PUT KEY / CONFIGURATION
Command Description
The PUT KEY/CONFIGURATION command is used to store/update the OATH key, as well as the OATH configuration.
It can also be used to clear the OATH key and OATH configuration.
The keys can have any length up to 128 bytes.
Instance: OATH
Access Condition: PIN, see VERIFY PIN for PIN authentication
Command Message
The following table lists the coding for the PUT KEY/CONFIGURATION command message.
|
CLA |
80h |
|
INS |
D8h |
|
P1 |
Reference Control Parameter P1, see Reference Control Parameter P1 |
|
P2 |
00h |
|
Lc |
Data Field Length |
|
Data Field |
Key/Configuration Data, see Data Field Sent in the Command Message |
|
Le |
Empty |
Reference Control Parameter P1
The Reference control parameter P1 of the PUT KEY/CONFIGURATION command message defines the type of data to be updated: key or configuration.
P1 definition for PUT KEY/CONFIGURATION command
| b7 | b6 | b5 | b4 | b3 | b2 | b1 | b0 | Meaning |
|---|---|---|---|---|---|---|---|---|
|
X |
0 |
0 |
0 |
0 |
1 |
0 |
0 |
OATH key |
|
X |
0 |
0 |
0 |
0 |
1 |
0 |
1 |
OATH Configuration |
Data Field Sent in the Command Message
The following tables list the coding for the PUT KEY/CONFIGURATION command message.
Coding of the Data Field for PUT KEY (when P1=04h)
| Length | Description | |||
|---|---|---|---|---|
|
01h |
00h (RFU) |
|||
|
01h |
00h |
|||
|
01h-02h |
Length of Key Data Value:
|
|||
| 01h-02h |
Length of the following real Key (BER-TLV format):
|
Key data value |
||
|
xxh |
Key value |
|||
|
01h |
00h |
|||
Coding of the Data Field for PUT CONFIGURATION (when P1=05h)
| Length | Description | Applies to | |
|---|---|---|---|
|
01h |
00h (RFU) |
|
|
|
01h |
00h |
|
|
|
01h |
Length of Configuration Data Value; must be 0 bytes if the corresponding configuration is to be removed |
|
|
| 01h | Length of the following real Configuration |
C
O
N
F
I
G
U
R
A
T
I
O
N
D
A
T
A
V
A
L
U
E
|
|
|
08h |
Counter Value in hexadecimal |
HOTP, OCRA |
|
|
01h |
OATH Mode:
|
HOTP, TOTP, OCRA |
|
|
01h |
Algo: Algorithm to be used for the HMAC computation
|
HOTP, TOTP, OCRA |
|
|
01h |
CodeDigits: number of digits in the OTP, not including the checksum, if any:
(Default: 6) |
HOTP, TOTP, OCRA |
|
|
01h |
addChecksum: 00h |
HOTP, TOTP, OCRA |
|
|
01h |
truncationOffset:
|
HOTP, TOTP, OCRA |
|
|
01h |
TimeStep in TimestepUnit: 1 to 60 for seconds / minutes Must not be null in TOTP mode |
TOTP, OCRA |
|
|
01h |
TimestepUnit: Timestep unit (seconds, minutes, hours):
|
TOTP, OCRA |
|
|
04h |
T0: Start Time : 00000000h |
TOTP |
|
|
01h |
UseCounter: Indicates whether the Counter is to be used in OCRA Suite:
(Default 0) |
OCRA |
|
|
01h |
UseTime: Indicates whether the Time is to be used in OCRA Suite:
(Default 0) |
OCRA |
|
|
01h |
UseP: Indicates whether the PIN/Password is to be used in OCRA Suite:
(Default 0) |
OCRA |
|
|
01h |
UseS: Indicates whether the Session Information are to be used in OCRA Suite and what is their size:
(Default 0) |
OCRA |
|
|
01h |
QFormat: Indicates the format of the challenge:
(Default 0) |
OCRA |
|
|
01h |
QMaxLen: Indicates the maximum length of the challenge: [4-64] (Default 6) |
OCRA |
|
|
[01h, 40h] |
Display Name. Encoding managed by the application |
HOTP, TOTP, OCRA |
|
| 01h | 00h | ||
Response Message
Data Field Returned in the Response Message
The response message is always empty.
Processing State Returned in the Response Message
The following table lists the processing state returned in the response message.
| Status | Meaning |
|---|---|
|
6A80h |
Invalid Data Field (invalid key algorithm, invalid Key/Configuration data length) Key Length should be >=1h and <=80h, Configuration Data Length should be equal to 19h + Friendly name length |
|
6A86h |
Invalid P1/P2 value |
|
6982h |
Access condition not satisfied: the PIN has not been authenticated |
|
9000h |
Successful Execution |
