This file is indexed.

/usr/share/chipcard/cards/starcoscard.xml is in libchipcard-data 5.1.0beta-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
<!--
  These are the known algos for ManageSE
  Template ! Algo !   Hash     ! Padding
  =====================================================
    0xb6   ! 0x11 ! SHA-1      ! ISO 9796/2 with random 
           !      !            ! (->SigG v1.0)
           ! 0x12 ! SHA-1      ! PKCS#1 Block Type 01
           ! 0x21 ! RIPEMD-160 ! ISO 9796/2 with random 
           !      !            ! (->SigG v1.0)
           ! 0x22 ! RIPEMD-160 ! PKCS#1 Block Type 01
           ! 0x25 ! RIPEMD-160 ! ISO9796/1 incl. app A4 (->HBCI)
           ! 0x26 ! RIPEMD-160 ! '00 ... 00 | Hash'
           ! 0x32 ! MD-5       ! PKCS#1 Block Type 01
           !  -   !     -      ! ISO9796/1 without app A4
    0xb8   ! 0x02 !     -      ! PKCS#1 Block Type 02
           ! 0x03 !     -      ! '00 ... 00 | Plaintext'
           !  -   !     -      ! '00 ... 00 | Plaintext'
-->



<cards>
  <card name="STARCOS" extends="ProcessorCard" type="processor" >
    <cardinfo>
      <name>STARCOS</name>
      <descr>
        RSA card (card from G and D with STARCOS operating system)
      </descr>
      <atrs>
        <atr> <!-- unknown -->
          3B B7 94 00 c0 24 31 fe 65 53 50 4b 32 33 90 00 b4
        </atr>
        <atr> <!-- 2.1 -->
          3B BF 18 00 81 31 70 55 53 54 41 52 43 4F 53 20 53 32 31 20 43 90 00 FA
        </atr>
        <atr> <!-- 2.2 -->
          3B B7 94 00 81 31 FE 65 53 50 4B 32 32 90 00 D0
        </atr>
        <atr> <!-- 2.3 -->
          3B B7 94 00 81 31 fe 65 53 50 4b 32 33 90 00 d1
        </atr>
      </atrs>
    </cardinfo>
    
    <formats>
      <format id="KeyLogDescr">
        <ELEM name="status" type="byte" >
          <DESCR>
            code ! key usable ! descr
            0x10 !    yes     ! key active
            0x0a !    no      ! inactive, use key with cert
            0x08 !    no      ! inactive, about to be overwritten
            0x07 !    no      ! (SK + PK neu beschrieben)
            0x02 !    yes     ! new key created
            0x01 !    yes     ! keynumber of -version missing
            0x00 !    yes     ! INI letter missing to activate
            Unused or deleted descriptors should be set to 
            08-5x-00-00-00-00-00-00
          </DESCR>
        </ELEM>
        <ELEM name="keyType" type="byte" >
          <DESCR>
            Signkey: 53, Cryptkey: 56
          </DESCR>
        </ELEM>
        <ELEM name="keyNum" type="ascii" size="3" lfiller="0x30" />
        <ELEM name="keyVer" type="ascii" size="3" lfiller="0x30" />
        
        <VALUES>
          <VALUE path="status">8</VALUE>
          <VALUE path="keyNum">0</VALUE>
          <VALUE path="keyVer">0</VALUE>
        </VALUES>
        
      </format>
    </formats>
  
    <commands>

        <!-- Select DF by 16-bit-id -->
      <command name="SelectDFS" >
        <send>
                <APDU lr="0" >
                <ELEM type="dword">0x00a4000c</ELEM>
                </APDU>
                <DATA>
                    <ELEM name="fileId" type="word" />
                </DATA>
                </send>
                <results>
            <result sw1="0x6a" sw2="0x82" type="error">File not found</result>
                </results>
        </command>

        <!-- Select DF by application-id -->
      <command name="SelectDFL" >
        <send>
                <APDU lr="0" >
                <ELEM type="dword">0x00a4040c</ELEM>
                </APDU>
                <DATA>
                    <ELEM name="fileId" type="bytes" />
                </DATA>
                </send>
                <results>
            <result sw1="0x6a" sw2="0x82" type="error">File not found</result>
                </results>
        </command>

      <!-- Select EF by id -->
      <command name="SelectEFS" >
        <send>
                <APDU lr="0" >
                <ELEM type="dword">0x00a4020c</ELEM>
                </APDU>
                <DATA>
                    <ELEM name="fileId" type="word" />
                </DATA>
                </send>
                <results>
            <result sw1="0x6a" sw2="0x82" type="error">File not found</result>
                </results>
        </command>

      <!-- Select Master File -->
      <command name="SelectMF" >
        <send>
                <APDU lr="0" >
                <ELEM type="dword">0x00a4000c</ELEM>
                </APDU>
                <DATA>
                    <ELEM type="word">0x3f00</ELEM>
                </DATA>
                </send>
                <results>
            <result sw1="0x6a" sw2="0x82" type="error">File not found</result>
                </results>
        </command>

      <!-- Get PIN Status-->
      <command name="PinStatus" >
        <send>
                <APDU lr="0" >
            <ELEM type="word">0x80f2</ELEM>
            <ELEM type="byte">0x00</ELEM>
            <ELEM name="pid" type="byte" />
                </APDU>
                </send>
        <results>
            <result sw1="0x69" sw2="0x83" type="error" >
            Card seems to be destroyed, this might have the following reasons:
             1) you entered a bad PIN too often
             2) the card is of a new and yet unknown type
          </result>
        </results>
                <responses>
                <response type="success">
                    <ELEM name="status" type="byte" size="1" >
              <DESCR>
                Left nibble : maxmimum number of errors
                Right nibble: current number of errors
              </DESCR>
            </ELEM>
          </response>
        </responses>
      </command>

      <!-- Verify PIN -->
      <command name="VerifyPin" >
        <send>
                <APDU >
            <ELEM type="word">0x0020</ELEM>
            <ELEM type="byte">0x00</ELEM>
            <ELEM name="pid" type="byte" />
                </APDU>
                <DATA>
                    <ELEM name="pin" type="bytes" size="8" filler="32" />
                </DATA>
                </send>
                <results>
            <result sw1="0x63" sw2="0xc0" type="error" >
            Bad PIN (only one try left !)
          </result>
            <result sw1="0x63" type="error" >Bad PIN</result>
            <result sw1="0x63" sw2="0xc1" type="error" >
            Bad PIN (only two tries left !)
          </result>
            <result sw1="0x63" sw2="0xc2" type="error" >
            Bad PIN (only three tries left !)
          </result>
            <result sw1="0x69" sw2="0x83" type="error" >
            Card seems to be destroyed, this might have the following reasons:
             1) you entered a bad PIN too often
             2) the card is of a new and yet unknown type
          </result>
            <result sw1="0x69" sw2="0x85" type="error" >
            PIN is still initial PIN, please change it first.
          </result>
            <result sw1="0x6a" sw2="0x88" type="error" >
            Unknown PIN id.
          </result>
                </results>
      </command>


      <!-- Modify PIN -->
      <command name="ModifyPin" >
        <send>
                <APDU >
            <ELEM type="word">0x0024</ELEM>
            <ELEM type="byte">0x00</ELEM>
            <ELEM name="pid" type="byte" />
                </APDU>
                <DATA>
                    <ELEM name="oldpin" type="bytes" size="8" filler="32" />
                    <ELEM name="newpin" type="bytes" size="8" filler="32" />
                </DATA>
                </send>
                <results>
            <result sw1="0x63" sw2="0xc0" type="error" >
            Bad PIN (only one try left !)
          </result>
            <result sw1="0x63" type="error" >Bad PIN</result>
            <result sw1="0x63" sw2="0xc1" type="error" >
            Bad PIN (only two tries left !)
          </result>
            <result sw1="0x63" sw2="0xc2" type="error" >
            Bad PIN (only three tries left !)
          </result>
            <result sw1="0x69" sw2="0x83" type="error" >
            Card seems to be destroyed, this might have the following reasons:
             1) you entered a bad PIN too often
             2) the card is of a new and yet unknown type
          </result>
            <result sw1="0x69" sw2="0x85" type="error" >
            PIN is still initial PIN, please change it first.
          </result>
            <result sw1="0x6a" sw2="0x88" type="error" >
            Unknown PIN id.
          </result>
                </results>
      </command>


      <!-- Generate Keypair -->
      <command name="GenerateKeyPair" >
        <send>
          <APDU >
            <ELEM type="word">0x0046</ELEM>
            <ELEM type="byte">0x00</ELEM>
            <ELEM name="kid" type="byte" />
          </APDU>
          <DATA>
            <ELEM name="bits" type="word" />
          </DATA>
        </send>

        <results>
          <result sw1="0x69" sw2="0x82" type="error" >
            Security status not satisfied (please verify E/G PIN before).
          </result>
            <result sw1="0x69" sw2="0x85" type="error" >
            Condition of use not satisfied.
          </result>
          <result sw1="0x6a" sw2="0x80" type="error" >
            Key length must be divisible by 8.
          </result>
        </results>

        <responses>
          <response type="success">
            <ELEM name="modulus" type="bytes" />
          </response>
        </responses>
      </command>


      <!-- Activate Keypair -->
      <command name="ActivateKeyPair" >
        <DESCR>
          This command activates a previously created key by swapping the
          position of the source key and the destination key in EF_IPF.
          It then writes the given descriptor of the destination key to 
          EF_KEY_LOG.
          
          Valid combinations of srcKid and dstKid are:
          srcPid ! dstPid    ! Status of dstPid ! Info byte (EF_KEY_LOG)
          -------!-----------!------------------!-----------------------
           0x8e  ! 0x86-0x8a !        0x08      ! Bit 3=1
           0x8f  ! 0x81-0x85 !        0x08      ! Bit 7=1
           
          The corresponding bit in the info byte of EF_KEY_LOG and the 
          corresponding counter in EF_SEQ are reset upon successful
          execution.
        </DESCR>
        <send>
                <APDU >
            <ELEM type="word">0xf047</ELEM>
            <ELEM name="srcKid" type="byte" />
            <ELEM name="destKid" type="byte" />
                </APDU>
                <DATA>
            <FORMAT type="KeyLogDescr" name="descriptor" />
                </DATA>
                </send>

                <results>
            <result sw1="0x69" sw2="0x82" type="error" >
            Security status not satisfied (please verify E/G PIN before).
          </result>
            <result sw1="0x69" sw2="0x85" type="error" >
            Condition of use not satisfied.
          </result>
          <result sw1="0x6a" sw2="0x80" type="error" >
            Bad descriptor data.
          </result>
                </results>
      </command>


      <!-- Put Hash -->
      <command name="PutHash" >
        <DESCR>
          This command sends a hash value to the card. The size of this
          hash value is 20 for RIPEMD-160 (and maybe 16 for the others?).
        </DESCR>
        <send>
          <APDU >
            <ELEM type="dword">0x002a9081</ELEM>
          </APDU>
          <DATA>
            <ELEM name="data" type="bytes" minsize="16" maxsize="20"/>
          </DATA>
        </send>
      </command>


      <!-- Sign -->
      <command name="Sign" >
        <DESCR>
          This command signs the hash value sent to the card via PutHash.
        </DESCR>
        <send>
          <APDU lr="0" >
            <ELEM type="dword">0x002a9e9a</ELEM>
          </APDU>
        </send>

        <responses>
          <response type="success">
            <ELEM name="signature" type="bytes" />
          </response>
        </responses>
      </command>


      <!-- Verify -->
      <command name="Verify" >
        <DESCR>
          This command verifies whether given the signature is a valid
          signature of the hash sent to the card via PutHash.
        </DESCR>
        <send>
          <APDU>
            <ELEM type="dword">0x002a00a8</ELEM>
          </APDU>
          <DATA>
            <ELEM name="signature" type="bytes" />
          </DATA>
        </send>
      </command>


      <!-- Challenge -->
      <command name="Challenge" >
        <DESCR>
          This command returns a random value.
        </DESCR>
        <send>
                <APDU>
            <ELEM type="dword">0x00840000</ELEM>
                </APDU>
                </send>
                <responses>
                <response type="success">
                    <ELEM name="random" type="bytes" />
          </response>
        </responses>
      </command>


    </commands>

    
    <!-- generic command responses -->
    <results>
      <result sw1="0x69" sw2="0x82" type="error" >
        Security status not satisfied.
      </result>
      <result sw1="0x69" sw2="0x85" type="error" >
        Condition of use not satisfied.
      </result>
      <result sw1="0x6a" sw2="0x80" type="error" >
        Wrong parameter in data field.
      </result>
      <result sw1="0x6a" sw2="0x81" type="error" >
        Function not supported (wrong parameters P1/P2).
      </result>
      <result sw1="0x6a" sw2="0x88" type="error" >
        Referenced data not found.
      </result>
      <result sw1="0x6f" sw2="0x01" type="error" >
        Public key not complete.
      </result>
      <result sw1="0x6f" sw2="0x03" type="error" >
        Invalid command sequence.
      </result>
      <result sw1="0x6f" sw2="0x05" type="error" >
        No security environment.
      </result>
      <result sw1="0x6f" sw2="0x08" type="error" >
        Signature could not be verified with public key.
      </result>
      <result sw1="0x6f" sw2="0x0a" type="error" >
        Key format list does not match key length.
      </result>
    </results>

  </card>
</cards>