Functional Specification of the OpenPGP application on ISO Smart Card Operating Systems

TABLE OF CONTENTS

1 Introduction

1.1 Definition of Abbreviations

2 General Requirements

2.1 Limitations in This Version

3 Directory Structure

4 Directory and Data Objects of the OpenPGP Application

4.1 Data Files and Objects in the MF or Other DFs

4.1.1 EF_DIR

4.1.2 DF_OpenPGP

4.1.2.1 Application Identifier (AID)

4.2 User Verification in the OpenPGP Application

4.2.1 Resetting Code

4.3 Data Objects (DO)

4.3.1 DOs for GET DATA

4.3.2 DOs for PUT DATA

4.3.3 DOs in Detail

4.3.3.1 Private Use

4.3.3.2 Name

4.3.3.3 Language Preferences

4.3.3.4 Sex

4.3.3.5 Extended Capabilities

4.3.3.6 Algorithm Attributes

4.3.3.7 Private Key Template

4.3.4 Length Field of DOs

5 Security Architecture

6 Historical Bytes

6.1 Card Capabilities

7 Commands

7.1 Usage of ISO Standard Commands

7.2 Commands in Detail

7.2.1 SELECT FILE

7.2.2 VERIFY

7.2.3 CHANGE REFERENCE DATA

7.2.4 RESET RETRY COUNTER

7.2.5 GET DATA

7.2.6 PUT DATA

7.2.7 GET RESPONSE

7.2.8 PSO: COMPUTE DIGITAL SIGNATURE

7.2.8.1 Hash Algorithms

7.2.8.2 DigestInfo for RSA

7.2.9 PSO: DECIPHER

7.2.10 INTERNAL AUTHENTICATE

7.2.10.1 Client/Server Authentication

7.2.11 GENERATE ASYMMETRIC KEY PAIR

7.2.12 GET CHALLENGE

7.2.13 TERMINATE DF

7.2.14 ACTIVATE FILE

7.3 Command Usage under Different I/O Protocols

7.4 Class Byte Definitions

7.5 Secure Messaging (SM)

7.6 Logical Channels

7.7 Command Chaining

7.8 Life Cycle Management

7.9 Status Bytes

8 Literature

9 Flow Charts

9.1 Application Selection

9.2 Compute Digital Signature

9.3 Decrypt Message

9.4 Generate Private Key

9.5 Client/Server Authentication