

NP: process completed, normal processing

EE: process aborted, execution error

WP: process completed, warning processing

CE: process aborted, checking error

Returncode Status Meaning Standard
‘61xx’ NP Command successfully executed; ‘xx’ bytes of data are available and can be requested using GET RESPONSE. ISO/IEC 7816-4
‘6281’ WP The returned data may be erroneous. ISO/IEC 7816-4
‘6282’ WP Fewer bytes than specified by the Le parameter could be read, since the end of the file was encountered first. ISO/IEC 7816-4
‘6283’ WP The selected file is reversibly blocked (invalidated). ISO/IEC 7816-4
‘6284’ WP The file control information (FCI) is not structured in accordance with ISO/IEC7816-4. ISO/IEC 7816-4
‘62xx’ WP Warning; state of non-volatile memory not changed. ISO/IEC 7816-4
‘63Cx’ WP The counter has reached the value ‘x’ (0 = x = 15) (the exact significance depends on the command). ISO/IEC 7816-4
‘63xx’ WP Warning; state of non-volatile memory changed. ISO/IEC 7816-4
‘64xx’ EE Execution error; state of non-volatile memory not changed. ISO/IEC 7816-4
‘6581’ EE Memory error (e.g. during a write operation). ISO/IEC 7816-4
‘65xx’ EE Execution error; state of non-volatile memory changed. ISO/IEC 7816-4
‘6700’ CE Length incorrect. ISO/IEC 7816-4
‘67xx’ . . . ‘6Fxx’ CE Check errors. ISO/IEC 7816-4
‘6800’ CE Functions in the class byte not supported (general). ISO/IEC 7816-4
‘6881’ CE Logical channels not supported. ISO/IEC 7816-4
‘6882’ CE Secure messaging not supported. ISO/IEC 7816-4
‘6900’ CE Command not allowed (general) ISO/IEC 7816-4
‘6981’ CE Command incompatible with file structure. ISO/IEC 7816-4
‘6982’ CE Security state not satisfied. ISO/IEC 7816-4
‘6983’ CE Authentication method blocked. ISO/IEC 7816-4
‘6984’ CE Referenced data reversibly blocked (invalidated). ISO/IEC 7816-4
‘6985’ CE Usage conditions not satisfied. ISO/IEC 7816-4
‘6986’ CE Command not allowed (no EF selected). ISO/IEC 7816-4
‘6987’ CE Expected secure messaging data objects missing. ISO/IEC 7816-4
‘6988’ CE Secure messaging data objects incorrect. ISO/IEC 7816-4
‘6A00’ CE Incorrect P1 or P2 parameters (general). ISO/IEC 7816-4
‘6A80’ CE Parameters in the data portion are incorrect. ISO/IEC 7816-4
‘6A81’ CE Function not supported. ISO/IEC 7816-4
‘6A82’ CE File not found. ISO/IEC 7816-4
‘6A83’ CE Record not found. ISO/IEC 7816-4
‘6A84’ CE Insufficient memory. ISO/IEC 7816-4
‘6A85’ CE Lc inconsistent with TLV structure ISO/IEC 7816-4
‘6A86’ CE Incorrect P1or P2 parameter. ISO/IEC 7816-4
‘6A87’ CE Lc inconsistent with P1 or P2. ISO/IEC 7816-4
‘6A88’ CE Referenced data not found. ISO/IEC 7816-4
‘6B00’ CE Parameter 1 or 2 incorrect. ISO/IEC 7816-4
‘6Cxx’ CE Bad length value in Le; ‘xx’ is the correct length. ISO/IEC 7816-4
‘6D00’ CE Command (instruction) not supported. ISO/IEC 7816-4
‘6E00’ CE Class not supported. ISO/IEC 7816-4
‘6F00’ CE Command aborted – more exact diagnosis not possible (e.g., operating system error). ISO/IEC 7816-4
‘9000’ NP Command successfully executed. ISO/IEC 7816-4
‘920x’ NP Writing to EEPROM successful after ‘x’ attempts. TS 51.011
‘9210’ CE Insufficient memory. TS 51.011
‘9240’ EE Writing to EEPROM not successful. TS 51.011
‘9400’ CE No EF selected. TS 51.011
‘9402’ CE Address range exceeded. TS 51.011
‘9404’ CE FID not found, record not found or comparison pattern not found. TS 51.011
‘9408’ CE Selected file type does not match command. TS 51.011
‘9802’ CE No PIN defined. TS 51.011
‘9804’ CE Access conditions not satisfied, authentication failed. TS 51.011
‘9835’ CE ASK RANDOM or GIVE RANDOM not executed. TS 51.011
‘9840’ CE PIN verification not successful. TS 51.011
‘9850’ CE INCREASE or DECREASE could not be executed because a limit has been reached. TS 51.011
‘9Fxx’ NP Command successfully executed; ‘xx’ bytes of data are available and can be requested using GET RESPONSE. TS 51.011

Das Handbuch der Chipkarten gibt einen umfassenden Überblick über den aktuellen Stand der Chipkartentechnik. Die vierte Auflage wurde stark überarbeitet und erweiteret und berücksichtigt auch den letzten Stand der nationalen und internationalen Normung.

Copyright © 2008 Wolfgang Rankl - created: 5. July 2008 - last modified: Thursday, July 31, 2008