1 files changed, 214 insertions, 0 deletions
diff --git a/base/tps/src/include/processor/RA_Processor.h b/base/tps/src/include/processor/RA_Processor.h
new file mode 100644
index 000000000..74e869a52
--- /dev/null
+++ b/base/tps/src/include/processor/RA_Processor.h
@@ -0,0 +1,214 @@
+/* --- BEGIN COPYRIGHT BLOCK ---
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation;
+ * version 2.1 of the License.
+ * 
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA  02110-1301  USA 
+ * 
+ * Copyright (C) 2007 Red Hat, Inc.
+ * All rights reserved.
+ * --- END COPYRIGHT BLOCK ---
+ */
+
+#ifndef RA_PROCESSOR_H
+#define RA_PROCESSOR_H
+
+#ifdef HAVE_CONFIG_H
+#ifndef AUTOTOOLS_CONFIG_H
+#define AUTOTOOLS_CONFIG_H
+
+/* Eliminate warnings when using Autotools */
+#undef PACKAGE_BUGREPORT
+#undef PACKAGE_NAME
+#undef PACKAGE_STRING
+#undef PACKAGE_TARNAME
+#undef PACKAGE_VERSION
+
+#include <config.h>
+#endif /* AUTOTOOLS_CONFIG_H */
+#endif /* HAVE_CONFIG_H */
+
+#include "main/Login.h"
+#include "main/SecureId.h"
+#include "main/RA_Session.h"
+#include "authentication/AuthParams.h"
+#include "apdu/APDU.h"
+#include "apdu/APDU_Response.h"
+#include "channel/Secure_Channel.h"
+
+enum RA_Status {
+    STATUS_NO_ERROR=0,
+    STATUS_ERROR_SNAC=1,
+    STATUS_ERROR_SEC_INIT_UPDATE=2,
+    STATUS_ERROR_CREATE_CARDMGR=3,
+    STATUS_ERROR_MAC_RESET_PIN_PDU=4,
+    STATUS_ERROR_MAC_CERT_PDU=5,
+    STATUS_ERROR_MAC_LIFESTYLE_PDU=6,
+    STATUS_ERROR_MAC_ENROLL_PDU=7,
+    STATUS_ERROR_READ_OBJECT_PDU=8,
+    STATUS_ERROR_BAD_STATUS=9,
+    STATUS_ERROR_CA_RESPONSE=10,
+    STATUS_ERROR_READ_BUFFER_OVERFLOW=11,
+    STATUS_ERROR_TOKEN_RESET_PIN_FAILED=12,
+    STATUS_ERROR_CONNECTION=13,
+    STATUS_ERROR_LOGIN=14,
+    STATUS_ERROR_DB=15,
+    STATUS_ERROR_TOKEN_DISABLED=16,
+    STATUS_ERROR_SECURE_CHANNEL=17,
+    STATUS_ERROR_MISCONFIGURATION=18,
+    STATUS_ERROR_UPGRADE_APPLET=19,
+    STATUS_ERROR_KEY_CHANGE_OVER=20,
+    STATUS_ERROR_EXTERNAL_AUTH=21,
+    STATUS_ERROR_DEFAULT_TOKENTYPE_NOT_FOUND=22,
+    STATUS_ERROR_DEFAULT_TOKENTYPE_PARAMS_NOT_FOUND=23,
+    STATUS_ERROR_PUBLISH=24,
+    STATUS_ERROR_LDAP_CONN=25,
+    STATUS_ERROR_DISABLED_TOKEN=26,
+    STATUS_ERROR_NOT_PIN_RESETABLE=27,
+    STATUS_ERROR_CONN_LOST=28,
+    STATUS_ERROR_CREATE_TUS_TOKEN_ENTRY=29,
+    STATUS_ERROR_NO_SUCH_TOKEN_STATE=30,
+    STATUS_ERROR_NO_SUCH_LOST_REASON=31,
+    STATUS_ERROR_UNUSABLE_TOKEN_KEYCOMPROMISE=32,
+    STATUS_ERROR_INACTIVE_TOKEN_NOT_FOUND=33,
+    STATUS_ERROR_HAS_AT_LEAST_ONE_ACTIVE_TOKEN=34,
+    STATUS_ERROR_CONTACT_ADMIN=35,
+    STATUS_ERROR_RECOVERY_IS_PROCESSED=36,
+    STATUS_ERROR_RECOVERY_FAILED=37,
+    STATUS_ERROR_NO_OPERATION_ON_LOST_TOKEN=38,
+    STATUS_ERROR_KEY_ARCHIVE_OFF=39,
+    STATUS_ERROR_NO_TKS_CONNID=40,
+    STATUS_ERROR_UPDATE_TOKENDB_FAILED=41,
+    STATUS_ERROR_REVOKE_CERTIFICATES_FAILED=42,
+    STATUS_ERROR_NOT_TOKEN_OWNER=43,
+    STATUS_ERROR_RENEWAL_IS_PROCESSED=44,
+    STATUS_ERROR_RENEWAL_FAILED=45
+};
+
+class RA_Processor
+{
+	public:
+		RA_Processor();
+		virtual ~RA_Processor();
+		virtual RA_Status Process(RA_Session *session, NameValueSet *extensions);
+		char *MapPattern(NameValueSet *nv, char *pattern);
+
+		int InitializeUpdate(RA_Session *session,
+				BYTE key_version, BYTE key_index,
+				Buffer &key_diversification_data,
+				Buffer &key_info_data,
+				Buffer &card_challenge,
+				Buffer &card_cryptogram,
+				Buffer &host_challenge, const char *connId);
+
+		int CreatePin(RA_Session *session, BYTE pin_number, BYTE max_retries, char *pin);
+
+		int IsPinPresent(RA_Session *session,BYTE pin_number);
+
+		AuthParams *RequestLogin(RA_Session *session, int invalid_pw, int blocked);
+		AuthParams *RequestExtendedLogin(RA_Session *session, int invalid_pw, int blocked, char **parameters, int len, char *title, char *description);
+
+		void StatusUpdate(RA_Session *session, NameValueSet *extensions, int status, const char *info);
+		void StatusUpdate(RA_Session *session, int status, const char *info);
+
+		Buffer *GetAppletVersion(RA_Session *session);
+
+		Secure_Channel *SetupSecureChannel(RA_Session *session, BYTE key_version, BYTE key_index, const char *connId);
+		Secure_Channel *SetupSecureChannel(RA_Session *session,
+				BYTE key_version, BYTE key_index, SecurityLevel security_level, const char *connId);
+
+		SecureId *RequestSecureId(RA_Session *session);
+
+		char *RequestNewPin(RA_Session *session, unsigned int min_len, unsigned int max_len);
+
+		char *RequestASQ(RA_Session *session, char *question);
+
+		int EncryptData(Buffer &cuid, Buffer &versionID, Buffer &in, Buffer &out, const char *connid);
+                
+		int ComputeRandomData(Buffer &data_out, int dataSize,  const char *connid);
+
+		int CreateKeySetData(
+			Buffer &cuid, 
+			Buffer &versionID, 
+			Buffer &NewMasterVer, 
+			Buffer &out, 
+			const char *connid);
+
+		bool GetTokenType(
+			const char *prefix, 
+			int major_version, int minor_version, 
+			const char *cuid, const char *msn, 
+			NameValueSet *extensions,
+			RA_Status &o_status,
+			const char *&o_tokenType);
+
+		Buffer *ListObjects(RA_Session *session, BYTE seq);
+
+		Buffer *GetStatus(RA_Session *session, BYTE p1, BYTE p2);
+
+		Buffer *GetData(RA_Session *session);
+
+		int SelectApplet(RA_Session *session, BYTE p1, BYTE p2, Buffer *aid);
+
+		int UpgradeApplet(
+				RA_Session *session, 
+                char *prefix,
+                char *tokenType,
+				BYTE major_version, BYTE minor_version, 
+				const char *new_version, 
+				const char *applet_dir, 
+				SecurityLevel security_level, 
+				const char *connid, 
+				NameValueSet *extensions,
+				int start_progress, int end_progress,
+                                char **key_version);
+
+		int UpgradeKey(RA_Session *session, BYTE major_version, BYTE minor_version, int new_version);
+
+		int SelectCardManager(RA_Session *session, char *prefix, char *tokenType);
+
+		int FormatMuscleApplet(
+				RA_Session *session,
+				unsigned short memSize,
+				Buffer &PIN0, BYTE pin0Tries,
+				Buffer &unblockPIN0, BYTE unblock0Tries,
+				Buffer &PIN1, BYTE pin1Tries,
+				Buffer &unblockPIN1, BYTE unblock1Tries,
+				unsigned short objCreationPermissions,
+				unsigned short keyCreationPermissions,
+				unsigned short pinCreationPermissions);
+
+		Secure_Channel *GenerateSecureChannel(
+				RA_Session *session, const char *connid,
+				Buffer &card_diversification_data,
+				Buffer &card_key_data,
+				Buffer &card_challenge,
+				Buffer &card_cryptogram,
+				Buffer &host_challenge);
+                AuthenticationEntry *GetAuthenticationEntry(
+                                const char * a_prefix,
+                                const char * a_configname,
+                                const char * a_tokenType);
+
+	protected:
+                RA_Status Format(RA_Session *session, NameValueSet *extensions, bool skipAuth);
+                bool RevokeCertificates(RA_Session *session, char *cuid, char *audit_msg,
+                		char *final_applet_version,
+				char *keyVersion,
+                                char *tokenType, char *userid, RA_Status &status );
+		int IsTokenDisabledByTus(Secure_Channel *channel);
+
+                int totalAvailableMemory;
+                int totalFreeMemory;
+};
+
+#endif /* RA_PROCESSOR_H */