/** starcos_process_acl
* \param card pointer to the sc_card object
* \param file pointer to the sc_file object
* \param data pointer to a sc_starcos_create_data structure
* \return SC_SUCCESS if no error occured otherwise error code
*
* This function tries to create a somewhat useable Starcos spk 2.3 acl
* from the OpenSC internal acl (storing the result in the supplied
* sc_starcos_create_data structure).
*/
static int starcos_process_acl(sc_card_t *card, sc_file_t *file,
sc_starcos_create_data *data)
{
u8 tmp, *p;
static const u8 def_key[] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08};
if (file->type == SC_FILE_TYPE_DF && file->id == 0x3f00) {
p = data->data.mf.header;
memcpy(p, def_key, 8);
p += 8;
*p++ = (file->size >> 8) & 0xff;
*p++ = file->size & 0xff;
/* guess isf size (mf_size / 4) */
*p++ = (file->size >> 10) & 0xff;
*p++ = (file->size >> 2) & 0xff;
/* ac create ef */
*p++ = process_acl_entry(file,SC_AC_OP_CREATE,STARCOS_AC_ALWAYS);
/* ac create key */
*p++ = process_acl_entry(file,SC_AC_OP_CREATE,STARCOS_AC_ALWAYS);
/* ac create df */
*p++ = process_acl_entry(file,SC_AC_OP_CREATE,STARCOS_AC_ALWAYS);
/* use the same ac for register df and create df */
*p++ = data->data.mf.header[14];
/* if sm is required use combined mode */
if (file->acl[SC_AC_OP_CREATE] && (sc_file_get_acl_entry(file, SC_AC_OP_CREATE))->method & SC_AC_PRO)
tmp = 0x03; /* combinde mode */
else
tmp = 0x00; /* no sm */
*p++ = tmp; /* use the same sm mode for all ops */
*p++ = tmp;
*p = tmp;
data->type = SC_STARCOS_MF_DATA;
return SC_SUCCESS;
} else if (file->type == SC_FILE_TYPE_DF) {
static int entersafe_create_file(sc_card_t *card, sc_file_t *file)
{
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
if (file->type == SC_FILE_TYPE_WORKING_EF) {
sc_entersafe_create_data data;
memset(&data,0,sizeof(data));
data.data.ef.file_id[0] = (file->id>>8)&0xFF;
data.data.ef.file_id[1] = file->id&0xFF;
data.data.ef.size[0] = (file->size>>8)&0xFF;
data.data.ef.size[1] = file->size&0xFF;
memset(data.data.ef.ac,ENTERSAFE_AC_ALWAYS,sizeof(data.data.ef.ac));
data.data.ef.ac[0] = process_acl_entry(file,SC_AC_OP_READ,ENTERSAFE_AC_ALWAYS);
data.data.ef.ac[1] = process_acl_entry(file,SC_AC_OP_UPDATE,ENTERSAFE_AC_ALWAYS);
return entersafe_create_ef(card, &data);
} else
static int entersafe_create_dir(sc_profile_t *profile, sc_pkcs15_card_t *p15card,
sc_file_t *df)
{
struct sc_card *card = p15card->card;
int ret;
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
{/* df */
sc_entersafe_create_data df_data;
df_data.type = SC_ENTERSAFE_DF_DATA;
df_data.data.df.file_id[0]=(df->id >> 8) & 0xFF;
df_data.data.df.file_id[1]=df->id & 0xFF;
df_data.data.df.file_count=0x30;
df_data.data.df.flag=0x01;
df_data.data.df.ikf_size[0]=(df->size>>8)&0xFF;
df_data.data.df.ikf_size[1]=df->size&0xFF;
df_data.data.df.create_ac=0x10;
df_data.data.df.append_ac=0xC0;
df_data.data.df.lock_ac=0x10;
memcpy(df_data.data.df.aid,df->name,df->namelen);
ret = sc_card_ctl(card, SC_CARDCTL_ENTERSAFE_CREATE_FILE, &df_data);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,ret,"Crate DF failed");
}
{/* GPKF */
sc_file_t *gpkf_file;
sc_entersafe_create_data ef_data;
/* get p15_gpkf profile */
ret = sc_profile_get_file(profile, "p15_gpkf", &gpkf_file);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,ret,"Get GPKF info failed");
ef_data.type=SC_ENTERSAFE_EF_DATA;
ef_data.data.ef.file_id[0]=(gpkf_file->id>>8)&0xFF;
ef_data.data.ef.file_id[1]=gpkf_file->id&0xFF;
ef_data.data.ef.size[0]=(gpkf_file->size>>8)&0xFF;
ef_data.data.ef.size[1]=gpkf_file->size&0xFF;
ef_data.data.ef.attr[0]=0x15;
ef_data.data.ef.attr[1]=0x80;
ef_data.data.ef.name=0x00;
memset(ef_data.data.ef.ac,0x10,sizeof(ef_data.data.ef.ac));
memset(ef_data.data.ef.sm,0x00,sizeof(ef_data.data.ef.sm));
sc_file_free(gpkf_file);
ret = sc_card_ctl(card, SC_CARDCTL_ENTERSAFE_CREATE_FILE, &ef_data);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,ret,"Create GPKF failed");
}
{/* p15 efs */
const char * create_efs[]={
"PKCS15-ODF",
"PKCS15-TokenInfo",
"PKCS15-UnusedSpace",
"PKCS15-AODF",
"PKCS15-PrKDF",
"PKCS15-PuKDF",
"PKCS15-CDF",
"PKCS15-DODF",
NULL,
};
int i;
sc_file_t *file=0;
sc_entersafe_create_data tmp;
for(i = 0; create_efs[i]; ++i) {
if (sc_profile_get_file(profile, create_efs[i], &file)) {
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Inconsistent profile: cannot find %s", create_efs[i]);
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE,SC_ERROR_INCONSISTENT_PROFILE);
}
tmp.type=SC_ENTERSAFE_EF_DATA;
tmp.data.ef.file_id[0]=(file->id>>8)&0xFF;
tmp.data.ef.file_id[1]=file->id&0xFF;
tmp.data.ef.size[0]=(file->size>>8)&0xFF;
tmp.data.ef.size[1]=file->size&0xFF;
tmp.data.ef.attr[0]=0x00;
tmp.data.ef.attr[1]=0x00;
tmp.data.ef.name=0x00;
memset(tmp.data.ef.ac,ENTERSAFE_AC_ALWAYS,sizeof(tmp.data.ef.ac));
tmp.data.ef.ac[0]=process_acl_entry(file,SC_AC_OP_READ,ENTERSAFE_AC_ALWAYS); /* read */
tmp.data.ef.ac[1]=process_acl_entry(file,SC_AC_OP_UPDATE,ENTERSAFE_AC_ALWAYS); /* update */
memset(tmp.data.ef.sm,0x00,sizeof(tmp.data.ef.sm));
sc_file_free(file);
ret = sc_card_ctl(card, SC_CARDCTL_ENTERSAFE_CREATE_FILE, &tmp);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,ret,"Create pkcs15 file failed");
}
}
{/* Preinstall keys */
ret = sc_card_ctl(card, SC_CARDCTL_ENTERSAFE_PREINSTALL_KEYS, 0);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL,ret,"Preinstall keys failed");
}
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE,ret);
}