Previous Table of Contents Next


You can retrieve these 20 bytes of file description information with the Get Response command whenever a directory file is selected. We’ll now discuss in detail the meaning of each of the descriptive bytes associated with a directory file.

Bytes three and four say there are 2,832 bytes available for new files and subdirectories in this directory. Since the master file is the root directory on the card and thus all other directories and files must be contained in it, in this case we know there are 2,832 bytes of unused EEPROM space on the whole card. This is the amount of nonvolatile on-card memory available for use by your application. Bytes five and six just repeat the fileId of the selected file.

Byte seven says which of five file types possible on the Multiflex card is selected. The Multiflex smart card supports the five different types of files listed in Table 5.4.

Table 5.4. Multiflex 3K file types.
File Type Value of File Type Byte Maximum Record Size Maximum Number of Records

Directory file 3816
Transparent file 0116
Record file with fixed-length records 0216 255 bytes 255
Record file with variable-length records 0416 255 bytes 255
Cyclic file 0616 255 bytes 255

We will discuss the details of these four file types. Files that aren’t directory files—binary files, record files with fixed-length records, record files with variable-length records, and cyclic files—are often referred to collectively as elementary files. Unstructured binary files are also called transparent files because the structure of the file is transparent to the operating system.

Byte eight of the file description is unused for directory files. For elementary files, the high-order 2 bits of the eighth byte restrict the operations that can be applied to the file as shown in Table 5.5.

Table 5.5. Elementary file update access conditions.
Bit 8 Bit 7 Allowed Operations Disallowed Operations

0 0 Update Increase, Decrease
0 1 Update, Increase Decrease
1 0 Update, Decrease Increase
1 1 Decrease, Increase Update

The six nibbles (hex digits) of bytes 9 through 11 of the 20 bytes returned by Get Response give the access conditions for various operations on the selected file. An access condition states what identity must be established by the entity issuing the command before the command can be executed. For example, an access condition might say that the proper PIN must be presented to the card before a particular file can be read. Associated with each file type is a set of operations that have access conditions associated with them. Table 5.6 shows the file commands that can have access conditions associated with them.

Table 5.6. File operations with access conditions.
Key Protected Operations Nibble Giving Access Condition

Directory Files

Directory 9 High
Delete File 10 High
Create File 10 Low
Rehabilitate 11 High
Invalidate 11 Low

Elementary Files

Read, Seek 9 High
Update, Decrease, Decrease Stamped 9 Low
Increase, Increase, Stamped 10 High
Create Record 10 Low
Rehabilitate 11 High
Invalidate 11 Low

For example, the value in the high nibble in the tenth byte says what kind of key has to be presented to the card before you can delete a file in the selected directory. There are seven possibilities for values in these single hex digit fields. These values are given in Table 5.7. They describe what authentication operation has to be successfully performed in order to satisfy the access condition and thus be able to perform the command. For example, if 0116 is associated with the Read and Seek operation on a particular file, then the cardholder would have to present a valid PIN to the card before the card would allow a Read or Seek on that file.

Table 5.7. Identities or authentications for access conditions.
Key Knowledge Needed Value of Access Condition Nibble

None—Operation is always possible 016
PIN—4-digit personal identification number 116
Protected—8-byte cryptographic key 316
Authenticated—8-byte cryptographic key 416
PIN and protected 616
PIN and authenticated 816
None—Operation is never possible F16

In the file description of the master file on the Multiflex 3K card, the value of the high nibble in the tenth byte is 416, which means that you have to successfully present an 8-digit cryptographic key to the card before you can delete a file in the master file.

The value of the high nibble in the ninth byte is F16 which says that no matter what key you present, you can’t use the Directory command; that is, the Directory operation is never possible with the master file. (On the other hand, unlike its 8K brother, the Multiflex 3K card doesn’t implement a Directory command, so this access condition is a bit academic.)


Previous Table of Contents Next