FCI response in SELECT

46 views
Skip to first unread message

Kim O'Sullivan

unread,
Apr 6, 2022, 8:06:57 AM4/6/22
to piv-test-cards
Hi David,

I'm the lead author of OpenFIPS201, an open source implementation of the PIV card application. 

I'm trying to get clarity around the FCI response to the SELECT command from the NIST test cards, specifically around the AC tag(s). The wording in SP800-73-4 (3.1.1) says a few things that suggests the AC tag should describe all supported cryptographic mechanisms (but only one of the PIV SM mechanisms allowed if you support it). This has led us to code it as follows:
  AC 1E 80 01 00 80 01 03 80 01 08 80 01 0A 80 01 0C 80 01 06 80 01 07 80 01 11 80 01 14
But this is not reflected in the test cards, which only show one mechanism:
AC 06 80 01 27 06 01 00

The wording in SP800-73-4 is:
A PIV Card Application may use a subset of the cryptographic algorithms defined in SP 800-78. Tag 0xAC encodes the cryptographic algorithms supported by the PIV Card Application. The encoding of tag 0xAC shall be as specified in Table 5. Each instance of tag 0x80 shall encapsulate one algorithm. The presence of algorithm identifier '27' or '2E' indicates that the corresponding cipher suite is supported by the PIV Card Application for secure messaging and that the PIV Card Application possesses a PIV Secure Messaging key of the appropriate size for the specified cipher suite. Tag 0xAC shall be present and indicate algorithm identifier 0x27 or 0x2E (but not both) when the PIV Card Application supports secure messaging.

The above could be interpreted as saying that all supported mechanisms should be in a single 'AC' tag, with multiple '80' tags defined for each mechanism.  This doesn't square with ISO 7816 9.2 and I should have spotted this, but for clarity I have a few questions.
  1. Could I confirm that the presence of the AC tag in the PIV FCI should be conforming to the definition in ISO 7816-4 9.2? i.e. multiple AC tags in the FCI with one 80/06 tag pair each.
  2. Is it the intention of PIV to list all supported mechanisms (i.e. RSA2048/ECC256/TDEA/AES128/etc in the FCI, or just the relevant Secure Messaging one? 
  3. The AC tag is marked as conditional. Is it correct to interpret this as:
    • "You may use it any time, but you must use it if you support PIV Secure Messaging"; or 
    • "You only use the AC tag if you support PIV Secure Messaging"?
Thanks,
Kim
Reply all
Reply to author
Forward
0 new messages