C++ (Cpp) sc_pkcs15_parse_df примеры использования

Пример #1

Файл: pkcs15-dnie.c Проект: jachimsevero/OpenSC

static int sc_pkcs15emu_dnie_init(sc_pkcs15_card_t * p15card)
{
	u8 buf[1024];
	sc_pkcs15_df_t *df;
	sc_pkcs15_object_t *p15_obj;
	size_t len = sizeof(buf);
	int rv;

	sc_context_t *ctx = p15card->card->ctx;
	LOG_FUNC_CALLED(ctx);

	/* Check for correct card driver (i.e. iso7816) */
	if (strcmp(p15card->card->driver->short_name, "dnie") != 0)
		return SC_ERROR_WRONG_CARD;

	/* Check for correct card atr */
	if (dnie_match_card(p15card->card) != 1)
		return SC_ERROR_WRONG_CARD;

	/* Set root path of this application */
	p15card->file_app = sc_file_new();
	sc_format_path("3F00", &p15card->file_app->path);

	/* Load TokenInfo */
	rv = dump_ef(p15card->card, "3F0050155032", buf, &len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Reading of EF.TOKENINFO failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}
	rv = sc_pkcs15_parse_tokeninfo(p15card->card->ctx, p15card->tokeninfo,
				       buf, len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Decoding of EF.TOKENINFO failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}

	/* Only accept the original stuff */
	if (strcmp(p15card->tokeninfo->manufacturer_id, "DGP-FNMT") != 0)
		LOG_FUNC_RETURN(ctx, SC_ERROR_WRONG_CARD);

	/* Load ODF */
	rv = dump_ef(p15card->card, "3F0050155031", buf, &len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Reading of ODF failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}
	rv = parse_odf(buf, len, p15card);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Decoding of ODF failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}

	/* Decode EF.PrKDF, EF.PuKDF and EF.CDF */
	for (df = p15card->df_list; df != NULL; df = df->next) {
		if (df->type == SC_PKCS15_PRKDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.PrKDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_PUKDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.PuKDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_CDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.CDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_DODF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.DODF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
	}

	/* Perform required fixes */
	p15_obj = p15card->obj_list;
	while (p15_obj != NULL) {
		/* Add missing 'auth_id' to private objects */
		if ((p15_obj->flags & SC_PKCS15_CO_FLAG_PRIVATE)
		    && (p15_obj->auth_id.len == 0)) {
			p15_obj->auth_id.value[0] = 0x01;
			p15_obj->auth_id.len = 1;
		}
		/* Remove found public keys as cannot be read_binary()'d */
		if ( p15_obj->df && (p15_obj->df->type == SC_PKCS15_PUKDF) ) {
			sc_pkcs15_object_t *puk = p15_obj;
			p15_obj = p15_obj->next;
			sc_pkcs15_remove_object(p15card, puk);
			sc_pkcs15_free_object(puk);
                } else {
			p15_obj = p15_obj->next;
		}
	}
	
	LOG_FUNC_RETURN(ctx, SC_SUCCESS);
}

Пример #2

Файл: pkcs15-pteid.c Проект: AktivCo/OpenSC

static int sc_pkcs15emu_pteid_init(sc_pkcs15_card_t * p15card)
{
	u8 buf[1024];
	sc_pkcs15_df_t *df;
	sc_pkcs15_object_t *p15_obj;
	sc_path_t path;
	struct sc_file *file = NULL;
	size_t len;
	int rv;
	int i;

	sc_context_t *ctx = p15card->card->ctx;
	LOG_FUNC_CALLED(ctx);

	/* Check for correct card atr */
	if (pteid_detect_card(p15card->card) != SC_SUCCESS)
		return SC_ERROR_WRONG_CARD;

	sc_log(p15card->card->ctx, "Selecting application DF");
	sc_format_path("4F00", &path);
	rv = sc_select_file(p15card->card, &path, &file);
	if (rv != SC_SUCCESS || !file)
		return SC_ERROR_INTERNAL;
	/* set the application DF */
	if (p15card->file_app)
		free(p15card->file_app);
	p15card->file_app = file;

	/* Load TokenInfo */
	len = sizeof(buf);
	rv = dump_ef(p15card->card, "4F005032", buf, &len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Reading of EF.TOKENINFO failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}
	memset(p15card->tokeninfo, 0, sizeof(*p15card->tokeninfo));
	rv = sc_pkcs15_parse_tokeninfo(p15card->card->ctx, p15card->tokeninfo,
				       buf, len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Decoding of EF.TOKENINFO failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}

	p15card->tokeninfo->flags |= SC_PKCS15_TOKEN_PRN_GENERATION
				  | SC_PKCS15_TOKEN_EID_COMPLIANT
				  | SC_PKCS15_TOKEN_READONLY;

	/* Load ODF */
	len = sizeof(buf);
	rv = dump_ef(p15card->card, "4F005031", buf, &len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Reading of ODF failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}
	rv = parse_odf(buf, len, p15card);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Decoding of ODF failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}

	/* Decode EF.PrKDF, EF.PuKDF, EF.CDF and EF.AODF */
	for (df = p15card->df_list; df != NULL; df = df->next) {
		if (df->type == SC_PKCS15_PRKDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.PrKDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_PUKDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.PuKDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_CDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.CDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_AODF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.AODF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
	}

	p15_obj = p15card->obj_list;
	while (p15_obj != NULL) {
		if ( p15_obj->df && (p15_obj->df->type == SC_PKCS15_PRKDF) ) {
			struct sc_pkcs15_prkey_info *prkey_info = (sc_pkcs15_prkey_info_t *) p15_obj->data;
			prkey_info->access_flags = SC_PKCS15_PRKEY_ACCESS_SENSITIVE
					| SC_PKCS15_PRKEY_ACCESS_ALWAYSSENSITIVE
					| SC_PKCS15_PRKEY_ACCESS_NEVEREXTRACTABLE
					| SC_PKCS15_PRKEY_ACCESS_LOCAL;
			p15_obj->flags = SC_PKCS15_CO_FLAG_PRIVATE;
		}


		if ( p15_obj->df && (p15_obj->df->type == SC_PKCS15_AODF) ) {
			static const char *pteid_pin_names[3] = {
			    "Auth PIN",
			    "Sign PIN",
			    "Address PIN"
			};

			struct sc_pin_cmd_data pin_cmd_data;
			struct sc_pkcs15_auth_info *pin_info = (sc_pkcs15_auth_info_t *) p15_obj->data;

			strlcpy(p15_obj->label, pteid_pin_names[pin_info->auth_id.value[0]-1], sizeof(p15_obj->label));

			pin_info->attrs.pin.flags |= SC_PKCS15_PIN_FLAG_NEEDS_PADDING;
			pin_info->tries_left = -1;
			pin_info->max_tries = 3;
			pin_info->auth_method = SC_AC_CHV;

			memset(&pin_cmd_data, 0, sizeof(pin_cmd_data));
			pin_cmd_data.cmd = SC_PIN_CMD_GET_INFO;
			pin_cmd_data.pin_type = pin_info->attrs.pin.type;
			pin_cmd_data.pin_reference = pin_info->attrs.pin.reference;
			rv = sc_pin_cmd(p15card->card, &pin_cmd_data, NULL);
			if (rv == SC_SUCCESS) {
				pin_info->tries_left = pin_cmd_data.pin1.tries_left;
				pin_info->logged_in = pin_cmd_data.pin1.logged_in;
			}
		}
		/* Remove found public keys as cannot be read_binary()'d */
		if ( p15_obj->df && (p15_obj->df->type == SC_PKCS15_PUKDF) ) {
			sc_pkcs15_object_t *puk = p15_obj;
			p15_obj = p15_obj->next;
			sc_pkcs15_remove_object(p15card, puk);
			sc_pkcs15_free_object(puk);
		} else {
			p15_obj = p15_obj->next;
		}
	}

	/* Add data objects */
	for (i = 0; i < 5; i++) {
		static const char *object_labels[5] = {
			"Trace",
			"Citizen Data",
			"Citizen Address Data",
			"SOd",
			"Citizen Notepad",
		};
		static const char *object_authids[5] = {NULL, NULL, "3", NULL, NULL};
		static const char *object_paths[5] = {
			"3f000003",
			"3f005f00ef02",
			"3f005f00ef05",
			"3f005f00ef06",
			"3f005f00ef07",
		};
		static const int object_flags[5] = {
			0,
			0,
			SC_PKCS15_CO_FLAG_PRIVATE,
			0,
			0,
		};
		struct sc_pkcs15_data_info obj_info;
		struct sc_pkcs15_object obj_obj;

		memset(&obj_info, 0, sizeof(obj_info));
		memset(&obj_obj, 0, sizeof(obj_obj));

		sc_format_path(object_paths[i], &obj_info.path);
		strlcpy(obj_info.app_label, object_labels[i], SC_PKCS15_MAX_LABEL_SIZE);
		if (object_authids[i] != NULL)
			sc_pkcs15_format_id(object_authids[i], &obj_obj.auth_id);
		strlcpy(obj_obj.label, object_labels[i], SC_PKCS15_MAX_LABEL_SIZE);
		obj_obj.flags = object_flags[i];

		rv = sc_pkcs15emu_object_add(p15card, SC_PKCS15_TYPE_DATA_OBJECT, &obj_obj, &obj_info);
		if (rv != SC_SUCCESS){
			sc_log(ctx, "Object add failed: %d", rv);
			break;
		}
	}

	LOG_FUNC_RETURN(ctx, SC_SUCCESS);
}

Пример #3

Файл: pkcs15.c Проект: guadalinex-archive/guadalinex-v5

static int
__sc_pkcs15_search_objects(sc_pkcs15_card_t *p15card,
			unsigned int class_mask, unsigned int type,
			int (*func)(sc_pkcs15_object_t *, void *),
                        void *func_arg,
			sc_pkcs15_object_t **ret, size_t ret_size)
{
	sc_pkcs15_object_t *obj;
	sc_pkcs15_df_t	*df;
	unsigned int	df_mask = 0;
	size_t		match_count = 0;
	int		r = 0;

	if (type)
		class_mask |= SC_PKCS15_TYPE_TO_CLASS(type);

	/* Make sure the class mask we have makes sense */
	if (class_mask == 0
	 || (class_mask & ~(SC_PKCS15_SEARCH_CLASS_PRKEY |
			    SC_PKCS15_SEARCH_CLASS_PUBKEY |
			    SC_PKCS15_SEARCH_CLASS_CERT |
			    SC_PKCS15_SEARCH_CLASS_DATA |
			    SC_PKCS15_SEARCH_CLASS_AUTH))) {
		return SC_ERROR_INVALID_ARGUMENTS;
	}

	if (class_mask & SC_PKCS15_SEARCH_CLASS_PRKEY)
		df_mask |= (1 << SC_PKCS15_PRKDF);
	if (class_mask & SC_PKCS15_SEARCH_CLASS_PUBKEY)
		df_mask |= (1 << SC_PKCS15_PUKDF)
			 | (1 << SC_PKCS15_PUKDF_TRUSTED);
	if (class_mask & SC_PKCS15_SEARCH_CLASS_CERT)
		df_mask |= (1 << SC_PKCS15_CDF)
			 | (1 << SC_PKCS15_CDF_TRUSTED)
			 | (1 << SC_PKCS15_CDF_USEFUL);
	if (class_mask & SC_PKCS15_SEARCH_CLASS_DATA)
		df_mask |= (1 << SC_PKCS15_DODF);
	if (class_mask & SC_PKCS15_SEARCH_CLASS_AUTH)
		df_mask |= (1 << SC_PKCS15_AODF);

	/* Make sure all the DFs we want to search have been
	 * enumerated. */
	for (df = p15card->df_list; df != NULL; df = df->next) {
		if (!(df_mask & (1 << df->type)))
			continue;
		if (df->enumerated)
			continue;
		/* Enumerate the DF's, so p15card->obj_list is
		 * populated. */
		r = sc_pkcs15_parse_df(p15card, df);
		SC_TEST_RET(p15card->card->ctx, r, "DF parsing failed");
		df->enumerated = 1;
	}

	/* And now loop over all objects */
	for (obj = p15card->obj_list; obj != NULL; obj = obj->next) {
		/* Check object type */
		if (!(class_mask & SC_PKCS15_TYPE_TO_CLASS(obj->type)))
			continue;
		if (type != 0
		 && obj->type != type
		 && (obj->type & SC_PKCS15_TYPE_CLASS_MASK) != type)
			continue;

		/* Potential candidate, apply search function */
		if (func != NULL && func(obj, func_arg) <= 0)
			continue;
		/* Okay, we have a match. */
		match_count++;
		if (ret_size <= 0)
			continue;
		ret[match_count-1] = obj;
		if (ret_size <= match_count)
			break;
	}
	return match_count;
}

Пример #4

Файл: pkcs15-dnie.c Проект: martinpaljak/OpenSC

static int sc_pkcs15emu_dnie_init(sc_pkcs15_card_t * p15card)
{
	u8 buf[1024];
	sc_pkcs15_df_t *df;
	sc_pkcs15_object_t *p15_obj;
	size_t len = sizeof(buf);
	int rv;
	struct sc_pkcs15_cert_info *p15_info = NULL;

	sc_context_t *ctx = p15card->card->ctx;
	LOG_FUNC_CALLED(ctx);

	/* Check for correct card driver (i.e. iso7816) */
	if (strcmp(p15card->card->driver->short_name, "dnie") != 0)
		return SC_ERROR_WRONG_CARD;

	/* Check for correct card atr */
	if (dnie_match_card(p15card->card) != 1)
		return SC_ERROR_WRONG_CARD;

#ifdef ENABLE_OPENSSL
	/* The two keys inside DNIe 3.0 needs login before performing any signature.
	 * They are CKA_ALWAYS_AUTHENTICATE although they are not tagged like that.
	 * For the moment caching is forced if 3.0 is detected to make it work properly. */
	if (p15card->card->atr.value[15] >= DNIE_30_VERSION) {
		p15card->opts.use_pin_cache = 1;
		p15card->opts.pin_cache_counter = DNIE_30_CACHE_COUNTER;
		sc_log(ctx, "DNIe 3.0 detected - PKCS#15 options reset: use_file_cache=%d use_pin_cache=%d pin_cache_counter=%d pin_cache_ignore_user_consent=%d",
			p15card->opts.use_file_cache,
			p15card->opts.use_pin_cache,
			p15card->opts.pin_cache_counter,
			p15card->opts.pin_cache_ignore_user_consent);
        }
#endif

	/* Set root path of this application */
	p15card->file_app = sc_file_new();
	sc_format_path("3F00", &p15card->file_app->path);

	/* Load TokenInfo */
	rv = dump_ef(p15card->card, "3F0050155032", buf, &len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Reading of EF.TOKENINFO failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}
	rv = sc_pkcs15_parse_tokeninfo(p15card->card->ctx, p15card->tokeninfo,
				       buf, len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Decoding of EF.TOKENINFO failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}

	/* Only accept the original stuff */
	if (strcmp(p15card->tokeninfo->manufacturer_id, "DGP-FNMT") != 0)
		LOG_FUNC_RETURN(ctx, SC_ERROR_WRONG_CARD);

	/* Load ODF */
	rv = dump_ef(p15card->card, "3F0050155031", buf, &len);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Reading of ODF failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}
	rv = parse_odf(buf, len, p15card);
	if (rv != SC_SUCCESS) {
		sc_log(ctx, "Decoding of ODF failed: %d", rv);
		LOG_FUNC_RETURN(ctx, rv);
	}

	/* Decode EF.PrKDF, EF.PuKDF and EF.CDF */
	for (df = p15card->df_list; df != NULL; df = df->next) {
		if (df->type == SC_PKCS15_PRKDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.PrKDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_PUKDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.PuKDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_CDF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.CDF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
		if (df->type == SC_PKCS15_DODF) {
			rv = sc_pkcs15_parse_df(p15card, df);
			if (rv != SC_SUCCESS) {
				sc_log(ctx,
				       "Decoding of EF.DODF (%s) failed: %d",
				       sc_print_path(&df->path), rv);
			}
		}
	}

	/* Perform required fixes */
	p15_obj = p15card->obj_list;
	while (p15_obj != NULL) {
		/* Add missing 'auth_id' to private objects */
		if ((p15_obj->flags & SC_PKCS15_CO_FLAG_PRIVATE)
		    && (p15_obj->auth_id.len == 0)) {
			p15_obj->auth_id.value[0] = 0x01;
			p15_obj->auth_id.len = 1;
		};
		/* Set path count to -1 for public certificates, as they
		   will need to be decompressed and read_binary()'d, so
		   we make sure we end up reading the file->size and not the
		   path->count which is the compressed size on newer
                   DNIe versions  */
		if ( p15_obj->df && (p15_obj->df->type == SC_PKCS15_CDF) ) {
                    p15_info = (struct sc_pkcs15_cert_info *) p15_obj ->data;
		    p15_info ->path.count = -1;
		}
		/* Remove found public keys as cannot be read_binary()'d */
		if ( p15_obj->df && (p15_obj->df->type == SC_PKCS15_PUKDF) ) {
			sc_pkcs15_object_t *puk = p15_obj;
			p15_obj = p15_obj->next;
			sc_pkcs15_remove_object(p15card, puk);
			sc_pkcs15_free_object(puk);
                } else {
			p15_obj = p15_obj->next;
		}
	}
	
	LOG_FUNC_RETURN(ctx, SC_SUCCESS);
}