2004-06-16 20:59:59 +00:00
|
|
|
|
/*
|
|
|
|
|
|
* Oberthur specific operation for PKCS #15 initialization
|
|
|
|
|
|
*
|
2007-01-02 10:06:02 +00:00
|
|
|
|
* Copyright (C) 2002 Juha Yrj<EFBFBD>l<EFBFBD> <juha.yrjola@iki.fi>
|
2009-11-05 18:27:56 +00:00
|
|
|
|
* Copyright (C) 2009 Viktor Tarasov <viktor.tarasov@opentrust.com>,
|
|
|
|
|
|
* OpenTrust <www.opentrust.com>
|
2004-06-16 20:59:59 +00:00
|
|
|
|
*
|
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
|
*
|
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
|
*
|
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
2016-01-06 14:40:59 +00:00
|
|
|
|
#include "pkcs15-oberthur.h"
|
2004-06-16 20:59:59 +00:00
|
|
|
|
#include <sys/types.h>
|
|
|
|
|
|
#include <ctype.h>
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2010-03-04 08:14:36 +00:00
|
|
|
|
#include "libopensc/opensc.h"
|
|
|
|
|
|
#include "libopensc/cardctl.h"
|
|
|
|
|
|
#include "libopensc/log.h"
|
2004-06-16 20:59:59 +00:00
|
|
|
|
#include "profile.h"
|
2010-03-18 12:30:39 +00:00
|
|
|
|
#include "pkcs15-init.h"
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
|
|
|
|
|
#define COSM_TITLE "OberthurAWP"
|
|
|
|
|
|
|
|
|
|
|
|
#define TLV_TYPE_V 0
|
2009-11-13 09:45:21 +00:00
|
|
|
|
#define TLV_TYPE_LV 1
|
2004-06-16 20:59:59 +00:00
|
|
|
|
#define TLV_TYPE_TLV 2
|
|
|
|
|
|
|
2004-12-15 10:56:45 +00:00
|
|
|
|
/* Should be greater then SC_PKCS15_TYPE_CLASS_MASK */
|
2004-06-16 20:59:59 +00:00
|
|
|
|
#define SC_DEVICE_SPECIFIC_TYPE 0x1000
|
|
|
|
|
|
|
|
|
|
|
|
#define COSM_TYPE_PRKEY_RSA (SC_DEVICE_SPECIFIC_TYPE | SC_PKCS15_TYPE_PRKEY_RSA)
|
|
|
|
|
|
#define COSM_TYPE_PUBKEY_RSA (SC_DEVICE_SPECIFIC_TYPE | SC_PKCS15_TYPE_PUBKEY_RSA)
|
|
|
|
|
|
|
2009-11-13 09:45:21 +00:00
|
|
|
|
#define COSM_TOKEN_FLAG_PRN_GENERATION 0x01
|
|
|
|
|
|
#define COSM_TOKEN_FLAG_LOGIN_REQUIRED 0x04
|
|
|
|
|
|
#define COSM_TOKEN_FLAG_USER_PIN_INITIALIZED 0x08
|
|
|
|
|
|
#define COSM_TOKEN_FLAG_TOKEN_INITIALIZED 0x0400
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
static int cosm_create_reference_data(struct sc_profile *, struct sc_pkcs15_card *,
|
2011-06-05 15:46:25 +00:00
|
|
|
|
struct sc_pkcs15_auth_info *, const unsigned char *, size_t,
|
2010-02-21 16:21:57 +00:00
|
|
|
|
const unsigned char *, size_t);
|
|
|
|
|
|
static int cosm_update_pin(struct sc_profile *, struct sc_pkcs15_card *,
|
2011-06-05 15:46:25 +00:00
|
|
|
|
struct sc_pkcs15_auth_info *, const unsigned char *, size_t,
|
2010-02-21 16:21:57 +00:00
|
|
|
|
const unsigned char *, size_t);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2012-04-02 21:40:05 +00:00
|
|
|
|
static int
|
|
|
|
|
|
cosm_write_tokeninfo (struct sc_pkcs15_card *p15card, struct sc_profile *profile,
|
2010-10-07 15:12:12 +00:00
|
|
|
|
char *label, unsigned flags)
|
2009-11-13 09:45:21 +00:00
|
|
|
|
{
|
2015-01-22 19:29:33 +00:00
|
|
|
|
struct sc_context *ctx;
|
2009-11-13 09:45:21 +00:00
|
|
|
|
struct sc_file *file = NULL;
|
2010-10-07 15:12:12 +00:00
|
|
|
|
int rv;
|
2010-04-02 12:19:14 +00:00
|
|
|
|
size_t sz;
|
2009-11-13 09:45:21 +00:00
|
|
|
|
char *buffer = NULL;
|
|
|
|
|
|
|
2015-01-22 19:29:33 +00:00
|
|
|
|
if (!p15card || !p15card->card || !profile)
|
2009-11-13 09:45:21 +00:00
|
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2015-01-22 19:29:33 +00:00
|
|
|
|
ctx = p15card->card->ctx;
|
|
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2015-04-29 21:22:29 +00:00
|
|
|
|
if (sc_profile_get_file(profile, COSM_TITLE"-token-info", &file)) {
|
|
|
|
|
|
rv = SC_ERROR_INCONSISTENT_PROFILE;
|
2018-11-23 07:12:53 +00:00
|
|
|
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_VERBOSE, rv, "Cannot find "COSM_TITLE"-token-info");
|
2015-04-29 21:22:29 +00:00
|
|
|
|
}
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2015-04-29 21:22:29 +00:00
|
|
|
|
if (file->size < 16) {
|
|
|
|
|
|
rv = SC_ERROR_INCONSISTENT_PROFILE;
|
2018-11-23 07:12:53 +00:00
|
|
|
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_VERBOSE, rv, "Insufficient size of the "COSM_TITLE"-token-info file");
|
2015-04-29 21:22:29 +00:00
|
|
|
|
}
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2009-11-13 09:45:21 +00:00
|
|
|
|
buffer = calloc(1, file->size);
|
2015-04-29 21:22:29 +00:00
|
|
|
|
if (!buffer) {
|
|
|
|
|
|
rv = SC_ERROR_OUT_OF_MEMORY;
|
2018-11-23 07:12:53 +00:00
|
|
|
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_VERBOSE, rv, "Allocation error in cosm_write_tokeninfo()");
|
2015-04-29 21:22:29 +00:00
|
|
|
|
}
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2012-04-02 21:40:05 +00:00
|
|
|
|
if (label)
|
2009-11-13 09:45:21 +00:00
|
|
|
|
strncpy(buffer, label, file->size - 4);
|
2010-10-05 15:44:58 +00:00
|
|
|
|
else if (p15card->tokeninfo->label)
|
|
|
|
|
|
snprintf(buffer, file->size - 4, "%s", p15card->tokeninfo->label);
|
|
|
|
|
|
else if (profile->p15_spec && profile->p15_spec->tokeninfo->label)
|
|
|
|
|
|
snprintf(buffer, file->size - 4, "%s", profile->p15_spec->tokeninfo->label);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
else
|
|
|
|
|
|
snprintf(buffer, file->size - 4, "OpenSC-Token");
|
|
|
|
|
|
|
2012-04-02 21:40:05 +00:00
|
|
|
|
sz = strlen(buffer);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
if (sz < file->size - 4)
|
|
|
|
|
|
memset(buffer + sz, ' ', file->size - sz);
|
|
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "cosm_write_tokeninfo() token label '%s'; oberthur flags 0x%X", buffer, flags);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
|
|
|
|
|
memset(buffer + file->size - 4, 0, 4);
|
|
|
|
|
|
*(buffer + file->size - 1) = flags & 0xFF;
|
|
|
|
|
|
*(buffer + file->size - 2) = (flags >> 8) & 0xFF;
|
|
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_update_file(profile, p15card, file, buffer, file->size);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
if (rv > 0)
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
|
2015-04-29 21:22:29 +00:00
|
|
|
|
err:
|
2017-01-05 19:21:44 +00:00
|
|
|
|
sc_file_free(file);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
free(buffer);
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2012-04-02 21:40:05 +00:00
|
|
|
|
int
|
2010-02-21 16:21:57 +00:00
|
|
|
|
cosm_delete_file(struct sc_pkcs15_card *p15card, struct sc_profile *profile,
|
2009-11-13 09:45:21 +00:00
|
|
|
|
struct sc_file *df)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2009-11-13 09:45:21 +00:00
|
|
|
|
struct sc_path path;
|
|
|
|
|
|
struct sc_file *parent;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
int rv = 0;
|
|
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "id %04X", df->id);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
if (df->type==SC_FILE_TYPE_DF) {
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_authenticate(profile, p15card, df, SC_AC_OP_DELETE);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot authenticate SC_AC_OP_DELETE");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
/* Select the parent DF */
|
|
|
|
|
|
path = df->path;
|
|
|
|
|
|
path.len -= 2;
|
|
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_select_file(p15card->card, &path, &parent);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot select parent");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_authenticate(profile, p15card, parent, SC_AC_OP_DELETE);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
sc_file_free(parent);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot authenticate SC_AC_OP_DELETE");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
|
|
|
|
|
memset(&path, 0, sizeof(path));
|
|
|
|
|
|
path.type = SC_PATH_TYPE_FILE_ID;
|
|
|
|
|
|
path.value[0] = df->id >> 8;
|
|
|
|
|
|
path.value[1] = df->id & 0xFF;
|
|
|
|
|
|
path.len = 2;
|
|
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_delete_file(p15card->card, &path);
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|
* Erase the card
|
|
|
|
|
|
*/
|
2012-04-02 21:40:05 +00:00
|
|
|
|
static int
|
2010-02-21 16:21:57 +00:00
|
|
|
|
cosm_erase_card(struct sc_profile *profile, struct sc_pkcs15_card *p15card)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2009-11-13 09:45:21 +00:00
|
|
|
|
struct sc_file *df = profile->df_info->file, *dir;
|
2007-01-02 10:06:02 +00:00
|
|
|
|
int rv;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
/* Delete EF(DIR). This may not be very nice
|
|
|
|
|
|
* against other applications that use this file, but
|
|
|
|
|
|
* extremely useful for testing :)
|
|
|
|
|
|
* Note we need to delete if before the DF because we create
|
2012-04-02 21:40:05 +00:00
|
|
|
|
* it *after* the DF.
|
2004-06-16 20:59:59 +00:00
|
|
|
|
* */
|
|
|
|
|
|
if (sc_profile_get_file(profile, "DIR", &dir) >= 0) {
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "erase file dir %04X",dir->id);
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_delete_file(p15card, profile, dir);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
sc_file_free(dir);
|
2007-01-02 10:06:02 +00:00
|
|
|
|
if (rv < 0 && rv != SC_ERROR_FILE_NOT_FOUND)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
goto done;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "erase file ddf %04X",df->id);
|
2018-06-29 23:15:57 +00:00
|
|
|
|
rv = cosm_delete_file(p15card, profile, df);
|
2018-06-21 12:29:09 +00:00
|
|
|
|
if (rv < 0 && rv != SC_ERROR_FILE_NOT_FOUND)
|
|
|
|
|
|
goto done;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
|
|
|
|
|
if (sc_profile_get_file(profile, "private-DF", &dir) >= 0) {
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "erase file dir %04X",dir->id);
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_delete_file(p15card, profile, dir);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
sc_file_free(dir);
|
2007-01-02 10:06:02 +00:00
|
|
|
|
if (rv < 0 && rv != SC_ERROR_FILE_NOT_FOUND)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
goto done;
|
|
|
|
|
|
}
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
if (sc_profile_get_file(profile, "public-DF", &dir) >= 0) {
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "erase file dir %04X",dir->id);
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_delete_file(p15card, profile, dir);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
sc_file_free(dir);
|
2007-01-02 10:06:02 +00:00
|
|
|
|
if (rv < 0 && rv != SC_ERROR_FILE_NOT_FOUND)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
goto done;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2007-01-02 10:06:02 +00:00
|
|
|
|
rv = sc_profile_get_file(profile, COSM_TITLE"-AppDF", &dir);
|
|
|
|
|
|
if (!rv) {
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "delete %s; r %i", COSM_TITLE"-AppDF", rv);
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_delete_file(p15card, profile, dir);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
sc_file_free(dir);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
sc_free_apps(p15card->card);
|
2012-04-02 21:40:05 +00:00
|
|
|
|
done:
|
2009-11-05 18:27:56 +00:00
|
|
|
|
if (rv == SC_ERROR_FILE_NOT_FOUND)
|
|
|
|
|
|
rv = 0;
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2010-01-27 18:07:14 +00:00
|
|
|
|
static int
|
2012-04-02 21:40:05 +00:00
|
|
|
|
cosm_create_dir(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2010-01-27 18:07:14 +00:00
|
|
|
|
struct sc_file *df)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2009-11-13 09:45:21 +00:00
|
|
|
|
struct sc_file *file = NULL;
|
2005-08-09 07:53:59 +00:00
|
|
|
|
size_t ii;
|
2009-11-13 09:45:21 +00:00
|
|
|
|
int rv;
|
2007-01-02 10:06:02 +00:00
|
|
|
|
static const char *create_dfs[] = {
|
|
|
|
|
|
COSM_TITLE"-AppDF",
|
2005-08-09 07:53:59 +00:00
|
|
|
|
"private-DF",
|
|
|
|
|
|
"public-DF",
|
2007-01-02 10:06:02 +00:00
|
|
|
|
COSM_TITLE"-token-info",
|
|
|
|
|
|
COSM_TITLE"-puk-file",
|
|
|
|
|
|
COSM_TITLE"-container-list",
|
|
|
|
|
|
COSM_TITLE"-public-list",
|
|
|
|
|
|
COSM_TITLE"-private-list",
|
|
|
|
|
|
NULL
|
2005-08-09 07:53:59 +00:00
|
|
|
|
};
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2010-03-18 12:30:39 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
/* Oberthur AWP file system is expected.*/
|
|
|
|
|
|
/* Create private objects DF */
|
2007-01-02 10:06:02 +00:00
|
|
|
|
for (ii = 0; create_dfs[ii]; ii++) {
|
2005-08-09 07:53:59 +00:00
|
|
|
|
if (sc_profile_get_file(profile, create_dfs[ii], &file)) {
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "Inconsistent profile: cannot find %s", create_dfs[ii]);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INCONSISTENT_PROFILE, "Profile do not contains Oberthur AWP file");
|
2005-08-09 07:53:59 +00:00
|
|
|
|
}
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_create_file(profile, p15card, file);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
sc_file_free(file);
|
2010-01-27 18:07:14 +00:00
|
|
|
|
if (rv != SC_ERROR_FILE_ALREADY_EXISTS)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Failed to create Oberthur AWP file");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_write_tokeninfo(p15card, profile, NULL,
|
2010-10-07 15:12:12 +00:00
|
|
|
|
COSM_TOKEN_FLAG_TOKEN_INITIALIZED | COSM_TOKEN_FLAG_PRN_GENERATION);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2012-04-02 21:40:05 +00:00
|
|
|
|
static int
|
2010-02-21 16:21:57 +00:00
|
|
|
|
cosm_create_reference_data(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2012-04-02 21:40:05 +00:00
|
|
|
|
struct sc_pkcs15_auth_info *ainfo,
|
|
|
|
|
|
const unsigned char *pin, size_t pin_len,
|
2009-11-13 09:45:21 +00:00
|
|
|
|
const unsigned char *puk, size_t puk_len )
|
2004-06-16 20:59:59 +00:00
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
|
|
|
|
|
struct sc_card *card = p15card->card;
|
2011-06-05 15:46:25 +00:00
|
|
|
|
struct sc_pkcs15_auth_info profile_auth_pin, profile_auth_puk;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
struct sc_cardctl_oberthur_createpin_info args;
|
2010-02-02 09:33:29 +00:00
|
|
|
|
int rv;
|
2010-01-27 18:07:14 +00:00
|
|
|
|
unsigned char oberthur_puk[16] = {
|
|
|
|
|
|
0x6F, 0x47, 0xD9, 0x88, 0x4B, 0x6F, 0x9D, 0xC5,
|
|
|
|
|
|
0x78, 0x33, 0x79, 0x8F, 0x5B, 0x7D, 0xE1, 0xA5
|
|
|
|
|
|
};
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx,
|
2017-03-14 19:02:30 +00:00
|
|
|
|
"pin lens %"SC_FORMAT_LEN_SIZE_T"u/%"SC_FORMAT_LEN_SIZE_T"u",
|
|
|
|
|
|
pin_len, puk_len);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
if (!pin || pin_len>0x40)
|
|
|
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
|
|
|
|
|
if (puk && !puk_len)
|
|
|
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (ainfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
|
2012-04-02 21:40:05 +00:00
|
|
|
|
return SC_ERROR_OBJECT_NOT_VALID;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2011-06-05 15:46:25 +00:00
|
|
|
|
rv = sc_select_file(card, &ainfo->path, NULL);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot select file");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2011-06-05 15:46:25 +00:00
|
|
|
|
sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PIN, &profile_auth_pin);
|
|
|
|
|
|
sc_profile_get_pin_info(profile, SC_PKCS15INIT_USER_PUK, &profile_auth_puk);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-01-27 18:07:14 +00:00
|
|
|
|
memset(&args, 0, sizeof(args));
|
2004-06-16 20:59:59 +00:00
|
|
|
|
args.type = SC_AC_CHV;
|
2011-06-05 15:46:25 +00:00
|
|
|
|
args.ref = ainfo->attrs.pin.reference;
|
2004-12-22 09:48:27 +00:00
|
|
|
|
args.pin = pin;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
args.pin_len = pin_len;
|
2010-01-27 18:07:14 +00:00
|
|
|
|
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (!(ainfo->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)) {
|
|
|
|
|
|
args.pin_tries = profile_auth_pin.tries_left;
|
|
|
|
|
|
if (profile_auth_puk.tries_left > 0) {
|
2010-01-27 18:07:14 +00:00
|
|
|
|
args.puk = oberthur_puk;
|
|
|
|
|
|
args.puk_len = sizeof(oberthur_puk);
|
|
|
|
|
|
args.puk_tries = 5;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
else {
|
2011-06-05 15:46:25 +00:00
|
|
|
|
args.pin_tries = profile_auth_puk.tries_left;
|
2010-01-27 18:07:14 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2009-11-13 09:45:21 +00:00
|
|
|
|
rv = sc_card_ctl(card, SC_CARDCTL_OBERTHUR_CREATE_PIN, &args);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "'CREATE_PIN' card specific command failed");
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2012-04-02 21:40:05 +00:00
|
|
|
|
if (!(ainfo->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)
|
2011-06-05 15:46:25 +00:00
|
|
|
|
&& (profile_auth_puk.tries_left > 0)) {
|
2010-01-27 18:07:14 +00:00
|
|
|
|
struct sc_file *file = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
if (sc_profile_get_file(profile, COSM_TITLE"-puk-file", &file))
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INCONSISTENT_PROFILE, "Cannot find PUKFILE");
|
2010-01-27 18:07:14 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_update_file(profile, p15card, file, oberthur_puk, sizeof(oberthur_puk));
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Failed to update pukfile");
|
2010-01-27 18:07:14 +00:00
|
|
|
|
|
2017-01-05 19:21:44 +00:00
|
|
|
|
sc_file_free(file);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
}
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
/*
|
|
|
|
|
|
* Update PIN
|
|
|
|
|
|
*/
|
2012-04-02 21:40:05 +00:00
|
|
|
|
static int
|
2010-02-21 16:21:57 +00:00
|
|
|
|
cosm_update_pin(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2011-06-05 15:46:25 +00:00
|
|
|
|
struct sc_pkcs15_auth_info *ainfo, const unsigned char *pin, size_t pin_len,
|
2009-11-13 09:45:21 +00:00
|
|
|
|
const unsigned char *puk, size_t puk_len )
|
2004-06-16 20:59:59 +00:00
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2010-02-02 09:33:29 +00:00
|
|
|
|
int rv;
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (ainfo->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
|
2012-04-02 21:40:05 +00:00
|
|
|
|
return SC_ERROR_OBJECT_NOT_VALID;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "ref %i; flags 0x%X", ainfo->attrs.pin.reference, ainfo->attrs.pin.flags);
|
2011-06-05 15:46:25 +00:00
|
|
|
|
|
|
|
|
|
|
if (ainfo->attrs.pin.flags & SC_PKCS15_PIN_FLAG_SO_PIN) {
|
|
|
|
|
|
if (ainfo->attrs.pin.reference != 4)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INVALID_PIN_REFERENCE, "cosm_update_pin() invalid SOPIN reference");
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "Update SOPIN ignored");
|
2010-01-27 18:07:14 +00:00
|
|
|
|
rv = SC_SUCCESS;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
else {
|
2011-06-05 15:46:25 +00:00
|
|
|
|
rv = cosm_create_reference_data(profile, p15card, ainfo, pin, pin_len, puk, puk_len);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "cosm_update_pin() failed to change PIN");
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_write_tokeninfo(p15card, profile, NULL,
|
2012-04-02 21:40:05 +00:00
|
|
|
|
COSM_TOKEN_FLAG_TOKEN_INITIALIZED
|
2010-10-07 15:12:12 +00:00
|
|
|
|
| COSM_TOKEN_FLAG_PRN_GENERATION
|
|
|
|
|
|
| COSM_TOKEN_FLAG_LOGIN_REQUIRED
|
|
|
|
|
|
| COSM_TOKEN_FLAG_USER_PIN_INITIALIZED);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "cosm_update_pin() failed to update tokeninfo");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
static int
|
2010-02-21 16:21:57 +00:00
|
|
|
|
cosm_select_pin_reference(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2012-04-02 21:40:05 +00:00
|
|
|
|
struct sc_pkcs15_auth_info *auth_info)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2011-06-05 15:46:25 +00:00
|
|
|
|
struct sc_pkcs15_pin_attributes *pin_attrs;
|
2009-11-13 09:45:21 +00:00
|
|
|
|
struct sc_file *pinfile;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
|
|
|
|
|
|
return SC_ERROR_OBJECT_NOT_VALID;
|
|
|
|
|
|
|
|
|
|
|
|
pin_attrs = &auth_info->attrs.pin;
|
|
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "ref %i; flags %X", pin_attrs->reference, pin_attrs->flags);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
if (sc_profile_get_file(profile, COSM_TITLE "-AppDF", &pinfile) < 0) {
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "Profile doesn't define \"%s\"", COSM_TITLE "-AppDF");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
return SC_ERROR_INCONSISTENT_PROFILE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_LOCAL)
|
|
|
|
|
|
auth_info->path = pinfile->path;
|
2010-01-27 18:07:14 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
sc_file_free(pinfile);
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (pin_attrs->reference <= 0) {
|
2012-04-02 21:40:05 +00:00
|
|
|
|
if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN)
|
2011-06-05 15:46:25 +00:00
|
|
|
|
pin_attrs->reference = 4;
|
|
|
|
|
|
else if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN)
|
2012-04-02 21:40:05 +00:00
|
|
|
|
pin_attrs->reference = 4;
|
|
|
|
|
|
else
|
2011-06-05 15:46:25 +00:00
|
|
|
|
pin_attrs->reference = 1;
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_LOCAL)
|
|
|
|
|
|
pin_attrs->reference |= 0x80;
|
2010-01-27 18:07:14 +00:00
|
|
|
|
}
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
/*
|
|
|
|
|
|
* Store a PIN
|
|
|
|
|
|
*/
|
|
|
|
|
|
static int
|
2012-04-02 21:40:05 +00:00
|
|
|
|
cosm_create_pin(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_file *df, struct sc_pkcs15_object *pin_obj,
|
2004-06-16 20:59:59 +00:00
|
|
|
|
const unsigned char *pin, size_t pin_len,
|
|
|
|
|
|
const unsigned char *puk, size_t puk_len)
|
|
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2011-06-05 15:46:25 +00:00
|
|
|
|
struct sc_pkcs15_auth_info *auth_info = (struct sc_pkcs15_auth_info *) pin_obj->data;
|
|
|
|
|
|
struct sc_pkcs15_pin_attributes *pin_attrs;
|
2010-01-27 18:07:14 +00:00
|
|
|
|
struct sc_file *pin_file;
|
2011-02-05 20:51:02 +00:00
|
|
|
|
int rv = 0;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN)
|
|
|
|
|
|
return SC_ERROR_OBJECT_NOT_VALID;
|
|
|
|
|
|
|
|
|
|
|
|
pin_attrs = &auth_info->attrs.pin;
|
|
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "create '%.*s'; ref 0x%X; flags %X", (int) sizeof pin_obj->label, pin_obj->label, pin_attrs->reference, pin_attrs->flags);
|
2010-01-27 18:07:14 +00:00
|
|
|
|
if (sc_profile_get_file(profile, COSM_TITLE "-AppDF", &pin_file) < 0)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INCONSISTENT_PROFILE, "\""COSM_TITLE"-AppDF\" not defined");
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_LOCAL)
|
|
|
|
|
|
auth_info->path = pin_file->path;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-01-27 18:07:14 +00:00
|
|
|
|
sc_file_free(pin_file);
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {
|
|
|
|
|
|
if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) {
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "SOPIN unblocking is not supported");
|
2010-01-27 18:07:14 +00:00
|
|
|
|
}
|
|
|
|
|
|
else {
|
2012-04-02 21:40:05 +00:00
|
|
|
|
if (pin_attrs->reference != 4)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INVALID_PIN_REFERENCE, "Invalid SOPIN reference");
|
2010-01-27 18:07:14 +00:00
|
|
|
|
}
|
2012-04-02 21:40:05 +00:00
|
|
|
|
}
|
2004-06-16 20:59:59 +00:00
|
|
|
|
else {
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (pin_attrs->flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) {
|
2012-04-02 21:40:05 +00:00
|
|
|
|
if (pin_attrs->reference != 0x84)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INVALID_PIN_REFERENCE, "Invalid User PUK reference");
|
2010-01-27 18:07:14 +00:00
|
|
|
|
}
|
|
|
|
|
|
else {
|
2011-06-05 15:46:25 +00:00
|
|
|
|
if (pin_attrs->reference != 0x81)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INVALID_PIN_REFERENCE, "Invalid User PIN reference");
|
2010-01-27 18:07:14 +00:00
|
|
|
|
}
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (pin && pin_len) {
|
2011-06-05 15:46:25 +00:00
|
|
|
|
rv = cosm_update_pin(profile, p15card, auth_info, pin, pin_len, puk, puk_len);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Update PIN failed");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
2009-11-13 09:45:21 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|
* Allocate a file
|
|
|
|
|
|
*/
|
|
|
|
|
|
static int
|
2009-11-13 09:45:21 +00:00
|
|
|
|
cosm_new_file(struct sc_profile *profile, struct sc_card *card,
|
|
|
|
|
|
unsigned int type, unsigned int num, struct sc_file **out)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
{
|
|
|
|
|
|
struct sc_file *file;
|
2004-12-22 09:48:27 +00:00
|
|
|
|
const char *_template = NULL, *desc = NULL;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
unsigned int structure = 0xFFFFFFFF;
|
|
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(card->ctx, "cosm_new_file() type %X; num %i",type, num);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
while (1) {
|
|
|
|
|
|
switch (type) {
|
|
|
|
|
|
case SC_PKCS15_TYPE_PRKEY_RSA:
|
|
|
|
|
|
case COSM_TYPE_PRKEY_RSA:
|
|
|
|
|
|
desc = "RSA private key";
|
2004-12-15 13:53:36 +00:00
|
|
|
|
_template = "template-private-key";
|
2004-06-16 20:59:59 +00:00
|
|
|
|
structure = SC_CARDCTL_OBERTHUR_KEY_RSA_CRT;
|
|
|
|
|
|
break;
|
|
|
|
|
|
case SC_PKCS15_TYPE_PUBKEY_RSA:
|
|
|
|
|
|
case COSM_TYPE_PUBKEY_RSA:
|
|
|
|
|
|
desc = "RSA public key";
|
2004-12-15 13:53:36 +00:00
|
|
|
|
_template = "template-public-key";
|
2004-06-16 20:59:59 +00:00
|
|
|
|
structure = SC_CARDCTL_OBERTHUR_KEY_RSA_PUBLIC;
|
|
|
|
|
|
break;
|
|
|
|
|
|
case SC_PKCS15_TYPE_PUBKEY_DSA:
|
|
|
|
|
|
desc = "DSA public key";
|
2004-12-15 13:53:36 +00:00
|
|
|
|
_template = "template-public-key";
|
2004-06-16 20:59:59 +00:00
|
|
|
|
break;
|
|
|
|
|
|
case SC_PKCS15_TYPE_CERT:
|
|
|
|
|
|
desc = "certificate";
|
2004-12-15 13:53:36 +00:00
|
|
|
|
_template = "template-certificate";
|
2004-06-16 20:59:59 +00:00
|
|
|
|
break;
|
|
|
|
|
|
case SC_PKCS15_TYPE_DATA_OBJECT:
|
|
|
|
|
|
desc = "data object";
|
2004-12-15 13:53:36 +00:00
|
|
|
|
_template = "template-public-data";
|
2004-06-16 20:59:59 +00:00
|
|
|
|
break;
|
|
|
|
|
|
}
|
2004-12-15 13:53:36 +00:00
|
|
|
|
if (_template)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
break;
|
|
|
|
|
|
/* If this is a specific type such as
|
|
|
|
|
|
* SC_PKCS15_TYPE_CERT_FOOBAR, fall back to
|
|
|
|
|
|
* the generic class (SC_PKCS15_TYPE_CERT)
|
|
|
|
|
|
*/
|
|
|
|
|
|
if (!(type & ~SC_PKCS15_TYPE_CLASS_MASK)) {
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(card->ctx, "File type %X not supported by card driver",
|
2004-06-16 20:59:59 +00:00
|
|
|
|
type);
|
|
|
|
|
|
return SC_ERROR_INVALID_ARGUMENTS;
|
|
|
|
|
|
}
|
|
|
|
|
|
type &= SC_PKCS15_TYPE_CLASS_MASK;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(card->ctx, "cosm_new_file() template %s; num %i",_template, num);
|
2004-12-15 13:53:36 +00:00
|
|
|
|
if (sc_profile_get_file(profile, _template, &file) < 0) {
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(card->ctx, "Profile doesn't define %s template '%s'",
|
2004-12-15 13:53:36 +00:00
|
|
|
|
desc, _template);
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
file->id |= (num & 0xFF);
|
|
|
|
|
|
file->path.value[file->path.len-1] |= (num & 0xFF);
|
|
|
|
|
|
if (file->type == SC_FILE_TYPE_INTERNAL_EF) {
|
|
|
|
|
|
file->ef_structure = structure;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(card->ctx,
|
2017-03-14 19:02:30 +00:00
|
|
|
|
"cosm_new_file() file size %"SC_FORMAT_LEN_SIZE_T"u; ef type %i/%i; id %04X",
|
|
|
|
|
|
file->size, file->type, file->ef_structure, file->id);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
*out = file;
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-01-25 16:42:22 +00:00
|
|
|
|
cosm_get_temporary_public_key_file(struct sc_card *card,
|
|
|
|
|
|
struct sc_file *prvkey_file, struct sc_file **pubkey_file)
|
|
|
|
|
|
{
|
|
|
|
|
|
struct sc_context *ctx = card->ctx;
|
|
|
|
|
|
const struct sc_acl_entry *entry = NULL;
|
|
|
|
|
|
struct sc_file *file = NULL;
|
|
|
|
|
|
int rv;
|
|
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
if (!pubkey_file || !prvkey_file)
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_ARGUMENTS);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
|
|
|
|
|
file = sc_file_new();
|
|
|
|
|
|
if (!file)
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(card->ctx, SC_ERROR_OUT_OF_MEMORY);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
|
|
|
|
|
file->status = SC_FILE_STATUS_ACTIVATED;
|
|
|
|
|
|
file->type = SC_FILE_TYPE_INTERNAL_EF;
|
|
|
|
|
|
file->ef_structure = SC_CARDCTL_OBERTHUR_KEY_RSA_PUBLIC;
|
|
|
|
|
|
file->id = 0x1012;
|
|
|
|
|
|
memcpy(&file->path, &prvkey_file->path, sizeof(file->path));
|
|
|
|
|
|
file->path.value[file->path.len - 2] = 0x10;
|
|
|
|
|
|
file->path.value[file->path.len - 1] = 0x12;
|
|
|
|
|
|
file->size = prvkey_file->size;
|
|
|
|
|
|
|
|
|
|
|
|
entry = sc_file_get_acl_entry(prvkey_file, SC_AC_OP_UPDATE);
|
|
|
|
|
|
rv = sc_file_add_acl_entry(file, SC_AC_OP_UPDATE, entry->method, entry->key_ref);
|
|
|
|
|
|
if (!rv)
|
|
|
|
|
|
rv = sc_file_add_acl_entry(file, SC_AC_OP_PSO_ENCRYPT, SC_AC_NONE, 0);
|
|
|
|
|
|
if (!rv)
|
|
|
|
|
|
rv = sc_file_add_acl_entry(file, SC_AC_OP_PSO_VERIFY_SIGNATURE, SC_AC_NONE, 0);
|
|
|
|
|
|
if (!rv)
|
|
|
|
|
|
rv = sc_file_add_acl_entry(file, SC_AC_OP_EXTERNAL_AUTHENTICATE, SC_AC_NONE, 0);
|
2015-04-29 21:22:29 +00:00
|
|
|
|
if (rv < 0)
|
|
|
|
|
|
sc_file_free(file);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Failed to add ACL entry to the temporary public key file");
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
|
|
|
|
|
*pubkey_file = file;
|
|
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(card->ctx, rv);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-02-21 16:21:57 +00:00
|
|
|
|
cosm_generate_key(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2012-04-02 21:40:05 +00:00
|
|
|
|
struct sc_pkcs15_object *object,
|
2010-01-25 16:42:22 +00:00
|
|
|
|
struct sc_pkcs15_pubkey *pubkey)
|
2004-06-16 20:59:59 +00:00
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
struct sc_pkcs15_prkey_info *key_info = (struct sc_pkcs15_prkey_info *)object->data;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
struct sc_cardctl_oberthur_genkey_info args;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
struct sc_file *prkf = NULL, *tmpf = NULL;
|
2007-01-02 10:06:02 +00:00
|
|
|
|
struct sc_path path;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
int rv = 0;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
|
|
|
|
|
if (object->type != SC_PKCS15_TYPE_PRKEY_RSA)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Generate key failed: RSA only supported");
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
|
|
|
|
|
path = key_info->path;
|
2004-06-16 20:59:59 +00:00
|
|
|
|
path.len -= 2;
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_select_file(p15card->card, &path, &tmpf);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot generate key: failed to select private object DF");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
|
|
|
|
|
rv = sc_pkcs15init_authenticate(profile, p15card, tmpf, SC_AC_OP_CRYPTO);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot generate key: 'CRYPTO' authentication failed");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_authenticate(profile, p15card, tmpf, SC_AC_OP_CREATE);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot generate key: 'CREATE' authentication failed");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2007-01-02 10:06:02 +00:00
|
|
|
|
sc_file_free(tmpf);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_select_file(p15card->card, &key_info->path, &prkf);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Failed to generate key: cannot select private key file");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
/* In the private key DF create the temporary public RSA file. */
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_get_temporary_public_key_file(p15card->card, prkf, &tmpf);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Error while getting temporary public key file");
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_create_file(profile, p15card, tmpf);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "cosm_generate_key() failed to create temporary public key EF");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
memset(&args, 0, sizeof(args));
|
|
|
|
|
|
args.id_prv = prkf->id;
|
|
|
|
|
|
args.id_pub = tmpf->id;
|
|
|
|
|
|
args.exponent = 0x10001;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
args.key_bits = key_info->modulus_length;
|
|
|
|
|
|
args.pubkey_len = key_info->modulus_length / 8;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
|
args.pubkey = malloc(key_info->modulus_length / 8);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
if (!args.pubkey)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "cosm_generate_key() cannot allocate pubkey");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_card_ctl(p15card->card, SC_CARDCTL_OBERTHUR_GENERATE_KEY, &args);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "cosm_generate_key() CARDCTL_OBERTHUR_GENERATE_KEY failed");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2004-06-16 20:59:59 +00:00
|
|
|
|
/* extract public key */
|
|
|
|
|
|
pubkey->algorithm = SC_ALGORITHM_RSA;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
pubkey->u.rsa.modulus.len = key_info->modulus_length / 8;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
|
pubkey->u.rsa.modulus.data = malloc(key_info->modulus_length / 8);
|
2009-11-13 09:45:21 +00:00
|
|
|
|
if (!pubkey->u.rsa.modulus.data)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "cosm_generate_key() cannot allocate modulus buf");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2004-12-15 10:56:45 +00:00
|
|
|
|
/* FIXME and if the exponent length is not 3? */
|
2004-06-16 20:59:59 +00:00
|
|
|
|
pubkey->u.rsa.exponent.len = 3;
|
Do not cast the return value of malloc(3) and calloc(3)
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-18 15:08:51 +00:00
|
|
|
|
pubkey->u.rsa.exponent.data = malloc(3);
|
2012-04-02 21:40:05 +00:00
|
|
|
|
if (!pubkey->u.rsa.exponent.data)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "cosm_generate_key() cannot allocate exponent buf");
|
2004-06-16 20:59:59 +00:00
|
|
|
|
memcpy(pubkey->u.rsa.exponent.data, "\x01\x00\x01", 3);
|
|
|
|
|
|
memcpy(pubkey->u.rsa.modulus.data, args.pubkey, args.pubkey_len);
|
|
|
|
|
|
|
2010-03-01 13:36:02 +00:00
|
|
|
|
key_info->key_reference = prkf->path.value[prkf->path.len - 1] & 0xFF;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
key_info->path = prkf->path;
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "cosm_generate_key() now delete temporary public key");
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_delete_file(p15card, profile, tmpf);
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-01-25 16:42:22 +00:00
|
|
|
|
sc_file_free(tmpf);
|
|
|
|
|
|
sc_file_free(prkf);
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2004-06-16 20:59:59 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2010-01-25 15:11:35 +00:00
|
|
|
|
/*
|
2010-01-25 16:42:22 +00:00
|
|
|
|
* Create private key file
|
2010-01-25 15:11:35 +00:00
|
|
|
|
*/
|
|
|
|
|
|
static int
|
2010-02-21 16:21:57 +00:00
|
|
|
|
cosm_create_key(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2010-01-25 16:42:22 +00:00
|
|
|
|
struct sc_pkcs15_object *object)
|
2010-01-25 15:11:35 +00:00
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
struct sc_pkcs15_prkey_info *key_info = (struct sc_pkcs15_prkey_info *)object->data;
|
|
|
|
|
|
struct sc_file *file = NULL;
|
|
|
|
|
|
int rv = 0;
|
2010-01-25 15:30:33 +00:00
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
if (object->type != SC_PKCS15_TYPE_PRKEY_RSA)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Create key failed: RSA only supported");
|
2010-01-25 15:11:35 +00:00
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "create private key ID:%s", sc_pkcs15_print_id(&key_info->id));
|
2010-01-25 16:42:22 +00:00
|
|
|
|
/* Here, the path of private key file should be defined.
|
2018-04-14 17:38:34 +00:00
|
|
|
|
* Nevertheless, we need to instantiate private key to get the ACLs. */
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_new_file(profile, p15card->card, SC_PKCS15_TYPE_PRKEY_RSA, key_info->key_reference, &file);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot create key: failed to allocate new key object");
|
2010-01-25 15:11:35 +00:00
|
|
|
|
|
2010-01-25 16:42:22 +00:00
|
|
|
|
file->size = key_info->modulus_length;
|
|
|
|
|
|
memcpy(&file->path, &key_info->path, sizeof(file->path));
|
2012-04-02 21:40:05 +00:00
|
|
|
|
file->id = file->path.value[file->path.len - 2] * 0x100
|
2010-01-25 16:42:22 +00:00
|
|
|
|
+ file->path.value[file->path.len - 1];
|
2010-01-25 15:11:35 +00:00
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "Path of private key file to create %s", sc_print_path(&file->path));
|
2010-01-25 15:11:35 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_select_file(p15card->card, &file->path, NULL);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
if (rv == 0) {
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = cosm_delete_file(p15card, profile, file);
|
2018-11-23 07:12:53 +00:00
|
|
|
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_VERBOSE, rv, "Failed to delete private key file");
|
2010-01-25 15:30:33 +00:00
|
|
|
|
}
|
2010-01-25 16:42:22 +00:00
|
|
|
|
else if (rv != SC_ERROR_FILE_NOT_FOUND) {
|
2018-11-23 07:12:53 +00:00
|
|
|
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_VERBOSE, rv, "Select private key file error");
|
2010-01-25 16:42:22 +00:00
|
|
|
|
}
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_create_file(profile, p15card, file);
|
2018-11-23 07:12:53 +00:00
|
|
|
|
SC_TEST_GOTO_ERR(ctx, SC_LOG_DEBUG_VERBOSE, rv, "Failed to create private key file");
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
|
|
|
|
|
key_info->key_reference = file->path.value[file->path.len - 1];
|
|
|
|
|
|
|
2015-04-29 21:22:29 +00:00
|
|
|
|
err:
|
2017-01-05 19:21:44 +00:00
|
|
|
|
sc_file_free(file);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|
* Store a private key
|
|
|
|
|
|
*/
|
|
|
|
|
|
static int
|
2010-02-21 16:21:57 +00:00
|
|
|
|
cosm_store_key(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2012-04-02 21:40:05 +00:00
|
|
|
|
struct sc_pkcs15_object *object,
|
2010-01-25 16:42:22 +00:00
|
|
|
|
struct sc_pkcs15_prkey *prkey)
|
|
|
|
|
|
{
|
2010-02-21 16:21:57 +00:00
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
struct sc_pkcs15_prkey_info *key_info = (struct sc_pkcs15_prkey_info *)object->data;
|
|
|
|
|
|
struct sc_file *file = NULL;
|
|
|
|
|
|
struct sc_cardctl_oberthur_updatekey_info update_info;
|
|
|
|
|
|
int rv = 0;
|
|
|
|
|
|
|
2010-03-15 12:17:13 +00:00
|
|
|
|
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
if (object->type != SC_PKCS15_TYPE_PRKEY_RSA || prkey->algorithm != SC_ALGORITHM_RSA)
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Store key failed: RSA only supported");
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "store key with ID:%s and path:%s", sc_pkcs15_print_id(&key_info->id),
|
2010-01-25 16:42:22 +00:00
|
|
|
|
sc_print_path(&key_info->path));
|
|
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_select_file(p15card->card, &key_info->path, &file);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot store key: select key file failed");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_pkcs15init_authenticate(profile, p15card, file, SC_AC_OP_UPDATE);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "No authorisation to store private key");
|
2010-01-25 16:42:22 +00:00
|
|
|
|
|
|
|
|
|
|
if (key_info->id.len > sizeof(update_info.id))
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS);
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2007-01-02 10:06:02 +00:00
|
|
|
|
memset(&update_info, 0, sizeof(update_info));
|
|
|
|
|
|
update_info.type = SC_CARDCTL_OBERTHUR_KEY_RSA_CRT;
|
2010-01-25 16:42:22 +00:00
|
|
|
|
update_info.data = (void *)&prkey->u.rsa;
|
2007-01-02 10:06:02 +00:00
|
|
|
|
update_info.data_len = sizeof(void *);
|
2010-01-25 16:42:22 +00:00
|
|
|
|
update_info.id_len = key_info->id.len;
|
|
|
|
|
|
memcpy(update_info.id, key_info->id.value, update_info.id_len);
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-02-21 16:21:57 +00:00
|
|
|
|
rv = sc_card_ctl(p15card->card, SC_CARDCTL_OBERTHUR_UPDATE_KEY, &update_info);
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, rv, "Cannot update private key");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2017-01-05 19:21:44 +00:00
|
|
|
|
sc_file_free(file);
|
2007-01-02 10:06:02 +00:00
|
|
|
|
|
2018-11-22 22:10:49 +00:00
|
|
|
|
LOG_FUNC_RETURN(ctx, rv);
|
2007-01-02 10:06:02 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2015-09-17 19:24:10 +00:00
|
|
|
|
#ifdef ENABLE_OPENSSL
|
|
|
|
|
|
static int
|
|
|
|
|
|
cosm_emu_update_dir (struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
|
|
|
|
|
struct sc_app_info *info)
|
|
|
|
|
|
{
|
|
|
|
|
|
SC_FUNC_CALLED(p15card->card->ctx, 1);
|
|
|
|
|
|
/* No DIR file in the native Oberthur card */
|
|
|
|
|
|
SC_FUNC_RETURN(p15card->card->ctx, 1, SC_SUCCESS);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2010-03-18 12:30:39 +00:00
|
|
|
|
static int
|
2010-07-02 13:46:13 +00:00
|
|
|
|
cosm_emu_update_any_df(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2010-03-18 12:30:39 +00:00
|
|
|
|
unsigned op, struct sc_pkcs15_object *object)
|
|
|
|
|
|
{
|
|
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
|
|
|
|
|
int rv = SC_ERROR_NOT_SUPPORTED;
|
|
|
|
|
|
|
|
|
|
|
|
SC_FUNC_CALLED(ctx, 1);
|
|
|
|
|
|
switch(op) {
|
|
|
|
|
|
case SC_AC_OP_ERASE:
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "Update DF; erase object('%.*s',type:%X)", (int) sizeof object->label, object->label, object->type);
|
2010-03-18 12:30:39 +00:00
|
|
|
|
rv = awp_update_df_delete(p15card, profile, object);
|
|
|
|
|
|
break;
|
|
|
|
|
|
case SC_AC_OP_CREATE:
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "Update DF; create object('%.*s',type:%X)", (int) sizeof object->label, object->label, object->type);
|
2010-03-18 12:30:39 +00:00
|
|
|
|
rv = awp_update_df_create(p15card, profile, object);
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
SC_FUNC_RETURN(ctx, 1, rv);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2012-04-02 21:40:05 +00:00
|
|
|
|
static int
|
2010-07-02 13:46:13 +00:00
|
|
|
|
cosm_emu_update_tokeninfo(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
2010-03-18 12:30:39 +00:00
|
|
|
|
struct sc_pkcs15_tokeninfo *tinfo)
|
|
|
|
|
|
{
|
|
|
|
|
|
struct sc_context *ctx = p15card->card->ctx;
|
|
|
|
|
|
struct sc_file *file = NULL;
|
|
|
|
|
|
int rv, flags = 0, label_len;
|
|
|
|
|
|
unsigned char *buf = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
SC_FUNC_CALLED(ctx, 1);
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-03-18 12:30:39 +00:00
|
|
|
|
if (sc_profile_get_file(profile, COSM_TITLE"-token-info", &file))
|
2018-11-23 20:54:14 +00:00
|
|
|
|
LOG_TEST_RET(ctx, SC_ERROR_INCONSISTENT_PROFILE, "cannot find "COSM_TITLE"-token-info");
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-03-18 12:30:39 +00:00
|
|
|
|
buf = calloc(1, file->size);
|
2015-04-29 21:22:29 +00:00
|
|
|
|
if (!buf) {
|
|
|
|
|
|
sc_file_free(file);
|
2011-01-03 09:55:14 +00:00
|
|
|
|
SC_FUNC_RETURN(ctx, 1, SC_ERROR_OUT_OF_MEMORY);
|
2015-04-29 21:22:29 +00:00
|
|
|
|
}
|
2012-04-02 21:40:05 +00:00
|
|
|
|
|
2010-03-18 12:30:39 +00:00
|
|
|
|
label_len = strlen(tinfo->label) > (file->size - 4) ? (file->size - 4) : strlen(tinfo->label);
|
|
|
|
|
|
memcpy(buf, tinfo->label, label_len);
|
|
|
|
|
|
memset(buf + label_len, ' ', file->size - 4 - label_len);
|
|
|
|
|
|
|
2010-10-07 15:12:12 +00:00
|
|
|
|
/* current PKCS#11 flags should be read from the token,
|
|
|
|
|
|
* but for simplicity assume that user-pin is already initialised -- Andre 2010-10-05
|
|
|
|
|
|
*/
|
|
|
|
|
|
flags = COSM_TOKEN_FLAG_TOKEN_INITIALIZED
|
|
|
|
|
|
| COSM_TOKEN_FLAG_USER_PIN_INITIALIZED
|
|
|
|
|
|
| COSM_TOKEN_FLAG_LOGIN_REQUIRED
|
|
|
|
|
|
| COSM_TOKEN_FLAG_PRN_GENERATION;
|
2010-03-18 12:30:39 +00:00
|
|
|
|
|
|
|
|
|
|
memset(buf + file->size - 4, 0, 4);
|
|
|
|
|
|
*(buf + file->size - 1) = flags % 0x100;
|
|
|
|
|
|
*(buf + file->size - 2) = (flags % 0x10000) / 0x100;
|
|
|
|
|
|
|
2018-11-22 08:31:29 +00:00
|
|
|
|
sc_log(ctx, "Update token info (label:'%s',flags:%X,p15card->flags:%X)", buf, flags, p15card->flags);
|
2010-03-18 12:30:39 +00:00
|
|
|
|
rv = sc_pkcs15init_update_file(profile, p15card, file, buf, file->size);
|
|
|
|
|
|
free(buf);
|
2015-04-29 21:22:29 +00:00
|
|
|
|
sc_file_free(file);
|
2010-03-18 12:30:39 +00:00
|
|
|
|
|
|
|
|
|
|
if (rv > 0)
|
|
|
|
|
|
rv = 0;
|
|
|
|
|
|
|
|
|
|
|
|
SC_FUNC_RETURN(ctx, 1, rv);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2010-07-02 13:46:13 +00:00
|
|
|
|
cosm_emu_write_info(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
|
|
|
|
|
|
struct sc_pkcs15_object *pin_obj)
|
2010-03-18 12:30:39 +00:00
|
|
|
|
{
|
|
|
|
|
|
SC_FUNC_CALLED(p15card->card->ctx, 1);
|
|
|
|
|
|
/* No OpenSC Info file in the native Oberthur card */
|
|
|
|
|
|
SC_FUNC_RETURN(p15card->card->ctx, 1, SC_SUCCESS);
|
|
|
|
|
|
}
|
2015-09-17 19:24:10 +00:00
|
|
|
|
#endif
|
2010-03-18 12:30:39 +00:00
|
|
|
|
|
|
|
|
|
|
|
2012-04-02 21:40:05 +00:00
|
|
|
|
static struct sc_pkcs15init_operations
|
2007-01-02 10:06:02 +00:00
|
|
|
|
sc_pkcs15init_oberthur_operations = {
|
2005-08-14 22:33:43 +00:00
|
|
|
|
cosm_erase_card,
|
2010-01-25 16:42:22 +00:00
|
|
|
|
NULL, /* init_card */
|
2010-01-27 18:07:14 +00:00
|
|
|
|
cosm_create_dir, /* create_dir */
|
2010-01-25 16:42:22 +00:00
|
|
|
|
NULL, /* create_domain */
|
2005-08-14 22:33:43 +00:00
|
|
|
|
cosm_select_pin_reference,
|
|
|
|
|
|
cosm_create_pin,
|
2010-01-25 16:42:22 +00:00
|
|
|
|
NULL, /* select_key_reference */
|
|
|
|
|
|
cosm_create_key, /* create_key */
|
|
|
|
|
|
cosm_store_key, /* store_key */
|
|
|
|
|
|
cosm_generate_key, /* generate_key */
|
2012-04-02 21:40:05 +00:00
|
|
|
|
NULL,
|
2010-01-25 16:42:22 +00:00
|
|
|
|
NULL, /* encode private/public key */
|
|
|
|
|
|
NULL, /* finalize_card */
|
2010-03-18 12:30:39 +00:00
|
|
|
|
NULL, /* delete_object */
|
|
|
|
|
|
#ifdef ENABLE_OPENSSL
|
|
|
|
|
|
cosm_emu_update_dir,
|
|
|
|
|
|
cosm_emu_update_any_df,
|
|
|
|
|
|
cosm_emu_update_tokeninfo,
|
2010-12-16 01:47:03 +00:00
|
|
|
|
cosm_emu_write_info,
|
2010-12-30 12:50:35 +00:00
|
|
|
|
NULL,
|
2010-12-16 01:47:03 +00:00
|
|
|
|
NULL
|
2010-03-18 12:30:39 +00:00
|
|
|
|
#else
|
2010-12-30 12:50:35 +00:00
|
|
|
|
NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
|
NULL
|
2010-03-18 12:30:39 +00:00
|
|
|
|
#endif
|
2005-08-10 21:31:18 +00:00
|
|
|
|
};
|
2004-06-16 20:59:59 +00:00
|
|
|
|
|
|
|
|
|
|
struct sc_pkcs15init_operations *
|
|
|
|
|
|
sc_pkcs15init_get_oberthur_ops(void)
|
2012-04-02 21:40:05 +00:00
|
|
|
|
{
|
2005-08-10 21:31:18 +00:00
|
|
|
|
return &sc_pkcs15init_oberthur_operations;
|
2004-12-15 14:47:31 +00:00
|
|
|
|
}
|
