Struct desfire::key_rights

• Defined in File data.hpp

Struct Documentation

struct key_rights

Sets the capabilities of the master/root/general keys at an app or PICC level.

See also

• app_settings

• tag::create_application

• tag::change_app_settings

Comparison operators

inline bool operator==(desfire::key_rights const &other) const

inline bool operator!=(desfire::key_rights const &other) const

Public Functions

constexpr key_rights() = default

Default-constructs a key rights object

inline constexpr key_rights(key_actor<same_key_t> allowed_to_change_keys_, bool master_key_changeable_, bool dir_access_without_auth_, bool create_delete_without_master_key_, bool config_changeable_)

Constructs a key rights object.

Note

Unfortunately the arguments are a list of four booleans. Be mindful that order of the arguments matter; having C-style named initializers would be helpful here.

Parameters:

• allowed_to_change_keys_ – Goes into allowed_to_change_keys.

• master_key_changeable_ – Goes into master_key_changeable.

• dir_access_without_auth_ – Goes into dir_access_without_auth.

• create_delete_without_master_key_ – Goes into create_delete_without_master_key.

• config_changeable_ – Goes into config_changeable.

Public Members

key_actor<same_key_t> allowed_to_change_keys = {same_key}

Who is allowed to change a key. Possible values:

• same_key (default): authentication with a given key is necessary to change that very same key

• no_key : key change is not possible

• any other numeric value: authentication with the key with that number is needed to change any other key.

bool master_key_changeable = true

Whether the master key (or root key, for root_app) can be changed or not.

bool dir_access_without_auth = true

Controls directory access permission. On an app level, it is possible to list file IDs, get their settings and the key settings. On a PICC level (i.e. on root_app), it is possible to list app IDs and key settings.

bool create_delete_without_master_key = false

Controls app and file creation permissions. On an app level, this means files can be created or deleted without authenticating with the master key. On a PICC level (i.e. on root_app), applications can be created without authentication and deleted with their own master keys.

bool config_changeable = true

Controls key rights change permission. Setting this to false freezes the configuration of the PICC or the app. Changing still requires to authenticate with the appropriate master key.