/[openpgpmdrv]/trunk/OpenPGPminidriver/CardCryptographicOperations.c
ViewVC logotype

Contents of /trunk/OpenPGPminidriver/CardCryptographicOperations.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 12 - (show annotations)
Wed Mar 31 08:58:46 2010 UTC (15 years, 1 month ago) by vletoux
File MIME type: text/plain
File size: 9578 byte(s) 
first msi Release
1 /* OpenPGP Smart Card Mini Driver
2 Copyright (C) 2009 Vincent Le Toux
3
4 This library is Free software; you can redistribute it and/or
5 modify it under the terms of the GNU Lesser General Public
6 License version 2.1 as published by the Free Software Foundation.
7
8 This library is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11 Lesser General Public License for more details.
12
13 You should have received a copy of the GNU Lesser General Public
14 License along with this library; if not, write to the Free Software
15 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16 */
17
18 #include <windows.h>
19 #include <cardmod.h>
20 #include "Tracing.h"
21 #include "Context.h"
22 #include "CryptoOperations.h"
23
24 // 4.7 Cryptographic operations
25
26 /** This function performs an RSA decryption operation on the passed buffer
27 by using the private key that a container index refers to. Note that for
28 ECC-only smart cards, this entry point is not defined and is set to NULL
29 in the returned CARD_DATA structure from CardAcquireContext. This operation
30 is restricted to a single buffer of a size equal to the key modulus.*/
31
32 DWORD WINAPI CardRSADecrypt(
33 __in PCARD_DATA pCardData,
34 __inout PCARD_RSA_DECRYPT_INFO pInfo
35 )
36 {
37 DWORD dwReturn = 0;
38
39 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
40 __try
41 {
42 if ( pCardData == NULL )
43 {
44 Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
45 dwReturn = SCARD_E_INVALID_PARAMETER;
46 __leave;
47 }
48
49 if ( pInfo == NULL )
50 {
51 Trace(WINEVENT_LEVEL_ERROR, L"pInfo == NULL");
52 dwReturn = SCARD_E_INVALID_PARAMETER;
53 __leave;
54 }
55 if ( pInfo->pbData == NULL )
56 {
57 Trace(WINEVENT_LEVEL_ERROR, L"pInfo->pbData == NULL");
58 dwReturn = SCARD_E_INVALID_PARAMETER;
59 __leave;
60 }
61 if (pInfo->dwVersion > CARD_RSA_KEY_DECRYPT_INFO_CURRENT_VERSION)
62 {
63 Trace(WINEVENT_LEVEL_ERROR, L"ERROR_REVISION_MISMATCH");
64 dwReturn = ERROR_REVISION_MISMATCH;
65 __leave;
66 }
67 if ( pInfo->dwVersion < CARD_RSA_KEY_DECRYPT_INFO_CURRENT_VERSION
68 && pCardData->dwVersion == CARD_DATA_CURRENT_VERSION)
69 {
70 dwReturn = ERROR_REVISION_MISMATCH;
71 Trace(WINEVENT_LEVEL_ERROR, L"ERROR_REVISION_MISMATCH %d", pInfo->dwVersion);
72 __leave;
73 }
74 if (pInfo->dwVersion >= CARD_RSA_KEY_DECRYPT_INFO_VERSION_TWO)
75 {
76 if (pInfo->dwPaddingType != CARD_PADDING_PKCS1)
77 {
78 Trace(WINEVENT_LEVEL_ERROR, L"UNSUPPORTED PADDING %d", pInfo->dwPaddingType);
79 dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
80 __leave;
81 }
82 }
83 if (pInfo->dwKeySpec != AT_KEYEXCHANGE)
84 {
85 Trace(WINEVENT_LEVEL_ERROR, L"AT_KEYEXCHANGE %d", pInfo->dwKeySpec);
86 dwReturn = SCARD_E_INVALID_PARAMETER ;
87 __leave;
88 }
89 if (pInfo->bContainerIndex != ContainerConfidentiality)
90 {
91 Trace(WINEVENT_LEVEL_ERROR, L"Confidentiality %d", pInfo->bContainerIndex);
92 dwReturn = SCARD_E_NO_KEY_CONTAINER ;
93 __leave;
94 }
95 dwReturn = CheckContext(pCardData);
96 if ( dwReturn)
97 {
98 __leave;
99 }
100 dwReturn = OCardDecrypt(pCardData, pInfo);
101 if (dwReturn == SCARD_W_WRONG_CHV)
102 {
103 dwReturn = SCARD_W_SECURITY_VIOLATION;
104 }
105 }
106 __finally
107 {
108 }
109 Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
110 return dwReturn;
111 }
112
113
114 /** The CardSignData function signs a block of unpadded data. This entry either performs
115 padding on the card or pads the data by using the PFN_CSP_PAD_DATA callback. All card
116 minidrivers must support this entry point.*/
117
118 DWORD WINAPI CardSignData(
119 __in PCARD_DATA pCardData,
120 __in PCARD_SIGNING_INFO pInfo
121 )
122 {
123 DWORD dwReturn = 0;
124
125 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
126 __try
127 {
128 if ( pCardData == NULL )
129 {
130 Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
131 dwReturn = SCARD_E_INVALID_PARAMETER;
132 __leave;
133 }
134
135 if ( pInfo == NULL )
136 {
137 Trace(WINEVENT_LEVEL_ERROR, L"pInfo == NULL");
138 dwReturn = SCARD_E_INVALID_PARAMETER;
139 __leave;
140 }
141 if ( ( pInfo->dwVersion != CARD_SIGNING_INFO_BASIC_VERSION ) &&
142 ( pInfo->dwVersion != CARD_SIGNING_INFO_CURRENT_VERSION ) )
143 {
144 Trace(WINEVENT_LEVEL_ERROR, L"dwVersion == %d", pInfo->dwVersion);
145 dwReturn = ERROR_REVISION_MISMATCH;
146 __leave;
147 }
148 if ( pInfo->pbData == NULL )
149 {
150 Trace(WINEVENT_LEVEL_ERROR, L"pInfo->pbData == NULL");
151 dwReturn = SCARD_E_INVALID_PARAMETER;
152 __leave;
153 }
154 if (pInfo->dwKeySpec != AT_SIGNATURE && pInfo->dwKeySpec != AT_KEYEXCHANGE)
155 {
156 Trace(WINEVENT_LEVEL_ERROR, L"AT_SIGNATURE %d", pInfo->dwKeySpec);
157 dwReturn = SCARD_E_INVALID_PARAMETER ;
158 __leave;
159 }
160 dwReturn = CheckContext(pCardData);
161 if ( dwReturn)
162 {
163 __leave;
164 }
165 switch(pInfo->bContainerIndex)
166 {
167 case ContainerAuthentication:
168 case ContainerConfidentiality:
169 dwReturn = OCardAuthenticate(pCardData, pInfo);
170 break;
171 case ContainerSignature:
172 dwReturn = OCardSign(pCardData, pInfo);
173 break;
174 default:
175 dwReturn = SCARD_E_NO_KEY_CONTAINER;
176 Trace(WINEVENT_LEVEL_ERROR, L"SCARD_E_NO_KEY_CONTAINER %d", pInfo->bContainerIndex);
177 __leave;
178 }
179 if (dwReturn == SCARD_W_WRONG_CHV)
180 {
181 dwReturn = SCARD_W_SECURITY_VIOLATION;
182 }
183 }
184 __finally
185 {
186 }
187 Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
188 return dwReturn;
189 }
190
191 /** This function returns the public key sizes that are supported by the card in use.*/
192 DWORD WINAPI CardQueryKeySizes(
193 __in PCARD_DATA pCardData,
194 __in DWORD dwKeySpec,
195 __in DWORD dwFlags,
196 __inout PCARD_KEY_SIZES pKeySizes
197 )
198 {
199 DWORD dwReturn = 0, dwVersion;
200 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
201 __try
202 {
203 if ( pCardData == NULL )
204 {
205 Trace(WINEVENT_LEVEL_ERROR, L"pCardData == NULL");
206 dwReturn = SCARD_E_INVALID_PARAMETER;
207 __leave;
208 }
209
210 if ( dwFlags != 0 )
211 {
212 Trace(WINEVENT_LEVEL_ERROR, L"dwFlags != 0 : %d", dwFlags);
213 dwReturn = SCARD_E_INVALID_PARAMETER;
214 __leave;
215 }
216 if ( pKeySizes == NULL )
217 {
218 Trace(WINEVENT_LEVEL_ERROR, L"pKeySizes == NULL");
219 dwReturn = SCARD_E_INVALID_PARAMETER;
220 __leave;
221 }
222 dwVersion = (pKeySizes->dwVersion == 0) ? 1 : pKeySizes->dwVersion;
223 if ( dwVersion != CARD_KEY_SIZES_CURRENT_VERSION )
224 {
225 Trace(WINEVENT_LEVEL_ERROR, L"dwVersion == %d", pKeySizes->dwVersion);
226 dwReturn = ERROR_REVISION_MISMATCH;
227 __leave;
228 }
229 dwReturn = CheckContext(pCardData);
230 if ( dwReturn)
231 {
232 __leave;
233 }
234 switch(dwKeySpec)
235 {
236 case AT_ECDHE_P256 :
237 case AT_ECDHE_P384 :
238 case AT_ECDHE_P521 :
239 case AT_ECDSA_P256 :
240 case AT_ECDSA_P384 :
241 case AT_ECDSA_P521 :
242 Trace(WINEVENT_LEVEL_ERROR, L"dwKeySpec == %d", dwKeySpec);
243 dwReturn = SCARD_E_UNSUPPORTED_FEATURE;
244 __leave;
245 break;
246 case AT_KEYEXCHANGE:
247 case AT_SIGNATURE :
248 break;
249 default:
250 Trace(WINEVENT_LEVEL_ERROR, L"dwKeySpec == %d", dwKeySpec);
251 dwReturn = SCARD_E_INVALID_PARAMETER;
252 __leave;
253 break;
254 }
255
256 pKeySizes->dwMinimumBitlen = 1024;
257 pKeySizes->dwDefaultBitlen = 2048;
258 pKeySizes->dwMaximumBitlen = 2048;
259 pKeySizes->dwIncrementalBitlen = 0;
260 }
261 __finally
262 {
263 }
264 Trace(WINEVENT_LEVEL_VERBOSE, L"dwReturn = 0x%08X",dwReturn);
265 return dwReturn;
266 }
267
268
269 /** The CardConstructDHAgreement function performs a secret agreement calculation
270 for Diffie Hellman (DH) key exchange by using a private key that is present on the
271 card. For RSA-only card minidrivers, this entry point is not defined and is set to
272 NULL in the CARD_DATA structure that is returned from CardAcquireContext.
273 The CARD_DH_AGREEMENT structure changes to allow for return of a handle to
274 the agreed secret. This raises a point about how to index the DH agreement
275 on the card in an opaque manner. Maintaining a map file is unnecessary because
276 Ncrypt makes no provision for persistent DH agreements and there is no way to
277 retrieve one after a provider is closed. DH agreements are addressable on card
278 through an opaque BYTE that the card minidriver maintains. This BYTE should be
279 associated with a handle to a card-side agreement.*/
280
281 DWORD WINAPI CardConstructDHAgreement(
282 __in PCARD_DATA pCardData,
283 __inout PCARD_DH_AGREEMENT_INFO pSecretInfo
284 )
285 {
286 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
287 return SCARD_E_UNSUPPORTED_FEATURE;
288 }
289
290 /** The key derivation structure represents the majority of the required changes
291 for FIPS 140-2 compliance for smart cards. It holds the requested key derivation
292 function (KDF) and the associated input. The KDFs are defined in the “CNG Reference”
293 documentation on MSDN. For RSA-only card minidrivers, this entry point is not defined
294 and is set to NULL in the CARD_DATA structure that is returned from CardAcquireContext.*/
295
296 DWORD WINAPI CardDeriveKey(
297 __in PCARD_DATA pCardData,
298 __inout PCARD_DERIVE_KEY pAgreementInfo
299 )
300 {
301 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
302 return SCARD_E_UNSUPPORTED_FEATURE;
303 }
304
305 /** The CardDestroyDHAgreement function removes an agreed secret from the card.
306 For RSA-only card minidrivers, this entry point is not defined and is set to
307 NULL in the CARD_DATA structure that was returned from CardAcquireContext.*/
308
309 DWORD WINAPI CardDestroyDHAgreement(
310 __in PCARD_DATA pCardData,
311 __in BYTE bSecretAgreementIndex,
312 __in DWORD dwFlags
313 )
314 {
315 Trace(WINEVENT_LEVEL_VERBOSE, L"Enter");
316 return SCARD_E_UNSUPPORTED_FEATURE;
317 }
[email protected]
 ViewVC Help
Powered by ViewVC 1.1.26