- removed obsolete profiles
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1521 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
fffe5b79ef
commit
7d7e07998d
|
@ -9,12 +9,9 @@ LDFLAGS = @LDFLAGS@ @LIBOPENSC@
|
|||
|
||||
PROFILES = \
|
||||
flex.profile \
|
||||
flex_so.profile \
|
||||
flex_onepin.profile \
|
||||
gpk.profile \
|
||||
miocos.profile \
|
||||
etoken.profile \
|
||||
pkcs15-small.profile \
|
||||
pkcs15.profile
|
||||
|
||||
EXTRA_DIST = $(PROFILES) Makefile.mak
|
||||
|
|
|
@ -1,119 +0,0 @@
|
|||
#
|
||||
# PKCS15 r/w profile for Cryptoflex cards,
|
||||
# where the user (CHV1 pin) is in charge of the PKCS15 DF.
|
||||
#
|
||||
# A consequence is that only 1 user PIN is possible.
|
||||
#
|
||||
# Note 1: the PKCS15 files (DODF, PrKDF, PuKDF, ...) are unprotected
|
||||
# (or protected by the SO PIN), as they are defined that way in
|
||||
# "pkcs15.profile". If you don't want this, change the ACs
|
||||
# to "*=$CVH1, READ=NONE;".
|
||||
#
|
||||
# Note 2: after you do sc_pkcs15init_add_app() (e.g. "pkcs15-init -EC"),
|
||||
# the user PIN hasn't been added to the PrKDF yet. This will be done in
|
||||
# sc_pkcs15init_store_pin() (e.g. "pkcs15-init -P --pin 1234 --puk 1234
|
||||
# -a 1 -l userpin")
|
||||
#
|
||||
cardinfo {
|
||||
max-pin-length = 8;
|
||||
pin-encoding = ascii-numeric;
|
||||
pin-pad-char = 0x00;
|
||||
}
|
||||
|
||||
# Define reasonable limits for PINs and PUK
|
||||
# Note that we do not set a file path or reference
|
||||
# here; that is done dynamically.
|
||||
PIN user-pin {
|
||||
attempts = 3;
|
||||
flags = 0x32; # local, initialized, needs-padding
|
||||
}
|
||||
PIN user-puk {
|
||||
attempts = 10;
|
||||
}
|
||||
|
||||
# Additional filesystem info.
|
||||
# This is added to the file system info specified in the
|
||||
# main profile.
|
||||
filesystem {
|
||||
DF MF {
|
||||
ACL = *=AUT1;
|
||||
|
||||
DF PKCS15-AppDF {
|
||||
ACL = DELETE=CHV1, CREATE=NONE, FILES=NONE;
|
||||
EF sopinfile {
|
||||
file-id = 0100;
|
||||
size = 23;
|
||||
ACL = *=NEVER, UPDATE=AUT1;
|
||||
}
|
||||
# If you add an SO PIN, you can set UPDATE=$SOPIN in the ACL below
|
||||
# so the SO PIN can change the user PIN
|
||||
EF pinfile-1 {
|
||||
file-id = 0000;
|
||||
size = 23;
|
||||
ACL = *=NEVER, UPDATE=AUT1;
|
||||
}
|
||||
EF extkey {
|
||||
file-id = 0011;
|
||||
size = 15;
|
||||
ACL = *=NEVER, UPDATE=AUT1;
|
||||
}
|
||||
DF keydir-1 {
|
||||
ACL = *=CHV1, FILES=NONE;
|
||||
file-id = 4B01;
|
||||
size = 1370; # Sufficient for a 2048-bit key
|
||||
EF template-private-key-1 {
|
||||
file-id = 0012;
|
||||
ACL = *=NEVER, CRYPTO=$PIN, UPDATE=CHV1;
|
||||
}
|
||||
EF template-extractable-key-1 {
|
||||
file-id = 7000;
|
||||
ACL = *=NEVER, READ=CHV1, UPDATE=CHV1;
|
||||
}
|
||||
}
|
||||
DF keydir-2 {
|
||||
ACL = *=CHV1, FILES=NONE;
|
||||
file-id = 4B02;
|
||||
size = 1370; # Sufficient for a 2048-bit key
|
||||
EF template-private-key-2 {
|
||||
file-id = 0012;
|
||||
ACL = *=NEVER, CRYPTO=CHV1, UPDATE=CHV1;
|
||||
}
|
||||
EF template-extractable-key-2 {
|
||||
file-id = 7000;
|
||||
ACL = *=NEVER, READ=$PIN, UPDATE=CHV1;
|
||||
}
|
||||
}
|
||||
EF template-public-key-1 {
|
||||
file-id = 5201;
|
||||
ACL = *=CHV1, READ=NONE;
|
||||
}
|
||||
EF template-public-key-2 {
|
||||
file-id = 5202;
|
||||
ACL = *=CHV1, READ=NONE;
|
||||
}
|
||||
EF template-public-key-3 {
|
||||
file-id = 5203;
|
||||
ACL = *=CHV1, READ=NONE;
|
||||
}
|
||||
EF template-certificate-1 {
|
||||
file-id = 5501;
|
||||
ACL = *=CHV1, READ=NONE;
|
||||
}
|
||||
EF template-certificate-2 {
|
||||
file-id = 5502;
|
||||
ACL = *=CHV1, READ=NONE;
|
||||
}
|
||||
EF template-certificate-3 {
|
||||
file-id = 5503;
|
||||
ACL = *=CHV1, READ=NONE;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Define an SO pin
|
||||
# This PIN is not used yet.
|
||||
PIN so-pin {
|
||||
file = sopinfile;
|
||||
reference = 0;
|
||||
}
|
|
@ -1,106 +0,0 @@
|
|||
#
|
||||
# PKCS15 r/w profile for Cryptoflex cards,
|
||||
# where the Security Officer (CHV2 pin) is in charge of the PKCS15 DF.
|
||||
#
|
||||
cardinfo {
|
||||
max-pin-length = 8;
|
||||
pin-encoding = ascii-numeric;
|
||||
pin-pad-char = 0x00;
|
||||
}
|
||||
|
||||
# Define reasonable limits for PINs and PUK
|
||||
# Note that we do not set a file path or reference
|
||||
# here; that is done dynamically.
|
||||
PIN user-pin {
|
||||
attempts = 3;
|
||||
flags = 0x32; # local, initialized, needs-padding
|
||||
}
|
||||
PIN user-puk {
|
||||
attempts = 10;
|
||||
}
|
||||
|
||||
# Additional filesystem info.
|
||||
# This is added to the file system info specified in the
|
||||
# main profile.
|
||||
filesystem {
|
||||
DF MF {
|
||||
ACL = *=AUT1;
|
||||
|
||||
DF PKCS15-AppDF {
|
||||
ACL = DELETE=$SOPIN, CREATE=NONE, FILES=NONE;
|
||||
size = 7500; # enough for 2 2048 bit keys, and 1 cert each
|
||||
EF sopinfile {
|
||||
file-id = 0100;
|
||||
size = 23;
|
||||
ACL = *=NEVER, UPDATE=AUT1;
|
||||
}
|
||||
EF extkey {
|
||||
file-id = 0011;
|
||||
size = 15;
|
||||
ACL = *=NEVER, UPDATE=AUT1;
|
||||
}
|
||||
DF keydir-1 {
|
||||
ACL = *=$SOPIN, FILES=NONE;
|
||||
file-id = 4B01;
|
||||
size = 1370; # Sufficient for a 2048-bit key
|
||||
EF pinfile-2 {
|
||||
file-id = 0000;
|
||||
size = 23;
|
||||
ACL = *=NEVER, UPDATE=$SOPIN;
|
||||
}
|
||||
EF template-private-key-1 {
|
||||
file-id = 0012;
|
||||
ACL = *=NEVER, CRYPTO=CHV1, UPDATE=$SOPIN;
|
||||
}
|
||||
EF template-extractable-key-1 {
|
||||
file-id = 7000;
|
||||
ACL = *=NEVER, READ=$PIN, UPDATE=$SOPIN;
|
||||
}
|
||||
}
|
||||
DF keydir-2 {
|
||||
ACL = *=$SOPIN, FILES=NONE;
|
||||
file-id = 4B02;
|
||||
size = 1370; # Sufficient for a 2048-bit key
|
||||
EF pinfile-3 {
|
||||
file-id = 0000;
|
||||
size = 23;
|
||||
ACL = *=NEVER, UPDATE=$SOPIN;
|
||||
}
|
||||
EF template-private-key-2 {
|
||||
file-id = 0012;
|
||||
ACL = *=NEVER, CRYPTO=CHV1, UPDATE=$SOPIN;
|
||||
}
|
||||
EF template-extractable-key-2 {
|
||||
file-id = 7000;
|
||||
ACL = *=NEVER, READ=$PIN, UPDATE=$SOPIN;
|
||||
}
|
||||
}
|
||||
EF template-public-key-1 {
|
||||
file-id = 5201;
|
||||
ACL = *=$SOPIN, READ=NONE;
|
||||
}
|
||||
EF template-public-key-2 {
|
||||
file-id = 5202;
|
||||
ACL = *=$SOPIN, READ=NONE;
|
||||
}
|
||||
EF template-certificate-1 {
|
||||
file-id = 5501;
|
||||
ACL = *=$SOPIN, READ=NONE;
|
||||
}
|
||||
EF template-certificate-2 {
|
||||
file-id = 5502;
|
||||
ACL = *=$SOPIN, READ=NONE;
|
||||
}
|
||||
EF PKCS15-AODF {
|
||||
size = 160; # 1 SOPIN + 2 user pins
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Define an SO pin
|
||||
# This PIN is not used yet.
|
||||
PIN so-pin {
|
||||
file = sopinfile;
|
||||
reference = 0;
|
||||
}
|
|
@ -1,98 +0,0 @@
|
|||
#
|
||||
# PKCS15 profile, generic information.
|
||||
# This profile is loaded before any card specific profile.
|
||||
#
|
||||
|
||||
cardinfo {
|
||||
label = "OpenSC Card";
|
||||
manufacturer = "OpenSC Project";
|
||||
min-pin-length = 4;
|
||||
# max length should be overridden in the per-card profile
|
||||
max-pin-length = 8;
|
||||
}
|
||||
|
||||
# Define reasonable limits for PINs and PUK
|
||||
# Note that we do not set a file path or reference
|
||||
# for the user pin; that is done dynamically.
|
||||
PIN user-pin {
|
||||
attempts = 3;
|
||||
}
|
||||
PIN user-puk {
|
||||
attempts = 7;
|
||||
}
|
||||
PIN so-pin {
|
||||
auth-id = FF;
|
||||
attempts = 2;
|
||||
min-length = 6;
|
||||
flags = 0x32;
|
||||
}
|
||||
PIN so-puk {
|
||||
attempts = 4;
|
||||
min-length = 6;
|
||||
}
|
||||
|
||||
filesystem {
|
||||
DF MF {
|
||||
path = 3F00;
|
||||
type = DF;
|
||||
|
||||
# This is the DIR file
|
||||
EF DIR {
|
||||
type = EF;
|
||||
file-id = 2F00;
|
||||
size = 128;
|
||||
acl = *=NONE;
|
||||
}
|
||||
|
||||
# Here comes the application DF
|
||||
DF PKCS15-AppDF {
|
||||
type = DF;
|
||||
file-id = 5015;
|
||||
aid = A0:00:00:00:63:50:4B:43:53:2D:31:35;
|
||||
acl = *=NONE;
|
||||
size = 5000;
|
||||
|
||||
EF PKCS15-ODF {
|
||||
file-id = 5031;
|
||||
size = 128;
|
||||
ACL = *=NONE;
|
||||
}
|
||||
|
||||
EF PKCS15-TokenInfo {
|
||||
file-id = 5032;
|
||||
ACL = *=NONE;
|
||||
}
|
||||
|
||||
EF PKCS15-AODF {
|
||||
file-id = 4401;
|
||||
size = 128;
|
||||
ACL = *=$SOPIN, READ=NONE;
|
||||
}
|
||||
|
||||
EF PKCS15-PrKDF {
|
||||
file-id = 4402;
|
||||
size = 128;
|
||||
acl = *=$SOPIN, READ=NONE;
|
||||
}
|
||||
|
||||
EF PKCS15-PuKDF {
|
||||
file-id = 4403;
|
||||
size = 128;
|
||||
acl = *=$SOPIN, READ=NONE;
|
||||
}
|
||||
|
||||
EF PKCS15-CDF {
|
||||
file-id = 4404;
|
||||
size = 256;
|
||||
acl = *=$SOPIN, READ=NONE;
|
||||
}
|
||||
|
||||
EF PKCS15-DODF {
|
||||
file-id = 4405;
|
||||
size = 128;
|
||||
ACL = *=NONE;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue