7. SECURITY DOMAINS
7.7 Delegated Management Tokens and Receipts and DAP Verification
This Section defines the mechanisms, data elements and the format of Tokens and Receipts. It also describes the mechanisms and the data elements required for DAP Verification.
The algorithm for Token signatures is defined in Appendix B.3 - Public Key Cryptography Scheme 1 (PKCS#1).
Tokens may be generated for use on multiple cards, depending on the Card Issuer's security policy
7.7.1 Load Token
The Load Token allows for the verification of the load process prior to actually processing the INSTALL [for load] command. The OPEN shall request the Issuer Security Domain to verify the Load Token.
The Load Token is a signature on most of the INSTALL [for load] command including the Load File Data Block Hash. The Token is appended to the INSTALL [for load] command.
The Load File Data Block Hash is included in the calculation to ensure that the Load File Data Block that has been approved by the generation of a Load Token is the same Load File Data Block that is subsequently received by the OPEN through the series of LOAD commands that follow the INSTALL [for load] command.
Once the complete Load File has been received, the OPEN shall verify that the Load File Data Block is valid using the Load File Data Block Hash. If the Load File Data Block Hash is not valid the OPEN shall abort the load process at this stage.
Figure 7-5 details the Load Token calculation performed by the Card Issuer.
Token Calculation INSTALL P1,P2,Lc len, Load File
AID
len, Security
Domain AID len, Load Load Token
Params
Figure 7-5 Load Token Calculation
7.7.2 Load Receipt
If the Card Issuer's security policy requires the generation of Receipts, the Load Receipt provides confirmation from the card that a successful load has occurred through the delegated loading process. The Load Receipt is comprised of data related to the delegated load process including Card Unique Data and generated by the Issuer Security Domain. The Receipt is included in the response message for the last LOAD command issued in a sequence of LOAD commands to the Security Domain.
Figure 7-6 details the Load Receipt calculation performed by the Issuer Security Domain.
len, Confirmation
Receipt Calculation Issuer Security Domain Receipt Generation Key
Figure 7-6: Load Receipt Calculation
7.7.3 Install and Extradition Tokens
The Install Token allows for the verification of the installation process prior to actually processing the INSTALL [for install] or [for make selectable] command. The Extradition Token allows for the verification of the
extradition process prior to actually processing the INSTALL [for extradition] command. The OPEN shall request the Issuer Security Domain to verify the Install and Extradition Tokens. The Install and Extradition Tokens are a signature of the following fields within an INSTALL command and is appended to the INSTALL command. The same Token applies to the INSTALL [for install] command, the INSTALL [for make selectable] command and the INSTALL [for extradition] command.
Figure 7-7 details the Install and Extradition Tokens calculation performed by the Card Issuer.
Token Calculation INSTALL P1,P2,Lc len, Executable
Load File AID len, Executable
Module AID len, Instance Install Token
AID len, Install
Figure 7-7: Install//Extradition Token Calculation
7.7.4 Install Receipt
If the Card Issuer's security policy requires the generation of Receipts, the Install Receipt provides confirmation from the card that a successful installation has occurred through the delegated installation process. The Install Receipt is comprised of data related to the delegated installation process including Card Unique Data generated by the Issuer Security Domain. An Install Receipt is returned in the response message to the INSTALL [for install] command and the INSTALL [for install and make selectable] command sent to the Security Domain. An Install Receipt is not returned in the response message to the INSTALL [for make selectable] command or the INSTALL [for personalization] command.
Figure 7-8 details the Install Receipt calculation performed by the Issuer Security Domain.
.
Receipt Calculation len, Confirmation
Counter
len, Card Unique
Data len, Load File Install Receipt
AID
len, Application AID
Issuer Security Domain Receipt Generation Key
Figure 7-8: Install Receipt Calculation
7.7.5 Extradition Receipt
If the Card Issuer's security policy requires the generation of Receipts, the Extradition Receipt provides confirmation from the card that a successful extradition has occurred through the delegated extradition process.
The Extradition Receipt is comprised of data related to the delegated extradition process including Card Unique Data generated by the Issuer Security Domain. The Extradition Receipt is returned in the response message to the INSTALL [for extradition] command issued to the Security Domain.
Figure 7-9 details the Extradition Receipt calculation performed by the Issuer Security Domain.
Receipt
Figure 7-9: Extradition Receipt Calculation
7.7.6 Delete Receipt
If the Card Issuer's security policy requires the generation of Receipts, the Delete Receipt provides confirmation from the card that a successful deletion has occurred through the delegated deletion process. The Delete Receipt is comprised of data related to the delegated deletion process including Card Unique Data generated by the Issuer Security Domain. The Delete Receipt is returned in the response message to the DELETE command issued to the Security Domain.
Figure 7-10 details the Delete Receipt calculation performed by the Issuer Security Domain.
Receipt
Figure 7-10: Delete Receipt Calculation
7.7.7 Load File Data Block Hash
The Load File Data Block Hash provides integrity of the Load File Data Block following receipt of the complete Load File Data Block. The OPEN shall verify the integrity of the Load File Data Block prior to creating an Executable Load File.
The Load File Data Block Hash is a message digest of the Load File Data Block. The Load File Data Block Hash is appended to the INSTALL [for load] command.
Figure 7-11 details the Load File Data Block Hash calculation performed by the Issuer Security Domain, an Application Provider and a Controlling Authority.
Message Digest Calculation Load File Data Block
Hash Load File Data
Block
Figure 7-11: Load File Data Block Hash Calculation
7.7.8 Load File Data Block Signature (DAP Verification)
The Load File Data Block Signature provides verification of the Load File Data Block prior to commencing with the processing of the actual Load File Data Block. The OPEN shall request the Security Domain linked to the Load File Data Block Signature to verify the signature.
The Load File Data Block Signature is a signature of the Load File Data Block Hash. Each Load File Data Block Signature is combined with its linked Security Domain AID in the TLV structured DAP Block. DAP Blocks are positioned in the beginning of the Load File.
Figure 7-12 details the Load File Data Block Signature calculation performed by an Application Provider or Controlling Authority.
Signature Calculation Load File Data Block
Signature Load File Data
Block Hash
Application Provider DAP Calculation Key
Figure 7-12: Load File Data Block Signature Calculation