some notes to myself
Written on August 25, 2015
One of the IT security efforts that the GOVERNMENT OF THE UNITED STATES ;) has been really pushing recently is the use of smartcards. I had to go to an office and get my picture taken and the entire surface of both hands printed when I got my PIV Card (basically a smartcard with some identity objects: http://csrc.nist.gov/groups/SNS/piv/standards.html).
Turns out you can install the pkcs15-tool package, run pkcs15-tool -D on a US Government PIV Card and see some data:
Data object 'Cardholder Fingerprints'
applicationName: Cardholder Fingerprints
applicationOID: 2.16.840.1.101.3.7.2.96.16
Path: 6010
Auth ID: 01
Data object 'Printed Information'
applicationName: Printed Information
applicationOID: 2.16.840.1.101.3.7.2.48.1
Path: 3001
Auth ID: 01
Data object 'Cardholder Facial Image'
applicationName: Cardholder Facial Image
applicationOID: 2.16.840.1.101.3.7.2.96.48
Path: 6030
Auth ID: 01
And this interesting bit:
Data object 'Cardholder Iris Image'
applicationName: Cardholder Iris Image
applicationOID: 2.16.840.1.101.3.7.2.16.21
Path: 1015
Data object read failed: File not found
Good thing it’s empty - I don’t remember giving that to them. Creepy.