/*! @file
@ id $ Id $
*/
// 1 2 3 4 5 6 7 8
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
# include <suisse-id-demo.hxx>
# include <mrw/args.hxx>
# include <QtNetwork/QSslCertificate>
# include <QtCore/QDateTime>
void show ( const QStringList & sl , const std : : string & p = " item: " ) {
for ( QStringList : : const_iterator s ( sl . begin ( ) ) ; s ! = sl . end ( ) ; + + s )
std : : cout < < p < < QString ( s - > toUtf8 ( ) ) . toStdString ( ) < < std : : endl ;
}
// show certificate information
void show ( const suisseid : : Certificate & cert ) {
// makes use of qt library's certificate class
QSslCertificate c ( QByteArray ( cert . data ( ) , cert . size ( ) ) , QSsl : : Der ) ;
std : : cout < < " Certificate info: " ;
show ( c . subjectInfo ( QSslCertificate : : CommonName ) , " CN= " ) ;
std : : cout < < " Valid until: "
< < QString ( c . expiryDate ( ) . toString ( ) . toUtf8 ( ) ) . toStdString ( )
< < std : : endl ;
}
// call with option -h for help
int main ( int argc , char * * argv ) try {
std : : string lib ( " libcvP11.so " ) ; // default pkcs#11/cryptoki library
mrw : : args : : parse ( argc , argv ,
" Sign a text (optionally several times for performance "
" measurements). " ,
mrw : : args : : defaults ( )
< < mrw : : args : : decl ( " l " , " library " , " cryptoki lirary to load " ,
mrw : : args : : decl : : param_list ( )
< < mrw : : args : : param ( lib , " lib " ) ) ) ;
// now lib contains the dynamic library to load
// scan for suisseid cards
suisseid : : Cards cards ( suisseid : : Scanner ( lib ) . scan ( ) ) ;
for ( suisseid : : Cards : : iterator card ( cards . begin ( ) ) ;
card ! = cards . end ( ) ; + + card ) {
std : : string choice ;
while ( choice ! = " n " ) try {
std : : cout < < " ================================================== " < < std : : endl
< < " Found SuisseID: " < < std : : endl
< < " Reader Name: " < < ( * card ) - > name ( ) < < std : : endl
< < " Version: " < < ( * card ) - > version ( ) < < std : : endl
< < " PIN-Length: " < < ( * card ) - > minimalPinLength ( )
< < " - " < < ( * card ) - > maximalPinLength ( ) < < std : : endl
< < " PIN retries: " < < std : : endl
< < " PKCS#15: " < < ( * card ) - > pkcs15PinRetries ( ) < < std : : endl
< < " SigG: " < < ( * card ) - > sigGPinRetries ( ) < < std : : endl
< < " Transport: " < < ( * card ) - > transportPinRetries ( ) < < std : : endl
< < " PUK: " < < ( * card ) - > pukRetries ( ) < < std : : endl ;
cryptoki : : Session : : Info info ( ( * card ) - > sessionInfo ( ) ) ;
std : : cout < < " Session: " < < std : : endl
< < " Slot: " < < info . slotID < < std : : endl
< < " State: " < < info . stateString ( ) < < std : : endl
< < " Flags: " < < ( info . readwrite ( )
? " read/write " : " read only " ) < < std : : endl
< < " Device Error: " < < info . ulDeviceError < < std : : endl ;
suisseid : : Certificates certs ( ( * card ) - > certificates ( ) ) ;
std : : cout < < " Certificates: " < < certs . size ( ) < < std : : endl ;
std : : cout < < " -------------------------------------------------- " < < std : : endl
< < " Your Order Sir: " < < std : : endl
< < " n: proceed to next card " < < std : : endl
< < " c: check this card " < < std : : endl
< < " r: remove all certificates " < < std : : endl
< < " p: PIN change " < < std : : endl
< < " i: (re-) import certificates " < < std : : endl
< < " z: show certificates " < < std : : endl
< < " a: show authentication certificate " < < std : : endl
< < " d: show digital signature certificate " < < std : : endl
< < " q: quit " < < std : : endl ;
std : : cin > > choice ; // small user menu
try {
if ( choice = = " n " ) { // handled above in the while-loop
} else if ( choice = = " c " ) {
// run a check of the card status
TextualCycle check ( * card ) ;
if ( check . run ( ) )
std : : cout < < " ----> SuisseID is fine " < < std : : endl ;
else
std : : cout < < " ****> SuisseID is bad " < < std : : endl ;
} else if ( choice = = " r " ) {
std : : cout < < " Not yet implemented. " < < std : : endl ;
} else if ( choice = = " p " ) {
// change card pins
std : : string oldpin , newpin ;
std : : cout < < " Enter Old PIN: " ;
std : : cin > > oldpin ;
std : : cout < < " Enter New PIN: " ;
std : : cin > > newpin ;
if ( oldpin . size ( ) & & newpin . size ( ) )
( * card ) - > changePins ( newpin , oldpin ) ;
} else if ( choice = = " i " ) {
// install new certificates - not fully implemented
TextualCycle check ( * card ) ;
check . installCerts ( true ) ;
} else if ( choice = = " z " ) {
// show all certificates on the card
for ( suisseid : : Certificates : : iterator cert ( certs . begin ( ) ) ;
cert ! = certs . end ( ) ; + + cert ) {
show ( * cert ) ;
}
} else if ( choice = = " a " ) {
// show authentication certificate only
show ( ( * card ) - > authenticationCertificate ( ) ) ;
} else if ( choice = = " d " ) {
// show authentication certificate only
show ( ( * card ) - > digitalSignatureCertificate ( ) ) ;
} else if ( choice = = " q " ) {
// done, user quits
return 0 ;
} else {
// unknown user command
std : : cout < < " I beg your pardon, Sir? " < < std : : endl ;
}
} catch ( const std : : exception & x ) {
std : : cerr < < " **** ERROR: " < < x . what ( ) < < std : : endl ;
}
} catch ( std : : exception & x ) {
std : : cerr < < " **** ERROR: " < < x . what ( ) < < std : : endl ;
choice = " n " ; // proceed to next card
}
}
return 0 ;
} catch ( std : : exception & x ) {
std : : cerr < < " **** ERROR: " < < x . what ( ) < < std : : endl ;
}
