SELECT

CLA

00h

INS

A4h

P1

04h (select by name)

P2

00h

Lc

Length of AID

Data Field

AID to select

• AID for ACA instance is A0000000791000
• AID for PIV instance is A000000308000010000100
• AID for HID Crescendo Key OATH instances are:
  • A0000000792300 (Default OATH HOTP slot)
  • A0000000792301
  • A0000000792302

Le

00h

01h

6Fh

Tag: FCI template

01h

4 + AID Length + Proprietary Data Length

Length (BER-TLV format)

01h

84h

Tag: Security Domain Name

01h

07h

AID Length

Variable

A0000000791000

Instance AID Value

01h

A5h

Tag: Proprietary Data

01h

07h

Proprietary Data Length (BER-TLV format)

01h

01h

Applet Version Tag

01h

05h

Applet Version Length

01h

10h

Applet Family

04h

Applet Version: 03h 00h 03h xxh

Applet Version Information,
for instance: 03000301 for 3.0.3 build 1

01h

61h

Tag: Application Property template

01h

2Ah + AID Length

Application Property Template Length

01h

4Fh

Tag: Application identifier

01h

0Bh

AID Length

Variable

A000000308000010000100

Instance AID Value

01h

79h

Tag: Coexistent Tag Allocation Authority

01h

07h

Coexistent Tag Allocation Authority Length

01h

4Fh

Tag : Application Identifier

01h

05h

RID Length

01h

A000000308

Application Instance RID

01h

50h

Tag Application Label

01h

1Dh

Application Label Length

1Dh

Application Label in ASCII characters

Application Label

01h

6Fh

Tag: FCI template

01h

4 + AID Length + Proprietary Data Length

Length (BER-TLV format)

01h

84h

Tag: Application AID (DF Name)

01h

AID Length

AID Length

Variable

AID

AID Value

01h

A5h

Tag: Proprietary Data

01h

Proprietary Data Length

Proprietary Data Length (BER-TLV format)

01h

01h

Applet Version Tag

01h

05h

Applet Version Length

01h

23h

Applet Family

04h

Applet Version

Applet Version Information

01h

26h

Communication Media Tag

01h

02h

Communication Media Length

01h

• 01h: contact mode only
• 03h: contact and contactless

Administrative Communication Media Value

01h

• 01h: contact mode only
• 03h: contact and contactless

Usage Communication Media Value

01h

4Ah

OATH Key Properties Tag

01h

17h

OATH Key Properties Length

01h

Key Length in bytes

Key Length in bytes

01h

• 00h: not initialized

• 01h: initialized

Key Initialization status

08h

XXXXXXXXXXXXXXXX

Counter Value in hexadecimal

(0000000000000000 when uninitialized)

01h

• 00h: HOTP
• 11h: TOTP
• 22h: OCRA

OATH Mode

01h

• 00h: SHA-1

• 01h: SHA-256

• 02h: SHA-512

Algorithm

01h

6, 8

CodeDigits

01h

0

RFU

01h

10h: dynamic truncation

truncationOffset

01h

0

TimeStep in TimestepUnit

01h

0

TimestepUnit: Timestep unit (seconds, minutes, hours)

01h

• 00h if Counter not used
• 01h if Counter used

UseCounter: Indicates whether the Counter is to be used in OCRA Suite

01h

• 00h if Time not used
• 01h if Time used

UseTime: Indicates whether the Time is to be used in OCRA Suite

01h

• 00h if PIN/Password not used
• 01h if PIN/Password used with P parameter (in this case, the PIN is hashed with SHA-1 algorithm)
• 02h if PIN/Password used with PSHA256 parameter
• 03h if PIN/Password used with PSHA512 parameter

UseP: Indicates whether the PIN/Password is to be used in OCRA Suite

01h

• 00h if Session Information not used
• 01h if 64-byte session used with S parameter
• 02h if 64-byte session Information used with S-064 parameter
• 03h if 128-byte session Information used with S128 parameter
• 04h if 256-byte session Information used with S256 parameter
• 05h if 512-byte session Information used with S512 parameter

UseS: Indicates whether the Session Information is to be used in OCRA Suite and what size it is

01h

• 00h for Alphanumeric
• 01h for Numeric
• 02h for Hexadecimal

QFormat: Indicates the format of the challenge, used in OCRA case only

01h

[4..64]

QMaxLen: Indicates the maximum length of the challenge, used in OCRA case only

01

4Ch

Friendly Name Tag (present once initialized)

01

XXh

Friendly Name Length

XXh

XXXXXX

Friendly Name

9000h

Command succeeds, no more data to get