Commission Implementing Regulation (EU) 2016/799 of 18 March 2016 implementing Regulation (EU) No 165/2014 of the European Parliament and of the Council laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components (Text with EEA relevance) (c. 799)

ANNEX I CU.K.Requirements for construction, testing, installation, and inspection

Appendix 2

TACHOGRAPH CARDS SPECIFICATION U.K.

3.HARDWARE AND COMMUNICATIONU.K.

3.5. Command descriptions U.K.

3.5.3 UPDATE BINARY U.K.

3.5.3.1 Command with offset in P1-P2 U.K.

This command enables the IFD to write data into the EF currently selected, without the card verifying the integrity of data received.

Note: This command without secure messaging can only be used to update a file that supports the ALW security condition for the Update access mode.U.K.

TCS_56 Command Message U.K.

Byte	Length	Value	Description
CLA	1	‘00h’
INS	1	‘D6h’	Update Binary
P1	1	‘XXh’	Offset in bytes from the beginning of the file: Most Significant Byte
P2	1	‘XXh’	Offset in bytes from the beginning of the file: Least Significant Byte
Lc	1	‘NNh’	Lc Length of data to Update. Number of bytes to be written.
#6-#(5+NN)	NN	‘XX..XXh’	Data to be written

Note: bit 8 of P1 must be set to 0.U.K.

TCS_57 Response Message U.K.

Byte	Length	Value	Description
SW	2	‘XXXXh’	Status Words (SW1,SW2)

If the command is successful, the card returns ‘9000’.
If no EF is selected, the processing state returned is ‘6986’.
If the security conditions of the selected file are not satisfied, the command is interrupted with ‘6982’.
If the Offset is not compatible with the size of the EF (Offset > EF size), the processing state returned is ‘6B00’.
If the size of the data to be written is not compatible with the size of the EF (Offset + Lc > EF size) the processing state returned is ‘6700’.
If an integrity error is detected within the file attributes, the card shall consider the file as corrupted and unrecoverable, the processing state returned is ‘6400’ or ‘6500’.
If writing is unsuccessful, the processing state returned is ‘6581’.

3.5.3.1.1 Command with secure messaging (examples) U.K.

This command enables the IFD to write data into the EF currently selected, with the card verifying the integrity of data received. As no confidentiality is required, the data are not encrypted.

TCS_58 Command Message U.K.

Byte	Length	Value	Description
CLA	1	‘0Ch’	Secure Messaging asked
INS	1	‘D6h’	Update Binary
P1	1	‘XXh’	Offset in bytes from the beginning of the file: Most Significant Byte
P2	1	‘XXh’	Offset in bytes from the beginning of the file: Least Significant Byte
Lc	1	‘XXh’	Length of the secured data field
#6	1	‘81h’	T_PV: Tag for plain value data
#7	L	‘NNh’ or ‘81 NNh’	L_PV: length of transmitted data. L is 2 bytes if L_PV > 127 bytes.
#(7+L)-#(6+L+NN)	NN	‘XX..XXh’	Plain Data value (Data to be written)
#(7+L+NN)	1	‘8Eh’	T_CC: Tag for cryptographic checksum
#(8+L+NN)	1	‘XXh’	L_CC: Length of following cryptographic checksum‘04h’ for Generation 1 secure messaging (see Appendix 11 Part A) ‘08h’, ‘0Ch’ or ‘10h’ depending on AES key length for Generation 2 secure messaging (see Appendix 11 Part B)
#(9+L+NN)-#(8+M+L+NN)	M	‘XX..XXh’	Cryptographic checksum
Le	1	‘00h’	As specified in ISO/IEC 7816-4

TCS_59 Response message if correct Secure Messaging input format U.K.

Byte	Length	Value	Description
#1	1	‘99h’	T_SW: Tag for Status Words (to be protected by CC)
#2	1	‘02h’	L_SW: length of returned Status Words
#3-#4	2	‘XXXXh’	Processing Status of the unprotected response APDU
#5	1	‘8Eh’	T_CC: Tag for cryptographic checksum
#6	1	‘XXh’	L_CC: Length of following cryptographic checksum ‘04h’ for Generation 1 secure messaging (see Appendix 11 Part A) ‘08h’, ‘0Ch’ or ‘10h’ depending on AES key length for Generation 2 secure messaging (see Appendix 11 Part B)
#7-#(6+L)	L	‘XX..XXh’	Cryptographic checksum
SW	2	‘XXXXh’	Status Words (SW1,SW2)

The ‘regular’ processing states, described for the UPDATE BINARY command with no secure messaging (see §3.5.3.1), can be returned using the response message structure described above.

Additionally, some errors specifically related to secure messaging can happen. In that case, the processing state is simply returned, with no secure messaging structure involved:

TCS_60 Response Message if error in secure messaging U.K.

Byte	Length	Value	Description
SW	2	‘XXXXh’	Status Words (SW1,SW2)

If no current session key is available, the processing state ‘6A88’ is returned.
If some expected data objects (as specified above) are missing in the secure messaging format, the processing state ‘6987’ is returned: this error happens if an expected tag is missing or if the command body is not properly constructed.
If some data objects are incorrect, the processing state returned is ‘6988’: this error happens if all the required tags are present but some lengths are different from the ones expected.
If the verification of the cryptographic checksum fails, the processing state returned is ‘6688’.