Resetting an OpenPGP smart card "bricks" it

[Chris Boot]

On 12/03/14 15:21, Peter Lebbing wrote:
> On 2014-03-12 14:54, Werner Koch wrote:
>> pcsclite should have tool to send APDUs to a card.  My old gscutils card
>> tools have been replaced by scdaemon's APDU command.  You may find them
>> somewhere but using the tools from pcsc should be easier.
> 
> Back in January, in a similar situation, I found[1] someone had written
> a little python script[2] to send the APDU's. If the smartcard isn't
> pleased by the order of the two APDU's, try them in reverse order (the
> code is easy to read).
> 
> HTH,
> 
> Peter.
> 
> [1] http://lists.gnupg.org/pipermail/gnupg-users/2014-January/048836.html
> [2] http://lists.gnupg.org/pipermail/gnupg-devel/2013-March/027518.html

Peter,

THANK YOU! Your pointers helped me recover both cards.

I didn't use the Python script at [2], but I sent the two APDUs that it
sends to the cards using 'scriptor', which recovered them. Unfortunately
I closed the window shortly after celebrating so I don't have the exact
transcript of the session, but it looked something like:

  $ scriptor
  No reader given: using Gemalto USB Shell Token V2 (D4182110) 00 00
  Using T=1 protocol
  Reading commands from STDIN
  00 a4 04 00 06 d2 76 00 01 24 01
  > 00 a4 04 00 06 d2 76 00 01 24 01
  < XX YY : {{ NVRAM not changed }}
  00 44 00 00
  > 00 44 00 00
  < 90 00 : Normal processing.

Note the line that says XX YY and NVRAM not changed is from memory; I
remember it saying about the NVRAM having _not_ being changed, but it
worked anyway. I really wish I hadn't fat-fingered my terminal and
closed it.

For others following this thread, 'scriptor' is in the pcsc-tools
package in Debian, and seems to be a pretty neat if scary tool for
sending raw ADPUs to smart cards.

Thanks again Peter for pointing me at that Python script.

Cheers,
Chris

-- 
Chris Boot
bootc at bootc.net