root/trunk/src/libopensc/pkcs15-atrust-acos.c

Revision 3405, 8.6 kB (checked in by alonbl, 9 months ago)

Complete rewrite of OpenSC build system.

1. Build system now supports MinGW (Windows) compilation using msys and cross compilation.
2. Ability to explicitly disable and enable dependencies of the package.
3. openct, pcsc and nsplugins features are disabled by default.
4. Modified pcsc driver to use pcsc dynamically, no compile time dependency is required.
5. --enable-pcsc-lite configuration option renamed to --enable-pcsc.
6. Install opensc.conf file (as opensc.conf.new if opensc.conf exists).
7. Add--enable-doc configuration option, allow installing documentation into target.
8. Add --disable-man configuration option, allow msys mingw32 users to

build from svn without extra dependencies.

9. Add export files to each library in order to export only required symbols.

Windows native build may use these files instead of scanning objects' symbols.

10. Add opensc-tool --info to display some general information about the build.
11. Create compatibility library to be linked against library instread of recompiling the

same source files in different places.

12. Add different win32 version resource to each class of outputs.
13. Make xsl-stylesheets location selectable.
14. Some win32 fixups.
15. Some warning fixups.
16. Many other autoconf/automake cleanups.

Alon Bar-Lev

svn diff -r 3315:3399 https://www.opensc-project.org/svn/opensc/branches/alonbl/mingw

_M .
D configure.in
_M src
_M src/openssh
M src/openssh/Makefile.am
_M src/tools
M src/tools/rutoken-tool.c
M src/tools/opensc-tool.c
M src/tools/cardos-info.c
M src/tools/pkcs15-crypt.c
M src/tools/pkcs15-init.c
M src/tools/piv-tool.c
M src/tools/netkey-tool.c
M src/tools/eidenv.c
M src/tools/cryptoflex-tool.c
M src/tools/util.c
M src/tools/pkcs11-tool.c
M src/tools/pkcs15-tool.c
M src/tools/util.h
M src/tools/opensc-explorer.c
M src/tools/Makefile.am
_M src/pkcs11
M src/pkcs11/pkcs11-global.c
M src/pkcs11/framework-pkcs15.c
M src/pkcs11/mechanism.c
M src/pkcs11/pkcs11-display.c
M src/pkcs11/pkcs11-object.c
A src/pkcs11/opensc-pkcs11.exports
M src/pkcs11/sc-pkcs11.h
M src/pkcs11/pkcs11-spy.c
M src/pkcs11/openssl.c
M src/pkcs11/Makefile.am
A src/pkcs11/pkcs11-spy.exports
_M src/tests
_M src/tests/regression
M src/tests/regression/Makefile.am
M src/tests/sc-test.c
M src/tests/pintest.c
M src/tests/Makefile.am
_M src/include
_M src/include/opensc
M src/include/opensc/Makefile.am
A src/include/opensc/svnignore
M src/include/Makefile.am
_M src/signer
_M src/signer/npinclude
M src/signer/npinclude/Makefile.am
M src/signer/Makefile.am
A src/signer/signer.exports
_M src/common
A src/common/compat_dummy.c
D src/common/getopt.txt
D src/common/strlcpy.c
D src/common/LICENSE
A src/common/compat_getopt.txt
A src/common/compat_strlcpy.c
A src/common/LICENSE.compat_getopt
A src/common/compat_getopt.c
D src/common/strlcpy.h
D src/common/ChangeLog
D src/common/getpass.c
D src/common/my_getopt.c
A src/common/compat_strlcpy.h
A src/common/compat_getpass.c
A src/common/compat_getopt.h
A src/common/ChangeLog.compat_getopt
D src/common/README.strlcpy
D src/common/my_getopt.h
A src/common/compat_getpass.h
A src/common/README.compat_strlcpy
D src/common/strlcpy.3
A src/common/README.compat_getopt
D src/common/getopt.3
D src/common/README.my_getopt
A src/common/compat_strlcpy.3
A src/common/compat_getopt.3
M src/common/Makefile.am
M src/Makefile.am
_M src/pkcs15init
M src/pkcs15init/pkcs15-oberthur.c
M src/pkcs15init/profile.c
M src/pkcs15init/pkcs15-lib.c
M src/pkcs15init/pkcs15-rutoken.c
A src/pkcs15init/pkcs15init.exports
M src/pkcs15init/pkcs15-gpk.c
M src/pkcs15init/Makefile.am
_M src/scconf
M src/scconf/Makefile.am
M src/scconf/parse.c
A src/scconf/scconf.exports
_M src/libopensc
M src/libopensc/card-rutoken.c
M src/libopensc/compression.c
M src/libopensc/sc.c
M src/libopensc/card-piv.c
M src/libopensc/pkcs15-openpgp.c
M src/libopensc/pkcs15-postecert.c
M src/libopensc/pkcs15-tcos.c
M src/libopensc/opensc-config.in
M src/libopensc/reader-pcsc.c
A src/libopensc/internal-winscard.h
M src/libopensc/ctx.c
A src/libopensc/libopensc.exports
M src/libopensc/pkcs15-piv.c
M src/libopensc/pkcs15-infocamere.c
M src/libopensc/internal.h
M src/libopensc/pkcs15-actalis.c
M src/libopensc/pkcs15-starcert.c
M src/libopensc/card-oberthur.c
M src/libopensc/pkcs15-atrust-acos.c
M src/libopensc/p15card-helper.c
D src/libopensc/part10.h
M src/libopensc/ui.c
M src/libopensc/card-gpk.c
M src/libopensc/pkcs15-wrap.c
M src/libopensc/pkcs15-gemsafeGPK.c
M src/libopensc/log.c
M src/libopensc/pkcs15-esteid.c
M src/libopensc/pkcs15-prkey-rutoken.c
M src/libopensc/log.h
M src/libopensc/Makefile.am
M src/libopensc/reader-openct.c
_M aclocal
M aclocal/Makefile.am
_M win32
M win32/Makefile.am
A win32/versioninfo.rc.in
A win32/ltrc.inc
A configure.ac
_M doc
_M doc/tools
M doc/tools/pkcs15-profile.xml
D doc/changelog.sh
D doc/export-wiki.xsl
_M doc/api
_M doc/api/file
M doc/api/man.xsl
_M doc/api/asn1
_M doc/api/apps
_M doc/api/init
_M doc/api/types
_M doc/api/card
M doc/api/html.xsl
_M doc/api/misc
_M doc/api/util
M doc/Makefile.am
D doc/export-wiki.sh
AM doc/nonpersistent
A doc/nonpersistent/export-wiki.xsl
A doc/nonpersistent/Makefile.am
A doc/nonpersistent/export-wiki.sh
A doc/nonpersistent/svn2cl.xsl
D doc/generate-man.sh
D doc/svn2cl.xsl
M Makefile.am
A svnignore
_M etc
M etc/opensc.conf.in
M etc/Makefile.am
D man
_M solaris
M solaris/Makefile
Line 
1/*
2 * partial PKCS15 emulation for A-Trust ACOS cards
3 *
4 * Copyright (C) 2005  Franz Brandl <brandl@a-trust.at> based on work from
5 *                     Nils Larsch  <larsch@trustcenter.de>, TrustCenter AG
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
20 */
21
22#include <opensc/pkcs15.h>
23#include <opensc/cardctl.h>
24#include <stdlib.h>
25#include <string.h>
26#include <stdio.h>
27#include <compat_strlcpy.h>
28
29#define MANU_ID         "A-Trust"
30#define CARD_LABEL      "a.sign Premium a"
31
32int sc_pkcs15emu_atrust_acos_init_ex(sc_pkcs15_card_t *, sc_pkcs15emu_opt_t *);
33
34typedef struct cdata_st {
35        const char *label;
36        int         authority;
37        const char *path;
38        const char *id;
39        int         obj_flags;
40} cdata;
41
42typedef struct pdata_st {
43        const char *id;
44        const char *label;
45        const char *path;
46        int         ref;
47        int         type;
48        unsigned int maxlen;
49        unsigned int minlen;
50        unsigned int storedlen;
51        int         flags;     
52        int         tries_left;
53        const char  pad_char;
54        int         obj_flags;
55} pindata;
56
57typedef struct prdata_st {
58        const char *id;
59        const char *label;
60        unsigned int modulus_len;
61        int         usage;
62        const char *path;
63        int         ref;
64        const char *auth_id;
65        int         obj_flags;
66} prdata;
67
68static int get_cert_len(sc_card_t *card, sc_path_t *path)
69{
70        int r;
71        u8  buf[8];
72
73        r = sc_select_file(card, path, NULL);
74        if (r < 0)
75                return 0;
76        r = sc_read_binary(card, 0, buf, sizeof(buf), 0);
77        if (r < 0)     
78                return 0;
79        if (buf[0] != 0x30 || buf[1] != 0x82)
80                return 0;
81        path->index = 0;
82        path->count = ((((size_t) buf[2]) << 8) | buf[3]) + 4;
83        return 1;
84}
85
86static int acos_detect_card(sc_pkcs15_card_t *p15card)
87{
88        int       r;
89        u8        buf[128];
90        sc_path_t path;
91        sc_card_t *card = p15card->card;
92
93        /* check if we have the correct card OS */
94        if (strncmp(card->name, "A-TRUST ACOS", strlen("A-TRUST ACOS")))
95                return SC_ERROR_WRONG_CARD;
96        /* read EF_CIN_CSN file */
97        sc_format_path("DF71D001", &path);
98        sc_ctx_suppress_errors_on(card->ctx);
99        r = sc_select_file(card, &path, NULL);
100        sc_ctx_suppress_errors_off(card->ctx);
101        if (r != SC_SUCCESS)
102                return SC_ERROR_WRONG_CARD;
103        r = sc_read_binary(card, 0, buf, 8, 0);
104        if (r != 8)
105                return SC_ERROR_WRONG_CARD;
106
107        return SC_SUCCESS;
108}
109
110static int sc_pkcs15emu_atrust_acos_init(sc_pkcs15_card_t *p15card)
111{
112        const cdata certs[] = {
113                {"C.CH.EKEY", 0, "DF71C001","1", 0},/* Decryption Certificate */
114#if 0
115                {"C.CH.DS",   0, "DF70C002","2", 0},/* Signature Certificate */
116#endif
117                {NULL, 0, NULL, NULL, 0}
118        };
119
120        const pindata pins[] = {
121                { "01", "PIN.DEC", "3F00DF71", 0x81, /* Decryption PIN */
122                  SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
123                  4, 4, 8, SC_PKCS15_PIN_FLAG_NEEDS_PADDING |
124                  SC_PKCS15_PIN_FLAG_LOCAL, -1, 0x00,
125                  SC_PKCS15_CO_FLAG_MODIFIABLE | SC_PKCS15_CO_FLAG_PRIVATE },
126#if 0
127                { "02", "PIN.SIG", "3F00DF70", 0x81, /* Signature PIN */
128                  SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
129                  6, 6, 8, SC_PKCS15_PIN_FLAG_NEEDS_PADDING |
130                  SC_PKCS15_PIN_FLAG_LOCAL, -1, 0x00,
131                  SC_PKCS15_CO_FLAG_MODIFIABLE | SC_PKCS15_CO_FLAG_PRIVATE },
132                { "03", "PIN.INF", "3F00DF71", 0x83, /* Infobox PIN */
133                  SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
134                  4, 4, 8, SC_PKCS15_PIN_FLAG_NEEDS_PADDING |
135                  SC_PKCS15_PIN_FLAG_LOCAL, -1, 0x00,
136                  SC_PKCS15_CO_FLAG_MODIFIABLE | SC_PKCS15_CO_FLAG_PRIVATE },
137#endif
138                { NULL, NULL, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0}
139        };
140
141        const prdata prkeys[] = {
142                { "1", "SK.CH.EKEY", 1536,
143                        SC_PKCS15_PRKEY_USAGE_SIGN | SC_PKCS15_PRKEY_USAGE_DECRYPT | SC_PKCS15_PRKEY_USAGE_UNWRAP,
144                  "", /* do not specify file here to prevent reset of security state */
145                  0x88, "01", SC_PKCS15_CO_FLAG_PRIVATE},
146#if 0
147                { "2", "SK.CH.DS", 192,
148                        SC_PKCS15_PRKEY_USAGE_SIGN,
149                  "", /* do not specify file here to prevent reset of security state */
150                  0x88, "02", SC_PKCS15_CO_FLAG_PRIVATE},
151#endif
152                { NULL, NULL, 0, 0, NULL, 0, NULL, 0}
153        };
154
155        int    r, i;
156        u8     buf[256];
157        char   buf2[256];
158        sc_path_t path;
159        sc_file_t *file = NULL;
160        sc_card_t *card = p15card->card;
161
162        /* get serial number */
163
164        /* read EF_CIN_CSN file */
165        sc_format_path("DF71D001", &path);
166        sc_ctx_suppress_errors_on(card->ctx);
167        r = sc_select_file(card, &path, NULL);
168        sc_ctx_suppress_errors_off(card->ctx);
169        if (r != SC_SUCCESS)
170                return SC_ERROR_INTERNAL;
171        r = sc_read_binary(card, 0, buf, 8, 0);
172        if (r != 8)
173                return SC_ERROR_INTERNAL;
174        r = sc_bin_to_hex(buf, 8, buf2, sizeof(buf2), 0);
175        if (r != SC_SUCCESS)
176                return SC_ERROR_INTERNAL;
177        if (p15card->serial_number)
178                free(p15card->serial_number);
179        p15card->serial_number = (char *) malloc(strlen(buf2) + 1);
180        if (!p15card->serial_number)
181                return SC_ERROR_INTERNAL;
182        strcpy(p15card->serial_number, buf2);
183
184        /* the TokenInfo version number */
185        p15card->version = 0;
186
187        /* manufacturer ID */
188        if (p15card->manufacturer_id)
189                free(p15card->manufacturer_id);
190        p15card->manufacturer_id = (char *) malloc(strlen(MANU_ID) + 1);
191        if (!p15card->manufacturer_id)
192                return SC_ERROR_INTERNAL;
193        strcpy(p15card->manufacturer_id, MANU_ID);
194
195        /* card label */
196        if (p15card->label)
197                free(p15card->label);
198        p15card->label = (char *) malloc(strlen(CARD_LABEL) + 1);
199        if (!p15card->label)
200                return SC_ERROR_INTERNAL;
201        strcpy(p15card->label, CARD_LABEL);
202
203        /* set certs */
204        for (i = 0; certs[i].label; i++) {
205                struct sc_pkcs15_cert_info cert_info;
206                struct sc_pkcs15_object    cert_obj;
207
208                memset(&cert_info, 0, sizeof(cert_info));
209                memset(&cert_obj,  0, sizeof(cert_obj));
210
211                sc_pkcs15_format_id(certs[i].id, &cert_info.id);
212                cert_info.authority = certs[i].authority;
213                sc_format_path(certs[i].path, &cert_info.path);
214                if (!get_cert_len(card, &cert_info.path))
215                        /* skip errors */
216                        continue;
217
218                strlcpy(cert_obj.label, certs[i].label, sizeof(cert_obj.label));
219                cert_obj.flags = certs[i].obj_flags;
220
221                r = sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
222                if (r < 0)
223                        return SC_ERROR_INTERNAL;
224        }
225        /* set pins */
226        for (i = 0; pins[i].label; i++) {
227                struct sc_pkcs15_pin_info pin_info;
228                struct sc_pkcs15_object   pin_obj;
229
230                memset(&pin_info, 0, sizeof(pin_info));
231                memset(&pin_obj,  0, sizeof(pin_obj));
232
233                sc_pkcs15_format_id(pins[i].id, &pin_info.auth_id);
234                pin_info.reference     = pins[i].ref;
235                pin_info.flags         = pins[i].flags;
236                pin_info.type          = pins[i].type;
237                pin_info.min_length    = pins[i].minlen;
238                pin_info.stored_length = pins[i].storedlen;
239                pin_info.max_length    = pins[i].maxlen;
240                pin_info.pad_char      = pins[i].pad_char;
241                sc_format_path(pins[i].path, &pin_info.path);
242                pin_info.tries_left    = -1;
243
244                strlcpy(pin_obj.label, pins[i].label, sizeof(pin_obj.label));
245                pin_obj.flags = pins[i].obj_flags;
246
247                r = sc_pkcs15emu_add_pin_obj(p15card, &pin_obj, &pin_info);
248                if (r < 0)
249                        return SC_ERROR_INTERNAL;
250        }
251        /* set private keys */
252        for (i = 0; prkeys[i].label; i++) {
253                struct sc_pkcs15_prkey_info prkey_info;
254                struct sc_pkcs15_object     prkey_obj;
255
256                memset(&prkey_info, 0, sizeof(prkey_info));
257                memset(&prkey_obj,  0, sizeof(prkey_obj));
258
259                sc_pkcs15_format_id(prkeys[i].id, &prkey_info.id);
260                prkey_info.usage         = prkeys[i].usage;
261                prkey_info.native        = 1;
262                prkey_info.key_reference = prkeys[i].ref;
263                prkey_info.modulus_length= prkeys[i].modulus_len;
264                sc_format_path(prkeys[i].path, &prkey_info.path);
265
266                strlcpy(prkey_obj.label, prkeys[i].label, sizeof(prkey_obj.label));
267                prkey_obj.flags = prkeys[i].obj_flags;
268                if (prkeys[i].auth_id)
269                        sc_pkcs15_format_id(prkeys[i].auth_id, &prkey_obj.auth_id);
270
271                r = sc_pkcs15emu_add_rsa_prkey(p15card, &prkey_obj, &prkey_info);
272                if (r < 0)
273                        return SC_ERROR_INTERNAL;
274        }
275               
276        /* select the application DF */
277        sc_format_path("DF71", &path);
278        r = sc_select_file(card, &path, &file);
279        if (r != SC_SUCCESS || !file)
280                return SC_ERROR_INTERNAL;
281        /* set the application DF */
282        if (p15card->file_app)
283                free(p15card->file_app);
284        p15card->file_app = file;
285
286        return SC_SUCCESS;
287}
288
289int sc_pkcs15emu_atrust_acos_init_ex(sc_pkcs15_card_t *p15card,
290                                  sc_pkcs15emu_opt_t *opts)
291{
292
293        if (opts && opts->flags & SC_PKCS15EMU_FLAGS_NO_CHECK)
294                return sc_pkcs15emu_atrust_acos_init(p15card);
295        else {
296                int r = acos_detect_card(p15card);
297                if (r)
298                        return SC_ERROR_WRONG_CARD;
299                return sc_pkcs15emu_atrust_acos_init(p15card);
300        }
301}
Note: See TracBrowser for help on using the browser.