#include <EstEidCard.h>
Inheritance diagram for EstEidCard:
Public Types | |
enum | PinType { PUK = 0, PIN_AUTH = 1, PIN_SIGN = 2 } |
enum | KeyType { AUTH = 0, SIGN = 1 } |
enum | AlgType { MD5, SHA1, SSL } |
enum | RecordNames { SURNAME = 1, FIRSTNAME, MIDDLENAME, SEX, CITIZEN, BIRTHDATE, ID, DOCUMENTID, EXPIRY, BIRTHPLACE, ISSUEDATE, RESIDENCEPERMIT, COMMENT1, COMMENT2, COMMENT3, COMMENT4 } |
Public Member Functions | |
EstEidCard (ManagerInterface &ref) | |
EstEidCard (ManagerInterface &ref, unsigned int idx) | |
EstEidCard (ManagerInterface &ref, ConnectionBase *conn) | |
bool | isInReader (unsigned int idx) |
virtual to be overridden by concrete cards, that can check for ATR or other card specific data | |
std::string | readCardID () |
Reads the card holder identification code from personal data file. | |
std::string | readCardName () |
Reads the card holder name from personal data file. | |
bool | readPersonalData (std::vector< std::string > &data, int firstRecord=SURNAME, int lastRecord=EXPIRY) |
Reads entire or parts of personal data file from firstRecord to LastRecord. | |
bool | getKeyUsageCounters (dword &authKey, dword &signKey) |
gets accumulated key usage counters from the card | |
bool | getRetryCounts (byte &puk, byte &pinAuth, byte &pinSign) |
gets PIN entry retry counts for all three PINs | |
ByteVec | getAuthCert () |
retrieve Authentication certificate | |
ByteVec | getSignCert () |
retrieve Signature certificate | |
ByteVec | calcSSL (ByteVec hash) |
calculate SSL signature for SHA1+MD5 hash. PIN needs to be entered before | |
ByteVec | calcSSL (ByteVec hash, std::string pin) |
calculate SSL signature with PIN supplied, supply empty pin if cardmanager supports pin entry | |
ByteVec | calcSignSHA1 (ByteVec hash, KeyType keyId, bool withOID=true) |
calculate signature over SHA1 hash, keyid =0 selects auhtentication key, other values signature key. withOID=false calculates without SHA1 signatures, used for VPN | |
ByteVec | calcSignSHA1 (ByteVec hash, KeyType keyId, std::string pin, bool withOID=true) |
calculate SHA1 signature with pin | |
ByteVec | calcSignMD5 (ByteVec hash, KeyType keyId, bool withOID=true) |
calculate signature over MD5 hash, keyid =0 selects auhtentication key | |
ByteVec | calcSignMD5 (ByteVec hash, KeyType keyId, std::string pin, bool withOID=true) |
calculate signature over MD5 hash, with pin | |
ByteVec | RSADecrypt (ByteVec cipher) |
decrypt RSA bytes, from 1024 bit/128 byte input vector, using authentication key | |
ByteVec | RSADecrypt (ByteVec cipher, std::string pin) |
decrypt RSA with authentication key, with pin supplied | |
bool | validateAuthPin (std::string pin, byte &retriesLeft) |
enter and validate authentication PIN. AuthError will be thrown if invalid | |
bool | validateSignPin (std::string pin, byte &retriesLeft) |
enter and validate signature PIN | |
bool | validatePuk (std::string puk, byte &retriesLeft) |
enter and validate PUK code | |
bool | changeAuthPin (std::string newPin, std::string oldPin, byte &retriesLeft) |
change authentication PIN. For secure pin entry, specify pin lengths in "04" format, i.e. two-byte decimal string | |
bool | changeSignPin (std::string newPin, std::string oldPin, byte &retriesLeft) |
change signature PIN | |
bool | changePUK (std::string newPUK, std::string oldPUK, byte &retriesLeft) |
change PUK | |
bool | unblockAuthPin (std::string newPin, std::string PUK, byte &retriesLeft) |
unblock signature PIN using PUK. if correct PUK is supplied, the PIN will be first blocked and then unblocked | |
bool | unblockSignPin (std::string newPin, std::string PUK, byte &retriesLeft) |
unblock signature PIN | |
void | setSecEnv (byte env) |
set security environment for the card. This does not need to be called directly, normally | |
void | resetAuth () |
reset authentication, so next crypto operations will require new pin entry | |
Protected Types | |
enum | { FILEID_MASTER = 0x3F00, FILEID_APP = 0xEEEE, FILEID_RETRYCT = 0x0016, FILEID_KEYPOINTER = 0x0033 } |
Friends | |
class | EstEidCardMaintainer |