Previous | Table of Contents | Next |
You can retrieve these 20 bytes of file description information with the Get Response command whenever a directory file is selected. Well now discuss in detail the meaning of each of the descriptive bytes associated with a directory file.
Bytes three and four say there are 2,832 bytes available for new files and subdirectories in this directory. Since the master file is the root directory on the card and thus all other directories and files must be contained in it, in this case we know there are 2,832 bytes of unused EEPROM space on the whole card. This is the amount of nonvolatile on-card memory available for use by your application. Bytes five and six just repeat the fileId of the selected file.
Byte seven says which of five file types possible on the Multiflex card is selected. The Multiflex smart card supports the five different types of files listed in Table 5.4.
File Type | Value of File Type Byte | Maximum Record Size | Maximum Number of Records |
---|---|---|---|
Directory file | 3816 | ||
Transparent file | 0116 | ||
Record file with fixed-length records | 0216 | 255 bytes | 255 |
Record file with variable-length records | 0416 | 255 bytes | 255 |
Cyclic file | 0616 | 255 bytes | 255 |
We will discuss the details of these four file types. Files that arent directory filesbinary files, record files with fixed-length records, record files with variable-length records, and cyclic filesare often referred to collectively as elementary files. Unstructured binary files are also called transparent files because the structure of the file is transparent to the operating system.
Byte eight of the file description is unused for directory files. For elementary files, the high-order 2 bits of the eighth byte restrict the operations that can be applied to the file as shown in Table 5.5.
Bit 8 | Bit 7 | Allowed Operations | Disallowed Operations |
---|---|---|---|
0 | 0 | Update | Increase, Decrease |
0 | 1 | Update, Increase | Decrease |
1 | 0 | Update, Decrease | Increase |
1 | 1 | Decrease, Increase | Update |
The six nibbles (hex digits) of bytes 9 through 11 of the 20 bytes returned by Get Response give the access conditions for various operations on the selected file. An access condition states what identity must be established by the entity issuing the command before the command can be executed. For example, an access condition might say that the proper PIN must be presented to the card before a particular file can be read. Associated with each file type is a set of operations that have access conditions associated with them. Table 5.6 shows the file commands that can have access conditions associated with them.
Key Protected Operations | Nibble Giving Access Condition |
---|---|
Directory Files | |
Directory | 9 High |
Delete File | 10 High |
Create File | 10 Low |
Rehabilitate | 11 High |
Invalidate | 11 Low |
Elementary Files | |
Read, Seek | 9 High |
Update, Decrease, Decrease Stamped | 9 Low |
Increase, Increase, Stamped | 10 High |
Create Record | 10 Low |
Rehabilitate | 11 High |
Invalidate | 11 Low |
For example, the value in the high nibble in the tenth byte says what kind of key has to be presented to the card before you can delete a file in the selected directory. There are seven possibilities for values in these single hex digit fields. These values are given in Table 5.7. They describe what authentication operation has to be successfully performed in order to satisfy the access condition and thus be able to perform the command. For example, if 0116 is associated with the Read and Seek operation on a particular file, then the cardholder would have to present a valid PIN to the card before the card would allow a Read or Seek on that file.
Key Knowledge Needed | Value of Access Condition Nibble |
---|---|
NoneOperation is always possible | 016 |
PIN4-digit personal identification number | 116 |
Protected8-byte cryptographic key | 316 |
Authenticated8-byte cryptographic key | 416 |
PIN and protected | 616 |
PIN and authenticated | 816 |
NoneOperation is never possible | F16 |
In the file description of the master file on the Multiflex 3K card, the value of the high nibble in the tenth byte is 416, which means that you have to successfully present an 8-digit cryptographic key to the card before you can delete a file in the master file.
The value of the high nibble in the ninth byte is F16 which says that no matter what key you present, you cant use the Directory command; that is, the Directory operation is never possible with the master file. (On the other hand, unlike its 8K brother, the Multiflex 3K card doesnt implement a Directory command, so this access condition is a bit academic.)
Previous | Table of Contents | Next |