Tomcat
Professional
- Messages
- 2,689
- Reaction score
- 963
- Points
- 113
As noted earlier, it is in EF files that most of the data for a card and its applications is stored. In terms of graph theory, EF files are leaves (terminal vertices of a graph) in the tree-like file structure of the IPC.
As with all ISO 7816-4 card files, an EF file can have its own header (FCI). Let's consider a possible FCI implementation for an EF file. The data objects contained in the FCI are shown in table. 3.6.
Tab. 3.6. FCI Objects for EF File
The File Size data item specifies the size of the body of the EF file, and its value is two bytes. The size of the elementary file is usually fixed at the stage of its creation, and the operating system of the card reserves the necessary EEPROM space for the EF file data. New data can be added to the EF file as long as there is free space in the reserved space.
The File Descriptor Data Element (Tag '82') defines the type of the EF file. There are several types of EF files: Secret File, Internal File, and Working File. According to ISO 7816-4, the file type is encoded in one byte.
Secret files are designed to store secret key information. Internal files contain information that is only controlled by the card application (eg transaction counter, PIN, etc.). Finally, work files store information that is used by applications external to the card (terminal and issuer host applications).
In practice, in most cases, private keys are stored in internal files. Thus, in these cases, all elementary files are of only two types: internal and working. It is these two types of elementary files that are defined in the ISO 7816-4 standard.
The File Identifier Data Element (Tag '83') is encoded in two bytes and takes on a value that is unique within the parent DF file (uniqueness must be controlled by the operating system of the card during the creation of the EF file). The File Identifier element is used to identify the EF file within the parent DF file.
The EF Attributes data item contains two parameters that determine whether the EF file uses its own body or the body of another EF file (to save EEPROM space if the data is used by different applications), as well as the number of entries in the EF file. ... The number of records in the EF file is encoded in one byte of information. Therefore, the maximum number of records in a linear file is 255.
Finally, the EF File Access Conditions data item defines the conditions for accessing the EF file for executing the commands to modify a record, read a record, and create a new record. Thus, the EF file is the minimum data structure for which access conditions can be defined: the access conditions to all records of one elementary file are the same.
By their structure, EF files are of four types (Fig. 3.2):
A linear file with fixed or variable length records, as the name suggests, contains smaller units of information called records. The file entries are numbered sequentially. In a fixed-length file, all records contain the same number of bytes, while in a linear file with variable-length records, the record size is variable. Obviously a linear file with entries
Her
A circular file contains fixed-length records linked in a circular structure. The latter means that with each access to such a file, the command is "applied" to the next record of the file. If all records in the file have already been used to store data, the oldest record in the file is overwritten.
Cyclic files are used in the EMV standard to store data about the last transactions performed on the card (Transaction Log File). In this case, if all records of the Transaction Log File are used, data about the new transaction is recorded in the records used to store the oldest transaction.
There are two ways to link to an EF file in order to select the latter:
1) link using FID (File Identifier). In this case, the terminal must know the file structure of the card and, before the terminal selects the EF file, all directories containing it must be selected first, including the parent DF file of the selected elementary file. Only after the EF file is selected can read and write operations be performed on its data.
Obviously, the need for the terminal to know the file structure of the card is a disadvantage of the FID reference method. The advantage of the method is the versatility and simplicity of the algorithm used in it, which is used both for selecting DF files and for selecting EF files. This versatility makes it easy to implement a card application. Therefore, the implementation of the link by FID may be of interest for local applications in which the terminal knows in advance the file structure used by the card application;
2) a link using the Short File Identifier (SFI), which is a number from 1 to 30 and is encoded in five bits. Each EF file has a unique SFI value within the parent DF file.
The SFI identifier is an input parameter to a number of commands executed on the data of the elementary file. This means that when using this linking method, you do not need to preselect the file to execute the command, which is an important advantage of the SFI linking method.
Note that the EMV standard for both DF files and EF files only uses a filename reference.
As with all ISO 7816-4 card files, an EF file can have its own header (FCI). Let's consider a possible FCI implementation for an EF file. The data objects contained in the FCI are shown in table. 3.6.
Tab. 3.6. FCI Objects for EF File
| Tag | Data object content |
| '81' | file size |
| '82' | File Descriptor |
| '83' | File Identifier |
| '85' | EF Attributes |
| '86' | EF file access conditions |
The File Size data item specifies the size of the body of the EF file, and its value is two bytes. The size of the elementary file is usually fixed at the stage of its creation, and the operating system of the card reserves the necessary EEPROM space for the EF file data. New data can be added to the EF file as long as there is free space in the reserved space.
The File Descriptor Data Element (Tag '82') defines the type of the EF file. There are several types of EF files: Secret File, Internal File, and Working File. According to ISO 7816-4, the file type is encoded in one byte.
Secret files are designed to store secret key information. Internal files contain information that is only controlled by the card application (eg transaction counter, PIN, etc.). Finally, work files store information that is used by applications external to the card (terminal and issuer host applications).
In practice, in most cases, private keys are stored in internal files. Thus, in these cases, all elementary files are of only two types: internal and working. It is these two types of elementary files that are defined in the ISO 7816-4 standard.
The File Identifier Data Element (Tag '83') is encoded in two bytes and takes on a value that is unique within the parent DF file (uniqueness must be controlled by the operating system of the card during the creation of the EF file). The File Identifier element is used to identify the EF file within the parent DF file.
The EF Attributes data item contains two parameters that determine whether the EF file uses its own body or the body of another EF file (to save EEPROM space if the data is used by different applications), as well as the number of entries in the EF file. ... The number of records in the EF file is encoded in one byte of information. Therefore, the maximum number of records in a linear file is 255.
Finally, the EF File Access Conditions data item defines the conditions for accessing the EF file for executing the commands to modify a record, read a record, and create a new record. Thus, the EF file is the minimum data structure for which access conditions can be defined: the access conditions to all records of one elementary file are the same.
By their structure, EF files are of four types (Fig. 3.2):
- transparent, or binary, files (transparent file);
- linear fixed file;
- linear variable files;
- cyclic files.
A linear file with fixed or variable length records, as the name suggests, contains smaller units of information called records. The file entries are numbered sequentially. In a fixed-length file, all records contain the same number of bytes, while in a linear file with variable-length records, the record size is variable. Obviously a linear file with entries
Her
- G)
- b) linear files with a fixed record length;
- c) linear files with records of variable length;
- d) cyclic files
A circular file contains fixed-length records linked in a circular structure. The latter means that with each access to such a file, the command is "applied" to the next record of the file. If all records in the file have already been used to store data, the oldest record in the file is overwritten.
Cyclic files are used in the EMV standard to store data about the last transactions performed on the card (Transaction Log File). In this case, if all records of the Transaction Log File are used, data about the new transaction is recorded in the records used to store the oldest transaction.
There are two ways to link to an EF file in order to select the latter:
1) link using FID (File Identifier). In this case, the terminal must know the file structure of the card and, before the terminal selects the EF file, all directories containing it must be selected first, including the parent DF file of the selected elementary file. Only after the EF file is selected can read and write operations be performed on its data.
Obviously, the need for the terminal to know the file structure of the card is a disadvantage of the FID reference method. The advantage of the method is the versatility and simplicity of the algorithm used in it, which is used both for selecting DF files and for selecting EF files. This versatility makes it easy to implement a card application. Therefore, the implementation of the link by FID may be of interest for local applications in which the terminal knows in advance the file structure used by the card application;
2) a link using the Short File Identifier (SFI), which is a number from 1 to 30 and is encoded in five bits. Each EF file has a unique SFI value within the parent DF file.
The SFI identifier is an input parameter to a number of commands executed on the data of the elementary file. This means that when using this linking method, you do not need to preselect the file to execute the command, which is an important advantage of the SFI linking method.
Note that the EMV standard for both DF files and EF files only uses a filename reference.
