SIMPLE-TLV vs BER-TLV

nish1013 picture nish1013 · Sep 17, 2013 · Viewed 20.6k times · Source

I have found in docs they are referring to SIMPLE-TLV and BER-TLV . I was look into most of the EMV and GP docs but they have not mentioned the different.

Could anyone help me to understand the difference of two ?

Answer

Maarten Bodewes picture Maarten Bodewes · Sep 21, 2013

Data fields in ISO/IEC 7816-4 for smart cards

BER encoding

This is the specification of the more common BER encoding used by ISO/IEC 7816-4:

Each BER-TLV data object shall consists of 2 or 3 consecutive fields (see ISO/IEC 8825 and annex D).

The tag field T consists of one or more consecutive bytes. It encodes a class, a type and a number. The length field consists of one or more consecutive bytes. It encodes an integer L. If L is not null, then the value field V consists of L consecutive bytes. If L is null, then the data object is empty: there is no value field.

Note that ISO/IEC 7816 only allows the use of up to 5 length bytes (specifying a size up to 2^32 - 1 bytes) in the current standard. Indefinite length encoding is not supported either. These limitations are specific to smart cards. Note that 4 and 5 byte length encodings were introduced in a later version of ISO/IEC 7816-4; earlier cards / card reading applications may only support 3 length bytes (i.e. a value size up to 64KiB bytes, instead of 4GiB).

The BER TLV specification is much more expansive (which is why SIMPLE-TLV is called "simple"). I won't go into the details too much as there is plenty of information available on the internet. To name just a few differences, the tags have syntactical meaning and may consist of multiple bytes and the length encoding is rather complex.

Normally BER should only be used as an encoding of ASN.1 structures, with the ASN.1 syntax defining the structure. ISO 7816-4 however messes this up and only specifies the BER tag bytes directly.

Note that sometimes DER is specified instead of BER. In that case you should only use the minimum number of bytes for the size of the length field - e.g. a single length byte with value 05 in the samples below. The ISO/IEC specification of BER encoding is basically a copy of the US specific X.690 standard, also reflected in the international standard ISO/IEC 8825-1 (both payware).

SIMPLE-TLV encoding

The BER specification in ISO/IEC 7816-4 is followed by the SIMPLE-TLV specification. SIMPLE-TLV is specific to ISO 7816-4.

Each SIMPLE-TLV data object shall consist of 2 or 3 consecutive fields.

The tag field T consists of a single byte encoding only a number from 1 to 254 (e.g. a record identifier). It codes no class and no construction-type. The length field consists of 1 or 3 consecutive bytes. If the leading byte of the length field is in the range from '00' to 'FE', then the length field consists of a single byte encoding an integer L valued from 0 to 254. If the leading byte is equal to 'FF', then the length field continues on the two subsequent bytes which encode an integer L with a value from 0 to 65535. If L in not null, then the value field V consists of consecutive bytes. If L is null, then the data object is empty: there is no value field.

Note that the standard forgets to specify the endianness directly. You can however assume big endian encoding within ISO/IEC 7816-4.

Samples

The following samples are all used to convey the same tag number (which defines the field) and value, except one that defines tag number 31 for BER.

Sample SIMPLE-TLV

0F 05 48656C6C6F                 // tag number 15, length 5 then the value
0F FF0005 48656C6C6F             // tag number 15, length 5 (two bytes), then the value

Sample BER-TLV:

4F 05 48656C6C6F                 // *application specific*, primitive encoding of tag number 15, length 5 then the value
4F 8105 48656C6C6F               // the same, using two bytes to encode the length
4F 820005 48656C6C6F             // the same, using three bytes to encode the length
4F 83000005 48656C6C6F           // the same, using four bytes to encode the length
4F 8400000005 48656C6C6F         // the same , using five bytes to encode the length
5F0F 05 48656C6C6F               // **invalid** encoding of the same, with two bytes for the tag, specifiying a tag number 15 which is smaller than 31
5F1F 05 48656C6C6F               // application specific, primitive encoding of **tag number 31**

In the last example with the two byte tag encoding, the first byte is 40 hex, where the first 3 leftmost bits 010 specify application specific encoding, adding the magic value 1F (31) to it to indicate that another byte will follow with the actual tag number, again 1F, so value 31.

Differences

The following differences should be noted:

  • SIMPLE-TLV is a different method of encoding for tag and length (although the encoding may look similar, e.g. when using a single byte to indicate the length part)
  • SIMPLE-TLV does not contain information about the class of the field, e.g. if it is defined for ASN.1 (because it is not linked to ASN.1)
  • SIMPLE-TLV does not contain information if it is primitive or constructed (primitive directly specifies a value, constructed means nested TLV structures)
  • SIMPLE-TLV has restrictions regarding the tag number (between 1 and 254, inclusive) and length (up to 65535)