Change reference data

Command APDU Info

CLA INS P1 P2 Lc Data Le
00 24 00 80 10 current PIN and new PIN (absent)
00 24 00 81 10 current PUK and new PUK (absent)

Which element to change is given in the P2 field of the APDU and the current and new data (old and new PIN or PUK) are given in the data field. The data is simply the two values concatenated.

Both the PIN and PUK are allowed to be 6 to 8 characters, but if one is less than 8, it will be padded with 0xff. For example, the default PIN is "123456", but on the device, it is represented as 31 32 33 34 34 36 FF FF.

The data is therefore 16 bytes, current value (possibly padded) followed by the new value (possibly padded).

Response APDU Info

Response APDU for CHANGE REFERENCE DATA (success)

Total Length: 2
Data Length: 0

Data SW1 SW2
(no data) 90 00

Response APDU for CHANGE REFERENCE DATA (invalid current PIN or PUK)

Total Length: 2
Data Length: 0

Data SW1 SW2
(no data) 63 C2

If the PIN entered is incorrect, then the error is 63 CX where X is the number of retries remaining. In the above, there are 2 retries remaining.

Response APDU for CHANGE REFERENCE DATA (PIN or PUK Blocked)

Total Length: 2
Data Length: 0

Data SW1 SW2
(no data) 69 83

The PIN or PUK entered might or might not be correct, however, authentication was denied because the number of retries have been exhausted.

Examples

$ opensc-tool -c default -s 00:a4:04:00:09:a0:00:00:03:08:00:00:10:00
  -s 00:24:00:80:10:31:32:33:34:35:36:ff:ff:36:35:34:33:32:31:ff:ff
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID 0
Sending: 00 A4 04 00 09 A0 00 00 03 08 00 00 10 00
Received (SW1=0x90, SW2=0x00):
61 11 4F 06 00 00 10 00 01 00 79 07 4F 05 A0 00
00 03 08
Sending: 00 24 00 80 10 31 32 33 34 35 36 FF FF 36 35 34 33 32 31 FF FF
Received (SW1=0x90, SW2=0x00)

$ opensc-tool -c default -s 00:a4:04:00:09:a0:00:00:03:08:00:00:10:00
   -s 00:24:00:81:10:31:32:33:34:35:36:37:38:38:37:36:35:34:33:32:31
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID 0
Sending: 00 A4 04 00 09 A0 00 00 03 08 00 00 10 00
Received (SW1=0x90, SW2=0x00):
61 11 4F 06 00 00 10 00 01 00 79 07 4F 05 A0 00
00 03 08
Sending: 00 24 00 81 10 31 32 33 34 35 36 37 38 38 37 36 35 34 33 32 31
Received (SW1=0x90, SW2=0x00)
  • Improve this Doc
Generated by DocFX