1 /* gpg-card.h - Common definitions for the gpg-card-tool 2 * Copyright (C) 2019, 2020 g10 Code GmbH 3 * 4 * This file is part of GnuPG. 5 * 6 * This file is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; either version 3 of the License, or 9 * (at your option) any later version. 10 * 11 * This file is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, see <https://gnu.org/licenses/>. 18 * SPDX-License-Identifier: GPL-3.0-or-later 19 */ 20 21 #ifndef GNUPG_GPG_CARD_H 22 #define GNUPG_GPG_CARD_H 23 24 #include "../common/session-env.h" 25 #include "../common/strlist.h" 26 27 28 /* We keep all global options in the structure OPT. */ 29 EXTERN_UNLESS_MAIN_MODULE 30 struct 31 { 32 int interactive; 33 int verbose; 34 unsigned int debug; 35 int quiet; 36 int with_colons; 37 const char *gpg_program; 38 const char *gpgsm_program; 39 const char *agent_program; 40 int autostart; 41 42 int no_key_lookup; /* Assume --no-key-lookup for "list". */ 43 44 int no_history; /* Do not use the command line history. */ 45 46 /* Options passed to the gpg-agent: */ 47 session_env_t session_env; 48 char *lc_ctype; 49 char *lc_messages; 50 51 } opt; 52 53 /* Debug values and macros. */ 54 #define DBG_IPC_VALUE 1024 /* Debug assuan communication. */ 55 #define DBG_EXTPROG_VALUE 16384 /* Debug external program calls */ 56 57 #define DBG_IPC (opt.debug & DBG_IPC_VALUE) 58 #define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE) 59 60 /* The maximum length of a binary fingerprint. */ 61 #define MAX_FINGERPRINT_LEN 32 62 63 64 /* 65 * Data structures to store keyblocks (aka certificates). 66 */ 67 struct pubkey_s 68 { 69 struct pubkey_s *next; /* The next key. */ 70 unsigned char grip[KEYGRIP_LEN]; 71 unsigned char fpr[MAX_FINGERPRINT_LEN]; 72 unsigned char fprlen; /* The used length of a FPR. */ 73 time_t created; /* The creation date of the key. */ 74 unsigned int grip_valid:1;/* The grip is valid. */ 75 unsigned int requested: 1;/* This is the requested grip. */ 76 }; 77 typedef struct pubkey_s *pubkey_t; 78 79 struct userid_s 80 { 81 struct userid_s *next; 82 char *value; /* Malloced. */ 83 }; 84 typedef struct userid_s *userid_t; 85 86 struct keyblock_s 87 { 88 struct keyblock_s *next; /* Allow to link several keyblocks. */ 89 int protocol; /* GPGME_PROTOCOL_OPENPGP or _CMS. */ 90 pubkey_t keys; /* The key. For OpenPGP primary + list of subkeys. */ 91 userid_t uids; /* The list of user ids. */ 92 }; 93 typedef struct keyblock_s *keyblock_t; 94 95 96 97 /* Enumeration of the known card application types. */ 98 typedef enum 99 { 100 APP_TYPE_NONE, /* Not yet known or for direct APDU sending. */ 101 APP_TYPE_OPENPGP, 102 APP_TYPE_NKS, 103 APP_TYPE_DINSIG, 104 APP_TYPE_P15, 105 APP_TYPE_GELDKARTE, 106 APP_TYPE_SC_HSM, 107 APP_TYPE_PIV, 108 APP_TYPE_UNKNOWN /* Unknown by this tool. */ 109 } app_type_t; 110 111 112 /* An object to store information pertaining to a key pair as stored 113 * on a card. This is commonly used as a linked list with all keys 114 * known for the current card. */ 115 struct key_info_s 116 { 117 struct key_info_s *next; 118 119 unsigned char grip[20];/* The keygrip. */ 120 121 unsigned char xflag; /* Temporary flag to help processing a list. */ 122 123 /* OpenPGP card and possible other cards keyalgo string (an atom) 124 * and the id of the algorithm. */ 125 const char *keyalgo; 126 enum gcry_pk_algos keyalgo_id; 127 128 /* An optional malloced label for the key. */ 129 char *label; 130 131 /* The three next items are mostly useful for OpenPGP cards. */ 132 unsigned char fprlen; /* Use length of the next item. */ 133 unsigned char fpr[32]; /* The binary fingerprint of length FPRLEN. */ 134 u32 created; /* The time the key was created. */ 135 unsigned int usage; /* Usage flags. (GCRY_PK_USAGE_*) */ 136 char keyref[1]; /* String with the keyref (e.g. OPENPGP.1). */ 137 }; 138 typedef struct key_info_s *key_info_t; 139 140 141 /* 142 * The object used to store information about a card. 143 */ 144 struct card_info_s 145 { 146 int initialized; /* True if a learn command was successful. */ 147 int need_sn_cmd; /* The SERIALNO command needs to be issued. */ 148 int card_removed; /* Helper flag set by some listing functions. */ 149 int error; /* private. */ 150 char *reader; /* Reader information. */ 151 char *cardtype; /* NULL or type of the card. */ 152 unsigned int cardversion; /* Firmware version of the card. */ 153 char *apptypestr; /* Malloced application type string. */ 154 app_type_t apptype;/* Translated from APPTYPESTR. */ 155 unsigned int appversion; /* Version of the application. */ 156 unsigned int manufacturer_id; 157 char *manufacturer_name; /* malloced. */ 158 char *serialno; /* malloced hex string. */ 159 char *dispserialno;/* malloced string. */ 160 char *disp_name; /* malloced. */ 161 char *disp_lang; /* malloced. */ 162 int disp_sex; /* 0 = unspecified, 1 = male, 2 = female */ 163 char *pubkey_url; /* malloced. */ 164 char *login_data; /* malloced. */ 165 char *private_do[4]; /* malloced. */ 166 char cafpr1len; /* Length of the CA-fingerprint or 0 if invalid. */ 167 char cafpr2len; 168 char cafpr3len; 169 char cafpr1[20]; 170 char cafpr2[20]; 171 char cafpr3[20]; 172 key_info_t kinfo; /* Linked list with all keypair related data. */ 173 unsigned long sig_counter; 174 int chv1_cached; /* For openpgp this is true if a PIN is not 175 required for each signing. Note that the 176 gpg-agent might cache it anyway. */ 177 int is_v2; /* True if this is a v2 openpgp card. */ 178 byte nchvmaxlen; /* Number of valid items in CHVMAXLEN. */ 179 int chvmaxlen[4]; /* Maximum allowed length of a CHV. */ 180 byte nchvinfo; /* Number of valid items in CHVINFO. */ 181 int chvinfo[4]; /* Allowed retries for the CHV; 0 = blocked. */ 182 char *chvlabels; /* Malloced String with CHV labels. */ 183 unsigned char chvusage[2]; /* Data object 5F2F */ 184 struct { 185 unsigned int ki:1; /* Key import available. */ 186 unsigned int aac:1; /* Algorithm attributes are changeable. */ 187 unsigned int kdf:1; /* KDF object to support PIN hashing available. */ 188 unsigned int bt:1; /* Button for confirmation available. */ 189 unsigned int sm:1; /* Secure messaging available. */ 190 unsigned int smalgo:15;/* Secure messaging cipher algorithm. */ 191 unsigned int private_dos:1;/* Support fpr private use DOs. */ 192 unsigned int mcl3:16; /* Max. length for a OpenPGP card cert.3 */ 193 } extcap; 194 unsigned int status_indicator; 195 int kdf_do_enabled; /* True if card has a KDF object. */ 196 int uif[3]; /* True if User Interaction Flag is on. */ 197 /* 1 = on, 2 = permanent on. */ 198 strlist_t supported_keyalgo[3]; 199 }; 200 typedef struct card_info_s *card_info_t; 201 202 203 /*-- card-keys.c --*/ 204 void release_keyblock (keyblock_t keyblock); 205 void flush_keyblock_cache (void); 206 gpg_error_t get_matching_keys (const unsigned char *keygrip, int protocol, 207 keyblock_t *r_keyblock); 208 gpg_error_t test_get_matching_keys (const char *hexgrip); 209 gpg_error_t get_minimal_openpgp_key (estream_t *r_key, const char *fingerprint); 210 211 212 /*-- card-misc.c --*/ 213 key_info_t find_kinfo (card_info_t info, const char *keyref); 214 void *hex_to_buffer (const char *string, size_t *r_length); 215 gpg_error_t send_apdu (const char *hexapdu, const char *desc, 216 unsigned int ignore, 217 unsigned char **r_data, size_t *r_datalen); 218 219 /*-- card-call-scd.c --*/ 220 void release_card_info (card_info_t info); 221 const char *app_type_string (app_type_t app_type); 222 223 gpg_error_t scd_apdu (const char *hexapdu, const char *options, 224 unsigned int *r_sw, 225 unsigned char **r_data, size_t *r_datalen); 226 227 gpg_error_t scd_switchcard (const char *serialno); 228 gpg_error_t scd_switchapp (const char *appname); 229 230 gpg_error_t scd_learn (card_info_t info, int reread); 231 gpg_error_t scd_getattr (const char *name, struct card_info_s *info); 232 gpg_error_t scd_setattr (const char *name, 233 const unsigned char *value, size_t valuelen); 234 gpg_error_t scd_writecert (const char *certidstr, 235 const unsigned char *certdata, size_t certdatalen); 236 gpg_error_t scd_writekey (const char *keyref, int force, const char *keygrip); 237 gpg_error_t scd_genkey (const char *keyref, int force, const char *algo, 238 u32 *createtime); 239 gpg_error_t scd_serialno (char **r_serialno, const char *demand); 240 241 gpg_error_t scd_readcert (const char *certidstr, 242 void **r_buf, size_t *r_buflen); 243 gpg_error_t scd_readkey (const char *keyrefstr, int create_shadow, 244 gcry_sexp_t *r_result); 245 gpg_error_t scd_cardlist (strlist_t *result); 246 gpg_error_t scd_applist (strlist_t *result, int all); 247 gpg_error_t scd_change_pin (const char *pinref, int reset_mode, int nullpin); 248 gpg_error_t scd_checkpin (const char *serialno); 249 250 unsigned long agent_get_s2k_count (void); 251 252 char *scd_apdu_strerror (unsigned int sw); 253 254 255 /*-- card-yubikey.c --*/ 256 gpg_error_t yubikey_commands (card_info_t info, 257 estream_t fp, int argc, const char *argv[]); 258 259 260 #endif /*GNUPG_GPG_CARD_H*/ 261