ETSI TS 102 226 ve.12.0 2005-09)
`
`Technical Specification
`
`Smart cards;
`Remote APDU structure for UICC based applications
`(Release 6)
`
`~Cp
`
`IPR2022-00412
`Apple EX1014 Page 1
`
`IPR2022-00412
`Apple EX1014 Page 1
`
`
`
`Technical Specification
`
`Smart cards;
`Remote APDU structure for UICC based applications
`(Release 6)
`
`~Cp
`
`IPR2022-00412
`Apple EX1014 Page 1
`
`IPR2022-00412
`Apple EX1014 Page 1
`
`
`
`Release 6
`
`2
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`Reference
`RTS/SCP-T0285r12
`
`Keywords
`protocol, smart card
`
`ETSI
`
`650 Route des Lucioles
`F-06921 Sophia Antipolis Cedex - FRANCE
`
`Tel.: +33 4 92 94 4200 Fax: +33 4 93 65 47 16
`
`Siret N° 348 623 562 00017 - NAF 742 C
`Association a but non lucratif enregistrée a la
`Sous-Préfecture de Grasse (06) N° 7803/88
`
`Important notice
`
`Individual copies of the present document can be downloadedfrom:
`http://www.etsi.org
`
`The present document may be madeavailable in more than oneelectronic version orin print. In any case of existing or
`perceived difference in contents between suchversions, the reference version is the Portable Document Format (PDF).
`In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
`within ETSI Secretariat.
`
`Users of the present documentshould be aware that the document maybe subject to revision or changeofstatus.
`Information on the current status of this and other ETSI documents is available at
`http://portal.etsi.org/tb/status/status.asp
`
`If you find errors in the present document, please send your commentto oneofthe following services:
`http://portal.etsi.org/chaircor/ETS|_support.asp
`
`Copyright Notification
`
`No part may be reproduced except as authorized by written permission.
`The copyright and the foregoing restriction extend to reproduction in all media.
`
`© European Telecommunications StandardsInstitute 2005.
`All rights reserved.
`
`DECT™, PLUGTESTS™ and UMTS™are Trade Marksof ETSIregistered for the benefit of its Members.
`TIPHON™and the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members.
`3GPP™is a Trade Markof ETSIregistered for the benefit of its Members and of the 3GPP OrganizationalPartners.
`
`ETSI
`
`IPR2022-00412
`Apple EX1014 Page 2
`
`IPR2022-00412
`Apple EX1014 Page 2
`
`
`
`Release 6
`
`3
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`Contents
`
`Intellectual Property Rights...........:.:cccccscessesssscssccessestssetscessceseestestsscesseessestsceuscessesseestseceseesseseesseeateeteceusenseeseeaes4
`FOrOWOTGK.........ecceccescesseetescescenccencensesteseuscescessceuteateccuscessesseesteatessuscescessceseesnessuseuseesseeseesteseuseuseesacesecenetseanseeeaceaeeets4
`
`1
`2
`
`3
`3.1
`3.2
`
`4
`5
`5.1
`5.1.1
`5.1.2
`5.2
`5.2.1
`5.2.2
`
`6
`6.1
`6.2
`
`7
`7.1
`7.2
`7.3
`
`SCOPE «0... ceecsscsscessessesceeccsscescesssnssssescesscescensessecessesccssceasenseeecesacescessesseseecesaceseessesseeeeceeaesseessessesesenesaessasees5
`References ........sssssscssecsssssscnssacssonsenenecscenseesconsaeoesseasaeessonsseeseesesseneesseseosssceosessnonsassceaseceossacesenseeseesseeosse 5
`
`Definitions and abbreviations. ............:cscceccsccsccssceesseesecseccnscencenseascnceeusenseaesacsacsaceeusenseaneanteceaeeussenseateantaneas 6
`
`Definitions ..0........eeecesssesccscesccncescesccseesacsccnsesccnsesesacescsecesaensesaceaseaseaasesasceaaasceasesasaceaasecesaeuasecsuaseeseaeseeaseeaeeeeeseeaes 6
`ADDreviatiOns............esecessssceecesssecenecsceensnesceasesccsaesnssaceescenesesesasuaanecscsacenseaeeneeassecesseadeseseesenesceaeeaseaeeaseaeseeenenaes 6
`
`Overview of remote management «00.0.0... ese sesseeseenseesscensecscesteonsecnseetsesscenseenseesseatsesseensaeeneoeteenseessoets6
`Remote APDU format 0.0... ccccesscesssecssccsscesceesesessccsaesscssceneesessaseassaessceusesessassaesacescnuseaesacesaseeessesuesueraaees 7
`Compact Remote Application data format .............::cssssssessssscsssessesseseceaceeceaceeseeesessescesceececenecenecaesaeeaseaeesseaeneees 7
`Compact Remote command Structure ...........:ssscsesessssssecssececesecsnceccnsecsneacenseaneneessseasseesansecensaesnecaenecenssaeenees 7
`Compact Remote response Structure............ceesccsssecessecessseseceoesssenenosesssensnensnesensnesesssesanneneseneneseassesenesereneses 8
`Expanded Remote Application data format.............ccsscssssscscsesecesesesescesneaceesesessacseeucaecseesesenenseseeeseeceaseaanecesenaes 8
`Expanded Remote command Structure ...........ccsccssssccssessseceneccessecceseesssecenseseenecseeeeseeacsneceseceneseensecenanecsnees 8
`Expanded Remote response structure ...........ccscesssssssscsoseeesssssesesssecssesceesnecenseoceacseeacenssseatsnesenseaesseseeaeensneeas 9
`
`Security parameters assigned to applications ..............ssesssscesessesceseesneseesceseessceseesnessesscsecsneeaseeessetaceees9
`Minimum Security Level (MSL)........:.sscscssssscseccsescsscessesccsscenseecsaecansecssseaassceseescsnsesceneseesceaasanesaeesseaeesseaesacesesaes 9
`ACCESS COMAIN..........csscceseceseseesseccensesesecenenscnsecenenecaceaessecnseacessesssseesssenenensanseceessaensecaneceenseaaenecsssecenseaenesenseaenaes 10
`
`Remote File Management (REM)...........::ccsssscsscsseseseescescessecnesneseeseeseesseeseesnescesseeseeneceeserseesecsneeeneentees 10
`Commands.........cesescsscssssceesenccesesccacecesceseseseceseeasencesceaaessenssaaeacesaeeesaseeaessassasenseaseaseaeseasaceaasceeeceseeeneaeeeseees 10
`UICCShared File System Remote File Management .........eseeesseceeesorersecessecenssesesseavevsescnsescarseenseearsseseaess 11
`ADFRemote File Management...........sscsssccsscsssssessssescnsscssssessseseassesenssassesssssessessssoensessssosesssssansosesseeenesanes 11
`
`8
`8.1
`8.2
`8.2.1
`8.2.1.1
`8.2.1.2
`8.2.1.3
`8.2.1.3.1
`8.2.1.3.2
`8.2.1.4
`8.2.1.5
`8.2.1.6
`8.2.1.6.1
`8.2.1.7
`8.2.1.7.1
`8.2.1.7.2
`
`Remote Application Management (RAM)..........cscscssssssscessecesssscerssacecssssecsessceessaseceacsacesesesscseessenssasenees 11
`Remote application management application behaviour ............:.sccccsscssceecesseceeseceeseeesecesseceeneceeneacnecnecsnenesenes 12
`Commands coding and description............eessssssecescesssceesssesssessesseseseeseesesssosssesecseneaesersceaeeseeeneeneeeeeaseeranes 12
`Commands ......cceccssssessscsesssssscssesssenssesssecsesassenssesssensnsssesansesesesensesssssseessesssavesssssenosesssssessessnsoensessssnenesseesegon 12
`DELETE o..oeeseeecessesseeeseseacscecessecsceesaescscsssnsseceasecassceaaseessseseasscasesecassessaeeeaenensaseseesessasacaeseeaseeeasaeassenanases 12
`SET STATUSou... ccsecsssscescsessececssessesecnseseaceesacssassescseseacecuesseaavesessvecaeaseaoeaceneesasacusescaseeaeeneaeeeeseseaeees 12
`INSTALL... csesscssssssesesssscersescssnsesesssansosesseseecsessnsoussessscosessndsansosssssesesssansosssessesessseossassosseasesnesdsaouneses 13
`INSTALL[for load] ..0........:ccscesssessesesesescesceeseeseseseasecaveasecesasacaceceasscsssecassccnsceeseeeessecaeaesanseesaasesatere 13
`INSTALL[for install] 00... sescscecssessssecessssessecscscecssescsseesasecseseacnescessecusscessnesenecessseccessneaseesaeees 13
`LOAD 0.0 esseeseseeceseeeeecencnenecenecsnenccnesccaecsssesessesenesassacsneecanseceneacssuceasnessnecasossenseassenecssecacssenstecsenecsses 20
`PUT KEYous eeeeesesesenenecscecssensscsessecacscensnecssensassnsseaoseenasasssssensssacsavevasersceacessereaserssassessessesarseesesee 20
`
`GET STATUS... eeeeccsseeessecenesceenecenseseesecenenecasecansnsacneacsseecanacusssecenssaeasecuenscasnesenssasosacessotssaecasanassssaeseas 20
`Menu parameters..........csceccsscsceesececcssceceseesessccsscsacsecessneeesecsnssecsnsecsssesassoesasecenscesenecenseessnecsnssessneaasses 20
`GET DATAwc eeeseecsscecsseersescenesnssesesssavssscensessssscavscarssenssesovsrasesssonsssecssnesasaserssoasssecsevaracseensecersseeraess 21
`VOIi eececcssensesseansonstsessesssssnsessensssesesssensossesssesessssoeesesosssessseaneodssseasesseedssounssedsenecsessounsenssseaeeees 21
`Extended Card resources information ..............:ccsssssssseessceceecenececcsccneceeescceaseaceaeesseaasecaeseaaseeeeeeaeaees 21
`
`9
`9.1
`9.1.1
`9.1.2
`9.1.3
`9.2
`9.2.1
`9.2.2
`9.3
`
`Additional command for push............c.csssccscsscsssessssssssscssessesssscsssessesseesnessesssssesseenecsnessssasseesenseeseeensensees22
`Push command behaviour «20.0... seesscsseeesseersesesseessescensscsessescecsessenssesesscessssssnsacarsseesscscsssacerseenescerseeeseseerees22
`Request for open channel..............ccssccescsssesesssecesesecesssecceecenseecenecseenecsesecsssesansaceesecenssesenecensnaeenecasenesneeatens 22
`Request for CAT_TP link establishment 0.00.00... .esesesssssesssescessescseceesscceceeseceneneesaecesenseecesseaseneneeenenanenes 22
`Behaviour for responses...........ccsccssssscrscsesesccsscoesesasensssesessosenseeesscseeacensueeatssoneseseceeseeaseecnenseseeueeeaeeecseeesanses 22
`
`Commands COding..........ccsccssesscesesssserscsnsceccsscsseescssceassassusessssenecsscsaeescsnesssenssueeessessees
`Data for BIP channel opening. .............cseeseeesccecessesceseeecssceecescesecsecnaceaeeaeeeseneeaees
`
`Data for CAT_TPlink establishment.................
`Closing of the BIP chanel............cscsscsccsssssessssscscesscsecsccssecscenerssessensessencsscescenscscessenesecenssessensessenesesensesseeaesaees 23
`
`Annex A (normative):
`
`BERA-TLYV €Q5S.......sccccsscsscssccssecseecsnccsscsscccsscceeccsccsecssccessccnecssacsacsscsessessecssessaces 24
`
`Annex B (informative):
`
`Change history ..........cccsssscssscossevssesscsonsvonssenssesssesssessonssonssenssonseessenssonsssessensens25
`
`HUStOLY ........ceccsscsssenseseessccstcssconsessensssecausnscsnsessenssascauescateessensesesauenecassessenseeesacenecessessenseessansueesssessenseaesansnneaases27
`
`ETSI!
`
`IPR2022-00412
`Apple EX1014 Page 3
`
`IPR2022-00412
`Apple EX1014 Page 3
`
`
`
`Release 6
`
`4
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`Intellectual Property Rights
`
`IPRsessential or potentially essential to the present document may have been declared to ETSI. The information
`pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
`in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
`respect ofETSI standards", whichis available from the ETSI Secretariat. Latest updates are available on the ETSI Web
`server
`://webapp.etsi.org/IPR/home.asp).
`
`Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
`can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
`server) which are, or may be, or may become,essential to the present document.
`
`Foreword
`
`This Technical Specification (TS) has been produced by ETSI Project Smart Card Platform (SCP).
`
`It is based on work originally done in the 3GPP in TSG-terminals WG3 and ETSI SMG.
`
`The contents of the present document are subject to continuing work within EP SCP and may change following formal
`EP SCPapproval. If EP SCP modifies the contents of the present document,it will then be republished by ETSI with an
`identifying change of release date and an increase in version numberas follows:
`
`Version X.y.z
`
`where:
`
`x:
`
`the first digit:
`
`0
`
`1
`
`2
`
`3
`
`early working draft;
`
`presented to EP SCP for information;
`
`presented to EP SCP for approval;
`
`or greater indicates EP SCP approved document under changecontrol.
`
`y:
`
`z:
`
`the second digit is incremented forall changes of substance, i.e. technical enhancements, corrections,
`updates,etc.
`
`the third digit is incremented wheneditorial only changes have been incorporated in the document.
`
`ETSI!
`
`IPR2022-00412
`Apple EX1014 Page 4
`
`IPR2022-00412
`Apple EX1014 Page 4
`
`
`
`Release 6
`
`5
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`1
`
`Scope
`
`The present documentdefines the remote managementof the UICC based onthe secured packet structure specified in
`TS 102 225 [1].
`
`It specifies the APDU format for remote management.
`
`e
`
`e
`
`Furthermorethe present documentspecifies: a set of commands coded according to this APDU structure and
`used in the remote file management on the UICC.This is based on TS 102 221 [2].
`
`Asset of commands coded according to this APDU structure and used in the remote application management
`on the UICC. This is based on the GlobalPlatform Card Specification [4].
`
`2
`
`References
`
`The following documents contain provisions which, through reference in this text, constitute provisions ofthe present
`document.
`
`e__Referencesare either specific (identified by date of publication and/or edition numberor version number) or
`non-specific.
`
`e
`
`°
`
`Fora specific reference, subsequent revisions do not apply.
`
`For a non-specific reference, the latest version applies. In the case of a reference to an EP SCP document, a
`non-specific reference implicitly refers to the latest version of that documentin the same Release as the
`present document.
`
`Referenced documents which are not found to be publicly available in the expected location might be found at
`http://docbox.etsi.org/Reference.
`
`[1]
`
`[2]
`
`[3]
`
`[4]
`
`ETSI TS 102 225: "Smart cards; Secured packet structure for UICC based applications".
`
`ETSI TS 102 221: "Smart cards; UICC-Terminalinterface; Physical and logical characteristics".
`
`ETSI TS 102 223: "Smart cards; Card Application Toolkit (CAT)".
`
`GlobalPlatform (March 2003): "GlobalPlatform Card Specification, Version 2.1.1".
`
`NOTE:_See http://www.globalplatform.org/.
`
`[5]
`
`[6]
`
`[7]
`
`[8]
`
`ETSI TS 101 220: "Smart cards; ETSI numbering system for telecommunication application
`providers".
`
`ETSI TS 143 019: "Digital cellular telecommunications system (Phase 2+); Subscriber Identity
`Module Application Programming Interface (SIM API) for Java Card; Stage 2 (3GPP TS 43.019)".
`
`ETSI TS 102 241: "Smart cards; UICC Application Programming Interface (UICC API) for Java
`Card (TM)".
`
`GlobalPlatform: "GlobalPlatform Card Specification Version 2.0.1".
`
`NOTE:
`
`See http://www.globalplatform.org/.
`
`[9]
`
`GlobalPlatform: "Card Specification 2.1 Compliance Packages Version 1.1".
`
`NOTE:_Seehttp://www.globalplatform.org/.
`
`[10]
`
`ETSI TS 102 222: "Integrated Circuit Cards (ICC); Administrative commands for
`telecommunicationsapplications".
`
`ETSI!
`
`IPR2022-00412
`Apple EX1014 Page 5
`
`IPR2022-00412
`Apple EX1014 Page 5
`
`
`
`Release 6
`
`6
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`[11]
`
`[12]
`
`ETSI TS 123 048: "Digital cellular telecommunications system (Phase 2+); Universal Mobile
`Telecommunications System (UMTS); Security mechanismsfor the (U)SIM application toolkit;
`Stage 2 (3GPP TS 23.048)".
`
`ETSI TS 102 127: "Smart cards; Transport protocol for CAT applications; Stage 2".
`
`3
`
`Definitions and abbreviations
`
`3.1
`
`Definitions
`
`Forthe purposesof the present document, the terms and definitions given in TS 102 225 [1] and TS 101 220 [5] apply.
`
`3.2
`
`Abbreviations
`
`For the purposesof the present document, the abbreviations given in TS 102 225 [1] and the following apply:
`
`ADD
`ADP
`AID
`BER-TLV
`BIP
`C-APDU
`DAP
`DEK
`MSL
`MSLD
`RAM
`R-APDU
`RFM
`RFU
`UICC
`
`Access Domain Data
`Access Domain Parameter
`Application Identifyer
`Basic Encoding Rules - Tag, Length, Value
`Bearer Independent Protocol
`Command Application Protocol Data Unit
`Data Authentication Pattern
`Data Encryption Key
`Minimum Security Level
`Minimum Security Level Data
`Remote Application Management
`Response Application Protocol Data Unit
`Remote File Management
`Reserved for Future Use
`Universal Integrated Curcuit Card
`
`4
`
`Overview of remote management
`
`Sending
`Application
`
`Sending
`Entity
`
`Entity
`
`Receiving
`Application
`
`
`
`
` Receiving
`
`
`
`
`
` [
`
`Secured
`C-APDU
`
`Secured R-APDU]
`
`UICC
`
`Figure 4.1: Remote management
`
`ETSI!
`
`IPR2022-00412
`Apple EX1014 Page 6
`
`IPR2022-00412
`Apple EX1014 Page 6
`
`
`
`Release 6
`
`7
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`All data exchanged between the Sending Entity and Receiving Entity shall be formatted as "Secured data" according to
`TS 102 225 [1]:
`
`1)
`
`2)
`
`3)
`
`The parameter(s) in the "Secured data" is either a single command,or a list of commands, which shall be
`processed sequentially.
`
`The Remote Managementapplication shall take parameters from the "Secured data" and shall act upon the
`files or applications according to these parameters. A Remote Managementapplication is the on-card
`Receiving Application that performs either Remote File Management (RFM) or Remote Application
`Management (RAM) as defined in the following clauses.
`
`Remote Management commands shall be executed by the dedicated Remote Management Application (RAM).
`A Command "session"is defined as starting upon receipt of the parameter/commandlist, and ends when the
`parameterlist in the "Secured data" is completed, or when an error (i.e. SW1 of the commandindicates an
`error condition) is detected which shall halt further processing of the commandlist. Warnings or procedure
`bytes do not halt processing of the commandlist.
`
`4) At the beginning and end of a Command"session"the logical state of the UICC as seen from the terminal shall
`not be changedto an extent sufficient to disrupt the behaviour ofthe terminal. If changes in thelogical state
`have occurred that the terminal needs to be aware of, the application on the UICC may issue a REFRESH
`command according to TS 102 223 [3]. However,this is application dependent and therefore out of scope of
`the present document.
`
`5
`
`5.1
`
`Remote APDU format
`
`Compact Remote Application data format
`
`5.1.1
`
`Compact Remote commandstructure
`
`A commandstring may contain a single commandor a sequence of commands.Thestructure of each commandshall be
`according to the generalized structure defined below; each elementother than the Data field is a single octet (see
`TS 102 221 [2]).
`
`The format of the commandsis the sameas the one defined in TS 102 221 [2] for T= 0 TPDU commands.
`
`S aeeeCLA
`
`code (INS
`
`If the sending application needsto retrieve the Response parameters/data of a case 4 command, then a GET
`RESPONSE commandshall follow this command in the commandstring.
`
`The GET RESPONSEand any case 2 command(i.e. READ BINARY, READ RECORD)shall only occur once in a
`commandstring and, if present, shall be the last commandinthestring.
`
`Forall case 2 commandsand for the GET RESPONSE command,if P3 = '00'", then the UICCshall send backall
`available response parameters/data e.g. if a READ RECORD command has P3="'00' the whole record shall be returned.
`Thelimitation of 256 bytes does not apply for the length of the response data. In case the data is truncated in the
`response, the remaining bytes are lost and the status wordsshallbe set to '62 F1'.
`
`ETSI!
`
`IPR2022-00412
`Apple EX1014 Page 7
`
`IPR2022-00412
`Apple EX1014 Page 7
`
`
`
`Release 6
`
`8
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`5.1.2|Compact Remote responsestructure
`
`If a proof of Receipt is required by the sending entity, the Additional Response Data sent by the Remote Management
`Application shall be formatted accordingto table 5.1.
`
`[Length|Name
`
`Table 5.1: Format of additional response data
`
`commandscript, '02' if two commands were executed, etc.
`
`GET RESPONSE7
`
`Status bytes or '61 xx' procedure bytes of last executed command /
`
`Responsedata oflast executed command / GET RESPONSE if
`available (i.e. if the last command was a case 2 command or a GET
`RESPONSE
`This field shall be set to '01' if one command was executed within the
`
`5.2
`
`Expanded Remote Application data format
`
`5.2.1
`
`Expanded Remote commandstructure
`
`The "Secured data" sent to a Remote ManagementApplication shall be a BER-TLV data object formatted according to
`table 5.2.
`
`Table 5.2: Expanded format of Remote Managementapplication command "secured data”
`
`Lengthinbytes|ssNames
`|1 |Command Scripting template tag
`
`Length of CommandScripting template= A+B+...C
`
`The CommandScripting template is a BER-TLVdata object as defined in TS 101 220 [5] andthe tag of this TLV is
`defined in annex A.
`
`A Remote Managementapplication commandstring may contain a single or several C-APDU TLVs.
`
`The structure of each C-APDU shall be a TLV structure coded according to the C-APDU COMPREHENSION-TLV
`data object coding defined in TS 102 223 [3]. Therestriction on the length of the C-APDU mentionedin the note in
`TS 102 223 [3] shall not apply.
`
`Forall case 2 and case 4 C-APDUs, if Le='00' in the C-APDU,then the UICC shall send backall available response
`parameters/data in the R-APDUe.g. if a READ RECORD command has Le='00' the whole record shall be returned.
`The limitation of 256 bytes does not apply for the length of the response data.
`
`In case the data is truncated in the response of a C-APDU,the status words for this C-APDU shall be set to '62 F1' in
`the corresponding R-APDU.This shall terminate the processing of the commandlist.
`
`Ifa R-APDUfills the response buffer so that no further R-APDUcan beincludedin the response scripting template,
`this shall terminate the processing of the commandlist.
`
`If Le field is empty in the C-APDU,then no response data is expected in the R-APDU.In that case, no R-APDU shall
`be returned by the UICCin the application additional response data except if the corresponding C-APDUis thelast
`command executed in thescript.
`
`NOTE:
`
`In this expanded format the GET RESPONSE commandis notused.
`
`ETS!
`
`IPR2022-00412
`Apple EX1014 Page 8
`
`IPR2022-00412
`Apple EX1014 Page 8
`
`
`
`Release 6
`
`9
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`5.2.2
`
`Expanded Remote responsestructure
`
`The additional response application data which may be sent by a Remote Managementapplication is a BER-TLV data
`object and shall be formatted accordingto table 5.3.
`
`Table 5.3: Expanded Format of Remote Managementapplication additional response data
`
`template.
`
`|Lengthinbytes|ssCNmeeCeCSCCid
`
`
`
`|_=1___|ResponseScriptingtemplatetag CitisCid
`Length of Response Scripting template= X+A+B...C
`
`|B.__|R-APDUof second executed case 2/ case 4 C-APDUinthescript
`Fe
`R-APDUoflast executed C-APDU inthescript
`If the last executed C-APDU is a case 2 or case 4 command the R-APDU
`TLV is present only once in the ResponseScripting
`
`NOTE:
`
`The Response Scripting template is a BER-TLVdata object as defined in TS 101 220 [5] and the tag of this TLV is
`defined in annex A.
`
`The Numberof executed C-APDUs TLV is a BER-TLVdata object and shall be coded as shown in table 5.4.
`
`Length in bytes
`|1-~__ [Numberof executed C-APDUstag
`Length=X1 [Length=x
`
`
`Numberof executed C-APDUs
`
`Table 5.4: Numberof executed C-APDUs TLV
`
`The Numberof executed C-APDUstag is defined in annex A. The Numberof executed C-APDUsvalue correspondsto
`the number of C-APDUsexecuted within the commandscript.
`
`The structure of each R-APDUshall be a TLV structure coded according to the RRAPDU COMPREHENSION-TLV
`data object coding defined in TS 102 223 [3]. Therestriction on the length of the R-APDU mentionedin the note in
`TS 102 223 [3] shall not apply. For Le='00'" the length of the R-APDU maybe coded on more than two bytes.
`
`A Remote Managementapplication response string may contain a single or several R-APDU TLVs.
`
`6
`
`6.1
`
`Security parameters assigned to applications
`
`Minimum Security Level (MSL)
`
`The Minimum Security Level (MSL)is used to specify the minimum level of security to be applied to Secured Packets
`sent to any Receiving Application. The Receiving Entity shall check the Minimum Security Level before processing the
`security of the Command Packet.If the check fails, the Receiving Entity shall reject the messages and a Response
`Packet with the "Insufficient Security Level" Response Status Code (see TS 102 225 [1]) shall be sent if required.
`
`A Minimum Security Level as described in clause 8.2.1.3.2.4 shall be assigned to each Remote Managementapplication
`(RFM/RAM).
`
`ETSI!
`
`IPR2022-00412
`Apple EX1014 Page 9
`
`IPR2022-00412
`Apple EX1014 Page 9
`
`
`
`Release 6
`
`10
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`6.2
`
`Access domain
`
`The Access Domainis a parameter used to define the access rights granted to an Application allowingit to perform
`operations on UICCfiles specified in TS 102 221 [2]. Access Conditions of UICC Files shall be coded as defined in
`TS 102 221 [2].
`
`The accessrights granted to an application by its Access Domain shall be independent from the accessrights granted at
`the UICC/Terminalinterface.
`
`NOTE:
`
`This implies in particular that the status of a secret code (e.g. disabled PIN1, blocked PIN2,etc.) at the
`UICC/Terminalinterface does not affect the access rights granted to an application.
`
`An Access Domain as described in clause 8.2.1.3.2.5 shall be assigned to each Remote File Management Application.
`
`7
`
`Remote File Management (RFM)
`
`The concept of embedding APDUsin a commandpacket and the Additional Response data in a response packet shall be
`as defined in the previous clauses describing the Compact and expanded Remote Application data format.
`
`The Compact and expanded Remote Application data formats shall be distinguished by different TAR values.
`
`7.1
`
`Commands
`
`The standardized commandsarelisted in table 7.1. The commandsare as defined in TS 102 221 [2] and
`TS 102 222 [10].
`
`Table 7.1: Remote File Management commands
`
`The SELECT commandshall not include the selection by DF namecorresponding to P1='04' in the Command
`Parameters of SELECT(see TS 102 221 [2]).
`
`The Response Data shall be placed in the Additional Response Data element of the Response Packet.
`
`e
`
`e
`
`If P3/Le ='00' in the READ RECORD command,then the UICCshall send back the whole record data.
`
`If P3/Le ='00' in the READ BINARY command,then the UICC shall send back all data until the end of the
`file, according to clause 5.1.
`
`ETSI!
`
`IPR2022-00412
`Apple EX1014 Page 10
`
`IPR2022-00412
`Apple EX1014 Page 10
`
`
`
`Release 6
`
`11
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`7.2
`
`UICC Shared File System Remote File Management
`
`A UICCShared File System Remote File Managementapplication shall have access only to the MF and all DFs and
`EFsthat are located under the MF.
`
`NOTE:
`
`ADFsare not considered to befiles located under the MF.
`
`The MF shall be implicitly selected and be the current directory at the beginning of a Command"session".
`
`No ADFshall be accessed by the UICC Shared File System Remote File Managementapplication.
`
`All commandsdefined in clause 7.1 shall apply.
`
`The TAR value of the UICC Shared File System Remote File Managementapplication is defined in TS 101 220 [5].
`
`7.3
`
`ADF Remote File Management
`
`An ADF Remote File Management application shall have access to the DFs and EFs located under the ADF.
`
`The ADFshall be implicitly selected and be the current directory at the beginning of a Command"session".
`
`The UICC Shared File System, i.e. the MF and all DFs and EFsthat are located under the MF, mayalso be accessed,
`dependingonthe accessrights granted to the ADF Remote File Managementapplication.
`
`NOTE:
`
` ADFsare not considered to befiles located under the MF.
`
`All commandsdefined in clause 7.1 shall apply.
`
`The TAR of an ADF RFMapplication shall be linked to the AID of the application to which the ADF belongs.
`
`The TAR value of an ADF Remote File Managementapplication is defined in TS 101 220[5].
`
`8
`
`Remote Application Management (RAM)
`
`Remote Application Management on a UICC card includesthe ability to load, install, and remove applications. This
`managementis underthe control of the Issuer Security Domain or any Security Domain with delegated management
`privileges as described in GlobalPlatform Card Specification [4].
`
`All GlobalPatform features and functionality that are described in the present clause shall comply to GlobalPlatform
`Card Specification [4].
`
`A RAM Application shall support the features and functionality described as mandatory in Package 0 "Core OP
`functionality" of GlobalPlatform Card Specification 2.1 Compliance Packages [9] unless they are specifically defined as
`not applicable or optional in the present clause.
`
`A RAM Application shall support all features and functionality described in the present clause unless they are
`specifically described as optional.
`
`The support of the APIs defined in GlobalPlatform Card Specification [4] (Package 0.A (Java Card API) or
`Package 0.B (Windows Powered Smart Cards API) in GlobalPlatform Card Specification 2.1 Compliance Packages[9]
`is optional.
`
`Remote Application Management commandsshall be executed according to table 9.1 of GlobalPlatform Card
`Specification [4].
`
`The TAR value allocated for the Issuer Security Domain are defined in TS 101 220 [5].
`
`The concept of embedding APDUsin a commandpacketand the Additional Response data in a response packetshall be
`as defined in the previous clauses describing the Compact and expanded Remote Application data format.
`
`The Compact and expanded Remote Application data formats shall be distinguished by different TAR values.
`
`The Minimum Security Level of aRAM Application shall requireat least integrity using CC or DS.
`
`ETSI!
`
`IPR2022-00412
`Apple EX1014 Page 11
`
`IPR2022-00412
`Apple EX1014 Page 11
`
`
`
`Release 6
`
`12
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`A complying card shall support at least the DES CBC algorithm for cryptographic computations.
`
`8.1
`
`Remote application management application behaviour
`
`Remote Load File loading, Application installation, Load File removal, Application removal, Application
`locking/unlocking, Application information retrieval shall be compliant to GlobalPlatform Card Specification [4].
`
`As a RAM Application is a Receiving Application per clause 4, application selection (SELECT command) and
`commanddispatching as described in GlobalPlatform Card Specification [4] do not apply to Remote Application
`Management.
`
`8.2
`
`Commandscoding and description
`
`Commandsandresponsesshall be coded according to GlobalPlatform Card Specification [4] unless otherwise specified
`in the present specification.
`
`Secure messaging shall be based on TS 102 225 [1]. Therefore secure messaging as defined in GlobalPlatform Card
`Specification [4] shall not apply to RAM APDU commandsandresponses (e.g. MAC shall not be presentin the
`command data field). In addition the class byte shall indicate that an APDU commandincludes no secure messaging.
`
`The logical channel numberindicated in the class byte shall be zero.
`
`Commandstatus words placed in the Additional Response Data element of the Response Packet shall be coded
`according to the GlobalPlatform Card Specification[4].
`
`8.2.1
`
`Commands
`
`The standardized commands arelisted in table 8.1.
`
`Table 8.1: Application management commands
`
`for Menu parameters
`
`GET DATAas case 2 command
`GET DATAas case 4 command
`
`Support of the STORE DATA command described in GlobalPlatform Card Specification [4] is optional.
`
`The Response Data shall be placed in the Additional Response Data element of the Response Packet.
`
`8.2.1.1
`
`DELETE
`
`The removal of Applications, of Executable Load Files, and of Executable Load Files and its related Applications shall
`be supported.
`
`The warning status word '6200' (Application has been logically deleted) as defined in Open Platform Card
`Specification 2.0.1 [8] may be returned.
`
`8.2.1.2
`
`SET STATUS
`
`The management of Applications, Issuer Security Domain and Security Domains Life Cycle States shall be supported.
`
`ETSI
`
`IPR2022-00412
`Apple EX1014 Page 12
`
`IPR2022-00412
`Apple EX1014 Page 12
`
`
`
`Release 6
`
`13
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`8.2.1.3
`
`INSTALL
`
`INSTALL[for load], INSTALL[forinstall] and INSTALL[for make selectable] commandsshall be supported.
`
`In addition the support of the combined [for install and make selectable] within the same INSTALL commandis
`mandatory.
`
`8.2.1.3.1
`
`INSTALL[for load]
`
`A card supporting DAP verification shall support the Load File Data Block Hash according to GlobalPlatform Card
`Specification [4].
`
`NOTE:
`
`The exact generation of the DAP was not defined in previous releases of the present document.
`Inter-operability with previous releases should be handled with care.
`
`If present, the Load Parameter Field of the INSTALL [for load] commandshall be coded according to GlobalPlatform
`Card Specification [4].
`
`If the System Specific parameters "Non volatile code space limit" (Tag 'C6'), “Volatile data space limit" (Tag 'C7') and
`"Non volatile data space limit" (Tag 'C8') are present, the UICC shall be able to handle them.
`
`8.2.1.3.2
`
`INSTALL[for install]
`
`If present, the Install Parameter Field of the INSTALL[forinstall] command shall be coded according to
`GlobalPlatform Card Specification [4].
`
`If the System Specific parameters "Volatile data space limit" (Tag 'C7') and "Non volatile data space limit" (Tag 'C8')
`are present, the UICC shall be able to handle them.
`
`The application instance shall be registered with the instance AID present in the INSTALL[forinstall] command.
`
`In case of JavaCard™ applications, the application may invoke the register(bArray, bOffset, bLength) or the register()
`method:
`
`°
`
`If the register (bArray, bOffset, bLength) is invoked, the AID passed in the parameters shall be the instance
`AIDprovidedin the install method buffer.
`
`e—_If the register() method is invoked the instance AID present in the INSTALL[forinstall] command and the
`AIDwithin the Load File, as specified in GlobalPlatform Card Specification [4], should be the same.
`
`The "UICC System Specific Parameters" TLV object (Tag 'E
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
