|
|
|
@ -5,6 +5,10 @@ |
|
|
|
// 1 2 3 4 5 6 7 8
|
|
|
|
// 1 2 3 4 5 6 7 8
|
|
|
|
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
|
|
|
|
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#include <mrw/args.hxx> |
|
|
|
|
|
|
|
#include <mrw/vector.hxx> |
|
|
|
|
|
|
|
#include <cryptoki.hxx> |
|
|
|
|
|
|
|
|
|
|
|
#include <string> |
|
|
|
#include <string> |
|
|
|
#include <map> |
|
|
|
#include <map> |
|
|
|
#include <iostream> |
|
|
|
#include <iostream> |
|
|
|
@ -15,116 +19,93 @@ |
|
|
|
#include <fstream> |
|
|
|
#include <fstream> |
|
|
|
#include <streambuf> |
|
|
|
#include <streambuf> |
|
|
|
#include <chrono> |
|
|
|
#include <chrono> |
|
|
|
#include <cryptoki.hxx> |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
unsigned long r(1); |
|
|
|
|
|
|
|
std::string txt("This is an example."); |
|
|
|
|
|
|
|
std::string lib("libcvP11.so"); |
|
|
|
|
|
|
|
std::string slot; |
|
|
|
|
|
|
|
std::string cert; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
typedef std::map<std::string, |
|
|
|
|
|
|
|
std::tuple<std::string*, unsigned long*, std::string*, std::string> > |
|
|
|
|
|
|
|
Args; |
|
|
|
|
|
|
|
Args args = { |
|
|
|
|
|
|
|
// option 2 3 4 description
|
|
|
|
|
|
|
|
{"-h", Args::mapped_type(0, 0, 0, "same as --help")}, |
|
|
|
|
|
|
|
{"--help", Args::mapped_type(0, 0, 0, "show help")}, |
|
|
|
|
|
|
|
{"-r", Args::mapped_type(0, &r, 0, "same as --repeat")}, |
|
|
|
|
|
|
|
{"--repeat", Args::mapped_type(0, &r, 0, "<number> of repetitions")}, |
|
|
|
|
|
|
|
{"-t", Args::mapped_type(0, 0, &txt, "same as --text")}, |
|
|
|
|
|
|
|
{"--text", Args::mapped_type(0, 0, &txt, "<file> with text to sign")}, |
|
|
|
|
|
|
|
{"-l", Args::mapped_type(&lib, 0, 0, "same as --library")}, |
|
|
|
|
|
|
|
{"--library", Args::mapped_type(&lib, 0, 0, "<library> cryptoki to load")}, |
|
|
|
|
|
|
|
{"-s", Args::mapped_type(&slot, 0, 0, "same as --slot")}, |
|
|
|
|
|
|
|
{"--slot", Args::mapped_type(&slot, 0, 0, "<name> of slot")}, |
|
|
|
|
|
|
|
{"-c", Args::mapped_type(&cert, 0, 0, "same as --certificae")}, |
|
|
|
|
|
|
|
{"--certificate", Args::mapped_type(&cert, 0, 0, "<cert> name to use")} |
|
|
|
|
|
|
|
// 2: read string from command line
|
|
|
|
|
|
|
|
// 3: read unsigned long integer from command line
|
|
|
|
|
|
|
|
// 4: read string from file given on command line
|
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int main(int argc, char** argv) try { |
|
|
|
int main(int argc, char** argv) try { |
|
|
|
for (auto arg(argv+1); arg<argv+argc; ++arg) { |
|
|
|
|
|
|
|
auto it(args.find(*arg)); |
|
|
|
// options
|
|
|
|
if (it!=args.end() &&
|
|
|
|
unsigned long r(1); |
|
|
|
(std::get<0>(it->second)!=0 || std::get<1>(it->second)!=0 || |
|
|
|
std::string txt("This is an example."); |
|
|
|
std::get<2>(it->second)!=0) |
|
|
|
std::string lib("libcvP11.so"); |
|
|
|
&& arg+1<argv+argc) { |
|
|
|
std::string slot; |
|
|
|
if (std::get<0>(it->second)) { |
|
|
|
std::string cert; |
|
|
|
*std::get<0>(it->second) = *++arg; |
|
|
|
|
|
|
|
} else if (std::get<1>(it->second)) { |
|
|
|
mrw::args::parse(argc, argv, mrw::args::list() |
|
|
|
((std::stringstream&)(std::stringstream()<<*++arg)) |
|
|
|
<<mrw::args::decl("h", "help", "show help", |
|
|
|
>>*std::get<1>(it->second); |
|
|
|
mrw::args::decl::param_list() |
|
|
|
} else if (std::get<2>(it->second)) { |
|
|
|
<<mrw::args::help() |
|
|
|
std::ifstream t(*++arg); |
|
|
|
<<mrw::args::exit()) |
|
|
|
*std::get<2>(it->second) = std::string |
|
|
|
<<mrw::args::decl("r", "repeat", "number of repetitions", |
|
|
|
(std::istreambuf_iterator<char>(t), |
|
|
|
mrw::args::decl::param_list() |
|
|
|
std::istreambuf_iterator<char>()); |
|
|
|
<<mrw::args::param(r, "number")) |
|
|
|
} |
|
|
|
<<mrw::args::decl("t", "text", "text to sign", |
|
|
|
} else { // argument type 0 or wrong parameter displays help
|
|
|
|
mrw::args::decl::param_list() |
|
|
|
std::cerr<<"SYNOPSIS"<<std::endl; |
|
|
|
<<mrw::args::param(txt, "text")) |
|
|
|
std::cerr<<" "<<argv[0]<<" [OPTIONS]"<<std::endl;
|
|
|
|
<<mrw::args::decl("l", "library", "cryptoki lirary to load", |
|
|
|
std::cerr<<"DESCRIPTION"<<std::endl; |
|
|
|
mrw::args::decl::param_list() |
|
|
|
std::cerr<<" sign a text, optionally multiple times for"<<std::endl; |
|
|
|
<<mrw::args::param(lib, "lib")) |
|
|
|
std::cerr<<" performance tests"<<std::endl; |
|
|
|
<<mrw::args::decl("s", "slot", "name of slot", |
|
|
|
std::cerr<<"OPTIONS"<<std::endl; |
|
|
|
mrw::args::decl::param_list() |
|
|
|
std::for_each(args.begin(), args.end(), [](Args::value_type v){ |
|
|
|
<<mrw::args::param(slot, "name")) |
|
|
|
std::cerr<<" "<<std::setw(10)<<std::setfill(' ') |
|
|
|
<<mrw::args::decl("c","cert", "name of certificate", |
|
|
|
<<v.first<<' '<<std::get<3>(v.second) |
|
|
|
mrw::args::decl::param_list() |
|
|
|
<<std::endl; |
|
|
|
<<mrw::args::param(cert, "name")));xs |
|
|
|
}); |
|
|
|
|
|
|
|
return 1; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
std::cout<<"Sign text "<<r<<" times:"<<std::endl |
|
|
|
std::cout<<"Sign text "<<r<<" times:"<<std::endl |
|
|
|
<<"-----------------------------------------------------"<<std::endl |
|
|
|
<<"-----------------------------------------------------"<<std::endl |
|
|
|
<<txt<<std::endl |
|
|
|
<<txt<<std::endl |
|
|
|
<<"-----------------------------------------------------"<<std::endl; |
|
|
|
<<"-----------------------------------------------------"<<std::endl; |
|
|
|
cryptoki::Init c(lib); |
|
|
|
cryptoki::Init c(lib); |
|
|
|
cryptoki::SlotList s(c.slotList()); |
|
|
|
cryptoki::SlotList sl(c.slotList()); |
|
|
|
std::for_each(s.begin(), s.end(), [](cryptoki::Slot s){ |
|
|
|
for (cryptoki::SlotList::iterator s(sl.begin()); s!=sl.end(); ++s) { |
|
|
|
cryptoki::SlotInfo si(s.slotinfo()); |
|
|
|
cryptoki::SlotInfo si(s->slotinfo()); |
|
|
|
if (slot.size()&&slot!=si.slotDescription) return; |
|
|
|
if (slot.size()&&slot!=si.slotDescription) continue; |
|
|
|
std::cout<<"Found Slot: "<<si.slotDescription<<std::endl; |
|
|
|
std::cout<<"Found Slot: "<<si.slotDescription<<std::endl; |
|
|
|
cryptoki::TokenInfo ti(s.tokeninfo()); |
|
|
|
cryptoki::TokenInfo ti(a->tokeninfo()); |
|
|
|
std::cout<<"Found token: "<<ti.label<<std::endl; |
|
|
|
std::cout<<"Found token: "<<ti.label<<std::endl; |
|
|
|
cryptoki::Session session(s); |
|
|
|
cryptoki::Session session(*s); |
|
|
|
cryptoki::ObjectList certs |
|
|
|
cryptoki::ObjectList certs |
|
|
|
|
|
|
|
(session.find(cryptoki::Attribute(CKA_CLASS) |
|
|
|
|
|
|
|
.from<CK_OBJECT_CLASS>(CKO_CERTIFICATE))); |
|
|
|
|
|
|
|
for (cryptoki::ObjectList::iterator c(certs.begin()); c!=certs.end(); ++c) { |
|
|
|
|
|
|
|
std::string label(c->attribute(CKA_LABEL).value); |
|
|
|
|
|
|
|
if (cert.size()&&cert!=label) continue; |
|
|
|
|
|
|
|
cryptoki::Attribute id(c->attribute(CKA_ID)); |
|
|
|
|
|
|
|
cryptoki::ObjectList keys |
|
|
|
(session.find(cryptoki::Attribute(CKA_CLASS) |
|
|
|
(session.find(cryptoki::Attribute(CKA_CLASS) |
|
|
|
.from<CK_OBJECT_CLASS>(CKO_CERTIFICATE))); |
|
|
|
.from<CK_OBJECT_CLASS>(CKO_PUBLIC_KEY), |
|
|
|
std::for_each(certs.begin(), certs.end(), [&session](cryptoki::Object c){ |
|
|
|
id)); |
|
|
|
std::string label(c.attribute(CKA_LABEL).value); |
|
|
|
if (!keys.size()) continue; |
|
|
|
if (cert.size()&&cert!=label) return; |
|
|
|
std::cout<<"Found Certificate: " |
|
|
|
cryptoki::Attribute id(c.attribute(CKA_ID)); |
|
|
|
<<c->attribute(CKA_LABEL).value<<std::endl; |
|
|
|
cryptoki::ObjectList keys |
|
|
|
if (!cert.size()) continue; |
|
|
|
(session.find(cryptoki::Attribute(CKA_CLASS) |
|
|
|
std::cout<<"Pin: "; |
|
|
|
.from<CK_OBJECT_CLASS>(CKO_PUBLIC_KEY), |
|
|
|
std::string pin; |
|
|
|
id)); |
|
|
|
std::cin>>pin; |
|
|
|
if (!keys.size()) return; |
|
|
|
cryptoki::Session::Login l(session, pin); |
|
|
|
std::cout<<"Found Certificate: " |
|
|
|
keys = session.find(cryptoki::Attribute(CKA_CLASS) |
|
|
|
<<c.attribute(CKA_LABEL).value<<std::endl; |
|
|
|
.from<CK_OBJECT_CLASS>(CKO_PRIVATE_KEY), |
|
|
|
std::cout<<"Pin: "; |
|
|
|
id); |
|
|
|
std::string pin; |
|
|
|
if (keys.size()!=1) { |
|
|
|
std::cin>>pin; |
|
|
|
std::cerr<<"**** ERROR: No private key: "<<keys.size()<<std::endl; |
|
|
|
cryptoki::Session::Login l(session, pin); |
|
|
|
return; |
|
|
|
keys = session.find(cryptoki::Attribute(CKA_CLASS) |
|
|
|
} |
|
|
|
.from<CK_OBJECT_CLASS>(CKO_PRIVATE_KEY), |
|
|
|
std::cout<<"Signing ..."<<std::endl; |
|
|
|
id); |
|
|
|
#ifndef MRW__OLD_PRE11_COMPILER |
|
|
|
if (keys.size()!=1) { |
|
|
|
auto start = std::chrono::system_clock::now(); |
|
|
|
std::cerr<<"**** ERROR: No private key: "<<keys.size()<<std::endl; |
|
|
|
#endif |
|
|
|
return; |
|
|
|
for (int i(0); i<r; ++i) |
|
|
|
} |
|
|
|
keys[0].sign(txt, CKM_RSA_PKCS); |
|
|
|
std::cout<<"Signing ..."<<std::endl; |
|
|
|
#ifndef MRW__OLD_PRE11_COMPILER |
|
|
|
auto start = std::chrono::system_clock::now(); |
|
|
|
auto end = std::chrono::system_clock::now(); |
|
|
|
for (int i(0); i<r; ++i) |
|
|
|
auto elapsed(std::chrono::duration_cast<std::chrono::milliseconds> |
|
|
|
keys[0].sign(txt, CKM_RSA_PKCS); |
|
|
|
(end-start)); |
|
|
|
auto end = std::chrono::system_clock::now(); |
|
|
|
std::cout<<"Done in "<<elapsed.count()<<"ms"<<std::endl; |
|
|
|
auto elapsed =std::chrono::duration_cast<std::chrono::milliseconds>(end - start); |
|
|
|
#else |
|
|
|
std::cout<<"Done in "<<elapsed.count()<<"ms"<<std::endl; |
|
|
|
std::cout<<"Done."<<std::endl; |
|
|
|
}); |
|
|
|
#endif |
|
|
|
}); |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
return 0; |
|
|
|
return 0; |
|
|
|
} catch (std::exception& x) { |
|
|
|
} catch (std::exception& x) { |
|
|
|
std::cerr<<"**** ERROR: "<<x.what()<<std::endl; |
|
|
|
std::cerr<<"**** ERROR: "<<x.what()<<std::endl; |
|
|
|
|
Marc Wäckerlin
11 years ago