Enumeration Properties
The following properties are available to enumerate information from the plugin. The enumeration always returns a string with a list of values separated with ‘;’. The enumeration always starts from ‘0’ and last property is found when return value is an empty string.
iid = document.getElementById(‘iid’);
if (iid != null) {
i = 0;
if (iid.EnumProperty(‘<name>’, i) != "") {
i++;
}
}value = ‘<value1>;<value2>;…;<valueX>;’
There is one property available for controlling the behavior of enumeration:
| Property | Description | Default value | Requirement |
|---|---|---|---|
EnumLimit |
Contains a number which is a bitmask telling which properties to return. Bit set will return the value and not set will ignore the value. |
Available enumeration properties are listed below. They can also be accessed via the On this page menu to the right.
Certificate
Enumeration property Certificate is used to enumerate all available certificates. This enumeration may be combined with two other properties:
| Property | Description | Default value | Requirement |
|---|---|---|---|
AllowExternalCert |
Specifies all certificates that should be returned including those not stored within our PKI client. |
Default |
optional |
Other |
Specifies all certificates should be returned including those without a matching private key pair. |
Default |
optional |
The returned string value has the following elements:
| Returned string value elements | Description |
|---|---|
Slot id |
The slot id for the PKCS#11 token, where the certificate can be found. This value should be used when updating the certificate. |
Real slot id |
The real slot id for the PKCS#11 token, where the certificate can be found. This value should be used in all cases except when updating the certificate. The reason for two different slot id:s is that there are certificates which are connected to a private key protected with a secondary PIN, but the certificate needs the first PIN for update. |
Key id |
The key identifier for the key pair used with the certificate. |
Label |
The certificate label used to describe the certificate. This string may be empty if no label is available. |
Issuer |
The certificate issuer field from the certificate. The value returned will use object identifier name instead of object identifier string when used with |
Subject |
The certificate subject field from the certificate. The value returned will use object identifier name instead of object identifier string when used with |
Value |
The complete base64 encoded certificate value. |
"1;1;45;identification;2.5.4.3=Company CA,2.5.4.10=US;2.5.4.3=John Doe;MII…==
CertificateEx
Enumeration property CertificateEx has the same behavior as enumeration property Certificate, but returns some additional information.
The first 6 elements are equal to enumeration property Certificate, but the last element Value, the certificate value, will always be returned last in the string.
Currently some more elements are included, and more may be added in the future. If new elements are added they will be added after the elements listed below and Certificate will still be the last element.
| Returned string value elements | Description |
|---|---|
Valid from |
Contains the validity from value from the certificate. The value will only contain the date part of the validity. |
Valid to |
Contains the validity to value from the certificate. The value will only contain the date part of the validity. |
Is CA |
Contains a flag indicting whether this certificate is a CA certificate or an end user certificate. Value |
Credential |
Contains the subject alt name from the certificate. |
Thumbprint |
Contains the thumbprint of the certificate. |
Authority identifier |
Contains the authority identifier of the certificate. |
Key usage |
Contains the key usage of the certificate. |
Expire |
Contains number of days until the certificate expire when configured with expire warning. |
"1;1;45;identification;2.5.4.3=Company+CA,2.5.4.10=US;2.5.4.3=John Doe;2010-01-01;2014-12-31;0;johdoe@company.com;65A424E5AC290597A7C4460C0D0491F6CF69F705; 1C53AB9CBB9ECF30D4DD714DCE84A9EC2CBAF2F7;160;;MII…==
Component
| This property is only available on Windows platforms. |
Enumeration property Component is used to enumerate all installed components.
The returned string value has the following elements:
| Returned string value elements | Description |
|---|---|
Path |
Specifies the full file path to the installed component. |
Version |
Specifies the file version of the installed component. |
Description |
Specifies the file description of the installed component. |
'C:\Program\Net iD\iid.dll;05040134;Main'
Key
Enumeration property Key is used to enumerate all available key pairs.
The returned string value has the following elements:
| Returned string value elements | Description |
|---|---|
Slot id |
The slot id for the PKCS#11 token, where the key pair can be found. This value should be used when updating the key pair. |
Real slot id |
The real slot ID for the PKCS#11 token, where the key pair can be found. This value should be used in all cases except when updating the key pair. The reason for two different slot IDs is that there are key pairs protected with a secondary PIN, but will require first PIN for update. |
Key id |
The key identifier for the key pair. |
Label |
The key label used to describe the certificate. This string may be empty if no label available. |
Type |
The key type. Value is currently always |
Usage |
The allowed key usage for the key pair. This value should be equal to key usage in any connected certificate, but may be different. |
Size |
The key size in bits for the key pair. |
Generator name |
The name of the component used to generate the key. This will only be available for soft tokens. The value corresponds to static property |
Generator version |
The version of the component used to generate the key. This will only be available for soft tokens. The value corresponds to static property |
"1;1;45;identification;rsa;160;1024;;"
Language
Enumeration property Language is used to enumerate all available languages.
The returned string value has the following elements:
| Returned string value elements | Description |
|---|---|
Name |
The name of the language. |
Profile
Enumeration property Profile is used to enumerate all available smart card profiles.
The returned string value has the following elements:
| Returned string value elements | Description |
|---|---|
Name |
The name of the profile. |
Slot
Enumeration property Slot is used to enumerate all available PKCS#11 slots.
The returned string value has the following elements:
| Returned string value elements | Description |
|---|---|
Slot id |
The slot ID for the PKCS#11 slot. This value is a unique identifier for a specific token with a specific pin. For smart cards this value is a number between 1 and 99. For soft tokens this value is a number between 100 and 199. |
Slot description |
The description for the PKCS#11 slot. For smart cards this value is the string with the smart card reader name. For soft tokens this value is a string with the slot ID number. |
Token label |
The token label for the PKCS#11 slot. This element will be empty if token is not present. For smart cards this will be the combined value from real token label and PIN label. For soft tokens this will be the token label specified at creation. |
"1;Card Reader 0;Card eID (PIN1)"
"2;Card Reader 0;Card eID (PIN2)"
"3;Card Reader 0;"
"100;Soft Slot 100;Soft eID"
| Smart card reader slots usually return three slots for each real smart card reader to handle up to three PINs for each smart card. The number of supported PINs may change depending on configuration, but it will always be possible to connect the PINs to a specific card by using the smart card reader name. |
SlotCard
Same as property Slot, but will only return smart card reader slots.
SlotSoft
Same as property Slot, but will only return soft token slots.
Token
Enumeration property Token is used to enumerate all available PKCS#11 tokens.
The returned string value has the following elements:
| Returned string value elements | Description |
|---|---|
Slot id |
The slot ID for the PKCS#11 slot. This value is a unique identifier for a specific token with a specific pin. For smart cards this value is a number between 1 and 99. For soft tokens this value is a number between 100 and 199. |
Token Label |
The token label for the PKCS#11 slot. For smart cards this will be the combined value from real token label and pin label. For soft tokens this will be the token label specified at creation. |
Token number |
The token number for the PKCS#11 token. This number is the card serial number for card and a random number for soft tokens starting with four digits with product version when soft token was created. |
Token manufacturer |
The token manufacturer for the PKCS#11 token. |
Token type |
The token type for the PKCS#11 token. This type is the token model with version number. |
Token path |
The full file path to a soft token, and empty for a smart card. |
Minimum password length |
The minimum password/PIN length required for the PKCS#11 token. |
Maximum password length |
The maximum password/PIN length required for the PKCS#11 token. |
Current attempts left |
The current number of bad password/PIN attempts remaining before password/PIN is locked. Available values are
|
Password type |
Number telling the type of password. See configuration for more information about available types. |
Password policy |
Number telling the policy for the password. See configuration for more information about policy value. |
Slot name |
The PKCS#11 slot description for the slot ID. |
"1;Card eID (PIN1);1234 5678 9012 3456;Company AB;Model 1.0;;4;8;3;0;0x00000000;Card Reader 0"
"2;Card eID (PIN2);1234 5678 9012 3456;Company AB;Model 1.0;;4;8;3;0;0x00000000;Card Reader 1"
"1;Soft eID;0504 1234 5678 90;SecMaker AB;Soft Token 5.4;c:\soft.tkn;2;32;3;0;0x00000000;Soft Slot 100"
TokenCard
Same as property Token, but will only return smart card tokens.
TokenSoft
Same as property Token, but will only return soft tokens.