ETSI TS 102 226 ve.12.0 2005-09)
`
`Technical Specification
`
`Smart cards;
`Remote APDU structure for UICC based applications
`(Release 6)
`
`~Cp
`
`IPR2022-00413
`Apple EX1014 Page 1
`
`IPR2022-00413
`Apple EX1014 Page 1
`
`
`
`Technical Specification
`
`Smart cards;
`Remote APDU structure for UICC based applications
`(Release 6)
`
`~Cp
`
`IPR2022-00413
`Apple EX1014 Page 1
`
`IPR2022-00413
`Apple EX1014 Page 1
`
`
`
`Release 6
`
`2
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`Reference
`RTS/SCP-T0285r12
`
`Keywords
`protocol, smart card
`
`ETSI
`
`650 Route des Lucioles
`F-06921 Sophia Antipolis Cedex - FRANCE
`
`Tel.: +33 4 92 94 4200 Fax: +33 493 65 47 16
`
`Siret N° 348 623 562 00017 - NAF 742 C
`Association a but nonlucratif enregistrée a la
`Sous-Préfecture de Grasse (06) N° 7803/88
`
`Important notice
`
`Individual copies of the present document can be downloadedfrom:
`http:/Awww.etsi.org
`
`The present document may be madeavailable in more than oneelectronic version orin print. In any case of existing or
`perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
`In caseof dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific networkdrive
`within ETSI Secretariat.
`
`Users of the present document should be aware that the document may be subject to revision or changeofstatus.
`Information on the current status of this and other ETSI documentsis available at
`http://portal.etsi.org/tb/status/status.asp
`
`If you find errors in the present document, please send your commentto oneofthe following services:
`http://portal.etsi.org/chaircor/ETS|_ support.asp
`
`Copyright Notification
`
`No part may be reproduced except as authorized by written permission.
`The copyright and the foregoing restriction extend to reproductionin all media.
`
`© European Telecommunications StandardsInstitute 2005.
`All rights reserved.
`
`DECT™PLUGTESTS™ and UMTS™are Trade Marks of ETSI registered for the benefit of its Members.
`TIPHON™andthe TIPHON logo are Trade Markscurrently being registered by ETSI for the benefit of its Members.
`3GPP™is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 2
`
`IPR2022-00413
`Apple EX1014 Page 2
`
`
`
`Release 6
`
`3
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`Contents
`
`Intellectual Property Rights ...........:..:cssscssssccsssscescsssesessseesssscessssecessssseessssneestssceesseseeessseneesesesseneenteseeeneesnesaesers4
`FOrEWOTK.........ccccceccecceoececcenseecentecceesccenecanessseaceuseccesseescesseenesonsssseeeeaseceesseesnssaceenseceesseceesateceesaeeeneseeenteceeneseesaaeees 4
`
`1
`
`2
`
`3
`3.1
`3.2
`
`4
`5
`5.1
`5.1.1
`5.1.2
`5.2
`5.2.1
`5.2.2
`
`6
`6.1
`6.2
`
`7
`71
`7.2
`7.3
`
`SCOPE... .essscssccessecsescnneesrsecnstennacsseeonssenseesncsensecneecaneesnssonssennacsnesensseneesanesensecnetsnneessesonstennecnsesenssenseraneseneeenes 5
`
`References «0.0... ees eceseeeceeeeescesssseessescescuccceeesecsessceasassasscsseseoesensesssassasecsasseescecesseessesaesseasassenseeseeseeseesesseeees 5
`
`Definitions and abbreviations............ccscscsccsccsseccsssscsssescsscecssscecsecessecsessscsessacsaceeescessescssssacsaseaesaseaesasesees 6
`Definitions 0... scscessessscssseesssscessssessesssssenssseseesssesssscsessssecsesseesssssesesssssessesssesensssesosonseasssosoassasessenasesseneaesensess 6
`Abbreviations... ees seseseceesesecsescseesesesacsesseneecensssssetsesssesucensessrseesucensssseasereesossesecserarseseeeserenseeneeessenterenenes 6
`
`Overview of remote management ...........ccsssccscssscssesseeecessseessseresscenssssensesesecssenesssensesseseeosssseaeessenseasnees6
`Remote APDU format ..0.... ec cscsssssseesseeceeseceeeseesessecneesescescceesesaeeetstasseeneesseeesesecsessesaesseasetsaeeeneseceesateats 7
`Compact Remote Application data format...........ccsssssssssssssscssssecseseeseesesssesssensesessessesaesessceasssseeeeessaseseaseasennes 7
`
`Compact Remote command structure .........ccccsccsssessesessstcceseesecsesseeseeneseeeseees
`Compact Remote response Structure ...........sceceessseeeccsseeseeeceeeneneesceseneneeseesenenees
`
`Expanded Remote Application data format.............
`
`Expanded Remote command Structure .........ccccssssssscssesssccsceeesessecsneecsssenenececsaesesecsancessecsceneeaseesesaneneceeensnese 8
`Expanded Remote response Structure............:cssccsssssceesesceeeceeseaeeeeceeceaseseeeaceacesaeeaseacesseeaseaeaeaeesseaeseaeneseaeaaeeee 9
`
`Security parameters assigned to applications..............::.::ccscscceesecensececeseeeeeessseeeeatecceesetseeeseseceenteceeseesets 9
`Minimum Security Level (MSL)... csssssssssessseseceessesesscceesscscesesscsascesenessossesesetsececeesaseaessesseseesessesasentenssnens 9
`ACCESS COMAIN.......cccesssseescssccssesesnesccsesacceansesneacesesseseseesessessccanenssaeseenesadeesacessessaeauessecedsanseseceasenseacaenenanensaneats 10
`
`Remote File Management (RFM)...........csccsssscsssssssescsssssessesseccesesecaceossacsessacsassessassaccenscscenesscensessenseaseas 10
`Command.....ccccscsccsscsserecsesssesrenseesssssssseesesssssensesseens
`
`UICC Shared File System Remote File Management....
`ADF Remote File Management... .sscccscssssessssssessssssecsessecesenseescesosenssssscossasssesonseseesencensensseseassesaseneaesags 11
`
`8
`8.1
`8.2
`8.2.1
`8.2.1.1
`8.2.1.2
`8.2.1.3
`8.2.1.3.1
`8.2.1.3.2
`8.2.1.4
`8.2.1.5
`8.2.1.6
`8.2.1.6.1
`8.2.1.7
`8.2.1.7.1
`8.2.1.7.2
`
`Remote Application Management (RAM)...........:csscsssscssessessseseesscestssceestescesseesensauseceeateseesseesenseeeenesaes 11
`Remote application managementapplication behaviour .............ccsssscccscessecsessseseseesaesereesaseessceeesesetsnsenentenenss 12
`Commands coding and description.............ccccesseecesscssescceseteoceccesseeoesaeenceeacsaesnseesaessneeceaensneeseasesseeseaeenecasease 12
`Command 0... ccccsetssseescssessscsenssesesssseseosonss
`DELETE........esesesesessecceeeeseseecneeeeesenenereneeters
`SET STATUS... eeccsseesseeseseeseseenensenesess
`INSTALLune eeeeeeececeeeeeeeeeseeeeseseeeeteeseneees
`INSTALL[for load] ............cccccessesceeeeee
`INSTALL[for install] 00.0... eecccesessesssesececessessesessesesececcssneneasscnsneseceseseasueseuenssaasaneseeseeeeeeansnenaeseeees 13
`LOAD ooo eeesesesesesesesesesscessecnesescssscseseuceceneceeeassssesenseaseceeeaseseasusususesenescasseacueasuessesessaessecscaeseseeeensaseesueeseaes 20
`PUT KEY... cecsesescscseeeseseseseteneesonsassesenoees
`GET STATUS...u..eeeseeeseeesesececeeeeeseeeeeeeteeesees
`Menu parameters ........ccsesecsseesoeseoeees
`GET DATA... ce eeeeeeeeeecececeereeseecseeeeetens
`VOI ose eee eeeseseeceseeeceneseeceeeeteteeeeseaeeaeees
`Extended Card resources information .............::.sccccssssssesecesensoesceesceseeeeceseeseeeaceaceseceasesseeseaseseeaeeaees 21
`
`
`
`9
`9.1
`9.1.1
`9.1.2
`9.1.3
`9.2
`9.2.1
`9.2.2
`9.3
`
`Additional command for push.............ccsccssssccssecsscssessessesscseessescesssecessecesssecessssceesesseeseneeeseeseeeeesensuesesanees22
`Push command behaviour .............seeessssseceseessecereeesseecersesscsesevecseveescsevsesesavssssesesensessesacsersesceseeessonseesesesersnteres 22
`Request for open chanmel...........:cccsscssseeeseeseeee
`Request for CAT_TP link establishment...........
`Behaviour for respOmses..........ccsesecseseseseeseees
`Commands Coding...........:..ssscsscssscscceseeseseeceseeteseeees
`Data for BIP channel opening... eceecsssseeeeeesesceeseeeseeeeeaeeseecesenseseeeeteaee
`Data for CAT_TP link establishment... eecsceceseeseesesnseeesesseeesensenessenes
`Closing of the BIP chanel] 0... ccc eeccssssssecceessseseeseeasecceseasesescesassaseecessasssesesaseeseccassasesesaseceaesaeseneesasesencatanes 23
`
`
`
`Annex A (normative):
`
`BER-TLYVtag5s........cccosssscsscsceccccsenscvccsscssessccvscccoscssccscssscvecsscssenseccscsssccsccseesscose24
`
`Annex B (informative):
`
`Change BistOry ............ccscsscecsssscccssecccsscecsonsccesssccoscseccseccecssececcssccsssssccoessnecsence25
`
`HUIStOLY 20... eeeeeeeeeessesesceeeseeeescecesssecsesescesscassceesssenesssessessescsssseasssenssssecsesasssasaceasscenssseacsessesesaseesesssensenenseeeten27
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 3
`
`IPR2022-00413
`Apple EX1014 Page 3
`
`
`
`Release 6
`
`4
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`Intellectual Property Rights
`
`IPRsessential or potentially essential to the present document may have been declared to ETSI. The information
`pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members,and can be found
`in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
`respect ofETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
`server
`://webapp.etsi.org/IPR/home.asp).
`
`Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
`can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
`server) which are, or may be, or may become,essential to the present document.
`
`Foreword
`
`This Technical Specification (TS) has been produced by ETSI Project Smart Card Platform (SCP).
`
`It is based on work originally done in the 3GPP in TSG-terminals WG3 and ETSI SMG.
`
`The contents of the present documentare subject to continuing work within EP SCP and may change following formal
`EP SCPapproval. If EP SCP modifies the contents of the present document,it will then be republished by ETSI with an
`identifying change of release date and an increase in version numberas follows:
`
`Version X.y.Z
`
`where:
`
`x:
`
`the first digit:
`
`0
`
`1
`
`2
`
`3
`
`early working draft;
`
`presented to EP SCP for information;
`
`presented to EP SCP for approval;
`
`or greater indicates EP SCP approved document under changecontrol.
`
`y:
`
`the second digit is incremented for all changes of substance,i.e. technical enhancements, corrections,
`updates, etc.
`
`z:_the third digit is incremented when editorial only changes have been incorporated in the document.
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 4
`
`IPR2022-00413
`Apple EX1014 Page 4
`
`
`
`Release 6
`
`5
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`1
`
`Scope
`
`The present documentdefines the remote managementof the UICC based on the secured packet structure specified in
`TS 102 225[1].
`
`It specifies the APDU format for remote management.
`
`°
`
`Furthermore the present documentspecifies: a set of commandscodedaccording to this APDU structure and
`used in the remote file management on the UICC. This is based on TS 102 221 [2].
`
`e~=—s-A set of commands coded according to this APDUstructure and used in the remote application management
`
`on the UICC. This is based on the GlobalPlatform Card Specification [4].
`
`2
`
`References
`
`The following documents contain provisions which, through reference in this text, constitute provisions of the present
`document.
`
`°
`
`°
`
`Referencesare either specific (identified by date of publication and/or edition numberor version number) or
`non-specific.
`
`Fora specific reference, subsequent revisions do not apply.
`
`e__For a non-specific reference, the latest version applies. In the case of a reference to an EP SCP document, a
`non-specific reference implicitly refers to the latest version of that documentin the same Release as the
`present document.
`
`Referenced documents which are not found to be publicly available in the expected location might be found at
`http://docbox.etsi.org/Reference.
`
`[1]
`
`[2]
`
`[3]
`
`[4]
`
`ETSI TS 102 225: "Smart cards; Secured packet structure for UICC based applications".
`
`ETSI TS 102 221: "Smart cards; UICC-Terminalinterface; Physical and logical characteristics".
`
`ETSI TS 102 223: "Smart cards; Card Application Toolkit (CAT)".
`
`GlobalPlatform (March 2003): "GlobalPlatform Card Specification, Version 2.1.1".
`
`NOTE:_See http://www.globalplatform.org/.
`
`[5]
`
`[6]
`
`[7]
`
`[8]
`
`ETSI TS 101 220: "Smart cards; ETSI numbering system for telecommunication application
`providers".
`
`ETSI TS 143 019: "Digital cellular telecommunications system (Phase 2+); Subscriber Identity
`Module Application Programming Interface (SIM API) for Java Card; Stage 2 (3GPP TS 43.019)".
`
`ETSI TS 102 241: "Smart cards; UICC Application ProgrammingInterface (UICC API) for Java
`Card (TM)".
`
`GlobalPlatform: "GlobalPlatform Card Specification Version 2.0.1".
`
`NOTE:
`
`Seehttp://www.globalplatform.org/.
`
`[9]
`
`GlobalPlatform: "Card Specification 2.1 Compliance Packages Version 1.1".
`
`NOTE:_See http://www.globalplatform.org/.
`
`[10]
`
`ETSI TS 102 222: "Integrated Circuit Cards (ICC); Administrative commandsfor
`telecommunications applications".
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 5
`
`IPR2022-00413
`Apple EX1014 Page 5
`
`
`
`Release 6
`
`6
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`[11]
`
`[12]
`
`ETSI TS 123 048: "Digital cellular telecommunications system (Phase 2+); Universal Mobile
`Telecommunications System (UMTS); Security mechanismsfor the (U)SIM application toolkit;
`Stage 2 (3GPP TS 23.048)".
`
`ETSI TS 102 127: "Smart cards; Transport protocol for CAT applications; Stage 2”.
`
`3
`
`Definitions and abbreviations
`
`3.1
`
`Definitions
`
`Forthe purposes of the present document, the terms and definitions given in TS 102 225 [1] and TS 101 220 [5] apply.
`
`3.2
`
`Abbreviations
`
`Forthe purposes of the present document, the abbreviations given in TS 102 225 [1] and the following apply:
`
`ADD
`ADP
`AID
`BER-TLV
`BIP
`C-APDU
`DAP
`DEK
`MSL
`MSLD
`RAM
`R-APDU
`RFM
`RFU
`UICC
`
`Access Domain Data
`Access Domain Parameter
`Application Identifyer
`Basic Encoding Rules - Tag, Length, Value
`Bearer Independent Protocol
`Command Application Protocol Data Unit
`Data Authentication Pattern
`Data Encryption Key
`Minimum Security Level
`Minimum Security Level Data
`Remote Application Management
`Response Application Protocol Data Unit
`Remote File Management
`Reserved for Future Use
`Universal Integrated Curcuit Card
`
`4
`
`Overview of remote management
`
`
`
`Sending
`Application
`
`Sending
`Entity
`
`
`
`Entity Receiving
`
`Receiving
`Application
`
`
` Secured
`
`
` [
`
`
`C-APDU
`
`Secured R-APDU]
`
`UICC
`
`Figure 4.1: Remote management
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 6
`
`IPR2022-00413
`Apple EX1014 Page 6
`
`
`
`Release 6
`
`7
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`All data exchanged between the Sending Entity and Receiving Entity shall be formatted as "Secured data" according to
`TS 102 225 [1]:
`
`
`
`1) The parameter(s) in the "Secured data"is either a single command,oralist of commands, which shall be
`processed sequentially.
`
`2)
`
`3)
`
`4)
`
`5
`
`5.1
`
`The Remote Managementapplication shall take parameters from the "Secured data" and shall act upon the
`files or applications according to these parameters. A Remote Managementapplication is the on-card
`Receiving Application that performs either Remote File Management (RFM) or Remote Application
`Management (RAM)as defined in the following clauses.
`
`Remote Management commands shall be executed by the dedicated Remote Management Application (RAM).
`A Command"session"is defined as starting upon receipt of the parameter/commandlist, and ends when the
`parameterlist in the "Secured data" is completed, or when an error (i.e. SW1 of the commandindicates an
`error condition) is detected which shall halt further processing of the commandlist. Warnings or procedure
`bytes do nothalt processing of the commandlist.
`
`At the beginning and end of a Command"session"the logical state of the UICC as seen from the terminal shall
`not be changedto an extent sufficient to disrupt the behaviour of the terminal. If changes in the logical state
`have occurred that the terminal needs to be aware of, the application on the UICC may issue a REFRESH
`command according to TS 102 223 [3]. However,this is application dependent and therefore out of scope of
`the present document.
`
`Remote APDU format
`
`Compact Remote Application data format
`
`5.1.1
`
`Compact Remote commandstructure
`
`A commandstring may contain a single command or a sequence of commands. Thestructure of each command shall be
`according to the generalized structure defined below; each element other than the Datafield is a single octet (see
`TS 102 221 [2]).
`
`The format of the commandsis the sameas the one defined in TS 102 221 [2] for T= 0 TPDU commands.
`
`Eeeee
`
`code (INS
`
`CLA
`
`If the sending application needsto retrieve the Response parameters/data of a case 4 command, then a GET
`RESPONSEcommandshall follow this commandin the commandstring.
`
`The GET RESPONSEand any case 2 command(i.e. READ BINARY, READ RECORD)shall only occur once in a
`commandstring and, if present, shall be the last commandin thestring.
`
`Forall case 2 commandsand for the GET RESPONSE command,if P3 = '00'", then the UICC shall send backall
`available response parameters/data e.g. if a READ RECORD commandhas P3='00' the whole record shall be returned.
`The limitation of 256 bytes does not apply for the length of the response data. In case the data is truncated in the
`response, the remaining bytes are lost and the status wordsshall be set to '62 F1'.
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 7
`
`IPR2022-00413
`Apple EX1014 Page 7
`
`
`
`Release 6
`
`8
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`5.1.2|Compact Remote responsestructure
`
`Ifa proof of Receipt is required by the sending entity, the Additional Response Data sent by the Remote Management
`Application shall be formatted accordingto table 5.1.
`
`[Length|Name
`
`
`
`
`|1[Numberofcommandsexecutedthecommandscript(seenote)_|within
`
`Status bytes or '61 xx’ procedure bytes of last executed command /
`GET RESPONSE
`
`Table 5.1: Format of additional response data
`
`commandscript, '02' if two commands were executed, etc.
`
`Responsedata of last executed command / GET RESPONSE if
`available(i-e. if the last command was a case 2 command or a GET
`RESPONSE
`This field shall be set to '01' if one command was executed within the
`
`NOTE: _
`
`5.2
`
`Expanded Remote Application data format
`
`5.2.1
`
`Expanded Remote commandstructure
`
`The "Secured data" sent to a Remote Management Application shall be a BER-TLVdata object formatted according to
`table 5.2.
`
`Table 5.2: Expanded format of Remote Managementapplication command "secured data”
`
`Lengthin bytes
`
`CommandScripting template tag
`Length of CommandScripting template= A+B+...C
`C-APDUJCAPDU
`|UB C-APDU
`pe
`
`C-APDU
`
`The CommandScripting template is a BER-TLV data object as defined in TS 101 220 [5] and the tag of this TLV is
`defined in annex A.
`
`A Remote Management application commandstring may contain a single or several C-APDU TLVs.
`
`The structure of each C-APDUshall be a TLVstructure coded according to the C-APDU COMPREHENSION-TLV
`data object coding defined in TS 102 223 [3]. Therestriction on the length of the C-APDU mentionedin the note in
`TS 102 223 [3] shall not apply.
`
`Forall case 2 and case 4 C-APDUs,if Le='00' in the C-APDU,then the UICC shall send back all available response
`parameters/data in the R-APDU e.g. ifa READ RECORD command has Le='00' the whole record shall be returned.
`Thelimitation of 256 bytes does not apply for the length of the response data.
`
`In case the data is truncated in the response of a C-APDU,the status words for this C-APDUshall beset to '62 F1' in
`the corresponding R-APDU.This shall terminate the processing of the commandlist.
`
`If a R-APDUfills the response buffer so that no further R-APDU can be includedin the response scripting template,
`this shall terminate the processing of the commandlist.
`
`If Le field is empty in the C-APDU,then no response data is expected in the R-APDU.In that case, no R-APDU shall
`be returned by the UICC in the application additional response data except if the corresponding C-APDUis the last
`command executed in the script.
`
`NOTE:_In this expanded format the GET RESPONSE commandis notused.
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 8
`
`IPR2022-00413
`Apple EX1014 Page 8
`
`
`
`Release 6
`
`9
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`5.2.2
`
`Expanded Remote responsestructure
`
`The additional response application data which may be sent by a Remote Managementapplication is a BER-TLV data
`object and shall be formatted accordingto table 5.3.
`
`Table 5.3: Expanded Format of Remote Managementapplication additional response data
`
`[Lengthinbytes|CName
`
`Length of Response Scripting template= X+A+B...C
`
`TLV is present only once in the Response Scripting template.
`
`|=B___|R-APDU of second executed case 2/ case 4 C-APDUinthescript
`aFer
`R-APDU oflast executed C-APDU in the script
`If the last executed C-APDU is a case 2 or case 4 command the R-APDU
`
`NOTE:
`
`The ResponseScripting template is a BER-TLV data object as defined in TS 101 220 [5] and the tag of this TLV is
`defined in annex A.
`
`The Numberof executed C-APDUs TLV is a BER-TLV data object and shall be coded as shown in table 5.4.
`
`Length in bytes
`|4 [Numberof executed C-APDUstag
`|1 [Length=x
`
`Numberof executed C-APDUs
`
`Table 5.4: Numberof executed C-APDUs TLV
`
`The Numberof executed C-APDUstag is defined in annex A. The Number of executed C-APDUsvalue correspondsto
`the number of C-APDUsexecuted within the commandscript.
`
`The structure of each R-APDUshall be a TLVstructure coded according to the RRAPDU COMPREHENSION-TLV
`data object coding defined in TS 102 223 [3]. Therestriction on the length of the R-APDU mentionedin the note in
`TS 102 223 [3] shall not apply. For Le='00"", the length of the R-APDU may be coded on morethan two bytes.
`
`A Remote Managementapplication response string may contain a single or several R-APDU TLVs.
`
`6
`
`6.1
`
`Security parameters assigned to applications
`
`Minimum Security Level (MSL)
`
`The Minimum Security Level (MSL) is used to specify the minimum level of security to be applied to Secured Packets
`sent to any Receiving Application. The Receiving Entity shall check the Minimum Security Level before processing the
`security of the Command Packet. If the checkfails, the Receiving Entity shall reject the messages and a Response
`Packet with the "Insufficient Security Level" Response Status Code (see TS 102 225 [1]) shall be sent if required.
`
`A Minimum Security Level as described in clause 8.2.1.3.2.4 shall be assigned to each Remote Managementapplication
`(RFM/RAM).
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 9
`
`IPR2022-00413
`Apple EX1014 Page 9
`
`
`
`Release 6
`
`10
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`6.2
`
`Access domain
`
`The Access Domain is a parameter used to define the access rights granted to an Application allowing it to perform
`operations on UICCfiles specified in TS 102 221 [2]. Access Conditions of UICC Files shall be coded as defined in
`TS 102 221 [2].
`
`The accessrights granted to an application by its Access Domain shall be independent from the accessrights granted at
`the UICC/Terminal interface.
`
`NOTE:
`
`This implies in particular that the status of a secret code (e.g. disabled PIN1, blocked PIN2,etc.) at the
`UICC/Terminalinterface does not affect the access rights granted to an application.
`
`An Access Domain as described in clause 8.2.1.3.2.5 shall be assigned to each Remote File Management Application.
`
`7
`
`Remote File Management (RFM)
`
`The concept of embedding APDUsin a commandpacket and the Additional Response data in a response packetshall be
`as defined in the previous clauses describing the Compact and expanded Remote Application data format.
`
`The Compact and expanded Remote Application data formats shall be distinguished by different TAR values.
`
`7.1
`
`Commands
`
`The standardized commandsarelisted in table 7.1. The commandsare as defined in TS 102 221 [2] and
`TS 102 222 [10].
`
`Table 7.1: Remote File Management commands
`
`The SELECT commandshall not include the selection by DF name corresponding to P1='04' in the Command
`Parameters of SELECT (see TS 102 221 [2]).
`
`The Response Data shall be placed in the Additional Response Data element of the Response Packet.
`
`e
`
`°
`
`If P3/Le ='00' in the READ RECORD command,then the UICCshall send back the whole record data.
`
`If P3/Le ='00' in the READ BINARY command,then the UICCshall send back all data until the end of the
`file, according to clause 5.1.
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 10
`
`IPR2022-00413
`Apple EX1014 Page 10
`
`
`
`Release 6
`
`11
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`7.2
`
`UICC Shared File System Remote File Management
`
`AUICCShared File System Remote File Managementapplication shall have access only to the MF and all DFs and
`EFsthat are located under the MF.
`
`NOTE:
`
` ADFsare not considered to be files located under the MF.
`
`The MF shall be implicitly selected and be the current directory at the beginning of a Command "session".
`
`No ADFshall be accessed by the UICC Shared File System Remote File Managementapplication.
`
`All commandsdefined in clause 7.1 shall apply.
`
`The TAR value of the UICC Shared File System Remote File Managementapplication is defined in TS 101 220 [5].
`
`7.3
`
`ADF Remote File Management
`
`An ADF Remote File Management application shall have access to the DFs and EFs located under the ADF.
`
`The ADFshall be implicitly selected and be the current directory at the beginning of a Command "session".
`
`The UICC Shared File System,i.e. the MF and all DFs and EFsthat are located under the MF, mayalso be accessed,
`depending onthe accessrights granted to the ADF Remote File Managementapplication.
`
`NOTE:
`
` ADFsare not considered to be files located under the MF.
`
`All commandsdefined in clause 7.1 shall apply.
`
`The TAR of an ADF RFMapplication shall be linked to the AID ofthe application to which the ADF belongs.
`
`The TAR value of an ADF Remote File Management application is defined in TS 101 220 [5].
`
`8
`
`Remote Application Management (RAM)
`
`Remote Application Management on a UICC card includesthe ability to load, install, and remove applications. This
`managementis underthe control of the Issuer Security Domain or any Security Domain with delegated management
`privileges as described in GlobalPlatform Card Specification [4].
`
`All GlobalPatform features and functionality that are described in the present clause shall comply to GlobalPlatform
`Card Specification [4].
`
`A RAM Application shall support the features and functionality described as mandatory in Package 0 "Core OP
`functionality" of GlobalPlatform Card Specification 2.1 Compliance Packages [9] unless they are specifically defined as
`not applicable or optionalin the present clause.
`
`A RAM Application shall support all features and functionality described in the present clause unless they are
`specifically described as optional.
`
`The support of the APIs defined in GlobalPlatform Card Specification [4] (Package 0.A (Java Card API) or
`Package 0.B (Windows Powered Smart Cards API) in GlobalPlatform Card Specification 2.1 Compliance Packages[9]
`is optional.
`
`Remote Application Management commandsshall be executed according to table 9.1 of GlobalPlatform Card
`Specification [4].
`
`The TAR value allocated for the Issuer Security Domain are defined in TS 101 220 [5].
`
`The concept of embedding APDUsin a commandpacket and the Additional Response data in a response packetshall be
`as defined in the previous clauses describing the Compact and expanded Remote Application data format.
`
`The Compact and expanded Remote Application data formats shall be distinguished by different TAR values.
`
`The Minimum Security Level of a RAM Application shall require at least integrity using CC or DS.
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 11
`
`IPR2022-00413
`Apple EX1014 Page 11
`
`
`
`Release 6
`
`12
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`A complying card shall support at least the DES CBC algorithm for cryptographic computations.
`
`8.1
`
`Remote application management application behaviour
`
`Remote Load File loading, Application installation, Load File removal, Application removal, Application
`locking/unlocking, Application information retrieval shall be compliant to GlobalPlatform Card Specification [4].
`
`As a RAM Application is a Receiving Application per clause 4, application selection (SELECT command) and
`command dispatching as described in GlobalPlatform Card Specification [4] do not apply to Remote Application
`Management.
`
`8.2
`
`Commandscoding and description
`
`Commandsand responses shall be coded according to GlobalPlatform Card Specification [4] unless otherwise specified
`in the present specification.
`
`Secure messaging shall be based on TS 102 225 [1]. Therefore secure messaging as defined in GlobalPlatform Card
`Specification [4] shall not apply to RAM APDU commandsandresponses (e.g. MACshall not be presentin the
`command data field). In addition the class byte shall indicate that an APDU command includes no secure messaging.
`
`The logical channel numberindicated in the class byte shall be zero.
`
`Commandstatus words placed in the Additional Response Data element of the Response Packet shall be coded
`according to the GlobalPlatform Card Specification [4].
`
`8.2.1
`
`Commands
`
`The standardized commandsarelisted in table 8.1.
`
`Table 8.1: Application management commands
`
`for Menu parameters
`
`GETDATAas case 2 command
`GETDATAas case 4 command
`
`Support of the STORE DATA commanddescribed in GlobalPlatform Card Specification [4] is optional.
`
`The Response Data shall be placed in the Additional Response Data element of the Response Packet.
`
`8.2.1.1
`
`DELETE
`
`The removal of Applications, of Executable Load Files, and of Executable LoadFiles and its related Applications shall
`be supported.
`
`The warning status word '6200' (Application has been logically deleted) as defined in Open Platform Card
`Specification 2.0.1 [8] may be returned.
`
`8.2.1.2
`
`SET STATUS
`
`The management of Applications, Issuer Security Domain and Security Domains Life Cycle States shall be supported.
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 12
`
`IPR2022-00413
`Apple EX1014 Page 12
`
`
`
`Release 6
`
`13
`
`ETSI TS 102 226 V6.12.0 (2005-09)
`
`8.2.1.3
`
`INSTALL
`
`INSTALL[for load], INSTALL[for install] and INSTALL[for make selectable] commandsshall be supported.
`
`In addition the support of the combined [for install and make selectable] within the same INSTALL commandis
`mandatory.
`
`8.2.1.3.1
`
`INSTALL[for load]
`
`A card supporting DAP verification shall support the Load File Data Block Hash according to GlobalPlatform Card
`Specification [4].
`
`NOTE:
`
`The exact generation of the DAP wasnot defined in previous releases of the present document.
`Inter-operability with previous releases should be handled with care.
`
`If present, the Load Parameter Field of the INSTALL[for load] commandshall be coded according to GlobalPlatform
`Card Specification [4].
`
`If the System Specific parameters "Non volatile code space limit" (Tag 'C6'), "Volatile data space limit" (Tag 'C7') and
`"Nonvolatile data space limit" (Tag 'C8') are present, the UICC shall be able to handle them.
`
`8.2.1.3.2
`
`INSTALL[forinstall]
`
`If present, the Install Parameter Field of the INSTALL[forinstall] command shall be coded according to
`GlobalPlatform Card Specification [4].
`
`If the System Specific parameters "Volatile data space limit" (Tag 'C7') and "Nonvolatile data space limit” (Tag 'C8')
`are present, the UICC shall be able to handle them.
`
`The application instance shall be registered with the instance AID present in the INSTALL[forinstall] command.
`
`In case of JavaCard™ applications, the application may invoke the register(bArray, bOffset, bLength) orthe register()
`method:
`
`e=:If the register (bArray, bOffset, bLength) is invoked, the AID passed in the parameters shall be the instance
`AIDprovidedin the install method buffer.
`
`°
`
`If the register() method is invoked the instance AID present in the INSTALL[forinstall] command andthe
`AID within the Load File, as specified in GlobalPlatform Card Specification [4], should be the same.
`
`The "UICC System Specific Parameters" TLV object (Tag 'EA', as defined below) is includedin the Install Parameter
`Field and shall be coded as follows:
`
`Presence [Length|NameValue|
`
`Optional|1. |Tag of UICC System Specific Parameters constructed field _|'EA’
`Length of UICC System Specific Parameters constructed field||
`|Oton||
`
`UICC System Specific Parameters constructed valuefield.
`
`8.2.1.3.2.1
`
`Coding of the SIM File Access and Toolkit Application Specific Parameters
`
`The "SIM File Access and Toolkit Application Specific Parameters" TLV object (Tag 'CA', as defined below)is
`included in the "System Specific Parameters" (Tag 'EF") and shall be coded as follows:
`
`P|
`
`Length{|tCt—“‘“WNme@—(i‘—CSCsCSCSCSC*d(Waal
`|Optional|1 [Tag of SIM file access and toolkit application specific parametersfield
`s]1 [Length of SIM file access andtoolkit application specific parameters field |__|
`|«|6ton |SIM file access and toolkit Application specific Parameters
`
`®|s
`
`The SIM file access and toolkit application specific parameters field is used to specify the terminal and UICC resources
`the application instance can use. These resources include the timers, the Bearer Independent protocol channels, menu
`items for the Set Up Menu, the Minimum Security Level and the TAR Value(s) field. The Network Operator or Service
`Provider can also define the menu position and the menu identifier of the menusactivating the application.
`
`ETSI
`
`IPR2022-00413
`Apple EX1014 Page 13
`
`IPR2022-00413
`Apple EX1014 Page 13
`
`
`
`Release 6
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
