/usr/share/opensc/asepcos.profile is in opensc 0.16.0-3+deb9u1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 | #
# PKCS15 r/w profile for Athena APCOS cards
#
cardinfo {
max-pin-length = 16;
pin-encoding = ascii-numeric;
pin-pad-char = 0x00;
}
# Default settings.
# This option block will always be processed.
option default {
macros {
so-pin-flags = local, initialized, soPin;
df_acl = *=$SOPIN;
}
}
# This option sets up the card so that a single
# user PIN protects all files
option onepin {
macros {
so-pin-flags = local, initialized;
df_acl = *=$PIN;
}
}
# Define reasonable limits for PINs and PUK
PIN so-pin {
reference = 1;
flags = $so-pin-flags;
}
PIN so-puk {
reference = 2;
}
PIN user-pin {
attempts = 3;
flags = local, initialized;
}
PIN user-puk {
attempts = 10;
flags = local, initialized;
}
# Additional filesystem info.
# This is added to the file system info specified in the
# main profile.
filesystem {
DF MF {
ACL = *=AUT0;
DF PKCS15-AppDF {
size = 0;
ACL = $df_acl;
EF PKCS15-PrKDF {
size = 384;
}
EF PKCS15-PuKDF {
size = 384;
}
# This template defines files for keys, certificates etc.
#
# When instantiating the template, each file id will be
# combined with the last octet of the object's pkcs15 id
# to form a unique file ID.
template key-domain {
# This is a dummy entry - pkcs15-init insists that
# this is present
EF private-key {
file-id = 0100;
ACL = *=NEVER, CRYPTO=$PIN, UPDATE=$PIN;
}
# public keys
EF public-key {
file-id = 3003;
structure = transparent;
ACL = *=NEVER,
READ=NONE,
UPDATE=$PIN,
ERASE=$PIN;
}
# Certificate template
EF certificate {
file-id = 3104;
structure = transparent;
ACL = *=NEVER,
READ=NONE,
UPDATE=$PIN,
ERASE=$PIN;
}
# data objects are stored in transparent EFs.
EF data {
file-id = 3302;
structure = transparent;
ACL = *=NEVER,
READ=NONE,
UPDATE=$PIN,
ERASE=$PIN;
}
# private data objects are stored in transparent EFs.
EF privdata {
file-id = 3402;
structure = transparent;
ACL = *=NEVER,
READ=$PIN,
UPDATE=$PIN,
ERASE=$PIN;
}
}
}
}
}
|