3 Replies Latest reply: Nov 12, 2012 6:34 PM by safarmer RSS

    Append Record command


      I have PKCS#15 Java Card with JCOP PKI Applet 2.4. My goal is to create Data Object with APDU commands. To do this I think first I have to create the record in EF. So I did this
      ResponseAPDU append_dodf_record = ch.transmit( new CommandAPDU(0x00, 0xE2, 0x00, 0x00, new byte [] {0x01, 0x2c, 0x30, 0x2a, 0x30, 0x0c, 0x0c, 0x06, 0x49, 0x64, 0x4c, 0x69, 0x6e, 0x6b, 0x03, 0x02, 0x06, (byte)0xc0, 0x30, 0x07, 0x0c, 0x05, 0x42, 0x47, 0x65, 0x49, 0x44, (byte)0xa1, 0x11, 0x30, 0x0f, 0x04, 0x06, 0x3f, 0x00, 0x50, 0x15, 0x57, 0x01, 0x02, 0x01, 0x00, (byte)0x80, 0x02, 0x02, 0x4f}) );
      // the info I have for data is - recordData (TLV: logicalRecordNumber || dataLen (1 byte) || data)
      // get error SW=6A80 - Wrong Data
      The whole Data array I got it from reading an record from another card, so I thought the fields are the same. I coudn't create It by my self because I don't know the tag fields! Where can I find explanation of these fields? I checked GlobalPlatform CardSpec v.221 and ISO7816 part4, but could not find these fields.
        • 1. Re: Append Record command
          Here is what I have figured out about DODF record structure:
          01 2c                    - first byte is sequence number, second is size
            30 2a
              30 0c
               0c 06
                  49 64 4c 69 6e 6b     - application label
               03 02 06 c0           - UNKNOWN, last byte - c0 for PIN, 40 without PIN. But what value should I use if I want PIN2(c1?)?
                              What is 0x06? I guess 0x02 is size
              30 07 
                0c 05
                  42 47 65 49 44     - alternative label
              a1 11 
               30 0f
                 04 06
                    3f 00 50 15 57 01     - path to data object file
                 02 01 00               - UNKNOWN
                 80 02 02 4f                - size of object (HI LO or only LO)
          Does someone know the two UNKNOWN tags?
          Thank you
          • 2. Re: Append Record command
            I found the problem. It is because I have to use UPDATE RECORD instead APPEND. The first two bytes in DODF records are 0x00 0x00 so UPDATE record should be used.
            It can be used APPEND, but the record logical number should be incremented. In this way we will have unused space in DODF(object directory file) !

            Still, the question about record structure tags is open!
            • 3. Re: Append Record command
              Have you been through the PKCS#15 spec[1]? Section 6.7 describes the data objects. I have not been through it in enough detail to know what you are looking for though.

              - Shane

              [1] ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-15/pkcs-15v1_1.pdf