OpenPGP applet returns incorrect length for application related data DO?

[lucanaef]

When requesting the Application Related Data DO of the YubiKeys OpenPGP applet via SmartCardInterface, I consistently get the following byte sequence (here represented in hexadecimal):

6e8201374f10d27600012401030400061541020700005f520800730000e00590007f740381012073820110c00a7d000bfe080000ff0000c106010800001100c206010800001100c306010800001100da06010800001100c407ff7f7f7f030003c550d9f465e6fdce605597cfaf4aadee3f6b0dce0c6cee1a6cbde1a6948eeddc1f438aa30f5beeb312f8f8de0abd38638161d8c551a567b24de02e2d200e0000000000000000000000000000000000000000c6500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cd105fa5bda85fa5bda85fa5bda800000000de0801010201030181027f660802020bfe02020bfed6020020d7020020d8020020d9020020

Trying to decode this information manually according to the Functional Specification of the OpenPGP application on ISO Smart Card Operating Systems yields the following result:

(sorry for the bad formatting)

6e - Application Related Data
    82 (why not 0x02?) 01 37 (total length is 0d311 = 0x0137)
    4f - Application identifier (AID)
    10 (length 16) d2 76 00 01 24 01 03 04 00 06 15 41 02 07 00 00

    5f52 - Historical bytes
    08 (length 8) 00 73 00 00 e0 05 90 00 

    7f74 - General feature management (optional)
    03 (length 3) 81 01 20 

    73 - Discretionary data objects 
    82 (why not 0x02?) 01 10

    c0 - Extended capabilities
    0a (length 10) 7d 00 0b fe 08 00 00 ff 00 00

    c1 - Algorithm attributes signature
    06 (length 6) 01 08 00 00 11 00

    c2 - Algorithm attributes decryption
    06 (length 6) 01 08 00 00 11 00 

    c3 - Algorithm attributes authentication
    06 (length 6) 01 08 00 00 11 00 

    da - Reserved for Algorithm attributes Attestation key (Yubico)
    06 (length 6) 01 08 00 00 11 00 

    c4 - PW Status Bytes
    07 (length 7) ff 7f 7f 7f 03 00 03 

    c5 - Fingerprints (20 bytes (dec.) each)
    50 (length 80)  d9 f4 65 e6 fd ce 60 55 97 cf af 4a ad ee 3f 6b 0d ce 0c 6c (Sig)
            ee 1a 6c bd e1 a6 94 8e ed dc 1f 43 8a a3 0f 5b ee b3 12 f8 (Dec)
            f8 de 0a bd 38 63 81 61 d8 c5 51 a5 67 b2 4d e0 2e 2d 20 0e (Auth)
            00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (Attest)

    c6 - List of CA-Fingerprints (20 bytes (dec.) each)
    50 (length 80)  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (Sig)
            00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (Dec)
            00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (Auth)
            00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 (Attest)

    cd - List of generation dates/times of key pairs (4 bytes (dec.) each)
    10 (length 16)  5f a5 bd a8 5f a5 bd a8 5f a5 bd a8 00 00 00 00 

    de - Key Information (2 bytes (dec.) each)
    08 (length 8) 01 01 02 01 03 01 81 02 

    7f66 - Extended length information
    08 (length 8) 02 02 0b fe 02 02 0b fe 

    d6 - User Interaction Flag (UIF) for PSO:CDS
    02 (length 2) 00 20 

    d7 - UIF for PSO:DEC
    02 (length 2) 00 20 

    d8 - UIF for PSO:AUT
    02 (length 2) 00 20 

    d9 - UIF for Attestation key and Generate Attestation command (Yubico)
    02 (length 2) 00 20

I don't understand how both for length the total length of the Application Related Data (0x6e) and the length of the Discretionary data objects (0x73), I get 0x82 instead of - presumably - 0x02? Am I misunderstanding the encoding scheme?

I am happy to provide more information or context if needed :) Thanks!

[mattbeshara]

I haven’t tried to decode the byte sequence you posted in its entirety, but I have a copy of the OpenPGP spec handy and it describes the length field of what it calls ‘TLV structures’ on page 39, section 4.4.4. 0x82 is the expected value indicating the next two bytes are a length up to 65535. I have read over the byte sequence and compared it to the spec up until the ‘Algorithm attributes signature’ and the data seems to make sense. Hope this helps.

[lucanaef]

Thanks! I misunderstood that part of the specification.