Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Write data objects to smart cards

Owned by Ylva Andersson
Last updated: Nov 24, 2023
1 min read

This article describes how to write data objects to smart cards in Identity Manager by defining the encoding description and applying extra attributes to the description file. 

 Define encoding description
  • Define the encoding description. 
    [Fields]
    OBJECT_DATA=
    USER_NAME=
    ...
      
    [Application_A]
    DataObject=OBJECT_DATA
    LabelExpressionDataObject=Issued for !{USER_NAME}
    ElementDescription
    DataObject=...Specifies from which defined field the object data is taken. The field's value must be base64 encoded.
    LabelExpressionDataObject=....The label (CKA_LABEL value) for the data object. It is possible to put the text directly or use the expression language to access fields.
 Apply extra attributes

  • Apply extra attributes to handle more complex objects.
    Example:

    [Application_A]
    DataObject=OBJECT_DATA
    AttributesDataObject=CKA_PRIVATE=TRUE,CKA_APPLICATION="IDM",CKA_OBJECT_ID=1.2.3.4.5,...

    Supported attributes:

    AttributeData typeValue (as appearing in the .dsc file)
    CKA_PRIVATECK_BBOOLTRUE | FALSE
    CKA_COPYABLECK_BBOOLTRUE | FALSE
    CKA_MODIFIABLECK_BBOOLTRUE | FALSE
    CKA_DESTROYABLECK_BBOOLTRUE | FALSE
    CKA_APPLICATIONbyte arrayFor example: "IDM" - quoted text
    CKA_OBJECT_IDbyte arrayFor example: 1.2.3.4.5 - ASN.1 Object Identifier Literal

The support of the attributes depends on the middleware and the version of the middleware.



Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions