[PATCH] scd: Improve KDF-DO support
Arnaud Fontaine
arnaud.fontaine at ssi.gouv.fr
Thu Feb 8 19:03:08 CET 2018
I think adding some examples is a good idea to clarify ambiguous
sentences such as the one I have quoted.
So no encapsulating tag in the response, only the child ones. Correct ?
@Yutaka
If this is correct, the following patch is enough to trigger the
KDF_ITERSALTED_S2K only when needed.
Cheers
--
Arnaud Fontaine
Le 08/02/2018 à 18:19, Achim Pietig a écrit :
> Hi,
>
> this is a common missunderstandig how data objects are read or written.
>
> The leading Tag (like 65 or F9) is the the index under what the data object is stored in the card.
> This Tag is used to address the content of the DO within commands like Get Data or Put Data in the P1P2 bytes.
> The data field or response field only contains the values of these DOs.
> In case of a simple DO it is a single value, in case of a constructed DO the child-DOs with Tag/Lenght/Value (TLV).
>
> "Constructed DOs (C, marked yellow) are returned including their tag and length" means the content of the DO, for constructed DOs a concatenation of all child DOs.
> The main Tag (in P1P2) is never used/given/returned in the data field of the commands.
>
> In the nearest future I will launch an update of the V3.3 specification with examples for all commands (no technical changes, only for better understanding).
>
> Regards
> Achim Pietig
>
>
> Am 08.02.2018 um 09:35 schrieb Arnaud Fontaine:
>> Hello,
>>
>> the specification (section 4.4.1, page 22, in v3.3) says:
>> "Constructed DOs (C, marked yellow) are returned including their tag and
>> length"
>> and in the same section, page 25, F9 (KDF-DO) in marked as a constructed
>> DO, "format C".
>>
>> So, from my understanding of these elements, the KDF-DO must be returned
>> with its tag and length.
>>
>> Cheers
>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix_kdf_do.patch
Type: text/x-patch
Size: 510 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180208/4a8a46d6/attachment-0001.bin>
More information about the Gnupg-devel
mailing list