GlobalPlatformLibrary: globalplatform/security.h Source File

00001 /*  Copyright (c) 2009, Karsten Ohme
00002  *  This file is part of GlobalPlatform.
00003  *
00004  *  GlobalPlatform is free software: you can redistribute it and/or modify
00005  *  it under the terms of the GNU Lesser General Public License as published by
00006  *  the Free Software Foundation, either version 3 of the License, or
00007  *  (at your option) any later version.
00008  *
00009  *  GlobalPlatform is distributed in the hope that it will be useful,
00010  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00011  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00012  *  GNU Lesser General Public License for more details.
00013  *
00014  *  You should have received a copy of the GNU Lesser General Public License
00015  *  along with GlobalPlatform.  If not, see <http://www.gnu.org/licenses/>.
00016  */
00017 
00022 #ifndef SECURITY_H_
00023 #define SECURITY_H_
00024 
00025 #ifdef __cplusplus
00026 extern "C"
00027 {
00028 #endif
00029 
00030 #include "types.h"
00031 
00032 #define OP_201 201 //!< OpenPlatform specification 2.0.1' mode
00033 #define GP_211 211 //!< GlobalPlatform specification 2.1.1 mode
00034 
00035 /* Secure Channel stuff */
00036 
00037 #define GP211_SCP01 0x01 //!< Secure Channel Protocol '01'
00038 #define GP211_SCP02 0x02 //!< Secure Channel Protocol '02'
00039 
00043 #define GP211_SCP01_IMPL_i05 0x05
00044 
00047 #define GP211_SCP01_IMPL_i15 0x15
00048 
00053 #define GP211_SCP02_IMPL_i44 0x44
00054 
00059 #define GP211_SCP02_IMPL_i45 0x45
00060 
00064 #define GP211_SCP02_IMPL_i54 0x54
00065 
00069 #define GP211_SCP02_IMPL_i55 0x55
00070 
00073 #define GP211_SCP02_IMPL_i04 0x04
00074 
00077 #define GP211_SCP02_IMPL_i05 0x05
00078 
00081 #define GP211_SCP02_IMPL_i0A 0x0A
00082 
00085 #define GP211_SCP02_IMPL_i0B 0x0B
00086 
00090 #define GP211_SCP02_IMPL_i14 0x14
00091 
00095 #define GP211_SCP02_IMPL_i15 0x15
00096 
00099 #define GP211_SCP02_IMPL_i1A 0x1A
00100 
00103 #define GP211_SCP02_IMPL_i1B 0x1B
00104 
00105 
00106 #define GP211_SCP01_SECURITY_LEVEL_C_DEC_C_MAC 0x03 //!< Secure Channel Protocol '01': C-DECRYPTION and C-MAC
00107 #define GP211_SCP01_SECURITY_LEVEL_C_MAC 0x01 //!< Secure Channel Protocol '01': C-MAC
00108 #define GP211_SCP01_SECURITY_LEVEL_NO_SECURE_MESSAGING 0x00 //!< Secure Channel Protocol '01': No secure messaging expected.
00109 
00110 #define GP211_SCP02_SECURITY_LEVEL_C_DEC_C_MAC_R_MAC 0x13 //!< Secure Channel Protocol '02': C-DECRYPTION, C-MAC and R-MAC
00111 #define GP211_SCP02_SECURITY_LEVEL_C_MAC_R_MAC 0x11 //!< Secure Channel Protocol '02': C-MAC and R-MAC
00112 #define GP211_SCP02_SECURITY_LEVEL_R_MAC 0x10 //!< Secure Channel Protocol '02': R-MAC
00113 #define GP211_SCP02_SECURITY_LEVEL_C_DEC_C_MAC 0x03 //!< Secure Channel Protocol '02': C-DECRYPTION and C-MAC
00114 #define GP211_SCP02_SECURITY_LEVEL_C_MAC 0x01 //!< Secure Channel Protocol '02': C-MAC
00115 #define GP211_SCP02_SECURITY_LEVEL_NO_SECURE_MESSAGING 0x00 //!< Secure Channel Protocol '02': No secure messaging expected.
00116 
00117 #define GP211_KEY_TYPE_RSA_PUB_N 0xA1 //!< 'A1' RSA Public Key - modulus N component (clear text).
00118 #define GP211_KEY_TYPE_RSA_PUB_E 0xA0 //!< 'A0' RSA Public Key - public exponent e component (clear text)
00119 #define GP211_KEY_TYPE_RSA_PRIV_N 0xA2 //!< ''A2' RSA Private Key - modulus N component
00120 #define GP211_KEY_TYPE_RSA_PRIV_D 0xA3 //!< ''A3' RSA Private Key - private exponent d component
00121 #define GP211_KEY_TYPE_RSA_PRIV_P 0xA4 //!< ''A4' RSA Private Key - Chinese Remainder P component
00122 #define GP211_KEY_TYPE_RSA_PRIV_Q 0xA5 //!< ''A5' RSA Private Key - Chinese Remainder Q component
00123 #define GP211_KEY_TYPE_RSA_PRIV_PQ 0xA6 //!< ''A6' RSA Private Key - Chinese Remainder PQ component
00124 #define GP211_KEY_TYPE_RSA_PRIV_DP1 0xA7 //!< ''A7' RSA Private Key - Chinese Remainder DP1 component
00125 #define GP211_KEY_TYPE_RSA_PRIV_DQ1 0xA8 //!< ''A8' RSA Private Key - Chinese Remainder DQ1 component
00126 
00127 
00128 #define GP211_KEY_TYPE_3DES 0x81 //!< Reserved (triple DES).
00129 #define GP211_KEY_TYPE_DES 0x80 //!< '80' DES mode (EBC/CBC) implicitly known.
00130 #define GP211_KEY_TYPE_3DES_CBC 0x82 //!<'82' Triple DES in CBC mode.
00131 #define GP211_KEY_TYPE_DES_ECB 0x83 //!<'83' DES in ECB mode.
00132 #define GP211_KEY_TYPE_DES_CBC 0x84 //!<'84' DES in CBC mode.
00133 
00134 #define OP201_SECURITY_LEVEL_ENC_MAC 0x03 //!< Command messages are signed and encrypted.
00135 #define OP201_SECURITY_LEVEL_MAC 0x01 //!< Command messages are signed.
00136 #define OP201_SECURITY_LEVEL_PLAIN 0x00 //!< Command messages are plaintext.
00137 
00138 #define OP201_KEY_TYPE_RSA_PUP_N 0xA1 //!< 'A1' RSA Public Key - modulus N component (clear text).
00139 #define OP201_KEY_TYPE_RSA_PUP_E 0xA0 //!< 'A0' RSA Public Key - public exponent e component (clear text)
00140 #define OP201_KEY_TYPE_DES 0x80 //!< DES (ECB/CBC) key.
00141 #define OP201_KEY_TYPE_DES_ECB 0x81 //!< DES ECB.
00142 #define OP201_KEY_TYPE_DES_CBC 0x82 //!< DES CBC.
00143 
00147 typedef struct {
00148         BYTE securityLevel; 
00149         BYTE sessionMacKey[16]; 
00150         BYTE sessionEncKey[16]; 
00151         BYTE lastMac[8]; 
00152         /* Augusto: added two more attributes for key information */
00153         BYTE keySetVersion; 
00154         BYTE keyIndex; 
00155         /* end */
00156 } OP201_SECURITY_INFO;
00157 
00158 
00162 typedef struct {
00163         BYTE securityLevel; 
00164         BYTE secureChannelProtocol; 
00165         BYTE secureChannelProtocolImpl; 
00166         BYTE C_MACSessionKey[16]; 
00167         BYTE R_MACSessionKey[16]; 
00168         BYTE encryptionSessionKey[16]; 
00169         BYTE dataEncryptionSessionKey[16]; 
00170         BYTE lastC_MAC[8]; 
00171         BYTE lastR_MAC[8]; 
00172         /* Augusto: added two more attributes for key information */
00173         BYTE keySetVersion; 
00174         BYTE keyIndex; 
00175         /* end */
00176 } GP211_SECURITY_INFO;
00177 
00183 typedef struct {
00184         BYTE securityDomainAIDLength; 
00185         BYTE securityDomainAID[16]; 
00186         BYTE signatureLength; 
00187         BYTE signature[128]; 
00188 } OP201_DAP_BLOCK, OP201_RSA_DAP_BLOCK, OP201_3DES_DAP_BLOCK;
00189 
00190 
00191 
00195 typedef struct {
00196         BYTE receiptLength; 
00197         BYTE receipt[8]; 
00198         BYTE confirmationCounterLength; 
00199         BYTE confirmationCounter[2]; 
00200         BYTE cardUniqueDataLength; 
00201         BYTE cardUniqueData[10]; 
00202 } OP201_RECEIPT_DATA;
00203 
00204 
00205 
00206 
00210 typedef struct {
00211         BYTE keySetVersion; 
00212         BYTE keyIndex; 
00213         BYTE keyType; 
00214         BYTE keyLength; 
00215 } OP201_KEY_INFORMATION;
00216 
00221 typedef struct {
00222         BYTE securityDomainAIDLength; 
00223         BYTE securityDomainAID[16]; 
00224         BYTE signatureLength; 
00225         BYTE signature[128]; 
00226 } GP211_DAP_BLOCK, GP211_RSA_DAP_BLOCK, GP211_3DES_DAP_BLOCK;
00227 
00228 
00232 typedef struct {
00233         BYTE receiptLength; 
00234         BYTE receipt[8]; 
00235         BYTE confirmationCounterLength; 
00236         BYTE confirmationCounter[2]; 
00237         BYTE cardUniqueDataLength; 
00238         BYTE cardUniqueData[10]; 
00239 } GP211_RECEIPT_DATA;
00240 
00241 
00245 typedef struct {
00246         BYTE keySetVersion; 
00247         BYTE keyIndex; 
00248         BYTE keyType; 
00249         BYTE keyLength; 
00250 } GP211_KEY_INFORMATION;
00251 
00252 
00253 
00254 #ifdef __cplusplus
00255 }
00256 #endif
00257 #endif /* SECURITY_H_ */