ISO IEC TS 22924 pdf – Identification cards — Transport layer topologies — Configuration for HCI/ HCP interchange
5.1.5 Host controller The host controller can be a dedicated physical device or a software component on a device exposing the host controller and zero, one or more hosts in the HCI network. The host controller can provide more than one physical interface. The host controller allocates dynamic HIDs and PIDs as applicable. A host can request the host controller to create a new dynamic pipe between two gates. The host requesting the pipe is the source host. If successful, then a pipe is created between the source host and a destination host. The host controller uses the WHITELIST defined by the destination host in order to verify that the source host is authorized to create a pipe. Once a pipe is open between the gates of two hosts, the host controller handles packets of data between the two hosts based on the routing information provided by the PID in the network field of the HCP header.
In case a packet length exceeds the physical buffers sizes present on the host and on the host controller, data are transferred in multiple subsequent fragments of the packet, with fragments in chaining mode specified by the CHAINING field in the HCP header. As the physical buffer size present on each host interface may vary with each implementation, the host controller may need to perform data re-assembly and re-segmentation before forwarding it, according to each interface specification. Data integrity checking and flow control for communications with each host according to specific data link layer rules applicable for each physical interface is performed on each connection between a host and the host controller. The host controller should have the ability to set a host into a power saving mode and resume a host for access with a sequence specific to each physical interface and host architecture. These elements of the OSI physical layer and data link layer are not defined in this document.
5.1.6 General aspects on APDU gate According to ETSI TS 102 622, the host sending the APDU command is called the “client APDU host”; and the host receiving and processing the APDU commands is called the “server APDU host”. The server APDU host has an APDU gate with GID=’30’. The client APDU host has an APDU application gate. APDUs shall be as defined in ISO/IEC 7816-4. Usage of both the basic logical channel and further logical channel(s) is allowed. Assume a secure element with a physical interface receives command APDU and sends corresponding response APDU. Its physical interface has a data link layer and a transport protocol for communication. If such a secure element acts as a server APDU host in an HCI network, then this secure element also has an APDU gate. The physical interface of such a secure element acts as a pipe to APDU application gates of other hosts. The APDU gate within such a secure element is the APDU handler of its COS. A client APDU host shall not create more than one pipe to the APDU gate of a server APDU host. The APDU gate may accept only an implementation specific maximum concurrent number of pipes from other client APDU hosts. The general rules are as follows.
a) A pipe bridges between two gates from two hosts.
b) A pipe identifier in a host shall address a unique gate within the other host.
c) A gate shall only accept a command or an event on a pipe when the state of that pipe is open unless determined otherwise by the application.
d) A gate shall not send a command or event on a pipe when it is waiting for a response to a previous command on that pipe.