This content has been marked as final. Show 2 replies
Can you clarify which security domain key you want to send to the card?
It is mentioned in Global Platform card spec 2.1.1 (section 220.127.116.11.3) that it's possible to use PUT KEY command to send RSA private key:
and the Tag values for Private key components are mention in section 9.1.6:
When using this command to load or replace secret or private keys, the key values shall be encrypted and the reference of the encrypting key and algorithm to be used is known implicitly according to the current context. Public key values may be presented in clear text.
I have used DEK key for encrypting private key in order to send it as an encrypted value to card:
'A2' RSA Private Key - modulus N component 'A3' RSA Private Key - private exponent d component 'A4' RSA Private Key - Chinese Remainder P component 'A5' RSA Private Key - Chinese Remainder Q component 'A6' RSA Private Key - Chinese Remainder PQ component 'A7' RSA Private Key - Chinese Remainder DP1 component 'A8' RSA Private Key - Chinese Remainder DQ1 component
but unfortunately the card returns 6A80. I dont know what I'm doing wrong.
The data encryption key (DEK) for decrypting sensitive data, e.g. secret or private keys. This key is a double length DES key and is used as a static key.
It would be really appreciated if you help me in this issue...