PIV: pickup card driver from the SM branch
... where it was tested by Douglas.
This commit is contained in:
parent
fe80ffdbd2
commit
f7b5a6b6af
|
@ -136,8 +136,10 @@ typedef struct piv_private_data {
|
||||||
int selected_obj; /* The index into the piv_objects last selected */
|
int selected_obj; /* The index into the piv_objects last selected */
|
||||||
int return_only_cert; /* return the cert from the object */
|
int return_only_cert; /* return the cert from the object */
|
||||||
int rwb_state; /* first time -1, 0, in middle, 1 at eof */
|
int rwb_state; /* first time -1, 0, in middle, 1 at eof */
|
||||||
|
int operation; /* saved from set_security_env */
|
||||||
|
int algorithm; /* saved from set_security_env */
|
||||||
int key_ref; /* saved from set_security_env and */
|
int key_ref; /* saved from set_security_env and */
|
||||||
int alg_id; /* used in decrypt, signature */
|
int alg_id; /* used in decrypt, signature, derive */
|
||||||
int key_size; /* RSA: modulus_bits EC: field_length in bits */
|
int key_size; /* RSA: modulus_bits EC: field_length in bits */
|
||||||
u8* w_buf; /* write_binary buffer */
|
u8* w_buf; /* write_binary buffer */
|
||||||
size_t w_buf_len; /* length of w_buff */
|
size_t w_buf_len; /* length of w_buff */
|
||||||
|
@ -1892,6 +1894,9 @@ static int piv_set_security_env(sc_card_t *card,
|
||||||
env->flags, env->operation, env->algorithm, env->algorithm_flags,
|
env->flags, env->operation, env->algorithm, env->algorithm_flags,
|
||||||
env->algorithm_ref, env->key_ref[0], env->key_ref_len);
|
env->algorithm_ref, env->key_ref[0], env->key_ref_len);
|
||||||
|
|
||||||
|
priv->operation = env->operation;
|
||||||
|
priv->algorithm = env->algorithm;
|
||||||
|
|
||||||
if (env->algorithm == SC_ALGORITHM_RSA) {
|
if (env->algorithm == SC_ALGORITHM_RSA) {
|
||||||
priv->alg_id = 0x06; /* Say it is RSA, set 5, 6, 7 later */
|
priv->alg_id = 0x06; /* Say it is RSA, set 5, 6, 7 later */
|
||||||
} else if (env->algorithm == SC_ALGORITHM_EC) {
|
} else if (env->algorithm == SC_ALGORITHM_EC) {
|
||||||
|
@ -1949,6 +1954,10 @@ static int piv_validate_general_authentication(sc_card_t *card,
|
||||||
p = sbuf;
|
p = sbuf;
|
||||||
put_tag_and_len(0x7c, (2 + put_tag_and_len(0, datalen, NULL)) , &p);
|
put_tag_and_len(0x7c, (2 + put_tag_and_len(0, datalen, NULL)) , &p);
|
||||||
put_tag_and_len(0x82, 0, &p);
|
put_tag_and_len(0x82, 0, &p);
|
||||||
|
if (priv->operation == SC_SEC_OPERATION_DERIVE
|
||||||
|
&& priv->algorithm == SC_ALGORITHM_EC)
|
||||||
|
put_tag_and_len(0x85, datalen, &p);
|
||||||
|
else
|
||||||
put_tag_and_len(0x81, datalen, &p);
|
put_tag_and_len(0x81, datalen, &p);
|
||||||
|
|
||||||
memcpy(p, data, datalen);
|
memcpy(p, data, datalen);
|
||||||
|
@ -2551,13 +2560,18 @@ static int piv_init(sc_card_t *card)
|
||||||
priv->enumtag = piv_aids[r].enumtag;
|
priv->enumtag = piv_aids[r].enumtag;
|
||||||
card->type = piv_aids[r].enumtag;
|
card->type = piv_aids[r].enumtag;
|
||||||
|
|
||||||
flags = SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_ONBOARD_KEY_GEN;
|
/* PKCS#11 may try to generate session keys, and get confused
|
||||||
|
* if SC_ALGORITHM_ONBOARD_KEY_GEN is present
|
||||||
|
* piv-tool can still do this, just don't tell PKCS#11
|
||||||
|
*/
|
||||||
|
|
||||||
|
flags = SC_ALGORITHM_RSA_RAW;
|
||||||
|
|
||||||
_sc_card_add_rsa_alg(card, 1024, flags, 0); /* manditory */
|
_sc_card_add_rsa_alg(card, 1024, flags, 0); /* manditory */
|
||||||
_sc_card_add_rsa_alg(card, 2048, flags, 0); /* optional */
|
_sc_card_add_rsa_alg(card, 2048, flags, 0); /* optional */
|
||||||
_sc_card_add_rsa_alg(card, 3072, flags, 0); /* optional */
|
_sc_card_add_rsa_alg(card, 3072, flags, 0); /* optional */
|
||||||
|
|
||||||
flags = SC_ALGORITHM_ECDSA_RAW | SC_ALGORITHM_ONBOARD_KEY_GEN;
|
flags = SC_ALGORITHM_ECDSA_RAW;
|
||||||
ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES;
|
ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES;
|
||||||
|
|
||||||
_sc_card_add_ec_alg(card, 256, flags, ext_flags);
|
_sc_card_add_ec_alg(card, 256, flags, ext_flags);
|
||||||
|
|
Loading…
Reference in New Issue