2001-11-06 18:34:19 +00:00
|
|
|
|
/*
|
2001-11-24 13:32:52 +00:00
|
|
|
|
* opensc-pkcs15.h: OpenSC PKCS#15 header file
|
2001-11-01 15:43:20 +00:00
|
|
|
|
*
|
2001-11-06 18:34:19 +00:00
|
|
|
|
* Copyright (C) 2001 Juha Yrj<EFBFBD>l<EFBFBD> <juha.yrjola@iki.fi>
|
2001-11-01 15:43:20 +00:00
|
|
|
|
*
|
2001-11-06 18:34:19 +00:00
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
2001-11-01 15:43:20 +00:00
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2001-11-06 18:34:19 +00:00
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
2001-11-01 15:43:20 +00:00
|
|
|
|
*
|
2001-11-06 18:34:19 +00:00
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
2001-11-01 15:43:20 +00:00
|
|
|
|
*/
|
|
|
|
|
|
2001-12-30 21:17:34 +00:00
|
|
|
|
#ifndef _OPENSC_PKCS15_H
|
|
|
|
|
#define _OPENSC_PKCS15_H
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
2001-11-24 15:12:32 +00:00
|
|
|
|
#include "opensc.h"
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
2001-12-08 15:27:40 +00:00
|
|
|
|
#ifdef __cplusplus
|
|
|
|
|
extern "C" {
|
|
|
|
|
#endif
|
|
|
|
|
|
2001-12-11 14:52:17 +00:00
|
|
|
|
#define SC_PKCS15_CACHE_DIR ".eid"
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
|
#define SC_PKCS15_PIN_MAGIC 0x31415926
|
|
|
|
|
#define SC_PKCS15_MAX_PINS 2
|
|
|
|
|
#define SC_PKCS15_MAX_PRKEYS 2
|
|
|
|
|
#define SC_PKCS15_MAX_LABEL_SIZE 32
|
|
|
|
|
#define SC_PKCS15_MAX_ID_SIZE 16
|
2002-01-13 23:56:13 +00:00
|
|
|
|
#define SC_PKCS15_MAX_DFS 4
|
2001-12-16 18:46:32 +00:00
|
|
|
|
#define SC_PKCS15_MAX_CERTS 4 /* Total certificates */
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_id {
|
|
|
|
|
u8 value[SC_PKCS15_MAX_ID_SIZE];
|
2001-12-30 21:17:34 +00:00
|
|
|
|
size_t len;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
};
|
|
|
|
|
|
2002-01-13 23:56:13 +00:00
|
|
|
|
#define SC_PKCS15_CO_FLAG_OBJECT_SEEN 0x80000000 /* for PKCS #11 module */
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
|
struct sc_pkcs15_common_obj_attr {
|
|
|
|
|
char label[SC_PKCS15_MAX_LABEL_SIZE]; /* zero terminated */
|
|
|
|
|
int flags;
|
|
|
|
|
struct sc_pkcs15_id auth_id;
|
|
|
|
|
|
|
|
|
|
int user_consent;
|
|
|
|
|
/* FIXME: add accessControlRules */
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_pin_info {
|
|
|
|
|
struct sc_pkcs15_common_obj_attr com_attr;
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_id auth_id;
|
2001-12-21 23:34:47 +00:00
|
|
|
|
int reference;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
int flags, type;
|
|
|
|
|
int min_length, stored_length;
|
|
|
|
|
u8 pad_char;
|
|
|
|
|
struct sc_path path;
|
|
|
|
|
int tries_left;
|
|
|
|
|
|
|
|
|
|
unsigned int magic;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_COMPUTE_CHECKSUM 0x01
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_COMPUTE_SIGNATURE 0x02
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_VERIFY_CHECKSUM 0x04
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_VERIFY_SIGNATURE 0x08
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_ENCIPHER 0x10
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_DECIPHER 0x20
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_HASH 0x40
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_GENERATE_KEY 0x80
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_algorithm_info {
|
|
|
|
|
int reference;
|
|
|
|
|
int algorithm, supported_operations;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_rsa_pubkey {
|
|
|
|
|
u8 *modulus;
|
|
|
|
|
int modulus_len;
|
|
|
|
|
unsigned int exponent;
|
2001-11-05 19:39:18 +00:00
|
|
|
|
|
|
|
|
|
u8 *data; /* DER encoded raw key */
|
|
|
|
|
int data_len;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_cert {
|
|
|
|
|
int version;
|
2001-12-22 13:38:25 +00:00
|
|
|
|
unsigned long serial;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_rsa_pubkey key;
|
|
|
|
|
u8 *data; /* DER encoded raw cert */
|
|
|
|
|
int data_len;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_cert_info {
|
|
|
|
|
struct sc_pkcs15_common_obj_attr com_attr;
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_id id; /* correlates to private RSA key id */
|
|
|
|
|
int authority; /* boolean */
|
|
|
|
|
/* identifiers [2] SEQUENCE OF CredentialIdentifier{{KeyIdentifiers}} */
|
|
|
|
|
struct sc_path path;
|
|
|
|
|
};
|
|
|
|
|
|
2001-11-26 16:14:22 +00:00
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_ENCRYPT 0x01
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_DECRYPT 0x02
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_SIGN 0x04
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_SIGNRECOVER 0x08
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_WRAP 0x10
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_UNWRAP 0x20
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_VERIFY 0x40
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER 0x80
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_DERIVE 0x100
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_NONREPUDIATION 0x200
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_SENSITIVE 0x01
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_EXTRACTABLE 0x02
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE 0x04
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE 0x08
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_LOCAL 0x10
|
|
|
|
|
|
2002-01-16 23:59:18 +00:00
|
|
|
|
#define SC_PKCS15_TYPE_PRKEY_RSA 0x100
|
|
|
|
|
#define SC_PKCS15_TYPE_PUBKEY_RSA 0x200
|
|
|
|
|
#define SC_PKCS15_TYPE_CERT_X509 0x400
|
|
|
|
|
#define SC_PKCS15_TYPE_CERT_SPKI 0x402
|
|
|
|
|
#define SC_PKCS15_TYPE_DATA_OBJECT 0x500
|
|
|
|
|
#define SC_PKCS15_TYPE_AUTH_PIN 0x600
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
|
struct sc_pkcs15_prkey_info {
|
|
|
|
|
struct sc_pkcs15_common_obj_attr com_attr;
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_id id; /* correlates to public certificate id */
|
2001-12-21 23:34:47 +00:00
|
|
|
|
int usage, access_flags, native;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
int key_reference;
|
|
|
|
|
|
|
|
|
|
struct sc_path file_id;
|
|
|
|
|
int modulus_length;
|
|
|
|
|
};
|
|
|
|
|
|
2002-01-16 23:59:18 +00:00
|
|
|
|
struct sc_pkcs15_object {
|
|
|
|
|
int type;
|
|
|
|
|
void *data;
|
|
|
|
|
|
|
|
|
|
/* For linked list purposes */
|
|
|
|
|
struct sc_pkcs15_object *next;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_PRKDF 0
|
|
|
|
|
#define SC_PKCS15_PUKDF 1
|
|
|
|
|
#define SC_PKCS15_PUKDF_TRUSTED 2
|
|
|
|
|
#define SC_PKCS15_SKDF 3
|
|
|
|
|
#define SC_PKCS15_CDF 4
|
|
|
|
|
#define SC_PKCS15_CDF_TRUSTED 5
|
|
|
|
|
#define SC_PKCS15_CDF_USEFUL 6
|
|
|
|
|
#define SC_PKCS15_DODF 7
|
|
|
|
|
#define SC_PKCS15_AODF 8
|
|
|
|
|
#define SC_PKCS15_DF_TYPE_COUNT 9
|
2002-01-13 23:56:13 +00:00
|
|
|
|
|
2002-01-16 23:59:18 +00:00
|
|
|
|
#define SC_PKCS15_MAX_DFS 4
|
2002-01-13 23:56:13 +00:00
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_df {
|
|
|
|
|
struct sc_file *file[SC_PKCS15_MAX_DFS];
|
2002-01-16 23:59:18 +00:00
|
|
|
|
struct sc_pkcs15_object *obj[SC_PKCS15_MAX_DFS];
|
|
|
|
|
int count, record_length, type;
|
2002-01-13 23:56:13 +00:00
|
|
|
|
};
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
|
struct sc_pkcs15_card {
|
|
|
|
|
struct sc_card *card;
|
|
|
|
|
char *label;
|
|
|
|
|
/* fields from TokenInfo: */
|
|
|
|
|
int version;
|
|
|
|
|
char *serial_number, *manufacturer_id;
|
2002-01-13 23:56:13 +00:00
|
|
|
|
unsigned long flags;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
struct sc_pkcs15_algorithm_info alg_info[1];
|
2002-01-13 23:56:13 +00:00
|
|
|
|
/* FIXME: this could be done better with some C pre-processor
|
|
|
|
|
* magic */
|
2001-11-01 15:43:20 +00:00
|
|
|
|
struct sc_pkcs15_cert_info cert_info[SC_PKCS15_MAX_CERTS];
|
|
|
|
|
int cert_count;
|
|
|
|
|
struct sc_pkcs15_prkey_info prkey_info[SC_PKCS15_MAX_PRKEYS];
|
|
|
|
|
int prkey_count;
|
|
|
|
|
struct sc_pkcs15_pin_info pin_info[SC_PKCS15_MAX_PINS];
|
|
|
|
|
int pin_count;
|
2001-11-17 14:55:41 +00:00
|
|
|
|
|
2002-01-13 23:56:13 +00:00
|
|
|
|
/* FIXME: Move file_dir somewhere else, perhaps to sc_card */
|
2001-12-16 18:46:32 +00:00
|
|
|
|
struct sc_file file_dir, file_app;
|
2001-11-17 14:55:41 +00:00
|
|
|
|
struct sc_file file_tokeninfo, file_odf;
|
2002-01-13 23:56:13 +00:00
|
|
|
|
struct sc_pkcs15_df df[SC_PKCS15_DF_TYPE_COUNT];
|
2001-12-22 20:43:09 +00:00
|
|
|
|
|
|
|
|
|
int use_cache;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_CARD_FLAG_READONLY 0x01
|
|
|
|
|
#define SC_PKCS15_CARD_FLAG_LOGIN_REQUIRED 0x02
|
|
|
|
|
#define SC_PKCS15_CARD_FLAG_PRN_GENERATION 0x04
|
|
|
|
|
#define SC_PKCS15_CARD_FLAG_EID_COMPLIANT 0x08
|
|
|
|
|
|
2001-11-26 16:14:22 +00:00
|
|
|
|
struct sc_pkcs15_defaults {
|
|
|
|
|
const char *ef_dir_dump;
|
|
|
|
|
int (*defaults_func)(struct sc_pkcs15_card *, int arg);
|
|
|
|
|
int arg;
|
|
|
|
|
};
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
|
/* sc_pkcs15_bind: Binds a card object to a PKCS #15 card object
|
|
|
|
|
* and initializes a new PKCS#15 card object. Will return
|
|
|
|
|
* SC_ERROR_PKCS15_APP_NOT_FOUND, if the card hasn't got a
|
|
|
|
|
* valid PKCS #15 file structure. */
|
2001-12-21 23:34:47 +00:00
|
|
|
|
int sc_pkcs15_bind(struct sc_card *card,
|
2001-11-01 15:43:20 +00:00
|
|
|
|
struct sc_pkcs15_card **pkcs15_card);
|
2002-01-10 12:33:56 +00:00
|
|
|
|
/* sc_pkcs_unbind: Releases a PKCS #15 card object, and frees any
|
|
|
|
|
* memory allocations done on the card object. */
|
2001-12-21 23:34:47 +00:00
|
|
|
|
int sc_pkcs15_unbind(struct sc_pkcs15_card *card);
|
2001-11-20 22:21:58 +00:00
|
|
|
|
|
2002-01-16 23:59:18 +00:00
|
|
|
|
struct sc_pkcs15_card * sc_pkcs15_card_new();
|
|
|
|
|
void sc_pkcs15_card_free(struct sc_pkcs15_card *p15card);
|
|
|
|
|
|
2001-11-20 22:21:58 +00:00
|
|
|
|
int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_pkcs15_prkey_info *prkey,
|
2001-11-21 21:19:58 +00:00
|
|
|
|
const u8 *in, int inlen, u8 *out, int outlen);
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_HASH_NONE 0
|
|
|
|
|
#define SC_PKCS15_HASH_SHA1 1
|
|
|
|
|
|
|
|
|
|
int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_pkcs15_prkey_info *prkey,
|
|
|
|
|
int hash, const u8 *in, int inlen, u8 *out,
|
|
|
|
|
int outlen);
|
2001-11-20 22:21:58 +00:00
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
|
void sc_pkcs15_print_card(const struct sc_pkcs15_card *card);
|
|
|
|
|
|
|
|
|
|
void sc_pkcs15_print_cert_info(const struct sc_pkcs15_cert_info *cert);
|
|
|
|
|
int sc_pkcs15_enum_certificates(struct sc_pkcs15_card *card);
|
|
|
|
|
int sc_pkcs15_read_certificate(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_cert_info *info,
|
|
|
|
|
struct sc_pkcs15_cert **cert);
|
|
|
|
|
void sc_pkcs15_free_certificate(struct sc_pkcs15_cert *cert);
|
2001-11-21 21:19:58 +00:00
|
|
|
|
int sc_pkcs15_find_cert_by_id(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
|
|
|
|
struct sc_pkcs15_cert_info **out);
|
2002-01-10 12:33:56 +00:00
|
|
|
|
/* sc_pkcs15_create_cdf: Creates a new certificate DF on a card pointed
|
|
|
|
|
* by <card>. Information about the file, such as the file ID, is read
|
|
|
|
|
* from <file>. <certs> has to be NULL-terminated. */
|
|
|
|
|
int sc_pkcs15_create_cdf(struct sc_pkcs15_card *card,
|
|
|
|
|
struct sc_file *file,
|
|
|
|
|
const struct sc_pkcs15_cert_info **certs);
|
2002-01-17 11:44:27 +00:00
|
|
|
|
int sc_pkcs15_create(struct sc_pkcs15_card *p15card, struct sc_card *card);
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
|
void sc_pkcs15_print_prkey_info(const struct sc_pkcs15_prkey_info *prkey);
|
|
|
|
|
int sc_pkcs15_enum_private_keys(struct sc_pkcs15_card *card);
|
2001-11-20 22:21:58 +00:00
|
|
|
|
int sc_pkcs15_find_prkey_by_id(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
|
|
|
|
struct sc_pkcs15_prkey_info **out);
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
|
void sc_pkcs15_print_pin_info(const struct sc_pkcs15_pin_info *pin);
|
|
|
|
|
int sc_pkcs15_enum_pins(struct sc_pkcs15_card *card);
|
|
|
|
|
int sc_pkcs15_verify_pin(struct sc_pkcs15_card *card,
|
|
|
|
|
struct sc_pkcs15_pin_info *pin,
|
2001-11-22 15:40:51 +00:00
|
|
|
|
const u8 *pincode, int pinlen);
|
2001-11-01 15:43:20 +00:00
|
|
|
|
int sc_pkcs15_change_pin(struct sc_pkcs15_card *card,
|
|
|
|
|
struct sc_pkcs15_pin_info *pin,
|
2001-12-29 02:07:32 +00:00
|
|
|
|
const u8 *oldpincode, int oldpinlen,
|
|
|
|
|
const u8 *newpincode, int newpinlen);
|
2001-11-20 22:21:58 +00:00
|
|
|
|
int sc_pkcs15_find_pin_by_auth_id(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
|
|
|
|
struct sc_pkcs15_pin_info **out);
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
2002-01-17 23:47:03 +00:00
|
|
|
|
int sc_pkcs15_encode_df(struct sc_context *ctx,
|
2002-01-16 23:59:18 +00:00
|
|
|
|
struct sc_pkcs15_df *df, int file_nr,
|
|
|
|
|
u8 **buf, size_t *bufsize);
|
2002-01-17 23:47:03 +00:00
|
|
|
|
int sc_pkcs15_encode_cdf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *bufsize);
|
|
|
|
|
int sc_pkcs15_encode_prkdf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *bufsize);
|
|
|
|
|
int sc_pkcs15_encode_aodf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *bufsize);
|
2002-01-16 23:59:18 +00:00
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
|
int sc_pkcs15_compare_id(const struct sc_pkcs15_id *id1,
|
|
|
|
|
const struct sc_pkcs15_id *id2);
|
|
|
|
|
void sc_pkcs15_print_id(const struct sc_pkcs15_id *id);
|
2002-01-17 23:47:03 +00:00
|
|
|
|
void sc_pkcs15_format_id(const char *id_in, struct sc_pkcs15_id *id_out);
|
|
|
|
|
|
2001-11-20 22:21:58 +00:00
|
|
|
|
int sc_pkcs15_hex_string_to_id(const char *in, struct sc_pkcs15_id *out);
|
2002-01-16 23:59:18 +00:00
|
|
|
|
int sc_pkcs15_add_object(struct sc_context *ctx, struct sc_pkcs15_df *df,
|
2002-01-17 11:44:27 +00:00
|
|
|
|
int file_nr, int obj_type, const void *data,
|
|
|
|
|
size_t data_size);
|
2001-11-26 16:14:22 +00:00
|
|
|
|
extern const struct sc_pkcs15_defaults sc_pkcs15_card_table[];
|
|
|
|
|
|
2001-12-08 15:27:40 +00:00
|
|
|
|
#ifdef __cplusplus
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
|
#endif
|