Christmas is coming!

To celebrate the new year and thank for the support from all our dear customers, Christmas promotional activity is being held in JavaCardOS online store.

During the event, you can enjoy many promotional activities - High Discount on JavaCardOS products,Lucky Draw,Double forum Points.

Come to choose your own Christmas gift and try your luck now!

The APDU commands of using yubioath-android combined with OATH-Applet

This project implement the HOTP/TOTP card functionality.

Moderator: Ellisun

User avatar
JavaCardOS
Posts: 250
Joined: Thu Apr 30, 2015 12:00 pm
Points: 2189
Contact:

The APDU commands of using yubioath-android combined with OATH-Applet

Postby JavaCardOS » Wed Feb 10, 2016 8:27 pm

In the process of using yubioath-android application, the following APDU commands will be used:
1. Add Time based(TOTP) account credentials, and refresh the One-Time Passcode:

Code: Select all

//select applet
00A4040008A000000527210101
//handlePut (StoreCode) and the username and password is john and qwer Tag=0x71(john) and Tag = 0x73 is KEY_TAG qwer.
000100000C71046A6F686E730421068589;
//handleCalcAll: P2=1,Tag=74... Calculate message digest, the APDU response is the One-Time Passcode with time based.
00A400010A74080000000002E3BCC5;

2. Add Event based(HOTP) account credentials, and refresh the One-Time Passcode:

Code: Select all

//select applet
 00A4040008A000000527210101;
 //handlePut (StoreCode): the username and password is marry and qazwsx
 000100000E71056D6172727973051106803369;
 //calculate, Calculate message digest, the APDU response is the One-Time Passcode with event based.
 00A200010971056D617272797400;

3.Change device password:

Code: Select all

//select applet 
00A4040008A000000527210101;
//handleChangeCode(setLockCode) the device password is qazwsx
000300003373112166C55642C4194FBD065432E77FDE0B017408791A30562CDDC1DF75140B8008644AD88991063CA7DADB3835E07E486C30;

After setting the device password, you need to verify device password every time first, and then perform other operations.

4. Refresh TOTP One-Time Passcode :

Code: Select all

//select applet
00A4040008A000000527210101;
//handleValidate(doUnlock)
00A3000020751447F28EA873125711F6ED94A790845833B73B75FA74087CB26561E60C808C;
//handleCalcAll
00A400010A74080000000002E3BDB7;

5. Reset the device password:

Code: Select all

//select applet
00A4040008A000000527210101;
//handleValidate(doUnlock)
00A3000020751418DE81A54F7D18EDD6E9228E946EE5724CC9D96F74081D947956B867CAB1;
//handleChangeCode(setLockCode)
000300003373112166C55642C4194FBD065432E77FDE0B017408662D530C2ADE703375140E0055947B08A9C659341B0E83BD05B0BCD53708;
Last edited by JavaCardOS on Fri Apr 01, 2016 6:16 am, edited 1 time in total.

sherry
Posts: 1
Joined: Fri Jan 15, 2016 5:14 am
Points: 46
Contact:

Re: The APDU commands of using yubioath-android combined with OATH-Applet

Postby sherry » Wed Mar 30, 2016 11:45 pm

I want to know a complete HOTP validation process?
the protocol INS that:
|========================
|PUT
|DELETE
|SET CODE
|RESET
|LIST
|CALCULATE
|VALIDATE
|CALCULATE ALL
|SEND REMAINING
|========================
I understand the PUT,DELETE,RESET and LIST instruction .
I do not understand the VALIDATE ,SET CODE and CALCULATE(CALCULATE ALL) INS what that do?

nobody2015
Posts: 12
Joined: Wed Aug 19, 2015 3:11 am
Points: 28
Contact:

Re: The APDU commands of using yubioath-android combined with OATH-Applet

Postby nobody2015 » Fri Apr 01, 2016 3:03 am

I want to know too.

User avatar
Ellisun
Posts: 40
Joined: Wed May 20, 2015 3:47 am
Points: 270
Contact:

Re: The APDU commands of using yubioath-android combined with OATH-Applet

Postby Ellisun » Fri Apr 01, 2016 6:36 am

You can see the specifications in attachments about OATH-Applet.
You do not have the required permissions to view the files attached to this post. Please login first.


Return to “Ykneo Oath Applet”

Who is online

Users browsing this forum: No registered users and 1 guest

JavaCard OS : Disclaimer