mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
* card-dinsig.c: Documented some stuff from the DIN norm.
This commit is contained in:
parent
82575bfb98
commit
ccb0bb10e1
@ -1,3 +1,7 @@
|
||||
2002-06-15 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* card-dinsig.c: Documented some stuff from the DIN norm.
|
||||
|
||||
2002-04-15 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* command.c (cmd_pksign, cmd_pkdecrypt): Use a copy of the key ID.
|
||||
|
@ -18,6 +18,58 @@
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
|
||||
*/
|
||||
|
||||
/* The German signature law and its bylaw (SigG and SigV) is currently
|
||||
used with an interface specification described in DIN V 66291-1.
|
||||
The AID to be used is: 'D27600006601'.
|
||||
|
||||
The file IDs for certificates utilize the generic format:
|
||||
Cxyz
|
||||
C being the hex digit 'C' (12).
|
||||
x being the service indicator:
|
||||
'0' := SigG conform digital signature.
|
||||
'1' := entity authentication.
|
||||
'2' := key encipherment.
|
||||
'3' := data encipherment.
|
||||
'4' := key agreement.
|
||||
other values are reserved for future use.
|
||||
y being the security environment number using '0' for cards
|
||||
not supporting a SE number.
|
||||
z being the certificate type:
|
||||
'0' := C.CH (base certificate of ard holder) or C.ICC.
|
||||
'1' .. '7' := C.CH (business or professional certificate
|
||||
of card holder.
|
||||
'8' .. 'D' := C.CA (certificate of a CA issue by the Root-CA).
|
||||
'E' := C.RCA (self certified certificate of the Root-CA).
|
||||
'F' := reserved.
|
||||
|
||||
The file IDs used by default are:
|
||||
'1F00' EF.SSD (security service descriptor). [o,o]
|
||||
'2F02' EF.GDO (global data objects) [m,m]
|
||||
'A000' EF.PROT (signature log). Cyclic file with 20 records of 53 byte.
|
||||
Read and update after user authentication. [o,o]
|
||||
'B000' EF.PK.RCA.DS (public keys of Root-CA). Size is 512b or size
|
||||
of keys. [m (unless a 'C00E' is present),m]
|
||||
'B001' EF.PK.CA.DS (public keys of CAs). Size is 512b or size
|
||||
of keys. [o,o]
|
||||
'C00n' EF.C.CH.DS (digital signature certificate of card holder)
|
||||
with n := 0 .. 7. Size is 2k or size of cert. Read and
|
||||
update allowed after user authentication. [m,m]
|
||||
'C00m' EF.C.CA.DS (digital signature certificate of CA)
|
||||
with m := 8 .. E. Size is 1k or size of cert. Read always
|
||||
allowed, update after uder authentication. [o,o]
|
||||
'C100' EF.C.ICC.AUT (AUT certificate of ICC) [o,m]
|
||||
'C108' EF.C.CA.AUT (AUT certificate of CA) [o,m]
|
||||
'D000' EF.DM (display message) [-,m]
|
||||
|
||||
The letters in brackets indicate optional or mandatory files: The
|
||||
first for card terminals under full control and the second for
|
||||
"business" card terminals.
|
||||
|
||||
FIXME: Needs a lot more explanation.
|
||||
|
||||
*/
|
||||
|
||||
|
||||
#include <config.h>
|
||||
#include <errno.h>
|
||||
#include <stdio.h>
|
||||
@ -38,8 +90,7 @@ static int dinsig_read_cert (CARD card, const char *certidstr,
|
||||
|
||||
/* See card.c for interface description. Frankly we don't do any real
|
||||
enumeration but just check whether the well know files are
|
||||
available.
|
||||
*/
|
||||
available. */
|
||||
static int
|
||||
dinsig_enum_keypairs (CARD card, int idx,
|
||||
unsigned char *keygrip, char **keyid)
|
||||
|
Loading…
x
Reference in New Issue
Block a user