sctloc.c

SecuDe是一个由安全应用程序接口组成,对验证机制、证件处理、PEM、X.400报文处理和密钥管理提供支持。SecuDe提供DES、 RSA杂凑函数、密钥生成以及数字签名的生成和核实等多种密码机制。

/*-------------------------------------------------------+-----*/
/*                                                       | GMD */
/*   SYSTEM   STAMOD  -  Version 2.0                     +-----*/
/*                                                             */
/*-------------------------------------------------------------*/
/*                                                             */
/*    PACKAGE   SCTLOC                  VERSION 2.0            */
/*                                         DATE                */
/*                                           BY Levona Eckstein*/
/*                                                             */
/*    FILENAME                                                 */
/*      sctloc.c                                               */
/*                                                             */
/*    DESCRIPTION                                              */
/*      Procedures for SCTINT                                  */
/*                                                             */
/*    IMPORT                DESCRIPTION                        */
/*                                                             */
/*      sta_aux_sct_apdu      dump sct-apdu in file            */
/*                                                             */
/*      sta_aux_bytestr_free  release bytes - pointer          */
/*                                                             */
/*      sta_aux_elemlen       eleminate length field in        */
/*                            response buffer                  */
/*      e_KeyAttrList         create datafield for             */
/*                            S_INST_USER_KEY, S_INST_DEV_KEY  */
/*                            S_INST_PIN                       */
/*                                                             */
/*    EXPORT                DESCRIPTION                        */
/*      SCTcreate             create S-Command                 */
/*                                                             */
/*      SCTerr                error-handling                   */
/*                                                             */
/*      SCTstatus             send status                      */
/*                                                             */
/*      SCTcheck              check 1 or 3 bytes               */
/*                                                             */
/*      SCTresponse           analyse response                 */
/*                                                             */
/*      SCTenc                encrypt SCT command              */
/*                                                             */
/*      SCTdec                decrypt SCT response             */
/*                                                             */
/*    INTERNAL              DESCRIPTION                        */
/*      SCTalloc              allocate buffer for command      */
/*                                                             */
/*      SCTbytestring         create datafield of command      */
/*                                                             */
/*      SCTparam              create parameter in command      */
/*                                                             */
/*      SCTplength            create lengthfield in apdu       */
/*                                                             */
/*      SCTppublic            create parameter 'public' in cmd */
/*                                                             */
/*      SCTwithNMdata         create command with not mandatory*/
/*                            datafield                        */
/*      SCTwithMdata          create command with mandatory    */
/*                            datafield                        */
/*      SCTnodata             create command with no datafield */
/*                                                             */
/*      LofPublic             calculate length of public       */
/*                            structure                        */
/*      LofKeycard            calculate length of WriteKeycard */
/*                            structure                        */
/*      SCTssc                in case of secure messaging      */
/*                            create ssc field in apdu         */
/*                                                             */
/*      SCTdevkeyinfo         create datafield for             */
/*                            S_GEN_DEV_KEY                    */
/*                                                             */
/*      SCTpininfo            create datafield for             */
/*                            S_INST_PIN                       */
/*                                                             */
/*      SCTclass              create class-byte                */
/*                                                             */
/*      SCTpurpose            create purpose-byte              */
/*                                                             */
/*      SCTsessionkey         create datafield for             */
/*                            S_GEN_SESSION_KEY                */
/*                                                             */
/*      SCTwritekeycard       create datafield for WRITE_KEYCARD*/
/*                                                             */
/*-------------------------------------------------------------*/

/*-------------------------------------------------------------*/
/*   include-Files                                             */
/*-------------------------------------------------------------*/
#include <stdio.h>
#ifndef MAC
#include <sys/time.h>
#else
#include <time.h>
#endif
#include <signal.h>
#include "sca.h"
#include "sctint.h"
#include "sctrc.h"
#include "sctloc.h"
#include "sctport.h"
#include "sctmem.h"
#include "error.h"		/* transmission module */



/*-------------------------------------------------------------*/
/*   extern declarations                                       */
/*-------------------------------------------------------------*/

extern void     sta_aux_sct_resp();
extern int      sta_aux_sct_apdu();
extern int      cr_sctlist();

extern unsigned int tp1_err;	/* error-variable from transmission module */
extern unsigned int sct_errno;	/* error variable               */
extern char    *sct_errmsg;	/* address of error message */
extern SCTerror sct_error[TABLEN];	/* message table */
extern void     sta_aux_bytestr_free();
extern void     sta_aux_elemlen();

extern void     e_KeyAttrList();

#ifdef STREAM
extern FILE    *sct_trfp;	/* Filepointer of trace file    */

#endif

/*-------------------------------------------------------------*/
/*   globale forward declarations                              */
/*-------------------------------------------------------------*/
char           *SCTcreate();
int             SCTstatus();
int             SCTcheck();
int             SCTresponse();
int             SCTenc();

/*-------------------------------------------------------------*/
/*   internal forward declarations                             */
/*-------------------------------------------------------------*/
static void     SCTbytestring();
static void     SCTparam();
static void     SCTplength();
static void     SCTbinval();
static void     SCTppublic();
static char    *SCTwithNMdata();
static char    *SCTwithMdata();
static char    *SCTnodata();
static char    *SCTalloc();
static unsigned int LofPublic();
static unsigned int LofKeycard();
static void     SCTssc();
static void     SCTdevkeyinfo();
static void     SCTpininfo();
static void     SCTsessionkey();
static unsigned int SCTclass();
static void     SCTwritekeycard();
static unsigned int SCTpurpose();

/*-------------------------------------------------------------*/
/*   type definitions                                          */
/*-------------------------------------------------------------*/


/*--------------------------------------------------------*/
/*                                                  | GMD */
/* Signal - Routine                                 +-----*/
/*                                                        */
/*--------------------------------------------------------*/
static
time_int()
{
/* Signal SIGALRM received      */
}



/*--------------------------------------------------------*/
/*                                                  | GMD */
/*                                                  +-----*/
/* PROC  SCTcreate           VERSION   2.0                */
/*                              DATE   November 1991      */
/*                                BY   L.Eckstein,GMD     */
/*                                                        */
/* DESCRIPTION                                            */
/*  Create s_apdu                                         */
/*                                                        */
/*                                                        */
/*                                                        */
/*                                                        */
/*                                                        */
/* IN                        DESCRIPTION                  */
/*   p_elem                   pointer of portparam struct.*/
/*							  */
/*   command                  instruction code            */
/*                                                        */
/*   request                  address of request structure*/
/*                                                        */
/* OUT                                                    */
/*   lapdu                    length of apdu              */
/*                                                        */
/*   flag                     flag for S_STATUS           */
/*                            set by S_REQUEST_SC         */
/*                                   S_CHANGE_PIN         */
/*                                   S_AUTH(ACP='21'/'31' */
/*                                   S_READ_KEYCARD       */
/*                                                        */
/*                                                        */
/*                                                        */
/*                                                        */
/*                                                        */
/*                                                        */
/* RETURN                    DESCRIPTION                  */
/*   pointer                   o.k (address of apdu )     */
/*                                                        */
/*   NULL                      error                      */
/*                             EPARMISSED                 */
/*                             EINVPAR                    */
/*                             EINVINS                    */
/*			       EMEMAVAIL                  */
/*						          */
/* CALLED FUNCTIONS					  */
/*   SCTalloc                                             */
/*   SCTbytestring                                        */
/*   SCTparam                                             */
/*   SCTplength                                           */
/*   SCTppublic                                           */
/*   SCTwithNMdata                                        */
/*   SCTwithMdata                                         */
/*   SCTnodata                                            */
/*   LofPublic                                            */
/*   LofKeycard                                           */
/*   SCTssc                                               */
/*   SCTdevkeyinfo                                        */
/*   SCTpininfo                                           */
/*   SCTclass                                             */
/*   SCTpurpose                                           */
/*   SCTsessionkey                                        */
/*   SCTwritekeycard                                      */
/*   e_KeyAttrList                                        */
/*   sta_aux_sct_apdu                                     */
/*--------------------------------------------------------*/
char           *
SCTcreate(p_elem, command, request, lapdu, flag)
	struct s_portparam *p_elem;	/* portparam structure */
	unsigned int    command;/* instruction code */
	Request        *request;/* request structure */
	unsigned int   *lapdu;	/* length of apdu   */
	BOOL           *flag;	/* flag for S_STATUS */
{
	/*----------------------------------------------------------*/
	/* Definitions                                            */
	/*----------------------------------------------------------*/
	char           *s_apdu;
	char           *ptr;
	unsigned int    ldata;
	unsigned int    lenofpublic;
	unsigned int    class;
	unsigned int    purpose;
	int             rc;
	BitString       sec_key;
	Bytestring      in_apdu;
	Bytestring      out_apdu;
	Boolean         no_secure_cmd = FALSE;

	/*----------------------------------------------------------*/
	/* Statements                                             */
	/*----------------------------------------------------------*/
	/*------------------------------------*/
	/* Initialisation                     */
	/*------------------------------------*/
	*flag = FALSE;
	sct_errno = 0;

	/*------------------------------------*/
	/* Build S_APDU without CLASS / INS   */
	/*------------------------------------*/

	switch (command) {
		/*--------------------------*/
		/* create S_REQUEST_SC      */
		/*--------------------------*/
	case S_REQUEST_SC:
		p_elem->sc_request = FALSE;
		s_apdu = SCTwithNMdata(p_elem, S_NOTUSED, RQP2.time,
				       RQDATA.outtext, lapdu);
		*flag = TRUE;
		break;

		/*--------------------------*/
		/* create S_DISPLAY         */
		/*--------------------------*/
	case S_DISPLAY:
		s_apdu = SCTwithNMdata(p_elem, S_NOTUSED, (unsigned) RQP2.time,
				       RQDATA.outtext, lapdu);
		break;

		/*--------------------------*/
		/* create S_EJECT_SC        */
		/*--------------------------*/
	case S_EJECT_SC:
		s_apdu = SCTwithNMdata(p_elem, S_NOTUSED, (unsigned) RQP2.signal,
				       RQDATA.outtext, lapdu);
		break;

		/*---------------------------------------------------------*/
		/* create S_STATUS- should only be called by the procedure */
		/* sct_interface                          */
		/*---------------------------------------------------------*/
	case S_STATUS:
		s_apdu = SCTnodata(p_elem, S_NOTUSED, S_NOTUSED, lapdu);
		break;
		/*---------------------------------------------------------*/
		/* create S_RESET - should only be called by the procedure */
		/* sct_reset                              */
		/* this command will always be send in plaintext           */
		/*---------------------------------------------------------*/
	case S_RESET:
		ldata = 0;
		no_secure_cmd = TRUE;

		if ((s_apdu = SCTalloc(ldata, &p_elem->secure_messaging,
				       lapdu)) == NULL)
			return (NULL);

		ptr = s_apdu + 2;
		*ptr++ = S_NOTUSED;
		*ptr++ = S_NOTUSED;
		*ptr = ldata;
		if (p_elem->secure_messaging.command != SEC_NORMAL)
			*lapdu = *lapdu - 1;
		break;

		/*------------------------------------------------------*/
		/* create S_TRANS                                       */
		/* the secure - parameter defines the secure messaging  */
		/* between SCT and SC                                   */
		/*------------------------------------------------------*/
	case S_TRANS:
		if ((RQP1.secmode != TRANSP) &&
		    (RQP1.secmode != SECURE)) {
			sct_errno = EINVPAR;
			sct_errmsg = sct_error[sct_errno].msg;
			return (NULL);
		};

		if ((RQDATA.sccommand == BYTENULL) ||
		    (RQDATA.sccommand->nbytes == 0) ||
		    (RQDATA.sccommand->bytes == NULL)) {
			sct_errno = EPARMISSED;
			sct_errmsg = sct_error[sct_errno].msg;
			return (NULL);
		};

		s_apdu = SCTwithMdata(p_elem, (unsigned) RQP1.secmode, S_NOTUSED,
				      RQDATA.sccommand, lapdu);
		break;

		/*--------------------------*/
		/* create S_GEN_USER_KEY    */
		/*--------------------------*/
	case S_GEN_USER_KEY:
		if (RQP2.algid == S_RSA_F4) {
			if (RQDATA.keylen == 0) {
				sct_errno = EPARMISSED;
				sct_errmsg = sct_error[sct_errno].msg;
				return (NULL);
			} else {
				if (RQDATA.keylen < 255)
					ldata = 1;
				else
					ldata = 2;
			}
		} else
			ldata = 0;

		if ((s_apdu = SCTalloc(ldata, &p_elem->secure_messaging,
				       lapdu)) == NULL)
			return (NULL);

		ptr = s_apdu + 2;

		SCTparam(&ptr, RQP1.kid, RQP2.algid);
		SCTplength(&ptr, ldata);
		SCTssc(&ptr, p_elem);
		if (ldata > 0)
			SCTbinval(&ptr, RQDATA.keylen);
		break;

		/*----------------------------*/
		/* create S_INST_USER_KEY     */
		/*----------------------------*/
	case S_INST_USER_KEY:

		if (RQDATKEYATTR == KEYATTRNULL) {
			sct_errno = EPARMISSED;
			sct_errmsg = sct_error[sct_errno].msg;