129 lines
4.2 KiB
C
129 lines
4.2 KiB
C
/*
|
|
* Copyright (C) 2012-2015 Frank Morgner
|
|
*
|
|
* This file is part of OpenSC.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, write to the Free Software
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
*/
|
|
/**
|
|
* @file
|
|
* @defgroup sm Interface to Secure Messaging (SM) defined in ISO 7816
|
|
* @{
|
|
*/
|
|
#ifndef _ISO_SM_H
|
|
#define _ISO_SM_H
|
|
|
|
#include "libopensc/opensc.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
/** @brief maximum length of response when targeting a SM RAPDU
|
|
*
|
|
* Using SM with authenticated data+le and encrypted data this is the biggest
|
|
* amount of the unencrypted response data we can receive. We assume AES block
|
|
* length for padding and MAC. */
|
|
#define MAX_SM_APDU_RESP_SIZE 223
|
|
|
|
/** @brief maximum length of data when targeting a SM APDU
|
|
*
|
|
* Using SM with authenticated data+header and encrypted data this is the
|
|
* biggest amount of the unencrypted data we can send. We assume AES block
|
|
* length for padding and MAC. */
|
|
#define MAX_SM_APDU_DATA_SIZE 239
|
|
|
|
/** @brief Padding indicator: use ISO/IEC 9797-1 padding method 2 */
|
|
#define SM_ISO_PADDING 0x01
|
|
/** @brief Padding indicator: use no padding */
|
|
#define SM_NO_PADDING 0x02
|
|
|
|
/** @brief Secure messaging context */
|
|
struct iso_sm_ctx {
|
|
/** @brief data of the specific crypto implementation */
|
|
void *priv_data;
|
|
|
|
/** @brief Padding-content indicator byte (ISO 7816-4 Table 30) */
|
|
u8 padding_indicator;
|
|
/** @brief Pad to this block length */
|
|
size_t block_length;
|
|
|
|
/** @brief Call back function for authentication of data */
|
|
int (*authenticate)(sc_card_t *card, const struct iso_sm_ctx *ctx,
|
|
const u8 *data, size_t datalen, u8 **outdata);
|
|
/** @brief Call back function for verifying authentication data */
|
|
int (*verify_authentication)(sc_card_t *card, const struct iso_sm_ctx *ctx,
|
|
const u8 *mac, size_t maclen,
|
|
const u8 *macdata, size_t macdatalen);
|
|
|
|
/** @brief Call back function for encryption of data */
|
|
int (*encrypt)(sc_card_t *card, const struct iso_sm_ctx *ctx,
|
|
const u8 *data, size_t datalen, u8 **enc);
|
|
/** @brief Call back function for decryption of data */
|
|
int (*decrypt)(sc_card_t *card, const struct iso_sm_ctx *ctx,
|
|
const u8 *enc, size_t enclen, u8 **data);
|
|
|
|
/** @brief Call back function for actions before encoding and encryption of \a apdu */
|
|
int (*pre_transmit)(sc_card_t *card, const struct iso_sm_ctx *ctx,
|
|
sc_apdu_t *apdu);
|
|
/** @brief Call back function for actions before decryption and decoding of \a sm_apdu */
|
|
int (*post_transmit)(sc_card_t *card, const struct iso_sm_ctx *ctx,
|
|
sc_apdu_t *sm_apdu);
|
|
/** @brief Call back function for actions after decrypting SM protected APDU */
|
|
int (*finish)(sc_card_t *card, const struct iso_sm_ctx *ctx,
|
|
sc_apdu_t *apdu);
|
|
|
|
/** @brief Clears and frees private data */
|
|
void (*clear_free)(const struct iso_sm_ctx *ctx);
|
|
};
|
|
|
|
/**
|
|
* @brief Clears and frees the SM context including private data
|
|
*
|
|
* Calls \a sctx->clear_free() if available
|
|
*
|
|
* @param[in] sctx (optional)
|
|
*/
|
|
void iso_sm_ctx_clear_free(struct iso_sm_ctx *sctx);
|
|
|
|
/**
|
|
* @brief Creates a SM context
|
|
*
|
|
* @return SM context or NULL if an error occurred
|
|
*/
|
|
struct iso_sm_ctx *iso_sm_ctx_create(void);
|
|
|
|
/**
|
|
* @brief Initializes a card for usage of the ISO SM driver
|
|
*
|
|
* If a SM module has been assigned previously to the card, it will be cleaned
|
|
* up.
|
|
*
|
|
* @param[in] card
|
|
* @param[in] sctx will NOT be freed automatically. \a sctx should be present
|
|
* for the time of the SM session.
|
|
*
|
|
* @return \c SC_SUCCESS or error code if an error occurred
|
|
*/
|
|
int iso_sm_start(struct sc_card *card, struct iso_sm_ctx *sctx);
|
|
|
|
int iso_sm_close(struct sc_card *card);
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
#endif
|
|
/* @} */
|