JP4594639B2 - Portable electronic device - Google Patents

Description

  The present invention incorporates an IC (integrated circuit) chip having control elements such as a writable and rewritable nonvolatile memory and a CPU (Central Processing Unit), for example, and various types based on command data supplied from the outside. The present invention relates to a portable electronic device such as an IC card that executes processing.

  In recent years, a portable electronic device has a writable / rewritable nonvolatile data memory and a CPU for controlling it, and has an IC chip with a means for inputting / outputting data from the outside. So-called IC cards are being developed in various industries.

  Compared to conventional magnetic cards and the like, an IC card needs to hold a number corresponding to each application, but has an advantage that a plurality of application programs can be held on one card. . That is, an IC card used as a cash card or the like in a financial institution such as a bank, an ID card for personal authentication in a sport or leisure facility, a prepaid card in a game hall such as a pachinko parlor, etc., is used as a single IC card. realizable.

  In this type of IC card, data and the like necessary for operating the application used are stored in a data memory in a file format, and each file corresponds to each of a plurality of applications (see, for example, Patent Document 1). . Each file can be selectively used by inputting an application identification name or the like from an external device. After selecting an application, operational processing such as data reading and rewriting is performed.

In general, data in an IC card is composed of an identifier, a length, and a data value. Some identifiers have a so-called nested structure. Such a nested structure is described in, for example, ISO / IEC7816-4 Annex. A tag field (Tag field) structured in D is defined.
Further, it is possible to directly read, add, rewrite, and delete data that is not nested (see, for example, Patent Document 2).
JP-A-3-224047 Japanese Patent Laid-Open No. 11-282899

However, in the above-described prior art, it is possible to directly read, add, rewrite, and delete data that is not nested, but on the other hand, to directly read data in nested data, There is a problem that it cannot be rewritten, and in order to execute it, all data must be read out, the structure must be analyzed, and the target data must be corrected.
Further, when there are a plurality of data with the same identifier, these data cannot be read.

  Therefore, an object of the present invention is to provide a portable electronic device that can directly read or rewrite data in data having a nested structure.

The portable electronic device according to the present invention uses a first data representation format as a representation format of data composed of an identifier, a length, and a value, and at least one or more data represented in the first data representation format are arranged in parallel with the value. A memory that stores the data in the second data representation format that is provided, and information that is provided corresponding to each data stored in the memory and controls the corresponding data, and corresponds to at least the control information Control information storage means storing control information composed of information indicating data identifiers, and sent from an external device , at least from the identifier of the access target data and the parameter data indicating the location of the identifier of the access target data configured, receiving means for receiving a command that specifies the identifier and first data representation format of the identifier of the second data representation format, the When receiving the command by the signal unit, a control information determining unit control information that matches the identifier specified by the parameter data of the command to determine whether the control information storage means, the control information determination When it is determined by the means that there is control information that matches the identifier specified by the parameter data, the identifier of the second data expression format and the first data expression format specified by the command received by the receiving means And reading means for reading the data of the identifier in the first data expression format from the memory based on the identifier.
In the portable electronic device of the present invention, the data representation format including the identifier, the length, and the value is the first data representation format, and the value includes at least one data represented in the first data representation format. A memory that stores data in the second data representation format arranged side by side, and information for controlling the corresponding data provided corresponding to each data stored in the memory. Control information storage means storing control information composed of information indicating the identifier of the corresponding data, and a parameter sent from an external device and indicating at least the identifier of the access target data and the location of the identifier of the access target data and a data receiving means for receiving a command that specifies the identifier and first data representation format of the identifier of the second data representation format When receiving the command by the receiving means, and a control information determining unit control information that matches the identifier specified by the parameter data of the command to determine whether the control information storage means, the control information When it is determined by the determining means that there is control information that matches the identifier specified by the parameter data , the identifier and the first data expression of the second data expression format specified by the command received by the receiving means And writing means for writing data of the identifier of the first data expression format to the memory based on the identifier of the format.
In the portable electronic device of the present invention, the data representation format including the identifier, the length, and the value is the first data representation format, and the value includes at least one data represented in the first data representation format. A memory that stores data in the second data representation format arranged side by side, and information for controlling the corresponding data provided corresponding to each data stored in the memory. Control information storage means storing control information composed of information indicating the identifier of the corresponding data, and a parameter sent from an external device and indicating at least the identifier of the access target data and the location of the identifier of the access target data and a data receiving means for receiving a command that specifies the identifier and first data representation format of the identifier of the second data representation format When receiving the command by the receiving means, and a control information determining unit control information that matches the identifier specified by the parameter data of the command to determine whether the control information storage means, the control information When it is determined by the determining means that there is control information that matches the identifier specified by the parameter data , the identifier and the first data expression of the second data expression format specified by the command received by the receiving means And changing means for changing the data of the identifier of the first data expression format with respect to the memory based on the identifier of the format.
In the portable electronic device of the present invention, the data representation format including the identifier, the length, and the value is the first data representation format, and the value includes at least one data represented in the first data representation format. A memory that stores data in the second data representation format arranged side by side, and information for controlling the corresponding data provided corresponding to each data stored in the memory. Control information storage means storing control information composed of information indicating the identifier of the corresponding data, and a parameter sent from an external device and indicating at least the identifier of the access target data and the location of the identifier of the access target data and a data receiving means for receiving a command that specifies the identifier and first data representation format of the identifier of the second data representation format When receiving the command by the receiving means, and a control information determining unit control information that matches the identifier specified by the parameter data of the command to determine whether the control information storage means, the control information When it is determined by the determining means that there is control information that matches the identifier specified by the parameter data , the identifier and the first data expression of the second data expression format specified by the command received by the receiving means Deletion means for deleting the data of the identifier of the first data expression format from the memory based on the identifier of the format.
In the portable electronic device of the present invention, the data representation format including the identifier, the length, and the value is the first data representation format, and the value includes at least one data represented in the first data representation format. A memory that stores data in the second data representation format arranged side by side, and information for controlling the corresponding data provided corresponding to each data stored in the memory. Control information storage means storing control information composed of information indicating the identifier of the corresponding data, and a parameter sent from an external device and indicating at least the identifier of the access target data and the location of the identifier of the access target data and a data receiving means for receiving a command that specifies the identifier and first data representation format of the identifier of the second data representation format When receiving the command by the receiving means, and a control information determining unit control information that matches the identifier specified by the parameter data of the command to determine whether the control information storage means, the control information When it is determined by the determining means that there is control information that matches the identifier specified by the parameter data , the identifier and the first data expression of the second data expression format specified by the command received by the receiving means Output means for outputting the number of identifier data in the first data representation format stored in the memory based on the format identifier.

  According to the present invention, it is possible to provide a portable electronic device that can directly read or rewrite data in data having a nested structure.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 schematically shows a configuration of an IC card system using an IC card as a portable electronic device according to an embodiment of the present invention. 1, this IC card system includes a reader / writer 2 as an external device for reading and writing data to the IC card 1, and a personal computer as a host device to which the reader / writer 2 is connected (hereinafter simply abbreviated as a personal computer). 3). The personal computer 3 is configured to be connected to an external information center 5 via a public communication network 4 such as the Internet, a public telephone network, and ISDN.

  The personal computer 3 has a CPU 6a as a calculation unit 6 and a memory 6b as a main storage device. The personal computer 3 has a display 7 as display means, a keyboard 8 as input means, and a hard disk device (HDD) 9 as storage means.

  The display 7 notifies an operator of an operation procedure and an operating state. The keyboard 8 is input by an operator. The hard disk device 9 stores a plurality of files that are confidential information, for example, a first electronic data file F1, a second electronic data file F2, a third electronic data file F3, and the like. Various data are exchanged between the personal computer 3 and the IC card 1 via the reader / writer 2.

  The reader / writer 2 has an internal memory and transmission means (not shown), and performs reading and writing (transmission / reception) of data with respect to the IC card 1 in a contact or non-contact manner. When using a contact IC card, the reader / writer 2 is provided with an IC card insertion section (not shown) for inserting the contact IC card. When using a wireless IC card, the reader / writer 2 A communication unit (not shown) for communicating with the wireless IC card is provided.

  As shown in FIG. 2, the IC card 1 includes, for example, a magnetic stripe unit 11 provided on the card surface, a receiving unit for exchanging signals with the reader / writer 2, and a communication unit 12 as an output unit, and one ( (Or a plurality of) IC chips 13.

  In the case of the wireless IC card 1, the communication unit 12 is configured as an antenna unit, and receives a modulated wave transmitted from the reader / writer 2 in a non-contact manner or transmits a modulated wave to the outside. . Further, a power supply and a clock for supplying to the internal circuit are generated from the modulated wave received by the communication unit 12. In the case of the contact type IC card 1, it is configured as a contact portion, and a power source and a clock are obtained by contacting an IC card terminal portion (not shown) provided in the reader / writer 2.

  The IC chip 13 is composed of a CPU 14 as a control element, a data memory 15 as a storage means, a working memory 16 and a program memory 17 and is embedded in the IC card main body in a state connected to the communication unit 12.

  The CPU 14 is a control unit that executes a process for selecting a file, which will be described later, which is a point of the present embodiment, and performs various determination processes and determination processes, and data processes such as writing to and reading from a memory.

  The data memory 15 is used for storing various types of data such as application data, and is composed of an erasable (rewritable) non-volatile memory such as an EEPROM (Electrical Erasable and Programmable Read Only Memory). ing.

  The working memory 16 is a working memory for temporarily storing processing data when the CPU 14 performs processing. For example, the working memory 16 includes a volatile memory such as a RAM (Random Access Memory).

  The program memory 17 is composed of, for example, a non-rewritable fixed memory such as a mask ROM (read only memory), and a control program for the CPU 14 provided with subroutines for realizing the basic functions as described above. I remember it.

  Examples of applications registered in the IC card 1 include a credit, a point system, and an ID card.

  For example, as shown in FIG. 3, the data memory 15 stores information on a plurality of applications in a file structure. This file structure is based on ISO / IEC7816-4 and has a tree structure of directories having various folder types, and a plurality of applications can be registered.

  That is, as shown in FIG. 3, the highest level is an MF (Master File) 21, and DF (Dedicated File) 22, 23, 24 are provided as folders set for each application under the MF (Master File) 21. Under the control, EF (Elementary File) 25, 26, 27, and 28 used for storing user data actually used by the application are provided.

  Also, under the MF 21, a key EF29 used for storing a key for establishing an access right is provided. Note that as many DFs as the number of installed applications are provided.

  In the present embodiment, the IC card 1 stores, for example, one application for company X as a credit system and two applications for company A and company B as point systems.

  In the present embodiment, the DF name is set to “Credit Company X” as an application file for Credit Company X in DF22 (hereinafter also referred to as DF1, for example), and subordinate to the Credit Company X. There are two files EF25 (hereinafter also referred to as EF1-1) and EF26 (hereinafter also referred to as EF1-2) used in the application.

  In DF23 (hereinafter also referred to as DF2), for example, the DF name is set to “Point A Company” as an application file for Point A Company, and under that, it is used by Point A Company Application EF27 (hereinafter also referred to as EF2-1) and EF28 (hereinafter also referred to as EF2-2) exist. Of these, EF2-1 stores common data, and EF2-2 stores the respective data in the point A company.

  The data stored in the EF2-2 is data having a nested structure as shown in FIG. That is, as shown in FIG. 4A, the data of the second data expression format including the point X identifier (E1) 101, the data length 102 of the point X, and the value 112 of the point X as the data of the point X. Is stored. The point X value 112 is data in the same first data representation format as the second data representation format, that is, data 113 composed of a point value identifier (DF01) 103, a point value length 104, and a point value 105, Data 114 comprising a point upper limit identifier (DF02) 106, a point upper limit length 107, and a point upper limit value 108, a point last update date identifier (DF03) 109, a point last update date value length 110, and a point last update date value The data 115 composed of 111 is arranged in parallel. Such a data structure is called a so-called nested structure.

  Further, as shown in FIG. 4B, as the data of the point Y, the data in the second data expression format composed of the point Y identifier (E2) 121, the data length 122 of the point Y, and the value 123 of the point Y. Is stored. The value 123 of the point Y is data in the same first data representation format as the second data representation format, that is, data 127 including a point value identifier (DF01) 124, a point value length 125, and a point value 126, Data 131 including a point upper limit identifier (DF02) 128, a point upper limit length 129, and a point upper limit 130 is arranged in parallel. Such a data structure is called a so-called nested structure.

  Further, as shown in FIG. 4C, as the data of the point Z, the data in the second data expression format composed of the point Z identifier (E3) 141, the data length 142 of the point Z, and the value 143 of the point Z. Is stored. The value 143 of the point Z is data in the same first data representation format as the second data representation format, that is, data 147 composed of a point value identifier (DF01) 144, a point value length 145, and a point value 146, Data 151 composed of a point upper limit identifier (DF02) 148, a point upper limit length 149, and a point upper limit 150, a point last update date identifier (DF03) 152, a point last update date value length 153, and a point last update date value Data 155 composed of 154 is arranged in parallel. Such a data structure is called a so-called nested structure.

  FIG. 5 shows data management information for managing data to be read and rewritten by designating a data identifier, and is stored in, for example, the data memory 15. In FIG. 5, reference numeral 200 denotes the number of registered control information, 201 denotes registered control information, and 202 denotes an area (free area) to which control information is added.

One control information 201 includes data identifier information 210, setting address information 211, settable size information 212, and security condition information 213. The data identifier information 210 is used for subsequent processing when the identifier specified from the external device is compared with the data identifier information and they match. The set address information 211 is information indicating at which address of the data memory 15 in the card the data is arranged. The settable size information 212 is information indicating a settable size, and the data can be set with a variable length within the range of this information. The security condition information 213 is a security condition that should be set when reading or writing the data.
The details of the data management information are described in, for example, Japanese Patent Application Laid-Open No. 11-282899, so please refer to it.

  FIG. 6 shows a format of data set at a predetermined address by the control information. The data is set to an address on the data memory 15 indicated by the setting address information 211 of the control information. In FIG. 6, reference numeral 220 denotes data management information indicating the length of data, and 221 denotes a data body portion. Reference numeral 222 denotes validity management information of the data, and is used for confirmation of the validity of the data by, for example, exclusive OR of the data management information 220 and the data 221.

  FIG. 7 shows a configuration of instruction data (nested structure data read command) for instructing reading of nested data supplied from the reader / writer 2 to the IC card 1. The nested structure data read command includes a command header section 301, an Lc section 306 indicating the data length of the accompanying data section 307, a data section (identifier of data to be read) 307, and a Le section 308.

The command header section 301 includes a command classification section (CLA: class) 302, an instruction section (INS: instruction) 303, and parameter data (P1, P2) 304 and 305.
The P1 unit 304 and the P2 unit 305 indicate in which identifier the identifier of the data set in the data unit 307 exists. That is, for example, when reading the point value 105 in the data of the point X in FIG. 4, “00” is set in the P1 portion 304, “E1” is set in the P2 portion 305, and “DF01” is set in the data portion 307.

  The CPU 14 of the IC card 1 searches for and outputs the designated data from the identifiers of the data set in the P1 part 304, the P2 part 305, and the data part 307 of the command header part 301 of this nested structure data read command.

Next, a process for reading out nested structure data in such a configuration will be described with reference to the flowcharts shown in FIGS.
When the CPU 14 of the IC card 1 determines that the received command is a nested structure data read command based on the command header portion 301, it is specified by the P1 portion 304 and the P2 portion 305 from the data management information of FIG. Control information that matches the identifier is searched (step S100). If the matching control information can be identified, the process proceeds to step S102, and if not, the process proceeds to step S101. In step S <b> 101, a response status not registered with control information is output to the reader / writer 2.

  In step S102, it is confirmed whether or not the security condition information 213 in the control information is satisfied. If the condition is satisfied, the process proceeds to step S104, and if not satisfied, the process proceeds to step S103. In step S103, the response status not satisfying the security condition is output to the reader / writer 2.

  In step S104, it is confirmed whether or not data has already been set at the address indicated by the setting address information 211 in the control information. If data is set, the process proceeds to step S106, and if data is not set, the process proceeds to step S105. In step S105, the response status with no data set is output to the reader / writer 2.

  In step S106, it is confirmed whether the data length management information 220 of the data is within the range of the settable size information 212 in the control information. If it is within the range, the process proceeds to step S108, and if it exceeds the range, the process proceeds to step S107. In step S107, the response status of the data management information abnormality is output to the reader / writer 2.

  In step S108, the data validity management information 222 of the data is confirmed. If the validity is confirmed, the process proceeds to step S110, and if abnormal, the process proceeds to step S109. In step S109, the response status of the data validity management information abnormality is output to the reader / writer 2.

  In step S110, the address data indicated by the set address information 211 in the control information is read in 1 byte (byte). Next, the read data is confirmed (step S111). If it is confirmed that the next data is also a part of the identifier, the process proceeds to step S112, and the next data is read.

  As a result of the confirmation in step S111, if it is confirmed that the next data is not part of the identifier, it is checked whether or not the read identifier matches the identifier specified in the data portion 307 of the command (step S113). ), If they match, go to step S114; otherwise, go to step S115.

  In step S114, 1 byte of the next data is read, the read value is set as the data length, and the data for the data length is output to the reader / writer 2 together with the response status indicating no abnormality. In step S115, the next data is read by 1 byte, the read value is set as the data length, and an address corresponding to the next identifier is obtained.

  Next, the consistency between the address corresponding to the next identifier obtained in step S115 and the data length management information 220 is confirmed (step S116), and if abnormal, the process proceeds to step S117. Proceed to S118. In step S117, the response status of the data retrieval abnormality is output to the reader / writer 2. Here, as a state of determining as abnormal, for example, there is a case where the obtained address exceeds the address range of the data length specified in the data length management information 220 (see FIG. 10).

  In step S118, one byte of data at the address corresponding to the next identifier obtained in step S115 is read. Next, the read data is confirmed (step S119). If it is confirmed that the next data is also a part of the identifier, the next data is read by 1 byte (step S120), and the process returns to step S113. As a result of the confirmation in step S119, if it is confirmed that the next data is not part of the identifier, the process returns to step S113.

  In this example, the description has been made with the data whose identifier is composed of only 1 byte length or 2 bytes length. However, the same applies when an identifier of 3 bytes or more is included. Further, in this example, the description has been made with the data whose length information is composed of only 1 byte length. For example, ISO / IEC7816-4 Annex. The same applies to the case where the length information is expressed by 1 byte or more as described in D.

  FIG. 11 shows the configuration of instruction data (nested structure data change command) for instructing to change the data of the nested structure supplied from the reader / writer 2 to the IC card 1. The nested structure data change command includes a command header part 401, an Lc part 406 indicating the data length of the accompanying data part 407, and a data part (identifier of data to be changed, data length and data) 407.

The command header section 401 includes a command classification section (CLA: class) 402, an instruction section (INS: instruction) 403, and parameter data (P1, P2) 404 and 405.
The P1 unit 304 and the P2 unit 405 indicate in which identifier the identifier of the data set in the data unit 407 exists. That is, for example, when the point upper limit value 108 in the data of the point X in FIG. 4 is changed, “00” is set in the P1 portion 404, “E1” is set in the P2 portion 405, and “DF02” is set in the data portion 407. .

  The CPU 14 of the IC card 1 searches for and changes designated data from the identifiers of data set in the P1 part 404, the P2 part 405, and the data part 407 of the command header part 401 of the nested structure data change command.

Next, the process of changing the nested structure data in such a configuration will be described with reference to the flowcharts shown in FIGS.
When the CPU 14 of the IC card 1 determines that the received command is a nested structure data change command based on the command header portion 401, it is specified by the P1 portion 404 and the P2 portion 405 from the data management information of FIG. The control information that matches the identifier is searched (step S200). If the matching control information can be specified, the process proceeds to step S202. If the control information cannot be specified, the process proceeds to step S201. In step S <b> 201, a response status not registered with control information is output to the reader / writer 2.

  In step S202, it is confirmed whether or not the security condition information 213 in the control information is satisfied. If the condition is satisfied, the process proceeds to step S204. If the condition is not satisfied, the process proceeds to step S203. In step S203, the response status not satisfying the security condition is output to the reader / writer 2.

  In step S204, it is confirmed whether or not data has already been set at the address indicated by the setting address information 211 in the control information. If data is set, the process proceeds to step S206. If data is not set, the process proceeds to step S205. In step S205, the response status with no data set is output to the reader / writer 2.

  In step S206, it is confirmed whether the data length management information 220 of the data is within the range of the settable size information 212 in the control information. If it is within the range, the process proceeds to step S208. If it exceeds the range, the process proceeds to step S207. In step S207, the response status of the data management information abnormality is output to the reader / writer 2.

  In step S208, the data validity management information 222 of the data is confirmed. If the validity is confirmed, the process proceeds to step S210, and if abnormal, the process proceeds to step S209. In step S209, the response status of the data validity management information abnormality is output to the reader / writer 2.

  In step S210, the data at the address indicated by the setting address information 211 in the control information is read in 1 byte (Byte). Next, the read data is confirmed (step S211). If it is confirmed that the next data is also a part of the identifier, the process proceeds to step S212, and the next data is read by 1 byte.

  As a result of the confirmation in step S211, when it is confirmed that the next data is not a part of the identifier, it is checked whether or not the read identifier matches the identifier specified in the data portion 407 of the command (step S213). ), If they match, the process proceeds to step S214; otherwise, the process proceeds to step S215.

  In step S215, the next data is read by 1 byte, the read value is set as the data length, and an address corresponding to the next identifier is obtained. Next, the consistency between the address corresponding to the next identifier obtained in step S215 and the data length management information 220 is confirmed (step S216). If abnormal, the process proceeds to step S217. Proceed to S218. In step S217, the response status of the data retrieval abnormality is output to the reader / writer 2. Here, as a state of determining as abnormal, for example, there is a case where the obtained address exceeds the address range of the data length specified in the data length management information 220 (see FIG. 10).

  In step S218, one byte of data at the address corresponding to the next identifier obtained in step S215 is read. Next, the read data is confirmed (step S219). If it is confirmed that the next data is also a part of the identifier, the next data is read by 1 byte (step S220), and the process returns to step S213. As a result of the confirmation in step S219, if it is confirmed that the next data is not part of the identifier, the process returns to step S213.

  In step S214, the next data is read by 1 byte, and the read value is set as the data length. Next, in steps S221 and S222, the data length obtained in step S214 is compared with the length specified in the command data portion 407, and if they match, the process proceeds to step S228, and the obtained data length is obtained. Is longer than the length specified in the command data portion 407, the process proceeds to step S224, and if shorter, the process proceeds to step S223.

  In step S223, the total length when changed is compared with the settable size information 212 of the data management information. If the total length exceeds the settable size information 212 of the data management information, the process proceeds to step S226. Advances to step S225. In step S226, a response status indicating that the data length is abnormal is output to the reader / writer 2.

  In step S224, the subsequent data is moved by “current data length−changed data length”, and the data length management information 220 is changed. In step S225, the subsequent data is moved by “changed data length−current data length”, and the data length management information 220 is changed.

  In step S227, the length of the identifier specified in the command data portion 407 is written in the length of the corresponding identifier. In step S228, the new data of the identifier specified in the command data portion 407 is written in the data portion 221 of the corresponding identifier, and then a response status indicating no abnormality is output to the reader / writer 2.

  This will be specifically described with reference to FIG. For example, as shown in FIG. 15 (a), if the data of identifier B is changed, if the data to be changed (new data) is longer, as shown in FIGS. 15 (b) and 15 (c), The subsequent data (data of identifier C) is moved by “changed data length−current data length”, and then new data is written as shown in FIG.

  Next, reading when the same identifier is included in the nested structure data and processing for reading the number of the same identifier will be described. That is, for example, as shown in FIG. 16, when three point addition value identifiers are included in the data of point P, when the second point addition value is read, it is also included in the data of point P. Processing for reading the number of point addition values will be described.

  FIG. 16 shows a data example of a nested structure in which the same identifier is included in the data. The data of the point P shown in FIG. 16A is data in the second data expression format including the point P identifier (EA) 161, the data length 162 of the point P, and the value 163 of the point P. The value 163 of the point P is data in the same first data representation format as the second data representation format, that is, data 167 composed of a point value identifier (DF01) 164, a point value length 165, and a point value 166, Data 171 composed of a point addition value identifier (DF04) 168, a point addition value length 169, and a point addition value 170, and a point addition value identifier (DF04) 172, a point addition value length 173, and a point addition value 174. Data 179 including a data 175, a point addition value identifier (DF04) 176, a point addition value length 177, and a point addition value 178 are arranged in parallel.

  Further, the data of the point Q shown in FIG. 16B is data in the second data expression format including the point Q identifier (EB) 181, the data length 182 of the point Q, and the value 183 of the point Q. The value 183 of the point Q is data in the same first data representation format as the second data representation format, that is, data 187 composed of a point value identifier (DF01) 184, a point value length 185, and a point value 186, It consists of data 191 composed of a point addition value identifier (DF04) 188, a point addition value length 189 and a point addition value 190, a point addition value identifier (DF04) 192, a point addition value length 193 and a point addition value 194. Data 195 are arranged side by side.

  FIG. 17 shows a configuration of instruction data (order designation nested structure data read command) for instructing reading of nested structure data supplied from the reader / writer 2 to the IC card 1. The order designation nested structure data read command includes a command header part 501, an Lc part 506 indicating the data length of the accompanying data part 507, a data part (identifier of data to be read and data order) 507, and a Le part 508. Has been.

The command header section 501 includes a command classification section (CLA: class) 502, an instruction section (INS: instruction) 503, and parameter data (P1, P2) 504 and 505.
The P1 part 504 and the P2 part 505 indicate in which identifier the identifier of the data set in the data part 507 exists. That is, for example, when the second point addition value 174 in the data of point P in FIG. 16 is read, “00” is stored in the P1 portion 504, “EA” is stored in the P2 portion 505, and “DF0402” is stored in the data portion 507. Set.

  The CPU 14 of the IC card 1 searches for the designated data from the identifier and the order of the data set in the P1 part 504, the P2 part 505, and the data part 507 of the command header part 501 of this order designation nested structure data read command, Output.

  FIG. 18 shows the structure of response data that the IC card 1 outputs to the reader / writer 2 after executing the order-designated nested structure data read command sent from the reader / writer 2. The response data includes an identifier 601 specified in the command data part 507, a data length of data searched by the CPU 14 from data specified in the parameter data P1 part 504 and P2 part 505, and a data length for setting the data. 602, a data part 603, a status code part 604 for setting a status code indicating a processing result, and a status code part 605 for setting the total number of data of the identifier specified by the data part 603.

  That is, for example, when a command for reading the second point addition value 174 in the data of point P in FIG. 16 is executed, the second point addition value 174 and the status code portion 605 are stored in the data portion 603. Is the number of point addition values included in the data of point P, which is 3 in the example of FIG. 16, so that “03” is set and output.

Next, the sequence designation nested structure data read processing in such a configuration will be described with reference to the flowcharts shown in FIGS.
When the CPU 14 of the IC card 1 determines that the received command is an order designation nested structure data read command based on the command header 501, it is designated by the P1 part 504 and P2 part 505 from the data management information of FIG. The control information matching the identifier is searched (step S300). If the matching control information can be identified, the process proceeds to step S302. If not, the process proceeds to step S301. In step S <b> 301, a response status not registered with control information is output to the reader / writer 2.

  In step S302, it is confirmed whether or not the security condition information 213 in the control information is satisfied. If the condition is satisfied, the process proceeds to step S304, and if not satisfied, the process proceeds to step S303. In step S303, the response status not satisfying the security condition is output to the reader / writer 2.

  In step S304, it is confirmed whether or not data has already been set at the address indicated by the setting address information 211 in the control information. If data is set, the process proceeds to step S306, and if data is not set, the process proceeds to step S305. In step S305, a response status in which no data is set is output to the reader / writer 2.

  In step S306, it is confirmed whether the data length management information 220 of the data is within the range of the settable size information 212 in the control information. If it is within the range, the process proceeds to step S308. If the range is exceeded, the process proceeds to step S307. In step S307, the response status of the data management information abnormality is output to the reader / writer 2.

  In step S308, the data validity management information 222 of the data is confirmed. If the validity is confirmed, the process proceeds to step S310, and if abnormal, the process proceeds to step S309. In step S309, the response status of the data validity management information abnormality is output to the reader / writer 2.

  In step S310, the counter (not shown) is cleared, and the address data indicated by the set address information 211 in the control information is read by 1 byte (Byte). Next, the read data is confirmed (step S311). If it is confirmed that the next data is also a part of the identifier, the process proceeds to step S312 and 1 byte of the next data is read.

  As a result of the confirmation in step S311, when it is confirmed that the next data is not part of the identifier, it is checked whether or not the read identifier matches the identifier specified in the data portion 507 of the command (step S313). ), If they match, the process proceeds to step S314; otherwise, the process proceeds to step S315.

  In step S314, the counter is incremented. Next, it is checked whether or not the order specified in the command data portion 507 matches the count value of the counter (step S321). If they match, the process proceeds to step S322. If they do not match, the process proceeds to step S315. Proceed to

  In step S315, the next data is read by 1 byte, the read value is set as the data length, and an address corresponding to the next identifier is obtained. Next, the consistency between the address corresponding to the next identifier obtained in step S315 and the data length management information 220 is confirmed (step S316). If it is abnormal, the process proceeds to step S317. The process proceeds to S318. In step S317, the response status of the data retrieval abnormality is output to the reader / writer 2. Here, as a state of determining as abnormal, for example, there is a case where the obtained address exceeds the address range of the data length specified in the data length management information 220 (see FIG. 10).

  In step S318, one byte of data at the address corresponding to the next identifier obtained in step S315 is read. Next, the read data is confirmed (step S319). When it is confirmed that the next data is also a part of the identifier, the next data is read (step S320), and the process returns to step S313. As a result of the confirmation in step S319, if it is confirmed that the next data is not part of the identifier, the process returns to step S313.

  In step S322, 1 byte of the next data is read, the read value is set as the data length, and output data corresponding to the data length is created together with a response status indicating no abnormality. In step S325, the next data is read by 1 byte, the read value is set as the data length, and an address corresponding to the next identifier is obtained.

  Next, the consistency between the address corresponding to the next identifier obtained in step S325 and the data length management information 220 is confirmed (step S326). If it is abnormal, the process proceeds to step S331. The process proceeds to S328, and if the data is complete, the process proceeds to Step S327. In step S331, the response status of the data retrieval abnormality is output to the reader / writer 2.

  In step S327, the response status indicating no abnormality is set to the status code (1), the counter count and value are set to the status code (2), and the data is output to the reader / writer 2 together with the data created in step S322.

  In step S328, one byte of data at the address corresponding to the next identifier obtained in step S325 is read. Next, the read data is confirmed (step S329). If it is confirmed that the identifier is a 2-byte identifier, the next data is read (step S330), and the process proceeds to step S323. As a result of the confirmation in step S329, if it is confirmed that the identifier is not a 2-byte identifier, the process proceeds to step S323.

  In step S323, it is checked whether or not the read identifier matches the identifier specified in the data portion 507 of the command. If they match, the process proceeds to step S324, and if they do not match, the process proceeds to step S325. In step S324, the counter is incremented, and the process proceeds to step S325.

  As described above, the processing of steps S323, S324, S325, S326, S328, S329, and S330 is repeatedly performed until it is determined in step S326 that the data is ended. Is the value of the number of specified identifiers contained.

  Next, a process for deleting the data of the identifier specified by the nested structure data will be described. That is, for example, as shown in FIG. 22, a process for deleting the data of identifier B in the data structure including identifier A, identifier B, and identifier C will be described.

  FIG. 23 shows a configuration of command data (nested structure data deletion command) for instructing deletion of nested data supplied from the reader / writer 2 to the IC card 1. The nested structure data deletion command includes a command header part 701, an Lc part 706 indicating the data length of the accompanying data part 707, and a data part (identifier of data to be deleted) 707.

The command header portion 701 includes a command classification portion (CLA: class) 702, an instruction portion (INS: instruction) 703, and parameter data (P1, P2) 704, 705.
The P1 part 704 and the P2 part 705 indicate in which identifier the identifier of the data set in the data part 707 exists. That is, for example, when the point upper limit value 108 in the data of the point X in FIG. 4 is deleted, “00” is set in the P1 portion 704, “E1” is set in the P2 portion 705, and “DF02” is set in the data portion 707. .

  The CPU 14 of the IC card 1 searches for and deletes the designated data from the identifiers of data set in the P1 part 704, P2 part 705, and data part 707 of the command header part 701 of this nested structure data deletion command.

Next, the process of deleting nested structure data in such a configuration will be described with reference to the flowcharts shown in FIGS.
If the CPU 14 of the IC card 1 determines that the received command is a nested structure data deletion command based on the command header portion 401, it is specified by the P1 portion 704 and the P2 portion 705 from the data management information in FIG. The control information that matches the identifier is searched (step S400). If the matching control information can be specified, the process proceeds to step S402, and if the control information cannot be specified, the process proceeds to step S401. In step S <b> 401, a response status not registered with control information is output to the reader / writer 2.

  In step S402, it is confirmed whether or not the security condition information 213 in the control information is satisfied. If the condition is satisfied, the process proceeds to step S404. If not satisfied, the process proceeds to step S403. In step S403, the response status not satisfying the security condition is output to the reader / writer 2.

  In step S404, it is confirmed whether or not data has already been set at the address indicated by the setting address information 211 in the control information. If data has been set, the process proceeds to step S406. If data has not been set, the process proceeds to step S405. In step S405, a response status with no data set is output to the reader / writer 2.

  In step S406, it is confirmed whether the data length management information 220 of the data is within the range of the settable size information 212 in the control information. If it is within the range, the process proceeds to step S408, and if it exceeds the range, the process proceeds to step S407. In step S407, the response status of the data management information abnormality is output to the reader / writer 2.

  In step S408, the data validity management information 222 of the data is confirmed. If the validity is confirmed, the process proceeds to step S410, and if abnormal, the process proceeds to step S409. In step S409, the response status of the data validity management information abnormality is output to the reader / writer 2.

  In step S410, the address data indicated by the setting address information 211 in the control information is read in 1 byte (Byte). Next, the read data is confirmed (step S411). If it is confirmed that the next data is also a part of the identifier, the process proceeds to step S412 and the next data is read by 1 byte.

  As a result of the confirmation in step S411, if it is confirmed that the next data is not part of the identifier, it is checked whether or not the read identifier matches the identifier specified in the data portion 407 of the command (step S413). ), If they match, the process proceeds to step S414; otherwise, the process proceeds to step S415.

  In step S415, the next data is read by 1 byte, the read value is set as the data length, and an address corresponding to the next identifier is obtained. Next, the consistency between the address corresponding to the next identifier obtained in step S415 and the data length management information 220 is confirmed (step S416). If it is abnormal, the process proceeds to step S417. The process proceeds to S418. In step S417, the response status of the data retrieval abnormality is output to the reader / writer 2.

  In step S418, one byte of data at the address corresponding to the next identifier obtained in step S415 is read. Next, the read data is confirmed (step S419). If it is confirmed that the next data is also a part of the identifier, the next data is read (step S420), and the process returns to step S413. As a result of the confirmation in step S419, if it is confirmed that the next data is not part of the identifier, the process returns to step S413.

  In step S414, the next data is read by 1 byte, the read value is set as the data length, and an address corresponding to the next identifier is obtained. Next, the consistency between the address corresponding to the next identifier obtained in step S414 and the data length management information 220 is confirmed (step S421). If abnormal, the process proceeds to step S424, and there is no subsequent data. Advances to step S423, and if there is subsequent data, advances to step S3422.

  In step S422, the subsequent data is moved by “the data length to be deleted”. In step S423, the data length management information 220 is corrected, and then a response status indicating no abnormality is output to the reader / writer 2. In step S424, the response status of the data retrieval abnormality is output to the reader / writer 2.

  This will be specifically described with reference to FIG. For example, as shown in FIG. 22A, if the data of the identifier B is deleted, as shown in FIGS. 22B and 22C, after the data of the identifier B is deleted, the subsequent data (identifier C data) is moved by the “data length to be deleted”, and then the data length management information 220 is changed to a correct value.

  Next, a process for writing data of an identifier designated by nested structure data will be described. That is, for example, as shown in FIG. 27, a process of writing the data of identifier C in the data structure including identifier A and identifier B will be described.

  FIG. 28 shows a configuration of instruction data (nested structure data write command) for instructing writing of nested data supplied from the reader / writer 2 to the IC card 1. The nested structure data write command is composed of a command header 801, an Lc portion 806 indicating the data length of the accompanying data portion 807, and a data portion (data identifier to be written, data length and data) 807.

  The command header portion 801 includes a command classification portion (CLA: class) 802, an instruction portion (INS: instruction) 803, and parameter data (P1, P2) 804 and 805. A P1 part 804 and a P2 part 805 indicate in which identifier the identifier of the data set in the data part 807 exists.

Next, the process of changing the nested structure data in such a configuration will be described with reference to the flowchart shown in FIG.
When the CPU 14 of the IC card 1 determines that the received command is a nested structure data write command based on the command header portion 801, it is specified by the P1 portion 804 and the P2 portion 805 from the data management information of FIG. The control information that matches the identifier is searched (step S500). If the matching control information can be identified, the process proceeds to step S502. If not, the process proceeds to step S501. In step S <b> 501, a response status not registered with control information is output to the reader / writer 2.

  In step S502, it is confirmed whether or not the security condition information 213 in the control information is satisfied. If the condition is satisfied, the process proceeds to step S504, and if not satisfied, the process proceeds to step S503. In step S503, the response status not satisfying the security condition is output to the reader / writer 2.

  In step S504, it is confirmed whether or not data has already been set at the address indicated by the setting address information 211 in the control information. If data is set, the process proceeds to step S506, and if data is not set, the process proceeds to step S505. In step S505, the response status with no data set is output to the reader / writer 2.

  In step S506, it is confirmed whether the data length management information 220 of the data is within the range of the settable size information 212 in the control information. If it is within the range, the process proceeds to step S508, and if it exceeds the range, the process proceeds to step S507. In step S507, the response status of the data management information abnormality is output to the reader / writer 2.

  In step S508, the data validity management information 222 of the data is confirmed. If the validity is confirmed, the process proceeds to step S510, and if abnormal, the process proceeds to step S509. In step S509, the response status of the data validity management information abnormality is output to the reader / writer 2.

  In step S510, the consistency between the data length to be added and the data length management information 220 is confirmed. As a result of the confirmation, if the data length to be added is added to the current data length management information 220, if the settable size information 212 is exceeded, the process proceeds to step S511, and if not, the process proceeds to step S512.

  In step S511, the response status of the memory excess abnormality is output to the reader / writer 2. In step S 512, the command data portion 807 is written, the data length management information 220 is corrected, and then a response status indicating no abnormality is output to the reader / writer 2.

  This will be specifically described with reference to FIG. For example, as shown in FIG. 27A, if data is written after the data of identifier B, data of identifier C is written next to data of identifier B as shown in FIGS. Thereafter, the data length management information 220 is changed to a correct value.

  In this way, the identifier of data existing in the nested structure, that is, the identifier of the second data representation format (outer identifier) and the identifier of the first data representation format (inner identifier) of the nested structure data are designated by the command. Thus, it is possible to directly read, change, delete, and write only the identifier data in the first data representation format that is required.

1 is a block diagram schematically showing a configuration of an IC card system using an IC card as a portable electronic device according to an embodiment of the present invention. 1 is a block diagram schematically showing the configuration of an IC card. The conceptual diagram of the file structure at the time of comprising a some application in data memory. The figure which shows an example of nested structure data. The figure for demonstrating data management information. The figure which shows the format of the data set to a predetermined address by control information. The figure which shows the structure of a nested structure data read command. The flowchart explaining the flow of the reading process of nested structure data. The flowchart explaining the flow of the reading process of nested structure data. The figure explaining the state which confirms the consistency of an address and data length management information, and determines with abnormality. The figure which shows the structure of a nested structure data change command. The flowchart explaining the flow of the change process of nested structure data. The flowchart explaining the flow of the change process of nested structure data. The flowchart explaining the flow of the change process of nested structure data. The figure for demonstrating the change process of nested structure data. The figure which shows an example of the nested structure data in which the same identifier is contained in data. The figure which shows the structure of an order designation | designated nested structure data read command. The figure which shows the structure of the response data with respect to an order designation | designated nested structure data read command. The flowchart explaining the flow of the reading process of order designation | designated nested structure data. The flowchart explaining the flow of the reading process of order designation | designated nested structure data. The flowchart explaining the flow of the reading process of order designation | designated nested structure data. The figure which shows the structure of a nested structure data deletion command. The figure for demonstrating the deletion process of nested structure data. The flowchart explaining the flow of the deletion process of nested structure data. The flowchart explaining the flow of the deletion process of nested structure data. The flowchart explaining the flow of the deletion process of nested structure data. The figure for demonstrating the write-in process of nested structure data. The figure which shows the structure of a nested structure data write command. The flowchart explaining the flow of the writing process of nested structure data.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... IC card (portable electronic device), 2 ... Reader / writer (external device), 3 ... Personal computer, 11 ... Magnetic stripe part, 12 ... Communication part, 13 ... IC chip, 14 ... CPU, 15 ... Data memory, 16 ... Working memory, 17 ... Program memory.

Claims (6)

A data representation format composed of an identifier, a length, and a value is defined as a first data representation format, and at least one data represented in the first data representation format is arranged in parallel with the value. Memory that stores the data of
Control information is provided corresponding to each data stored in the memory, and is information for controlling the corresponding data, and at least control information including information indicating an identifier of the data corresponding to the control information is stored. Control information storage means;
A command that is sent from an external device and includes at least an identifier of the access target data and parameter data indicating the location of the identifier of the access target data, and specifies a second data representation format identifier and a first data representation format identifier Receiving means for receiving;
When receiving the command by the receiving means, control information determining means for determining whether or not the control information matching the identifier specified by the parameter data of the command is in the control information storage means;
When it is determined by the control information determining means that there is control information that matches the identifier specified by the parameter data, the identifier of the second data expression format specified by the command received by the receiving means and the second Reading means for reading data of the identifier of the first data representation format from the memory based on the identifier of the one data representation format;
A portable electronic device comprising: A data representation format composed of an identifier, a length, and a value is defined as a first data representation format, and at least one data represented in the first data representation format is arranged in parallel with the value. Memory that stores the data,
Control information is provided corresponding to each data stored in the memory, and is information for controlling the corresponding data, and at least control information including information indicating an identifier of the data corresponding to the control information is stored. Control information storage means;
A command that is sent from an external device and includes at least an identifier of the access target data and parameter data indicating the location of the identifier of the access target data, and specifies a second data representation format identifier and a first data representation format identifier Receiving means for receiving;
When receiving the command by the receiving means, control information determining means for determining whether or not the control information matching the identifier specified by the parameter data of the command is in the control information storage means;
When it is determined by the control information determining means that there is control information that matches the identifier specified by the parameter data, the identifier of the second data expression format specified by the command received by the receiving means and the second Writing means for writing data of the identifier of the first data representation format to the memory based on the identifier of the one data representation format;
A portable electronic device comprising: A data representation format composed of an identifier, a length, and a value is defined as a first data representation format, and at least one data represented in the first data representation format is arranged in parallel with the value. Memory that stores the data of
Control information is provided corresponding to each data stored in the memory, and is information for controlling the corresponding data, and at least control information including information indicating an identifier of the data corresponding to the control information is stored. Control information storage means;
A command that is sent from an external device and includes at least an identifier of the access target data and parameter data indicating the location of the identifier of the access target data, and specifies a second data representation format identifier and a first data representation format identifier Receiving means for receiving;
When receiving the command by the receiving means, control information determining means for determining whether or not the control information matching the identifier specified by the parameter data of the command is in the control information storage means;
If the control information that matches the identifier specified by the parameter data is determined to be a control information determining unit, the identifier of the second data representation format designated by the received command by the receiving means and the Changing means for changing the data of the identifier of the first data representation format to the memory based on the identifier of the one data representation format;
A portable electronic device comprising: A data representation format composed of an identifier, a length, and a value is defined as a first data representation format, and at least one data represented in the first data representation format is arranged in parallel with the value. Memory that stores the data of
Control information is provided corresponding to each data stored in the memory, and is information for controlling the corresponding data, and at least control information including information indicating an identifier of the data corresponding to the control information is stored. Control information storage means;
A command that is sent from an external device and includes at least an identifier of the access target data and parameter data indicating the location of the identifier of the access target data, and specifies a second data representation format identifier and a first data representation format identifier Receiving means for receiving;
When receiving the command by the receiving means, control information determining means for determining whether or not the control information matching the identifier specified by the parameter data of the command is in the control information storage means;
When it is determined by the control information determining means that there is control information that matches the identifier specified by the parameter data, the identifier of the second data expression format specified by the command received by the receiving means and the second Deleting means for deleting the data of the identifier of the first data representation format from the memory based on the identifier of the one data representation format;
A portable electronic device comprising: A data representation format composed of an identifier, a length, and a value is defined as a first data representation format, and at least one data represented in the first data representation format is arranged in parallel with the value. Memory that stores the data of
Control information is provided corresponding to each data stored in the memory, and is information for controlling the corresponding data, and at least control information including information indicating an identifier of the data corresponding to the control information is stored. Control information storage means;
A command that is sent from an external device and includes at least an identifier of the access target data and parameter data indicating the location of the identifier of the access target data, and specifies a second data representation format identifier and a first data representation format identifier Receiving means for receiving;
When receiving the command by the receiving means, control information determining means for determining whether or not the control information matching the identifier specified by the parameter data of the command is in the control information storage means;
When it is determined by the control information determining means that there is control information that matches the identifier specified by the parameter data, the identifier of the second data expression format specified by the command received by the receiving means and the second Output means for outputting the number of data of the identifier of the first data representation format stored in the memory based on the identifier of one data representation format;
A portable electronic device comprising:   6. The portable electronic device according to claim 5, wherein the reading means reads the second data when the same identifier is included in the second data representation format.

Images