]> git.proxmox.com Git - mirror_edk2.git/blob - MdePkg/Include/Protocol/SmartCardEdge.h
projects / mirror_edk2.git / blob
? search:


3ec077175f68ca840ecc79e2d9bda371edef9ec9
[mirror_edk2.git] / MdePkg / Include / Protocol / SmartCardEdge.h
1 /** @file
2 The Smart Card Edge Protocol provides an abstraction for device to provide Smart
3 Card support.
4
5 This protocol allows UEFI applications to interface with a Smart Card during
6 boot process for authentication or data signing/decryption, especially if the
7 application has to make use of PKI.
8
9 Copyright (c) 2015-2018, Intel Corporation. All rights reserved.<BR>
10 This program and the accompanying materials
11 are licensed and made available under the terms and conditions of the BSD License
12 which accompanies this distribution. The full text of the license may be found at
13 http://opensource.org/licenses/bsd-license.php
14
15 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
16 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
17
18 @par Revision Reference:
19 This Protocol was introduced in UEFI Specification 2.5.
20
21 **/
22
23 #ifndef __SMART_CARD_EDGE_H__
24 #define __SMART_CARD_EDGE_H__
25
26 #define EFI_SMART_CARD_EDGE_PROTOCOL_GUID \
27 { \
28 0xd317f29b, 0xa325, 0x4712, {0x9b, 0xf1, 0xc6, 0x19, 0x54, 0xdc, 0x19, 0x8c} \
29 }
30
31 typedef struct _EFI_SMART_CARD_EDGE_PROTOCOL EFI_SMART_CARD_EDGE_PROTOCOL;
32
33 //
34 // Maximum size for a Smart Card AID (Application IDentifier)
35 //
36 #define SCARD_AID_MAXSIZE 0x0010
37 //
38 // Size of CSN (Card Serial Number)
39 //
40 #define SCARD_CSN_SIZE 0x0010
41 //
42 // Current specification version 1.00
43 //
44 #define SMART_CARD_EDGE_PROTOCOL_VERSION_1 0x00000100
45 //
46 // Parameters type definition
47 //
48 typedef UINT8 SMART_CARD_AID[SCARD_AID_MAXSIZE];
49 typedef UINT8 SMART_CARD_CSN[SCARD_CSN_SIZE];
50
51 //
52 // Type of data elements in credentials list
53 //
54 // value of tag field for header, the number of containers
55 //
56 #define SC_EDGE_TAG_HEADER 0x0000
57 //
58 // value of tag field for certificate
59 //
60 #define SC_EDGE_TAG_CERT 0x0001
61 //
62 // value of tag field for key index associated with certificate
63 //
64 #define SC_EDGE_TAG_KEY_ID 0x0002
65 //
66 // value of tag field for key type
67 //
68 #define SC_EDGE_TAG_KEY_TYPE 0x0003
69 //
70 // value of tag field for key size
71 //
72 #define SC_EDGE_TAG_KEY_SIZE 0x0004
73
74 //
75 // Length of L fields of TLV items
76 //
77 //
78 // size of L field for header
79 //
80 #define SC_EDGE_L_SIZE_HEADER 1
81 //
82 // size of L field for certificate (big endian)
83 //
84 #define SC_EDGE_L_SIZE_CERT 2
85 //
86 // size of L field for key index
87 //
88 #define SC_EDGE_L_SIZE_KEY_ID 1
89 //
90 // size of L field for key type
91 //
92 #define SC_EDGE_L_SIZE_KEY_TYPE 1
93 //
94 // size of L field for key size (big endian)
95 //
96 #define SC_EDGE_L_SIZE_KEY_SIZE 2
97
98 //
99 // Some TLV items have a fixed value for L field
100 //
101 // value of L field for header
102 //
103 #define SC_EDGE_L_VALUE_HEADER 1
104 //
105 // value of L field for key index
106 //
107 #define SC_EDGE_L_VALUE_KEY_ID 1
108 //
109 // value of L field for key type
110 //
111 #define SC_EDGE_L_VALUE_KEY_TYPE 1
112 //
113 // value of L field for key size
114 //
115 #define SC_EDGE_L_VALUE_KEY_SIZE 2
116
117 //
118 // Possible values for key type
119 //
120 //
121 // RSA decryption
122 //
123 #define SC_EDGE_RSA_EXCHANGE 0x01
124 //
125 // RSA signature
126 //
127 #define SC_EDGE_RSA_SIGNATURE 0x02
128 //
129 // ECDSA signature
130 //
131 #define SC_EDGE_ECDSA_256 0x03
132 //
133 // ECDSA signature
134 //
135 #define SC_EDGE_ECDSA_384 0x04
136 //
137 // ECDSA signature
138 //
139 #define SC_EDGE_ECDSA_521 0x05
140 //
141 // ECDH agreement
142 //
143 #define SC_EDGE_ECDH_256 0x06
144 //
145 // ECDH agreement
146 //
147 #define SC_EDGE_ECDH_384 0x07
148 //
149 // ECDH agreement
150 //
151 #define SC_EDGE_ECDH_521 0x08
152
153 //
154 // Padding methods GUIDs for signature
155 //
156 //
157 // RSASSA- PKCS#1-V1.5 padding method, for signature
158 //
159 #define EFI_PADDING_RSASSA_PKCS1V1P5_GUID \
160 { \
161 0x9317ec24, 0x7cb0, 0x4d0e, {0x8b, 0x32, 0x2e, 0xd9, 0x20, 0x9c, 0xd8, 0xaf} \
162 }
163
164 extern EFI_GUID gEfiPaddingRsassaPkcs1V1P5Guid;
165
166 //
167 // RSASSA-PSS padding method, for signature
168 //
169 #define EFI_PADDING_RSASSA_PSS_GUID \
170 { \
171 0x7b2349e0, 0x522d, 0x4f8e, {0xb9, 0x27, 0x69, 0xd9, 0x7c, 0x9e, 0x79, 0x5f} \
172 }
173
174 extern EFI_GUID gEfiPaddingRsassaPssGuid;
175
176 //
177 // Padding methods GUIDs for decryption
178 //
179 //
180 // No padding, for decryption
181 //
182 #define EFI_PADDING_NONE_GUID \
183 { \
184 0x3629ddb1, 0x228c, 0x452e, {0xb6, 0x16, 0x09, 0xed, 0x31, 0x6a, 0x97, 0x00} \
185 }
186
187 extern EFI_GUID gEfiPaddingNoneGuid;
188
189 //
190 // RSAES-PKCS#1-V1.5 padding, for decryption
191 //
192 #define EFI_PADDING_RSAES_PKCS1V1P5_GUID \
193 { \
194 0xe1c1d0a9, 0x40b1, 0x4632, {0xbd, 0xcc, 0xd9, 0xd6, 0xe5, 0x29, 0x56, 0x31} \
195 }
196
197 extern EFI_GUID gEfiPaddingRsaesPkcs1V1P5Guid;
198
199 //
200 // RSAES-OAEP padding, for decryption
201 //
202 #define EFI_PADDING_RSAES_OAEP_GUID \
203 { \
204 0xc1e63ac4, 0xd0cf, 0x4ce6, {0x83, 0x5b, 0xee, 0xd0, 0xe6, 0xa8, 0xa4, 0x5b} \
205 }
206
207 extern EFI_GUID gEfiPaddingRsaesOaepGuid;
208
209 /**
210 This function retrieves the context driver.
211
212 The GetContextfunction returns the context of the protocol, the application
213 identifiers supported by the protocol and the number and the CSN unique identifier
214 of Smart Cards that are present and supported by protocol.
215
216 If AidTableSize, AidTable, CsnTableSize, CsnTable or VersionProtocol is NULL,
217 the function does not fail but does not fill in such variables.
218
219 In case AidTableSize indicates a buffer too small to hold all the protocol AID table,
220 only the first AidTableSize items of the table are returned in AidTable.
221
222 In case CsnTableSize indicates a buffer too small to hold the entire table of
223 Smart Card CSN present, only the first CsnTableSize items of the table are returned
224 in CsnTable.
225
226 VersionScEdgeProtocol returns the version of the EFI_SMART_CARD_EDGE_PROTOCOL this
227 driver uses. For this protocol specification value is SMART_CARD_EDGE_PROTOCOL_VERSION_1.
228
229 In case of Smart Card removal the internal CSN list is immediately updated, even if
230 a connection is opened with that Smart Card.
231
232 @param[in] This Indicates a pointer to the calling context.
233 @param[out] NumberAidSupported Number of AIDs this protocol supports.
234 @param[in, out] AidTableSize On input, number of items allocated for the
235 AID table. On output, number of items returned
236 by protocol.
237 @param[out] AidTable Table of the AIDs supported by the protocol.
238 @param[out] NumberSCPresent Number of currently present Smart Cards that
239 are supported by protocol.
240 @param[in, out] CsnTableSize On input, the number of items the buffer CSN
241 table can contain. On output, the number of
242 items returned by the protocol.
243 @param[out] CsnTable Table of the CSN of the Smart Card present and
244 supported by protocol.
245 @param[out] VersionScEdgeProtocol EFI_SMART_CARD_EDGE_PROTOCOL version.
246
247 @retval EFI_SUCCESS The requested command completed successfully.
248 @retval EFI_INVALID_PARAMETER This is NULL.
249 @retval EFI_INVALID_PARAMETER NumberSCPresent is NULL.
250
251 **/
252 typedef
253 EFI_STATUS
254 (EFIAPI *EFI_SMART_CARD_EDGE_GET_CONTEXT) (
255 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
256 OUT UINTN *NumberAidSupported,
257 IN OUT UINTN *AidTableSize OPTIONAL,
258 OUT SMART_CARD_AID *AidTable OPTIONAL,
259 OUT UINTN *NumberSCPresent,
260 IN OUT UINTN *CsnTableSize OPTIONAL,
261 OUT SMART_CARD_CSN *CsnTable OPTIONAL,
262 OUT UINT32 *VersionScEdgeProtocol OPTIONAL
263 );
264
265 /**
266 This function establish a connection with a Smart Card the protocol support.
267
268 In case of success the SCardHandle can be used.
269
270 If the ScardCsn is NULL the connection is established with the first Smart Card
271 the protocol finds in its table of Smart Card present and supported. Else it
272 establish context with the Smart Card whose CSN given by ScardCsn.
273
274 If ScardAid is not NULL the function returns the Smart Card AID the protocol supports.
275 After a successful connect the SCardHandle will remain existing even in case Smart Card
276 removed from Smart Card reader, but all function invoking this SCardHandle will fail.
277 SCardHandle is released only on Disconnect.
278
279 @param[in] This Indicates a pointer to the calling context.
280 @param[out] SCardHandle Handle on Smart Card connection.
281 @param[in] ScardCsn CSN of the Smart Card the connection has to be
282 established.
283 @param[out] ScardAid AID of the Smart Card the connection has been
284 established.
285
286 @retval EFI_SUCCESS The requested command completed successfully.
287 @retval EFI_INVALID_PARAMETER This is NULL.
288 @retval EFI_INVALID_PARAMETER SCardHandle is NULL.
289 @retval EFI_NO_MEDIA No Smart Card supported by protocol is present,
290 Smart Card with CSN ScardCsn or Reader has been
291 removed. A Disconnect should be performed.
292
293 **/
294 typedef
295 EFI_STATUS
296 (EFIAPI *EFI_SMART_CARD_EDGE_CONNECT) (
297 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
298 OUT EFI_HANDLE *SCardHandle,
299 IN UINT8 *ScardCsn OPTIONAL,
300 OUT UINT8 *ScardAid OPTIONAL
301 );
302
303 /**
304 This function releases a connection previously established by Connect.
305
306 The Disconnect function releases the connection previously established by
307 a Connect. In case the Smart Card or the Smart Card reader has been removed
308 before this call, this function returns EFI_SUCCESS.
309
310 @param[in] This Indicates a pointer to the calling context.
311 @param[in] SCardHandle Handle on Smart Card connection to release.
312
313 @retval EFI_SUCCESS The requested command completed successfully.
314 @retval EFI_INVALID_PARAMETER This is NULL.
315 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
316
317 **/
318 typedef
319 EFI_STATUS
320 (EFIAPI *EFI_SMART_CARD_EDGE_DISCONNECT) (
321 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
322 IN EFI_HANDLE SCardHandle
323 );
324
325 /**
326 This function returns the Smart Card serial number.
327
328 @param[in] This Indicates a pointer to the calling context.
329 @param[in] SCardHandle Handle on Smart Card connection.
330 @param[out] Csn The Card Serial number, 16 bytes array.
331
332 @retval EFI_SUCCESS The requested command completed successfully.
333 @retval EFI_INVALID_PARAMETER This is NULL.
334 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
335 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
336 has been removed. A Disconnect should be performed.
337
338 **/
339 typedef
340 EFI_STATUS
341 (EFIAPI *EFI_SMART_CARD_EDGE_GET_CSN) (
342 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
343 IN EFI_HANDLE SCardHandle,
344 OUT UINT8 Csn[SCARD_CSN_SIZE]
345 );
346
347 /**
348 This function returns the name of the Smart Card reader used for this connection.
349
350 @param[in] This Indicates a pointer to the calling context.
351 @param[in] SCardHandle Handle on Smart Card connection.
352 @param[in, out] ReaderNameLength On input, a pointer to the variable that holds
353 the maximal size, in bytes, of ReaderName.
354 On output, the required size, in bytes, for ReaderName.
355 @param[out] ReaderName A pointer to a NULL terminated string that will
356 contain the reader name.
357
358 @retval EFI_SUCCESS The requested command completed successfully.
359 @retval EFI_INVALID_PARAMETER This is NULL.
360 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
361 @retval EFI_INVALID_PARAMETER ReaderNameLength is NULL.
362 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
363 has been removed. A Disconnect should be performed.
364
365 **/
366 typedef
367 EFI_STATUS
368 (EFIAPI *EFI_SMART_CARD_EDGE_GET_READER_NAME) (
369 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
370 IN EFI_HANDLE SCardHandle,
371 IN OUT UINTN *ReaderNameLength,
372 OUT CHAR16 *ReaderName OPTIONAL
373 );
374
375 /**
376 This function authenticates a Smart Card user by presenting a PIN code.
377
378 The VerifyPinfunction presents a PIN code to the Smart Card.
379
380 If Smart Card found the PIN code correct the user is considered authenticated
381 to current application, and the function returns TRUE.
382
383 Negative or null PinSize value rejected if PinCodeis not NULL.
384
385 A NULL PinCodebuffer means the application didn't know the PIN, in that case:
386 - If PinSize value is negative the caller only wants to know if the current
387 chain of the elements Smart Card Edge protocol, Smart Card Reader protocol
388 and Smart Card Reader supports the Secure Pin Entry PCSC V2 functionality.
389 - If PinSize value is positive or null the caller ask to perform the verify
390 PIN using the Secure PIN Entry functionality.
391
392 In PinCode buffer, the PIN value is always given in plaintext, in case of secure
393 messaging the SMART_CARD_EDGE_PROTOCOL will be in charge of all intermediate
394 treatments to build the correct Smart Card APDU.
395
396 @param[in] This Indicates a pointer to the calling context.
397 @param[in] SCardHandle Handle on Smart Card connection.
398 @param[in] PinSize PIN code buffer size.
399 @param[in] PinCode PIN code to present to the Smart Card.
400 @param[out] PinResult Result of PIN code presentation to the Smart Card.
401 TRUE when Smard Card founds the PIN code correct.
402 @param[out] RemainingAttempts Number of attempts still possible.
403
404 @retval EFI_SUCCESS The requested command completed successfully.
405 @retval EFI_UNSUPPORTED Pinsize < 0 and Secure PIN Entry functionality not
406 supported.
407 @retval EFI_INVALID_PARAMETER This is NULL.
408 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
409 @retval EFI_INVALID_PARAMETER Bad value for PinSize: value not supported by Smart
410 Card or, negative with PinCode not null.
411 @retval EFI_INVALID_PARAMETER PinResult is NULL.
412 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
413 has been removed. A Disconnect should be performed.
414
415 **/
416 typedef
417 EFI_STATUS
418 (EFIAPI *EFI_SMART_CARD_EDGE_VERIFY_PIN) (
419 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
420 IN EFI_HANDLE SCardHandle,
421 IN INT32 PinSize,
422 IN UINT8 *PinCode,
423 OUT BOOLEAN *PinResult,
424 OUT UINT32 *RemainingAttempts OPTIONAL
425 );
426
427 /**
428 This function gives the remaining number of attempts for PIN code presentation.
429
430 The number of attempts to present a correct PIN is limited and depends on Smart
431 Card and on PIN.
432
433 This function will retrieve the number of remaining possible attempts.
434
435 @param[in] This Indicates a pointer to the calling context.
436 @param[in] SCardHandle Handle on Smart Card connection.
437 @param[out] RemainingAttempts Number of attempts still possible.
438
439 @retval EFI_SUCCESS The requested command completed successfully.
440 @retval EFI_INVALID_PARAMETER This is NULL.
441 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
442 @retval EFI_INVALID_PARAMETER RemainingAttempts is NULL.
443 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
444 has been removed. A Disconnect should be performed.
445
446 **/
447 typedef
448 EFI_STATUS
449 (EFIAPI *EFI_SMART_CARD_EDGE_GET_PIN_REMAINING) (
450 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
451 IN EFI_HANDLE SCardHandle,
452 OUT UINT32 *RemainingAttempts
453 );
454
455 /**
456 This function returns a specific data from Smart Card.
457
458 The function is generic for any kind of data, but driver and application must
459 share an EFI_GUID that identify the data.
460
461 @param[in] This Indicates a pointer to the calling context.
462 @param[in] SCardHandle Handle on Smart Card connection.
463 @param[in] DataId The type identifier of the data to get.
464 @param[in, out] DataSize On input, in bytes, the size of Data. On output,
465 in bytes, the size of buffer required to store
466 the specified data.
467 @param[out] Data The data buffer in which the data is returned.
468 The type of the data buffer is associated with
469 the DataId. Ignored if *DataSize is 0.
470
471 @retval EFI_SUCCESS The requested command completed successfully.
472 @retval EFI_INVALID_PARAMETER This is NULL.
473 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
474 @retval EFI_INVALID_PARAMETER DataId is NULL.
475 @retval EFI_INVALID_PARAMETER DataSize is NULL.
476 @retval EFI_INVALID_PARAMETER Data is NULL, and *DataSize is not zero.
477 @retval EFI_NOT_FOUND DataId unknown for this driver.
478 @retval EFI_BUFFER_TOO_SMALL The size of Data is too small for the specified
479 data and the required size is returned in DataSize.
480 @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.
481 PIN not verified.
482 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
483 has been removed. A Disconnect should be performed.
484
485 **/
486 typedef
487 EFI_STATUS
488 (EFIAPI *EFI_SMART_CARD_EDGE_GET_DATA) (
489 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
490 IN EFI_HANDLE SCardHandle,
491 IN EFI_GUID *DataId,
492 IN OUT UINTN *DataSize,
493 OUT VOID *Data OPTIONAL
494 );
495
496 /**
497 This function retrieve credentials store into the Smart Card.
498
499 The function returns a series of items in TLV (Tag Length Value) format.
500
501 First TLV item is the header item that gives the number of following
502 containers (0x00, 0x01, Nb containers).
503
504 All these containers are a series of 4 TLV items:
505 - The certificate item (0x01, certificate size, certificate)
506 - The Key identifier item (0x02, 0x01, key index)
507 - The key type item (0x03, 0x01, key type)
508 - The key size item (0x04, 0x02, key size), key size in number of bits.
509 Numeric multi-bytes values are on big endian format, most significant byte first:
510 - The L field value for certificate (2 bytes)
511 - The L field value for key size (2 bytes)
512 - The value field for key size (2 bytes)
513
514 @param[in] This Indicates a pointer to the calling context.
515 @param[in] SCardHandle Handle on Smart Card connection.
516 @param[in, out] CredentialSize On input, in bytes, the size of buffer to store
517 the list of credential.
518 On output, in bytes, the size of buffer required
519 to store the entire list of credentials.
520
521 @param[out] CredentialList List of credentials stored into the Smart Card.
522 A list of TLV (Tag Length Value) elements organized
523 in containers array.
524
525 @retval EFI_SUCCESS The requested command completed successfully.
526 @retval EFI_INVALID_PARAMETER This is NULL.
527 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
528 @retval EFI_INVALID_PARAMETER CredentialSize is NULL.
529 @retval EFI_INVALID_PARAMETER CredentialList is NULL, if CredentialSize is not zero.
530 @retval EFI_BUFFER_TOO_SMALL The size of CredentialList is too small for the
531 specified data and the required size is returned in
532 CredentialSize.
533 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
534 has been removed. A Disconnect should be performed.
535
536 **/
537 typedef
538 EFI_STATUS
539 (EFIAPI *EFI_SMART_CARD_EDGE_GET_CREDENTIAL) (
540 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
541 IN EFI_HANDLE SCardHandle,
542 IN OUT UINTN *CredentialSize,
543 OUT UINT8 *CredentialList OPTIONAL
544 );
545
546 /**
547 This function signs an already hashed data with a Smart Card private key.
548
549 This function signs data, actually it is the hash of these data that is given
550 to the function.
551
552 SignatureData buffer shall be big enough for signature. Signature size is
553 function key size and key type.
554
555 @param[in] This Indicates a pointer to the calling context.
556 @param[in] SCardHandle Handle on Smart Card connection.
557 @param[in] KeyId Identifier of the key container, retrieved
558 in a key index item of credentials.
559 @param[in] KeyType The key type, retrieved in a key type item of
560 credentials.
561
562 @param[in] HashAlgorithm Hash algorithm used to hash the, one of:
563 - EFI_HASH_ALGORITHM_SHA1_GUID
564 - EFI_HASH_ALGORITHM_SHA256_GUID
565 - EFI_HASH_ALGORITHM_SHA384_GUID
566 - EFI_HASH_ALGORITHM_SHA512_GUID
567 @param[in] PaddingMethod Padding method used jointly with hash algorithm,
568 one of:
569 - EFI_PADDING_RSASSA_PKCS1V1P5_GUID
570 - EFI_PADDING_RSASSA_PSS_GUID
571 @param[in] HashedData Hash of the data to sign. Size is function of the
572 HashAlgorithm.
573
574 @param[out] SignatureData Resulting signature with private key KeyId. Size
575 is function of the KeyType and key size retrieved
576 in the associated key size item of credentials.
577
578 @retval EFI_SUCCESS The requested command completed successfully.
579 @retval EFI_INVALID_PARAMETER This is NULL.
580 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
581 @retval EFI_INVALID_PARAMETER KeyId is not valid.
582 @retval EFI_INVALID_PARAMETER KeyType is not valid or not corresponding to KeyId.
583 @retval EFI_INVALID_PARAMETER HashAlgorithm is NULL.
584 @retval EFI_INVALID_PARAMETER HashAlgorithm is not valid.
585 @retval EFI_INVALID_PARAMETER PaddingMethod is NULL.
586 @retval EFI_INVALID_PARAMETER PaddingMethod is not valid.
587 @retval EFI_INVALID_PARAMETER HashedData is NULL.
588 @retval EFI_INVALID_PARAMETER SignatureData is NULL.
589 @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.
590 PIN not verified.
591 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
592 has been removed. A Disconnect should be performed.
593
594 **/
595 typedef
596 EFI_STATUS
597 (EFIAPI *EFI_SMART_CARD_EDGE_SIGN_DATA) (
598 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
599 IN EFI_HANDLE SCardHandle,
600 IN UINTN KeyId,
601 IN UINTN KeyType,
602 IN EFI_GUID *HashAlgorithm,
603 IN EFI_GUID *PaddingMethod,
604 IN UINT8 *HashedData,
605 OUT UINT8 *SignatureData
606 );
607
608 /**
609 This function decrypts data with a PKI/RSA Smart Card private key.
610
611 The function decrypts some PKI/RSA encrypted data with private key securely
612 stored into the Smart Card.
613
614 The KeyId must reference a key of type SC_EDGE_RSA_EXCHANGE.
615
616 @param[in] This Indicates a pointer to the calling context.
617 @param[in] SCardHandle Handle on Smart Card connection.
618 @param[in] KeyId Identifier of the key container, retrieved
619 in a key index item of credentials.
620 @param[in] HashAlgorithm Hash algorithm used to hash the, one of:
621 - EFI_HASH_ALGORITHM_SHA1_GUID
622 - EFI_HASH_ALGORITHM_SHA256_GUID
623 - EFI_HASH_ALGORITHM_SHA384_GUID
624 - EFI_HASH_ALGORITHM_SHA512_GUID
625 @param[in] PaddingMethod Padding method used jointly with hash algorithm,
626 one of:
627 - EFI_PADDING_NONE_GUID
628 - EFI_PADDING_RSAES_PKCS1V1P5_GUID
629 - EFI_PADDING_RSAES_OAEP_GUID
630 @param[in] EncryptedSize Size of data to decrypt.
631 @param[in] EncryptedData Data to decrypt
632 @param[in, out] PlaintextSize On input, in bytes, the size of buffer to store
633 the decrypted data.
634 On output, in bytes, the size of buffer required
635 to store the decrypted data.
636 @param[out] PlaintextData Buffer for decrypted data, padding removed.
637
638 @retval EFI_SUCCESS The requested command completed successfully.
639 @retval EFI_INVALID_PARAMETER This is NULL.
640 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
641 @retval EFI_INVALID_PARAMETER KeyId is not valid or associated key not of type
642 SC_EDGE_RSA_EXCHANGE.
643 @retval EFI_INVALID_PARAMETER HashAlgorithm is NULL.
644 @retval EFI_INVALID_PARAMETER HashAlgorithm is not valid.
645 @retval EFI_INVALID_PARAMETER PaddingMethod is NULL.
646 @retval EFI_INVALID_PARAMETER PaddingMethod is not valid.
647 @retval EFI_INVALID_PARAMETER EncryptedSize is 0.
648 @retval EFI_INVALID_PARAMETER EncryptedData is NULL.
649 @retval EFI_INVALID_PARAMETER PlaintextSize is NULL.
650 @retval EFI_INVALID_PARAMETER PlaintextData is NULL.
651 @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.
652 PIN not verified.
653 @retval EFI_BUFFER_TOO_SMALL PlaintextSize is too small for the plaintext data
654 and the required size is returned in PlaintextSize.
655 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
656 has been removed. A Disconnect should be performed.
657
658 **/
659 typedef
660 EFI_STATUS
661 (EFIAPI *EFI_SMART_CARD_EDGE_DECRYPT_DATA) (
662 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
663 IN EFI_HANDLE SCardHandle,
664 IN UINTN KeyId,
665 IN EFI_GUID *HashAlgorithm,
666 IN EFI_GUID *PaddingMethod,
667 IN UINTN EncryptedSize,
668 IN UINT8 *EncryptedData,
669 IN OUT UINTN *PlaintextSize,
670 OUT UINT8 *PlaintextData
671 );
672
673 /**
674 This function performs a secret Diffie Hellman agreement calculation that would
675 be used to derive a symmetric encryption / decryption key.
676
677 The function compute a DH agreement that should be diversified togenerate a symmetric
678 key to proceed encryption or decryption.
679
680 The application and the Smart Card shall agree on the diversification process.
681
682 The KeyId must reference a key of one of the types: SC_EDGE_ECDH_256, SC_EDGE_ECDH_384
683 or SC_EDGE_ECDH_521.
684
685 @param[in] This Indicates a pointer to the calling context.
686 @param[in] SCardHandle Handle on Smart Card connection.
687 @param[in] KeyId Identifier of the key container, retrieved
688 in a key index item of credentials.
689 @param[in] dataQx Public key x coordinate. Size is the same as
690 key size for KeyId. Stored in big endian format.
691 @param[in] dataQy Public key y coordinate. Size is the same as
692 key size for KeyId. Stored in big endian format.
693 @param[out] DHAgreement Buffer for DH agreement computed. Size must be
694 bigger or equal to key size for KeyId.
695
696 @retval EFI_SUCCESS The requested command completed successfully.
697 @retval EFI_INVALID_PARAMETER This is NULL.
698 @retval EFI_INVALID_PARAMETER No connection for SCardHandle value.
699 @retval EFI_INVALID_PARAMETER KeyId is not valid.
700 @retval EFI_INVALID_PARAMETER dataQx is NULL.
701 @retval EFI_INVALID_PARAMETER dataQy is NULL.
702 @retval EFI_INVALID_PARAMETER DHAgreement is NULL.
703 @retval EFI_ACCESS_DENIED Operation not performed, conditions not fulfilled.
704 PIN not verified.
705 @retval EFI_NO_MEDIA Smart Card or Reader of SCardHandle connection
706 has been removed. A Disconnect should be performed.
707
708 **/
709 typedef
710 EFI_STATUS
711 (EFIAPI *EFI_SMART_CARD_EDGE_BUILD_DH_AGREEMENT) (
712 IN EFI_SMART_CARD_EDGE_PROTOCOL *This,
713 IN EFI_HANDLE SCardHandle,
714 IN UINTN KeyId,
715 IN UINT8 *dataQx,
716 IN UINT8 *dataQy,
717 OUT UINT8 *DHAgreement
718 );
719
720 ///
721 /// Smart card aware application invokes this protocol to get access to an inserted
722 /// smart card in the reader or to the reader itself.
723 ///
724 struct _EFI_SMART_CARD_EDGE_PROTOCOL {
725 EFI_SMART_CARD_EDGE_GET_CONTEXT GetContext;
726 EFI_SMART_CARD_EDGE_CONNECT Connect;
727 EFI_SMART_CARD_EDGE_DISCONNECT Disconnect;
728 EFI_SMART_CARD_EDGE_GET_CSN GetCsn;
729 EFI_SMART_CARD_EDGE_GET_READER_NAME GetReaderName;
730 EFI_SMART_CARD_EDGE_VERIFY_PIN VerifyPin;
731 EFI_SMART_CARD_EDGE_GET_PIN_REMAINING GetPinRemaining;
732 EFI_SMART_CARD_EDGE_GET_DATA GetData;
733 EFI_SMART_CARD_EDGE_GET_CREDENTIAL GetCredential;
734 EFI_SMART_CARD_EDGE_SIGN_DATA SignData;
735 EFI_SMART_CARD_EDGE_DECRYPT_DATA DecryptData;
736 EFI_SMART_CARD_EDGE_BUILD_DH_AGREEMENT BuildDHAgreement;
737 };
738
739 extern EFI_GUID gEfiSmartCardEdgeProtocolGuid;
740
741 #endif
742
EFI Development Kit II mirror for PVE