This library provides a simple and nice C++ wrapper around these libraries, so that programmers can concentrate on functionality. It offers general support for PCSC-lite, OpenSSL, PKCS#11, plus specific functionality for the SuisseID.
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
201 lines
5.4 KiB
201 lines
5.4 KiB
11 years ago
|
/*! @file
|
||
|
|
||
|
@id $Id$
|
||
|
*/
|
||
|
// 1 2 3 4 5 6 7 8
|
||
|
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
|
||
|
|
||
|
#ifndef __SUISSEID_HXX__
|
||
|
#define __SUISSEID_HXX__
|
||
|
|
||
|
#include <cardos.hxx>
|
||
|
#include <cryptoki.hxx>
|
||
|
#include <pcsc.hxx>
|
||
|
#include <mrw/vector.hxx>
|
||
|
#include <mrw/shared.hxx>
|
||
|
|
||
|
/*! @defgroup gsuisseid C+ Wrapper to access SuisseID smart cards
|
||
|
|
||
|
This library allows access to the Swiss digital identity cards
|
||
|
(SuisseID).
|
||
|
|
||
|
You need to include @ref suisseid.hxx, then start with class @ref
|
||
|
suisseid::Scanner to scan for a list of SuisseID cards on the system.
|
||
|
|
||
|
@see http://www.suisseid.ch
|
||
|
@see http://postsuisseid.ch */
|
||
|
//@{
|
||
|
namespace suisseid {
|
||
|
|
||
|
//! Represents a SuisseID Card
|
||
|
/*! This is the parent class for special classes for the respecive
|
||
|
SuisseID providers. */
|
||
|
class Card: public cardos::Commands {
|
||
|
|
||
|
public:
|
||
|
|
||
|
enum Status {
|
||
|
TRANSPORT
|
||
|
};
|
||
|
|
||
|
public:
|
||
|
|
||
|
Card(mrw::Shared<pcsc::Connection::Reader> reader,
|
||
|
mrw::Shared<cryptoki::Slot> slot):
|
||
|
cardos::Commands(reader),
|
||
|
_slot(slot) {
|
||
|
}
|
||
|
virtual ~Card() {}
|
||
|
|
||
|
virtual unsigned int minimalPinLength() = 0;
|
||
|
virtual unsigned int maximalPinLength() = 0;
|
||
|
|
||
|
//! Name of the token/slot
|
||
|
const std::string& name() {
|
||
|
return _reader->name;
|
||
|
}
|
||
|
|
||
|
/// Version of the card
|
||
|
virtual std::string version() {
|
||
|
return "<unknown>";
|
||
|
}
|
||
|
|
||
|
private:
|
||
|
|
||
|
mrw::Shared<cryptoki::Slot> _slot;
|
||
|
|
||
|
};
|
||
|
|
||
|
//! Instance of a Post SuisseID smartcard.
|
||
|
/*! A SuisseID card issued by Swiss Post.
|
||
|
@see http://postsuisseid.ch */
|
||
|
class PostSuisseID: public Card {
|
||
|
|
||
|
public:
|
||
|
|
||
|
PostSuisseID(mrw::Shared<pcsc::Connection::Reader> reader,
|
||
|
mrw::Shared<cryptoki::Slot> slot):
|
||
|
Card(reader, slot), _minPinLen(0), _maxPinLen(-1) {
|
||
|
}
|
||
|
|
||
|
virtual unsigned int minimalPinLength() {
|
||
|
if (_minPinLen==0) evaluatePinLengths();
|
||
|
return _minPinLen;
|
||
|
}
|
||
|
|
||
|
virtual unsigned int maximalPinLength() {
|
||
|
if (_maxPinLen==-1) evaluatePinLengths();
|
||
|
return _maxPinLen;
|
||
|
}
|
||
|
|
||
|
std::string version() {
|
||
|
if (_version.size()) return _version; // cache the version
|
||
|
pcsc::Connection::Reader::Transaction lock(_reader);
|
||
|
try {
|
||
|
selectMfFile("5649");
|
||
|
return _version = cardos::BerValue(readBinary())[0].value();
|
||
|
} catch (...) {
|
||
|
return _version = "<unknown>";
|
||
|
}
|
||
|
}
|
||
|
|
||
|
private:
|
||
|
|
||
|
void evaluatePinLengths() {
|
||
|
pcsc::Connection::Reader::Transaction lock(_reader);
|
||
|
selectPkcs15File("4408");
|
||
|
cardos::BerValues res(readBerFile());
|
||
|
for (cardos::BerValues::iterator it(res.begin()); it!=res.end(); ++it)
|
||
|
if ((*it)[0][0].value()=="PIN" ||
|
||
|
(*it)[0][0].value()=="Digital Signature PIN") {
|
||
|
if ((*it)[2][0][2].toULong()>_minPinLen)
|
||
|
_minPinLen = (*it)[2][0][2].toULong();
|
||
|
if ((*it)[2][0][4].toULong()<_maxPinLen)
|
||
|
_maxPinLen = (*it)[2][0][4].toULong();
|
||
|
}
|
||
|
}
|
||
|
|
||
|
private:
|
||
|
|
||
|
std::string _version; // version is cached
|
||
|
unsigned int _minPinLen; // minimal PIN length is cached
|
||
|
unsigned int _maxPinLen; // maximal PIN length is cached
|
||
|
};
|
||
|
|
||
|
//! List of cards, returned by @ref suisseid::Scanner::scan.
|
||
|
typedef std::vector<mrw::Shared<Card> > Cards;
|
||
|
|
||
|
//! Auxiliary SuisseID card manager.
|
||
|
/** Use this manager to scan your system for SuisseID cards.
|
||
|
|
||
|
Usage Example:
|
||
|
|
||
|
@code
|
||
|
#include <suisseid.hxx>
|
||
|
#include <iostream>
|
||
|
|
||
|
[...]
|
||
|
|
||
|
try {
|
||
|
suisseid::Cards cards(suisseid::Scanner().scan());
|
||
|
for (auto card(cards.begin()); card!=cards.end(); ++card)
|
||
|
std::cout<<"Found SuisseID: "<<(*card)->name()<<std::endl;
|
||
|
return 0;
|
||
|
} catch (std::exception& x) {
|
||
|
std::cerr<<"**** ERROR in "<<*argv<<": "<<x.what()<<std::endl;
|
||
|
return 1;
|
||
|
}
|
||
|
@endcode */
|
||
|
class Scanner {
|
||
|
|
||
|
public:
|
||
|
|
||
|
Scanner(const std::string& lib="libcvP11.so"):
|
||
|
_cryptoki(lib) {
|
||
|
}
|
||
|
|
||
|
Scanner(const pcsc::Connection& pcsc,
|
||
|
const std::string& lib="libcvP11.so"):
|
||
|
_pcsc(pcsc),
|
||
|
_cryptoki(lib) {
|
||
|
}
|
||
|
|
||
|
Scanner(const cryptoki::Library& cryptoki):
|
||
|
_cryptoki(cryptoki) {
|
||
|
}
|
||
|
|
||
|
Scanner(const pcsc::Connection& pcsc,
|
||
|
const cryptoki::Library& cryptoki):
|
||
|
_pcsc(pcsc),
|
||
|
_cryptoki(cryptoki) {
|
||
|
}
|
||
|
|
||
|
/// Scan for available known SuisseID cards on the system.
|
||
|
/** @return List of detected SuisseID smart cards. */
|
||
|
Cards scan() {
|
||
|
Cards res;
|
||
|
// By now, scan only for PostSuisseID; in future use factory pattern
|
||
|
pcsc::Connection::Strings readers
|
||
|
(_pcsc.getReadersWithAtr("4b53776973735369676e"));
|
||
|
for (pcsc::Connection::Strings::iterator reader(readers.begin());
|
||
|
reader!=readers.end(); ++reader) {
|
||
|
cryptoki::SlotList slots(_cryptoki.slotList(true, *reader));
|
||
|
if (slots.size()==1)
|
||
|
res.push_back(dynamic_cast<Card*>
|
||
|
(new PostSuisseID(_pcsc.reader(*reader), slots[0])));
|
||
|
}
|
||
|
return res;
|
||
|
}
|
||
|
|
||
|
private:
|
||
|
|
||
|
pcsc::Connection _pcsc;
|
||
|
cryptoki::Library _cryptoki;
|
||
|
|
||
|
};
|
||
|
|
||
|
}
|
||
|
//@}
|
||
|
|
||
|
#endif
|