commit d4534d2326526bab910e7bd1babe0f91d11bcad9
Author: Jack Magne <jmagne@localhost.localdomain>
Date:   Mon Aug 24 11:23:04 2015 -0700

    SC650 format/enroll fails
    
    Simple fix to correctly identify scp01/gp201 sc650 card.
    
    (cherry picked from commit 3158e1279b210d9f409918b24180bf20b0774614)

diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
index 14e8ead..637cfa3 100644
--- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
+++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
@@ -3402,10 +3402,20 @@ public class TPSProcessor {
         byte protocol = oidSecureChannelProtocol.at(length - 2);
         byte implementation = oidSecureChannelProtocol.at(length - 1);
 
+        if (protocol == SecureChannel.SECURE_PROTO_03) {
+            throw new TPSException("TPSProcessor.gp211GetSecureChannelProtocolDetails: No support for SCP03 as of yet, bailing.",
+                    TPSStatus.STATUS_ERROR_SECURE_CHANNEL);
+        }
+
         platProtInfo.setProtocol(protocol);
         platProtInfo.setImplementation(implementation);
         platProtInfo.setKeysetInfoData(keyData);
-        platProtInfo.setPlatform(SecureChannel.GP211);
+
+        if (protocol == SecureChannel.SECURE_PROTO_02)
+            platProtInfo.setPlatform(SecureChannel.GP211);
+        else
+            platProtInfo.setPlatform(SecureChannel.GP201);
+
 
         CMS.debug("TPSProcessor.gp211GetSecureChannelProtocolDetails: protocol: " + protocol + " implementation: "
                 + implementation + " keyInfoData: " + keyData.toHexString());