File indexing completed on 2024-06-23 05:14:11
0001 /* smartcard/pivcard.cpp 0002 0003 This file is part of Kleopatra, the KDE keymanager 0004 SPDX-FileCopyrightText: 2020 g10 Code GmbH 0005 SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de> 0006 0007 SPDX-License-Identifier: GPL-2.0-or-later 0008 */ 0009 0010 #include "pivcard.h" 0011 0012 #include "algorithminfo.h" 0013 #include "keypairinfo.h" 0014 0015 #include <KLocalizedString> 0016 0017 #include "kleopatra_debug.h" 0018 0019 using namespace Kleo; 0020 using namespace Kleo::SmartCard; 0021 0022 // static 0023 const std::string PIVCard::AppName = "piv"; 0024 0025 PIVCard::PIVCard(const Card &card) 0026 : Card(card) 0027 { 0028 setAppName(AppName); 0029 setInitialKeyInfos(PIVCard::supportedKeys()); 0030 } 0031 0032 // static 0033 std::string PIVCard::pivAuthenticationKeyRef() 0034 { 0035 return std::string("PIV.9A"); 0036 } 0037 0038 // static 0039 std::string PIVCard::cardAuthenticationKeyRef() 0040 { 0041 return std::string("PIV.9E"); 0042 } 0043 0044 // static 0045 std::string PIVCard::digitalSignatureKeyRef() 0046 { 0047 return std::string("PIV.9C"); 0048 } 0049 0050 // static 0051 std::string PIVCard::keyManagementKeyRef() 0052 { 0053 return std::string("PIV.9D"); 0054 } 0055 0056 // static 0057 std::string PIVCard::pinKeyRef() 0058 { 0059 return std::string("PIV.80"); 0060 } 0061 0062 // static 0063 std::string PIVCard::pukKeyRef() 0064 { 0065 return std::string("PIV.81"); 0066 } 0067 0068 // static 0069 const std::vector<KeyPairInfo> &PIVCard::supportedKeys() 0070 { 0071 static const std::vector<KeyPairInfo> keyInfos = { 0072 {PIVCard::pivAuthenticationKeyRef(), "", "a", "", ""}, 0073 {PIVCard::cardAuthenticationKeyRef(), "", "a", "", ""}, 0074 {PIVCard::digitalSignatureKeyRef(), "", "sc", "", ""}, 0075 {PIVCard::keyManagementKeyRef(), "", "e", "", ""}, 0076 }; 0077 0078 return keyInfos; 0079 } 0080 0081 // static 0082 QString PIVCard::keyDisplayName(const std::string &keyRef) 0083 { 0084 static const QMap<std::string, QString> displayNames = { 0085 {PIVCard::pivAuthenticationKeyRef(), i18n("PIV Authentication Key")}, 0086 {PIVCard::cardAuthenticationKeyRef(), i18n("Card Authentication Key")}, 0087 {PIVCard::digitalSignatureKeyRef(), i18n("Digital Signature Key")}, 0088 {PIVCard::keyManagementKeyRef(), i18n("Key Management Key")}, 0089 }; 0090 0091 return displayNames.value(keyRef); 0092 } 0093 0094 // static 0095 std::vector<AlgorithmInfo> PIVCard::supportedAlgorithms(const std::string &keyRef) 0096 { 0097 if (keyRef == PIVCard::keyManagementKeyRef()) { 0098 return { 0099 {"rsa2048", i18n("RSA key transport (2048 bits)")}, 0100 {"nistp256", i18n("ECDH (Curve P-256)")}, 0101 {"nistp384", i18n("ECDH (Curve P-384)")}, 0102 }; 0103 } else if (keyRef == PIVCard::digitalSignatureKeyRef()) { 0104 return { 0105 {"rsa2048", i18n("RSA (2048 bits)")}, 0106 {"nistp256", i18n("ECDSA (Curve P-256)")}, 0107 {"nistp384", i18n("ECDSA (Curve P-384)")}, 0108 }; 0109 } 0110 0111 // NIST SP 800-78-4 does not allow Curve P-384 for PIV Authentication key or Card Authentication key 0112 return { 0113 {"rsa2048", i18n("RSA (2048 bits)")}, 0114 {"nistp256", i18n("ECDSA (Curve P-256)")}, 0115 }; 0116 } 0117 0118 std::string PIVCard::certificateData(const std::string &keyRef) const 0119 { 0120 return cardInfo("KLEO-CERTIFICATE-" + keyRef); 0121 } 0122 0123 void PIVCard::setCertificateData(const std::string &keyRef, const std::string &data) 0124 { 0125 addCardInfo("KLEO-CERTIFICATE-" + keyRef, data); 0126 }