
* Samples CardOS 5.3 (R&S)

00a4040c0ca000000063504b43532d3135
00a4020c025032
00a4020c025031
00a4020c024404


00b2010400


a006300404024400 private key
a106300404024401 public keys
a306300404024403 secret keys
a406300404024404 certs
a706300404024407 data obj
a806300404024408 auth obj


CDF 4404: id=46838A62E2C9E6A5D253132BBD9EB0C1CF822C27 path=4304/4301[0/1014]
CDF 4404: id=D8319F94426EF36969B7C149BC94FDD9E089A90C path=4304/4302[0/1437]

PuKDF 4401: id=69AE183E6D5BF45B98872C569506326C76AF460F path=5075/4B01
            usage=verify
PrKDF 4400: id=A77BC23FC3795A109343EB8894EE84AFD08C086B path=5072/4B01 keyref=0x01
            usage=decrypt,sign
PrKDF 4400: id=85D4C6FA5A47243C4454776EAF09BCACCC3A1691 path=5072/4B02 authid=01 keyref=0x02
            usage=decrypt,sign
PrKDF 4400: id=69AE183E6D5BF45B98872C569506326C76AF460F path=5072/4B03 authid=01 keyref=0x03
            usage=sign
PrKDF 4400: id=D8319F94426EF36969B7C149BC94FDD9E089A90C
            path=5072/4B04 authid=01 keyref=0x04
            usage=decrypt,sign
AODF 4408: id=01 authid=02 pinref=0x01 min=4 stored=0 max=16
           flags=case_sensitive,initialized type=utf8
AODF 4408: id=02 pinref=0x02 min=4 stored=0 max=16
           flags=case_sensitive,unblock_disabled,initialized,so_pin type=utf8
AODF 4408: id=04 authid=02 pinref=0x85 min=4 stored=0 max=16
           flags=case_sensitive,local,initialized type=utf8
AODF 4408: id=03 authid=02 pinref=0x84 min=4 stored=0 max=16
           flags=case_sensitive,local,initialized type=utf8
(error parsing AODF record (1844): authKey auth types are not supported)


Certificate id=D8319F94426EF36969B7C149BC94FDD9E089A90C
  serial....: (#0195AE#)
  issuer....: `C=DE,ST=Saarland,L=Saarbrücken,O=TOM Team Debug License,CN=BLA CAR'
  subject...: `O=TES Test,OU=Users,CN=InvalidUser,1.3.6.1.4.1.30205.13.3.1=#496E76616C696455736572'
  notBefore.: 2021-01-17 12:24:24
  notAfter..: 2024-01-18 12:24:24
  hash algo.: 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
Extn: 2.5.29.19 (basicConstraints) at 827 with length 2 (critical)
Extn: 2.5.29.35 (authorityKeyIdentifier) at 838 with length 24
Extn: 2.5.29.15 (keyUsage) at 874 with length 4 (critical)
Extn: 2.5.29.37 (extKeyUsage) at 890 with length 15 (critical)
SubjectKeyIdentifier: none
AuthorityKeyIdentifier:
         keyIdentifier: (#A0F30D2287E40E833101D1D64691BB57196E32C1#)
KeyUsage: keyEncipherment
ExtKeyUsages: 1.3.6.1.4.1.30205.13.1.1  :C:
CertificatePolicies: none


Data Objects (4407):
  0  50: SEQUENCE {
  2  30:   SEQUENCE {
  4   8:     UTF8String 'cardapps'
 14   2:     BIT STRING 6 unused bits
       :       '11'B
 18  14:     SEQUENCE {
 20  12:       SEQUENCE {
 22   2:         BIT STRING 6 unused bits
       :           '10'B (bit 1)
 26   6:         [2] {
 28   1:           OCTET STRING 01
 31   1:           OCTET STRING 08
       :           }
       :         }
       :       }
       :     }
 34   0:   SEQUENCE {}
 36  14:   [1] {
 38  12:     SEQUENCE {
 40   4:       OCTET STRING 44 44 44 01
 46   1:       INTEGER 0
 49   1:       [0] 08
       :       }
       :     }
       :   }


  0  48: SEQUENCE {
  2  28:   SEQUENCE {
  4   6:     UTF8String 'cardcf'
 12   2:     BIT STRING 6 unused bits
       :       '11'B
 16  14:     SEQUENCE {
 18  12:       SEQUENCE {
 20   2:         BIT STRING 6 unused bits
       :           '10'B (bit 1)
 24   6:         [2] {
 26   1:           OCTET STRING 01
 29   1:           OCTET STRING 08
       :           }
       :         }
       :       }
       :     }
 32   0:   SEQUENCE {}
 34  14:   [1] {
 36  12:     SEQUENCE {
 38   4:       OCTET STRING 44 44 44 02
 44   1:       INTEGER 0
 47   1:       [0] 06
       :       }
       :     }
       :   }

  0  61: SEQUENCE {
  2  41:   SEQUENCE {
  4  32:     UTF8String '840b8a098d582647778e25a8465c5601'
 38   2:     BIT STRING 6 unused bits
       :       '11'B
 42   1:     OCTET STRING 01
       :     }
 45   0:   SEQUENCE {}
 47  14:   [1] {
 49  12:     SEQUENCE {
 51   4:       OCTET STRING 44 44 44 03
 57   1:       INTEGER 0
 60   1:       [0] 17
       :       }
       :     }
       :   }

  0  61: SEQUENCE {
  2  41:   SEQUENCE {
  4  32:     UTF8String '51408eadce4ce66bb9cfc2be6194460e'
 38   2:     BIT STRING 6 unused bits
       :       '11'B
 42   1:     OCTET STRING 01
       :     }
 45   0:   SEQUENCE {}
 47  14:   [1] {
 49  12:     SEQUENCE {
 51   4:       OCTET STRING 44 44 44 04
 57   1:       INTEGER 0
 60   1:       [0] 18
       :       }
       :     }
       :   }



* CardOS 5.0 sample:

p15: TokenInfo:
p15:  serialNumber .: 16020437ab000e4223
p15:  manufacturerID: www.atos.net/cardos
p15:  label ........: Wurms__WilfriedWurms.Wilfried
p15:  tokenflags ...: loginRequired prnGeneration
p15:  atr ..........: 3bd218008131fe58c90114
p15:  cardtype .....: 3.0


a006300404024400
a106300404024401
a306300404024403
a406300404024404
a706300404024407
a806300404024408



  CDF 4404: id=0D8437D6776F065E1A704649203B4808C8F83D2E
            path=4304/4301[0/1451]
PrKDF 4400: id=FF34A9B3647144C98146D8F700DA7BB5
            path=5072/4B01 keyref=0x01
             usage=decrypt,sign
PrKDF 4400: id=53613A6BFC8E48E8A618BF00F114D9C7
            path=5072/4B02 authid=01 keyref=0x02
             usage=decrypt,sign,unwrap
PrKDF 4400: id=59A807DB8D1CAF65F99857F42EB8AEEBCF1F9DBB
            path=5072/4B03 authid=01 keyref=0x03
            usage=decrypt,sign,unwrap
AODF 4408: id=01 authid=02 pinref=0x81 min=4 stored=0 max=16
           flags=case_sensitive,initialized type=utf8
AODF 4408: id=02 pinref=0x82 min=4 stored=0 max=16
           flags=case_sensitive,unblock_disabled,initialized,so_pin type=utf8
AODF 4408: id=04 authid=02 pinref=0x85 min=4 stored=0 max=16
           flags=case_sensitive,local,initialized type=utf8
AODF 4408: id=03 authid=02 pinref=0x84 min=4 stored=0 max=16
           flags=case_sensitive,local,initialized type=utf8
AODF record at 2284: authKey auth types are not supported - skipped

0823
a121300f0c0941646d696e204b6579030206c03003040108
a1093007040543524b3031

           ID: 0x4AA7AC8D
          S/N: 2BC235
        (dec): 2867765
       Issuer: C=DE,ST=Hessen,L=Kassel L13,O=Rheinmetall C37,OU=RMMV,CN=RMMV NCP C37 CA
      Subject: O=Rheinmetall MAN Military Vehicles - RMMV.lcl,OU=RMMV.lcl,CN=Wurms\, Wilfried,1.2.840.113549.1.9.1=#57696C66726965642E5775726D7340726865696E6D6574616C6C2E636F6D
          aka: <Wilfried.Wurms@rheinmetall.com>
     sha2_fpr: D6:3A:D3:63:7C:E0:B6:F0:B1:3F:2F:7D:A6:95:22:7D:7E:DE:77:B6:E5:3D:17:CF:8A:FD:39:A7:14:1A:26:38
     sha1_fpr: 08:00:A0:89:47:98:DE:17:17:82:60:4E:23:C6:D0:90:4A:A7:AC:8D
      md5_fpr: 8C:02:0F:B5:4D:8A:35:D4:CD:1E:1B:F8:F0:57:F1:99
       certid: 1602D2A0166F89B40EA56EEBD73E806819C1031B.2BC235
      keygrip: CE7C7781485ED1F6AB705F308CD8298D6A3A6767
    notBefore: 2018-07-17 07:30:26
     notAfter: 2022-07-17 07:30:26
     hashAlgo: 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
      keyType: rsa2048
    subjKeyId: [none]
    authKeyId: 0157953301A1
               C=DE,ST=Hessen,L=Kassel L13,O=Rheinmetall C37,OU=RMMV,CN=RMMV NCP C37 CA
 authKeyId.ki: A161297C52A0DD56E991304AC1DF57094762B34D
     keyUsage: keyEncipherment
  extKeyUsage: ipsecEndSystem (suggested)
               ipsecIKE (suggested)
               ipsecTunnel (suggested)




p15: PrKDF 4400: id=D8319F94426EF36969B7C149BC94FDD9E089A90C (51408eadce4ce66bb9cfc2be6194460e)
p15:             path=5072/4B04 authid=01 keyref=0x04
p15:             access=never_extractable,local
p15:             usage=decrypt,sign
p15:             extusage=
p15: PrKDF 4400: id=85D4C6FA5A47243C4454776EAF09BCACCC3A1691 (TransportKey)
p15:             path=5072/4B02 authid=01 keyref=0x02
p15:             access=never_extractable,local
p15:             usage=decrypt,sign
p15: PrKDF 4400: id=A77BC23FC3795A109343EB8894EE84AFD08C086B (IdentityKey)
p15:             path=5072/4B01 keyref=0x01
p15:             access=never_extractable,local
p15:             usage=decrypt,sign



==============
slot 0: ATR=3bd218008131fe58c90316
p15: TokenInfo:
p15:  serialNumber .: 160209155b0013131d
p15:  manufacturerID: www.atos.net/cardos
p15:  label ........: g10_Code104541
p15:  tokenflags ...: loginRequired prnGeneration
p15:  atr ..........: 3bd218008131fe58c90316
p15:  cardtype .....: 4.0 (CardOS 5.3)
p15: CDF-c 4404: id=555B8273B29B038E419E12C11925996C77DC0B79 (16d734b83497f0e487a38f901162727c)
p15:             path=4304/4301[0/832]
p15: CDF-c 4404: id=2EC1487DA57701060D8479F6851F7140071FBC6E (7c749443f632857ef2ae67275b0cfa4a)
p15:             path=4304/4302[0/818]
p15: PuKDF 4401: id=555B8273B29B038E419E12C11925996C77DC0B79 (16d734b83497f0e487a38f901162727c)
p15:             path=5075/4B01
p15:             access=
p15:             usage=verify
p15: PuKDF 4401: id=2EC1487DA57701060D8479F6851F7140071FBC6E (7c749443f632857ef2ae67275b0cfa4a)
p15:             path=5075/4B02
p15:             access=
p15:             usage=verify
p15: AODF 4408:  id=01 (PIN)
p15:             authid=02 pinref=0x01 min=4 stored=0 max=16
p15:             flags=case_sensitive,initialized,type=utf8
p15: AODF 4408:  id=02 (SO-PIN)
p15:             pinref=0x02 min=4 stored=0 max=16
p15:             flags=case_sensitive,unblock_disabled,initialized,so_pin,type=utf8
p15: error parsing AODF record at 2565: authKey auth types are not supported - skipped
p15: AODF 4408:  id=04 (Extra_PIN_#1)
p15:             authid=02 pinref=0x85 min=4 stored=0 max=16
p15:             flags=case_sensitive,local,initialized,type=utf8
p15: AODF 4408:  id=03 (Extra_PIN_#0)
p15:             authid=02 pinref=0x84 min=4 stored=0 max=16
p15:             flags=case_sensitive,local,initialized,type=utf8
DBG: p15: prkdf id= 2ec1487da57701060d8479f6851f7140071fbc6e
DBG: p15: ExtKeyUsages: 1.3.6.1.4.1.11591.2.6.3:N:
DBG: p15: prkdf id= 555b8273b29b038e419e12c11925996c77dc0b79
DBG: p15: ExtKeyUsages: 1.3.6.1.4.1.11591.2.6.1:N:\n1.3.6.1.4.1.11591.2.6.2:N:
DBG: p15: prkdf id= 3fc5f55d3c58c883526175060cd65e894f5d94cb
DBG: p15: prkdf id= 3ef161b581bd4a47e072eee1f5073a55e2f02005
p15: PrKDF 4400: id=2EC1487DA57701060D8479F6851F7140071FBC6E (7c749443f632857ef2ae67275b0cfa4a)
p15:             path=5072/4B04 authid=01 keyref=0x04
p15:             access=local
p15:             usage=sign,derive
p15:             gpgusage=encr
p15: PrKDF 4400: id=555B8273B29B038E419E12C11925996C77DC0B79 (16d734b83497f0e487a38f901162727c)
p15:             path=5072/4B03 authid=01 keyref=0x03
p15:             access=local
p15:             usage=sign,derive
p15:             gpgusage=cert,sign
p15: PrKDF 4400: id=3FC5F55D3C58C883526175060CD65E894F5D94CB (TransportKey)
p15:             path=5072/4B02 authid=01 keyref=0x02
p15:             access=never_extractable,local
p15:             usage=decrypt,sign
p15: PrKDF 4400: id=3EF161B581BD4A47E072EEE1F5073A55E2F02005 (IdentityKey)
p15:             path=5072/4B01 keyref=0x01
p15:             access=never_extractable,local
p15:             usage=decrypt,sign
