Class SmartCardHSMInitializer
Class implementing the device initialization methods
Defined in: SmartCardHSM.js.
| Constructor Attributes | Constructor Name and Description |
|---|---|
|
SmartCardHSMInitializer(card)
Initialize SmartCard-HSM
|
| Method Attributes | Method Name and Description |
|---|---|
|
Perform Initialization
|
|
|
setBioTemplate(slot, aid, param)
Select the biometric matching server for a one of the biometric templates
|
|
|
setCombinedAuthenticationMode(enable)
Enable the combined authentication mode of user pin and public key authentication.
|
|
|
setDKEKShares(keyshares)
Set the number of DKEK shares
|
|
|
setInitializationCode(initializationCode)
Set the initialization code
|
|
|
setKeyDomains(keyDomains)
Set the number of key domains
|
|
|
setLabel(label)
Set the label to be written to a minimal CIAInfo in EF 2F03
|
|
|
setProvisioningURL(provisioningURL)
Set the provisioning URL to be written to fixed parameter in CB00.
|
|
|
setPublicKeyAuthenticationParameter(requiredPublicKeysForAuthentication, numberOfPublicKeys)
Set parameter for public key authentication with n-of-m scheme, namely the values for n and m
|
|
|
setReplacePKAKeyMode(enable)
Enable or disable replacing of a PKA key
|
|
|
setResetRetryCounterMode(enable)
Enable or disable RESET RETRY COUNTER command
|
|
|
setResetRetryCounterResetOnlyMode(resetOnly)
If enabled RESET RETRY COUNTER only resets the error counter.
|
|
|
setRetryCounterInitial(retryCounterInitial)
Set the retry counter
The SmartCard-HSM enforces a retry counter <= 3 for PIN length 6
The SmartCard-HSM enforces a retry counter <= 5 for PIN length 7
The SmartCard-HSM enforces a retry counter <= 10 for PIN length larger than 7
|
|
|
Enable or disable session PIN mode
|
|
|
setTokenManagementKey(kcv, salt)
Set the key check value of the token management key and the optional salt
used for SO-PIN derivation
|
|
|
setTransportPINMode(enable)
Enable or disable transport PIN mode
|
|
|
setUserPIN(userPIN)
Set the User PIN
|
Class Detail
SmartCardHSMInitializer(card)
Initialize SmartCard-HSM
- Parameters:
- {Card} card
- the card object
Method Detail
initialize()
Perform Initialization
setBioTemplate(slot, aid, param)
Select the biometric matching server for a one of the biometric templates
- Parameters:
- {Number} slot
- either 0 or 1 for first or second template
- {ByteString} aid
- the application identifier of the on-card biometric server
- {Number} param
- one byte parameter passed to the server during initialization
setCombinedAuthenticationMode(enable)
Enable the combined authentication mode of user pin and public key authentication.
- Parameters:
- {Boolean} enable
- true (non-default) to require public key authentication and user authentication
setDKEKShares(keyshares)
Set the number of DKEK shares
- Parameters:
- {Number} keyshares
- number of DKEK shares in the range 0 to 255
setInitializationCode(initializationCode)
Set the initialization code
- Parameters:
- {ByteString} initializationCode
- an 8 byte code
setKeyDomains(keyDomains)
Set the number of key domains
- Parameters:
- {Number} keyDomains
- number of key domains
setLabel(label)
Set the label to be written to a minimal CIAInfo in EF 2F03
- Parameters:
- {String} label
- the label
setProvisioningURL(provisioningURL)
Set the provisioning URL to be written to fixed parameter in CB00.
- Parameters:
- {String} provisioningURL
- the URL at which this SE will be provisioned
setPublicKeyAuthenticationParameter(requiredPublicKeysForAuthentication, numberOfPublicKeys)
Set parameter for public key authentication with n-of-m scheme, namely the values for n and m
- Parameters:
- {Number} requiredPublicKeysForAuthentication
- number of key that must be authenticated for access
- {Number} numberOfPublicKeys
- to register
setReplacePKAKeyMode(enable)
Enable or disable replacing of a PKA key
- Parameters:
- {Boolean} enable
- true (non-default) to allow replacing of a PKA key
setResetRetryCounterMode(enable)
Enable or disable RESET RETRY COUNTER command
- Parameters:
- {Boolean} enable
- true (default) to allow RESET RETRY COUNTER command to reset user PIN using the initialization code
setResetRetryCounterResetOnlyMode(resetOnly)
If enabled RESET RETRY COUNTER only resets the error counter.
Otherwise RRC allows changing the PIN
- Parameters:
- {Boolean} resetOnly
- true to only reset the error counter, false otherwise (default)
setRetryCounterInitial(retryCounterInitial)
Set the retry counter
The SmartCard-HSM enforces a retry counter <= 3 for PIN length 6
The SmartCard-HSM enforces a retry counter <= 5 for PIN length 7
The SmartCard-HSM enforces a retry counter <= 10 for PIN length larger than 7
- Parameters:
- {Number} retryCounterInitial
- in the range 1 to 10.
setSessionPINMode(0)
Enable or disable session PIN mode
- Parameters:
- {Number} 0
- - disable, 1 - enable with clear-on-reset 3 - enable with explicit clearing
setTokenManagementKey(kcv, salt)
Set the key check value of the token management key and the optional salt
used for SO-PIN derivation
- Parameters:
- {ByteString} kcv
- the key check value of the token management key
- {ByteString} salt
- the salt used to derive the SO-PIN
setTransportPINMode(enable)
Enable or disable transport PIN mode
- Parameters:
- {Boolean} enable
- true (non-default) to set user PIN to transport state
setUserPIN(userPIN)
Set the User PIN
- Parameters:
- {ByteString} userPIN
- a 6 to 16 byte code