|
| typedef struct _EFI_SMART_CARD_EDGE_PROTOCOL | EFI_SMART_CARD_EDGE_PROTOCOL |
| |
| typedef UINT8 | SMART_CARD_AID[SCARD_AID_MAXSIZE] |
| |
| typedef UINT8 | SMART_CARD_CSN[SCARD_CSN_SIZE] |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_GET_CONTEXT) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, OUT UINTN *NumberAidSupported, IN OUT UINTN *AidTableSize OPTIONAL, OUT SMART_CARD_AID *AidTable OPTIONAL, OUT UINTN *NumberSCPresent, IN OUT UINTN *CsnTableSize OPTIONAL, OUT SMART_CARD_CSN *CsnTable OPTIONAL, OUT UINT32 *VersionScEdgeProtocol OPTIONAL) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_CONNECT) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, OUT EFI_HANDLE *SCardHandle, IN UINT8 *ScardCsn OPTIONAL, OUT UINT8 *ScardAid OPTIONAL) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_DISCONNECT) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_GET_CSN) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, OUT UINT8 Csn[SCARD_CSN_SIZE]) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_GET_READER_NAME) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, IN OUT UINTN *ReaderNameLength, OUT CHAR16 *ReaderName OPTIONAL) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_VERIFY_PIN) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, IN INT32 PinSize, IN UINT8 *PinCode, OUT BOOLEAN *PinResult, OUT UINT32 *RemainingAttempts OPTIONAL) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_GET_PIN_REMAINING) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, OUT UINT32 *RemainingAttempts) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_GET_DATA) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, IN EFI_GUID *DataId, IN OUT UINTN *DataSize, OUT VOID *Data OPTIONAL) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_GET_CREDENTIAL) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, IN OUT UINTN *CredentialSize, OUT UINT8 *CredentialList OPTIONAL) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_SIGN_DATA) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, IN UINTN KeyId, IN UINTN KeyType, IN EFI_GUID *HashAlgorithm, IN EFI_GUID *PaddingMethod, IN UINT8 *HashedData, OUT UINT8 *SignatureData) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_DECRYPT_DATA) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, IN UINTN KeyId, IN EFI_GUID *HashAlgorithm, IN EFI_GUID *PaddingMethod, IN UINTN EncryptedSize, IN UINT8 *EncryptedData, IN OUT UINTN *PlaintextSize, OUT UINT8 *PlaintextData) |
| |
| typedef EFI_STATUS(EFIAPI * | EFI_SMART_CARD_EDGE_BUILD_DH_AGREEMENT) (IN EFI_SMART_CARD_EDGE_PROTOCOL *This, IN EFI_HANDLE SCardHandle, IN UINTN KeyId, IN UINT8 *dataQx, IN UINT8 *dataQy, OUT UINT8 *DHAgreement) |
| |
The Smart Card Edge Protocol provides an abstraction for device to provide Smart Card support.
This protocol allows UEFI applications to interface with a Smart Card during boot process for authentication or data signing/decryption, especially if the application has to make use of PKI.
Copyright (c) 2015-2018, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
- Revision Reference:
- This Protocol was introduced in UEFI Specification 2.5.
This function performs a secret Diffie Hellman agreement calculation that would be used to derive a symmetric encryption / decryption key.
The function compute a DH agreement that should be diversified togenerate a symmetric key to proceed encryption or decryption.
The application and the Smart Card shall agree on the diversification process.
The KeyId must reference a key of one of the types: SC_EDGE_ECDH_256, SC_EDGE_ECDH_384 or SC_EDGE_ECDH_521.
- Parameters
-
| [in] | This | Indicates a pointer to the calling context. |
| [in] | SCardHandle | Handle on Smart Card connection. |
| [in] | KeyId | Identifier of the key container, retrieved in a key index item of credentials. |
| [in] | dataQx | Public key x coordinate. Size is the same as key size for KeyId. Stored in big endian format. |
| [in] | dataQy | Public key y coordinate. Size is the same as key size for KeyId. Stored in big endian format. |
| [out] | DHAgreement | Buffer for DH agreement computed. Size must be bigger or equal to key size for KeyId. |
- Return values
-
| EFI_SUCCESS | The requested command completed successfully. |
| EFI_INVALID_PARAMETER | This is NULL. |
| EFI_INVALID_PARAMETER | No connection for SCardHandle value. |
| EFI_INVALID_PARAMETER | KeyId is not valid. |
| EFI_INVALID_PARAMETER | dataQx is NULL. |
| EFI_INVALID_PARAMETER | dataQy is NULL. |
| EFI_INVALID_PARAMETER | DHAgreement is NULL. |
| EFI_ACCESS_DENIED | Operation not performed, conditions not fulfilled. PIN not verified. |
| EFI_NO_MEDIA | Smart Card or Reader of SCardHandle connection has been removed. A Disconnect should be performed. |
This function establish a connection with a Smart Card the protocol support.
In case of success the SCardHandle can be used.
If the ScardCsn is NULL the connection is established with the first Smart Card the protocol finds in its table of Smart Card present and supported. Else it establish context with the Smart Card whose CSN given by ScardCsn.
If ScardAid is not NULL the function returns the Smart Card AID the protocol supports. After a successful connect the SCardHandle will remain existing even in case Smart Card removed from Smart Card reader, but all function invoking this SCardHandle will fail. SCardHandle is released only on Disconnect.
- Parameters
-
| [in] | This | Indicates a pointer to the calling context. |
| [out] | SCardHandle | Handle on Smart Card connection. |
| [in] | ScardCsn | CSN of the Smart Card the connection has to be established. |
| [out] | ScardAid | AID of the Smart Card the connection has been established. |
- Return values
-
| EFI_SUCCESS | The requested command completed successfully. |
| EFI_INVALID_PARAMETER | This is NULL. |
| EFI_INVALID_PARAMETER | SCardHandle is NULL. |
| EFI_NO_MEDIA | No Smart Card supported by protocol is present, Smart Card with CSN ScardCsn or Reader has been removed. A Disconnect should be performed. |
This function retrieves the context driver.
The GetContextfunction returns the context of the protocol, the application identifiers supported by the protocol and the number and the CSN unique identifier of Smart Cards that are present and supported by protocol.
If AidTableSize, AidTable, CsnTableSize, CsnTable or VersionProtocol is NULL, the function does not fail but does not fill in such variables.
In case AidTableSize indicates a buffer too small to hold all the protocol AID table, only the first AidTableSize items of the table are returned in AidTable.
In case CsnTableSize indicates a buffer too small to hold the entire table of Smart Card CSN present, only the first CsnTableSize items of the table are returned in CsnTable.
VersionScEdgeProtocol returns the version of the EFI_SMART_CARD_EDGE_PROTOCOL this driver uses. For this protocol specification value is SMART_CARD_EDGE_PROTOCOL_VERSION_1.
In case of Smart Card removal the internal CSN list is immediately updated, even if a connection is opened with that Smart Card.
- Parameters
-
| [in] | This | Indicates a pointer to the calling context. |
| [out] | NumberAidSupported | Number of AIDs this protocol supports. |
| [in,out] | AidTableSize | On input, number of items allocated for the AID table. On output, number of items returned by protocol. |
| [out] | AidTable | Table of the AIDs supported by the protocol. |
| [out] | NumberSCPresent | Number of currently present Smart Cards that are supported by protocol. |
| [in,out] | CsnTableSize | On input, the number of items the buffer CSN table can contain. On output, the number of items returned by the protocol. |
| [out] | CsnTable | Table of the CSN of the Smart Card present and supported by protocol. |
| [out] | VersionScEdgeProtocol | EFI_SMART_CARD_EDGE_PROTOCOL version. |
- Return values
-
| EFI_SUCCESS | The requested command completed successfully. |
| EFI_INVALID_PARAMETER | This is NULL. |
| EFI_INVALID_PARAMETER | NumberSCPresent is NULL. |
This function retrieve credentials store into the Smart Card.
The function returns a series of items in TLV (Tag Length Value) format.
First TLV item is the header item that gives the number of following containers (0x00, 0x01, Nb containers).
All these containers are a series of 4 TLV items:
- The certificate item (0x01, certificate size, certificate)
- The Key identifier item (0x02, 0x01, key index)
- The key type item (0x03, 0x01, key type)
- The key size item (0x04, 0x02, key size), key size in number of bits. Numeric multi-bytes values are on big endian format, most significant byte first:
- The L field value for certificate (2 bytes)
- The L field value for key size (2 bytes)
- The value field for key size (2 bytes)
- Parameters
-
| [in] | This | Indicates a pointer to the calling context. |
| [in] | SCardHandle | Handle on Smart Card connection. |
| [in,out] | CredentialSize | On input, in bytes, the size of buffer to store the list of credential. On output, in bytes, the size of buffer required to store the entire list of credentials. |
| [out] | CredentialList | List of credentials stored into the Smart Card. A list of TLV (Tag Length Value) elements organized in containers array. |
- Return values
-
| EFI_SUCCESS | The requested command completed successfully. |
| EFI_INVALID_PARAMETER | This is NULL. |
| EFI_INVALID_PARAMETER | No connection for SCardHandle value. |
| EFI_INVALID_PARAMETER | CredentialSize is NULL. |
| EFI_INVALID_PARAMETER | CredentialList is NULL, if CredentialSize is not zero. |
| EFI_BUFFER_TOO_SMALL | The size of CredentialList is too small for the specified data and the required size is returned in CredentialSize. |
| EFI_NO_MEDIA | Smart Card or Reader of SCardHandle connection has been removed. A Disconnect should be performed. |
This function authenticates a Smart Card user by presenting a PIN code.
The VerifyPinfunction presents a PIN code to the Smart Card.
If Smart Card found the PIN code correct the user is considered authenticated to current application, and the function returns TRUE.
Negative or null PinSize value rejected if PinCodeis not NULL.
A NULL PinCodebuffer means the application didn't know the PIN, in that case:
- If PinSize value is negative the caller only wants to know if the current chain of the elements Smart Card Edge protocol, Smart Card Reader protocol and Smart Card Reader supports the Secure Pin Entry PCSC V2 functionality.
- If PinSize value is positive or null the caller ask to perform the verify PIN using the Secure PIN Entry functionality.
In PinCode buffer, the PIN value is always given in plaintext, in case of secure messaging the SMART_CARD_EDGE_PROTOCOL will be in charge of all intermediate treatments to build the correct Smart Card APDU.
- Parameters
-
| [in] | This | Indicates a pointer to the calling context. |
| [in] | SCardHandle | Handle on Smart Card connection. |
| [in] | PinSize | PIN code buffer size. |
| [in] | PinCode | PIN code to present to the Smart Card. |
| [out] | PinResult | Result of PIN code presentation to the Smart Card. TRUE when Smard Card founds the PIN code correct. |
| [out] | RemainingAttempts | Number of attempts still possible. |
- Return values
-
| EFI_SUCCESS | The requested command completed successfully. |
| EFI_UNSUPPORTED | Pinsize < 0 and Secure PIN Entry functionality not supported. |
| EFI_INVALID_PARAMETER | This is NULL. |
| EFI_INVALID_PARAMETER | No connection for SCardHandle value. |
| EFI_INVALID_PARAMETER | Bad value for PinSize: value not supported by Smart Card or, negative with PinCode not null. |
| EFI_INVALID_PARAMETER | PinResult is NULL. |
| EFI_NO_MEDIA | Smart Card or Reader of SCardHandle connection has been removed. A Disconnect should be performed. |
