opensc/src/pkcs15init/gpk.profile

#
# PKCS15 r/w profile for GPK cards
#
cardinfo {
    max-pin-length	= 8;
    pin-encoding	= BCD;
    pin-pad-char	= 0x00;

    # This is the secure messaging key required for
    # creating files in the MF
    key PRO1 {
        value		= "=TEST KEYTEST KEY";
    }
}

# Define reasonable limits for PINs and PUK
# Note that we do not set a file path or reference
# here; that is done dynamically.
PIN user-pin {
    attempts	= 3;
}
PIN user-puk {
    attempts	= 7;
}
PIN so-pin {
    attempts	= 2;
    min-length	= 6;
}
PIN so-puk {
    attempts	= 4;
    min-length	= 6;
}


# Additional filesystem info.
# This is added to the file system info specified in the
# main profile.
filesystem {
    DF MF {
	ACL	= CREATE=PRO1;

	EF sopinfile {
	    file-id		= 0000;
	    structure		= 0x21;
	    record-length	= 8;
	    size		= 16;
	    ACL			= *=NEVER;
	}

        DF PKCS15-AppDF {
            # The PIN file.
            # The GPK supports just one PIN file per DF, and the file
            # can hold up to 8 pins (or 4 PIN/PUK pairs).
            #
            # Note1: many commands use the short file ID (i.e. the lower
	    # 5 bits of the FID) so you must be careful when picking FIDs
	    # for the public key and PIN files.

            EF pinfile {
    	        file-id		= 0000;
    	        structure	= 0x21;	# GPK specific
    	        record-length	= 8;
    	        size		= 64;	# room for 8 pins
    	        ACL		= *=NEVER;
            }

            # Private key files.
            # GPK private key files will never let you read the private key
            # part, so it's okay to set READ=NONE. What's more, we may need
            # read access so we're able to check the key size/type.
            EF template-private-key {
    	        file-id		= 0006;	# This is the base FileID
    	        structure	= 0x2C;	# GPK specific
    	        ACL		= *=NEVER,
					READ=NONE,
					CRYPTO=$PIN,
					UPDATE=$PIN,
					WRITE=$PIN;
            }

            EF template-public-key {
    	        file-id		= 8000;
    	        structure	= transparent;
    	        ACL		= *=NONE;
            }

            # Certificate template
            EF template-certificate {
    	        file-id		= 9000;
    	        structure	= transparent;
    	        ACL		= *=NONE;
            }
	}
    }
}

# Define an SO pin
# This PIN is not used yet.
#PIN sopin {
#    file	= sopinfile;
#    reference	= 0;
#}
- rewrite of the pkcs15-init stuff git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@415 c6295689-39f2-0310-b995-f0e70906c6a9 2002-04-02 13:26:42 +00:00			`#`
			`# PKCS15 r/w profile for GPK cards`
			`#`
- rewrote config files to match new parser git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@428 c6295689-39f2-0310-b995-f0e70906c6a9 2002-04-03 11:55:21 +00:00			`cardinfo {`
			`max-pin-length = 8;`
			`pin-encoding = BCD;`
			`pin-pad-char = 0x00;`

			`# This is the secure messaging key required for`
			`# creating files in the MF`
			`key PRO1 {`
			`value = "=TEST KEYTEST KEY";`
			`}`
			`}`

			`# Define reasonable limits for PINs and PUK`
			`# Note that we do not set a file path or reference`
			`# here; that is done dynamically.`
			`PIN user-pin {`
			`attempts = 3;`
			`}`
			`PIN user-puk {`
			`attempts = 7;`
			`}`
			`PIN so-pin {`
			`attempts = 2;`
			`min-length = 6;`
			`}`
			`PIN so-puk {`
			`attempts = 4;`
			`min-length = 6;`
			`}`


			`# Additional filesystem info.`
			`# This is added to the file system info specified in the`
			`# main profile.`
			`filesystem {`
			`DF MF {`
- moved gpk specific MF ACL to the gpk profile, where it belongs git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@431 c6295689-39f2-0310-b995-f0e70906c6a9 2002-04-03 12:46:26 +00:00			`ACL = CREATE=PRO1;`

- rewrote config files to match new parser git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@428 c6295689-39f2-0310-b995-f0e70906c6a9 2002-04-03 11:55:21 +00:00			`EF sopinfile {`
			`file-id = 0000;`
			`structure = 0x21;`
			`record-length = 8;`
			`size = 16;`
			`ACL = *=NEVER;`
			`}`

			`DF PKCS15-AppDF {`
			`# The PIN file.`
			`# The GPK supports just one PIN file per DF, and the file`
			`# can hold up to 8 pins (or 4 PIN/PUK pairs).`
			`#`
			`# Note1: many commands use the short file ID (i.e. the lower`
			`# 5 bits of the FID) so you must be careful when picking FIDs`
			`# for the public key and PIN files.`

			`EF pinfile {`
			`file-id = 0000;`
			`structure = 0x21; # GPK specific`
			`record-length = 8;`
			`size = 64; # room for 8 pins`
			`ACL = *=NEVER;`
			`}`

			`# Private key files.`
			`# GPK private key files will never let you read the private key`
			`# part, so it's okay to set READ=NONE. What's more, we may need`
			`# read access so we're able to check the key size/type.`
			`EF template-private-key {`
			`file-id = 0006; # This is the base FileID`
			`structure = 0x2C; # GPK specific`
			`ACL = *=NEVER,`
			`READ=NONE,`
			`CRYPTO=$PIN,`
			`UPDATE=$PIN,`
			`WRITE=$PIN;`
			`}`

			`EF template-public-key {`
			`file-id = 8000;`
			`structure = transparent;`
			`ACL = *=NONE;`
			`}`

			`# Certificate template`
			`EF template-certificate {`
			`file-id = 9000;`
			`structure = transparent;`
			`ACL = *=NONE;`
			`}`
			`}`
			`}`
			`}`
- rewrite of the pkcs15-init stuff git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@415 c6295689-39f2-0310-b995-f0e70906c6a9 2002-04-02 13:26:42 +00:00
			`# Define an SO pin`
- rewrote config files to match new parser git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@428 c6295689-39f2-0310-b995-f0e70906c6a9 2002-04-03 11:55:21 +00:00			`# This PIN is not used yet.`
			`#PIN sopin {`
			`# file = sopinfile;`
			`# reference = 0;`
			`#}`