This article describes how to write data objects to smart cards in Identity Manager by defining the encoding description and applying extra attributes to the description file.
Define encoding description
-
Define the encoding description.
[Fields]OBJECT_DATA=USER_NAME=... [Application_A]DataObject=OBJECT_DATALabelExpressionDataObject=Issued for !{USER_NAME}ElementDescriptionDataObject=...Specifies from which defined field the object data is taken. The field's value must be base64 encoded.LabelExpressionDataObject=....The label (CKA_LABEL value) for the data object. It is possible to put the text directly or use the expression language to access fields.
Apply extra attributes
-
Apply extra attributes to handle more complex objects.
Example:[Application_A]
DataObject=OBJECT_DATA
AttributesDataObject=CKA_PRIVATE=TRUE,CKA_APPLICATION="IDM",CKA_OBJECT_ID=1.2.3.4.5,...Supported attributes:
Attribute
Data type
Value (as appearing in the .dsc file)
CKA_PRIVATE
CK_BBOOL
TRUE | FALSE
CKA_COPYABLE
CK_BBOOL
TRUE | FALSE
CKA_MODIFIABLE
CK_BBOOL
TRUE | FALSE
CKA_DESTROYABLE
CK_BBOOL
TRUE | FALSE
CKA_APPLICATION
byte array
For example: "IDM" - quoted text
CKA_OBJECT_ID
byte array
For example: 1.2.3.4.5 - ASN.1 Object Identifier Literal
The support of the attributes depends on the middleware and the version of the middleware.