Rutoken Lite (#1728)
* card-rtecp: Add Rutoken Lite * avoid seperate rutoken lite driver * added rutoken lite to minidriver closes #1722
This commit is contained in:
parent
130e9bb068
commit
ba19a467e4
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* card-rtecp.c: Support for Rutoken ECP cards
|
* card-rtecp.c: Support for Rutoken ECP and Rutoken Lite cards
|
||||||
*
|
*
|
||||||
* Copyright (C) 2009 Aleksey Samsonov <samsonov@guardant.ru>
|
* Copyright (C) 2009 Aleksey Samsonov <samsonov@guardant.ru>
|
||||||
*
|
*
|
||||||
|
@ -35,7 +35,7 @@ static const struct sc_card_operations *iso_ops = NULL;
|
||||||
static struct sc_card_operations rtecp_ops;
|
static struct sc_card_operations rtecp_ops;
|
||||||
|
|
||||||
static struct sc_card_driver rtecp_drv = {
|
static struct sc_card_driver rtecp_drv = {
|
||||||
"Rutoken ECP driver",
|
"Rutoken ECP and Lite driver",
|
||||||
"rutoken_ecp",
|
"rutoken_ecp",
|
||||||
&rtecp_ops,
|
&rtecp_ops,
|
||||||
NULL, 0, NULL
|
NULL, 0, NULL
|
||||||
|
@ -56,6 +56,13 @@ static const struct sc_atr_table rtecp_atrs[] = {
|
||||||
{ "3B:9C:94:80:11:40:52:75:74:6F:6B:65:6E:45:43:50:73:63:C3",
|
{ "3B:9C:94:80:11:40:52:75:74:6F:6B:65:6E:45:43:50:73:63:C3",
|
||||||
"00:00:00:00:00:00:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:00",
|
"00:00:00:00:00:00:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:00",
|
||||||
"Rutoken ECP SC", SC_CARD_TYPE_RUTOKEN_ECP_SC, 0, NULL },
|
"Rutoken ECP SC", SC_CARD_TYPE_RUTOKEN_ECP_SC, 0, NULL },
|
||||||
|
/* Rutoken Lite */
|
||||||
|
{ "3B:8B:01:52:75:74:6F:6B:65:6E:6C:69:74:65:C2",
|
||||||
|
NULL, "Rutoken Lite", SC_CARD_TYPE_RUTOKEN_LITE, 0, NULL },
|
||||||
|
/* Rutoken Lite SC*/
|
||||||
|
{ "3B:9E:96:00:52:75:74:6F:6B:65:6E:4C:69:74:65:53:43:32",
|
||||||
|
"00:00:00:00:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF",
|
||||||
|
"Rutoken Lite SC", SC_CARD_TYPE_RUTOKEN_LITE_SC, 0, NULL },
|
||||||
{ NULL, NULL, NULL, 0, 0, NULL }
|
{ NULL, NULL, NULL, 0, 0, NULL }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -76,9 +83,14 @@ static int rtecp_init(sc_card_t *card)
|
||||||
unsigned long flags;
|
unsigned long flags;
|
||||||
|
|
||||||
assert(card && card->ctx);
|
assert(card && card->ctx);
|
||||||
card->caps |= SC_CARD_CAP_RNG;
|
|
||||||
card->cla = 0;
|
card->cla = 0;
|
||||||
|
|
||||||
|
if (card->type == SC_CARD_TYPE_RUTOKEN_LITE
|
||||||
|
|| card->type == SC_CARD_TYPE_RUTOKEN_LITE_SC)
|
||||||
|
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, 0);
|
||||||
|
|
||||||
|
card->caps |= SC_CARD_CAP_RNG;
|
||||||
|
|
||||||
flags = SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_ONBOARD_KEY_GEN
|
flags = SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_ONBOARD_KEY_GEN
|
||||||
| SC_ALGORITHM_RSA_PAD_NONE | SC_ALGORITHM_RSA_HASH_NONE;
|
| SC_ALGORITHM_RSA_PAD_NONE | SC_ALGORITHM_RSA_HASH_NONE;
|
||||||
|
|
||||||
|
@ -422,6 +434,11 @@ static int rtecp_decipher(sc_card_t *card,
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(card && card->ctx && data && out);
|
assert(card && card->ctx && data && out);
|
||||||
|
|
||||||
|
if (card->type == SC_CARD_TYPE_RUTOKEN_LITE
|
||||||
|
|| card->type == SC_CARD_TYPE_RUTOKEN_LITE_SC)
|
||||||
|
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_NOT_SUPPORTED);
|
||||||
|
|
||||||
/* decipher */
|
/* decipher */
|
||||||
r = rtecp_cipher(card, data, data_len, out, out_len, 0);
|
r = rtecp_cipher(card, data, data_len, out, out_len, 0);
|
||||||
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);
|
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);
|
||||||
|
@ -433,6 +450,11 @@ static int rtecp_compute_signature(sc_card_t *card,
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(card && card->ctx && data && out);
|
assert(card && card->ctx && data && out);
|
||||||
|
|
||||||
|
if (card->type == SC_CARD_TYPE_RUTOKEN_LITE
|
||||||
|
|| card->type == SC_CARD_TYPE_RUTOKEN_LITE_SC)
|
||||||
|
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_NOT_SUPPORTED);
|
||||||
|
|
||||||
/* compute digital signature */
|
/* compute digital signature */
|
||||||
r = rtecp_cipher(card, data, data_len, out, out_len, 1);
|
r = rtecp_cipher(card, data, data_len, out, out_len, 1);
|
||||||
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);
|
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);
|
||||||
|
@ -811,7 +833,5 @@ struct sc_card_driver * sc_get_rtecp_driver(void)
|
||||||
/* process_fci */
|
/* process_fci */
|
||||||
rtecp_ops.construct_fci = rtecp_construct_fci;
|
rtecp_ops.construct_fci = rtecp_construct_fci;
|
||||||
rtecp_ops.pin_cmd = NULL;
|
rtecp_ops.pin_cmd = NULL;
|
||||||
|
|
||||||
return &rtecp_drv;
|
return &rtecp_drv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -257,6 +257,8 @@ enum {
|
||||||
SC_CARD_TYPE_RUTOKENS = 36000,
|
SC_CARD_TYPE_RUTOKENS = 36000,
|
||||||
SC_CARD_TYPE_RUTOKEN_ECP,
|
SC_CARD_TYPE_RUTOKEN_ECP,
|
||||||
SC_CARD_TYPE_RUTOKEN_ECP_SC,
|
SC_CARD_TYPE_RUTOKEN_ECP_SC,
|
||||||
|
SC_CARD_TYPE_RUTOKEN_LITE,
|
||||||
|
SC_CARD_TYPE_RUTOKEN_LITE_SC,
|
||||||
};
|
};
|
||||||
|
|
||||||
extern sc_card_driver_t *sc_get_default_driver(void);
|
extern sc_card_driver_t *sc_get_default_driver(void);
|
||||||
|
|
|
@ -23,6 +23,7 @@ dist_pkgdata_DATA = \
|
||||||
entersafe.profile \
|
entersafe.profile \
|
||||||
epass2003.profile \
|
epass2003.profile \
|
||||||
rutoken_ecp.profile \
|
rutoken_ecp.profile \
|
||||||
|
rutoken_lite.profile \
|
||||||
westcos.profile \
|
westcos.profile \
|
||||||
myeid.profile \
|
myeid.profile \
|
||||||
authentic.profile \
|
authentic.profile \
|
||||||
|
|
|
@ -157,6 +157,7 @@ static struct profile_operations {
|
||||||
{ "entersafe",(void*) sc_pkcs15init_get_entersafe_ops },
|
{ "entersafe",(void*) sc_pkcs15init_get_entersafe_ops },
|
||||||
{ "epass2003",(void*) sc_pkcs15init_get_epass2003_ops },
|
{ "epass2003",(void*) sc_pkcs15init_get_epass2003_ops },
|
||||||
{ "rutoken_ecp", (void *) sc_pkcs15init_get_rtecp_ops },
|
{ "rutoken_ecp", (void *) sc_pkcs15init_get_rtecp_ops },
|
||||||
|
{ "rutoken_lite", (void *) sc_pkcs15init_get_rtecp_ops },
|
||||||
{ "westcos", (void *) sc_pkcs15init_get_westcos_ops },
|
{ "westcos", (void *) sc_pkcs15init_get_westcos_ops },
|
||||||
{ "myeid", (void *) sc_pkcs15init_get_myeid_ops },
|
{ "myeid", (void *) sc_pkcs15init_get_myeid_ops },
|
||||||
{ "sc-hsm", (void *) sc_pkcs15init_get_sc_hsm_ops },
|
{ "sc-hsm", (void *) sc_pkcs15init_get_sc_hsm_ops },
|
||||||
|
|
|
@ -0,0 +1,202 @@
|
||||||
|
#
|
||||||
|
# PKCS15 profile, generic information.
|
||||||
|
# This profile is loaded before any card specific profile.
|
||||||
|
#
|
||||||
|
|
||||||
|
cardinfo {
|
||||||
|
label = "Rutoken Lite";
|
||||||
|
manufacturer = "Aktiv Co.";
|
||||||
|
|
||||||
|
max-pin-length = 32;
|
||||||
|
min-pin-length = 1;
|
||||||
|
pin-encoding = ascii-numeric;
|
||||||
|
}
|
||||||
|
|
||||||
|
#
|
||||||
|
# The following controls some aspects of the PKCS15 we put onto
|
||||||
|
# the card.
|
||||||
|
#
|
||||||
|
pkcs15 {
|
||||||
|
# Put certificates into the CDF itself?
|
||||||
|
direct-certificates = no;
|
||||||
|
# Put the DF length into the ODF file?
|
||||||
|
encode-df-length = no;
|
||||||
|
# Have a lastUpdate field in the EF(TokenInfo)?
|
||||||
|
do-last-update = yes;
|
||||||
|
|
||||||
|
pkcs15-id-style = mozilla;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Default settings.
|
||||||
|
# This option block will always be processed.
|
||||||
|
option default {
|
||||||
|
macros {
|
||||||
|
ti-size = 128;
|
||||||
|
odf-size = 128;
|
||||||
|
aodf-size = 256;
|
||||||
|
dodf-size = 2048;
|
||||||
|
cdf-size = 2048;
|
||||||
|
prkdf-size = 2048;
|
||||||
|
pukdf-size = 2048;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Define reasonable limits for PINs and PUK
|
||||||
|
# Note that we do not set a file path or reference
|
||||||
|
# for the user pin; that is done dynamically.
|
||||||
|
PIN user-pin {
|
||||||
|
auth-id = 2;
|
||||||
|
reference = 2;
|
||||||
|
attempts = 5;
|
||||||
|
min-length = 4;
|
||||||
|
max-length = 32;
|
||||||
|
flags = case-sensitive, initialized;
|
||||||
|
}
|
||||||
|
PIN user-puk {
|
||||||
|
min-length = 0;
|
||||||
|
max-length = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
PIN so-pin {
|
||||||
|
auth-id = 1;
|
||||||
|
reference = 1;
|
||||||
|
attempts = 10;
|
||||||
|
min-length = 8;
|
||||||
|
max-length = 32;
|
||||||
|
flags = case-sensitive, initialized, soPin;
|
||||||
|
}
|
||||||
|
PIN so-puk {
|
||||||
|
min-length = 0;
|
||||||
|
max-length = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
filesystem {
|
||||||
|
EF CHV2 {
|
||||||
|
file-id = 0002;
|
||||||
|
ACL = *=NEVER, UPDATE=$SOPIN, PIN-RESET=$SOPIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
DF MF {
|
||||||
|
path = 3F00;
|
||||||
|
type = DF;
|
||||||
|
acl = *=NEVER, SELECT=NONE, DELETE=NEVER, CREATE=CHV2, READ=NONE;
|
||||||
|
|
||||||
|
DF Sys-DF {
|
||||||
|
file-id = 1000;
|
||||||
|
|
||||||
|
DF SysKey-DF {
|
||||||
|
file-id = 1000;
|
||||||
|
}
|
||||||
|
|
||||||
|
DF Resrv1-DF {
|
||||||
|
file-id = 1001;
|
||||||
|
}
|
||||||
|
DF Resrv2-DF {
|
||||||
|
file-id = 1002;
|
||||||
|
}
|
||||||
|
DF Resrv3-DF {
|
||||||
|
file-id = 1003;
|
||||||
|
}
|
||||||
|
DF Resrv4-DF {
|
||||||
|
file-id = 1004;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
EF DIR {
|
||||||
|
type = EF;
|
||||||
|
file-id = 2F00;
|
||||||
|
size = 128;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=CHV1, WRITE=CHV1, DELETE=CHV1;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Here comes the application DF
|
||||||
|
DF PKCS15-AppDF {
|
||||||
|
type = DF;
|
||||||
|
file-id = 5000;
|
||||||
|
acl = *=NONE, DELETE=CHV2;
|
||||||
|
|
||||||
|
EF PKCS15-ODF {
|
||||||
|
file-id = 5031;
|
||||||
|
size = $odf-size;
|
||||||
|
acl = *=NONE, DELETE=$SOPIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
EF PKCS15-TokenInfo {
|
||||||
|
file-id = 5032;
|
||||||
|
size = $ti-size;
|
||||||
|
acl = *=NONE, DELETE=CHV2;
|
||||||
|
}
|
||||||
|
|
||||||
|
EF PKCS15-AODF {
|
||||||
|
file-id = 6005;
|
||||||
|
size = $aodf-size;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=$SOPIN, WRITE=$SOPIN, DELETE=$SOPIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
EF PKCS15-PrKDF {
|
||||||
|
file-id = 6002;
|
||||||
|
size = $prkdf-size;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
EF PKCS15-PuKDF {
|
||||||
|
file-id = 6001;
|
||||||
|
size = $pukdf-size;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
EF PKCS15-CDF {
|
||||||
|
file-id = 6004;
|
||||||
|
size = $cdf-size;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
EF PKCS15-DODF {
|
||||||
|
file-id = 6006;
|
||||||
|
size = $dodf-size;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
# This template defines files for keys, certificates etc.
|
||||||
|
#
|
||||||
|
# When instantiating the template, each file id will be
|
||||||
|
# combined with the last octet of the object's pkcs15 id
|
||||||
|
# to form a unique file ID.
|
||||||
|
template key-domain {
|
||||||
|
EF private-key {
|
||||||
|
file-id = 0100;
|
||||||
|
structure = transparent;
|
||||||
|
acl = *=NEVER, READ=$PIN, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
EF public-key {
|
||||||
|
file-id = 0200;
|
||||||
|
structure = transparent;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Certificate template
|
||||||
|
EF certificate {
|
||||||
|
file-id = 0300;
|
||||||
|
structure = transparent;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
# data objects are stored in transparent EFs.
|
||||||
|
EF data {
|
||||||
|
file-id = 0400;
|
||||||
|
structure = transparent;
|
||||||
|
acl = *=NEVER, READ=NONE, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
|
||||||
|
# private data objects are stored in transparent EFs.
|
||||||
|
EF privdata {
|
||||||
|
file-id = 0500;
|
||||||
|
structure = transparent;
|
||||||
|
acl = *=NEVER, READ=$PIN, UPDATE=$PIN, WRITE=$PIN, DELETE=$PIN;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -282,6 +282,9 @@
|
||||||
<Component Id="rutoken_ecp.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="rutoken_ecp.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\rutoken_ecp.profile"/>
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\rutoken_ecp.profile"/>
|
||||||
</Component>
|
</Component>
|
||||||
|
<Component Id="rutoken_lite.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\rutoken_lite.profile"/>
|
||||||
|
</Component>
|
||||||
<Component Id="ias_adele_admin1.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
<Component Id="ias_adele_admin1.profile" Guid="*" Win64="$(var.Win64YesNo)">
|
||||||
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\ias_adele_admin1.profile"/>
|
<File Source="$(var.SOURCE_DIR)\src\pkcs15init\ias_adele_admin1.profile"/>
|
||||||
</Component>
|
</Component>
|
||||||
|
@ -424,6 +427,7 @@
|
||||||
<ComponentRef Id="authentic.profile"/>
|
<ComponentRef Id="authentic.profile"/>
|
||||||
<ComponentRef Id="rutoken.profile"/>
|
<ComponentRef Id="rutoken.profile"/>
|
||||||
<ComponentRef Id="rutoken_ecp.profile"/>
|
<ComponentRef Id="rutoken_ecp.profile"/>
|
||||||
|
<ComponentRef Id="rutoken_lite.profile"/>
|
||||||
<ComponentRef Id="ias_adele_admin1.profile"/>
|
<ComponentRef Id="ias_adele_admin1.profile"/>
|
||||||
<ComponentRef Id="ias_adele_admin2.profile"/>
|
<ComponentRef Id="ias_adele_admin2.profile"/>
|
||||||
<ComponentRef Id="ias_adele_common.profile"/>
|
<ComponentRef Id="ias_adele_common.profile"/>
|
||||||
|
|
|
@ -173,6 +173,10 @@ MD_REGISTRATION minidriver_registration[] = {
|
||||||
16, {0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}},
|
16, {0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}},
|
||||||
{TEXT("Rutoken ECP SC"), {0x3B,0x9C,0x94,0x80,0x11,0x40,0x52,0x75,0x74,0x6F,0x6B,0x65,0x6E,0x45,0x43,0x50,0x73,0x63,0xC3},
|
{TEXT("Rutoken ECP SC"), {0x3B,0x9C,0x94,0x80,0x11,0x40,0x52,0x75,0x74,0x6F,0x6B,0x65,0x6E,0x45,0x43,0x50,0x73,0x63,0xC3},
|
||||||
19, {0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00}},
|
19, {0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00}},
|
||||||
|
{TEXT("Rutoken Lite"), {0x3B,0x8B,0x01,0x52,0x75,0x74,0x6F,0x6B,0x65,0x6E,0x6C,0x69,0x74,0x65,0xC2},
|
||||||
|
15, {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}},
|
||||||
|
{TEXT("Rutoken Lite SC"), {0x3B,0x8B,0x01,0x52,0x75,0x74,0x6F,0x6B,0x65,0x6E,0x6C,0x69,0x74,0x65,0xC2},
|
||||||
|
15, {0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}},
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue