'AuthentIC': basic support of Oberthur's 'COSMO.v7/AuthentIC.v3.2' ...
it's the natively PKCS#15 card git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5006 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
8b270205cc
commit
1a58c429cb
|
@ -9,7 +9,7 @@ noinst_HEADERS = cards.h ctbcs.h internal.h esteid.h muscle.h muscle-filesystem.
|
|||
internal-winscard.h p15card-helper.h \
|
||||
opensc.h pkcs15.h \
|
||||
cardctl.h asn1.h log.h \
|
||||
errors.h types.h compression.h itacns.h
|
||||
errors.h types.h compression.h itacns.h iso7816.h authentic.h
|
||||
|
||||
AM_CPPFLAGS = -DOPENSC_CONF_PATH=\"$(sysconfdir)/opensc.conf\"
|
||||
AM_CFLAGS = $(OPTIONAL_OPENSSL_CFLAGS) $(OPTIONAL_OPENCT_CFLAGS) \
|
||||
|
@ -37,7 +37,7 @@ libopensc_la_SOURCES = \
|
|||
card-incrypto34.c card-piv.c card-muscle.c card-acos5.c \
|
||||
card-asepcos.c card-akis.c card-gemsafeV1.c card-rutoken.c \
|
||||
card-rtecp.c card-westcos.c card-myeid.c card-ias.c \
|
||||
card-javacard.c card-itacns.c \
|
||||
card-javacard.c card-itacns.c card-authentic.c \
|
||||
\
|
||||
pkcs15-openpgp.c pkcs15-infocamere.c pkcs15-starcert.c \
|
||||
pkcs15-tcos.c pkcs15-esteid.c pkcs15-postecert.c pkcs15-gemsafeGPK.c \
|
||||
|
|
|
@ -21,7 +21,7 @@ OBJECTS = \
|
|||
card-incrypto34.obj card-piv.obj card-muscle.obj card-acos5.obj \
|
||||
card-asepcos.obj card-akis.obj card-gemsafeV1.obj card-rutoken.obj \
|
||||
card-rtecp.obj card-westcos.obj card-myeid.obj card-ias.obj \
|
||||
card-javacard.obj card-itacns.obj \
|
||||
card-javacard.obj card-itacns.obj card-authentic.obj \
|
||||
\
|
||||
pkcs15-openpgp.obj pkcs15-infocamere.obj pkcs15-starcert.obj \
|
||||
pkcs15-tcos.obj pkcs15-esteid.obj pkcs15-postecert.obj pkcs15-gemsafeGPK.obj \
|
||||
|
|
|
@ -0,0 +1,181 @@
|
|||
/*
|
||||
* authentic.h: Specific definitions for the Oberthur's card
|
||||
* 'COSMO v7' with applet 'AuthentIC v3'
|
||||
*
|
||||
* Copyright (C) 2010 Viktor Tarasov <vtarasov@opentrust.com>
|
||||
* OpenTrust <www.opentrust.com>
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU Lesser General Public
|
||||
* License as published by the Free Software Foundation; either
|
||||
* version 2.1 of the License, or (at your option) any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this library; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
*/
|
||||
|
||||
#ifndef _OPENSC_AUTHENTIC_V3_H
|
||||
#define _OPENSC_AUTHENTIC_V3_H
|
||||
|
||||
#include "errors.h"
|
||||
#include "types.h"
|
||||
#include "iso7816.h"
|
||||
|
||||
#define LOGN_FUNC_CALLED(ctx) SC_FUNC_CALLED((ctx), SC_LOG_DEBUG_NORMAL)
|
||||
#define LOGN_FUNC_RETURN(ctx, r) SC_FUNC_RETURN((ctx), SC_LOG_DEBUG_NORMAL, (r))
|
||||
#define LOGN_TEST_RET(ctx, r, text) SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, r, text)
|
||||
|
||||
#define AUTHENTIC_V3_TITLE "AuthentIC.v3"
|
||||
|
||||
#define PAN_ISO7812_SN_TAG 0x5A
|
||||
#define PAN_ISO7812_LENGTH 0x0C
|
||||
|
||||
#ifndef CKM_RSA_PKCS
|
||||
#define CKM_RSA_PKCS 0x00000001
|
||||
#define CKM_SHA1_RSA_PKCS 0x00000006
|
||||
#define CKM_SHA256_RSA_PKCS 0x00000040
|
||||
#define CKM_SHA_1 0x00000220
|
||||
#define CKM_SHA256 0x00000250
|
||||
#endif
|
||||
|
||||
#define AUTHENTIC_V3_CREDENTIAL_ID_MASK 7
|
||||
|
||||
#define AUTHENTIC_V3_CRYPTO_OBJECT_REF_MIN 0x81
|
||||
#define AUTHENTIC_V3_CRYPTO_OBJECT_REF_MAX 0xFF
|
||||
|
||||
#define _MAKE_AUTHENTIC_MAGIC(a, b, c, d) (((a) << 24) | ((b) << 16) | ((c) << 8) | ((d)))
|
||||
|
||||
#define AUTHENTIC_SDO_MAGIC _MAKE_AUTHENTIC_MAGIC('A', 'W', 'S', 'D')
|
||||
#define AUTHENTIC_SDO_MAGIC_UPDATE _MAKE_AUTHENTIC_MAGIC('A', 'W', 'U', 'D')
|
||||
#define AUTHENTIC_SDO_MAGIC_UPDATE_RSA _MAKE_AUTHENTIC_MAGIC('A', 'W', 'U', 'R')
|
||||
|
||||
#define AUTHENTIC_OBJECT_REF_FLAG_LOCAL 0x80
|
||||
|
||||
#define AUTHENTIC_MECH_CREDENTIAL_PIN 0x00
|
||||
#define AUTHENTIC_MECH_CREDENTIAL_BIO 0x01
|
||||
#define AUTHENTIC_MECH_CREDENTIAL_DES 0x02
|
||||
#define AUTHENTIC_MECH_CREDENTIAL_2DES 0x03
|
||||
#define AUTHENTIC_MECH_CREDENTIAL_3DES 0x04
|
||||
#define AUTHENTIC_MECH_CREDENTIAL_AES128 0x05
|
||||
#define AUTHENTIC_MECH_CREDENTIAL_AES192 0x06
|
||||
#define AUTHENTIC_MECH_CREDENTIAL_AES256 0x07
|
||||
|
||||
#define AUTHENTIC_MECH_CRYPTO_DES 0x02
|
||||
#define AUTHENTIC_MECH_CRYPTO_2DES 0x03
|
||||
#define AUTHENTIC_MECH_CRYPTO_3DES 0x04
|
||||
#define AUTHENTIC_MECH_CRYPTO_AES128 0x05
|
||||
#define AUTHENTIC_MECH_CRYPTO_AES192 0x06
|
||||
#define AUTHENTIC_MECH_CRYPTO_AES256 0x07
|
||||
#define AUTHENTIC_MECH_CRYPTO_RSA1024 0x08
|
||||
#define AUTHENTIC_MECH_CRYPTO_RSA1280 0x09
|
||||
#define AUTHENTIC_MECH_CRYPTO_RSA1536 0x0A
|
||||
#define AUTHENTIC_MECH_CRYPTO_RSA1792 0x0B
|
||||
#define AUTHENTIC_MECH_CRYPTO_RSA2048 0x0C
|
||||
|
||||
#define AUTHENTIC_TAG_DOCP 0xA1
|
||||
#define AUTHENTIC_TAG_DOCP_MECH 0x80
|
||||
#define AUTHENTIC_TAG_DOCP_ID 0x83
|
||||
#define AUTHENTIC_TAG_DOCP_ACLS 0x86
|
||||
#define AUTHENTIC_TAG_DOCP_SCP 0x87
|
||||
#define AUTHENTIC_TAG_DOCP_USAGE_COUNTER 0x90
|
||||
|
||||
#define AUTHENTIC_TAG_RSA 0xA5
|
||||
|
||||
#define AUTHENTIC_TAG_RSA_PRIVATE 0x7F48
|
||||
#define AUTHENTIC_TAG_RSA_PRIVATE_P 0x92
|
||||
#define AUTHENTIC_TAG_RSA_PRIVATE_Q 0x93
|
||||
#define AUTHENTIC_TAG_RSA_PRIVATE_PQ 0x94
|
||||
#define AUTHENTIC_TAG_RSA_PRIVATE_DP1 0x95
|
||||
#define AUTHENTIC_TAG_RSA_PRIVATE_DQ1 0x96
|
||||
|
||||
#define AUTHENTIC_TAG_RSA_PUBLIC 0x7F49
|
||||
#define AUTHENTIC_TAG_RSA_PUBLIC_MODULUS 0x81
|
||||
#define AUTHENTIC_TAG_RSA_PUBLIC_EXPONENT 0x82
|
||||
|
||||
#define AUTHENTIC_TAG_RSA_GENERATE_DATA 0xAC
|
||||
|
||||
#define AUTHENTIC_TAG_CREDENTIAL 0x5F00
|
||||
#define AUTHENTIC_TAG_CREDENTIAL_TRYLIMIT 0x91
|
||||
#define AUTHENTIC_TAG_CREDENTIAL_PINPOLICY 0xA1
|
||||
#define AUTHENTIC_TAG_CREDENTIAL_PINPOLICY_MAXLENGTH 0x83
|
||||
#define AUTHENTIC_TAG_CREDENTIAL_PINPOLICY_MINLENGTH 0x84
|
||||
#define AUTHENTIC_TAG_CREDENTIAL_PINPOLICY_COMPLEXITY 0x85
|
||||
|
||||
#define AUTHENTIC_ALGORITHM_RSA_PKCS1 0x11
|
||||
#define AUTHENTIC_ALGORITHM_RSA_X509 0x12
|
||||
#define AUTHENTIC_ALGORITHM_RSA_OAEP 0x13
|
||||
#define AUTHENTIC_ALGORITHM_RSA_ISO9796 0x14
|
||||
|
||||
#define AUTHENTIC_TAG_CRT_AT 0xA4
|
||||
#define AUTHENTIC_TAG_CRT_HT 0xAA
|
||||
#define AUTHENTIC_TAG_CRT_CCT 0xB4
|
||||
#define AUTHENTIC_TAG_CRT_DST 0xB6
|
||||
#define AUTHENTIC_TAG_CRT_CT 0xB8
|
||||
|
||||
#define AUTHENTIC_ACL_NUM_PIN_VERIFY 0
|
||||
#define AUTHENTIC_ACL_NUM_PIN_RESET 1
|
||||
#define AUTHENTIC_ACL_NUM_PIN_CHANGE 2
|
||||
#define AUTHENTIC_ACL_NUM_PIN_MODIFY 3
|
||||
#define AUTHENTIC_ACL_NUM_PIN_DELETE 4
|
||||
|
||||
/* SM related macros */
|
||||
#define AUTHENTIC_AC_SM_MASK 0x60
|
||||
|
||||
#define AUTHENTIC_GP_SM_LEVEL_MASK 0x6000
|
||||
#define AUTHENTIC_GP_SM_LEVEL_PLAIN 0x2000
|
||||
#define AUTHENTIC_GP_SM_LEVEL_MAC 0x4000
|
||||
#define AUTHENTIC_GP_SM_LEVEL_ENC_MAC 0x6000
|
||||
|
||||
struct sc_authentic_tlv {
|
||||
unsigned tag;
|
||||
size_t size;
|
||||
unsigned char *value;
|
||||
};
|
||||
|
||||
struct sc_authentic_sdo_docp {
|
||||
unsigned char mech, id, security_parameter;
|
||||
unsigned char velocity_limit, try_limit;
|
||||
|
||||
unsigned char acl_data[16];
|
||||
size_t acl_data_len;
|
||||
|
||||
unsigned char usage_counter[2];
|
||||
};
|
||||
|
||||
struct sc_authentic_sdo {
|
||||
unsigned char sdo_class;
|
||||
unsigned char sdo_ref;
|
||||
|
||||
unsigned int usage;
|
||||
|
||||
struct sc_authentic_sdo_docp docp;
|
||||
|
||||
union {
|
||||
struct sc_pkcs15_prkey *prvkey;
|
||||
} data;
|
||||
|
||||
struct sc_file *file;
|
||||
|
||||
unsigned magic;
|
||||
};
|
||||
|
||||
#define SC_MAX_AUTHENTIC_CPLC 45
|
||||
struct sc_authentic_cplc {
|
||||
unsigned char ic_data[4];
|
||||
unsigned char ic_serial[4];
|
||||
unsigned char ic_batch[4];
|
||||
unsigned char aid_last_bytes[2];
|
||||
unsigned char keyset_version;
|
||||
unsigned char starting_index;
|
||||
|
||||
unsigned char value[SC_MAX_AUTHENTIC_CPLC];
|
||||
size_t len;
|
||||
};
|
||||
|
||||
#endif
|
File diff suppressed because it is too large
Load Diff
|
@ -204,6 +204,15 @@ enum {
|
|||
SC_CARDCTL_PIV_GENERATE_KEY,
|
||||
SC_CARDCTL_PIV_PIN_PREFERENCE,
|
||||
SC_CARDCTL_PIV_OBJECT_PRESENT,
|
||||
|
||||
/*
|
||||
* AuthentIC v3
|
||||
*/
|
||||
SC_CARDCTL_AUTHENTIC_BASE = _CTL_PREFIX('A','V','3'),
|
||||
SC_CARDCTL_AUTHENTIC_SDO_CREATE,
|
||||
SC_CARDCTL_AUTHENTIC_SDO_DELETE,
|
||||
SC_CARDCTL_AUTHENTIC_SDO_STORE,
|
||||
SC_CARDCTL_AUTHENTIC_SDO_GENERATE,
|
||||
};
|
||||
|
||||
enum {
|
||||
|
|
|
@ -113,6 +113,8 @@ enum {
|
|||
SC_CARD_TYPE_OBERTHUR_32K,
|
||||
SC_CARD_TYPE_OBERTHUR_32K_BIO,
|
||||
SC_CARD_TYPE_OBERTHUR_64K,
|
||||
/* Oberthur 'COSMO v7' with applet 'AuthentIC v3.2' */
|
||||
SC_CARD_TYPE_OBERTHUR_AUTHENTIC_3_2 = 11100,
|
||||
|
||||
/* belpic driver */
|
||||
SC_CARD_TYPE_BELPIC_BASE = 12000,
|
||||
|
@ -209,6 +211,7 @@ extern sc_card_driver_t *sc_get_myeid_driver(void);
|
|||
extern sc_card_driver_t *sc_get_ias_driver(void);
|
||||
extern sc_card_driver_t *sc_get_javacard_driver(void);
|
||||
extern sc_card_driver_t *sc_get_itacns_driver(void);
|
||||
extern sc_card_driver_t *sc_get_authentic_driver();
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -66,6 +66,7 @@ static const struct _sc_driver_entry internal_card_drivers[] = {
|
|||
{ "jcop", (void *(*)(void)) sc_get_jcop_driver },
|
||||
#ifdef ENABLE_OPENSSL
|
||||
{ "oberthur", (void *(*)(void)) sc_get_oberthur_driver },
|
||||
{ "authentic", (void *(*)(void)) sc_get_authentic_driver },
|
||||
#endif
|
||||
{ "belpic", (void *(*)(void)) sc_get_belpic_driver },
|
||||
{ "ias", (void *(*)(void)) sc_get_ias_driver },
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
/*
|
||||
* iso7816.h: ISO-7816 defines
|
||||
*/
|
||||
|
||||
#ifndef _ISO7816_TYPES_H
|
||||
#define _ISO7816_TYPES_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#define ISO7816_TAG_FCP 0x62
|
||||
#define ISO7816_TAG_FCP_SIZE 0x80
|
||||
#define ISO7816_TAG_FCP_TYPE 0x82
|
||||
#define ISO7816_TAG_FCP_ID 0x83
|
||||
#define ISO7816_TAG_FCP_ACLS 0x86
|
||||
|
||||
|
||||
#define ISO7816_FILE_TYPE_TRANSPARENT_EF 0x01
|
||||
#define ISO7816_FILE_TYPE_DF 0x38
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
|
@ -23,7 +23,8 @@ dist_pkgdata_DATA = \
|
|||
entersafe.profile \
|
||||
rutoken_ecp.profile \
|
||||
westcos.profile \
|
||||
myeid.profile
|
||||
myeid.profile \
|
||||
authentic.profile
|
||||
|
||||
AM_CPPFLAGS = -DSC_PKCS15_PROFILE_DIRECTORY=\"$(pkgdatadir)\"
|
||||
AM_CFLAGS = $(OPTIONAL_OPENSSL_CFLAGS) $(LTLIB_CFLAGS)
|
||||
|
@ -37,4 +38,5 @@ libpkcs15init_la_SOURCES = \
|
|||
pkcs15-setcos.c pkcs15-incrypto34.c pkcs15-muscle.c \
|
||||
pkcs15-asepcos.c pkcs15-rutoken.c pkcs15-entersafe.c \
|
||||
pkcs15-rtecp.c pkcs15-myeid.c \
|
||||
pkcs15-oberthur.c pkcs15-oberthur-awp.c
|
||||
pkcs15-oberthur.c pkcs15-oberthur-awp.c \
|
||||
pkcs15-authentic.c
|
||||
|
|
|
@ -8,7 +8,7 @@ OBJECTS = pkcs15-lib.obj profile.obj \
|
|||
pkcs15-setcos.obj pkcs15-incrypto34.obj \
|
||||
pkcs15-muscle.obj pkcs15-asepcos.obj pkcs15-rutoken.obj \
|
||||
pkcs15-entersafe.obj pkcs15-rtecp.obj pkcs15-westcos.obj \
|
||||
pkcs15-myeid.obj
|
||||
pkcs15-myeid.obj pkcs15-authentic.obj
|
||||
|
||||
all: $(TARGET)
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -386,7 +386,7 @@ extern struct sc_pkcs15init_operations *sc_pkcs15init_get_entersafe_ops(void);
|
|||
extern struct sc_pkcs15init_operations *sc_pkcs15init_get_rtecp_ops(void);
|
||||
extern struct sc_pkcs15init_operations *sc_pkcs15init_get_westcos_ops(void);
|
||||
extern struct sc_pkcs15init_operations *sc_pkcs15init_get_myeid_ops(void);
|
||||
/* extern struct sc_pkcs15init_operations *sc_pkcs15init_get_authentic_ops(void); */
|
||||
extern struct sc_pkcs15init_operations *sc_pkcs15init_get_authentic_ops(void);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -151,7 +151,7 @@ static struct profile_operations {
|
|||
{ "rutoken_ecp", (void *) sc_pkcs15init_get_rtecp_ops },
|
||||
{ "westcos", (void *) sc_pkcs15init_get_westcos_ops },
|
||||
{ "myeid", (void *) sc_pkcs15init_get_myeid_ops },
|
||||
/* { "authentic", (void *) sc_pkcs15init_get_authentic_ops }, */
|
||||
{ "authentic", (void *) sc_pkcs15init_get_authentic_ops },
|
||||
{ NULL, NULL },
|
||||
};
|
||||
|
||||
|
|
|
@ -113,6 +113,10 @@
|
|||
<File Id='PROFILE_OBERTHUR' Name='oberthur.profile' DiskId='1'
|
||||
Source='$(var.SOURCE_DIR)\src\pkcs15init\oberthur.profile' Vital='yes' KeyPath='yes' />
|
||||
</Component>
|
||||
<Component Id='PROFILE_PKCS15_AUTHENTIC' Guid='75AE2D59-D249-4110-93F0-65E6F323CB63'>
|
||||
<File Id='PROFILE_AUTHENTIC' Name='authentic.profile' DiskId='1'
|
||||
Source='$(var.SOURCE_DIR)\src\pkcs15init\authentic.profile' Vital='yes' KeyPath='yes' />
|
||||
</Component>
|
||||
</Directory>
|
||||
</Directory>
|
||||
|
||||
|
@ -160,6 +164,7 @@
|
|||
<ComponentRef Id='PROFILE_PKCS15_STARCOS' />
|
||||
<ComponentRef Id='PROFILE_PKCS15_WESTCOS' />
|
||||
<ComponentRef Id='PROFILE_PKCS15_OBERTHUR' />
|
||||
<ComponentRef Id='PROFILE_PKCS15_AUTHENTIC' />
|
||||
|
||||
<ComponentRef Id='ProgramMenuDir' />
|
||||
</Feature>
|
||||
|
|
Loading…
Reference in New Issue