ST AN2646 Application note
AN2646
Application note
Smartcard interface with the STM8S microcontroller
Introduction
This document describes a firmware and hardware smartcard interface solution based on
the STM8 UART1 peripheral. The main purpose of this firmware and hardware package is to
provide resources that facilitate the development of an application using the UART1
peripheral in smartcard mode.
The firmware interface consists of library source files developed so as to support the
ISO 7816-3/4 specification. An application example is also provided.
This document and its associated firmware are available for download from the
STMicroelectronics website: www.st.com.
August 2008 Rev 2 1/43
www.st.com
Contents AN2646 - Application note
Contents
1 Smartcard interface description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.2 External interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3 Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.4 Smartcard clock generator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2 Smartcard reader hardware connection . . . . . . . . . . . . . . . . . . . . . . . . . 6
3 ISO 7816 – protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.2 ISO 7816-2 – pin location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4 ISO 7816-3 – electronic signal and transmission protocol . . . . . . . . . 10
4.1 Card power-up and reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
4.2 Data transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.3 Answer to reset (ATR) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
5 ISO 7816-4 – smartcard commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
5.1 T0 protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
5.2 Application-level protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.2.1 The ISO 7816-4 APDU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.2.2 File system API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
5.2.3 ISO 7816-4 functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
5.2.4 Security API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
6 Smartcard interface library: description . . . . . . . . . . . . . . . . . . . . . . . . 26
6.1 File organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
6.2 Smartcard interface library functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
6.2.1 SC_Handler function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
6.2.2 SC_PowerCmd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
6.2.3 SC_Reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
6.2.4 SC_ParityErrorHandler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
6.2.5 SC_PTSConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
2/43
AN2646 - Application note Contents
6.3 How to send APDU commands to the smartcard . . . . . . . . . . . . . . . . . . . 32
6.3.1 SC_GET_A2R . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
6.3.2 SELECT_FILE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
6.3.3 SC_GET_RESPONSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
6.3.4 SC_READ_BINARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
6.3.5 SC_CREATE_FILE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
6.3.6 SC_UPDATE_BINARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
6.3.7 SC_VERIFY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
6.4 Parity error management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
6.4.1 Data sent from card to reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
6.4.2 Data sent from reader to card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
7 Smartcard interface example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
7.1 Firmware package description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
7.1.1 FWLib folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
7.1.2 Smartcard_AN folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
7.2 Firmware description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
7.2.1 Smartcard startup: answer to reset (A2R) . . . . . . . . . . . . . . . . . . . . . . . 38
7.2.2 Reading a file at a specified path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
7.2.3 Enabling/disabling the PIN1 (CHV1) code . . . . . . . . . . . . . . . . . . . . . . . 40
7.2.4 Verifying the PIN1 (CHV1) code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
8 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
9 Revision history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
3/43
Smartcard interface description AN2646 - Application note
1 Smartcard interface description
1.1 Introduction
The smartcard interface is developed using the UART1 smartcard mode. For the description
of the UART1 registers, please refer to the STM8S/STM8A reference manual (RM0009).
The UART1 smartcard mode supports asynchronous protocol smartcards as defined in the
ISO 7816-3 (Class A) standard, please refer to the ISO 7816-3 specification for more
details.
With the smartcard mode enabled, the UART1 must be configured as:
● Eight data bits plus parity
● 0.5 or 1.5 stop bits
A 5-bit prescaler and the smartcard clock generator provide the clock to the smartcard.
GPIO pins in conjunction with software are used to provide the rest of the functions required
to interface to the smartcard.
The inverse signalling convention as defined in ISO 7816-3, inverted data and MSB first, is
not handled in the software.
There are three types of card that operate at different voltages:
● 5V (ISO7816-3 Class A)
● 3V (ISO7816-3 Class B)
● 1.8V (ISO7816-3 Class C)
1.2 External interface
Table 1. Smartcard pins
STM8S20x pin Smartcard pin Function
UART1_CK CLK Smartcard clock
UART1_TX IO IO serial data: open drain
Any GPIO RST Reset to card
Any GPIO V
Any GPIO V
The Smartcard_RST (Smartcard reset), Smartcard_3/5V (3 V or 5 V), Smartcard_CMDVCC
(command for V
), and Smartcard_OFF signals (signal for card detection) are provided by
CC
GPIO bits of the I/O ports under software control. Programming the GPIO bits of the port for
alternate function open-drain mode connects the UART1_TX data signal to the
Smartcard_IO pin with the correct driver type and the clock generator to the
Smartcard_CLK pin configured in output push-pull.
1.3 Protocol
The ISO 7816-3 standard defines the bit times for the asynchronous protocol in terms of
time units called ETUs (elementary time units), that are related to the clock frequency input
CC
PP
Supply voltage
Programming voltage
4/43
AN2646 - Application note Smartcard interface description
to the card. The length of an ETU is a bit time. The UART1 transmitter output and receiver
input are internally connected through the Rx_SW line. For the transmission of data from the
STM8S20x to the smartcard, the UART1 must be set up in smartcard mode.
Figure 1. ISO 7816-3 asynchronous protocol
1.4 Smartcard clock generator
The smartcard clock generator provides a clock signal to the connected smartcard. The
smartcard uses this clock to derive the baud rate clock for the serial I/O between the
smartcard and another UART1. The clock is also used for the CPU in the card, if present.
Operation of the smartcard interface requires that the clock rate to the card is adjusted while
the CPU in the card is running code so that the baud rate can be changed or the
performance of the card can be increased. The protocols that govern the negotiation of
these clock rates and the altering of the clock rate are detailed in the ISO 7816-3 standard.
The clock is used as the CPU clock for the smartcard, therefore updates to the
microcontroller clock rate must be synchronized to the smartcard clock, that is the clock high
or low pulse widths must not be shorter than either the old or new programmed value.
5/43
Smartcard reader hardware connection AN2646 - Application note
2 Smartcard reader hardware connection
To interface to the smartcard, the ST8024 device was used. The ST8024 is a complete lowcost, analog interface for asynchronous 3 V and 5 V smartcards. It is placed between the
smartcard and the STM8S20x with few external components to perform all supply protection
and control functions.
The M74HC4052 multiplexer/demultiplexer is configured by software to allow the
UART1_TX to the Smartcard_IO
Table 2. STM8S20x and smartcard connection
STM8S20x pins Smartcard pins Function
UART1_CK: PA6 C3: CLK Smartcard clock: output push-pull
UART1_TX: PA5 C7: IO IO serial data: output open drain
PG5 C2: RST Reset to card: output push-pull
PG7 C1: V
PE0 OFF Smartcard detect: input floating
PG4 3/5V 3 V or 5 V: output push-pull
CC
Supply voltage: output push-pull
6/43
AN2646 - Application note Smartcard reader hardware connection
Figure 2. Smartcard interface hardware connection
7/43
ISO 7816 – protocol overview AN2646 - Application note
3 ISO 7816 – protocol overview
3.1 Introduction
"ISO 7816: Identification cards -- Integrated circuit(s) cards with contacts" provides the basis
to transition the relatively simple identification card from a token that can be compromised
through forgery, theft, or loss into a tamper-resistant and "intelligent" integrated circuit card
(ICC), more popularly known as a smartcard. ISO 7816 includes at least six approved parts
and has several additional parts under review:
● Part 1: Physical characteristics
● Part 2: Dimensions and location of the contacts
● Part 3: Electrical interface and transmission protocols
● Part 3: Amendment 2-Revision of protocol type selection
● Part 4: Organization, security and commands for interchange
● Part 5: Registration of application providers
3.2 ISO 7816-2 – pin location
ISO 7816-2 specifies an ICC with eight electrical contacts present in a standardized position
on the front face of the card. These are referred to as C1 through C8. Some of these
contacts are electrically connected to the microprocessor chip embedded within the card;
some are not, having been defined to allow for enhancements but unused at the present
time. Figure 3 shows the contact positions.
Figure 3. Contact definitions for smartcards
8/43
AN2646 - Application note ISO 7816 – protocol overview
Table 3. Pin assignment
Pins Functions
C1 V
= 5 V or 3.3 V
CC
C2 Reset
C3 Clock
C4 RFU
C5 GND
C6 V
PP
C7 I/O
C8 RFU
9/43
ISO 7816-3 – electronic signal and transmission protocol AN2646 - Application note
4 ISO 7816-3 – electronic signal and transmission
protocol
ISO 7816-3 begins to delve into the specification of the "intelligent" aspects of the
smartcard. This standard describes the relationship between the smartcard and the reader
as one of "slave" (the smartcard) and "master" (the reader). Communications are
established by the reader signaling to the smartcard through the contacts noted previously
and are continued by the smartcard responding accordingly.
Communication between the card and reader proceed according to various state transitions
illustrated in Figure 4.
Figure 4. Reader and card FSM
The communication channel is single-threaded; once the reader sends a command to the
smartcard, it blocks until a response is received.
10/43
AN2646 - Application note ISO 7816-3 – electronic signal and transmission protocol
4.1 Card power-up and reset
When a card is inserted into a reader, no power is applied to any of the contacts. The chip
on the card could be seriously damaged by applying power to the wrong contacts, and this
situation could easily occur if a card were inserted across powered contact points. The
contacts remain unpowered until an edge detector determines that the card is properly
aligned with the contact points to within some acceptable (for the reader) mechanical
tolerance.
When the reader detects that the card is properly inserted, power is applied to the card.
First, the contacts are brought to a coherent idle state, as shown in Tab le 3 . A reset signal is
then sent to the card via the RST contact line. The idle state occurs when the power (V
contact is brought up to a normal, stable operating voltage of 5 V. An initial power setting of
5 V is always applied first, even though some microprocessor chips being introduced
operate at 3 V when in an I/O state. The I/O contact is set to a reception mode on the reader
side and a stable clock (CLK) is applied. The reset line is in a low state. It must remain in a
low state for at least 40 000 CLK cycles before a valid reset sequence can be started by the
reader, raising the reset line to a high state.
Figure 5. Answer to reset
CC
)
1. t3 = 40 000 clock cycles.
2. ATR must be issued by card between 400 clock cycles and 40 000 clock cycles after RST goes high.
11/43
ISO 7816-3 – electronic signal and transmission protocol AN2646 - Application note
4.2 Data transfer
Data transfer between the reader and the card occurs through the concerted action of two of
the contact lines: CLK and I/O. The I/O line conveys a single bit of information per unit of
time as defined by the CLK depending on its voltage relative to GND. A 1 bit can be
conveyed either through a +5 V value or through a 0 V value. The actual convention used is
determined by the card and is conveyed to the reader through the "initial character" of the
ATR, which is referenced as TS. To transfer 1 byte of information, 10 bits are actually moved
across the I/O line; the first is always a "start bit" and the last is always a parity bit used to
convey even parity. Considering that the I/O line can be (in one bit period) either in a high
(H) state or a low (L) state, the TS character of the form HLHHLLLLLLH signals that the card
wants to use the "inverse convention," meaning that H corresponds to a 0 and L
corresponds to a 1. A TS character of the form HLHHLHHHLLH signals that the card wants
to use the "direct convention," meaning that H corresponds to a 1 and L corresponds to a 0.
The direct convention and the inverse convention also control the bit ordering with each byte
transferred between the card and the reader. In the direct convention, the first bit following
the start bit is the low-order bit of the byte. Successively higher-order bits follow in
sequence. In the inverse convention, the first bit following the start bit is the high-order bit of
the byte. Successively lower-order bits follow in sequence. Parity for each byte transferred
should be even; this means that the total number of 1 bits in the byte, including the parity bit,
must be an even number.
The I/O line comprises a half-duplex channel; that is, either the card or the reader can
transmit data over the same channel, but they both cannot be transmitting at the same time.
So as part of the power-up sequence, both the reader and the card enter a receive state in
which they are listening to the I/O line. With the start of the reset operation, the reader
remains in the receive state while the card must enter a send state in order to send the ATR
back to the reader. From this point on, the two ends of the channel alternate between send
states and receive states. With a half-duplex channel, there is no reliable way for either end
to asynchronously change a state from send to receive or from receive to send. Rather, if
this is desired, that end must go into a receive state and allow a timeout of the operation in
progress; then a reader end will always try to re-establish a known sequence by re-entering
a send state. The CLK and I/O lines can support a wide variety of data transmission speeds.
The specific speed is defined by the card and is conveyed back to the reader through an
optional character in the ATR. The transmission speed is set through the establishment of
one bit time on the I/O line, which means that an interval is established at which the I/O line
may be sampled in order to read a bit and then each successive bit. This time is defined as
an elementary time unit (ETU) and is established through a linear relationship between
several factors. Note that the TS character is returned before any definition of the ETU can
be made. This is possible because the ETU during the ATR sequence is always specified to
be ETU0=372/(CLK frequency) where the CLK frequency is always between 1 MHz and 5
MHz; in fact, the frequency is almost always selected such that the initial data transfer rate is
9,600 bits per second.
This initial etu is used during answer to reset and is replaced by the work etu during
subsequent transmission. F is the clock rate conversion factor and D is the bit rate
adjustment factor used to determine the work etu in subsequent transmissions.
For internal clock cards:
initial etu = 1/9600 s
work etu = (1/D)*(1/9600) s
12/43
AN2646 - Application note ISO 7816-3 – electronic signal and transmission protocol
For external clock cards:
initial etu = 372/fi s
work etu = (1/D)*(F/fs) s
The minimum value of fs must be 1 MHz.
The maximum value of fs is given in Ta bl e 4 .
I and P define the active state on VPP.
● Maximum programming current: Ipp = 1 mA
● Programming voltage : Vpp = P.V
N is an extra guardtime requested by the card. Before receiving the next character, the card
requires a delay of at least (12+N) etu from the leading edge of the previous character. No
extra guardtime is used to send characters from the card to the interface device.
The default values of these parameters are:
F = 372; D = 1; I = 50; P = 5; N = 0
Integer values represent the number of global interface bytes
The global interface bytes, TA1, TB1, TC1, TB2 contain integer values FI,DI, II, PI1, N and
PI2 which either directly contain or are used to compute the values of the parameters F, D, I,
P, N presented above.
TA1 codes FI over the most significant half byte (b8 to b5) and DI over the least significant
half byte (b4 to b1).
TB1 codes II over bits b7 and b6, and PI1 over the 5 least significant bits b5 to b1. The most
significant bit b8 has a value of 0.
Note: The interface device may ignore bit b8 of TB1.
TC1 codes N over the eight bits (b8 to b1).
TB2 codes PI2 over the eight bits (b8 to b1).
Table 4. Clock rate conversion factor F
Parameter
FI 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111
F
Freq
max
Val ues
372 558 774 1116 1488 1860 RFU RFU 512 768 1024 1536 2048 RFU RFU
Internal clk
- 5 6 8 12 16 20 - - 5 7.5 10 15 20 - -
RFU : Reserved for Future Use
13/43
Loading...