A simple Qt based browser with no bullshit that supports PKCS#11 tokens (such as the SuisseID).
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

263 lines
9.4 KiB

// ---------------------------------------------------------------------------
// Name: actISCardOS.h
// Product: cv act library
// Purpose: The class ISCardOS accesses the card operating system
//
// Copyright: (c) 2002 cv cryptovision GmbH
// all rights reserved
// Licence: The conditions for the use of this software are regulated
// in the cv act library licence agreement.
//
// Autor: Dr. Xiangdong Wang (XWG)
// Date: 03/21/2002
// ---------------------------------------------------------------------------
#ifndef ACT_ISCardOS_h
#define ACT_ISCardOS_h
#include "actBlob.h"
#include "actTokenBase.h"
#include "actITokenPIN.h"
#include "actITokenConfig.h"
#include "actITokenInitializer.h"
#include "actIRefCounted.h"
#include "actIAccessCondition.h"
namespace act
{
class IKey;
class IEMSAAlg;
class ITokenFile;
class ISCardAccess;
class ISCardOSBehavior;
class IKeyDerivation;
class EFDIR;
const FIDType FID_EF_DIR = 0x2F00;
const FIDType FID_EF_ATR = 0x2F01;
//
// ISO 7816-4
enum SCardFileType
{
BINARY = 0x01,
LINEAR_FIXED = 0x02,
LINEAR_TLV = 0x05,
LINEAR_VARIABLE = 0x04,
CYCLIC_FIXED = 0x06,
DF = 0x38
};
//
// ISO 7816-4
enum SCardRecordMode
{
ABSOLUTE_MODE = 0x04
};
//
// ISO 7816-4
enum SCardSelectType
{
MFType = 0x00,
DFType = 0x01,
EFType = 0x02,
AIDType = 0x04,
PathType = 0x08
};
enum SCardSelectMode
{
FCI = 0x00, // FCI template
FCP = 0x04, // FCP template
FMD = 0x08, // FMD template
NoData = 0x0c, // No response data
};
enum SCardError
{
SCARD_SUCCESS = 0,
SCARD_FUNCTION_NOT_SUPPORTED = -1,
SCARD_FUNCTION_FAILED = -2
};
//
// ISCardOS
class ISCardOS
: public IRefCounted
, public IAcConverter
{
public:
virtual ~ISCardOS() { }
// ISCardOS
virtual ISCardOS* Clone() const = 0;
virtual bool IsMoC() = 0;
virtual const char* GetName() const = 0;
virtual Blob GetSerialNumber() const = 0; // hardware serial number
virtual Blob GetCardId(unsigned short fid_card_id) = 0;
virtual Blob GetCardCF(unsigned short fid_card_cf) = 0;
virtual ISCardAccess* GetAccess() const = 0;
virtual Blob ComputeDigitalSignature(const Blob& data, int mode = SIGN_DATA) = 0;
virtual Blob ComputeDigitalSignature(IEMSAAlg* emsa, int mode = SIGN_DATA) = 0;
virtual Blob Encipher(const Blob& plaintext) = 0;
virtual Blob Decipher(const Blob& encrypted_data) = 0;
virtual Blob AgreeKey(const Blob& pubkey) = 0;
virtual void ComputeECDigitalSignature(const Blob& data, Blob& signature) = 0;
virtual Blob SelectFile(const int filetype, const char* filepath) = 0; // return file control information
virtual Blob SelectFile(const int filetype, const Blob& filepath) = 0; // return file control information
virtual Blob SelectFile(const int filetype, FIDType fid) = 0; // return file control information
virtual Blob SelectApp(const Blob& aid, SCardSelectMode mode = NoData) = 0;
// EF.DIR
virtual EFDIR* GetEFDIR(ushort fid = FID_INVALID) = 0;
virtual int GetEFSize(FIDType fid) = 0;
virtual int GetEFSize(const Blob& filepath, Blob& fci) = 0;
virtual void GetFCI(FIDType fid, Blob& fci) = 0;
virtual Blob GetFCIValue(const Blob& fci, const byte tag) = 0;
virtual byte GetFileInfo(const Blob& fc_data, unsigned short& ef_size, size_t& num_of_records) = 0;
// select and read binary
virtual Blob ReadBinary(const char* filepath) = 0;
virtual Blob ReadBinary(const Blob& filepath) = 0;
virtual Blob ReadBinary(FIDType fid) = 0;
// read/update binary, file is selected, file size is known
virtual Blob ReadSelectedBinary(size_t file_size, unsigned short offset = 0) = 0;
virtual void UpdateSelectedBinary(const Blob& data, unsigned short offset = 0) = 0;
// select and update binary
virtual void UpdateBinary(const Blob& filepath, const Blob& data, unsigned short offset = 0) = 0;
virtual void UpdateBinary(FIDType fid, const Blob& data, unsigned short offset = 0) = 0;
// read binary with XL-APDUs
virtual Blob ReadBinaryX(const char* filepath) = 0;
virtual Blob ReadBinaryX(const Blob& filepath) = 0;
virtual Blob ReadBinaryX(FIDType fid) = 0;
virtual Blob ReadSelectedBinaryX(size_t file_size, unsigned short offset = 0) = 0;
// update binary with XL-APDUs
virtual void UpdateBinaryX(const Blob& filepath, const Blob& data, unsigned short offset = 0) = 0;
virtual void UpdateBinaryX(FIDType fid, const Blob& data, unsigned short offset = 0) = 0;
virtual void UpdateSelectedBinaryX(const Blob& data, unsigned short offset = 0) = 0;
// record read/write (file must be selected)
virtual Blob ReadRecord(byte mode) = 0; // p2
virtual Blob ReadRecord(byte rec_id, byte mode) = 0; // p1, p2
virtual void UpdateRecord(const Blob& data, byte rec_id, byte mode) = 0; // data, p1, p2
virtual void AppendRecord(const Blob& data, byte ef_id = 0) = 0; // data, p2
// record write (includes file selection and resize)
virtual void UpdateRecord(const Blob& filepath, const Blob& data, byte rec_id, byte mode) = 0;
virtual void AppendRecord(const Blob& filepath, const Blob& data) = 0;
virtual void DeleteEF(const Blob& fid) = 0;
virtual void DeleteEF(FIDType fid) = 0;
virtual void CreateEF(const Blob& fcp) = 0;
virtual void CreateEF(const Blob& fid, unsigned short len, bool secure = false) = 0;
virtual void CreateEF(FIDType fid, unsigned short len, bool secure = false) = 0;
virtual void CreateEF_TLV(FIDType fid, unsigned short len, unsigned short num_of_records = 1) = 0;
virtual void CreateEF_TLV(const Blob& fid, unsigned short len, unsigned short num_of_records = 1) = 0;
virtual unsigned short GetOSFileOffset() const = 0;
// get/put dat
virtual Blob GetData(ushort tag, ushort le = 0) const = 0; // INS=CA
virtual void PutData(ushort tag, const Blob& data) = 0; // INS=DA
// MSE/PSO functions
virtual void ManageSecurityEnvironment(byte p1, byte p2, const Blob& data = Blob()) = 0;
virtual void PerformSecurityOperation(Blob& response, byte p1, byte p2, const Blob& data, bool chaining = false) = 0;
virtual void PerformSecurityOperationX(Blob& response, byte p1, byte p2, const Blob& data) = 0; // explicit extended APDU
// ISO authentication functions
virtual void ExternalAuthenticate(byte key_id, const Blob& response, bool odd_INS = false) = 0; // INS=82/83, P1=00, P2=key_id
virtual Blob InternalAuthenticate(byte key_id, const Blob& challenge, bool odd_INS = false) = 0; // INS=88/89, P1=00, P2=key_id
virtual Blob MutualAuthenticate(byte key_id, const Blob& auth_data, bool odd_INS = false) = 0; // INS=82/83, P1=00, P2=key_id
virtual Blob GeneralAuthenticate(byte key_id, const Blob& auth_data, bool chaining = false, bool odd_INS = false) = 0; // INS=86/87, P1=00, P2=key_id
virtual void ResetRetryCounter(byte p1, byte p2, const Blob& data) = 0;
virtual void Verify(byte p1, byte p2, const Blob& data, bool odd_INS = false) = 0; // INS=20/21
// random functions
virtual Blob GetChallenge(byte le = byte(8)) const = 0;
virtual Blob GetRandom(const unsigned long count) const = 0;
// token type / config
virtual ProfileType GetProfileType(bool refresh = false) = 0;
virtual void SetTokenConfig(ITokenConfig* tkcfg) = 0;
virtual ITokenConfig* GetTokenConfig() const = 0;
// set/get behavior
virtual void SetBehavior(ISCardOSBehavior* behave) = 0;
virtual ISCardOSBehavior* GetBehavior() = 0;
// access rights
virtual void SetAccessRights(const Blob& access_rights) = 0;
virtual void SetAccessRights(move_from<Blob> access_rights) = 0;
virtual void SetExplicitRights(IAccessCondition* ac, size_t ac_cnt = 1) = 0;
virtual bool HasExplicitRights() const = 0;
virtual Blob GetAccessRights() = 0;
virtual IAccessCondition* GetAccessRights(const Blob& fci) = 0;
virtual Blob GetAccessRights(ACSCardObjType ac_obj_type, bool tagged) const = 0;
// selected path
virtual void SetSelectedPath(ITokenFile* selected_path) const = 0;
virtual ITokenFile* GetSelectedPath() const = 0;
// key derivation
virtual void SetKeyDerivation(IKeyDerivation* key_derivation) = 0;
virtual IKeyDerivation* GetKeyDerivation() const = 0;
// key handling
virtual void GenerateRSAKeyPair(int key_id, size_t key_size, // in bits
Blob& pubkey) = 0;
virtual void ImportRSAKeyPair(int key_id, const Blob& prime_p,
const Blob& prime_q, const Blob& priv_exp, Blob& pubkey) = 0;
virtual void GenerateECKeyPair(Blob& pubkey) = 0;
virtual void GenerateECKeyPair(int key_id, const Blob& curve_oid,
const Blob& curve_param, Blob& pubkey) = 0;
virtual void ImportECKeyPair(int key_nr, const Blob& curve_oid,
const Blob& curve_param, const Blob& privkey, const Blob& pubkey) = 0;
virtual void ImportDESKey(int key_id, const Blob& keyblob) = 0;
virtual void DeletePrivateKeyObj(FIDType fid) = 0;
virtual void DeleteECPrivateKeyObj(FIDType fid) = 0;
virtual void DeleteBlockCipherKeyObj(FIDType fid) = 0;
virtual void SelectKey(int key_id) = 0;
// authentication functions
virtual Blob ComputeResponse(const Blob& auth_key, const Blob& challenge) const = 0;
virtual void UpdateExternalAuthenticateKey(byte key_id, const Blob& auth_key) = 0;
virtual void ResetSecurityStatus() = 0;
virtual SecStatus GetSecurityStatus(byte obj_ref, Blob& context) const = 0;
// token initialization
virtual void SetDefaultLabel(move_from<Blob> label) = 0;
virtual ITokenInitializer* GetTokenInitializer() = 0;
};
} // namespace act
#endif // ACT_ISCardOS_h