M5-P19

ML5-P19 and MC5-P19 on Infineon SLE78 Platform

Application Related Characteristics | Primitive Support  | Peripheral Support | Implementation Specific Characteristics

External Characteristics

Data Item

Value

Comments

External Specification

MULTOS Version

4.5.1

 

Silicon Provider / manufacturer_id

Infineon / 0x05

 

Implementers / implementer_id

Multos International / 0x02

 

Technical Data for contact interface

Power / External Clock

1.62V to 5.5V / 1 to 7.5 MHz

Applies to all masks

Transport Protocol

T = 0, T = 1

Applies to all masks

FI/DI

0x01, 0x02, 0x03, 0x08, 0x11, 0x12, 0x13, 0x18, 0x32, 0x33, 0x34, 0x38, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0xA3, 0xA4, 0xA5, 0xA6, 0xA8

Applies to all masks

Dual ATR

Supported

Pre-enablement ATR (Cold):  

3B FF 97 00 FF C0 0A 31 FE 4D 80 31 E0 6B 04 40 05 02 xx 55 55 55 55 55 55 yy

 

where xx is the ic_type value.

where yy is the TCK character as per ISO7816-3.

 

Pre-enablement ATR (Warm):  

3B FF 96 00 FF C0 0A 31 FE 4D 80 31 E0 6B 04 40 05 02 xx 55 55 55 55 55 55 yy

 

where xx is the ic_type value. where yy is the TCK character as per ISO7816-3.

PPS

Supported, max speed 447kbps @ 3.58MHz

Applies to all masks

ATR Character Convention Direct LSB (3B)

Supported

Applies to all masks

ATR Character Convention Indirect MSB (3F)

Supported

Applies to all masks

Technical Data for contactless interface

Transport Protocol

Type A, Type B, Mifare

Mifare only supported when enabled with Type A.

Pre-enablement contactless protocol

424kB, Type A, CID supported, 256 byte frame size, FWT=155ms, NAD not supoprted, ISO 14443-4 supported

Pre-enablement ATS:

14 78 77 95 02 80 31 E0 6B 04 40 05 02 xx 55 55 55 55 55 55 yy yy

where xx is the ic_type value.
where yyyy is the CRC-A as per ISO14443-4.

Post-enablement contactless protocol

106kB, Type A, CID supported, FWT=38.5ms, double UID, SFGT= default, I-Block number checking = OFF.
This is the default Paypass configuration.

For MSM Controls Data chosen with an X-parameter = 000x xxxx

NOTE: Other IO TCL configuration parameters supported by this product are detailed in the remarks section of this document.

Memory Area Sizes

AMD

-

Not applicable

ROM

-

Not applicable

RAM Public

3,200 bytes

Applies to all masks

RAM Dynamic

10,000 bytes (max)

Applied to all masks. Please see remarks

NVM Total

500K

 

NVM available for applications and codelets

Approx. 315K

 

Application Related Characteristics

Data Item

Value

Comments

Application NVM Loading Requirements

Application Header

256 bytes

Applies to all masks

Total temporary space per protected ALU

128 bytes

This represents the maximum size. Applies to all masks

Total temporary space per confidential ALU

256 bytes

This represents the maximum size. Applies to all masks

MULTOS Application Function

Static Page Size (1 page)

32 bytes

Applies to all masks

Maximum write size in pages

at least 9 pages, maximum 1820 pages

1820 pages (<64K). Applies to all masks

Maximum ATR File record size

32 bytes

Applies to all masks

Maximum ATR Historical Byte record size

15 bytes

Applies to all masks

Maximum DIR File record size

255 bytes

Applies to all masks

Maximum FCI record size

255 bytes

Applies to all masks

Maximum inbound TPDU size

256 bytes

Applies to all masks

Maximum outbound TPDU size

255 bytes

Applies to all masks

Maximum delegation nest count

Limited by available RAM

Applies to all masks

Maximum application history list entries

4

Applies to all masks

Retry Counters

Set MSM Controls

32

Test cards set to 255. Applies to all masks

Create MEL Application

32

Test cards set to 255. Applies to all masks

Delete MEL Application

32

Test cards set to 255. Applies to all masks

Key Lengths

KCK Public Key length

128 bytes

Applies to all masks

Permitted Application Provider Public Key lengths

64 to 128 bytes

KMA accepts APPK lengths between 72 and 128 bytes inclusive. Applies to all masks

MULTOS TKCK length

128 bytes

Maximum size. Applies to all masks.

Primitive Support

The following table specifies which primitives are supported.

 

Primitive

Supported by MC5-P19

Supported by ML5-P19

Add BCDN

Yes

Yes

AES ECB Decipher

Yes

Yes

AES ECB Encipher

Yes

Yes

Bit Manipulate Byte

Yes

Yes

Bit Manipulate Word

Yes

Yes

Block Decipher

Yes

Yes

Block Encipher

Yes

Yes

Call Codelet

Yes

Yes

Card Block

Yes

Yes

Card Unblock

Yes

Yes

Check Case

Yes

Yes

Checksum

Yes

Yes

Configure Read Binary

Yes

Yes

Control Auto Reset WWT

Yes

Yes

Convert BCD

Yes

Yes

Delegate

Yes

Yes

DES ECB Decipher

Yes

Yes

DES ECB Encipher

Yes

Yes

DivideN

Yes

Yes

ECC Addition

No

No

ECC Convert Representation

No

No

ECC ECIES Decipher

No

No

ECC ECIES Encipher

No

No

ECC Elliptic Curve Diffie Hellman

Yes

Yes

ECC Equality Test

No

No

ECC Generate Key Pair

Yes

Yes

ECC Generate Signature

Yes

Yes

ECC Inverse

No

No

ECC Scalar Multiplication

No

No

ECC Verify Point

Yes

Yes

ECC Verify Signature

Yes

Yes

Exchange Data

No

Yes

Exit to MULTOS and Restart

Yes

Yes

Flush Public

No

No

Generate Asymmetric Hash General

Yes

Yes

Generate Asymmetric Signature General

No

No

Generate DES CBC Signature

Yes

Yes

Generate Random Prime

Yes

Yes

Generate RSA Key Pair

Yes

Yes

Generate Triple DES CBC Signature

Yes

Yes

Get Data

Yes

Yes

Get Delegator AID

Yes

Yes

Get DIR File Record

Yes

Yes

Get File Control Information

Yes

Yes

Get Manufacturer Data

Yes

Yes

Get Memory Reliability

Yes

Yes

Get MULTOS Data

Yes

Yes

Get PIN Data

Yes

Yes

Get Process Event

Yes

Yes

Get Purse Type

Yes

Yes

Get Random Number

Yes

Yes

Get Static Size

Yes

Yes

GSM Authenticate

No

No

Initialise PIN

Yes

Yes

Load CCR

Yes

Yes

Lookup

Yes

Yes

Lookup Word

Yes

Yes

Memory Compare

Yes

Yes

Memory Compare Fixed Length

Yes

Yes

Memory Copy

Yes

Yes

Memory Copy Additional Static

Yes

Yes

Memory Copy Fixed Length

Yes

Yes

Memory Copy Non-Atomic

Yes

Yes

Memory Copy Non-Atomic Fixed Length

Yes

Yes

Memory Fill Additional Static

Yes

Yes

Modular Exponentiation (RSA Sign)

Yes

Yes

Modular Exponentiation CRT (RSA Sign CRT)

Yes

Yes

Modular Exponentiation CRT Protected (RSA Sign CRT Protected)

Yes

Yes

Modular Inverse

No

No

Modular Multiplication

Yes

Yes

Modular Reduction

Yes

Yes

MultiplyN

Yes

Yes

Pad

Yes

Yes

Platform Optimised Checksum

Yes

Yes

Query 0

Yes

Yes

Query 1

Yes

Yes

Query 2

Yes

Yes

Query 3

Yes

Yes

Query Channel

Yes

Yes

Query Codelet

Yes

Yes

Query Cryptographic Algorithm

Yes

Yes

Query Interface Type

Yes

Yes

Read PIN

Yes

Yes

Reject Process Event

Yes

Yes

Reset Session Data

Yes

Yes

Reset WWT

Yes

Yes

Return From Codelet

Yes

Yes

RSA Verify

Yes

Yes

Secure Hash

Yes

Yes

Secure Hash IV

Yes

Yes

SEED ECB Decipher

Yes

Yes

SEED ECB Encipher

Yes

Yes

Set AFI

No

Yes

Set ATR File Record

Yes

Yes

Set ATR Historical Characters

Yes

Yes

Set ATS Historical Characters

No

Yes

Set Contactless Select SW

No

Yes

Set FCI File Record

Yes

Yes

Set PIN Data

Yes

Yes

Set Select SW

Yes

Yes

Set Silent Mode

No

Yes

Set Transaction Protection

Yes

Yes

SHA-1

Yes

Yes

Shift Left

Yes

Yes

Shift Right

Yes

Yes

Shift Rotate

Yes

Yes

Store CCR

Yes

Yes

Subtract BCDN

Yes

Yes

Triple DES ECB Decipher

Yes

Yes

Triple DES ECB Encipher

Yes

Yes

Unpad

Yes

Yes

Update Static Size

Yes

Yes

Verify Asymmetric and Retrieve General

No

No

Verify PIN

Yes

Yes

Peripheral Support

The following chip features are available for use by applications.

  • Timers (16)
  • Watchdog
  • GPIO (12 pins)
  • Serial IO (two ports)
  • SPI (master mode)
  • I2C (master and slave mode)

MULTOS P19 can run applications in “embedded mode” when the chip is only connected to a power supply.  In this mode applications process events generated by the features listed above.

Implementation Specific Characteristics

Zero Block Size

The following instructions and primitives have the block size specified in the code (as opposed to being run-time data). The following table shows how each will perform if a zero block size is specified.

Type

Instruction / Primitive

Operation

Instruction

LOAD, STORE, LOADI, STOREI

no operation

CLEARN

no operation

TESTN, INCN, DECN, NOTN

Z = 1

CMPN, ADDN, SUBN

C = 0, Z = 1

ANDN, ORN, XORN

Z = 1

Primitive

MultiplyN

Z = 1

DivideN

C = 1, Z = unchanged

ShiftLeft, ShiftRight

C = 0, Z = 1

GetDIRFileRecord
GetFileControlInformation

One byte set to zero pushed onto stack,

If the application specified does not exist, C = 1, Z = 1

If the application specified exists, C = 0, Z = 0

GetManufacturerData
GetMULTOSData
GetPurseType

One byte set to zero pushed onto stack, C = 0

Undefined: implementation specific handling

Undefined: implementation specific handling

MemoryCompareFixedLength

DT’ = DT – 4, C = 0, Z = 1

MemoryCopyFixedLength

DT’ = DT – 4

AddBCDN / SubBCDN

Max operand length = 6 bytes

Maximum Number of Pages Permitted in a Single Write

The maximum number of pages is at least nine when transaction protection is used. It is possible to write more than nine pages if there is free NVM with a cap of 1820 pages. Note that if an attempt is made to write more than nine pages and if there is insufficient free NVM, then an abnormal end to processing to will occur.

When transaction protection is not enabled, maximum allowed size in a single write is 65,527 bytes (<64K). A write above this may result in an unexpected behaviour.

Condition Code Register

This implementation does support signed arithmetic. The N and V flags are present in the CCR, and they may be changed by some instructions. However, signed arithmetic is not guaranteed and should be avoided. They may be used by an application using the Load CCR and Store CCR primitives, but this may affect the portability of the application.

Important Remarks

This section contains important remarks about the Primitives and IFD commands of this implementation.

Functionality

Operation

Bit Manipulate Byte

Bit Manipulate Word

Bits 6 to 2 of b2 are ignored. That is, the primitives return the expected result regardless of the value of bits 6 to 2 of b2.

Block Decipher

Block Encipher

Supports DES, 3DES, AES in CBC and ECB modes

Checksum

If the checksummed area includes the parameters (the top four bytes of Dynamic), the checksum will be correctly calculated.

Convert BCD

Max operand length = 6 bytes

Default Application

This version 4.4 functionality is supported

DivideN

Numerator: min – 1 byte,  max = 128 bytes, granularity = 1 byte

Denominator: min = 1 byte, max 128 bytes, granularity = 1 byte

Exchange Data

This primitive only support Mifare channel (channel number of 1). Access to channels other than 1 will cause abend.

Stack parameter DataAddr must contain an address pointing to the following structure:

Operation/Result (2 bytes):  As input, operation can be 0x03 to indicate write or 0x05 to indicate write. As output, the Mifare return status is returned. See below of status codes.

Block Number (2 bytes): Block number to read/write to.

Mifare Password (8 bytes)

Data (16 bytes): Data to write to Mifare card, or data read from Mifare card.

Return Mifare  status code :

0000H – Operation completed without errors

0502H – Mifare Not Available

0505H – Authentication Process Failed

0508H – Invalid Block Number

0509H – Communication Error Occurred

0510H – General Error Occurred

0511H – Access Rights Not Set for the Desired Action

0515H – Wrong Password

Get Manufacturer Data

Get MULTOS Data

Get Purse Type

If the destination is stack top, the last byte of retrieved data will be overwritten by the length of data retrieved. That is, the number of bytes copied is always returned on the stack regardless of the destination segment address.

Get Memory Reliability

MULTOS 4 always indicates memory is reliable: C = 0, Z = 0.

Lookup

If the target value appears more than once in the list, the location of the first is reported. The list need not be sorted. If the target value is not found, it is left unchanged on the stack.

Modular Exponentiation

The modulus length must be greater than or equal to 512 bits and less than or equal to 2048 bits.

The least significant bit of the modulus must be 1.

The modulus must not contain any zero bytes at the most significant end.

The exponent length must be greater than or equal to 512 bits.

The length of the modulus must be greater or equal to the length of the exponent.

If the length of the modulus and exponent are the same then the value of the modulus must be greater than the value of the exponent.

If any of the conditions above are not met, an abnormal end will occur.

It is highly recommended that the modulus length and exponent length are equal. For modular exponentiation using a public exponent use RSA Verify

Modular Exponentiation CRT

The modulus length must be greater than or equal to 512 bits, but not greater than 2048 bits. 

The length of each item must be modulus length divided by 2.

The most significant byte of primes p and q must not be 0.

The least significant bits of the primes p and q must be 1.

X (in calculation Y= XdmodN) must not be equal to 0.

If any of these conditions are not met, an abnormal end to processing will occur.

X (in calculation Y=XdmodN) must not be equal to 1.

If the above condition is not met, undefined results will occur.

MultiplyN

The length of each operand must not be greater than 128 bytes

Proprietary Primitive Extension

Contact Multos International for details of the available proprietary primitives.

RSA Verify

This primitive performs modular exponentiation optimised for public exponents. Use the modular exponentiation with private exponents in standard format use the secure Modular Exponentiation primitive.

Secure Hash

SHA-1, SHA-224, and SHA-256 algorithms supported.

Set Transaction Protection

Bits 7 to 2 of b2 are ignored. That is, the primitive returns the expected result regardless of the value of bits 7 to 2 of b2.

Infineon chips copy the source data to a temporary store and any updates are made to the source data. In the case of a rollback, the copy of the original source data is written to the source.

Shift Left and Shift Right

             

With b2 > 0, if b3 = 0, C= 0 and Z is set appropriately.
The output block is equal to the input block (the input block is not changed).

With b2 > 0, if b3 > 8 * b2, C = 0 and Z = 1.
The output block is zero.

Contactless Configuration

The following contactless configurations are selectable via the upper 3-Msbits of the ‘X’ parameter of the MSM Controls Data:

Set1: TypeA, 106kbps, double UID, FWT=38.5ms, CID supported, no I-Block number checking. (This is the default configuration)

Set2: as per Set 1 but including 1k Mifare.

Set3: as per Set 1 but including 4k Mifare.

Set4: Type B, 106kbps, FWT=38.5ms, no I-Block number checking,  configured for typeB payment applications.

Set5: Type A, 106/212/424/848kbps, double UID, FWT=38.5ms, no I-Block number checking, 1k Mifare.

Set6: Type B, 106/212/424/848kbps, FWT=38.5ms, no I-Block number checking.

Set7: as per Set 1 but uses single UID.

Set8: as per Set 2 but uses single UID.

Available RAM

MULTOS P19 has a total of 10,000 bytes of RAM available. However, This RAM is shared between application dynamic, the delegation mechanism, transaction protection mechanism and crypto functions. If at any point MULTOS runs out of resources then an abend will occur.