Smart card application protocol data unit

In the context of smart cards, an application protocol data unit (APDU) is the communication unit between a smart card reader and a smart card. The structure of the APDU is defined by ISO/IEC 7816-4 Organization, security and commands for interchange.[1]

APDU message command-response pairEdit

There are two categories of APDUs: command APDUs and response APDUs. A command APDU is sent by the reader to the card – it contains a mandatory 4-byte header (CLA, INS, P1, P2)[2] and from 0 to 65 535 bytes of data. A response APDU is sent by the card to the reader – it contains from 0 to 65 536 bytes of data, and 2 mandatory status bytes (SW1, SW2).

Command APDU
Field name Length (bytes) Description
CLA 1 Instruction class - indicates the type of command, e.g., interindustry or proprietary
INS 1 Instruction code - indicates the specific command, e.g., "select", "write data"
P1-P2 2 Instruction parameters for the command, e.g., offset into file at which to write the data
Lc 0, 1 or 3 Encodes the number (Nc) of bytes of command data to follow

0 bytes denotes Nc=0
1 byte with a value from 1 to 255 denotes Nc with the same length
3 bytes, the first of which must be 0, denotes Nc in the range 1 to 65 535 (all three bytes may not be zero)

Command data Nc Nc bytes of data
Le 0, 1, 2 or 3 Encodes the maximum number (Ne) of response bytes expected

0 bytes denotes Ne=0
1 byte in the range 1 to 255 denotes that value of Ne, or 0 denotes Ne=256
2 bytes (if extended Lc was present in the command) in the range 1 to 65 535 denotes Ne of that value, or two zero bytes denotes 65 536
3 bytes (if Lc was not present in the command), the first of which must be 0, denote Ne in the same way as two-byte Le

Response APDU
Response data Nr (at most Ne) Response data
(Response trailer)
2 Command processing status, e.g., 90 00 (hexadecimal) indicates success[2]

References, this is theEdit

  1. ^ ISO/IEC JTC 1/SC 17 (2005). "ISO/IEC 7816-4". International Organization for Standardization.
  2. ^ a b Celer, Victor (2021-12-25). "Using the SIMcard as a Security Module (HSM)". CelerSMS. 1 (2): 13–17. ISSN 2745-2336. OCLC 1295467772.

External linksEdit