xmlns:atom="http://www.w3.org/2005/Atom" xmlns:atom="http://www.w3.org/2005/Atom"
This command is compliant with ISO/IEC 7816-4.
Using the EXTERNAL AUTHENTICATE command, the card can authenticate the IFD. The authentication process is described in Appendix 11 for Tachograph G1 and G2 (VU authentication).
Textual Amendments
Byte | Length | Value | Description |
---|---|---|---|
CLA | 1 | ‘00h’ | CLA |
INS | 1 | ‘82h’ | INS |
P1 | 1 | ‘00h’ | Keys and algorithms implicitly known |
P2 | 1 | ‘00h’ | |
Lc | 1 | ‘XXh’ | Lc (Length of the data sent to the card ) |
#6-#(5+L) | L | ‘XX..XXh’ | Generation 1 authentication: Cryptogram (see Appendix 11 Part A) Generation 2 authentication: Signature generated by the IFD (see Appendix 11 Part B) |
Byte | Length | Value | Description |
---|---|---|---|
SW | 2 | ‘XXXXh’ | Status Words (SW1,SW2) |
If the command is successful, the card returns ‘9000’.
If the CHA of the currently set public key is not the concatenation of the Tachograph application AID and of a VU equipment Type, the processing state returned is ‘6F00’.
If the command is not immediately preceded with a GET CHALLENGE command, the processing state returned is ‘6985’.
The Generation 1 Tachograph application may return the following additional error codes:
If no Public Key is present in the Security Environment, ‘6A88’ is returned.
If no Private Key is present in the Security Environment, the processing state returned is ‘6A88’.
If the verification of the cryptogram is wrong, the processing state returned is ‘6688’.
If the selected private key is considered corrupted, the processing state returned is ‘6400’ or ‘6581’.
The command variant for the Generation 2 authentication may return the following additional error code:
If signature verification failed, the card returns ‘6300’.