Re: [Opensc-devel] Request for object 5C017E in PIV

[Douglas E E. <dee...@gm...>]

On 6/19/2014 6:25 PM, William Roberts wrote:
> Having some issues deciphering an APDU its the NIST GET DATA command
> with the data element set to BER-TLV 5C017E.

Most likely that is a Discovery object, "7E", that is optional.
See NIST 800-73-3 part 2 Section 3.1.2 and
800-73-3 part 1 3.2.6 Discovery Object


I suspect that the APDU was:
00 CB 3F FF 03 5C 01 7E

Since the discovery object defines what pins can be used with the card,
the OpenSC tries to read it.

>
> I generate this by issuing command:
> $ piv-tool -A A:9B:07 -G 9A:07 -o foo

The -A option is for authenticate. It is vendor card specific.
Some use M some use A.

The 9B:07 would be a RSA 2048 key. All of the test cards I have used
use either 9B:01 (2des) or 9B:03(3des) Current OpenSC code may not handle
RSA for this. Check with your card vendor to see what is needed.


>
> My question is, what container object is this associated with, I cant
> find it in the PIV specs by Nist?
>
> My card is returning 6A82 which is "Object Not Found"

The discovery Object is optional.

>
> Any help?
>
> Thanks.
>

-- 

  Douglas E. Engert  <DEE...@gm...>