Previous | Table of Contents | Next |
As indicated in the descriptive data returned from the Get Response command we issued after selecting the master file, there are no subdirectories and two elementary files on an unused Multiflex card. The two elementary files have fileIds 000216 and 001116. The first elementary file, 000216, is called the serial number file and the second, 001116, is called the transport key file.
The serial number file contains a sequence of 8 bytes that uniquely identifies this card among all the millions of cards ever manufactured by Schlumberger. Like the historical bytes of the ATR, how the serial number is placed on a card varies from manufacturer to manufacturer. The 8 bytes in the serial number file of a Schlumberger card have the following interpretation:
Bytes 1-4 | Series number |
Byte 5 | Customer Identification Code |
Bytes 6-7 | Schlumberger Manufacturing Site |
Byte 8 | Usage |
The 8 bytes in file 000216 in the 3K Multiflex sitting in the authors computer right now are
0016 0016 0E16 6716 0116 0016 0016 0216
This is card #3687 made for the customer with identification code 1 (Schlumberger itself) at Schlumbergers Pont Audemer factory, and it is a sample card. Schlumberger guarantees that the 8 bytes taken together uniquely identify the card.
The transport key is a key that locks the card while it is being shipped from Schlumberger to you. This way, if somebody breaks into the truck and steals the cards, they arent in possession of a whole bunch of valid cards from your smart card program. Schlumberger sends you the transport key for your cards via a channel different than the truck. When the cards arrive, you will use the transport key to unlock the cards, to personalize them, and to add new keys to them. At the end of this process, you will overwrite or completely erase the transport key. By the way, the transport key on your 3K Multiflex card is
4716 4616 5816 4916 3216 5616 7816 4016
but dont tell anybody.
A simple transport key is sufficient for relatively low-value cards. Higher-value cards use more elaborate transport key protocols. For example, there may be a different transport key on each card which is a secret function of the serial number of the card (a diversified key), or the card may have to receive a properly encrypted version of a challenge it issues to a mother card or batch card before it unlocks itself.
If we again select the serial number file, 0002, using the Select File command:
C016 A416 0016 0016 0216 0016 0216
well get a returned status code of
6116 0F16
which means there are 15 (0F16) bytes of descriptive information about the serial number file waiting on the card for us. So, we send the card a Get Response to get this information:
C016 C016 0016 0016 0F16
and it returns this:
0016 0016 0016 0816 0016 0216 0116 0016 0416 FF16 FF16 0116 0116 0016 0016
The meaning of the bytes returned from issuing a Get Response after selecting an elementary file is similar to but not exactly the same as the meaning of the bytes returned after selecting a directory file. The meaning of the bytes is the same, no matter what type of elementary file is selected: a transparent file with fixed-length records or a file with variable-length records. See Table 5.8.
Byte | Description | Value | Interpretation of Value |
---|---|---|---|
1-2 | Unused | 0016 0016 | Unused. |
3-4 | Free bytes in selected file | 0016 0816 | There are 8 bytes in this file. |
5-6 | File ID of selected file | 0016 0216 | The selected file has file ID 000216. |
7 | Type of selected file | 0116 | The selected file is a transparent file. |
8 High | Restriction of Update, Increase, and Decrease commands | 016 | Only the Update command can be used. |
8 Low | Unused | 016 | Unused. |
9 High | Access condition for Read and Seek commands | 016 | Anyone can use the Read and Seek commands on this file. |
9 Low | Access condition for Update, Decrease, and Decrease Stamped commands | 416 | You must know a cryptographic key to update this file. You cant use Decrease or Decrease Stamped due to byte 8. |
10 High | Access condition for Increase and Increase Stamped commands | F16 | These commands can never be used on this file. |
10 Low | Access condition for the Create Record command | F16 | These commands can never be used on this file. |
11 High | Access condition for Rehabilitate command | F16 | These commands can never be used on this file. |
11 Low | Access condition for Invalidate command | F16 | These commands can never be used on this file. |
12 | Status of the selected file | 0116 | The file is currently unblocked. |
13 | Number of bytes in following data | 0116 | One byte of data follows. |
14 | Unused | 0016 | Unused. |
15 | Length of record in fixed-length record files | 0016 | Not a record structure file. |
Previous | Table of Contents | Next |