You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
221 lines
6.1 KiB
221 lines
6.1 KiB
// --------------------------------------------------------------------------- |
|
// Name: actITokenPIN.h |
|
// Product: cv act library |
|
// Purpose: The class ITokenPIN defines the interfaces of the PIN operations |
|
// |
|
// Copyright: (c) 2002 cv cryptovision GmbH |
|
// all rights reserved |
|
// Licence: The conditions for the use of this software are regulated |
|
// in the cv act library licence agreement. |
|
// |
|
// Autor: Dr. Xiangdong Wang (XWG) |
|
// Date: 04/05/2002 |
|
// --------------------------------------------------------------------------- |
|
|
|
#ifndef ACT_ITokenPIN_h |
|
#define ACT_ITokenPIN_h |
|
|
|
#include "actBasics.h" |
|
#include "actDate.h" |
|
#include "actBlob.h" |
|
|
|
#include "actITokenAuth.h" |
|
#include "actITokenFileOwner.h" |
|
#include "actIRefCounted.h" |
|
|
|
#include "actTokenBase.h" |
|
|
|
namespace act |
|
{ |
|
enum PINType |
|
{ |
|
UNKNOWN_PIN = 0x0000, |
|
SO_PIN = 0x0001, |
|
USER_PIN = 0x0002, |
|
UNBLOCK_PIN = 0x0003, |
|
|
|
PIN_MASK = 0x000F, |
|
|
|
EXAUTH_PIN = 0x0010, |
|
BIOMETRIC_PIN = 0x0020, |
|
CERTBASED_PIN = 0x0040, |
|
|
|
BAC_PIN = 0x0100, |
|
ICAO_PIN = 0x0200, |
|
|
|
EAC_PACE_PIN = 0x0400, |
|
EAC_TA_PIN = 0x0800, |
|
EAC_CA_PIN = 0x1000, |
|
|
|
PIN_TYPE_MASK = 0x7fff, |
|
|
|
AUTHENTICATED_PIN = 0x8000, // Current authenticated PIN |
|
|
|
// combined types |
|
EXAUTH_SO_PIN = EXAUTH_PIN | SO_PIN, |
|
EXAUTH_UNBLOCK_PIN = EXAUTH_PIN | UNBLOCK_PIN, |
|
|
|
BIOMETRIC_USER_PIN = BIOMETRIC_PIN | USER_PIN, |
|
BIOMETRIC_SO_PIN = BIOMETRIC_PIN | SO_PIN, |
|
|
|
EAC_PACE_UNKNOWN_PIN = EAC_PACE_PIN | UNKNOWN_PIN, |
|
EAC_PACE_SO_PIN = EAC_PACE_PIN | SO_PIN, |
|
EAC_PACE_USER_PIN = EAC_PACE_PIN | USER_PIN, |
|
EAC_PACE_UNBLOCK_PIN = EAC_PACE_PIN | UNBLOCK_PIN, |
|
|
|
EAC_TA_UNKNOWN_PIN = EAC_TA_PIN | UNKNOWN_PIN, |
|
EAC_TA_USER_PIN = EAC_TA_PIN | USER_PIN, |
|
|
|
EAC_CA_UNKNOWN_PIN = EAC_CA_PIN | UNKNOWN_PIN, |
|
EAC_CA_USER_PIN = EAC_CA_PIN | USER_PIN, |
|
}; |
|
|
|
enum PINFlags |
|
{ |
|
PIN_INITIALIZED = (1 << 0), |
|
PIN_IS_LOCAL = (1 << 1), |
|
PIN_CASE_SENSITIVE = (1 << 2), |
|
PIN_CHANGE_DISABLED = (1 << 3), |
|
PIN_UNBLOCK_DISABLED = (1 << 4), |
|
PIN_DISABLE_ALLOWED = (1 << 5), |
|
PIN_NEEDS_PADDING = (1 << 6), |
|
PIN_NEEDS_UPDATE = (1 << 7), |
|
PIN_REQUIRES_SM = (1 << 8), |
|
PIN_REQUIRES_NO_DATA = (1 << 9), |
|
PIN_REQUIRES_ENCRYPTION = (1 << 10), |
|
PIN_CHANGE_REQUIRES_OLD = (1 << 11), |
|
PIN_IS_DEFAULT = (1 << 12), // marks the one and only default pin |
|
|
|
PIN_FLAGS_MASK = (1 << 13) - 1, |
|
|
|
// combined flags |
|
PIN_FLAGS = PIN_INITIALIZED | PIN_IS_LOCAL | PIN_CASE_SENSITIVE, |
|
PIN_FLAGS_DEFAULT = PIN_IS_DEFAULT | PIN_FLAGS, |
|
PIN_FLAGS_SO = PIN_INITIALIZED | PIN_IS_LOCAL | PIN_CASE_SENSITIVE | PIN_UNBLOCK_DISABLED, |
|
PIN_FLAGS_EXAUTH = PIN_INITIALIZED | PIN_IS_LOCAL, |
|
PIN_FLAGS_BIOMETRIC = PIN_INITIALIZED | PIN_IS_LOCAL, |
|
PIN_FLAGS_CERTBASED = PIN_INITIALIZED | PIN_IS_LOCAL | PIN_REQUIRES_NO_DATA | PIN_CHANGE_DISABLED | PIN_UNBLOCK_DISABLED, |
|
}; |
|
|
|
enum AuthDataEncoding |
|
{ |
|
PIN_ENCODING_UNKNOWN = -1, |
|
PIN_ENCODING_BINARY = 0, |
|
PIN_ENCODING_ASCII_NUMERIC, |
|
PIN_ENCODING_UTF8, |
|
PIN_ENCODING_BCD, |
|
PIN_ENCODING_HALF_NIBBLE_BCD, |
|
PIN_ENCODING_ISO9564_1, |
|
|
|
PIN_ENCODING = PIN_ENCODING_ASCII_NUMERIC, |
|
}; |
|
|
|
enum AuthId |
|
{ |
|
AUTHID_INVALID = 0x00, |
|
}; |
|
|
|
enum BioFinger |
|
{ |
|
FINGER_UNKNOWN = 0, |
|
FINGER_RIGHT_THUMB = 1, |
|
FINGER_RIGHT_INDEX = 2, |
|
FINGER_RIGHT_MIDDLE = 3, |
|
FINGER_RIGHT_RING = 4, |
|
FINGER_RIGHT_LITTLE = 5, |
|
FINGER_LEFT_THUMB = 6, |
|
FINGER_LEFT_INDEX = 7, |
|
FINGER_LEFT_MIDDLE = 8, |
|
FINGER_LEFT_RING = 9, |
|
FINGER_LEFT_LITTLE = 10 |
|
}; |
|
|
|
class IAuthIdRef; |
|
class ITokenFile; |
|
class IToken; |
|
class ISCardOS; |
|
class AuthInfo; |
|
|
|
// |
|
// ITokenPIN |
|
class ITokenPIN |
|
: public IRefCounted |
|
, public ITokenFileOwner |
|
{ |
|
public: |
|
virtual ITokenPIN* Clone() const = 0; |
|
virtual bool Equals(const ITokenPIN* other) const = 0; |
|
virtual int Compare(const ITokenPIN* other) const = 0; |
|
|
|
virtual int GetType() const = 0; |
|
virtual int GetUsage() const = 0; |
|
virtual byte GetObjRef() const = 0; |
|
virtual IToken* GetToken() const = 0; |
|
virtual const char* GetName() const = 0; |
|
virtual AuthDataEncoding GetEncoding() const = 0; |
|
|
|
virtual const AuthInfo* GetInfo() const = 0; |
|
virtual void SetInfo(const AuthInfo* ai) = 0; |
|
|
|
virtual void SetDefault(bool is_default) = 0; |
|
virtual bool IsDefault() const = 0; |
|
|
|
virtual bool IsInitialized() const = 0; |
|
virtual bool IsAuthenticated() const = 0; |
|
|
|
virtual bool NeedsUpdate() const = 0; |
|
virtual bool NeedsPINValue() const = 0; |
|
|
|
virtual bool GetLengthInfo(LengthInfo& info) const = 0; |
|
virtual bool CheckPinLength(const Blob& pin) const = 0; |
|
virtual bool GetLastChange(Date& date, bool& supported) const = 0; |
|
|
|
virtual void VerifyPin(const Blob& pin) = 0; |
|
|
|
// NOTE: ChangePin preserves the authentication state if successfull |
|
// TODO: MTE: Describe in detail! |
|
virtual void ChangePin(const Blob& oldpin, const Blob& newpin) = 0; |
|
|
|
// NOTE: UnlockPin preserves the authentication state if successfull |
|
// TODO: MTE: Describe in detail! |
|
virtual void UnlockPin(ITokenPIN* so, const Blob& pin, const Blob& newpin) = 0; |
|
|
|
// NOTE: SetPinValue preserves the authentication state if successfull |
|
// TODO: MTE: Describe in detail! |
|
virtual void SetPinValue(ITokenPIN* so, const Blob& so_pin, const Blob& newpin) = 0; |
|
|
|
virtual void Select(ISCardOS* os = 0) const = 0; |
|
|
|
virtual ITokenPIN* GetParent() const = 0; |
|
|
|
virtual IAuthIdRef* GetAuthIdRef() const = 0; |
|
virtual IAuthIdRef* GetParentAuthIdRef() const = 0; |
|
|
|
// Bio extensions |
|
virtual byte GetFinger() const = 0; |
|
virtual bool GetBioHeader(Blob& bioheader) = 0; |
|
|
|
// ExternalAuth Key extensions |
|
virtual Blob GetChallenge() const = 0; |
|
virtual void ResetChallenge() = 0; |
|
virtual Blob ComputeResponse(const Blob& auth_key, const Blob& challenge) const = 0; |
|
|
|
// Certificate based authentication extensions |
|
virtual void SetCHAT(const Blob& chat) = 0; |
|
virtual void SetCHAT(move_from<Blob> chat) = 0; |
|
virtual Blob GetCHAT() const = 0; |
|
|
|
protected: |
|
// SCard Functionality |
|
virtual Blob doGetChallenge() const = 0; |
|
virtual void doResetChallenge() const = 0; |
|
virtual void doVerify(const Blob& pin) const = 0; |
|
virtual SecStatus doGetSecurityStatus(Blob& context) const = 0; |
|
|
|
private: |
|
friend class TokenAuth; |
|
}; |
|
|
|
} // namespace act |
|
|
|
#endif // ACT_ITokenPIN_h
|
|
|