tux.tsndcb at free
Sep 25, 2009, 3:42 AM
Post #4 of 4
(908 views)
Permalink
|
Hi Werner,
Your help is a pleasure, thanks you very much, it works fine.
Best Regars.
----- Mail Original -----
De: "Werner Koch" <wk [at] gnupg>
À: "tux tsndcb" <tux.tsndcb [at] free>
Cc: gnupg-users [at] gnupg
Envoyé: Vendredi 25 Septembre 2009 11h48:36 GMT +01:00 Amsterdam / Berlin / Berne / Rome / Stockholm / Vienne
Objet: Re: How to reset a smartcard ?
On Fri, 25 Sep 2009 10:33, tux.tsndcb [at] free said:
> No body has an idea to "reset" a smartcard as factory settings ? I think it is possible, but I don't know how to do that.
If you have a version 2 card, this is possible.
WARNING: Don't run the commands given below on version 1 cards - you
will brick the card.
1. First you have to lock the PIN by decremeting the retry counters. I
do it this way:
$ gpg-connect-agent --hex
> scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
D[0000] 69 82 i.
OK
> scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
D[0000] 69 82 i.
OK
> scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
D[0000] 69 82 i.
OK
> scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
D[0000] 69 83 i.
> scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
D[0000] 69 82 i.
OK
> scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
D[0000] 69 82 i.
OK
> scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
D[0000] 69 83 i.
The status code 6983 says that the PIN is locked. I use a PIN of
"@@@@@@@@" which is very likey invalid.
2. You terminate the card and activate it again:
> scd apdu 00 e6 00 00
D[0000] 90 00 ..
OK
> scd apdu 00 44 00 00
D[0000] 90 00 ..
OK
> bye
OK closing connection
>
Remove the card and insert it again. That's all. gpg --card-status
shows a fresh card.
To make things easier you may send the lines below as input to
gpg-connect-agent (store them in a file and run "gpg-connect-agent < FILE").
======
/hex
scd serialno
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 e6 00 00
scd apdu 00 44 00 00
/echo card has been reset to factory defaults
=====
gpg-connect-agent has a complete scripting language, you may use it to
write a more robust script with error checking etc.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users
|
