Table of Contents
Advertisement
The authentication has to be performed in two steps. The first step is to send the Authentication
Certificate to the card. The second step is to get back two bytes of authentication data calculated by
the card.
Step 1: Send Authentication Certificate to the Card
Command Format
CLA
INS
P1
FFh
84h
00h
Where:
KEY
CLK_CNT
BYTE 1...6
Response Data Format
SW1
SW2
61h
02h
Where:
SW1 SW2
Step 2: Get back the Authentication Data (Get_Response)
Command Format
CLA
INS
FFh
C0h
Response Data Format
CERT
SW1
Where:
CERT
SW1 SW2
ACR3x – Reference Manual
Version 1.03
P2
MEM_L
KEY
00h
08h
Key to be used for the computation of the authentication certificate:
00h: Key 1 with no cipher block chaining
01h: Key 2 with no cipher block chaining
80h: Key 1 with cipher block chaining (SLE5536 and SLE6636 only)
81h: Key 2 with cipher block chaining (SLE5536 and SLE6636 only)
Number of CLK pulses to be supplied to the card for the computation of each
bit of the authentication certificate. Typical value is 160 clocks (A0)
Card challenge data
= 61 02h if no error, meaning two bytes of authentication data are ready. The
authentication data can be retrieved by Get_Response command.
Pseudo-APDU
P1
P2
MEM_L
00h
00h
02h
SW2
16 bits of authentication data computed by the card. The LSB of BYTE 1 is
the first authentication bit read from the card.
= 90 00h if no error
Pseudo-APDU
CODE
CLK_CNT
Byte 1
Byte 2
......
Byte 5
Page 45 of 77
info@acs.com.hk
www.acs.com.hk
Byte 6
Advertisement
Table of Contents
