CasperSecurity
#
# PKCS15 r/w profile for Oberthur AuthentIC v3 cards
#
cardinfo {
label = "AuthentIC.v3";
manufacturer = "Oberthur COSMO.v7";
max-pin-length = 63;
min-pin-length = 4;
pin-encoding = ascii-numeric;
pin-pad-char = 0xFF;
}
pkcs15 {
# Put certificates into the CDF itself?
direct-certificates = no;
# Put the DF length into the ODF file?
encode-df-length = no;
# Have a lastUpdate field in the EF(TokenInfo)?
do-last-update = yes;
}
# Define reasonable limits for PINs and PUK
# Note that we do not set a file path or reference
# here; that is done dynamically.
PIN user-pin {
attempts = 5;
max-length = 63;
min-length = 4;
flags = 0x10; # initialized
reference = 1;
}
PIN so-pin {
auth-id = FF;
attempts = 5;
max-length = 4;
min-length = 4;
flags = 0xB2;
reference = 2
}
# Additional filesystem info.
# This is added to the file system info specified in the
# main profile.
filesystem {
DF MF {
ACL = *=CHV4;
path = 3F00;
type = DF;
# This is the DIR file
EF DIR {
type = EF;
file-id = 2F00;
size = 128;
acl = *=NONE;
}
DF PKCS15-AppDF {
type = DF;
aid = A0:00:00:00:77:01:00:70:0A:10:00:F1:00:00:01:00;
file-id = 5015;
EF PKCS15-ODF {
file-id = 5031;
ACL = *=NEVER;
ACL = READ=NONE;
}
EF PKCS15-TokenInfo {
file-id = 5032;
ACL = *=NEVER;
ACL = READ=NONE;
}
EF PKCS15-AODF {
file-id = 7001;
ACL = *=NEVER;
ACL = READ=NONE;
}
EF PKCS15-PrKDF {
file-id = 7002;
ACL = *=NONE;
}
EF PKCS15-PuKDF {
file-id = 7004;
ACL = *=NONE;
}
EF PKCS15-SKDF {
file-id = 7003;
ACL = *=NONE;
}
EF PKCS15-CDF {
file-id = 7005;
ACL = *=NONE;
}
EF PKCS15-DODF {
file-id = 7006;
ACL = *=NONE;
}
BSO template-private-key {
ACL = UPDATE=CHV1, DELETE=CHV1;
ACL = PSO-DECRYPT=CHV1, INTERNAL-AUTHENTICATE=CHV1, GENERATE=CHV1, PSO-COMPUTE-SIGNATURE=NEVER;
}
BSO template-public-key {
ACL = *=NONE;
}
EF template-certificate {
file-id = B000;
ACL = READ=NONE, DELETE=NONE, UPDATE=CHV1, RESIZE=CHV1;
}
}
}
}