Functional Specification of the OpenPGP application on ISO Smart Card Operating Systems

1 Introduction

1.1 Definition of abbreviations

2 General requirements

2.1 Limitations to this version

3 Directory structure

4 Directory and data objects of the OpenPGP application

4.1 Data files and objects in the MF or other DFs

4.1.1 EF_DIR

4.2 DF_OpenPGP

4.2.1 Application identifier (AID)

4.2.2 User authentication in the OpenPGP application

4.3 Data objects (DO)

4.3.1 DOs for GET DATA

4.3.2 DOs for PUT DATA

4.3.3 DOs in detail

4.3.3.1 Name

4.3.3.2 Language preferences

4.3.3.3 Sex

4.3.3.4 Extended capabilities

4.3.3.5 Algorithm attributes

4.3.3.6 Private key template

4.3.4 Length field of DOs

5 Security architecture

6 Historical bytes (ATR)

6.1 Card capabilities

7 Commands

7.1 Usage of ISO standard commands

7.2 Commands in detail

7.2.1 SELECT FILE

7.2.2 VERIFY

7.2.3 CHANGE REFERENCE DATA

7.2.4 RESET RETRY COUNTER

7.2.5 GET DATA

7.2.6 PUT DATA

7.2.7 GET RESPONSE

7.2.8 PSO: COMPUTE DIGITAL SIGNATURE

7.2.9 PSO: DECIPHER

7.2.10 INTERNAL AUTHENTICATE

7.2.11 GENERATE ASYMMETRIC KEY PAIR

7.2.12 GET CHALLENGE

7.3 Command usage under different I/O protocols

7.4 Class byte definitions

7.5 Secure messaging (SM)

7.6 Logical channels

7.7 Status bytes

8 Literature

9 Flow Charts

9.1 Application Start for cards with Short Lc/Le

9.2 Application Start for cards with Extended Lc/Le

9.3 Compute digital signature

9.4 Decrypt message

9.5 Generate private key