This clause lists a group of data oriented command and response APDU formats that are used by applications residing on a UICC. It is up to each application to determine which commands it uses. If an application does not support a command, it shall return the appropriate status word, see clause 10.2.
The data transmitted is encapsulated in a BER-TLV data object structure and is formatted as follows:
Byte(s)
Description
Length
1 to T
BER-TLV Tag
1 ≤ T ≤ 3
T+1 to T+L
BER-TLV Length
1 ≤ L ≤ 4
T+L+1 to T+L+X
BER-TLV Value
X
The specific tag allocation scheme is beyond the scope of the present document.
However, the tag values, that shall be supported by the UICC and the terminal are defined as follows:
Tags of the context-specific class, coded on one to three bytes, shall be used for the TLV objects, i.e. tags shall be taken out of the following ranges:
'80' to '9E' and '9F 1F' to '9F 7F' and '9F 81 XX' to '9F FF XX' with 'XX' from '00' to 7F' for primitive objects; and
'A0' to 'BE' and 'BF 1F' to 'BF 7F' and 'BF 81 XX' to 'BF FF XX' with 'XX' from '00' to 7F' for constructed objects.
Terminals shall take into account that each tag value can only exist once in a file and thus an unused tag has to be used to create a new object.
The tag '5C' as defined in ISO/IEC 7816-4 [12] is reserved to get the list of tags already allocated in a file. The value part of this TLV contains the concatenation of all top level tags of the BER-TLV objects allocated in the file. Tags contained in the value part of a constructed BER-TLV object shall not be included in the tag list. Tag '5C' shall not be considered as an allocated tag.
The length of the TLV objects shall be coded on one to four bytes:
Number of bytes
First byte
Following bytes
Encoded length value
1
'00' to '7F'
none
0 to 127
2
'81'
'80' to 'FF'
128 to 255
3
'82'
'01 00' to 'FF FF'
256 to 65,535
4
'83'
'01 00 00' to 'FF FF FF'
65,536 to 16,777,215
Even though the files are referred to as BER TLV structured files and the UICC internal encoding may be according to the BER, the length coding of the TLV objects used with the commands in this clause shall use the DER encoding defined here.
All following rules apply on each logical channel.
Multiple data oriented commands may be used to transfer a data object, identified by a tag, from/to the UICC. The data object, if needed, is divided into smaller components for transmission into several APDUs. If divided into several APDUs, P2 shall be set to "current EF" in all subsequent APDUs. The sender is in charge of performing the segmentation of the data, and the receiver is in charge of the concatenation of the data object. The transfer of a data object shall be initiated by a first APDU identified by P2 indicating "First Block". The transfer, if necessary, is continued by APDUs identified by P2 indicating "Next Block". The UICC shall answer with "more data available" or "more data expected" on any but the last block.
A data object transfer can be interleaved with any command not modifying the current EF or the current tag pointer. Any interleaved command that modifies the current EF or the current tag pointer shall abort an uncompleted data object transfer.
A successful APDU indicating "First Block" sets the current tag pointer and shall abort an uncompleted data object transfer. This applies for all tags defined in this clause, even if the new tag is the same as the previous one.
If the UICC answers with "more data available/expected and proactive command pending" and the terminal is able to handle a proactive session at this point of time, it sends any APDU command which does not interfere with the segmentation and which allows the card to answer with '91XX', or a FETCH command with Le equal to '00' to the card.
The current tag pointer and its associated context (e.g. current offset in the data object) shall not be changed by an APDU resulting in an error status word. For the second and all following blocks the terminal may issue a SET or RETRIEVE DATA command indicating "retransmit previous block". The setting "retransmit previous block" is only allowed if the previous command did not result in an error status word. Except for P2 the terminal shall use the same parameters and data length as in the previous command.
This command retrieves a data object from the current BER-TLV structure EF. This function shall only be performed if the READ access condition for this EF is satisfied.
The rules for a data object transfer defined in clause 11.3.0 apply.
If the requested TLV object does not exist in the EF, the UICC shall answer with "referenced data not found".
If a current tag pointer associated with a SET DATA operation processed by another application points to the requested TLV object, the UICC shall answer with "conditions of use not satisfied".
If the tag of the object is not in the range specified in the present document, the UICC shall answer with "incorrect parameters in the data field".
The status word sent by the card after a successful RETRIEVE DATA command is '62F1' or '62F2' if more data is available.
Once a data object was fully retrieved, any subsequent RETRIEVE DATA command on this data object with parameter P2 set to "Next Block" shall be rejected with the status word '6A86'.
This command also allows retrieving the list of the tags allocated (data objects successfully completed) in the file. The tags of not yet completed SET DATA operations processed by other applications shall also be included in the list.
For P2 indicating first block of TLV: Tag value of TLV object that shall be retrieved.
For P2 indicating next block or retransmit previous block, it is empty.
The tag '5C' as defined in ISO/IEC 7816-4 [12] is used to get the list of tags allocated in the file.
Response data:
For P2 encoding first block: BER-TLV data object or first part of it if segmented over several APDUs.
For P2 encoding next block: if the previous RETRIEVE DATA command ended with "more data available", the next segment of the segmented TLV object is returned.
For P2 encoding retransmit previous block: same data as in the previous command.
If P2 indicates "first block", this command creates a new data object in the current BER-TLV structure EF or replaces an already existing data object with the same tag or deletes a data object. Space that is freed by such an operation shall be available for new objects. Subsequent commands with P2 indicating "next block" pass the remaining content of the data object being created or replaced to the card.
If P2 indicates "retransmit previous block", the content of the data object sent with the previous command is updated with a new set of data. If the block size of the new set of data is not the same as the size of the data block sent with the previous command, the UICC may answer with "conditions of use not satisfied". The data object transfer is not aborted in this case.
This command shall only be performed if the UPDATE access condition for this EF is satisfied. The rules for a data object transfer defined in clause 11.3.0 apply.
When a transfer to create or replace an object is initiated, the first APDU identified by P2 indicating "First Block" shall at least contain the tag value and length of the value field of the BER-TLV data object. If the card returns '9000', '63F1' or '63F2' to this first APDU, it means that the length indicated in the BER-TLV is available on the card. The data object is then allocated in the file. If the length requested is not available, then the card shall return '6A84'.
If a current tag pointer associated with a SET or RETRIEVE DATA operation processed by another application points to the requested TLV object, the UICC shall answer with "conditions of use not satisfied".
When a SET DATA command is successfully executed, the UICC shall return '9000' if it had received all expected data. It shall return '63F1' or '63F2' if data as indicated in the length of the TLV object is still missing.
A data object transfer is successfully completed when the number of bytes received matches the length indicated for the data object. After that, any subsequent SET DATA command on this data object with parameter P2 set to "Next block" shall be rejected with the status word '6A86'.
When a data object transfer is aborted, the data object with this tag shall no longer be available in the EF.
If the data sent with this command is greater than the length of the value field of the BER-TLV data object, the card shall return status word '6700', the data object is not updated and the data object transfer is not completed.
If the tag of the object is not in the range specified in the present document, the UICC shall answer with "incorrect parameters in the data field".
Deleting an object:
If in a SET DATA command with P2 indicating "First Block", the data field only contains a tag field, i.e. the length and the value field of the BER-TLV data object are missing, the data object specified by the tag shall be deleted if present in the current context. Deleting a non-existent object shall not be considered as an error.
If the data field contains a tag field and a length field with zero value, the object is not deleted, but a zero length object is created.
BER-TLV data object, or tag field only in case of deletion
Le
Not present
Command data:
For P2 encoding first block: tag, length and nothing of the value field, or part or all of the value field of the object to create or replace. Tag only of the object to delete.
For P2 encoding next block: next part of the value field of the object being created or replaced.
For P2 encoding retransmit previous block: replacing data set in the previous command.