| blob | 9ec2a52c520920d785011ee7edf923c43e8d3c77 |
1 /* card.c - SCdaemon card functions
2 * Copyright (C) 2002 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
19 */
21 #include <config.h>
22 #include <errno.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <time.h>
28 #ifdef HAVE_OPENSC
29 #include <opensc/pkcs15.h>
30 #endif
33 #include <ksba.h>
37 /* Map the SC error codes to the GNUPG ones */
38 gpg_error_t
40 {
41 gpg_err_code_t e;
44 {
46 #ifdef HAVE_OPENSC
53 #endif
55 }
56 /* It does not make much sense to further distingusih the error
57 source between OpenSC and SCD. Thus we use SCD as source
58 here. */
60 }
62 /* Get the keygrip from CERT, return 0 on success */
63 int
65 {
66 gcry_sexp_t s_pkey;
68 ksba_sexp_t p;
86 }
93 \f
94 /* Create a new context for the card and figures out some basic
95 information of the card. Detects whether a PKCS_15 application is
96 stored.
98 Common errors: GPG_ERR_CARD_NOT_PRESENT */
99 int
101 {
102 #ifdef HAVE_OPENSC
103 CARD card;
116 {
120 }
122 {
126 }
132 {
135 }
139 {
144 }
151 {
156 }
159 leave:
162 else
166 #else
168 #endif
169 }
172 /* Close a card and release all resources */
173 void
175 {
177 {
178 #ifdef HAVE_OPENSC
180 {
183 }
187 {
191 }
193 {
196 }
197 #endif
199 }
200 }
202 /* Locate a simple TLV encoded data object in BUFFER of LENGTH and
203 return a pointer to value as well as its length in NBYTES. Return
204 NULL if it was not found. Note, that the function does not check
205 whether the value fits into the provided buffer. */
206 #ifdef HAVE_OPENSC
210 {
216 {
223 {
228 }
230 {
233 }
237 }
238 }
241 /* Find the ICC Serial Number within the provided BUFFER of LENGTH
242 (which should contain the GDO file) and return it as a hex encoded
243 string and allocated string in SERIAL. Return an error code when
244 the ICCSN was not found. */
245 #ifdef HAVE_OPENSC
246 static int
248 {
258 {
259 /* Oops, it does not fit into the buffer. This is an invalid
260 encoding (or the buffer is too short. However, I have some
261 test cards with such an invalid encoding and therefore I use
262 this ugly workaround to return something I can further
263 experiment with. */
265 {
267 n--;
268 }
269 else
271 not fit into buffer. */
272 }
283 }
286 /* Retrieve the serial number and the time of the last update of the
287 card. The serial number is returned as a malloced string (hex
288 encoded) in SERIAL and the time of update is returned in STAMP.
289 If no update time is available the returned value is 0. The serial
290 is mandatory for a PKCS_15 application and an error will be
291 returned if this value is not availbale. For non-PKCS-15 cards a
292 serial number is constructed by other means. Caller must free
293 SERIAL unless the function returns an error. */
294 int
296 {
297 #ifdef HAVE_OPENSC
303 #endif
311 #ifdef HAVE_OPENSC
313 {
315 /* The first use of this card tries to figure out the type of the card
316 and sets up the function pointers. */
319 {
325 }
329 }
332 /* We should lookup the iso 7812-1 and 8583-3 - argh ISO
333 practice is suppressing innovation - IETF rules! So we
334 always get the serialnumber from the 2F02 GDO file. */
335 /* FIXME: in case we can't parse the 2F02 EF and we have a P15 card,
336 we should get the serial number from the respective P15 file */
340 {
343 }
346 {
350 }
357 }
363 {
366 }
368 {
371 }
378 the serial number from the EF(TokenInfo). We indicate such a
379 serial number by the using the prefix: "FF0100". */
391 else
392 {
396 }
397 }
400 requires that we put our default prefix "FF0000" in front. */
403 {
407 }
408 else
409 {
414 }
415 }
417 #else
419 #endif
420 }
423 /* Enumerate all keypairs on the card and return the Keygrip as well
424 as the internal identification of the key. KEYGRIP must be a
425 caller provided buffer with a size of 20 bytes which will receive
426 the KEYGRIP of the keypair. If KEYID is not NULL, it returns the
427 ID field of the key in allocated memory; this is a string without
428 spaces. The function returns -1 when all keys have been
429 enumerated. Note that the error GPG_ERR_MISSING_CERTIFICATE may be
430 returned if there is just the private key but no public key (ie.e a
431 certificate) available. Applications might want to continue
432 enumerating after this error.*/
433 int
437 {
456 }
459 /* Enumerate all trusted certificates available on the card, return
460 their ID in CERT and the type in CERTTYPE. Types of certificates
461 are:
462 0 := Unknown
463 100 := Regular X.509 cert
464 101 := Trusted X.509 cert
465 102 := Useful X.509 cert
466 110 := Root CA cert (DINSIG)
467 */
468 int
470 {
489 }
493 /* Read the certificate identified by CERTIDSTR which is the
494 hexadecimal encoded ID of the certificate, prefixed with the string
495 "3F005015.". The certificate is return in DER encoded form in CERT
496 and NCERT. */
497 int
500 {
513 }
516 /* Create the signature and return the allocated result in OUTDATA.
517 If a PIN is required the PINCB will be used to ask for the PIN; it
518 should return the PIN in an allocated buffer and put it into PIN. */
519 int
525 {
541 }
544 /* Create the signature and return the allocated result in OUTDATA.
545 If a PIN is required the PINCB will be used to ask for the PIN; it
546 should return the PIN in an allocated buffer and put it into PIN. */
547 int
553 {
569 }