2001-11-06 18:34:19 +00:00
|
|
|
/*
|
2002-04-05 10:44:51 +00:00
|
|
|
* pkcs15.h: OpenSC PKCS#15 header file
|
2001-11-01 15:43:20 +00:00
|
|
|
*
|
2006-12-19 21:31:17 +00:00
|
|
|
* Copyright (C) 2001, 2002 Juha Yrjölä <juha.yrjola@iki.fi>
|
2001-11-01 15:43:20 +00:00
|
|
|
*
|
2001-11-06 18:34:19 +00:00
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
2001-11-01 15:43:20 +00:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2001-11-06 18:34:19 +00:00
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
2001-11-01 15:43:20 +00:00
|
|
|
*
|
2001-11-06 18:34:19 +00:00
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
2001-11-01 15:43:20 +00:00
|
|
|
*/
|
|
|
|
|
|
2001-12-30 21:17:34 +00:00
|
|
|
#ifndef _OPENSC_PKCS15_H
|
|
|
|
|
#define _OPENSC_PKCS15_H
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2005-02-02 10:21:10 +00:00
|
|
|
#ifdef __cplusplus
|
2001-12-08 15:27:40 +00:00
|
|
|
extern "C" {
|
|
|
|
|
#endif
|
|
|
|
|
|
2010-03-04 08:14:36 +00:00
|
|
|
#include "libopensc/opensc.h"
|
2016-04-04 09:41:51 +00:00
|
|
|
#include "libopensc/aux-data.h"
|
2002-04-19 14:23:31 +00:00
|
|
|
|
2001-12-11 14:52:17 +00:00
|
|
|
#define SC_PKCS15_CACHE_DIR ".eid"
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
#define SC_PKCS15_PIN_MAGIC 0x31415926
|
2004-01-07 09:51:07 +00:00
|
|
|
#define SC_PKCS15_MAX_PINS 8
|
2003-05-13 13:43:09 +00:00
|
|
|
#define SC_PKCS15_MAX_LABEL_SIZE 255
|
2003-06-28 07:02:26 +00:00
|
|
|
#define SC_PKCS15_MAX_ID_SIZE 255
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
/* When changing this value, change also initialisation of the
|
2010-07-06 09:09:04 +00:00
|
|
|
* static ASN1 variables, that use this macro,
|
2012-05-27 19:20:22 +00:00
|
|
|
* like for example, 'c_asn1_access_control_rules'
|
2010-07-06 09:09:04 +00:00
|
|
|
* in src/libopensc/asn1.c */
|
|
|
|
|
#define SC_PKCS15_MAX_ACCESS_RULES 8
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
struct sc_pkcs15_id {
|
|
|
|
|
u8 value[SC_PKCS15_MAX_ID_SIZE];
|
2001-12-30 21:17:34 +00:00
|
|
|
size_t len;
|
2001-11-01 15:43:20 +00:00
|
|
|
};
|
2002-04-04 09:20:19 +00:00
|
|
|
typedef struct sc_pkcs15_id sc_pkcs15_id_t;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2002-01-24 16:02:54 +00:00
|
|
|
#define SC_PKCS15_CO_FLAG_PRIVATE 0x00000001
|
|
|
|
|
#define SC_PKCS15_CO_FLAG_MODIFIABLE 0x00000002
|
2002-01-13 23:56:13 +00:00
|
|
|
#define SC_PKCS15_CO_FLAG_OBJECT_SEEN 0x80000000 /* for PKCS #11 module */
|
|
|
|
|
|
2002-01-24 16:02:54 +00:00
|
|
|
#define SC_PKCS15_PIN_FLAG_CASE_SENSITIVE 0x0001
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_LOCAL 0x0002
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_CHANGE_DISABLED 0x0004
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED 0x0008
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_INITIALIZED 0x0010
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_NEEDS_PADDING 0x0020
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN 0x0040
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_SO_PIN 0x0080
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_DISABLE_ALLOW 0x0100
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_INTEGRITY_PROTECTED 0x0200
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_CONFIDENTIALITY_PROTECTED 0x0400
|
|
|
|
|
#define SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA 0x0800
|
|
|
|
|
|
2012-05-25 07:13:40 +00:00
|
|
|
#define SC_PKCS15_PIN_TYPE_FLAGS_MASK \
|
2012-05-27 19:20:22 +00:00
|
|
|
( SC_PKCS15_PIN_FLAG_LOCAL | SC_PKCS15_PIN_FLAG_INITIALIZED \
|
2012-05-25 07:13:40 +00:00
|
|
|
| SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN | SC_PKCS15_PIN_FLAG_SO_PIN )
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_PIN_TYPE_FLAGS_SOPIN \
|
|
|
|
|
( SC_PKCS15_PIN_FLAG_SO_PIN | SC_PKCS15_PIN_FLAG_INITIALIZED )
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_PIN_TYPE_FLAGS_PIN_GLOBAL \
|
|
|
|
|
( SC_PKCS15_PIN_FLAG_INITIALIZED )
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_PIN_TYPE_FLAGS_PIN_LOCAL \
|
|
|
|
|
( SC_PKCS15_PIN_FLAG_INITIALIZED | SC_PKCS15_PIN_FLAG_LOCAL)
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_PIN_TYPE_FLAGS_PUK_GLOBAL \
|
2013-12-29 18:46:30 +00:00
|
|
|
( SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN \
|
2012-05-25 07:13:40 +00:00
|
|
|
| SC_PKCS15_PIN_FLAG_INITIALIZED )
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_PIN_TYPE_FLAGS_PUK_LOCAL \
|
2013-12-29 18:46:30 +00:00
|
|
|
( SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN \
|
2012-05-25 07:13:40 +00:00
|
|
|
| SC_PKCS15_PIN_FLAG_INITIALIZED | SC_PKCS15_PIN_FLAG_LOCAL)
|
|
|
|
|
|
2002-01-24 16:02:54 +00:00
|
|
|
#define SC_PKCS15_PIN_TYPE_BCD 0
|
|
|
|
|
#define SC_PKCS15_PIN_TYPE_ASCII_NUMERIC 1
|
|
|
|
|
#define SC_PKCS15_PIN_TYPE_UTF8 2
|
2003-04-11 10:30:25 +00:00
|
|
|
#define SC_PKCS15_PIN_TYPE_HALFNIBBLE_BCD 3
|
|
|
|
|
#define SC_PKCS15_PIN_TYPE_ISO9564_1 4
|
2002-01-24 16:02:54 +00:00
|
|
|
|
2010-02-20 22:04:07 +00:00
|
|
|
#define SC_PKCS15_PIN_AUTH_TYPE_PIN 0
|
2011-06-13 09:23:30 +00:00
|
|
|
#define SC_PKCS15_PIN_AUTH_TYPE_BIOMETRIC 1
|
|
|
|
|
#define SC_PKCS15_PIN_AUTH_TYPE_AUTH_KEY 2
|
|
|
|
|
#define SC_PKCS15_PIN_AUTH_TYPE_SM_KEY 3
|
|
|
|
|
/* PinAttributes as they defined in PKCS#15 v1.1 for PIN authentication object */
|
2011-06-05 15:46:25 +00:00
|
|
|
struct sc_pkcs15_pin_attributes {
|
|
|
|
|
unsigned int flags, type;
|
|
|
|
|
size_t min_length, stored_length, max_length;
|
|
|
|
|
int reference;
|
|
|
|
|
u8 pad_char;
|
2011-06-05 16:51:36 +00:00
|
|
|
};
|
2011-06-13 09:23:30 +00:00
|
|
|
/* AuthKeyAttributes of the authKey authentication object */
|
2011-06-05 15:46:25 +00:00
|
|
|
struct sc_pkcs15_authkey_attributes {
|
|
|
|
|
int derived;
|
|
|
|
|
struct sc_pkcs15_id skey_id;
|
2011-06-05 16:51:36 +00:00
|
|
|
};
|
2011-06-13 09:23:30 +00:00
|
|
|
/* BiometricAttributes of the biometricTemplate authentication object */
|
2011-06-05 15:46:25 +00:00
|
|
|
struct sc_pkcs15_biometric_attributes {
|
2011-06-05 16:51:36 +00:00
|
|
|
unsigned int flags;
|
|
|
|
|
struct sc_object_id template_id;
|
|
|
|
|
/* ... */
|
|
|
|
|
};
|
2011-06-05 15:46:25 +00:00
|
|
|
struct sc_pkcs15_auth_info {
|
2011-06-13 09:23:30 +00:00
|
|
|
/* CommonAuthenticationObjectAttributes */
|
2011-06-05 15:46:25 +00:00
|
|
|
struct sc_pkcs15_id auth_id;
|
2011-06-13 09:23:30 +00:00
|
|
|
|
|
|
|
|
/* AuthObjectAttributes */
|
2011-06-05 15:46:25 +00:00
|
|
|
struct sc_path path;
|
|
|
|
|
unsigned auth_type;
|
|
|
|
|
union {
|
|
|
|
|
struct sc_pkcs15_pin_attributes pin;
|
|
|
|
|
struct sc_pkcs15_biometric_attributes bio;
|
|
|
|
|
struct sc_pkcs15_authkey_attributes authkey;
|
|
|
|
|
} attrs;
|
2011-06-13 09:23:30 +00:00
|
|
|
|
|
|
|
|
/* authentication method: CHV, SEN, SYMBOLIC, ... */
|
2011-06-05 15:46:25 +00:00
|
|
|
unsigned int auth_method;
|
2011-06-13 09:23:30 +00:00
|
|
|
|
2016-06-10 11:41:18 +00:00
|
|
|
int tries_left, max_tries, logged_in;
|
2013-12-25 22:08:03 +00:00
|
|
|
int max_unlocks;
|
2011-06-05 15:46:25 +00:00
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_auth_info sc_pkcs15_auth_info_t;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_COMPUTE_CHECKSUM 0x01
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_COMPUTE_SIGNATURE 0x02
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_VERIFY_CHECKSUM 0x04
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_VERIFY_SIGNATURE 0x08
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_ENCIPHER 0x10
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_DECIPHER 0x20
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_HASH 0x40
|
|
|
|
|
#define SC_PKCS15_ALGO_OP_GENERATE_KEY 0x80
|
|
|
|
|
|
2002-04-15 13:42:10 +00:00
|
|
|
/* A large integer, big endian notation */
|
|
|
|
|
struct sc_pkcs15_bignum {
|
|
|
|
|
u8 * data;
|
|
|
|
|
size_t len;
|
|
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_bignum sc_pkcs15_bignum_t;
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_der {
|
|
|
|
|
u8 * value;
|
|
|
|
|
size_t len;
|
|
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_der sc_pkcs15_der_t;
|
|
|
|
|
|
ECC ecpointQ Fixes
The original ECC code in OpenSC stored the ecpointQ as a DER encoded OCTET STRING.
Shortly before 0.13.0, code changes where made to store the ecpointQ as raw data
without the DER encoding.
Only some of the code was changed to support this but not all, and the comments
that said the ecpointQ was in DER where not changed either.
Some card drivers continued to work, using the original code in all place,
while some cards failed, as they where using a mixture of original code and
0.13.0 code.
This commit fixes these problems.
The ecpointQ is stored in raw format
A new structure type sc_pkcs15_u8 is defined.
The ecpointQ are changed to use the struct sc_pkcs15_u8. This was done to avoid
the confusion of using struct sc_pkcs15_der to hold non-DER encoded data.
(There may be other uses for this too...)
Comments are change is many places.
sc_pkcs15_decode_pubkey_ec was fixed to store the raw ecpointQ correctly.
sc_pkcs15_pubkey_from_spki was change to get the sc_ec_params from the alg_id
and fix up u.ec.params. Unfortunately the OpenSC code has two places EC parameters
are stored. They can get out of sync, or there may still be code
that looks in the wrng oplace. o(TODO get it to only only place.)
The u.ec.params.field_length is now set in a number of places, as this is need
in many of the PKCS#11 routines.
framework-pkcs15.c will now correctly return the DER encode ecpointQ,
for the CKA_EC_POINT attribute using pubkey->data which has the DER encoding
for the ecpointQ.
framework-pkcs15.c will look for the EC parameters in either the u.ec.params.der,
or in the alg_id->params. (TODO get it to only only place.)
pkcs15-myeid.c has some comments, as it looks like the code is storing a TLV
rather then a DER encoding of the ecpointQ. With the wrong encoding PKCS#11 will
return the wrong attribute for CKA_ECDSA_PARAMS.
pkcs15-piv.c is changed so emulation of a pubkey taken from a certificate will
work correctly.
2013-11-06 22:09:29 +00:00
|
|
|
struct sc_pkcs15_u8 {
|
|
|
|
|
u8 * value;
|
|
|
|
|
size_t len;
|
|
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_u8 sc_pkcs15_u8_t;
|
|
|
|
|
|
2017-04-17 07:57:12 +00:00
|
|
|
struct sc_pkcs15_data {
|
|
|
|
|
u8 *data; /* DER encoded raw data object */
|
|
|
|
|
size_t data_len;
|
|
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_data sc_pkcs15_data_t;
|
|
|
|
|
|
|
|
|
|
#define sc_pkcs15_skey sc_pkcs15_data
|
|
|
|
|
#define sc_pkcs15_skey_t sc_pkcs15_data_t
|
|
|
|
|
|
2002-03-03 00:32:28 +00:00
|
|
|
struct sc_pkcs15_pubkey_rsa {
|
2002-04-15 13:42:10 +00:00
|
|
|
sc_pkcs15_bignum_t modulus;
|
|
|
|
|
sc_pkcs15_bignum_t exponent;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_prkey_rsa {
|
|
|
|
|
/* public components */
|
|
|
|
|
sc_pkcs15_bignum_t modulus;
|
|
|
|
|
sc_pkcs15_bignum_t exponent;
|
|
|
|
|
|
|
|
|
|
/* private components */
|
|
|
|
|
sc_pkcs15_bignum_t d;
|
|
|
|
|
sc_pkcs15_bignum_t p;
|
|
|
|
|
sc_pkcs15_bignum_t q;
|
|
|
|
|
|
|
|
|
|
/* optional CRT elements */
|
|
|
|
|
sc_pkcs15_bignum_t iqmp;
|
|
|
|
|
sc_pkcs15_bignum_t dmp1;
|
|
|
|
|
sc_pkcs15_bignum_t dmq1;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_pubkey_dsa {
|
|
|
|
|
sc_pkcs15_bignum_t pub;
|
|
|
|
|
sc_pkcs15_bignum_t p;
|
|
|
|
|
sc_pkcs15_bignum_t q;
|
|
|
|
|
sc_pkcs15_bignum_t g;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_prkey_dsa {
|
|
|
|
|
/* public components */
|
|
|
|
|
sc_pkcs15_bignum_t pub;
|
|
|
|
|
sc_pkcs15_bignum_t p;
|
|
|
|
|
sc_pkcs15_bignum_t q;
|
|
|
|
|
sc_pkcs15_bignum_t g;
|
|
|
|
|
|
|
|
|
|
/* private key */
|
|
|
|
|
sc_pkcs15_bignum_t priv;
|
|
|
|
|
};
|
|
|
|
|
|
2011-05-29 18:18:43 +00:00
|
|
|
struct sc_pkcs15_gost_parameters {
|
|
|
|
|
struct sc_object_id key;
|
|
|
|
|
struct sc_object_id hash;
|
|
|
|
|
struct sc_object_id cipher;
|
|
|
|
|
};
|
|
|
|
|
|
2010-11-30 19:13:48 +00:00
|
|
|
struct sc_pkcs15_pubkey_ec {
|
2015-02-14 16:47:59 +00:00
|
|
|
struct sc_ec_parameters params;
|
2014-02-02 21:16:00 +00:00
|
|
|
struct sc_pkcs15_u8 ecpointQ; /* This is NOT DER, just value and length */
|
2010-11-30 19:13:48 +00:00
|
|
|
};
|
|
|
|
|
|
2020-02-24 17:29:32 +00:00
|
|
|
struct sc_pkcs15_pubkey_eddsa {
|
|
|
|
|
struct sc_pkcs15_u8 pubkey;
|
|
|
|
|
};
|
|
|
|
|
|
2010-11-30 19:13:48 +00:00
|
|
|
struct sc_pkcs15_prkey_ec {
|
2015-02-14 16:47:59 +00:00
|
|
|
struct sc_ec_parameters params;
|
2010-11-30 19:13:48 +00:00
|
|
|
sc_pkcs15_bignum_t privateD; /* note this is bignum */
|
ECC ecpointQ Fixes
The original ECC code in OpenSC stored the ecpointQ as a DER encoded OCTET STRING.
Shortly before 0.13.0, code changes where made to store the ecpointQ as raw data
without the DER encoding.
Only some of the code was changed to support this but not all, and the comments
that said the ecpointQ was in DER where not changed either.
Some card drivers continued to work, using the original code in all place,
while some cards failed, as they where using a mixture of original code and
0.13.0 code.
This commit fixes these problems.
The ecpointQ is stored in raw format
A new structure type sc_pkcs15_u8 is defined.
The ecpointQ are changed to use the struct sc_pkcs15_u8. This was done to avoid
the confusion of using struct sc_pkcs15_der to hold non-DER encoded data.
(There may be other uses for this too...)
Comments are change is many places.
sc_pkcs15_decode_pubkey_ec was fixed to store the raw ecpointQ correctly.
sc_pkcs15_pubkey_from_spki was change to get the sc_ec_params from the alg_id
and fix up u.ec.params. Unfortunately the OpenSC code has two places EC parameters
are stored. They can get out of sync, or there may still be code
that looks in the wrng oplace. o(TODO get it to only only place.)
The u.ec.params.field_length is now set in a number of places, as this is need
in many of the PKCS#11 routines.
framework-pkcs15.c will now correctly return the DER encode ecpointQ,
for the CKA_EC_POINT attribute using pubkey->data which has the DER encoding
for the ecpointQ.
framework-pkcs15.c will look for the EC parameters in either the u.ec.params.der,
or in the alg_id->params. (TODO get it to only only place.)
pkcs15-myeid.c has some comments, as it looks like the code is storing a TLV
rather then a DER encoding of the ecpointQ. With the wrong encoding PKCS#11 will
return the wrong attribute for CKA_ECDSA_PARAMS.
pkcs15-piv.c is changed so emulation of a pubkey taken from a certificate will
work correctly.
2013-11-06 22:09:29 +00:00
|
|
|
struct sc_pkcs15_u8 ecpointQ; /* This is NOT DER, just value and length */
|
2010-11-30 19:13:48 +00:00
|
|
|
};
|
|
|
|
|
|
2020-02-24 17:29:32 +00:00
|
|
|
struct sc_pkcs15_prkey_eddsa {
|
|
|
|
|
struct sc_pkcs15_u8 pubkey;
|
|
|
|
|
struct sc_pkcs15_u8 value;
|
|
|
|
|
};
|
|
|
|
|
|
2009-10-05 20:10:07 +00:00
|
|
|
struct sc_pkcs15_pubkey_gostr3410 {
|
2011-05-29 18:18:43 +00:00
|
|
|
struct sc_pkcs15_gost_parameters params;
|
2009-11-19 15:41:03 +00:00
|
|
|
sc_pkcs15_bignum_t xy;
|
2009-10-05 20:10:07 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_prkey_gostr3410 {
|
2011-05-29 18:18:43 +00:00
|
|
|
struct sc_pkcs15_gost_parameters params;
|
2009-10-05 20:10:07 +00:00
|
|
|
sc_pkcs15_bignum_t d;
|
|
|
|
|
};
|
|
|
|
|
|
2002-04-15 13:42:10 +00:00
|
|
|
struct sc_pkcs15_pubkey {
|
|
|
|
|
int algorithm;
|
2010-10-12 15:26:45 +00:00
|
|
|
struct sc_algorithm_id * alg_id;
|
2002-04-17 18:33:27 +00:00
|
|
|
|
|
|
|
|
/* Decoded key */
|
2002-04-15 13:42:10 +00:00
|
|
|
union {
|
|
|
|
|
struct sc_pkcs15_pubkey_rsa rsa;
|
|
|
|
|
struct sc_pkcs15_pubkey_dsa dsa;
|
2010-11-30 19:13:48 +00:00
|
|
|
struct sc_pkcs15_pubkey_ec ec;
|
2020-02-24 17:29:32 +00:00
|
|
|
struct sc_pkcs15_pubkey_eddsa eddsa;
|
2009-10-05 20:10:07 +00:00
|
|
|
struct sc_pkcs15_pubkey_gostr3410 gostr3410;
|
2002-04-15 13:42:10 +00:00
|
|
|
} u;
|
|
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_pubkey sc_pkcs15_pubkey_t;
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_prkey {
|
2004-12-22 09:54:41 +00:00
|
|
|
unsigned int algorithm;
|
2010-10-12 15:26:45 +00:00
|
|
|
/* TODO do we need: struct sc_algorithm_id * alg_id; */
|
|
|
|
|
|
2002-04-15 13:42:10 +00:00
|
|
|
union {
|
|
|
|
|
struct sc_pkcs15_prkey_rsa rsa;
|
|
|
|
|
struct sc_pkcs15_prkey_dsa dsa;
|
2010-11-30 19:13:48 +00:00
|
|
|
struct sc_pkcs15_prkey_ec ec;
|
2020-02-24 17:29:32 +00:00
|
|
|
struct sc_pkcs15_prkey_eddsa eddsa;
|
2009-10-05 20:10:07 +00:00
|
|
|
struct sc_pkcs15_prkey_gostr3410 gostr3410;
|
2017-04-17 07:57:12 +00:00
|
|
|
struct sc_pkcs15_skey secret;
|
2002-04-15 13:42:10 +00:00
|
|
|
} u;
|
2001-11-01 15:43:20 +00:00
|
|
|
};
|
2002-04-15 13:42:10 +00:00
|
|
|
typedef struct sc_pkcs15_prkey sc_pkcs15_prkey_t;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2002-04-17 09:00:52 +00:00
|
|
|
/* Enveloped objects can be used to provide additional
|
|
|
|
|
* protection to non-native private keys */
|
|
|
|
|
struct sc_pkcs15_enveloped_data {
|
|
|
|
|
/* recipient info */
|
|
|
|
|
sc_pkcs15_id_t id; /* key ID */
|
|
|
|
|
struct sc_algorithm_id ke_alg; /* key-encryption algo */
|
|
|
|
|
u8 *key; /* encrypted key */
|
|
|
|
|
size_t key_len;
|
|
|
|
|
struct sc_algorithm_id ce_alg; /* content-encryption algo */
|
|
|
|
|
u8 *content; /* encrypted content */
|
|
|
|
|
size_t content_len;
|
|
|
|
|
};
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
struct sc_pkcs15_cert {
|
|
|
|
|
int version;
|
2002-03-15 10:10:33 +00:00
|
|
|
u8 *serial;
|
|
|
|
|
size_t serial_len;
|
2002-03-15 15:19:34 +00:00
|
|
|
u8 *issuer;
|
|
|
|
|
size_t issuer_len;
|
2002-03-20 13:08:09 +00:00
|
|
|
u8 *subject;
|
|
|
|
|
size_t subject_len;
|
2016-08-15 11:38:29 +00:00
|
|
|
u8 *extensions;
|
|
|
|
|
size_t extensions_len;
|
2002-01-24 16:02:54 +00:00
|
|
|
|
2010-10-12 15:26:45 +00:00
|
|
|
struct sc_pkcs15_pubkey * key;
|
2012-09-30 20:38:27 +00:00
|
|
|
|
|
|
|
|
/* DER encoded raw cert */
|
|
|
|
|
struct sc_pkcs15_der data;
|
2001-11-01 15:43:20 +00:00
|
|
|
};
|
2002-04-04 09:20:19 +00:00
|
|
|
typedef struct sc_pkcs15_cert sc_pkcs15_cert_t;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
struct sc_pkcs15_cert_info {
|
2002-03-03 00:32:28 +00:00
|
|
|
struct sc_pkcs15_id id; /* correlates to private key id */
|
2001-11-01 15:43:20 +00:00
|
|
|
int authority; /* boolean */
|
|
|
|
|
/* identifiers [2] SEQUENCE OF CredentialIdentifier{{KeyIdentifiers}} */
|
|
|
|
|
struct sc_path path;
|
2003-11-19 20:31:52 +00:00
|
|
|
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_der value;
|
2001-11-01 15:43:20 +00:00
|
|
|
};
|
2002-04-04 09:20:19 +00:00
|
|
|
typedef struct sc_pkcs15_cert_info sc_pkcs15_cert_info_t;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2002-12-18 10:17:01 +00:00
|
|
|
struct sc_pkcs15_data_info {
|
2002-12-19 14:26:54 +00:00
|
|
|
/* FIXME: there is no pkcs15 ID in DataType */
|
|
|
|
|
struct sc_pkcs15_id id;
|
|
|
|
|
|
|
|
|
|
/* Identify the application:
|
|
|
|
|
* either or both may be set */
|
|
|
|
|
char app_label[SC_PKCS15_MAX_LABEL_SIZE];
|
|
|
|
|
struct sc_object_id app_oid;
|
|
|
|
|
|
2002-12-18 10:17:01 +00:00
|
|
|
struct sc_path path;
|
2013-03-11 12:04:10 +00:00
|
|
|
|
|
|
|
|
struct sc_pkcs15_der data;
|
2002-12-18 10:17:01 +00:00
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_data_info sc_pkcs15_data_info_t;
|
|
|
|
|
|
2013-12-25 19:26:19 +00:00
|
|
|
/* keyUsageFlags are the same for all key types */
|
2001-11-26 16:14:22 +00:00
|
|
|
#define SC_PKCS15_PRKEY_USAGE_ENCRYPT 0x01
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_DECRYPT 0x02
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_SIGN 0x04
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_SIGNRECOVER 0x08
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_WRAP 0x10
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_UNWRAP 0x20
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_VERIFY 0x40
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER 0x80
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_DERIVE 0x100
|
|
|
|
|
#define SC_PKCS15_PRKEY_USAGE_NONREPUDIATION 0x200
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_SENSITIVE 0x01
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_EXTRACTABLE 0x02
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE 0x04
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE 0x08
|
|
|
|
|
#define SC_PKCS15_PRKEY_ACCESS_LOCAL 0x10
|
|
|
|
|
|
2009-10-05 20:10:07 +00:00
|
|
|
#define SC_PKCS15_PARAMSET_GOSTR3410_A 1
|
|
|
|
|
#define SC_PKCS15_PARAMSET_GOSTR3410_B 2
|
|
|
|
|
#define SC_PKCS15_PARAMSET_GOSTR3410_C 3
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_GOSTR3410_KEYSIZE 256
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_keyinfo_gostparams
|
|
|
|
|
{
|
|
|
|
|
unsigned int gostr3410, gostr3411, gost28147;
|
|
|
|
|
};
|
|
|
|
|
|
2010-07-06 09:09:04 +00:00
|
|
|
/* AccessMode bit definitions specified in PKCS#15 v1.1
|
|
|
|
|
* and extended by IAS/ECC v1.0.1 specification. */
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_READ 0x01
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_UPDATE 0x02
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_EXECUTE 0x04
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_DELETE 0x08
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_ATTRIBUTE 0x10
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_PSO_CDS 0x20
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_PSO_VERIFY 0x40
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_PSO_DECRYPT 0x80
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_PSO_ENCRYPT 0x100
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_INT_AUTH 0x200
|
|
|
|
|
#define SC_PKCS15_ACCESS_RULE_MODE_EXT_AUTH 0x400
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_accessrule {
|
|
|
|
|
unsigned access_mode;
|
|
|
|
|
struct sc_pkcs15_id auth_id;
|
|
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_accessrule sc_pkcs15_accessrule_t;
|
|
|
|
|
|
|
|
|
|
|
2011-05-01 19:18:14 +00:00
|
|
|
struct sc_pkcs15_key_params {
|
|
|
|
|
void *data;
|
|
|
|
|
size_t len;
|
|
|
|
|
void (*free_params)(void *);
|
|
|
|
|
};
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
struct sc_pkcs15_prkey_info {
|
|
|
|
|
struct sc_pkcs15_id id; /* correlates to public certificate id */
|
2002-01-20 21:20:09 +00:00
|
|
|
unsigned int usage, access_flags;
|
|
|
|
|
int native, key_reference;
|
2010-11-30 19:13:48 +00:00
|
|
|
/* convert to union if other types are supported */
|
|
|
|
|
size_t modulus_length; /* RSA */
|
|
|
|
|
size_t field_length; /* EC in bits */
|
2010-07-05 13:29:10 +00:00
|
|
|
|
2011-04-06 22:46:46 +00:00
|
|
|
unsigned int algo_refs[SC_MAX_SUPPORTED_ALGORITHMS];
|
2011-01-13 14:05:19 +00:00
|
|
|
|
2010-07-05 13:29:10 +00:00
|
|
|
struct sc_pkcs15_der subject;
|
|
|
|
|
|
2011-05-01 19:18:14 +00:00
|
|
|
struct sc_pkcs15_key_params params;
|
2002-01-20 21:20:09 +00:00
|
|
|
|
|
|
|
|
struct sc_path path;
|
2013-12-29 18:46:30 +00:00
|
|
|
|
2016-04-04 09:41:51 +00:00
|
|
|
/* Non-pkcs15 data, like MD CMAP record */
|
|
|
|
|
struct sc_auxiliary_data *aux_data;
|
2001-11-01 15:43:20 +00:00
|
|
|
};
|
2003-05-30 09:54:14 +00:00
|
|
|
typedef struct sc_pkcs15_prkey_info sc_pkcs15_prkey_info_t;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2002-03-03 00:32:28 +00:00
|
|
|
struct sc_pkcs15_pubkey_info {
|
|
|
|
|
struct sc_pkcs15_id id; /* correlates to private key id */
|
|
|
|
|
unsigned int usage, access_flags;
|
|
|
|
|
int native, key_reference;
|
2010-11-30 19:13:48 +00:00
|
|
|
/* convert to union if other types are supported */
|
|
|
|
|
size_t modulus_length; /* RSA */
|
|
|
|
|
size_t field_length; /* EC in bits */
|
2010-07-05 13:29:10 +00:00
|
|
|
|
2011-04-06 22:46:46 +00:00
|
|
|
unsigned int algo_refs[SC_MAX_SUPPORTED_ALGORITHMS];
|
2011-01-13 14:05:19 +00:00
|
|
|
|
2010-07-05 13:29:10 +00:00
|
|
|
struct sc_pkcs15_der subject;
|
|
|
|
|
|
2011-05-01 19:18:14 +00:00
|
|
|
struct sc_pkcs15_key_params params;
|
2002-03-03 00:32:28 +00:00
|
|
|
|
|
|
|
|
struct sc_path path;
|
2014-02-02 21:16:00 +00:00
|
|
|
|
|
|
|
|
struct {
|
|
|
|
|
struct sc_pkcs15_der raw;
|
|
|
|
|
struct sc_pkcs15_der spki;
|
|
|
|
|
} direct;
|
2002-03-03 00:32:28 +00:00
|
|
|
};
|
2003-05-30 09:54:14 +00:00
|
|
|
typedef struct sc_pkcs15_pubkey_info sc_pkcs15_pubkey_info_t;
|
2002-03-03 00:32:28 +00:00
|
|
|
|
2012-05-26 19:17:39 +00:00
|
|
|
struct sc_pkcs15_skey_info {
|
|
|
|
|
struct sc_pkcs15_id id;
|
|
|
|
|
unsigned int usage, access_flags;
|
|
|
|
|
int native, key_reference;
|
|
|
|
|
size_t value_len;
|
|
|
|
|
unsigned long key_type;
|
2016-12-15 12:22:08 +00:00
|
|
|
unsigned int algo_refs[SC_MAX_SUPPORTED_ALGORITHMS];
|
2012-05-26 19:17:39 +00:00
|
|
|
struct sc_path path; /* if on card */
|
|
|
|
|
struct sc_pkcs15_der data;
|
|
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_skey_info sc_pkcs15_skey_info_t;
|
|
|
|
|
|
2002-03-03 00:32:28 +00:00
|
|
|
#define SC_PKCS15_TYPE_CLASS_MASK 0xF00
|
|
|
|
|
|
|
|
|
|
#define SC_PKCS15_TYPE_PRKEY 0x100
|
|
|
|
|
#define SC_PKCS15_TYPE_PRKEY_RSA 0x101
|
2002-03-15 12:48:06 +00:00
|
|
|
#define SC_PKCS15_TYPE_PRKEY_DSA 0x102
|
2009-10-05 20:10:07 +00:00
|
|
|
#define SC_PKCS15_TYPE_PRKEY_GOSTR3410 0x103
|
2010-11-30 19:13:48 +00:00
|
|
|
#define SC_PKCS15_TYPE_PRKEY_EC 0x104
|
2020-02-24 17:29:32 +00:00
|
|
|
#define SC_PKCS15_TYPE_PRKEY_EDDSA 0x105
|
|
|
|
|
#define SC_PKCS15_TYPE_PRKEY_XEDDSA 0x106
|
2002-03-03 00:32:28 +00:00
|
|
|
|
|
|
|
|
#define SC_PKCS15_TYPE_PUBKEY 0x200
|
|
|
|
|
#define SC_PKCS15_TYPE_PUBKEY_RSA 0x201
|
2002-03-15 12:48:06 +00:00
|
|
|
#define SC_PKCS15_TYPE_PUBKEY_DSA 0x202
|
2009-10-05 20:10:07 +00:00
|
|
|
#define SC_PKCS15_TYPE_PUBKEY_GOSTR3410 0x203
|
2010-11-30 19:13:48 +00:00
|
|
|
#define SC_PKCS15_TYPE_PUBKEY_EC 0x204
|
2020-02-24 17:29:32 +00:00
|
|
|
#define SC_PKCS15_TYPE_PUBKEY_EDDSA 0x205
|
|
|
|
|
#define SC_PKCS15_TYPE_PUBKEY_XEDDSA 0x206
|
2002-03-03 00:32:28 +00:00
|
|
|
|
2012-05-26 19:17:39 +00:00
|
|
|
#define SC_PKCS15_TYPE_SKEY 0x300
|
|
|
|
|
#define SC_PKCS15_TYPE_SKEY_GENERIC 0x301
|
|
|
|
|
#define SC_PKCS15_TYPE_SKEY_DES 0x302
|
|
|
|
|
#define SC_PKCS15_TYPE_SKEY_2DES 0x303
|
|
|
|
|
#define SC_PKCS15_TYPE_SKEY_3DES 0x304
|
|
|
|
|
|
2002-03-03 00:32:28 +00:00
|
|
|
#define SC_PKCS15_TYPE_CERT 0x400
|
|
|
|
|
#define SC_PKCS15_TYPE_CERT_X509 0x401
|
2002-01-24 16:02:54 +00:00
|
|
|
#define SC_PKCS15_TYPE_CERT_SPKI 0x402
|
2002-03-03 00:32:28 +00:00
|
|
|
|
2002-01-24 16:02:54 +00:00
|
|
|
#define SC_PKCS15_TYPE_DATA_OBJECT 0x500
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2002-03-03 00:32:28 +00:00
|
|
|
#define SC_PKCS15_TYPE_AUTH 0x600
|
|
|
|
|
#define SC_PKCS15_TYPE_AUTH_PIN 0x601
|
2012-05-27 19:20:22 +00:00
|
|
|
#define SC_PKCS15_TYPE_AUTH_BIO 0x602
|
|
|
|
|
#define SC_PKCS15_TYPE_AUTH_AUTHKEY 0x603
|
2002-01-24 16:02:54 +00:00
|
|
|
|
2003-10-30 11:43:21 +00:00
|
|
|
#define SC_PKCS15_TYPE_TO_CLASS(t) (1 << ((t) >> 8))
|
2004-10-17 20:20:59 +00:00
|
|
|
#define SC_PKCS15_SEARCH_CLASS_PRKEY 0x0002U
|
|
|
|
|
#define SC_PKCS15_SEARCH_CLASS_PUBKEY 0x0004U
|
2012-05-27 19:20:22 +00:00
|
|
|
#define SC_PKCS15_SEARCH_CLASS_SKEY 0x0008U
|
2004-10-17 20:20:59 +00:00
|
|
|
#define SC_PKCS15_SEARCH_CLASS_CERT 0x0010U
|
|
|
|
|
#define SC_PKCS15_SEARCH_CLASS_DATA 0x0020U
|
|
|
|
|
#define SC_PKCS15_SEARCH_CLASS_AUTH 0x0040U
|
2003-10-30 11:43:21 +00:00
|
|
|
|
2002-01-16 23:59:18 +00:00
|
|
|
struct sc_pkcs15_object {
|
2005-08-05 16:24:35 +00:00
|
|
|
unsigned int type;
|
2002-03-03 00:32:28 +00:00
|
|
|
/* CommonObjectAttributes */
|
|
|
|
|
char label[SC_PKCS15_MAX_LABEL_SIZE]; /* zero terminated */
|
2004-10-17 20:20:59 +00:00
|
|
|
unsigned int flags;
|
2002-03-03 00:32:28 +00:00
|
|
|
struct sc_pkcs15_id auth_id;
|
|
|
|
|
|
2010-02-20 22:04:07 +00:00
|
|
|
int usage_counter;
|
2002-03-03 00:32:28 +00:00
|
|
|
int user_consent;
|
|
|
|
|
|
2010-07-06 09:09:04 +00:00
|
|
|
struct sc_pkcs15_accessrule access_rules[SC_PKCS15_MAX_ACCESS_RULES];
|
|
|
|
|
|
2002-03-03 00:32:28 +00:00
|
|
|
/* Object type specific data */
|
2002-01-16 23:59:18 +00:00
|
|
|
void *data;
|
2010-11-30 15:57:01 +00:00
|
|
|
/* emulated object pointer */
|
|
|
|
|
void *emulated;
|
2002-03-03 00:32:28 +00:00
|
|
|
|
2002-04-19 09:22:44 +00:00
|
|
|
struct sc_pkcs15_df *df; /* can be NULL, if object is 'floating' */
|
|
|
|
|
struct sc_pkcs15_object *next, *prev; /* used only internally */
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2010-02-09 14:45:07 +00:00
|
|
|
struct sc_pkcs15_der content;
|
2017-11-17 14:15:12 +00:00
|
|
|
|
|
|
|
|
int session_object; /* used internally. if nonzero, object is a session object. */
|
2002-01-16 23:59:18 +00:00
|
|
|
};
|
2002-04-04 09:20:19 +00:00
|
|
|
typedef struct sc_pkcs15_object sc_pkcs15_object_t;
|
2002-01-16 23:59:18 +00:00
|
|
|
|
2002-04-19 09:22:44 +00:00
|
|
|
/* PKCS #15 DF types */
|
2002-01-16 23:59:18 +00:00
|
|
|
#define SC_PKCS15_PRKDF 0
|
|
|
|
|
#define SC_PKCS15_PUKDF 1
|
|
|
|
|
#define SC_PKCS15_PUKDF_TRUSTED 2
|
|
|
|
|
#define SC_PKCS15_SKDF 3
|
|
|
|
|
#define SC_PKCS15_CDF 4
|
|
|
|
|
#define SC_PKCS15_CDF_TRUSTED 5
|
|
|
|
|
#define SC_PKCS15_CDF_USEFUL 6
|
|
|
|
|
#define SC_PKCS15_DODF 7
|
|
|
|
|
#define SC_PKCS15_AODF 8
|
|
|
|
|
#define SC_PKCS15_DF_TYPE_COUNT 9
|
2002-01-13 23:56:13 +00:00
|
|
|
|
2010-03-09 16:49:00 +00:00
|
|
|
struct sc_pkcs15_card;
|
|
|
|
|
|
2002-01-13 23:56:13 +00:00
|
|
|
struct sc_pkcs15_df {
|
2002-04-19 09:22:44 +00:00
|
|
|
struct sc_path path;
|
2005-08-05 16:24:35 +00:00
|
|
|
int record_length;
|
|
|
|
|
unsigned int type;
|
2002-03-03 00:32:28 +00:00
|
|
|
int enumerated;
|
2002-04-19 09:22:44 +00:00
|
|
|
|
|
|
|
|
struct sc_pkcs15_df *next, *prev;
|
2002-01-13 23:56:13 +00:00
|
|
|
};
|
2003-10-30 11:43:21 +00:00
|
|
|
typedef struct sc_pkcs15_df sc_pkcs15_df_t;
|
2002-01-13 23:56:13 +00:00
|
|
|
|
2005-12-17 19:53:12 +00:00
|
|
|
struct sc_pkcs15_unusedspace {
|
|
|
|
|
sc_path_t path;
|
|
|
|
|
sc_pkcs15_id_t auth_id;
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_unusedspace *next, *prev;
|
|
|
|
|
};
|
|
|
|
|
typedef struct sc_pkcs15_unusedspace sc_pkcs15_unusedspace_t;
|
|
|
|
|
|
2002-01-24 16:24:24 +00:00
|
|
|
#define SC_PKCS15_CARD_MAGIC 0x10203040
|
|
|
|
|
|
2010-03-04 16:19:41 +00:00
|
|
|
typedef struct sc_pkcs15_sec_env_info {
|
2006-10-30 18:51:48 +00:00
|
|
|
int se;
|
|
|
|
|
struct sc_object_id owner;
|
2011-01-05 15:42:36 +00:00
|
|
|
struct sc_aid aid;
|
2006-10-30 18:51:48 +00:00
|
|
|
} sc_pkcs15_sec_env_info_t;
|
|
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
typedef struct sc_pkcs15_last_update {
|
|
|
|
|
char *gtime;
|
|
|
|
|
struct sc_path path;
|
|
|
|
|
|
|
|
|
|
} sc_pkcs15_last_update_t;
|
|
|
|
|
|
|
|
|
|
typedef struct sc_pkcs15_profile_indication {
|
|
|
|
|
struct sc_object_id oid;
|
|
|
|
|
char *name;
|
|
|
|
|
} sc_pkcs15_profile_indication_t;
|
|
|
|
|
|
2010-03-04 16:19:41 +00:00
|
|
|
typedef struct sc_pkcs15_tokeninfo {
|
2006-03-07 07:22:58 +00:00
|
|
|
unsigned int version;
|
|
|
|
|
unsigned int flags;
|
|
|
|
|
char *label;
|
|
|
|
|
char *serial_number;
|
2012-05-27 19:20:22 +00:00
|
|
|
char *manufacturer_id;
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15_last_update last_update;
|
|
|
|
|
struct sc_pkcs15_profile_indication profile_indication;
|
|
|
|
|
|
2006-03-07 07:22:58 +00:00
|
|
|
char *preferred_language;
|
2006-10-30 18:51:48 +00:00
|
|
|
sc_pkcs15_sec_env_info_t **seInfo;
|
|
|
|
|
size_t num_seInfo;
|
2010-07-05 12:54:23 +00:00
|
|
|
|
|
|
|
|
struct sc_supported_algo_info supported_algos[SC_MAX_SUPPORTED_ALGORITHMS];
|
2006-03-07 07:22:58 +00:00
|
|
|
} sc_pkcs15_tokeninfo_t;
|
|
|
|
|
|
2010-03-13 19:48:09 +00:00
|
|
|
struct sc_pkcs15_operations {
|
|
|
|
|
int (*parse_df)(struct sc_pkcs15_card *, struct sc_pkcs15_df *);
|
2010-04-18 16:38:49 +00:00
|
|
|
void (*clear)(struct sc_pkcs15_card *);
|
2012-05-27 19:20:22 +00:00
|
|
|
int (*get_guid)(struct sc_pkcs15_card *, const struct sc_pkcs15_object *,
|
2013-04-28 10:58:01 +00:00
|
|
|
unsigned char *, size_t *);
|
2010-03-13 19:48:09 +00:00
|
|
|
};
|
|
|
|
|
|
2002-04-19 09:22:44 +00:00
|
|
|
typedef struct sc_pkcs15_card {
|
|
|
|
|
sc_card_t *card;
|
2004-10-17 16:46:34 +00:00
|
|
|
unsigned int flags;
|
2010-07-05 12:54:23 +00:00
|
|
|
|
2011-01-07 13:31:30 +00:00
|
|
|
struct sc_app_info *app;
|
|
|
|
|
|
2002-04-19 09:22:44 +00:00
|
|
|
sc_file_t *file_app;
|
2005-12-17 19:53:12 +00:00
|
|
|
sc_file_t *file_tokeninfo, *file_odf, *file_unusedspace;
|
2002-04-19 09:22:44 +00:00
|
|
|
|
|
|
|
|
struct sc_pkcs15_df *df_list;
|
|
|
|
|
struct sc_pkcs15_object *obj_list;
|
2010-10-05 15:44:58 +00:00
|
|
|
sc_pkcs15_tokeninfo_t *tokeninfo;
|
2005-12-17 19:53:12 +00:00
|
|
|
sc_pkcs15_unusedspace_t *unusedspace_list;
|
|
|
|
|
int unusedspace_read;
|
2002-04-19 09:22:44 +00:00
|
|
|
|
|
|
|
|
struct sc_pkcs15_card_opts {
|
2009-10-22 08:59:59 +00:00
|
|
|
int use_file_cache;
|
|
|
|
|
int use_pin_cache;
|
|
|
|
|
int pin_cache_counter;
|
2012-08-07 18:53:44 +00:00
|
|
|
int pin_cache_ignore_user_consent;
|
2019-03-06 12:10:34 +00:00
|
|
|
int private_certificate;
|
2002-04-19 09:22:44 +00:00
|
|
|
} opts;
|
2001-12-22 20:43:09 +00:00
|
|
|
|
2002-01-24 16:24:24 +00:00
|
|
|
unsigned int magic;
|
2003-10-31 12:26:24 +00:00
|
|
|
|
2013-04-08 10:39:03 +00:00
|
|
|
void *dll_handle; /* shared lib for emulated cards */
|
|
|
|
|
struct sc_md_data *md_data; /* minidriver specific data */
|
2010-03-13 19:48:09 +00:00
|
|
|
|
|
|
|
|
struct sc_pkcs15_operations ops;
|
|
|
|
|
|
2002-04-19 09:22:44 +00:00
|
|
|
} sc_pkcs15_card_t;
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2010-10-05 15:44:58 +00:00
|
|
|
/* flags suitable for sc_pkcs15_tokeninfo_t */
|
|
|
|
|
#define SC_PKCS15_TOKEN_READONLY 0x01
|
|
|
|
|
#define SC_PKCS15_TOKEN_LOGIN_REQUIRED 0x02 /* Don't use */
|
|
|
|
|
#define SC_PKCS15_TOKEN_PRN_GENERATION 0x04
|
|
|
|
|
#define SC_PKCS15_TOKEN_EID_COMPLIANT 0x08
|
|
|
|
|
|
2013-03-11 12:04:10 +00:00
|
|
|
/* flags suitable for struct sc_pkcs15_card */
|
2009-12-18 13:33:03 +00:00
|
|
|
#define SC_PKCS15_CARD_FLAG_EMULATED 0x02000000
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2019-03-06 12:10:34 +00:00
|
|
|
/* suitable for struct sc_pkcs15_card.opts.private_certificate */
|
|
|
|
|
#define SC_PKCS15_CARD_OPTS_PRIV_CERT_PROTECT 0
|
|
|
|
|
#define SC_PKCS15_CARD_OPTS_PRIV_CERT_IGNORE 1
|
|
|
|
|
#define SC_PKCS15_CARD_OPTS_PRIV_CERT_DECLASSIFY 2
|
|
|
|
|
|
2018-04-14 17:38:34 +00:00
|
|
|
/* X509 bits for certificate usage extension */
|
2017-04-25 13:10:55 +00:00
|
|
|
#define SC_X509_DIGITAL_SIGNATURE 0x0001UL
|
|
|
|
|
#define SC_X509_NON_REPUDIATION 0x0002UL
|
|
|
|
|
#define SC_X509_KEY_ENCIPHERMENT 0x0004UL
|
|
|
|
|
#define SC_X509_DATA_ENCIPHERMENT 0x0008UL
|
|
|
|
|
#define SC_X509_KEY_AGREEMENT 0x0010UL
|
|
|
|
|
#define SC_X509_KEY_CERT_SIGN 0x0020UL
|
|
|
|
|
#define SC_X509_CRL_SIGN 0x0040UL
|
|
|
|
|
#define SC_X509_ENCIPHER_ONLY 0x0080UL
|
|
|
|
|
#define SC_X509_DECIPHER_ONLY 0x0100UL
|
|
|
|
|
|
|
|
|
|
|
2002-01-10 12:33:56 +00:00
|
|
|
/* sc_pkcs15_bind: Binds a card object to a PKCS #15 card object
|
2002-03-03 00:32:28 +00:00
|
|
|
* and initializes a new PKCS #15 card object. Will return
|
2002-01-10 12:33:56 +00:00
|
|
|
* SC_ERROR_PKCS15_APP_NOT_FOUND, if the card hasn't got a
|
|
|
|
|
* valid PKCS #15 file structure. */
|
2011-01-05 14:21:04 +00:00
|
|
|
int sc_pkcs15_bind(struct sc_card *card, struct sc_aid *aid,
|
2001-11-01 15:43:20 +00:00
|
|
|
struct sc_pkcs15_card **pkcs15_card);
|
2002-04-19 14:23:31 +00:00
|
|
|
/* sc_pkcs15_unbind: Releases a PKCS #15 card object, and frees any
|
2002-01-10 12:33:56 +00:00
|
|
|
* memory allocations done on the card object. */
|
2001-12-21 23:34:47 +00:00
|
|
|
int sc_pkcs15_unbind(struct sc_pkcs15_card *card);
|
2015-04-04 01:02:54 +00:00
|
|
|
int sc_pkcs15_bind_internal(struct sc_pkcs15_card *p15card, struct sc_aid *aid);
|
2001-11-20 22:21:58 +00:00
|
|
|
|
2005-08-05 16:24:35 +00:00
|
|
|
int sc_pkcs15_get_objects(struct sc_pkcs15_card *card, unsigned int type,
|
|
|
|
|
struct sc_pkcs15_object **ret, size_t ret_count);
|
|
|
|
|
int sc_pkcs15_get_objects_cond(struct sc_pkcs15_card *card, unsigned int type,
|
2002-03-03 00:32:28 +00:00
|
|
|
int (* func)(struct sc_pkcs15_object *, void *),
|
|
|
|
|
void *func_arg,
|
2005-08-05 16:24:35 +00:00
|
|
|
struct sc_pkcs15_object **ret, size_t ret_count);
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15_find_object_by_id(struct sc_pkcs15_card *, unsigned int,
|
2003-10-30 11:43:21 +00:00
|
|
|
const sc_pkcs15_id_t *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_object **);
|
2002-03-03 00:32:28 +00:00
|
|
|
|
2002-08-21 10:22:48 +00:00
|
|
|
struct sc_pkcs15_card * sc_pkcs15_card_new(void);
|
2002-01-16 23:59:18 +00:00
|
|
|
void sc_pkcs15_card_free(struct sc_pkcs15_card *p15card);
|
2013-03-11 12:04:10 +00:00
|
|
|
void sc_pkcs15_card_clear(struct sc_pkcs15_card *p15card);
|
2017-09-15 09:47:10 +00:00
|
|
|
struct sc_pkcs15_tokeninfo * sc_pkcs15_tokeninfo_new(void);
|
|
|
|
|
void sc_pkcs15_free_tokeninfo(struct sc_pkcs15_tokeninfo *tokeninfo);
|
2002-01-16 23:59:18 +00:00
|
|
|
|
2001-11-20 22:21:58 +00:00
|
|
|
int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card,
|
2002-03-08 05:59:57 +00:00
|
|
|
const struct sc_pkcs15_object *prkey_obj,
|
2002-04-23 08:17:06 +00:00
|
|
|
unsigned long flags,
|
2002-01-20 21:20:09 +00:00
|
|
|
const u8 *in, size_t inlen, u8 *out, size_t outlen);
|
2001-11-21 21:19:58 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
int sc_pkcs15_derive(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_pkcs15_object *prkey_obj,
|
|
|
|
|
unsigned long flags,
|
2019-06-13 05:54:54 +00:00
|
|
|
const u8 *in, size_t inlen, u8 *out, size_t *poutlen);
|
2012-05-27 19:20:22 +00:00
|
|
|
|
2017-09-22 12:03:31 +00:00
|
|
|
int sc_pkcs15_unwrap(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_pkcs15_object *key,
|
|
|
|
|
struct sc_pkcs15_object *target_key,
|
|
|
|
|
unsigned long flags,
|
2018-04-06 11:15:10 +00:00
|
|
|
const u8 * in, size_t inlen,
|
|
|
|
|
const u8 * param, size_t paramlen);
|
2017-09-22 12:03:31 +00:00
|
|
|
|
2017-11-17 14:15:12 +00:00
|
|
|
int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_pkcs15_object *key,
|
|
|
|
|
struct sc_pkcs15_object *target_key,
|
|
|
|
|
unsigned long flags,
|
2019-06-13 05:54:54 +00:00
|
|
|
u8 * cryptogram, size_t* crgram_len,
|
2018-04-06 11:15:10 +00:00
|
|
|
const u8 * param, size_t paramlen);
|
2017-11-17 14:15:12 +00:00
|
|
|
|
2001-11-21 21:19:58 +00:00
|
|
|
int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
|
2002-03-08 05:59:57 +00:00
|
|
|
const struct sc_pkcs15_object *prkey_obj,
|
|
|
|
|
unsigned long alg_flags, const u8 *in,
|
|
|
|
|
size_t inlen, u8 *out, size_t outlen);
|
2001-11-20 22:21:58 +00:00
|
|
|
|
2009-11-13 09:45:21 +00:00
|
|
|
int sc_pkcs15_read_pubkey(struct sc_pkcs15_card *,
|
2013-03-11 12:04:10 +00:00
|
|
|
const struct sc_pkcs15_object *, struct sc_pkcs15_pubkey **);
|
2009-11-13 09:45:21 +00:00
|
|
|
int sc_pkcs15_decode_pubkey_rsa(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey_rsa *, const u8 *, size_t);
|
2002-04-15 13:42:10 +00:00
|
|
|
int sc_pkcs15_encode_pubkey_rsa(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey_rsa *, u8 **, size_t *);
|
2009-11-13 09:45:21 +00:00
|
|
|
int sc_pkcs15_decode_pubkey_dsa(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey_dsa *, const u8 *, size_t);
|
2002-04-17 18:33:27 +00:00
|
|
|
int sc_pkcs15_encode_pubkey_dsa(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey_dsa *, u8 **, size_t *);
|
|
|
|
|
int sc_pkcs15_decode_pubkey_gostr3410(struct sc_context *,
|
2010-03-28 09:41:34 +00:00
|
|
|
struct sc_pkcs15_pubkey_gostr3410 *, const u8 *, size_t);
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15_encode_pubkey_gostr3410(struct sc_context *,
|
2010-03-28 09:41:34 +00:00
|
|
|
struct sc_pkcs15_pubkey_gostr3410 *, u8 **, size_t *);
|
2010-11-30 19:13:48 +00:00
|
|
|
int sc_pkcs15_decode_pubkey_ec(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey_ec *, const u8 *, size_t);
|
2010-11-30 19:13:48 +00:00
|
|
|
int sc_pkcs15_encode_pubkey_ec(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey_ec *, u8 **, size_t *);
|
2020-02-24 17:29:32 +00:00
|
|
|
int sc_pkcs15_encode_pubkey_eddsa(struct sc_context *,
|
|
|
|
|
struct sc_pkcs15_pubkey_eddsa *, u8 **, size_t *);
|
2002-04-17 18:33:27 +00:00
|
|
|
int sc_pkcs15_decode_pubkey(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey *, const u8 *, size_t);
|
2002-04-15 13:42:10 +00:00
|
|
|
int sc_pkcs15_encode_pubkey(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey *, u8 **, size_t *);
|
2017-09-22 12:03:31 +00:00
|
|
|
int sc_pkcs15_encode_pubkey_as_spki(struct sc_context *,
|
2013-11-15 10:38:51 +00:00
|
|
|
struct sc_pkcs15_pubkey *, u8 **, size_t *);
|
2009-11-13 09:45:21 +00:00
|
|
|
void sc_pkcs15_erase_pubkey(struct sc_pkcs15_pubkey *);
|
|
|
|
|
void sc_pkcs15_free_pubkey(struct sc_pkcs15_pubkey *);
|
2012-05-27 19:20:22 +00:00
|
|
|
int sc_pkcs15_pubkey_from_prvkey(struct sc_context *, struct sc_pkcs15_prkey *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey **);
|
2014-09-03 15:25:36 +00:00
|
|
|
int sc_pkcs15_dup_pubkey(struct sc_context *, struct sc_pkcs15_pubkey *,
|
|
|
|
|
struct sc_pkcs15_pubkey **);
|
2012-05-27 19:20:22 +00:00
|
|
|
int sc_pkcs15_pubkey_from_cert(struct sc_context *, struct sc_pkcs15_der *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey **);
|
2014-02-16 21:35:52 +00:00
|
|
|
int sc_pkcs15_pubkey_from_spki_file(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
char *, struct sc_pkcs15_pubkey ** );
|
2014-02-16 21:35:52 +00:00
|
|
|
int sc_pkcs15_pubkey_from_spki_fields(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_pubkey **, u8 *, size_t, int);
|
2002-04-17 20:45:15 +00:00
|
|
|
int sc_pkcs15_encode_prkey(struct sc_context *,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_prkey *, u8 **, size_t *);
|
2002-04-18 10:59:35 +00:00
|
|
|
void sc_pkcs15_free_prkey(struct sc_pkcs15_prkey *prkey);
|
2011-05-01 19:18:14 +00:00
|
|
|
void sc_pkcs15_free_key_params(struct sc_pkcs15_key_params *params);
|
2002-03-08 19:47:26 +00:00
|
|
|
|
2002-12-18 10:17:01 +00:00
|
|
|
int sc_pkcs15_read_data_object(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_pkcs15_data_info *info,
|
|
|
|
|
struct sc_pkcs15_data **data_object_out);
|
|
|
|
|
int sc_pkcs15_find_data_object_by_id(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2005-08-03 09:05:09 +00:00
|
|
|
int sc_pkcs15_find_data_object_by_app_oid(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_object_id *app_oid,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2008-12-28 21:28:53 +00:00
|
|
|
int sc_pkcs15_find_data_object_by_name(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const char *app_label,
|
|
|
|
|
const char *label,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2002-12-18 10:17:01 +00:00
|
|
|
void sc_pkcs15_free_data_object(struct sc_pkcs15_data *data_object);
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
int sc_pkcs15_read_certificate(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_cert_info *info,
|
|
|
|
|
struct sc_pkcs15_cert **cert);
|
|
|
|
|
void sc_pkcs15_free_certificate(struct sc_pkcs15_cert *cert);
|
2001-11-21 21:19:58 +00:00
|
|
|
int sc_pkcs15_find_cert_by_id(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
2002-03-03 00:32:28 +00:00
|
|
|
struct sc_pkcs15_object **out);
|
2016-08-15 11:38:29 +00:00
|
|
|
int sc_pkcs15_get_name_from_dn(struct sc_context *ctx,
|
|
|
|
|
const u8 *dn, size_t dn_len,
|
|
|
|
|
const struct sc_object_id *type,
|
|
|
|
|
u8 **name, size_t *name_len);
|
2019-08-12 12:02:24 +00:00
|
|
|
int sc_pkcs15_map_usage(unsigned int cert_usage, int algorithm,
|
|
|
|
|
unsigned int *pub_usage_ptr, unsigned int *pr_usage_ptr,
|
|
|
|
|
int allow_nonrepudiation);
|
2016-08-15 11:38:29 +00:00
|
|
|
int sc_pkcs15_get_extension(struct sc_context *ctx,
|
|
|
|
|
struct sc_pkcs15_cert *cert,
|
|
|
|
|
const struct sc_object_id *type,
|
|
|
|
|
u8 **ext_val, size_t *ext_val_len,
|
|
|
|
|
int *is_critical);
|
|
|
|
|
int sc_pkcs15_get_bitstring_extension(struct sc_context *ctx,
|
|
|
|
|
struct sc_pkcs15_cert *cert,
|
|
|
|
|
const struct sc_object_id *type,
|
2017-08-31 19:27:47 +00:00
|
|
|
unsigned int *value,
|
2016-08-15 11:38:29 +00:00
|
|
|
int *is_critical);
|
2002-01-10 12:33:56 +00:00
|
|
|
/* sc_pkcs15_create_cdf: Creates a new certificate DF on a card pointed
|
|
|
|
|
* by <card>. Information about the file, such as the file ID, is read
|
|
|
|
|
* from <file>. <certs> has to be NULL-terminated. */
|
|
|
|
|
int sc_pkcs15_create_cdf(struct sc_pkcs15_card *card,
|
|
|
|
|
struct sc_file *file,
|
|
|
|
|
const struct sc_pkcs15_cert_info **certs);
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2001-11-20 22:21:58 +00:00
|
|
|
int sc_pkcs15_find_prkey_by_id(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
2002-03-03 00:32:28 +00:00
|
|
|
struct sc_pkcs15_object **out);
|
2003-04-17 12:38:08 +00:00
|
|
|
int sc_pkcs15_find_prkey_by_id_usage(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
|
|
|
|
unsigned int usage,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15_find_prkey_by_reference(struct sc_pkcs15_card *,
|
2003-10-13 14:35:27 +00:00
|
|
|
const sc_path_t *, int,
|
2013-03-11 12:04:10 +00:00
|
|
|
struct sc_pkcs15_object **);
|
2002-04-18 10:59:35 +00:00
|
|
|
int sc_pkcs15_find_pubkey_by_id(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2012-05-27 19:20:22 +00:00
|
|
|
int sc_pkcs15_find_skey_by_id(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2001-11-01 15:43:20 +00:00
|
|
|
|
|
|
|
|
int sc_pkcs15_verify_pin(struct sc_pkcs15_card *card,
|
2010-03-10 09:23:01 +00:00
|
|
|
struct sc_pkcs15_object *pin_obj,
|
2002-03-03 00:32:28 +00:00
|
|
|
const u8 *pincode, size_t pinlen);
|
2017-03-01 16:53:44 +00:00
|
|
|
int sc_pkcs15_verify_pin_with_session_pin(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *pin_obj,
|
|
|
|
|
const unsigned char *pincode, size_t pinlen,
|
|
|
|
|
const unsigned char *sessionpin, size_t *sessionpinlen);
|
2001-11-01 15:43:20 +00:00
|
|
|
int sc_pkcs15_change_pin(struct sc_pkcs15_card *card,
|
2010-03-10 09:23:01 +00:00
|
|
|
struct sc_pkcs15_object *pin_obj,
|
2002-03-03 00:32:28 +00:00
|
|
|
const u8 *oldpincode, size_t oldpinlen,
|
|
|
|
|
const u8 *newpincode, size_t newpinlen);
|
2003-04-14 14:51:42 +00:00
|
|
|
int sc_pkcs15_unblock_pin(struct sc_pkcs15_card *card,
|
2010-03-10 09:23:01 +00:00
|
|
|
struct sc_pkcs15_object *pin_obj,
|
2003-04-14 14:51:42 +00:00
|
|
|
const u8 *puk, size_t puklen,
|
|
|
|
|
const u8 *newpin, size_t newpinlen);
|
2016-06-10 11:41:18 +00:00
|
|
|
int sc_pkcs15_get_pin_info(struct sc_pkcs15_card *card,
|
|
|
|
|
struct sc_pkcs15_object *pin_obj);
|
2001-11-20 22:21:58 +00:00
|
|
|
int sc_pkcs15_find_pin_by_auth_id(struct sc_pkcs15_card *card,
|
|
|
|
|
const struct sc_pkcs15_id *id,
|
2002-03-03 00:32:28 +00:00
|
|
|
struct sc_pkcs15_object **out);
|
2003-05-15 11:27:38 +00:00
|
|
|
int sc_pkcs15_find_pin_by_reference(struct sc_pkcs15_card *card,
|
2003-10-21 11:02:48 +00:00
|
|
|
const sc_path_t *path, int reference,
|
2003-05-15 11:27:38 +00:00
|
|
|
struct sc_pkcs15_object **out);
|
2010-02-20 22:04:07 +00:00
|
|
|
int sc_pkcs15_find_pin_by_type_and_reference(struct sc_pkcs15_card *card,
|
2012-05-25 07:13:40 +00:00
|
|
|
const sc_path_t *path, unsigned auth_method,
|
2010-02-20 22:04:07 +00:00
|
|
|
int reference,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2002-04-08 15:45:28 +00:00
|
|
|
int sc_pkcs15_find_so_pin(struct sc_pkcs15_card *card,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2012-05-25 07:13:40 +00:00
|
|
|
int sc_pkcs15_find_pin_by_flags(struct sc_pkcs15_card *p15card,
|
2012-05-27 19:20:22 +00:00
|
|
|
unsigned flags, unsigned mask, int *index,
|
|
|
|
|
struct sc_pkcs15_object **out);
|
2010-02-20 22:04:07 +00:00
|
|
|
|
2012-05-25 07:13:40 +00:00
|
|
|
void sc_pkcs15_pincache_add(struct sc_pkcs15_card *, struct sc_pkcs15_object *,
|
2010-03-10 09:23:01 +00:00
|
|
|
const u8 *, size_t);
|
2012-05-25 07:13:40 +00:00
|
|
|
int sc_pkcs15_pincache_revalidate(struct sc_pkcs15_card *p15card,
|
2013-03-11 12:04:10 +00:00
|
|
|
const struct sc_pkcs15_object *obj);
|
2009-10-22 08:59:59 +00:00
|
|
|
void sc_pkcs15_pincache_clear(struct sc_pkcs15_card *p15card);
|
2001-11-01 15:43:20 +00:00
|
|
|
|
2002-02-21 18:53:23 +00:00
|
|
|
int sc_pkcs15_encode_dir(struct sc_context *ctx,
|
|
|
|
|
struct sc_pkcs15_card *card,
|
|
|
|
|
u8 **buf, size_t *buflen);
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15_parse_tokeninfo(struct sc_context *ctx,
|
2006-03-07 07:22:58 +00:00
|
|
|
sc_pkcs15_tokeninfo_t *ti,
|
|
|
|
|
const u8 *buf, size_t blen);
|
2002-02-21 18:53:23 +00:00
|
|
|
int sc_pkcs15_encode_tokeninfo(struct sc_context *ctx,
|
2006-03-07 07:22:58 +00:00
|
|
|
sc_pkcs15_tokeninfo_t *ti,
|
2002-02-21 18:53:23 +00:00
|
|
|
u8 **buf, size_t *buflen);
|
|
|
|
|
int sc_pkcs15_encode_odf(struct sc_context *ctx,
|
|
|
|
|
struct sc_pkcs15_card *card,
|
|
|
|
|
u8 **buf, size_t *buflen);
|
2002-01-17 23:47:03 +00:00
|
|
|
int sc_pkcs15_encode_df(struct sc_context *ctx,
|
2002-04-19 09:22:44 +00:00
|
|
|
struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_df *df,
|
2002-01-16 23:59:18 +00:00
|
|
|
u8 **buf, size_t *bufsize);
|
2002-01-17 23:47:03 +00:00
|
|
|
int sc_pkcs15_encode_cdf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *bufsize);
|
|
|
|
|
int sc_pkcs15_encode_prkdf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *bufsize);
|
2002-03-03 00:32:28 +00:00
|
|
|
int sc_pkcs15_encode_pukdf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *bufsize);
|
2017-04-14 07:24:41 +00:00
|
|
|
int sc_pkcs15_encode_skdf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *buflen);
|
2002-12-18 10:17:01 +00:00
|
|
|
int sc_pkcs15_encode_dodf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *bufsize);
|
2002-01-17 23:47:03 +00:00
|
|
|
int sc_pkcs15_encode_aodf_entry(struct sc_context *ctx,
|
|
|
|
|
const struct sc_pkcs15_object *obj, u8 **buf,
|
|
|
|
|
size_t *bufsize);
|
2002-01-16 23:59:18 +00:00
|
|
|
|
2002-01-24 16:02:54 +00:00
|
|
|
int sc_pkcs15_parse_df(struct sc_pkcs15_card *p15card,
|
2002-04-19 09:22:44 +00:00
|
|
|
struct sc_pkcs15_df *df);
|
2002-01-24 16:02:54 +00:00
|
|
|
int sc_pkcs15_read_df(struct sc_pkcs15_card *p15card,
|
2002-04-19 09:22:44 +00:00
|
|
|
struct sc_pkcs15_df *df);
|
2002-01-24 16:02:54 +00:00
|
|
|
int sc_pkcs15_decode_cdf_entry(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *obj,
|
|
|
|
|
const u8 **buf, size_t *bufsize);
|
2002-12-18 10:17:01 +00:00
|
|
|
int sc_pkcs15_decode_dodf_entry(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *obj,
|
|
|
|
|
const u8 **buf, size_t *bufsize);
|
2002-01-24 16:02:54 +00:00
|
|
|
int sc_pkcs15_decode_aodf_entry(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *obj,
|
|
|
|
|
const u8 **buf, size_t *bufsize);
|
|
|
|
|
int sc_pkcs15_decode_prkdf_entry(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *obj,
|
|
|
|
|
const u8 **buf, size_t *bufsize);
|
2002-03-07 12:33:42 +00:00
|
|
|
int sc_pkcs15_decode_pukdf_entry(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *obj,
|
|
|
|
|
const u8 **buf, size_t *bufsize);
|
2012-05-27 19:20:22 +00:00
|
|
|
int sc_pkcs15_decode_skdf_entry(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *obj,
|
|
|
|
|
const u8 **buf, size_t *bufsize);
|
2002-01-24 16:02:54 +00:00
|
|
|
|
2002-04-19 09:22:44 +00:00
|
|
|
int sc_pkcs15_add_object(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *obj);
|
|
|
|
|
void sc_pkcs15_remove_object(struct sc_pkcs15_card *p15card,
|
|
|
|
|
struct sc_pkcs15_object *obj);
|
2011-04-10 04:09:33 +00:00
|
|
|
int sc_pkcs15_add_df(struct sc_pkcs15_card *, unsigned int, const sc_path_t *);
|
2002-04-19 09:22:44 +00:00
|
|
|
|
2005-12-17 19:53:12 +00:00
|
|
|
int sc_pkcs15_add_unusedspace(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const sc_path_t *path, const sc_pkcs15_id_t *auth_id);
|
|
|
|
|
int sc_pkcs15_parse_unusedspace(const u8 * buf, size_t buflen,
|
|
|
|
|
struct sc_pkcs15_card *card);
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15_encode_unusedspace(struct sc_context *ctx,
|
2005-12-17 19:53:12 +00:00
|
|
|
struct sc_pkcs15_card *p15card,
|
|
|
|
|
u8 **buf, size_t *buflen);
|
|
|
|
|
|
2018-04-14 17:38:34 +00:00
|
|
|
/* Deduce private key attributes from corresponding certificate */
|
2012-05-27 19:20:22 +00:00
|
|
|
int sc_pkcs15_prkey_attrs_from_cert(struct sc_pkcs15_card *, struct sc_pkcs15_object *,
|
|
|
|
|
struct sc_pkcs15_object **);
|
|
|
|
|
|
2004-12-18 14:14:57 +00:00
|
|
|
void sc_pkcs15_free_prkey_info(sc_pkcs15_prkey_info_t *key);
|
|
|
|
|
void sc_pkcs15_free_pubkey_info(sc_pkcs15_pubkey_info_t *key);
|
|
|
|
|
void sc_pkcs15_free_cert_info(sc_pkcs15_cert_info_t *cert);
|
|
|
|
|
void sc_pkcs15_free_data_info(sc_pkcs15_data_info_t *data);
|
2011-06-05 15:46:25 +00:00
|
|
|
void sc_pkcs15_free_auth_info(sc_pkcs15_auth_info_t *auth_info);
|
2013-03-11 12:04:10 +00:00
|
|
|
void sc_pkcs15_free_object(struct sc_pkcs15_object *obj);
|
2004-12-18 14:14:57 +00:00
|
|
|
|
2002-04-17 09:00:52 +00:00
|
|
|
/* Generic file i/o */
|
|
|
|
|
int sc_pkcs15_read_file(struct sc_pkcs15_card *p15card,
|
2002-04-19 09:22:44 +00:00
|
|
|
const struct sc_path *path,
|
2011-06-05 11:08:36 +00:00
|
|
|
u8 **buf, size_t *buflen);
|
2002-04-17 09:00:52 +00:00
|
|
|
|
2002-01-24 16:02:54 +00:00
|
|
|
/* Caching functions */
|
|
|
|
|
int sc_pkcs15_read_cached_file(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_path *path,
|
|
|
|
|
u8 **buf, size_t *bufsize);
|
|
|
|
|
int sc_pkcs15_cache_file(struct sc_pkcs15_card *p15card,
|
|
|
|
|
const struct sc_path *path,
|
|
|
|
|
const u8 *buf, size_t bufsize);
|
2002-04-19 09:22:44 +00:00
|
|
|
|
|
|
|
|
/* PKCS #15 ID handling functions */
|
|
|
|
|
int sc_pkcs15_compare_id(const struct sc_pkcs15_id *id1,
|
|
|
|
|
const struct sc_pkcs15_id *id2);
|
2003-11-19 20:31:52 +00:00
|
|
|
const char *sc_pkcs15_print_id(const struct sc_pkcs15_id *id);
|
2002-04-19 09:22:44 +00:00
|
|
|
void sc_pkcs15_format_id(const char *id_in, struct sc_pkcs15_id *id_out);
|
|
|
|
|
int sc_pkcs15_hex_string_to_id(const char *in, struct sc_pkcs15_id *out);
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_der_copy(struct sc_pkcs15_der *, const struct sc_pkcs15_der *);
|
2011-04-07 16:42:23 +00:00
|
|
|
int sc_pkcs15_get_object_id(const struct sc_pkcs15_object *, struct sc_pkcs15_id *);
|
2013-12-26 16:18:32 +00:00
|
|
|
int sc_pkcs15_get_object_guid(struct sc_pkcs15_card *, const struct sc_pkcs15_object *, unsigned,
|
2013-04-28 10:58:01 +00:00
|
|
|
unsigned char *, size_t *);
|
2013-12-26 16:18:32 +00:00
|
|
|
int sc_pkcs15_serialize_guid(unsigned char *, size_t, unsigned, char *, size_t);
|
2012-05-27 19:20:22 +00:00
|
|
|
int sc_encode_oid (struct sc_context *, struct sc_object_id *,
|
2011-04-21 14:12:03 +00:00
|
|
|
unsigned char **, size_t *);
|
2011-04-07 16:42:23 +00:00
|
|
|
|
2012-05-23 06:50:18 +00:00
|
|
|
/* Get application by type: 'protected', 'generic' */
|
|
|
|
|
struct sc_app_info *sc_pkcs15_get_application_by_type(struct sc_card *, char *);
|
|
|
|
|
|
2006-09-26 10:55:02 +00:00
|
|
|
/* Prepend 'parent' to 'child' in case 'child' is a relative path */
|
|
|
|
|
int sc_pkcs15_make_absolute_path(const sc_path_t *parent, sc_path_t *child);
|
2002-04-19 09:22:44 +00:00
|
|
|
|
2010-02-20 22:04:07 +00:00
|
|
|
/* Clean and free object content */
|
2010-02-09 14:45:07 +00:00
|
|
|
void sc_pkcs15_free_object_content(struct sc_pkcs15_object *);
|
2011-04-07 16:42:23 +00:00
|
|
|
|
2010-02-20 22:04:07 +00:00
|
|
|
/* Allocate and set object content */
|
2011-10-05 09:20:04 +00:00
|
|
|
int sc_pkcs15_allocate_object_content(struct sc_context *, struct sc_pkcs15_object *,
|
2010-02-09 14:45:07 +00:00
|
|
|
const unsigned char *, size_t);
|
|
|
|
|
|
2018-11-09 07:51:40 +00:00
|
|
|
/* find algorithm from card's supported algorithms by operation and mechanism */
|
2011-01-13 14:05:19 +00:00
|
|
|
struct sc_supported_algo_info *sc_pkcs15_get_supported_algo(struct sc_pkcs15_card *,
|
2018-11-09 07:51:40 +00:00
|
|
|
unsigned operation, unsigned mechanism);
|
|
|
|
|
|
|
|
|
|
/* find algorithm from card's supported algorithms by operation, mechanism and object_id */
|
|
|
|
|
struct sc_supported_algo_info *sc_pkcs15_get_specific_supported_algo(struct sc_pkcs15_card *,
|
|
|
|
|
unsigned operation, unsigned mechanism, const struct sc_object_id *algo_oid);
|
|
|
|
|
|
2011-01-13 14:05:19 +00:00
|
|
|
int sc_pkcs15_add_supported_algo_ref(struct sc_pkcs15_object *,
|
|
|
|
|
struct sc_supported_algo_info *);
|
|
|
|
|
|
2015-02-14 16:47:59 +00:00
|
|
|
int sc_pkcs15_fix_ec_parameters(struct sc_context *, struct sc_ec_parameters *);
|
2011-04-22 13:35:57 +00:00
|
|
|
|
2012-05-27 19:20:22 +00:00
|
|
|
/* Convert the OpenSSL key data type into the OpenSC key */
|
|
|
|
|
int sc_pkcs15_convert_bignum(sc_pkcs15_bignum_t *dst, const void *bignum);
|
|
|
|
|
int sc_pkcs15_convert_prkey(struct sc_pkcs15_prkey *key, void *evp_key);
|
|
|
|
|
int sc_pkcs15_convert_pubkey(struct sc_pkcs15_pubkey *key, void *evp_key);
|
|
|
|
|
|
|
|
|
|
/* Get 'LastUpdate' string */
|
|
|
|
|
char *sc_pkcs15_get_lastupdate(struct sc_pkcs15_card *p15card);
|
|
|
|
|
|
2013-12-29 21:00:12 +00:00
|
|
|
/* Allocate generalized time string */
|
|
|
|
|
int sc_pkcs15_get_generalized_time(struct sc_context *ctx, char **out);
|
|
|
|
|
|
2003-10-30 11:43:21 +00:00
|
|
|
/* New object search API.
|
|
|
|
|
* More complex, but also more powerful.
|
|
|
|
|
*/
|
|
|
|
|
typedef struct sc_pkcs15_search_key {
|
|
|
|
|
unsigned int class_mask;
|
|
|
|
|
unsigned int type;
|
|
|
|
|
const sc_pkcs15_id_t * id;
|
2005-08-03 09:05:09 +00:00
|
|
|
const struct sc_object_id *app_oid;
|
2003-10-30 11:43:21 +00:00
|
|
|
const sc_path_t * path;
|
|
|
|
|
unsigned int usage_mask, usage_value;
|
|
|
|
|
unsigned int flags_mask, flags_value;
|
|
|
|
|
|
|
|
|
|
unsigned int match_reference : 1;
|
|
|
|
|
int reference;
|
2008-12-28 21:28:53 +00:00
|
|
|
const char * app_label;
|
|
|
|
|
const char * label;
|
2003-10-30 11:43:21 +00:00
|
|
|
} sc_pkcs15_search_key_t;
|
|
|
|
|
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15_search_objects(struct sc_pkcs15_card *, sc_pkcs15_search_key_t *,
|
|
|
|
|
struct sc_pkcs15_object **, size_t);
|
2003-10-30 11:43:21 +00:00
|
|
|
|
2016-04-05 17:44:37 +00:00
|
|
|
extern int sc_pkcs15_bind_synthetic(struct sc_pkcs15_card *, struct sc_aid *);
|
2007-01-05 16:20:50 +00:00
|
|
|
extern int sc_pkcs15_is_emulation_only(sc_card_t *);
|
2003-10-31 12:26:24 +00:00
|
|
|
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15emu_object_add(struct sc_pkcs15_card *, unsigned int,
|
|
|
|
|
const struct sc_pkcs15_object *, const void *);
|
2005-02-02 21:18:54 +00:00
|
|
|
/* some wrapper functions for sc_pkcs15emu_object_add */
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15emu_add_pin_obj(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_auth_info_t *);
|
|
|
|
|
int sc_pkcs15emu_add_rsa_prkey(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_prkey_info_t *);
|
|
|
|
|
int sc_pkcs15emu_add_rsa_pubkey(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_pubkey_info_t *);
|
|
|
|
|
int sc_pkcs15emu_add_ec_prkey(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_prkey_info_t *);
|
|
|
|
|
int sc_pkcs15emu_add_ec_pubkey(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_pubkey_info_t *);
|
2020-02-24 17:29:32 +00:00
|
|
|
int sc_pkcs15emu_add_eddsa_prkey(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_prkey_info_t *);
|
|
|
|
|
int sc_pkcs15emu_add_eddsa_pubkey(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_pubkey_info_t *);
|
|
|
|
|
int sc_pkcs15emu_add_xeddsa_prkey(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_prkey_info_t *);
|
|
|
|
|
int sc_pkcs15emu_add_xeddsa_pubkey(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_pubkey_info_t *);
|
2013-03-11 12:04:10 +00:00
|
|
|
int sc_pkcs15emu_add_x509_cert(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_cert_info_t *);
|
|
|
|
|
int sc_pkcs15emu_add_data_object(struct sc_pkcs15_card *,
|
|
|
|
|
const struct sc_pkcs15_object *, const sc_pkcs15_data_info_t *);
|
2005-02-02 21:18:54 +00:00
|
|
|
|
2005-02-02 10:21:10 +00:00
|
|
|
#ifdef __cplusplus
|
2001-12-08 15:27:40 +00:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2001-11-01 15:43:20 +00:00
|
|
|
#endif
|
