Page Comparison

OpenFIPS201_GET_STATUS_Schema DEFINITIONS IMPLICIT TAGS ::= 
BEGIN

AppletState ::= ENUMERATED {
	selectable	 	(0),
	personalised	(1),
	blocked 		(2),
	terminated  	(127)
}

GetStatusResponse ::= [APPLICATION 19] SEQUENCE {
	appletState		[0] AppletState,
	pinVerified		[1] BOOLEAN,
	pinAlways		[2] BOOLEAN,
	smState			[3] BOOLEAN,
	vciState		[4] BOOLEAN,
	scpState		[5] BOOLEAN,
	contactless		[6] BOOLEAN,
	fipsMode		[7] BOOLEAN
}

END

OpenFIPS201_GET_VERSION_Schema DEFINITIONS IMPLICIT TAGS ::= 
BEGIN

GetVersionResponse ::= [APPLICATION 19] SEQUENCE {
	application	[0] UTF8String (SIZE(0..127)),
	major		[1] INTEGER (0..127),
	minor		[2] INTEGER (0..127),
	revision	[3] INTEGER (0..127),
	debug		[4] BOOLEAN,
	fipsMode	[5] BOOLEAN	
}

END

OpenFIPS201_PUT_DATA_ADMIN_Schema DEFINITIONS IMPLICIT TAGS ::= 
BEGIN

LegacyOperation ::= ENUMERATED {
	undefined	(0),		
	dataObject	(1),
	key			(2)
}  

AccessMode ::= ENUMERATED {
	never		(0),
	pin			(1),  
	pinAlways	(2),
    	occ			(4),  
	userAdmin	(16),
	always		(127)
}

KeyRole ::= ENUMERATED {
	authenticate	(1),
	keyEstablish	(2),
	sign		(4),
	verify		(8),
	encrypt		(16),
	decrypt		(32)
}
  
KeyAttribute ::= ENUMERATED {

	none			(0),
	permitInternal	(2),
	permitExternal	(4),
    permitMutual	(8),
	importable	(16)
}

KeyMechanism ::= ENUMERATED {
	undefined (0),
    tdea192 (3),
	rsa1024 (6),
	rsa2048 (7),
	aes128 (8),
	aes192 (10),
	aes256 (12),
	ecc256 (17),
	ecc384 (20),
	cs2 (39),
	cs7 (46)
}

PinCharSet ::= ENUMERATED {
	numeric				(0),
	alphaCaseVariant 	(1),
	alphaCaseInvariant	(2),
	raw					(3)
}

PinPolicyParameter ::= SEQUENCE {
	enableLocal				[0] BOOLEAN OPTIONAL,	
	enableGlobal			[1] BOOLEAN OPTIONAL,
	preferGlobal			[2] BOOLEAN OPTIONAL,
	permitContactless 		[3] BOOLEAN OPTIONAL,
	minLength				[4] INTEGER (4..32) OPTIONAL,
	maxLength				[5] INTEGER (4..32) OPTIONAL,
	maxRetriesContact 		[6] INTEGER (1..127) OPTIONAL,
	maxRetriesContactless 	[7] INTEGER (1..127) OPTIONAL,	
	charset					[8] PinCharSet OPTIONAL,
	history					[9] INTEGER (0..8) OPTIONAL,
	ruleSequence			[10] INTEGER (0..32) OPTIONAL,
	ruleDistinct			[11] INTEGER (0..32) OPTIONAL
}

PukPolicyParameter ::= SEQUENCE {

	enabled				[0] BOOLEAN OPTIONAL,
	permitContactless 	[1] BOOLEAN OPTIONAL,
	length				[2]	INTEGER (4..32) OPTIONAL,
	retriesContact		[3] INTEGER (1..127) OPTIONAL,
	retriesContactless	[4] INTEGER (1..127) OPTIONAL,
	restrictUpdate		[5] BOOLEAN OPTIONAL
}

VciMode ::= ENUMERATED {
	disabled (0),
	enabled (1),
	requirePairing (2)
}

OccMode ::= ENUMERATED {
	disabled (0),
	enabled (1)
}

VciPolicyParameter ::= SEQUENCE {
	mode			[0] VciMode OPTIONAL
}

OccPolicyParameter ::= SEQUENCE {
	mode			[0] OccMode OPTIONAL
}

OptionsParameter ::= SEQUENCE {
	restrictContactlessGlobal	[0] BOOLEAN OPTIONAL,
	restrictContactlessAdmin	[1] BOOLEAN OPTIONAL,
	restrictEnumeration			[2] BOOLEAN OPTIONAL,
	restrictSingleKey 			[3] BOOLEAN OPTIONAL,
	ignoreContactlessAcl		[4] BOOLEAN OPTIONAL,
	readEmptyDataObject 		[5] BOOLEAN OPTIONAL,
	useRSACRT 					[6] BOOLEAN OPTIONAL
}

PutDataLegacyRequest ::= SEQUENCE {
	operation		[10] LegacyOperation,
	id				[11] OCTET STRING (SIZE(1..3)),
	modeContact		[12] AccessMode,
	modeContactless	[13] AccessMode,
	keyMechanism	[14] KeyMechanism OPTIONAL,
	keyRole			[15] KeyRole OPTIONAL,
	keyAttribute	[16] KeyAttribute OPTIONAL
}

PutDataCreateObjectRequest ::= SEQUENCE {
	id				[11] OCTET STRING (SIZE(1..3)),
	modeContact		[12] AccessMode,
	modeContactless	[13] AccessMode,
	adminKey		[17] INTEGER (0..127) OPTIONAL
}

PutDataDeleteObjectRequest ::= SEQUENCE {
	id				[11] OCTET STRING (SIZE(1..3))
}

PutDataCreateKeyRequest ::= SEQUENCE {
	id				[11] OCTET STRING (SIZE(1)),
	modeContact		[12] AccessMode,
	modeContactless	[13] AccessMode,
	adminKey		[17] INTEGER (0..127) OPTIONAL,
	keyMechanism	[14] KeyMechanism,
	keyRole			[15] KeyRole,
	keyAttribute	[16] KeyAttribute
}

PutDataDeleteKeyRequest ::= SEQUENCE {
	id				[11] OCTET STRING (SIZE(1)),
	keyMechanism	[14] KeyMechanism
}

PutDataUpdateConfigRequest ::= SEQUENCE {
	pinPolicy		[0] PinPolicyParameter OPTIONAL,
	pukPolicy 		[1] PukPolicyParameter OPTIONAL,
	vciPolicy 		[2] VciPolicyParameter OPTIONAL,
	occPolicy 		[3] OccPolicyParameter OPTIONAL,
	options			[4] OptionsParameter OPTIONAL
}

PutDataRequest ::= CHOICE {
	legacyRequest		PutDataLegacyRequest,
	createObjectRequest	[APPLICATION 4] PutDataCreateObjectRequest,
	deleteObjectRequest	[APPLICATION 5] PutDataDeleteObjectRequest,
	createKeyRequest 	[APPLICATION 6] PutDataCreateKeyRequest,
	deleteKeyRequest 	[APPLICATION 7] PutDataDeleteKeyRequest,
	configRequest		[APPLICATION 8] PutDataUpdateConfigRequest
}

PutDataBulkRequest ::= [APPLICATION 10] SEQUENCE OF PutDataRequest

END

OpenFIPS201_CHANGE_REFERENCE_DATA_ADMIN_Schema DEFINITIONS IMPLICIT TAGS ::= 
BEGIN

ChangeReferenceDataKeyRequest ::= SEQUENCE {
	element CHOICE	{
		key		[0] OCTET STRING (SIZE(16..32)),
		rsaN	[1] OCTET STRING (SIZE(128..256)), 	-- The RSA modulus
		rsaE	[2] OCTET STRING (SIZE(3)),			-- The RSA public exponent
		rsaPrsaD	[3] OCTET STRING (SIZE(128..256)),
		rsaQ	[4] OCTET STRING (SIZE(64..128)),
		rsaDP	[5] OCTET STRING (SIZE(64..128)),
		rsaDQ	[6] OCTET STRING (SIZE(64..128)),
		rsaPQ	[7] OCTET STRING (SIZE(64..128)),	-- The RSA private exponent 
		eccW	[86] OCTET STRING (SIZE(32..48)),	-- The point of the curve comprising the public ECC key
		eccS	[97] OCTET STRING (SIZE(32..48)),
		smCVC	[10] OCTET STRING (SIZE(1..256))		-- The secret component of the ECC key
	}
}

END