Professional Documents
Culture Documents
0 (2022-02)
Code Value
CLA As specified in clause 10.1.1
INS As specified in clause 10.1.2
P1 '03'
P2 See table 11.21b
Lc Not present
Data Not present
Le Length of the response data
Command data:
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
- - - - - - - 1 3DES - outer CBC using 2 keys as defined in ETSI TS 102 225 [21]
- - - - - - 1 - 3DES - outer CBC using 3 keys as defined in ETSI TS 102 225 [21]
- - - - - 1 - - 128-bit AES in CBC mode as defined in ETSI TS 102 225 [21]
1 - - - - - - - Proprietary algorithm (known to both parties)
- X X X X - - - RFU
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
- - - - - - - 1 CRC32 as defined in ETSI TS 102 225 [21]
- - - - - - 1 - MAC algorithm 3 using block cipher DES and padding method 1 as
defined in ISO/IEC 9797-1 [31] without MAC truncation.
See ETSI TS 102 484 [20]
- - - - - 1 - - 128-bit AES in CMAC mode as defined in ETSI TS 102 225 [21]
1 - - - - - - - Proprietary mechanism (known to both parties)
- X X X X - - - RFU
Unique 16 byte Hex number that identifies a specific Connection_SA. See ETSI TS 102 484 [20].
- This is the length of the value part of the secure channel data TLV specified for the TRANSACT DATA
command. The data container size set by the terminal shall be less or equal to the value indicated in the
BER-TLV object returned with Tag '82' returned by the Retrieve UICC Endpoints command.
ETSI
126 ETSI TS 102 221 V17.1.0 (2022-02)
Response data:
b8 b7 b6 b5 b4 b3 b2 b1 Meaning
X X - - - - - - Session number
- - 0 0 0 0 0 0 RFU
In the TRANSACT DATA command the session number shall be associated with the Endpoint data container size for
the secure channel started with this command.
11.1.20.6.0 Introduction
This clause defines the MANAGE SECURE CHANNEL function and coding when P1 = "Terminate secure channel
SA".
Code Value
CLA As specified in clause 10.1.1
INS As specified in clause 10.1.2
P1 '04'
P2 See table 11.21b
Lc Length of subsequent data field
Data As specified in table 11.23
Le Not present
Code Value
CLA As specified in clause 10.1.1
INS As specified in clause 10.1.2
P1 '04'
P2 See table 11.21b
Lc Not present
Data Not present
Le Length of the response data
ETSI
127 ETSI TS 102 221 V17.1.0 (2022-02)
Command data:
The command data shall contain either a Master_SA TLV only or a list of Connection_SA TLVs associated to the same
MSA. The UICC may reject the command when issued with a list of unrelated CSAs.
• Coding of MSA_ID:
- The Master Security Association Identity MSA_ID as defined in ETSI TS 102 484 [20].
• Coding of MAC:
• Coding of CSA_ID:
- The Connection Security Association Identity CSA_ID as defined in ETSI TS 102 484 [20].
• Coding of MAC:
Response data:
• None.
This command is either a case 2 or case 3 command depending on P1 b3 as described below. It becomes a case 1
command when P1 b2 is set (session abort).
P1 defines the data transfer session number and is also used for requesting retransmission and for session abort. The
session number allows up to four transfer sessions to be interleaved.
The P2 parameter contains the number of remaining data blocks going from terminal to the UICC in this transaction.
ETSI