• 定義
• Command APDU
  • header (Mandatory)
  • body (Optional)
• Response APDU
  • body (Optional)
  • trailer (Mandatory)
• C-APDU / R-APDUパターン (4 cases)
  • Case 1 - No command data, no reponse data
  • Case 2 - No command data, send reponse data
  • Case 3 - Receive command data, no reponse data
  • Case 4 - Receive command data, send reponse data
• Status Word
• Link
  • cardwerk.com

定義

• ISO 7816-4で定義したSmart Card向け通信プロトコル
• CAD(Card Acceptance Device - Reader、TerminalのようなHost）側からCardへ送るCommand APDU(C-APDU)と、Card側からCADへ送るResponse APDU(R-APDU)で構成。
• Smart Card - CADの構成で、Smart Cardはいつもpassive(Slave)ロール。CAD側からC-APDUが来るのを待ってそれに対し、R-APDUを返す。
• Transport LayerにはTPDUプロトコルがISO 7816-3で定義。簡単に以下の2つのパターンが存在するということだけ抑えておこう。
  • T=0 protocol : byte-oriented
  • T=1 protocol : block-oriented

Command APDU

header (Mandatory)

• CLA : Class of Instruction
• INS : Instruction Code
• P1 : Parameter 1
• P2 : Parameter 2

body (Optional)

• Lc : length of data field
• Data Field : Cardへ送るデータ
• Le : Maximum of bytes expected in the data field of the response to the command

Response APDU

body (Optional)

• Data Field

trailer (Mandatory)

• SW1 : Status word 1
• SW2 : Status word 2. SW1, SW2と合わせてステータスを表す。例）0x9000 : Success

C-APDU / R-APDUパターン (4 cases)

Case 1 - No command data, no reponse data

• No data are transferred to or from the card.
• C-APDU contains only the header.
• R-APDU contains only the trailer status word.

Case 2 - No command data, send reponse data

• No data are transferred to the card, but data are returned from the card.
• The body of the C-APDU contains one byte - the Le field, which specifies the number of data bytes in the corresponding R-APDU.

Case 3 - Receive command data, no reponse data

• Data are transferred to the card, but no data are returned from the card as a result of processing the command.
• The body of the C-APDU includes the Lc field and the data field. The Lc byte specifies the length of the data field.
• The R-APDU contains only the trailer status word.

Case 4 - Receive command data, send reponse data

• Data are transferred to the card, and data are returned from the card as a result of processing the command.
• The body of the C-APDU includes the Lc field, the data field, and the Le field.
• The R-APDU contains both the data and the trailer status word.

Status Word

• Java Card API ISO7816 に主なStatus Word(SW_XXX)が定義されている

Link

• Wiki - Smart card application protocol data unit
• OpenSCDP - ADPU
• Java Card Technology for Smart Cards - Chap 2. Smart Card Basics
• Java Card Technology for Smart Cards - Chap 8. Working with APDUs
• ISO 7816 Smart Card Standard
• ISO 7816-4. Industry commands for interchange
• ISO 7816-4, Section 5 - Basic Organizations
  • 5.1 Data structures, 5.2 Security architecture of the card, 5.3 APDU message structure, 5.4 Coding conventions for command headers, data fields and response trailers, 5.5 Logical channels, 5.6 Secure messaging

cardwerk.com