/[openpgpmdrv]/trunk/OpenPGPminidriver/CardCryptographicOperations.c
ViewVC logotype

Contents of /trunk/OpenPGPminidriver/CardCryptographicOperations.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 10 - (show annotations)
Mon Mar 15 18:23:17 2010 UTC (15 years, 1 month ago) by vletoux
File MIME type: text/plain
File size: 9085 byte(s) 
first beta version
1 /* OpenPGP Smart Card Mini Driver
2 Copyright (C) 2009 Vincent Le Toux
3
4 This library is Free software; you can redistribute it and/or
5 modify it under the terms of the GNU Lesser General Public
6 License version 2.1 as published by the Free Software Foundation.
7
8 This library is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11 Lesser General Public License for more details.
12
13 You should have received a copy of the GNU Lesser General Public
14 License along with this library; if not, write to the Free Software
15 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16 */
17
18 #include <windows.h>
19 #include <cardmod.h>
20 #include "Tracing.h"
21 #include "Context.h"
22 #include "CryptoOperations.h"
23
24 // 4.7 Cryptographic operations
25
26 /** This function performs an RSA decryption operation on the passed buffer
27 by using the private key that a container index refers to. Note that for
28 ECC-only smart cards, this entry point is not defined and is set to NULL
29 in the returned CARD_DATA structure from CardAcquireContext. This operation
30 is restricted to a single buffer of a size equal to the key modulus.*/
31
32 DWORD WINAPI CardRSADecrypt(
33 __in PCARD_DATA pCardData,
34 __inout PCARD_RSA_DECRYPT_INFO pInfo
35 )
36 {
37 DWORD dwReturn = 0;
38
39 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
40 __try
41 {
42 if ( pCardData == NULL )
43 {
44 Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
45 dwReturn = SCARD_E_INVALID_PARAMETER;
46 __leave;
47 }
48
49 if ( pInfo == NULL )
50 {
51 Trace(WINEVENT_LEVEL_ERROR, L"pInfo == NULL");
52 dwReturn = SCARD_E_INVALID_PARAMETER;
53 __leave;
54 }
55 if ( pInfo->pbData == NULL )
56 {
57 Trace(WINEVENT_LEVEL_ERROR, L"pInfo->pbData == NULL");
58 dwReturn = SCARD_E_INVALID_PARAMETER;
59 __leave;
60 }
61 if (pInfo->dwVersion != CARD_RSA_KEY_DECRYPT_INFO_VERSION_ONE
62 && pInfo->dwVersion != CARD_RSA_KEY_DECRYPT_INFO_VERSION_TWO)
63 {
64 Trace(WINEVENT_LEVEL_ERROR, L"ERROR_REVISION_MISMATCH");
65 dwReturn = ERROR_REVISION_MISMATCH;
66 __leave;
67 }
68 if (pInfo->dwKeySpec != AT_KEYEXCHANGE)
69 {
70 Trace(WINEVENT_LEVEL_ERROR, L"AT_KEYEXCHANGE %d", pInfo->dwKeySpec);
71 dwReturn = SCARD_E_INVALID_PARAMETER ;
72 __leave;
73 }
74 if (pInfo->bContainerIndex != ContainerConfidentiality)
75 {
76 Trace(WINEVENT_LEVEL_ERROR, L"Confidentiality %d", pInfo->bContainerIndex);
77 dwReturn = SCARD_E_NO_KEY_CONTAINER ;
78 __leave;
79 }
80 dwReturn = CheckContext(pCardData);
81 if ( dwReturn)
82 {
83 __leave;
84 }
85 dwReturn = OCardDecrypt(pCardData, pInfo);
86 if (dwReturn == SCARD_W_WRONG_CHV)
87 {
88 dwReturn = SCARD_W_SECURITY_VIOLATION;
89 }
90 }
91 __finally
92 {
93 }
94 Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
95 return dwReturn;
96 }
97
98
99 /** The CardSignData function signs a block of unpadded data. This entry either performs
100 padding on the card or pads the data by using the PFN_CSP_PAD_DATA callback. All card
101 minidrivers must support this entry point.*/
102
103 DWORD WINAPI CardSignData(
104 __in PCARD_DATA pCardData,
105 __in PCARD_SIGNING_INFO pInfo
106 )
107 {
108 DWORD dwReturn = 0;
109
110 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
111 __try
112 {
113 if ( pCardData == NULL )
114 {
115 Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
116 dwReturn = SCARD_E_INVALID_PARAMETER;
117 __leave;
118 }
119
120 if ( pInfo == NULL )
121 {
122 Trace(WINEVENT_LEVEL_ERROR, L"pInfo == NULL");
123 dwReturn = SCARD_E_INVALID_PARAMETER;
124 __leave;
125 }
126 if ( ( pInfo->dwVersion != CARD_SIGNING_INFO_BASIC_VERSION ) &&
127 ( pInfo->dwVersion != CARD_SIGNING_INFO_CURRENT_VERSION ) )
128 {
129 Trace(WINEVENT_LEVEL_ERROR, L"dwVersion == %d", pInfo->dwVersion);
130 dwReturn = ERROR_REVISION_MISMATCH;
131 __leave;
132 }
133 if ( pInfo->pbData == NULL )
134 {
135 Trace(WINEVENT_LEVEL_ERROR, L"pInfo->pbData == NULL");
136 dwReturn = SCARD_E_INVALID_PARAMETER;
137 __leave;
138 }
139 if (pInfo->dwKeySpec != AT_SIGNATURE && pInfo->dwKeySpec != AT_KEYEXCHANGE)
140 {
141 Trace(WINEVENT_LEVEL_ERROR, L"AT_SIGNATURE %d", pInfo->dwKeySpec);
142 dwReturn = SCARD_E_INVALID_PARAMETER ;
143 __leave;
144 }
145 dwReturn = CheckContext(pCardData);
146 if ( dwReturn)
147 {
148 __leave;
149 }
150 switch(pInfo->bContainerIndex)
151 {
152 case ContainerAuthentication:
153 case ContainerConfidentiality:
154 dwReturn = OCardAuthenticate(pCardData, pInfo);
155 break;
156 case ContainerSignature:
157 dwReturn = OCardSign(pCardData, pInfo);
158 break;
159 default:
160 dwReturn = SCARD_E_NO_KEY_CONTAINER;
161 Trace(WINEVENT_LEVEL_ERROR, L"SCARD_E_NO_KEY_CONTAINER %d", pInfo->bContainerIndex);
162 __leave;
163 }
164 if (dwReturn == SCARD_W_WRONG_CHV)
165 {
166 dwReturn = SCARD_W_SECURITY_VIOLATION;
167 }
168 }
169 __finally
170 {
171 }
172 Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
173 return dwReturn;
174 }
175
176 /** This function returns the public key sizes that are supported by the card in use.*/
177 DWORD WINAPI CardQueryKeySizes(
178 __in PCARD_DATA pCardData,
179 __in DWORD dwKeySpec,
180 __in DWORD dwFlags,
181 __inout PCARD_KEY_SIZES pKeySizes
182 )
183 {
184 DWORD dwReturn = 0, dwVersion;
185 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
186 __try
187 {
188 if ( pCardData == NULL )
189 {
190 Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
191 dwReturn = SCARD_E_INVALID_PARAMETER;
192 __leave;
193 }
194
195 if ( dwFlags != 0 )
196 {
197 Trace(WINEVENT_LEVEL_ERROR, L"dwFlags != 0 : %d", dwFlags);
198 dwReturn = SCARD_E_INVALID_PARAMETER;
199 __leave;
200 }
201 if ( pKeySizes == NULL )
202 {
203 Trace(WINEVENT_LEVEL_ERROR, L"pKeySizes == NULL");
204 dwReturn = SCARD_E_INVALID_PARAMETER;
205 __leave;
206 }
207 dwVersion = (pKeySizes->dwVersion == 0) ? 1 : pKeySizes->dwVersion;
208 if ( dwVersion != CARD_KEY_SIZES_CURRENT_VERSION )
209 {
210 Trace(WINEVENT_LEVEL_ERROR, L"dwVersion == %d", pKeySizes->dwVersion);
211 dwReturn = ERROR_REVISION_MISMATCH;
212 __leave;
213 }
214 dwReturn = CheckContext(pCardData);
215 if ( dwReturn)
216 {
217 __leave;
218 }
219 switch(dwKeySpec)
220 {
221 case AT_ECDHE_P256 :
222 case AT_ECDHE_P384 :
223 case AT_ECDHE_P521 :
224 case AT_ECDSA_P256 :
225 case AT_ECDSA_P384 :
226 case AT_ECDSA_P521 :
227 Trace(WINEVENT_LEVEL_ERROR, L"dwKeySpec == %d", dwKeySpec);
228 dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
229 __leave;
230 break;
231 case AT_KEYEXCHANGE:
232 case AT_SIGNATURE :
233 break;
234 default:
235 Trace(WINEVENT_LEVEL_ERROR, L"dwKeySpec == %d", dwKeySpec);
236 dwReturn = SCARD_E_INVALID_PARAMETER;
237 __leave;
238 break;
239 }
240
241 pKeySizes->dwMinimumBitlen = 1024;
242 pKeySizes->dwDefaultBitlen = 2048;
243 pKeySizes->dwMaximumBitlen = 2048;
244 pKeySizes->dwIncrementalBitlen = 0;
245 }
246 __finally
247 {
248 }
249 Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
250 return dwReturn;
251 }
252
253
254 /** The CardConstructDHAgreement function performs a secret agreement calculation
255 for Diffie Hellman (DH) key exchange by using a private key that is present on the
256 card. For RSA-only card minidrivers, this entry point is not defined and is set to
257 NULL in the CARD_DATA structure that is returned from CardAcquireContext.
258 The CARD_DH_AGREEMENT structure changes to allow for return of a handle to
259 the agreed secret. This raises a point about how to index the DH agreement
260 on the card in an opaque manner. Maintaining a map file is unnecessary because
261 Ncrypt makes no provision for persistent DH agreements and there is no way to
262 retrieve one after a provider is closed. DH agreements are addressable on card
263 through an opaque BYTE that the card minidriver maintains. This BYTE should be
264 associated with a handle to a card-side agreement.*/
265
266 DWORD WINAPI CardConstructDHAgreement(
267 __in PCARD_DATA pCardData,
268 __inout PCARD_DH_AGREEMENT_INFO pSecretInfo
269 )
270 {
271 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
272 return SCARD_E_UNSUPPORTED_FEATURE;
273 }
274
275 /** The key derivation structure represents the majority of the required changes
276 for FIPS 140-2 compliance for smart cards. It holds the requested key derivation
277 function (KDF) and the associated input. The KDFs are defined in the “CNG Reference”
278 documentation on MSDN. For RSA-only card minidrivers, this entry point is not defined
279 and is set to NULL in the CARD_DATA structure that is returned from CardAcquireContext.*/
280
281 DWORD WINAPI CardDeriveKey(
282 __in PCARD_DATA pCardData,
283 __inout PCARD_DERIVE_KEY pAgreementInfo
284 )
285 {
286 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
287 return SCARD_E_UNSUPPORTED_FEATURE;
288 }
289
290 /** The CardDestroyDHAgreement function removes an agreed secret from the card.
291 For RSA-only card minidrivers, this entry point is not defined and is set to
292 NULL in the CARD_DATA structure that was returned from CardAcquireContext.*/
293
294 DWORD WINAPI CardDestroyDHAgreement(
295 __in PCARD_DATA pCardData,
296 __in BYTE bSecretAgreementIndex,
297 __in DWORD dwFlags
298 )
299 {
300 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
301 return SCARD_E_UNSUPPORTED_FEATURE;
302 }
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26