root/trunk/src/libopensc/pkcs15-openpgp.c

Revision 3405, 6.9 KB (checked in by alonbl, 9 months ago)

Complete rewrite of OpenSC build system.

1. Build system now supports MinGW (Windows) compilation using msys and cross compilation.
2. Ability to explicitly disable and enable dependencies of the package.
3. openct, pcsc and nsplugins features are disabled by default.
4. Modified pcsc driver to use pcsc dynamically, no compile time dependency is required.
5. --enable-pcsc-lite configuration option renamed to --enable-pcsc.
6. Install opensc.conf file (as opensc.conf.new if opensc.conf exists).
7. Add--enable-doc configuration option, allow installing documentation into target.
8. Add --disable-man configuration option, allow msys mingw32 users to

build from svn without extra dependencies.

9. Add export files to each library in order to export only required symbols.

Windows native build may use these files instead of scanning objects' symbols.

10. Add opensc-tool --info to display some general information about the build.
11. Create compatibility library to be linked against library instread of recompiling the

same source files in different places.

12. Add different win32 version resource to each class of outputs.
13. Make xsl-stylesheets location selectable.
14. Some win32 fixups.
15. Some warning fixups.
16. Many other autoconf/automake cleanups.

Alon Bar-Lev

svn diff -r 3315:3399 https://www.opensc-project.org/svn/opensc/branches/alonbl/mingw

_M .
D configure.in
_M src
_M src/openssh
M src/openssh/Makefile.am
_M src/tools
M src/tools/rutoken-tool.c
M src/tools/opensc-tool.c
M src/tools/cardos-info.c
M src/tools/pkcs15-crypt.c
M src/tools/pkcs15-init.c
M src/tools/piv-tool.c
M src/tools/netkey-tool.c
M src/tools/eidenv.c
M src/tools/cryptoflex-tool.c
M src/tools/util.c
M src/tools/pkcs11-tool.c
M src/tools/pkcs15-tool.c
M src/tools/util.h
M src/tools/opensc-explorer.c
M src/tools/Makefile.am
_M src/pkcs11
M src/pkcs11/pkcs11-global.c
M src/pkcs11/framework-pkcs15.c
M src/pkcs11/mechanism.c
M src/pkcs11/pkcs11-display.c
M src/pkcs11/pkcs11-object.c
A src/pkcs11/opensc-pkcs11.exports
M src/pkcs11/sc-pkcs11.h
M src/pkcs11/pkcs11-spy.c
M src/pkcs11/openssl.c
M src/pkcs11/Makefile.am
A src/pkcs11/pkcs11-spy.exports
_M src/tests
_M src/tests/regression
M src/tests/regression/Makefile.am
M src/tests/sc-test.c
M src/tests/pintest.c
M src/tests/Makefile.am
_M src/include
_M src/include/opensc
M src/include/opensc/Makefile.am
A src/include/opensc/svnignore
M src/include/Makefile.am
_M src/signer
_M src/signer/npinclude
M src/signer/npinclude/Makefile.am
M src/signer/Makefile.am
A src/signer/signer.exports
_M src/common
A src/common/compat_dummy.c
D src/common/getopt.txt
D src/common/strlcpy.c
D src/common/LICENSE
A src/common/compat_getopt.txt
A src/common/compat_strlcpy.c
A src/common/LICENSE.compat_getopt
A src/common/compat_getopt.c
D src/common/strlcpy.h
D src/common/ChangeLog
D src/common/getpass.c
D src/common/my_getopt.c
A src/common/compat_strlcpy.h
A src/common/compat_getpass.c
A src/common/compat_getopt.h
A src/common/ChangeLog.compat_getopt
D src/common/README.strlcpy
D src/common/my_getopt.h
A src/common/compat_getpass.h
A src/common/README.compat_strlcpy
D src/common/strlcpy.3
A src/common/README.compat_getopt
D src/common/getopt.3
D src/common/README.my_getopt
A src/common/compat_strlcpy.3
A src/common/compat_getopt.3
M src/common/Makefile.am
M src/Makefile.am
_M src/pkcs15init
M src/pkcs15init/pkcs15-oberthur.c
M src/pkcs15init/profile.c
M src/pkcs15init/pkcs15-lib.c
M src/pkcs15init/pkcs15-rutoken.c
A src/pkcs15init/pkcs15init.exports
M src/pkcs15init/pkcs15-gpk.c
M src/pkcs15init/Makefile.am
_M src/scconf
M src/scconf/Makefile.am
M src/scconf/parse.c
A src/scconf/scconf.exports
_M src/libopensc
M src/libopensc/card-rutoken.c
M src/libopensc/compression.c
M src/libopensc/sc.c
M src/libopensc/card-piv.c
M src/libopensc/pkcs15-openpgp.c
M src/libopensc/pkcs15-postecert.c
M src/libopensc/pkcs15-tcos.c
M src/libopensc/opensc-config.in
M src/libopensc/reader-pcsc.c
A src/libopensc/internal-winscard.h
M src/libopensc/ctx.c
A src/libopensc/libopensc.exports
M src/libopensc/pkcs15-piv.c
M src/libopensc/pkcs15-infocamere.c
M src/libopensc/internal.h
M src/libopensc/pkcs15-actalis.c
M src/libopensc/pkcs15-starcert.c
M src/libopensc/card-oberthur.c
M src/libopensc/pkcs15-atrust-acos.c
M src/libopensc/p15card-helper.c
D src/libopensc/part10.h
M src/libopensc/ui.c
M src/libopensc/card-gpk.c
M src/libopensc/pkcs15-wrap.c
M src/libopensc/pkcs15-gemsafeGPK.c
M src/libopensc/log.c
M src/libopensc/pkcs15-esteid.c
M src/libopensc/pkcs15-prkey-rutoken.c
M src/libopensc/log.h
M src/libopensc/Makefile.am
M src/libopensc/reader-openct.c
_M aclocal
M aclocal/Makefile.am
_M win32
M win32/Makefile.am
A win32/versioninfo.rc.in
A win32/ltrc.inc
A configure.ac
_M doc
_M doc/tools
M doc/tools/pkcs15-profile.xml
D doc/changelog.sh
D doc/export-wiki.xsl
_M doc/api
_M doc/api/file
M doc/api/man.xsl
_M doc/api/asn1
_M doc/api/apps
_M doc/api/init
_M doc/api/types
_M doc/api/card
M doc/api/html.xsl
_M doc/api/misc
_M doc/api/util
M doc/Makefile.am
D doc/export-wiki.sh
AM doc/nonpersistent
A doc/nonpersistent/export-wiki.xsl
A doc/nonpersistent/Makefile.am
A doc/nonpersistent/export-wiki.sh
A doc/nonpersistent/svn2cl.xsl
D doc/generate-man.sh
D doc/svn2cl.xsl
M Makefile.am
A svnignore
_M etc
M etc/opensc.conf.in
M etc/Makefile.am
D man
_M solaris
M solaris/Makefile
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1/*
2 * PKCS15 emulation layer for OpenPGP card.
3 * To see how this works, run p15dump on your OpenPGP card.
4 *
5 * Copyright (C) 2003, Olaf Kirch <okir@suse.de>
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
20 */
21
22#include "internal.h"
23#include <opensc/pkcs15.h>
24#include <opensc/log.h>
25#include <stdlib.h>
26#include <string.h>
27#include <stdio.h>
28#include <assert.h>
29#include <compat_strlcpy.h>
30
31int sc_pkcs15emu_openpgp_init_ex(sc_pkcs15_card_t *, sc_pkcs15emu_opt_t *);
32
33static const char *     pgp_pin_name[3] = {
34                                "Signature PIN",
35                                "Encryption PIN",
36                                "Admin PIN"
37                        };
38static const char *     pgp_key_name[3] = {
39                                "Signature key",
40                                "Encryption key",
41                                "Authentication key"
42                        };
43static const char *     pgp_pubkey_path[3] = {
44                                "B601",
45                                "B801",
46                                "A401"
47                        };
48
49static void
50set_string(char **strp, const char *value)
51{
52        if (*strp)
53                free(*strp);
54        *strp = value? strdup(value) : NULL;
55}
56
57/*
58 * This function pretty much follows what find_tlv in the GNUpg
59 * code does.
60 */
61static int
62read_file(sc_card_t *card, const char *path_name, void *buf, size_t len)
63{
64        sc_path_t       path;
65        sc_file_t       *file;
66        int             r;
67
68        sc_format_path(path_name, &path);
69        if ((r = sc_select_file(card, &path, &file)) < 0)
70                return r;
71
72        if (file->size < len)
73                len = file->size;
74        return sc_read_binary(card, 0, (u8 *) buf, len, 0);
75}
76
77static int
78sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
79{
80        sc_card_t       *card = p15card->card;
81        sc_context_t    *ctx = card->ctx;
82        char            string[256];
83        u8              buffer[256];
84        size_t          length;
85        int             r, i;
86
87        set_string(&p15card->label, "OpenPGP Card");
88        set_string(&p15card->manufacturer_id, "OpenPGP project");
89
90        if ((r = read_file(card, "004f", buffer, sizeof(buffer))) < 0)
91                goto failed;
92        sc_bin_to_hex(buffer, (size_t)r, string, sizeof(string), 0);
93        set_string(&p15card->serial_number, string);
94        p15card->version = (buffer[6] << 8) | buffer[7];
95
96        p15card->flags = SC_PKCS15_CARD_FLAG_LOGIN_REQUIRED |
97                         SC_PKCS15_CARD_FLAG_PRN_GENERATION |
98                         SC_PKCS15_CARD_FLAG_EID_COMPLIANT;
99
100        /* Extract preferred language */
101        r = read_file(card, "00655f2d", string, sizeof(string)-1);
102        if (r < 0)
103                goto failed;
104        string[r] = '\0';
105        set_string(&p15card->preferred_language, string);
106
107        /* Get Application Related Data (006E) */
108        if ((r = sc_get_data(card, 0x006E, buffer, sizeof(buffer))) < 0)
109                goto failed;
110        length = r;
111
112        /* TBD: extract algorithm info */
113
114        /* Get CHV status bytes:
115         *  00:         ??
116         *  01-03:      max length of pins 1-3
117         *  04-07:      tries left for pins 1-3
118         */
119        if ((r = read_file(card, "006E007300C4", buffer, sizeof(buffer))) < 0)
120                goto failed;
121        if (r != 7) {
122                sc_error(ctx,
123                        "CHV status bytes have unexpected length "
124                        "(expected 7, got %d)\n", r);
125                return SC_ERROR_OBJECT_NOT_VALID;
126        }
127
128        for (i = 0; i < 3; i++) {
129                unsigned int    flags;
130
131                struct sc_pkcs15_pin_info pin_info;
132                struct sc_pkcs15_object   pin_obj;
133
134                memset(&pin_info, 0, sizeof(pin_info));
135                memset(&pin_obj,  0, sizeof(pin_obj));
136
137                flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE |
138                        SC_PKCS15_PIN_FLAG_INITIALIZED |
139                        SC_PKCS15_PIN_FLAG_LOCAL;
140                if (i == 2) {
141                        flags |= SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED |
142                                 SC_PKCS15_PIN_FLAG_SO_PIN;
143                }
144
145                pin_info.auth_id.len   = 1;
146                pin_info.auth_id.value[0] = i + 1;
147                pin_info.reference     = i + 1;
148                pin_info.flags         = flags;
149                pin_info.type          = SC_PKCS15_PIN_TYPE_ASCII_NUMERIC;
150                pin_info.min_length    = 0;
151                pin_info.stored_length = buffer[1+i];
152                pin_info.max_length    = buffer[1+i];
153                pin_info.pad_char      = '\0';
154                sc_format_path("3F00", &pin_info.path);
155                pin_info.tries_left    = buffer[4+i];
156
157                strlcpy(pin_obj.label, pgp_pin_name[i], sizeof(pin_obj.label));
158                pin_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE | SC_PKCS15_CO_FLAG_PRIVATE;
159
160                r = sc_pkcs15emu_add_pin_obj(p15card, &pin_obj, &pin_info);
161                if (r < 0)
162                        return SC_ERROR_INTERNAL;
163        }
164
165        for (i = 0; i < 3; i++) {
166                static int      prkey_pin[3] = { 1, 2, 2 };
167                static int      prkey_usage[3] = {
168                                        SC_PKCS15_PRKEY_USAGE_SIGN
169                                        | SC_PKCS15_PRKEY_USAGE_SIGNRECOVER
170                                        | SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
171                                        SC_PKCS15_PRKEY_USAGE_DECRYPT
172                                        | SC_PKCS15_PRKEY_USAGE_UNWRAP,
173                                        SC_PKCS15_PRKEY_USAGE_NONREPUDIATION
174                                };
175
176                struct sc_pkcs15_prkey_info prkey_info;
177                struct sc_pkcs15_object     prkey_obj;
178
179                memset(&prkey_info, 0, sizeof(prkey_info));
180                memset(&prkey_obj,  0, sizeof(prkey_obj));
181
182                prkey_info.id.len        = 1;
183                prkey_info.id.value[0]   = i + 1;
184                prkey_info.usage         = prkey_usage[i];
185                prkey_info.native        = 1;
186                prkey_info.key_reference = i;
187                prkey_info.modulus_length= 1024;
188
189                strlcpy(prkey_obj.label, pgp_key_name[i], sizeof(prkey_obj.label));
190                prkey_obj.flags = SC_PKCS15_CO_FLAG_PRIVATE | SC_PKCS15_CO_FLAG_MODIFIABLE;
191                prkey_obj.auth_id.len      = 1;
192                prkey_obj.auth_id.value[0] = prkey_pin[i];
193
194                r = sc_pkcs15emu_add_rsa_prkey(p15card, &prkey_obj, &prkey_info);
195                if (r < 0)
196                        return SC_ERROR_INTERNAL;
197        }
198
199        for (i = 0; i < 3; i++) {
200                static int      pubkey_usage[3] = {
201                                        SC_PKCS15_PRKEY_USAGE_VERIFY
202                                        | SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER,
203                                        SC_PKCS15_PRKEY_USAGE_ENCRYPT
204                                        | SC_PKCS15_PRKEY_USAGE_WRAP,
205                                        SC_PKCS15_PRKEY_USAGE_VERIFY
206                                };
207
208                struct sc_pkcs15_pubkey_info pubkey_info;
209                struct sc_pkcs15_object      pubkey_obj;
210
211                memset(&pubkey_info, 0, sizeof(pubkey_info));
212                memset(&pubkey_obj,  0, sizeof(pubkey_obj));
213
214                pubkey_info.id.len = 1;
215                pubkey_info.id.value[0] = i +1;
216                pubkey_info.modulus_length = 1024;
217                pubkey_info.usage    = pubkey_usage[i];
218                sc_format_path(pgp_pubkey_path[i], &pubkey_info.path);
219
220                strlcpy(pubkey_obj.label, pgp_key_name[i], sizeof(pubkey_obj.label));
221                pubkey_obj.auth_id.len      = 1;
222                pubkey_obj.auth_id.value[0] = 3;
223                pubkey_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
224
225                r = sc_pkcs15emu_add_rsa_pubkey(p15card, &pubkey_obj, &pubkey_info);
226                if (r < 0)
227                        return SC_ERROR_INTERNAL;
228        }
229
230        return 0;
231
232failed: sc_error(card->ctx, "Failed to initialize OpenPGP emulation: %s\n",
233                        sc_strerror(r));
234        return r;
235}
236
237static int openpgp_detect_card(sc_pkcs15_card_t *p15card)
238{
239        return strcmp(p15card->card->name, "OpenPGP");
240}
241
242int sc_pkcs15emu_openpgp_init_ex(sc_pkcs15_card_t *p15card,
243                                 sc_pkcs15emu_opt_t *opts)
244{
245        if (opts && opts->flags & SC_PKCS15EMU_FLAGS_NO_CHECK)
246                return sc_pkcs15emu_openpgp_init(p15card);
247        else {
248                int r = openpgp_detect_card(p15card);
249                if (r)
250                        return SC_ERROR_WRONG_CARD;
251                return sc_pkcs15emu_openpgp_init(p15card);
252        }
253}
Note: See TracBrowser for help on using the browser.