1. 06 Aug, 2018 1 commit
    • Jakub Jelen's avatar
      cac, cac-aca: Implement other undocumented encoding for extended properties · d73b64d8
      Jakub Jelen authored
       * These modifiers nor format is not documented anywhere, but ActivClient
         expects them and cards happily answer them
       * This is a kind of more compressed form of other ACA buffers, but it is
         extended with some additional values of unknown meaning.
       * This is somehow consistent with the standard GET ACR parameters, but if
         P1 | 0x40 is set, the response should come in this new format.
       * This affects also GET PROPERTIES APDU, where we get also other bunch of
         TLVs in case of this bit is set.
      Signed-off-by: default avatarJakub Jelen <jjelen@redhat.com>
      Reviewed-by: default avatarRobert Relyea <rrelyea@redhat.com>
      Message-Id: <20180802094407.4104-29-jjelen@redhat.com>
      d73b64d8
  2. 02 Aug, 2018 2 commits
    • Jakub Jelen's avatar
      cac: Generate dynamic ACA structures based on the certificates · d8386ee1
      Jakub Jelen authored
       * So far, the ACA tables were static from existing card.
       * This change allows adjusting the ACA tables based on the real
         certificates and PKI applets present in virtual smart card
      Signed-off-by: default avatarJakub Jelen <jjelen@redhat.com>
      Reviewed-by: default avatarRobert Relyea <rrelyea@redhat.com>
      Message-Id: <20180802094407.4104-14-jjelen@redhat.com>
      d8386ee1
    • Jakub Jelen's avatar
      ACA Applet · c130d6ca
      Jakub Jelen authored
       * The Access Control Applet is used to discover other applets
         in the card, discover Access Control Rules for various opperations
         and provides information about authentication mechanisms.
      
       * The ACA provides many structures that are quite independent from
         the rest of CAC so it is implemented in separate file.
      
       * All the structures are annotated with the references to specifications
      
       * Implements structures and access functions in ACA Applet
         * Access Control Rules table
         * Applet/Object Access Control Rules table
         * Access Method Provider table
         * Service Applet Table
      
         (from "5.3.3.5 Get ACR APDU" of GSC-IS 2.1)
      Signed-off-by: default avatarJakub Jelen <jjelen@redhat.com>
      Reviewed-by: default avatarRobert Relyea <rrelyea@redhat.com>
      Message-Id: <20180802094407.4104-7-jjelen@redhat.com>
      c130d6ca