Please note that the date you requested in the address for this web page is not an actual date upon which a change occurred to this item of legislation. You are being shown the legislation from , which is the first date before then upon which a change was made.
ANNEX I CU.K.Requirements for construction, testing, installation, and inspection
Appendix 2
TACHOGRAPH CARDS SPECIFICATION U.K.
3.HARDWARE AND COMMUNICATIONU.K.
3.5. Command descriptions U.K.
3.5.7 PSO: VERIFY CERTIFICATE U.K.
This command is compliant with ISO/IEC 7816-8, but has a restricted usage compared to the command defined in the norm.
The VERIFY CERTIFICATE command is used by the card to obtain a Public Key from the outside and to check its validity.
3.5.7.1 Generation 1 Command — Response pair U.K.
TCS_81This command variant is only supported by a generation 1 tachograph application.U.K.
TCS_82When a VERIFY CERTIFICATE command is successful, the Public Key is stored for a future use in the Security environment. This key shall be explicitly set for the use in security related commands (INTERNAL AUTHENTICATE, EXTERNAL AUTHENTICATE or VERIFY CERTIFICATE) by the MSE command (see § 3.5.11) using its key identifier.U.K.
TCS_83In any case, the VERIFY CERTIFICATE command uses the public key previously selected by the MSE command to open the certificate. This public key must be the one of a Member State or of Europe.U.K.
TCS_84 Command Message U.K.
| Byte | Length | Value | Description |
|---|---|---|---|
| CLA | 1 | ‘00h’ | |
| INS | 1 | ‘2Ah’ | Perform Security Operation |
| P1 | 1 | ‘00h’ | P1 |
| P2 | 1 | ‘AEh’ | P2: non BER-TLV coded data (concatenation of data elements) |
| Lc | 1 | ‘C2h’ | Lc: Length of the certificate, 194 bytes |
| #6-#199 | 194 | ‘XX..XXh’ | Certificate: concatenation of data elements (as described in Appendix 11) |
TCS_85 Response Message U.K.
| Byte | Length | Value | Description |
|---|---|---|---|
| SW | 2 | ‘XXXXh’ | Status Words (SW1,SW2) |
If the command is successful, the card returns ‘9000’.
If the certificate verification fails, the processing state returned is ‘6688’. The verification and unwrapping process of the certificate is described in Appendix 11 for G1 and G2.
If no Public Key is present in the Security Environment, ‘6A88’ is returned.
If the selected public key (used to unwrap the certificate) is considered corrupted, the processing state returned is ‘6400’ or ‘6581’.
Generation 1 only: If the selected public key (used to unwrap the certificate) has a CHA.LSB (
) different from ‘00’ (i.e. is not the one of a Member State or of Europe), the processing state returned is ‘6985’.
3.5.7.2 Generation 2 Command — Response pair U.K.
Depending on the curve size ECC certificates may be so long that they cannot be transmitted in a single APDU. In this case command chaining according to ISO/IEC 7816-4 must be applied and the certificate transmitted in two consecutive PSO: Verify Certificate APDUs.
The certificate structure and the domain parameters are defined in Appendix 11.
TCS_86The command can be performed in the MF, DF Tachograph and DF Tachograph_G2, see also TCS_33.U.K.
TCS_87 Command Message U.K.
| Byte | Length | Value | Description |
|---|---|---|---|
| CLA | 1 | ‘X0h’ | CLA byte indicating command chaining:
|
| INS | 1 | ‘2Ah’ | Perform Security Operation |
| P1 | 1 | ‘00h’ | |
| P2 | 1 | ‘BEh’ | Verify self-descriptive certificate |
| Lc | 1 | ‘XXh’ | Length of the command data field, see TCS_88 and TCS_89. |
| #6-#5+L | L | ‘XX..XXh’ | DER-TLV encoded data: ECC Certificate Body data object as first data object concatenated with the ECC Certificate Signature data object as second data object or a part of this concatenation. The tag ‘7F21’ and the corresponding length shall not be transmitted. The order of these data objects is fixed. |
TCS_88For short length APDUs the following provisions apply: The IFD shall use the minimum number of APDUs required to transmit the command payload and transmit the maximum number of bytes in the first command APDU according to the value of the Information Field Size Card Byte, see TCS_14. If the IFD behaves differently, the behavior of the card is out of scope.U.K.
TCS_89For extended length APDUs the following provisions apply: If the certificate does not fit into a single APDU, the card shall support command chaining. The IFD shall use the minimum number of APDUs required to transmit the command payload and transmit the maximum number of bytes in the first command APDU. If the IFD behaves differently, the behavior of the card is out of scope.U.K.
Note: According to Appendix 11 the card stores the certificate or the relevant contents of the certificate and updates its currentAuthenticatedTime.U.K.
The response message structure and status words are as defined in TCS_85.
TCS_90In addition to the error codes listed in TCS_85, the card may return the following error codes:U.K.
If the selected public key (used to unwrap the certificate) has a CHA.LSB (CertificateHolderAuthorisation.equipmentType) that is not suitable for the certificate verification according to Appendix 11, the processing state returned is ‘6985’.
If the currentAuthenticatedTime of the card is later than the Certificate Expiration Date, the processing state returned is ‘6985’.
If the last command of the chain is expected, the card returns ‘6883’.
If incorrect parameters are sent in the command data field, the card returns ‘6A80’ (also used in case the data objects are not sent in the specified order).