1 /* 2 * types.h: OpenSC general types 3 * 4 * Copyright (C) 2001, 2002 Juha Yrjölä <juha.yrjola@iki.fi> 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 */ 20 21 #ifndef _OPENSC_TYPES_H 22 #define _OPENSC_TYPES_H 23 24 #ifdef __cplusplus 25 extern "C" { 26 #endif 27 28 typedef unsigned char u8; 29 30 /* various maximum values */ 31 #define SC_MAX_CARD_DRIVERS 48 32 #define SC_MAX_CARD_DRIVER_SNAME_SIZE 16 33 #define SC_MAX_CARD_APPS 8 34 #define SC_MAX_APDU_BUFFER_SIZE 261 /* takes account of: CLA INS P1 P2 Lc [255 byte of data] Le */ 35 #define SC_MAX_APDU_DATA_SIZE 0xFF 36 #define SC_MAX_APDU_RESP_SIZE (0xFF+1) 37 #define SC_MAX_EXT_APDU_BUFFER_SIZE 65538 38 #define SC_MAX_EXT_APDU_DATA_SIZE 0xFFFF 39 #define SC_MAX_EXT_APDU_RESP_SIZE (0xFFFF+1) 40 #define SC_MAX_PIN_SIZE 256 /* OpenPGP card has 254 max */ 41 #define SC_MAX_ATR_SIZE 33 42 #define SC_MAX_UID_SIZE 10 43 #define SC_MAX_AID_SIZE 16 44 #define SC_MAX_AID_STRING_SIZE (SC_MAX_AID_SIZE * 2 + 3) 45 #define SC_MAX_IIN_SIZE 10 46 #define SC_MAX_OBJECT_ID_OCTETS 16 47 #define SC_MAX_PATH_SIZE 16 48 #define SC_MAX_PATH_STRING_SIZE (SC_MAX_PATH_SIZE * 2 + 3) 49 #define SC_MAX_SDO_ACLS 8 50 #define SC_MAX_CRTS_IN_SE 12 51 #define SC_MAX_SE_NUM 8 52 53 /* When changing this value, pay attention to the initialization of the ASN1 54 * static variables that use this macro, like, for example, 55 * 'c_asn1_supported_algorithms' in src/libopensc/pkcs15.c, 56 * src/libopensc/pkcs15-prkey.c and src/libopensc/pkcs15-skey.c 57 * `grep "src/libopensc/types.h SC_MAX_SUPPORTED_ALGORITHMS defined as"' 58 */ 59 #define SC_MAX_SUPPORTED_ALGORITHMS 16 60 61 struct sc_lv_data { 62 unsigned char *value; 63 size_t len; 64 }; 65 66 struct sc_tlv_data { 67 unsigned tag; 68 unsigned char *value; 69 size_t len; 70 }; 71 72 struct sc_object_id { 73 int value[SC_MAX_OBJECT_ID_OCTETS]; 74 }; 75 76 struct sc_aid { 77 unsigned char value[SC_MAX_AID_SIZE]; 78 size_t len; 79 }; 80 81 struct sc_atr { 82 unsigned char value[SC_MAX_ATR_SIZE]; 83 size_t len; 84 }; 85 86 struct sc_uid { 87 unsigned char value[SC_MAX_UID_SIZE]; 88 size_t len; 89 }; 90 91 /* Issuer ID */ 92 struct sc_iid { 93 unsigned char value[SC_MAX_IIN_SIZE]; 94 size_t len; 95 }; 96 97 struct sc_version { 98 unsigned char hw_major; 99 unsigned char hw_minor; 100 101 unsigned char fw_major; 102 unsigned char fw_minor; 103 }; 104 105 /* Discretionary ASN.1 data object */ 106 struct sc_ddo { 107 struct sc_aid aid; 108 struct sc_iid iid; 109 struct sc_object_id oid; 110 111 size_t len; 112 unsigned char *value; 113 }; 114 115 #define SC_PATH_TYPE_FILE_ID 0 116 #define SC_PATH_TYPE_DF_NAME 1 117 #define SC_PATH_TYPE_PATH 2 118 /* path of a file containing EnvelopedData objects */ 119 #define SC_PATH_TYPE_PATH_PROT 3 120 #define SC_PATH_TYPE_FROM_CURRENT 4 121 #define SC_PATH_TYPE_PARENT 5 122 123 typedef struct sc_path { 124 u8 value[SC_MAX_PATH_SIZE]; 125 size_t len; 126 127 /* The next two fields are used in PKCS15, where 128 * a Path object can reference a portion of a file - 129 * count octets starting at offset index. 130 */ 131 int index; 132 int count; 133 134 int type; 135 136 struct sc_aid aid; 137 } sc_path_t; 138 139 /* Control reference template */ 140 struct sc_crt { 141 unsigned tag; 142 unsigned usage; /* Usage Qualifier Byte */ 143 unsigned algo; /* Algorithm ID */ 144 unsigned refs[8]; /* Security Object References */ 145 }; 146 147 /* Access Control flags */ 148 #define SC_AC_NONE 0x00000000 149 #define SC_AC_CHV 0x00000001 /* Card Holder Verif. */ 150 #define SC_AC_TERM 0x00000002 /* Terminal auth. */ 151 #define SC_AC_PRO 0x00000004 /* Secure Messaging */ 152 #define SC_AC_AUT 0x00000008 /* Key auth. */ 153 #define SC_AC_SYMBOLIC 0x00000010 /* internal use only */ 154 #define SC_AC_SEN 0x00000020 /* Security Environment. */ 155 #define SC_AC_SCB 0x00000040 /* IAS/ECC SCB byte. */ 156 #define SC_AC_IDA 0x00000080 /* PKCS#15 authentication ID */ 157 #define SC_AC_SESSION 0x00000100 /* Session PIN */ 158 #define SC_AC_CONTEXT_SPECIFIC 0x00000200 /* Context specific login */ 159 160 #define SC_AC_UNKNOWN 0xFFFFFFFE 161 #define SC_AC_NEVER 0xFFFFFFFF 162 163 /* Operations relating to access control */ 164 #define SC_AC_OP_SELECT 0 165 #define SC_AC_OP_LOCK 1 166 #define SC_AC_OP_DELETE 2 167 #define SC_AC_OP_CREATE 3 168 #define SC_AC_OP_REHABILITATE 4 169 #define SC_AC_OP_INVALIDATE 5 170 #define SC_AC_OP_LIST_FILES 6 171 #define SC_AC_OP_CRYPTO 7 172 #define SC_AC_OP_DELETE_SELF 8 173 #define SC_AC_OP_PSO_DECRYPT 9 174 #define SC_AC_OP_PSO_ENCRYPT 10 175 #define SC_AC_OP_PSO_COMPUTE_SIGNATURE 11 176 #define SC_AC_OP_PSO_VERIFY_SIGNATURE 12 177 #define SC_AC_OP_PSO_COMPUTE_CHECKSUM 13 178 #define SC_AC_OP_PSO_VERIFY_CHECKSUM 14 179 #define SC_AC_OP_INTERNAL_AUTHENTICATE 15 180 #define SC_AC_OP_EXTERNAL_AUTHENTICATE 16 181 #define SC_AC_OP_PIN_DEFINE 17 182 #define SC_AC_OP_PIN_CHANGE 18 183 #define SC_AC_OP_PIN_RESET 19 184 #define SC_AC_OP_ACTIVATE 20 185 #define SC_AC_OP_DEACTIVATE 21 186 #define SC_AC_OP_READ 22 187 #define SC_AC_OP_UPDATE 23 188 #define SC_AC_OP_WRITE 24 189 #define SC_AC_OP_RESIZE 25 190 #define SC_AC_OP_GENERATE 26 191 #define SC_AC_OP_CREATE_EF 27 192 #define SC_AC_OP_CREATE_DF 28 193 #define SC_AC_OP_ADMIN 29 194 #define SC_AC_OP_PIN_USE 30 195 /* If you add more OPs here, make sure you increase SC_MAX_AC_OPS*/ 196 #define SC_MAX_AC_OPS 31 197 198 /* the use of SC_AC_OP_ERASE is deprecated, SC_AC_OP_DELETE should be used 199 * instead */ 200 #define SC_AC_OP_ERASE SC_AC_OP_DELETE 201 202 #define SC_AC_KEY_REF_NONE 0xFFFFFFFF 203 204 typedef struct sc_acl_entry { 205 unsigned int method; /* See SC_AC_* */ 206 unsigned int key_ref; /* SC_AC_KEY_REF_NONE or an integer */ 207 struct sc_acl_entry *next; 208 } sc_acl_entry_t; 209 210 /* File types */ 211 #define SC_FILE_TYPE_UNKNOWN 0x00 212 #define SC_FILE_TYPE_DF 0x04 213 #define SC_FILE_TYPE_INTERNAL_EF 0x03 214 #define SC_FILE_TYPE_WORKING_EF 0x01 215 #define SC_FILE_TYPE_BSO 0x10 216 217 /* EF structures */ 218 #define SC_FILE_EF_UNKNOWN 0x00 219 #define SC_FILE_EF_TRANSPARENT 0x01 220 #define SC_FILE_EF_LINEAR_FIXED 0x02 221 #define SC_FILE_EF_LINEAR_FIXED_TLV 0x03 222 #define SC_FILE_EF_LINEAR_VARIABLE 0x04 223 #define SC_FILE_EF_LINEAR_VARIABLE_TLV 0x05 224 #define SC_FILE_EF_CYCLIC 0x06 225 #define SC_FILE_EF_CYCLIC_TLV 0x07 226 227 /* File status flags */ 228 /* ISO7816-4: Unless otherwise specified, the security attributes are valid for the operational state.*/ 229 #define SC_FILE_STATUS_ACTIVATED 0x00 /* ISO7816-4: Operational state (activated) (5, 7) */ 230 #define SC_FILE_STATUS_INVALIDATED 0x01 /* ISO7816-4: Operational state (deactivated) (4, 6) */ 231 232 /* Full access in this state, (at least for SetCOS 4.4 ) */ 233 #define SC_FILE_STATUS_CREATION 0x02 /* ISO7816-4: Creation state, (1) */ 234 235 #define SC_FILE_STATUS_INITIALISATION 0x03 /* ISO7816-4: Initialisation state, (3) */ 236 #define SC_FILE_STATUS_NO_INFO 0x04 /* ISO7816-4: No information given, (0) */ 237 #define SC_FILE_STATUS_TERMINATION 0x0c /* ISO7816-4: Termination state (12,13,14,15) */ 238 #define SC_FILE_STATUS_PROPRIETARY 0xf0 /* ISO7816-4: codes > 15 */ 239 240 /* reserved for future use by ISO/IEC */ 241 #define SC_FILE_STATUS_RFU_2 0x07 /* ISO7816-4: (0x02) */ 242 #define SC_FILE_STATUS_RFU_8 0x08 /* ISO7816-4: (0x08) */ 243 #define SC_FILE_STATUS_RFU_9 0x09 /* ISO7816-4: (0x09) */ 244 #define SC_FILE_STATUS_RFU_10 0x0a /* ISO7816-4: (0x0a) */ 245 #define SC_FILE_STATUS_RFU_11 0x0b /* ISO7816-4: (0x0b) */ 246 247 #define SC_FILE_STATUS_UNKNOWN 0xff /* if tag 0x8A is missing, there is no information about LCSB */ 248 249 typedef struct sc_file { 250 struct sc_path path; 251 unsigned char name[16]; /* DF name */ 252 size_t namelen; /* length of DF name */ 253 254 unsigned int type, ef_structure, status; /* See constant values defined above */ 255 unsigned int shareable; /* true(1), false(0) according to ISO 7816-4:2005 Table 14 */ 256 size_t size; /* Size of file (in bytes) */ 257 int id; /* file identifier (2 bytes) */ 258 int sid; /* short EF identifier (1 byte) */ 259 struct sc_acl_entry *acl[SC_MAX_AC_OPS]; /* Access Control List */ 260 int acl_inactive; /* if set, the card access control mechanism is not active */ 261 262 size_t record_length; /* max. length in case of record-oriented EF */ 263 size_t record_count; /* Valid, if not transparent EF or DF */ 264 265 unsigned char *sec_attr; /* security data in proprietary format. tag '86' */ 266 size_t sec_attr_len; 267 268 unsigned char *prop_attr; /* proprietary information. tag '85'*/ 269 size_t prop_attr_len; 270 271 unsigned char *type_attr; /* file descriptor data. tag '82'. 272 replaces the file's type information (DF, EF, ...) */ 273 size_t type_attr_len; 274 275 unsigned char *encoded_content; /* file's content encoded to be used in the file creation command */ 276 size_t encoded_content_len; /* size of file's encoded content in bytes */ 277 278 unsigned int magic; 279 } sc_file_t; 280 281 282 /* Different APDU cases */ 283 #define SC_APDU_CASE_NONE 0x00 284 #define SC_APDU_CASE_1 0x01 285 #define SC_APDU_CASE_2_SHORT 0x02 286 #define SC_APDU_CASE_3_SHORT 0x03 287 #define SC_APDU_CASE_4_SHORT 0x04 288 #define SC_APDU_SHORT_MASK 0x0f 289 #define SC_APDU_EXT 0x10 290 #define SC_APDU_CASE_2_EXT SC_APDU_CASE_2_SHORT | SC_APDU_EXT 291 #define SC_APDU_CASE_3_EXT SC_APDU_CASE_3_SHORT | SC_APDU_EXT 292 #define SC_APDU_CASE_4_EXT SC_APDU_CASE_4_SHORT | SC_APDU_EXT 293 /* following types let OpenSC decides whether to use short or extended APDUs */ 294 #define SC_APDU_CASE_2 0x22 295 #define SC_APDU_CASE_3 0x23 296 #define SC_APDU_CASE_4 0x24 297 298 /* use command chaining if the Lc value is greater than normally allowed */ 299 #define SC_APDU_FLAGS_CHAINING 0x00000001UL 300 /* do not automatically call GET RESPONSE to read all available data */ 301 #define SC_APDU_FLAGS_NO_GET_RESP 0x00000002UL 302 /* do not automatically try a re-transmit with a new length if the card 303 * returns 0x6Cxx (wrong length) 304 */ 305 #define SC_APDU_FLAGS_NO_RETRY_WL 0x00000004UL 306 /* APDU is from Secure Messaging */ 307 #define SC_APDU_FLAGS_NO_SM 0x00000008UL 308 309 #define SC_APDU_ALLOCATE_FLAG 0x01 310 #define SC_APDU_ALLOCATE_FLAG_DATA 0x02 311 #define SC_APDU_ALLOCATE_FLAG_RESP 0x04 312 313 typedef struct sc_apdu { 314 int cse; /* APDU case */ 315 unsigned char cla, ins, p1, p2; /* CLA, INS, P1 and P2 bytes */ 316 size_t lc, le; /* Lc and Le bytes */ 317 const unsigned char *data; /* S-APDU data */ 318 size_t datalen; /* length of data in S-APDU */ 319 unsigned char *resp; /* R-APDU data buffer */ 320 size_t resplen; /* in: size of R-APDU buffer, 321 * out: length of data returned in R-APDU */ 322 unsigned char control; /* Set if APDU should go to the reader */ 323 unsigned allocation_flags; /* APDU allocation flags */ 324 325 unsigned int sw1, sw2; /* Status words returned in R-APDU */ 326 unsigned char mac[8]; 327 size_t mac_len; 328 329 unsigned long flags; 330 331 struct sc_apdu *next; 332 } sc_apdu_t; 333 334 /* Card manager Production Life Cycle data (CPLC) 335 * (from the Open Platform specification) */ 336 #define SC_CPLC_TAG 0x9F7F 337 #define SC_CPLC_DER_SIZE 45 338 struct sc_cplc { 339 unsigned char ic_fabricator[2]; 340 unsigned char ic_type[2]; 341 unsigned char os_data[6]; 342 unsigned char ic_date[2]; 343 unsigned char ic_serial[4]; 344 unsigned char ic_batch_id[2]; 345 unsigned char ic_module_data[4]; 346 unsigned char icc_manufacturer[2]; 347 unsigned char ic_embed_date[2]; 348 unsigned char pre_perso_data[6]; 349 unsigned char personalizer_data[6]; 350 351 unsigned char value[SC_CPLC_DER_SIZE]; 352 size_t len; 353 }; 354 355 /* 'Issuer Identification Number' is a part of ISO/IEC 7812 PAN definition */ 356 struct sc_iin { 357 unsigned char mii; /* industry identifier */ 358 unsigned country; /* country identifier */ 359 unsigned long issuer_id; /* issuer identifier */ 360 }; 361 362 /* structure for the card serial number (normally the ICCSN) */ 363 #define SC_MAX_SERIALNR 32 364 typedef struct sc_serial_number { 365 unsigned char value[SC_MAX_SERIALNR]; 366 size_t len; 367 368 struct sc_iin iin; 369 } sc_serial_number_t; 370 371 /** 372 * @struct sc_remote_apdu data 373 * Structure to supply the linked APDU data used in 374 * communication with the external (SM) modules. 375 */ 376 #define SC_REMOTE_APDU_FLAG_NOT_FATAL 0x01 377 #define SC_REMOTE_APDU_FLAG_RETURN_ANSWER 0x02 378 struct sc_remote_apdu { 379 unsigned char sbuf[2*SC_MAX_APDU_BUFFER_SIZE]; 380 unsigned char rbuf[2*SC_MAX_APDU_BUFFER_SIZE]; 381 struct sc_apdu apdu; 382 383 unsigned flags; 384 385 struct sc_remote_apdu *next; 386 }; 387 388 /** 389 * @struct sc_remote_data 390 * Frame for the list of the @c sc_remote_apdu data with 391 * the handlers to allocate and free. 392 */ 393 struct sc_remote_data { 394 struct sc_remote_apdu *data; 395 int length; 396 397 /** 398 * Handler to allocate a new @c sc_remote_apdu data and add it to the list. 399 * @param rdata Self pointer to the @c sc_remote_data 400 * @param out Pointer to newle allocated member 401 */ 402 int (*alloc)(struct sc_remote_data *rdata, struct sc_remote_apdu **out); 403 /** 404 * Handler to free the list of @c sc_remote_apdu data 405 * @param rdata Self pointer to the @c sc_remote_data 406 */ 407 void (*free)(struct sc_remote_data *rdata); 408 }; 409 410 411 #ifdef __cplusplus 412 } 413 #endif 414 415 #endif 416