ActivID Applet v2-based Profiles

Generic 72-80K PIN SC Java Card – AI 1024-2048 (4)

Standard Profile with ActivID Applet v2.6.2b, 7 PKI SC, 2 PKI PIN

  • Unique Identifier (stored in the card): 201100000000000000000123

  • 7 PKI download done on the server

  • 2 PKI download done on the client

  • GC standard configuration

  • SKI download by the server

  • Unlock done via XAUTH

  • Multiple CA Trust Chain certificates downloadable from the ActivID CMS server(*)

(*) A specific container is created in the profile to store the certificate trust chain(s). A new ActivID CMS static credential collection plug-in, CaCerts, is used to load all the CA certificates (.p7b or .cer files) onto the smart card.

Note: Trust Chain length is limited to around 9 KB after compression.

The certificate chains are imported from all p7b and cer files present in a specific folder, specified in the device profile as “cacert_path”:

Copy 
<p:staticcredentialplugin name="CaCerts" type="CaCertsV2Plugin">
            <p:params>
                        <p:param name="CA cert" type="String" key="cacert_path" visible="false">
                                    <p:value>../cacerts</p:value>
                        </p:param>
            </p:params>
</p:staticcredentialplugin>

The cacert_path can be an absolute path (for example, /cms_conf/CA_certificates_for_profile_1) or a relative path. Relative paths are relative to the HID CMS installation folder (for example, Program Files\HID Global\Credential Management System\wildfly). Therefore, for example, ../cacerts would lead to C:\Program Files\HID Global\Credential Management System\cacerts.

For multiple trust chains, different trust chains can be specified for different device policies by duplicating the section <p:staticcredentialplugin name="CaCerts" type="CaCertsV2Plugin"> found in the profile and by editing each cacert_path.

In this case, the staticcredentialplugin name must be unique whereas the value of the staticcredentialplugin name must be changed.

For example, the second name could be CaCerts2 – this name will be reused when defining a new device policy, corresponding to the new CA cert source folder.

Supported Devices

Supported Pre-Issuance IDs

HID Crescendo C1100 (JCOP v2.4.1 R3)

Description

Test Cards

Manufacturer Key Set

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_ENC

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_MAC

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_KEK

Diversification

NONE

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000074

PhysicalDescriptionID

000000000B

PackageConfigID

FREE

Contact RequirementID

0000000020

Contact KeyConfigID

0000000092

Contact LogicalDescription

0000000040

Contactless RequirementID

0000000020

Contactless KeyConfigID

0000000092

Contactless LogicalDescription

0000000040

Description

Production Cards

Manufacturer Key Set

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_ENC

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_MAC

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000074

PhysicalDescriptionID

000000000B

PackageConfigID

FREE

Contact RequirementID

0000000020

Contact KeyConfigID

0000000093

Contact LogicalDescription

0000000040

Contactless RequirementID

0000000020

Contactless KeyConfigID

0000000093

Contactless LogicalDescription

0000000040

Generic 128K PIN SC Java Card – AI 1024-2048

Standard Profile with ActivID Applet v2.6.2b

  • Unique Identifier (stored in the card): 2011000000000000000000EE

  • 8 PKI (1024/2048-bit keys) download done on the server

  • 4 PKI (1024/2048-bit keys) download done on the client

  • Support BOOTDISKCRYPT credentials

  • SKI synchronous & asynchronous, download by the server

  • CA root certificate downloadable by the server

Supported Devices

Supported Pre-Issuance IDs

G&D SmartCafe Expert v3.2 144K

Description

Test Cards

Manufacturer Key Set

KMC_CM_GDA_GENERIC_TEST_OPSC_1_ENC

KMC_CM_GDA_GENERIC_TEST_OPSC_1_MAC

KMC_CM_GDA_GENERIC_TEST_OPSC_1_KEK

Diversification

NONE

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

GDA-01

CardProductID

0000000030

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000080

Contact LogicalDescription

0000000029

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000080

Contactless LogicalDescription

0000000029

Description

Production Cards

Manufacturer Key Set

KMC_CM_GDA_GENERIC_PROD_OPSC_1_ENC

KMC_CM_GDA_GENERIC_PROD_OPSC_1_MAC

KMC_CM_GDA_GENERIC_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

GDA-01

CardProductID

0000000030

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000081

Contact LogicalDescription

0000000029

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000081

Contactless LogicalDescription

0000000029

Oberthur ID-One Cosmo v7.0-n 128K

Description

Test Cards

Manufacturer Key Set

KMC_CM_OCS_GENERIC_TEST_OPSC_1_ENC

KMC_CM_OCS_GENERIC_TEST_OPSC_1_MAC

KMC_CM_OCS_GENERIC_TEST_OPSC_1_KEK

Diversification

GP211

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Oberthur-01

CardProductID

0000000061

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000082

Contact LogicalDescription

000000002A

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000082

Contactless LogicalDescription

000000002A

Description

Production Cards

Manufacturer Key Set

KMC_CM_OCS_GENERIC_PROD_OPSC_1_ENC

KMC_CM_OCS_GENERIC_PROD_OPSC_1_MAC

KMC_CM_OCS_GENERIC_PROD_OPSC_1_KEK

Diversification

GP211

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Oberthur-01

CardProductID

0000000061

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000083

Contact LogicalDescription

000000002A

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000083

Contactless LogicalDescription

000000002A

Gemalto TOP DL GX4 FIPS

Description

Test Cards

Manufacturer Key Set

KMC_CM_GEMA_GENERIC_TEST_OPSC_1_ENC

KMC_CM_GEMA_GENERIC_TEST_OPSC_1_MAC

KMC_CM_GEMA_GENERIC_TEST_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Gemplus-01

CardProductID

0000000017

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

000000008B

Contact LogicalDescription

2010000026

Contactless RequirementID

0000000007

Contactless KeyConfigID

000000008B

Contactless LogicalDescription

2010000026

Description

Production Cards

Manufacturer Key Set

KMC_CM_GEMA_GENERIC_PROD_OPSC_1_ENC

KMC_CM_GEMA_GENERIC_PROD_OPSC_1_MAC

KMC_CM_GEMA_GENERIC_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Gemplus-01

CardProductID

0000000017

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

000000008C

Contact LogicalDescription

2010000026

Contactless RequirementID

0000000007

Contactless KeyConfigID

000000008C

Contactless LogicalDescription

2010000026

HID pivCLASS v1.0 (JCOP v2.4.2 R0)

Description

Test Cards

Manufacturer Key Set

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_ENC

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_MAC

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_KEK

Diversification

NONE

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000071

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000092

Contact LogicalDescription

0000000040

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000092

Contactless LogicalDescription

0000000040

Description

Production Cards

Manufacturer Key Set

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_ENC

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_MAC

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000071

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000093

Contact LogicalDescription

0000000040

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000093

Contactless LogicalDescription

0000000040

Description

Cards with 2.7.1 Applets Preloaded and with PIV TEST Keys

Manufacturer Key Set

KMC_CM_HIDCRESC_PIV_TEST_OPSC_1_ENC

KMC_CM_HIDCRESC_PIV_TEST_OPSC_1_MAC

KMC_CM_HIDCRESC_PIV_TEST_OPSC_1_KEK

Diversification

NONE

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000071

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000095

Contact LogicalDescription

0000000047

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000095

Contactless LogicalDescription

0000000047

Description

Cards with 2.7.1 Applets Preloaded and with PIV PROD Keys

Manufacturer Key Set

KMC_CM_HIDCRESC_PIV_PROD_OPSC_1_ENC

KMC_CM_HIDCRESC_PIV_PROD_OPSC_1_MAC

KMC_CM_HIDCRESC_PIV_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000071

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000096

Contact LogicalDescription

0000000047

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000096

Contactless LogicalDescription

0000000047

Generic 128K SC Java Card – AI 1024-2048 (FIPS)

Standard Profile with ActivID Applet v2.6.2b

  • Unique Identifier (stored in the card): 2011000000000000000000FD

  • 12 PKI (1024/2048-bit keys) download done on the server

  • GC standard configuration

  • SKI download by the server

  • Multiple CA Trust Chain(s) Certificate downloadable from the ActivID CMS server (see details in Generic 72-80K PIN SC Java Card – AI 1024-2048 (4))

Note: Trust Chain length is limited to around 9 KB after compression.

Supported Devices

Supported Pre-Issuance IDs

Oberthur ID-One Cosmo v7.0-n 128K

Description

Test Cards

Manufacturer Key Set

KMC_CM_OCS_GENERIC_TEST_OPSC_1_ENC

KMC_CM_OCS_GENERIC_TEST_OPSC_1_MAC

KMC_CM_OCS_GENERIC_TEST_OPSC_1_KEK

Diversification

GP211

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Oberthur-01

CardProductID

0000000061

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000082

Contact LogicalDescription

000000002A

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000082

Contactless LogicalDescription

000000002A

Description

Production Cards

Manufacturer Key Set

KMC_CM_OCS_GENERIC_PROD_OPSC_1_ENC

KMC_CM_OCS_GENERIC_PROD_OPSC_1_MAC

KMC_CM_OCS_GENERIC_PROD_OPSC_1_KEK

Diversification

GP211

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Oberthur-01

CardProductID

0000000061

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000083

Contact LogicalDescription

000000002A

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000083

Contactless LogicalDescription

000000002A

G&D SmartCafe Expert v3.2 144K

Description

Test Cards

Manufacturer Key Set

KMC_CM_GDA_GENERIC_TEST_OPSC_1_ENC

KMC_CM_GDA_GENERIC_TEST_OPSC_1_MAC

KMC_CM_GDA_GENERIC_TEST_OPSC_1_KEK

Diversification

NONE

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

GDA-01

CardProductID

0000000030

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000080

Contact LogicalDescription

0000000029

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000080

Contactless LogicalDescription

0000000029

Description

Production Cards

Manufacturer Key Set

KMC_CM_GDA_GENERIC_PROD_OPSC_1_ENC

KMC_CM_GDA_GENERIC_PROD_OPSC_1_MAC

KMC_CM_GDA_GENERIC_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

GDA-01

CardProductID

0000000030

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000081

Contact LogicalDescription

0000000029

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000081

Contactless LogicalDescription

0000000029

G&D SmartCafe Expert v5.0 144K

Description

Test Cards

Manufacturer Key Set

KMC_CM_GDA_GENERIC_TEST_OPSC_1_ENC

KMC_CM_GDA_GENERIC_TEST_OPSC_1_MAC

KMC_CM_GDA_GENERIC_TEST_OPSC_1_KEK

Diversification

NONE

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

GDA-01

CardProductID

0000000067

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000080

Contact LogicalDescription

0000000029

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000080

Contactless LogicalDescription

0000000029

Description

Production Cards

Manufacturer Key Set

KMC_CM_GDA_GENERIC_PROD_OPSC_1_ENC

KMC_CM_GDA_GENERIC_PROD_OPSC_1_MAC

KMC_CM_GDA_GENERIC_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

GDA-01

CardProductID

0000000067

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000081

Contact LogicalDescription

0000000029

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000081

Contactless LogicalDescription

0000000029

Gemalto TOP DL GX4 FIPS

Description

Test Cards

Manufacturer Key Set

KMC_CM_GEMA_GENERIC_TEST_OPSC_1_ENC

KMC_CM_GEMA_GENERIC_TEST_OPSC_1_MAC

KMC_CM_GEMA_GENERIC_TEST_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Gemplus-01

CardProductID

0000000017

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

000000008B

Contact LogicalDescription

2010000026

Contactless RequirementID

0000000007

Contactless KeyConfigID

000000008B

Contactless LogicalDescription

2010000026

Description

Production Cards

Manufacturer Key Set

KMC_CM_GEMA_GENERIC_PROD_OPSC_1_ENC

KMC_CM_GEMA_GENERIC_PROD_OPSC_1_MAC

KMC_CM_GEMA_GENERIC_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Gemplus-01

CardProductID

0000000017

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

000000008C

Contact LogicalDescription

2010000026

Contactless RequirementID

0000000007

Contactless KeyConfigID

000000008C

Contactless LogicalDescription

2010000026

HID pivCLASS v1.0 (JCOP v2.4.2 R0)

Description

Test Cards

Manufacturer Key Set

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_ENC

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_MAC

KMC_CM_HIDCRESC_GENERIC_TEST_OPSC_1_KEK

Diversification

NONE

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000071

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000092

Contact LogicalDescription

0000000040

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000092

Contactless LogicalDescription

0000000040

Description

Production Cards

Manufacturer Key Set

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_ENC

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_MAC

KMC_CM_HIDCRESC_GENERIC_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000071

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000093

Contact LogicalDescription

0000000040

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000093

Contactless LogicalDescription

0000000040

Description

Cards with 2.7.1 Applets Preloaded and with PIV TEST Keys

Manufacturer Key Set

KMC_CM_HIDCRESC_PIV_TEST_OPSC_1_ENC

KMC_CM_HIDCRESC_PIV_TEST_OPSC_1_MAC

KMC_CM_HIDCRESC_PIV_TEST_OPSC_1_KEK

Diversification

NONE

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000071

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000095

Contact LogicalDescription

0000000047

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000095

Contactless LogicalDescription

0000000047

Description

Cards with 2.7.1 Applets Preloaded and with PIV PROD Keys

Manufacturer Key Set

KMC_CM_HIDCRESC_PIV_PROD_OPSC_1_ENC

KMC_CM_HIDCRESC_PIV_PROD_OPSC_1_MAC

KMC_CM_HIDCRESC_PIV_PROD_OPSC_1_KEK

Diversification

OP202

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

HID-01

CardProductID

0000000071

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000096

Contact LogicalDescription

0000000047

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000096

Contactless LogicalDescription

0000000047

Generic 128K PIN SC Java Card – AI 2048

Standard Profile with ActivID Applet v2.6.2b

  • Unique Identifier (stored in the card): 20110000000000000000012B

  • 8 PKI (2048-bit keys) download done on the server

  • 4 PKI (2048-bit keys) download done on the client

  • GC standard configuration

  • SKI download by the server

  • Multiple CA Trust Chain(s) Certificate downloadable from the ActivID CMS server (see details in Generic 72-80K PIN SC Java Card – AI 1024-2048 (4))

Note: Trust Chain length is limited to around 9 KB after compression.

Supported Devices

Supported Pre-Issuance IDs

Oberthur ID-One Cosmo v7.0-n 128K

Description

Test Cards

Manufacturer Key Set

KMC_CM_OCS_GENERIC_TEST_OPSC_1_ENC

KMC_CM_OCS_GENERIC_TEST_OPSC_1_MAC

KMC_CM_OCS_GENERIC_TEST_OPSC_1_KEK

Diversification

GP211

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Oberthur-01

CardProductID

0000000061

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000082

Contact LogicalDescription

000000002A

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000082

Contactless LogicalDescription

000000002A

Description

Production Cards

Manufacturer Key Set

KMC_CM_OCS_GENERIC_PROD_OPSC_1_ENC

KMC_CM_OCS_GENERIC_PROD_OPSC_1_MAC

KMC_CM_OCS_GENERIC_PROD_OPSC_1_KEK

Diversification

GP211

Key Set Version / Index

0x01/0x00

Logical Scheme

2

ManufacturerID

Oberthur-01

CardProductID

0000000061

PhysicalDescriptionID

0000000005

PackageConfigID

FREE

Contact RequirementID

0000000007

Contact KeyConfigID

0000000083

Contact LogicalDescription

000000002A

Contactless RequirementID

0000000007

Contactless KeyConfigID

0000000083

Contactless LogicalDescription

000000002A