1. Field of the Invention
The present invention relates to an IC card, and, more particularly, to an IC card which stores an application program for performing various functions required for using the IC card as well as storing a test program for testing the IC card itself (product test).
2. Description of the Related Art
Since the test program makes the IC card perform its function test (product test), it can access any desired address in the memory of the IC card. Therefore, accessing of the test program must be highly secure to protect against any unauthorized intrusion into other programs in the IC card via the test program for copying or destroying such programs upon reading thereof or changing the contents of those programs. Therefore, IC cards are arranged so that a pass code is previously stored therein, said pass code always being subjected to a collation action before accessing of the test program. FIG. 1 is a block diagram which schematically illustrates the structure of a conventional IC card. An IC card 10 is designed such that a system ROM 3, an application ROM 4, an EEPROM 5, a RAM 6, and an I/O circuit 7 are respectively connected to a CPU 1 via an internal bus 2. In order to provide security for accessing of the test program, a pass code 51 and a setting confirmation code 52 for confirming the fact that the pass code 51 has been written and stored in the EEPROM 5. A terminal Pl is a positive power source input terminal, a terminal P2 is an earth terminal for the power source, a terminal P3 is a reset signal terminal for inputting a reset signal for initializing each block, a terminal P4 is a clock terminal to which a clock signal is input, and a terminal P5 is an I/O terminal, the IC card being connectable to external equipment through these terminals P1 to P5. FIG. 2 is a flow chart which illustrates the structures of programs respectively stored in the system ROM 3 serving as a second read only memory and the application ROM 4 serving as a first read only memory. An application program or programs 41 stored in the application ROM 4 are programs for performing various functions which are actually used by users of the IC card. A test program 31 stored in the system ROM 3 is a program for performing the functional test of the IC card 10. A branch routine 32 determines whether the test program 31 or the application program 41 is to be executed and branches to the selected program. A setting confirmation routine 33 and a pass code collation routine 34 provide security for accessing of the test program 31. The pass code 51 and the setting confirmation code 52 are written and stored in the EEPROM 5 serving as a non-volatile memory in the IC card, for example, before forwarding of the IC card from the manufacture. When the test program 31 is accessed after the forwarding of the IC card, this pass code 51 and a pass code input from outside of the IC card are always collated with each other before this accessing. As a result, only when the above pass codes coincide with each other is the accessing of the test program 31 allowed. The above collation action is performed in accordance with the pass code collation routine 34. Further, the setting confirmation code 52 serving as a write confirmation code, indicating whether or not the pass code has been stored is written in the EEPROM 5 so that it can be determined whether or not the pass code 51 has already be stored in accordance with this setting confirmation code 52. The above-confirmation action is performed in accordance with the setting confirmation routine 33. The setting confirmation code 52 must be selected so as not to overlap the initial value of the EEPROM 5 at the time of manufacturing the IC card.
The above will be described in order with reference to FIGS. 1 and 2. When a reset signal is input from the outside of the IC card to the reset signal terminal P3, the CPU 1 reads out an execution start address, which is previously stored at a given address in the system ROM 3, to start execution of the branch routine 32 from the execution start address. In the branch routine 32, the CPU 1 executes the setting confirmation routine 33 when a command to execute the test program 31 is input to the I/O terminal P5 from the outside. In the setting confirmation routine 33, it is determined whether the pass code 51 has already been written in the EEPROM 5 in accordance with the setting confirmation code 52 stored in the EEPROM 5. If the pass code 51 has already been written, the pass code collation routine 34 is executed. If the pass code 51 has not yet been written (for example, where the test program is executed during the manufacturing process), the test program 31 may be directly executed without collation of the pass code. In the pass code collation routine 34, collation between the pass code 51 written in the EEPROM 5 and the pass code input to the I/O terminal P5 is made. Only when the two pass codes coincide with each other can the test program 31 be executed. If they do not coincide, the action is stopped. When the test program is executed during the manufacturing process, another pass code (not illustrated), may be stored in the system ROM in which the test program is stored, whereby a collation with this pass code may be made. Using a common pass code for all of the IC cards during manufacture is convenient and, therefore, the pass code to be stored in the system ROM is usually common to each and every IC card. The pass code written in the system ROM cannot be rewritten. Further, there are also IC cards in which all of the inner structures shown in FIG. 1 are formed on one semiconductor IC.
Conventional IC cards are structured as described above and the pass codes are stored either in the EEPROM serving as a non-volatile memory or in the system ROM in which the test program and the above routines have been stored. However, if a pass code is stored in the system ROM in which the test program and the routines have been stored, the stored pass code cannot be changed. On the other hand, if the code is stored in the EEPROM, the stored pass code can be read ascertained and rewritten by anyone because the pass code can be read out from the application programs used by users.