ANNEX I CRequirements for construction, testing, installation, and inspection
TACHOGRAPH CARDS SPECIFICATION
3.HARDWARE AND COMMUNICATION
3.5.Command descriptions
3.5.8INTERNAL AUTHENTICATE
This command is compliant with ISO/IEC 7816-4.
TCS_91
All tachograph cards shall support this command in the DF Tachograph generation 1. The command may or may not be accessible in the MF and / or the DF Tachograph_G2. If so, the command shall terminate with a suitable error code as the private key of the card (Card.SK) for the generation 1 authentication protocol is only accessible in the DF_Tachograph generation 1.
Using the INTERNAL AUTHENTICATE command, the IFD can authenticate the card. The authentication process is described in Appendix 11. It includes the following statements:
TCS_92
The INTERNAL AUTHENTICATE command uses the card Private Key (implicitly selected) to sign authentication data including K1 (first element for session key agreement) and RND1, and uses the Public Key currently selected (through the last MSE command) to encrypt the signature and form the authentication token (more details in Appendix 11).
TCS_93Command Message
Byte | Length | Value | Description |
|---|---|---|---|
CLA | 1 | ‘00h’ | CLA |
INS | 1 | ‘88h’ | INS |
P1 | 1 | ‘00h’ | P1 |
P2 | 1 | ‘00h’ | P2 |
Lc | 1 | ‘10h’ | Length of data sent to the card |
#6 — #13 | 8 | ‘XX..XXh’ | Challenge used to authenticate the card |
#14 -#21 | 8 | ‘XX..XXh’ | VU.CHR (see Appendix 11) |
Le | 1 | ‘80h’ | Length of the data expected from the card |
TCS_94Response Message
Byte | Length | Value | Description |
|---|---|---|---|
#1-#128 | 128 | ‘XX..XXh’ | Card authentication token (see Appendix 11) |
SW | 2 | ‘XXXXh’ | Status Words (SW1,SW2) |
If the command is successful, the card returns ‘9000’.
If no Public Key is present in the Security Environment, the processing state returned is ‘6A88’.
If no Private Key is present in the Security Environment, the processing state returned is ‘6A88’.
If VU.CHR does not match the current public key identifier, the processing state returned is ‘6A88’.
If the selected private key is considered corrupted, the processing state returned is ‘6400’ or ‘6581’.
F1TCS_95If the INTERNAL AUTHENTICATE command is successful, the current generation 1 session key, if existing, is erased and no longer available. In order to have a new generation 1 session key available, the EXTERNAL AUTHENTICATE command for the generation 1 authentication mechanism must be successfully performed.
Note:
For generation 2 session keys see Appendix 11 CSM_193 and CSM_195. If generation 2 session keys are established and the tachograph card receives the plain INTERNAL AUTHENTICATE command APDU, it aborts the generation 2 secure messaging session and destroys the generation 2 session keys.