没有合适的资源?快使用搜索试试~ 我知道了~
首页GP_Specification_v2.3
GP_Specification_v2.3
需积分: 10 16 下载量 132 浏览量
更新于2023-03-03
评论 1
收藏 3.41MB PDF 举报
GP规范英文V2.3版本。 GlobalPlatform(GP)是跨行业的国际标准组织,致力于开发、制定并发布安全芯片的技术标准,以促进多应用产业环境的管理 及其安全、可互操作的业务部署。作为一个国际标准组织,其工作重心主要集中在安全单元(SE)、可信执行环境(TEE)和系统消息(Mobile Messaging)等领域,其成熟的技术规范是建立端到端可信业务解决方案的工具,并服务于产业环境的多个成员,支持多种商业模式。GP是全球基于安全芯片的安全基础设施统一的标准的制定者。
资源详情
资源评论
资源推荐
Copyright
2006-2015, GlobalPlatform, Inc. All Rights Reserved.
Recipients of this document are invited to submit, with their comments, notification of any relevant patents or other intellectual property rights
(collectively, “IPR”) of which they may be aware which might be necessarily infringed by the implementation of the specification or other work
product set forth in this document, and to provide supporting documentation. The technology provided or described herein is subject to updates,
revisions, and extensions by GlobalPlatform. Use of this information is governed by the GlobalPlatform license agreement and any use inconsistent
with that agreement is strictly prohibited.
GlobalPlatform
Card Specification
Version 2.3
Public Release
October 2015
Document Reference: GPC_SPE_034
Card Specification – Public Release v2.3
Copyright
2006-2015 GlobalPlatform, Inc. All Rights Reserved.
The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this information is
governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited.
THIS SPECIFICATION OR OTHER WORK PRODUCT IS BEING OFFERED WITHOUT ANY WARRANTY
WHATSOEVER, AND IN PARTICULAR, ANY WARRANTY OF NON-INFRINGEMENT IS EXPRESSLY
DISCLAIMED. ANY IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT SHALL
BE MADE ENTIRELY AT THE IMPLEMENTER’S OWN RISK, AND NEITHER THE COMPANY, NOR ANY
OF ITS MEMBERS OR SUBMITTERS, SHALL HAVE ANY LIABILITY WHATSOEVER TO ANY
IMPLEMENTER OR THIRD PARTY FOR ANY DAMAGES OF ANY NATURE WHATSOEVER DIRECTLY
OR INDIRECTLY ARISING FROM THE IMPLEMENTATION OF THIS SPECIFICATION OR OTHER
WORK PRODUCT.
Card Specification – Public Release v2.3 3 / 335
Copyright
2006-2015 GlobalPlatform, Inc. All Rights Reserved.
The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this information is
governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited.
Contents
Part I ............................................................................................................................................. 18
1 Introduction .......................................................................................................................... 19
1.1 Audience ................................................................................................................................................. 19
1.2 IPR Disclaimer ........................................................................................................................................ 20
1.3 References ............................................................................................................................................. 20
1.4 Terminology and Definitions ................................................................................................................... 24
1.5 Abbreviations and Notations .................................................................................................................. 28
1.6 Revision History ...................................................................................................................................... 30
1.6.1 Open Platform Card Specification v2.0 to Open Platform Card Specification v2.0.1 .................... 30
1.6.2 Major Adjustments in GlobalPlatform Card Specification v2.1 ...................................................... 30
1.6.3 Revisions in GlobalPlatform Card Specification v2.1.1 .................................................................. 32
1.6.4 Major Adjustments in GlobalPlatform Card Specification v2.2 ...................................................... 33
1.6.5 Minor Adjustments in GlobalPlatform Card Specification v2.2.1 ................................................... 36
1.6.6 Minor Adjustments in GlobalPlatform Card Specification v2.3 ...................................................... 36
Part II ............................................................................................................................................ 38
2 System Architecture ............................................................................................................. 39
3 Card Architecture ................................................................................................................. 40
3.1 Security Domains ................................................................................................................................... 41
3.2 Global Services Applications .................................................................................................................. 41
3.3 Runtime Environment ............................................................................................................................. 41
3.4 Trusted Framework ................................................................................................................................ 41
3.5 GlobalPlatform Environment (OPEN) ..................................................................................................... 41
3.6 GlobalPlatform API ................................................................................................................................. 42
3.7 Card Content .......................................................................................................................................... 43
3.8 Card Manager ......................................................................................................................................... 43
4 Security Architecture ........................................................................................................... 44
4.1 Goals ...................................................................................................................................................... 44
4.2 Security Responsibilities and Requirements .......................................................................................... 45
4.2.1 Card Issuer’s Security Responsibilities .......................................................................................... 45
4.2.2 Application Provider’s Security Responsibilities ............................................................................ 45
4.2.3 Controlling Authority’s Security Responsibilities ............................................................................ 45
4.2.4 On-Card Components’ Security Requirements .............................................................................. 46
4.2.5 Back-End System Security Requirements ..................................................................................... 47
4.3 Cryptographic Support ........................................................................................................................... 48
4.3.1 Secure Card Content Management ............................................................................................... 48
4.3.2 Secure Communication .................................................................................................................. 49
Part III ........................................................................................................................................... 50
5 Life Cycle Models ................................................................................................................. 51
5.1 Card Life Cycle ....................................................................................................................................... 51
5.1.1 Card Life Cycle States ................................................................................................................... 51
5.1.2 Card Life Cycle State Transitions ................................................................................................... 54
5.2 Executable Load File/ Executable Module Life Cycle ............................................................................ 55
5.2.1 Executable Load File Life Cycle ..................................................................................................... 55
5.2.2 Executable Module Life Cycle ........................................................................................................ 55
5.3 Application and Security Domain Life Cycle .......................................................................................... 56
5.3.1 Application Life Cycle States .......................................................................................................... 56
4 / 335 Card Specification – Public Release v2.3
Copyright
2006-2015 GlobalPlatform, Inc. All Rights Reserved.
The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this information is
governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited.
5.3.2 Security Domain Life Cycle States ................................................................................................. 59
5.4 Sample Life Cycle Illustration ................................................................................................................. 62
6 GlobalPlatform Environment (OPEN) .................................................................................. 64
6.1 Overview ................................................................................................................................................. 64
6.2 OPEN Services ....................................................................................................................................... 65
6.3 Command Dispatch ................................................................................................................................ 66
6.4 Logical Channels and Application Selection .......................................................................................... 67
6.4.1 Implicit Selection Assignment ........................................................................................................ 67
6.4.2 Basic Logical Channel .................................................................................................................... 68
6.4.3 Supplementary Logical Channel .................................................................................................... 72
6.5 GlobalPlatform Registry ......................................................................................................................... 75
6.5.1 Application/Executable Load File/Executable Module Data Elements .......................................... 75
6.5.2 Card-Wide Data .............................................................................................................................. 76
6.6 Privileges ................................................................................................................................................ 77
6.6.1 Privilege Definition.......................................................................................................................... 77
6.6.2 Privilege Assignment ...................................................................................................................... 78
6.6.3 Privilege Management ................................................................................................................... 80
6.7 The GlobalPlatform Trusted Framework ................................................................................................ 80
7 Security Domains ................................................................................................................. 83
7.1 General Description ................................................................................................................................ 83
7.1.1 Issuer Security Domain .................................................................................................................. 83
7.2 Security Domain Association .................................................................................................................. 84
7.3 Security Domain Services ...................................................................................................................... 85
7.3.1 Security Domain Support for Secure Messaging ........................................................................... 85
7.3.2 Security Domain Support for Application Personalization.............................................................. 86
7.4 Security Domain Data ............................................................................................................................ 89
7.4.1 Issuer Security Domain .................................................................................................................. 89
7.4.2 Supplementary Security Domains .................................................................................................. 90
7.5 Security Domain Keys ............................................................................................................................ 92
7.5.1 Key Information .............................................................................................................................. 92
7.5.2 Key Access Conditions .................................................................................................................. 93
7.6 Data and Key Management .................................................................................................................... 93
8 Global Platform Services ..................................................................................................... 94
8.1 Global Services Applications .................................................................................................................. 94
8.1.1 Registering Global Services ........................................................................................................... 94
8.1.2 Application Access to Global Services ........................................................................................... 94
8.1.3 Global Service Parameters ............................................................................................................ 95
8.2 CVM Application ..................................................................................................................................... 96
8.2.1 Application Access to CVM Services ............................................................................................. 96
8.2.2 CVM Management ......................................................................................................................... 96
9 Card and Application Management ..................................................................................... 99
9.1 Card Content Management .................................................................................................................... 99
9.1.1 Overview ........................................................................................................................................ 99
9.1.2 OPEN Requirements ...................................................................................................................... 99
9.1.3 Security Domain Requirements ..................................................................................................... 99
9.2 Authorizing and Controlling Card Content ............................................................................................ 102
9.2.1 DAP Verification ........................................................................................................................... 102
9.2.2 Load File Data Block Hash ........................................................................................................... 102
9.2.3 Tokens .......................................................................................................................................... 102
9.3 Card Content Loading, Installation and Make Selectable .................................................................... 103
Card Specification – Public Release v2.3 5 / 335
Copyright
2006-2015 GlobalPlatform, Inc. All Rights Reserved.
The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this information is
governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited.
9.3.1 Overview ...................................................................................................................................... 103
9.3.2 Card Content Loading .................................................................................................................. 104
9.3.3 Card Content Installation .............................................................................................................. 104
9.3.4 Card Content Combined Loading, Installation and Make Selectable .......................................... 105
9.3.5 Card Content Loading Process .................................................................................................... 105
9.3.6 Card Content Installation Process ................................................................................................ 108
9.3.7 Card Content Make Selectable Process ...................................................................................... 109
9.3.8 Card Content Combined Loading, Installation and Make Selectable Process ............................ 111
9.3.9 Examples of Loading and Installation Flow .................................................................................. 114
9.4 Content Extradition and Registry Update ............................................................................................. 117
9.4.1 Content Extradition ....................................................................................................................... 117
9.4.2 Registry Update............................................................................................................................ 120
9.5 Content Removal .................................................................................................................................. 123
9.5.1 Application Removal .................................................................................................................... 124
9.5.2 Executable Load File Removal .................................................................................................... 126
9.5.3 Executable Load File and related Application Removal............................................................... 127
9.6 Security Management .......................................................................................................................... 130
9.6.1 Life Cycle Management ............................................................................................................... 130
9.6.2 Application Locking and Unlocking .............................................................................................. 130
9.6.3 Card Locking and Unlocking ........................................................................................................ 131
9.6.4 Card Termination.......................................................................................................................... 132
9.6.5 Application Status Interrogation ................................................................................................... 133
9.6.6 Card Status Interrogation ............................................................................................................. 133
9.6.7 Operational Velocity Checking ..................................................................................................... 133
9.6.8 Tracing and Event Logging .......................................................................................................... 134
9.7 Memory Resource Management .......................................................................................................... 134
10 Secure Communication...................................................................................................... 136
10.1 Secure Channel .................................................................................................................................... 136
10.2 Explicit / Implicit Secure Channel ......................................................................................................... 137
10.2.1 Explicit Secure Channel Initiation ................................................................................................. 137
10.2.2 Implicit Secure Channel Initiation ................................................................................................. 137
10.2.3 Secure Channel Termination ....................................................................................................... 137
10.3 Direct / Indirect Handling of a Secure Channel Protocol ...................................................................... 138
10.4 Entity Authentication ............................................................................................................................. 139
10.4.1 Authentication with Symmetric Cryptography .............................................................................. 139
10.4.2 Authentication with Asymmetric Cryptography ............................................................................ 139
10.5 Secure Messaging ................................................................................................................................ 140
10.6 Security Levels ..................................................................................................................................... 140
10.7 Secure Channel Protocol Identifier ....................................................................................................... 141
Part IV ........................................................................................................................................ 142
11 APDU Command Reference ............................................................................................... 143
11.1 General Coding Rules .......................................................................................................................... 145
11.1.1 Life Cycle State Coding ................................................................................................................ 145
11.1.2 Privileges Coding ......................................................................................................................... 147
11.1.3 General Error Conditions ............................................................................................................. 148
11.1.4 Class Byte Coding ........................................................................................................................ 148
11.1.5 APDU Message and Data Length ................................................................................................ 149
11.1.6 Confirmations in Response Messages ........................................................................................ 151
11.1.7 Implicit Selection Parameter Coding ............................................................................................ 152
11.1.8 Key Type Coding .......................................................................................................................... 152
11.1.9 Key Usage Qualifier Coding ......................................................................................................... 153
剩余334页未读,继续阅读
panxq0809
- 粉丝: 7
- 资源: 4
上传资源 快速赚钱
- 我的内容管理 收起
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
会员权益专享
最新资源
- c++校园超市商品信息管理系统课程设计说明书(含源代码) (2).pdf
- 建筑供配电系统相关课件.pptx
- 企业管理规章制度及管理模式.doc
- vb打开摄像头.doc
- 云计算-可信计算中认证协议改进方案.pdf
- [详细完整版]单片机编程4.ppt
- c语言常用算法.pdf
- c++经典程序代码大全.pdf
- 单片机数字时钟资料.doc
- 11项目管理前沿1.0.pptx
- 基于ssm的“魅力”繁峙宣传网站的设计与实现论文.doc
- 智慧交通综合解决方案.pptx
- 建筑防潮设计-PowerPointPresentati.pptx
- SPC统计过程控制程序.pptx
- SPC统计方法基础知识.pptx
- MW全能培训汽轮机调节保安系统PPT教学课件.pptx
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0