On 8/29/2013 4:23 AM, Kwan Hon Luen wrote:
I am sorry folks, but I gave the wrong links in the previous email.
The right link is as :
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp639.pdf
Although the document is said as Oberthur V5 card, but the Applet v2.6.2B is
correct.
You say you are trying to verify a 16 character PIN.
But which PIN? Section 5.5 Table 2 says the CSC uses secure channel.
The card holder PIN does not, buts implies the ISO7816 the "VERIFY"
operation.
Section 9.4 says PIN (user I assume) can be between 6 and 256 digits
or between 4 and 256 characters or digits.
So the assumption is the PIN is sent as ASCII representation of the digit
or characters, which are usually padded with 0xFF
Section 9.5 says the user pin is zeroed, which on some cards I have seen
this means all are 0x00, rather then 0x30 the ascii 0.
Section 10.4 says the "Card Holder Service" PIN "Execute (Verify CHV)"
This implies this is a standard ISO7816 Verify command.
*BUT* I don't see where it sets sets the length of the pin,
or how to read from the card what the length of the PIN should be.
How do you know the PIN length is 16?
Do you have a card to test with, and you know the PIN?
(Or how to reset the user PIN if you make too many false
attempts.)
The most likely command using ISO7816 Verify would be with a 12
character password of Abcd012345678 padded with 4 0xFF
00 20 80 0f 41 62 63 64 30 31 32 33 34 35 36 37 38 FF FF FF FF
--
The 80 says to use the application or "DF" reference data.
If the Global PIN was used, it would be 00
A return of the 90 00 is success.
a return of 63 Cx indicates you have x number of retries
before the PIN is locked.
On Thu, Aug 29, 2013 at 5:19 PM, Kwan Hon Luen <[email protected]
<mailto:[email protected]>> wrote:
It's not a PIV card but an Oberthur V7 card using ActivIdentity applet
v2.6.2B which can be found at :
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp880.pdf
On Wed, Aug 28, 2013 at 7:43 PM, Kwan Hon Luen <[email protected]
<mailto:[email protected]>> wrote:
Am trying to verify an Oberthur v7 card with ActivIdentity applet
v2.6.2b with a 16 character PIN. How does the payload of the 16 char PIN look
like?
Thanks.
_______________________________________________
Muscle mailing list
[email protected]
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
--
Douglas E. Engert <[email protected]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
Muscle mailing list
[email protected]
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
