From 00044617342bd1937878a18dc532a9e565f3d296 Mon Sep 17 00:00:00 2001 From: "viktor.tarasov" Date: Sun, 18 Apr 2010 14:51:44 +0000 Subject: [PATCH] oberthur: add in emulator and create in pkcs15init the private data object git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4253 c6295689-39f2-0310-b995-f0e70906c6a9 --- src/libopensc/pkcs15-oberthur.c | 43 +++++++++++++++++++++------- src/pkcs15init/oberthur.profile | 4 +-- src/pkcs15init/pkcs15-oberthur-awp.c | 28 +++++++++++------- src/pkcs15init/pkcs15-oberthur.h | 1 + 4 files changed, 53 insertions(+), 23 deletions(-) diff --git a/src/libopensc/pkcs15-oberthur.c b/src/libopensc/pkcs15-oberthur.c index aa4b9cab..ed4d2b1d 100644 --- a/src/libopensc/pkcs15-oberthur.c +++ b/src/libopensc/pkcs15-oberthur.c @@ -487,7 +487,7 @@ sc_oberthur_parse_privateinfo (struct sc_pkcs15_card *p15card, struct sc_context *ctx = p15card->card->ctx; size_t ii; int rv; - int no_more_private_keys = 0; + int no_more_private_keys = 0, no_more_private_data = 0; SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); @@ -499,7 +499,7 @@ sc_oberthur_parse_privateinfo (struct sc_pkcs15_card *p15card, file_id = 0x100 * *(buff+ii + 1) + *(buff+ii + 2); size = 0x100 * *(buff+ii + 3) + *(buff+ii + 4); - sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "add private object (file-id:%04X,size:%X)", file_id, size); + sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "add private object (file-id:%04X, size:%X)", file_id, size); switch (*(buff+ii + 1)) { case BASE_ID_PRV_RSA : @@ -524,6 +524,24 @@ sc_oberthur_parse_privateinfo (struct sc_pkcs15_card *p15card, case BASE_ID_PRV_DES : break; case BASE_ID_PRV_DATA : + sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "*(buff+ii + 1):%X", *(buff+ii + 1)); + if (no_more_private_data) + break; + + /* There are private data objects, so set LOGIN_REQUIRED flag */ + p15card->flags |= SC_PKCS15_CARD_FLAG_LOGIN_REQUIRED; + + rv = sc_pkcs15emu_oberthur_add_data(p15card, file_id, size, 1); + if (rv == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED && postpone_allowed) { + struct sc_path path; + + sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "postpone adding of the private data"); + sc_format_path("5011A6A6", &path); + rv = sc_pkcs15_add_df(p15card, SC_PKCS15_DODF, &path, NULL); + SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Add DODF error"); + no_more_private_data = 1; + } + SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Cannot parse private data info"); break; default: SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_UNKNOWN_DATA_RECEIVED, "Private object parse error"); @@ -830,8 +848,7 @@ sc_pkcs15emu_oberthur_add_data(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object dobj; unsigned flags; unsigned char *info_blob = NULL, *label = NULL, *app = NULL, *oid = NULL; - size_t info_len, label_len, app_len, oid_len; - size_t offs; + size_t info_len, label_len, app_len, oid_len, offs; char ch_tmp[0x100]; int rv; @@ -840,10 +857,7 @@ sc_pkcs15emu_oberthur_add_data(struct sc_pkcs15_card *p15card, memset(&dinfo, 0, sizeof(dinfo)); memset(&dobj, 0, sizeof(dobj)); - if (private) - SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_NOT_SUPPORTED, "Failed to add data: 'private' attribut not supported"); - else - snprintf(ch_tmp, sizeof(ch_tmp), "%s%04X", AWP_OBJECTS_DF_PUB, file_id | 0x100); + snprintf(ch_tmp, sizeof(ch_tmp), "%s%04X", private ? AWP_OBJECTS_DF_PRV : AWP_OBJECTS_DF_PUB, file_id | 0x100); rv = sc_oberthur_read_file(p15card, ch_tmp, &info_blob, &info_len, 1); SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "Failed to add data: read oberthur file error"); @@ -883,7 +897,8 @@ sc_pkcs15emu_oberthur_add_data(struct sc_pkcs15_card *p15card, oid_len -= 2; } - snprintf(ch_tmp, sizeof(ch_tmp), "%s%04X", AWP_OBJECTS_DF_PUB, file_id); + snprintf(ch_tmp, sizeof(ch_tmp), "%s%04X", private ? AWP_OBJECTS_DF_PRV : AWP_OBJECTS_DF_PUB, file_id); + sc_format_path(ch_tmp, &dinfo.path); memcpy(dobj.label, label, label_len); @@ -894,6 +909,14 @@ sc_pkcs15emu_oberthur_add_data(struct sc_pkcs15_card *p15card, if (flags & OBERTHUR_ATTR_MODIFIABLE) dobj.flags |= SC_PKCS15_CO_FLAG_MODIFIABLE; + if (private) { + dobj.auth_id.len = sizeof(PinDomainID) > sizeof(dobj.auth_id.value) + ? sizeof(dobj.auth_id.value) : sizeof(PinDomainID); + memcpy(dobj.auth_id.value, PinDomainID, dobj.auth_id.len); + + dobj.flags |= SC_PKCS15_CO_FLAG_PRIVATE; + } + rv = sc_pkcs15emu_add_data_object(p15card, &dobj, &dinfo); SC_FUNC_RETURN(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, rv); @@ -1061,7 +1084,7 @@ sc_awp_parse_df(struct sc_pkcs15_card *p15card, struct sc_pkcs15_df *df) int rv; SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE); - if (df->type != SC_PKCS15_PRKDF) + if (df->type != SC_PKCS15_PRKDF && df->type != SC_PKCS15_DODF) SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_NOT_SUPPORTED); if (df->enumerated) diff --git a/src/pkcs15init/oberthur.profile b/src/pkcs15init/oberthur.profile index f193d858..12d79b12 100644 --- a/src/pkcs15init/oberthur.profile +++ b/src/pkcs15init/oberthur.profile @@ -89,10 +89,10 @@ filesystem { } # Private data - EF OberthurAWP-private-data-info { + EF OberthurAWP-privdata-info { ACL = WRITE=CHV1, UPDATE=CHV1, READ=CHV1; } - EF template-private-data { + EF template-privdata { file-id = 6000; ACL = WRITE=CHV1, UPDATE=CHV1, READ=CHV1; } diff --git a/src/pkcs15init/pkcs15-oberthur-awp.c b/src/pkcs15init/pkcs15-oberthur-awp.c index eee70364..93612490 100644 --- a/src/pkcs15init/pkcs15-oberthur-awp.c +++ b/src/pkcs15init/pkcs15-oberthur-awp.c @@ -82,6 +82,7 @@ awp_get_commonName(X509 *x) return ret; } + static int awp_new_file(struct sc_pkcs15_card *p15card, struct sc_profile *profile, unsigned int type, unsigned int num, @@ -117,6 +118,11 @@ awp_new_file(struct sc_pkcs15_card *p15card, struct sc_profile *profile, itag = "data-info"; otag = "template-data"; break; + case COSM_TYPE_PRIVDATA_OBJECT: + desc = "Oberthur AWP private data object info"; + itag = "privdata-info"; + otag = "template-privdata"; + break; case SC_PKCS15_TYPE_AUTH_PIN: case COSM_TOKENINFO : desc = "Oberthur AWP token info"; @@ -741,25 +747,25 @@ awp_update_object_list(struct sc_pkcs15_card *p15card, struct sc_profile *profil switch (type) { case SC_PKCS15_TYPE_CERT_X509: snprintf(obj_name, NAME_MAX_LEN, "template-certificate"); - snprintf(lst_name, NAME_MAX_LEN,"%s-public-list", - COSM_TITLE); + snprintf(lst_name, NAME_MAX_LEN,"%s-public-list", COSM_TITLE); break; case SC_PKCS15_TYPE_PUBKEY_RSA: case COSM_TYPE_PUBKEY_RSA: snprintf(obj_name, NAME_MAX_LEN, "template-public-key"); - snprintf(lst_name, NAME_MAX_LEN,"%s-public-list", - COSM_TITLE); + snprintf(lst_name, NAME_MAX_LEN,"%s-public-list", COSM_TITLE); break; case SC_PKCS15_TYPE_DATA_OBJECT: snprintf(obj_name, NAME_MAX_LEN, "template-data"); - snprintf(lst_name, NAME_MAX_LEN,"%s-public-list", - COSM_TITLE); + snprintf(lst_name, NAME_MAX_LEN,"%s-public-list", COSM_TITLE); + break; + case COSM_TYPE_PRIVDATA_OBJECT: + snprintf(obj_name, NAME_MAX_LEN, "template-privdata"); + snprintf(lst_name, NAME_MAX_LEN,"%s-private-list", COSM_TITLE); break; case SC_PKCS15_TYPE_PRKEY_RSA: case COSM_TYPE_PRKEY_RSA: snprintf(obj_name, NAME_MAX_LEN,"template-private-key"); - snprintf(lst_name, NAME_MAX_LEN,"%s-private-list", - COSM_TITLE); + snprintf(lst_name, NAME_MAX_LEN,"%s-private-list", COSM_TITLE); break; default: sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Not supported file type %X", type); @@ -1633,7 +1639,7 @@ awp_update_df_create_data(struct sc_pkcs15_card *p15card, struct sc_profile *pro struct awp_data_info idata; struct sc_pkcs15_der der; struct sc_path path; - unsigned obj_id; + unsigned obj_id, obj_type = obj->auth_id.len ? COSM_TYPE_PRIVDATA_OBJECT : SC_PKCS15_TYPE_DATA_OBJECT; int rv; SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_NORMAL); @@ -1642,7 +1648,7 @@ awp_update_df_create_data(struct sc_pkcs15_card *p15card, struct sc_profile *pro path = ((struct sc_pkcs15_data_info *)obj->data)->path; obj_id = (path.value[path.len-1] & 0xFF) + (path.value[path.len-2] & 0xFF) * 0x100; - rv = awp_new_file(p15card, profile, obj->type, obj_id & 0xFF, &info_file, &obj_file); + rv = awp_new_file(p15card, profile, obj_type, obj_id & 0xFF, &info_file, &obj_file); SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "COSM new file error"); memset(&idata, 0, sizeof(idata)); @@ -1653,7 +1659,7 @@ awp_update_df_create_data(struct sc_pkcs15_card *p15card, struct sc_profile *pro rv = awp_set_data_info(p15card, profile, info_file, &idata); SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Data' update DF failed: cannot set info"); - rv = awp_update_object_list(p15card, profile, obj->type, obj_id & 0xFF); + rv = awp_update_object_list(p15card, profile, obj_type, obj_id & 0xFF); SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "'Create Data' update DF failed: cannot update list"); awp_free_data_info(&idata); diff --git a/src/pkcs15init/pkcs15-oberthur.h b/src/pkcs15init/pkcs15-oberthur.h index c41c8605..59553725 100644 --- a/src/pkcs15init/pkcs15-oberthur.h +++ b/src/pkcs15init/pkcs15-oberthur.h @@ -33,6 +33,7 @@ #define COSM_TOKENINFO (SC_DEVICE_SPECIFIC_TYPE | 0x05) #define COSM_TYPE_PRKEY_RSA (SC_DEVICE_SPECIFIC_TYPE | SC_PKCS15_TYPE_PRKEY_RSA) #define COSM_TYPE_PUBKEY_RSA (SC_DEVICE_SPECIFIC_TYPE | SC_PKCS15_TYPE_PUBKEY_RSA) +#define COSM_TYPE_PRIVDATA_OBJECT (SC_DEVICE_SPECIFIC_TYPE | 0x06) #define COSM_TITLE "OberthurAWP"