On Feb 22, 2011, at 9:20 AM, Toni Sjoblom - Aventra wrote: > Hi, > >> -----Original Message----- >> From: opensc-devel-boun...@lists.opensc-project.org > [mailto:opensc-devel-boun...@lists.opensc-project.org] On Behalf Of Andreas > Jellinghaus >> >> not sure about athena, but many cards return the number >> of tries left, when you try to VERIFY a PIN. so if the >> PIN is wrong, the lower byte or nibble of the return code >> could be the number of tries left, and you can generate >> a messagebox from that. > > This is also how the MyEID card works. For MyEID if you only want to know > the remaining PIN trials without trying a PIN, > then use the VERIFY command without any PIN code. > > The response codes are: > 0x9000 Verification successful and/or no AC acquired > 0x6985 PIN locked – CONDITIONS NOT SATISFIED > 0x6983 Verification failed and no number of retries left PIN blocked. > 0x63CX Verification failed and X number of retries left.
Actually this is the ISO standard (remaining tries check with an empty PIN block), but unfortunately not supported by all cards (or all readers, which deal with interpreting VERIFY APDU-s) I've also seen cards that don't reveal the remaining PIN tries with 0x63CX. Looking card card-asepcos.c, the driver does support returning the remaining PIN tries [1] , I'd assume it also replies with the proper "method blocked" SW, but I don't have the card at hand to test. Brian, if you could provide the APDU log with the problematic place (PIN verification not returning the correct error code) would be great. [1] http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/card-asepcos.c#L1101 -- @MartinPaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
