forked from OpenSC/OpenSC
-
Notifications
You must be signed in to change notification settings - Fork 0
/
card-piv.c
6254 lines (5423 loc) · 192 KB
/
card-piv.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
/*
* card-piv.c: Support for PIV-II from NIST SP800-73
* card-default.c: Support for cards with no driver
*
* Copyright (C) 2001, 2002 Juha Yrjölä <[email protected]>
* Copyright (C) 2005-2023 Douglas E. Engert <[email protected]>
* Copyright (C) 2006, Identity Alliance, Thomas Harning <[email protected]>
* Copyright (C) 2007, EMC, Russell Larner <[email protected]>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
#if HAVE_CONFIG_H
#include "config.h"
#endif
#include <ctype.h>
#include <fcntl.h>
#include <limits.h>
#include <stdlib.h>
#include <string.h>
#ifdef _WIN32
#include <io.h>
#else
#include <unistd.h>
#endif
#ifdef ENABLE_OPENSSL
/* openssl needed for card administration and SM */
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <openssl/sha.h>
#if !defined(OPENSSL_NO_EC)
#include <openssl/ec.h>
#endif
#include <openssl/err.h>
#define piv_log_openssl(C) \
do { if (C && C->debug > 0 && C->debug_file != 0) \
{ ERR_print_errors_fp(C->debug_file); } \
} while(0)
#endif /* ENABLE_OPENSSL */
/* 800-73-4 SM and VCI need: ECC, SM and real OpenSSL >= 1.1 */
#if defined(ENABLE_OPENSSL) && defined(ENABLE_SM) && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
#else
#undef ENABLE_PIV_SM
#endif
#ifdef ENABLE_PIV_SM
#include <openssl/cmac.h>
#include "compression.h"
#endif
#include "internal.h"
#include "asn1.h"
#include "cardctl.h"
#include "simpletlv.h"
enum {
PIV_OBJ_CCC = 0,
PIV_OBJ_CHUI,
/* PIV_OBJ_UCHUI is not in new with 800-73-2 */
PIV_OBJ_X509_PIV_AUTH,
PIV_OBJ_CHF,
PIV_OBJ_PI,
PIV_OBJ_CHFI,
PIV_OBJ_X509_DS,
PIV_OBJ_X509_KM,
PIV_OBJ_X509_CARD_AUTH,
PIV_OBJ_SEC_OBJ,
PIV_OBJ_DISCOVERY,
PIV_OBJ_HISTORY,
PIV_OBJ_RETIRED_X509_1,
PIV_OBJ_RETIRED_X509_2,
PIV_OBJ_RETIRED_X509_3,
PIV_OBJ_RETIRED_X509_4,
PIV_OBJ_RETIRED_X509_5,
PIV_OBJ_RETIRED_X509_6,
PIV_OBJ_RETIRED_X509_7,
PIV_OBJ_RETIRED_X509_8,
PIV_OBJ_RETIRED_X509_9,
PIV_OBJ_RETIRED_X509_10,
PIV_OBJ_RETIRED_X509_11,
PIV_OBJ_RETIRED_X509_12,
PIV_OBJ_RETIRED_X509_13,
PIV_OBJ_RETIRED_X509_14,
PIV_OBJ_RETIRED_X509_15,
PIV_OBJ_RETIRED_X509_16,
PIV_OBJ_RETIRED_X509_17,
PIV_OBJ_RETIRED_X509_18,
PIV_OBJ_RETIRED_X509_19,
PIV_OBJ_RETIRED_X509_20,
PIV_OBJ_IRIS_IMAGE,
PIV_OBJ_BITGT,
PIV_OBJ_SM_CERT_SIGNER,
PIV_OBJ_PCRDCS,
PIV_OBJ_9B03,
PIV_OBJ_9A06,
PIV_OBJ_9C06,
PIV_OBJ_9D06,
PIV_OBJ_9E06,
PIV_OBJ_8206,
PIV_OBJ_8306,
PIV_OBJ_8406,
PIV_OBJ_8506,
PIV_OBJ_8606,
PIV_OBJ_8706,
PIV_OBJ_8806,
PIV_OBJ_8906,
PIV_OBJ_8A06,
PIV_OBJ_8B06,
PIV_OBJ_8C06,
PIV_OBJ_8D06,
PIV_OBJ_8E06,
PIV_OBJ_8F06,
PIV_OBJ_9006,
PIV_OBJ_9106,
PIV_OBJ_9206,
PIV_OBJ_9306,
PIV_OBJ_9406,
PIV_OBJ_9506,
PIV_OBJ_LAST_ENUM
};
/*
* Flags in the piv_obj_cache:
* PIV_OBJ_CACHE_VALID means the data in the cache can be used.
* It might have zero length indicating that the object was not found.
* PIV_OBJ_CACHE_NOT_PRESENT means do not even try to read the object.
* Either because the object did not parse or
* these objects will only be present if the history object says
* they are on the card, or the discovery or history object in not present.
* If the file listed in the history object offCardCertURL was found,
* its certs will be read into the cache and PIV_OBJ_CACHE_VALID set
* and PIV_OBJ_CACHE_NOT_PRESENT unset.
*
*/
#define PIV_OBJ_CACHE_VALID 1
#define PIV_OBJ_CACHE_COMPRESSED 2
#define PIV_OBJ_CACHE_NOT_PRESENT 8
typedef struct piv_obj_cache {
u8* obj_data;
size_t obj_len;
u8* internal_obj_data; /* like a cert in the object */
size_t internal_obj_len;
int flags;
} piv_obj_cache_t;
enum {
PIV_STATE_NORMAL = 0,
PIV_STATE_MATCH,
PIV_STATE_INIT
};
/* ccc_flags */
#define PIV_CCC_FOUND 0x00000001
#define PIV_CCC_F0_PIV 0x00000002
#define PIV_CCC_F0_CAC 0x00000004
#define PIV_CCC_F0_JAVA 0x00000008
#define PIV_CCC_F3_CAC_PKI 0x00000010
#define PIV_CCC_TAG_F0 0xF0
#define PIV_CCC_TAG_F3 0xF3
/* 800-73-4 Cipher Suite Table 14 */
#define PIV_CS_CS2 0x27
#define PIV_CS_CS7 0x2E
#ifdef ENABLE_PIV_SM
/* TODO temp to test with or without LIBCTX PR */
#ifdef USE_OPENSSL3_LIBCTX
#define PIV_LIBCTX card->ctx->ossl3ctx->libctx
#else
#define PIV_LIBCTX NULL
#endif
/* Table 14 and other constants */
typedef struct cipher_suite {
u8 id; /* taken from AID "AC" tag */
int field_length;
int nid; /* for OpenSSL curves */
struct sc_object_id oid; /* for opensc */
int p1; /* for APDU */
size_t Qlen; /* size of pubkey 04||x||y for all keys */
size_t AuthCryptogramlen; /* both H and ICC must match */
size_t Zlen; /* size of shared secret from ECDH */
size_t otherinfolen; /* used in 4.1.6 Key Derivation */
int o0len; /* first in otherinfo */
u8 o0_char;
size_t IDshlen;
size_t CBhlen;
size_t T16Qehlen;
size_t IDsicclen;
size_t Nicclen;
size_t CBicclen; /* last in otherinfo */
int naeskeys; /* number of aes key generated */
int aeskeylen; /* size of aes key bytes*/
int kdf_hash_size; /* size of hash in bytes */
EVP_MD *(*kdf_md)(void);
const EVP_CIPHER *(*cipher_cbc)(void);
const EVP_CIPHER *(*cipher_ecb)(void);
char *cipher_cbc_name;
char *cipher_ecb_name;
char *curve_group; /* curve name TODO or is this just p-256 or p-384?*/
} cipher_suite_t;
// clang-fromat off
#define PIV_CSS_SIZE 2
static cipher_suite_t css[PIV_CSS_SIZE] = {
{PIV_CS_CS2, 256, NID_X9_62_prime256v1, {{1, 2, 840, 10045, 3, 1, 7, -1}},
PIV_CS_CS2, 65, 16, 32, 61,
4, 0x09, 8, 1, 16, 8, 16, 1,
4, 128/8, SHA256_DIGEST_LENGTH,
(EVP_MD *(*)(void)) EVP_sha256,
(const EVP_CIPHER *(*)(void)) EVP_aes_128_cbc,
(const EVP_CIPHER *(*)(void)) EVP_aes_128_ecb,
"aes-128-cbc", "aes-128-ecb",
"prime256v1"},
{PIV_CS_CS7, 384, NID_secp384r1, {{1, 3, 132, 0, 34, -1}},
PIV_CS_CS7, 97, 16, 48, 69,
4, 0x0D, 8, 1, 16, 8, 24, 1,
4, 256/8, SHA384_DIGEST_LENGTH,
(EVP_MD *(*)(void)) EVP_sha384,
(const EVP_CIPHER *(*)(void)) EVP_aes_256_cbc,
(const EVP_CIPHER *(*)(void)) EVP_aes_256_ecb,
"aes-256-cbc", "aes-256-ecb",
"secp384r1"}
};
// clang-format on
/* 800-73-4 4.1.5 Card Verifiable Certificates */
typedef struct piv_cvc {
sc_pkcs15_der_t der; // Previous read der
int cpi; // Certificate profile indicator (0x80)
char issuerID[8]; // Issuer Identification Number
size_t issuerIDlen; // 8 bytes of sha-1 or 16 byte for GUID
u8 subjectID[16]; // Subject Identifier (8) or GUID (16) == CHUI
size_t subjectIDlen; // 8 bytes of sha-1 or 16 byte for GUID
struct sc_object_id pubKeyOID; // Public key algorithm object identifier
u8 *publicPoint; // Public point for ECC
size_t publicPointlen;
int roleID; // Role Identifier 0x00 or 0x12
u8 *body; // signed part of CVC in DER
size_t bodylen;
struct sc_object_id signatureAlgOID; // Signature Algroithm Identifier
u8 *signature; // Certificate signature DER
size_t signaturelen;
} piv_cvc_t;
#define PIV_SM_MAX_FIELD_LENGTH 384
#define PIV_SM_MAX_MD_LENGTH SHA384_DIGEST_LENGTH
#define PIV_SM_FLAGS_SM_CERT_SIGNER_VERIFIED 0x000000001lu
#define PIV_SM_FLAGS_SM_CVC_VERIFIED 0X000000002lu
#define PIV_SM_FLAGS_SM_IN_CVC_VERIFIED 0x000000004lu
#define PIV_SM_FLAGS_SM_CERT_SIGNER_PRESENT 0x000000010lu
#define PIV_SM_FLAGS_SM_CVC_PRESENT 0X000000020lu
#define PIV_SM_FLAGS_SM_IN_CVC_PRESENT 0x000000040lu
#define PIV_SM_FLAGS_SM_IS_ACTIVE 0x000000080lu /* SM has been started */
/* if card supports SP800-73-4 SM: */
#define PIV_SM_FLAGS_NEVER 0x000000100lu /* Don't use SM even if card support it */
/* Default is use if card supports it */
/* will use VCI if card supports it for contactless */
#define PIV_SM_FLAGS_ALWAYS 0x000000200lu /* Use SM or quit, VCI requires SM */
#define PIV_SM_FLAGS_DEFER_OPEN 0x000001000lu /* call sm_open from reader_lock_obtained */
#define PIV_SM_VCI_ACTIVE 0x000002000lu /* VCI is active */
#define PIV_SM_GET_DATA_IN_CLEAR 0x000004000lu /* OK to do this GET DATA in the clear */
typedef struct piv_sm_session {
/* set by piv_sm_open */
int aes_size; /* 128 or 256 */
u8 SKcfrm[32];
u8 SKmac[32];
u8 SKenc[32]; /* keys are either AES 128 or AES 256 */
u8 SKrmac[32];
u8 enc_counter[16];
u8 enc_counter_last[16];
u8 resp_enc_counter[16];
u8 C_MCV[16];
u8 C_MCV_last[16];
u8 R_MCV[16];
u8 R_MCV_last[16];
} piv_sm_session_t;
#define C_ASN1_PIV_CVC_PUBKEY_SIZE 3
/* ECC key only */
static const struct sc_asn1_entry c_asn1_piv_cvc_pubkey[C_ASN1_PIV_CVC_PUBKEY_SIZE] = {
{ "publicKeyOID", SC_ASN1_OBJECT, SC_ASN1_UNI | SC_ASN1_OBJECT, 0, NULL, NULL },
{ "publicPoint", SC_ASN1_OCTET_STRING, SC_ASN1_CTX | 6, SC_ASN1_OPTIONAL | SC_ASN1_ALLOC, NULL, NULL },
{ NULL, 0, 0, 0, NULL, NULL }
};
#define C_ASN1_PIV_CVC_DSOBJ_SIZE 2
static const struct sc_asn1_entry c_asn1_piv_cvc_dsobj[C_ASN1_PIV_CVC_DSOBJ_SIZE] = {
{ "DigitalSignature", SC_ASN1_STRUCT, SC_ASN1_CONS | SC_ASN1_TAG_SEQUENCE, 0, NULL, NULL },
{ NULL, 0, 0, 0, NULL, NULL }
};
#define C_ASN1_PIV_CVC_DSSIG_SIZE 3
static const struct sc_asn1_entry c_asn1_piv_cvc_dssig[C_ASN1_PIV_CVC_DSSIG_SIZE] = {
{ "signatureAlgorithmID", SC_ASN1_STRUCT, SC_ASN1_CONS | SC_ASN1_TAG_SEQUENCE, 0, NULL, NULL },
{ "signatureValue", SC_ASN1_BIT_STRING_NI, SC_ASN1_TAG_BIT_STRING, SC_ASN1_ALLOC, NULL, NULL },
{ NULL, 0, 0, 0, NULL, NULL }
};
#define C_ASN1_PIV_CVC_ALG_ID_SIZE 3
static const struct sc_asn1_entry c_asn1_piv_cvc_alg_id[C_ASN1_PIV_CVC_ALG_ID_SIZE] = {
{ "signatureAlgorithmOID", SC_ASN1_OBJECT, SC_ASN1_UNI | SC_ASN1_OBJECT, 0, NULL, NULL },
{ "nullParam", SC_ASN1_NULL, SC_ASN1_UNI | SC_ASN1_TAG_NULL, SC_ASN1_OPTIONAL, NULL, NULL },
{ NULL, 0, 0, 0, NULL, NULL }
};
#define C_ASN1_PIV_CVC_BODY_SIZE 7
static const struct sc_asn1_entry c_asn1_piv_cvc_body[C_ASN1_PIV_CVC_BODY_SIZE] = {
{ "certificateProfileIdentifier", SC_ASN1_INTEGER, SC_ASN1_APP | 0x1F29, 0, NULL, NULL },
{ "Issuer ID Number", SC_ASN1_OCTET_STRING, SC_ASN1_APP | 2, 0, NULL, NULL },
{ "Subject Identifier", SC_ASN1_OCTET_STRING, SC_ASN1_APP | 0x1F20, 0, NULL, NULL },
{ "publicKey", SC_ASN1_STRUCT, SC_ASN1_CONS | SC_ASN1_APP | 0x1F49, 0, NULL, NULL },
{ "roleIdentifier", SC_ASN1_CALLBACK, SC_ASN1_APP | 0x1F4C, 0, NULL, NULL },
/* signature is over the above 5 entries treat roleIdentifier special to get end */
{ "DSignatureObject", SC_ASN1_STRUCT, SC_ASN1_APP | 0x1F37, SC_ASN1_TAG_SEQUENCE | SC_ASN1_CONS, NULL, NULL },
{ NULL, 0, 0, 0, NULL, NULL }
};
#define C_ASN1_PIV_CVC_SIZE 2
static const struct sc_asn1_entry c_asn1_piv_cvc[C_ASN1_PIV_CVC_SIZE] = {
{ "CVC certificate", SC_ASN1_STRUCT, SC_ASN1_CONS | SC_ASN1_APP | 0x1F21, 0, NULL, NULL },
{ NULL, 0, 0, 0, NULL, NULL }
};
#define C_ASN1_PIV_SM_RESPONSE_SIZE 4
static const struct sc_asn1_entry c_asn1_sm_response[C_ASN1_PIV_SM_RESPONSE_SIZE] = {
{ "encryptedData", SC_ASN1_CALLBACK, SC_ASN1_CTX | 7, SC_ASN1_OPTIONAL, NULL, NULL },
{ "statusWord", SC_ASN1_CALLBACK, SC_ASN1_CTX | 0x19, 0, NULL, NULL },
{ "mac", SC_ASN1_CALLBACK, SC_ASN1_CTX | 0x0E, 0, NULL, NULL },
{ NULL, 0, 0, 0, NULL, NULL }
};
/*
* SW internal apdu response table.
*
* Override APDU response error codes from iso7816.c to allow
* handling of SM specific error
*/
static const struct sc_card_error piv_sm_errors[] = {
{0x6882, SC_ERROR_SM, "SM not supported"},
{0x6982, SC_ERROR_SM_NO_SESSION_KEYS, "SM Security status not satisfied"}, /* no session established */
{0x6987, SC_ERROR_SM, "Expected SM Data Object missing"},
{0x6988, SC_ERROR_SM_INVALID_SESSION_KEY, "SM Data Object incorrect"}, /* other process interference */
{0, 0, NULL}
};
#endif /* ENABLE_PIV_SM */
/* 800-73-4 3.3.2 Discovery Object - PIN Usage Policy */
#define PIV_PP_PIN 0x00004000u
#define PIV_PP_GLOBAL 0x00002000u
#define PIV_PP_OCC 0x00001000u
#define PIV_PP_VCI_IMPL 0x00000800u
#define PIV_PP_VCI_WITHOUT_PC 0x00000400u
#define PIV_PP_PIV_PRIMARY 0x00000010u
#define PIV_PP_GLOBAL_PRIMARY 0x00000020u
/* init_flags */
#define PIV_INIT_AID_PARSED 0x00000001u
#define PIV_INIT_AID_AC 0x00000002u
#define PIV_INIT_DISCOVERY_PARSED 0x00000004u
#define PIV_INIT_DISCOVERY_PP 0x00000008u
#define PIV_INIT_IN_READER_LOCK_OBTAINED 0x00000010u
#define PIV_INIT_CONTACTLESS 0x00000020u
#define PIV_PAIRING_CODE_LEN 8
typedef struct piv_private_data {
struct sc_lv_data aid_der; /* previous aid response to compare */
int enumtag;
int max_object_size; /* use setable option. In case objects get bigger */
int selected_obj; /* The index into the piv_objects last selected */
int return_only_cert; /* return the cert from the object */
int rwb_state; /* first time -1, 0, in middle, 1 at eof */
int operation; /* saved from set_security_env */
int algorithm; /* saved from set_security_env */
int key_ref; /* saved from set_security_env and */
int alg_id; /* used in decrypt, signature, derive */
int key_size; /* RSA: modulus_bits EC: field_length in bits */
u8* w_buf; /* write_binary buffer */
size_t w_buf_len; /* length of w_buff */
piv_obj_cache_t obj_cache[PIV_OBJ_LAST_ENUM];
int keysWithOnCardCerts;
int keysWithOffCardCerts;
char * offCardCertURL;
int pin_preference; /* set from Discovery object */
int logged_in;
int pstate;
int pin_cmd_verify;
int context_specific;
unsigned int pin_cmd_verify_sw1;
unsigned int pin_cmd_verify_sw2;
int tries_left; /* SC_PIN_CMD_GET_INFO tries_left from last */
unsigned int card_issues; /* card_issues flags for this card */
int object_test_verify; /* Can test this object to set verification state of card */
int yubico_version; /* 3 byte version number of NEO or Yubikey4 as integer */
unsigned int ccc_flags; /* From CCC indicate if CAC card */
unsigned int pin_policy; /* from discovery */
unsigned int init_flags;
u8 csID; /* 800-73-4 Cipher Suite ID 0x27 or 0x2E */
#ifdef ENABLE_PIV_SM
cipher_suite_t *cs; /* active cypher_suite */
piv_cvc_t sm_cvc; /* 800-73-4: SM CVC Table 15 */
piv_cvc_t sm_in_cvc; /* Intermediate CVC Table 16 */
unsigned long sm_flags;
unsigned char pairing_code[PIV_PAIRING_CODE_LEN]; /* 8 ASCII digits */
piv_sm_session_t sm_session;
#endif /* ENABLE_PIV_SM */
} piv_private_data_t;
#define PIV_DATA(card) ((piv_private_data_t*)card->drv_data)
struct piv_aid {
int enumtag;
size_t len_short; /* min length without version */
size_t len_long; /* With version and other stuff */
u8 *value;
};
/*
* The Generic AID entry should be the "A0 00 00 03 08 00 00 10 00 "
* NIST published 800-73 on 10/6/2005
* 800-73-1 March 2006 included Errata
* 800-73-2 Part 1 implies version is "02 00"
* i.e. "A0 00 00 03 08 00 00 01 00 02 00".
* but we don't need the version number. But could get it from the PIX.
* Discovery object was added.
*
* 800-73-3 Part 1 now refers to "01 00" i.e. going back to 800-73-1.
* The main differences between 73-2, and 73-3 are the addition of the
* key History object, certs and keys and Iris objects.
* These can be discovered using GET DATA
* 800-73-4 Has many changs, including optional Secure Messaging,
* optional Virtial Contact Interface and pairing code.
*/
/* ATRs of cards known to have PIV applet. But must still be tested for a PIV applet */
static const struct sc_atr_table piv_atrs[] = {
/* CAC cards with PIV from: CAC-utilziation-and-variation-matrix-v2.03-20May2016.doc */
/*
* https://www.cac.mil/Common-Access-Card/Developer-Resources/
* https://www.cac.mil/Portals/53/Documents/DoD%20Token%20utilziation%20and%20variation%20matrix%20v2_06_17October2019.docx?ver=2019-10-18-102519-120
*/
/* Oberthur Card Systems (PIV Endpoint) with PIV endpoint applet and PIV auth cert OBSOLETE */
{ "3B:DB:96:00:80:1F:03:00:31:C0:64:77:E3:03:00:82:90:00:C1", NULL, NULL, SC_CARD_TYPE_PIV_II_OBERTHUR, 0, NULL },
/* Gemalto (PIV Endpoint) with PIV endpoint applet and PIV auth cert OBSOLETE */
{ "3B 7D 96 00 00 80 31 80 65 B0 83 11 13 AC 83 00 90 00", NULL, NULL, SC_CARD_TYPE_PIV_II_GEMALTO, 0, NULL },
/* Gemalto (PIV Endpoint) 2 entries 2016, 2019 */
{ "3B:7D:96:00:00:80:31:80:65:B0:83:11:17:D6:83:00:90:00", NULL, NULL, SC_CARD_TYPE_PIV_II_GEMALTO, 0, NULL },
/* Oberthur Card System (PIV Endpoint) 2 entries 2016, 2019 */
{ "3B:DB:96:00:80:1F:03:00:31:C0:64:B0:F3:10:00:07:90:00:80", NULL, NULL, SC_CARD_TYPE_PIV_II_OBERTHUR, 0, NULL },
/* Oberthur Card System with LCS 0F - Some VA cards have Terminated state */
{ "3B:DB:96:00:80:1F:03:00:31:C0:64:B0:F3:10:00:0F:90:00:88", NULL, NULL, SC_CARD_TYPE_PIV_II_OBERTHUR, 0, NULL },
/* Giesecke & Devrient (PIV Endpoint) 2 entries 2016, 2019 */
{ "3B:7A:18:00:00:73:66:74:65:20:63:64:31:34:34", NULL, NULL, SC_CARD_TYPE_PIV_II_GI_DE_DUAL_CAC, 0, NULL },
/* Giesecke & Devrient (CAC PIV Endpoint) 2019 */
{ "3B:F9:18:00:00:00:53:43:45:37:20:03:00:20:46", NULL, NULL, SC_CARD_TYPE_PIV_II_GI_DE_DUAL_CAC, 0, NULL },
/* IDEMIA (new name for Oberthur) (DoD Alternate Token IDEMIA Cosmo V8.0 2019*/
{ "3B:D8:18:00:80:B1:FE:45:1F:07:80:31:C1:64:08:06:92:0F:D5", NULL, NULL, SC_CARD_TYPE_PIV_II_OBERTHUR, 0, NULL },
{ "3b:86:80:01:80:31:c1:52:41:1a:7e", NULL, NULL, SC_CARD_TYPE_PIV_II_OBERTHUR, 0, NULL }, /* contactless */
/* Following PIVKEY entries are from Windows registry provided by [email protected] 2022-09-05 */
/* PIVKEY PIVKey Feitian (02) */
{ "3b:9f:95:81:31:fe:9f:00:66:46:53:05:10:00:11:71:df:00:00:00:00:00:02", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey Feitian (7C) aka C910 contactless */
{ "3b:8c:80:01:90:67:46:4a:00:64:16:06:f2:72:7e:00:7c", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/*PIVKey Feitian (E0) aka C910 */
{ "3b:fc:18:00:00:81:31:80:45:90:67:46:4a:00:64:16:06:f2:72:7e:00:e0", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey Feitian (FE) aka PIVKEY T600 token and T800 on Feitian eJAVA */
{ "3b:fc:18:00:00:81:31:80:45:90:67:46:4a:00:64:2d:70:c1:72:fe:e0:fe", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey JCOP241 (AD) */
{ "3b:f9:13:00:00:81:31:fe:45:53:50:49:56:4b:45:59:37:30:ad", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey JCOP242R2 (16) */
{ "3b:88:80:01:50:49:56:4b:45:59:37:30:16", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey JCOP242R2 (5E) */
{ "3b:88:80:01:4a:43:4f:50:76:32:34:31:5e", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey JCOP242R2 (B7) */
{ "3b:f8:13:00:00:81:31:fe:45:4a:43:4f:50:76:32:34:31:b7", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey JCOP3 (67) */
{ "3b:88:80:01:46:49:44:45:53:4d:4f:31:67", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey JCOP3 (8E) */
{ "3b:f8:13:00:00:81:31:fe:45:46:49:44:45:53:4d:4f:31:8e", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey JCOP31 (57) */
{ "3b:f9:18:00:ff:81:31:fe:45:4a:43:4f:50:33:31:56:32:32:57", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey NXP JCOP (03) */
{ "3b:8a:80:01:01:50:49:56:4b:45:59:37:30:16:03", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey NXP JCOP (FF) aka CP70 */
{ "3b:f8:13:00:00:81:31:fe:45:50:49:56:4b:45:59:37:30:ff", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey SLE78 (3B) */
{ "3b:8d:80:01:53:4c:4a:35:32:47:44:4c:31:32:38:43:52:3b", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey SLE78 (6D) */
{ "3b:88:80:01:00:00:00:11:77:81:83:00:6d", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey SLE78 (28) aka C980 */
{ "3b:f9:96:00:00:81:31:fe:45:53:50:49:56:4b:45:59:37:30:28", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey SLE78 (44) aka C980 contactless */
{ "3b:89:80:01:53:50:49:56:4b:45:59:37:30:44", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey SLE78 (57B) */
{ "3b:fd:96:00:00:81:31:fe:45:53:4c:4a:35:32:47:44:4c:31:32:38:43:52:57", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey uTrust (01) ISO 14443 Type B without historical bytes */
{ "3b:80:80:01:01", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey uTrust (73) */
{ "3b:96:11:81:21:75:75:54:72:75:73:74:73", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* PIVKey uTrust FIDO2 (73) */
{ "3b:96:11:81:21:75:75:54:72:75:73:74:73", NULL, NULL, SC_CARD_TYPE_PIV_II_PIVKEY, 0, NULL },
/* Swissbit iShield Key Pro with PIV endpoint applet */
{ "3b:97:11:81:21:75:69:53:68:69:65:6c:64:05", NULL, NULL, SC_CARD_TYPE_PIV_II_SWISSBIT, 0, NULL },
/* ID-One PIV 2.4.1 on Cosmo V8.1 NIST sp800-73-4 with Secure Messaging and VCI 2020 */
{ "3b:d6:96:00:81:b1:fe:45:1f:87:80:31:c1:52:41:1a:2a", NULL, NULL, SC_CARD_TYPE_PIV_II_800_73_4, 0, NULL },
{ "3b:86:80:01:80:31:c1:52:41:12:76", NULL, NULL, SC_CARD_TYPE_PIV_II_800_73_4, 0, NULL }, /* contactless */
{ NULL, NULL, NULL, 0, 0, NULL }
};
static struct piv_supported_ec_curves {
struct sc_object_id oid;
size_t size;
} ec_curves[] = {
{{{1, 2, 840, 10045, 3, 1, 7, -1}}, 256}, /* secp256r1, nistp256, prime256v1, ansiX9p256r1 */
{{{1, 3, 132, 0, 34, -1}}, 384}, /* secp384r1, nistp384, prime384v1, ansiX9p384r1 */
{{{-1}}, 0} /* This entry must not be touched. */
};
/* all have same AID */
static struct piv_aid piv_aids[] = {
{SC_CARD_TYPE_PIV_II_GENERIC, /* Not really card type but what PIV AID is supported */
9, 9, (u8 *) "\xA0\x00\x00\x03\x08\x00\x00\x10\x00" },
{0, 9, 0, NULL }
};
/* card_issues - bugs in PIV implementations requires special handling */
#define CI_VERIFY_630X 0x00000001U /* VERIFY tries left returns 630X rather then 63CX */
#define CI_VERIFY_LC0_FAIL 0x00000002U /* VERIFY Lc=0 never returns 90 00 if PIN not needed */
/* will also test after first PIN verify if protected object can be used instead */
#define CI_NO_RANDOM 0x00000004U /* can not use Challenge to get random data or no 9B key */
#define CI_CANT_USE_GETDATA_FOR_STATE 0x00000008U /* No object to test verification inplace of VERIFY Lc=0 */
#define CI_LEAKS_FILE_NOT_FOUND 0x00000010U /* GET DATA of empty object returns 6A 82 even if PIN not verified */
#define CI_DISCOVERY_USELESS 0x00000020U /* Discovery can not be used to query active AID invalid or no data returned */
#define CI_PIV_AID_LOSE_STATE 0x00000040U /* PIV AID can lose the login state run with out it*/
#define CI_OTHER_AID_LOSE_STATE 0x00000100U /* Other drivers match routines may reset our security state and lose AID!!! */
#define CI_NFC_EXPOSE_TOO_MUCH 0x00000200U /* PIN, crypto and objects exposed over NFS in violation of 800-73-3 */
#define CI_NO_RSA2048 0x00010000U /* does not have RSA 2048 */
#define CI_NO_EC384 0x00020000U /* does not have EC 384 */
#define CI_NO_EC 0x00040000U /* No EC at all */
/*
* Flags in the piv_object:
* PIV_OBJECT_NOT_PRESENT: the presents of the object is
* indicated by the History object.
*/
#define PIV_OBJECT_TYPE_CERT 0x01
#define PIV_OBJECT_TYPE_PUBKEY 0x02
#define PIV_OBJECT_NOT_PRESENT 0x04
#define PIV_OBJECT_TYPE_CVC 0x08 /* is in cert object */
#define PIV_OBJECT_NEEDS_PIN 0x10 /* On both contact and contactless */
#define PIV_OBJECT_NEEDS_VCI 0x20 /* NIST sp800-73-4 Requires VCI on contactless and card enforces this. */
/* But also See CI_NFC_EXPOSE_TOO_MUCH for non approved PIV-like cards */
struct piv_object {
int enumtag;
const char * name;
unsigned int resp_tag;
const char * oidstring;
size_t tag_len;
u8 tag_value[3];
u8 containerid[2]; /* will use as relative paths for simulation */
int flags; /* object has some internal object like a cert */
};
/* Must be in order, and one per enumerated PIV_OBJ */
// clang-format off
static const struct piv_object piv_objects[] = {
{ PIV_OBJ_CCC, "Card Capability Container",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.1.219.0", 3, "\x5F\xC1\x07", "\xDB\x00", PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_CHUI, "Card Holder Unique Identifier",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.48.0", 3, "\x5F\xC1\x02", "\x30\x00", 0},
{ PIV_OBJ_X509_PIV_AUTH, "X.509 Certificate for PIV Authentication",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.1.1", 3, "\x5F\xC1\x05", "\x01\x01", PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI} ,
{ PIV_OBJ_CHF, "Card Holder Fingerprints",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.96.16", 3, "\x5F\xC1\x03", "\x60\x10", PIV_OBJECT_NEEDS_PIN | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_PI, "Printed Information",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.48.1", 3, "\x5F\xC1\x09", "\x30\x01", PIV_OBJECT_NEEDS_PIN | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_CHFI, "Cardholder Facial Images",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.96.48", 3, "\x5F\xC1\x08", "\x60\x30", PIV_OBJECT_NEEDS_PIN | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_X509_DS, "X.509 Certificate for Digital Signature",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.1.0", 3, "\x5F\xC1\x0A", "\x01\x00", PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_X509_KM, "X.509 Certificate for Key Management",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.1.2", 3, "\x5F\xC1\x0B", "\x01\x02", PIV_OBJECT_TYPE_CERT},
{ PIV_OBJ_X509_CARD_AUTH, "X.509 Certificate for Card Authentication",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.5.0", 3, "\x5F\xC1\x01", "\x05\x00", PIV_OBJECT_TYPE_CERT},
{ PIV_OBJ_SEC_OBJ, "Security Object",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.144.0", 3, "\x5F\xC1\x06", "\x90\x00", PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_DISCOVERY, "Discovery Object",
SC_ASN1_APP | SC_ASN1_CONS | 0x1E,
"2.16.840.1.101.3.7.2.96.80", 1, "\x7E", "\x60\x50", 0},
{ PIV_OBJ_HISTORY, "Key History Object",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.96.96", 3, "\x5F\xC1\x0C", "\x60\x60", PIV_OBJECT_NEEDS_VCI},
/* 800-73-3, 21 new objects, 20 history certificates */
{ PIV_OBJ_RETIRED_X509_1, "Retired X.509 Certificate for Key Management 1",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.1", 3, "\x5F\xC1\x0D", "\x10\x01",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_2, "Retired X.509 Certificate for Key Management 2",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.2", 3, "\x5F\xC1\x0E", "\x10\x02",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_3, "Retired X.509 Certificate for Key Management 3",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.3", 3, "\x5F\xC1\x0F", "\x10\x03",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_4, "Retired X.509 Certificate for Key Management 4",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.4", 3, "\x5F\xC1\x10", "\x10\x04",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_5, "Retired X.509 Certificate for Key Management 5",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.5", 3, "\x5F\xC1\x11", "\x10\x05",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_6, "Retired X.509 Certificate for Key Management 6",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.6", 3, "\x5F\xC1\x12", "\x10\x06",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_7, "Retired X.509 Certificate for Key Management 7",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.7", 3, "\x5F\xC1\x13", "\x10\x07",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_8, "Retired X.509 Certificate for Key Management 8",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.8", 3, "\x5F\xC1\x14", "\x10\x08",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_9, "Retired X.509 Certificate for Key Management 9",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.9", 3, "\x5F\xC1\x15", "\x10\x09",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_10, "Retired X.509 Certificate for Key Management 10",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.10", 3, "\x5F\xC1\x16", "\x10\x0A",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_11, "Retired X.509 Certificate for Key Management 11",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.11", 3, "\x5F\xC1\x17", "\x10\x0B",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_12, "Retired X.509 Certificate for Key Management 12",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.12", 3, "\x5F\xC1\x18", "\x10\x0C",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_13, "Retired X.509 Certificate for Key Management 13",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.13", 3, "\x5F\xC1\x19", "\x10\x0D",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_14, "Retired X.509 Certificate for Key Management 14",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.14", 3, "\x5F\xC1\x1A", "\x10\x0E",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_15, "Retired X.509 Certificate for Key Management 15",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.15", 3, "\x5F\xC1\x1B", "\x10\x0F",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_16, "Retired X.509 Certificate for Key Management 16",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.16", 3, "\x5F\xC1\x1C", "\x10\x10",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_17, "Retired X.509 Certificate for Key Management 17",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.17", 3, "\x5F\xC1\x1D", "\x10\x11",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_18, "Retired X.509 Certificate for Key Management 18",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.18", 3, "\x5F\xC1\x1E", "\x10\x12",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_19, "Retired X.509 Certificate for Key Management 19",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.19", 3, "\x5F\xC1\x1F", "\x10\x13",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_RETIRED_X509_20, "Retired X.509 Certificate for Key Management 20",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.20", 3, "\x5F\xC1\x20", "\x10\x14",
PIV_OBJECT_NOT_PRESENT|PIV_OBJECT_TYPE_CERT | PIV_OBJECT_NEEDS_VCI},
{ PIV_OBJ_IRIS_IMAGE, "Cardholder Iris Images",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.21", 3, "\x5F\xC1\x21", "\x10\x15", PIV_OBJECT_NEEDS_PIN | PIV_OBJECT_NEEDS_VCI},
/* 800-73-4, 3 new objects */
{ PIV_OBJ_BITGT, "Biometric Information Templates Group Template",
SC_ASN1_APP | SC_ASN1_CONS | 0x1F61,
"2.16.840.1.101.3.7.2.16.22", 2, "\x7F\x61", "\x10\x16", 0},
{ PIV_OBJ_SM_CERT_SIGNER, "Secure Messaging Certificate Signer",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.23", 3, "\x5F\xC1\x22", "\x10\x17",
PIV_OBJECT_TYPE_CERT | PIV_OBJECT_TYPE_CVC},
{PIV_OBJ_PCRDCS, "Pairing Code Reference Data Container",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.16.24", 3, "\x5F\xC1\x23", "\x10\x18", PIV_OBJECT_NEEDS_PIN | PIV_OBJECT_NEEDS_VCI},
/* following not standard , to be used by piv-tool only for testing */
{ PIV_OBJ_9B03, "3DES-ECB ADM",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.3", 2, "\x9B\x03", "\x9B\x03", 0},
/* Only used when signing a cert req, usually from engine
* after piv-tool generated the key and saved the pub key
* to a file. Note RSA key can be 1024, 2048 or 3072
* but still use the "9x06" name.
*/
{ PIV_OBJ_9A06, "RSA 9A Pub key from last genkey",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.20", 2, "\x9A\x06", "\x9A\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9C06, "Pub 9C key from last genkey",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.21", 2, "\x9C\x06", "\x9C\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9D06, "Pub 9D key from last genkey",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.22", 2, "\x9D\x06", "\x9D\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9E06, "Pub 9E key from last genkey",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.23", 2, "\x9E\x06", "\x9E\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8206, "Pub 82 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.101", 2, "\x82\x06", "\x82\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8306, "Pub 83 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.102", 2, "\x83\x06", "\x83\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8406, "Pub 84 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.103", 2, "\x84\x06", "\x84\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8506, "Pub 85 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.104", 2, "\x85\x06", "\x85\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8606, "Pub 86 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.105", 2, "\x86\x06", "\x86\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8706, "Pub 87 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.106", 2, "\x87\x06", "\x87\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8806, "Pub 88 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.107", 2, "\x88\x06", "\x88\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8906, "Pub 89 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.108", 2, "\x89\x06", "\x89\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8A06, "Pub 8A key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.109", 2, "\x8A\x06", "\x8A\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8B06, "Pub 8B key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.110", 2, "\x8B\x06", "\x8B\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8C06, "Pub 8C key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.111", 2, "\x8C\x06", "\x8C\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8D06, "Pub 8D key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.112", 2, "\x8D\x06", "\x8D\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8E06, "Pub 8E key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.113", 2, "\x8E\x06", "\x8E\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_8F06, "Pub 8F key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.114", 2, "\x8F\x06", "\x8F\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9006, "Pub 90 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.115", 2, "\x90\x06", "\x90\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9106, "Pub 91 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.116", 2, "\x91\x06", "\x91\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9206, "Pub 92 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.117", 2, "\x92\x06", "\x92\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9306, "Pub 93 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.118", 2, "\x93\x06", "\x93\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9406, "Pub 94 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.119", 2, "\x94\x06", "\x94\x06", PIV_OBJECT_TYPE_PUBKEY},
{ PIV_OBJ_9506, "Pub 95 key ",
SC_ASN1_APP | 0x13,
"2.16.840.1.101.3.7.2.9999.120", 2, "\x95\x06", "\x95\x06", PIV_OBJECT_TYPE_PUBKEY},
/*
* "Secure Messaging Certificate Signer" is just a certificate.
* No pub or private key on the card.
*/
{ PIV_OBJ_LAST_ENUM, "", 0, "", 0, "", "", 0}
};
// clang-format on
static struct sc_card_operations piv_ops;
static struct sc_card_driver piv_drv = {
"Personal Identity Verification Card",
"PIV-II",
&piv_ops,
NULL, 0, NULL
};
static int piv_get_cached_data(sc_card_t * card, int enumtag, u8 **buf, size_t *buf_len);
static int piv_cache_internal_data(sc_card_t *card, int enumtag);
static int piv_logout(sc_card_t *card);
static int piv_match_card_continued(sc_card_t *card);
static int piv_obj_cache_free_entry(sc_card_t *card, int enumtag, int flags);
/* compare sc_asn1_read_tag to expected tag_long */
/* after #2079 can be converted to inline "if ((cla<<24 ! tag) == tag_long))" */
static int piv_is_expected_tag(unsigned int cla, unsigned int tag, unsigned int tag_long)
{
unsigned int tag_read = tag;
/* UNIVERSAL is 0, PRIVATE is both APPLICATION and CONTEXT */
tag_read |= ((cla & SC_ASN1_TAG_APPLICATION) ? SC_ASN1_APP : 0);
tag_read |= ((cla & SC_ASN1_TAG_CONTEXT) ? SC_ASN1_CTX : 0);
tag_read |= ((cla & SC_ASN1_TAG_CONSTRUCTED) ? SC_ASN1_CONS : 0);
return (tag_read == tag_long);
}
#ifdef ENABLE_PIV_SM
static void piv_inc(u8 *counter, size_t size);
static int piv_encode_apdu(sc_card_t *card, sc_apdu_t *plain, sc_apdu_t *sm_apdu);
static int piv_get_sm_apdu(sc_card_t *card, sc_apdu_t *plain, sc_apdu_t **sm_apdu);
static int piv_free_sm_apdu(sc_card_t *card, sc_apdu_t *plain, sc_apdu_t **sm_apdu);
static int piv_get_asn1_obj(sc_context_t *ctx, void *arg, const u8 *obj, size_t len, int depth);
static int piv_sm_open(struct sc_card *card);
static int piv_decode_apdu(sc_card_t *card, sc_apdu_t *plain, sc_apdu_t *sm_apdu);
static int piv_sm_close(sc_card_t *card);
static void piv_clear_cvc_content(piv_cvc_t *cvc);
static void piv_clear_sm_session(piv_sm_session_t *session);
static int piv_decode_cvc(sc_card_t * card, u8 **buf, size_t *buflen, piv_cvc_t *cvc);
static int piv_parse_pairing_code(sc_card_t *card, const char *option);
static int Q2OS(int fsize, u8 *Q, size_t Qlen, u8 * OS, size_t *OSlen);
static int piv_send_vci_pairing_code(struct sc_card *card, u8 *paring_code);
static int piv_sm_verify_sig(struct sc_card *card, const EVP_MD *type,
EVP_PKEY *pkey, u8 *data, size_t data_size,
unsigned char *sig, size_t siglen);
static int piv_sm_verify_certs(struct sc_card *card);
static void piv_inc(u8 *counter, size_t size)
{
unsigned int c = 1;
unsigned int b;
int i;
for (i = size - 1; c != 0 && i >= 0; i--){
b = c + counter[i];
counter[i] = b & 0xff;
c = b>>8;
}
}
/*
* Construct SM protected APDU
*/
static int piv_encode_apdu(sc_card_t *card, sc_apdu_t *plain, sc_apdu_t *sm_apdu)
{
int r = 0;
piv_private_data_t * priv = PIV_DATA(card);
cipher_suite_t *cs = priv->cs;
u8 pad[16] ={0x80};
u8 zeros[16] = {0x00};
u8 IV[16];
u8 header[16];
int padlen = 16; /* may be less */
u8 *sbuf = NULL;
size_t sbuflen = 0;
int MCVlen = 16;
int enc_datalen = 0;
int T87len;
int T97len = 2 + 1;
int T8Elen = 2 + 8;
int outli = 0;
int outl = 0;
int outll = 0;
int outdl = 0;
u8 discard[16];
int macdatalen;
size_t C_MCVlen = 16; /* debugging*/
u8 *p;
EVP_CIPHER_CTX *ed_ctx = NULL;
#if OPENSSL_VERSION_NUMBER < 0x30000000L
CMAC_CTX *cmac_ctx = NULL;
#else
EVP_MAC_CTX *cmac_ctx = NULL;
EVP_MAC *mac = NULL;
OSSL_PARAM cmac_params[2];
size_t cmac_params_n;
#endif
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
#if OPENSSL_VERSION_NUMBER < 0x30000000L
cmac_ctx = CMAC_CTX_new();
if (cmac_ctx == NULL) {
r = SC_ERROR_INTERNAL;
goto err;
}
#else
mac = EVP_MAC_fetch(PIV_LIBCTX, "cmac", NULL);
cmac_params_n = 0;
cmac_params[cmac_params_n++] = OSSL_PARAM_construct_utf8_string("cipher", cs->cipher_cbc_name, 0);
cmac_params[cmac_params_n] = OSSL_PARAM_construct_end();
if (mac == NULL
|| (cmac_ctx = EVP_MAC_CTX_new(mac)) == NULL) {
piv_log_openssl(card->ctx);
r = SC_ERROR_INTERNAL;
goto err;
}
#endif
ed_ctx = EVP_CIPHER_CTX_new();
if (ed_ctx == NULL) {
r = SC_ERROR_INTERNAL;
goto err;
}
if (EVP_EncryptInit_ex(ed_ctx, (*cs->cipher_ecb)(), NULL, priv->sm_session.SKenc, zeros) != 1
|| EVP_CIPHER_CTX_set_padding(ed_ctx, 0) != 1
|| EVP_EncryptUpdate(ed_ctx, IV, &outli, priv->sm_session.enc_counter, 16) != 1
|| EVP_EncryptFinal_ex(ed_ctx, discard, &outdl) != 1
|| outdl != 0) {
sc_log(card->ctx,"SM encode failed in OpenSSL");
piv_log_openssl(card->ctx);
r = SC_ERROR_INTERNAL;
goto err;
}
sm_apdu->cla = 0x0c;
sm_apdu->ins = plain->ins;
sm_apdu->p1 = plain->p1;
sm_apdu->p2 = plain->p2;
/*
* All APDUs will be converted to case as SM data is always sent and received
* if plain->cse == SC_APDU_CASE_1 it never has the the 0x20 bit set
* which "let OpenSC decides whether to use short or extended APDUs"
* PIV SM data added for plain->cse == SC_APDU_CASE_1 will not need extended APDUs.
*
* NIST 800-73-4 does not say if cards can or must support extended APDUs
* they must support command chaining and multiple get response APDUs and
* all examples use short APDUs. The following keep the option open to use extended
* APDUs in future specifications or "PIV like" cards are know to
* support extended APDUs.
*
* Turn off the CASE bits, and set CASE 4 in sm_apdu.
*/
sm_apdu->cse = (plain->cse & ~SC_APDU_SHORT_MASK) | SC_APDU_CASE_4_SHORT;
p = header; /* to be included in CMAC */