PIV General Auth command example correct

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

PIV General Auth command example correct

William Roberts
Is the command given here:

https://www.opensc-project.org/opensc/wiki/PivTool

piv-tool -A A:9B:03 -s 00:DB:3F:FF:09:5C:03:5F:C1:05:53:00:00:00

Correctly formated. The NIST docs say the data in the PUT DATA
apdu shall be formated with 2 tags, 5C and 53. So parsing the above we
end up with:

5C:03:5F:C1:05
53:00:00:00

Assuming that TAG 53 should at least be a properly structured TLV, it
is not. Shouldn't it be:

53:02:00:00

?


--
Respectfully,

William C Roberts

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: PIV General Auth command example correct

Douglas E Engert


On 7/25/2014 5:16 PM, William Roberts wrote:
> Is the command given here:
>
> https://www.opensc-project.org/opensc/wiki/PivTool
>
> piv-tool -A A:9B:03 -s 00:DB:3F:FF:09:5C:03:5F:C1:05:53:00:00:00

Should be
piv-tool -A A:9B:03 -s 00:DB:3F:FF:07:5C:03:5F:C1:05:53:00

>
> Correctly formated. The NIST docs say the data in the PUT DATA
> apdu shall be formated with 2 tags, 5C and 53. So parsing the above we
> end up with:
>
> 5C:03:5F:C1:05
> 53:00:00:00
>
> Assuming that TAG 53 should at least be a properly structured TLV, it
> is not. Shouldn't it be:
>
> 53:02:00:00

No. It was meant to be a zero length object.

53:00

I never could find in the NIST docs how to erase an object, but the above
works, on all I have tested.
>
> ?
>
>

--

  Douglas E. Engert  <[hidden email]>


------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: PIV General Auth command example correct

Douglas E Engert
In reply to this post by William Roberts


On 7/25/2014 5:16 PM, William Roberts wrote:
> Is the command given here:
>
> https://www.opensc-project.org/opensc/wiki/PivTool

www.opensc-project.org is out of date.

The official wiki is at

  https://github.com/OpenSC/OpenSC/wiki

The PivTool page has been update. See my previous note.

>
> piv-tool -A A:9B:03 -s 00:DB:3F:FF:09:5C:03:5F:C1:05:53:00:00:00
>
> Correctly formated. The NIST docs say the data in the PUT DATA
> apdu shall be formated with 2 tags, 5C and 53. So parsing the above we
> end up with:
>
> 5C:03:5F:C1:05
> 53:00:00:00
>
> Assuming that TAG 53 should at least be a properly structured TLV, it
> is not. Shouldn't it be:
>
> 53:02:00:00
>
> ?
>
>

--

  Douglas E. Engert  <[hidden email]>


------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: PIV General Auth command example correct

William Roberts
gitgub shows the wiki page for piv-tool as last edited on June 21:

https://github.com/OpenSC/OpenSC/wiki/PivTool

The full command should be this then (The length on the apdu was wrong as well):

piv-tool -A A:9B:03 -s 00:DB:3F:FF:07:5C:03:5F:C1:05:53:00



On Sat, Jul 26, 2014 at 5:30 PM, Douglas E Engert <[hidden email]> wrote:

>
>
> On 7/25/2014 5:16 PM, William Roberts wrote:
>> Is the command given here:
>>
>> https://www.opensc-project.org/opensc/wiki/PivTool
>
> www.opensc-project.org is out of date.
>
> The official wiki is at
>
>   https://github.com/OpenSC/OpenSC/wiki
>
> The PivTool page has been update. See my previous note.
>
>>
>> piv-tool -A A:9B:03 -s 00:DB:3F:FF:09:5C:03:5F:C1:05:53:00:00:00
>>
>> Correctly formated. The NIST docs say the data in the PUT DATA
>> apdu shall be formated with 2 tags, 5C and 53. So parsing the above we
>> end up with:
>>
>> 5C:03:5F:C1:05
>> 53:00:00:00
>>
>> Assuming that TAG 53 should at least be a properly structured TLV, it
>> is not. Shouldn't it be:
>>
>> 53:02:00:00
>>
>> ?
>>
>>
>
> --
>
>   Douglas E. Engert  <[hidden email]>
>
>
> ------------------------------------------------------------------------------
> Want fast and easy access to all the code in your enterprise? Index and
> search up to 200,000 lines of code with a free copy of Black Duck
> Code Sight - the same software that powers the world's largest code
> search on Ohloh, the Black Duck Open Hub! Try it now.
> http://p.sf.net/sfu/bds
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel



--
Respectfully,

William C Roberts

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: PIV General Auth command example correct

Douglas E Engert


On 7/26/2014 7:55 PM, William Roberts wrote:
> gitgub shows the wiki page for piv-tool as last edited on June 21:

I did edit it yesterday, using IE, and it looked like it did not save the page.
I edited it using Chrome today and it looks better. Please check it out.


>
> https://github.com/OpenSC/OpenSC/wiki/PivTool
>
> The full command should be this then (The length on the apdu was wrong as well):

The length changed because the last two bytes were deleted.

>
> piv-tool -A A:9B:03 -s 00:DB:3F:FF:07:5C:03:5F:C1:05:53:00

>
>
>
> On Sat, Jul 26, 2014 at 5:30 PM, Douglas E Engert <[hidden email]> wrote:
>>
>>
>> On 7/25/2014 5:16 PM, William Roberts wrote:
>>> Is the command given here:
>>>
>>> https://www.opensc-project.org/opensc/wiki/PivTool
>>
>> www.opensc-project.org is out of date.
>>
>> The official wiki is at
>>
>>    https://github.com/OpenSC/OpenSC/wiki
>>
>> The PivTool page has been update. See my previous note.
>>
>>>
>>> piv-tool -A A:9B:03 -s 00:DB:3F:FF:09:5C:03:5F:C1:05:53:00:00:00
>>>
>>> Correctly formated. The NIST docs say the data in the PUT DATA
>>> apdu shall be formated with 2 tags, 5C and 53. So parsing the above we
>>> end up with:
>>>
>>> 5C:03:5F:C1:05
>>> 53:00:00:00
>>>
>>> Assuming that TAG 53 should at least be a properly structured TLV, it
>>> is not. Shouldn't it be:
>>>
>>> 53:02:00:00
>>>
>>> ?
>>>
>>>
>>
>> --
>>
>>    Douglas E. Engert  <[hidden email]>
>>
>>
>> ------------------------------------------------------------------------------
>> Want fast and easy access to all the code in your enterprise? Index and
>> search up to 200,000 lines of code with a free copy of Black Duck
>> Code Sight - the same software that powers the world's largest code
>> search on Ohloh, the Black Duck Open Hub! Try it now.
>> http://p.sf.net/sfu/bds
>> _______________________________________________
>> Opensc-devel mailing list
>> [hidden email]
>> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>
>
>

--

  Douglas E. Engert  <[hidden email]>


------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: PIV General Auth command example correct

William Roberts
On Sun, Jul 27, 2014 at 11:27 AM, Douglas E Engert <[hidden email]> wrote:

>
>
> On 7/26/2014 7:55 PM, William Roberts wrote:
>>
>> gitgub shows the wiki page for piv-tool as last edited on June 21:
>
>
> I did edit it yesterday, using IE, and it looked like it did not save the
> page.
> I edited it using Chrome today and it looks better. Please check it out.

Internet Exploder to the rescue. Looks good now. Thanks!

>
>
>
>>
>> https://github.com/OpenSC/OpenSC/wiki/PivTool
>>
>> The full command should be this then (The length on the apdu was wrong as
>> well):
>
>
> The length changed because the last two bytes were deleted.
>
>
>>
>> piv-tool -A A:9B:03 -s 00:DB:3F:FF:07:5C:03:5F:C1:05:53:00
>
>
>>
>>
>>
>> On Sat, Jul 26, 2014 at 5:30 PM, Douglas E Engert <[hidden email]>
>> wrote:
>>>
>>>
>>>
>>> On 7/25/2014 5:16 PM, William Roberts wrote:
>>>>
>>>> Is the command given here:
>>>>
>>>> https://www.opensc-project.org/opensc/wiki/PivTool
>>>
>>>
>>> www.opensc-project.org is out of date.
>>>
>>> The official wiki is at
>>>
>>>    https://github.com/OpenSC/OpenSC/wiki
>>>
>>> The PivTool page has been update. See my previous note.
>>>
>>>>
>>>> piv-tool -A A:9B:03 -s 00:DB:3F:FF:09:5C:03:5F:C1:05:53:00:00:00
>>>>
>>>> Correctly formated. The NIST docs say the data in the PUT DATA
>>>> apdu shall be formated with 2 tags, 5C and 53. So parsing the above we
>>>> end up with:
>>>>
>>>> 5C:03:5F:C1:05
>>>> 53:00:00:00
>>>>
>>>> Assuming that TAG 53 should at least be a properly structured TLV, it
>>>> is not. Shouldn't it be:
>>>>
>>>> 53:02:00:00
>>>>
>>>> ?
>>>>
>>>>
>>>
>>> --
>>>
>>>    Douglas E. Engert  <[hidden email]>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Want fast and easy access to all the code in your enterprise? Index and
>>> search up to 200,000 lines of code with a free copy of Black Duck
>>> Code Sight - the same software that powers the world's largest code
>>> search on Ohloh, the Black Duck Open Hub! Try it now.
>>> http://p.sf.net/sfu/bds
>>> _______________________________________________
>>> Opensc-devel mailing list
>>> [hidden email]
>>> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>>
>>
>>
>>
>
> --
>
>  Douglas E. Engert  <[hidden email]>
>



--
Respectfully,

William C Roberts

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel