Menu
Home Explore People Places Arts History Plants & Animals Science Life & Culture Technology
On this page
Smart card application protocol data unit
Communication unit between a smart card reader and a smart card

In the context of smart cards, an application protocol data unit (APDU) is the communication unit between a smart card reader and a smart card. The structure of the APDU is defined by ISO/IEC 7816-4 Organization, security and commands for interchange.

We don't have any images related to Smart card application protocol data unit yet.
We don't have any YouTube videos related to Smart card application protocol data unit yet.
We don't have any PDF documents related to Smart card application protocol data unit yet.
We don't have any Books related to Smart card application protocol data unit yet.
We don't have any archived web articles related to Smart card application protocol data unit yet.

APDU message command-response pair

There are two categories of APDUs: command APDUs and response APDUs. A command APDU is sent by the reader to the card – it contains a mandatory 4-byte header (CLA, INS, P1, P2)2 and from 0 to 65 535 bytes of data. A response APDU is sent by the card to the reader – it contains from 0 to 65 536 bytes of data, and 2 mandatory status bytes (SW1, SW2).

Command APDU
Field nameLength (bytes)Description
CLA1Instruction class - indicates the type of command, e.g., interindustry or proprietary
INS1Instruction code - indicates the specific command, e.g., "select", "write data"
P1-P22Instruction parameters for the command, e.g., offset into file at which to write the data
Lc0, 1 or 3Encodes the number (Nc) of bytes of command data to follow

0 bytes denotes Nc=01 byte with a value from 1 to 255 denotes Nc with the same length3 bytes, the first of which must be 0, denotes Nc in the range 1 to 65 535 (all three bytes may not be zero)

Command dataNcNc bytes of data
Le0, 1, 2 or 3Encodes the maximum number (Ne) of response bytes expected

0 bytes denotes Ne=01 byte in the range 1 to 255 denotes that value of Ne, or 0 denotes Ne=2562 bytes (if extended Lc was present in the command) in the range 1 to 65 535 denotes Ne of that value, or two zero bytes denotes 65 5363 bytes (if Lc was not present in the command), the first of which must be 0, denote Ne in the same way as two-byte Le

Response APDU
Response dataNr (at most Ne)Response data
SW1-SW2(Response trailer)2Command processing status, e.g., 90 00 (hexadecimal) indicates success3

See also

References

  1. ISO/IEC 7816-4:2020 — Identification cards — Integrated circuit cards. https://www.iso.org/standard/77180.html

  2. Celer, Victor (2021-12-25). "Using the SIMcard as a Security Module (HSM)". CelerSMS. 1 (2): 13–17. ISSN 2745-2336. OCLC 1295467772. https://www.celersms.com/android-SIM-HSM.htm

  3. Celer, Victor (2021-12-25). "Using the SIMcard as a Security Module (HSM)". CelerSMS. 1 (2): 13–17. ISSN 2745-2336. OCLC 1295467772. https://www.celersms.com/android-SIM-HSM.htm