An encoding description contains the information for the electronic personalization of a card. You import the encoding description from a file. This can be used in Smart ID Identity Manager (PRIME).
This article describes some simple use cases as templates for basic encoding descriptions. These templates are complete in the sense that they can be used "as is", but they cover only simple use-cases.
Set PIN with JPKIEncoder using Cryptovision middleware
The use case is to set the PIN on an already initialized card, where
- the PUK is provided from the application
- the PIN is set by the user locally in a popup showing two fields, so that the user needs to confirm the PIN as well.
Define like this in the encoding description:
CODE
[Encoding]
Type=1024,Chip
Devices=8710
[Fields]
PUKField=
[Description]
PKCS11Library=cvP11.dll
SetPIN=true
InitialPUK=PUKField
PIN=!FROM_USER_DIALOG_2_FIELD
Change PIN with JPKIEncoder using Cryptovision middleware
The use case is to change the PIN on an already initialized card, where
- the PIN is set by the user locally in a popup showing three fields (Old PIN, New PIN and Confirmation of PIN).
Define like this in the encoding description:
CODE
[Encoding]
Type=1024,Chip
Devices=8710
[Fields]
[Description]
PKCS11Library=cvP11.dll
SetPIN=true
PIN=!FROM_USER_DIALOG_3_FIELD
Produce a card with CardSDK using a PKCS10 request (= create key pairs on card)
The use case is to:
- initialize the card,
- generate two key pairs on the smartcard,
- request two certificates by PKCS#10 and
- write them to the card (by use of certificate templates defined in Identity Manager Admin: "authentication": AuthCertificate and "signature": NonRepudiationCertificate),
- where initial PIN and PUK are provided by the application
Define like this in the encoding description:
CODE
[Encoding]
Type=1024,Chip
Devices=8710
[Fields]
AuthCertificate.DN=
NonRepudiationCertificate.DN=
PINField=
PUKField=
[Description]
PKCS11Library=cvP11.dll
; Card initializaion, set initial PIN & PUK provided by server application, hard coded initial label
InitToken=true
InitialPUK=PUKField
SetPin=true
PIN=PINField
InitialLabel=#neXus
ClearFields=PINField,PUKField
Applicationlist=AB
[Application_A]
CertTempl=AuthCertificate
[Application_B]
CertTempl=SigCertificate
See also Certificates and keys in Identity Manager, section "PKCS#10 requests".
Renew a card with CardSDK using Cryptovision middleware
The use case is to:
- (re-)initialize the card,
- generate two key pairs on the smartcard,
- request two certificates by PKCS#10 and
- write them to the card (by use of certificate templates defined in Identity Manager Admin: "authentication": AuthCertificate and "signature": NonRepudiationCertificate),
- where initial PUK is provided by the application and PIN is entered by the user.
Define like this in the encoding description:
CODE
[Encoding]
Type=1024,Chip
Devices=8710
[Fields]
AuthCertificate.DN=
AuthCertificate.DN_CN=
NonRepudiationCertificate.DN=
NonRepudiationCertificate.DN_CN=
PUKField=
[Description]
PKCS11Library=cvP11.dll
; Card initializaion, set initial PIN & PUK, hard coded initial label
InitToken=true
InitialPUK=PUKField
SetPin=true
PIN=!FROM_USER_DIALOG_2_FIELD
InitialLabel=#neXus
ClearFields=PUK_TO_SET
Applicationlist=AB
[Application_A]
CertTempl=AuthCertificate
[Application_B]
CertTempl=NonRepudiationCertificate