/* * sc-pkcs15.h: PKCS#15 header file * * Copyright (C) 2001 Juha Yrjölä * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #ifndef _SC_PKCS15_H #define _SC_PKCS15_H #include "sc.h" #define SC_PKCS15_PIN_MAGIC 0x31415926 #define SC_PKCS15_MAX_PINS 2 #define SC_PKCS15_MAX_CERTS 3 #define SC_PKCS15_MAX_PRKEYS 2 #define SC_PKCS15_MAX_LABEL_SIZE 32 #define SC_PKCS15_MAX_ID_SIZE 16 struct sc_pkcs15_id { u8 value[SC_PKCS15_MAX_ID_SIZE]; int len; }; struct sc_pkcs15_common_obj_attr { char label[SC_PKCS15_MAX_LABEL_SIZE]; /* zero terminated */ int flags; struct sc_pkcs15_id auth_id; int user_consent; /* FIXME: add accessControlRules */ }; struct sc_pkcs15_pin_info { struct sc_pkcs15_common_obj_attr com_attr; struct sc_pkcs15_id auth_id; int flags, type; int min_length, stored_length; u8 pad_char; struct sc_path path; int tries_left; unsigned int magic; }; #define SC_PKCS15_ALGO_OP_COMPUTE_CHECKSUM 0x01 #define SC_PKCS15_ALGO_OP_COMPUTE_SIGNATURE 0x02 #define SC_PKCS15_ALGO_OP_VERIFY_CHECKSUM 0x04 #define SC_PKCS15_ALGO_OP_VERIFY_SIGNATURE 0x08 #define SC_PKCS15_ALGO_OP_ENCIPHER 0x10 #define SC_PKCS15_ALGO_OP_DECIPHER 0x20 #define SC_PKCS15_ALGO_OP_HASH 0x40 #define SC_PKCS15_ALGO_OP_GENERATE_KEY 0x80 struct sc_pkcs15_algorithm_info { int reference; int algorithm, supported_operations; }; struct sc_pkcs15_rsa_pubkey { u8 *modulus; int modulus_len; unsigned int exponent; u8 *data; /* DER encoded raw key */ int data_len; }; struct sc_pkcs15_cert { int version; unsigned long long serial; struct sc_pkcs15_rsa_pubkey key; u8 *data; /* DER encoded raw cert */ int data_len; }; struct sc_pkcs15_cert_info { struct sc_pkcs15_common_obj_attr com_attr; struct sc_pkcs15_id id; /* correlates to private RSA key id */ int authority; /* boolean */ /* identifiers [2] SEQUENCE OF CredentialIdentifier{{KeyIdentifiers}} */ struct sc_path path; }; #define SC_PCKS15_PRKEY_USAGE_ENCRYPT 0x01 #define SC_PCKS15_PRKEY_USAGE_DECRYPT 0x02 #define SC_PCKS15_PRKEY_USAGE_SIGN 0x04 #define SC_PCKS15_PRKEY_USAGE_SIGNRECOVER 0x08 #define SC_PCKS15_PRKEY_USAGE_WRAP 0x10 #define SC_PCKS15_PRKEY_USAGE_UNWRAP 0x20 #define SC_PCKS15_PRKEY_USAGE_VERIFY 0x40 #define SC_PCKS15_PRKEY_USAGE_VERIFYRECOVER 0x80 #define SC_PCKS15_PRKEY_USAGE_DERIVE 0x100 #define SC_PCKS15_PRKEY_USAGE_NONREPUDIATION 0x200 #define SC_PKCS15_PRKEY_ACCESS_SENSITIVE 0x01 #define SC_PKCS15_PRKEY_ACCESS_EXTRACTABLE 0x02 #define SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE 0x04 #define SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE 0x08 #define SC_PKCS15_PRKEY_ACCESS_LOCAL 0x10 struct sc_pkcs15_prkey_info { struct sc_pkcs15_common_obj_attr com_attr; struct sc_pkcs15_id id; /* correlates to public certificate id */ int usage, access_flags; int key_reference; struct sc_path file_id; int modulus_length; }; struct sc_pkcs15_card { struct sc_card *card; char *label; struct sc_file file_dir, file_ao1, file_app; /* in app DF */ struct sc_file file_tokeninfo, file_odf; struct sc_file file_prkdf; struct sc_file file_aodf, file_ao2; struct sc_file file_cdf1, file_cdf2, file_cdf3; struct sc_file file_dodf; /* fields from TokenInfo: */ int version; char *serial_number, *manufacturer_id; int flags; struct sc_pkcs15_algorithm_info alg_info[1]; struct sc_pkcs15_cert_info cert_info[SC_PKCS15_MAX_CERTS]; int cert_count; struct sc_pkcs15_prkey_info prkey_info[SC_PKCS15_MAX_PRKEYS]; int prkey_count; struct sc_pkcs15_pin_info pin_info[SC_PKCS15_MAX_PINS]; int pin_count; }; #define SC_PKCS15_CARD_FLAG_READONLY 0x01 #define SC_PKCS15_CARD_FLAG_LOGIN_REQUIRED 0x02 #define SC_PKCS15_CARD_FLAG_PRN_GENERATION 0x04 #define SC_PKCS15_CARD_FLAG_EID_COMPLIANT 0x08 int sc_pkcs15_init(struct sc_card *card, struct sc_pkcs15_card **pkcs15_card); int sc_pkcs15_destroy(struct sc_pkcs15_card *card); void sc_pkcs15_print_card(const struct sc_pkcs15_card *card); void sc_pkcs15_print_cert_info(const struct sc_pkcs15_cert_info *cert); int sc_pkcs15_enum_certificates(struct sc_pkcs15_card *card); int sc_pkcs15_read_certificate(struct sc_pkcs15_card *card, const struct sc_pkcs15_cert_info *info, struct sc_pkcs15_cert **cert); void sc_pkcs15_free_certificate(struct sc_pkcs15_cert *cert); void sc_pkcs15_print_prkey_info(const struct sc_pkcs15_prkey_info *prkey); int sc_pkcs15_enum_private_keys(struct sc_pkcs15_card *card); void sc_pkcs15_print_pin_info(const struct sc_pkcs15_pin_info *pin); int sc_pkcs15_enum_pins(struct sc_pkcs15_card *card); int sc_pkcs15_verify_pin(struct sc_pkcs15_card *card, struct sc_pkcs15_pin_info *pin, char *pincode, int pinlen); int sc_pkcs15_change_pin(struct sc_pkcs15_card *card, struct sc_pkcs15_pin_info *pin, char *oldpincode, int oldpinlen, char *newpincode, int newpinlen); int sc_pkcs15_compare_id(const struct sc_pkcs15_id *id1, const struct sc_pkcs15_id *id2); void sc_pkcs15_print_id(const struct sc_pkcs15_id *id); int sc_sec_ask_pin_code(struct sc_pkcs15_pin_info *pin, char *out, int outlen, const char *prompt); int sc_pkcs15_parse_common_object_attr(struct sc_pkcs15_common_obj_attr *attr, const u8 * buf, int buflen); #endif