|
|
@ -246,23 +246,23 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
|
|
|
|
/* Note: pkcs11 objects do not have CK_ID values */
|
|
|
|
/* Note: pkcs11 objects do not have CK_ID values */
|
|
|
|
|
|
|
|
|
|
|
|
static const objdata objects[] = {
|
|
|
|
static const objdata objects[] = {
|
|
|
|
{"1", "Card Capability Container",
|
|
|
|
{"01", "Card Capability Container",
|
|
|
|
"2.16.840.1.101.3.7.1.219.0", NULL, "DB00", 0},
|
|
|
|
"2.16.840.1.101.3.7.1.219.0", NULL, "DB00", 0},
|
|
|
|
{"2", "Card Holder Unique Identifier",
|
|
|
|
{"02", "Card Holder Unique Identifier",
|
|
|
|
"2.16.840.1.101.3.7.2.48.0", NULL, "3000", 0},
|
|
|
|
"2.16.840.1.101.3.7.2.48.0", NULL, "3000", 0},
|
|
|
|
{"3", "Unsigned Card Holder Unique Identifier",
|
|
|
|
{"03", "Unsigned Card Holder Unique Identifier",
|
|
|
|
"2.16.840.1.101.3.7.2.48.2", NULL, "3010", 0},
|
|
|
|
"2.16.840.1.101.3.7.2.48.2", NULL, "3010", 0},
|
|
|
|
{"4", "X.509 Certificate for PIV Authentication",
|
|
|
|
{"04", "X.509 Certificate for PIV Authentication",
|
|
|
|
"2.16.840.1.101.3.7.2.1.1", NULL, "0101", 0},
|
|
|
|
"2.16.840.1.101.3.7.2.1.1", NULL, "0101", 0},
|
|
|
|
{"5", "Cardholder Fingerprints",
|
|
|
|
{"05", "Cardholder Fingerprints",
|
|
|
|
"2.16.840.1.101.3.7.2.96.16", "1", "6010", SC_PKCS15_CO_FLAG_PRIVATE},
|
|
|
|
"2.16.840.1.101.3.7.2.96.16", "01", "6010", SC_PKCS15_CO_FLAG_PRIVATE},
|
|
|
|
{"6", "Printed Information",
|
|
|
|
{"06", "Printed Information",
|
|
|
|
"2.16.840.1.101.3.7.2.48.1", "1", "3001", SC_PKCS15_CO_FLAG_PRIVATE},
|
|
|
|
"2.16.840.1.101.3.7.2.48.1", "01", "3001", SC_PKCS15_CO_FLAG_PRIVATE},
|
|
|
|
{"7", "Cardholder Facial Image",
|
|
|
|
{"07", "Cardholder Facial Image",
|
|
|
|
"2.16.840.1.101.3.7.2.96.48", "1", "6030", SC_PKCS15_CO_FLAG_PRIVATE},
|
|
|
|
"2.16.840.1.101.3.7.2.96.48", "01", "6030", SC_PKCS15_CO_FLAG_PRIVATE},
|
|
|
|
{"8", "X.509 Certificate for Digital Signature",
|
|
|
|
{"08", "X.509 Certificate for Digital Signature",
|
|
|
|
"2.16.840.1.101.3.7.2.1.0", NULL, "0100", 0},
|
|
|
|
"2.16.840.1.101.3.7.2.1.0", NULL, "0100", 0},
|
|
|
|
{"9", "X.509 Certificate for Key Management",
|
|
|
|
{"09", "X.509 Certificate for Key Management",
|
|
|
|
"2.16.840.1.101.3.7.2.1.2", NULL, "0102", 0},
|
|
|
|
"2.16.840.1.101.3.7.2.1.2", NULL, "0102", 0},
|
|
|
|
{"10","X.509 Certificate for Card Authentication",
|
|
|
|
{"10","X.509 Certificate for Card Authentication",
|
|
|
|
"2.16.840.1.101.3.7.2.5.0", NULL, "0500", 0},
|
|
|
|
"2.16.840.1.101.3.7.2.5.0", NULL, "0500", 0},
|
|
|
@ -328,15 +328,15 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
|
|
|
|
#define PIV_NUM_CERTS_AND_KEYS 24
|
|
|
|
#define PIV_NUM_CERTS_AND_KEYS 24
|
|
|
|
|
|
|
|
|
|
|
|
static const cdata certs[PIV_NUM_CERTS_AND_KEYS] = {
|
|
|
|
static const cdata certs[PIV_NUM_CERTS_AND_KEYS] = {
|
|
|
|
{"1", "Certificate for PIV Authentication", 0, "0101cece", 0},
|
|
|
|
{"01", "Certificate for PIV Authentication", 0, "0101cece", 0},
|
|
|
|
{"2", "Certificate for Digital Signature", 0, "0100cece", 0},
|
|
|
|
{"02", "Certificate for Digital Signature", 0, "0100cece", 0},
|
|
|
|
{"3", "Certificate for Key Management", 0, "0102cece", 0},
|
|
|
|
{"03", "Certificate for Key Management", 0, "0102cece", 0},
|
|
|
|
{"4", "Certificate for Card Authentication", 0, "0500cece", 0},
|
|
|
|
{"04", "Certificate for Card Authentication", 0, "0500cece", 0},
|
|
|
|
{"5", "Retired Certificate for Key Management 1", 0, "1001cece", 0},
|
|
|
|
{"05", "Retired Certificate for Key Management 1", 0, "1001cece", 0},
|
|
|
|
{"6", "Retired Certificate for Key Management 2", 0, "1002cece", 0},
|
|
|
|
{"06", "Retired Certificate for Key Management 2", 0, "1002cece", 0},
|
|
|
|
{"7", "Retired Certificate for Key Management 3", 0, "1003cece", 0},
|
|
|
|
{"07", "Retired Certificate for Key Management 3", 0, "1003cece", 0},
|
|
|
|
{"8", "Retired Certificate for Key Management 4", 0, "1004cece", 0},
|
|
|
|
{"08", "Retired Certificate for Key Management 4", 0, "1004cece", 0},
|
|
|
|
{"9", "Retired Certificate for Key Management 5", 0, "1005cece", 0},
|
|
|
|
{"09", "Retired Certificate for Key Management 5", 0, "1005cece", 0},
|
|
|
|
{"10", "Retired Certificate for Key Management 6", 0, "1006cece", 0},
|
|
|
|
{"10", "Retired Certificate for Key Management 6", 0, "1006cece", 0},
|
|
|
|
{"11", "Retired Certificate for Key Management 7", 0, "1007cece", 0},
|
|
|
|
{"11", "Retired Certificate for Key Management 7", 0, "1007cece", 0},
|
|
|
|
{"12", "Retired Certificate for Key Management 8", 0, "1008cece", 0},
|
|
|
|
{"12", "Retired Certificate for Key Management 8", 0, "1008cece", 0},
|
|
|
@ -355,7 +355,7 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
static const pindata pins[] = {
|
|
|
|
static const pindata pins[] = {
|
|
|
|
{ "1", "PIV Card Holder pin", "", 0x80,
|
|
|
|
{ "01", "PIV Card Holder pin", "", 0x80,
|
|
|
|
/* label, flag and ref will change if using global pin */
|
|
|
|
/* label, flag and ref will change if using global pin */
|
|
|
|
SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
|
|
|
|
SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
|
|
|
|
8, 4, 8,
|
|
|
|
8, 4, 8,
|
|
|
@ -364,7 +364,7 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
|
|
|
|
SC_PKCS15_PIN_FLAG_LOCAL,
|
|
|
|
SC_PKCS15_PIN_FLAG_LOCAL,
|
|
|
|
-1, 0xFF,
|
|
|
|
-1, 0xFF,
|
|
|
|
SC_PKCS15_CO_FLAG_PRIVATE },
|
|
|
|
SC_PKCS15_CO_FLAG_PRIVATE },
|
|
|
|
{ "2", "PIV PUK", "", 0x81,
|
|
|
|
{ "02", "PIV PUK", "", 0x81,
|
|
|
|
SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
|
|
|
|
SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
|
|
|
|
8, 4, 8,
|
|
|
|
8, 4, 8,
|
|
|
|
SC_PKCS15_PIN_FLAG_NEEDS_PADDING |
|
|
|
|
SC_PKCS15_PIN_FLAG_NEEDS_PADDING |
|
|
|
@ -386,14 +386,14 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
static const pubdata pubkeys[PIV_NUM_CERTS_AND_KEYS] = {
|
|
|
|
static const pubdata pubkeys[PIV_NUM_CERTS_AND_KEYS] = {
|
|
|
|
|
|
|
|
|
|
|
|
{ "1", "PIV AUTH pubkey",
|
|
|
|
{ "01", "PIV AUTH pubkey",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT |
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_WRAP |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_WRAP |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFY |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFY |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER,
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_VERIFY,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_VERIFY,
|
|
|
|
"9A06", 0x9A, NULL, 0, "PIV_9A_KEY"},
|
|
|
|
"9A06", 0x9A, NULL, 0, "PIV_9A_KEY"},
|
|
|
|
{ "2", "SIGN pubkey",
|
|
|
|
{ "02", "SIGN pubkey",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT |
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFY |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFY |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER |
|
|
|
@ -401,33 +401,33 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_VERIFY |
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_VERIFY |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
|
|
|
|
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
|
|
|
|
"9C06", 0x9C, NULL, 0, "PIV_9C_KEY"},
|
|
|
|
"9C06", 0x9C, NULL, 0, "PIV_9C_KEY"},
|
|
|
|
{ "3", "KEY MAN pubkey",
|
|
|
|
{ "03", "KEY MAN pubkey",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT| SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT| SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"9D06", 0x9D, NULL, 0, "PIV_9D_KEY"},
|
|
|
|
"9D06", 0x9D, NULL, 0, "PIV_9D_KEY"},
|
|
|
|
{ "4", "CARD AUTH pubkey",
|
|
|
|
{ "04", "CARD AUTH pubkey",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_VERIFY |
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_VERIFY |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER,
|
|
|
|
SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_VERIFY,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_VERIFY,
|
|
|
|
"9E06", 0x9E, NULL, 0, "PIV_9E_KEY"}, /* no pin, and avail in contactless */
|
|
|
|
"9E06", 0x9E, NULL, 0, "PIV_9E_KEY"}, /* no pin, and avail in contactless */
|
|
|
|
|
|
|
|
|
|
|
|
{ "5", "Retired KEY MAN 1",
|
|
|
|
{ "05", "Retired KEY MAN 1",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"8206", 0x82, NULL, 0, NULL},
|
|
|
|
"8206", 0x82, NULL, 0, NULL},
|
|
|
|
{ "6", "Retired KEY MAN 2",
|
|
|
|
{ "06", "Retired KEY MAN 2",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"8306", 0x83, NULL, 0, NULL},
|
|
|
|
"8306", 0x83, NULL, 0, NULL},
|
|
|
|
{ "7", "Retired KEY MAN 3",
|
|
|
|
{ "07", "Retired KEY MAN 3",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"8406", 0x84, NULL, 0, NULL},
|
|
|
|
"8406", 0x84, NULL, 0, NULL},
|
|
|
|
{ "8", "Retired KEY MAN 4",
|
|
|
|
{ "08", "Retired KEY MAN 4",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"8506", 0x85, NULL, 0, NULL},
|
|
|
|
"8506", 0x85, NULL, 0, NULL},
|
|
|
|
{ "9", "Retired KEY MAN 5",
|
|
|
|
{ "09", "Retired KEY MAN 5",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_ENCRYPT | SC_PKCS15_PRKEY_USAGE_WRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"8606", 0x86, NULL, 0, NULL},
|
|
|
|
"8606", 0x86, NULL, 0, NULL},
|
|
|
@ -497,110 +497,110 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
|
|
|
|
* on the key algorithm, and will be reset.
|
|
|
|
* on the key algorithm, and will be reset.
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
static const prdata prkeys[PIV_NUM_CERTS_AND_KEYS] = {
|
|
|
|
static const prdata prkeys[PIV_NUM_CERTS_AND_KEYS] = {
|
|
|
|
{ "1", "PIV AUTH key",
|
|
|
|
{ "01", "PIV AUTH key",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT |
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_UNWRAP |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_UNWRAP |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGN |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGN |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGNRECOVER,
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGNRECOVER,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_SIGN,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_SIGN,
|
|
|
|
"", 0x9A, "1", SC_PKCS15_CO_FLAG_PRIVATE, 0},
|
|
|
|
"", 0x9A, "01", SC_PKCS15_CO_FLAG_PRIVATE, 0},
|
|
|
|
{ "2", "SIGN key",
|
|
|
|
{ "02", "SIGN key",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT |
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGN |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGN |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGNRECOVER |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGNRECOVER |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
|
|
|
|
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_SIGN |
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_SIGN |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
|
|
|
|
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
|
|
|
|
"", 0x9C, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x9C, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "3", "KEY MAN key",
|
|
|
|
{ "03", "KEY MAN key",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x9D, "1", SC_PKCS15_CO_FLAG_PRIVATE, 0},
|
|
|
|
"", 0x9D, "01", SC_PKCS15_CO_FLAG_PRIVATE, 0},
|
|
|
|
{ "4", "CARD AUTH key",
|
|
|
|
{ "04", "CARD AUTH key",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_SIGN |
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_SIGN |
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGNRECOVER,
|
|
|
|
SC_PKCS15_PRKEY_USAGE_SIGNRECOVER,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_SIGN,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_SIGN,
|
|
|
|
"", 0x9E, NULL, 0, 0}, /* no PIN needed, works with wireless */
|
|
|
|
"", 0x9E, NULL, 0, 0}, /* no PIN needed, works with wireless */
|
|
|
|
{ "5", "Retired KEY MAN 1",
|
|
|
|
{ "05", "Retired KEY MAN 1",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x82, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x82, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "6", "Retired KEY MAN 2",
|
|
|
|
{ "06", "Retired KEY MAN 2",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x83, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x83, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "7", "Retired KEY MAN 3",
|
|
|
|
{ "07", "Retired KEY MAN 3",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x84, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x84, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "8", "Retired KEY MAN 4",
|
|
|
|
{ "08", "Retired KEY MAN 4",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x85, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x85, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "9", "Retired KEY MAN 5",
|
|
|
|
{ "09", "Retired KEY MAN 5",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x86, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x86, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "10", "Retired KEY MAN 6",
|
|
|
|
{ "10", "Retired KEY MAN 6",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x87, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x87, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "11", "Retired KEY MAN 7",
|
|
|
|
{ "11", "Retired KEY MAN 7",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x88, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x88, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "12", "Retired KEY MAN 8",
|
|
|
|
{ "12", "Retired KEY MAN 8",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x89, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x89, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "13", "Retired KEY MAN 9",
|
|
|
|
{ "13", "Retired KEY MAN 9",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x8A, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x8A, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "14", "Retired KEY MAN 10",
|
|
|
|
{ "14", "Retired KEY MAN 10",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x8B, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x8B, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "15", "Retired KEY MAN 11",
|
|
|
|
{ "15", "Retired KEY MAN 11",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x8C, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x8C, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "16", "Retired KEY MAN 12",
|
|
|
|
{ "16", "Retired KEY MAN 12",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x8D, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x8D, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "17", "Retired KEY MAN 13",
|
|
|
|
{ "17", "Retired KEY MAN 13",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x8E, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x8E, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "18", "Retired KEY MAN 14",
|
|
|
|
{ "18", "Retired KEY MAN 14",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x8F, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x8F, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "19", "Retired KEY MAN 15",
|
|
|
|
{ "19", "Retired KEY MAN 15",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x90, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x90, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "20", "Retired KEY MAN 16",
|
|
|
|
{ "20", "Retired KEY MAN 16",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x91, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x91, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "21", "Retired KEY MAN 17",
|
|
|
|
{ "21", "Retired KEY MAN 17",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x92, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x92, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "22", "Retired KEY MAN 18",
|
|
|
|
{ "22", "Retired KEY MAN 18",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x93, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x93, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "23", "Retired KEY MAN 19",
|
|
|
|
{ "23", "Retired KEY MAN 19",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x94, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
"", 0x94, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1},
|
|
|
|
{ "24", "Retired KEY MAN 20",
|
|
|
|
{ "24", "Retired KEY MAN 20",
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*RSA*/SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
/*EC*/SC_PKCS15_PRKEY_USAGE_DERIVE,
|
|
|
|
"", 0x95, "1", SC_PKCS15_CO_FLAG_PRIVATE, 1}
|
|
|
|
"", 0x95, "01", SC_PKCS15_CO_FLAG_PRIVATE, 1}
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
int r, i;
|
|
|
|
int r, i;
|
|
|
|