2007-11-12 10:18:54 +00:00
|
|
|
/*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Initially written by David Mattes (david.mattes@boeing.com) */
|
2007-11-13 07:52:43 +00:00
|
|
|
|
2010-03-04 08:14:36 +00:00
|
|
|
#include "config.h"
|
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
|
2010-03-04 08:14:36 +00:00
|
|
|
#include "internal.h"
|
|
|
|
#include "pkcs15.h"
|
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
#define MANU_ID "Gemplus"
|
|
|
|
#define APPLET_NAME "GemSAFE V1"
|
|
|
|
#define DRIVER_SERIAL_NUMBER "v0.9"
|
|
|
|
|
|
|
|
int sc_pkcs15emu_gemsafeV1_init_ex(sc_pkcs15_card_t *, sc_pkcs15emu_opt_t *);
|
|
|
|
|
|
|
|
static int
|
|
|
|
sc_pkcs15emu_add_cert(sc_pkcs15_card_t *p15card,
|
|
|
|
int type, int authority,
|
|
|
|
const sc_path_t *path,
|
|
|
|
const sc_pkcs15_id_t *id,
|
|
|
|
const char *label, int obj_flags);
|
|
|
|
|
|
|
|
static int
|
|
|
|
sc_pkcs15emu_add_pin(sc_pkcs15_card_t *p15card,
|
|
|
|
const sc_pkcs15_id_t *id, const char *label,
|
|
|
|
const sc_path_t *path, int ref, int type,
|
|
|
|
unsigned int min_length,
|
|
|
|
unsigned int max_length,
|
|
|
|
int flags, int tries_left, const char pad_char, int obj_flags);
|
|
|
|
|
|
|
|
static int
|
|
|
|
sc_pkcs15emu_add_prkey(sc_pkcs15_card_t *p15card,
|
|
|
|
const sc_pkcs15_id_t *id,
|
|
|
|
const char *label,
|
|
|
|
int type, unsigned int modulus_length, int usage,
|
|
|
|
const sc_path_t *path, int ref,
|
|
|
|
const sc_pkcs15_id_t *auth_id, int obj_flags);
|
|
|
|
|
|
|
|
typedef struct cdata_st {
|
|
|
|
const char *label;
|
|
|
|
int authority;
|
|
|
|
const char *path;
|
|
|
|
const char *id;
|
|
|
|
int obj_flags;
|
|
|
|
} cdata;
|
|
|
|
|
|
|
|
const cdata gemsafe_cert[] = {
|
|
|
|
{"DS certificate", 0, "3F0016000004","45", SC_PKCS15_CO_FLAG_MODIFIABLE},
|
|
|
|
{NULL, 0, NULL, 0, 0}
|
|
|
|
};
|
|
|
|
|
|
|
|
typedef struct pdata_st {
|
|
|
|
const char *id;
|
|
|
|
const char *label;
|
|
|
|
const char *path;
|
|
|
|
int ref;
|
|
|
|
int type;
|
|
|
|
unsigned int maxlen;
|
|
|
|
unsigned int minlen;
|
2007-11-13 07:52:43 +00:00
|
|
|
int flags;
|
2007-11-12 10:18:54 +00:00
|
|
|
int tries_left;
|
|
|
|
const char pad_char;
|
|
|
|
int obj_flags;
|
2007-11-13 07:52:43 +00:00
|
|
|
} pindata;
|
2007-11-12 10:18:54 +00:00
|
|
|
|
|
|
|
const pindata gemsafe_pin[] = {
|
|
|
|
{ "01", "DS pin", NULL, 0x01, SC_PKCS15_PIN_TYPE_BCD,
|
2007-11-13 07:52:43 +00:00
|
|
|
16, 6, SC_PKCS15_PIN_FLAG_NEEDS_PADDING | SC_PKCS15_PIN_FLAG_LOCAL,
|
|
|
|
3, 0xFF,
|
2007-11-12 10:18:54 +00:00
|
|
|
SC_PKCS15_CO_FLAG_MODIFIABLE | SC_PKCS15_CO_FLAG_PRIVATE },
|
|
|
|
{ NULL, NULL, NULL, 0, 0, 0, 0, 0, 0, 0, 0 }
|
|
|
|
};
|
|
|
|
|
|
|
|
typedef struct prdata_st {
|
|
|
|
const char *id;
|
|
|
|
const char *label;
|
|
|
|
unsigned int modulus_len;
|
|
|
|
int usage;
|
|
|
|
const char *path;
|
|
|
|
int ref;
|
|
|
|
const char *auth_id;
|
|
|
|
int obj_flags;
|
|
|
|
} prdata;
|
|
|
|
|
|
|
|
#define USAGE_NONREP SC_PKCS15_PRKEY_USAGE_NONREPUDIATION
|
|
|
|
#define USAGE_KE SC_PKCS15_PRKEY_USAGE_ENCRYPT | \
|
|
|
|
SC_PKCS15_PRKEY_USAGE_DECRYPT | \
|
|
|
|
SC_PKCS15_PRKEY_USAGE_WRAP | \
|
|
|
|
SC_PKCS15_PRKEY_USAGE_UNWRAP
|
|
|
|
#define USAGE_AUT SC_PKCS15_PRKEY_USAGE_ENCRYPT | \
|
|
|
|
SC_PKCS15_PRKEY_USAGE_DECRYPT | \
|
|
|
|
SC_PKCS15_PRKEY_USAGE_WRAP | \
|
|
|
|
SC_PKCS15_PRKEY_USAGE_UNWRAP | \
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGN
|
|
|
|
|
|
|
|
const prdata gemsafe_prkeys[] = {
|
|
|
|
{ "45", "DS key", 1024, USAGE_AUT, NULL,
|
|
|
|
0x03, "01", SC_PKCS15_CO_FLAG_PRIVATE},
|
|
|
|
{ NULL, NULL, 0, 0, NULL, 0, NULL, 0}
|
|
|
|
};
|
|
|
|
|
2008-08-20 15:17:59 +00:00
|
|
|
static int gemsafe_get_cert_len(sc_card_t *card, sc_path_t *path,
|
|
|
|
int *key_ref)
|
2007-11-12 10:18:54 +00:00
|
|
|
{
|
|
|
|
const char *fn_name = "gemsafe_get_cert_len";
|
|
|
|
int r;
|
2008-08-20 15:17:59 +00:00
|
|
|
int ind;
|
2007-11-12 10:18:54 +00:00
|
|
|
u8 ibuf[248];
|
|
|
|
struct sc_file *file;
|
|
|
|
size_t objlen, certlen;
|
2008-03-17 15:09:16 +00:00
|
|
|
unsigned int block=0;
|
2007-11-12 10:18:54 +00:00
|
|
|
int found = 0;
|
2008-03-17 15:09:16 +00:00
|
|
|
unsigned int offset=0, index_local, i=0;
|
2007-11-12 10:18:54 +00:00
|
|
|
|
|
|
|
r = sc_select_file(card, path, &file);
|
|
|
|
if (r < 0)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/* Apparently, the Applet max read "quanta" is 248 bytes */
|
|
|
|
/* Initial read */
|
|
|
|
r = sc_read_binary(card, offset, ibuf, 248, 0);
|
2007-11-13 07:52:43 +00:00
|
|
|
if (r < 0)
|
2007-11-12 10:18:54 +00:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
/* Actual stored object size is encoded in first 2 bytes
|
|
|
|
* (allocated EF space is much greater!)
|
|
|
|
*/
|
|
|
|
objlen = (((size_t) ibuf[0]) << 8) | ibuf[1];
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "%s: Certificate object is of size: %d\n", fn_name, objlen);
|
2007-11-12 10:18:54 +00:00
|
|
|
|
|
|
|
if (objlen < 1 || objlen > 10240) {
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "%s: Invalid object size: %d\n", fn_name, objlen);
|
2007-11-12 10:18:54 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2008-08-20 15:17:59 +00:00
|
|
|
/*
|
|
|
|
* We need to find the private key associated with the cert
|
|
|
|
* It looks like the first thing in the block is a table of
|
|
|
|
* which keys are allocated.
|
|
|
|
* We will look for the first allocated key, and save the
|
|
|
|
* key_ref. The table is small and is in the first 248 bytes.
|
|
|
|
* If for some reason this is not true, we can still override
|
|
|
|
* the key_ref in the opensc.conf with flag = n.
|
|
|
|
*/
|
|
|
|
ind = 2; /* skip length */
|
|
|
|
while (ibuf[ind] == 0x01) {
|
|
|
|
if (ibuf[ind+1] == 0xFE) {
|
|
|
|
*key_ref = ibuf[ind+4];
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Using key_ref %d found at offset %d\n",
|
2008-08-20 15:17:59 +00:00
|
|
|
*key_ref, ind);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
ind = ind + 8;
|
|
|
|
}
|
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
/* Using (block+1) in while loop avoids using final cert object data block */
|
|
|
|
while (!found && ( (block+1) * 248 < objlen) ) {
|
|
|
|
/* Check current buffer */
|
|
|
|
for (i = 0; i < 248; i++) {
|
|
|
|
if (ibuf[i] == 0x30 && ibuf[i+1] == 0x82) {
|
|
|
|
found = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Grab another buffer */
|
|
|
|
if (!found) {
|
|
|
|
block++;
|
|
|
|
offset = block*248;
|
|
|
|
r = sc_read_binary(card, offset, ibuf, 248, 0);
|
|
|
|
if (r < 0) {
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "%s: Could not read cert object\n", fn_name);
|
2007-11-12 10:18:54 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2008-03-17 15:09:16 +00:00
|
|
|
index_local = block*248 + i;
|
2007-11-12 10:18:54 +00:00
|
|
|
|
|
|
|
/* DER Cert len is encoded this way */
|
|
|
|
certlen = ((((size_t) ibuf[i+2]) << 8) | ibuf[i+3]) + 4;
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "%s: certlen: %04X\n", fn_name, certlen);
|
2007-11-12 10:18:54 +00:00
|
|
|
|
2008-03-17 15:09:16 +00:00
|
|
|
path->index = index_local;
|
2007-11-12 10:18:54 +00:00
|
|
|
path->count = certlen;
|
|
|
|
|
|
|
|
return 1;
|
2007-11-13 07:52:43 +00:00
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static int gemsafe_detect_card( sc_pkcs15_card_t *p15card)
|
|
|
|
{
|
2009-07-22 10:06:32 +00:00
|
|
|
if (strcmp(p15card->card->name, "GemSAFE V1"))
|
|
|
|
return SC_ERROR_WRONG_CARD;
|
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
return SC_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int sc_pkcs15emu_gemsafeV1_init( sc_pkcs15_card_t *p15card)
|
|
|
|
{
|
|
|
|
const char *fn_name = "sc_pkcs15emu_gemsafe_init";
|
|
|
|
|
|
|
|
int r, i;
|
2008-08-20 15:17:59 +00:00
|
|
|
int key_ref = 0x03;
|
2007-11-12 10:18:54 +00:00
|
|
|
struct sc_path path;
|
|
|
|
struct sc_file *file = NULL;
|
|
|
|
struct sc_card *card = p15card->card;
|
|
|
|
struct sc_apdu apdu;
|
|
|
|
u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, "%s: Setting pkcs15 parameters\n", fn_name);
|
2007-11-12 10:18:54 +00:00
|
|
|
|
2010-10-05 15:44:58 +00:00
|
|
|
if (p15card->tokeninfo->label)
|
|
|
|
free(p15card->tokeninfo->label);
|
|
|
|
p15card->tokeninfo->label = malloc(strlen(APPLET_NAME) + 1);
|
|
|
|
if (!p15card->tokeninfo->label)
|
2007-11-12 10:18:54 +00:00
|
|
|
return SC_ERROR_INTERNAL;
|
2010-10-05 15:44:58 +00:00
|
|
|
strcpy(p15card->tokeninfo->label, APPLET_NAME);
|
2007-11-12 10:18:54 +00:00
|
|
|
|
2010-10-05 15:44:58 +00:00
|
|
|
if (p15card->tokeninfo->serial_number)
|
|
|
|
free(p15card->tokeninfo->serial_number);
|
|
|
|
p15card->tokeninfo->serial_number = malloc(strlen(DRIVER_SERIAL_NUMBER) + 1);
|
|
|
|
if (!p15card->tokeninfo->serial_number)
|
2007-11-12 10:18:54 +00:00
|
|
|
return SC_ERROR_INTERNAL;
|
2010-10-05 15:44:58 +00:00
|
|
|
strcpy(p15card->tokeninfo->serial_number, DRIVER_SERIAL_NUMBER);
|
2007-11-12 10:18:54 +00:00
|
|
|
|
|
|
|
/* the GemSAFE applet version number */
|
|
|
|
sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0xdf, 0x03);
|
|
|
|
apdu.cla = 0x80;
|
|
|
|
apdu.resp = rbuf;
|
|
|
|
apdu.resplen = sizeof(rbuf);
|
|
|
|
/* Manual says Le=0x05, but should be 0x08 to return full version numer */
|
2007-11-13 07:52:43 +00:00
|
|
|
apdu.le = 0x08;
|
2007-11-12 10:18:54 +00:00
|
|
|
apdu.lc = 0;
|
|
|
|
apdu.datalen = 0;
|
|
|
|
r = sc_transmit_apdu(card, &apdu);
|
2010-03-15 12:17:13 +00:00
|
|
|
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "APDU transmit failed");
|
2007-11-12 10:18:54 +00:00
|
|
|
if (apdu.sw1 != 0x90 || apdu.sw2 != 0x00)
|
|
|
|
return SC_ERROR_INTERNAL;
|
|
|
|
if (r != SC_SUCCESS)
|
|
|
|
return SC_ERROR_INTERNAL;
|
|
|
|
|
|
|
|
/* the manufacturer ID, in this case GemPlus */
|
2010-10-05 15:44:58 +00:00
|
|
|
if (p15card->tokeninfo->manufacturer_id)
|
|
|
|
free(p15card->tokeninfo->manufacturer_id);
|
|
|
|
p15card->tokeninfo->manufacturer_id = malloc(strlen(MANU_ID) + 1);
|
|
|
|
if (!p15card->tokeninfo->manufacturer_id)
|
2007-11-12 10:18:54 +00:00
|
|
|
return SC_ERROR_INTERNAL;
|
2010-10-05 15:44:58 +00:00
|
|
|
strcpy(p15card->tokeninfo->manufacturer_id, MANU_ID);
|
2007-11-12 10:18:54 +00:00
|
|
|
|
|
|
|
/* set certs */
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, "%s: Setting certificate\n", fn_name);
|
2007-11-12 10:18:54 +00:00
|
|
|
for (i = 0; gemsafe_cert[i].label; i++) {
|
|
|
|
struct sc_pkcs15_id p15Id;
|
|
|
|
|
|
|
|
sc_format_path(gemsafe_cert[i].path, &path);
|
2008-08-20 15:17:59 +00:00
|
|
|
if (!gemsafe_get_cert_len(card, &path, &key_ref))
|
2007-11-12 10:18:54 +00:00
|
|
|
/* skip errors */
|
|
|
|
continue;
|
|
|
|
sc_pkcs15_format_id(gemsafe_cert[i].id, &p15Id);
|
|
|
|
sc_pkcs15emu_add_cert(p15card, SC_PKCS15_TYPE_CERT_X509,
|
|
|
|
gemsafe_cert[i].authority, &path, &p15Id,
|
|
|
|
gemsafe_cert[i].label, gemsafe_cert[i].obj_flags);
|
|
|
|
}
|
|
|
|
/* set gemsafe_pin */
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, "%s: Setting PIN\n", fn_name);
|
2007-11-12 10:18:54 +00:00
|
|
|
for (i = 0; gemsafe_pin[i].label; i++) {
|
|
|
|
struct sc_pkcs15_id p15Id;
|
|
|
|
|
|
|
|
sc_pkcs15_format_id(gemsafe_pin[i].id, &p15Id);
|
|
|
|
sc_pkcs15emu_add_pin(p15card, &p15Id, gemsafe_pin[i].label,
|
|
|
|
&path, gemsafe_pin[i].ref, gemsafe_pin[i].type,
|
2007-11-13 07:52:43 +00:00
|
|
|
gemsafe_pin[i].minlen, gemsafe_pin[i].maxlen,
|
2007-11-12 10:18:54 +00:00
|
|
|
gemsafe_pin[i].flags,
|
|
|
|
gemsafe_pin[i].tries_left, gemsafe_pin[i].pad_char,
|
|
|
|
gemsafe_pin[i].obj_flags);
|
|
|
|
}
|
|
|
|
/* set private keys */
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, "%s: Setting private key\n", fn_name);
|
2007-11-12 10:18:54 +00:00
|
|
|
for (i = 0; gemsafe_prkeys[i].label; i++) {
|
2007-11-13 07:52:43 +00:00
|
|
|
struct sc_pkcs15_id p15Id,
|
2007-11-12 10:18:54 +00:00
|
|
|
authId, *pauthId;
|
|
|
|
sc_pkcs15_format_id(gemsafe_prkeys[i].id, &p15Id);
|
|
|
|
if (gemsafe_prkeys[i].auth_id) {
|
|
|
|
sc_pkcs15_format_id(gemsafe_prkeys[i].auth_id, &authId);
|
|
|
|
pauthId = &authId;
|
2007-11-13 07:52:43 +00:00
|
|
|
} else
|
2007-11-12 10:18:54 +00:00
|
|
|
pauthId = NULL;
|
2008-08-20 15:17:59 +00:00
|
|
|
/*
|
|
|
|
* the key ref may be different for different sites
|
|
|
|
* by adding flags=n where the low order 4 bits can be
|
|
|
|
* the key ref we can force it.
|
|
|
|
*/
|
|
|
|
if ( p15card->card->flags & 0x0F) {
|
|
|
|
key_ref = p15card->card->flags & 0x0F;
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL,
|
2008-08-20 15:17:59 +00:00
|
|
|
"Overriding key_ref with %d\n", key_ref);
|
|
|
|
}
|
2007-11-12 10:18:54 +00:00
|
|
|
sc_pkcs15emu_add_prkey(p15card, &p15Id, gemsafe_prkeys[i].label,
|
|
|
|
SC_PKCS15_TYPE_PRKEY_RSA,
|
|
|
|
gemsafe_prkeys[i].modulus_len, gemsafe_prkeys[i].usage,
|
2008-08-20 15:17:59 +00:00
|
|
|
&path, key_ref, pauthId,
|
2007-11-12 10:18:54 +00:00
|
|
|
gemsafe_prkeys[i].obj_flags);
|
|
|
|
}
|
2007-11-13 07:52:43 +00:00
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
/* select the application DF */
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL,"%s: Selecting application DF\n", fn_name);
|
2007-11-12 10:18:54 +00:00
|
|
|
sc_format_path("3F001600", &path);
|
|
|
|
r = sc_select_file(card, &path, &file);
|
|
|
|
if (r != SC_SUCCESS || !file)
|
|
|
|
return SC_ERROR_INTERNAL;
|
|
|
|
/* set the application DF */
|
|
|
|
if (p15card->file_app)
|
|
|
|
free(p15card->file_app);
|
|
|
|
p15card->file_app = file;
|
|
|
|
|
|
|
|
return SC_SUCCESS;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
int sc_pkcs15emu_gemsafeV1_init_ex( sc_pkcs15_card_t *p15card,
|
|
|
|
sc_pkcs15emu_opt_t *opts)
|
|
|
|
{
|
|
|
|
if (opts && opts->flags & SC_PKCS15EMU_FLAGS_NO_CHECK)
|
|
|
|
return sc_pkcs15emu_gemsafeV1_init(p15card);
|
|
|
|
else {
|
|
|
|
int r = gemsafe_detect_card(p15card);
|
|
|
|
if (r)
|
|
|
|
return SC_ERROR_WRONG_CARD;
|
|
|
|
return sc_pkcs15emu_gemsafeV1_init(p15card);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static sc_pkcs15_df_t *
|
2008-03-17 15:09:16 +00:00
|
|
|
sc_pkcs15emu_get_df(sc_pkcs15_card_t *p15card, unsigned int type)
|
2007-11-12 10:18:54 +00:00
|
|
|
{
|
|
|
|
sc_pkcs15_df_t *df;
|
|
|
|
sc_file_t *file;
|
|
|
|
int created = 0;
|
|
|
|
|
|
|
|
while (1) {
|
|
|
|
for (df = p15card->df_list; df; df = df->next) {
|
|
|
|
if (df->type == type) {
|
|
|
|
if (created)
|
|
|
|
df->enumerated = 1;
|
|
|
|
return df;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
assert(created == 0);
|
|
|
|
|
|
|
|
file = sc_file_new();
|
|
|
|
if (!file)
|
|
|
|
return NULL;
|
|
|
|
sc_format_path("11001101", &file->path);
|
2011-04-10 04:09:33 +00:00
|
|
|
sc_pkcs15_add_df(p15card, type, &file->path);
|
2007-11-12 10:18:54 +00:00
|
|
|
sc_file_free(file);
|
|
|
|
created++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
sc_pkcs15emu_add_object(sc_pkcs15_card_t *p15card, int type,
|
|
|
|
const char *label, void *data,
|
|
|
|
const sc_pkcs15_id_t *auth_id, int obj_flags)
|
|
|
|
{
|
|
|
|
sc_pkcs15_object_t *obj;
|
|
|
|
int df_type;
|
|
|
|
|
2009-05-12 14:27:39 +00:00
|
|
|
obj = calloc(1, sizeof(*obj));
|
2007-11-12 10:18:54 +00:00
|
|
|
|
|
|
|
obj->type = type;
|
|
|
|
obj->data = data;
|
2007-11-13 07:52:43 +00:00
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
if (label)
|
|
|
|
strncpy(obj->label, label, sizeof(obj->label)-1);
|
|
|
|
|
|
|
|
obj->flags = obj_flags;
|
|
|
|
if (auth_id)
|
|
|
|
obj->auth_id = *auth_id;
|
|
|
|
|
|
|
|
switch (type & SC_PKCS15_TYPE_CLASS_MASK) {
|
|
|
|
case SC_PKCS15_TYPE_AUTH:
|
|
|
|
df_type = SC_PKCS15_AODF;
|
|
|
|
break;
|
|
|
|
case SC_PKCS15_TYPE_PRKEY:
|
|
|
|
df_type = SC_PKCS15_PRKDF;
|
|
|
|
break;
|
|
|
|
case SC_PKCS15_TYPE_PUBKEY:
|
|
|
|
df_type = SC_PKCS15_PUKDF;
|
|
|
|
break;
|
|
|
|
case SC_PKCS15_TYPE_CERT:
|
|
|
|
df_type = SC_PKCS15_CDF;
|
|
|
|
break;
|
|
|
|
default:
|
2010-03-15 12:17:13 +00:00
|
|
|
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL,
|
2007-11-12 10:18:54 +00:00
|
|
|
"Unknown PKCS15 object type %d\n", type);
|
2009-05-12 14:29:30 +00:00
|
|
|
free(obj);
|
2007-11-12 10:18:54 +00:00
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
|
|
|
}
|
|
|
|
|
|
|
|
obj->df = sc_pkcs15emu_get_df(p15card, df_type);
|
|
|
|
sc_pkcs15_add_object(p15card, obj);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
sc_pkcs15emu_add_pin(sc_pkcs15_card_t *p15card,
|
|
|
|
const sc_pkcs15_id_t *id, const char *label,
|
|
|
|
const sc_path_t *path, int ref, int type,
|
|
|
|
unsigned int min_length,
|
|
|
|
unsigned int max_length,
|
|
|
|
int flags, int tries_left, const char pad_char, int obj_flags)
|
|
|
|
{
|
2011-06-05 15:46:25 +00:00
|
|
|
sc_pkcs15_auth_info_t *info;
|
2007-11-13 07:52:43 +00:00
|
|
|
|
2009-05-12 14:27:39 +00:00
|
|
|
info = calloc(1, sizeof(*info));
|
2011-06-05 15:46:25 +00:00
|
|
|
info->auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN;
|
2007-11-12 10:18:54 +00:00
|
|
|
info->auth_id = *id;
|
2011-06-05 15:46:25 +00:00
|
|
|
info->attrs.pin.min_length = min_length;
|
|
|
|
info->attrs.pin.max_length = max_length;
|
|
|
|
info->attrs.pin.stored_length = max_length;
|
|
|
|
info->attrs.pin.type = type;
|
|
|
|
info->attrs.pin.reference = ref;
|
|
|
|
info->attrs.pin.flags = flags;
|
|
|
|
info->attrs.pin.pad_char = pad_char;
|
2007-11-12 10:18:54 +00:00
|
|
|
info->tries_left = tries_left;
|
2007-11-13 07:52:43 +00:00
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
if (path)
|
2007-11-13 07:52:43 +00:00
|
|
|
info->path = *path;
|
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
return sc_pkcs15emu_add_object(p15card,
|
|
|
|
SC_PKCS15_TYPE_AUTH_PIN,
|
|
|
|
label, info, NULL, obj_flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
sc_pkcs15emu_add_cert(sc_pkcs15_card_t *p15card,
|
|
|
|
int type, int authority,
|
|
|
|
const sc_path_t *path,
|
|
|
|
const sc_pkcs15_id_t *id,
|
|
|
|
const char *label, int obj_flags)
|
|
|
|
{
|
|
|
|
/* const char *label = "Certificate"; */
|
|
|
|
sc_pkcs15_cert_info_t *info;
|
2009-05-12 14:27:39 +00:00
|
|
|
info = calloc(1, sizeof(*info));
|
2007-11-12 10:18:54 +00:00
|
|
|
info->id = *id;
|
|
|
|
info->authority = authority;
|
|
|
|
if (path)
|
|
|
|
info->path = *path;
|
|
|
|
|
|
|
|
return sc_pkcs15emu_add_object(p15card, type, label, info, NULL, obj_flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
sc_pkcs15emu_add_prkey(sc_pkcs15_card_t *p15card,
|
|
|
|
const sc_pkcs15_id_t *id,
|
|
|
|
const char *label,
|
|
|
|
int type, unsigned int modulus_length, int usage,
|
|
|
|
const sc_path_t *path, int ref,
|
|
|
|
const sc_pkcs15_id_t *auth_id, int obj_flags)
|
|
|
|
{
|
2007-11-13 07:52:43 +00:00
|
|
|
sc_pkcs15_prkey_info_t *info;
|
|
|
|
|
2009-05-12 14:27:39 +00:00
|
|
|
info = calloc(1, sizeof(*info));
|
2007-11-12 10:18:54 +00:00
|
|
|
info->id = *id;
|
|
|
|
info->modulus_length = modulus_length;
|
|
|
|
info->usage = usage;
|
|
|
|
info->native = 1;
|
|
|
|
info->access_flags = SC_PKCS15_PRKEY_ACCESS_SENSITIVE
|
|
|
|
| SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE
|
|
|
|
| SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE
|
|
|
|
| SC_PKCS15_PRKEY_ACCESS_LOCAL;
|
|
|
|
info->key_reference = ref;
|
2007-11-13 07:52:43 +00:00
|
|
|
|
2007-11-12 10:18:54 +00:00
|
|
|
if (path)
|
|
|
|
info->path = *path;
|
|
|
|
|
|
|
|
return sc_pkcs15emu_add_object(p15card, type, label,
|
|
|
|
info, auth_id, obj_flags);
|
|
|
|
}
|
|
|
|
|
2008-03-17 15:17:56 +00:00
|
|
|
#if 0
|
2007-11-12 10:18:54 +00:00
|
|
|
static int
|
|
|
|
sc_pkcs15emu_add_pubkey(sc_pkcs15_card_t *p15card,
|
|
|
|
const sc_pkcs15_id_t *id,
|
|
|
|
const char *label, int type,
|
|
|
|
unsigned int modulus_length, int usage,
|
|
|
|
const sc_path_t *path, int ref,
|
|
|
|
const sc_pkcs15_id_t *auth_id, int obj_flags)
|
|
|
|
{
|
|
|
|
sc_pkcs15_pubkey_info_t *info;
|
|
|
|
|
2009-05-12 14:27:39 +00:00
|
|
|
info = calloc(1, sizeof(*info));
|
2007-11-12 10:18:54 +00:00
|
|
|
info->id = *id;
|
|
|
|
info->modulus_length = modulus_length;
|
|
|
|
info->usage = usage;
|
|
|
|
info->access_flags = SC_PKCS15_PRKEY_ACCESS_EXTRACTABLE;
|
|
|
|
info->key_reference = ref;
|
|
|
|
|
|
|
|
if (path)
|
|
|
|
info->path = *path;
|
|
|
|
|
|
|
|
return sc_pkcs15emu_add_object(p15card, type, label, info, auth_id, obj_flags);
|
|
|
|
}
|
2008-03-17 15:17:56 +00:00
|
|
|
#endif
|
2007-11-12 10:18:54 +00:00
|
|
|
|
2008-04-28 07:57:03 +00:00
|
|
|
/* SC_IMPLEMENT_DRIVER_VERSION("0.9.4") */
|