From 48bd6b09645014365a2be8361d113757a1736814 Mon Sep 17 00:00:00 2001 From: Philip Wendland Date: Thu, 28 Aug 2014 14:29:16 +0200 Subject: [PATCH] Add support for the IsoApplet (Java Card applet) The IsoApplet can be found here: https://github.com/philipWendland/IsoApplet Add read/write support for this applet, including RSA and ECC support. --- src/libopensc/Makefile.am | 1 + src/libopensc/Makefile.mak | 2 +- src/libopensc/card-isoApplet.c | 1223 +++++++++++++++++++++++++++++ src/libopensc/cardctl.h | 33 +- src/libopensc/cards.h | 7 +- src/libopensc/ctx.c | 1 + src/pkcs15init/Makefile.am | 6 +- src/pkcs15init/Makefile.mak | 3 +- src/pkcs15init/isoApplet.profile | 164 ++++ src/pkcs15init/pkcs15-init.h | 1 + src/pkcs15init/pkcs15-isoApplet.c | 871 ++++++++++++++++++++ src/pkcs15init/pkcs15-lib.c | 1 + 12 files changed, 2307 insertions(+), 6 deletions(-) create mode 100644 src/libopensc/card-isoApplet.c create mode 100644 src/pkcs15init/isoApplet.profile create mode 100644 src/pkcs15init/pkcs15-isoApplet.c diff --git a/src/libopensc/Makefile.am b/src/libopensc/Makefile.am index 33bc3e6ee3..557c32ea5a 100644 --- a/src/libopensc/Makefile.am +++ b/src/libopensc/Makefile.am @@ -41,6 +41,7 @@ libopensc_la_SOURCES = \ card-itacns.c card-authentic.c \ card-iasecc.c iasecc-sdo.c iasecc-sm.c card-sc-hsm.c \ card-dnie.c cwa14890.c cwa-dnie.c user-interface.c \ + card-isoApplet.c \ \ pkcs15-openpgp.c pkcs15-infocamere.c pkcs15-starcert.c \ pkcs15-tcos.c pkcs15-esteid.c pkcs15-postecert.c pkcs15-gemsafeGPK.c \ diff --git a/src/libopensc/Makefile.mak b/src/libopensc/Makefile.mak index 6a004e3b14..4e572f7b69 100644 --- a/src/libopensc/Makefile.mak +++ b/src/libopensc/Makefile.mak @@ -23,7 +23,7 @@ OBJECTS = \ card-rtecp.obj card-westcos.obj card-myeid.obj card-ias.obj \ card-itacns.obj card-authentic.obj \ card-iasecc.obj iasecc-sdo.obj iasecc-sm.obj cwa-dnie.obj cwa14890.obj \ - card-sc-hsm.obj card-dnie.obj user-interface.obj \ + card-sc-hsm.obj card-dnie.obj user-interface.obj card-isoApplet.obj \ \ pkcs15-openpgp.obj pkcs15-infocamere.obj pkcs15-starcert.obj \ pkcs15-tcos.obj pkcs15-esteid.obj pkcs15-postecert.obj pkcs15-gemsafeGPK.obj \ diff --git a/src/libopensc/card-isoApplet.c b/src/libopensc/card-isoApplet.c new file mode 100644 index 0000000000..06509b59d1 --- /dev/null +++ b/src/libopensc/card-isoApplet.c @@ -0,0 +1,1223 @@ +/* + * Support for the IsoApplet JavaCard Applet. + * + * Copyright (C) 2014 Philip Wendland + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include +#include + +#include "internal.h" +#include "opensc.h" +#include "cardctl.h" +#include "log.h" +#include "asn1.h" +#include "pkcs15.h" + +#define ISOAPPLET_ALG_REF_ECDSA 0x21 +#define ISOAPPLET_ALG_REF_RSA_PAD_PKCS1 0x11 + +#define ISOAPPLET_API_VERSION_MAJOR 0x00 +#define ISOAPPLET_API_VERSION_MINOR 0x03 +#define ISOAPPLET_API_FEATURE_EXT_APDU 0x01 + +#define ISOAPPLET_AID_LEN 12 +static const u8 isoAppletId[] = {0xf2,0x76,0xa2,0x88,0xbc,0xfb,0xa6,0x9d,0x34,0xf3,0x10,0x01}; + +struct isoApplet_drv_data +{ + unsigned int sec_env_alg_ref; +}; +#define DRVDATA(card) ((struct isoApplet_drv_data *) ((card)->drv_data)) + +static struct sc_card_operations isoApplet_ops; +static const struct sc_card_operations *iso_ops = NULL; +static struct sc_card_driver isoApplet_drv = +{ + "Javacard with IsoApplet", + "isoApplet", + &isoApplet_ops, + NULL, 0, NULL +}; + + +/* + * SELECT an applet on the smartcard. (Not in the emulated filesystem.) + * The response will be written to resp. + * + * @param[in] card + * @param[in] aid The applet ID. + * @param[in] aid_len The legth of aid. + * @param[out] resp The response of the applet upon selection. + * @param[in,out] resp_len In: The buffer size of resp. Out: The length of the response. + * + * @return SC_SUCCESS: The applet is present and could be selected. + * any other: Transmit failure or the card returned an error. + * The card will return an error when the applet is + * not present. + */ +static int +isoApplet_select_applet(sc_card_t *card, const u8 aid[], const size_t aid_len, u8* resp, size_t *resp_len) +{ + int rv; + sc_context_t *ctx = card->ctx; + sc_apdu_t apdu; + u8 aid_wc[SC_MAX_APDU_BUFFER_SIZE]; + + LOG_FUNC_CALLED(card->ctx); + + if(aid_len > SC_MAX_APDU_BUFFER_SIZE) + LOG_FUNC_RETURN(card->ctx, SC_ERROR_BUFFER_TOO_SMALL); + memcpy(aid_wc, aid, aid_len); + + sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0xa4, 0x04, 0x00); + apdu.lc = aid_len; + apdu.data = aid_wc; + apdu.datalen = aid_len; + apdu.resp = resp; + apdu.resplen = *resp_len; + apdu.le = 0; + + rv = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(ctx, rv, "APDU transmit faiure."); + + rv = sc_check_sw(card, apdu.sw1, apdu.sw2); + LOG_TEST_RET(card->ctx, rv, "Card returned error"); + + *resp_len = apdu.resplen; + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +static int +isoApplet_finish(sc_card_t * card) +{ + struct isoApplet_drv_data *drvdata=DRVDATA(card); + + LOG_FUNC_CALLED(card->ctx); + if (drvdata) + { + free(drvdata); + card->drv_data=NULL; + } + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +static int +isoApplet_match_card(sc_card_t * card) +{ + size_t rlen = SC_MAX_APDU_BUFFER_SIZE; + u8 rbuf[SC_MAX_APDU_BUFFER_SIZE]; + int rv; + + rv = isoApplet_select_applet(card, isoAppletId, ISOAPPLET_AID_LEN, rbuf, &rlen); + + if(rv != SC_SUCCESS) + { + return 0; + } + + /* If applet does not return API version, versions 0x00 will match */ + if(rlen == 0) + { + rbuf[0] = 0x00; + rbuf[1] = 0x00; + rbuf[2] = 0x00; + rlen = 3; + } + + /* We expect 3 bytes: MAJOR API version - MINOR API version - API feature bitmap */ + if(rlen != 3) + { + return 0; + } + + if(rbuf[0] != ISOAPPLET_API_VERSION_MAJOR) + { + sc_log(card->ctx, "IsoApplet: Mismatching major API version. Not proceeding. " + "API versions: Driver (%02X-%02X), applet (%02X-%02X). Please update accordingly.", + ISOAPPLET_API_VERSION_MAJOR, ISOAPPLET_API_VERSION_MINOR, rbuf[0], rbuf[1]); + return 0; + } + + if(rbuf[1] != ISOAPPLET_API_VERSION_MINOR) + { + sc_log(card->ctx, "IsoApplet: Mismatching minor API version. Proceeding anyway. " + "API versions: Driver (%02X-%02X), applet (%02X-%02X)." + "Please update accordingly whenever possible.", + ISOAPPLET_API_VERSION_MAJOR, ISOAPPLET_API_VERSION_MINOR, rbuf[0], rbuf[1]); + } + + if(rbuf[2] & ISOAPPLET_API_FEATURE_EXT_APDU) + { + card->caps |= SC_CARD_CAP_APDU_EXT; + } + + return 1; +} + +static int +isoApplet_init(sc_card_t * card) +{ + unsigned long flags = 0; + unsigned long ext_flags = 0; + struct isoApplet_drv_data *drvdata; + + LOG_FUNC_CALLED(card->ctx); + + drvdata=malloc(sizeof(struct isoApplet_drv_data)); + if (!drvdata) + LOG_FUNC_RETURN(card->ctx, SC_ERROR_OUT_OF_MEMORY); + memset(drvdata, 0, sizeof(struct isoApplet_drv_data)); + drvdata->sec_env_alg_ref = 0; + + card->drv_data = drvdata; + card->cla = 0x00; + + /* ECDSA */ + flags = 0; + flags |= SC_ALGORITHM_ECDSA_RAW; + flags |= SC_ALGORITHM_ONBOARD_KEY_GEN; + ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE; + ext_flags |= SC_ALGORITHM_EXT_EC_F_P; + _sc_card_add_ec_alg(card, 192, flags, ext_flags); + _sc_card_add_ec_alg(card, 256, flags, ext_flags); + + /* RSA */ + flags = 0; + /* Padding schemes: */ + flags |= SC_ALGORITHM_RSA_PAD_PKCS1; + /* Hashes: */ + flags |= SC_ALGORITHM_RSA_HASH_NONE; + flags |= SC_ALGORITHM_RSA_HASH_SHA1; + flags |= SC_ALGORITHM_RSA_HASH_MD5; + flags |= SC_ALGORITHM_RSA_HASH_MD5_SHA1; + flags |= SC_ALGORITHM_RSA_HASH_SHA224; + flags |= SC_ALGORITHM_RSA_HASH_SHA256; + flags |= SC_ALGORITHM_RSA_HASH_SHA384; + flags |= SC_ALGORITHM_RSA_HASH_SHA512; + flags |= SC_ALGORITHM_RSA_HASH_RIPEMD160; + /* Key-generation: */ + flags |= SC_ALGORITHM_ONBOARD_KEY_GEN; + /* Modulus lengths: */ + _sc_card_add_rsa_alg(card, 2048, flags, 0); + + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +/* + * @brief convert an OpenSC ACL entry to the security condition + * byte used by the IsoApplet. + * + * Used by IsoApplet_create_file to parse OpenSC ACL entries + * into ISO 7816-4 Table 20 security condition bytes. + * + * @param entry The OpenSC ACL entry. + * + * @return The security condition byte. No restriction (0x00) + * if unknown operation. + */ +static u8 +acl_to_security_condition_byte(const sc_acl_entry_t *entry) +{ + if(!entry) + return 0x00; + switch(entry->method) + { + case SC_AC_CHV: + return 0x90; + case SC_AC_NEVER: + return 0xFF; + case SC_AC_NONE: + default: + return 0x00; + } +} + +/* + * The reason for this function is that OpenSC doesn't set any + * Security Attribute Tag in the FCI upon file creation if there + * is no file->sec_attr. I set the file->sec_attr to a format + * understood by the applet (ISO 7816-4 tables 16, 17 and 20). + * The iso7816_create_file will then set this as Tag 86 - Sec. + * Attr. Prop. Format. + * The applet will then be able to set and enforce access rights + * for any file created by OpenSC. Without this function, the + * applet would not know where to enforce security rules and + * when. + * + * Note: IsoApplet currently only supports a "onepin" option. + * + * Format of the sec_attr: 8 Bytes: + * 7 - ISO 7816-4 table 16 or 17 + * 6 to 0 - ISO 7816-4 table 20 + */ +static int +isoApplet_create_file(sc_card_t *card, sc_file_t *file) +{ + int r = 0; + + LOG_FUNC_CALLED(card->ctx); + + if(file->sec_attr_len == 0) + { + u8 access_buf[8]; + int idx[8], i; + + if(file->type == SC_FILE_TYPE_DF) + { + const int df_idx[8] = /* These are the SC operations. */ + { + 0, /* Reserved. */ + SC_AC_OP_DELETE_SELF, //b6 + SC_AC_OP_LOCK, //b5 + SC_AC_OP_ACTIVATE, //b4 + SC_AC_OP_DEACTIVATE, //b3 + SC_AC_OP_CREATE_DF, //b2 + SC_AC_OP_CREATE_EF, //b1 + SC_AC_OP_DELETE //b0 + }; + for(i=0; i<8; i++) + { + idx[i] = df_idx[i]; + } + } + else //EF + { + const int ef_idx[8] = + { + 0, /* Reserved. */ + SC_AC_OP_DELETE_SELF, //b6 + SC_AC_OP_LOCK, //b5 + SC_AC_OP_ACTIVATE, //b4 + SC_AC_OP_DEACTIVATE, //b3 + SC_AC_OP_WRITE, //b2 + SC_AC_OP_UPDATE, //b1 + SC_AC_OP_READ //b0 + }; + for(i=0; i<8; i++) + { + idx[i] = ef_idx[i]; + } + } + /* Now idx contains the operation identifiers. + * We now search for the OPs. */ + access_buf[0] = 0xFF; /* A security condition byte is present for every OP. (Table 19) */ + for(i=1; i<8; i++) + { + const sc_acl_entry_t *entry; + entry = sc_file_get_acl_entry(file, idx[i]); + access_buf[i] = acl_to_security_condition_byte(entry); + } + + r = sc_file_set_sec_attr(file, access_buf, 8); + LOG_TEST_RET(card->ctx, r, "Error adding security attribute."); + } + + r = iso_ops->create_file(card, file); + LOG_FUNC_RETURN(card->ctx, r); +} + +/* + * Adds an ACL entry to the OpenSC file struct, according to the operation + * and the saByte (Encoded according to IsoApplet FCI proprietary security + * information, see also ISO 7816-4 table 20). + * + * @param[in,out] file + * @param[in] operation The OpenSC operation. + * @param[in] saByte The security condition byte return by the applet. + */ +static int +sa_to_acl(sc_file_t *file, unsigned int operation, u8 saByte) +{ + int r; + switch(saByte) + { + case 0x90: + r = sc_file_add_acl_entry(file, operation, SC_AC_CHV, 1); + if(r < 0) + return r; + break; + case 0xFF: + r = sc_file_add_acl_entry(file, operation, SC_AC_NEVER, SC_AC_KEY_REF_NONE); + if(r < 0) + return r; + break; + case 0x00: + r = sc_file_add_acl_entry(file, operation, SC_AC_NONE, SC_AC_KEY_REF_NONE); + if(r < 0) + return r; + break; + default: + r = sc_file_add_acl_entry(file, operation, SC_AC_UNKNOWN, SC_AC_KEY_REF_NONE); + if(r < 0) + return r; + } + return SC_SUCCESS; +} + + +/* + * This function first calls the iso7816.c process_fci() for any other FCI + * information and then updates the ACL of the OpenSC file struct according + * to the FCI from the applet. + */ +static int +isoApplet_process_fci(sc_card_t *card, sc_file_t *file, + const u8 *buf, size_t buflen) +{ + int r; + u8 *sa = NULL; + + LOG_FUNC_CALLED(card->ctx); + + r = iso_ops->process_fci(card, file, buf, buflen); + LOG_TEST_RET(card->ctx, r, "Error while processing the FCI."); + /* Construct the ACL from the sec_attr. */ + if(file->sec_attr && file->sec_attr_len == 8) + { + sa = file->sec_attr; + if(sa[0] != 0xFF) + { + LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_DATA, + "File security attribute does not contain a ACL byte for every operation."); + } + if(file->type == SC_FILE_TYPE_DF) + { + r = sa_to_acl(file, SC_AC_OP_DELETE_SELF, sa[1]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_LOCK, sa[2]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_ACTIVATE, sa[3]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_DEACTIVATE, sa[4]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_CREATE_DF, sa[5]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_CREATE_EF, sa[6]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_DELETE, sa[7]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + } + else if(file->type == SC_FILE_TYPE_INTERNAL_EF + || file->type == SC_FILE_TYPE_WORKING_EF) + { + r = sa_to_acl(file, SC_AC_OP_DELETE_SELF, sa[1]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_LOCK, sa[2]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_ACTIVATE, sa[3]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_DEACTIVATE, sa[4]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_WRITE, sa[5]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_UPDATE, sa[6]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + r = sa_to_acl(file, SC_AC_OP_READ, sa[7]); + LOG_TEST_RET(card->ctx, r, "Error adding ACL entry."); + } + + } + + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +static int +isoApplet_ctl_generate_key(sc_card_t *card, struct sc_cardctl_isoApplet_genkey *args) +{ + int r, len; + size_t tag_len; + sc_apdu_t apdu; + u8 rbuf[SC_MAX_EXT_APDU_BUFFER_SIZE]; + u8 sbuf[SC_MAX_APDU_BUFFER_SIZE]; + u8 *p; + const u8 *curr_pos; + + LOG_FUNC_CALLED(card->ctx); + + /* MANAGE SECURITY ENVIRONMENT (SET). Set the algorithm and key references. */ + sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0x22, 0x41, 0x00); + + p = sbuf; + *p++ = 0x80; /* algorithm reference */ + *p++ = 0x01; + *p++ = args->algorithm_ref; + + *p++ = 0x84; /* Private key reference */ + *p++ = 0x01; + *p++ = args->priv_key_ref; + + r = p - sbuf; + p = NULL; + + apdu.lc = r; + apdu.datalen = r; + apdu.data = sbuf; + + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "APDU transmit failed"); + + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + if(apdu.sw1 == 0x6A && apdu.sw2 == 0x81) + { + sc_log(card->ctx, "Key generation not supported by the card with that particular key type." + "Your card may not support the specified algorithm used by the applet / specified by you." + "In most cases, this happens when trying to generate EC keys not supported by your java card." + "In this case, look for supported field lengths and whether FP and/or F2M are supported."); + } + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + + /* GENERATE ASYMMETRIC KEY PAIR + * We use a larger buffer here, even if the card does not support extended apdus. + * There are two cases: + * 1) The card can do ext. apdus: The data fits in one apdu. + * 2) The card can't do ext. apdus: sc_transmit_apdu will handle that - the + * card will send SW_BYTES_REMAINING, OpenSC will automaticall do a + * GET RESPONSE to get the remaining data, and will append it to the data + * buffer. */ + sc_format_apdu(card, &apdu, SC_APDU_CASE_2, 0x46, 0x42, 0x00); + + apdu.resp = rbuf; + apdu.resplen = SC_MAX_EXT_APDU_BUFFER_SIZE; + apdu.le = 256; + + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "APDU transmit failed"); + + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + /* Parse the public key / response. */ + switch(args->algorithm_ref) + { + + case SC_ISOAPPLET_ALG_REF_RSA_GEN_2048: + /* We expect: + * - Tag: 7F 49 + * - Length: 82 01 09 (265 Bytes) */ + p = rbuf; + if(memcmp(p, "\x7F\x49\x82\x01\x09", 5) != 0) + { + LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_DATA, + "The data returned by the card is unexpected."); + } + else + { + len = 265; + } + p += 5; /* p points to the value field of the outer (7F 49) tag. + * This value field is a TLV-structure again. */ + + /* Search for the modulus tag (81). */ + curr_pos = sc_asn1_find_tag(card->ctx, p, len, (unsigned int) 0x81, &tag_len); + if(curr_pos == NULL || tag_len != 256) + { + LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_DATA, "Card returned no or a invalid modulus."); + } + if(args->pubkey_len < 256) + { + LOG_FUNC_RETURN(card->ctx, SC_ERROR_BUFFER_TOO_SMALL); + } + args->pubkey_len = tag_len; + memcpy(args->pubkey, curr_pos, args->pubkey_len); + + /* Exponent tag (82) */ + curr_pos = sc_asn1_find_tag(card->ctx, p, len, (unsigned int) 0x82, &tag_len); + if(curr_pos == NULL || tag_len != 3) + { + LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_DATA); + } + if(args->exponent_len < 3) + { + LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_DATA, "Card returned no or a invalid exponent."); + } + if(memcmp(curr_pos, "\x01\x00\x01", 3) != 0) + { + LOG_TEST_RET(card->ctx, SC_ERROR_INCOMPATIBLE_KEY, + "Key generation error: Unexpected public key exponent."); + } + args->exponent_len = 3; + memcpy(args->exponent, curr_pos, args->exponent_len); + p = NULL; + break; + + case SC_ISOAPPLET_ALG_REF_EC_GEN_BRAINPOOLP192R1: + p = rbuf; + if(args->pubkey_len >= apdu.resplen) + { + memcpy(args->pubkey, p, apdu.resplen); + } + else + { + LOG_TEST_RET(card->ctx, SC_ERROR_BUFFER_TOO_SMALL, + "Key generation error: Public key buffer too small."); + } + break; + + case SC_ISOAPPLET_ALG_REF_EC_GEN_PRIME256V1: + p = rbuf; + if(args->pubkey_len >= apdu.resplen) + { + memcpy(args->pubkey, p, apdu.resplen); + } + else + { + LOG_TEST_RET(card->ctx, SC_ERROR_BUFFER_TOO_SMALL, + "Key generation error: Public key buffer too small."); + } + break; + + default: + LOG_TEST_RET(card->ctx, SC_ERROR_NOT_SUPPORTED, "Unable to parse public key: Unsupported algorithm."); + }// switch + + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +/* + * @brief Insert the length field of a TLV entry. + * + * The format is: + * 0..127: 1 byte, 00-7F + * 128..255: 2 bytes, 81; 00-FF + * 256..65535: 3 bytes, 82; 0000-FFFF + * + * @param[out] p The buffer where the length tag should be placed. + * @param[in] p_len The length of p. + * @param[in] len The length to be inserted. + * + * @return positive values: The length of the length field inserted. + * SC_ERROR_INVALID_ARGUMENTS: Incorrect length value or p == null. + * SC_ERROR_BUFFER_TOO_SMALL: The buffer p can not hold the length field. + */ +static int +tlv_insert_len(u8 *p, size_t p_len, size_t len) +{ + if(p == NULL) + return SC_ERROR_INVALID_ARGUMENTS; + + /* Note: len < 0 can not happen as it is size_t */ + if(len <= 127) + { + if(p_len < 1) + return SC_ERROR_BUFFER_TOO_SMALL; + *p++ = len & 0x7F; + return 1; + } + else if(len <= 255) + { + if(p_len < 2) + return SC_ERROR_BUFFER_TOO_SMALL; + *p++ = 0x81; + *p++ = len & 0xFF; + return 2; + } + else if(len <= 65535) + { + if(p_len < 3) + return SC_ERROR_BUFFER_TOO_SMALL; + *p++ = 0x82; + *p++ = (len >> 8) & 0xFF; /* MSB */ + *p++ = len & 0xFF; /* LSB */ + return 3; + } + else + { + return SC_ERROR_INVALID_ARGUMENTS; + } +} + +/* + * @brief Add a TLV-entry to a buffer. + * + * @param[out] buf The buffer at where the TLV entry should be placed. + * @param[in] buf_len The length of buf. + * @param[in] tag The one byte tag of the TLV entry. + * @param[in] tag_data The value field of the TLV entry. + * @param[in] tag_data_len The length of the tag_data. + * + */ +static int +tlv_add_tlv(u8 *buf, const size_t buf_len, const u8 tag, + const u8 *tag_data, const size_t tag_data_len) +{ + size_t l_len; /* Length of the length field itself. */ + int r; + + if(buf == NULL || tag_data == NULL) + return SC_ERROR_INVALID_ARGUMENTS; + + if(tag_data_len <= 127) + l_len = 1; + else if(tag_data_len <= 255) + l_len = 2; + else if(tag_data_len <= 65535) + l_len = 3; + else + return SC_ERROR_INVALID_ARGUMENTS; + + if(1 + l_len + tag_data_len > buf_len) + return SC_ERROR_BUFFER_TOO_SMALL; + + *buf++ = tag; + r = tlv_insert_len(buf, buf_len-1, tag_data_len); + if(r < 0) + return r; + else if((unsigned int)r != l_len) + return SC_ERROR_UNKNOWN; + + buf += l_len; + + memcpy(buf, tag_data, tag_data_len); + return 1 + l_len + tag_data_len; +} + +/* + * @brief Use PUT DATA to import a private RSA key. + * + * For simplicity, command chaining has to be used. One chunk (apdu) must contain + * one RSA field (P, Q, etc.). The first apdu must contain the outer tag (7F48). + * + * @param card + * @param rsa The RSA private key to import. + * + * @return SC_ERROR_INVALID_ARGUMENTS: The RSA key does not contain CRT fields. + * other errors: Transmit errors / errors returned by card. + */ +static int +isoApplet_put_data_prkey_rsa(sc_card_t *card, struct sc_pkcs15_prkey_rsa *rsa) +{ + sc_apdu_t apdu; + const size_t sbuf_len = SC_MAX_APDU_BUFFER_SIZE; + u8 sbuf[SC_MAX_APDU_BUFFER_SIZE]; + u8 *p = NULL; + int r; + size_t tags_len; + + LOG_FUNC_CALLED(card->ctx); + + if(!rsa + || !rsa->p.data + || !rsa->q.data + || !rsa->iqmp.data + || !rsa->dmp1.data + || !rsa->dmq1.data) + { + LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_ARGUMENTS, "Only CRT RSA keys may be imported."); + } + + + p = sbuf; + /* Note: The format is according to ISO 2-byte tag 7F48 */ + *p++ = 0x7F; /* T-L pair to indicate a private key data object */ + *p++ = 0x48; + /* Calculate the length of all inner tag-length-value entries. + * One entry consists of: tag (1 byte) + length (1 byte if < 128, 2 if >= 128) + value (len) + * It may actually happen that a parameter is 127 byte (leading zero) */ + tags_len = 1 + (rsa->p.len < 128 ? 1 : 2) + rsa->p.len + + 1 + (rsa->q.len < 128 ? 1 : 2) + rsa->q.len + + 1 + (rsa->iqmp.len < 128 ? 1 : 2) + rsa->iqmp.len + + 1 + (rsa->dmp1.len < 128 ? 1 : 2) + rsa->dmp1.len + + 1 + (rsa->dmq1.len < 128 ? 1 : 2) + rsa->dmq1.len; + r = tlv_insert_len(p, sbuf_len - (p - sbuf), tags_len); /* Private key data object length */ + LOG_TEST_RET(card->ctx, r, "Error in handling TLV."); + p += r; + + /* p */ + r = tlv_add_tlv(p, sbuf_len - (p - sbuf), 0x92, rsa->p.data, rsa->p.len); + LOG_TEST_RET(card->ctx, r, "Error in handling TLV."); + p += r; + + sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0xDB, 0x3F, 0xFF); + apdu.cla |= 0x10; /* Chaining */ + apdu.data = sbuf; + apdu.datalen = p - sbuf; + apdu.lc = p - sbuf; + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "%s: APDU transmit failed"); + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + if(apdu.sw1 == 0x6D && apdu.sw2 == 0x00) + { + sc_log(card->ctx, "The applet returned that the PUT DATA instruction byte is not supported." + "If you are using an older applet version and are trying to import keys, please update your applet first."); + } + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + /* q */ + p = sbuf; + r = tlv_add_tlv(p, sbuf_len - (p - sbuf), 0x93, rsa->q.data, rsa->q.len); + LOG_TEST_RET(card->ctx, r, "Error in handling TLV."); + p += r; + + apdu.data = sbuf; + apdu.datalen = p - sbuf; + apdu.lc = p - sbuf; + r = sc_check_apdu(card, &apdu); + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "%s: APDU transmit failed"); + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + /* 1/q mod p */ + p = sbuf; + r = tlv_add_tlv(p, sbuf_len - (p - sbuf), 0x94, rsa->iqmp.data, rsa->iqmp.len); + LOG_TEST_RET(card->ctx, r, "Error in handling TLV."); + p += r; + + apdu.data = sbuf; + apdu.datalen = p - sbuf; + apdu.lc = p - sbuf; + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "%s: APDU transmit failed"); + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + /* d mod (p-1) */ + p = sbuf; + r = tlv_add_tlv(p, sbuf_len - (p - sbuf), 0x95, rsa->dmp1.data, rsa->dmp1.len); + LOG_TEST_RET(card->ctx, r, "Error in handling TLV."); + p += r; + + apdu.data = sbuf; + apdu.datalen = p - sbuf; + apdu.lc = p - sbuf; + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "%s: APDU transmit failed"); + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + /* d mod (q-1) */ + p = sbuf; + r = tlv_add_tlv(p, sbuf_len - (p - sbuf), 0x96, rsa->dmq1.data, rsa->dmq1.len); + LOG_TEST_RET(card->ctx, r, "Error in handling TLV."); + p += r; + + apdu.cla = 0x00; /* Last part of the chain. */ + apdu.data = sbuf; + apdu.datalen = p - sbuf; + apdu.lc = p - sbuf; + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "%s: APDU transmit failed"); + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + LOG_FUNC_RETURN(card->ctx, r); +} + +/* + * @brief Use PUT DATA to import a private EC key. + * + * I use a simpler format for EC keys (compared to RSA) + * because the card has all the necessary information except the ecPointQ. + * Only the ecPointQ is sent to the card. It is BER-TLV-encoded. The tag is: + * 0xC1 - Private class, primitive encoding, number one. + * + * @param card + * @param ec The EC private key to import. + * + * @return SC_ERROR_INVALID_ARGUMENTS: The RSA key does not contain CRT fields. + * other errors: Transmit errors / errors returned by card. + */ +static int +isoApplet_put_data_prkey_ec(sc_card_t *card, struct sc_pkcs15_prkey_ec *ec) +{ + sc_apdu_t apdu; + size_t sbuf_len = SC_MAX_EXT_APDU_BUFFER_SIZE; + u8 sbuf[SC_MAX_EXT_APDU_BUFFER_SIZE]; + int r; + + LOG_FUNC_CALLED(card->ctx); + + if(!ec) + { + LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_ARGUMENTS, "No EC private key."); + } + + r = tlv_add_tlv(sbuf, sbuf_len, 0xC1, ec->privateD.data, ec->privateD.len); + LOG_TEST_RET(card->ctx, r, "Error in handling TLV."); + + /* Send to card. */ + sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0xDB, 0x3F, 0xFF); + apdu.lc = r; + apdu.datalen = r; + apdu.data = sbuf; + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "%s: APDU transmit failed"); + + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + if(apdu.sw1 == 0x6D && apdu.sw2 == 0x00) + { + sc_log(card->ctx, "The applet returned that the PUT DATA instruction byte is not supported." + "If you are using an older applet version and are trying to import keys, please update your applet first."); + } + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + LOG_FUNC_RETURN(card->ctx, r); + +} + +/* + * @brief Import a private key. + */ +static int +isoApplet_ctl_import_key(sc_card_t *card, sc_cardctl_isoApplet_import_key_t *args) +{ + int r; + sc_apdu_t apdu; + u8 sbuf[SC_MAX_APDU_BUFFER_SIZE]; + u8 *p; + + LOG_FUNC_CALLED(card->ctx); + + /* + * Private keys are not stored in the filesystem. + * ISO 7816-8 - section C.2 describes: + * "Usage of the PUT DATA command for private key import" + * The applet uses this PUT DATA to import private keys, if private key import is allowed. + * + * The first step is to perform a MANAGE SECURITY ENVIRONMENT as it would be done + * with on-card key generation. The second step is PUT DATA (instead of + * GENERATE ASYMMETRIC KEYPAIR). + */ + + /* MANAGE SECURITY ENVIRONMENT (SET). Set the algorithm and key references. */ + sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0x22, 0x41, 0x00); + + p = sbuf; + *p++ = 0x80; /* algorithm reference */ + *p++ = 0x01; + *p++ = args->algorithm_ref; + + *p++ = 0x84; /* Private key reference */ + *p++ = 0x01; + *p++ = args->priv_key_ref; + + r = p - sbuf; + p = NULL; + + apdu.lc = r; + apdu.datalen = r; + apdu.data = sbuf; + + r = sc_transmit_apdu(card, &apdu); + LOG_TEST_RET(card->ctx, r, "%s: APDU transmit failed"); + + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + if(apdu.sw1 == 0x6A && apdu.sw2 == 0x81) + { + sc_log(card->ctx, "Key import not supported by the card with that particular key type." + "Your card may not support the specified algorithm used by the applet / specified by you." + "In most cases, this happens when trying to import EC keys not supported by your java card." + "In this case, look for supported field lengths and whether FP and/or F2M are supported." + "If you tried to import a private RSA key, check the key length."); + } + if(apdu.sw1 == 0x69 && apdu.sw2 == 0x00) + { + sc_log(card->ctx, "Key import not allowed by the applet's security policy." + "If you want to allow key import, set DEF_PRIVATE_KEY_IMPORT_ALLOWED in the IsoApplet," + " rebuild and reinstall the applet."); + } + LOG_TEST_RET(card->ctx, r, "Card returned error"); + + + /* PUT DATA */ + switch(args->algorithm_ref) + { + + case SC_ISOAPPLET_ALG_REF_RSA_GEN_2048: + r = isoApplet_put_data_prkey_rsa(card, &args->prkey->u.rsa); + LOG_TEST_RET(card->ctx, r, "Error in PUT DATA."); + break; + + case SC_ISOAPPLET_ALG_REF_EC_GEN_BRAINPOOLP192R1: + case SC_ISOAPPLET_ALG_REF_EC_GEN_PRIME256V1: + r = isoApplet_put_data_prkey_ec(card, &args->prkey->u.ec); + LOG_TEST_RET(card->ctx, r, "Error in PUT DATA."); + break; + + default: + LOG_TEST_RET(card->ctx, SC_ERROR_NOT_SUPPORTED, "Uknown algorithm refernce."); + } + + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +static int +isoApplet_card_ctl(sc_card_t *card, unsigned long cmd, void *ptr) +{ + int r = 0; + + LOG_FUNC_CALLED(card->ctx); + switch (cmd) + { + case SC_CARDCTL_ISOAPPLET_GENERATE_KEY: + r = isoApplet_ctl_generate_key(card, + (sc_cardctl_isoApplet_genkey_t *) ptr); + break; + case SC_CARDCTL_ISOAPPLET_IMPORT_KEY: + r = isoApplet_ctl_import_key(card, + (sc_cardctl_isoApplet_import_key_t *) ptr); + break; + default: + r = SC_ERROR_NOT_SUPPORTED; + } + LOG_FUNC_RETURN(card->ctx, r); +} + +static int +isoApplet_set_security_env(sc_card_t *card, + const sc_security_env_t *env, int se_num) +{ + sc_apdu_t apdu; + u8 sbuf[SC_MAX_APDU_BUFFER_SIZE]; + u8 *p; + int r, locked = 0; + struct isoApplet_drv_data *drvdata = DRVDATA(card); + + LOG_FUNC_CALLED(card->ctx); + + if(se_num != 0) + { + LOG_TEST_RET(card->ctx, SC_ERROR_NOT_SUPPORTED, + "IsoApplet does not support storing of security environments."); + } + assert(card != NULL && env != NULL); + sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0x22, 0x41, 0); + switch (env->operation) + { + case SC_SEC_OPERATION_DECIPHER: + apdu.p2 = 0xB8; + break; + case SC_SEC_OPERATION_SIGN: + apdu.p2 = 0xB6; + break; + default: + return SC_ERROR_INVALID_ARGUMENTS; + } + p = sbuf; + + if (env->flags & SC_SEC_ENV_ALG_PRESENT) + { + + switch(env->algorithm) + { + + case SC_ALGORITHM_RSA: + if( env->algorithm_flags & SC_ALGORITHM_RSA_PAD_PKCS1 ) + { + drvdata->sec_env_alg_ref = ISOAPPLET_ALG_REF_RSA_PAD_PKCS1; + } + else + { + LOG_TEST_RET(card->ctx, SC_ERROR_NOT_SUPPORTED, "IsoApplet only supports RSA with PKCS1 padding."); + } + break; + + case SC_ALGORITHM_EC: + if( env->algorithm_flags & SC_ALGORITHM_ECDSA_RAW ) + { + drvdata->sec_env_alg_ref = ISOAPPLET_ALG_REF_ECDSA; + } + else + { + LOG_TEST_RET(card->ctx, SC_ERROR_NOT_SUPPORTED, "IsoApplet only supports raw ECDSA."); + } + break; + + default: + LOG_TEST_RET(card->ctx, SC_ERROR_NOT_SUPPORTED, "Unsupported algorithm."); + } + + *p++ = 0x80; /* algorithm reference */ + *p++ = 0x01; + *p++ = drvdata->sec_env_alg_ref; + } + + if (env->flags & SC_SEC_ENV_FILE_REF_PRESENT) + { + *p++ = 0x81; + *p++ = env->file_ref.len; + assert(sizeof(sbuf) - (p - sbuf) >= env->file_ref.len); + memcpy(p, env->file_ref.value, env->file_ref.len); + p += env->file_ref.len; + } + + if (env->flags & SC_SEC_ENV_KEY_REF_PRESENT) + { + if (env->flags & SC_SEC_ENV_KEY_REF_ASYMMETRIC) + *p++ = 0x83; + else + *p++ = 0x84; + *p++ = env->key_ref_len; + assert(sizeof(sbuf) - (p - sbuf) >= env->key_ref_len); + memcpy(p, env->key_ref, env->key_ref_len); + p += env->key_ref_len; + } + r = p - sbuf; + apdu.lc = r; + apdu.datalen = r; + apdu.data = sbuf; + + if (se_num > 0) + { + r = sc_lock(card); + LOG_TEST_RET(card->ctx, r, "sc_lock() failed"); + locked = 1; + } + + if (apdu.datalen != 0) + { + r = sc_transmit_apdu(card, &apdu); + if (r) + { + sc_log(card->ctx, "%s: APDU transmit failed", sc_strerror(r)); + goto err; + } + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + if (r) + { + sc_log(card->ctx, "%s: Card returned error", sc_strerror(r)); + goto err; + } + } + + if (se_num <= 0) + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); + sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0x22, 0xF2, se_num); + r = sc_transmit_apdu(card, &apdu); + sc_unlock(card); + LOG_TEST_RET(card->ctx, r, "APDU transmit failed"); + + r = sc_check_sw(card, apdu.sw1, apdu.sw2); + LOG_FUNC_RETURN(card->ctx, r); +err: + if (locked) + sc_unlock(card); + LOG_FUNC_RETURN(card->ctx, r); +} + +static int +isoApplet_compute_signature(struct sc_card *card, + const u8 * data, size_t datalen, + u8 * out, size_t outlen) +{ + struct isoApplet_drv_data *drvdata = DRVDATA(card); + int r; + size_t xlen, ylen; + size_t i, offset; + + LOG_FUNC_CALLED(card->ctx); + + r = iso_ops->compute_signature(card, data, datalen, out, outlen); + if(r < 0) + { + LOG_FUNC_RETURN(card->ctx, r); + } + + /* If we used ECDSA for the signature op, OpenSC thinks it has to + * convert it to {sequence, sequence} which is already done by the + * card actually. + * To fix this, I strip the {sequence, sequence} structual information + * so that pkcs11-tool.c can add it again... */ + if(drvdata->sec_env_alg_ref == ISOAPPLET_ALG_REF_ECDSA) + { + /* Outer SEQUENCE tag and first INTEGER tag. */ + offset=0; + if(r < 2 + || out[offset++] != 0x30 + || out[offset++] != r-2 + || out[offset++] != 0x02) + { + LOG_FUNC_RETURN(card->ctx, SC_ERROR_UNKNOWN_DATA_RECEIVED); + } + + /* X */ + xlen = out[offset++]; + assert(xlen+4 < outlen); + /* Remove the leading 0 of the coordinate, if present. */ + if(out[offset] == 0x00) + { + offset++; + xlen--; + } + for(i=0; i < xlen; i++) + { + out[i] = out[i+offset]; + } + + /* Y */ + assert(i+offset+3 < outlen); + if(out[i+offset++] != 0x02) + { + LOG_FUNC_RETURN(card->ctx, SC_ERROR_UNKNOWN_DATA_RECEIVED); + } + ylen = out[i+offset++]; + /* Remove the leading 0 of the coordinate, if present. */ + if(out[i+offset] == 0x00) + { + offset++; + ylen--; + } + assert(offset+xlen+ylen <= outlen); + for(; i < xlen+ylen; i++) + { + out[i] = out[i+offset]; + } + r = xlen+ylen; + } + LOG_FUNC_RETURN(card->ctx, r); +} + +static struct sc_card_driver *sc_get_driver(void) +{ + sc_card_driver_t *iso_drv = sc_get_iso7816_driver(); + + if(iso_ops == NULL) + { + iso_ops = iso_drv->ops; + } + + isoApplet_ops = *iso_drv->ops; + + isoApplet_ops.match_card = isoApplet_match_card; + isoApplet_ops.init = isoApplet_init; + isoApplet_ops.finish = isoApplet_finish; + + isoApplet_ops.card_ctl = isoApplet_card_ctl; + + isoApplet_ops.create_file = isoApplet_create_file; + isoApplet_ops.process_fci = isoApplet_process_fci; + isoApplet_ops.set_security_env = isoApplet_set_security_env; + isoApplet_ops.compute_signature = isoApplet_compute_signature; + + /* unsupported functions */ + isoApplet_ops.write_binary = NULL; + isoApplet_ops.read_record = NULL; + isoApplet_ops.write_record = NULL; + isoApplet_ops.append_record = NULL; + isoApplet_ops.update_record = NULL; + isoApplet_ops.get_challenge = NULL; + isoApplet_ops.restore_security_env = NULL; + + return &isoApplet_drv; +} + +struct sc_card_driver * sc_get_isoApplet_driver(void) +{ + return sc_get_driver(); +} diff --git a/src/libopensc/cardctl.h b/src/libopensc/cardctl.h index b46185abe9..98a34f0fb3 100644 --- a/src/libopensc/cardctl.h +++ b/src/libopensc/cardctl.h @@ -255,7 +255,14 @@ enum { */ SC_CARDCTL_DNIE_BASE = _CTL_PREFIX('D', 'N', 'I'), SC_CARDCTL_DNIE_GENERATE_KEY, - SC_CARDCTL_DNIE_GET_INFO + SC_CARDCTL_DNIE_GET_INFO, + + /* + * isoApplet Java Card Applet + */ + SC_CARDCTL_ISOAPPLET_BASE = _CTL_PREFIX('I','S','O'), + SC_CARDCTL_ISOAPPLET_GENERATE_KEY, + SC_CARDCTL_ISOAPPLET_IMPORT_KEY }; enum { @@ -957,6 +964,30 @@ typedef struct sc_cardctl_sc_hsm_wrapped_key { size_t wrapped_key_length; /* Length of key blob */ } sc_cardctl_sc_hsm_wrapped_key_t; +/* + * isoApplet + */ + +#define SC_ISOAPPLET_ALG_REF_RSA_GEN_2048 0xF3 +#define SC_ISOAPPLET_ALG_REF_EC_GEN_BRAINPOOLP192R1 0xE0 +#define SC_ISOAPPLET_ALG_REF_EC_GEN_PRIME256V1 0xE1 + +typedef struct sc_cardctl_isoApplet_genkey { + u8 algorithm_ref; /* Algorithm reference sent to card */ + unsigned char *exponent; /* RSA public key exponent */ + unsigned int exponent_len; + unsigned int priv_key_ref; /* Private key refernce sent to card */ + unsigned char *pubkey; /* RSA public key modulus (or EC tlv-encoded public key) */ + unsigned int pubkey_len; +} sc_cardctl_isoApplet_genkey_t; + +typedef struct sc_cardctl_isoApplet_import_key { + u8 algorithm_ref; /*Algorithm reference sent to card */ + unsigned int priv_key_ref; /* Private key refernce sent to card */ + struct sc_pkcs15_prkey *prkey; +} sc_cardctl_isoApplet_import_key_t; + + #ifdef __cplusplus } #endif diff --git a/src/libopensc/cards.h b/src/libopensc/cards.h index 7be666713a..229940b1cd 100644 --- a/src/libopensc/cards.h +++ b/src/libopensc/cards.h @@ -199,7 +199,11 @@ enum { SC_CARD_TYPE_DNIE_BLANK, /* ATR LC byte: 00 */ SC_CARD_TYPE_DNIE_ADMIN, /* ATR LC byte: 01 */ SC_CARD_TYPE_DNIE_USER, /* ATR LC byte: 03 */ - SC_CARD_TYPE_DNIE_TERMINATED /* ATR LC byte: 0F */ + SC_CARD_TYPE_DNIE_TERMINATED, /* ATR LC byte: 0F */ + + /* JavaCards with isoApplet */ + SC_CARD_TYPE_ISO_APPLET_BASE = 28000, + SC_CARD_TYPE_ISO_APPLET_GENERIC }; extern sc_card_driver_t *sc_get_default_driver(void); @@ -236,6 +240,7 @@ extern sc_card_driver_t *sc_get_authentic_driver(void); extern sc_card_driver_t *sc_get_iasecc_driver(void); extern sc_card_driver_t *sc_get_epass2003_driver(void); extern sc_card_driver_t *sc_get_dnie_driver(void); +extern sc_card_driver_t *sc_get_isoApplet_driver(void); #ifdef __cplusplus } diff --git a/src/libopensc/ctx.c b/src/libopensc/ctx.c index fa94dc14ff..19d23770d8 100644 --- a/src/libopensc/ctx.c +++ b/src/libopensc/ctx.c @@ -108,6 +108,7 @@ static const struct _sc_driver_entry internal_card_drivers[] = { { "atrust-acos",(void *(*)(void)) sc_get_atrust_acos_driver }, { "PIV-II", (void *(*)(void)) sc_get_piv_driver }, { "itacns", (void *(*)(void)) sc_get_itacns_driver }, + { "isoApplet", (void *(*)(void)) sc_get_isoApplet_driver }, /* The default driver should be last, as it handles all the * unrecognized cards. */ { "default", (void *(*)(void)) sc_get_default_driver }, diff --git a/src/pkcs15init/Makefile.am b/src/pkcs15init/Makefile.am index 1bffba0ffb..bf267df82e 100644 --- a/src/pkcs15init/Makefile.am +++ b/src/pkcs15init/Makefile.am @@ -29,7 +29,8 @@ dist_pkgdata_DATA = \ iasecc.profile \ ias_adele_admin1.profile ias_adele_admin2.profile ias_adele_common.profile \ iasecc_generic_pki.profile iasecc_admin_eid.profile iasecc_generic_oberthur.profile \ - openpgp.profile sc-hsm.profile + openpgp.profile sc-hsm.profile \ + isoApplet.profile AM_CPPFLAGS = -DSC_PKCS15_PROFILE_DIRECTORY=\"$(pkgdatadir)\" \ -I$(top_srcdir)/src @@ -46,4 +47,5 @@ libpkcs15init_la_SOURCES = \ pkcs15-rtecp.c pkcs15-myeid.c \ pkcs15-oberthur.c pkcs15-oberthur-awp.c \ pkcs15-authentic.c pkcs15-iasecc.c pkcs15-openpgp.c \ - pkcs15-sc-hsm.c + pkcs15-sc-hsm.c \ + pkcs15-isoApplet.c diff --git a/src/pkcs15init/Makefile.mak b/src/pkcs15init/Makefile.mak index 348534ee84..fb4b28fbd1 100644 --- a/src/pkcs15init/Makefile.mak +++ b/src/pkcs15init/Makefile.mak @@ -9,7 +9,8 @@ OBJECTS = pkcs15-lib.obj profile.obj \ pkcs15-muscle.obj pkcs15-asepcos.obj pkcs15-rutoken.obj \ pkcs15-entersafe.obj pkcs15-rtecp.obj pkcs15-westcos.obj \ pkcs15-myeid.obj pkcs15-authentic.obj pkcs15-iasecc.obj \ - pkcs15-epass2003.obj pkcs15-openpgp.obj pkcs15-sc-hsm.obj + pkcs15-epass2003.obj pkcs15-openpgp.obj pkcs15-sc-hsm.obj \ + pkcs15-isoApplet.obj all: $(TARGET) diff --git a/src/pkcs15init/isoApplet.profile b/src/pkcs15init/isoApplet.profile new file mode 100644 index 0000000000..acf252bf1e --- /dev/null +++ b/src/pkcs15init/isoApplet.profile @@ -0,0 +1,164 @@ +# +# PKCS15 profile for the isoApplet JavaCard Applet. +# - init driver: pkcs15-isoApplet.c +# - card driver: card-isoApplet.c +# + +cardinfo { + label = "JavaCard isoApplet"; + manufacturer = "unknown"; + min-pin-length = 4; + max-pin-length = 16; + pin-pad-char = 0x00; +} + +pkcs15 { + # Method to calculate ID of the crypto objects + # mozilla: SHA1(modulus) for RSA, SHA1(pub) for DSA + # rfc2459: SHA1(SequenceASN1 of public key components as ASN1 integers) + # native: 'E' + number_of_present_objects_of_the_same_type + # default value: 'native' + pkcs15-id-style = native; +} + +option default { + macros { + unusedspace-size = 128; + odf-size = 256; + aodf-size = 256; + cdf-size = 512; + prkdf-size = 512; + pukdf-size = 512; + dodf-size = 256; + } +} + +PIN so-pin { + attempts = 3; + max-length = 16; + min-length = 4; + reference = 1; + flags = case-sensitive, needs-padding; +} + +PIN so-puk { + attempts = 3; + max-length = 16; + min-length = 16; + reference = 2; + flags = unblockingPin, unblock-disabled, case-sensitive, change-disabled; +} + +filesystem { + DF MF { + path = 3F00; + type = DF; + + # This is the DIR file + EF DIR { + type = EF; + file-id = 2F00; + size = 128; + acl = *=NONE; + } + + # Here comes the application DF + DF PKCS15-AppDF { + type = DF; + file-id = 5015; + aid = A0:00:00:00:63:50:4B:43:53:2D:31:35; + acl = *=NONE, DELETE=$PIN; + size = 5000; + + EF PKCS15-ODF { + file-id = 5031; + size = $odf-size; + ACL = *=NONE; + } + + EF PKCS15-TokenInfo { + file-id = 5032; + ACL = *=NONE; + } + + EF PKCS15-UnusedSpace { + file-id = 5033; + size = $unusedspace-size; + ACL = *=NONE; + } + + EF PKCS15-AODF { + file-id = 4401; + size = $aodf-size; + ACL = *=$PIN, READ=NONE; + } + + EF PKCS15-PrKDF { + file-id = 4402; + size = $prkdf-size; + acl = *=$PIN, READ=NONE; + } + + EF PKCS15-PuKDF { + file-id = 4403; + size = $pukdf-size; + acl = *=$PIN, READ=NONE; + } + + EF PKCS15-CDF { + file-id = 4404; + size = $cdf-size; + acl = *=$PIN, READ=NONE; + } + + EF PKCS15-DODF { + file-id = 4405; + size = $dodf-size; + ACL = *=$PIN, READ=NONE; + } + + template key-domain { + + BSO private-key { + ACL = *=$PIN, READ=NEVER; + } + + # EF private-key { + # file-id = 3000; + # acl = *=NEVER, UPDATE=$PIN, ERASE=$PIN; + # } + + # EF extractable-key { + # file-id = 3100; + # acl = *=NEVER, READ=$PIN, UPDATE=$PIN, + # ERASE=$PIN; + # } + + EF data { + file-id = 3200; + acl = *=NEVER, UPDATE=$PIN, READ=NONE, + DELETE-SELF=$PIN, ERASE=$PIN; + } + + EF privdata { + file-id = 3500; + acl = *=NEVER, UPDATE=$PIN, READ=$PIN, + DELETE-SELF=$PIN, ERASE=$PIN; + } + + EF public-key { + file-id = 3300; + acl = *=NEVER, UPDATE=$PIN, READ=NONE, + DELETE-SELF=$PIN, ERASE=$PIN; + } + + EF certificate { + file-id = 3400; + acl = *=NEVER, UPDATE=$PIN, READ=NONE, + DELETE-SELF=$PIN, ERASE=$PIN; + } + + } + } + } +} diff --git a/src/pkcs15init/pkcs15-init.h b/src/pkcs15init/pkcs15-init.h index c40ff7f6f8..9fc9a97da2 100644 --- a/src/pkcs15init/pkcs15-init.h +++ b/src/pkcs15init/pkcs15-init.h @@ -420,6 +420,7 @@ extern struct sc_pkcs15init_operations *sc_pkcs15init_get_iasecc_ops(void); extern struct sc_pkcs15init_operations *sc_pkcs15init_get_piv_ops(void); extern struct sc_pkcs15init_operations *sc_pkcs15init_get_openpgp_ops(void); extern struct sc_pkcs15init_operations *sc_pkcs15init_get_sc_hsm_ops(void); +extern struct sc_pkcs15init_operations *sc_pkcs15init_get_isoApplet_ops(void); #ifdef __cplusplus } diff --git a/src/pkcs15init/pkcs15-isoApplet.c b/src/pkcs15init/pkcs15-isoApplet.c new file mode 100644 index 0000000000..41410c5084 --- /dev/null +++ b/src/pkcs15init/pkcs15-isoApplet.c @@ -0,0 +1,871 @@ +/* + * pkcs15-init driver for JavaCards with IsoApplet installed. + * + * Copyright (C) 2014 Philip Wendland + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include "config.h" + +#include +#include +#include +#include +#include + +#include "../libopensc/log.h" +#include "../libopensc/internal.h" +#include "../libopensc/opensc.h" +#include "../libopensc/cardctl.h" +#include "../libopensc/asn1.h" +#include "pkcs15-init.h" +#include "profile.h" + +#define ISOAPPLET_KEY_ID_MIN 0 +#define ISOAPPLET_KEY_ID_MAX 15 + + +struct ec_curve +{ + const struct sc_lv_data oid; + const struct sc_lv_data prime; + const struct sc_lv_data coefficientA; + const struct sc_lv_data coefficientB; + const struct sc_lv_data basePointG; + const struct sc_lv_data order; + const struct sc_lv_data coFactor; +}; + +static struct ec_curve curves[] = +{ + + { + { (unsigned char *) "\x2B\x24\x03\x03\x02\x08\x01\x01\x03", 9}, /* brainpoolP192r1 */ + { (unsigned char *) "\xC3\x02\xF4\x1D\x93\x2A\x36\xCD\xA7\xA3\x46\x30\x93\xD1\x8D\xB7\x8F\xCE\x47\x6D\xE1\xA8\x62\x97", 24}, + { (unsigned char *) "\x6A\x91\x17\x40\x76\xB1\xE0\xE1\x9C\x39\xC0\x31\xFE\x86\x85\xC1\xCA\xE0\x40\xE5\xC6\x9A\x28\xEF", 24}, + { (unsigned char *) "\x46\x9A\x28\xEF\x7C\x28\xCC\xA3\xDC\x72\x1D\x04\x4F\x44\x96\xBC\xCA\x7E\xF4\x14\x6F\xBF\x25\xC9", 24}, + { (unsigned char *) "\xC0\xA0\x64\x7E\xAA\xB6\xA4\x87\x53\xB0\x33\xC5\x6C\xB0\xF0\x90\x0A\x2F\x5C\x48\x53\x37\x5F\xD6\x14\xB6\x90\x86\x6A\xBD\x5B\xB8\x8B\x5F\x48\x28\xC1\x49\x00\x02\xE6\x77\x3F\xA2\xFA\x29\x9B\x8F", 48}, + { (unsigned char *) "\xC3\x02\xF4\x1D\x93\x2A\x36\xCD\xA7\xA3\x46\x2F\x9E\x9E\x91\x6B\x5B\xE8\xF1\x02\x9A\xC4\xAC\xC1", 24}, + { (unsigned char *) "\x00\x01", 2} + }, + + { + { (unsigned char *) "\x2A\x86\x48\xCE\x3D\x03\x01\x07", 8}, /* secp256r1 aka prime256v1 */ + { (unsigned char *) "\xFF\xFF\xFF\xFF\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF", 32}, + { (unsigned char *) "\xFF\xFF\xFF\xFF\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFC", 32}, + { (unsigned char *) "\x5A\xC6\x35\xD8\xAA\x3A\x93\xE7\xB3\xEB\xBD\x55\x76\x98\x86\xBC\x65\x1D\x06\xB0\xCC\x53\xB0\xF6\x3B\xCE\x3C\x3E\x27\xD2\x60\x4B", 32}, + { (unsigned char *) "\x6B\x17\xD1\xF2\xE1\x2C\x42\x47\xF8\xBC\xE6\xE5\x63\xA4\x40\xF2\x77\x03\x7D\x81\x2D\xEB\x33\xA0\xF4\xA1\x39\x45\xD8\x98\xC2\x96\x4F\xE3\x42\xE2\xFE\x1A\x7F\x9B\x8E\xE7\xEB\x4A\x7C\x0F\x9E\x16\x2B\xCE\x33\x57\x6B\x31\x5E\xCE\xCB\xB6\x40\x68\x37\xBF\x51\xF5", 64}, + { (unsigned char *) "\xFF\xFF\xFF\xFF\x00\x00\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xBC\xE6\xFA\xAD\xA7\x17\x9E\x84\xF3\xB9\xCA\xC2\xFC\x63\x25\x51", 32}, + { (unsigned char *) "\x00\x01", 2} + }, + + { + { NULL, 0}, + { NULL, 0}, + { NULL, 0}, + { NULL, 0}, + { NULL, 0}, + { NULL, 0}, + { NULL, 0} + } +}; + + +/* + * Create DF, using default pkcs15init functions. + */ +static int +isoApplet_create_dir(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_file_t *df) +{ + sc_card_t *card = p15card->card; + int r = SC_SUCCESS; + + LOG_FUNC_CALLED(card->ctx); + + if(!profile || !p15card || !df || !p15card->card || !p15card->card->ctx) + { + LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_ARGUMENTS); + } + r = sc_pkcs15init_create_file(profile, p15card, df); + LOG_FUNC_RETURN(card->ctx, r); +} + +/* + * Select a PIN reference. + * + * Basically (as I understand it) the caller passes an auth_info object and the + * auth_info->attrs.pin.reference is supposed to be set accordingly and return. + * + * The IsoApplet only supports a PIN and a PUK at the moment. + * The reference for the PIN is 1, for the PUK 2. + */ +static int +isoApplet_select_pin_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, + sc_pkcs15_auth_info_t *auth_info) +{ + sc_card_t *card = p15card->card; + int preferred, current; + + LOG_FUNC_CALLED(card->ctx); + + if (auth_info->auth_type != SC_PKCS15_PIN_AUTH_TYPE_PIN) + { + LOG_FUNC_RETURN(card->ctx, SC_ERROR_OBJECT_NOT_VALID); + } + + current = auth_info->attrs.pin.reference; + if (current < 0) + { + current = 0; + } + + if(current > 2) + { + /* Only two PINs supported: User PIN and PUK. */ + LOG_FUNC_RETURN(card->ctx, SC_ERROR_TOO_MANY_OBJECTS); + } + else + { + if(auth_info->attrs.pin.flags & SC_PKCS15_PIN_FLAG_UNBLOCKING_PIN) + { + /* PUK */ + preferred = 2; + } + else + { + /* PIN */ + preferred = 1; + } + } + + auth_info->attrs.pin.reference = preferred; + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +/* + * Create a PIN and store it on the card using CHANGE REFERENCE DATA for PIN transmission. + * First, the PUK is transmitted, then the PIN. Now, the IsoApplet is in the + * "STATE_OPERATIONAL_ACTIVATED" lifecycle state. + */ +static int +isoApplet_create_pin(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_file_t *df, + sc_pkcs15_object_t *pin_obj, + const u8 *pin, size_t pin_len, + const u8 *puk, size_t puk_len) +{ + sc_card_t *card = p15card->card; + sc_pkcs15_auth_info_t *auth_info = (sc_pkcs15_auth_info_t *) pin_obj->data; + struct sc_pkcs15_pin_attributes *pin_attrs = &auth_info->attrs.pin; + int r; + + LOG_FUNC_CALLED(card->ctx); + + if(!pin || !pin_len || !p15card || !p15card->card || !df || !&df->path) + { + LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_ARGUMENTS); + } + + if(pin_attrs->reference != 1 && pin_attrs->reference != 2) + { + /* Reject PIN reference. */ + LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_PIN_REFERENCE); + } + + /* If we have a PUK, set it first. */ + if(puk && puk_len) + { + /* The PUK has a incremented reference, i.e. pins are odd, puks are equal (+1). */ + r = sc_change_reference_data(p15card->card, SC_AC_CHV, + pin_attrs->reference+1, + NULL, 0, + puk, puk_len, NULL); + if(r < 0) + { + LOG_FUNC_RETURN(card->ctx, r); + } + } + + /* Store PIN: (use CHANGE REFERENCE DATA). */ + r = sc_change_reference_data(p15card->card, SC_AC_CHV, + pin_attrs->reference, + NULL, 0, + pin, pin_len, NULL); + + LOG_FUNC_RETURN(card->ctx, r); +} + +/* + * @brief Get the OID of the curve specified by a curve name. + * + * @param[in] named_curve The name of the curve to search the OID of. + * Supported values are: brainpoolP192r1, prime256v1. + * @param[out] oid The OID of the curve. + * + * @returns SC_SUCCESS: If the curve was found. + * SC_ERROR_INVALID_ARGUMENTS: If named_curve was null or the curve + * was not found + */ +static int +isoApplet_get_curve_oid(const char* named_curve, const struct sc_lv_data **oid) +{ + if(!named_curve) + return SC_ERROR_INVALID_ARGUMENTS; + + if(strncmp(named_curve, "brainpoolP192r1", 15) == 0) + { + *oid = &curves[0].oid; + return SC_SUCCESS; + } + else if(strncmp(named_curve, "prime256v1", 10) == 0) + { + *oid = &curves[1].oid; + return SC_SUCCESS; + } + return SC_ERROR_INVALID_ARGUMENTS; +} + +/* + * @brief Check the consistency of TLV-encoded EC curve parameters. + * + * Check the EC params in buf (length: len) that are structured according + * to ISO 7816-8 table 3 - Public key data objects. + * The params are compared with the ones given in the curve struct. + * + * @param[in] ctx + * @param[in] buf The buffer containing the TLV-encoded (ISO 7816-8 table 3) + * EC parameters. + * @param[in] len The length of buf. + * @param[in] curve An ec_curve struct that should be used to check the + * parameters in buf. + * + * @return SC_SUCCESS: If the EC parameters are consistent. + * SC_ERROR_INCOMPATIBLE_KEY: If the curve is unknown or the EC + * parameters are not consistent. + */ +static int +checkEcParams(sc_context_t* ctx, const u8* buf, size_t len, const struct ec_curve curve) +{ + const u8 *curr_pos = NULL; + size_t tag_len; + int r = SC_SUCCESS; + + LOG_FUNC_CALLED(ctx); + + /* Check the field. */ + curr_pos = sc_asn1_find_tag(ctx, buf, len, (unsigned int) 0x81, &tag_len); + if(curr_pos == NULL || tag_len != curve.prime.len) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "Could not find any EC field tag in the response template or the length was unexpected."); + } + if(memcmp(curr_pos, curve.prime.value, curve.prime.len) != 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "The EC field by the smartcard was unexpected."); + } + + /* Check the coefficient A. */ + curr_pos = sc_asn1_find_tag(ctx, buf, len, (unsigned int) 0x82, &tag_len); + if(curr_pos == NULL || tag_len != curve.coefficientA.len) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "Could not find any EC coefficient A tag in the response template or the length was unexpected."); + } + if(memcmp(curr_pos, curve.coefficientA.value, curve.coefficientA.len) != 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "The EC coefficient A returned by the smartcard was unexpected."); + } + + /* Check the coefficient B. */ + curr_pos = sc_asn1_find_tag(ctx, buf, len, (unsigned int) 0x83, &tag_len); + if(curr_pos == NULL || tag_len != curve.coefficientB.len) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "Could not find any EC coefficient B tag in the response template or the length was unexpected."); + } + if(memcmp(curr_pos, curve.coefficientB.value, curve.coefficientB.len) != 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "The EC coefficient B returned by the smartcard was unexpected."); + } + + /* Check the basepoint G. + * Note: The IsoApplet omits the 0x04 (uncompressed) tag. */ + curr_pos = sc_asn1_find_tag(ctx, buf, len, (unsigned int) 0x84, &tag_len); + if(curr_pos == NULL || tag_len != curve.basePointG.len) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "Could not find any EC basepoint G tag in the response template or the length was unexpected."); + } + if(memcmp(curr_pos, curve.basePointG.value, curve.basePointG.len) != 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "The EC basepoint G returned by the smartcard was unexpected."); + } + + /* Check the order. */ + curr_pos = sc_asn1_find_tag(ctx, buf, len, (unsigned int) 0x85, &tag_len); + if(curr_pos == NULL || tag_len != curve.order.len) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "Could not find any EC order tag in the response template or the length was unexpected."); + } + if(memcmp(curr_pos, curve.order.value, curve.order.len) != 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "The EC order returned by the smartcard was unexpected."); + } + + /* Check the coFactor. */ + curr_pos = sc_asn1_find_tag(ctx, buf, len, (unsigned int) 0x87, &tag_len); + if(curr_pos == NULL || tag_len != curve.coFactor.len) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "Could not find any EC cofactor tag in the response template or the length was unexpected."); + } + if(memcmp(curr_pos, curve.coFactor.value, curve.coFactor.len) != 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + LOG_TEST_RET(ctx, r, + "The EC cofactor returned by the smartcards was unexpected."); + } + + LOG_FUNC_RETURN(ctx, r); +} + +/* + * @brief Generate a RSA private key on the card. + * + * A MANAGE SECURITY ENVIRONMENT apdu must have been sent before. + * This function uses card_ctl to access the card-isoApplet driver. + * + * @param[in] key_info + * @param[in] card + * @param[in] pubkey The public key of the generated key pair + * returned by the card. + * + * @return SC_ERROR_INVALID_ARGURMENTS: Invalid key length. + * SC_ERROR_OUT_OF_MEMORY + */ +static int +generate_key_rsa(sc_pkcs15_prkey_info_t *key_info, sc_card_t *card, + sc_pkcs15_pubkey_t *pubkey) +{ + int rv; + size_t keybits; + struct sc_cardctl_isoApplet_genkey args; + + LOG_FUNC_CALLED(card->ctx); + + /* Check key size: */ + keybits = key_info->modulus_length; + if (keybits != 2048) + { + rv = SC_ERROR_INVALID_ARGUMENTS; + sc_log(card->ctx, "%s: RSA private key length is unsupported, correct length is 2048", sc_strerror(rv)); + goto err; + } + + /* Generate the key. + * Note: keysize is not explicitly passed to the card. It assumes 2048 along with the algorithm reference. */ + memset(&args, 0, sizeof(args)); + args.algorithm_ref = SC_ISOAPPLET_ALG_REF_RSA_GEN_2048; + args.priv_key_ref = key_info->key_reference; + + args.pubkey_len = keybits / 8; + args.pubkey = malloc(args.pubkey_len); + if (!args.pubkey) + { + rv = SC_ERROR_OUT_OF_MEMORY; + sc_log(card->ctx, "%s: Unable to allocate public key buffer.", sc_strerror(rv)); + goto err; + } + + args.exponent_len = 3; + args.exponent = malloc(args.exponent_len); + if(!args.exponent) + { + rv = SC_ERROR_OUT_OF_MEMORY; + sc_log(card->ctx, "%s: Unable to allocate public key exponent buffer.", sc_strerror(rv)); + goto err; + } + + rv = sc_card_ctl(card, SC_CARDCTL_ISOAPPLET_GENERATE_KEY, &args); + if (rv < 0) + { + sc_log(card->ctx, "%s: Error in card_ctl", sc_strerror(rv)); + goto err; + } + + /* extract public key */ + pubkey->algorithm = SC_ALGORITHM_RSA; + pubkey->u.rsa.modulus.len = args.pubkey_len; + pubkey->u.rsa.modulus.data = args.pubkey; + pubkey->u.rsa.exponent.len = args.exponent_len; + pubkey->u.rsa.exponent.data = args.exponent; + rv = SC_SUCCESS; + LOG_FUNC_RETURN(card->ctx, rv); +err: + if (args.pubkey) + { + free(args.pubkey); + pubkey->u.rsa.modulus.data = NULL; + pubkey->u.rsa.modulus.len = 0; + } + if (args.exponent) + { + free(args.exponent); + pubkey->u.rsa.exponent.data = NULL; + pubkey->u.rsa.exponent.len = 0; + } + LOG_FUNC_RETURN(card->ctx, rv); +} + +/* + * @brief Generate a EC private key on the card. + * + * A MANAGE SECURITY ENVIRONMENT apdu must have been sent before. + * This function uses card_ctl to access the card-isoApplet driver. + * + * @param[in] key_info + * @param[in] card + * @param[in] pubkey The public key of the generated key pair + * returned by the card. + * + * @return SC_ERROR_INVALID_ARGURMENTS: Invalid key length or curve. + * SC_ERROR_OUT_OF_MEMORY + * SC_ERROR_INCOMPATIBLE_KEY: The data returned by the card + * was unexpected and can not be + * handled. + */ +static int +generate_key_ec(const sc_pkcs15_prkey_info_t *key_info, sc_card_t *card, + sc_pkcs15_pubkey_t *pubkey) +{ + int r; + u8* p = NULL; + u8* ecPubKeyPoint = NULL; + size_t tag_len; + size_t all_tags_len; + const u8* curr_pos = NULL; + struct sc_ec_params* ecp = NULL; + const struct sc_lv_data* oid = NULL; + sc_cardctl_isoApplet_genkey_t args; + const struct sc_pkcs15_ec_parameters* info_ecp = + (struct sc_pkcs15_ec_parameters *) key_info->params.data; + + LOG_FUNC_CALLED(card->ctx); + + /* Check key size: */ + if(key_info->field_length != 192 + && key_info->field_length != 256) + { + sc_log(card->ctx, "EC field length is unsupported, length provided was: %d.", key_info->field_length); + r = SC_ERROR_INVALID_ARGUMENTS; + goto err; + } + + if(info_ecp->named_curve && strncmp(info_ecp->named_curve, "brainpoolP192r1", 15) != 0 + && strncmp(info_ecp->named_curve, "prime256v1", 10) != 0) + { + sc_log(card->ctx, "EC key generation failed: Unsupported curve: [%s].", info_ecp->named_curve); + r = SC_ERROR_INVALID_ARGUMENTS; + goto err; + } + + /* Generate the key. + * Note: THe field size is not explicitly passed to the card. + * It assumes it along with the algorithm reference. */ + memset(&args, 0, sizeof(args)); + + args.pubkey_len = 512; + args.pubkey = malloc(args.pubkey_len); + if(!args.pubkey) + { + r = SC_ERROR_OUT_OF_MEMORY; + sc_log(card->ctx, "%s: Unable to allocate public key buffer.", sc_strerror(r)); + goto err; + } + + if(strncmp(info_ecp->named_curve, "brainpoolP192r1", 15) == 0) + { + args.algorithm_ref = SC_ISOAPPLET_ALG_REF_EC_GEN_BRAINPOOLP192R1; + } + else if(strncmp(info_ecp->named_curve, "prime256v1", 10) == 0) + { + args.algorithm_ref = SC_ISOAPPLET_ALG_REF_EC_GEN_PRIME256V1; + } + args.priv_key_ref = key_info->key_reference; + + r = sc_card_ctl(card, SC_CARDCTL_ISOAPPLET_GENERATE_KEY, &args); + if (r < 0) + { + sc_log(card->ctx, "%s: Error in card_ctl.", sc_strerror(r)); + goto err; + } + + /* Extract the public key. */ + pubkey->algorithm = SC_ALGORITHM_EC; + + /* Get the curves OID. */ + r = isoApplet_get_curve_oid(info_ecp->named_curve, &oid); + if(r < 0) + { + sc_log(card->ctx, "Error obtaining the curve OID.", sc_strerror(r)); + goto err; + } + + /* der-encoded parameters */ + ecp = calloc(1, sizeof(struct sc_ec_params)); + if(!ecp) + { + r = SC_ERROR_OUT_OF_MEMORY; + goto err; + } + ecp->der_len = oid->len + 2; + ecp->der = calloc(ecp->der_len, 1); + if(!ecp->der) + { + r = SC_ERROR_OUT_OF_MEMORY; + sc_log(card->ctx, "%s: Unable to allocate public key buffer.", sc_strerror(r)); + goto err; + } + ecp->der[0] = 0x06; + ecp->der[1] = (u8)oid->len; + memcpy(ecp->der + 2, oid->value, oid->len); + ecp->type = 1; /* named curve */ + + pubkey->alg_id = (struct sc_algorithm_id *)calloc(1, sizeof(struct sc_algorithm_id)); + if(!pubkey->alg_id) + { + r = SC_ERROR_OUT_OF_MEMORY; + sc_log(card->ctx, "%s: Unable to allocate public key sc_algorithm_id.", sc_strerror(r)); + goto err; + } + pubkey->alg_id->algorithm = SC_ALGORITHM_EC; + pubkey->alg_id->params = ecp; + + p = args.pubkey; + if(memcmp(info_ecp->named_curve, "brainpoolP192r1", 15) == 0) + { + /* The applet returns the public key encoded according to + * ISO 7816-8 table 3 - Public key data objects. This is a + * 2-byte tag. A length of 0xD0 = 208 is expected for BrainpoolP192r1. */ + if(memcmp(p, "\x7F\x49\x81\xD0", 4) != 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + sc_log(card->ctx, "%s: Key generation error: Unexpected EC public key received length.", sc_strerror(r)); + goto err; + } + else + { + p += 4; /* p points to the value field of the outer (7F 49) tag. + * This value field is a TLV-structure again. */ + all_tags_len = 208; /* 0xD0 bytes */ + } + + /* Check EC params. */ + r = checkEcParams(card->ctx, p, all_tags_len, curves[0]); + if(r != SC_SUCCESS) + { + goto err; + } + } + else if(memcmp(info_ecp->named_curve, "prime256v1", 10) == 0) + { + /* The applet returns the public key encoded according to + * ISO 7816-8 table 3 - Public key data objects. This is a + * 2-byte tag. A length of 0x011A = 282 is expected for Prime256v1. */ + if(memcmp(p, "\x7F\x49\x82\x01\x1A", 5) != 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + sc_log(card->ctx, "%s: Key generation error: Unexpected EC public key parameters.", sc_strerror(r)); + goto err; + } + else + { + p += 5; /* p points to the value field of the outer (7F 49) tag. + * This value field is a TLV-structure again. */ + all_tags_len = 282; /* 0x011A bytes */ + } + + /* Check EC params. */ + r = checkEcParams(card->ctx, p, all_tags_len, curves[1]); + if(r != SC_SUCCESS) + { + goto err; + } + } + + /* Extract ecpointQ */ + curr_pos = sc_asn1_find_tag(card->ctx, p, all_tags_len, (unsigned int) 0x86, &tag_len); + if(curr_pos == NULL || tag_len == 0) + { + r = SC_ERROR_INCOMPATIBLE_KEY; + sc_log(card->ctx, "%s: Could not find any EC pointQ tag in the response template.", sc_strerror(r)); + goto err; + } + ecPubKeyPoint = malloc(tag_len+1); + if(!ecPubKeyPoint) + { + r = SC_ERROR_OUT_OF_MEMORY; + sc_log(card->ctx, "%s: Unable to allocate public key ecpointQ buffer.", sc_strerror(r)); + goto err; + } + *ecPubKeyPoint = 0x04; /* uncompressed */ + memcpy(ecPubKeyPoint+1, curr_pos, tag_len); + pubkey->u.ec.ecpointQ.value = ecPubKeyPoint; + pubkey->u.ec.ecpointQ.len = tag_len+1; + + /* OID for the public key */ + pubkey->u.ec.params.der.value = malloc(ecp->der_len); + if(!pubkey->u.ec.params.der.value) + { + r = SC_ERROR_OUT_OF_MEMORY; + sc_log(card->ctx, "%s: Unable to allocate public key ec params buffer.", sc_strerror(r)); + goto err; + } + memcpy(pubkey->u.ec.params.der.value, ecp->der, ecp->der_len); + pubkey->u.ec.params.der.len = ecp->der_len; + + r = sc_pkcs15_fix_ec_parameters(card->ctx, &pubkey->u.ec.params); + LOG_FUNC_RETURN(card->ctx, r); +err: + if(pubkey) + { + if(pubkey->alg_id) + { + free(pubkey->alg_id); + pubkey->alg_id = NULL; + } + if(pubkey->u.ec.params.der.value) + { + free(pubkey->u.ec.params.der.value); + pubkey->u.ec.params.der.value = NULL; + pubkey->u.ec.params.der.len = 0; + } + memset(pubkey, 0, sizeof(sc_pkcs15_pubkey_t)); + } + if(args.pubkey) + { + free(args.pubkey); + args.pubkey = NULL; + args.pubkey_len = 0; + } + if(ecPubKeyPoint) + { + free(ecPubKeyPoint); + ecPubKeyPoint = NULL; + } + if(ecp) + { + if(ecp->der) + { + free(ecp->der); + ecp->der = NULL; + } + free(ecp); + ecp = NULL; + } + LOG_FUNC_RETURN(card->ctx, r); +} + +static int +isoApplet_generate_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, + sc_pkcs15_object_t *obj, + sc_pkcs15_pubkey_t *pubkey) +{ + int r; + sc_pkcs15_prkey_info_t* key_info = (sc_pkcs15_prkey_info_t *) obj->data; + sc_file_t* privKeyFile=NULL; + sc_card_t* card = p15card->card; + + LOG_FUNC_CALLED(card->ctx); + + /* Authentication stuff. */ + r = sc_profile_get_file_by_path(profile, &key_info->path, &privKeyFile); + if(!privKeyFile) + { + SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_NOT_SUPPORTED); + } + r = sc_pkcs15init_authenticate(profile, p15card, privKeyFile, SC_AC_OP_CREATE_EF); + if(r < 0) + { + sc_file_free(privKeyFile); + SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_NOT_SUPPORTED); + } + sc_file_free(privKeyFile); + + /* Generate the key. */ + switch(obj->type) + { + case SC_PKCS15_TYPE_PRKEY_RSA: + r = generate_key_rsa(key_info, card, pubkey); + break; + + case SC_PKCS15_TYPE_PRKEY_EC: + r = generate_key_ec(key_info, card, pubkey); + break; + + default: + r = SC_ERROR_NOT_SUPPORTED; + sc_log(card->ctx, "%s: Key generation failed: Unknown/unsupported key type.", strerror(r)); + } + + LOG_FUNC_RETURN(card->ctx, r); +} + + +/* + * Create a new key file. This is a no-op, because private keys are stored as key objects on the javacard. + */ +static int +isoApplet_create_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_pkcs15_object_t *obj) +{ + sc_card_t *card = p15card->card; + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +/* + * Select a key reference. + */ +static int +isoApplet_select_key_reference(sc_profile_t *profile, sc_pkcs15_card_t *p15card, + sc_pkcs15_prkey_info_t *key_info) +{ + int rv = SC_SUCCESS; + sc_card_t *card = p15card->card; + + LOG_FUNC_CALLED(card->ctx); + + if(key_info->key_reference < ISOAPPLET_KEY_ID_MIN) + { + key_info->key_reference = ISOAPPLET_KEY_ID_MIN; + rv = SC_SUCCESS; + } + if(key_info->key_reference > ISOAPPLET_KEY_ID_MAX) + { + rv = SC_ERROR_TOO_MANY_OBJECTS; + } + LOG_FUNC_RETURN(card->ctx, rv); +} + +/* + * Store a usable private key on the card. + */ +static int +isoApplet_store_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_pkcs15_object_t *object, + sc_pkcs15_prkey_t *key) +{ + sc_card_t *card = p15card->card; + sc_pkcs15_prkey_info_t* key_info = (sc_pkcs15_prkey_info_t *) object->data; + sc_file_t* privKeyFile=NULL; + sc_cardctl_isoApplet_import_key_t args; + int r; + char *p = NULL; + + LOG_FUNC_CALLED(card->ctx); + + /* Authentication stuff. */ + r = sc_profile_get_file_by_path(profile, &key_info->path, &privKeyFile); + if(!privKeyFile) + { + SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_NOT_SUPPORTED); + } + r = sc_pkcs15init_authenticate(profile, p15card, privKeyFile, SC_AC_OP_CREATE_EF); + if(r < 0) + { + sc_file_free(privKeyFile); + SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_NOT_SUPPORTED); + } + sc_file_free(privKeyFile); + + /* Key import. */ + switch(object->type) + { + case SC_PKCS15_TYPE_PRKEY_RSA: + args.algorithm_ref = SC_ISOAPPLET_ALG_REF_RSA_GEN_2048; + break; + + case SC_PKCS15_TYPE_PRKEY_EC: + p = key->u.ec.params.named_curve; + if(!p) + { + LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_ARGUMENTS); + } + + if(strncmp(p, "brainpoolP192r1", 15) == 0) + { + args.algorithm_ref = SC_ISOAPPLET_ALG_REF_EC_GEN_BRAINPOOLP192R1; + } + else if(strncmp(p, "prime256v1", 10) == 0) + { + args.algorithm_ref = SC_ISOAPPLET_ALG_REF_EC_GEN_PRIME256V1; + } + break; + + default: + LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED); + } + args.priv_key_ref = key_info->key_reference; + args.prkey = key; + + r = sc_card_ctl(card, SC_CARDCTL_ISOAPPLET_IMPORT_KEY, &args); + if (r < 0) + { + sc_log(card->ctx, "%s: Error in card_ctl", sc_strerror(r)); + LOG_FUNC_RETURN(card->ctx, r); + } + + LOG_FUNC_RETURN(card->ctx, SC_SUCCESS); +} + +static struct sc_pkcs15init_operations sc_pkcs15init_isoApplet_operations = +{ + NULL, /* erase_card */ + NULL, /* init_card */ + isoApplet_create_dir, /* create_dir */ + NULL, /* create_domain */ + isoApplet_select_pin_reference, /* pin_reference*/ + isoApplet_create_pin, /* create_pin */ + isoApplet_select_key_reference, /* key_reference */ + isoApplet_create_key, /* create_key */ + isoApplet_store_key, /* store_key */ + isoApplet_generate_key, /* generate_key */ + NULL, NULL, /* encode private/public key */ + NULL, /* finalize */ + NULL, /* delete_object */ + NULL, NULL, NULL, NULL, NULL, /* pkcs15init emulation */ + NULL, /* sanity_check*/ +}; + +struct +sc_pkcs15init_operations *sc_pkcs15init_get_isoApplet_ops(void) +{ + return &sc_pkcs15init_isoApplet_operations; +} diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c index cc655f6ac6..a051201bd3 100644 --- a/src/pkcs15init/pkcs15-lib.c +++ b/src/pkcs15init/pkcs15-lib.c @@ -154,6 +154,7 @@ static struct profile_operations { { "westcos", (void *) sc_pkcs15init_get_westcos_ops }, { "myeid", (void *) sc_pkcs15init_get_myeid_ops }, { "sc-hsm", (void *) sc_pkcs15init_get_sc_hsm_ops }, + { "isoApplet", (void *) sc_pkcs15init_get_isoApplet_ops }, #ifdef ENABLE_OPENSSL { "authentic", (void *) sc_pkcs15init_get_authentic_ops }, { "iasecc", (void *) sc_pkcs15init_get_iasecc_ops },