Device / HostSecurity / AccessConditionMask Value
Defines an Access Condition Mask for every security Level. If the config value of a security Level is not set, it is not restricted at all.
Level 3 has always all access rights. No matter if there is a limitation via AcMask[3] or not.
Properties
- Value ID: 0x0288/0x00 - 0x03
-
Default value:
SecurityReset|SetKey1|SetKey2|SetKey3|SetAccessConditionMask0|SetAccessConditionMask1|
SetAccessConditionMask2|SysReset|ConfigRead|ConfigWrite|ConfigReset|IoPortRead|IoPortWrite|
GuiAccess|HfLowlevelAccess|ExtSamAccess|VhlSelect|VhlRead|VhlWrite|VhlFormat|VhlExchangeapdu|
RtcWrite|FlashFileSystemRead|FlashFileSystemWrite|ExtendedAccess|Bf2Upload|CryptoAccess|
AutoreadAccess|EthernetAccess|0xE0000000
Format
Name | Type/Size | Description | |
---|---|---|---|
HostSecurityAccessConditionBits | Bit mask (32 bits) | Every Feature in this list can be disabled by not setting the corresponding bit. | |
RFU | Integer (bit mask area 0xE0000000) | Zero padding | |
EthernetAccess | Boolean (bit 0x10000000) | Provide Access to Ethernet BRP Commands | |
AutoreadAccess | Boolean (bit 0x08000000) | Has to be cleared to deny control autoread task | |
CryptoAccess | Boolean (bit 0x04000000) | Has to be cleared to deny allow access to the encryption unit | |
Bf2Upload | Boolean (bit 0x02000000) | Has to be cleared to deny allow to upload firmware | |
ExtendedAccess | Boolean (bit 0x01000000) | Has to be cleared to deny allow access to the extended reader partition | |
FlashFileSystemWrite | Boolean (bit 0x00800000) | Has to be cleared to deny write access to flash file system | |
FlashFileSystemRead | Boolean (bit 0x00400000) | Has to be cleared to deny read access to flash file system | |
RtcWrite | Boolean (bit 0x00200000) | Has to be cleared to deny write access to RTC | |
VhlExchangeapdu | Boolean (bit 0x00100000) | Has to be cleared to deny running VHL APDU Exchange | |
VhlFormat | Boolean (bit 0x00080000) | Has to be cleared to deny formattings cards via VHL | |
VhlWrite | Boolean (bit 0x00040000) | Has to be cleared to deny writing cards via VHL | |
VhlRead | Boolean (bit 0x00020000) | Has to be cleared to deny reading cards via VHL | |
VhlSelect | Boolean (bit 0x00010000) | Has to be cleared to deny detection of cards via VHL | |
ExtSamAccess | Boolean (bit 0x00008000) | Has to be cleared to deny access to SAM over 7816-3 commands ( Iso78 command group ) | |
HfLowlevelAccess | Boolean (bit 0x00004000) | Has to be cleared to deny allow to access HF via low level commands | |
GuiAccess | Boolean (bit 0x00002000) | Has to be cleared to deny access to keypad/lcd | |
IoPortWrite | Boolean (bit 0x00001000) | Has to be cleared to deny write access to io ports | |
IoPortRead | Boolean (bit 0x00000800) | Has to be cleared to deny read access to io ports | |
ConfigReset | Boolean (bit 0x00000400) | Has to be cleared to deny reset configuration keys/while configuration. | |
ConfigWrite | Boolean (bit 0x00000200) | Has to be cleared to deny write access to configuration keys/values. | |
ConfigRead | Boolean (bit 0x00000100) | Has to be cleared to deny read access to configuration keys/values | |
SysReset | Boolean (bit 0x00000080) | Has to be cleared to deny allow reboot/powerdown of system | |
SetAccessConditionMask2 | Boolean (bit 0x00000040) | Has to be cleared to deny set ac 2 | |
SetAccessConditionMask1 | Boolean (bit 0x00000020) | Has to be cleared to deny set ac 1 | |
SetAccessConditionMask0 | Boolean (bit 0x00000010) | Has to be cleared to deny set ac 0 | |
SetKey3 | Boolean (bit 0x00000008) | Has to be cleared to deny set security key 3 | |
SetKey2 | Boolean (bit 0x00000004) | Has to be cleared to deny set security key 2 | |
SetKey1 | Boolean (bit 0x00000002) | Has to be cleared to deny set security key 1 | |
FactoryReset | Boolean (bit 0x00000001) | Has to be cleared to deny resetting system to factory settings |