1 Contents

1 1 Contents
2 2 Overview
3 3 Key Injection Command
- 3.1 3.1.1 ASN.1 Format
- 3.2 3.1.2 Example Command - Inject Symmetric Key
  - 3.2.1 3.1.2.1 Complete APDU
- 3.3 3.1.3 Example Command - Inject Asymmetric Key
  - 3.3.1 3.1.3.1 Complete APDU Chain

2 Overview

The PIV standard defines commands to write data objects, generate asymmetric keys and change PIN values. It does not however define any administrative mechanism to inject key values. This is always necessary for symmetric keys (such as 9B and optionally 9E), but only required for asymmetric keys (9A, 9C, 9D, 9E and retired keys) if they have been generated off-card (i.e. inside a HSM).

OpenFIPS201 supports key injection to address this need, as well as securely configuring default PIN/PUK values.

OpenFIPS201 does not provide any capability to export any generated OR injected key values. This cannot be enabled by feature and will not be supported now or in the future.

3 Key Injection Command

This command is the equivalent of the CHANGE REFERENCE DATA command APDU, however it is intended to operate on key references that are NOT listed in SP800-73-4.

The main differences to CHANGE REFERENCE DATA are:

It supports updating any key reference that is not covered by CHANGE REFERENCE DATA already
The command will only work under a Secure Channel Protocol session with the CENC and CMAC options set
It does NOT require the old value to be supplied in order to change a key
It also supports updating the PIN/PUK values without requiring knowledge of the old value (The value of P1 does is ignored for PIN/PUK updates)
The APDU supports command chaining for large key values

The data content for this command depends on whether you are updating a PIN or a KEY reference.

For PIN/PUK references, the data simply contains the new value only.
For KEY references, the data contains a BER-TLV formatted ASN.1 object.

3.1.1 ASN.1 Format

Command format information can be found on the Appendix - ASN.1 Schema.

OpenFIPS201_CHANGE_REFERENCE_DATA_ADMIN_Schema DEFINITIONS IMPLICIT TAGS ::= 
BEGIN

ChangeReferenceDataKeyRequest ::= SEQUENCE {
	element CHOICE	{
		key		[0] OCTET STRING (SIZE(16..32)),
		rsaN	[1] OCTET STRING (SIZE(128..256)),
		rsaE	[2] OCTET STRING (SIZE(3)),
		rsaP	[3] OCTET STRING (SIZE(128..256)),
		rsaQ	[4] OCTET STRING (SIZE(64..128)),
		rsaDP	[5] OCTET STRING (SIZE(64..128)),
		rsaDQ	[6] OCTET STRING (SIZE(64..128)),
		rsaPQ	[7] OCTET STRING (SIZE(64..128)),
		eccW	[8] OCTET STRING (SIZE(32..48)),
		eccS	[9] OCTET STRING (SIZE(32..48)),
		smCVC	[10] OCTET STRING (SIZE(1..256))
	}
}

END

Each element represents a distinct part of a key and is described as follows:

key - A single-part symmetric key value (i.e. AES, TDEA)
rsaN - The modulus part of an RSA key-pair
rsaE - The public exponent part of an RSA key-pair
rsaD - The private exponent part of an RSA key-pair
rsaP - RFU - The prime exponent P part of an RSA key-pair (CRT mode only)
rsaQ - RFU - The prime exponent Q part of an RSA key-pair (CRT mode only)
rsaDP - RFU - The D mod P - 1 part of an RSA key-pair (CRT mode only)
rsaDQ - RFU - The D mod Q - 1 part of an RSA key-pair (CRT mode only)
rsaPQ - RFU - The Inverse Q part of an RSA key-pair (CRT mode only)
eccW - The curve point part of an ECC key-pair
eccS - The secret key part of an RSA key-pair
smCVC - The card verifiable certificate component of a Secure Messaging key
smCVCHash - The left-most 8 bytes of the SHA-256 of the card verifiable certificate component of a Secure Messaging key

3.1.2 Example Command - Inject Symmetric Key

The following shows an example APDU, which updates a symmetric key value with id '9B' (administrative key) and mechanism '03' (TDEA192).

    30 20 	# ASN.1 Sequence and Length
    80 18 	# 'key' element with length 24
       10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 22 23 24 25 26 27	# key value

3.1.2.1 Complete APDU

0024039B1C301A8018101112131415161718191A1B1C1D1E1F2021222324252627

3.1.3 Example Command - Inject Asymmetric Key

The following shows an example APDU sequence, which updates an asymmetric key value with id '9A' (PIV Authentication Key) and mechanism '07' (RSA2048). This example demonstrates the 'public modulus' element (rsaN) being updated.

   30 82 01 04  # ASN.1 Sequence and Length
   81 82 01 00  # 'rsaN' element with length 256 
      A0 48 48 91 B9 5A 13 CB 95 1C 59 2B 68 93 A2 FD 98 8E 8E CB A6 FB E0 F0 1A EE 35 6D BC 8E E9 47 
      65 04 72 EA 9B 9E 88 EE 95 37 24 B0 E1 33 24 CC 46 0C F3 8F 47 6B AD C2 09 D4 00 8C 42 4D A9 D5 
      F0 27 02 1D 37 6E C3 5B 5F B7 6C F4 2C 88 CE BB DB 68 4D 97 0F 12 CC D6 48 D1 75 87 30 D9 3B CF 
      D8 79 52 63 5B 72 19 77 BB 5A F8 14 6F A5 68 27 30 FF 66 2A 83 2E B8 1B 2A F4 0C 17 EE 05 B6 91 
      99 C5 F3 EC C3 64 DE CB 5B 05 B1 03 9E 8F A4 E4 B2 E6 75 49 49 43 26 18 CC 70 20 34 AF 41 1D 80 
      D4 78 84 2D C9 ED 84 BE EE 65 8A D5 70 E0 60 39 B2 D3 5B BB 12 0F A2 CF B1 34 82 59 2A 18 1F 68 
      A1 D1 8C 81 50 1D DD 20 9D 20 17 61 6E A3 BD 8A 3E D3 7C 1C E4 8A 5A D5 E2 3E 0A 4D 79 3D 21 30 
      FB 02 CB E8 D9 98 EF BC 25 B6 12 63 D5 8F 44 FE EB C3 6A 33 6F 69 1F 6E FA BC 48 84 80 39 4C 59

3.1.3.1 Complete APDU Chain

APDU 1/2:
1024079AEF3082010481820100A0484891B95A13CB951C592B6893A2FD988E8E
CBA6FBE0F01AEE356DBC8EE947650472EA9B9E88EE953724B0E13324CC460CF3
8F476BADC209D4008C424DA9D5F027021D376EC35B5FB76CF42C88CEBBDB684D
970F12CCD648D1758730D93BCFD87952635B721977BB5AF8146FA5682730FF66
2A832EB81B2AF40C17EE05B69199C5F3ECC364DECB5B05B1039E8FA4E4B2E675
4949432618CC702034AF411D80D478842DC9ED84BEEE658AD570E06039B2D35B
BB120FA2CFB13482592A181F68A1D18C81501DDD209D2017616EA3BD8A3ED37C
1CE48A5AD5E23E0A4D793D2130FB02CBE8D998EF

APDU 2/2:
0024079A19BC25B61263D58F44FEEBC36A336F691F6EFABC488480394C59

OpenFIPS201 Documentation

Applet Security Personalisation