31
31
#include "iso7816.h"
32
32
#include "app-common.h"
34
#include "apdu.h" /* fixme: we should move the card detection to a
37
/* Types of cards we know and which needs special treatment. */
43
CARD_TYPE_BELPIC /* Belgian eID card specs. */
47
/* A list card types with ATRs noticed with these cards. */
48
#define X(a) ((unsigned char const *)(a))
52
unsigned char const *atr;
55
{ 19, X("\x3B\xBA\x13\x00\x81\x31\x86\x5D\x00\x64\x05\x0A\x02\x01\x31\x80"
57
CARD_TYPE_TCOS }, /* SLE44 */
58
{ 19, X("\x3B\xBA\x14\x00\x81\x31\x86\x5D\x00\x64\x05\x14\x02\x02\x31\x80"
60
CARD_TYPE_TCOS }, /* SLE66S */
61
{ 19, X("\x3B\xBA\x96\x00\x81\x31\x86\x5D\x00\x64\x05\x60\x02\x03\x31\x80"
63
CARD_TYPE_TCOS }, /* SLE66P */
64
{ 27, X("\x3B\xFF\x94\x00\xFF\x80\xB1\xFE\x45\x1F\x03\x00\x68\xD2\x76\x00"
65
"\x00\x28\xFF\x05\x1E\x31\x80\x00\x90\x00\x23"),
66
CARD_TYPE_MICARDO }, /* German BMI card */
67
{ 19, X("\x3B\x6F\x00\xFF\x00\x68\xD2\x76\x00\x00\x28\xFF\x05\x1E\x31\x80"
69
CARD_TYPE_MICARDO }, /* German BMI card (ATR due to reader problem) */
70
{ 26, X("\x3B\xFE\x94\x00\xFF\x80\xB1\xFA\x45\x1F\x03\x45\x73\x74\x45\x49"
71
"\x44\x20\x76\x65\x72\x20\x31\x2E\x30\x43"),
72
CARD_TYPE_MICARDO }, /* EstEID (Estonian Big Brother card) */
79
/* The AID of PKCS15. */
80
static char const pkcs15_aid[] = { 0xA0, 0, 0, 0, 0x63,
81
0x50, 0x4B, 0x43, 0x53, 0x2D, 0x31, 0x35 };
83
/* The Belgian eID variant - they didn't understood why a shared AID
84
is useful for a standard. Oh well. */
85
static char const pkcs15be_aid[] = { 0xA0, 0, 0, 0x01, 0x77,
86
0x50, 0x4B, 0x43, 0x53, 0x2D, 0x31, 0x35 };
89
/* The PIN types as defined in pkcs#15 v1.1 */
93
PIN_TYPE_ASCII_NUMERIC = 1,
95
PIN_TYPE_HALF_NIBBLE_BCD = 3,
96
PIN_TYPE_ISO9564_1 = 4
100
/* A bit array with for the key usage flags from the
101
commonKeyAttributes. */
102
struct keyusage_flags_s
104
unsigned int encrypt: 1;
105
unsigned int decrypt: 1;
106
unsigned int sign: 1;
107
unsigned int sign_recover: 1;
108
unsigned int wrap: 1;
109
unsigned int unwrap: 1;
110
unsigned int verify: 1;
111
unsigned int verify_recover: 1;
112
unsigned int derive: 1;
113
unsigned int non_repudiation: 1;
115
typedef struct keyusage_flags_s keyusage_flags_t;
119
/* This is an object to store information about a Certificate
120
Directory File (CDF) in a format suitable for further processing by
121
us. To keep memory management, simple we use a linked list of
122
items; i.e. one such object represents one certificate and the list
126
/* Link to next item when used in a linked list. */
127
struct cdf_object_s *next;
129
/* Length and allocated buffer with the Id of this object. */
131
unsigned char *objid;
133
/* To avoid reading a certificate more than once, we cache it in an
134
allocated memory IMAGE of IMAGELEN. */
136
unsigned char *image;
138
/* Set to true if a length and offset is available. */
140
/* The offset and length of the object. They are only valid if
141
HAVE_OFF is true and set to 0 if HAVE_OFF is false. */
142
unsigned long off, len;
144
/* The length of the path as given in the CDF and the path itself.
145
path[0] is the top DF (usually 0x3f00). The path will never be
148
unsigned short path[1];
150
typedef struct cdf_object_s *cdf_object_t;
153
/* This is an object to store information about a Private Key
154
Directory File (PrKDF) in a format suitable for further processing
155
by us. To keep memory management, simple we use a linked list of
156
items; i.e. one such object represents one certificate and the list
158
struct prkdf_object_s
160
/* Link to next item when used in a linked list. */
161
struct prkdf_object_s *next;
163
/* Length and allocated buffer with the Id of this object. */
165
unsigned char *objid;
167
/* Length and allocated buffer with the authId of this object or
168
NULL if no authID is known. */
170
unsigned char *authid;
172
/* The key's usage flags. */
173
keyusage_flags_t usageflags;
175
/* The keyReference and a flag telling whether it is valid. */
176
unsigned long key_reference;
177
int key_reference_valid;
179
/* Set to true if a length and offset is available. */
181
/* The offset and length of the object. They are only valid if
182
HAVE_OFF is true and set to 0 if HAVE_OFF is false. */
183
unsigned long off, len;
185
/* The length of the path as given in the PrKDF and the path itself.
186
path[0] is the top DF (usually 0x3f00). */
188
unsigned short path[1];
190
typedef struct prkdf_object_s *prkdf_object_t;
193
/* This is an object to store information about a Authentication
194
Object Directory File (AODF) in a format suitable for further
195
processing by us. To keep memory management, simple we use a linked
196
list of items; i.e. one such object represents one authentication
197
object and the list the entire AOKDF. */
200
/* Link to next item when used in a linked list. */
201
struct aodf_object_s *next;
203
/* Length and allocated buffer with the Id of this object. */
205
unsigned char *objid;
207
/* Length and allocated buffer with the authId of this object or
208
NULL if no authID is known. */
210
unsigned char *authid;
215
unsigned int case_sensitive: 1;
216
unsigned int local: 1;
217
unsigned int change_disabled: 1;
218
unsigned int unblock_disabled: 1;
219
unsigned int initialized: 1;
220
unsigned int needs_padding: 1;
221
unsigned int unblocking_pin: 1;
222
unsigned int so_pin: 1;
223
unsigned int disable_allowed: 1;
224
unsigned int integrity_protected: 1;
225
unsigned int confidentiality_protected: 1;
226
unsigned int exchange_ref_data: 1;
232
/* The minimum length of a PIN. */
233
unsigned long min_length;
235
/* The stored length of a PIN. */
236
unsigned long stored_length;
238
/* The maximum length of a PIN and a flag telling whether it is valid. */
239
unsigned long max_length;
240
int max_length_valid;
242
/* The pinReference and a flag telling whether it is valid. */
243
unsigned long pin_reference;
244
int pin_reference_valid;
246
/* The padChar and a flag telling whether it is valid. */
251
/* Set to true if a length and offset is available. */
253
/* The offset and length of the object. They are only valid if
254
HAVE_OFF is true and set to 0 if HAVE_OFF is false. */
255
unsigned long off, len;
257
/* The length of the path as given in the Aodf and the path itself.
258
path[0] is the top DF (usually 0x3f00). PATH is optional and thus
259
may be NULL. Malloced.*/
261
unsigned short *path;
263
typedef struct aodf_object_s *aodf_object_t;
36
266
/* Context local to this application. */
37
267
struct app_local_s
39
unsigned short home_df; /* The home DF. Note, that we don't yet
40
support a multilevel hierachy. Thus we
41
assume this is directly below the MF. */
269
/* The home DF. Note, that we don't yet support a multilevel
270
hierachy. Thus we assume this is directly below the MF. */
271
unsigned short home_df;
273
/* The type of the card. */
274
card_type_t card_type;
276
/* Flag indicating whether we may use direct path selection. */
277
int direct_path_selection;
279
/* Structure with the EFIDs of the objects described in the ODF
44
283
unsigned short private_keys;
195
774
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
196
775
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
200
read_ef_prkdf (app_t app)
206
/* Read and parse the Public Key Directory Files. */
208
read_ef_pukdf (app_t app)
215
/* Read and parse the Certificate Directory Files. */
220
30 2A 30 15 0C 0C 43 5F 58 35 30 39 2E 43 48 2E 0*0...C_X509.CH.
221
44 53 03 02 06 40 04 01 0A 30 03 04 01 01 A1 0C DS...@...0......
222
30 0A 30 08 04 06 3F 00 40 16 C0 00 30 2A 30 15 0.0...?.@...0*0.
223
0C 0C 43 5F 58 35 30 39 2E 43 48 2E 4B 45 03 02 ..C_X509.CH.KE..
224
06 40 04 01 0A 30 03 04 01 0C A1 0C 30 0A 30 08 .@...0......0.0.
225
04 06 3F 00 40 16 C2 00 30 2B 30 16 0C 0D 43 5F ..?.@...0+0...C_
226
58 35 30 39 2E 43 48 2E 41 55 54 03 02 06 40 04 X509.CH.AUT...@.
227
01 0A 30 03 04 01 0D A1 0C 30 0A 30 08 04 06 3F ..0......0.0...?
228
00 40 16 C5 00 30 2E 30 19 0C 10 43 5F 58 35 30 .@...0.0...C_X50
229
39 2E 43 48 2E 44 53 2D 53 50 58 03 02 06 40 04 9.CH.DS-SPX...@.
230
01 0A 30 03 04 01 02 A1 0C 30 0A 30 08 04 06 3F ..0......0.0...?
231
00 40 16 C1 20 00 00 00 00 00 00 00 00 00 00 00 .@.. ...........
232
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
233
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
234
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
235
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
238
2 21: SEQUENCE { -- commonObjectAttributes
239
4 12: UTF8String 'C_X509.CH.DS'
240
18 2: BIT STRING 6 unused bits
242
22 1: OCTET STRING 0A
244
25 3: SEQUENCE { -- commonCertificateAttributes
245
27 1: OCTET STRING 01
247
30 12: [1] { -- certAttributes
250
36 6: OCTET STRING 3F 00 40 16 C0 00
258
6036 (trustedcertificates)
260
30 35 30 06 03 02 00 00 04 00 30 16 04 14 2D 36 050.......0...-6
261
33 39 33 33 39 34 30 33 39 37 37 36 34 30 31 32 3933940397764012
262
31 36 A1 13 30 11 30 0F 04 06 3F 00 40 16 C7 08 16..0.0...?.@...
263
02 01 00 80 02 02 29 30 35 30 06 03 02 00 00 04 ......)050......
264
00 30 16 04 14 2D 34 30 31 39 30 35 32 37 32 36 .0...-4019052726
265
38 30 31 36 39 33 34 39 32 A1 13 30 11 30 0F 04 801693492..0.0..
266
06 3F 00 40 16 C7 0E 02 01 00 80 02 04 12 30 34 .?.@..........04
267
30 06 03 02 00 00 04 00 30 15 04 13 37 39 36 33 0.......0...7963
268
32 38 33 36 35 30 37 36 36 34 38 32 39 36 30 A1 283650766482960.
269
13 30 11 30 0F 04 06 3F 00 40 16 C0 08 02 01 00 .0.0...?.@......
270
80 02 04 11 00 00 00 00 00 00 00 00 00 00 00 00 ................
271
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
277
: Error: Spurious zero bits in bitstring.
279
: Error: Object has zero length.
282
12 20: OCTET STRING '-6393394039776401216'
287
40 6: OCTET STRING 3F 00 40 16 C7 08
288
48 1: INTEGER 0 -- index
289
51 2: [0] 02 29 -- length
298
read_ef_cdf (app_t app)
301
unsigned char *buffer = NULL;
303
unsigned short value;
305
const unsigned char *p;
306
size_t n, objlen, hdrlen;
307
int class, tag, constructed, ndef;
309
fid = app->app_local->odf.certificates;
311
return 0; /* No certificates. */
778
2 30 17: SEQUENCE { -- commonObjectAttributes
779
4 0C 8: UTF8String 'SK.CH.DS'
780
14 03 2: BIT STRING 6 unused bits
782
18 04 1: OCTET STRING --authid
785
21 30 12: SEQUENCE { -- commonKeyAttributes
786
23 04 1: OCTET STRING
788
26 03 3: BIT STRING 6 unused bits
789
: '1000000000'B (bit 9)
790
31 02 2: INTEGER 80 -- keyReference (optional)
792
35 A1 16: [1] { -- keyAttributes
793
37 30 14: SEQUENCE { -- privateRSAKeyAttributes
794
39 30 8: SEQUENCE { -- objectValue
795
41 04 6: OCTET STRING --path
798
49 02 2: INTEGER 1024 -- modulus
806
read_ef_prkdf (app_t app, unsigned short fid, prkdf_object_t *result)
809
unsigned char *buffer = NULL;
811
const unsigned char *p;
812
size_t n, objlen, hdrlen;
813
int class, tag, constructed, ndef;
814
prkdf_object_t prkdflist = NULL;
818
return gpg_error (GPG_ERR_NO_DATA); /* No private keys. */
820
err = select_and_read_binary (app->slot, fid, "PrKDF", &buffer, &buflen);
827
/* FIXME: This shares a LOT of code with read_ef_cdf! */
829
/* Loop over the records. We stop as soon as we detect a new record
830
starting with 0x00 or 0xff as these values are commonly used to
831
pad data blocks and are no valid ASN.1 encoding. */
832
while (n && *p && *p != 0xff)
834
const unsigned char *pp;
837
const char *errstr = NULL;
838
prkdf_object_t prkdf = NULL;
840
const unsigned char *objid;
842
const unsigned char *authid = NULL;
843
size_t authidlen = 0;
844
keyusage_flags_t usageflags;
845
unsigned long key_reference = 0;
846
int key_reference_valid = 0;
849
err = parse_ber_header (&p, &n, &class, &tag, &constructed,
850
&ndef, &objlen, &hdrlen);
851
if (!err && (objlen > n || tag != TAG_SEQUENCE))
852
err = gpg_error (GPG_ERR_INV_OBJ);
855
log_error ("error parsing PrKDF record: %s\n", gpg_strerror (err));
863
/* Parse the commonObjectAttributes. */
865
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
866
&ndef, &objlen, &hdrlen);
867
if (!err && (objlen > nn || tag != TAG_SEQUENCE))
868
err = gpg_error (GPG_ERR_INV_OBJ);
872
const unsigned char *ppp = pp;
878
/* Search the optional AuthId. We need to skip the optional
879
Label (UTF8STRING) and the optional CommonObjectFlags
882
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
883
&ndef, &objlen, &hdrlen);
884
if (!err && (objlen > nnn || class != CLASS_UNIVERSAL))
885
err = gpg_error (GPG_ERR_INV_OBJ);
886
if (gpg_err_code (err) == GPG_ERR_EOF)
890
if (tag == TAG_UTF8_STRING)
892
ppp += objlen; /* Skip the Label. */
896
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
897
&ndef, &objlen, &hdrlen);
898
if (!err && (objlen > nnn || class != CLASS_UNIVERSAL))
899
err = gpg_error (GPG_ERR_INV_OBJ);
900
if (gpg_err_code (err) == GPG_ERR_EOF)
905
if (tag == TAG_BIT_STRING)
907
ppp += objlen; /* Skip the CommonObjectFlags. */
911
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
912
&ndef, &objlen, &hdrlen);
913
if (!err && (objlen > nnn || class != CLASS_UNIVERSAL))
914
err = gpg_error (GPG_ERR_INV_OBJ);
915
if (gpg_err_code (err) == GPG_ERR_EOF)
920
if (tag == TAG_OCTET_STRING && objlen)
929
/* Parse the commonKeyAttributes. */
931
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
932
&ndef, &objlen, &hdrlen);
933
if (!err && (objlen > nn || tag != TAG_SEQUENCE))
934
err = gpg_error (GPG_ERR_INV_OBJ);
938
const unsigned char *ppp = pp;
946
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
947
&ndef, &objlen, &hdrlen);
948
if (!err && (objlen > nnn
949
|| class != CLASS_UNIVERSAL || tag != TAG_OCTET_STRING))
950
err = gpg_error (GPG_ERR_INV_OBJ);
958
/* Get the KeyUsageFlags. */
960
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
961
&ndef, &objlen, &hdrlen);
962
if (!err && (objlen > nnn
963
|| class != CLASS_UNIVERSAL || tag != TAG_BIT_STRING))
964
err = gpg_error (GPG_ERR_INV_OBJ);
967
err = parse_keyusage_flags (ppp, objlen, &usageflags);
973
/* Find the keyReference */
975
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
976
&ndef, &objlen, &hdrlen);
977
if (gpg_err_code (err) == GPG_ERR_EOF)
979
if (!err && objlen > nnn)
980
err = gpg_error (GPG_ERR_INV_OBJ);
983
if (class == CLASS_UNIVERSAL && tag == TAG_BOOLEAN)
985
/* Skip the native element. */
989
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
990
&ndef, &objlen, &hdrlen);
991
if (gpg_err_code (err) == GPG_ERR_EOF)
993
if (!err && objlen > nnn)
994
err = gpg_error (GPG_ERR_INV_OBJ);
998
if (class == CLASS_UNIVERSAL && tag == TAG_BIT_STRING)
1000
/* Skip the accessFlags. */
1004
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
1005
&ndef, &objlen, &hdrlen);
1006
if (gpg_err_code (err) == GPG_ERR_EOF)
1008
if (!err && objlen > nnn)
1009
err = gpg_error (GPG_ERR_INV_OBJ);
1013
if (class == CLASS_UNIVERSAL && tag == TAG_INTEGER)
1015
/* Yep, this is the keyReference. */
1016
for (ul=0; objlen; objlen--)
1019
ul |= (*ppp++) & 0xff;
1023
key_reference_valid = 1;
1031
/* Skip subClassAttributes. */
1033
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1034
&ndef, &objlen, &hdrlen);
1035
if (!err && objlen > nn)
1036
err = gpg_error (GPG_ERR_INV_OBJ);
1039
if (class == CLASS_CONTEXT && tag == 0)
1045
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1046
&ndef, &objlen, &hdrlen);
1048
/* Parse the keyAttributes. */
1049
if (!err && (objlen > nn || class != CLASS_CONTEXT || tag != 1))
1050
err = gpg_error (GPG_ERR_INV_OBJ);
1056
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1057
&ndef, &objlen, &hdrlen);
1058
if (!err && objlen > nn)
1059
err = gpg_error (GPG_ERR_INV_OBJ);
1062
if (class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE)
1064
else if (class == CLASS_CONTEXT)
1068
case 0: errstr = "EC key objects are not supported"; break;
1069
case 1: errstr = "DH key objects are not supported"; break;
1070
case 2: errstr = "DSA key objects are not supported"; break;
1071
case 3: errstr = "KEA key objects are not supported"; break;
1072
default: errstr = "unknown privateKeyObject"; break;
1078
err = gpg_error (GPG_ERR_INV_OBJ);
1084
/* Check that the reference is a Path object. */
1086
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1087
&ndef, &objlen, &hdrlen);
1088
if (!err && objlen > nn)
1089
err = gpg_error (GPG_ERR_INV_OBJ);
1092
if (class != CLASS_UNIVERSAL || tag != TAG_SEQUENCE)
1094
errstr = "unsupported reference type";
1099
/* Parse the Path object. */
1101
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1102
&ndef, &objlen, &hdrlen);
1103
if (!err && objlen > nn)
1104
err = gpg_error (GPG_ERR_INV_OBJ);
1108
/* Make sure that the next element is a non zero path and of
1109
even length (FID are two bytes each). */
1110
if (class != CLASS_UNIVERSAL || tag != TAG_OCTET_STRING
1111
|| !objlen || (objlen & 1) )
1113
errstr = "invalid path reference";
1116
/* Create a new PrKDF list item. */
1117
prkdf = xtrycalloc (1, (sizeof *prkdf
1118
- sizeof(unsigned short)
1119
+ objlen/2 * sizeof(unsigned short)));
1122
err = gpg_error_from_errno (errno);
1125
prkdf->objidlen = objidlen;
1126
prkdf->objid = xtrymalloc (objidlen);
1129
err = gpg_error_from_errno (errno);
1133
memcpy (prkdf->objid, objid, objidlen);
1136
prkdf->authidlen = authidlen;
1137
prkdf->authid = xtrymalloc (authidlen);
1140
err = gpg_error_from_errno (errno);
1141
xfree (prkdf->objid);
1145
memcpy (prkdf->authid, authid, authidlen);
1148
prkdf->pathlen = objlen/2;
1149
for (i=0; i < prkdf->pathlen; i++, pp += 2, nn -= 2)
1150
prkdf->path[i] = ((pp[0] << 8) | pp[1]);
1152
prkdf->usageflags = usageflags;
1153
prkdf->key_reference = key_reference;
1154
prkdf->key_reference_valid = key_reference_valid;
1158
/* An index and length follows. */
1159
prkdf->have_off = 1;
1161
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1162
&ndef, &objlen, &hdrlen);
1163
if (!err && (objlen > nn
1164
|| class != CLASS_UNIVERSAL || tag != TAG_INTEGER))
1165
err = gpg_error (GPG_ERR_INV_OBJ);
1169
for (ul=0; objlen; objlen--)
1172
ul |= (*pp++) & 0xff;
1178
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1179
&ndef, &objlen, &hdrlen);
1180
if (!err && (objlen > nn
1181
|| class != CLASS_CONTEXT || tag != 0))
1182
err = gpg_error (GPG_ERR_INV_OBJ);
1186
for (ul=0; objlen; objlen--)
1189
ul |= (*pp++) & 0xff;
1196
log_debug ("PrKDF %04hX: id=", fid);
1197
for (i=0; i < prkdf->objidlen; i++)
1198
log_printf ("%02X", prkdf->objid[i]);
1199
log_printf (" path=");
1200
for (i=0; i < prkdf->pathlen; i++)
1201
log_printf ("%04hX", prkdf->path[i]);
1202
if (prkdf->have_off)
1203
log_printf ("[%lu/%lu]", prkdf->off, prkdf->len);
1206
log_printf (" authid=");
1207
for (i=0; i < prkdf->authidlen; i++)
1208
log_printf ("%02X", prkdf->authid[i]);
1210
if (prkdf->key_reference_valid)
1211
log_printf (" keyref=0x%02lX", prkdf->key_reference);
1212
log_printf (" usage=");
1214
if (prkdf->usageflags.encrypt) log_printf ("%sencrypt", s), s = ",";
1215
if (prkdf->usageflags.decrypt) log_printf ("%sdecrypt", s), s = ",";
1216
if (prkdf->usageflags.sign ) log_printf ("%ssign", s), s = ",";
1217
if (prkdf->usageflags.sign_recover)
1218
log_printf ("%ssign_recover", s), s = ",";
1219
if (prkdf->usageflags.wrap ) log_printf ("%swrap", s), s = ",";
1220
if (prkdf->usageflags.unwrap ) log_printf ("%sunwrap", s), s = ",";
1221
if (prkdf->usageflags.verify ) log_printf ("%sverify", s), s = ",";
1222
if (prkdf->usageflags.verify_recover)
1223
log_printf ("%sverify_recover", s), s = ",";
1224
if (prkdf->usageflags.derive ) log_printf ("%sderive", s), s = ",";
1225
if (prkdf->usageflags.non_repudiation)
1226
log_printf ("%snon_repudiation", s), s = ",";
1229
/* Put it into the list. */
1230
prkdf->next = prkdflist;
1233
continue; /* Ready. */
1236
log_error ("error parsing PrKDF record (%d): %s - skipped\n",
1237
where, errstr? errstr : gpg_strerror (err));
1240
xfree (prkdf->objid);
1241
xfree (prkdf->authid);
1245
} /* End looping over all records. */
1250
release_prkdflist (prkdflist);
1252
*result = prkdflist;
1257
/* Read and parse the Certificate Directory Files identified by FID.
1258
On success a newlist of CDF object gets stored at RESULT and the
1259
caller is then responsible of releasing this list. On error a
1260
error code is returned and RESULT won't get changed. */
1262
read_ef_cdf (app_t app, unsigned short fid, cdf_object_t *result)
1265
unsigned char *buffer = NULL;
1267
const unsigned char *p;
1268
size_t n, objlen, hdrlen;
1269
int class, tag, constructed, ndef;
1270
cdf_object_t cdflist = NULL;
1274
return gpg_error (GPG_ERR_NO_DATA); /* No certificates. */
313
1276
err = select_and_read_binary (app->slot, fid, "CDF", &buffer, &buflen);
342
1311
/* Skip the commonObjectAttributes. */
343
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
344
&ndef, &objlen, &hdrlen);
345
if (!err && (objlen > nn || tag != TAG_SEQUENCE))
346
err = gpg_error (GPG_ERR_INV_OBJ);
349
log_error ("error parsing CDF record: %s - skipped\n",
356
/* Skip the commonCertificateAttributes. */
357
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
358
&ndef, &objlen, &hdrlen);
359
if (!err && (objlen > nn || tag != TAG_SEQUENCE))
360
err = gpg_error (GPG_ERR_INV_OBJ);
363
log_error ("error parsing CDF record: %s - skipped\n",
370
/* FIXME: Check that this is a reference to a certificate. */
1313
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1314
&ndef, &objlen, &hdrlen);
1315
if (!err && (objlen > nn || tag != TAG_SEQUENCE))
1316
err = gpg_error (GPG_ERR_INV_OBJ);
1322
/* Parse the commonCertificateAttributes. */
1324
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1325
&ndef, &objlen, &hdrlen);
1326
if (!err && (objlen > nn || tag != TAG_SEQUENCE))
1327
err = gpg_error (GPG_ERR_INV_OBJ);
1331
const unsigned char *ppp = pp;
1332
size_t nnn = objlen;
1339
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
1340
&ndef, &objlen, &hdrlen);
1341
if (!err && (objlen > nnn
1342
|| class != CLASS_UNIVERSAL || tag != TAG_OCTET_STRING))
1343
err = gpg_error (GPG_ERR_INV_OBJ);
1350
/* Parse the certAttribute. */
1352
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1353
&ndef, &objlen, &hdrlen);
1354
if (!err && (objlen > nn || class != CLASS_CONTEXT || tag != 1))
1355
err = gpg_error (GPG_ERR_INV_OBJ);
1361
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1362
&ndef, &objlen, &hdrlen);
1363
if (!err && (objlen > nn
1364
|| class != CLASS_UNIVERSAL || tag != TAG_SEQUENCE))
1365
err = gpg_error (GPG_ERR_INV_OBJ);
1370
/* Check that the reference is a Path object. */
1372
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1373
&ndef, &objlen, &hdrlen);
1374
if (!err && objlen > nn)
1375
err = gpg_error (GPG_ERR_INV_OBJ);
1378
if (class != CLASS_UNIVERSAL || tag != TAG_SEQUENCE)
1380
errstr = "unsupported reference type";
1385
/* Parse the Path object. */
1387
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1388
&ndef, &objlen, &hdrlen);
1389
if (!err && objlen > nn)
1390
err = gpg_error (GPG_ERR_INV_OBJ);
1394
/* Make sure that the next element is a non zero path and of
1395
even length (FID are two bytes each). */
1396
if (class != CLASS_UNIVERSAL || tag != TAG_OCTET_STRING
1397
|| !objlen || (objlen & 1) )
1399
errstr = "invalid path reference";
1402
/* Create a new CDF list item. */
1403
cdf = xtrycalloc (1, (sizeof *cdf
1404
- sizeof(unsigned short)
1405
+ objlen/2 * sizeof(unsigned short)));
1408
err = gpg_error_from_errno (errno);
1411
cdf->objidlen = objidlen;
1412
cdf->objid = xtrymalloc (objidlen);
1415
err = gpg_error_from_errno (errno);
1419
memcpy (cdf->objid, objid, objidlen);
1421
cdf->pathlen = objlen/2;
1422
for (i=0; i < cdf->pathlen; i++, pp += 2, nn -= 2)
1423
cdf->path[i] = ((pp[0] << 8) | pp[1]);
1427
/* An index and length follows. */
1430
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1431
&ndef, &objlen, &hdrlen);
1432
if (!err && (objlen > nn
1433
|| class != CLASS_UNIVERSAL || tag != TAG_INTEGER))
1434
err = gpg_error (GPG_ERR_INV_OBJ);
1438
for (ul=0; objlen; objlen--)
1441
ul |= (*pp++) & 0xff;
1447
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1448
&ndef, &objlen, &hdrlen);
1449
if (!err && (objlen > nn
1450
|| class != CLASS_CONTEXT || tag != 0))
1451
err = gpg_error (GPG_ERR_INV_OBJ);
1455
for (ul=0; objlen; objlen--)
1458
ul |= (*pp++) & 0xff;
1464
log_debug ("CDF %04hX: id=", fid);
1465
for (i=0; i < cdf->objidlen; i++)
1466
log_printf ("%02X", cdf->objid[i]);
1467
log_printf (" path=");
1468
for (i=0; i < cdf->pathlen; i++)
1469
log_printf ("%04hX", cdf->path[i]);
1471
log_printf ("[%lu/%lu]", cdf->off, cdf->len);
1474
/* Put it into the list. */
1475
cdf->next = cdflist;
1478
continue; /* Ready. */
1481
log_error ("error parsing CDF record (%d): %s - skipped\n",
1482
where, errstr? errstr : gpg_strerror (err));
1485
} /* End looping over all records. */
1490
release_cdflist (cdflist);
381
/* Read and parse Authentication Object Directory Files. */
383
read_ef_aodf (app_t app)
1499
SEQUENCE { -- CommonObjectAttributes
1500
UTF8String 'specific PIN for DS'
1501
BIT STRING 0 unused bits
1504
SEQUENCE { -- CommonAuthenticationObjectAttributes
1509
[1] { -- typeAttributes
1510
SEQUENCE { -- PinAttributes
1511
BIT STRING 0 unused bits
1512
'0000100000110010'B -- local,initialized,needs-padding
1514
ENUMERATED 1 -- ascii-numeric
1515
INTEGER 6 -- minLength
1516
INTEGER 6 -- storedLength
1517
INTEGER 8 -- maxLength
1520
GeneralizedTime 19/04/2002 12:12 GMT -- lastPinChange
1523
3F 00 40 16 -- path to DF of PIN
1530
/* Read and parse an Authentication Object Directory File identified
1531
by FID. On success a newlist of AODF objects gets stored at RESULT
1532
and the caller is responsible of releasing this list. On error a
1533
error code is returned and RESULT won't get changed. */
1535
read_ef_aodf (app_t app, unsigned short fid, aodf_object_t *result)
1538
unsigned char *buffer = NULL;
1540
const unsigned char *p;
1541
size_t n, objlen, hdrlen;
1542
int class, tag, constructed, ndef;
1543
aodf_object_t aodflist = NULL;
1547
return gpg_error (GPG_ERR_NO_DATA); /* No authentication objects. */
1549
err = select_and_read_binary (app->slot, fid, "AODF", &buffer, &buflen);
1556
/* FIXME: This shares a LOT of code with read_ef_prkdf! */
1558
/* Loop over the records. We stop as soon as we detect a new record
1559
starting with 0x00 or 0xff as these values are commonly used to
1560
pad data blocks and are no valid ASN.1 encoding. */
1561
while (n && *p && *p != 0xff)
1563
const unsigned char *pp;
1566
const char *errstr = NULL;
1567
aodf_object_t aodf = NULL;
1571
err = parse_ber_header (&p, &n, &class, &tag, &constructed,
1572
&ndef, &objlen, &hdrlen);
1573
if (!err && (objlen > n || tag != TAG_SEQUENCE))
1574
err = gpg_error (GPG_ERR_INV_OBJ);
1577
log_error ("error parsing AODF record: %s\n", gpg_strerror (err));
1585
/* Allocate memory for a new AODF list item. */
1586
aodf = xtrycalloc (1, sizeof *aodf);
1590
/* Parse the commonObjectAttributes. */
1592
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1593
&ndef, &objlen, &hdrlen);
1594
if (!err && (objlen > nn || tag != TAG_SEQUENCE))
1595
err = gpg_error (GPG_ERR_INV_OBJ);
1599
const unsigned char *ppp = pp;
1600
size_t nnn = objlen;
1605
/* Search the optional AuthId. We need to skip the optional
1606
Label (UTF8STRING) and the optional CommonObjectFlags
1609
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
1610
&ndef, &objlen, &hdrlen);
1611
if (!err && (objlen > nnn || class != CLASS_UNIVERSAL))
1612
err = gpg_error (GPG_ERR_INV_OBJ);
1613
if (gpg_err_code (err) == GPG_ERR_EOF)
1617
if (tag == TAG_UTF8_STRING)
1619
ppp += objlen; /* Skip the Label. */
1623
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
1624
&ndef, &objlen, &hdrlen);
1625
if (!err && (objlen > nnn || class != CLASS_UNIVERSAL))
1626
err = gpg_error (GPG_ERR_INV_OBJ);
1627
if (gpg_err_code (err) == GPG_ERR_EOF)
1632
if (tag == TAG_BIT_STRING)
1634
ppp += objlen; /* Skip the CommonObjectFlags. */
1638
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
1639
&ndef, &objlen, &hdrlen);
1640
if (!err && (objlen > nnn || class != CLASS_UNIVERSAL))
1641
err = gpg_error (GPG_ERR_INV_OBJ);
1642
if (gpg_err_code (err) == GPG_ERR_EOF)
1647
if (tag == TAG_OCTET_STRING && objlen)
1649
aodf->authidlen = objlen;
1650
aodf->authid = xtrymalloc (objlen);
1653
memcpy (aodf->authid, ppp, objlen);
1659
/* Parse the CommonAuthenticationObjectAttributes. */
1661
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1662
&ndef, &objlen, &hdrlen);
1663
if (!err && (objlen > nn || tag != TAG_SEQUENCE))
1664
err = gpg_error (GPG_ERR_INV_OBJ);
1668
const unsigned char *ppp = pp;
1669
size_t nnn = objlen;
1676
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
1677
&ndef, &objlen, &hdrlen);
1678
if (!err && (objlen > nnn
1679
|| class != CLASS_UNIVERSAL || tag != TAG_OCTET_STRING))
1680
err = gpg_error (GPG_ERR_INV_OBJ);
1684
aodf->objidlen = objlen;
1685
aodf->objid = xtrymalloc (objlen);
1688
memcpy (aodf->objid, ppp, objlen);
1691
/* Parse the typeAttributes. */
1693
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1694
&ndef, &objlen, &hdrlen);
1695
if (!err && (objlen > nn || class != CLASS_CONTEXT || tag != 1))
1696
err = gpg_error (GPG_ERR_INV_OBJ);
1702
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1703
&ndef, &objlen, &hdrlen);
1704
if (!err && objlen > nn)
1705
err = gpg_error (GPG_ERR_INV_OBJ);
1708
if (class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE)
1709
; /* PinAttributes */
1710
else if (class == CLASS_CONTEXT)
1714
case 0: errstr = "biometric auth types are not supported"; break;
1715
case 1: errstr = "authKey auth types are not supported"; break;
1716
case 2: errstr = "external auth type are not supported"; break;
1717
default: errstr = "unknown privateKeyObject"; break;
1723
err = gpg_error (GPG_ERR_INV_OBJ);
1731
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1732
&ndef, &objlen, &hdrlen);
1733
if (!err && (objlen > nn || !objlen
1734
|| class != CLASS_UNIVERSAL || tag != TAG_BIT_STRING))
1735
err = gpg_error (GPG_ERR_INV_OBJ);
1740
unsigned int bits, mask;
1743
unused = *pp++; nn--; objlen--;
1744
if ((!objlen && unused) || unused/8 > objlen)
1746
err = gpg_error (GPG_ERR_ENCODING_PROBLEM);
1749
full = objlen - (unused+7)/8;
1752
for (i=1; unused; i <<= 1, unused--)
1755
/* The first octet */
1759
bits = *pp++; nn--; objlen--;
1768
if ((bits & 0x80)) /* ASN.1 bit 0. */
1769
aodf->pinflags.case_sensitive = 1;
1770
if ((bits & 0x40)) /* ASN.1 bit 1. */
1771
aodf->pinflags.local = 1;
1773
aodf->pinflags.change_disabled = 1;
1775
aodf->pinflags.unblock_disabled = 1;
1777
aodf->pinflags.initialized = 1;
1779
aodf->pinflags.needs_padding = 1;
1781
aodf->pinflags.unblocking_pin = 1;
1783
aodf->pinflags.so_pin = 1;
1784
/* The second octet. */
1788
bits = *pp++; nn--; objlen--;
1798
aodf->pinflags.disable_allowed = 1;
1800
aodf->pinflags.integrity_protected = 1;
1802
aodf->pinflags.confidentiality_protected = 1;
1804
aodf->pinflags.exchange_ref_data = 1;
1805
/* Skip remaining bits. */
1813
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1814
&ndef, &objlen, &hdrlen);
1815
if (!err && (objlen > nn
1816
|| class != CLASS_UNIVERSAL || tag != TAG_ENUMERATED))
1817
err = gpg_error (GPG_ERR_INV_OBJ);
1818
if (!err && (objlen > sizeof (pin_type_t) || objlen > sizeof (ul)))
1819
err = gpg_error (GPG_ERR_UNSUPPORTED_ENCODING);
1823
for (ul=0; objlen; objlen--)
1826
ul |= (*pp++) & 0xff;
1834
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1835
&ndef, &objlen, &hdrlen);
1836
if (!err && (objlen > nn
1837
|| class != CLASS_UNIVERSAL || tag != TAG_INTEGER))
1838
err = gpg_error (GPG_ERR_INV_OBJ);
1839
if (!err && objlen > sizeof (ul))
1840
err = gpg_error (GPG_ERR_UNSUPPORTED_ENCODING);
1843
for (ul=0; objlen; objlen--)
1846
ul |= (*pp++) & 0xff;
1849
aodf->min_length = ul;
1854
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1855
&ndef, &objlen, &hdrlen);
1856
if (!err && (objlen > nn
1857
|| class != CLASS_UNIVERSAL || tag != TAG_INTEGER))
1858
err = gpg_error (GPG_ERR_INV_OBJ);
1859
if (!err && objlen > sizeof (ul))
1860
err = gpg_error (GPG_ERR_UNSUPPORTED_ENCODING);
1863
for (ul=0; objlen; objlen--)
1866
ul |= (*pp++) & 0xff;
1869
aodf->stored_length = ul;
1871
/* optional maxLength */
1873
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1874
&ndef, &objlen, &hdrlen);
1875
if (gpg_err_code (err) == GPG_ERR_EOF)
1877
if (!err && objlen > nn)
1878
err = gpg_error (GPG_ERR_INV_OBJ);
1881
if (class == CLASS_UNIVERSAL && tag == TAG_INTEGER)
1883
if (objlen > sizeof (ul))
1885
err = gpg_error (GPG_ERR_UNSUPPORTED_ENCODING);
1888
for (ul=0; objlen; objlen--)
1891
ul |= (*pp++) & 0xff;
1894
aodf->max_length = ul;
1895
aodf->max_length_valid = 1;
1898
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1899
&ndef, &objlen, &hdrlen);
1900
if (gpg_err_code (err) == GPG_ERR_EOF)
1902
if (!err && objlen > nn)
1903
err = gpg_error (GPG_ERR_INV_OBJ);
1908
/* Optional pinReference. */
1909
if (class == CLASS_CONTEXT && tag == 0)
1911
if (objlen > sizeof (ul))
1913
err = gpg_error (GPG_ERR_UNSUPPORTED_ENCODING);
1916
for (ul=0; objlen; objlen--)
1919
ul |= (*pp++) & 0xff;
1922
aodf->pin_reference = ul;
1923
aodf->pin_reference_valid = 1;
1926
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1927
&ndef, &objlen, &hdrlen);
1928
if (gpg_err_code (err) == GPG_ERR_EOF)
1930
if (!err && objlen > nn)
1931
err = gpg_error (GPG_ERR_INV_OBJ);
1936
/* Optional padChar. */
1937
if (class == CLASS_UNIVERSAL && tag == TAG_OCTET_STRING)
1941
errstr = "padChar is not of size(1)";
1944
aodf->pad_char = *pp++; nn--;
1945
aodf->pad_char_valid = 1;
1948
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1949
&ndef, &objlen, &hdrlen);
1950
if (gpg_err_code (err) == GPG_ERR_EOF)
1952
if (!err && objlen > nn)
1953
err = gpg_error (GPG_ERR_INV_OBJ);
1958
/* Skip optional lastPinChange. */
1959
if (class == CLASS_UNIVERSAL && tag == TAG_GENERALIZED_TIME)
1965
err = parse_ber_header (&pp, &nn, &class, &tag, &constructed,
1966
&ndef, &objlen, &hdrlen);
1967
if (gpg_err_code (err) == GPG_ERR_EOF)
1969
if (!err && objlen > nn)
1970
err = gpg_error (GPG_ERR_INV_OBJ);
1975
/* Optional Path object. */
1976
if (class == CLASS_UNIVERSAL || tag == TAG_SEQUENCE)
1978
const unsigned char *ppp = pp;
1979
size_t nnn = objlen;
1985
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
1986
&ndef, &objlen, &hdrlen);
1987
if (!err && objlen > nnn)
1988
err = gpg_error (GPG_ERR_INV_OBJ);
1992
/* Make sure that the next element is a non zero FID and of
1993
even length (FID are two bytes each). */
1994
if (class != CLASS_UNIVERSAL || tag != TAG_OCTET_STRING
1995
|| !objlen || (objlen & 1) )
1997
errstr = "invalid path reference";
2001
aodf->pathlen = objlen/2;
2002
aodf->path = xtrymalloc (aodf->pathlen);
2005
for (i=0; i < aodf->pathlen; i++, ppp += 2, nnn -= 2)
2006
aodf->path[i] = ((ppp[0] << 8) | ppp[1]);
2010
/* An index and length follows. */
2013
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
2014
&ndef, &objlen, &hdrlen);
2015
if (!err && (objlen > nnn
2016
|| class != CLASS_UNIVERSAL || tag != TAG_INTEGER))
2017
err = gpg_error (GPG_ERR_INV_OBJ);
2021
for (ul=0; objlen; objlen--)
2024
ul |= (*ppp++) & 0xff;
2030
err = parse_ber_header (&ppp, &nnn, &class, &tag, &constructed,
2031
&ndef, &objlen, &hdrlen);
2032
if (!err && (objlen > nnn
2033
|| class != CLASS_CONTEXT || tag != 0))
2034
err = gpg_error (GPG_ERR_INV_OBJ);
2038
for (ul=0; objlen; objlen--)
2041
ul |= (*ppp++) & 0xff;
2048
/* Igonore further objects which might be there due to future
2049
extensions of pkcs#15. */
2052
log_debug ("AODF %04hX: id=", fid);
2053
for (i=0; i < aodf->objidlen; i++)
2054
log_printf ("%02X", aodf->objid[i]);
2057
log_printf (" authid=");
2058
for (i=0; i < aodf->authidlen; i++)
2059
log_printf ("%02X", aodf->authid[i]);
2061
log_printf (" flags=");
2063
if (aodf->pinflags.case_sensitive)
2064
log_printf ("%scase_sensitive", s), s = ",";
2065
if (aodf->pinflags.local)
2066
log_printf ("%slocal", s), s = ",";
2067
if (aodf->pinflags.change_disabled)
2068
log_printf ("%schange_disabled", s), s = ",";
2069
if (aodf->pinflags.unblock_disabled)
2070
log_printf ("%sunblock_disabled", s), s = ",";
2071
if (aodf->pinflags.initialized)
2072
log_printf ("%sinitialized", s), s = ",";
2073
if (aodf->pinflags.needs_padding)
2074
log_printf ("%sneeds_padding", s), s = ",";
2075
if (aodf->pinflags.unblocking_pin)
2076
log_printf ("%sunblocking_pin", s), s = ",";
2077
if (aodf->pinflags.so_pin)
2078
log_printf ("%sso_pin", s), s = ",";
2079
if (aodf->pinflags.disable_allowed)
2080
log_printf ("%sdisable_allowed", s), s = ",";
2081
if (aodf->pinflags.integrity_protected)
2082
log_printf ("%sintegrity_protected", s), s = ",";
2083
if (aodf->pinflags.confidentiality_protected)
2084
log_printf ("%sconfidentiality_protected", s), s = ",";
2085
if (aodf->pinflags.exchange_ref_data)
2086
log_printf ("%sexchange_ref_data", s), s = ",";
2089
switch (aodf->pintype)
2091
case PIN_TYPE_BCD: s = "bcd"; break;
2092
case PIN_TYPE_ASCII_NUMERIC: s = "ascii-numeric"; break;
2093
case PIN_TYPE_UTF8: s = "utf8"; break;
2094
case PIN_TYPE_HALF_NIBBLE_BCD: s = "half-nibble-bcd"; break;
2095
case PIN_TYPE_ISO9564_1: s = "iso9564-1"; break;
2097
sprintf (numbuf, "%lu", (unsigned long)aodf->pintype);
2100
log_printf (" type=%s", s);
2102
log_printf (" min=%lu", aodf->min_length);
2103
log_printf (" stored=%lu", aodf->stored_length);
2104
if (aodf->max_length_valid)
2105
log_printf (" max=%lu", aodf->max_length);
2106
if (aodf->pad_char_valid)
2107
log_printf (" pad=0x%02x", aodf->pad_char);
2108
if (aodf->pin_reference_valid)
2109
log_printf (" pinref=0x%02lX", aodf->pin_reference);
2112
log_printf (" path=");
2113
for (i=0; i < aodf->pathlen; i++)
2114
log_printf ("%04hX", aodf->path[i]);
2116
log_printf ("[%lu/%lu]", aodf->off, aodf->len);
2120
/* Put it into the list. */
2121
aodf->next = aodflist;
2124
continue; /* Ready. */
2127
err = gpg_error_from_errno (errno);
2128
release_aodf_object (aodf);
2132
log_error ("error parsing AODF record (%d): %s - skipped\n",
2133
where, errstr? errstr : gpg_strerror (err));
2135
release_aodf_object (aodf);
2136
} /* End looping over all records. */
2141
release_aodflist (aodflist);
389
/* 6037 (dataobjects)
391
30 1E 30 0B 0C 06 45 46 2E 47 44 4F 04 01 0A 30 0.0...EF.GDO...0
392
02 0C 00 A1 0B 30 09 04 04 3F 00 2F 02 80 01 0E .....0...?./....
393
30 30 30 18 0C 0F 64 69 73 70 6C 61 79 20 6D 65 000...display me
394
73 73 61 67 65 03 02 06 C0 04 01 0A 30 05 0C 03 ssage.......0...
395
42 53 53 A1 0D 30 0B 04 06 3F 00 40 16 D0 00 80 BSS..0...?.@....
396
01 20 30 2B 30 0C 0C 03 53 53 4F 03 02 06 C0 04 . 0+0...SSO.....
397
01 0A 30 0B 0C 09 53 61 66 65 47 75 61 72 64 A1 ..0...SafeGuard.
398
0E 30 0C 04 06 3F 00 0F FF 30 02 80 02 03 00 30 .0...?...0.....0
399
30 30 11 0C 08 53 47 41 53 64 61 74 61 03 02 06 00...SGASdata...
400
C0 04 01 0A 30 0B 0C 09 53 61 66 65 47 75 61 72 ....0...SafeGuar
401
64 A1 0E 30 0C 04 06 3F 00 0F FF 40 01 80 02 00 d..0...?...@....
402
80 30 30 30 11 0C 08 55 73 65 72 64 61 74 61 03 .000...Userdata.
403
02 06 40 04 01 0A 30 0B 0C 09 53 61 66 65 47 75 ..@...0...SafeGu
404
61 72 64 A1 0E 30 0C 04 06 3F 00 0F FF 30 01 80 ard..0...?...0..
405
02 01 00 30 2C 30 13 0C 0A 62 61 73 69 63 20 64 ...0,0...basic d
406
61 74 61 03 02 06 C0 04 01 0A 30 05 0C 03 49 44 ata.......0...ID
407
44 A1 0E 30 0C 04 06 3F 00 40 17 D0 01 80 02 02 D..0...?.@......
408
00 30 2F 30 16 0C 0D 65 78 74 65 6E 64 65 64 20 .0/0...extended
409
64 61 74 61 03 02 06 C0 04 01 0A 30 05 0C 03 49 data.......0...I
410
44 44 A1 0E 30 0C 04 06 3F 00 40 17 D0 02 80 02 DD..0...?.@.....
411
08 00 30 34 30 1B 0C 12 73 70 65 63 69 61 6C 20 ..040...special
412
70 72 69 76 69 6C 65 67 65 73 03 02 06 C0 04 01 privileges......
413
0A 30 05 0C 03 49 44 44 A1 0E 30 0C 04 06 3F 00 .0...IDD..0...?.
414
40 17 D0 03 80 02 04 00 @.......
418
4 6: UTF8String 'EF.GDO'
419
12 1: OCTET STRING 0A
423
: Error: Object has zero length.
427
23 4: OCTET STRING 3F 00 2F 02
437
30 2A 30 0B 0C 05 62 61 73 69 63 03 02 00 C0 30 0*0...basic....0
438
03 04 01 0A A1 16 30 14 03 03 00 0C 10 0A 01 01 ......0.........
439
02 01 06 02 01 06 02 01 08 80 01 01 30 51 30 19 ............0Q0.
440
0C 13 73 70 65 63 69 66 69 63 20 50 49 4E 20 66 ..specific PIN f
441
6F 72 20 44 53 03 02 00 C0 30 03 04 01 07 A1 2F or DS....0...../
442
30 2D 03 03 00 4C 10 0A 01 01 02 01 06 02 01 06 0-...L..........
443
02 01 08 80 01 02 18 0F 32 30 30 32 30 34 31 39 ........20020419
444
31 32 31 33 34 31 5A 30 06 04 04 3F 00 40 16 121341Z0...?.@.
448
4 5: UTF8String 'basic'
451
: Error: Spurious zero bits in bitstring.
454
17 1: OCTET STRING 0A
459
: '0000100000110000'B
460
: Error: Spurious zero bits in bitstring.
475
2151
/* Read and parse the EF(TokenInfo).
524
2200
static gpg_error_t
525
2201
read_ef_tokeninfo (app_t app)
527
unsigned short efid = 0x5032;
2204
unsigned char *buffer = NULL;
2206
const unsigned char *p;
2207
size_t n, objlen, hdrlen;
2208
int class, tag, constructed, ndef;
2211
err = select_and_read_binary (app->slot, 0x5032, "TokenInfo",
2219
err = parse_ber_header (&p, &n, &class, &tag, &constructed,
2220
&ndef, &objlen, &hdrlen);
2221
if (!err && (objlen > n || tag != TAG_SEQUENCE))
2222
err = gpg_error (GPG_ERR_INV_OBJ);
2225
log_error ("error parsing TokenInfo: %s\n", gpg_strerror (err));
2232
err = parse_ber_header (&p, &n, &class, &tag, &constructed,
2233
&ndef, &objlen, &hdrlen);
2234
if (!err && (objlen > n || tag != TAG_INTEGER))
2235
err = gpg_error (GPG_ERR_INV_OBJ);
2239
for (ul=0; objlen; objlen--)
2242
ul |= (*p++) & 0xff;
2247
log_error ("invalid version %lu in TokenInfo\n", ul);
2248
err = gpg_error (GPG_ERR_INV_OBJ);
2253
err = parse_ber_header (&p, &n, &class, &tag, &constructed,
2254
&ndef, &objlen, &hdrlen);
2255
if (!err && (objlen > n || tag != TAG_OCTET_STRING || !objlen))
2256
err = gpg_error (GPG_ERR_INV_OBJ);
2260
xfree (app->app_local->serialno);
2261
app->app_local->serialno = xtrymalloc (objlen);
2262
if (!app->app_local->serialno)
2264
err = gpg_error_from_errno (errno);
2267
memcpy (app->app_local->serialno, p, objlen);
2268
app->app_local->serialnolen = objlen;
2269
log_printhex ("Serialnumber from EF(TokenInfo) is:", p, objlen);
532
2277
/* Get all the basic information from the pkcs#15 card, check the
533
structure and init our context. This is used once at application
2278
structure and initialize our local context. This is used once at
2279
application initialization. */
535
2280
static gpg_error_t
536
2281
read_p15_info (app_t app)
538
2283
gpg_error_t err;
540
err = read_ed_odf (app);
548
do_learn_status (APP app, CTRL ctrl)
551
char ct_buf[100], id_buf[100];
554
/* Output information about all useful objects. */
555
for (i=0; objlist[i].fid; i++)
557
if (filelist[i].certtype)
561
len = app_help_read_length_of_cert (app->slot,
562
filelist[i].fid, NULL);
565
/* FIXME: We should store the length in the application's
566
context so that a following readcert does only need to
567
read that many bytes. */
568
sprintf (ct_buf, "%d", filelist[i].certtype);
569
sprintf (id_buf, "P15-DF01.%04X", filelist[i].fid);
570
send_status_info (ctrl, "CERTINFO",
571
ct_buf, strlen (ct_buf),
572
id_buf, strlen (id_buf),
576
else if (filelist[i].iskeypair)
580
err = keygripstr_from_pk_file (app->slot, filelist[i].fid, gripstr);
582
log_error ("can't get keygrip from FID 0x%04X: %s\n",
583
filelist[i].fid, gpg_strerror (err));
586
sprintf (id_buf, "P15-DF01.%04X", filelist[i].fid);
587
send_status_info (ctrl, "KEYPAIRINFO",
589
id_buf, strlen (id_buf),
601
/* Release all resources. */
603
do_deinit (app_t app)
605
if (app && app->app_local)
607
xfree (app->app_local);
608
app->app_local = NULL;
613
/* Select the PKCS#15 application on the card in SLOT. */
615
app_select_p15 (APP app)
617
static char const aid[] = { 0xA0, 0, 0, 0, 0x63,
618
0x50, 0x4B, 0x43, 0x53, 0x2D, 0x31, 0x35 };
2285
if (!read_ef_tokeninfo (app))
2287
/* If we don't have a serial number yet but the TokenInfo provides
2289
if (!app->serialno && app->app_local->serialno)
2291
app->serialno = app->app_local->serialno;
2292
app->serialnolen = app->app_local->serialnolen;
2293
app->app_local->serialno = NULL;
2294
app->app_local->serialnolen = 0;
2295
err = app_munge_serialno (app);
2301
/* Read the ODF so that we know the location of all directory
2303
/* Fixme: We might need to get a non-standard ODF FID from TokenInfo. */
2304
err = read_ef_odf (app, 0x5031);
2308
/* Read certificate information. */
2309
assert (!app->app_local->certificate_info);
2310
assert (!app->app_local->trusted_certificate_info);
2311
assert (!app->app_local->useful_certificate_info);
2312
err = read_ef_cdf (app, app->app_local->odf.certificates,
2313
&app->app_local->certificate_info);
2314
if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA)
2315
err = read_ef_cdf (app, app->app_local->odf.trusted_certificates,
2316
&app->app_local->trusted_certificate_info);
2317
if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA)
2318
err = read_ef_cdf (app, app->app_local->odf.useful_certificates,
2319
&app->app_local->useful_certificate_info);
2320
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
2325
/* Read information about private keys. */
2326
assert (!app->app_local->private_key_info);
2327
err = read_ef_prkdf (app, app->app_local->odf.private_keys,
2328
&app->app_local->private_key_info);
2329
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
2334
/* Read information about authentication objects. */
2335
assert (!app->app_local->auth_object_info);
2336
err = read_ef_aodf (app, app->app_local->odf.auth_objects,
2337
&app->app_local->auth_object_info);
2338
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
2346
/* Helper to do_learn_status: Send information about all certificates
2347
listed in CERTINFO back. Use CERTTYPE as type of the
2350
send_certinfo (app_t app, ctrl_t ctrl, const char *certtype,
2351
cdf_object_t certinfo)
2353
for (; certinfo; certinfo = certinfo->next)
2358
buf = xtrymalloc (9 + certinfo->objidlen*2 + 1);
2360
return gpg_error_from_errno (errno);
2361
p = stpcpy (buf, "P15");
2362
if (app->app_local->home_df)
2364
sprintf (p, "-%04hX", (app->app_local->home_df & 0xffff));
2367
p = stpcpy (p, ".");
2368
for (i=0; i < certinfo->objidlen; i++)
2370
sprintf (p, "%02X", certinfo->objid[i]);
2374
send_status_info (ctrl, "CERTINFO",
2375
certtype, strlen (certtype),
2384
/* Get the keygrip of the private key object PRKDF. On success the
2385
keygrip gets returned in the caller provided 41 byte buffer
2388
keygripstr_from_prkdf (app_t app, prkdf_object_t prkdf, char *r_gripstr)
2396
/* FIXME: We should check whether a public key directory file and a
2397
matching public key for PRKDF is available. This should make
2398
extraction of the key much easier. My current test card doesn't
2399
have one, so we can only use the fallback solution bu looking for
2400
a matching certificate and extract the key from there. */
2402
/* Look for a matching certificate. A certificate matches if the Id
2403
matches the obne of the private key info. */
2404
for (cdf = app->app_local->certificate_info; cdf; cdf = cdf->next)
2405
if (cdf->objidlen == prkdf->objidlen
2406
&& !memcmp (cdf->objid, prkdf->objid, prkdf->objidlen))
2409
for (cdf = app->app_local->trusted_certificate_info; cdf; cdf = cdf->next)
2410
if (cdf->objidlen == prkdf->objidlen
2411
&& !memcmp (cdf->objid, prkdf->objid, prkdf->objidlen))
2414
for (cdf = app->app_local->useful_certificate_info; cdf; cdf = cdf->next)
2415
if (cdf->objidlen == prkdf->objidlen
2416
&& !memcmp (cdf->objid, prkdf->objid, prkdf->objidlen))
2419
return gpg_error (GPG_ERR_NOT_FOUND);
2421
err = readcert_by_cdf (app, cdf, &der, &derlen);
2425
err = ksba_cert_new (&cert);
2427
err = ksba_cert_init_from_mem (cert, der, derlen);
2430
err = app_help_get_keygrip_string (cert, r_gripstr);
2431
ksba_cert_release (cert);
2439
/* Helper to do_learn_status: Send information about all known
2440
keypairs back. FIXME: much code duplication from
2443
send_keypairinfo (app_t app, ctrl_t ctrl, prkdf_object_t keyinfo)
2447
for (; keyinfo; keyinfo = keyinfo->next)
2453
buf = xtrymalloc (9 + keyinfo->objidlen*2 + 1);
2455
return gpg_error_from_errno (errno);
2456
p = stpcpy (buf, "P15");
2457
if (app->app_local->home_df)
2459
sprintf (p, "-%04hX", (app->app_local->home_df & 0xffff));
2462
p = stpcpy (p, ".");
2463
for (i=0; i < keyinfo->objidlen; i++)
2465
sprintf (p, "%02X", keyinfo->objid[i]);
2469
err = keygripstr_from_prkdf (app, keyinfo, gripstr);
2472
log_error ("can't get keygrip from ");
2473
for (j=0; j < keyinfo->pathlen; j++)
2474
log_printf ("%04hX", keyinfo->path[j]);
2475
log_printf (": %s\n", gpg_strerror (err));
2479
assert (strlen (gripstr) == 40);
2480
send_status_info (ctrl, "KEYPAIRINFO",
2492
/* This is the handler for the LEARN command. */
2494
do_learn_status (app_t app, ctrl_t ctrl)
2498
err = send_certinfo (app, ctrl, "100", app->app_local->certificate_info);
2500
err = send_certinfo (app, ctrl, "101",
2501
app->app_local->trusted_certificate_info);
2503
err = send_certinfo (app, ctrl, "102",
2504
app->app_local->useful_certificate_info);
2506
err = send_keypairinfo (app, ctrl, app->app_local->private_key_info);
2512
/* Read a certifciate using the information in CDF and return the
2513
certificate in a newly llocated buffer R_CERT and its length
2516
readcert_by_cdf (app_t app, cdf_object_t cdf,
2517
unsigned char **r_cert, size_t *r_certlen)
2520
unsigned char *buffer = NULL;
2521
const unsigned char *p, *save_p;
2523
int class, tag, constructed, ndef;
2524
size_t totobjlen, objlen, hdrlen;
2531
/* First check whether it has been cached. */
2534
*r_cert = xtrymalloc (cdf->imagelen);
2536
return gpg_error_from_errno (errno);
2537
memcpy (*r_cert, cdf->image, cdf->imagelen);
2538
*r_certlen = cdf->imagelen;
2542
/* Read the entire file. fixme: This could be optimized by first
2543
reading the header to figure out how long the certificate
2545
err = select_ef_by_path (app, cdf->path, cdf->pathlen);
2549
err = iso7816_read_binary (app->slot, cdf->off, cdf->len, &buffer, &buflen);
2550
if (!err && (!buflen || *buffer == 0xff))
2551
err = gpg_error (GPG_ERR_NOT_FOUND);
2554
log_error ("error reading certificate with Id ");
2555
for (i=0; i < cdf->objidlen; i++)
2556
log_printf ("%02X", cdf->objid[i]);
2557
log_printf (": %s\n", gpg_strerror (err));
2561
/* Check whether this is really a certificate. */
2564
err = parse_ber_header (&p, &n, &class, &tag, &constructed,
2565
&ndef, &objlen, &hdrlen);
2569
if (class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE && constructed)
2571
else if ( class == CLASS_UNIVERSAL && tag == TAG_SET && constructed )
2575
err = gpg_error (GPG_ERR_INV_OBJ);
2578
totobjlen = objlen + hdrlen;
2579
assert (totobjlen <= buflen);
2581
err = parse_ber_header (&p, &n, &class, &tag, &constructed,
2582
&ndef, &objlen, &hdrlen);
2587
&& class == CLASS_UNIVERSAL && tag == TAG_OBJECT_ID && !constructed)
2589
/* The certificate seems to be contained in a userCertificate
2590
container. Skip this and assume the following sequence is
2594
err = gpg_error (GPG_ERR_INV_OBJ);
2600
err = parse_ber_header (&p, &n, &class, &tag, &constructed,
2601
&ndef, &objlen, &hdrlen);
2604
if ( !(class == CLASS_UNIVERSAL && tag == TAG_SEQUENCE && constructed) )
2606
err = gpg_error (GPG_ERR_INV_OBJ);
2609
totobjlen = objlen + hdrlen;
2610
assert (save_p + totobjlen <= buffer + buflen);
2611
memmove (buffer, save_p, totobjlen);
2616
*r_certlen = totobjlen;
2618
/* Try to cache it. */
2619
if (!cdf->image && (cdf->image = xtrymalloc (*r_certlen)))
2621
memcpy (cdf->image, *r_cert, *r_certlen);
2622
cdf->imagelen = *r_certlen;
2632
/* Handler for the READCERT command.
2634
Read the certificate with id CERTID (as returned by learn_status in
2635
the CERTINFO status lines) and return it in the freshly allocated
2636
buffer to be stored at R_CERT and its length at R_CERTLEN. A error
2637
code will be returned on failure and R_CERT and R_CERTLEN will be
2640
do_readcert (app_t app, const char *certid,
2641
unsigned char **r_cert, size_t *r_certlen)
2648
err = cdf_object_from_certid (app, certid, &cdf);
2650
err =readcert_by_cdf (app, cdf, r_cert, r_certlen);
2656
/* Implement the GETATTR command. This is similar to the LEARN
2657
command but returns just one value via the status interface. */
2659
do_getattr (app_t app, ctrl_t ctrl, const char *name)
2664
if (!strcmp (name, "$AUTHKEYID"))
2667
prkdf_object_t prkdf;
2669
/* We return the ID of the first private keycapable of
2671
for (prkdf = app->app_local->private_key_info; prkdf;
2672
prkdf = prkdf->next)
2673
if (prkdf->usageflags.sign)
2677
buf = xtrymalloc (9 + prkdf->objidlen*2 + 1);
2679
return gpg_error_from_errno (errno);
2680
p = stpcpy (buf, "P15");
2681
if (app->app_local->home_df)
2683
sprintf (p, "-%04hX", (app->app_local->home_df & 0xffff));
2686
p = stpcpy (p, ".");
2687
for (i=0; i < prkdf->objidlen; i++)
2689
sprintf (p, "%02X", prkdf->objid[i]);
2693
send_status_info (ctrl, name, buf, strlen (buf), NULL, 0);
2698
else if (!strcmp (name, "$DISPSERIALNO"))
2700
/* For certain cards we return special IDs. There is no
2701
general rule for it so we need to decide case by case. */
2702
if (app->app_local->card_type == CARD_TYPE_BELPIC)
2704
/* The eID card has a card number printed on the fron matter
2705
which seems to be a good indication. */
2706
unsigned char *buffer;
2707
const unsigned char *p;
2709
unsigned short path[] = { 0x3F00, 0xDF01, 0x4031 };
2711
err = select_ef_by_path (app, path, DIM(path) );
2713
err = iso7816_read_binary (app->slot, 0, 0, &buffer, &buflen);
2716
log_error ("error accessing EF(ID): %s\n", gpg_strerror (err));
2720
p = find_tlv (buffer, buflen, 1, &n);
2726
memcpy (tmp+4, p+3, 7);
2728
memcpy (tmp+12, p+10, 2);
2730
send_status_info (ctrl, name, tmp, strlen (tmp), NULL, 0);
2738
return gpg_error (GPG_ERR_INV_NAME);
2744
/* Micardo cards require special treatment. This is a helper for the
2745
crypto functions to manage the security environment. We expect that
2746
the key file has already been selected. FID is the one of the
2749
micardo_mse (app_t app, unsigned short fid)
2753
unsigned short refdata = 0;
2755
unsigned char msebuf[10];
2757
/* Read the KeyD file containing extra information on keys. */
2758
err = iso7816_select_file (app->slot, 0x0013, 0, NULL, NULL);
2761
log_error ("error reading EF_keyD: %s\n", gpg_strerror (err));
2765
for (recno = 1, se_num = -1; ; recno++)
2767
unsigned char *buffer;
2770
const unsigned char *p, *pp;
2772
err = iso7816_read_record (app->slot, recno, 1, 0, &buffer, &buflen);
2773
if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
2777
log_error ("error reading EF_keyD record: %s\n",
2778
gpg_strerror (err));
2781
log_printhex ("keyD record:", buffer, buflen);
2782
p = find_tlv (buffer, buflen, 0x83, &n);
2783
if (p && n == 4 && ((p[2]<<8)|p[3]) == fid)
2785
refdata = ((p[0]<<8)|p[1]);
2786
/* Locate the SE DO and the there included sec env number. */
2787
p = find_tlv (buffer, buflen, 0x7b, &n);
2790
pp = find_tlv (p, n, 0x80, &nn);
2803
log_error ("CRT for keyfile %04hX not found\n", fid);
2804
return gpg_error (GPG_ERR_NOT_FOUND);
2808
/* Restore the security environment to SE_NUM if needed */
2811
err = iso7816_manage_security_env (app->slot, 0xf3, se_num, NULL, 0);
2814
log_error ("restoring SE to %d failed: %s\n",
2815
se_num, gpg_strerror (err));
2820
/* Set the DST reference data. */
2824
msebuf[3] = (refdata >> 8);
2825
msebuf[4] = refdata;
2826
err = iso7816_manage_security_env (app->slot, 0x41, 0xb6, msebuf, 5);
2829
log_error ("setting SE to reference file %04hX failed: %s\n",
2830
refdata, gpg_strerror (err));
2838
/* Handler for the PKSIGN command.
2840
Create the signature and return the allocated result in OUTDATA.
2841
If a PIN is required, the PINCB will be used to ask for the PIN;
2842
that callback should return the PIN in an allocated buffer and
2843
store that as the 3rd argument. */
2845
do_sign (app_t app, const char *keyidstr, int hashalgo,
2846
gpg_error_t (*pincb)(void*, const char *, char **),
2848
const void *indata, size_t indatalen,
2849
unsigned char **outdata, size_t *outdatalen )
2851
static unsigned char sha1_prefix[15] = /* Object ID is 1.3.14.3.2.26 */
2852
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03,
2853
0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 };
2854
static unsigned char rmd160_prefix[15] = /* Object ID is 1.3.36.3.2.1 */
2855
{ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03,
2856
0x02, 0x01, 0x05, 0x00, 0x04, 0x14 };
2860
unsigned char data[35]; /* Must be large enough for a SHA-1 digest
2861
+ the largest OID prefix above. */
2862
prkdf_object_t prkdf; /* The private key object. */
2863
aodf_object_t aodf; /* The associated authentication object. */
2864
int no_data_padding = 0; /* True if the card want the data without padding.*/
2865
int mse_done = 0; /* Set to true if the MSE has been done. */
2867
if (!keyidstr || !*keyidstr)
2868
return gpg_error (GPG_ERR_INV_VALUE);
2869
if (indatalen != 20 && indatalen != 16 && indatalen != 35)
2870
return gpg_error (GPG_ERR_INV_VALUE);
2872
err = prkdf_object_from_keyidstr (app, keyidstr, &prkdf);
2875
if (!(prkdf->usageflags.sign || prkdf->usageflags.sign_recover
2876
||prkdf->usageflags.non_repudiation))
2878
log_error ("key %s may not be used for signing\n", keyidstr);
2879
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
2884
log_error ("no authentication object defined for %s\n", keyidstr);
2885
/* fixme: we might want to go ahead and do without PIN
2887
return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION);
2890
/* Find the authentication object to this private key object. */
2891
for (aodf = app->app_local->auth_object_info; aodf; aodf = aodf->next)
2892
if (aodf->objidlen == prkdf->authidlen
2893
&& !memcmp (aodf->objid, prkdf->authid, prkdf->authidlen))
2897
log_error ("authentication object for %s missing\n", keyidstr);
2898
return gpg_error (GPG_ERR_INV_CARD);
2902
log_error ("PIN verification is protected by an "
2903
"additional authentication token\n");
2904
return gpg_error (GPG_ERR_BAD_PIN_METHOD);
2906
if (aodf->pinflags.integrity_protected
2907
|| aodf->pinflags.confidentiality_protected)
2909
log_error ("PIN verification requires unsupported protecion method\n");
2910
return gpg_error (GPG_ERR_BAD_PIN_METHOD);
2912
if (!aodf->stored_length && aodf->pinflags.needs_padding)
2914
log_error ("PIN verification requires padding but no length known\n");
2915
return gpg_error (GPG_ERR_INV_CARD);
2918
/* Select the key file. Note that this may change the security
2919
environment thus we do it before PIN verification. */
2920
err = select_ef_by_path (app, prkdf->path, prkdf->pathlen);
2923
log_error ("error selecting file for key %s: %s\n",
2924
keyidstr, gpg_strerror (errno));
2929
/* Due to the fact that the non-repudiation signature on a BELPIC
2930
card requires a ver verify immediately before the DSO we set the
2931
MSE before we do the verification. Other cards might allow to do
2932
this also but I don't want to break anything, thus we do it only
2933
for the BELPIC card here. */
2934
if (app->app_local->card_type == CARD_TYPE_BELPIC)
2936
unsigned char mse[5];
2938
mse[0] = 4; /* Length of the template. */
2939
mse[1] = 0x80; /* Algorithm reference tag. */
2940
mse[2] = 0x02; /* Algorithm: RSASSA-PKCS1-v1.5 using SHA1. */
2941
mse[3] = 0x84; /* Private key reference tag. */
2942
mse[4] = prkdf->key_reference_valid? prkdf->key_reference : 0x82;
2944
err = iso7816_manage_security_env (app->slot,
2947
no_data_padding = 1;
2952
log_error ("MSE failed: %s\n", gpg_strerror (err));
2957
/* Now that we have all the information available, prepare and run
2958
the PIN verification.*/
2966
if (prkdf->usageflags.non_repudiation
2967
&& app->app_local->card_type == CARD_TYPE_BELPIC)
2968
err = pincb (pincb_arg, "PIN (qualified signature!)", &pinvalue);
2970
err = pincb (pincb_arg, "PIN", &pinvalue);
2973
log_info ("PIN callback returned error: %s\n", gpg_strerror (err));
2977
/* We might need to cope with UTF8 things here. Not sure how
2978
min_length etc. are exactly defined, for now we take them as
2979
a plain octet count. */
2981
if (strlen (pinvalue) < aodf->min_length)
2983
log_error ("PIN is too short; minimum length is %lu\n",
2985
err = gpg_error (GPG_ERR_BAD_PIN);
2987
else if (aodf->stored_length && strlen (pinvalue) > aodf->stored_length)
2989
/* This would otherwise truncate the PIN silently. */
2990
log_error ("PIN is too large; maximum length is %lu\n",
2991
aodf->stored_length);
2992
err = gpg_error (GPG_ERR_BAD_PIN);
2994
else if (aodf->max_length_valid && strlen (pinvalue) > aodf->max_length)
2996
log_error ("PIN is too large; maximum length is %lu\n",
2998
err = gpg_error (GPG_ERR_BAD_PIN);
3009
switch (aodf->pintype)
3012
case PIN_TYPE_ASCII_NUMERIC:
3013
for (s=pinvalue; digitp (s); s++)
3017
errstr = "Non-numeric digits found in PIN";
3018
err = gpg_error (GPG_ERR_BAD_PIN);
3023
case PIN_TYPE_HALF_NIBBLE_BCD:
3024
errstr = "PIN type Half-Nibble-BCD is not supported";
3026
case PIN_TYPE_ISO9564_1:
3027
errstr = "PIN type ISO9564-1 is not supported";
3030
errstr = "Unknown PIN type";
3035
log_error ("can't verify PIN: %s\n", errstr);
3037
return err? err : gpg_error (GPG_ERR_BAD_PIN_METHOD);
3041
if (aodf->pintype == PIN_TYPE_BCD )
3046
for (ndigits=0, s=pinvalue; *s; ndigits++, s++)
3048
paddedpin = xtrymalloc (aodf->stored_length+1);
3051
err = gpg_error_from_errno (errno);
3057
paddedpin[i++] = 0x20 | (ndigits & 0x0f);
3058
for (s=pinvalue; i < aodf->stored_length && *s && s[1]; s = s+2 )
3059
paddedpin[i++] = (((*s - '0') << 4) | ((s[1] - '0') & 0x0f));
3060
if (i < aodf->stored_length && *s)
3061
paddedpin[i++] = (((*s - '0') << 4)
3062
|((aodf->pad_char_valid?aodf->pad_char:0)&0x0f));
3064
if (aodf->pinflags.needs_padding)
3065
while (i < aodf->stored_length)
3066
paddedpin[i++] = aodf->pad_char_valid? aodf->pad_char : 0;
3069
pinvalue = paddedpin;
3072
else if (aodf->pinflags.needs_padding)
3076
paddedpin = xtrymalloc (aodf->stored_length+1);
3079
err = gpg_error_from_errno (errno);
3083
for (i=0, s=pinvalue; i < aodf->stored_length && *s; i++, s++)
3085
/* Not sure what padding char to use if none has been set.
3086
For now we use 0x00; maybe a space would be better. */
3087
for (; i < aodf->stored_length; i++)
3088
paddedpin[i] = aodf->pad_char_valid? aodf->pad_char : 0;
3092
pinvalue = paddedpin;
3095
pinvaluelen = strlen (pinvalue);
3097
err = iso7816_verify (app->slot,
3098
aodf->pin_reference_valid? aodf->pin_reference : 0,
3099
pinvalue, pinvaluelen);
3103
log_error ("PIN verification failed: %s\n", gpg_strerror (err));
3106
log_debug ("PIN verification succeeded\n");
3109
/* Prepare the DER object from INDATA. */
3110
if (indatalen == 35)
3112
/* Alright, the caller was so kind to send us an already
3113
prepared DER object. Check that it is what we want and that
3114
it matches the hash algorithm. */
3115
if (hashalgo == GCRY_MD_SHA1 && !memcmp (indata, sha1_prefix, 15))
3117
else if (hashalgo == GCRY_MD_RMD160
3118
&& !memcmp (indata, rmd160_prefix, 15))
3121
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
3122
memcpy (data, indata, indatalen);
3126
/* Need to prepend the prefix. */
3127
if (hashalgo == GCRY_MD_SHA1)
3128
memcpy (data, sha1_prefix, 15);
3129
else if (hashalgo == GCRY_MD_RMD160)
3130
memcpy (data, rmd160_prefix, 15);
3132
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
3133
memcpy (data+15, indata, indatalen);
3136
/* Manage security environment needs to be weaked for certain cards. */
3139
else if (app->app_local->card_type == CARD_TYPE_TCOS)
3141
/* TCOS creates signatures always using the local key 0. MSE
3144
else if (app->app_local->card_type == CARD_TYPE_MICARDO)
3146
if (!prkdf->pathlen)
3147
err = gpg_error (GPG_ERR_BUG);
3149
err = micardo_mse (app, prkdf->path[prkdf->pathlen-1]);
3151
else if (prkdf->key_reference_valid)
3153
unsigned char mse[3];
3155
mse[0] = 0x84; /* Select asym. key. */
3157
mse[2] = prkdf->key_reference;
3159
err = iso7816_manage_security_env (app->slot,
3165
log_error ("MSE failed: %s\n", gpg_strerror (err));
3169
if (no_data_padding)
3170
err = iso7816_compute_ds (app->slot, data+15, 20, outdata, outdatalen);
3172
err = iso7816_compute_ds (app->slot, data, 35, outdata, outdatalen);
3177
/* Handler for the PKAUTH command.
3179
This is basically the same as the PKSIGN command but we firstcheck
3180
that the requested key is suitable for authentication; that is, it
3181
must match the criteria used for the attribute $AUTHKEYID. See
3182
do_sign for calling conventions; there is no HASHALGO, though. */
3184
do_auth (app_t app, const char *keyidstr,
3185
gpg_error_t (*pincb)(void*, const char *, char **),
3187
const void *indata, size_t indatalen,
3188
unsigned char **outdata, size_t *outdatalen )
3191
prkdf_object_t prkdf;
3193
if (!keyidstr || !*keyidstr)
3194
return gpg_error (GPG_ERR_INV_VALUE);
3196
err = prkdf_object_from_keyidstr (app, keyidstr, &prkdf);
3199
if (!prkdf->usageflags.sign)
3201
log_error ("key %s may not be used for authentication\n", keyidstr);
3202
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
3204
return do_sign (app, keyidstr, GCRY_MD_SHA1, pincb, pincb_arg,
3205
indata, indatalen, outdata, outdatalen);
3210
/* Assume that EF(DIR) has been selected. Read its content and figure
3211
out the home EF of pkcs#15. Return that home DF or 0 if not found
3212
and the value at the address of BELPIC indicates whether it was
3213
found by the belpic aid. */
3214
static unsigned short
3215
read_home_df (int slot, int *r_belpic)
3218
unsigned char *buffer;
3219
const unsigned char *p, *pp;
3220
size_t buflen, n, nn;
3221
unsigned short result = 0;
3225
err = iso7816_read_binary (slot, 0, 0, &buffer, &buflen);
3228
log_error ("error reading EF{DIR}: %s\n", gpg_strerror (err));
3232
/* FIXME: We need to scan all records. */
3233
p = find_tlv (buffer, buflen, 0x61, &n);
3236
pp = find_tlv (p, n, 0x4f, &nn);
3237
if (pp && ((nn == sizeof pkcs15_aid && !memcmp (pp, pkcs15_aid, nn))
3238
|| (*r_belpic = (nn == sizeof pkcs15be_aid
3239
&& !memcmp (pp, pkcs15be_aid, nn)))))
3241
pp = find_tlv (p, n, 0x50, &nn);
3242
if (pp) /* fixme: Filter log value? */
3243
log_info ("pkcs#15 application label from EF(DIR) is `%.*s'\n",
3245
pp = find_tlv (p, n, 0x51, &nn);
3246
if (pp && nn == 4 && *pp == 0x3f && !pp[1])
3248
result = ((pp[2] << 8) | pp[3]);
3249
log_info ("pkcs#15 application directory is 0x%04hX\n", result);
3259
Select the PKCS#15 application on the card in SLOT.
3262
app_select_p15 (app_t app)
619
3264
int slot = app->slot;
622
rc = iso7816_select_application (slot, aid, sizeof aid);
3266
unsigned short def_home_df = 0;
3267
card_type_t card_type = CARD_TYPE_UNKNOWN;
3271
rc = iso7816_select_application (slot, pkcs15_aid, sizeof pkcs15_aid);
3274
rc = iso7816_select_application (slot, pkcs15be_aid,sizeof pkcs15be_aid);
3279
{ /* Not found: Try to locate it from 2F00. We use direct path
3280
selection here because it seems that the Belgian eID card
3281
does only allow for that. Many other cards supports this
3282
selection method too. */
3283
unsigned short path[1] = { 0x2f00 };
3285
rc = iso7816_select_path (app->slot, path, 1, NULL, NULL);
3289
def_home_df = read_home_df (slot, &is_belpic);
3292
path[0] = def_home_df;
3293
rc = iso7816_select_path (app->slot, path, 1, NULL, NULL);
3298
{ /* Still not found: Try the default DF. */
3299
def_home_df = 0x5015;
3300
rc = iso7816_select_file (slot, def_home_df, 1, NULL, NULL);
3304
/* Determine the type of the card. The general case is to look
3305
it up from the ATR table. For the Belgian eID card we know
3306
it instantly from the AID. */
3309
card_type = CARD_TYPE_BELPIC;
3317
atr = apdu_get_atr (app->slot, &atrlen);
3319
rc = gpg_error (GPG_ERR_INV_CARD);
3322
for (i=0; card_atr_list[i].atrlen; i++)
3323
if (card_atr_list[i].atrlen == atrlen
3324
&& !memcmp (card_atr_list[i].atr, atr, atrlen))
3326
card_type = card_atr_list[i].type;
625
3335
app->apptype = "P15";