2.9 KiB
Notes on CIPURSE card
Table of Contents
Documentation
^Top
full documentation accessible from osptalliance
Infineon cipurse card SLS 32TLC100(M)
Source code
^Top
Communication channel with a card
^Top
The card has two secure channels - the reader to the card and the card to the reader.
And each channel has 3 modes: open, MACed, Encrypted.
After authentication reader can specify the mode for each channel for each command.
Card answers if the mode that sets by the reader matches the mode of the file and the command matches the key via an access list.
Card architecture
^Top
The card has one master file with FID 0x3f00 that works as the root node.
The card has several applications inside the master file and the applications may have files. There are PxSE (special type) applications that work as an applications directory.
Each application has keys and an access control list that sets what commands can be issued in the session that authenticates with a specific key.
Master file have keys and an access control list that works at the card level.
Each file can only have an access control list that specifies what operation the key can do with this file.
How to
How to personalize card
-
Format card (if it needs)
hf cipurse formatall -
Create create PxSE file
hf cipurse create -d 9200123F00200008000062098407A0000005070100This command creates PTSE file with FID 0x2000, AID A0000005070100, and space for 8 AIDs -
Create application file
hf cipurse create -d 92002438613F010A05020000FFFFFF021009021009621084054144204631D407A0000005070100A00F2873737373737373737373737373737373015FD67B000102030405060708090A0B0C0D0E0F01C6A13BThis command creates application with FID 0x3F01, AID 4144204631, app type 61, max files count 10, max SFID count 5, minimum command's group security levels plain/plain/plain/plain (0000), access rights: all two keys can do anything (FFFFFF), key attributes 021009, 2 keys:73..73(add. info 01 / kvv 5FD67B),0001..0e0f(01/C6A13B), register in the PxSE A0000005070100