1 /* 2 * cardctl.h: card_ctl command numbers 3 * 4 * Copyright (C) 2003 Olaf Kirch <okir@lse.de> 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, write to the Free Software 18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 19 */ 20 21 #ifndef _OPENSC_CARDCTL_H 22 #define _OPENSC_CARDCTL_H 23 24 #include <time.h> 25 #include "libopensc/types.h" 26 27 #ifdef __cplusplus 28 extern "C" { 29 #endif 30 31 #define _CTL_PREFIX(a, b, c) (((a) << 24) | ((b) << 16) | ((c) << 8)) 32 33 enum { 34 /* 35 * Generic card_ctl calls 36 */ 37 SC_CARDCTL_GENERIC_BASE = 0x00000000, 38 SC_CARDCTL_ERASE_CARD, 39 SC_CARDCTL_GET_DEFAULT_KEY, 40 SC_CARDCTL_LIFECYCLE_GET, 41 SC_CARDCTL_LIFECYCLE_SET, 42 SC_CARDCTL_GET_SERIALNR, 43 SC_CARDCTL_GET_SE_INFO, 44 SC_CARDCTL_GET_CHV_REFERENCE_IN_SE, 45 SC_CARDCTL_PKCS11_INIT_TOKEN, 46 SC_CARDCTL_PKCS11_INIT_PIN, 47 48 /* 49 * GPK specific calls 50 */ 51 SC_CARDCTL_GPK_BASE = _CTL_PREFIX('G', 'P', 'K'), 52 SC_CARDCTL_GPK_VARIANT, 53 SC_CARDCTL_GPK_LOCK, 54 SC_CARDCTL_GPK_PKINIT, 55 SC_CARDCTL_GPK_PKLOAD, 56 SC_CARDCTL_GPK_IS_LOCKED, 57 SC_CARDCTL_GPK_GENERATE_KEY, 58 59 /* 60 * Cryptoflex specific calls 61 */ 62 SC_CARDCTL_CRYPTOFLEX_BASE = _CTL_PREFIX('C', 'F', 'X'), 63 SC_CARDCTL_CRYPTOFLEX_GENERATE_KEY, 64 65 /* 66 * MioCOS specific calls 67 */ 68 SC_CARDCTL_MIOCOS_BASE = _CTL_PREFIX('M', 'I', 'O'), 69 SC_CARDCTL_MIOCOS_CREATE_AC, 70 71 /* 72 * TCOS specific calls 73 */ 74 SC_CARDCTL_TCOS_BASE = _CTL_PREFIX('T','C','S'), 75 SC_CARDCTL_TCOS_SETPERM, 76 77 /* 78 * CardOS specific calls 79 * (formerly known as "etoken" driver, thus ETK as prefix) 80 */ 81 SC_CARDCTL_CARDOS_BASE = _CTL_PREFIX('E', 'T', 'K'), 82 SC_CARDCTL_CARDOS_PUT_DATA_FCI, 83 SC_CARDCTL_CARDOS_PUT_DATA_OCI, 84 SC_CARDCTL_CARDOS_PUT_DATA_SECI, 85 SC_CARDCTL_CARDOS_GENERATE_KEY, 86 SC_CARDCTL_CARDOS_PASS_ALGO_FLAGS, 87 88 /* 89 * Starcos SPK 2.3 specific calls 90 */ 91 SC_CARDCTL_STARCOS_BASE = _CTL_PREFIX('S', 'T', 'A'), 92 SC_CARDCTL_STARCOS_CREATE_FILE, 93 SC_CARDCTL_STARCOS_CREATE_END, 94 SC_CARDCTL_STARCOS_WRITE_KEY, 95 SC_CARDCTL_STARCOS_GENERATE_KEY, 96 97 /* 98 * JCOP specific calls 99 */ 100 SC_CARDCTL_JCOP_BASE = _CTL_PREFIX('J', 'C', 'P'), 101 SC_CARDCTL_JCOP_GENERATE_KEY, 102 103 /* 104 * Oberthur specific calls 105 */ 106 SC_CARDCTL_OBERTHUR_BASE = _CTL_PREFIX('O', 'B', 'R'), 107 SC_CARDCTL_OBERTHUR_UPDATE_KEY, 108 SC_CARDCTL_OBERTHUR_GENERATE_KEY, 109 SC_CARDCTL_OBERTHUR_CREATE_PIN, 110 111 /* 112 * Setcos specific calls 113 */ 114 SC_CARDCTL_SETCOS_BASE = _CTL_PREFIX('S', 'E', 'T'), 115 SC_CARDCTL_SETCOS_PUTDATA, 116 SC_CARDCTL_SETCOS_GETDATA, 117 SC_CARDCTL_SETCOS_GENERATE_STORE_KEY, 118 SC_CARDCTL_SETCOS_ACTIVATE_FILE, 119 120 /* 121 * Incrypto34 specific calls 122 */ 123 SC_CARDCTL_INCRYPTO34_BASE = _CTL_PREFIX('I', '3', '4'), 124 SC_CARDCTL_INCRYPTO34_PUT_DATA_FCI, 125 SC_CARDCTL_INCRYPTO34_PUT_DATA_OCI, 126 SC_CARDCTL_INCRYPTO34_PUT_DATA_SECI, 127 SC_CARDCTL_INCRYPTO34_GENERATE_KEY, 128 SC_CARDCTL_INCRYPTO34_CHANGE_KEY_DATA, 129 SC_CARDCTL_INCRYPTO34_ERASE_FILES, 130 131 /* 132 * Muscle specific calls 133 */ 134 SC_CARDCTL_MUSCLE_BASE = _CTL_PREFIX('M','S','C'), 135 SC_CARDCTL_MUSCLE_GENERATE_KEY, 136 SC_CARDCTL_MUSCLE_EXTRACT_KEY, 137 SC_CARDCTL_MUSCLE_IMPORT_KEY, 138 SC_CARDCTL_MUSCLE_VERIFIED_PINS, 139 140 /* 141 * ASEPCOS specific calls 142 */ 143 SC_CARDCTL_ASEPCOS_BASE = _CTL_PREFIX('A','S','E'), 144 SC_CARDCTL_ASEPCOS_CHANGE_KEY, 145 SC_CARDCTL_ASEPCOS_AKN2FILEID, 146 SC_CARDCTL_ASEPCOS_SET_SATTR, 147 SC_CARDCTL_ASEPCOS_ACTIVATE_FILE, 148 149 /* 150 * ruToken specific calls 151 */ 152 SC_CARDCTL_RUTOKEN_BASE = _CTL_PREFIX('R', 'T', 'K'), 153 /* PUT_DATA */ 154 SC_CARDCTL_RUTOKEN_CREATE_DO, 155 SC_CARDCTL_RUTOKEN_CHANGE_DO, 156 SC_CARDCTL_RUTOKEN_GENERATE_KEY_DO, 157 SC_CARDCTL_RUTOKEN_DELETE_DO, 158 SC_CARDCTL_RUTOKEN_GET_INFO, 159 /* NON STANDARD */ 160 SC_CARDCTL_RUTOKEN_GET_DO_INFO, 161 SC_CARDCTL_RUTOKEN_GOST_ENCIPHER, 162 SC_CARDCTL_RUTOKEN_GOST_DECIPHER, 163 SC_CARDCTL_RUTOKEN_FORMAT_INIT, 164 SC_CARDCTL_RUTOKEN_FORMAT_END, 165 166 /* 167 * EnterSafe specific calls 168 */ 169 SC_CARDCTL_ENTERSAFE_BASE = _CTL_PREFIX('E', 'S', 'F'), 170 SC_CARDCTL_ENTERSAFE_CREATE_FILE, 171 SC_CARDCTL_ENTERSAFE_CREATE_END, 172 SC_CARDCTL_ENTERSAFE_WRITE_KEY, 173 SC_CARDCTL_ENTERSAFE_GENERATE_KEY, 174 SC_CARDCTL_ENTERSAFE_PREINSTALL_KEYS, 175 176 /* 177 * Rutoken ECP specific calls 178 */ 179 SC_CARDCTL_RTECP_BASE = _CTL_PREFIX('R', 'T', 'E'), 180 SC_CARDCTL_RTECP_INIT, 181 SC_CARDCTL_RTECP_INIT_END, 182 SC_CARDCTL_RTECP_GENERATE_KEY, 183 184 /* 185 * Westcos specific 186 */ 187 SC_CARDCTL_WESTCOS_FREEZE = _CTL_PREFIX('W', 'T', 'C'), 188 SC_CARDCTL_WESTCOS_CREATE_MF, 189 SC_CARDCTL_WESTCOS_COMMIT, 190 SC_CARDCTL_WESTCOS_ROLLBACK, 191 SC_CARDCTL_WESTCOS_AUT_KEY, 192 SC_CARDCTL_WESTCOS_CHANGE_KEY, 193 SC_CARDCTL_WESTCOS_SET_DEFAULT_KEY, 194 SC_CARDCTL_WESTCOS_LOAD_DATA, 195 196 /* 197 * MyEID specific calls 198 */ 199 SC_CARDCTL_MYEID_BASE = _CTL_PREFIX('M', 'Y', 'E'), 200 SC_CARDCTL_MYEID_PUTDATA, 201 SC_CARDCTL_MYEID_GETDATA, 202 SC_CARDCTL_MYEID_GENERATE_STORE_KEY, 203 SC_CARDCTL_MYEID_ACTIVATE_CARD, 204 205 /* 206 * PIV specific calls 207 */ 208 SC_CARDCTL_PIV_BASE = _CTL_PREFIX('P', 'I', 'V'), 209 SC_CARDCTL_PIV_AUTHENTICATE, 210 SC_CARDCTL_PIV_GENERATE_KEY, 211 SC_CARDCTL_PIV_PIN_PREFERENCE, 212 SC_CARDCTL_PIV_OBJECT_PRESENT, 213 214 /* 215 * CAC specific calls 216 */ 217 SC_CARDCTL_CAC_BASE = _CTL_PREFIX('C', 'A', 'C'), 218 SC_CARDCTL_CAC_INIT_GET_GENERIC_OBJECTS, 219 SC_CARDCTL_CAC_GET_NEXT_GENERIC_OBJECT, 220 SC_CARDCTL_CAC_FINAL_GET_GENERIC_OBJECTS, 221 SC_CARDCTL_CAC_INIT_GET_CERT_OBJECTS, 222 SC_CARDCTL_CAC_GET_NEXT_CERT_OBJECT, 223 SC_CARDCTL_CAC_FINAL_GET_CERT_OBJECTS, 224 SC_CARDCTL_CAC_GET_ACA_PATH, 225 226 /* 227 * AuthentIC v3 228 */ 229 SC_CARDCTL_AUTHENTIC_BASE = _CTL_PREFIX('A','V','3'), 230 SC_CARDCTL_AUTHENTIC_SDO_CREATE, 231 SC_CARDCTL_AUTHENTIC_SDO_DELETE, 232 SC_CARDCTL_AUTHENTIC_SDO_STORE, 233 SC_CARDCTL_AUTHENTIC_SDO_GENERATE, 234 235 /* 236 * Coolkey specific calls 237 */ 238 SC_CARDCTL_COOLKEY_BASE = _CTL_PREFIX('C', 'O', 'K'), 239 SC_CARDCTL_COOLKEY_INIT_GET_OBJECTS, 240 SC_CARDCTL_COOLKEY_GET_NEXT_OBJECT, 241 SC_CARDCTL_COOLKEY_FINAL_GET_OBJECTS, 242 SC_CARDCTL_COOLKEY_GET_ATTRIBUTE, 243 SC_CARDCTL_COOLKEY_GET_TOKEN_INFO, 244 SC_CARDCTL_COOLKEY_FIND_OBJECT, 245 246 /* 247 * IAS/ECC 248 */ 249 SC_CARDCTL_IASECC_BASE = _CTL_PREFIX('E','C','C'), 250 SC_CARDCTL_IASECC_GET_FREE_KEY_REFERENCE, 251 SC_CARDCTL_IASECC_SDO_MAGIC = _CTL_PREFIX('S','D','O') | 'M', 252 SC_CARDCTL_IASECC_SDO_MAGIC_PUT_DATA = _CTL_PREFIX('S','D','O') | 'P', 253 SC_CARDCTL_IASECC_SDO_PUT_DATA, 254 SC_CARDCTL_IASECC_SDO_KEY_RSA_PUT_DATA, 255 SC_CARDCTL_IASECC_SDO_GET_DATA, 256 SC_CARDCTL_IASECC_SDO_GENERATE, 257 SC_CARDCTL_IASECC_SDO_CREATE, 258 SC_CARDCTL_IASECC_SDO_DELETE, 259 260 /* 261 * OpenPGP 262 */ 263 SC_CARDCTL_OPENPGP_BASE = _CTL_PREFIX('P', 'G', 'P'), 264 SC_CARDCTL_OPENPGP_GENERATE_KEY, 265 SC_CARDCTL_OPENPGP_STORE_KEY, 266 267 /* 268 * SmartCard-HSM 269 */ 270 SC_CARDCTL_SC_HSMP_BASE = _CTL_PREFIX('S', 'C', 'H'), 271 SC_CARDCTL_SC_HSM_GENERATE_KEY, 272 SC_CARDCTL_SC_HSM_INITIALIZE, 273 SC_CARDCTL_SC_HSM_IMPORT_DKEK_SHARE, 274 SC_CARDCTL_SC_HSM_WRAP_KEY, 275 SC_CARDCTL_SC_HSM_UNWRAP_KEY, 276 277 /* 278 * DNIe specific calls 279 */ 280 SC_CARDCTL_DNIE_BASE = _CTL_PREFIX('D', 'N', 'I'), 281 SC_CARDCTL_DNIE_GENERATE_KEY, 282 SC_CARDCTL_DNIE_GET_INFO, 283 284 /* 285 * isoApplet Java Card Applet 286 */ 287 SC_CARDCTL_ISOAPPLET_BASE = _CTL_PREFIX('I','S','O'), 288 SC_CARDCTL_ISOAPPLET_GENERATE_KEY, 289 SC_CARDCTL_ISOAPPLET_IMPORT_KEY, 290 291 /* 292 * GIDS cards 293 */ 294 SC_CARDCTL_GIDS_BASE = _CTL_PREFIX('G','I','D'), 295 SC_CARDCTL_GIDS_GET_ALL_CONTAINERS, 296 SC_CARDCTL_GIDS_GET_CONTAINER_DETAIL, 297 SC_CARDCTL_GIDS_SELECT_KEY_REFERENCE, 298 SC_CARDCTL_GIDS_CREATE_KEY, 299 SC_CARDCTL_GIDS_GENERATE_KEY, 300 SC_CARDCTL_GIDS_IMPORT_KEY, 301 SC_CARDCTL_GIDS_SAVE_CERT, 302 SC_CARDCTL_GIDS_DELETE_KEY, 303 SC_CARDCTL_GIDS_DELETE_CERT, 304 SC_CARDCTL_GIDS_INITIALIZE, 305 SC_CARDCTL_GIDS_SET_ADMIN_KEY, 306 SC_CARDCTL_GIDS_AUTHENTICATE_ADMIN, 307 308 /* 309 * IDPrime specific calls 310 */ 311 SC_CARDCTL_IDPRIME_BASE = _CTL_PREFIX('I', 'D', 'P'), 312 SC_CARDCTL_IDPRIME_INIT_GET_OBJECTS, 313 SC_CARDCTL_IDPRIME_GET_NEXT_OBJECT, 314 SC_CARDCTL_IDPRIME_FINAL_GET_OBJECTS, 315 SC_CARDCTL_IDPRIME_GET_TOKEN_NAME, 316 317 }; 318 319 enum { 320 SC_CARDCTRL_LIFECYCLE_ADMIN, 321 SC_CARDCTRL_LIFECYCLE_USER, 322 SC_CARDCTRL_LIFECYCLE_OTHER 323 }; 324 325 /* 326 * Generic cardctl - check if the required key is a default 327 * key (such as the GPK "TEST KEYTEST KEY" key, or the Cryptoflex AAK) 328 */ 329 struct sc_cardctl_default_key { 330 int method; /* SC_AC_XXX */ 331 int key_ref; /* key reference */ 332 333 size_t len; /* in: max size, out: actual size */ 334 u8 * key_data; /* out: key data */ 335 }; 336 337 /* 338 * Generic cardctl - initialize token using PKCS#11 style 339 */ 340 typedef struct sc_cardctl_pkcs11_init_token { 341 const unsigned char * so_pin; 342 size_t so_pin_len; 343 const char * label; 344 } sc_cardctl_pkcs11_init_token_t; 345 346 /* 347 * Generic cardctl - set pin using PKCS#11 style 348 */ 349 typedef struct sc_cardctl_pkcs11_init_pin { 350 const unsigned char * pin; 351 size_t pin_len; 352 } sc_cardctl_pkcs11_init_pin_t; 353 354 /* 355 * Generic cardctl - card driver can examine token info 356 */ 357 struct sc_cardctl_parsed_token_info { 358 unsigned int flags; 359 struct sc_pkcs15_tokeninfo * tokeninfo; 360 }; 361 362 /* 363 * GPK lock file. 364 * Parent DF of file must be selected. 365 */ 366 struct sc_cardctl_gpk_lock { 367 struct sc_file * file; 368 unsigned int operation; 369 }; 370 371 /* 372 * GPK initialize private key file. 373 * Parent DF must be selected. 374 */ 375 struct sc_cardctl_gpk_pkinit { 376 struct sc_file * file; 377 unsigned int privlen; 378 }; 379 380 /* 381 * GPK load private key portion. 382 */ 383 struct sc_cardctl_gpk_pkload { 384 struct sc_file * file; 385 u8 * data; 386 unsigned int len; 387 unsigned int datalen; 388 }; 389 390 struct sc_cardctl_gpk_genkey { 391 unsigned int fid; 392 unsigned int privlen; 393 unsigned char * pubkey; 394 unsigned int pubkey_len; 395 }; 396 397 enum { 398 SC_CARDCTL_MIOCOS_AC_PIN, 399 SC_CARDCTL_MIOCOS_AC_CHAL, 400 SC_CARDCTL_MIOCOS_AC_LOGICAL, 401 SC_CARDCTL_MIOCOS_AC_SMARTPIN 402 }; 403 404 /* 405 * MioCOS AC info 406 */ 407 struct sc_cardctl_miocos_ac_info { 408 int type; 409 int ref; 410 int max_tries; 411 int enable_ac; /* only applicable to PINs */ 412 u8 key_value[8]; 413 int max_unblock_tries; /* same here */ 414 u8 unblock_value[8]; /* and here */ 415 }; 416 417 /* 418 * Siemens CardOS PIN info 419 */ 420 struct sc_cardctl_cardos_obj_info { 421 u8 * data; 422 size_t len; 423 }; 424 425 struct sc_cardctl_cardos_genkey_info { 426 unsigned int key_id; 427 unsigned int key_bits; 428 unsigned short fid; 429 }; 430 431 struct sc_cardctl_cardos_pass_algo_flags { 432 unsigned int pass; 433 unsigned long card_flags; /* from card->flags i.e. user set */ 434 unsigned long used_flags; /* as set by default */ 435 unsigned long new_flags; /* set in pkcs15-cardos.c */ 436 unsigned long ec_flags; /* for EC keys */ 437 unsigned long ext_flags; /* for EC keys */ 438 }; 439 440 /* 441 * Incrypto34 PIN info 442 */ 443 struct sc_cardctl_incrypto34_obj_info { 444 u8 * data; 445 size_t len; 446 unsigned int key_id; 447 unsigned int key_class; 448 }; 449 450 struct sc_cardctl_incrypto34_genkey_info { 451 unsigned int key_id; 452 unsigned int key_bits; 453 unsigned short fid; 454 }; 455 456 /* 457 * Cryptoflex info 458 */ 459 struct sc_cardctl_cryptoflex_genkey_info { 460 unsigned int key_num; 461 unsigned int key_bits; 462 unsigned long exponent; 463 unsigned char * pubkey; 464 unsigned int pubkey_len; 465 }; 466 467 /* 468 * Starcos stuff 469 */ 470 #define SC_STARCOS_MF_DATA 0x01 471 #define SC_STARCOS_DF_DATA 0x02 472 #define SC_STARCOS_EF_DATA 0x04 473 474 typedef struct sc_starcos_create_data_st { 475 unsigned int type; 476 union { 477 struct { 478 u8 header[19]; /* see starcos manual */ 479 } mf; 480 struct { 481 u8 header[25]; /* see starcos manual */ 482 u8 size[2]; 483 } df; 484 struct { 485 u8 header[16]; /* see starcos manual */ 486 } ef; 487 } data; 488 } sc_starcos_create_data; 489 490 typedef struct sc_starcos_write_key_data_st { 491 u8 mode; /* 1 = Update, 0 = Install */ 492 u8 kid; /* key id */ 493 u8 key_header[12]; /* see starcos manual */ 494 const u8 *key; 495 size_t key_len; 496 } sc_starcos_wkey_data; 497 498 typedef struct sc_starcos_gen_key_data_st { 499 u8 key_id; 500 size_t key_length; 501 u8 *modulus; 502 } sc_starcos_gen_key_data; 503 504 struct sc_cardctl_jcop_genkey { 505 unsigned long exponent; 506 sc_path_t pub_file_ref; 507 sc_path_t pri_file_ref; 508 unsigned char * pubkey; 509 unsigned int pubkey_len; 510 }; 511 512 /* 513 * Oberthur ex_data stuff 514 */ 515 enum SC_CARDCTL_OBERTHUR_KEY_TYPE { 516 SC_CARDCTL_OBERTHUR_KEY_DES = 0x80, 517 518 SC_CARDCTL_OBERTHUR_KEY_RSA_PUBLIC = 0xA1, 519 SC_CARDCTL_OBERTHUR_KEY_RSA_SFM, 520 SC_CARDCTL_OBERTHUR_KEY_RSA_CRT, 521 SC_CARDCTL_OBERTHUR_KEY_DSA_PUBLIC, 522 SC_CARDCTL_OBERTHUR_KEY_DSA_PRIVATE, 523 SC_CARDCTL_OBERTHUR_KEY_EC_CRT, 524 SC_CARDCTL_OBERTHUR_KEY_EC_PUBLIC 525 }; 526 527 struct sc_cardctl_oberthur_genkey_info { 528 unsigned int id_prv, id_pub; 529 unsigned int key_bits; 530 unsigned long exponent; 531 unsigned char * pubkey; 532 unsigned int pubkey_len; 533 534 int method; /* SC_AC_XXX */ 535 int key_ref; /* key reference */ 536 }; 537 538 struct sc_cardctl_oberthur_updatekey_info { 539 enum SC_CARDCTL_OBERTHUR_KEY_TYPE type; 540 541 unsigned char *data; 542 unsigned int data_len; 543 544 unsigned char id[256]; 545 unsigned int id_len; 546 }; 547 548 struct sc_cardctl_oberthur_createpin_info { 549 unsigned int type; 550 unsigned int ref; 551 const unsigned char *pin; 552 unsigned int pin_len; 553 unsigned int pin_tries; 554 const unsigned char *puk; 555 unsigned int puk_len; 556 unsigned int puk_tries; 557 }; 558 559 /* 560 * Setcos stuff 561 */ 562 struct sc_cardctl_setcos_data_obj { 563 int P1; 564 int P2; 565 u8 * Data; 566 size_t DataLen; 567 int LengthMax; 568 }; 569 570 struct sc_cardctl_setcos_gen_store_key_info { 571 int op_type; 572 unsigned int mod_len; /* in bits */ 573 unsigned int pubexp_len; /* in bits */ 574 unsigned char *pubexp; 575 unsigned int primep_len; /* in bits */ 576 unsigned char *primep; 577 unsigned int primeq_len; /* in bits */ 578 unsigned char *primeq; 579 }; 580 581 /* 582 * Muscle stuff 583 */ 584 typedef struct sc_cardctl_muscle_gen_key_info { 585 int keyType; 586 int keySize; 587 int privateKeyLocation; 588 int publicKeyLocation; 589 } sc_cardctl_muscle_gen_key_info_t; 590 591 592 typedef struct sc_cardctl_muscle_key_info { 593 int keyType; 594 int keyLocation; 595 int keySize; 596 size_t modLength; 597 u8* modValue; 598 size_t expLength; 599 u8* expValue; 600 size_t pLength; 601 u8* pValue; 602 size_t qLength; 603 u8* qValue; 604 size_t pqLength; 605 u8* pqValue; 606 size_t dp1Length; 607 u8* dp1Value; 608 size_t dq1Length; 609 u8* dq1Value; 610 size_t gLength; 611 u8* gValue; 612 size_t yLength; 613 u8* yValue; 614 } sc_cardctl_muscle_key_info_t; 615 616 typedef struct sc_cardctl_muscle_verified_pins_info { 617 unsigned verifiedPins; 618 } sc_cardctl_muscle_verified_pins_info_t; 619 620 /* ASEPCOS ctl specific structures */ 621 typedef struct sc_cardctl_asepcos_change_key { 622 const u8 *data; 623 size_t datalen; 624 } sc_cardctl_asepcos_change_key_t; 625 626 typedef struct sc_cardctl_asepcos_akn2fileid { 627 int akn; 628 int fileid; 629 } sc_cardctl_asepcos_akn2fileid_t; 630 631 typedef struct sc_cardctl_asepcos_activate_file { 632 int fileid; 633 int is_ef; 634 } sc_cardctl_asepcos_activate_file_t; 635 636 #define OP_TYPE_GENERATE 0 637 #define OP_TYPE_STORE 1 638 639 /* 640 * Westcos 641 */ 642 643 typedef struct { 644 int key_reference; 645 size_t key_len; /* 8, 16 or 24 */ 646 u8 key_value[24]; 647 }sc_autkey_t; 648 649 typedef struct { 650 sc_autkey_t master_key; 651 sc_autkey_t new_key; 652 u8 key_template[7]; 653 }sc_changekey_t; 654 655 /* 656 * RuToken types and constants 657 */ 658 659 #define SC_RUTOKEN_DO_PART_BODY_LEN 199 660 #define SC_RUTOKEN_DO_HDR_LEN 32 661 662 /* DO Types */ 663 #define SC_RUTOKEN_TYPE_MASK 0xF 664 #define SC_RUTOKEN_TYPE_SE 0x0 665 #define SC_RUTOKEN_TYPE_CHV 0x1 666 #define SC_RUTOKEN_TYPE_KEY 0x2 667 668 #define SC_RUTOKEN_COMPACT_DO_MAX_LEN 16 /* MAX Body length of Compact DOs */ 669 670 #define SC_RUTOKEN_DO_ALL_MIN_ID 0x1 /* MIN ID value of All DOs */ 671 #define SC_RUTOKEN_DO_CHV_MAX_ID 0x1F /* MAX ID value of CHV-objects */ 672 #define SC_RUTOKEN_DO_NOCHV_MAX_ID 0x7F /* MAX ID value of All Other DOs */ 673 674 /* DO Default Lengths */ 675 #define SC_RUTOKEN_DEF_LEN_DO_GOST 32 676 #define SC_RUTOKEN_DEF_LEN_DO_SE 6 677 678 679 #define SC_RUTOKEN_ALLTYPE_SE SC_RUTOKEN_TYPE_SE /* SE */ 680 #define SC_RUTOKEN_ALLTYPE_GCHV SC_RUTOKEN_TYPE_CHV /* GCHV */ 681 #define SC_RUTOKEN_ALLTYPE_LCHV 0x11 /* LCHV */ 682 #define SC_RUTOKEN_ALLTYPE_GOST SC_RUTOKEN_TYPE_KEY /* GOST */ 683 684 /* DO ID */ 685 #define SC_RUTOKEN_ID_CURDF_RESID_FLAG 0x80 /* DO placed in current DF */ 686 687 #define SC_RUTOKEN_DEF_ID_GCHV_ADMIN 0x01 /* ID DO ADMIN */ 688 #define SC_RUTOKEN_DEF_ID_GCHV_USER 0x02 /* ID DO USER */ 689 690 /* DO Options */ 691 #define SC_RUTOKEN_OPTIONS_GCHV_ACCESS_MASK 0x7 /* Access rights */ 692 #define SC_RUTOKEN_OPTIONS_GACCESS_ADMIN SC_RUTOKEN_DEF_ID_GCHV_ADMIN /* ADMIN */ 693 #define SC_RUTOKEN_OPTIONS_GACCESS_USER SC_RUTOKEN_DEF_ID_GCHV_USER /* USER */ 694 695 #define SC_RUTOKEN_OPTIONS_GOST_CRYPT_MASK 0x7 /* crypto algorithm */ 696 #define SC_RUTOKEN_OPTIONS_GOST_CRYPT_PZ 0x0 /* (encryptECB) simple-change mode */ 697 #define SC_RUTOKEN_OPTIONS_GOST_CRYPT_GAMM 0x1 /* (encryptCNT) gamma mode */ 698 #define SC_RUTOKEN_OPTIONS_GOST_CRYPT_GAMMOS 0x2 /* (encryptCFB) feed-back gamma mode */ 699 700 701 /* DO flags */ 702 #define SC_RUTOKEN_FLAGS_COMPACT_DO 0x1 703 #define SC_RUTOKEN_FLAGS_OPEN_DO_MASK 0x6 704 #define SC_RUTOKEN_FLAGS_BLEN_OPEN_DO 0x2 705 #define SC_RUTOKEN_FLAGS_FULL_OPEN_DO 0x6 706 707 /* DO MAX:CUR try */ 708 #define SC_RUTOKEN_MAXTRY_MASK 0xF0 /* MAX try */ 709 #define SC_RUTOKEN_CURTRY_MASK 0x0F /* CUR try */ 710 711 #define SC_RUTOKEN_DO_CHV_MAX_ID_V2 SC_RUTOKEN_DEF_ID_GCHV_USER /* MAX ID value of CHV-objects */ 712 #define SC_RUTOKEN_DO_NOCHV_MAX_ID_V2 SC_RUTOKEN_DO_NOCHV_MAX_ID /* MAX ID value of All Other DOs */ 713 714 #if defined(__APPLE__) || defined(sun) 715 #pragma pack(1) 716 #else 717 #pragma pack(push, 1) 718 #endif 719 typedef u8 sc_SecAttrV2_t[40]; 720 721 typedef struct sc_ObjectTypeID{ 722 u8 byObjectType; 723 u8 byObjectID; 724 } sc_ObjectTypeID_t; 725 726 typedef struct sc_ObjectParams{ 727 u8 byObjectOptions; 728 u8 byObjectFlags; 729 u8 byObjectTry; 730 } sc_ObjectParams_t; 731 732 typedef struct sc_DOHdrV2 { 733 unsigned short wDOBodyLen; 734 sc_ObjectTypeID_t OTID; 735 sc_ObjectParams_t OP; 736 u8 dwReserv1[4]; 737 u8 abyReserv2[6]; 738 sc_SecAttrV2_t SA_V2; 739 } sc_DOHdrV2_t; 740 741 typedef struct sc_DO_V2 { 742 sc_DOHdrV2_t HDR; 743 u8 abyDOBody[SC_RUTOKEN_DO_PART_BODY_LEN]; 744 } sc_DO_V2_t; 745 746 typedef enum 747 { 748 select_first, 749 select_by_id, 750 select_next 751 } SC_RUTOKEN_DO_SEL_TYPES; 752 753 typedef struct sc_DO_INFO_V2 { 754 u8 DoId; 755 SC_RUTOKEN_DO_SEL_TYPES SelType; 756 u8 pDoData[256]; 757 } sc_DO_INFO_t; 758 759 struct sc_rutoken_decipherinfo { 760 const u8 *inbuf; 761 size_t inlen; 762 u8 *outbuf; 763 size_t outlen; 764 }; 765 766 /* 767 * EnterSafe stuff 768 * 769 */ 770 771 #define SC_ENTERSAFE_MF_DATA 0x01 772 #define SC_ENTERSAFE_DF_DATA 0x02 773 #define SC_ENTERSAFE_EF_DATA 0x04 774 775 #define ENTERSAFE_USER_PIN_ID 0x01 776 #define ENTERSAFE_SO_PIN_ID 0x02 777 #define ENTERSAFE_MIN_KEY_ID 0x01 778 #define ENTERSAFE_MAX_KEY_ID 0x09 779 780 #define ENTERSAFE_AC_EVERYONE 0x00 781 #define ENTERSAFE_AC_USER 0x04 782 783 #define ENTERSAFE_AC_NEVER 0xC0 784 #define ENTERSAFE_AC_ALWAYS 0x10 785 #define ENTERSAFE_AC_CHV 0x30 786 787 788 typedef struct sc_entersafe_create_data_st { 789 unsigned int type; 790 union { 791 struct { 792 u8 file_id[2]; 793 u8 file_count; 794 u8 flag; 795 u8 ikf_size[2]; 796 u8 create_ac; 797 u8 append_ac; 798 u8 lock_ac; 799 u8 aid[16]; 800 u8 init_key[16]; 801 } df; 802 struct { 803 u8 file_id[2]; 804 u8 size[2]; 805 u8 attr[2]; 806 u8 name; 807 u8 ac[10]; 808 u8 sm[2]; 809 } ef; 810 } data; 811 } sc_entersafe_create_data; 812 813 typedef struct sc_entersafe_wkey_data_st { 814 u8 key_id; 815 u8 usage; 816 union{ 817 struct sc_pkcs15_prkey_rsa* rsa; 818 struct{ 819 u8 EC; 820 u8 ver; 821 u8 key_val[256]; 822 size_t key_len; 823 } symmetric; 824 }key_data; 825 } sc_entersafe_wkey_data; 826 827 typedef struct sc_entersafe_gen_key_data_st { 828 u8 key_id; 829 size_t key_length; 830 u8 *modulus; 831 } sc_entersafe_gen_key_data; 832 833 #define SC_EPASS2003_KEY 0x00000010 834 #define SC_EPASS2003_KEY_RSA 0x00000011 835 #define SC_EPASS2003_SECRET 0x00000020 836 #define SC_EPASS2003_SECRET_PRE 0x00000021 837 #define SC_EPASS2003_SECRET_PIN 0x00000022 838 839 #define EPASS2003_AC_EVERYONE 0x00 840 #define EPASS2003_AC_USER 0x06 841 #define EPASS2003_AC_SO 0x08 842 #define EPASS2003_AC_NOONE 0x0F 843 #define EPASS2003_AC_MAC_UNEQUAL 0x80 844 #define EPASS2003_AC_MAC_NOLESS 0x90 845 #define EPASS2003_AC_MAC_LESS 0xA0 846 #define EPASS2003_AC_MAC_EQUAL 0xB0 847 848 #define FID_STEP 0x20 849 850 typedef struct sc_epass2003_wkey_data_st { 851 u8 type; 852 union { 853 struct { 854 unsigned short fid; 855 struct sc_pkcs15_prkey_rsa* rsa; 856 } es_key; 857 struct { 858 u8 kid; 859 u8 EC; 860 u8 ac[2]; 861 u8 key_val[256]; 862 size_t key_len; 863 } es_secret; 864 } key_data; 865 } sc_epass2003_wkey_data; 866 867 typedef struct sc_epass2003_gen_key_data_st { 868 int prkey_id; 869 int pukey_id; 870 size_t key_length; 871 u8 *modulus; 872 } sc_epass2003_gen_key_data; 873 874 875 #if defined(__APPLE__) || defined(sun) 876 #pragma pack() 877 #else 878 #pragma pack(pop) 879 #endif 880 881 /* 882 * Rutoken ECP stuff 883 */ 884 885 #define SC_RTECP_SEC_ATTR_SIZE 15 886 887 typedef struct sc_rtecp_genkey_data { 888 unsigned int type; 889 unsigned int key_id; 890 union 891 { 892 struct 893 { 894 unsigned char *exponent; 895 size_t exponent_len; 896 unsigned char *modulus; 897 size_t modulus_len; 898 } rsa; 899 struct 900 { 901 unsigned char *xy; 902 size_t xy_len; 903 } gostr3410; 904 } u; 905 } sc_rtecp_genkey_data_t; 906 907 /* 908 * MyEID stuff 909 */ 910 enum SC_CARDCTL_MYEID_KEY_TYPE { 911 SC_CARDCTL_MYEID_KEY_RSA = 0x11, 912 SC_CARDCTL_MYEID_KEY_DES = 0x19, 913 SC_CARDCTL_MYEID_KEY_EC = 0x22, 914 SC_CARDCTL_MYEID_KEY_AES = 0x29, 915 SC_CARDCTL_MYEID_KEY_GENERIC_SECRET = 0x41 916 }; 917 918 struct sc_cardctl_myeid_data_obj { 919 int P1; 920 int P2; 921 u8 * Data; 922 size_t DataLen; 923 int LengthMax; 924 }; 925 926 struct sc_cardctl_myeid_gen_store_key_info { 927 int op_type; 928 unsigned int key_type; /* value of SC_CARDCTL_MYEID_KEY_TYPE */ 929 size_t key_len_bits; 930 unsigned char *mod; 931 size_t pubexp_len; 932 unsigned char *pubexp; 933 size_t primep_len; 934 unsigned char *primep; 935 size_t primeq_len; 936 unsigned char *primeq; 937 size_t dp1_len; 938 unsigned char *dp1; 939 size_t dq1_len; 940 unsigned char *dq1; 941 size_t invq_len; 942 unsigned char *invq; 943 /* new for MyEID > 3.6.0 */ 944 unsigned char *d; /* EC private key / Symmetric key */ 945 size_t d_len; /* EC / Symmetric */ 946 unsigned char *ecpublic_point; /* EC public key */ 947 size_t ecpublic_point_len; /* EC */ 948 }; 949 950 /* 951 * PIV info 952 */ 953 typedef struct sc_cardctl_piv_genkey_info_st { 954 unsigned int key_num; 955 unsigned int key_algid; /* RSA 5, 6, 7; EC 11, 14 */ 956 unsigned int key_bits; /* RSA */ 957 unsigned long exponent; /* RSA */ 958 unsigned char * pubkey; /* RSA */ 959 unsigned int pubkey_len; /* RSA */ 960 unsigned char * ecparam; /* EC */ 961 unsigned int ecparam_len; /* EC */ 962 unsigned char * ecpoint; /* EC */ 963 unsigned int ecpoint_len; /* EC */ 964 965 } sc_cardctl_piv_genkey_info_t; 966 967 /* 968 * OpenPGP 969 */ 970 #define SC_OPENPGP_KEY_SIGN 1 971 #define SC_OPENPGP_KEY_ENCR 2 972 #define SC_OPENPGP_KEY_AUTH 3 973 974 #define SC_OPENPGP_KEYALGO_RSA 0x01 975 #define SC_OPENPGP_KEYALGO_ECDH 0x12 976 #define SC_OPENPGP_KEYALGO_ECDSA 0x13 977 #define SC_OPENPGP_KEYALGO_EDDSA 0x16 978 979 #define SC_OPENPGP_KEYFORMAT_RSA_STD 0 /* See 4.3.3.6 Algorithm Attributes */ 980 #define SC_OPENPGP_KEYFORMAT_RSA_STDN 1 /* OpenPGP card spec v2 */ 981 #define SC_OPENPGP_KEYFORMAT_RSA_CRT 2 982 #define SC_OPENPGP_KEYFORMAT_RSA_CRTN 3 983 984 #define SC_OPENPGP_KEYFORMAT_EC_STD 0 985 #define SC_OPENPGP_KEYFORMAT_EC_STDPUB 0xFF 986 987 #define SC_OPENPGP_MAX_EXP_BITS 0x20 /* maximum exponent length supported in bits */ 988 989 typedef struct sc_cardctl_openpgp_keygen_info { 990 u8 key_id; /* SC_OPENPGP_KEY_... */ 991 u8 algorithm; /* SC_OPENPGP_KEYALGO_... */ 992 union { 993 struct { 994 u8 keyformat; /* SC_OPENPGP_KEYFORMAT_RSA_... */ 995 u8 *modulus; /* New-generated pubkey info responded from the card */ 996 size_t modulus_len; /* Length of modulus in bit */ 997 u8 *exponent; 998 size_t exponent_len; /* Length of exponent in bit */ 999 } rsa; 1000 struct { 1001 u8 keyformat; /* SC_OPENPGP_KEYFORMAT_EC_... */ 1002 u8 *ecpoint; 1003 size_t ecpoint_len; 1004 struct sc_object_id oid; 1005 u8 oid_len; 1006 unsigned int key_length; 1007 } ec; 1008 } u; 1009 } sc_cardctl_openpgp_keygen_info_t; 1010 1011 typedef struct sc_cardctl_openpgp_keystore_info { 1012 u8 key_id; /* SC_OPENPGP_KEY_... */ 1013 u8 algorithm; /* SC_OPENPGP_KEYALGO_... */ 1014 union { 1015 struct { 1016 u8 keyformat; /* SC_OPENPGP_KEYFORMAT_RSA_... */ 1017 u8 *e; 1018 size_t e_len; /* Length of exponent in bit */ 1019 u8 *p; 1020 size_t p_len; 1021 u8 *q; 1022 size_t q_len; 1023 u8 *n; 1024 size_t n_len; 1025 } rsa; 1026 struct { 1027 u8 keyformat; /* SC_OPENPGP_KEYFORMAT_EC_... */ 1028 u8 *privateD; 1029 size_t privateD_len; 1030 u8 *ecpointQ; 1031 size_t ecpointQ_len; 1032 struct sc_object_id oid; 1033 u8 oid_len; 1034 } ec; 1035 } u; 1036 time_t creationtime; 1037 } sc_cardctl_openpgp_keystore_info_t; 1038 1039 /* 1040 * SmartCard-HSM 1041 */ 1042 typedef struct sc_cardctl_sc_hsm_keygen_info { 1043 u8 key_id; 1044 u8 auth_key_id; /* Key to use for CV request signing */ 1045 u8 *gakprequest; /* GENERATE ASYMMETRIC KEY PAIR request */ 1046 size_t gakprequest_len; /* Size of request */ 1047 u8 *gakpresponse; /* Authenticated CV request, allocated by the driver */ 1048 size_t gakpresponse_len; /* Size of response */ 1049 } sc_cardctl_sc_hsm_keygen_info_t; 1050 1051 typedef struct sc_cardctl_sc_hsm_init_param { 1052 u8 init_code[8]; /* Initialization code */ 1053 u8 *user_pin; /* Initial user PIN */ 1054 size_t user_pin_len; /* Length of user PIN */ 1055 u8 user_pin_retry_counter; /* Retry counter default value */ 1056 struct sc_aid bio1; /* AID of biometric server for template 1 */ 1057 struct sc_aid bio2; /* AID of biometric server for template 2 */ 1058 u8 options[2]; /* Initialization options */ 1059 signed char dkek_shares; /* Number of DKEK shares, 0 for card generated, -1 for none */ 1060 char *label; /* Token label to be set in EF.TokenInfo (2F03) */ 1061 } sc_cardctl_sc_hsm_init_param_t; 1062 1063 typedef struct sc_cardctl_sc_hsm_dkek { 1064 int importShare; /* True to import share, false to just query status */ 1065 u8 dkek_share[32]; /* AES-256 DKEK share */ 1066 u8 dkek_shares; /* Total number of shares */ 1067 u8 outstanding_shares; /* Number of shares to be presented */ 1068 u8 key_check_value[8]; /* Key check value for DKEK */ 1069 } sc_cardctl_sc_hsm_dkek_t; 1070 1071 typedef struct sc_cardctl_sc_hsm_wrapped_key { 1072 u8 key_id; /* Key identifier */ 1073 u8 *wrapped_key; /* Binary wrapped key */ 1074 size_t wrapped_key_length; /* Length of key blob */ 1075 } sc_cardctl_sc_hsm_wrapped_key_t; 1076 1077 /* 1078 * isoApplet 1079 */ 1080 1081 #define SC_ISOAPPLET_ALG_REF_RSA_GEN_2048 0xF3 1082 #define SC_ISOAPPLET_ALG_REF_EC_GEN 0xEC 1083 1084 typedef struct sc_cardctl_isoApplet_ec_parameters { 1085 struct sc_lv_data prime; 1086 struct sc_lv_data coefficientA; 1087 struct sc_lv_data coefficientB; 1088 struct sc_lv_data basePointG; 1089 struct sc_lv_data order; 1090 struct sc_lv_data coFactor; 1091 } sc_cardctl_isoApplet_ec_parameters_t; 1092 1093 typedef struct sc_cardctl_isoApplet_genkey { 1094 u8 algorithm_ref; /* Algorithm reference sent to card */ 1095 unsigned int priv_key_ref; /* Private key reference sent to card */ 1096 union { 1097 struct 1098 { 1099 struct sc_lv_data modulus; 1100 struct sc_lv_data exponent; 1101 } rsa; 1102 struct 1103 { 1104 sc_cardctl_isoApplet_ec_parameters_t params; 1105 struct sc_lv_data ecPointQ; 1106 } ec; 1107 } pubkey; 1108 } sc_cardctl_isoApplet_genkey_t; 1109 1110 typedef struct sc_cardctl_isoApplet_import_key { 1111 u8 algorithm_ref; /* Algorithm reference sent to card */ 1112 unsigned int priv_key_ref; /* Private key reference sent to card */ 1113 union { 1114 struct 1115 { 1116 struct sc_lv_data p; 1117 struct sc_lv_data q; 1118 struct sc_lv_data iqmp; 1119 struct sc_lv_data dmp1; 1120 struct sc_lv_data dmq1; 1121 } rsa; 1122 struct 1123 { 1124 sc_cardctl_isoApplet_ec_parameters_t params; 1125 struct sc_lv_data privateD; 1126 } ec; 1127 } privkey; 1128 } sc_cardctl_isoApplet_import_key_t; 1129 1130 /* 1131 * coolkey object returned from the card control interface 1132 */ 1133 typedef struct sc_cardctl_coolkey_object { 1134 sc_path_t path; 1135 unsigned long id; 1136 size_t length; 1137 u8 *data; 1138 } sc_cardctl_coolkey_object_t; 1139 1140 1141 /* data structure to pass attributes through the ctl interface */ 1142 typedef struct sc_cardctl_coolkey_attribute { 1143 const sc_cardctl_coolkey_object_t *object; 1144 unsigned long attribute_type; 1145 u8 attribute_data_type; 1146 size_t attribute_length; 1147 const u8 *attribute_value; 1148 } sc_cardctl_coolkey_attribute_t; 1149 1150 #define SC_CARDCTL_COOLKEY_ATTR_TYPE_STRING 0 1151 #define SC_CARDCTL_COOLKEY_ATTR_TYPE_ULONG 1 1152 1153 typedef struct sc_cardctl_coolkey_find_object { 1154 int type; /* in parameter */ 1155 unsigned long find_id; /* in parameter */ 1156 sc_cardctl_coolkey_attribute_t *coolkey_template; /* in parameter */ 1157 int template_count; /* in parameter */ 1158 sc_cardctl_coolkey_object_t *obj; /* out parameter */ 1159 } sc_cardctl_coolkey_find_object_t; 1160 1161 #define SC_CARDCTL_COOLKEY_FIND_BY_ID 0 1162 #define SC_CARDCTL_COOLKEY_FIND_BY_TEMPLATE 1 1163 1164 #ifdef __cplusplus 1165 } 1166 #endif 1167 1168 #endif /* _OPENSC_CARDCTL_H */ 1169