00001
00008
00009 #pragma once
00010 #include "CardBase.h"
00011
00013 class EstEidCard:
00014 public CardBase
00015 {
00016 friend class EstEidCardMaintainer;
00017 protected:
00018 enum {
00019 FILEID_MASTER = 0x3F00,
00020 FILEID_APP = 0xEEEE,
00021 FILEID_RETRYCT = 0x0016,
00022 FILEID_KEYPOINTER = 0x0033
00023 };
00024 public:
00025
00026 enum PinType {
00027 PUK = 0,
00028 PIN_AUTH = 1,
00029 PIN_SIGN = 2,
00030 };
00031 enum KeyType { AUTH = 0,SIGN = 1 };
00032 enum AlgType {
00033 MD5,SHA1,SSL
00034 };
00035 enum RecordNames {
00036 SURNAME = 1,
00037 FIRSTNAME,
00038 MIDDLENAME,
00039 SEX,
00040 CITIZEN,
00041 BIRTHDATE,
00042 ID,
00043 DOCUMENTID,
00044 EXPIRY,
00045 BIRTHPLACE,
00046 ISSUEDATE,
00047 RESIDENCEPERMIT,
00048 COMMENT1,COMMENT2,COMMENT3,COMMENT4
00049 };
00050 private:
00051 void prepareSign_internal(KeyType keyId,std::string pin);
00052 ByteVec calcSign_internal(AlgType type,KeyType keyId, ByteVec hash,bool withOID = true);
00053 ByteVec RSADecrypt_internal(ByteVec cipher);
00054 void readPersonalData_internal(vector<std::string>& data,
00055 int firstRecord,int lastRecord );
00056 void enterPin(PinType pinType,std::string pin,bool forceUnsecure = false);
00057 bool validatePin_internal(PinType pinType,std::string pin, byte &retriesLeft,
00058 bool forceUnsecure = false);
00059 bool changePin_internal(
00060 PinType pinType,std::string newPin,std::string oldPin,bool useUnblockCommand=false);
00061 void reconnectWithT0();
00062 void checkProtocol();
00063 bool getRetryCounts_internal(byte &puk,byte &pinAuth,byte &pinSign);
00064
00065 public:
00066 EstEidCard(ManagerInterface &ref) : CardBase(ref) {}
00067 EstEidCard(ManagerInterface &ref,unsigned int idx) :
00068 CardBase(ref,idx) {}
00069 EstEidCard(ManagerInterface &ref,ConnectionBase *conn) :
00070 CardBase(ref,conn) {}
00071 ~EstEidCard() {}
00072 bool isInReader(unsigned int idx);
00073
00075 std::string readCardID();
00077 std::string readCardName();
00079 bool readPersonalData(std::vector<std::string>& data,
00080 int firstRecord=SURNAME,int lastRecord=EXPIRY);
00082 bool getKeyUsageCounters(dword &authKey,dword &signKey);
00084 bool getRetryCounts(byte &puk,byte &pinAuth,byte &pinSign);
00086 ByteVec getAuthCert();
00088 ByteVec getSignCert();
00090 ByteVec calcSSL(ByteVec hash);
00092 ByteVec calcSSL(ByteVec hash,std::string pin);
00093
00095 ByteVec calcSignSHA1(ByteVec hash,KeyType keyId,bool withOID = true);
00097 ByteVec calcSignSHA1(ByteVec hash,KeyType keyId,std::string pin,bool withOID = true);
00098
00100 ByteVec calcSignMD5(ByteVec hash,KeyType keyId,bool withOID = true);
00102 ByteVec calcSignMD5(ByteVec hash,KeyType keyId,std::string pin,bool withOID = true);
00103
00105 ByteVec RSADecrypt(ByteVec cipher);
00107 ByteVec RSADecrypt(ByteVec cipher,std::string pin);
00108
00110 bool validateAuthPin(std::string pin,byte &retriesLeft );
00112 bool validateSignPin(std::string pin,byte &retriesLeft );
00114 bool validatePuk(std::string puk, byte &retriesLeft );
00115
00117 bool changeAuthPin(std::string newPin,std::string oldPin, byte &retriesLeft );
00119 bool changeSignPin(std::string newPin,std::string oldPin, byte &retriesLeft );
00121 bool changePUK(std::string newPUK,std::string oldPUK, byte &retriesLeft );
00123 bool unblockAuthPin(std::string newPin,std::string PUK, byte &retriesLeft );
00125 bool unblockSignPin(std::string newPin,std::string PUK, byte &retriesLeft );
00126
00128 void setSecEnv(byte env);
00130 void resetAuth();
00131 };
