- started to implement on-token key gen support
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@636 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
8535127ba8
commit
1b79b017e3
|
@ -33,7 +33,7 @@ filesystem {
|
|||
type = internal-ef;
|
||||
file-id = 4B01; # This is the base FileID
|
||||
size = 266; # 266 is enough for 1024-bit keys
|
||||
ACL = *=NEVER, CRYPTO=$PIN, UPDATE=$PIN;
|
||||
ACL = *=NEVER, UPDATE=$PIN;
|
||||
}
|
||||
EF template-public-key {
|
||||
file-id = 5501;
|
||||
|
@ -47,6 +47,12 @@ filesystem {
|
|||
file-id = 7000;
|
||||
ACL = *=NEVER, READ=$PIN, UPDATE=$PIN;
|
||||
}
|
||||
EF tempfile {
|
||||
file-id = 7EAD;
|
||||
structure = linear-variable-tlv;
|
||||
ACL = *=NONE;
|
||||
size = 512;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -54,6 +54,14 @@ struct sc_pkcs15init_operations {
|
|||
*/
|
||||
int (*new_file)(struct sc_profile *, struct sc_card *,
|
||||
unsigned int, unsigned int, struct sc_file **out);
|
||||
|
||||
/*
|
||||
* Generate a new key pair
|
||||
*/
|
||||
int (*generate_key)(struct sc_profile *, struct sc_card *,
|
||||
unsigned int index, unsigned int keybits,
|
||||
sc_pkcs15_pubkey_t *pubkey_res);
|
||||
|
||||
};
|
||||
|
||||
/* Do not change these or reorder these */
|
||||
|
|
|
@ -371,8 +371,39 @@ sc_pkcs15init_generate_key(struct sc_pkcs15_card *p15card,
|
|||
unsigned int keybits,
|
||||
struct sc_pkcs15_object **res_obj)
|
||||
{
|
||||
/* Currently, we do not support on-board key generation */
|
||||
return SC_ERROR_NOT_SUPPORTED;
|
||||
struct sc_pkcs15init_pubkeyargs pubkey_args;
|
||||
int r, index;
|
||||
|
||||
/* For now, we support just RSA key pair generation */
|
||||
if (keyargs->key.algorithm != SC_ALGORITHM_RSA)
|
||||
return SC_ERROR_NOT_SUPPORTED;
|
||||
|
||||
if (profile->ops->generate_key == NULL)
|
||||
return SC_ERROR_NOT_SUPPORTED;
|
||||
|
||||
if (keyargs->auth_id.len != 0) {
|
||||
struct sc_pkcs15_pin_info *pin_info;
|
||||
struct sc_pkcs15_object *objp;
|
||||
|
||||
r = sc_pkcs15_find_pin_by_auth_id(p15card,
|
||||
&keyargs->auth_id, &objp);
|
||||
if (r < 0)
|
||||
return r;
|
||||
pin_info = (struct sc_pkcs15_pin_info *) objp->data;
|
||||
sc_profile_set_pin_info(profile,
|
||||
SC_PKCS15INIT_USER_PIN, pin_info);
|
||||
}
|
||||
|
||||
memset(&pubkey_args, 0, sizeof(pubkey_args));
|
||||
|
||||
index = sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_PRKEY, NULL, 0);
|
||||
r = profile->ops->generate_key(profile, p15card->card, index, keybits,
|
||||
&pubkey_args.key);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
/* XXX: add PrKDF entrye and write public key */
|
||||
return SC_ERROR_INTERNAL;
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue