Document Overview
Scope
Intended Audience
Document Structure
Normative References
Abbreviations and Notations
Overview of the Common Personalization Process
The Infrastructure of Common Personalization
Secure Messaging
The Store Data Command and Data Groupings
The Data Container Format
Common Personalization and CAMS
Data Preparation
Personalization Device Processing
IC Card Application Processing
Process Overview
Data Preparation
Creating Personalization Data
Application Provider Master Keys and Data
Application Keys and Certificates
Application Data
Creation of Data Groupings
DGIs Defined by Common Personalization
Completion of Personalization
Restricting the Store Data Command after Personalization
Replacing the initial Security Domain key(s) after Personalization
Multiple Transport Key Capability
Processing Step
Creation of Personalization Device Instructions
Order that Data must be sent to the Smart Card
Support for Migration to New Versions
Encrypted Data Groupings
PIN Block Format
Random Number for Processing
Group of DGIs in one Store Data command
The PDI Field
ICC Data populated with DGIs
The ICC Data Field
Pre-computed APDU Commands \(Processing Step ‘0B
Types of pre-computed APDU Commands
Coding of APDU Commands
Coding of commands
Coding of error bypass flag ‘C9’
ICC Data populated with pre-computed APDUs
The ICC Data Field
Creation of Personalization Log Data
Personalization Device Processing
Processing Step with code action ‘0F’
Key Management
Processing Flow
External Authenticate Command
Get Data Command
Card Recognition Data
Issuer Identifier (ISSUERID)
Initialize Update Command
Select Command
Store Data Command
Using the Store Data Command as the last Personalization Command
Return Data From Smart Card application
Processing Step with code action ‘0B’
Syntax Checking
Types of data elements in ICC Return data field
Coding of ICC Return Data Field
Coding of termination reason
Coding of the command counter
Abstraction from transport layer
Personalization Log Creation
IC Card Processing
Preparation for Personalization
Personalization
Smart Card Requirements
Command Support
Secure Messaging
Cryptography for Personalization
Key Zones
Session Keys
MACs
Encryption
Decryption
DES Calculations
Data Dictionary
List of data elements
ACT (Action to be Performed)
AID (Application Identifier)
CMK (Final Master Key)
CMODE (Chaining Mode)
DTHR (Date and Time)
ENC (Encryption Personalization Instructions)
GROUP (Group of Data Grouping as part of Personalization Instructions)
IDTK (Identifier of the Transport Key)
IDOWNER (Identifier of the Application Specification Owner)
IDTERM (Identifier of the Personalization Device)
ISSUERID (Issuer Identifier Data for Personalization)
KENC (DES Key for Creating Personalization Session Key for Secret Data Encryption)
KKEK (DES Key for Creating Personalization Session Key for DES Key Encryption)
KMAC (DES Key for Creating Personalization Session Key for MACs)
KEYDATA (Derivation Data for Initial Update Keys)
KMC (DES Master Key for Personalization Session Keys)
L (Length of Data)
LOGDATA (Data Logging Personalization Instructions)
MACINP (MAC of All Data for an Application)
MACkey (MAC Key)
MIC (Module Identifier Code)
ORDER (Data Grouping Order Personalization Instructions)
RCARD (Random Number from the Smart Card)
RTERM (Random Number from the Personalization Device)
RANDOM (Random Number)
REQ (Required or Optional Action)
SEQNO (Sequence Number)
SKUENC (Personalization Session Key for Encryption)
SKUDEK (Personalization Session Key for Secret Data Exchange)
SKUMAC (Personalization Session Key for MACing)
TAG (Identifier of Data for a Processing Step)
TK (Transport Key)
TYPETK (Indicator of Use(s) of Transport Key)
VERCNTL (Version Control Personalization Instructions)
Examples of document
Examples of Data Groupings
CPS Demonstrator
Examples of Personalization Device Instructions
CPS Demonstrator
Support for Data Grouping Order
Support for Migration to New Versions
Encrypted Data Groupings
Group of Data Grouping
Completion of Personalization
CPS Demonstrator
Examples of APDU mapping to T=0 TPDU