Skip to main content
Skip table of contents

Encoding description templates in Identity Manager

An encoding description contains the information for the electronic personalization of a card. You import the encoding description from a file. This can be used in Smart ID Identity Manager (PRIME).

This article describes some simple use cases as templates for basic encoding descriptions. These templates are complete in the sense that they can be used "as is", but they cover only simple use-cases.

Create an encoding

To create an encoding:

  1. Copy the code block into a text file and save it with the ending .dsc
  2. Zip the file to create a .dsz
  3. Upload it as you create a new encoding in Identity Manager Admin, see Set up card encoding description template in Identity Manager.
Update an existing encoding

To update an existing encoding:

  1. Copy the code block and insert it in an selected existing encoding in Identity Manager Admin, see Set up card encoding description template in Identity Manager.
Set PIN with JPKIEncoder using Cryptovision middleware

The use case is to set the PIN on an already initialized card, where

  • the PUK is provided from the application
  • the PIN is set by the user locally in a popup showing two fields, so that the user needs to confirm the PIN as well.
  1. Define like this in the encoding description:

    CODE
    [Encoding]
    Type=1024,Chip
    Devices=8710
     
    [Fields]
    PUKField=
     
    [Description]
    PKCS11Library=cvP11.dll
    SetPIN=true
    InitialPUK=PUKField
    PIN=!FROM_USER_DIALOG_2_FIELD
Change PIN with JPKIEncoder using Cryptovision middleware

The use case is to change the PIN on an already initialized card, where

  • the PIN is set by the user locally in a popup showing three fields (Old PIN, New PIN and Confirmation of PIN).
  1. Define like this in the encoding description:

    CODE
    [Encoding]
    Type=1024,Chip
    Devices=8710
     
    [Fields]
     
    [Description]
    PKCS11Library=cvP11.dll
    SetPIN=true
    PIN=!FROM_USER_DIALOG_3_FIELD
Produce a card with CardSDK using a PKCS10 request (= create key pairs on card)

The use case is to:

  • initialize the card,
  • generate two key pairs on the smartcard,
  • request two certificates by PKCS#10 and
  • write them to the card (by use of certificate templates defined in Identity Manager Admin: "authentication": AuthCertificate and "signature": NonRepudiationCertificate),
    • where initial PIN and PUK are provided by the application
  1. Define like this in the encoding description:

    CODE
    [Encoding]
    Type=1024,Chip
    Devices=8710
     
    [Fields]
    AuthCertificate.DN=
    NonRepudiationCertificate.DN=
    PINField=
    PUKField=
     
    [Description]
    PKCS11Library=cvP11.dll
    ; Card initializaion, set initial PIN & PUK provided by server application, hard coded initial label
    InitToken=true
    InitialPUK=PUKField
    SetPin=true
    PIN=PINField
    InitialLabel=#neXus
     
    ClearFields=PINField,PUKField
    Applicationlist=AB
     
    [Application_A]
    CertTempl=AuthCertificate
     
    [Application_B]
    CertTempl=SigCertificate

    See also Certificates and keys in Identity Manager, section "PKCS#10 requests".

Renew a card with CardSDK using Cryptovision middleware

The use case is to:

  • (re-)initialize the card,
  • generate two key pairs on the smartcard,
  • request two certificates by PKCS#10 and
  • write them to the card (by use of certificate templates defined in Identity Manager Admin: "authentication": AuthCertificate and "signature": NonRepudiationCertificate),
    • where initial PUK is provided by the application and PIN is entered by the user.
  1. Define like this in the encoding description:

    CODE
    [Encoding]
    Type=1024,Chip
    Devices=8710
     
    [Fields]
    AuthCertificate.DN=
    AuthCertificate.DN_CN=
    NonRepudiationCertificate.DN=
    NonRepudiationCertificate.DN_CN=
    PUKField=
     
    [Description]
    PKCS11Library=cvP11.dll
     
    ; Card initializaion, set initial PIN & PUK, hard coded initial label
    InitToken=true
    InitialPUK=PUKField
    SetPin=true
    PIN=!FROM_USER_DIALOG_2_FIELD
    InitialLabel=#neXus
     
    ClearFields=PUK_TO_SET
    Applicationlist=AB
     
    [Application_A]
    CertTempl=AuthCertificate
     
    [Application_B]
    CertTempl=NonRepudiationCertificate

Related information

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.