| blob | a0213483f6719597a781a50bb8f7fadef90e7132 |
1 /* card.c - SCdaemon card functions
2 * Copyright (C) 2002 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
20 #include <config.h>
21 #include <errno.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <time.h>
27 #ifdef HAVE_OPENSC
28 #include <opensc/pkcs15.h>
29 #endif
32 #include <ksba.h>
36 /* Map the SC error codes to the GNUPG ones */
37 gpg_error_t
39 {
40 gpg_err_code_t e;
43 {
45 #ifdef HAVE_OPENSC
52 #endif
54 }
55 /* It does not make much sense to further distingusih the error
56 source between OpenSC and SCD. Thus we use SCD as source
57 here. */
59 }
61 /* Get the keygrip from CERT, return 0 on success */
62 int
64 {
65 gcry_sexp_t s_pkey;
67 ksba_sexp_t p;
85 }
92 \f
93 /* Create a new context for the card and figures out some basic
94 information of the card. Detects whether a PKCS_15 application is
95 stored.
97 Common errors: GPG_ERR_CARD_NOT_PRESENT */
98 int
100 {
101 #ifdef HAVE_OPENSC
102 CARD card;
115 {
119 }
121 {
125 }
131 {
134 }
138 {
143 }
150 {
155 }
158 leave:
161 else
165 #else
167 #endif
168 }
171 /* Close a card and release all resources */
172 void
174 {
176 {
177 #ifdef HAVE_OPENSC
179 {
182 }
186 {
190 }
192 {
195 }
196 #endif
198 }
199 }
201 /* Locate a simple TLV encoded data object in BUFFER of LENGTH and
202 return a pointer to value as well as its length in NBYTES. Return
203 NULL if it was not found. Note, that the function does not check
204 whether the value fits into the provided buffer. */
205 #ifdef HAVE_OPENSC
209 {
215 {
222 {
227 }
229 {
232 }
236 }
237 }
240 /* Find the ICC Serial Number within the provided BUFFER of LENGTH
241 (which should contain the GDO file) and return it as a hex encoded
242 string and allocated string in SERIAL. Return an error code when
243 the ICCSN was not found. */
244 #ifdef HAVE_OPENSC
245 static int
247 {
257 {
258 /* Oops, it does not fit into the buffer. This is an invalid
259 encoding (or the buffer is too short. However, I have some
260 test cards with such an invalid encoding and therefore I use
261 this ugly workaround to return something I can further
262 experiment with. */
264 {
266 n--;
267 }
268 else
270 not fit into buffer. */
271 }
282 }
285 /* Retrieve the serial number and the time of the last update of the
286 card. The serial number is returned as a malloced string (hex
287 encoded) in SERIAL and the time of update is returned in STAMP.
288 If no update time is available the returned value is 0. The serial
289 is mandatory for a PKCS_15 application and an error will be
290 returned if this value is not availbale. For non-PKCS-15 cards a
291 serial number is constructed by other means. Caller must free
292 SERIAL unless the function returns an error. */
293 int
295 {
296 #ifdef HAVE_OPENSC
302 #endif
310 #ifdef HAVE_OPENSC
312 {
314 /* The first use of this card tries to figure out the type of the card
315 and sets up the function pointers. */
318 {
324 }
328 }
331 /* We should lookup the iso 7812-1 and 8583-3 - argh ISO
332 practice is suppressing innovation - IETF rules! So we
333 always get the serialnumber from the 2F02 GDO file. */
334 /* FIXME: in case we can't parse the 2F02 EF and we have a P15 card,
335 we should get the serial number from the respective P15 file */
339 {
342 }
345 {
349 }
356 }
362 {
365 }
367 {
370 }
377 the serial number from the EF(TokenInfo). We indicate such a
378 serial number by the using the prefix: "FF0100". */
390 else
391 {
395 }
396 }
399 requires that we put our default prefix "FF0000" in front. */
402 {
406 }
407 else
408 {
413 }
414 }
416 #else
418 #endif
419 }
422 /* Enumerate all keypairs on the card and return the Keygrip as well
423 as the internal identification of the key. KEYGRIP must be a
424 caller provided buffer with a size of 20 bytes which will receive
425 the KEYGRIP of the keypair. If KEYID is not NULL, it returns the
426 ID field of the key in allocated memory; this is a string without
427 spaces. The function returns -1 when all keys have been
428 enumerated. Note that the error GPG_ERR_MISSING_CERTIFICATE may be
429 returned if there is just the private key but no public key (ie.e a
430 certificate) available. Applications might want to continue
431 enumerating after this error.*/
432 int
436 {
455 }
458 /* Enumerate all trusted certificates available on the card, return
459 their ID in CERT and the type in CERTTYPE. Types of certificates
460 are:
461 0 := Unknown
462 100 := Regular X.509 cert
463 101 := Trusted X.509 cert
464 102 := Useful X.509 cert
465 110 := Root CA cert (DINSIG)
466 */
467 int
469 {
488 }
492 /* Read the certificate identified by CERTIDSTR which is the
493 hexadecimal encoded ID of the certificate, prefixed with the string
494 "3F005015.". The certificate is return in DER encoded form in CERT
495 and NCERT. */
496 int
499 {
512 }
515 /* Create the signature and return the allocated result in OUTDATA.
516 If a PIN is required the PINCB will be used to ask for the PIN; it
517 should return the PIN in an allocated buffer and put it into PIN. */
518 int
524 {
540 }
543 /* Create the signature and return the allocated result in OUTDATA.
544 If a PIN is required the PINCB will be used to ask for the PIN; it
545 should return the PIN in an allocated buffer and put it into PIN. */
546 int
552 {
568 }