{"id":349346,"date":"2024-10-20T00:36:11","date_gmt":"2024-10-20T00:36:11","guid":{"rendered":"https:\/\/pdfstandards.shop\/product\/uncategorized\/bs-en-419212-12014\/"},"modified":"2024-10-26T00:16:44","modified_gmt":"2024-10-26T00:16:44","slug":"bs-en-419212-12014","status":"publish","type":"product","link":"https:\/\/pdfstandards.shop\/product\/publishers\/bsi\/bs-en-419212-12014\/","title":{"rendered":"BS EN 419212-1:2014"},"content":{"rendered":"

This European Standard specifies mechanisms for smart cards to be used as secure signature creation devices covering: – signature creation; – user verification; – password based authentication; – device authentication; – establishment of a secure channel. The specified mechanisms are suitable for other purposes like services in the context of IAS.<\/p>\n

PDF Catalog<\/h4>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
PDF Pages<\/th>\nPDF Title<\/th>\n<\/tr>\n
4<\/td>\nContents Page <\/td>\n<\/tr>\n
9<\/td>\nForeword <\/td>\n<\/tr>\n
11<\/td>\nIntroduction <\/td>\n<\/tr>\n
12<\/td>\n1 Scope
2 Normative references <\/td>\n<\/tr>\n
13<\/td>\n3 Terms and definitions <\/td>\n<\/tr>\n
17<\/td>\n4 Symbols and abbreviations <\/td>\n<\/tr>\n
20<\/td>\n5 Signature application
5.1 Application Flow <\/td>\n<\/tr>\n
24<\/td>\n5.2 Trusted environment versus untrusted environment
5.3 Selection of ESIGN application
5.3.1 General <\/td>\n<\/tr>\n
25<\/td>\n5.3.2 Exceptions for Secure Messaging
5.4 Selection of cryptographic information application <\/td>\n<\/tr>\n
26<\/td>\n5.5 Concurrent usage of signature applications
5.5.1 General
5.5.2 Methods of channel selection
5.5.3 Security issues on multiple channels
5.6 Security environment selection <\/td>\n<\/tr>\n
27<\/td>\n5.7 Key selection
5.8 Security Services <\/td>\n<\/tr>\n
28<\/td>\n6 User verification
6.1 General
6.2 Knowledge based user verification
6.2.1 General <\/td>\n<\/tr>\n
29<\/td>\n6.2.2 Explicit user verification <\/td>\n<\/tr>\n
30<\/td>\n6.2.3 Password based mechanisms
6.2.4 Presentation formats
6.2.5 Retry and Usage counters <\/td>\n<\/tr>\n
31<\/td>\n6.2.6 Password Change
6.2.7 Reset of RC and setting a new password <\/td>\n<\/tr>\n
32<\/td>\n6.3 Biometric user verification
6.3.1 General <\/td>\n<\/tr>\n
33<\/td>\n6.3.2 Retrieval of the Biometric Information Template <\/td>\n<\/tr>\n
34<\/td>\n6.3.3 Performing the biometric user verification
6.3.3.1 General
6.3.3.2 Sensor off-card <\/td>\n<\/tr>\n
35<\/td>\n6.3.3.3 Biometric Templates <\/td>\n<\/tr>\n
36<\/td>\n6.3.3.4 Sensor on-card
6.3.4 Reset of RC
7 Digital Signature Service
7.1 General <\/td>\n<\/tr>\n
37<\/td>\n7.2 Signature generation algorithms
7.3 Activation of digital signature service <\/td>\n<\/tr>\n
38<\/td>\n7.4 General aspects <\/td>\n<\/tr>\n
39<\/td>\n7.5 Signature Generation
7.5.1 General
7.5.2 No hashing in Card <\/td>\n<\/tr>\n
40<\/td>\n7.5.3 Partial hashing <\/td>\n<\/tr>\n
41<\/td>\n7.5.4 All hashing in ICC <\/td>\n<\/tr>\n
42<\/td>\n7.6 Selection of different keys, algorithms and input formats
7.6.1 General <\/td>\n<\/tr>\n
43<\/td>\n7.6.2 Restore an existing SE <\/td>\n<\/tr>\n
44<\/td>\n7.6.3 Setting the Hash Template (HT) of a current Security Environment (SE)
7.6.4 Modify the Digital Signature Template (DST) of a current Security Environment (SE) <\/td>\n<\/tr>\n
45<\/td>\n7.7 Read certificates and certificate related information
7.7.1 General
7.7.2 Read certificate related CIOs <\/td>\n<\/tr>\n
46<\/td>\n7.7.3 Read signer’s certificate from ICC
7.7.4 Retrieval of the signer’s certificate from a directory service <\/td>\n<\/tr>\n
47<\/td>\n8 Device authentication
8.1 General <\/td>\n<\/tr>\n
48<\/td>\n8.2 Asymmetric Authentication introduction
8.3 Certification authorities and certificates
8.3.1 Certificate chains <\/td>\n<\/tr>\n
49<\/td>\n8.3.2 Usage of link certificates <\/td>\n<\/tr>\n
50<\/td>\n8.4 Authentication environments
8.4.1 General
8.4.2 SCA in trusted environment
8.4.3 SCA in untrusted environment <\/td>\n<\/tr>\n
51<\/td>\n8.4.4 Specification of the environment
8.4.5 Display message mechanism
8.4.6 Additional authentication environments
8.5 Key transport and key agreement mechanisms <\/td>\n<\/tr>\n
52<\/td>\n8.6 Key transport protocol based on RSA
8.6.1 General <\/td>\n<\/tr>\n
54<\/td>\n8.6.2 Authentication Steps
8.6.2.1 General
8.6.2.2 Step\u00a0A \u2014 Skip to authentication (conditional)
8.6.2.3 Step\u00a0B \u2014 Selection of verification key PuK.RCA.AUT (conditional) <\/td>\n<\/tr>\n
55<\/td>\n8.6.2.4 Step\u00a0C \u2014 Verify Certificate C_CV.CA.CS_AUT (conditional) <\/td>\n<\/tr>\n
57<\/td>\n8.6.2.5 Step\u00a0D \u2014 Selection of verification key PuK.CAIFDAUT <\/td>\n<\/tr>\n
58<\/td>\n8.6.2.6 Step\u00a0E \u2014 Verify Certificate C_CV.IFD.AUT
8.6.2.7 Step\u00a0F \u2014 Skip reading chain certificates <\/td>\n<\/tr>\n
59<\/td>\n8.6.2.8 Step\u00a0G \u2014 Read C.CAICC.AUT (conditional)
8.6.2.9 Step\u00a0H \u2014 Read ICC’s certificate C.ICC.AUT <\/td>\n<\/tr>\n
60<\/td>\n8.6.2.10 Step\u00a0I \u2014 Key selection <\/td>\n<\/tr>\n
61<\/td>\n8.6.2.11 Step\u00a0J \u2014 Internal Authentication <\/td>\n<\/tr>\n
63<\/td>\n8.6.2.12 Step\u00a0K \u2014 Get Challenge
8.6.2.13 Step\u00a0L \u2014 External authentication <\/td>\n<\/tr>\n
64<\/td>\n8.6.3 Session Key creation <\/td>\n<\/tr>\n
65<\/td>\n8.7 Device authentication with privacy protection
8.7.1 General
8.7.2 Authentication steps
8.7.2.1 General <\/td>\n<\/tr>\n
69<\/td>\n8.7.2.2 Step\u00a01 \u2014 Read key exchange parameters <\/td>\n<\/tr>\n
70<\/td>\n8.7.2.3 Step\u00a02 \u2014 IFD selects the public key parameter set and sends KIFD <\/td>\n<\/tr>\n
71<\/td>\n8.7.2.4 Step\u00a03 \u2014 ICC computes KICC <\/td>\n<\/tr>\n
74<\/td>\n8.7.2.5 Step\u00a04 \u2014 Skip reading chain certificates <\/td>\n<\/tr>\n
75<\/td>\n8.7.2.6 Step\u00a05 \u2014 Selection of verification key PuK.(R)CAIFD.CS_AUT (conditional)
8.7.2.7 Step\u00a06 \u2014 Verify Certificate C_CV.CAIFD.CS_AUT (conditional) <\/td>\n<\/tr>\n
77<\/td>\n8.7.2.8 Step\u00a07 \u2014 Selection of verification key PuK.CAIFD.AUT
8.7.2.9 Step\u00a08 \u2014 Verify Certificate C_CV.IFD.AUT <\/td>\n<\/tr>\n
78<\/td>\n8.7.2.10 Step\u00a09 \u2014 Key Selection for external authentication <\/td>\n<\/tr>\n
79<\/td>\n8.7.2.11 Step\u00a010 \u2014 Get Challenge <\/td>\n<\/tr>\n
80<\/td>\n8.7.2.12 Step\u00a011 \u2014 External authentication <\/td>\n<\/tr>\n
81<\/td>\n8.7.2.13 Step\u00a012 \u2014 Read C.CAICC.AUT (conditional) <\/td>\n<\/tr>\n
82<\/td>\n8.7.2.14 Step\u00a013 \u2014 Read ICC’s certificate C.ICC.AUT
8.7.2.15 Step\u00a014 \u2014 Key selection <\/td>\n<\/tr>\n
83<\/td>\n8.7.2.16 Step\u00a015 \u2014 Internal Authentication <\/td>\n<\/tr>\n
84<\/td>\n8.8 Privacy constrained Modular EAC (mEAC) protocol with non-traceability feature
8.8.1 General <\/td>\n<\/tr>\n
85<\/td>\n8.8.2 Example for traceability case
8.8.3 Notation <\/td>\n<\/tr>\n
86<\/td>\n8.8.4 Authentication steps
8.8.4.1 General <\/td>\n<\/tr>\n
88<\/td>\n8.8.4.2 Step\u00a01 \u2014 Reading of the protocol relevant public parameters <\/td>\n<\/tr>\n
89<\/td>\n8.8.4.3 Step 2 \u2014 User verification (conditional)
8.8.4.4 Step\u00a03 \u2014 Selection of verification key PuK.(R)CAIFD.CS_AUT (conditional) <\/td>\n<\/tr>\n
90<\/td>\n8.8.4.5 Step\u00a04 \u2014 Verify Certificate C_CV.CAIFD.CS_AUT (conditional) <\/td>\n<\/tr>\n
91<\/td>\n8.8.4.6 Step\u00a05 \u2014 Selection of verification key PuK.CAIFD.AUT
8.8.4.7 Step\u00a06 \u2014 Verify Certificate C_CV.IFD.AUT <\/td>\n<\/tr>\n
92<\/td>\n8.8.4.8 Step\u00a07 \u2014 Key Selection for external authentication <\/td>\n<\/tr>\n
94<\/td>\n8.8.4.9 Step\u00a08 \u2014 Get Challenge
8.8.4.10 Step\u00a09 \u2014 External authentication <\/td>\n<\/tr>\n
96<\/td>\n8.8.4.11 Step\u00a010 \u2014 Reading of the public key PuK.ICC.KA (conditionally) <\/td>\n<\/tr>\n
97<\/td>\n8.8.4.12 Step 11 \u2014 Selection of Algorithm and keys <\/td>\n<\/tr>\n
99<\/td>\n8.8.4.13 Step 12 \u2014 Key agreement <\/td>\n<\/tr>\n
100<\/td>\n8.8.4.14 Step 13 \u2014 Establishment of new secure channel
8.8.4.15 Step\u00a014 \u2014 Read and verify ICC’s certificate <\/td>\n<\/tr>\n
101<\/td>\n8.8.5 Unlinkablity Mechanism with individual private keys
8.8.5.1 General <\/td>\n<\/tr>\n
102<\/td>\n8.8.5.2 Key derivation
8.8.5.3 Step X.1 – Request for randomisation <\/td>\n<\/tr>\n
104<\/td>\n8.8.5.4 Step\u00a02.2 \u2014 GA: Get nonce <\/td>\n<\/tr>\n
105<\/td>\n8.8.5.5 PCA mechanism <\/td>\n<\/tr>\n
107<\/td>\n8.8.5.6 Step\u00a07.1 \u2014 Key Selection for external authentication <\/td>\n<\/tr>\n
109<\/td>\n8.8.5.7 Step 12.1 DH key agreement <\/td>\n<\/tr>\n
110<\/td>\n8.9 Symmetric authentication scheme
8.9.1 General
8.9.2 Authentication steps
8.9.2.1 General <\/td>\n<\/tr>\n
112<\/td>\n8.9.2.2 Step\u00a0A \u2014 Read SN.ICC <\/td>\n<\/tr>\n
113<\/td>\n8.9.2.3 Step\u00a0B \u2014 Get Challenge
8.9.2.4 Step\u00a0C \u2014 Mutual authentication <\/td>\n<\/tr>\n
114<\/td>\n8.9.3 Session Key creation <\/td>\n<\/tr>\n
115<\/td>\n8.10 Compute Session keys from key seed KIFD\/ICC
8.10.1 General
8.10.2 Generation of key data
8.10.3 Partitioning of the key data
8.10.4 Algorithm and method specific definition for key derivation
8.10.4.1 TDES <\/td>\n<\/tr>\n
116<\/td>\n8.10.4.2 AES-128 using EMAC (SHA-1 version) <\/td>\n<\/tr>\n
117<\/td>\n8.10.4.3 AES-128 using CMAC (SHA-1 version)
8.10.4.4 AES using EMAC (SHA-256 version) <\/td>\n<\/tr>\n
118<\/td>\n8.10.4.5 AES using CMAC (SHA\u2013256 version)
8.10.5 Key derivation from passwords
8.10.5.1 General
8.10.5.2 3DES Key derivation <\/td>\n<\/tr>\n
119<\/td>\n8.10.5.3 AES-128 Key derivation
8.10.5.4 AES-192 Key derivation
8.10.5.5 AES-256 Key derivation <\/td>\n<\/tr>\n
120<\/td>\n8.11 Compute send sequence counter SSC
8.12 Post-authentication phase <\/td>\n<\/tr>\n
121<\/td>\n8.13 Ending the secure session
8.13.1 General
8.13.2 Example for ending a secure session
8.13.3 Rules for ending a secure session
8.14 Reading the Display Message <\/td>\n<\/tr>\n
124<\/td>\n8.15 Updating the Display Message <\/td>\n<\/tr>\n
125<\/td>\n9 Password-based authentication protocols
9.1 General
9.2 Notation <\/td>\n<\/tr>\n
126<\/td>\n9.3 Authentication steps
9.3.1 General <\/td>\n<\/tr>\n
127<\/td>\n9.3.2 Step\u00a01 \u2014 Reading the protocol relevant public parameters <\/td>\n<\/tr>\n
129<\/td>\n9.3.3 Step\u00a02 \u2014 Set PBM parameters and generate blinding point <\/td>\n<\/tr>\n
130<\/td>\n9.3.4 Step\u00a03 \u2014 Get encrypted nonce <\/td>\n<\/tr>\n
131<\/td>\n9.3.5 Step\u00a04.1 \u2014 Map nonce and compute generator point for generic mapping <\/td>\n<\/tr>\n
132<\/td>\n9.3.6 Step\u00a04.2 \u2014 Map nonce and compute generator point for integrated mapping
9.3.6.1 General
9.3.6.2 Description of the R function <\/td>\n<\/tr>\n
135<\/td>\n9.3.7 Step\u00a05 \u2014 Generate session keys <\/td>\n<\/tr>\n
136<\/td>\n9.3.8 Step\u00a06 \u2014 Explicit key authentication <\/td>\n<\/tr>\n
137<\/td>\n10 Secure Messaging
10.1 General
10.2 CLA byte
10.3 TLV coding of command and response message <\/td>\n<\/tr>\n
138<\/td>\n10.4 Treatment of SM-Errors
10.5 Padding for checksum calculation
10.6 Send sequence counter (SSC)
10.7 Message structure of Secure Messaging APDUs
10.7.1 Cryptograms <\/td>\n<\/tr>\n
141<\/td>\n10.7.2 Cryptographic Checksums <\/td>\n<\/tr>\n
145<\/td>\n10.7.3 Final command APDU construction
10.8 Response APDU protection <\/td>\n<\/tr>\n
152<\/td>\n10.9 Use of TDES and AES
10.9.1 TDES\/AES encryption\/decryption <\/td>\n<\/tr>\n
153<\/td>\n10.9.2 CBC mode
10.9.3 Retail MAC with TDES <\/td>\n<\/tr>\n
154<\/td>\n10.9.4 EMAC with AES <\/td>\n<\/tr>\n
156<\/td>\n10.9.5 CMAC with AES <\/td>\n<\/tr>\n
157<\/td>\n11 Key Generation
11.1 General
11.2 Key generation and export using PrK.ICC.AUT
11.3 Key generation and export with SM <\/td>\n<\/tr>\n
158<\/td>\n11.4 Write certificates
12 Key identifiers and parameters
12.1 General
12.2 Key identifiers (KID)
12.2.1 General
12.2.2 Secret and private keys
12.3 Public Key parameters
12.3.1 General <\/td>\n<\/tr>\n
159<\/td>\n12.3.2 RSA public key parameters
12.4 Diffie-Hellman key exchange parameters
12.5 Authentication tokens in the protocols mEACv2 and PCA
12.5.1 General
12.5.2 TDES
12.5.3 AES
12.5.4 Ephemeral Public Key Data Object <\/td>\n<\/tr>\n
160<\/td>\n12.6 The compression function Comp( )
12.7 DSA with ELC public key parameters
12.7.1 General <\/td>\n<\/tr>\n
161<\/td>\n12.7.2 The plain format of a digital signature
12.7.3 The uncompressed encoding <\/td>\n<\/tr>\n
162<\/td>\n12.8 ELC key exchange public parameters
13 Data structures
13.1 CRTs
13.1.1 CRT AT for the selection of internal private authentication keys <\/td>\n<\/tr>\n
163<\/td>\n13.1.2 CRT AT for selection of internal authentication keys
13.1.3 CRT for selection of IFD’s PuK.CAIFD.CS_AUT <\/td>\n<\/tr>\n
164<\/td>\n13.1.4 CRT for selection of IFD’s PuK.IFD.AUT
13.1.5 CRT AT for selection of the public DH \/ ECDH key parameters
13.1.6 CRT AT for selection of the PBM key parameters <\/td>\n<\/tr>\n
165<\/td>\n13.1.7 GENERAL AUTHENTICATE DH key parameters used by the Privacy Protocol
13.1.8 CRT AT for selection of ICC’s private authentication key <\/td>\n<\/tr>\n
166<\/td>\n13.1.9 CRT for selection of IFD’s PuK.IFD.AUT
13.1.10 CRT for selection of PrK.ICC.KA
13.2 Key transport device authentication protocol <\/td>\n<\/tr>\n
167<\/td>\n13.2.1 EXTERNAL AUTHENTICATE <\/td>\n<\/tr>\n
168<\/td>\n13.2.2 INTERNAL AUTHENTICATE
13.3 Privacy device authentication protocol <\/td>\n<\/tr>\n
169<\/td>\n13.3.1 EXTERNAL AUTHENTICATE (DH case) <\/td>\n<\/tr>\n
170<\/td>\n13.3.2 EXTERNAL AUTHENTICATE (ECDH case) <\/td>\n<\/tr>\n
171<\/td>\n13.3.3 INTERNAL AUTHENTICATE (DH case) <\/td>\n<\/tr>\n
172<\/td>\n13.3.4 INTERNAL AUTHENTICATE (ECDH case) <\/td>\n<\/tr>\n
173<\/td>\n14 AlgIDs, Hash- and DSI Formats
14.1 Algorithm Identifiers and OIDs <\/td>\n<\/tr>\n
174<\/td>\n14.2 Hash Input-Formats
14.2.1 PSO:HASH without command chaining <\/td>\n<\/tr>\n
175<\/td>\n14.2.2 PSO:HASH with command Chaining
14.3 Formats of the Digital Signature Input (DSI) <\/td>\n<\/tr>\n
176<\/td>\n14.3.1 DSI according to ISO\/IEC\u00a014888-2 (scheme 2) <\/td>\n<\/tr>\n
177<\/td>\n14.3.2 DSI according to PKCS #1 V 1.5 <\/td>\n<\/tr>\n
178<\/td>\n14.3.3 Digest Info for SHA-X <\/td>\n<\/tr>\n
180<\/td>\n14.3.4 DSI according to PKCS #1 V 2.x <\/td>\n<\/tr>\n
181<\/td>\n14.3.5 DSA with DH key parameters
14.3.6 Elliptic Curve Digital Signature Algorithm – ECDSA <\/td>\n<\/tr>\n
182<\/td>\n15 CV_Certificates and Key Management
15.1 Level of trust in a certificate
15.2 Key Management <\/td>\n<\/tr>\n
183<\/td>\n15.3 Certificate types
15.3.1 Card Verifiable Certificates
15.3.2 Signature-Certificates
15.3.3 Authentication Certificates
15.4 Use of the public key extracted from a CV-certificate <\/td>\n<\/tr>\n
184<\/td>\n15.5 Validity of the key extracted from a CV-certificate <\/td>\n<\/tr>\n
185<\/td>\n15.6 CVC structure
15.6.1 Non-self-descriptive certificates
15.6.2 Self-descriptive certificates <\/td>\n<\/tr>\n
186<\/td>\n15.7 Certificate Content
15.7.1 CPI-Certificate Profile Identifier <\/td>\n<\/tr>\n
187<\/td>\n15.7.2 CAR-Certification Authority Reference DO <\/td>\n<\/tr>\n
188<\/td>\n15.7.3 CHR-Certificate Holder Reference DO <\/td>\n<\/tr>\n
189<\/td>\n15.7.4 CHA-Certificate Holder Authorization Data Object (CHA-DO) <\/td>\n<\/tr>\n
191<\/td>\n15.7.5 Role identifier specifications <\/td>\n<\/tr>\n
192<\/td>\n15.7.5.1 Role ID for PuK of CA <\/td>\n<\/tr>\n
193<\/td>\n15.7.5.2 Role ID for PuK for device authentication
15.7.5.3 Processing the role ID <\/td>\n<\/tr>\n
194<\/td>\n15.7.6 CHAT-Certificate Holder Authorization Template (CHAT)
15.7.7 OID \u2014 Object identifier
15.7.8 CEDT \u2014 Certificate Effective Date Template
15.7.9 CXDT \u2014 Certificate Expiration date Template <\/td>\n<\/tr>\n
195<\/td>\n15.8 Certificate signature
15.8.1 Non self-descriptive certificates <\/td>\n<\/tr>\n
196<\/td>\n15.8.2 Self-descriptive certificates
15.9 Coding of the certificate content
15.9.1 Non self-descriptive certificates <\/td>\n<\/tr>\n
197<\/td>\n15.9.2 Self-descriptive certificates
15.9.3 Self-descriptive certificates for elliptic curve cryptography
15.9.3.1 Structure of a self-descriptive CV certificate <\/td>\n<\/tr>\n
198<\/td>\n15.9.3.2 Certificate content template
15.9.3.3 Certificate Profile Identifier
15.9.3.4 Certification Authority Reference Template
15.9.3.5 Certificate Holder Reference Template
15.9.3.6 Certificate Holder Authorization (CHA-Template\/CHA-DO) <\/td>\n<\/tr>\n
199<\/td>\n15.9.3.7 Optional certificate extension in self-descriptive certificates <\/td>\n<\/tr>\n
200<\/td>\n15.9.3.8 Public Key
15.9.3.9 OID1
15.9.3.10 Signature <\/td>\n<\/tr>\n
201<\/td>\n15.10 Steps of CVC verification <\/td>\n<\/tr>\n
202<\/td>\n15.10.1 First round: CVC verification from a Root PuK <\/td>\n<\/tr>\n
203<\/td>\n15.10.2 Subsequent round(s)
15.11 Commands to handle the CVC
15.12 C_CV.IFD.AUT (non self-descriptive) <\/td>\n<\/tr>\n
205<\/td>\n15.13 C_CV.CA.CS-AUT (non self-descriptive) <\/td>\n<\/tr>\n
206<\/td>\n15.14 C.ICC.AUT
15.15 Self-descriptive CV Certificate (Example) <\/td>\n<\/tr>\n
207<\/td>\n15.15.1 Public Key
15.15.2 Certificate Holder Authorization Template
15.15.3 Certificate Extension <\/td>\n<\/tr>\n
208<\/td>\n15.15.4 ECDSA Signature <\/td>\n<\/tr>\n
209<\/td>\n16 Files
16.1 File structure <\/td>\n<\/tr>\n
210<\/td>\n16.2 File IDs
16.3 EF.DIR
16.4 EF.SN.ICC <\/td>\n<\/tr>\n
211<\/td>\n16.5 EF.DH
16.6 EF.ELC <\/td>\n<\/tr>\n
212<\/td>\n16.7 EF.C.ICC.AUT <\/td>\n<\/tr>\n
213<\/td>\n16.8 EF.C.CAICC.CS-AUT
16.9 EF.C_X509.CH.DS <\/td>\n<\/tr>\n
214<\/td>\n16.10 EF.C_X509.CA.CS (DF.ESIGN)
16.11 EF.DM <\/td>\n<\/tr>\n
215<\/td>\n17 Cryptographic Information Application <\/td>\n<\/tr>\n
216<\/td>\n17.1 ESIGN cryptographic information layout example <\/td>\n<\/tr>\n
217<\/td>\n17.1.1 EF.CIAInfo <\/td>\n<\/tr>\n
218<\/td>\n17.1.2 EF.AOD <\/td>\n<\/tr>\n
221<\/td>\n17.1.3 EF.PrKD <\/td>\n<\/tr>\n
223<\/td>\n17.1.4 EF.PuKD <\/td>\n<\/tr>\n
224<\/td>\n17.1.5 EF.CD <\/td>\n<\/tr>\n
225<\/td>\n17.1.6 EF.DCOD <\/td>\n<\/tr>\n
228<\/td>\nAnnex\u00a0A (normative)Algorithm Identifiers \u2014 Coding and specification <\/td>\n<\/tr>\n
236<\/td>\nAnnex\u00a0B (informative)Device authentication Protocol Properties <\/td>\n<\/tr>\n
238<\/td>\nAnnex\u00a0C (informative)Personalization scenarios <\/td>\n<\/tr>\n
240<\/td>\nAnnex\u00a0D (informative)OID values
D.1 OIDs for certificate signatures <\/td>\n<\/tr>\n
241<\/td>\nD.2 OIDs for key transport protocol
D.3 OIDs for device authentication with privacy <\/td>\n<\/tr>\n
242<\/td>\nD.4 OIDs for password based mechanisms <\/td>\n<\/tr>\n
243<\/td>\nD.5 OIDs for mEAC protocol
D.5.1 OIDs for Chip Device Authentication
D.5.2 OIDs for Terminal Device Authentication <\/td>\n<\/tr>\n
244<\/td>\nD.6 OIDs for privacy protocols
D.6.1 OIDs for Restricted Identification <\/td>\n<\/tr>\n
245<\/td>\nD.6.2 OIDs for Restricted Identification
D.7 OIDs for mEAC based eServices
D.7.1 OIDs for Terminal Device Authentication in mEAC-based eServices <\/td>\n<\/tr>\n
246<\/td>\nD.8 OIDs for the PCA mechanism <\/td>\n<\/tr>\n
247<\/td>\nAnnex\u00a0E (informative)Build scheme for object identifiers defined by EN 14890 <\/td>\n<\/tr>\n
249<\/td>\nBibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

Application Interface for smart cards used as Secure Signature Creation Devices – Basic services<\/b><\/p>\n\n\n\n\n
Published By<\/td>\nPublication Date<\/td>\nNumber of Pages<\/td>\n<\/tr>\n
BSI<\/b><\/a><\/td>\n2014<\/td>\n254<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":349355,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[693,2641],"product_tag":[],"class_list":{"0":"post-349346","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-35-240-15","7":"product_cat-bsi","9":"first","10":"instock","11":"sold-individually","12":"shipping-taxable","13":"purchasable","14":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/349346","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/349355"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=349346"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=349346"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=349346"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}