Table of Contents


APPENDIX B
THE MULTIFLEX COMMAND SET

This appendix contains a detailed description of each of the 21 commands implemented in the Multiflex 3K operating system and to which the Multiflex 3K smart card responds. The tables here are no more a substitute for a complete documentation set for the Multiflex card than is Chapter 5, “The Schlumberger Multiflex Smart Card.” They do, however, provide enough information for you to begin to experiment with each command and with the card.

Unused and RFU (reserved for future use) fields should always be filled with the default byte FF16 rather than the more customary default value 0016. Because writing a 0016 to a location that contains FF16 requires an EEPROM erase operation, it is slower than writing an FF16 to a location that contains 0016 which only requires a write operation. Throughout the appendix, the ASCII character set is assumed.

Change PIN

Description

Replaces the 8-byte PIN in the currently selected PIN file with a new 8-byte value.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 2416 0016 0116 1016

Data Field 1 Data Field 2

The 8 bytes of the current value of the PIN The 8 bytes of the new value of the PIN

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 2416 0016 0116 1016 6216 6516 6616 6F16 7216 6516 FF16 FF16 6116 6616 7416 6516 7216 FF16 FF16 FF16 Changes the PIN in the currently selected PIN file from before to after

Status Word Return

Value Description

630016 PIN rejected; failed attempts counter decremented
658116 Update impossible
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN defined
698316 PIN currently blocked
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully; failed attempts counter set to maximum value

Create File

Description

Creates a new file in the current directory. The new file becomes the current file.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 E016 Initialization flag 0016—Initialize FF16—Do not initialize Number of records for record files; ignored otherwise Sum of the lengths of the following two fields

Data Field 1 Data Field 2

Description of the file to be created (See Chapter 5) The first 6 bytes of the encryption of the response to the immediately preceding Get Challenge command if the directory in which the file is being created specifies protected-mode access for this command

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 E016 FF16 0016 1016 000016 001716 000016 F416 FF16 4416 0116 0316 F016 FF16 0016 Create a PIN file that can be updated, invalidated, and rehabilitated only by external authorization key 0 and can never be read

Status Word Return

Value Description

628316 Current directory is invalidated
630016 Invalid protected-mode cryptogram
650016 Too much data for protected-mode
658116 Memory problem
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
698516 No Get Challenge immediately preceding command
6A8016 File ID already in use in this directory
6A8016 Type of current file is inconsistent with the command
6A8016 Record length value is too large
6A8416 Insufficient memory space available
6B0016 Incorrect Parameter 1 or Parameter 2
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Create Record

Description

Creates a new record at the end of the current record file and optionally writes data into it.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 E216 0016 0016 Sum of the lengths of the following two fields

Data Field 1 Data Field 2

Data to be written to new record followed by cryptogram if the directory in which the file is being created specifies protected-mode access for this command The first 6 bytes of the encryption of the response to the immediately preceding Get Challenge command if the directory in which the file is being created specifies protected-mode authentication for the Create File command

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

C016 E216 0016 0016 0916 6316 6116 6D16 6216 7216 6916 6416 6716 6516 Create a new record in the current record file and write Cambridge into it

Status Word Return

Value Description

628316 Current file is invalidated
630016 Invalid protected-mode cryptogram
650016 Too much data for protected-mode
658116 Memory problem
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
698516 No Get Challenge immediately preceding command
6A8016 Type of current file is inconsistent with the command
6A8316 Record index out of range
6A8416 Insufficient memory space available
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Decrease

Description

The oldest (that is, previous) record in a cyclic file is overwritten with the newest (that is, current) record, minus the amount given in the command. This new record then becomes the current record.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 3016 0016 0016 0316, the length of the following value to be subtracted, if protected-mode authentication is not required OR 0916, the length of the 3-byte value plus the length of the 6-byte cryptogram, if protected-mode authentication is required

Data Field 1 Data Field 2

3-byte value to be subtracted from the current record The first 6 bytes of the encryption of the response to the immediately preceding Get Challenge command if the directory in which the file is being created specifies protected-mode authentication for the Create File command

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 3016 0016 0016 0316 0016 0016 0116 Subtract 1 from the current record in a cyclic file and overwrite the oldest record in the file with this new value

Status Word Return

Value Description

61XX16 Command executed successfully; XX16 bytes of response data are available
628316 Currently selected file is invalidated
630016 Invalid protected-mode cryptogram
650016 Too much data for protected-mode
658116 Update impossible
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN and or key defined
698616 Currently selected file is not a cyclic file
6A8016 Type of current file is inconsistent with the command
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
985016 Decrease cannot be performed; new value would be less than minimum value

Delete File

Description

Deletes the named file.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 E416 0016 0016 0216, the length of the following file ID, if protected mode authentication is not required;
or
0816, the length of the file ID plus the length of the 6-byte cryptogram if protected-mode authentication is required

Data Field 1 Data Field 2

2-byte file identifier The first 6 bytes of the encryption of the response to the immediately preceding Get Challenge command if the currently selected file specifies protected-mode authentication for this command

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 E416 0016 0016 0216 0016 3316 Delete the file with the file ID 003316 in the currently selected directory

Status Word Return

Value Description

628316 Current file is invalidated
630016 Invalid protected-mode cryptogram
650016 Too much data for protected-mode
658116 Memory problem
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
698516 No Get Challenge immediately preceding command
6A8016 Type of current file is inconsistent with the command
6A8216 File ID not found
6B0016 Incorrect Parameter 1 or Parameter 2
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

External Authentication

Description

The terminal wishes to gain external authentication access to the card without sending a key to it using Verify Key. It got a challenge from the card using Get Challenge and is now going to return its encryption of this challenge to prove it knows the key.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 8216 0016 0016 0716

Data Field 1 Data Field 2

Key Number: 0016, 0116, 0216, …, 0916, 0A16, …, 0E16, 0F16 First 6 bytes of the encryption of the the challenge provided by the card as a response to the immediately preceding Get Challenge command

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

C016 8216 0016 0016 0716 0316 3E16 6716 A816 4516 9116 7C16 The first 6 bytes of the encryption of the challenge provided by the card using key 3 in the external authentication file associated with the current directory are 3E16 6716 A816 4516 9116 7C16

Status Word Return

Value Description

630016 External authentication failed; failed attempts counter decremented
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No key defined
698316 Key blocked
698516 No Get Challenge immediately preceding command
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully; failed attempts counter set to maximum value

Get Challenge

Description

The card is requested to send back an 8-byte challenge.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 8416 0016 0016 0816

Data Field 1 Data Field 2

N/A N/A

Response Application Protocol Data Unit

Response

8 bytes of challenge if the command is successful followed by the 2-byte status

Example of Use

APDU Interpretation

C016 8416 0016 0016 0816 The card returns a 10-byte response consisting of an 8-byte challenge followed by the normal 2-byte status code

Status Word Return

Value Description

67XX16 Incorrect Parameter 3 value; expected value was XX16
6D0016 Unknown INS given in the command
6E0016 Unknown CLA given in the command
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Get Response

Description

Retrieves data typically created by the immediately preceding command from the card.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 C016 0016 0016 The number of bytes of data to retrieve

Data Field 1 Data Field 2

N/A N/A

Response Application Protocol Data Unit

Response

The number of bytes requested followed by the 2-byte status

Example of Use

APDU Interpretation

C016 C016 0016 0016 1416 Retrieve the 20 bytes of information created when a Select File command is issued for a directory.

Status Word Return

Value Description

67XX16 Incorrect Parameter 3 value; expected value was XX16
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Increase

Description

The oldest (i.e., previous) record in a cyclic file is overwritten with the newest (i.e., current) record, plus the amount given in the command. This new record then becomes the current record.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 3216 0016 0016 0316, the length of the following value to be added, if protected-mode authentication is not required;
or
0916, the length of the value plus the length of the cryptogram if protected-mode authentication is required

Data Field 1 Data Field 2

3-byte numeric value to be added on to the current record The first 6 bytes of the encryption of the response to the immediately preceding Get Challenge command if the directory in which the file is being created specifies protected-mode authentication for the Create File command

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 3216 0016 0016 0316 0016 0016 0216 Add 2 to the value in the last 6 bytes of the current record in the currently selected cyclic file and write the record thereby created over the record previous to the current one in the cyclic file; make this overwritten record the current record

Status Word Return

Value Description

61XX16 Command executed successfully; XX16 bytes of response data are available
628316 Currently selected file is invalidated
630016 Invalid protected-mode cryptogram
650016 Too much data for protected-mode
658116 Update impossible
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698616 Currently selected file is not an elementary file
6A8016 Type of currently selected file is inconsistent with the instruction
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
985016 Increase cannot be performed; new value would be greater than maximum value

Internal Authentication

Description

The terminal wishes to authenticate the card to ensure it is a valid card, so it sends the card a challenge that the card must encrypt using a specified key in the internal authorization file (000116) for the current directory. A following Get Response command returns the first 6 bytes of the card’s encryption of the challenge using the indicated key.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 8816 0016 Key number:
0016, 0116, 0216, ..., 0916, 0A16, ..., 0E16, 0F16
0816

Data Field 1 Data Field 2

8-byte challenge N/A

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

C016 8816 0016 0316 0816 6416 6916 7316 6B16 6516 7416 7416 6516 The terminal sends the challenge diskette to the card and expects it to be encrypted with key 3 in the internal authorization key file (000116) associated with the current directory

Status Word Return

Value Description

61XX16 Command executed successfully; XX16 bytes of response data are available
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
6B0016 Incorrect Parameter 1 or Parameter 2
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given

Invalidate

Description

The currently selected elementary file is invalidated and will subsequently only respond successfully to the Select File and Rehabilitate commands.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 0416 0016 0016 0016 if issuing the Invalidate command for this file does not require protected-mode access;
or
0616, the length of the following cryptogram, if it does

Data Field 1 Data Field 2

The first 6 bytes of the encryption of response to immediately preceding Get Challenge command if the currently selected file requires protected-mode authentication for this command N/A

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 0416 0016 0016 0016 The currently selected file which does not require protected-mode authentication to be invalidated is invalidated

Status Word Return

Value Description

628316 Current file is already invalidated
630016 Invalid protected-mode cryptogram
658116 Memory problem
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
698516 No Get Challenge immediately preceding command
698616 No file selected
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Read Binary

Description

Reads a sequence of bytes from the currently selected transparent file.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 B016 High byte of the 2-byte offset number Low byte of the 2-byte offset number Number of bytes to read starting at the offset byte

Data Field 1 Data Field 2

N/A N/A

Response Application Protocol Data Unit

Response

The number of bytes requested followed by the 2-byte status

Example of Use

APDU Interpretation

C016 B016 0016 0016 1016 Read 16 bytes from the currently selected transparent file starting with the first byte in the file

Status Word Return

Value Description

628316 Currently selected file is invalidated
630016 Invalid protected-mode cryptogram
658116 Memory problem
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698616 No currently selected elementary file
6A8016 Current file type is inconsistent with the instruction
6B0016 Offset out of range
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Read Record

Description

Reads one record from the currently selected record file.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 B216 Index of the record to be read (0116, 0216, ..., FF16) OR 0016 if the current record is to be read Selection of record to be read: 00 first record; 01 last record; 02 next record; 03 previous record; 04 current record; if index is 0 or index record, if it isn’t The number of bytes to be read from the record identified by Parameter 1 and Parameter 2; must be equal to the length of the record in the file

Data Field 1 Data Field 2

N/A N/A

Response Application Protocol Data Unit

Response

The number of bytes in the record if the command is successful followed by the usual byte status

Example of Use

APDU Interpretation

C016 B216 0616 0416 1416 The records in the selected fixed-length record file are 20 bytes long; this command reads the sixth record in the file

Status Word Return

Value Description

628116 Data may be corrupted
628316 Currently selected file is invalidated
658116 Memory problem
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698616 Currently selected file is not an elementary file
6A8016 Current file type is inconsistent with the instruction
6A8316 Out of range/record not found
6B0016 Incorrect Parameter 1 or Parameter 2
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Rehabilitate

Description

The currently selected elementary file is rehabilitated (that is, removed from invalidated status).

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 4416 0016 0016 0016 if protected-mode authentication is not required;
or
0616, the length of the following 6-byte cryptogram, if protected-mode authentication is required

Data Field 1 Data Field 2

The first 6 bytes of the encryption of the response to the immediately preceding Get Challenge command if the currently selected file specifies protected-mode authentication N/A

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 4416 0016 0016 0616 3416 8D16 C116 2216 A716 5816 Rehabilitate the currently selected file where 3316 8D16 C116 2216 A716 and 5816 are the first 6 bytes of the encryption of the challenge that was just previously retrieved from the card using Get Challenge

Status Word Return

Value Description

628316 File is not invalidated
630016 Invalid protected-mode cryptogram
650016 Too much data for protected-mode
658116 Memory problem
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
698516 No Get Challenge immediately preceding command
698616 No file selected
6B0016 Incorrect Parameter 1 or Parameter 2
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Seek

Description

Locate a record in a linear record file by matching a pattern of characters to the characters in each record starting at a given offset from the beginning of the record.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 A216 Offset16 Search mode 0016 from first record; 0216 from next record Number of characters in the following pattern

Data Field 1 Data Field 2

Character string to be matched N/A

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 A216 0816 0216 0416 6216 6F16 6F16 6B16 Continue searching from the record after the current one for the text string 'book', starting at the ninth character in each record

Status Word Return

Value Description

628116 Data may be corrupted
628316 The file at the current pointer is invalidated
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
698616 Currently selected file is not a linear record file
6A8016 Pattern not found
6B0016 Offset out of range
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given

Select File

Description

The file whose file ID is given in the data field of the command becomes the currently selected file. It must be a file in the currently selected directory. If the named file is a directory, then it becomes the currently selected directory.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 A416 0016 0016 0216

Data Field 1 Data Field 2

2-byte file identifier N/A

Response Application Protocol Data Unit

Response

2-byte status; if the high-order byte of the status word is 6116 then the low-order byte is the number of bytes of file description data that can be retrieved with a subsequent Get Response command

Example of Use

APDU Interpretation

C016 A416 0016 0016 0216 3F16 0016 The master file becomes the currently selected directory

Status Word Return

Value Description

61XX16 Command executed successfully; XX16 bytes of response data are available
628116 Data may be corrupted
67XX16 Incorrect Parameter 3 value; expected value was XX16
6A8216 File with given file ID not found in current directory
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given

Unblock PIN

Description

The selected PIN file has become blocked because the number of presentations of an incorrect PIN has exceeded the number of allowed tries. This command will unblock the PIN file and reset the PIN to a new value.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 2C16 0016 0116 1016

Data Field 1 Data Field 2

8-byte unblocking PIN for current PIN file 8-byte new PIN

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 2C16 0016 0116 1016 3816 3716 3616 3516 3416 3316 3216 3116 3516 3616 3716 3816 FF16 FF16 FF16 FF16 The unblocking key is 87654321; the PIN file is unblocked and the new PIN set to 5678

Status Word Return

Value Description

630016 Unblocking key rejected; failed attempts counter decremented
658116 Update impossible
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN defined
698316 The unblocking key is blocked
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully; failed attempts counter set to maximum value

Update Binary

Description

A sequence of bytes is written into the currently selected transparent elementary file.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 D616 High byte of the 2-byte offset number Low byte of the 2-byte offset number The number of bytes to be written into the file starting at the offset byte plus 6 if a protected-mode cryptogram is provided

Data Field 1 Data Field 2

The data bytes to be written into the transparent file starting at the offset byte The first 6 bytes of the encryption of the response to the immediately preceding Get Challenge command if the currently selected file specifies protected-mode authentication for this command

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

C016 D616 0016 0016 1716 FF16 FF16 FF16 3116 3216 3316 3416 FF16 FF16 FF16 FF16 0316 0316 3816 3716 3616 3516 3416 3316 3216 3116 0316 0316 Suppose the currently selected transparent file is the PIN file (0001) in the currently selected directory; this Update Binary command sets the PIN to 1234 and the Unblock PIN to 87654321 both with tries set to 3

Status Word Return

Value Description

628316 The file at the current pointer is invalidated
630016 Invalid protected-mode cryptogram
650016 Too much data for protected-mode
658116 Update impossible
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
698516 No Get Challenge immediately preceding command
698616 No currently selected file
6A8016 Current file type is inconsistent with the instruction
6B0016 Offset out of range
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Update Record

Description

One record in the currently selected record file is overwritten with new data.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 DC16 Index of the record to be overwritten (0116, 0216, ..., FF16) OR 0 if the current record is to be overwritten Selection of record to be overwritten: 00 first record; 01 last record; 02 next record; 03 previous record; 04 current record; if index is 0 or index record if it isn’t The number of bytes to be written into the record identified by Parameter 1 and Parameter 2; must be equal to the length of the record in the file; add 6 if a protected-mode cryptogram is provided

Data Field 1 Data Field 2

The data bytes to be written into the record identified by Parameter 1 and Parameter 2 The first 6 bytes of the encryption of the response to the immediately preceding Get Challenge command if the currently selected file specifies protected-mode authentication for this command

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

C016 DC16 0616 0416 1416 5316 6116 6C16 6C16 7916 2016 4716 7216 6516 6516 6E16 0016 0016 0016 0016 0016 0016 0016 0016 0016 The records in the selected fixed- length record file are 20 bytes long; this command writes Sally Green into the sixth record in this file

Status Word Return

Value Description

628316 Currently selected file is invalidated
630016 Invalid protected-mode cryptogram
650016 Too much data for protected-mode
658116 Update impossible
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN or key defined
698216 Access condition not fulfilled
698516 No Get Challenge immediately preceding command
698616 No EF selected as current
6A8016 Current file type is inconsistent with the instruction
6A8316 Out of range/record not found
6B0016 Incorrect Parameter 1 or Parameter 2
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Verify PIN

Description

Attempt to match the 8 bytes in the command with the 8-byte PIN in the PIN file for the current directory. If the match is exact, then PIN access privileges are granted.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

C016 2016 0016 0116 0816

Data Field 1 Data Field 2

8-byte PIN to be matched against the 8-byte PIN on the card N/A

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

C016 2016 0016 0116 0816 3116 3216 3316 3416 FF16 FF16 FF16 FF16 Presentation of the PIN code 1234

Status Word Return

Value Description

630016 PIN authentication failed
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No PIN defined
698316 PIN currently blocked
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully

Verify Key

Description

Match a byte sequence with a key in the external authorization file (001116) for the current directory. If the match is exact, external authorization access privileges are granted.

Command Application Protocol Data Unit

CLA INS Parameter 1 Parameter 2 Parameter 3

F016 2A16 0016 Key Number: 0016, 0116, 0216, ..., 0916, 0A16, ..., 0E16, 0F16 Length of the following key

Data Field 1 Data Field 2

Key to be presented to the external authorization file (001116) for the current directory N/A

Response Application Protocol Data Unit

Response

2-byte status

Example of Use

APDU Interpretation

F016 2A16 0016 0116 4716 4616 5816 4916 3216 5616 7816 4016 Match the transportation key in the Multiflex card included in this book

Status Word Return

Value Description

630016 Key verify rejected
67XX16 Incorrect Parameter 3 value; expected value was XX16
698116 No key defined
698316 Key blocked
6A8216 File not found
6B0016 Incorrect Parameter 1 or Parameter 2
6D0016 Unknown INS
6E0016 Unknown CLA
6F0016 Internal problem with no additional information given
900016 Command executed successfully


Table of Contents