]>
Commit | Line | Data |
---|---|---|
21bd4958 FT |
1 | /** @file\r |
2 | The Smart Card Edge Protocol provides an abstraction for device to provide Smart\r | |
3 | Card support.\r | |
4 | \r | |
5 | This protocol allows UEFI applications to interface with a Smart Card during\r | |
6 | boot process for authentication or data signing/decryption, especially if the\r | |
7 | application has to make use of PKI.\r | |
8 | \r | |
9 | Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>\r | |
10 | This program and the accompanying materials\r | |
11 | are licensed and made available under the terms and conditions of the BSD License\r | |
12 | which accompanies this distribution. The full text of the license may be found at\r | |
13 | http://opensource.org/licenses/bsd-license.php\r | |
14 | \r | |
15 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
16 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
17 | \r | |
18 | **/\r | |
19 | \r | |
20 | #ifndef __SMART_CARD_EDGE_H__\r | |
21 | #define __SMART_CARD_EDGE_H__\r | |
22 | \r | |
23 | #define EFI_SMART_CARD_EDGE_PROTOCOL_GUID \\r | |
24 | { \\r | |
25 | 0xd317f29b, 0xa325, 0x4712, {0x9b, 0xf1, 0xc6, 0x19, 0x54, 0xdc, 0x19, 0x8c} \\r | |
26 | }\r | |
27 | \r | |
28 | typedef struct _EFI_SMART_CARD_EDGE_PROTOCOL EFI_SMART_CARD_EDGE_PROTOCOL;\r | |
29 | \r | |
30 | //\r | |
31 | // Maximum size for a Smart Card AID (Application IDentifier)\r | |
32 | //\r | |
33 | #define SCARD_AID_MAXSIZE 0x0010\r | |
34 | //\r | |
35 | // Size of CSN (Card Serial Number)\r | |
36 | //\r | |
37 | #define SCARD_CSN_SIZE 0x0010\r | |
38 | //\r | |
39 | // Current specification version 1.00\r | |
40 | //\r | |
41 | #define SMART_CARD_EDGE_PROTOCOL_VERSION_1 0x00000100\r | |
42 | //\r | |
43 | // Parameters type definition\r | |
44 | //\r | |
45 | typedef UINT8 SMART_CARD_AID[SCARD_AID_MAXSIZE];\r | |
46 | typedef UINT8 SMART_CARD_CSN[SCARD_CSN_SIZE];\r | |
47 | \r | |
48 | //\r | |
49 | // Type of data elements in credentials list\r | |
50 | //\r | |
51 | // value of tag field for header, the number of containers\r | |
52 | //\r | |
53 | #define SC_EDGE_TAG_HEADER 0x0000\r | |
54 | //\r | |
55 | // value of tag field for certificate\r | |
56 | //\r | |
57 | #define SC_EDGE_TAG_CERT 0x0001\r | |
58 | //\r | |
59 | // value of tag field for key index associated with certificate\r | |
60 | //\r | |
61 | #define SC_EDGE_TAG_KEY_ID 0x0002\r | |
62 | //\r | |
63 | // value of tag field for key type\r | |
64 | //\r | |
65 | #define SC_EDGE_TAG_KEY_TYPE 0x0003\r | |
66 | //\r | |
67 | // value of tag field for key size\r | |
68 | //\r | |
69 | #define SC_EDGE_TAG_KEY_SIZE 0x0004\r | |
70 | \r | |
71 | //\r | |
72 | // Length of L fields of TLV items\r | |
73 | //\r | |
74 | //\r | |
75 | // size of L field for header\r | |
76 | //\r | |
77 | #define SC_EDGE_L_SIZE_HEADER 1\r | |
78 | //\r | |
79 | // size of L field for certificate (big endian)\r | |
80 | //\r | |
81 | #define SC_EDGE_L_SIZE_CERT 2\r | |
82 | //\r | |
83 | // size of L field for key index\r | |
84 | //\r | |
85 | #define SC_EDGE_L_SIZE_KEY_ID 1\r | |
86 | //\r | |
87 | // size of L field for key type\r | |
88 | //\r | |
89 | #define SC_EDGE_L_SIZE_KEY_TYPE 1\r | |
90 | //\r | |
91 | // size of L field for key size (big endian)\r | |
92 | //\r | |
93 | #define SC_EDGE_L_SIZE_KEY_SIZE 2\r | |
94 | \r | |
95 | //\r | |
96 | // Some TLV items have a fixed value for L field\r | |
97 | //\r | |
98 | // value of L field for header\r | |
99 | //\r | |
100 | #define SC_EDGE_L_VALUE_HEADER 1\r | |
101 | //\r | |
102 | // value of L field for key index\r | |
103 | //\r | |
104 | #define SC_EDGE_L_VALUE_KEY_ID 1\r | |
105 | //\r | |
106 | // value of L field for key type\r | |
107 | //\r | |
108 | #define SC_EDGE_L_VALUE_KEY_TYPE 1\r | |
109 | //\r | |
110 | // value of L field for key size\r | |
111 | //\r | |
112 | #define SC_EDGE_L_VALUE_KEY_SIZE 2\r | |
113 | \r | |
114 | //\r | |
115 | // Possible values for key type\r | |
116 | //\r | |
117 | //\r | |
118 | // RSA decryption\r | |
119 | //\r | |
120 | #define SC_EDGE_RSA_EXCHANGE 0x01\r | |
121 | //\r | |
122 | // RSA signature\r | |
123 | //\r | |
124 | #define SC_EDGE_RSA_SIGNATURE 0x02\r | |
125 | //\r | |
126 | // ECDSA signature\r | |
127 | //\r | |
128 | #define SC_EDGE_ECDSA_256 0x03\r | |
129 | //\r | |
130 | // ECDSA signature\r | |
131 | //\r | |
132 | #define SC_EDGE_ECDSA_384 0x04\r | |
133 | //\r | |
134 | // ECDSA signature\r | |
135 | //\r | |
136 | #define SC_EDGE_ECDSA_521 0x05\r | |
137 | //\r | |
138 | // ECDH agreement\r | |
139 | //\r | |
140 | #define SC_EDGE_ECDH_256 0x06\r | |
141 | //\r | |
142 | // ECDH agreement\r | |
143 | //\r | |
144 | #define SC_EDGE_ECDH_384 0x07\r | |
145 | //\r | |
146 | // ECDH agreement\r | |
147 | //\r | |
148 | #define SC_EDGE_ECDH_521 0x08\r | |
149 | \r | |
150 | //\r | |
151 | // Padding methods GUIDs for signature\r | |
152 | //\r | |
153 | //\r | |
154 | // RSASSA- PKCS#1-V1.5 padding method, for signature\r | |
155 | //\r | |
156 | #define EFI_PADDING_RSASSA_PKCS1V1P5_GUID \\r | |
157 | { \\r | |
158 | 0x9317ec24, 0x7cb0, 0x4d0e, {0x8b, 0x32, 0x2e, 0xd9, 0x20, 0x9c, 0xd8, 0xaf} \\r | |
159 | }\r | |
160 | \r | |
161 | extern EFI_GUID gEfiPaddingRsassaPkcs1V1P5Guid;\r | |
162 | \r | |
163 | //\r | |
164 | // RSASSA-PSS padding method, for signature\r | |
165 | //\r | |
166 | #define EFI_PADDING_RSASSA_PSS_GUID \\r | |
167 | { \\r | |
168 | 0x7b2349e0, 0x522d, 0x4f8e, {0xb9, 0x27, 0x69, 0xd9, 0x7c, 0x9e, 0x79, 0x5f} \\r | |
169 | }\r | |
170 | \r | |
171 | extern EFI_GUID gEfiPaddingRsassaPssGuid;\r | |
172 | \r | |
173 | //\r | |
174 | // Padding methods GUIDs for decryption\r | |
175 | //\r | |
176 | //\r | |
177 | // No padding, for decryption\r | |
178 | //\r | |
179 | #define EFI_PADDING_NONE_GUID \\r | |
180 | { \\r | |
181 | 0x3629ddb1, 0x228c, 0x452e, {0xb6, 0x16, 0x09, 0xed, 0x31, 0x6a, 0x97, 0x00} \\r | |
182 | }\r | |
183 | \r | |
184 | extern EFI_GUID gEfiPaddingNoneGuid;\r | |
185 | \r | |
186 | //\r | |
187 | // RSAES-PKCS#1-V1.5 padding, for decryption\r | |
188 | //\r | |
189 | #define EFI_PADDING_RSAES_PKCS1V1P5_GUID \\r | |
190 | { \\r | |
191 | 0xe1c1d0a9, 0x40b1, 0x4632, {0xbd, 0xcc, 0xd9, 0xd6, 0xe5, 0x29, 0x56, 0x31} \\r | |
192 | }\r | |
193 | \r | |
194 | extern EFI_GUID gEfiPaddingRsaesPkcs1V1P5Guid;\r | |
195 | \r | |
196 | //\r | |
197 | // RSAES-OAEP padding, for decryption\r | |
198 | //\r | |
199 | #define EFI_PADDING_RSAES_OAEP_GUID \\r | |
200 | { \\r | |
201 | 0xc1e63ac4, 0xd0cf, 0x4ce6, {0x83, 0x5b, 0xee, 0xd0, 0xe6, 0xa8, 0xa4, 0x5b} \\r | |
202 | }\r | |
203 | \r | |
204 | extern EFI_GUID gEfiPaddingRsaesOaepGuid;\r | |
205 | \r | |
206 | /**\r | |
207 | This function retrieves the context driver.\r | |
208 | \r | |
209 | The GetContextfunction returns the context of the protocol, the application\r | |
210 | identifiers supported by the protocol and the number and the CSN unique identifier\r | |
211 | of Smart Cards that are present and supported by protocol.\r | |
212 | \r | |
213 | If AidTableSize, AidTable, CsnTableSize, CsnTable or VersionProtocol is NULL,\r | |
214 | the function does not fail but does not fill in such variables.\r | |
215 | \r | |
216 | In case AidTableSize indicates a buffer too small to hold all the protocol AID table,\r | |
217 | only the first AidTableSize items of the table are returned in AidTable.\r | |
218 | \r | |
219 | In case CsnTableSize indicates a buffer too small to hold the entire table of\r | |
220 | Smart Card CSN present, only the first CsnTableSize items of the table are returned\r | |
221 | in CsnTable.\r | |
222 | \r | |
223 | VersionScEdgeProtocol returns the version of the EFI_SMART_CARD_EDGE_PROTOCOL this\r | |
224 | driver uses. For this protocol specification value is SMART_CARD_EDGE_PROTOCOL_VERSION_1.\r | |
225 | \r | |
226 | In case of Smart Card removal the internal CSN list is immediately updated, even if\r | |
227 | a connection is opened with that Smart Card.\r | |
228 | \r | |
229 | @param[in] This Indicates a pointer to the calling context.\r | |
230 | @param[out] NumberAidSupported Number of AIDs this protocol supports.\r | |
231 | @param[in, out] AidTableSize On input, number of items allocated for the\r | |
232 | AID table. On output, number of items returned\r | |
233 | by protocol.\r | |
234 | @param[out] AidTable Table of the AIDs supported by the protocol.\r | |
235 | @param[out] NumberSCPresent Number of currently present Smart Cards that\r | |
236 | are supported by protocol.\r | |
237 | @param[in, out] CsnTableSize On input, the number of items the buffer CSN\r | |
238 | table can contain. On output, the number of\r | |
239 | items returned by the protocol.\r | |
240 | @param[out] CsnTable Table of the CSN of the Smart Card present and\r | |
241 | supported by protocol.\r | |
242 | @param[out] VersionScEdgeProtocol EFI_SMART_CARD_EDGE_PROTOCOL version.\r | |
243 | \r | |
244 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
245 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
246 | @retval EFI_INVALID_PARAMETER NumberSCPresent is NULL.\r | |
247 | \r | |
248 | **/\r | |
249 | typedef\r | |
250 | EFI_STATUS\r | |
251 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_CONTEXT) (\r | |
252 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
253 | OUT UINTN *NumberAidSupported,\r | |
254 | IN OUT UINTN *AidTableSize OPTIONAL,\r | |
255 | OUT SMART_CARD_AID *AidTable OPTIONAL,\r | |
256 | OUT UINTN *NumberSCPresent,\r | |
257 | IN OUT UINTN *CsnTableSize OPTIONAL,\r | |
258 | OUT SMART_CARD_CSN *CsnTable OPTIONAL,\r | |
259 | OUT UINT32 *VersionScEdgeProtocol OPTIONAL\r | |
260 | );\r | |
261 | \r | |
262 | /**\r | |
263 | This function establish a connection with a Smart Card the protocol support.\r | |
264 | \r | |
265 | In case of success the SCardHandle can be used.\r | |
266 | \r | |
267 | If the ScardCsn is NULL the connection is established with the first Smart Card\r | |
268 | the protocol finds in its table of Smart Card present and supported. Else it\r | |
269 | establish context with the Smart Card whose CSN given by ScardCsn.\r | |
270 | \r | |
271 | If ScardAid is not NULL the function returns the Smart Card AID the protocol supports.\r | |
272 | After a successful connect the SCardHandle will remain existing even in case Smart Card\r | |
273 | removed from Smart Card reader, but all function invoking this SCardHandle will fail.\r | |
274 | SCardHandle is released only on Disconnect.\r | |
275 | \r | |
276 | @param[in] This Indicates a pointer to the calling context.\r | |
277 | @param[out] SCardHandle Handle on Smart Card connection.\r | |
278 | @param[in] ScardCsn CSN of the Smart Card the connection has to be\r | |
279 | established.\r | |
280 | @param[out] ScardAid AID of the Smart Card the connection has been\r | |
281 | established.\r | |
282 | \r | |
283 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
284 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
285 | @retval EFI_INVALID_PARAMETER SCardHandle is NULL.\r | |
286 | @retval EFI_NO_MEDIA No Smart Card supported by protocol is present,\r | |
287 | Smart Card with CSN ScardCsn or Reader has been\r | |
288 | removed. A Disconnect should be performed.\r | |
289 | \r | |
290 | **/\r | |
291 | typedef\r | |
292 | EFI_STATUS\r | |
293 | (EFIAPI *EFI_SMART_CARD_EDGE_CONNECT) (\r | |
294 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
295 | OUT EFI_HANDLE *SCardHandle,\r | |
296 | IN UINT8 *ScardCsn OPTIONAL,\r | |
297 | OUT UINT8 *ScardAid OPTIONAL\r | |
298 | );\r | |
299 | \r | |
300 | /**\r | |
301 | This function releases a connection previously established by Connect.\r | |
302 | \r | |
303 | The Disconnect function releases the connection previously established by\r | |
304 | a Connect. In case the Smart Card or the Smart Card reader has been removed\r | |
305 | before this call, this function returns EFI_SUCCESS.\r | |
306 | \r | |
307 | @param[in] This Indicates a pointer to the calling context.\r | |
308 | @param[in] SCardHandle Handle on Smart Card connection to release.\r | |
309 | \r | |
310 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
311 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
312 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
313 | \r | |
314 | **/\r | |
315 | typedef\r | |
316 | EFI_STATUS\r | |
317 | (EFIAPI *EFI_SMART_CARD_EDGE_DISCONNECT) (\r | |
318 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
319 | IN EFI_HANDLE SCardHandle\r | |
320 | );\r | |
321 | \r | |
322 | /**\r | |
323 | This function returns the Smart Card serial number.\r | |
324 | \r | |
325 | @param[in] This Indicates a pointer to the calling context.\r | |
326 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
327 | @param[out] Csn The Card Serial number, 16 bytes array.\r | |
328 | \r | |
329 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
330 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
331 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
332 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
333 | has been removed. A Disconnect should be performed.\r | |
334 | \r | |
335 | **/\r | |
336 | typedef\r | |
337 | EFI_STATUS\r | |
338 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_CSN) (\r | |
339 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
340 | IN EFI_HANDLE SCardHandle,\r | |
341 | OUT UINT8 Csn[SCARD_CSN_SIZE]\r | |
342 | );\r | |
343 | \r | |
344 | /**\r | |
345 | This function returns the name of the Smart Card reader used for this connection.\r | |
346 | \r | |
347 | @param[in] This Indicates a pointer to the calling context.\r | |
348 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
349 | @param[in, out] ReaderNameLength On input, a pointer to the variable that holds\r | |
350 | the maximal size, in bytes, of ReaderName.\r | |
351 | On output, the required size, in bytes, for ReaderName.\r | |
352 | @param[out] ReaderName A pointer to a NULL terminated string that will\r | |
353 | contain the reader name.\r | |
354 | \r | |
355 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
356 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
357 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
358 | @retval EFI_INVALID_PARAMETER ReaderNameLength is NULL.\r | |
359 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
360 | has been removed. A Disconnect should be performed.\r | |
361 | \r | |
362 | **/\r | |
363 | typedef\r | |
364 | EFI_STATUS\r | |
365 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_READER_NAME) (\r | |
366 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
367 | IN EFI_HANDLE SCardHandle,\r | |
368 | IN OUT UINTN *ReaderNameLength,\r | |
369 | OUT CHAR16 *ReaderName OPTIONAL\r | |
370 | );\r | |
371 | \r | |
372 | /**\r | |
373 | This function authenticates a Smart Card user by presenting a PIN code.\r | |
374 | \r | |
375 | The VerifyPinfunction presents a PIN code to the Smart Card.\r | |
376 | \r | |
377 | If Smart Card found the PIN code correct the user is considered authenticated\r | |
378 | to current application, and the function returns TRUE.\r | |
379 | \r | |
380 | Negative or null PinSize value rejected if PinCodeis not NULL.\r | |
381 | \r | |
382 | A NULL PinCodebuffer means the application didn't know the PIN, in that case:\r | |
383 | - If PinSize value is negative the caller only wants to know if the current\r | |
384 | chain of the elements Smart Card Edge protocol, Smart Card Reader protocol\r | |
385 | and Smart Card Reader supports the Secure Pin Entry PCSC V2 functionality.\r | |
386 | - If PinSize value is positive or null the caller ask to perform the verify\r | |
387 | PIN using the Secure PIN Entry functionality.\r | |
388 | \r | |
389 | In PinCode buffer, the PIN value is always given in plaintext, in case of secure\r | |
390 | messaging the SMART_CARD_EDGE_PROTOCOL will be in charge of all intermediate\r | |
391 | treatments to build the correct Smart Card APDU.\r | |
392 | \r | |
393 | @param[in] This Indicates a pointer to the calling context.\r | |
394 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
395 | @param[in] PinSize PIN code buffer size.\r | |
396 | @param[in] PinCode PIN code to present to the Smart Card.\r | |
397 | @param[out] PinResult Result of PIN code presentation to the Smart Card.\r | |
398 | TRUE when Smard Card founds the PIN code correct.\r | |
399 | @param[out] RemainingAttempts Number of attempts still possible.\r | |
400 | \r | |
401 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
402 | @retval EFI_UNSUPPORTED Pinsize < 0 and Secure PIN Entry functionality not\r | |
403 | supported.\r | |
404 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
405 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
406 | @retval EFI_INVALID_PARAMETER Bad value for PinSize: value not supported by Smart\r | |
407 | Card or, negative with PinCode not null.\r | |
408 | @retval EFI_INVALID_PARAMETER PinResult is NULL.\r | |
409 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
410 | has been removed. A Disconnect should be performed.\r | |
411 | \r | |
412 | **/\r | |
413 | typedef\r | |
414 | EFI_STATUS\r | |
415 | (EFIAPI *EFI_SMART_CARD_EDGE_VERIFY_PIN) (\r | |
416 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
417 | IN EFI_HANDLE SCardHandle,\r | |
418 | IN INT32 PinSize,\r | |
419 | IN UINT8 *PinCode,\r | |
420 | OUT BOOLEAN *PinResult,\r | |
421 | OUT UINT32 *RemainingAttempts OPTIONAL\r | |
422 | );\r | |
423 | \r | |
424 | /**\r | |
425 | This function gives the remaining number of attempts for PIN code presentation.\r | |
426 | \r | |
427 | The number of attempts to present a correct PIN is limited and depends on Smart\r | |
428 | Card and on PIN.\r | |
429 | \r | |
430 | This function will retrieve the number of remaining possible attempts.\r | |
431 | \r | |
432 | @param[in] This Indicates a pointer to the calling context.\r | |
433 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
434 | @param[out] RemainingAttempts Number of attempts still possible.\r | |
435 | \r | |
436 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
437 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
438 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
439 | @retval EFI_INVALID_PARAMETER RemainingAttempts is NULL.\r | |
440 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
441 | has been removed. A Disconnect should be performed.\r | |
442 | \r | |
443 | **/\r | |
444 | typedef\r | |
445 | EFI_STATUS\r | |
446 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_PIN_REMAINING) (\r | |
447 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
448 | IN EFI_HANDLE SCardHandle,\r | |
449 | OUT UINT32 *RemainingAttempts\r | |
450 | );\r | |
451 | \r | |
452 | /**\r | |
453 | This function returns a specific data from Smart Card.\r | |
454 | \r | |
455 | The function is generic for any kind of data, but driver and application must\r | |
456 | share an EFI_GUID that identify the data.\r | |
457 | \r | |
458 | @param[in] This Indicates a pointer to the calling context.\r | |
459 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
460 | @param[in] DataId The type identifier of the data to get.\r | |
461 | @param[in, out] DataSize On input, in bytes, the size of Data. On output,\r | |
462 | in bytes, the size of buffer required to store\r | |
463 | the specified data.\r | |
464 | @param[out] Data The data buffer in which the data is returned.\r | |
465 | The type of the data buffer is associated with\r | |
466 | the DataId. Ignored if *DataSize is 0.\r | |
467 | \r | |
468 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
469 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
470 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
471 | @retval EFI_INVALID_PARAMETER DataId is NULL.\r | |
472 | @retval EFI_INVALID_PARAMETER DataSize is NULL.\r | |
473 | @retval EFI_INVALID_PARAMETER Data is NULL, and *DataSize is not zero.\r | |
474 | @retval EFI_NOT_FOUND DataId unknown for this driver.\r | |
475 | @retval EFI_BUFFER_TOO_SMALL The size of Data is too small for the specified\r | |
476 | data and the required size is returned in DataSize.\r | |
477 | @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.\r | |
478 | PIN not verified.\r | |
479 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
480 | has been removed. A Disconnect should be performed.\r | |
481 | \r | |
482 | **/\r | |
483 | typedef\r | |
484 | EFI_STATUS\r | |
485 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_DATA) (\r | |
486 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
487 | IN EFI_HANDLE SCardHandle,\r | |
488 | IN EFI_GUID *DataId,\r | |
489 | IN OUT UINTN *DataSize,\r | |
490 | OUT VOID *Data OPTIONAL\r | |
491 | );\r | |
492 | \r | |
493 | /**\r | |
494 | This function retrieve credentials store into the Smart Card.\r | |
495 | \r | |
496 | The function returns a series of items in TLV (Tag Length Value) format.\r | |
497 | \r | |
498 | First TLV item is the header item that gives the number of following\r | |
499 | containers (0x00, 0x01, Nb containers).\r | |
500 | \r | |
501 | All these containers are a series of 4 TLV items:\r | |
502 | - The certificate item (0x01, certificate size, certificate)\r | |
503 | - The Key identifier item (0x02, 0x01, key index)\r | |
504 | - The key type item (0x03, 0x01, key type)\r | |
505 | - The key size item (0x04, 0x02, key size), key size in number of bits.\r | |
506 | Numeric multi-bytes values are on big endian format, most significant byte first:\r | |
507 | - The L field value for certificate (2 bytes)\r | |
508 | - The L field value for key size (2 bytes)\r | |
509 | - The value field for key size (2 bytes)\r | |
510 | \r | |
511 | @param[in] This Indicates a pointer to the calling context.\r | |
512 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
513 | @param[in, out] CredentialSize On input, in bytes, the size of buffer to store\r | |
514 | the list of credential.\r | |
515 | On output, in bytes, the size of buffer required\r | |
516 | to store the entire list of credentials.\r | |
517 | \r | |
518 | @param[out] CredentialList List of credentials stored into the Smart Card.\r | |
519 | A list of TLV (Tag Length Value) elements organized\r | |
520 | in containers array.\r | |
521 | \r | |
522 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
523 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
524 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
525 | @retval EFI_INVALID_PARAMETER CredentialSize is NULL.\r | |
526 | @retval EFI_INVALID_PARAMETER CredentialList is NULL, if CredentialSize is not zero.\r | |
527 | @retval EFI_BUFFER_TOO_SMALL The size of CredentialList is too small for the\r | |
528 | specified data and the required size is returned in\r | |
529 | CredentialSize.\r | |
530 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
531 | has been removed. A Disconnect should be performed.\r | |
532 | \r | |
533 | **/\r | |
534 | typedef\r | |
535 | EFI_STATUS\r | |
536 | (EFIAPI *EFI_SMART_CARD_EDGE_GET_CREDENTIAL) (\r | |
537 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
538 | IN EFI_HANDLE SCardHandle,\r | |
539 | IN OUT UINTN *CredentialSize,\r | |
540 | OUT UINT8 *CredentialList OPTIONAL\r | |
541 | );\r | |
542 | \r | |
543 | /**\r | |
544 | This function signs an already hashed data with a Smart Card private key.\r | |
545 | \r | |
546 | This function signs data, actually it is the hash of these data that is given\r | |
547 | to the function.\r | |
548 | \r | |
549 | SignatureData buffer shall be big enough for signature. Signature size is\r | |
550 | function key size and key type.\r | |
551 | \r | |
552 | @param[in] This Indicates a pointer to the calling context.\r | |
553 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
554 | @param[in] KeyId Identifier of the key container, retrieved\r | |
555 | in a key index item of credentials.\r | |
556 | @param[in] KeyType The key type, retrieved in a key type item of\r | |
557 | credentials.\r | |
558 | \r | |
559 | @param[in] HashAlgorithm Hash algorithm used to hash the, one of:\r | |
560 | - EFI_HASH_ALGORITHM_SHA1_GUID\r | |
561 | - EFI_HASH_ALGORITHM_SHA256_GUID\r | |
562 | - EFI_HASH_ALGORITHM_SHA384_GUID\r | |
563 | - EFI_HASH_ALGORITHM_SHA512_GUID\r | |
564 | @param[in] PaddingMethod Padding method used jointly with hash algorithm,\r | |
565 | one of:\r | |
566 | - EFI_PADDING_RSASSA_PKCS1V1P5_GUID\r | |
567 | - EFI_PADDING_RSASSA_PSS_GUID\r | |
568 | @param[in] HashedData Hash of the data to sign. Size is function of the\r | |
569 | HashAlgorithm.\r | |
570 | \r | |
571 | @param[out] SignatureData Resulting signature with private key KeyId. Size\r | |
572 | is function of the KeyType and key size retrieved\r | |
573 | in the associated key size item of credentials.\r | |
574 | \r | |
575 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
576 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
577 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
578 | @retval EFI_INVALID_PARAMETER KeyId is not valid.\r | |
579 | @retval EFI_INVALID_PARAMETER KeyType is not valid or not corresponding to KeyId.\r | |
580 | @retval EFI_INVALID_PARAMETER HashAlgorithm is NULL.\r | |
581 | @retval EFI_INVALID_PARAMETER HashAlgorithm is not valid.\r | |
582 | @retval EFI_INVALID_PARAMETER PaddingMethod is NULL.\r | |
583 | @retval EFI_INVALID_PARAMETER PaddingMethod is not valid.\r | |
584 | @retval EFI_INVALID_PARAMETER HashedData is NULL.\r | |
585 | @retval EFI_INVALID_PARAMETER SignatureData is NULL.\r | |
586 | @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.\r | |
587 | PIN not verified.\r | |
588 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
589 | has been removed. A Disconnect should be performed.\r | |
590 | \r | |
591 | **/\r | |
592 | typedef\r | |
593 | EFI_STATUS\r | |
594 | (EFIAPI *EFI_SMART_CARD_EDGE_SIGN_DATA) (\r | |
595 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
596 | IN EFI_HANDLE SCardHandle,\r | |
597 | IN UINTN KeyId,\r | |
598 | IN UINTN KeyType,\r | |
599 | IN EFI_GUID *HashAlgorithm,\r | |
600 | IN EFI_GUID *PaddingMethod,\r | |
601 | IN UINT8 *HashedData,\r | |
602 | OUT UINT8 *SignatureData\r | |
603 | );\r | |
604 | \r | |
605 | /**\r | |
606 | This function decrypts data with a PKI/RSA Smart Card private key.\r | |
607 | \r | |
608 | The function decrypts some PKI/RSA encrypted data with private key securely\r | |
609 | stored into the Smart Card.\r | |
610 | \r | |
611 | The KeyId must reference a key of type SC_EDGE_RSA_EXCHANGE.\r | |
612 | \r | |
613 | @param[in] This Indicates a pointer to the calling context.\r | |
614 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
615 | @param[in] KeyId Identifier of the key container, retrieved\r | |
616 | in a key index item of credentials.\r | |
617 | @param[in] HashAlgorithm Hash algorithm used to hash the, one of:\r | |
618 | - EFI_HASH_ALGORITHM_SHA1_GUID\r | |
619 | - EFI_HASH_ALGORITHM_SHA256_GUID\r | |
620 | - EFI_HASH_ALGORITHM_SHA384_GUID\r | |
621 | - EFI_HASH_ALGORITHM_SHA512_GUID\r | |
622 | @param[in] PaddingMethod Padding method used jointly with hash algorithm,\r | |
623 | one of:\r | |
624 | - EFI_PADDING_NONE_GUID\r | |
625 | - EFI_PADDING_RSAES_PKCS1V1P5_GUID\r | |
626 | - EFI_PADDING_RSAES_OAEP_GUID\r | |
627 | @param[in] EncryptedSize Size of data to decrypt.\r | |
628 | @param[in] EncryptedData Data to decrypt\r | |
629 | @param[in, out] PlaintextSize On input, in bytes, the size of buffer to store\r | |
630 | the decrypted data.\r | |
631 | On output, in bytes, the size of buffer required\r | |
632 | to store the decrypted data.\r | |
633 | @param[out] PlaintextData Buffer for decrypted data, padding removed.\r | |
634 | \r | |
635 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
636 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
637 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
638 | @retval EFI_INVALID_PARAMETER KeyId is not valid or associated key not of type\r | |
639 | SC_EDGE_RSA_EXCHANGE.\r | |
640 | @retval EFI_INVALID_PARAMETER HashAlgorithm is NULL.\r | |
641 | @retval EFI_INVALID_PARAMETER HashAlgorithm is not valid.\r | |
642 | @retval EFI_INVALID_PARAMETER PaddingMethod is NULL.\r | |
643 | @retval EFI_INVALID_PARAMETER PaddingMethod is not valid.\r | |
644 | @retval EFI_INVALID_PARAMETER EncryptedSize is 0.\r | |
645 | @retval EFI_INVALID_PARAMETER EncryptedData is NULL.\r | |
646 | @retval EFI_INVALID_PARAMETER PlaintextSize is NULL.\r | |
647 | @retval EFI_INVALID_PARAMETER PlaintextData is NULL.\r | |
648 | @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.\r | |
649 | PIN not verified.\r | |
650 | @retval EFI_BUFFER_TOO_SMALL PlaintextSize is too small for the plaintext data\r | |
651 | and the required size is returned in PlaintextSize.\r | |
652 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
653 | has been removed. A Disconnect should be performed.\r | |
654 | \r | |
655 | **/\r | |
656 | typedef\r | |
657 | EFI_STATUS\r | |
658 | (EFIAPI *EFI_SMART_CARD_EDGE_DECRYPT_DATA) (\r | |
659 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
660 | IN EFI_HANDLE SCardHandle,\r | |
661 | IN UINTN KeyId,\r | |
662 | IN EFI_GUID *HashAlgorithm,\r | |
663 | IN EFI_GUID *PaddingMethod,\r | |
664 | IN UINTN EncryptedSize,\r | |
665 | IN UINT8 *EncryptedData,\r | |
666 | IN OUT UINTN *PlaintextSize,\r | |
667 | OUT UINT8 *PlaintextData\r | |
668 | );\r | |
669 | \r | |
670 | /**\r | |
671 | This function performs a secret Diffie Hellman agreement calculation that would\r | |
672 | be used to derive a symmetric encryption / decryption key.\r | |
673 | \r | |
674 | The function compute a DH agreement that should be diversified togenerate a symmetric\r | |
675 | key to proceed encryption or decryption.\r | |
676 | \r | |
677 | The application and the Smart Card shall agree on the diversification process.\r | |
678 | \r | |
679 | The KeyId must reference a key of one of the types: SC_EDGE_ECDH_256, SC_EDGE_ECDH_384\r | |
680 | or SC_EDGE_ECDH_521.\r | |
681 | \r | |
682 | @param[in] This Indicates a pointer to the calling context.\r | |
683 | @param[in] SCardHandle Handle on Smart Card connection.\r | |
684 | @param[in] KeyId Identifier of the key container, retrieved\r | |
685 | in a key index item of credentials.\r | |
686 | @param[in] dataQx Public key x coordinate. Size is the same as\r | |
687 | key size for KeyId. Stored in big endian format.\r | |
688 | @param[in] dataQy Public key y coordinate. Size is the same as\r | |
689 | key size for KeyId. Stored in big endian format.\r | |
690 | @param[out] DHAgreement Buffer for DH agreement computed. Size must be\r | |
691 | bigger or equal to key size for KeyId.\r | |
692 | \r | |
693 | @retval EFI_SUCCESS The requested command completed successfully.\r | |
694 | @retval EFI_INVALID_PARAMETER This is NULL.\r | |
695 | @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.\r | |
696 | @retval EFI_INVALID_PARAMETER KeyId is not valid.\r | |
697 | @retval EFI_INVALID_PARAMETER dataQx is NULL.\r | |
698 | @retval EFI_INVALID_PARAMETER dataQy is NULL.\r | |
699 | @retval EFI_INVALID_PARAMETER DHAgreement is NULL.\r | |
700 | @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.\r | |
701 | PIN not verified.\r | |
702 | @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection\r | |
703 | has been removed. A Disconnect should be performed.\r | |
704 | \r | |
705 | **/\r | |
706 | typedef\r | |
707 | EFI_STATUS\r | |
708 | (EFIAPI *EFI_SMART_CARD_EDGE_BUILD_DH_AGREEMENT) (\r | |
709 | IN EFI_SMART_CARD_EDGE_PROTOCOL *This,\r | |
710 | IN EFI_HANDLE SCardHandle,\r | |
711 | IN UINTN KeyId,\r | |
712 | IN UINT8 *dataQx,\r | |
713 | IN UINT8 *dataQy,\r | |
714 | OUT UINT8 *DHAgreement\r | |
715 | );\r | |
716 | \r | |
717 | ///\r | |
718 | /// Smart card aware application invokes this protocol to get access to an inserted\r | |
719 | /// smart card in the reader or to the reader itself.\r | |
720 | ///\r | |
721 | struct _EFI_SMART_CARD_EDGE_PROTOCOL {\r | |
722 | EFI_SMART_CARD_EDGE_GET_CONTEXT GetContext;\r | |
723 | EFI_SMART_CARD_EDGE_CONNECT Connect;\r | |
724 | EFI_SMART_CARD_EDGE_DISCONNECT Disconnect;\r | |
725 | EFI_SMART_CARD_EDGE_GET_CSN GetCsn;\r | |
726 | EFI_SMART_CARD_EDGE_GET_READER_NAME GetReaderName;\r | |
727 | EFI_SMART_CARD_EDGE_VERIFY_PIN VerifyPin;\r | |
728 | EFI_SMART_CARD_EDGE_GET_PIN_REMAINING GetPinRemaining;\r | |
729 | EFI_SMART_CARD_EDGE_GET_DATA GetData;\r | |
730 | EFI_SMART_CARD_EDGE_GET_CREDENTIAL GetCredential;\r | |
731 | EFI_SMART_CARD_EDGE_SIGN_DATA SignData;\r | |
732 | EFI_SMART_CARD_EDGE_DECRYPT_DATA DecryptData;\r | |
733 | EFI_SMART_CARD_EDGE_BUILD_DH_AGREEMENT BuildDHAgreement;\r | |
734 | };\r | |
735 | \r | |
736 | extern EFI_GUID gEfiSmartCardEdgeProtocolGuid;\r | |
737 | \r | |
738 | #endif\r | |
739 | \r |