fix: Data object passed to PUT DATA command is an unstructured byte s…

…equence not a constructed object Signed-off-by: Steffen Vogel <[email protected]>
cunicu · Dec 9, 2024 · b4a3ca1 · b4a3ca1
1 parent 4021198
commit b4a3ca1
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 7 deletions.
diff --git a/cert.go b/cert.go
@@ -52,14 +52,19 @@ func (c *Card) SetCertificate(key ManagementKey, slot Slot, cert *x509.Certifica
 		return fmt.Errorf("failed to authenticate with management key: %w", err)
 	}
 
+	// https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-73-4.pdf#page=40
+	certData, err := tlv.EncodeBER(
+		tlv.New(tagCertificate, cert.Raw),
+		tlv.New(tagCertInfo, 0x00), // "for a certificate encoded in uncompressed form CertInfo shall be 0x00"
+		tlv.New(tagErrorDetectionCode),
+	)
+	if err != nil {
+		return err
+	}
+
 	if _, err := sendTLV(c.tx, insPutData, 0x3f, 0xff,
 		slot.Object.TagValue(),
-		tlv.New(0x53,
-			// https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-73-4.pdf#page=40
-			tlv.New(tagCertificate, cert.Raw),
-			tlv.New(tagCertInfo, 0x00), // "for a certificate encoded in uncompressed form CertInfo shall be 0x00"
-			tlv.New(tagErrorDetectionCode),
-		),
+		tlv.New(0x53, certData),
 	); err != nil {
 		return fmt.Errorf("failed to execute command: %w", err)
 	}

diff --git a/pin_protected.go b/pin_protected.go
@@ -115,9 +115,14 @@ func (c *Card) SetPinProtectedData(key ManagementKey, ppd *PinProtectedData) err
 		return fmt.Errorf("failed to authenticate with key: %w", err)
 	}
 
+	ppdData, err := tlv.EncodeBER(ppd.TagValues...)
+	if err != nil {
+		return err
+	}
+
 	if _, err := sendTLV(c.tx, insPutData, 0x3f, 0xff,
 		doPrinted.TagValue(),
-		tlv.New(0x53, ppd.TagValues),
+		tlv.New(0x53, ppdData),
 	); err != nil {
 		return fmt.Errorf("failed to execute command: %w", err)
 	}