]>
Commit | Line | Data |
---|---|---|
21bd4958 FT |
1 | /** @file\r |
2 | The Smart Card Edge Protocol provides an abstraction for device to provide Smart\r | |
3 | Card support.\r | |
4 | \r | |
5 | This protocol allows UEFI applications to interface with a Smart Card during\r | |
6 | boot process for authentication or data signing/decryption, especially if the\r | |
7 | application has to make use of PKI.\r | |
8 | \r | |
497a5fb1 | 9 | Copyright (c) 2015-2018, Intel Corporation. All rights reserved.<BR>\r |
21bd4958 FT |
10 | This program and the accompanying materials\r |
11 | are licensed and made available under the terms and conditions of the BSD License\r | |
12 | which accompanies this distribution. The full text of the license may be found at\r | |
13 | http://opensource.org/licenses/bsd-license.php\r | |
14 | \r | |
15 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
16 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
17 | \r | |
497a5fb1 SZ |
18 | @par Revision Reference:\r |
19 | This Protocol was introduced in UEFI Specification 2.5.\r | |
20 | \r | |
21bd4958 FT |
21 | **/\r |
22 | \r | |
23 | #ifndef __SMART_CARD_EDGE_H__\r | |
24 | #define __SMART_CARD_EDGE_H__\r | |
25 | \r | |
26 | #define EFI_SMART_CARD_EDGE_PROTOCOL_GUID \\r | |
27 | { \\r | |
28 | 0xd317f29b, 0xa325, 0x4712, {0x9b, 0xf1, 0xc6, 0x19, 0x54, 0xdc, 0x19, 0x8c} \\r | |
29 | }\r | |
30 | \r | |
31 | typedef struct _EFI_SMART_CARD_EDGE_PROTOCOL EFI_SMART_CARD_EDGE_PROTOCOL;\r | |
32 | \r | |
33 | //\r | |
34 | // Maximum size for a Smart Card AID (Application IDentifier)\r | |
35 | //\r | |
36 | #define SCARD_AID_MAXSIZE 0x0010\r | |
37 | //\r | |
38 | // Size of CSN (Card Serial Number)\r | |
39 | //\r | |
40 | #define SCARD_CSN_SIZE 0x0010\r | |
41 | //\r | |
42 | // Current specification version 1.00\r | |
43 | //\r | |
44 | #define SMART_CARD_EDGE_PROTOCOL_VERSION_1 0x00000100\r | |
45 | //\r | |
46 | // Parameters type definition\r | |
47 | //\r | |
48 | typedef UINT8 SMART_CARD_AID[SCARD_AID_MAXSIZE];\r | |
49 | typedef UINT8 SMART_CARD_CSN[SCARD_CSN_SIZE];\r | |
50 | \r | |
51 | //\r | |
52 | // Type of data elements in credentials list\r | |
53 | //\r | |
54 | // value of tag field for header, the number of containers\r | |
55 | //\r | |
56 | #define SC_EDGE_TAG_HEADER 0x0000\r | |
57 | //\r | |
58 | // value of tag field for certificate\r | |
59 | //\r | |
60 | #define SC_EDGE_TAG_CERT 0x0001\r | |
61 | //\r | |
62 | // value of tag field for key index associated with certificate\r | |
63 | //\r | |
64 | #define SC_EDGE_TAG_KEY_ID 0x0002\r | |
65 | //\r | |
66 | // value of tag field for key type\r | |
67 | //\r | |
68 | #define SC_EDGE_TAG_KEY_TYPE 0x0003\r | |
69 | //\r | |
70 | // value of tag field for key size\r | |
71 | //\r | |
72 | #define SC_EDGE_TAG_KEY_SIZE 0x0004\r | |
73 | \r | |
74 | //\r | |
75 | // Length of L fields of TLV items\r | |
76 | //\r | |
77 | //\r | |
78 | // size of L field for header\r | |
79 | //\r | |
80 | #define SC_EDGE_L_SIZE_HEADER 1\r | |
81 | //\r | |
82 | // size of L field for certificate (big endian)\r | |
83 | //\r | |
84 | #define SC_EDGE_L_SIZE_CERT 2\r | |
85 | //\r | |
86 | // size of L field for key index\r | |
87 | //\r | |
88 | #define SC_EDGE_L_SIZE_KEY_ID 1\r | |
89 | //\r | |
90 | // size of L field for key type\r | |
91 | //\r | |
92 | #define SC_EDGE_L_SIZE_KEY_TYPE 1\r | |
93 | //\r | |
94 | // size of L field for key size (big endian)\r | |
95 | //\r | |
96 | #define SC_EDGE_L_SIZE_KEY_SIZE 2\r | |
97 | \r | |
98 | //\r | |
99 | // Some TLV items have a fixed value for L field\r | |
100 | //\r | |
101 | // value of L field for header\r | |
102 | //\r | |
103 | #define SC_EDGE_L_VALUE_HEADER 1\r | |
104 | //\r | |
105 | // value of L field for key index\r | |
106 | //\r | |
107 | #define SC_EDGE_L_VALUE_KEY_ID 1\r | |
108 | //\r | |
109 | // value of L field for key type\r | |
110 | //\r | |
111 | #define SC_EDGE_L_VALUE_KEY_TYPE 1\r | |
112 | //\r | |
113 | // value of L field for key size\r | |
114 | //\r | |
115 | #define SC_EDGE_L_VALUE_KEY_SIZE 2\r | |
116 | \r | |
117 | //\r | |
118 | // Possible values for key type\r | |
119 | //\r | |
120 | //\r | |
121 | // RSA decryption\r | |
122 | //\r | |
123 | #define SC_EDGE_RSA_EXCHANGE 0x01\r | |
124 | //\r | |
125 | // RSA signature\r | |
126 | //\r | |
127 | #define SC_EDGE_RSA_SIGNATURE 0x02\r | |
128 | //\r | |
129 | // ECDSA signature\r | |
130 | //\r | |
131 | #define SC_EDGE_ECDSA_256 0x03\r | |
132 | //\r | |
133 | // ECDSA signature\r | |
134 | //\r | |
135 | #define SC_EDGE_ECDSA_384 0x04\r | |
136 | //\r | |
137 | // ECDSA signature\r | |
138 | //\r | |
139 | #define SC_EDGE_ECDSA_521 0x05\r | |
140 | //\r | |
141 | // ECDH agreement\r | |
142 | //\r | |
143 | #define SC_EDGE_ECDH_256 0x06\r | |
144 | //\r | |
145 | // ECDH agreement\r | |
146 | //\r | |
147 | #define SC_EDGE_ECDH_384 0x07\r | |
148 | //\r | |
149 | // ECDH agreement\r | |
150 | //\r | |
151 | #define SC_EDGE_ECDH_521 0x08\r | |
152 | \r | |
153 | //\r | |
154 | // Padding methods GUIDs for signature\r | |
155 | //\r | |
156 | //\r | |
157 | // RSASSA- PKCS#1-V1.5 padding method, for signature\r | |
158 | //\r | |
159 | #define EFI_PADDING_RSASSA_PKCS1V1P5_GUID \\r | |
160 | { \\r | |
161 | 0x9317ec24, 0x7cb0, 0x4d0e, {0x8b, 0x32, 0x2e, 0xd9, 0x20, 0x9c, 0xd8, 0xaf} \\r | |
162 | }\r | |
163 | \r | |
164 | extern EFI_GUID gEfiPaddingRsassaPkcs1V1P5Guid;\r | |
165 | \r | |
166 | //\r | |
167 | // RSASSA-PSS padding method, for signature\r | |
168 | //\r | |
169 | #define EFI_PADDING_RSASSA_PSS_GUID \\r | |
170 | { \\r | |
171 | 0x7b2349e0, 0x522d, 0x4f8e, {0xb9, 0x27, 0x69, 0xd9, 0x7c, 0x9e, 0x79, 0x5f} \\r | |
172 | }\r | |
173 | \r | |
174 | extern EFI_GUID gEfiPaddingRsassaPssGuid;\r | |
175 | \r | |
176 | //\r | |
177 | // Padding methods GUIDs for decryption\r | |
178 | //\r | |
179 | //\r | |
180 | // No padding, for decryption\r | |
181 | //\r | |
182 | #define EFI_PADDING_NONE_GUID \\r | |
183 | { \\r | |
184 | 0x3629ddb1, 0x228c, 0x452e, {0xb6, 0x16, 0x09, 0xed, 0x31, 0x6a, 0x97, 0x00} \\r | |
185 | }\r | |
186 | \r | |
187 | extern EFI_GUID gEfiPaddingNoneGuid;\r | |
188 | \r | |
189 | //\r | |
190 | // RSAES-PKCS#1-V1.5 padding, for decryption\r | |
191 | //\r | |
192 | #define EFI_PADDING_RSAES_PKCS1V1P5_GUID \\r | |
193 | { \\r | |
194 | 0xe1c1d0a9, 0x40b1, 0x4632, {0xbd, 0xcc, 0xd9, 0xd6, 0xe5, 0x29, 0x56, 0x31} \\r | |
195 | }\r | |
196 | \r | |
197 | extern EFI_GUID gEfiPaddingRsaesPkcs1V1P5Guid;\r | |
198 | \r | |
199 | //\r | |
200 | // RSAES-OAEP padding, for decryption\r | |
201 | //\r | |
202 | #define EFI_PADDING_RSAES_OAEP_GUID \\r | |
203 | { \\r | |
204 | 0xc1e63ac4, 0xd0cf, 0x4ce6, {0x83, 0x5b, 0xee, 0xd0, 0xe6, 0xa8, 0xa4, 0x5b} \\r | |
205 | }\r | |
206 | \r | |
207 | extern EFI_GUID gEfiPaddingRsaesOaepGuid;\r | |
208 | \r | |
209 | /**\r | |
210 | This function retrieves the context driver.\r | |
211 | \r | |
212 | The GetContextfunction returns the context of the protocol, the application\r | |
213 | identifiers supported by the protocol and the number and the CSN unique identifier\r | |
214 | of Smart Cards that are present and supported by protocol.\r | |
215 | \r | |
216 | If AidTableSize, AidTable, CsnTableSize, CsnTable or VersionProtocol is NULL,\r | |
217 | the function does not fail but does not fill in such variables.\r | |
218 | \r | |
219 | In case AidTableSize indicates a buffer too small to hold all the protocol AID table,\r | |
220 | only the first AidTableSize items of the table are returned in AidTable.\r | |
221 | \r | |
222 | In case CsnTableSize indicates a buffer too small to hold the entire table of\r | |
223 | Smart Card CSN present, only the first CsnTableSize items of the table are returned\r | |
224 | in CsnTable.\r | |
225 | \r | |
226 | VersionScEdgeProtocol returns the version of the EFI_SMART_CARD_EDGE_PROTOCOL this\r | |
227 | driver uses. For this protocol specification value is SMART_CARD_EDGE_PROTOCOL_VERSION_1.\r | |
228 | \r | |
229 | In case of Smart Card removal the internal CSN list is immediately updated, even if\r | |
230 | a connection is opened with that Smart Card.\r | |
231 | \r | |
232 | @param[in] This Indicates a pointer to the calling context.\r | |
233 | @param[out] NumberAidSupported Number of AIDs this protocol supports.\r | |
234 | @param[in, out] AidTableSize On input, number of items allocated for the\r | |
235 | AID table. On output, number of items returned\r | |
236 | by protocol.\r | |
237 | @param[out] AidTable Table of the AIDs supported by the protocol.\r | |
238 | @param[out] NumberSCPresent Number of currently present Smart Cards that\r | |
239 | are supported by protocol.\r | |
240 | @param[in, out] CsnTableSize On input, the number of items the buffer CSN\r | |
241 | table can contain. On output, the number of\r | |
242 | items returned by the protocol.\r | |
243 | @param[out] CsnTable Table of the CSN of the Smart Card present and\r | |
244 | supported by protocol.\r | |
245 | @param[out] VersionScEdgeProtocol EFI_SMART_CARD_EDGE_PROTOCOL version.\r | |
246 | \r | |
247 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
248 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
249 | @retval EFI_INVALID_PARAMETER NumberSCPresent is NULL.\r | |
250 | \r | |
251 | **/\r | |
252 | typedef\r | |
253 | EFI_STATUS\r | |
254 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_CONTEXT) (\r | |
255 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
256 | OUT UINTN *NumberAidSupported,\r | |
257 | IN OUT UINTN *AidTableSize OPTIONAL,\r | |
258 | OUT SMART_CARD_AID *AidTable OPTIONAL,\r | |
259 | OUT UINTN *NumberSCPresent,\r | |
260 | IN OUT UINTN *CsnTableSize OPTIONAL,\r | |
261 | OUT SMART_CARD_CSN *CsnTable OPTIONAL,\r | |
262 | OUT UINT32 *VersionScEdgeProtocol OPTIONAL\r | |
263 | );\r | |
264 | \r | |
265 | /**\r | |
266 | This function establish a connection with a Smart Card the protocol support.\r | |
267 | \r | |
268 | In case of success the SCardHandle can be used.\r | |
269 | \r | |
270 | If the ScardCsn is NULL the connection is established with the first Smart Card\r | |
271 | the protocol finds in its table of Smart Card present and supported. Else it\r | |
272 | establish context with the Smart Card whose CSN given by ScardCsn.\r | |
273 | \r | |
274 | If ScardAid is not NULL the function returns the Smart Card AID the protocol supports.\r | |
275 | After a successful connect the SCardHandle will remain existing even in case Smart Card\r | |
276 | removed from Smart Card reader, but all function invoking this SCardHandle will fail.\r | |
277 | SCardHandle is released only on Disconnect.\r | |
278 | \r | |
279 | @param[in] This Indicates a pointer to the calling context.\r | |
280 | @param[out] SCardHandle Handle on Smart Card connection.\r | |
281 | @param[in] ScardCsn CSN of the Smart Card the connection has to be\r | |
282 | established.\r | |
283 | @param[out] ScardAid AID of the Smart Card the connection has been\r | |
284 | established.\r | |
285 | \r | |
286 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
287 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
288 | @retval EFI_INVALID_PARAMETER SCardHandle is NULL.\r | |
289 | @retval EFI_NO_MEDIA No Smart Card supported by protocol is present,\r | |
290 | Smart Card with CSN ScardCsn or Reader has been\r | |
291 | removed. A Disconnect should be performed.\r | |
292 | \r | |
293 | **/\r | |
294 | typedef\r | |
295 | EFI_STATUS\r | |
296 | (EFIAPI *EFI_SMART_CARD_EDGE_CONNECT) (\r | |
297 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
298 | OUT EFI_HANDLE *SCardHandle,\r | |
299 | IN UINT8 *ScardCsn OPTIONAL,\r | |
300 | OUT UINT8 *ScardAid OPTIONAL\r | |
301 | );\r | |
302 | \r | |
303 | /**\r | |
304 | This function releases a connection previously established by Connect.\r | |
305 | \r | |
306 | The Disconnect function releases the connection previously established by\r | |
307 | a Connect. In case the Smart Card or the Smart Card reader has been removed\r | |
308 | before this call, this function returns EFI_SUCCESS.\r | |
309 | \r | |
310 | @param[in] This Indicates a pointer to the calling context.\r | |
311 | @param[in] SCardHandle Handle on Smart Card connection to release.\r | |
312 | \r | |
313 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
314 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
315 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
316 | \r | |
317 | **/\r | |
318 | typedef\r | |
319 | EFI_STATUS\r | |
320 | (EFIAPI *EFI_SMART_CARD_EDGE_DISCONNECT) (\r | |
321 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
322 | IN EFI_HANDLE SCardHandle\r | |
323 | );\r | |
324 | \r | |
325 | /**\r | |
326 | This function returns the Smart Card serial number.\r | |
327 | \r | |
328 | @param[in] This Indicates a pointer to the calling context.\r | |
329 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
330 | @param[out] Csn The Card Serial number, 16 bytes array.\r | |
331 | \r | |
332 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
333 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
334 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
335 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
336 | has been removed. A Disconnect should be performed.\r | |
337 | \r | |
338 | **/\r | |
339 | typedef\r | |
340 | EFI_STATUS\r | |
341 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_CSN) (\r | |
342 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
343 | IN EFI_HANDLE SCardHandle,\r | |
344 | OUT UINT8 Csn[SCARD_CSN_SIZE]\r | |
345 | );\r | |
346 | \r | |
347 | /**\r | |
348 | This function returns the name of the Smart Card reader used for this connection.\r | |
349 | \r | |
350 | @param[in] This Indicates a pointer to the calling context.\r | |
351 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
352 | @param[in, out] ReaderNameLength On input, a pointer to the variable that holds\r | |
353 | the maximal size, in bytes, of ReaderName.\r | |
354 | On output, the required size, in bytes, for ReaderName.\r | |
355 | @param[out] ReaderName A pointer to a NULL terminated string that will\r | |
356 | contain the reader name.\r | |
357 | \r | |
358 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
359 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
360 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
361 | @retval EFI_INVALID_PARAMETER ReaderNameLength is NULL.\r | |
362 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
363 | has been removed. A Disconnect should be performed.\r | |
364 | \r | |
365 | **/\r | |
366 | typedef\r | |
367 | EFI_STATUS\r | |
368 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_READER_NAME) (\r | |
369 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
370 | IN EFI_HANDLE SCardHandle,\r | |
371 | IN OUT UINTN *ReaderNameLength,\r | |
372 | OUT CHAR16 *ReaderName OPTIONAL\r | |
373 | );\r | |
374 | \r | |
375 | /**\r | |
376 | This function authenticates a Smart Card user by presenting a PIN code.\r | |
377 | \r | |
378 | The VerifyPinfunction presents a PIN code to the Smart Card.\r | |
379 | \r | |
380 | If Smart Card found the PIN code correct the user is considered authenticated\r | |
381 | to current application, and the function returns TRUE.\r | |
382 | \r | |
383 | Negative or null PinSize value rejected if PinCodeis not NULL.\r | |
384 | \r | |
385 | A NULL PinCodebuffer means the application didn't know the PIN, in that case:\r | |
386 | - If PinSize value is negative the caller only wants to know if the current\r | |
387 | chain of the elements Smart Card Edge protocol, Smart Card Reader protocol\r | |
388 | and Smart Card Reader supports the Secure Pin Entry PCSC V2 functionality.\r | |
389 | - If PinSize value is positive or null the caller ask to perform the verify\r | |
390 | PIN using the Secure PIN Entry functionality.\r | |
391 | \r | |
392 | In PinCode buffer, the PIN value is always given in plaintext, in case of secure\r | |
393 | messaging the SMART_CARD_EDGE_PROTOCOL will be in charge of all intermediate\r | |
394 | treatments to build the correct Smart Card APDU.\r | |
395 | \r | |
396 | @param[in] This Indicates a pointer to the calling context.\r | |
397 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
398 | @param[in] PinSize PIN code buffer size.\r | |
399 | @param[in] PinCode PIN code to present to the Smart Card.\r | |
400 | @param[out] PinResult Result of PIN code presentation to the Smart Card.\r | |
401 | TRUE when Smard Card founds the PIN code correct.\r | |
402 | @param[out] RemainingAttempts Number of attempts still possible.\r | |
403 | \r | |
404 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
405 | @retval EFI_UNSUPPORTED Pinsize < 0 and Secure PIN Entry functionality not\r | |
406 | supported.\r | |
407 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
408 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
409 | @retval EFI_INVALID_PARAMETER Bad value for PinSize: value not supported by Smart\r | |
410 | Card or, negative with PinCode not null.\r | |
411 | @retval EFI_INVALID_PARAMETER PinResult is NULL.\r | |
412 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
413 | has been removed. A Disconnect should be performed.\r | |
414 | \r | |
415 | **/\r | |
416 | typedef\r | |
417 | EFI_STATUS\r | |
418 | (EFIAPI *EFI_SMART_CARD_EDGE_VERIFY_PIN) (\r | |
419 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
420 | IN EFI_HANDLE SCardHandle,\r | |
421 | IN INT32 PinSize,\r | |
422 | IN UINT8 *PinCode,\r | |
423 | OUT BOOLEAN *PinResult,\r | |
424 | OUT UINT32 *RemainingAttempts OPTIONAL\r | |
425 | );\r | |
426 | \r | |
427 | /**\r | |
428 | This function gives the remaining number of attempts for PIN code presentation.\r | |
429 | \r | |
430 | The number of attempts to present a correct PIN is limited and depends on Smart\r | |
431 | Card and on PIN.\r | |
432 | \r | |
433 | This function will retrieve the number of remaining possible attempts.\r | |
434 | \r | |
435 | @param[in] This Indicates a pointer to the calling context.\r | |
436 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
437 | @param[out] RemainingAttempts Number of attempts still possible.\r | |
438 | \r | |
439 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
440 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
441 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
442 | @retval EFI_INVALID_PARAMETER RemainingAttempts is NULL.\r | |
443 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
444 | has been removed. A Disconnect should be performed.\r | |
445 | \r | |
446 | **/\r | |
447 | typedef\r | |
448 | EFI_STATUS\r | |
449 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_PIN_REMAINING) (\r | |
450 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
451 | IN EFI_HANDLE SCardHandle,\r | |
452 | OUT UINT32 *RemainingAttempts\r | |
453 | );\r | |
454 | \r | |
455 | /**\r | |
456 | This function returns a specific data from Smart Card.\r | |
457 | \r | |
458 | The function is generic for any kind of data, but driver and application must\r | |
459 | share an EFI_GUID that identify the data.\r | |
460 | \r | |
461 | @param[in] This Indicates a pointer to the calling context.\r | |
462 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
463 | @param[in] DataId The type identifier of the data to get.\r | |
464 | @param[in, out] DataSize On input, in bytes, the size of Data. On output,\r | |
465 | in bytes, the size of buffer required to store\r | |
466 | the specified data.\r | |
467 | @param[out] Data The data buffer in which the data is returned.\r | |
468 | The type of the data buffer is associated with\r | |
469 | the DataId. Ignored if *DataSize is 0.\r | |
470 | \r | |
471 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
472 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
473 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
474 | @retval EFI_INVALID_PARAMETER DataId is NULL.\r | |
475 | @retval EFI_INVALID_PARAMETER DataSize is NULL.\r | |
476 | @retval EFI_INVALID_PARAMETER Data is NULL, and *DataSize is not zero.\r | |
477 | @retval EFI_NOT_FOUND DataId unknown for this driver.\r | |
478 | @retval EFI_BUFFER_TOO_SMALL The size of Data is too small for the specified\r | |
479 | data and the required size is returned in DataSize.\r | |
480 | @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.\r | |
481 | PIN not verified.\r | |
482 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
483 | has been removed. A Disconnect should be performed.\r | |
484 | \r | |
485 | **/\r | |
486 | typedef\r | |
487 | EFI_STATUS\r | |
488 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_DATA) (\r | |
489 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
490 | IN EFI_HANDLE SCardHandle,\r | |
491 | IN EFI_GUID *DataId,\r | |
492 | IN OUT UINTN *DataSize,\r | |
493 | OUT VOID *Data OPTIONAL\r | |
494 | );\r | |
495 | \r | |
496 | /**\r | |
497 | This function retrieve credentials store into the Smart Card.\r | |
498 | \r | |
499 | The function returns a series of items in TLV (Tag Length Value) format.\r | |
500 | \r | |
501 | First TLV item is the header item that gives the number of following\r | |
502 | containers (0x00, 0x01, Nb containers).\r | |
503 | \r | |
504 | All these containers are a series of 4 TLV items:\r | |
505 | - The certificate item (0x01, certificate size, certificate)\r | |
506 | - The Key identifier item (0x02, 0x01, key index)\r | |
507 | - The key type item (0x03, 0x01, key type)\r | |
508 | - The key size item (0x04, 0x02, key size), key size in number of bits.\r | |
509 | Numeric multi-bytes values are on big endian format, most significant byte first:\r | |
510 | - The L field value for certificate (2 bytes)\r | |
511 | - The L field value for key size (2 bytes)\r | |
512 | - The value field for key size (2 bytes)\r | |
513 | \r | |
514 | @param[in] This Indicates a pointer to the calling context.\r | |
515 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
516 | @param[in, out] CredentialSize On input, in bytes, the size of buffer to store\r | |
517 | the list of credential.\r | |
518 | On output, in bytes, the size of buffer required\r | |
519 | to store the entire list of credentials.\r | |
520 | \r | |
521 | @param[out] CredentialList List of credentials stored into the Smart Card.\r | |
522 | A list of TLV (Tag Length Value) elements organized\r | |
523 | in containers array.\r | |
524 | \r | |
525 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
526 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
527 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
528 | @retval EFI_INVALID_PARAMETER CredentialSize is NULL.\r | |
529 | @retval EFI_INVALID_PARAMETER CredentialList is NULL, if CredentialSize is not zero.\r | |
530 | @retval EFI_BUFFER_TOO_SMALL The size of CredentialList is too small for the\r | |
531 | specified data and the required size is returned in\r | |
532 | CredentialSize.\r | |
533 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
534 | has been removed. A Disconnect should be performed.\r | |
535 | \r | |
536 | **/\r | |
537 | typedef\r | |
538 | EFI_STATUS\r | |
539 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_CREDENTIAL) (\r | |
540 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
541 | IN EFI_HANDLE SCardHandle,\r | |
542 | IN OUT UINTN *CredentialSize,\r | |
543 | OUT UINT8 *CredentialList OPTIONAL\r | |
544 | );\r | |
545 | \r | |
546 | /**\r | |
547 | This function signs an already hashed data with a Smart Card private key.\r | |
548 | \r | |
549 | This function signs data, actually it is the hash of these data that is given\r | |
550 | to the function.\r | |
551 | \r | |
552 | SignatureData buffer shall be big enough for signature. Signature size is\r | |
553 | function key size and key type.\r | |
554 | \r | |
555 | @param[in] This Indicates a pointer to the calling context.\r | |
556 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
557 | @param[in] KeyId Identifier of the key container, retrieved\r | |
558 | in a key index item of credentials.\r | |
559 | @param[in] KeyType The key type, retrieved in a key type item of\r | |
560 | credentials.\r | |
561 | \r | |
562 | @param[in] HashAlgorithm Hash algorithm used to hash the, one of:\r | |
563 | - EFI_HASH_ALGORITHM_SHA1_GUID\r | |
564 | - EFI_HASH_ALGORITHM_SHA256_GUID\r | |
565 | - EFI_HASH_ALGORITHM_SHA384_GUID\r | |
566 | - EFI_HASH_ALGORITHM_SHA512_GUID\r | |
567 | @param[in] PaddingMethod Padding method used jointly with hash algorithm,\r | |
568 | one of:\r | |
569 | - EFI_PADDING_RSASSA_PKCS1V1P5_GUID\r | |
570 | - EFI_PADDING_RSASSA_PSS_GUID\r | |
571 | @param[in] HashedData Hash of the data to sign. Size is function of the\r | |
572 | HashAlgorithm.\r | |
573 | \r | |
574 | @param[out] SignatureData Resulting signature with private key KeyId. Size\r | |
575 | is function of the KeyType and key size retrieved\r | |
576 | in the associated key size item of credentials.\r | |
577 | \r | |
578 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
579 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
580 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
581 | @retval EFI_INVALID_PARAMETER KeyId is not valid.\r | |
582 | @retval EFI_INVALID_PARAMETER KeyType is not valid or not corresponding to KeyId.\r | |
583 | @retval EFI_INVALID_PARAMETER HashAlgorithm is NULL.\r | |
584 | @retval EFI_INVALID_PARAMETER HashAlgorithm is not valid.\r | |
585 | @retval EFI_INVALID_PARAMETER PaddingMethod is NULL.\r | |
586 | @retval EFI_INVALID_PARAMETER PaddingMethod is not valid.\r | |
587 | @retval EFI_INVALID_PARAMETER HashedData is NULL.\r | |
588 | @retval EFI_INVALID_PARAMETER SignatureData is NULL.\r | |
589 | @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.\r | |
590 | PIN not verified.\r | |
591 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
592 | has been removed. A Disconnect should be performed.\r | |
593 | \r | |
594 | **/\r | |
595 | typedef\r | |
596 | EFI_STATUS\r | |
597 | (EFIAPI *EFI_SMART_CARD_EDGE_SIGN_DATA) (\r | |
598 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
599 | IN EFI_HANDLE SCardHandle,\r | |
600 | IN UINTN KeyId,\r | |
601 | IN UINTN KeyType,\r | |
602 | IN EFI_GUID *HashAlgorithm,\r | |
603 | IN EFI_GUID *PaddingMethod,\r | |
604 | IN UINT8 *HashedData,\r | |
605 | OUT UINT8 *SignatureData\r | |
606 | );\r | |
607 | \r | |
608 | /**\r | |
609 | This function decrypts data with a PKI/RSA Smart Card private key.\r | |
610 | \r | |
611 | The function decrypts some PKI/RSA encrypted data with private key securely\r | |
612 | stored into the Smart Card.\r | |
613 | \r | |
614 | The KeyId must reference a key of type SC_EDGE_RSA_EXCHANGE.\r | |
615 | \r | |
616 | @param[in] This Indicates a pointer to the calling context.\r | |
617 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
618 | @param[in] KeyId Identifier of the key container, retrieved\r | |
619 | in a key index item of credentials.\r | |
620 | @param[in] HashAlgorithm Hash algorithm used to hash the, one of:\r | |
621 | - EFI_HASH_ALGORITHM_SHA1_GUID\r | |
622 | - EFI_HASH_ALGORITHM_SHA256_GUID\r | |
623 | - EFI_HASH_ALGORITHM_SHA384_GUID\r | |
624 | - EFI_HASH_ALGORITHM_SHA512_GUID\r | |
625 | @param[in] PaddingMethod Padding method used jointly with hash algorithm,\r | |
626 | one of:\r | |
627 | - EFI_PADDING_NONE_GUID\r | |
628 | - EFI_PADDING_RSAES_PKCS1V1P5_GUID\r | |
629 | - EFI_PADDING_RSAES_OAEP_GUID\r | |
630 | @param[in] EncryptedSize Size of data to decrypt.\r | |
631 | @param[in] EncryptedData Data to decrypt\r | |
632 | @param[in, out] PlaintextSize On input, in bytes, the size of buffer to store\r | |
633 | the decrypted data.\r | |
634 | On output, in bytes, the size of buffer required\r | |
635 | to store the decrypted data.\r | |
636 | @param[out] PlaintextData Buffer for decrypted data, padding removed.\r | |
637 | \r | |
638 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
639 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
640 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
641 | @retval EFI_INVALID_PARAMETER KeyId is not valid or associated key not of type\r | |
642 | SC_EDGE_RSA_EXCHANGE.\r | |
643 | @retval EFI_INVALID_PARAMETER HashAlgorithm is NULL.\r | |
644 | @retval EFI_INVALID_PARAMETER HashAlgorithm is not valid.\r | |
645 | @retval EFI_INVALID_PARAMETER PaddingMethod is NULL.\r | |
646 | @retval EFI_INVALID_PARAMETER PaddingMethod is not valid.\r | |
647 | @retval EFI_INVALID_PARAMETER EncryptedSize is 0.\r | |
648 | @retval EFI_INVALID_PARAMETER EncryptedData is NULL.\r | |
649 | @retval EFI_INVALID_PARAMETER PlaintextSize is NULL.\r | |
650 | @retval EFI_INVALID_PARAMETER PlaintextData is NULL.\r | |
651 | @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.\r | |
652 | PIN not verified.\r | |
653 | @retval EFI_BUFFER_TOO_SMALL PlaintextSize is too small for the plaintext data\r | |
654 | and the required size is returned in PlaintextSize.\r | |
655 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
656 | has been removed. A Disconnect should be performed.\r | |
657 | \r | |
658 | **/\r | |
659 | typedef\r | |
660 | EFI_STATUS\r | |
661 | (EFIAPI *EFI_SMART_CARD_EDGE_DECRYPT_DATA) (\r | |
662 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
663 | IN EFI_HANDLE SCardHandle,\r | |
664 | IN UINTN KeyId,\r | |
665 | IN EFI_GUID *HashAlgorithm,\r | |
666 | IN EFI_GUID *PaddingMethod,\r | |
667 | IN UINTN EncryptedSize,\r | |
668 | IN UINT8 *EncryptedData,\r | |
669 | IN OUT UINTN *PlaintextSize,\r | |
670 | OUT UINT8 *PlaintextData\r | |
671 | );\r | |
672 | \r | |
673 | /**\r | |
674 | This function performs a secret Diffie Hellman agreement calculation that would\r | |
675 | be used to derive a symmetric encryption / decryption key.\r | |
676 | \r | |
677 | The function compute a DH agreement that should be diversified togenerate a symmetric\r | |
678 | key to proceed encryption or decryption.\r | |
679 | \r | |
680 | The application and the Smart Card shall agree on the diversification process.\r | |
681 | \r | |
682 | The KeyId must reference a key of one of the types: SC_EDGE_ECDH_256, SC_EDGE_ECDH_384\r | |
683 | or SC_EDGE_ECDH_521.\r | |
684 | \r | |
685 | @param[in] This Indicates a pointer to the calling context.\r | |
686 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
687 | @param[in] KeyId Identifier of the key container, retrieved\r | |
688 | in a key index item of credentials.\r | |
689 | @param[in] dataQx Public key x coordinate. Size is the same as\r | |
690 | key size for KeyId. Stored in big endian format.\r | |
691 | @param[in] dataQy Public key y coordinate. Size is the same as\r | |
692 | key size for KeyId. Stored in big endian format.\r | |
693 | @param[out] DHAgreement Buffer for DH agreement computed. Size must be\r | |
694 | bigger or equal to key size for KeyId.\r | |
695 | \r | |
696 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
697 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
698 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
699 | @retval EFI_INVALID_PARAMETER KeyId is not valid.\r | |
700 | @retval EFI_INVALID_PARAMETER dataQx is NULL.\r | |
701 | @retval EFI_INVALID_PARAMETER dataQy is NULL.\r | |
702 | @retval EFI_INVALID_PARAMETER DHAgreement is NULL.\r | |
703 | @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.\r | |
704 | PIN not verified.\r | |
705 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
706 | has been removed. A Disconnect should be performed.\r | |
707 | \r | |
708 | **/\r | |
709 | typedef\r | |
710 | EFI_STATUS\r | |
711 | (EFIAPI *EFI_SMART_CARD_EDGE_BUILD_DH_AGREEMENT) (\r | |
712 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
713 | IN EFI_HANDLE SCardHandle,\r | |
714 | IN UINTN KeyId,\r | |
715 | IN UINT8 *dataQx,\r | |
716 | IN UINT8 *dataQy,\r | |
717 | OUT UINT8 *DHAgreement\r | |
718 | );\r | |
719 | \r | |
720 | ///\r | |
721 | /// Smart card aware application invokes this protocol to get access to an inserted\r | |
722 | /// smart card in the reader or to the reader itself.\r | |
723 | ///\r | |
724 | struct _EFI_SMART_CARD_EDGE_PROTOCOL {\r | |
725 | EFI_SMART_CARD_EDGE_GET_CONTEXT GetContext;\r | |
726 | EFI_SMART_CARD_EDGE_CONNECT Connect;\r | |
727 | EFI_SMART_CARD_EDGE_DISCONNECT Disconnect;\r | |
728 | EFI_SMART_CARD_EDGE_GET_CSN GetCsn;\r | |
729 | EFI_SMART_CARD_EDGE_GET_READER_NAME GetReaderName;\r | |
730 | EFI_SMART_CARD_EDGE_VERIFY_PIN VerifyPin;\r | |
731 | EFI_SMART_CARD_EDGE_GET_PIN_REMAINING GetPinRemaining;\r | |
732 | EFI_SMART_CARD_EDGE_GET_DATA GetData;\r | |
733 | EFI_SMART_CARD_EDGE_GET_CREDENTIAL GetCredential;\r | |
734 | EFI_SMART_CARD_EDGE_SIGN_DATA SignData;\r | |
735 | EFI_SMART_CARD_EDGE_DECRYPT_DATA DecryptData;\r | |
736 | EFI_SMART_CARD_EDGE_BUILD_DH_AGREEMENT BuildDHAgreement;\r | |
737 | };\r | |
738 | \r | |
739 | extern EFI_GUID gEfiSmartCardEdgeProtocolGuid;\r | |
740 | \r | |
741 | #endif\r | |
742 | \r |