Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

An encoding description contains the information for the electronic personalization of a card. You import the encoding description from a file. 

This article describes some simple use cases as templates for basic encoding descriptions. These templates are complete in the sense that they can be used "as is", but they cover only simple use-cases. This can be used in Nexus PRIME.

 Create an encoding

To create an encoding:

  1. Copy the code block into a text file and save it with the ending .dsc
  2. Zip the file to create a .dsz
  3. Upload it as you create a new encoding in PRIME Designer, see Set up card encoding description template in Identity Manager.
 Update an existing encoding

To update an existing encoding:

  1. Copy the code block and insert it in an selected existing encoding in PRIME Designer, see Set up card encoding description template in Identity Manager.
 Set PIN with JPKIEncoder using Cryptovision middleware

The use case is to set the PIN on an already initialized card, where

  • the PUK is provided from the application
  • the PIN is set by the user locally in a popup showing two fields, so that the user needs to confirm the PIN as well.
  1. Define like this in the encoding description:

    [Encoding]
    Type=1024,Chip
    Devices=8710
     
    [Fields]
    PUKField=
     
    [Description]
    PKCS11Library=cvP11.dll
    SetPIN=true
    InitialPUK=PUKField
    PIN=!FROM_USER_DIALOG_2_FIELD
 Change PIN with JPKIEncoder using Cryptovision middleware

The use case is to change the PIN on an already initialized card, where

  • the PIN is set by the user locally in a popup showing three fields (Old PIN, New PIN and Confirmation of PIN).
  1. Define like this in the encoding description:

    [Encoding]
    Type=1024,Chip
    Devices=8710
     
    [Fields]
     
    [Description]
    PKCS11Library=cvP11.dll
    SetPIN=true
    PIN=!FROM_USER_DIALOG_3_FIELD
 Produce a card with CardSDK using a PKCS10 request (= create key pairs on card)

The use case is to:

  • initialize the card,
  • generate two key pairs on the smartcard,
  • request two certificates by PKCS#10 and
  • write them to the card (by use of certificate templates defined in PRIME Designer: "authentication": AuthCertificate and "signature": NonRepudiationCertificate),
    • where initial PIN and PUK are provided by the application
  1. Define like this in the encoding description:

    [Encoding]
    Type=1024,Chip
    Devices=8710
     
    [Fields]
    AuthCertificate.DN=
    NonRepudiationCertificate.DN=
    PINField=
    PUKField=
     
    [Description]
    PKCS11Library=cvP11.dll
    ; Card initializaion, set initial PIN & PUK provided by server application, hard coded initial label
    InitToken=true
    InitialPUK=PUKField
    SetPin=true
    PIN=PINField
    InitialLabel=#neXus
     
    ClearFields=PINField,PUKField
    Applicationlist=AB
     
    [Application_A]
    CertTempl=AuthCertificate
     
    [Application_B]
    CertTempl=SigCertificate

    See also Certificates and keys in Identity Manager, section "PKCS#10 requests".

 Renew a card with CardSDK using Cryptovision middleware

The use case is to:

  • (re-)initialize the card,
  • generate two key pairs on the smartcard,
  • request two certificates by PKCS#10 and
  • write them to the card (by use of certificate templates defined in PRIME Designer: "authentication": AuthCertificate and "signature": NonRepudiationCertificate),
    • where initial PUK is provided by the application and PIN is entered by the user.
  1. Define like this in the encoding description:

    [Encoding]
    Type=1024,Chip
    Devices=8710
     
    [Fields]
    AuthCertificate.DN=
    AuthCertificate.DN_CN=
    NonRepudiationCertificate.DN=
    NonRepudiationCertificate.DN_CN=
    PUKField=
     
    [Description]
    PKCS11Library=cvP11.dll
     
    ; Card initializaion, set initial PIN & PUK, hard coded initial label
    InitToken=true
    InitialPUK=PUKField
    SetPin=true
    PIN=!FROM_USER_DIALOG_2_FIELD
    InitialLabel=#neXus
     
    ClearFields=PUK_TO_SET
    Applicationlist=AB
     
    [Application_A]
    CertTempl=AuthCertificate
     
    [Application_B]
    CertTempl=NonRepudiationCertificate
  • No labels