giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix #325 add SC_PKCS15_PRKEY_USAGE_ENCRYPT and SC_PKCS15_PRKEY_USAGE_DECRYPT 

to PIV KEY Management keys and certificates, includeing the Retired keys. 
This applies to 0.12.0 and needs to be in 0.12.1


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5189 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
dengert 2011-02-08 15:49:35 +00:00
parent 98aa4cb571
commit 025da6d0f5
1 changed files with 42 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
src/libopensc/pkcs15-piv.c
View File

@ -277,7 +277,7 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
"9C06", 0x9C, "1", 0, "PIV_9C_KEY"},
{ "3", "KEY MAN pubkey",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT| SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"9D06", 0x9D, "1", 0, "PIV_9D_KEY"},
{ "4", "CARD AUTH pubkey",
@ -287,83 +287,83 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
"9E06", 0x9E, "0", 0, "PIV_9E_KEY"}, /* no pin, and avail in contactless */
{ "5", "Retired KEY MAN 1",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8206", 0x82, "1", 0, NULL},
{ "6", "Retired KEY MAN 2",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8306", 0x83, "1", 0, NULL},
{ "7", "Retired KEY MAN 3",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8406", 0x84, "1", 0, NULL},
{ "8", "Retired KEY MAN 4",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8506", 0x85, "1", 0, NULL},
{ "9", "Retired KEY MAN 5",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8606", 0x86, "1", 0, NULL},
{ "10", "Retired KEY MAN 6",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8706", 0x87, "1", 0, NULL},
{ "11", "Retired KEY MAN 7",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8806", 0x88, "1", 0, NULL},
{ "12", "Retired KEY MAN 8",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8906", 0x89, "1", 0, NULL},
{ "13", "Retired KEY MAN 9",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8A06", 0x8A, "1", 0, NULL},
{ "14", "Retired KEY MAN 10",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8B06", 0x8B, "1", 0, NULL},
{ "15", "Retired KEY MAN 11",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8C06", 0x8C, "1", 0, NULL},
{ "16", "Retired KEY MAN 12",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8D06", 0x8D, "1", 0, NULL},
{ "17", "Retired KEY MAN 13",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8E06", 0x8E, "1", 0, NULL},
{ "18", "Retired KEY MAN 14",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"8F06", 0x8F, "1", 0, NULL},
{ "19", "Retired KEY MAN 15",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"9006", 0x90, "1", 0, NULL},
{ "20", "Retired KEY MAN 16",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"9106", 0x91, "1", 0, NULL},
{ "21", "Retired KEY MAN 17",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"9206", 0x92, "1", 0, NULL},
{ "22", "Retired KEY MAN 18",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"9306", 0x93, "1", 0, NULL},
{ "23", "Retired KEY MAN 19",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"9406", 0x94, "1", 0, NULL},
{ "24", "Retired KEY MAN 20",
/*RSA*/SC_PKCS15_PRKEY_USAGE_WRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"9506", 0x95, "1", 0, NULL} };
@ -388,7 +388,7 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
"", 0x9C, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "3", "KEY MAN key",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x9D, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "4", "CARD AUTH key",
@ -397,83 +397,83 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
/*EC*/SC_PKCS15_PRKEY_USAGE_SIGN,
"", 0x9E, NULL, 0, 0}, /* no PIN needed, works with wireless */
{ "5", "Retired KEY MAN 1",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x82, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "6", "Retired KEY MAN 2",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x83, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "7", "Retired KEY MAN 3",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x84, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "8", "Retired KEY MAN 4",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x85, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "9", "Retired KEY MAN 5",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x86, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "10", "Retired KEY MAN 6",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x87, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "11", "Retired KEY MAN 7",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x88, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "12", "Retired KEY MAN 8",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x89, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "13", "Retired KEY MAN 9",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x8A, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "14", "Retired KEY MAN 10",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x8B, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "15", "Retired KEY MAN 11",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x8C, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "16", "Retired KEY MAN 12",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x8D, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "17", "Retired KEY MAN 13",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x8E, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "18", "Retired KEY MAN 14",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x8F, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "19", "Retired KEY MAN 15",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x90, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "20", "Retired KEY MAN 16",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x91, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "21", "Retired KEY MAN 17",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x92, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "22", "Retired KEY MAN 18",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x93, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "23", "Retired KEY MAN 19",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x94, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
{ "24", "Retired KEY MAN 20",
/*RSA*/SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
"", 0x95, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1}
};