2008-01-03 08:59:14 +00:00
|
|
|
#
|
|
|
|
# PKCS15 profile, generic information.
|
|
|
|
# This profile is loaded before any card specific profile.
|
|
|
|
#
|
2007-12-17 13:39:20 +00:00
|
|
|
|
2009-01-28 12:10:13 +00:00
|
|
|
cardinfo {
|
|
|
|
label = "Rutoken S";
|
|
|
|
manufacturer = "Aktiv Co.";
|
|
|
|
|
|
|
|
max-pin-length = 16;
|
|
|
|
min-pin-length = 1;
|
|
|
|
pin-encoding = ascii-numeric;
|
|
|
|
pin-pad-char = 0xFF;
|
|
|
|
}
|
|
|
|
|
2008-01-03 08:59:14 +00:00
|
|
|
#
|
|
|
|
# The following controls some aspects of the PKCS15 we put onto
|
|
|
|
# the card.
|
|
|
|
#
|
|
|
|
pkcs15 {
|
|
|
|
# Put certificates into the CDF itself?
|
|
|
|
direct-certificates = no;
|
|
|
|
# Put the DF length into the ODF file?
|
|
|
|
encode-df-length = no;
|
|
|
|
# Have a lastUpdate field in the EF(TokenInfo)?
|
2009-01-28 12:10:13 +00:00
|
|
|
do-last-update = yes;
|
2007-12-17 13:39:20 +00:00
|
|
|
}
|
2008-01-03 08:59:14 +00:00
|
|
|
|
|
|
|
# Default settings.
|
|
|
|
# This option block will always be processed.
|
2009-10-06 08:22:47 +00:00
|
|
|
option default {
|
2008-04-18 14:08:23 +00:00
|
|
|
macros {
|
2009-01-28 12:10:13 +00:00
|
|
|
ti-size = 128;
|
|
|
|
odf-size = 128;
|
|
|
|
aodf-size = 256;
|
2008-01-03 08:59:14 +00:00
|
|
|
dodf-size = 2048;
|
|
|
|
cdf-size = 2048;
|
|
|
|
prkdf-size = 2048;
|
|
|
|
pukdf-size = 2048;
|
2008-04-18 14:08:23 +00:00
|
|
|
}
|
2007-12-17 13:39:20 +00:00
|
|
|
}
|
|
|
|
|
2008-01-03 08:59:14 +00:00
|
|
|
# This option is for cards with very little memory.
|
|
|
|
# It sets the size of various PKCS15 directory files
|
|
|
|
# to 128 or 256, respectively.
|
2009-10-06 08:22:47 +00:00
|
|
|
option small {
|
2008-01-03 08:59:14 +00:00
|
|
|
macros {
|
2009-01-28 12:10:13 +00:00
|
|
|
ti-size = 64;
|
|
|
|
odf-size = 128;
|
|
|
|
aodf-size = 128;
|
2008-01-03 08:59:14 +00:00
|
|
|
dodf-size = 512;
|
|
|
|
cdf-size = 512;
|
|
|
|
prkdf-size = 512;
|
|
|
|
pukdf-size = 512;
|
|
|
|
}
|
2007-12-17 13:39:20 +00:00
|
|
|
}
|
|
|
|
|
2009-01-28 12:10:13 +00:00
|
|
|
# Define reasonable limits for PINs and PUK
|
|
|
|
# Note that we do not set a file path or reference
|
|
|
|
# for the user pin; that is done dynamically.
|
|
|
|
PIN user-pin {
|
|
|
|
auth-id = 2;
|
|
|
|
reference = 2;
|
|
|
|
min-length = 8;
|
|
|
|
max-length = 16;
|
2010-02-03 12:10:41 +00:00
|
|
|
flags = case-sensitive, initialized;
|
|
|
|
}
|
|
|
|
PIN user-puk {
|
|
|
|
min-length = 0;
|
|
|
|
max-length = 0;
|
2009-01-28 12:10:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
PIN so-pin {
|
|
|
|
auth-id = 1;
|
|
|
|
reference = 1;
|
|
|
|
min-length = 8;
|
|
|
|
max-length = 16;
|
2010-02-03 12:10:41 +00:00
|
|
|
flags = case-sensitive, initialized, soPin;
|
|
|
|
}
|
|
|
|
PIN so-puk {
|
|
|
|
min-length = 0;
|
|
|
|
max-length = 0;
|
2009-01-28 12:10:13 +00:00
|
|
|
}
|
|
|
|
|
2007-12-17 13:39:20 +00:00
|
|
|
filesystem {
|
2008-04-18 14:08:23 +00:00
|
|
|
DF MF {
|
2008-01-03 08:59:14 +00:00
|
|
|
path = 3F00;
|
2008-04-18 14:08:23 +00:00
|
|
|
type = DF;
|
2009-01-28 12:10:13 +00:00
|
|
|
acl = *=NEVER, SELECT=NONE, DELETE=NEVER, CREATE=CHV2, READ=NONE;
|
|
|
|
|
|
|
|
EF DIR {
|
|
|
|
type = EF;
|
|
|
|
file-id = 2F00;
|
|
|
|
size = 128;
|
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=CHV2, WRITE=CHV2, DELETE=CHV2;
|
|
|
|
}
|
2008-04-18 14:08:23 +00:00
|
|
|
|
2008-01-03 08:59:14 +00:00
|
|
|
# Here comes the application DF
|
|
|
|
DF PKCS15-AppDF {
|
2008-04-18 14:08:23 +00:00
|
|
|
type = DF;
|
2009-01-28 12:10:13 +00:00
|
|
|
file-id = 5015;
|
|
|
|
acl = *=NEVER, SELECT=NONE, DELETE=CHV2, CREATE=CHV2, READ=NONE;
|
2008-01-03 08:59:14 +00:00
|
|
|
|
|
|
|
EF PKCS15-ODF {
|
2009-01-28 12:10:13 +00:00
|
|
|
file-id = 5031;
|
2008-01-03 08:59:14 +00:00
|
|
|
size = $odf-size;
|
2009-01-28 12:10:13 +00:00
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=CHV2, WRITE=CHV2, DELETE=CHV2;
|
|
|
|
}
|
|
|
|
|
|
|
|
EF PKCS15-TokenInfo {
|
|
|
|
file-id = 5032;
|
|
|
|
size = $ti-size;
|
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=CHV2, WRITE=CHV2, DELETE=CHV2;
|
2008-04-18 14:08:23 +00:00
|
|
|
}
|
|
|
|
|
2008-01-03 08:59:14 +00:00
|
|
|
EF PKCS15-AODF {
|
2009-01-28 12:10:13 +00:00
|
|
|
file-id = 4401;
|
2008-01-03 08:59:14 +00:00
|
|
|
size = $aodf-size;
|
2009-01-28 12:10:13 +00:00
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=CHV2, WRITE=CHV2, DELETE=CHV2;
|
2008-01-03 08:59:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
EF PKCS15-PrKDF {
|
2009-01-28 12:10:13 +00:00
|
|
|
file-id = 4402;
|
2008-01-03 08:59:14 +00:00
|
|
|
size = $prkdf-size;
|
2009-01-28 12:10:13 +00:00
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
2008-04-18 14:08:23 +00:00
|
|
|
}
|
|
|
|
|
2008-01-03 08:59:14 +00:00
|
|
|
EF PKCS15-PuKDF {
|
2009-01-28 12:10:13 +00:00
|
|
|
file-id = 4403;
|
2008-01-03 08:59:14 +00:00
|
|
|
size = $pukdf-size;
|
2009-01-28 12:10:13 +00:00
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
2008-04-18 14:08:23 +00:00
|
|
|
}
|
2007-12-17 13:39:20 +00:00
|
|
|
|
2008-01-03 08:59:14 +00:00
|
|
|
EF PKCS15-CDF {
|
2009-01-28 12:10:13 +00:00
|
|
|
file-id = 4404;
|
2008-01-03 08:59:14 +00:00
|
|
|
size = $cdf-size;
|
2009-01-28 12:10:13 +00:00
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
2008-04-18 14:08:23 +00:00
|
|
|
}
|
|
|
|
|
2008-01-03 08:59:14 +00:00
|
|
|
EF PKCS15-DODF {
|
2009-01-28 12:10:13 +00:00
|
|
|
file-id = 4405;
|
2008-01-03 08:59:14 +00:00
|
|
|
size = $dodf-size;
|
2009-01-28 12:10:13 +00:00
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
# This template defines files for keys, certificates etc.
|
|
|
|
#
|
|
|
|
# When instantiating the template, each file id will be
|
|
|
|
# combined with the last octet of the object's pkcs15 id
|
|
|
|
# to form a unique file ID.
|
|
|
|
template key-domain {
|
|
|
|
EF private-key {
|
|
|
|
file-id = 0100;
|
|
|
|
structure = transparent;
|
|
|
|
acl = *=NEVER, READ=$PIN, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
EF public-key {
|
|
|
|
file-id = 0200;
|
|
|
|
structure = transparent;
|
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
# Certificate template
|
|
|
|
EF certificate {
|
|
|
|
file-id = 0300;
|
|
|
|
structure = transparent;
|
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
# data objects are stored in transparent EFs.
|
|
|
|
EF data {
|
|
|
|
file-id = 0400;
|
|
|
|
structure = transparent;
|
|
|
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
|
|
|
}
|
|
|
|
|
|
|
|
# private data objects are stored in transparent EFs.
|
|
|
|
EF privdata {
|
|
|
|
file-id = 0500;
|
|
|
|
structure = transparent;
|
|
|
|
acl = *=NEVER, READ=$PIN, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
|
|
|
}
|
2008-01-03 08:59:14 +00:00
|
|
|
}
|
2008-04-18 14:08:23 +00:00
|
|
|
}
|
|
|
|
}
|
2007-12-17 13:39:20 +00:00
|
|
|
}
|
|
|
|
|