scd: Support for SmartCard-HSM

* scd/app-sc-hsm.c: New.
* scd/app.c (select_application, get_supported_applications): Register
new app.

--
Add a read/only driver for scdaemon that provides access to keys and
certificates on a SmartCard-HSM (www.smartcard-hsm.com).

The driver supports RSA and ECC keys on SmartCard-HSM cards and
USB-Sticks.

The driver does not yet support the MicroSD edition.

--
ChangeLog and FSF copyright year fix by wk.

doc/scdaemon.texi

@@ -340,6 +340,7 @@ stripping off the two leading dashes.
 * DINSIG Card::           The DINSIG card application
 * PKCS#15 Card::          The PKCS#15 card application
 * Geldkarte Card::        The Geldkarte application
+* SmartCard-HSM::         The SmartCard-HSM application
 * Undefined Card::        The Undefined stub application
 @end menu
 
@@ -382,6 +383,19 @@ This is a simple application to display information of a German
 Geldkarte.  The Geldkarte is a small amount debit card application which
 comes with almost all German banking cards.
 
+@node SmartCard-HSM
+@subsection The SmartCard-HSM card application ``sc-hsm''
+
+This application adds read/only support for keys and certificates
+stored on a @uref{http://www.smartcard-hsm.com, SmartCard-HSM}.
+
+To generate keys and store certifiates you may use
+@uref{https://github.com/OpenSC/OpenSC/wiki/SmartCardHSM, OpenSC} or
+the tools from @uref{http://www.openscdp.org, OpenSCDP}.
+
+The SmartCard-HSM cards requires a card reader that supports Extended
+Length APDUs.
+
 @node Undefined Card
 @subsection The Undefined card application ``undefined''
 

scd/Makefile.am

@@ -33,7 +33,7 @@ AM_CFLAGS =  $(LIBGCRYPT_CFLAGS) \
 	     $(KSBA_CFLAGS) $(LIBASSUAN_CFLAGS) $(NPTH_CFLAGS)
 
 
-card_apps = app-openpgp.c app-nks.c app-dinsig.c app-p15.c app-geldkarte.c
+card_apps = app-openpgp.c app-nks.c app-dinsig.c app-p15.c app-geldkarte.c app-sc-hsm.c
 
 scdaemon_SOURCES = \
 	scdaemon.c scdaemon.h \

scd/app-common.h

@@ -223,6 +223,9 @@ gpg_error_t app_select_p15 (app_t app);
 /*-- app-geldkarte.c --*/
 gpg_error_t app_select_geldkarte (app_t app);
 
+/*-- app-sc-hsm.c --*/
+gpg_error_t app_select_sc_hsm (app_t app);
+
 
 #endif
 

scd/app.c

@@ -387,6 +387,8 @@ select_application (ctrl_t ctrl, int slot, const char *name, app_t *r_app)
     err = app_select_geldkarte (app);
   if (err && is_app_allowed ("dinsig") && (!name || !strcmp (name, "dinsig")))
     err = app_select_dinsig (app);
+  if (err && is_app_allowed ("sc-hsm") && (!name || !strcmp (name, "sc-hsm")))
+    err = app_select_sc_hsm (app);
   if (err && name)
     err = gpg_error (GPG_ERR_NOT_SUPPORTED);
 
@@ -422,6 +424,7 @@ get_supported_applications (void)
     "p15",
     "geldkarte",
     "dinsig",
+    "sc-hsm",
     /* Note: "undefined" is not listed here because it needs special
        treatment by the client.  */
     NULL