Documentation
¶
Overview ¶
Package gpapdu implements the Global Platform-specific APDU commands and extensions on top of ISO-IEC 7816
Index ¶
- Constants
- func SendOnTransport(t apdu.Transport, cmd Command) (apdu.Response, error)
- type Class
- type Client
- type Command
- type Commands
- type Context
- type ControlReferenceTemplateForDigitalSignature
- type DeleteCardContent
- type DeleteCommand
- type DeleteKey
- type KeyType
- type Privileges
- type ResponseConfirmation
- type SecureChannelSession
Constants ¶
View Source
const ( // InstructionInitializeUpdate is the InitializeUpdate instruction InstructionInitializeUpdate apdu.Instruction = 0x50 )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Class ¶
type Class struct {
apdu.InterindustryClass
IsGPCommand bool // Sets b8 depending on whether or not this is a proprietary GP command
}
Class extends the Interindustry class using b8 as a flag for GP-specific commands, no other changes
func ClassFromByte ¶
ClassFromByte converts a byte to a Class
func (Class) ToClassByte ¶
ToClassByte returns the formatted class byte
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is a GP client wrapping APDU commands
type Command ¶
type Command struct {
Class Class // CLA
Instruction apdu.Instruction // INS
P1, P2 byte // P1, P2 = Parameter fields
Data []byte // Command data field
ExpectResponseData bool // Toggles whether any data is expected, expected length cannot be set
}
Command is the GP subset of apdu.Command, with fields altered or removed to help avoid breaking restrictions set by the GP spec
type Commands ¶
type Commands interface {
Delete(deleteRelatedObjects bool, cmd DeleteCommand, logicalChannel uint8) (confirmation []byte, err error)
GetData()
GetStatus()
Install() // TODO: there's a LOT of weirdness for this one
Load()
PutKey()
Select()
SetStatus()
StoreData()
}
Commands is the full client command list TODO: none of these have actual arguments/returns yet
type Context ¶
type Context struct {
// contains filtered or unexported fields
}
Context is a GP APDU context, which maintains state based on previous calls and handles concurrency safety
func (*Context) InitializeUpdate ¶
func (c *Context) InitializeUpdate(channelNumber uint8, keyVersionNumber uint8, randR io.Reader) (*SecureChannelSession, error)
InitializeUpdate initiates a new Secure Channel Session
type ControlReferenceTemplateForDigitalSignature ¶
type ControlReferenceTemplateForDigitalSignature struct {
SecurityDomainID []byte `asn1:"optional,omitempty,tag:42"`
SecurityDomainImageNumber []byte `asn1:"optional,omitempty,tag:45"`
ApplicationProviderID []byte `asn1:"optional,omitempty,tag:5F20"`
TokenID []byte `asn1:"optional,omitempty,tag:93"`
}
ControlReferenceTemplateForDigitalSignature is a control reference template for digital signature
type DeleteCardContent ¶
type DeleteCardContent struct {
ELFileOrAppID []byte
CRTFDS *ControlReferenceTemplateForDigitalSignature
}
DeleteCardContent is Delete [card content] command
type DeleteCommand ¶
type DeleteCommand interface {
// contains filtered or unexported methods
}
DeleteCommand is a Delete command, either DeleteKey or DeleteCardContent
type DeleteKey ¶
type DeleteKey struct {
IncludeKeyIdentifer bool
KeyIdentifier byte
IncludeKeyVersionNumber bool
KeyVersionNumber byte
}
DeleteKey is a Delete [key] command
type KeyType ¶
type KeyType byte
KeyType is a key type indicator
const ( // DESWithImplicitMode is the DESWithImplicitMode key type DESWithImplicitMode KeyType = 0x80 PreSharedKeyForTransportLayerSecurity KeyType = 0x85 // AES is the AES key type AES KeyType = 0x88 // HMACSHA1WithImplictLength is the HMACSHA1WithImplictLength key type HMACSHA1WithImplictLength KeyType = 0x90 // HMACSHA1Length160Bits is the HMACSHA1Length160Bits key type HMACSHA1Length160Bits KeyType = 0x91 // RSAPublicKeyPubExponentEClearText is the RSAPublicKeyPubExponentEClearText key type RSAPublicKeyPubExponentEClearText KeyType = 0xA0 // RSAPublicKeyModulesNClearText is the RSAPublicKeyModulesNClearText key type RSAPublicKeyModulesNClearText KeyType = 0xA1 // RSAPrivateKeyModulusN is the RSAPrivateKeyModulusN key type RSAPrivateKeyModulusN KeyType = 0xA2 // RSAPrivateKeyPrivateExponentD is the RSAPrivateKeyPrivateExponentD key type RSAPrivateKeyPrivateExponentD KeyType = 0xA3 // RSAPrivateKeyChineseRemainderP is the RSAPrivateKeyChineseRemainderP key type RSAPrivateKeyChineseRemainderP KeyType = 0xA4 // RSAPrivateKeyChineseRemainderQ is the RSAPrivateKeyChineseRemainderQ key type RSAPrivateKeyChineseRemainderQ KeyType = 0xA5 // RSAPrivateKeyChineseRemainderPQ is the RSAPrivateKeyChineseRemainderPQ key type RSAPrivateKeyChineseRemainderPQ KeyType = 0xA6 // RSAPrivateKeyChineseRemainderDP1 is the RSAPrivateKeyChineseRemainderDP1 key type RSAPrivateKeyChineseRemainderDP1 KeyType = 0xA7 // RSAPrivateKeyChineseRemainderDQ1 is the RSAPrivateKeyChineseRemainderDQ1 key type RSAPrivateKeyChineseRemainderDQ1 KeyType = 0xA8 // ECCPublicKey is the ECCPublicKey key type ECCPublicKey KeyType = 0xB0 // ECCPrivateKey is the ECCPrivateKey key type ECCPrivateKey KeyType = 0xB1 // ECCFieldParameterP is the ECCFieldParameterP key type ECCFieldParameterP KeyType = 0xB2 // ECCFieldParameterA is the ECCFieldParameterA key type ECCFieldParameterA KeyType = 0xB3 // ECCFieldParameterB is the ECCFieldParameterB key type ECCFieldParameterB KeyType = 0xB4 // ECCFieldParameterG is the ECCFieldParameterG key type ECCFieldParameterG KeyType = 0xB5 // ECCFieldParameterN is the ECCFieldParameterN key type ECCFieldParameterN KeyType = 0xB6 // ECCFieldParameterK is the ECCFieldParameterK key type ECCFieldParameterK KeyType = 0xB7 // ECCKeyParametersReference is the ECCKeyParametersReference key type ECCKeyParametersReference KeyType = 0xF0 // ExtendedFormat is the ExtendedFormat key type ExtendedFormat KeyType = 0xFF )
type Privileges ¶
type Privileges struct {
SecurityDomain bool
DAPVerification bool // Implies SecurityDomain
DelegatedManagement bool // Implies SecurityDomain
CardLock bool
CardTerminate bool
CardReset bool
CVMManagement bool
MandatedDAPVerification bool // Implies DAPVerification and SecurityDomain
TrustedPath bool
AuthorizedManagement bool // Implies SecurityDomain
TokenManagement bool
GlobalDelete bool
GlobalLock bool
GlobalRegistry bool
FinalApplication bool
GlobalService bool
ReceiptGeneration bool
CipheredLoadFileDataBlock bool
ContactlessActivation bool
ContactlessSelfActivation bool
// contains filtered or unexported fields
}
Privileges are the privileges granted to an application or domain
func PrivilegesFromBytes ¶
func PrivilegesFromBytes(in [3]byte) Privileges
PrivilegesFromBytes converts 3 bytes to a set of Privilegs flags
func (Privileges) ToBytes ¶
func (p Privileges) ToBytes() [3]byte
ToBytes converts a Privileges struct to the APDU bytes representation
type ResponseConfirmation ¶
type ResponseConfirmation struct {
Receipt []byte
ConfirmationCounter uint16
SDUniqueData []byte
TokenIdentifier []byte
TokenDataDigest []byte
}
ResponseConfirmation is a Confirmation from a response message
func ConfirmationFromResponse ¶
func ConfirmationFromResponse(in apdu.Response) (res ResponseConfirmation, err error)
ConfirmationFromResponse converts an apdu.Response to a Confirmation message
type SecureChannelSession ¶
type SecureChannelSession struct {
// contains filtered or unexported fields
}
SecureChannelSession is a Secure Channel Session
func NewSecureChannelSession ¶
func NewSecureChannelSession(context *Context, s8mode bool, channelNumber uint8, keyVersionNumber uint8) (*SecureChannelSession, error)
NewSecureChannelSession creates a new Secure Channel Session
Source Files
Click to show internal directories.
Click to hide internal directories.