Card Specification – Public Release v2.3.1 7 / 334
Copyright 2006-2018 GlobalPlatform, Inc. All Rights Reserved.
The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this
information is governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly
prohibited.
B.1.1 Encryption/Decryption .................................................................................................................. 215
B.1.2 MACing ......................................................................................................................................... 215
B.1.3 DES Padding ................................................................................................................................ 215
B.2 Advanced Encryption Standard (AES) ................................................................................................. 216
B.2.1 Encryption/Decryption .................................................................................................................. 216
B.2.2 MACing ......................................................................................................................................... 216
B.2.3 AES Padding ................................................................................................................................ 216
B.3 RSA ...................................................................................................................................................... 216
B.3.1 Scheme 1 ..................................................................................................................................... 216
B.3.2 Scheme 2 ..................................................................................................................................... 217
B.4 Elliptic Curve Cryptography (ECC) ....................................................................................................... 217
B.4.1 Curve Parameters and Key Lengths ............................................................................................ 217
B.4.2 Preloaded ECC Curve Parameters .............................................................................................. 218
B.4.3 ECDSA ......................................................................................................................................... 219
B.4.4 ECKA ............................................................................................................................................ 220
B.4.5 Key Derivation .............................................................................................................................. 220
B.5 Hashing Algorithms .............................................................................................................................. 220
B.5.1 Secure Hash Algorithm (SHA-1) .................................................................................................. 220
B.5.2 Secure Hash Algorithm (SHA-256) .............................................................................................. 220
B.5.3 Secure Hash Algorithm (SHA-384) .............................................................................................. 220
B.5.4 Secure Hash Algorithm (SHA-512) .............................................................................................. 220
B.5.5 MULTOS Asymmetric Hash Algorithm ......................................................................................... 220
B.6 Key Check Values ................................................................................................................................ 221
C Secure Content Management ............................................................................................ 222
C.1 Keys ...................................................................................................................................................... 222
C.1.1 Token and Receipt Keys .............................................................................................................. 222
C.1.2 DAP Verification Keys .................................................................................................................. 223
C.1.3 Load File Data Block Decryption Keys ......................................................................................... 223
C.2 Load File Data Block Hash (LFDBH).................................................................................................... 223
C.3 Load File Data Block Signature (DAP Verification) .............................................................................. 224
C.4 Tokens .................................................................................................................................................. 225
C.4.1 Load Token .................................................................................................................................. 226
C.4.2 Install Token ................................................................................................................................. 227
C.4.3 Make Selectable Token ................................................................................................................ 228
C.4.4 Extradition Token ......................................................................................................................... 229
C.4.5 Registry Update Token ................................................................................................................ 230
C.4.6 Delete Token ................................................................................................................................ 232
C.4.7 Load, Install and Make Selectable Token .................................................................................... 233
C.5 Receipts ................................................................................................................................................ 235
C.5.1 Load Receipt ................................................................................................................................ 235
C.5.2 Install Receipt and Make Selectable Receipt ............................................................................... 236
C.5.3 Extradition Receipt ....................................................................................................................... 237
C.5.4 Registry Update Receipt .............................................................................................................. 237
C.5.5 Delete Receipt .............................................................................................................................. 239
C.5.6 Combined Load, Install and Make Selectable Receipt ................................................................ 240
C.6 Encryption/Decryption of Load File Data Blocks .................................................................................. 241
C.7 GlobalPlatform on MULTOS ................................................................................................................. 242
C.7.1 Keys ............................................................................................................................................. 242
C.7.2 Cryptographic Structures ............................................................................................................. 242
D Void ..................................................................................................................................... 243
E Secure Channel Protocol '02' (Deprecated) ...................................................................... 257