2004-04-17 09:20:08 +00:00
|
|
|
#
|
|
|
|
# pkcs15 profile for starcos spk 2.3
|
|
|
|
#
|
|
|
|
cardinfo {
|
2004-09-28 20:06:04 +00:00
|
|
|
max-pin-length = 8;
|
|
|
|
pin-encoding = ascii-numeric;
|
|
|
|
pin-pad-char = 0x00;
|
|
|
|
}
|
|
|
|
|
|
|
|
option default {
|
|
|
|
macros {
|
|
|
|
so-pin-flags = initialized, needs-padding, soPin;
|
|
|
|
isf_acl = WRITE=$SOPIN;
|
|
|
|
df_acl = *=$SOPIN;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
option onepin {
|
|
|
|
macros {
|
|
|
|
so-pin-flags = initialized, needs-padding;
|
|
|
|
isf_acl = WRITE=$PIN;
|
|
|
|
df_acl = *=$PIN;
|
|
|
|
}
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
PIN so-pin {
|
2004-08-21 10:53:09 +00:00
|
|
|
reference = 1;
|
2004-09-28 20:06:04 +00:00
|
|
|
flags = $so-pin-flags;
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
PIN so-puk {
|
2004-09-28 20:06:04 +00:00
|
|
|
reference = 1;
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
PIN user-pin {
|
2004-09-28 20:06:04 +00:00
|
|
|
attempts = 3;
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
PIN user-puk {
|
2004-09-28 20:06:04 +00:00
|
|
|
attempts = 10;
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Additional filesystem info.
|
|
|
|
# This is added to the file system info specified in the
|
|
|
|
# main profile.
|
|
|
|
filesystem {
|
|
|
|
DF MF {
|
2004-09-28 20:06:04 +00:00
|
|
|
ACL = $df_acl;
|
2004-04-17 09:20:08 +00:00
|
|
|
size = 768;
|
|
|
|
|
|
|
|
# INTERNAL SECRET KEY file of the MF
|
|
|
|
EF mf_isf {
|
|
|
|
size = 256;
|
2004-09-28 20:06:04 +00:00
|
|
|
ACL = $isf_acl;
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
EF mf_ipf {
|
|
|
|
file-id = 0010;
|
|
|
|
size = 256;
|
|
|
|
}
|
|
|
|
|
|
|
|
DF PKCS15-AppDF {
|
2004-09-28 20:06:04 +00:00
|
|
|
ACL = $df_acl;
|
2004-08-21 10:53:09 +00:00
|
|
|
size = 16000;
|
2004-04-17 09:20:08 +00:00
|
|
|
|
|
|
|
# INTERNAL SECRET KEY file of the application DF
|
2004-08-21 10:53:09 +00:00
|
|
|
# Note: if the WRITE ACL is commented out or no
|
|
|
|
# sopin is specified the ACs must be activated via
|
|
|
|
# 'pkcs15-init --finalize' (in this case the
|
|
|
|
# AC WRITE is NEVER as the required state can't
|
|
|
|
# be reached).
|
2004-04-17 09:20:08 +00:00
|
|
|
EF p15_isf {
|
2004-08-21 10:53:09 +00:00
|
|
|
path = 3f005015;
|
2004-04-17 09:20:08 +00:00
|
|
|
size = 2560;
|
2004-09-28 20:06:04 +00:00
|
|
|
ACL = $isf_acl;
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
EF p15_ipf {
|
|
|
|
file-id = 0010;
|
|
|
|
size = 1280;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
template key-domain {
|
2010-01-21 10:07:40 +00:00
|
|
|
BSO private-key {
|
|
|
|
# here ACLs should be defined
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
EF public-key {
|
|
|
|
file-id = 3003;
|
|
|
|
structure = transparent;
|
|
|
|
ACL = *=NEVER,
|
|
|
|
READ=NONE,
|
|
|
|
UPDATE=$PIN,
|
|
|
|
ERASE=$PIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
# Certificate template
|
|
|
|
EF certificate {
|
2004-08-21 10:53:09 +00:00
|
|
|
file-id = 3104;
|
2004-04-17 09:20:08 +00:00
|
|
|
structure = transparent;
|
|
|
|
ACL = *=NEVER,
|
|
|
|
READ=NONE,
|
|
|
|
UPDATE=$PIN,
|
|
|
|
ERASE=$PIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
# Extractable private keys are stored in transparent EFs.
|
|
|
|
# Encryption of the content is performed by libopensc.
|
|
|
|
EF extractable-key {
|
2004-08-21 10:53:09 +00:00
|
|
|
file-id = 3201;
|
2004-04-17 09:20:08 +00:00
|
|
|
structure = transparent;
|
|
|
|
ACL = *=NEVER,
|
|
|
|
READ=$PIN,
|
|
|
|
UPDATE=$PIN,
|
|
|
|
ERASE=$PIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
# data objects are stored in transparent EFs.
|
|
|
|
EF data {
|
2004-08-21 10:53:09 +00:00
|
|
|
file-id = 3301;
|
2004-04-17 09:20:08 +00:00
|
|
|
structure = transparent;
|
|
|
|
ACL = *=NEVER,
|
|
|
|
READ=NONE,
|
|
|
|
UPDATE=$PIN,
|
|
|
|
ERASE=$PIN;
|
2008-12-28 16:07:51 +00:00
|
|
|
}
|
|
|
|
# private data objects are stored in transparent EFs.
|
|
|
|
EF privdata {
|
|
|
|
file-id = 3401;
|
|
|
|
structure = transparent;
|
|
|
|
ACL = *=NEVER,
|
|
|
|
READ=$PIN,
|
|
|
|
UPDATE=$PIN,
|
|
|
|
ERASE=$PIN;
|
2004-04-17 09:20:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|