FIPS 201 PIV Profiles (Service Bureau)
Note: For Gemalto PIV profile (that is, card with Gemalto PIV applet v1.20), it is necessary to obtain a Gemalto PIV card with configuration “USG 010”.
For Oberthur PIV profile, ActivID CMS 4.0 SP2 expects Cosmo card with BAP# 81758.
For Oberthur PIV profiles with Oberthur PIV applet 2.3.2, use BAP #087282.
For Oberthur PIV profiles with Oberthur PIV applet 2.3.5, use BAP #087420 / #087424 / #087465.
For Oberthur PIV profiles with Oberthur PIV applet 2.4.0, use BAP #087434.
For IDEMIA PIV profiles with IDEMIA PIV applet 2.4.1, use BAP #087484
For PIV FIPS201 SB Activation Java Card - IDEMIA ID-One PIV 2.4.1 - 2048 profile, PIN is numeric only.
These profiles activate the PIV cards personalized by the card manufacturer service bureau. The card activation process consists of:
-
Injecting and generating the PKI credentials (PKI 1024 or 2048),
-
Swapping the Card Manager keys,
-
Swapping the PIV Card Administrator key (9B), and
-
Setting up the PIV Local PIN for the user and setting up the PUK.
PIV FIPS201 SB Activation Java Card – OT 2.3.2 – 2048
PIV2 Activation Profile with OT End-Point applets v2.3.2 (SP 800-73-3). Card with Oberthur PIV applet v2.3.2.
|
Supported Devices
|
Supported Pre-Issuance IDs
|
|
Oberthur ID-One PIV 2.3.2 on Cosmo v7
|
 5_OCS_PIV_232_SB_TEST_OPSC_1
|
Description
|
OT 7.0 128K FIPS PIV 2.3.2 Sample Stack with PIV TEST Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_TEST_OPSC_1_ENC
KMC_CM_OCS_PIV_TEST_OPSC_1_MAC
KMC_CM_OCS_PIV_TEST_OPSC_1_KEK
|
|
SD Manufacturer Key Set
|
KMC_SD_OCS_PIV_TEST_AES_OPSC_1_ENC
KMC_SD_OCS_PIV_TEST_AES_OPSC_1_MAC
KMC_SD_OCS_PIV_TEST_AES_OPSC_1_KEK
|
|
CM / SD Diversification
|
GP211
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_TRIPLE
|
|
Initial 9B Key AlgoID
|
03
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000061
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000002
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000070
|
|
ContactLogicalDescription
|
000000003C
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000070
|
|
ContactlessLogicalDescription
|
000000003C
|
5_OCS_PIV_232_SB_PROD_OPSC_1
|
Description
|
OT 7.0 128K FIPS PIV 2.3.2 Sample Stack with PIV PROD Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_PROD_OPSC_1_ENC
KMC_CM_OCS_PIV_PROD_OPSC_1_MAC
KMC_CM_OCS_PIV_PROD_OPSC_1_KEK
|
|
SD Manufacturer Key Set
|
KMC_SD_OCS_PIV_PROD_AES_OPSC_1_ENC
KMC_SD_OCS_PIV_PROD_AES_OPSC_1_MAC
KMC_SD_OCS_PIV_PROD_AES_OPSC_1_KEK
|
|
CM / SD Diversification
|
GP211
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_TRIPLE
|
|
Initial 9B Key AlgoID
|
03
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000061
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000002
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000071
|
|
ContactLogicalDescription
|
000000003D
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000071
|
|
ContactlessLogicalDescription
|
000000003D
|
100_OCS_PIV_232_SB_PROD_OPSC_1
|
Description
|
OT 7.0 128K FIPS PIV 2.3.2 Full Stack with PIV PROD Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_PROD_OPSC_1_ENC
KMC_CM_OCS_PIV_PROD_OPSC_1_MAC
KMC_CM_OCS_PIV_PROD_OPSC_1_KEK
|
|
SD Manufacturer Key Set
|
KMC_SD_OCS_PIV_PROD_AES_OPSC_1_ENC
KMC_SD_OCS_PIV_PROD_AES_OPSC_1_MAC
KMC_SD_OCS_PIV_PROD_AES_OPSC_1_KEK
|
|
CM / SD Diversification
|
GP211
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_TRIPLE
|
|
Initial 9B Key AlgoID
|
03
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000061
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000001
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000071
|
|
ContactLogicalDescription
|
000000003D
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000071
|
|
ContactlessLogicalDescription
|
000000003D
|
|
PIV FIPS201 SB Activation Java Card – OT 2.3.5 / 2.4.0 – 2048
PIV2 Activation Profile with OT End-Point applets v2.3.5 / 2.4.0 (SP 800-73-4). Card with Oberthur PIV applet v2.3.5 or v2.4.0.
|
Supported Devices
|
Supported Pre-Issuance IDs
|
|
Oberthur ID-One PIV 2.3.5 on Cosmo v8
|
5_OCS_PIV_235_SB_TEST_OPSC_1
|
Description
|
OT 8.0 FIPS PIV 2.3.5 Sample Stack with PIV SB TEST Key
|
|
Card specification
|
PIV 2.3.5 AES 256
|
PIV 2.3.5 AES 128
|
|
Key length supported
|
256-bit Keys
|
128-bit Keys
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_KEK
|
KMC_CM_OCS_PIV_SB_TEST_AES_16_1_ENC
KMC_CM_OCS_PIV_SB_TEST_AES_16_1_MAC
KMC_CM_OCS_PIV_SB_TEST_AES_16_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x00
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_16
|
|
Initial 9B Key AlgoID
|
0C
|
08
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000081
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000002
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000112
|
|
ContactLogicalDescription
|
0000000052
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000112
|
|
ContactlessLogicalDescription
|
0000000052
|
5_OCS_PIV_235_SB_PROD_OPSC_1
|
Description
|
OT 8.0 FIPS PIV 2.3.5 Sample Stack with PIV SB PROD Key
|
|
Card specification
|
PIV 2.3.5 AES 256
|
PIV 2.3.5 AES 128
|
|
Key length supported
|
256-bit Keys
|
128-bit Keys
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_KEK
|
KMC_CM_OCS_PIV_SB_PROD_AES_16_1_ENC
KMC_CM_OCS_PIV_SB_PROD_AES_16_1_MAC
KMC_CM_OCS_PIV_SB_PROD_AES_16_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_16
|
|
Initial 9B Key AlgoID
|
0C
|
08
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000081
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000002
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000113
|
|
ContactLogicalDescription
|
0000000052
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000113
|
|
ContactlessLogicalDescription
|
0000000052
|
100_OCS_PIV_235_SB_PROD_OPSC_1
|
Description
|
OT 8.0 FIPS PIV 2.3.5 Full Stack with PIV SB PROD Key
|
|
Card specification
|
PIV 2.3.5 AES 256
|
PIV 2.3.5 AES 128
|
|
Key length supported
|
256-bit Keys
|
128-bit Keys
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_KEK
|
KMC_CM_OCS_PIV_SB_PROD_AES_16_1_ENC
KMC_CM_OCS_PIV_SB_PROD_AES_16_1_MAC
KMC_CM_OCS_PIV_SB_PROD_AES_16_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_16
|
|
Initial 9B Key AlgoID
|
0C
|
08
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000081
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000001
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000113
|
|
ContactLogicalDescription
|
0000000052
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000113
|
|
ContactlessLogicalDescription
|
0000000052
|
|
| Oberthur ID-One PIV 2.4.0 on Cosmo v8 |
5_OCS_PIV_240_SB_TEST_OPSC_1
|
Description
|
OT 8.0 FIPS PIV 2.4.0 Sample Stack with PIV SB TEST Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x00
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
|
Initial 9B Key AlgoID
|
0C
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000081
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000002
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000112
|
|
ContactLogicalDescription
|
0000000053
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000112
|
|
ContactlessLogicalDescription
|
0000000053
|
5_OCS_PIV_240_SB_PROD_OPSC_1
|
Description
|
OT 8.0 FIPS PIV 2.4.0 Sample Stack with PIV SB PROD Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
|
Initial 9B Key AlgoID
|
0C
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000081
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000002
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000113
|
|
ContactLogicalDescription
|
0000000053
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000113
|
|
ContactlessLogicalDescription
|
0000000053
|
100_OCS_PIV_240_SB_PROD_OPSC_1
|
Description
|
OT 8.0 FIPS PIV 2.4.0 Full Stack with PIV SB PROD Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
|
Initial 9B Key AlgoID
|
0C
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
Oberthur-01
|
|
CardProductID
|
0000000081
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000001
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000113
|
|
ContactLogicalDescription
|
0000000053
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000113
|
|
ContactlessLogicalDescription
|
0000000053
|
|
PIV FIPS201 SB Activation Java Card - IDEMIA ID-One PIV 2.4.1 - 2048
PIV2 Activation Profile with IDEMIA End-Point applets v2.4.1 (SP800-73-4). Card with IDEMIA PIV applet v2.4.1.
|
Supported Devices
|
Supported Pre-Issuance IDs
|
|
IDEMIA ID-One PIV 2.4.1 on Cosmo v8.1 (BAP 087484)
|
5_IDEMIA_PIV_241_SB_TEST_OPSC_1
|
Description
|
IDEMIA v8.1 with ID-One PIV 2.4.1 Sample Stack with PIV SB TEST Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_TEST_AES_32_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x00
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
|
Initial 9B Key AlgoID
|
0C
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
IDEMIA-01
|
|
CardProductID
|
0000000083
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000002
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000112
|
|
ContactLogicalDescription
|
0000000056
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000112
|
|
ContactlessLogicalDescription
|
0000000056
|
5_IDEMIA_PIV_241_SB_PROD_OPSC_1
|
Description
|
IDEMIA v8.1 with ID-One PIV 2.4.1 Sample Stack with PIV SB PROD Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
|
Initial 9B Key AlgoID
|
0C
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
IDEMIA-01
|
|
CardProductID
|
0000000083
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000002
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000113
|
|
ContactLogicalDescription
|
0000000056
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000113
|
|
ContactlessLogicalDescription
|
0000000056
|
100_IDEMIA_PIV_241_SB_PROD_OPSC_1
|
Description
|
IDEMIA v8.1 with ID-One PIV 2.4.1 Full Stack with PIV SB PROD Key
|
|
CM Manufacturer Key Set
|
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_ENC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_MAC
KMC_CM_OCS_PIV_SB_PROD_AES_32_1_KEK
|
|
CM Diversification
|
GPSCP03
|
|
Key Set Version / Index
|
0x01/0x0
|
|
Initial 9B key Label
|
PIV_OCS_CARD_ADMIN_KEY_SB_AES_32
|
|
Initial 9B Key AlgoID
|
0C
|
|
Logical Scheme
|
2
|
|
ManufacturerID
|
IDEMIA-01
|
|
CardProductID
|
0000000083
|
|
PhysicalDescriptionID
|
0000000005
|
|
PackageConfigID
|
0000000001
|
|
ContactRequirementID
|
0000000007
|
|
ContactKeyConfigID
|
0000000113
|
|
ContactLogicalDescription
|
0000000056
|
|
ContactlessRequirementID
|
0000000007
|
|
ContactlessKeyConfigID
|
0000000113
|
|
ContactlessLogicalDescription
|
0000000056
|
|
