http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-4_annex-a.aspx
Annex A: Transportation of APDU messages by T=0
- A.1 Case 1
- A.2 Case 2 Short
- A.2S.1 Le accepted
- A.2S.2 Le definitely accepted
- A.2S.3 Le not accepted, La indicated
- A.2S.4 SW1-SW2='9XYZ', except '9000'
- A.3 Case 3 Short
- A.4 Case 4 Short
- A.4S.1 Command not accepted
- A.4S.2 Command accepted
- A.4S.3 Command accepted with information added
- A.4S.4 SW1-SW2='9XYZ', except '9000'
- A.5 Case 2 Extended
- A.2E.1 Le<=256, B1='00', B2B3 from '0001' to '0100'
- A.2E.2 Le>256, B1='00', B2B3=either '0000' or from '0101' to 'FFFF'
- A.6 Case 3 Extended
- A.3E.1 0<Lc<256, B1='00', B2='00', B3!='00'
- A.3E.2 Lc>255, B1='00', B2!='00', B3=any value
- A.7 Case 4 Extended
- A.4E.1 Lc<256, B1='00', B2='00', B3!='00'
- A.4E.2 Lc>255, B1='00', B2!='00', B3=any value
A.1 Case 1
The command APDU is mapped onto the T=0 command TPDU by assigning the value '00' to P3.
| Command APDU |
|
||
| Command TPDU |
|
The response TPDU is mapped onto the response APDU without any change.
| Response APDU |
|
|
| Response TPDU |
|
A.2 Case 2 Short
It this case, Le is valued from 1 to 256 and coded on byte B1 (B1='00' means maximum, i.e. Le=256).
The command APDU is mapped onto the T=0 command TPDU without any change.
| C-APDU |
|
||
| C-TPDU |
|
The response TPDU is mapped onto the response APDU according to the acceptance of Le and according to the processing of the command.
- Case 2S.1 - Le accepted
The response TPDU is mapped onto the the response APDU without any change.
R-APDU Le bytes SW1 SW2 R-TPDU Le bytes SW1 SW2 - Case 2S.2 - Le definitely not accepted
Le is not accepted be the card which does not support the service of providing data if the length is wrong.
The response TPDU from the card indicates that the card aborts the command because of wrong length (SW1='67'). The response TPDU is mapped onto the response APDU without any change.
R-APDU SW1='67' SW2 R-TPDU SW1='67' SW2 - Case 2S.3 - Le not accepted, La indicated
Le is not accepted by the card and the card indicates the available length La.
The response TPDU from the card indicates that the command is aborted due to a wrong length and that the right length is La: (SW1='6C' and SW2 codes La).
If the transmission system does not support the service of re-issuing the same command, it shall map the response TPDU onto the response APDU without any change.
R-APDU SW1='6C' SW2=La R-TPDU SW1='6C' SW2=La If the transmission system supports the service of reissuing the same command, it shall re-issue the same command TPDU assigning the value La to parameter P3.
C-TPDU CLA INS P1 P2 P3=SW2 The response TPDU consists of La bytes followed by two status bytes.
If La is smaller that or equal to Le, then the response TPDU is mapped onto the response APDU without any change.
R-APDU La bytes SW1 SW2 R-TPDU La bytes SW1 SW2 If La is greater that Le, then the response TPDU is mapped onto the response APDU by keeping only the first Le bytes of the body and the status bytes SW1-SW2.
R-APDU Le (< La) bytes SW1 SW2 R-TPDU La bytes SW1 SW2 - Case 2S.4 - SW1-SW2='9XYZ', expect '9000'
The response TPDU is mapped on the response APDU without any change.
A.3 Case 3 Short
In this case, Lc is valued from 1 to 255 and coded on byte B1 (='00').
The command APDU is mapped onto the T=0 command TPDU without any change.
| C-APDU |
|
|||
| C-TPDU |
|
The response TPDU is mapped onto the response APDU without any change.
| R-APDU |
|
|
| R-TPDU |
|
A.4 Case 4 Short
In this case, Lc is valued from 1 to 255 and coded on byte B1. Le is valued from 1 to 256 and coded on byte Bl (Bl='00' means maximum i.e. Le=256).
The command APDU is mapped onto the T=0 command TPDU by cutting the last byte of the body.
| C-APDU |
|
||||
| C-TPDU |
|
- Case 4S.1 - Command not accepted
The first response TPDU from the card indicates that the card aborted the command: SW1='6X', except '61'.
The response TPDU is mapped onto the response APDU without any change.
R-APDU SW1='6X' SW2 R-TPDU SW1='6X' SW2 - Case 4S.2 - Command accepted
The first response TPDU from the card indicates that the card performed the command: SW1-SW2='9000'.
R-TPDU SW1='90' SW2='00' The transmission system shall issue a GET RESPONSE command TPDU to the card by assigning the value Le to parameter P3.
C-TPDU CLA INS=GET_RESPONSE P1 P2 P3=Bl Depending on the second response TPDU from the card, the transmission system shall react as described in cases 2S.1, 2S.2 and 2S.4 above.
- Case 4S.3 - Command accepted with information added
The first response TPDU from the card indicates that the card perfomed the command and gives information on the length of data bytes available: SW1='61' and SW2 codes Lx.
R-TPDU SW1='61' SW2=Lx The transmission system shall issue a GET RESPONSE command TPDU to the card by assigning the minimum of Lx and Le to parameter P3.
TPDU CLA INS=GET_REPONSE P1 P2 P3=min(Le,Lx) The second response TPDU is mapped onto the response APDU without any change.
R-APDU P3 bytes SW1 SW2 R-TPDU P3 bytes SW1 SW2 - Case 4S.4 - SW1-SW2='9XYZ', except '9000'
The response TPDU is mapped onto the response APDU without any change.
A.5 Case 2 Extended
In this case, Le is valued from 1 to 65536 and coded in 3 bytes (B1)='00', (B2||B3)=any value (B2 and B3 valued to '0000' means maximum, i.e. Le=65536).
| C-APDU |
|
- Case 2E.1 - Le<=256, B1='00', B2B3 from '0001'-'0100'
The command APDU shall be mapped onto the command TPDU by assigning the value of B3 to parameter P3.
The processing by the transmission system shall be according to case 2S. <1..256 Bytes>C-TPDU CLA INS P1 P2 P3=B3 - Case 2E.2 - Le>256, B1='00', B2B3=either '0000' or from '0101' to 'FFFF'
The command APDU shall be mapped onto the command TPDU by assigning the value of '00' to parameter P3.
C-TPDU CLA INS P1 P2 P3='00' - if the first response TPDU from the card indicates that the command is aborted due to a wrong length
and that the right length is La (SW1='6C' and SW2=La),
then the transmission system shall complete the processing as described in case 2S.3.
- If the first response TPDU is 256 bytes of data followed by SW1-SW2='9000',
this means that the card has no more that 256 bytes of data,
and/or does not support the GET REPONSE command.
The transmission system shall then map the response TPDU onto the response APDU without any change.R-APDU 256 bytes SW1='90' SW2='00' R-TPDU 256 bytes SW1='90' SW2='00' - If the first or subsequent response TPDU from the card is SW1='61', then SW2 codes Lx
which is the extra amount of bytes available from the card (SW2 valued to '00' indicates 256 extra bytes or more),
the transmission system shall compute Lm=Le (sum of the lengths of the bodies of the prviously received response TPDU(s)) to obtain the amount of remaining bytes to be retrieved from the card.If Lm=0, then the transmission system shall concatenate the bodies of all received response TPDUs
together with the trailer of the last received response TPDU into the response APDU.If Lm>0, then the transmission system shall issue a GET RESPONSE command TPDU by assigning the minimum of Lx and Lm to parameter P3.
The corresponding response TPDU from the card shall be processed- according to case d), if SW1='61'
- as above when Lm=0, if SW1='9X'
- if the first response TPDU from the card indicates that the command is aborted due to a wrong length
A.6 Case 3 Extended
In this case Lc is valued from 1 to 65535 and coded on 3 bytes: (B1)='00', (B2||B3)!='0000'.
| C-APDU |
|
- Case 3E.1 - 0<Lc<256, B1='00', B2='00', B3!='00'
The command APDU is mapped onto the command TPDU by assigning the value of B3 to parameter P3.
C-TPDU CLA INS P1 P2 P3=B3 Lc bytes In this case Lc is valued from 1 to 255 and codes on 1 byte. == Case 3 Short
The response TPDU is mapped onto the response APDU without any change.
- Case 3E.2 - Lc>255, B1='00', B2!='00', B3=any value
If the transmission system does not support the ENVELOPE command, it shall return an error response APDU meaning that the length is wrong: SW1='67'.R-APDU SW1='67' SW2 R-TPDU SW1='67' SW2 If the transmission system supports the ENVELOPE command, it shall split the APDU into segments of length less than 256, CLA INS P1 P2 00 B2 B3 [ ------ ]
and send those successive segments into the bodies of consecutive ENVELOPE command TPDUs.C-TPDU CLA INS=ENVELOPE P1 P2 P3 P3 bytes If the first response TPDU from the card indicates that the card does not support the ENVELOPE command (SW1='6D'), Instruction Wrong
the TPDU shall be mapped onto the response TPDU without any change.R-APDU SW1='6D' SW2 R-TPDU SW1='6D' SW2 If the first response TPDU from the card indicates that the card does support eh ENVLEOPE command (SW1-SW2='9000'),
the transmission system shall send further ENVELOPE commands as needed.
When the ENVELOPE command is used under T=0 for transmitting data strings,
An empty data field in an ENVELOPE command APDU means end of data string.
http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-4_7_transmission_interindustry_commands.aspx
[ 00 C2 00 00 00 ] : Last ENVELOPE TPDUR-TPDU SW1-SW2='9000' C-TPDU CLA INS=ENVELOPE P1 P2 P3 P3 bytes The resource TPDU corresponding to the last ENVELOPE command is mapped onto the response APDU without any change.
R-APDU SW1 SW2 R-TPDU SW1 SW2
A.7 Case 4 Extended
In this case Lc is valued from 1 to 65535 and coded on 3 bytes: (B1)='00', (B2||B3)!='0000', and Le is valued from 1 to 65536 and coded on 2 bytes (Bl-1||Bl)=any value (Bl-1 and Bl valued to '0000' means maximum, i.e. Le=65536).
| C-APDU |
|
- Case 4E.1 - Lc<256, B1='00', B2='00', B3!='00'
The command APDU is mapped onto the command TPDU by cutting off the last two bytes Bl-1 and Bl and by assigning the value of B3 to parameter P3.
C-TPDU CLA INS P1 P2 P3=B3 Lc bytes In this case Lc is valued from 1 to 255 bytes and coded on 1 byte.
- If SW1='6X' in the first response TPDU from the card, then the response TPDU is mapped onto the response APDU without any change.
R-APDU SW1='6X' SW2 R-TPDU SW1='6X' SW2 - If SW1='90' in first response TPDU from the card then
If Le<257 (Bl-1 Bl valued from '0001' to '0100'), then the transmission system shall issue a GET RESPONSE command TPDU by assigning the value of Bl to parameter P3. The subsequent processing by the transmission system shall be according to access 2S.1, 2S.2, 2S.3 and 2S.4 above.
If Le>256 (Bl-1 Bl valued to '0000' or more then '0100'), then the transmission system shall issue a GET RESPONSE command TPDU by assigning the value '00' to parameter P3. The subsequent processing by the transmission system shall be according to case 2E.2 above.
- If SW1='61' in the first response TPDU from the card, then the transmission system shall proceed as specified in case 2E.2 d) above.
- If SW1='6X' in the first response TPDU from the card, then the response TPDU is mapped onto the response APDU without any change.
- Case 4E.2 - Lc>255, B1='00', B2!='00', B3=any value
The transmission system shall go on according to case 3E.2 described above until the command APDU has been sent completely to the card. It shall then go on as described in case 4E.1 a), b) and c) described above.