card is permanently locked!

Damien Goutte-Gattat dgouttegattat at incenp.org
Mon Nov 17 17:08:37 CET 2014


On 11/15/2014 07:36 PM, Maxwell Farrior wrote:
> Is there any way to make my card usable? Great thanks for reading.

According to the specification [1], yes, but it involves resetting the
card completely.

Once the card is “permanently blocked” (which is indicated by the fact
that the retry counters for both User and Admin PIN are at zero), it is
possible to send to the card a “TERMINATE DF” command to put it back
into the initialisation state, then a “ACTIVATE FILE” command to reset
all stored values (including PINs) to their default values.

With gpg-agent and scdaemon running, you should be able to do that with
the following commands:

$ gpg-connect-agent
> SCD APDU 00 e6 00 00
> SCD APDU 00 44 00 00
> /bye

Disclaimer: I’ve never actually tried that, but that’s what I would do
in such a case after reading the specs. I guess that with a “permanently
blocked” card, one does not have much to lose…


[1] http://g10code.com/docs/openpgp-card-2.0.pdf


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20141117/283ba7da/attachment.sig>


More information about the Gnupg-users mailing list