[PATCH] scd: Improve KDF-DO support

Achim Pietig achim at pietig.com
Thu Feb 8 18:19:44 CET 2018


this is a common missunderstandig how data objects are read or written.

The leading Tag (like 65 or F9) is the the index under what the data object is stored in the card.
This Tag is used to address the content of the DO within commands like Get Data or Put Data in the P1P2 bytes.
The data field or response field only contains the values of these DOs.
In case of a simple DO it is a single value, in case of a constructed DO the child-DOs with Tag/Lenght/Value (TLV).

"Constructed DOs (C, marked yellow) are returned including their tag and length" means the content of the DO, for constructed DOs a concatenation of all child DOs.
The main Tag (in P1P2) is never used/given/returned in the data field of the commands.

In the nearest future I will launch an update of the V3.3 specification with examples for all commands (no technical changes, only for better understanding).

Achim Pietig

Am 08.02.2018 um 09:35 schrieb Arnaud Fontaine:
> Hello,
> the specification (section 4.4.1, page 22, in v3.3) says:
> "Constructed DOs (C, marked yellow) are returned including their tag and
> length"
> and in the same section, page 25, F9 (KDF-DO) in marked as a constructed
> DO, "format C".
> So, from my understanding of these elements, the KDF-DO must be returned
> with its tag and length.
> Cheers

More information about the Gnupg-devel mailing list