/[openpgpmdrv]/trunk/OpenPGPminidriver/CardCryptographicOperations.c
ViewVC logotype

Annotation of /trunk/OpenPGPminidriver/CardCryptographicOperations.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 12 - (hide annotations)
Wed Mar 31 08:58:46 2010 UTC (15 years, 1 month ago) by vletoux
File MIME type: text/plain
File size: 9578 byte(s) 
first msi Release
1 vletoux 1 /* OpenPGP Smart Card Mini Driver
2     Copyright (C) 2009 Vincent Le Toux
3    
4     This library is Free software; you can redistribute it and/or
5     modify it under the terms of the GNU Lesser General Public
6     License version 2.1 as published by the Free Software Foundation.
7    
8     This library is distributed in the hope that it will be useful,
9     but WITHOUT ANY WARRANTY; without even the implied warranty of
10     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11     Lesser General Public License for more details.
12    
13     You should have received a copy of the GNU Lesser General Public
14     License along with this library; if not, write to the Free Software
15     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16     */
17    
18     #include <windows.h>
19     #include <cardmod.h>
20     #include "Tracing.h"
21     #include "Context.h"
22     #include "CryptoOperations.h"
23    
24     // 4.7 Cryptographic operations
25    
26     /** This function performs an RSA decryption operation on the passed buffer
27     by using the private key that a container index refers to. Note that for
28     ECC-only smart cards, this entry point is not defined and is set to NULL
29     in the returned CARD_DATA structure from CardAcquireContext. This operation
30     is restricted to a single buffer of a size equal to the key modulus.*/
31    
32     DWORD WINAPI CardRSADecrypt(
33     __in PCARD_DATA pCardData,
34     __inout PCARD_RSA_DECRYPT_INFO pInfo
35     )
36     {
37     DWORD dwReturn = 0;
38    
39     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
40     __try
41     {
42     if ( pCardData == NULL )
43     {
44     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
45     dwReturn = SCARD_E_INVALID_PARAMETER;
46     __leave;
47     }
48    
49     if ( pInfo == NULL )
50     {
51     Trace(WINEVENT_LEVEL_ERROR, L"pInfo == NULL");
52     dwReturn = SCARD_E_INVALID_PARAMETER;
53     __leave;
54     }
55     if ( pInfo->pbData == NULL )
56     {
57     Trace(WINEVENT_LEVEL_ERROR, L"pInfo->pbData == NULL");
58     dwReturn = SCARD_E_INVALID_PARAMETER;
59     __leave;
60     }
61 vletoux 12 if (pInfo->dwVersion > CARD_RSA_KEY_DECRYPT_INFO_CURRENT_VERSION)
62 vletoux 1 {
63     Trace(WINEVENT_LEVEL_ERROR, L"ERROR_REVISION_MISMATCH");
64     dwReturn = ERROR_REVISION_MISMATCH;
65     __leave;
66     }
67 vletoux 12 if ( pInfo->dwVersion < CARD_RSA_KEY_DECRYPT_INFO_CURRENT_VERSION
68     && pCardData->dwVersion == CARD_DATA_CURRENT_VERSION)
69     {
70     dwReturn = ERROR_REVISION_MISMATCH;
71     Trace(WINEVENT_LEVEL_ERROR, L"ERROR_REVISION_MISMATCH %d", pInfo->dwVersion);
72     __leave;
73     }
74     if (pInfo->dwVersion >= CARD_RSA_KEY_DECRYPT_INFO_VERSION_TWO)
75     {
76     if (pInfo->dwPaddingType != CARD_PADDING_PKCS1)
77     {
78     Trace(WINEVENT_LEVEL_ERROR, L"UNSUPPORTED PADDING %d", pInfo->dwPaddingType);
79     dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
80     __leave;
81     }
82     }
83 vletoux 1 if (pInfo->dwKeySpec != AT_KEYEXCHANGE)
84     {
85     Trace(WINEVENT_LEVEL_ERROR, L"AT_KEYEXCHANGE %d", pInfo->dwKeySpec);
86 vletoux 8 dwReturn = SCARD_E_INVALID_PARAMETER ;
87 vletoux 1 __leave;
88     }
89 vletoux 9 if (pInfo->bContainerIndex != ContainerConfidentiality)
90 vletoux 1 {
91     Trace(WINEVENT_LEVEL_ERROR, L"Confidentiality %d", pInfo->bContainerIndex);
92     dwReturn = SCARD_E_NO_KEY_CONTAINER ;
93     __leave;
94     }
95     dwReturn = CheckContext(pCardData);
96     if ( dwReturn)
97     {
98     __leave;
99     }
100 vletoux 8 dwReturn = OCardDecrypt(pCardData, pInfo);
101     if (dwReturn == SCARD_W_WRONG_CHV)
102     {
103     dwReturn = SCARD_W_SECURITY_VIOLATION;
104     }
105 vletoux 1 }
106     __finally
107     {
108     }
109     Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
110     return dwReturn;
111     }
112    
113    
114     /** The CardSignData function signs a block of unpadded data. This entry either performs
115     padding on the card or pads the data by using the PFN_CSP_PAD_DATA callback. All card
116     minidrivers must support this entry point.*/
117    
118     DWORD WINAPI CardSignData(
119     __in PCARD_DATA pCardData,
120     __in PCARD_SIGNING_INFO pInfo
121     )
122     {
123     DWORD dwReturn = 0;
124    
125     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
126     __try
127     {
128     if ( pCardData == NULL )
129     {
130     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
131     dwReturn = SCARD_E_INVALID_PARAMETER;
132     __leave;
133     }
134    
135     if ( pInfo == NULL )
136     {
137     Trace(WINEVENT_LEVEL_ERROR, L"pInfo == NULL");
138     dwReturn = SCARD_E_INVALID_PARAMETER;
139     __leave;
140     }
141 vletoux 8 if ( ( pInfo->dwVersion != CARD_SIGNING_INFO_BASIC_VERSION ) &&
142     ( pInfo->dwVersion != CARD_SIGNING_INFO_CURRENT_VERSION ) )
143     {
144     Trace(WINEVENT_LEVEL_ERROR, L"dwVersion == %d", pInfo->dwVersion);
145     dwReturn = ERROR_REVISION_MISMATCH;
146     __leave;
147     }
148 vletoux 1 if ( pInfo->pbData == NULL )
149     {
150     Trace(WINEVENT_LEVEL_ERROR, L"pInfo->pbData == NULL");
151     dwReturn = SCARD_E_INVALID_PARAMETER;
152     __leave;
153     }
154 vletoux 10 if (pInfo->dwKeySpec != AT_SIGNATURE && pInfo->dwKeySpec != AT_KEYEXCHANGE)
155 vletoux 8 {
156     Trace(WINEVENT_LEVEL_ERROR, L"AT_SIGNATURE %d", pInfo->dwKeySpec);
157     dwReturn = SCARD_E_INVALID_PARAMETER ;
158     __leave;
159     }
160 vletoux 1 dwReturn = CheckContext(pCardData);
161     if ( dwReturn)
162     {
163     __leave;
164     }
165 vletoux 5 switch(pInfo->bContainerIndex)
166     {
167 vletoux 9 case ContainerAuthentication:
168 vletoux 10 case ContainerConfidentiality:
169 vletoux 8 dwReturn = OCardAuthenticate(pCardData, pInfo);
170 vletoux 5 break;
171 vletoux 9 case ContainerSignature:
172 vletoux 8 dwReturn = OCardSign(pCardData, pInfo);
173 vletoux 5 break;
174     default:
175     dwReturn = SCARD_E_NO_KEY_CONTAINER;
176     Trace(WINEVENT_LEVEL_ERROR, L"SCARD_E_NO_KEY_CONTAINER %d", pInfo->bContainerIndex);
177     __leave;
178     }
179 vletoux 8 if (dwReturn == SCARD_W_WRONG_CHV)
180     {
181     dwReturn = SCARD_W_SECURITY_VIOLATION;
182     }
183 vletoux 1 }
184     __finally
185     {
186     }
187     Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
188     return dwReturn;
189     }
190    
191     /** This function returns the public key sizes that are supported by the card in use.*/
192     DWORD WINAPI CardQueryKeySizes(
193     __in PCARD_DATA pCardData,
194     __in DWORD dwKeySpec,
195     __in DWORD dwFlags,
196     __inout PCARD_KEY_SIZES pKeySizes
197     )
198     {
199     DWORD dwReturn = 0, dwVersion;
200     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
201     __try
202     {
203     if ( pCardData == NULL )
204     {
205     Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
206     dwReturn = SCARD_E_INVALID_PARAMETER;
207     __leave;
208     }
209    
210     if ( dwFlags != 0 )
211     {
212     Trace(WINEVENT_LEVEL_ERROR, L"dwFlags != 0 : %d", dwFlags);
213     dwReturn = SCARD_E_INVALID_PARAMETER;
214     __leave;
215     }
216     if ( pKeySizes == NULL )
217     {
218     Trace(WINEVENT_LEVEL_ERROR, L"pKeySizes == NULL");
219     dwReturn = SCARD_E_INVALID_PARAMETER;
220     __leave;
221     }
222     dwVersion = (pKeySizes->dwVersion == 0) ? 1 : pKeySizes->dwVersion;
223     if ( dwVersion != CARD_KEY_SIZES_CURRENT_VERSION )
224     {
225     Trace(WINEVENT_LEVEL_ERROR, L"dwVersion == %d", pKeySizes->dwVersion);
226     dwReturn = ERROR_REVISION_MISMATCH;
227     __leave;
228     }
229 vletoux 8 dwReturn = CheckContext(pCardData);
230     if ( dwReturn)
231     {
232     __leave;
233     }
234 vletoux 1 switch(dwKeySpec)
235     {
236     case AT_ECDHE_P256 :
237     case AT_ECDHE_P384 :
238     case AT_ECDHE_P521 :
239     case AT_ECDSA_P256 :
240     case AT_ECDSA_P384 :
241     case AT_ECDSA_P521 :
242     Trace(WINEVENT_LEVEL_ERROR, L"dwKeySpec == %d", dwKeySpec);
243     dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
244     __leave;
245     break;
246     case AT_KEYEXCHANGE:
247     case AT_SIGNATURE :
248     break;
249     default:
250     Trace(WINEVENT_LEVEL_ERROR, L"dwKeySpec == %d", dwKeySpec);
251     dwReturn = SCARD_E_INVALID_PARAMETER;
252     __leave;
253     break;
254     }
255    
256     pKeySizes->dwMinimumBitlen = 1024;
257     pKeySizes->dwDefaultBitlen = 2048;
258     pKeySizes->dwMaximumBitlen = 2048;
259     pKeySizes->dwIncrementalBitlen = 0;
260     }
261     __finally
262     {
263     }
264     Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
265     return dwReturn;
266     }
267    
268    
269     /** The CardConstructDHAgreement function performs a secret agreement calculation
270     for Diffie Hellman (DH) key exchange by using a private key that is present on the
271     card. For RSA-only card minidrivers, this entry point is not defined and is set to
272     NULL in the CARD_DATA structure that is returned from CardAcquireContext.
273     The CARD_DH_AGREEMENT structure changes to allow for return of a handle to
274     the agreed secret. This raises a point about how to index the DH agreement
275     on the card in an opaque manner. Maintaining a map file is unnecessary because
276     Ncrypt makes no provision for persistent DH agreements and there is no way to
277     retrieve one after a provider is closed. DH agreements are addressable on card
278     through an opaque BYTE that the card minidriver maintains. This BYTE should be
279     associated with a handle to a card-side agreement.*/
280    
281     DWORD WINAPI CardConstructDHAgreement(
282     __in PCARD_DATA pCardData,
283     __inout PCARD_DH_AGREEMENT_INFO pSecretInfo
284     )
285     {
286     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
287     return SCARD_E_UNSUPPORTED_FEATURE;
288     }
289    
290     /** The key derivation structure represents the majority of the required changes
291     for FIPS 140-2 compliance for smart cards. It holds the requested key derivation
292     function (KDF) and the associated input. The KDFs are defined in the “CNG Reference”
293     documentation on MSDN. For RSA-only card minidrivers, this entry point is not defined
294     and is set to NULL in the CARD_DATA structure that is returned from CardAcquireContext.*/
295    
296     DWORD WINAPI CardDeriveKey(
297     __in PCARD_DATA pCardData,
298     __inout PCARD_DERIVE_KEY pAgreementInfo
299     )
300     {
301     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
302     return SCARD_E_UNSUPPORTED_FEATURE;
303     }
304    
305     /** The CardDestroyDHAgreement function removes an agreed secret from the card.
306     For RSA-only card minidrivers, this entry point is not defined and is set to
307     NULL in the CARD_DATA structure that was returned from CardAcquireContext.*/
308    
309     DWORD WINAPI CardDestroyDHAgreement(
310     __in PCARD_DATA pCardData,
311     __in BYTE bSecretAgreementIndex,
312     __in DWORD dwFlags
313     )
314     {
315     Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
316     return SCARD_E_UNSUPPORTED_FEATURE;
317     }
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26