2012-06-04 11:12:28 +00:00
|
|
|
/*
|
|
|
|
* sm-authentic.c: Secure Messaging procedures specific to Oberthur's card
|
|
|
|
* 'COSMO v7' with PKI applet 'AuthentIC v3.1'
|
|
|
|
*
|
|
|
|
* Copyright (C) 2010 Viktor Tarasov <vtarasov@opentrust.com>
|
|
|
|
* OpenTrust <www.opentrust.com>
|
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
#include <config.h>
|
|
|
|
#endif
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
|
|
#ifdef HAVE_UNISTD_H
|
|
|
|
#include <unistd.h>
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include <string.h>
|
|
|
|
#include <assert.h>
|
|
|
|
#include <errno.h>
|
|
|
|
#include <ctype.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
|
|
|
#include "libopensc/opensc.h"
|
|
|
|
#include "libopensc/log.h"
|
|
|
|
|
|
|
|
#include "sm-module.h"
|
|
|
|
|
|
|
|
static int
|
|
|
|
sm_oberthur_diversify_keyset(struct sc_context *ctx, struct sm_info *sm_info,
|
|
|
|
unsigned char *idata, size_t idata_len)
|
|
|
|
{
|
2012-07-29 19:41:44 +00:00
|
|
|
struct sm_gp_session *gp_session = &sm_info->session.gp;
|
|
|
|
struct sm_gp_keyset *gp_keyset = &sm_info->session.gp.gp_keyset;
|
2012-06-04 11:12:28 +00:00
|
|
|
unsigned char master_key[16] = {
|
|
|
|
0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,
|
|
|
|
};
|
|
|
|
unsigned char *keys[3] = {
|
2012-07-29 19:41:44 +00:00
|
|
|
gp_keyset->enc,
|
|
|
|
gp_keyset->mac,
|
|
|
|
gp_keyset->kek
|
2012-06-04 11:12:28 +00:00
|
|
|
};
|
|
|
|
unsigned char key_buff[16];
|
2012-07-29 19:41:44 +00:00
|
|
|
unsigned char *tmp;
|
2012-06-04 11:12:28 +00:00
|
|
|
int rv = 0, ii, tmp_len;
|
|
|
|
|
2012-07-29 19:41:44 +00:00
|
|
|
if (gp_keyset->kmc_len == 48) {
|
2012-06-04 11:12:28 +00:00
|
|
|
for (ii=0; ii<3; ii++)
|
2012-07-29 19:41:44 +00:00
|
|
|
memcpy(keys[ii], gp_keyset->kmc + 16*ii, 16);
|
2012-06-04 11:12:28 +00:00
|
|
|
}
|
2012-07-29 19:41:44 +00:00
|
|
|
else if (gp_keyset->kmc_len == 16 || gp_keyset->kmc_len == 0) {
|
|
|
|
if (gp_keyset->kmc_len == 16)
|
|
|
|
memcpy(master_key, gp_keyset->kmc, 16);
|
2012-06-04 11:12:28 +00:00
|
|
|
sc_log(ctx, "KMC: %s", sc_dump_hex(master_key, sizeof(master_key)));
|
|
|
|
for (ii=0; ii<3; ii++) {
|
|
|
|
key_buff[0] = key_buff[8] = 0;
|
|
|
|
key_buff[1] = key_buff[9] = 0;
|
|
|
|
key_buff[2] = key_buff[10] = *(idata + 6);
|
|
|
|
key_buff[3] = key_buff[11] = *(idata + 7);
|
|
|
|
key_buff[4] = key_buff[12] = *(idata + 8);
|
|
|
|
key_buff[5] = key_buff[13] = *(idata + 9);
|
|
|
|
key_buff[6] = 0xF0, key_buff[14] = 0x0F;
|
|
|
|
key_buff[7] = key_buff[15] = ii+1;
|
|
|
|
|
|
|
|
sc_log(ctx, "key_buf:%s", sc_dump_hex(key_buff, 16));
|
|
|
|
|
|
|
|
rv = sm_encrypt_des_ecb3(master_key, key_buff, sizeof(key_buff), &tmp, &tmp_len);
|
2018-04-14 17:38:34 +00:00
|
|
|
LOG_TEST_RET(ctx, rv, "GP init session: cannot derive key");
|
2012-06-04 11:12:28 +00:00
|
|
|
|
2012-07-29 19:41:44 +00:00
|
|
|
memcpy(keys[ii], tmp, sizeof(gp_keyset->enc));
|
2012-06-04 11:12:28 +00:00
|
|
|
free(tmp);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "GP init session: invalid KMC data");
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!rv && ctx) {
|
2017-11-13 14:11:58 +00:00
|
|
|
sc_log_hex(ctx, "Card challenge", gp_session->card_challenge, sizeof(gp_session->card_challenge));
|
|
|
|
sc_log_hex(ctx, "Host challenge", gp_session->host_challenge, sizeof(gp_session->host_challenge));
|
|
|
|
sc_log_hex(ctx, "ENC", gp_keyset->enc, sizeof(gp_keyset->enc));
|
|
|
|
sc_log_hex(ctx, "MAC", gp_keyset->mac, sizeof(gp_keyset->mac));
|
|
|
|
sc_log_hex(ctx, "KEK", gp_keyset->kek, sizeof(gp_keyset->kek));
|
2012-06-04 11:12:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return rv;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
sm_authentic_encode_apdu(struct sc_context *ctx, struct sm_info *sm_info)
|
|
|
|
{
|
|
|
|
struct sc_apdu *apdu = (struct sc_apdu *) sm_info->cmd_data;
|
|
|
|
int rv = SC_ERROR_INVALID_ARGUMENTS;
|
|
|
|
|
|
|
|
LOG_FUNC_CALLED(ctx);
|
|
|
|
sc_log(ctx, "SM encode APDU: offset:");
|
|
|
|
|
|
|
|
rv = sm_gp_securize_apdu(ctx, sm_info, NULL, apdu);
|
|
|
|
LOG_TEST_RET(ctx, rv, "SM encode APDU: securize error");
|
|
|
|
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
sm_authentic_get_apdus(struct sc_context *ctx, struct sm_info *sm_info,
|
|
|
|
unsigned char *init_data, size_t init_len, struct sc_remote_data *rdata,
|
|
|
|
int release_sm)
|
|
|
|
{
|
|
|
|
int rv = 0;
|
|
|
|
|
|
|
|
LOG_FUNC_CALLED(ctx);
|
|
|
|
if (!sm_info)
|
|
|
|
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS);
|
|
|
|
|
2017-03-14 19:02:30 +00:00
|
|
|
sc_log(ctx, "SM get APDUs: rdata:%p, init_len:%"SC_FORMAT_LEN_SIZE_T"u",
|
|
|
|
rdata, init_len);
|
2012-06-04 11:12:28 +00:00
|
|
|
sc_log(ctx, "SM get APDUs: serial %s", sc_dump_hex(sm_info->serialnr.value, sm_info->serialnr.len));
|
|
|
|
|
|
|
|
if (init_data) {
|
|
|
|
rv = sm_gp_external_authentication(ctx, sm_info, init_data, init_len, rdata, sm_oberthur_diversify_keyset);
|
|
|
|
LOG_TEST_RET(ctx, rv, "SM get APDUs: cannot authenticate card");
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (sm_info->cmd) {
|
|
|
|
case SM_CMD_APDU_TRANSMIT:
|
|
|
|
rv = sm_authentic_encode_apdu(ctx, sm_info);
|
|
|
|
LOG_TEST_RET(ctx, rv, "SM get APDUs: cannot encode APDU");
|
|
|
|
break;
|
|
|
|
case SM_CMD_INITIALIZE:
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "unsupported SM command");
|
|
|
|
}
|
|
|
|
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
|
|
|
}
|