1 /* 2 * pkcs15.h: OpenSC PKCS#15 header file 3 * 4 * Copyright (C) 2001, 2002 Juha Yrjölä <juha.yrjola@iki.fi> 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 */ 20 21 #ifndef _OPENSC_PKCS15_H 22 #define _OPENSC_PKCS15_H 23 24 #ifdef __cplusplus 25 extern "C" { 26 #endif 27 28 #include "libopensc/opensc.h" 29 #include "libopensc/aux-data.h" 30 31 #define SC_PKCS15_CACHE_DIR ".eid" 32 33 #define SC_PKCS15_PIN_MAGIC 0x31415926 34 #define SC_PKCS15_MAX_PINS 8 35 #define SC_PKCS15_MAX_LABEL_SIZE 255 36 #define SC_PKCS15_MAX_ID_SIZE 255 37 38 /* When changing this value, change also initialisation of the 39 * static ASN1 variables, that use this macro, 40 * like for example, 'c_asn1_access_control_rules' 41 * in src/libopensc/asn1.c */ 42 #define SC_PKCS15_MAX_ACCESS_RULES 8 43 44 struct sc_pkcs15_id { 45 u8 value[SC_PKCS15_MAX_ID_SIZE]; 46 size_t len; 47 }; 48 typedef struct sc_pkcs15_id sc_pkcs15_id_t; 49 50 #define SC_PKCS15_CO_FLAG_PRIVATE 0x00000001 51 #define SC_PKCS15_CO_FLAG_MODIFIABLE 0x00000002 52 #define SC_PKCS15_CO_FLAG_OBJECT_SEEN 0x80000000 /* for PKCS #11 module */ 53 54 #define SC_PKCS15_PIN_FLAG_CASE_SENSITIVE 0x0001 55 #define SC_PKCS15_PIN_FLAG_LOCAL 0x0002 56 #define SC_PKCS15_PIN_FLAG_CHANGE_DISABLED 0x0004 57 #define SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED 0x0008 58 #define SC_PKCS15_PIN_FLAG_INITIALIZED 0x0010 59 #define SC_PKCS15_PIN_FLAG_NEEDS_PADDING 0x0020 60 #define SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN 0x0040 61 #define SC_PKCS15_PIN_FLAG_SO_PIN 0x0080 62 #define SC_PKCS15_PIN_FLAG_DISABLE_ALLOW 0x0100 63 #define SC_PKCS15_PIN_FLAG_INTEGRITY_PROTECTED 0x0200 64 #define SC_PKCS15_PIN_FLAG_CONFIDENTIALITY_PROTECTED 0x0400 65 #define SC_PKCS15_PIN_FLAG_EXCHANGE_REF_DATA 0x0800 66 67 #define SC_PKCS15_PIN_TYPE_FLAGS_MASK \ 68 ( SC_PKCS15_PIN_FLAG_LOCAL | SC_PKCS15_PIN_FLAG_INITIALIZED \ 69 | SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN | SC_PKCS15_PIN_FLAG_SO_PIN ) 70 71 #define SC_PKCS15_PIN_TYPE_FLAGS_SOPIN \ 72 ( SC_PKCS15_PIN_FLAG_SO_PIN | SC_PKCS15_PIN_FLAG_INITIALIZED ) 73 74 #define SC_PKCS15_PIN_TYPE_FLAGS_PIN_GLOBAL \ 75 ( SC_PKCS15_PIN_FLAG_INITIALIZED ) 76 77 #define SC_PKCS15_PIN_TYPE_FLAGS_PIN_LOCAL \ 78 ( SC_PKCS15_PIN_FLAG_INITIALIZED | SC_PKCS15_PIN_FLAG_LOCAL) 79 80 #define SC_PKCS15_PIN_TYPE_FLAGS_PUK_GLOBAL \ 81 ( SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN \ 82 | SC_PKCS15_PIN_FLAG_INITIALIZED ) 83 84 #define SC_PKCS15_PIN_TYPE_FLAGS_PUK_LOCAL \ 85 ( SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN \ 86 | SC_PKCS15_PIN_FLAG_INITIALIZED | SC_PKCS15_PIN_FLAG_LOCAL) 87 88 #define SC_PKCS15_PIN_TYPE_BCD 0 89 #define SC_PKCS15_PIN_TYPE_ASCII_NUMERIC 1 90 #define SC_PKCS15_PIN_TYPE_UTF8 2 91 #define SC_PKCS15_PIN_TYPE_HALFNIBBLE_BCD 3 92 #define SC_PKCS15_PIN_TYPE_ISO9564_1 4 93 94 #define SC_PKCS15_PIN_AUTH_TYPE_PIN 0 95 #define SC_PKCS15_PIN_AUTH_TYPE_BIOMETRIC 1 96 #define SC_PKCS15_PIN_AUTH_TYPE_AUTH_KEY 2 97 #define SC_PKCS15_PIN_AUTH_TYPE_SM_KEY 3 98 /* PinAttributes as they defined in PKCS#15 v1.1 for PIN authentication object */ 99 struct sc_pkcs15_pin_attributes { 100 unsigned int flags, type; 101 size_t min_length, stored_length, max_length; 102 int reference; 103 u8 pad_char; 104 }; 105 /* AuthKeyAttributes of the authKey authentication object */ 106 struct sc_pkcs15_authkey_attributes { 107 int derived; 108 struct sc_pkcs15_id skey_id; 109 }; 110 /* BiometricAttributes of the biometricTemplate authentication object */ 111 struct sc_pkcs15_biometric_attributes { 112 unsigned int flags; 113 struct sc_object_id template_id; 114 /* ... */ 115 }; 116 struct sc_pkcs15_auth_info { 117 /* CommonAuthenticationObjectAttributes */ 118 struct sc_pkcs15_id auth_id; 119 120 /* AuthObjectAttributes */ 121 struct sc_path path; 122 unsigned auth_type; 123 union { 124 struct sc_pkcs15_pin_attributes pin; 125 struct sc_pkcs15_biometric_attributes bio; 126 struct sc_pkcs15_authkey_attributes authkey; 127 } attrs; 128 129 /* authentication method: CHV, SEN, SYMBOLIC, ... */ 130 unsigned int auth_method; 131 132 int tries_left, max_tries, logged_in; 133 int max_unlocks; 134 }; 135 typedef struct sc_pkcs15_auth_info sc_pkcs15_auth_info_t; 136 137 #define SC_PKCS15_ALGO_OP_COMPUTE_CHECKSUM 0x01 138 #define SC_PKCS15_ALGO_OP_COMPUTE_SIGNATURE 0x02 139 #define SC_PKCS15_ALGO_OP_VERIFY_CHECKSUM 0x04 140 #define SC_PKCS15_ALGO_OP_VERIFY_SIGNATURE 0x08 141 #define SC_PKCS15_ALGO_OP_ENCIPHER 0x10 142 #define SC_PKCS15_ALGO_OP_DECIPHER 0x20 143 #define SC_PKCS15_ALGO_OP_HASH 0x40 144 #define SC_PKCS15_ALGO_OP_GENERATE_KEY 0x80 145 146 /* A large integer, big endian notation */ 147 struct sc_pkcs15_bignum { 148 u8 * data; 149 size_t len; 150 }; 151 typedef struct sc_pkcs15_bignum sc_pkcs15_bignum_t; 152 153 struct sc_pkcs15_der { 154 u8 * value; 155 size_t len; 156 }; 157 typedef struct sc_pkcs15_der sc_pkcs15_der_t; 158 159 struct sc_pkcs15_u8 { 160 u8 * value; 161 size_t len; 162 }; 163 typedef struct sc_pkcs15_u8 sc_pkcs15_u8_t; 164 165 struct sc_pkcs15_data { 166 u8 *data; /* DER encoded raw data object */ 167 size_t data_len; 168 }; 169 typedef struct sc_pkcs15_data sc_pkcs15_data_t; 170 171 #define sc_pkcs15_skey sc_pkcs15_data 172 #define sc_pkcs15_skey_t sc_pkcs15_data_t 173 174 struct sc_pkcs15_pubkey_rsa { 175 sc_pkcs15_bignum_t modulus; 176 sc_pkcs15_bignum_t exponent; 177 }; 178 179 struct sc_pkcs15_prkey_rsa { 180 /* public components */ 181 sc_pkcs15_bignum_t modulus; 182 sc_pkcs15_bignum_t exponent; 183 184 /* private components */ 185 sc_pkcs15_bignum_t d; 186 sc_pkcs15_bignum_t p; 187 sc_pkcs15_bignum_t q; 188 189 /* optional CRT elements */ 190 sc_pkcs15_bignum_t iqmp; 191 sc_pkcs15_bignum_t dmp1; 192 sc_pkcs15_bignum_t dmq1; 193 }; 194 195 struct sc_pkcs15_pubkey_dsa { 196 sc_pkcs15_bignum_t pub; 197 sc_pkcs15_bignum_t p; 198 sc_pkcs15_bignum_t q; 199 sc_pkcs15_bignum_t g; 200 }; 201 202 struct sc_pkcs15_prkey_dsa { 203 /* public components */ 204 sc_pkcs15_bignum_t pub; 205 sc_pkcs15_bignum_t p; 206 sc_pkcs15_bignum_t q; 207 sc_pkcs15_bignum_t g; 208 209 /* private key */ 210 sc_pkcs15_bignum_t priv; 211 }; 212 213 struct sc_pkcs15_gost_parameters { 214 struct sc_object_id key; 215 struct sc_object_id hash; 216 struct sc_object_id cipher; 217 }; 218 219 struct sc_pkcs15_pubkey_ec { 220 struct sc_ec_parameters params; 221 struct sc_pkcs15_u8 ecpointQ; /* This is NOT DER, just value and length */ 222 }; 223 224 struct sc_pkcs15_pubkey_eddsa { 225 struct sc_pkcs15_u8 pubkey; 226 }; 227 228 struct sc_pkcs15_prkey_ec { 229 struct sc_ec_parameters params; 230 sc_pkcs15_bignum_t privateD; /* note this is bignum */ 231 struct sc_pkcs15_u8 ecpointQ; /* This is NOT DER, just value and length */ 232 }; 233 234 struct sc_pkcs15_prkey_eddsa { 235 struct sc_pkcs15_u8 pubkey; 236 struct sc_pkcs15_u8 value; 237 }; 238 239 struct sc_pkcs15_pubkey_gostr3410 { 240 struct sc_pkcs15_gost_parameters params; 241 sc_pkcs15_bignum_t xy; 242 }; 243 244 struct sc_pkcs15_prkey_gostr3410 { 245 struct sc_pkcs15_gost_parameters params; 246 sc_pkcs15_bignum_t d; 247 }; 248 249 struct sc_pkcs15_pubkey { 250 int algorithm; 251 struct sc_algorithm_id * alg_id; 252 253 /* Decoded key */ 254 union { 255 struct sc_pkcs15_pubkey_rsa rsa; 256 struct sc_pkcs15_pubkey_dsa dsa; 257 struct sc_pkcs15_pubkey_ec ec; 258 struct sc_pkcs15_pubkey_eddsa eddsa; 259 struct sc_pkcs15_pubkey_gostr3410 gostr3410; 260 } u; 261 }; 262 typedef struct sc_pkcs15_pubkey sc_pkcs15_pubkey_t; 263 264 struct sc_pkcs15_prkey { 265 unsigned int algorithm; 266 /* TODO do we need: struct sc_algorithm_id * alg_id; */ 267 268 union { 269 struct sc_pkcs15_prkey_rsa rsa; 270 struct sc_pkcs15_prkey_dsa dsa; 271 struct sc_pkcs15_prkey_ec ec; 272 struct sc_pkcs15_prkey_eddsa eddsa; 273 struct sc_pkcs15_prkey_gostr3410 gostr3410; 274 struct sc_pkcs15_skey secret; 275 } u; 276 }; 277 typedef struct sc_pkcs15_prkey sc_pkcs15_prkey_t; 278 279 /* Enveloped objects can be used to provide additional 280 * protection to non-native private keys */ 281 struct sc_pkcs15_enveloped_data { 282 /* recipient info */ 283 sc_pkcs15_id_t id; /* key ID */ 284 struct sc_algorithm_id ke_alg; /* key-encryption algo */ 285 u8 *key; /* encrypted key */ 286 size_t key_len; 287 struct sc_algorithm_id ce_alg; /* content-encryption algo */ 288 u8 *content; /* encrypted content */ 289 size_t content_len; 290 }; 291 292 struct sc_pkcs15_cert { 293 int version; 294 u8 *serial; 295 size_t serial_len; 296 u8 *issuer; 297 size_t issuer_len; 298 u8 *subject; 299 size_t subject_len; 300 u8 *extensions; 301 size_t extensions_len; 302 303 struct sc_pkcs15_pubkey * key; 304 305 /* DER encoded raw cert */ 306 struct sc_pkcs15_der data; 307 }; 308 typedef struct sc_pkcs15_cert sc_pkcs15_cert_t; 309 310 struct sc_pkcs15_cert_info { 311 struct sc_pkcs15_id id; /* correlates to private key id */ 312 int authority; /* boolean */ 313 /* identifiers [2] SEQUENCE OF CredentialIdentifier{{KeyIdentifiers}} */ 314 struct sc_path path; 315 316 struct sc_pkcs15_der value; 317 }; 318 typedef struct sc_pkcs15_cert_info sc_pkcs15_cert_info_t; 319 320 struct sc_pkcs15_data_info { 321 /* FIXME: there is no pkcs15 ID in DataType */ 322 struct sc_pkcs15_id id; 323 324 /* Identify the application: 325 * either or both may be set */ 326 char app_label[SC_PKCS15_MAX_LABEL_SIZE]; 327 struct sc_object_id app_oid; 328 329 struct sc_path path; 330 331 struct sc_pkcs15_der data; 332 }; 333 typedef struct sc_pkcs15_data_info sc_pkcs15_data_info_t; 334 335 /* keyUsageFlags are the same for all key types */ 336 #define SC_PKCS15_PRKEY_USAGE_ENCRYPT 0x01 337 #define SC_PKCS15_PRKEY_USAGE_DECRYPT 0x02 338 #define SC_PKCS15_PRKEY_USAGE_SIGN 0x04 339 #define SC_PKCS15_PRKEY_USAGE_SIGNRECOVER 0x08 340 #define SC_PKCS15_PRKEY_USAGE_WRAP 0x10 341 #define SC_PKCS15_PRKEY_USAGE_UNWRAP 0x20 342 #define SC_PKCS15_PRKEY_USAGE_VERIFY 0x40 343 #define SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER 0x80 344 #define SC_PKCS15_PRKEY_USAGE_DERIVE 0x100 345 #define SC_PKCS15_PRKEY_USAGE_NONREPUDIATION 0x200 346 347 #define SC_PKCS15_PRKEY_ACCESS_SENSITIVE 0x01 348 #define SC_PKCS15_PRKEY_ACCESS_EXTRACTABLE 0x02 349 #define SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE 0x04 350 #define SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE 0x08 351 #define SC_PKCS15_PRKEY_ACCESS_LOCAL 0x10 352 353 #define SC_PKCS15_PARAMSET_GOSTR3410_A 1 354 #define SC_PKCS15_PARAMSET_GOSTR3410_B 2 355 #define SC_PKCS15_PARAMSET_GOSTR3410_C 3 356 357 #define SC_PKCS15_GOSTR3410_KEYSIZE 256 358 359 struct sc_pkcs15_keyinfo_gostparams 360 { 361 unsigned int gostr3410, gostr3411, gost28147; 362 }; 363 364 /* AccessMode bit definitions specified in PKCS#15 v1.1 365 * and extended by IAS/ECC v1.0.1 specification. */ 366 #define SC_PKCS15_ACCESS_RULE_MODE_READ 0x01 367 #define SC_PKCS15_ACCESS_RULE_MODE_UPDATE 0x02 368 #define SC_PKCS15_ACCESS_RULE_MODE_EXECUTE 0x04 369 #define SC_PKCS15_ACCESS_RULE_MODE_DELETE 0x08 370 #define SC_PKCS15_ACCESS_RULE_MODE_ATTRIBUTE 0x10 371 #define SC_PKCS15_ACCESS_RULE_MODE_PSO_CDS 0x20 372 #define SC_PKCS15_ACCESS_RULE_MODE_PSO_VERIFY 0x40 373 #define SC_PKCS15_ACCESS_RULE_MODE_PSO_DECRYPT 0x80 374 #define SC_PKCS15_ACCESS_RULE_MODE_PSO_ENCRYPT 0x100 375 #define SC_PKCS15_ACCESS_RULE_MODE_INT_AUTH 0x200 376 #define SC_PKCS15_ACCESS_RULE_MODE_EXT_AUTH 0x400 377 378 struct sc_pkcs15_accessrule { 379 unsigned access_mode; 380 struct sc_pkcs15_id auth_id; 381 }; 382 typedef struct sc_pkcs15_accessrule sc_pkcs15_accessrule_t; 383 384 385 struct sc_pkcs15_key_params { 386 void *data; 387 size_t len; 388 void (*free_params)(void *); 389 }; 390 391 struct sc_pkcs15_prkey_info { 392 struct sc_pkcs15_id id; /* correlates to public certificate id */ 393 unsigned int usage, access_flags; 394 int native, key_reference; 395 /* convert to union if other types are supported */ 396 size_t modulus_length; /* RSA */ 397 size_t field_length; /* EC in bits */ 398 399 unsigned int algo_refs[SC_MAX_SUPPORTED_ALGORITHMS]; 400 401 struct sc_pkcs15_der subject; 402 403 struct sc_pkcs15_key_params params; 404 405 struct sc_path path; 406 407 /* Non-pkcs15 data, like MD CMAP record */ 408 struct sc_auxiliary_data *aux_data; 409 }; 410 typedef struct sc_pkcs15_prkey_info sc_pkcs15_prkey_info_t; 411 412 struct sc_pkcs15_pubkey_info { 413 struct sc_pkcs15_id id; /* correlates to private key id */ 414 unsigned int usage, access_flags; 415 int native, key_reference; 416 /* convert to union if other types are supported */ 417 size_t modulus_length; /* RSA */ 418 size_t field_length; /* EC in bits */ 419 420 unsigned int algo_refs[SC_MAX_SUPPORTED_ALGORITHMS]; 421 422 struct sc_pkcs15_der subject; 423 424 struct sc_pkcs15_key_params params; 425 426 struct sc_path path; 427 428 struct { 429 struct sc_pkcs15_der raw; 430 struct sc_pkcs15_der spki; 431 } direct; 432 }; 433 typedef struct sc_pkcs15_pubkey_info sc_pkcs15_pubkey_info_t; 434 435 struct sc_pkcs15_skey_info { 436 struct sc_pkcs15_id id; 437 unsigned int usage, access_flags; 438 int native, key_reference; 439 size_t value_len; 440 unsigned long key_type; 441 unsigned int algo_refs[SC_MAX_SUPPORTED_ALGORITHMS]; 442 struct sc_path path; /* if on card */ 443 struct sc_pkcs15_der data; 444 }; 445 typedef struct sc_pkcs15_skey_info sc_pkcs15_skey_info_t; 446 447 #define SC_PKCS15_TYPE_CLASS_MASK 0xF00 448 449 #define SC_PKCS15_TYPE_PRKEY 0x100 450 #define SC_PKCS15_TYPE_PRKEY_RSA 0x101 451 #define SC_PKCS15_TYPE_PRKEY_DSA 0x102 452 #define SC_PKCS15_TYPE_PRKEY_GOSTR3410 0x103 453 #define SC_PKCS15_TYPE_PRKEY_EC 0x104 454 #define SC_PKCS15_TYPE_PRKEY_EDDSA 0x105 455 #define SC_PKCS15_TYPE_PRKEY_XEDDSA 0x106 456 457 #define SC_PKCS15_TYPE_PUBKEY 0x200 458 #define SC_PKCS15_TYPE_PUBKEY_RSA 0x201 459 #define SC_PKCS15_TYPE_PUBKEY_DSA 0x202 460 #define SC_PKCS15_TYPE_PUBKEY_GOSTR3410 0x203 461 #define SC_PKCS15_TYPE_PUBKEY_EC 0x204 462 #define SC_PKCS15_TYPE_PUBKEY_EDDSA 0x205 463 #define SC_PKCS15_TYPE_PUBKEY_XEDDSA 0x206 464 465 #define SC_PKCS15_TYPE_SKEY 0x300 466 #define SC_PKCS15_TYPE_SKEY_GENERIC 0x301 467 #define SC_PKCS15_TYPE_SKEY_DES 0x302 468 #define SC_PKCS15_TYPE_SKEY_2DES 0x303 469 #define SC_PKCS15_TYPE_SKEY_3DES 0x304 470 471 #define SC_PKCS15_TYPE_CERT 0x400 472 #define SC_PKCS15_TYPE_CERT_X509 0x401 473 #define SC_PKCS15_TYPE_CERT_SPKI 0x402 474 475 #define SC_PKCS15_TYPE_DATA_OBJECT 0x500 476 477 #define SC_PKCS15_TYPE_AUTH 0x600 478 #define SC_PKCS15_TYPE_AUTH_PIN 0x601 479 #define SC_PKCS15_TYPE_AUTH_BIO 0x602 480 #define SC_PKCS15_TYPE_AUTH_AUTHKEY 0x603 481 482 #define SC_PKCS15_TYPE_TO_CLASS(t) (1 << ((t) >> 8)) 483 #define SC_PKCS15_SEARCH_CLASS_PRKEY 0x0002U 484 #define SC_PKCS15_SEARCH_CLASS_PUBKEY 0x0004U 485 #define SC_PKCS15_SEARCH_CLASS_SKEY 0x0008U 486 #define SC_PKCS15_SEARCH_CLASS_CERT 0x0010U 487 #define SC_PKCS15_SEARCH_CLASS_DATA 0x0020U 488 #define SC_PKCS15_SEARCH_CLASS_AUTH 0x0040U 489 490 struct sc_pkcs15_object { 491 unsigned int type; 492 /* CommonObjectAttributes */ 493 char label[SC_PKCS15_MAX_LABEL_SIZE]; /* zero terminated */ 494 unsigned int flags; 495 struct sc_pkcs15_id auth_id; 496 497 int usage_counter; 498 int user_consent; 499 500 struct sc_pkcs15_accessrule access_rules[SC_PKCS15_MAX_ACCESS_RULES]; 501 502 /* Object type specific data */ 503 void *data; 504 /* emulated object pointer */ 505 void *emulated; 506 507 struct sc_pkcs15_df *df; /* can be NULL, if object is 'floating' */ 508 struct sc_pkcs15_object *next, *prev; /* used only internally */ 509 510 struct sc_pkcs15_der content; 511 512 int session_object; /* used internally. if nonzero, object is a session object. */ 513 }; 514 typedef struct sc_pkcs15_object sc_pkcs15_object_t; 515 516 /* PKCS #15 DF types */ 517 #define SC_PKCS15_PRKDF 0 518 #define SC_PKCS15_PUKDF 1 519 #define SC_PKCS15_PUKDF_TRUSTED 2 520 #define SC_PKCS15_SKDF 3 521 #define SC_PKCS15_CDF 4 522 #define SC_PKCS15_CDF_TRUSTED 5 523 #define SC_PKCS15_CDF_USEFUL 6 524 #define SC_PKCS15_DODF 7 525 #define SC_PKCS15_AODF 8 526 #define SC_PKCS15_DF_TYPE_COUNT 9 527 528 struct sc_pkcs15_card; 529 530 struct sc_pkcs15_df { 531 struct sc_path path; 532 int record_length; 533 unsigned int type; 534 int enumerated; 535 536 struct sc_pkcs15_df *next, *prev; 537 }; 538 typedef struct sc_pkcs15_df sc_pkcs15_df_t; 539 540 struct sc_pkcs15_unusedspace { 541 sc_path_t path; 542 sc_pkcs15_id_t auth_id; 543 544 struct sc_pkcs15_unusedspace *next, *prev; 545 }; 546 typedef struct sc_pkcs15_unusedspace sc_pkcs15_unusedspace_t; 547 548 #define SC_PKCS15_CARD_MAGIC 0x10203040 549 550 typedef struct sc_pkcs15_sec_env_info { 551 int se; 552 struct sc_object_id owner; 553 struct sc_aid aid; 554 } sc_pkcs15_sec_env_info_t; 555 556 typedef struct sc_pkcs15_last_update { 557 char *gtime; 558 struct sc_path path; 559 560 } sc_pkcs15_last_update_t; 561 562 typedef struct sc_pkcs15_profile_indication { 563 struct sc_object_id oid; 564 char *name; 565 } sc_pkcs15_profile_indication_t; 566 567 typedef struct sc_pkcs15_tokeninfo { 568 unsigned int version; 569 unsigned int flags; 570 char *label; 571 char *serial_number; 572 char *manufacturer_id; 573 574 struct sc_pkcs15_last_update last_update; 575 struct sc_pkcs15_profile_indication profile_indication; 576 577 char *preferred_language; 578 sc_pkcs15_sec_env_info_t **seInfo; 579 size_t num_seInfo; 580 581 struct sc_supported_algo_info supported_algos[SC_MAX_SUPPORTED_ALGORITHMS]; 582 } sc_pkcs15_tokeninfo_t; 583 584 struct sc_pkcs15_operations { 585 int (*parse_df)(struct sc_pkcs15_card *, struct sc_pkcs15_df *); 586 void (*clear)(struct sc_pkcs15_card *); 587 int (*get_guid)(struct sc_pkcs15_card *, const struct sc_pkcs15_object *, 588 unsigned char *, size_t *); 589 }; 590 591 typedef struct sc_pkcs15_card { 592 sc_card_t *card; 593 unsigned int flags; 594 595 struct sc_app_info *app; 596 597 sc_file_t *file_app; 598 sc_file_t *file_tokeninfo, *file_odf, *file_unusedspace; 599 600 struct sc_pkcs15_df *df_list; 601 struct sc_pkcs15_object *obj_list; 602 sc_pkcs15_tokeninfo_t *tokeninfo; 603 sc_pkcs15_unusedspace_t *unusedspace_list; 604 int unusedspace_read; 605 606 struct sc_pkcs15_card_opts { 607 int use_file_cache; 608 int use_pin_cache; 609 int pin_cache_counter; 610 int pin_cache_ignore_user_consent; 611 int private_certificate; 612 } opts; 613 614 unsigned int magic; 615 616 void *dll_handle; /* shared lib for emulated cards */ 617 struct sc_md_data *md_data; /* minidriver specific data */ 618 619 struct sc_pkcs15_operations ops; 620 621 } sc_pkcs15_card_t; 622 623 /* flags suitable for sc_pkcs15_tokeninfo_t */ 624 #define SC_PKCS15_TOKEN_READONLY 0x01 625 #define SC_PKCS15_TOKEN_LOGIN_REQUIRED 0x02 /* Don't use */ 626 #define SC_PKCS15_TOKEN_PRN_GENERATION 0x04 627 #define SC_PKCS15_TOKEN_EID_COMPLIANT 0x08 628 629 /* flags suitable for struct sc_pkcs15_card */ 630 #define SC_PKCS15_CARD_FLAG_EMULATED 0x02000000 631 632 /* suitable for struct sc_pkcs15_card.opts.private_certificate */ 633 #define SC_PKCS15_CARD_OPTS_PRIV_CERT_PROTECT 0 634 #define SC_PKCS15_CARD_OPTS_PRIV_CERT_IGNORE 1 635 #define SC_PKCS15_CARD_OPTS_PRIV_CERT_DECLASSIFY 2 636 637 /* X509 bits for certificate usage extension */ 638 #define SC_X509_DIGITAL_SIGNATURE 0x0001UL 639 #define SC_X509_NON_REPUDIATION 0x0002UL 640 #define SC_X509_KEY_ENCIPHERMENT 0x0004UL 641 #define SC_X509_DATA_ENCIPHERMENT 0x0008UL 642 #define SC_X509_KEY_AGREEMENT 0x0010UL 643 #define SC_X509_KEY_CERT_SIGN 0x0020UL 644 #define SC_X509_CRL_SIGN 0x0040UL 645 #define SC_X509_ENCIPHER_ONLY 0x0080UL 646 #define SC_X509_DECIPHER_ONLY 0x0100UL 647 648 649 /* sc_pkcs15_bind: Binds a card object to a PKCS #15 card object 650 * and initializes a new PKCS #15 card object. Will return 651 * SC_ERROR_PKCS15_APP_NOT_FOUND, if the card hasn't got a 652 * valid PKCS #15 file structure. */ 653 int sc_pkcs15_bind(struct sc_card *card, struct sc_aid *aid, 654 struct sc_pkcs15_card **pkcs15_card); 655 /* sc_pkcs15_unbind: Releases a PKCS #15 card object, and frees any 656 * memory allocations done on the card object. */ 657 int sc_pkcs15_unbind(struct sc_pkcs15_card *card); 658 int sc_pkcs15_bind_internal(struct sc_pkcs15_card *p15card, struct sc_aid *aid); 659 660 int sc_pkcs15_get_objects(struct sc_pkcs15_card *card, unsigned int type, 661 struct sc_pkcs15_object **ret, size_t ret_count); 662 int sc_pkcs15_get_objects_cond(struct sc_pkcs15_card *card, unsigned int type, 663 int (* func)(struct sc_pkcs15_object *, void *), 664 void *func_arg, 665 struct sc_pkcs15_object **ret, size_t ret_count); 666 int sc_pkcs15_find_object_by_id(struct sc_pkcs15_card *, unsigned int, 667 const sc_pkcs15_id_t *, 668 struct sc_pkcs15_object **); 669 670 struct sc_pkcs15_card * sc_pkcs15_card_new(void); 671 void sc_pkcs15_card_free(struct sc_pkcs15_card *p15card); 672 void sc_pkcs15_card_clear(struct sc_pkcs15_card *p15card); 673 struct sc_pkcs15_tokeninfo * sc_pkcs15_tokeninfo_new(void); 674 void sc_pkcs15_free_tokeninfo(struct sc_pkcs15_tokeninfo *tokeninfo); 675 676 int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card, 677 const struct sc_pkcs15_object *prkey_obj, 678 unsigned long flags, 679 const u8 *in, size_t inlen, u8 *out, size_t outlen); 680 681 int sc_pkcs15_derive(struct sc_pkcs15_card *p15card, 682 const struct sc_pkcs15_object *prkey_obj, 683 unsigned long flags, 684 const u8 *in, size_t inlen, u8 *out, size_t *poutlen); 685 686 int sc_pkcs15_unwrap(struct sc_pkcs15_card *p15card, 687 const struct sc_pkcs15_object *key, 688 struct sc_pkcs15_object *target_key, 689 unsigned long flags, 690 const u8 * in, size_t inlen, 691 const u8 * param, size_t paramlen); 692 693 int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card, 694 const struct sc_pkcs15_object *key, 695 struct sc_pkcs15_object *target_key, 696 unsigned long flags, 697 u8 * cryptogram, size_t* crgram_len, 698 const u8 * param, size_t paramlen); 699 700 int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card, 701 const struct sc_pkcs15_object *prkey_obj, 702 unsigned long alg_flags, const u8 *in, 703 size_t inlen, u8 *out, size_t outlen); 704 705 int sc_pkcs15_read_pubkey(struct sc_pkcs15_card *, 706 const struct sc_pkcs15_object *, struct sc_pkcs15_pubkey **); 707 int sc_pkcs15_decode_pubkey_rsa(struct sc_context *, 708 struct sc_pkcs15_pubkey_rsa *, const u8 *, size_t); 709 int sc_pkcs15_encode_pubkey_rsa(struct sc_context *, 710 struct sc_pkcs15_pubkey_rsa *, u8 **, size_t *); 711 int sc_pkcs15_decode_pubkey_dsa(struct sc_context *, 712 struct sc_pkcs15_pubkey_dsa *, const u8 *, size_t); 713 int sc_pkcs15_encode_pubkey_dsa(struct sc_context *, 714 struct sc_pkcs15_pubkey_dsa *, u8 **, size_t *); 715 int sc_pkcs15_decode_pubkey_gostr3410(struct sc_context *, 716 struct sc_pkcs15_pubkey_gostr3410 *, const u8 *, size_t); 717 int sc_pkcs15_encode_pubkey_gostr3410(struct sc_context *, 718 struct sc_pkcs15_pubkey_gostr3410 *, u8 **, size_t *); 719 int sc_pkcs15_decode_pubkey_ec(struct sc_context *, 720 struct sc_pkcs15_pubkey_ec *, const u8 *, size_t); 721 int sc_pkcs15_encode_pubkey_ec(struct sc_context *, 722 struct sc_pkcs15_pubkey_ec *, u8 **, size_t *); 723 int sc_pkcs15_encode_pubkey_eddsa(struct sc_context *, 724 struct sc_pkcs15_pubkey_eddsa *, u8 **, size_t *); 725 int sc_pkcs15_decode_pubkey(struct sc_context *, 726 struct sc_pkcs15_pubkey *, const u8 *, size_t); 727 int sc_pkcs15_encode_pubkey(struct sc_context *, 728 struct sc_pkcs15_pubkey *, u8 **, size_t *); 729 int sc_pkcs15_encode_pubkey_as_spki(struct sc_context *, 730 struct sc_pkcs15_pubkey *, u8 **, size_t *); 731 void sc_pkcs15_erase_pubkey(struct sc_pkcs15_pubkey *); 732 void sc_pkcs15_free_pubkey(struct sc_pkcs15_pubkey *); 733 int sc_pkcs15_pubkey_from_prvkey(struct sc_context *, struct sc_pkcs15_prkey *, 734 struct sc_pkcs15_pubkey **); 735 int sc_pkcs15_dup_pubkey(struct sc_context *, struct sc_pkcs15_pubkey *, 736 struct sc_pkcs15_pubkey **); 737 int sc_pkcs15_pubkey_from_cert(struct sc_context *, struct sc_pkcs15_der *, 738 struct sc_pkcs15_pubkey **); 739 int sc_pkcs15_pubkey_from_spki_file(struct sc_context *, 740 char *, struct sc_pkcs15_pubkey ** ); 741 int sc_pkcs15_pubkey_from_spki_fields(struct sc_context *, 742 struct sc_pkcs15_pubkey **, u8 *, size_t, int); 743 int sc_pkcs15_encode_prkey(struct sc_context *, 744 struct sc_pkcs15_prkey *, u8 **, size_t *); 745 void sc_pkcs15_free_prkey(struct sc_pkcs15_prkey *prkey); 746 void sc_pkcs15_free_key_params(struct sc_pkcs15_key_params *params); 747 748 int sc_pkcs15_read_data_object(struct sc_pkcs15_card *p15card, 749 const struct sc_pkcs15_data_info *info, 750 struct sc_pkcs15_data **data_object_out); 751 int sc_pkcs15_find_data_object_by_id(struct sc_pkcs15_card *p15card, 752 const struct sc_pkcs15_id *id, 753 struct sc_pkcs15_object **out); 754 int sc_pkcs15_find_data_object_by_app_oid(struct sc_pkcs15_card *p15card, 755 const struct sc_object_id *app_oid, 756 struct sc_pkcs15_object **out); 757 int sc_pkcs15_find_data_object_by_name(struct sc_pkcs15_card *p15card, 758 const char *app_label, 759 const char *label, 760 struct sc_pkcs15_object **out); 761 void sc_pkcs15_free_data_object(struct sc_pkcs15_data *data_object); 762 763 int sc_pkcs15_read_certificate(struct sc_pkcs15_card *card, 764 const struct sc_pkcs15_cert_info *info, 765 struct sc_pkcs15_cert **cert); 766 void sc_pkcs15_free_certificate(struct sc_pkcs15_cert *cert); 767 int sc_pkcs15_find_cert_by_id(struct sc_pkcs15_card *card, 768 const struct sc_pkcs15_id *id, 769 struct sc_pkcs15_object **out); 770 int sc_pkcs15_get_name_from_dn(struct sc_context *ctx, 771 const u8 *dn, size_t dn_len, 772 const struct sc_object_id *type, 773 u8 **name, size_t *name_len); 774 int sc_pkcs15_map_usage(unsigned int cert_usage, int algorithm, 775 unsigned int *pub_usage_ptr, unsigned int *pr_usage_ptr, 776 int allow_nonrepudiation); 777 int sc_pkcs15_get_extension(struct sc_context *ctx, 778 struct sc_pkcs15_cert *cert, 779 const struct sc_object_id *type, 780 u8 **ext_val, size_t *ext_val_len, 781 int *is_critical); 782 int sc_pkcs15_get_bitstring_extension(struct sc_context *ctx, 783 struct sc_pkcs15_cert *cert, 784 const struct sc_object_id *type, 785 unsigned int *value, 786 int *is_critical); 787 /* sc_pkcs15_create_cdf: Creates a new certificate DF on a card pointed 788 * by <card>. Information about the file, such as the file ID, is read 789 * from <file>. <certs> has to be NULL-terminated. */ 790 int sc_pkcs15_create_cdf(struct sc_pkcs15_card *card, 791 struct sc_file *file, 792 const struct sc_pkcs15_cert_info **certs); 793 794 int sc_pkcs15_find_prkey_by_id(struct sc_pkcs15_card *card, 795 const struct sc_pkcs15_id *id, 796 struct sc_pkcs15_object **out); 797 int sc_pkcs15_find_prkey_by_id_usage(struct sc_pkcs15_card *card, 798 const struct sc_pkcs15_id *id, 799 unsigned int usage, 800 struct sc_pkcs15_object **out); 801 int sc_pkcs15_find_prkey_by_reference(struct sc_pkcs15_card *, 802 const sc_path_t *, int, 803 struct sc_pkcs15_object **); 804 int sc_pkcs15_find_pubkey_by_id(struct sc_pkcs15_card *card, 805 const struct sc_pkcs15_id *id, 806 struct sc_pkcs15_object **out); 807 int sc_pkcs15_find_skey_by_id(struct sc_pkcs15_card *card, 808 const struct sc_pkcs15_id *id, 809 struct sc_pkcs15_object **out); 810 811 int sc_pkcs15_verify_pin(struct sc_pkcs15_card *card, 812 struct sc_pkcs15_object *pin_obj, 813 const u8 *pincode, size_t pinlen); 814 int sc_pkcs15_verify_pin_with_session_pin(struct sc_pkcs15_card *p15card, 815 struct sc_pkcs15_object *pin_obj, 816 const unsigned char *pincode, size_t pinlen, 817 const unsigned char *sessionpin, size_t *sessionpinlen); 818 int sc_pkcs15_change_pin(struct sc_pkcs15_card *card, 819 struct sc_pkcs15_object *pin_obj, 820 const u8 *oldpincode, size_t oldpinlen, 821 const u8 *newpincode, size_t newpinlen); 822 int sc_pkcs15_unblock_pin(struct sc_pkcs15_card *card, 823 struct sc_pkcs15_object *pin_obj, 824 const u8 *puk, size_t puklen, 825 const u8 *newpin, size_t newpinlen); 826 int sc_pkcs15_get_pin_info(struct sc_pkcs15_card *card, 827 struct sc_pkcs15_object *pin_obj); 828 int sc_pkcs15_find_pin_by_auth_id(struct sc_pkcs15_card *card, 829 const struct sc_pkcs15_id *id, 830 struct sc_pkcs15_object **out); 831 int sc_pkcs15_find_pin_by_reference(struct sc_pkcs15_card *card, 832 const sc_path_t *path, int reference, 833 struct sc_pkcs15_object **out); 834 int sc_pkcs15_find_pin_by_type_and_reference(struct sc_pkcs15_card *card, 835 const sc_path_t *path, unsigned auth_method, 836 int reference, 837 struct sc_pkcs15_object **out); 838 int sc_pkcs15_find_so_pin(struct sc_pkcs15_card *card, 839 struct sc_pkcs15_object **out); 840 int sc_pkcs15_find_pin_by_flags(struct sc_pkcs15_card *p15card, 841 unsigned flags, unsigned mask, int *index, 842 struct sc_pkcs15_object **out); 843 844 void sc_pkcs15_pincache_add(struct sc_pkcs15_card *, struct sc_pkcs15_object *, 845 const u8 *, size_t); 846 int sc_pkcs15_pincache_revalidate(struct sc_pkcs15_card *p15card, 847 const struct sc_pkcs15_object *obj); 848 void sc_pkcs15_pincache_clear(struct sc_pkcs15_card *p15card); 849 850 int sc_pkcs15_encode_dir(struct sc_context *ctx, 851 struct sc_pkcs15_card *card, 852 u8 **buf, size_t *buflen); 853 int sc_pkcs15_parse_tokeninfo(struct sc_context *ctx, 854 sc_pkcs15_tokeninfo_t *ti, 855 const u8 *buf, size_t blen); 856 int sc_pkcs15_encode_tokeninfo(struct sc_context *ctx, 857 sc_pkcs15_tokeninfo_t *ti, 858 u8 **buf, size_t *buflen); 859 int sc_pkcs15_encode_odf(struct sc_context *ctx, 860 struct sc_pkcs15_card *card, 861 u8 **buf, size_t *buflen); 862 int sc_pkcs15_encode_df(struct sc_context *ctx, 863 struct sc_pkcs15_card *p15card, 864 struct sc_pkcs15_df *df, 865 u8 **buf, size_t *bufsize); 866 int sc_pkcs15_encode_cdf_entry(struct sc_context *ctx, 867 const struct sc_pkcs15_object *obj, u8 **buf, 868 size_t *bufsize); 869 int sc_pkcs15_encode_prkdf_entry(struct sc_context *ctx, 870 const struct sc_pkcs15_object *obj, u8 **buf, 871 size_t *bufsize); 872 int sc_pkcs15_encode_pukdf_entry(struct sc_context *ctx, 873 const struct sc_pkcs15_object *obj, u8 **buf, 874 size_t *bufsize); 875 int sc_pkcs15_encode_skdf_entry(struct sc_context *ctx, 876 const struct sc_pkcs15_object *obj, u8 **buf, 877 size_t *buflen); 878 int sc_pkcs15_encode_dodf_entry(struct sc_context *ctx, 879 const struct sc_pkcs15_object *obj, u8 **buf, 880 size_t *bufsize); 881 int sc_pkcs15_encode_aodf_entry(struct sc_context *ctx, 882 const struct sc_pkcs15_object *obj, u8 **buf, 883 size_t *bufsize); 884 885 int sc_pkcs15_parse_df(struct sc_pkcs15_card *p15card, 886 struct sc_pkcs15_df *df); 887 int sc_pkcs15_read_df(struct sc_pkcs15_card *p15card, 888 struct sc_pkcs15_df *df); 889 int sc_pkcs15_decode_cdf_entry(struct sc_pkcs15_card *p15card, 890 struct sc_pkcs15_object *obj, 891 const u8 **buf, size_t *bufsize); 892 int sc_pkcs15_decode_dodf_entry(struct sc_pkcs15_card *p15card, 893 struct sc_pkcs15_object *obj, 894 const u8 **buf, size_t *bufsize); 895 int sc_pkcs15_decode_aodf_entry(struct sc_pkcs15_card *p15card, 896 struct sc_pkcs15_object *obj, 897 const u8 **buf, size_t *bufsize); 898 int sc_pkcs15_decode_prkdf_entry(struct sc_pkcs15_card *p15card, 899 struct sc_pkcs15_object *obj, 900 const u8 **buf, size_t *bufsize); 901 int sc_pkcs15_decode_pukdf_entry(struct sc_pkcs15_card *p15card, 902 struct sc_pkcs15_object *obj, 903 const u8 **buf, size_t *bufsize); 904 int sc_pkcs15_decode_skdf_entry(struct sc_pkcs15_card *p15card, 905 struct sc_pkcs15_object *obj, 906 const u8 **buf, size_t *bufsize); 907 908 int sc_pkcs15_add_object(struct sc_pkcs15_card *p15card, 909 struct sc_pkcs15_object *obj); 910 void sc_pkcs15_remove_object(struct sc_pkcs15_card *p15card, 911 struct sc_pkcs15_object *obj); 912 int sc_pkcs15_add_df(struct sc_pkcs15_card *, unsigned int, const sc_path_t *); 913 914 int sc_pkcs15_add_unusedspace(struct sc_pkcs15_card *p15card, 915 const sc_path_t *path, const sc_pkcs15_id_t *auth_id); 916 int sc_pkcs15_parse_unusedspace(const u8 * buf, size_t buflen, 917 struct sc_pkcs15_card *card); 918 int sc_pkcs15_encode_unusedspace(struct sc_context *ctx, 919 struct sc_pkcs15_card *p15card, 920 u8 **buf, size_t *buflen); 921 922 /* Deduce private key attributes from corresponding certificate */ 923 int sc_pkcs15_prkey_attrs_from_cert(struct sc_pkcs15_card *, struct sc_pkcs15_object *, 924 struct sc_pkcs15_object **); 925 926 void sc_pkcs15_free_prkey_info(sc_pkcs15_prkey_info_t *key); 927 void sc_pkcs15_free_pubkey_info(sc_pkcs15_pubkey_info_t *key); 928 void sc_pkcs15_free_cert_info(sc_pkcs15_cert_info_t *cert); 929 void sc_pkcs15_free_data_info(sc_pkcs15_data_info_t *data); 930 void sc_pkcs15_free_auth_info(sc_pkcs15_auth_info_t *auth_info); 931 void sc_pkcs15_free_object(struct sc_pkcs15_object *obj); 932 933 /* Generic file i/o */ 934 int sc_pkcs15_read_file(struct sc_pkcs15_card *p15card, 935 const struct sc_path *path, 936 u8 **buf, size_t *buflen); 937 938 /* Caching functions */ 939 int sc_pkcs15_read_cached_file(struct sc_pkcs15_card *p15card, 940 const struct sc_path *path, 941 u8 **buf, size_t *bufsize); 942 int sc_pkcs15_cache_file(struct sc_pkcs15_card *p15card, 943 const struct sc_path *path, 944 const u8 *buf, size_t bufsize); 945 946 /* PKCS #15 ID handling functions */ 947 int sc_pkcs15_compare_id(const struct sc_pkcs15_id *id1, 948 const struct sc_pkcs15_id *id2); 949 const char *sc_pkcs15_print_id(const struct sc_pkcs15_id *id); 950 void sc_pkcs15_format_id(const char *id_in, struct sc_pkcs15_id *id_out); 951 int sc_pkcs15_hex_string_to_id(const char *in, struct sc_pkcs15_id *out); 952 int sc_der_copy(struct sc_pkcs15_der *, const struct sc_pkcs15_der *); 953 int sc_pkcs15_get_object_id(const struct sc_pkcs15_object *, struct sc_pkcs15_id *); 954 int sc_pkcs15_get_object_guid(struct sc_pkcs15_card *, const struct sc_pkcs15_object *, unsigned, 955 unsigned char *, size_t *); 956 int sc_pkcs15_serialize_guid(unsigned char *, size_t, unsigned, char *, size_t); 957 int sc_encode_oid (struct sc_context *, struct sc_object_id *, 958 unsigned char **, size_t *); 959 960 /* Get application by type: 'protected', 'generic' */ 961 struct sc_app_info *sc_pkcs15_get_application_by_type(struct sc_card *, char *); 962 963 /* Prepend 'parent' to 'child' in case 'child' is a relative path */ 964 int sc_pkcs15_make_absolute_path(const sc_path_t *parent, sc_path_t *child); 965 966 /* Clean and free object content */ 967 void sc_pkcs15_free_object_content(struct sc_pkcs15_object *); 968 969 /* Allocate and set object content */ 970 int sc_pkcs15_allocate_object_content(struct sc_context *, struct sc_pkcs15_object *, 971 const unsigned char *, size_t); 972 973 /* find algorithm from card's supported algorithms by operation and mechanism */ 974 struct sc_supported_algo_info *sc_pkcs15_get_supported_algo(struct sc_pkcs15_card *, 975 unsigned operation, unsigned mechanism); 976 977 /* find algorithm from card's supported algorithms by operation, mechanism and object_id */ 978 struct sc_supported_algo_info *sc_pkcs15_get_specific_supported_algo(struct sc_pkcs15_card *, 979 unsigned operation, unsigned mechanism, const struct sc_object_id *algo_oid); 980 981 int sc_pkcs15_add_supported_algo_ref(struct sc_pkcs15_object *, 982 struct sc_supported_algo_info *); 983 984 int sc_pkcs15_fix_ec_parameters(struct sc_context *, struct sc_ec_parameters *); 985 986 /* Convert the OpenSSL key data type into the OpenSC key */ 987 int sc_pkcs15_convert_bignum(sc_pkcs15_bignum_t *dst, const void *bignum); 988 int sc_pkcs15_convert_prkey(struct sc_pkcs15_prkey *key, void *evp_key); 989 int sc_pkcs15_convert_pubkey(struct sc_pkcs15_pubkey *key, void *evp_key); 990 991 /* Get 'LastUpdate' string */ 992 char *sc_pkcs15_get_lastupdate(struct sc_pkcs15_card *p15card); 993 994 /* Allocate generalized time string */ 995 int sc_pkcs15_get_generalized_time(struct sc_context *ctx, char **out); 996 997 /* New object search API. 998 * More complex, but also more powerful. 999 */ 1000 typedef struct sc_pkcs15_search_key { 1001 unsigned int class_mask; 1002 unsigned int type; 1003 const sc_pkcs15_id_t * id; 1004 const struct sc_object_id *app_oid; 1005 const sc_path_t * path; 1006 unsigned int usage_mask, usage_value; 1007 unsigned int flags_mask, flags_value; 1008 1009 unsigned int match_reference : 1; 1010 int reference; 1011 const char * app_label; 1012 const char * label; 1013 } sc_pkcs15_search_key_t; 1014 1015 int sc_pkcs15_search_objects(struct sc_pkcs15_card *, sc_pkcs15_search_key_t *, 1016 struct sc_pkcs15_object **, size_t); 1017 1018 extern int sc_pkcs15_bind_synthetic(struct sc_pkcs15_card *, struct sc_aid *); 1019 extern int sc_pkcs15_is_emulation_only(sc_card_t *); 1020 1021 int sc_pkcs15emu_object_add(struct sc_pkcs15_card *, unsigned int, 1022 const struct sc_pkcs15_object *, const void *); 1023 /* some wrapper functions for sc_pkcs15emu_object_add */ 1024 int sc_pkcs15emu_add_pin_obj(struct sc_pkcs15_card *, 1025 const struct sc_pkcs15_object *, const sc_pkcs15_auth_info_t *); 1026 int sc_pkcs15emu_add_rsa_prkey(struct sc_pkcs15_card *, 1027 const struct sc_pkcs15_object *, const sc_pkcs15_prkey_info_t *); 1028 int sc_pkcs15emu_add_rsa_pubkey(struct sc_pkcs15_card *, 1029 const struct sc_pkcs15_object *, const sc_pkcs15_pubkey_info_t *); 1030 int sc_pkcs15emu_add_ec_prkey(struct sc_pkcs15_card *, 1031 const struct sc_pkcs15_object *, const sc_pkcs15_prkey_info_t *); 1032 int sc_pkcs15emu_add_ec_pubkey(struct sc_pkcs15_card *, 1033 const struct sc_pkcs15_object *, const sc_pkcs15_pubkey_info_t *); 1034 int sc_pkcs15emu_add_eddsa_prkey(struct sc_pkcs15_card *, 1035 const struct sc_pkcs15_object *, const sc_pkcs15_prkey_info_t *); 1036 int sc_pkcs15emu_add_eddsa_pubkey(struct sc_pkcs15_card *, 1037 const struct sc_pkcs15_object *, const sc_pkcs15_pubkey_info_t *); 1038 int sc_pkcs15emu_add_xeddsa_prkey(struct sc_pkcs15_card *, 1039 const struct sc_pkcs15_object *, const sc_pkcs15_prkey_info_t *); 1040 int sc_pkcs15emu_add_xeddsa_pubkey(struct sc_pkcs15_card *, 1041 const struct sc_pkcs15_object *, const sc_pkcs15_pubkey_info_t *); 1042 int sc_pkcs15emu_add_x509_cert(struct sc_pkcs15_card *, 1043 const struct sc_pkcs15_object *, const sc_pkcs15_cert_info_t *); 1044 int sc_pkcs15emu_add_data_object(struct sc_pkcs15_card *, 1045 const struct sc_pkcs15_object *, const sc_pkcs15_data_info_t *); 1046 1047 #ifdef __cplusplus 1048 } 1049 #endif 1050 1051 #endif 1052