| blob | 7a41ab7bbfe34847d4042b472c0baf32ec86b682 |
1 /* card.c - SCdaemon card functions
2 * Copyright (C) 2002 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
19 * USA.
20 */
22 #include <config.h>
23 #include <errno.h>
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <string.h>
27 #include <time.h>
29 #ifdef HAVE_OPENSC
30 #include <opensc/pkcs15.h>
31 #endif
34 #include <ksba.h>
38 /* Map the SC error codes to the GNUPG ones */
39 gpg_error_t
41 {
42 gpg_err_code_t e;
45 {
47 #ifdef HAVE_OPENSC
54 #endif
56 }
57 /* It does not make much sense to further distingusih the error
58 source between OpenSC and SCD. Thus we use SCD as source
59 here. */
61 }
63 /* Get the keygrip from CERT, return 0 on success */
64 int
66 {
67 gcry_sexp_t s_pkey;
69 ksba_sexp_t p;
87 }
94 \f
95 /* Create a new context for the card and figures out some basic
96 information of the card. Detects whether a PKCS_15 application is
97 stored.
99 Common errors: GPG_ERR_CARD_NOT_PRESENT */
100 int
102 {
103 #ifdef HAVE_OPENSC
104 CARD card;
117 {
121 }
123 {
127 }
133 {
136 }
140 {
145 }
152 {
157 }
160 leave:
163 else
167 #else
169 #endif
170 }
173 /* Close a card and release all resources */
174 void
176 {
178 {
179 #ifdef HAVE_OPENSC
181 {
184 }
188 {
192 }
194 {
197 }
198 #endif
200 }
201 }
203 /* Locate a simple TLV encoded data object in BUFFER of LENGTH and
204 return a pointer to value as well as its length in NBYTES. Return
205 NULL if it was not found. Note, that the function does not check
206 whether the value fits into the provided buffer. */
207 #ifdef HAVE_OPENSC
211 {
217 {
224 {
229 }
231 {
234 }
238 }
239 }
242 /* Find the ICC Serial Number within the provided BUFFER of LENGTH
243 (which should contain the GDO file) and return it as a hex encoded
244 string and allocated string in SERIAL. Return an error code when
245 the ICCSN was not found. */
246 #ifdef HAVE_OPENSC
247 static int
249 {
259 {
260 /* Oops, it does not fit into the buffer. This is an invalid
261 encoding (or the buffer is too short. However, I have some
262 test cards with such an invalid encoding and therefore I use
263 this ugly workaround to return something I can further
264 experiment with. */
266 {
268 n--;
269 }
270 else
272 not fit into buffer. */
273 }
284 }
287 /* Retrieve the serial number and the time of the last update of the
288 card. The serial number is returned as a malloced string (hex
289 encoded) in SERIAL and the time of update is returned in STAMP.
290 If no update time is available the returned value is 0. The serial
291 is mandatory for a PKCS_15 application and an error will be
292 returned if this value is not availbale. For non-PKCS-15 cards a
293 serial number is constructed by other means. Caller must free
294 SERIAL unless the function returns an error. */
295 int
297 {
298 #ifdef HAVE_OPENSC
304 #endif
312 #ifdef HAVE_OPENSC
314 {
316 /* The first use of this card tries to figure out the type of the card
317 and sets up the function pointers. */
320 {
326 }
330 }
333 /* We should lookup the iso 7812-1 and 8583-3 - argh ISO
334 practice is suppressing innovation - IETF rules! So we
335 always get the serialnumber from the 2F02 GDO file. */
336 /* FIXME: in case we can't parse the 2F02 EF and we have a P15 card,
337 we should get the serial number from the respective P15 file */
341 {
344 }
347 {
351 }
358 }
364 {
367 }
369 {
372 }
379 the serial number from the EF(TokenInfo). We indicate such a
380 serial number by the using the prefix: "FF0100". */
392 else
393 {
397 }
398 }
401 requires that we put our default prefix "FF0000" in front. */
404 {
408 }
409 else
410 {
415 }
416 }
418 #else
420 #endif
421 }
424 /* Enumerate all keypairs on the card and return the Keygrip as well
425 as the internal identification of the key. KEYGRIP must be a
426 caller provided buffer with a size of 20 bytes which will receive
427 the KEYGRIP of the keypair. If KEYID is not NULL, it returns the
428 ID field of the key in allocated memory; this is a string without
429 spaces. The function returns -1 when all keys have been
430 enumerated. Note that the error GPG_ERR_MISSING_CERTIFICATE may be
431 returned if there is just the private key but no public key (ie.e a
432 certificate) available. Applications might want to continue
433 enumerating after this error.*/
434 int
438 {
457 }
460 /* Enumerate all trusted certificates available on the card, return
461 their ID in CERT and the type in CERTTYPE. Types of certificates
462 are:
463 0 := Unknown
464 100 := Regular X.509 cert
465 101 := Trusted X.509 cert
466 102 := Useful X.509 cert
467 110 := Root CA cert (DINSIG)
468 */
469 int
471 {
490 }
494 /* Read the certificate identified by CERTIDSTR which is the
495 hexadecimal encoded ID of the certificate, prefixed with the string
496 "3F005015.". The certificate is return in DER encoded form in CERT
497 and NCERT. */
498 int
501 {
514 }
517 /* Create the signature and return the allocated result in OUTDATA.
518 If a PIN is required the PINCB will be used to ask for the PIN; it
519 should return the PIN in an allocated buffer and put it into PIN. */
520 int
526 {
542 }
545 /* Create the signature and return the allocated result in OUTDATA.
546 If a PIN is required the PINCB will be used to ask for the PIN; it
547 should return the PIN in an allocated buffer and put it into PIN. */
548 int
554 {
570 }