multiflex

Multiflex

The multiflex package, multiflex::, brings into Tcl the commands to Schlumberger's general-purpose Multiflex smart card.

Here are some sample Tcl scripts using this package:

filestat.tcl - display the characteristics of a smart card file
securitydemo.tcl - exercise some of the security features of Multiflex
MACdemo.tcl - demonstrate the use of protected mode (MAC'd) commands
pursedemo.tcl - show four ways to update an electronic purse, from unsafe to very safe

Here are the 25 commands on the Multiflex interface. IncreaseStamped, DecreaseStamped, Give Challenge and Directory are only available on Multiflex 8K.

Function	Description	Tcl Usage	Args
Append Record	Append to a record file	multiflex::appendRecord
Change PIN	Change the PIN in a directory to a new value	multiflex:changePIN	oldPIN - current value of PIN newPIN - new value of PIN
Create File	Create a new file in the current directory	multiflex::createFile
Create Record	Add a new record to a linear file	multiflex::createRecord	data - initial data in the record
Decrease	Decrease the amount in an electronic purse	multiflex::decrease	amount - 3-byte amount to be subtracted from purse
Delete File	Delete a file in the current directory	multiflex::deleteFile	fileID - 2-byte fileID of file to be deleted
Descrase Stamped	Descrease current electronic and return a verfication record	multiflex::decrease	amount - 3-byte amount to be subtracted from purse
Directory	Retrieve a list of the files in the current DF	multiflex::directory
External Authenticate	Authenticate the smartcard application	multiflex::externalAuthenticate
Get Challenge	Generate a random challenge	multiflex::getChallenge challenge	challenge - 8-byte challenge
Get Response	Retrieve waiting data from the smartcard	multiflex::getResponse
Give Challenge	Send a challenge to the smart card	multiflex::giveChallenge	vname - name of variable to be set to the challenge from the card
Increase	Increase the amount in an electronic purse	multiflex::increase	amount - 3-byte amount to be added to the purse
Internal Authenticate	Prove that the smartcard has a secret key	multiflex::internalAuthenticate
Invalidate	Mark the current file as unavailable	multiflex::invalidate
Read Binary	Read data from a transparent file	multiflex::readBinary offset len data	offset - starting offset len - length to read data - the data read
Read Record	Read from a record file	multiflex::readRecord
Rehabilitate	Mark the current file as available	multiflex::rehabilitate
Seek	Look for a pattern in a linear file	multiflex::seek	offset - number of bytes into each reacord to start matching mode - record at which to start pattern - pattern to look for
Select File	Select a file for subsequent file operations.	multiflex::selectFile fileID	fileID - the numeric fileID
Unblock PIN	Reactivate a PIN that has become blocked	multiflex::unblock	unblockPIN - PIN needed to unblock the PIN newPIN - the new PIN
Update Binary	Update data in a transparent file	multiflex::updateBinary offset len data	offset - starting offset len - length to update data - the data to update
Update Record	Update within a record file	multiflex::updateRecord
Verify Key	Check for a match of password type info	multiflex::verifyKey	keyNum - index of key in external authentication file key - 8-byte key
Verify PIN	Check a PIN value	multiflex::verifyPIN	PIN - 1- to 8-byte PIN value

The following commands are protected mode variants of the base command and simply add the first six bytes of the encrypted challenge provided by the card to the argument list: createFileMAC, createRecordMAC, decreaseMAC, decreaseStampedMAC, increaseMAC, increaseStampedMAC, invalidateMAC, rehabilitateMAC, udpateBinaryMAC, and updateRecordMAC. Consult the MACdemo and pursedemo scripts for examples of using protected mode commands.