2013-10-11 13:51:04 +00:00
|
|
|
/*! @file
|
|
|
|
|
|
|
|
|
|
@id $Id$
|
|
|
|
|
*/
|
|
|
|
|
// 1 2 3 4 5 6 7 8
|
|
|
|
|
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
|
|
|
|
|
|
2013-11-06 12:24:52 +00:00
|
|
|
#include <suisse-id-demo.hxx>
|
2013-10-21 07:10:46 +00:00
|
|
|
#include <mrw/args.hxx>
|
2013-10-11 13:51:04 +00:00
|
|
|
|
2013-12-12 13:40:00 +00:00
|
|
|
#include <QtNetwork/QSslCertificate>
|
|
|
|
|
#include <QtCore/QDateTime>
|
2014-03-03 09:55:31 +00:00
|
|
|
#include <QtCore/QStringList>
|
|
|
|
|
|
|
|
|
|
void show(const QString& s, const std::string& p="item: ") {
|
|
|
|
|
std::cout<<p<<QString(s.toUtf8()).toStdString()<<std::endl;
|
|
|
|
|
}
|
2013-12-12 13:40:00 +00:00
|
|
|
|
2014-02-27 12:57:44 +00:00
|
|
|
void show(const QStringList& sl, const std::string& p="item: ") {
|
|
|
|
|
for (QStringList::const_iterator s(sl.begin()); s!=sl.end(); ++s)
|
|
|
|
|
std::cout<<p<<QString(s->toUtf8()).toStdString()<<std::endl;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-31 13:32:31 +00:00
|
|
|
// show certificate information
|
2014-01-27 13:48:05 +00:00
|
|
|
void show(const suisseid::Certificate& cert) {
|
2014-01-31 13:32:31 +00:00
|
|
|
// makes use of qt library's certificate class
|
2014-01-27 13:48:05 +00:00
|
|
|
QSslCertificate c(QByteArray(cert.data(), cert.size()), QSsl::Der);
|
2014-02-27 12:57:44 +00:00
|
|
|
std::cout<<"Certificate info:";
|
|
|
|
|
show(c.subjectInfo(QSslCertificate::CommonName), " CN=");
|
|
|
|
|
std::cout<<" Valid until: "
|
2014-01-27 13:48:05 +00:00
|
|
|
<<QString(c.expiryDate().toString().toUtf8()).toStdString()
|
|
|
|
|
<<std::endl;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-31 13:32:31 +00:00
|
|
|
// call with option -h for help
|
2013-10-11 13:51:04 +00:00
|
|
|
int main(int argc, char** argv) try {
|
2014-01-31 13:32:31 +00:00
|
|
|
std::string lib("libcvP11.so"); // default pkcs#11/cryptoki library
|
2013-10-11 13:51:04 +00:00
|
|
|
mrw::args::parse(argc, argv,
|
|
|
|
|
"Sign a text (optionally several times for performance"
|
|
|
|
|
" measurements).",
|
2013-10-21 12:13:55 +00:00
|
|
|
mrw::args::defaults()
|
2014-03-07 15:53:22 +00:00
|
|
|
<<mrw::args::decl("l", "library", "cryptoki library to load",
|
2013-10-11 13:51:04 +00:00
|
|
|
mrw::args::decl::param_list()
|
|
|
|
|
<<mrw::args::param(lib, "lib")));
|
2014-01-31 13:32:31 +00:00
|
|
|
// now lib contains the dynamic library to load
|
2013-10-11 13:51:04 +00:00
|
|
|
|
2014-01-31 13:32:31 +00:00
|
|
|
// scan for suisseid cards
|
2013-10-21 07:10:46 +00:00
|
|
|
suisseid::Cards cards(suisseid::Scanner(lib).scan());
|
2013-11-06 12:24:52 +00:00
|
|
|
for (suisseid::Cards::iterator card(cards.begin());
|
|
|
|
|
card!=cards.end(); ++card) {
|
|
|
|
|
std::string choice;
|
|
|
|
|
while (choice!="n") try {
|
|
|
|
|
std::cout<<"=================================================="<<std::endl
|
|
|
|
|
<<"Found SuisseID:"<<std::endl
|
|
|
|
|
<<" Reader Name: "<<(*card)->name()<<std::endl
|
|
|
|
|
<<" Version: "<<(*card)->version()<<std::endl
|
|
|
|
|
<<" PIN-Length: "<<(*card)->minimalPinLength()
|
|
|
|
|
<<" - "<<(*card)->maximalPinLength()<<std::endl
|
|
|
|
|
<<" PIN retries:"<<std::endl
|
|
|
|
|
<<" PKCS#15: "<<(*card)->pkcs15PinRetries()<<std::endl
|
|
|
|
|
<<" SigG: "<<(*card)->sigGPinRetries()<<std::endl
|
|
|
|
|
<<" Transport: "<<(*card)->transportPinRetries()<<std::endl
|
|
|
|
|
<<" PUK: "<<(*card)->pukRetries()<<std::endl;
|
2014-01-22 15:14:36 +00:00
|
|
|
cryptoki::Session::Info info((*card)->sessionInfo());
|
2013-11-06 12:24:52 +00:00
|
|
|
std::cout<<" Session:"<<std::endl
|
|
|
|
|
<<" Slot: "<<info.slotID<<std::endl
|
2014-01-22 15:14:36 +00:00
|
|
|
<<" State: "<<info.stateString()<<std::endl
|
|
|
|
|
<<" Flags: "<<(info.readwrite()
|
2013-11-06 12:24:52 +00:00
|
|
|
?"read/write":"read only")<<std::endl
|
|
|
|
|
<<" Device Error: "<<info.ulDeviceError<<std::endl;
|
2014-01-22 15:14:36 +00:00
|
|
|
suisseid::Certificates certs((*card)->certificates());
|
2013-11-06 12:24:52 +00:00
|
|
|
std::cout<<" Certificates: "<<certs.size()<<std::endl;
|
|
|
|
|
std::cout<<"--------------------------------------------------"<<std::endl
|
|
|
|
|
<<"Your Order Sir:"<<std::endl
|
|
|
|
|
<<" n: proceed to next card"<<std::endl
|
|
|
|
|
<<" c: check this card"<<std::endl
|
|
|
|
|
<<" r: remove all certificates"<<std::endl
|
|
|
|
|
<<" p: PIN change"<<std::endl
|
|
|
|
|
<<" i: (re-) import certificates"<<std::endl
|
2013-12-12 13:40:00 +00:00
|
|
|
<<" z: show certificates"<<std::endl
|
2014-01-27 13:48:05 +00:00
|
|
|
<<" a: show authentication certificate"<<std::endl
|
|
|
|
|
<<" d: show digital signature certificate"<<std::endl
|
2013-11-06 12:24:52 +00:00
|
|
|
<<" q: quit"<<std::endl;
|
2014-01-31 13:32:31 +00:00
|
|
|
std::cin>>choice; // small user menu
|
2013-11-06 12:24:52 +00:00
|
|
|
try {
|
|
|
|
|
if (choice=="n") { // handled above in the while-loop
|
|
|
|
|
} else if (choice=="c") {
|
2014-01-31 13:32:31 +00:00
|
|
|
// run a check of the card status
|
2013-11-06 12:24:52 +00:00
|
|
|
TextualCycle check(*card);
|
|
|
|
|
if (check.run())
|
|
|
|
|
std::cout<<"----> SuisseID is fine"<<std::endl;
|
|
|
|
|
else
|
|
|
|
|
std::cout<<"****> SuisseID is bad"<<std::endl;
|
|
|
|
|
} else if (choice=="r") {
|
|
|
|
|
std::cout<<"Not yet implemented."<<std::endl;
|
|
|
|
|
} else if (choice=="p") {
|
2014-01-31 13:32:31 +00:00
|
|
|
// change card pins
|
2013-11-06 12:24:52 +00:00
|
|
|
std::string oldpin, newpin;
|
|
|
|
|
std::cout<<"Enter Old PIN: ";
|
|
|
|
|
std::cin>>oldpin;
|
|
|
|
|
std::cout<<"Enter New PIN: ";
|
|
|
|
|
std::cin>>newpin;
|
|
|
|
|
if (oldpin.size() && newpin.size())
|
|
|
|
|
(*card)->changePins(newpin, oldpin);
|
|
|
|
|
} else if (choice=="i") {
|
2014-01-31 13:32:31 +00:00
|
|
|
// install new certificates - not fully implemented
|
2013-11-06 12:24:52 +00:00
|
|
|
TextualCycle check(*card);
|
|
|
|
|
check.installCerts(true);
|
2013-12-12 13:40:00 +00:00
|
|
|
} else if (choice=="z") {
|
2014-01-31 13:32:31 +00:00
|
|
|
// show all certificates on the card
|
2014-01-22 15:14:36 +00:00
|
|
|
for (suisseid::Certificates::iterator cert(certs.begin());
|
2013-12-12 13:40:00 +00:00
|
|
|
cert!=certs.end(); ++cert) {
|
2014-01-27 13:48:05 +00:00
|
|
|
show(*cert);
|
2013-12-12 13:40:00 +00:00
|
|
|
}
|
2014-01-27 13:48:05 +00:00
|
|
|
} else if (choice=="a") {
|
2014-01-31 13:32:31 +00:00
|
|
|
// show authentication certificate only
|
2014-01-27 13:48:05 +00:00
|
|
|
show((*card)->authenticationCertificate());
|
|
|
|
|
} else if (choice=="d") {
|
2014-01-31 13:32:31 +00:00
|
|
|
// show authentication certificate only
|
2014-01-27 13:48:05 +00:00
|
|
|
show((*card)->digitalSignatureCertificate());
|
2013-11-06 12:24:52 +00:00
|
|
|
} else if (choice=="q") {
|
2014-01-31 13:32:31 +00:00
|
|
|
// done, user quits
|
2013-11-06 12:24:52 +00:00
|
|
|
return 0;
|
|
|
|
|
} else {
|
2014-01-31 13:32:31 +00:00
|
|
|
// unknown user command
|
2013-11-06 12:24:52 +00:00
|
|
|
std::cout<<"I beg your pardon, Sir?"<<std::endl;
|
|
|
|
|
}
|
|
|
|
|
} catch (const std::exception& x) {
|
|
|
|
|
std::cerr<<"**** ERROR: "<<x.what()<<std::endl;
|
|
|
|
|
}
|
|
|
|
|
} catch (std::exception& x) {
|
|
|
|
|
std::cerr<<"**** ERROR: "<<x.what()<<std::endl;
|
2014-01-31 13:32:31 +00:00
|
|
|
choice="n"; // proceed to next card
|
2013-11-06 12:24:52 +00:00
|
|
|
}
|
|
|
|
|
}
|
2013-10-11 13:51:04 +00:00
|
|
|
return 0;
|
|
|
|
|
} catch (std::exception& x) {
|
2013-11-06 12:24:52 +00:00
|
|
|
std::cerr<<"**** ERROR: "<<x.what()<<std::endl;
|
2013-10-11 13:51:04 +00:00
|
|
|
}
|
