libraries/libpcscxx
1
0
Fork 0
Code Issues Releases Activity

better interface to get binary certificates; refs #28

Browse Source
This commit is contained in:
Marc Wäckerlin
2014-01-22 15:14:36 +00:00
parent d8f6abe3ce
commit e8c230ce1b
3 changed files with 85 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
doc/examples/suisse-id-demo.cxx
View File

@@ -37,17 +37,14 @@ int main(int argc, char** argv) try {
<<" SigG: "<<(*card)->sigGPinRetries()<<std::endl <<" SigG: "<<(*card)->sigGPinRetries()<<std::endl
<<" Transport: "<<(*card)->transportPinRetries()<<std::endl <<" Transport: "<<(*card)->transportPinRetries()<<std::endl
<<" PUK: "<<(*card)->pukRetries()<<std::endl; <<" PUK: "<<(*card)->pukRetries()<<std::endl;
cryptoki::Session session((*card)->slot()); cryptoki::Session::Info info((*card)->sessionInfo());
cryptoki::Session::Info info(session.getsessioninfo());
std::cout<<" Session:"<<std::endl std::cout<<" Session:"<<std::endl
<<" Slot: "<<info.slotID<<std::endl <<" Slot: "<<info.slotID<<std::endl
<<" State: "<<session.state(info)<<std::endl <<" State: "<<info.stateString()<<std::endl
<<" Flags: "<<((info.flags|CKF_RW_SESSION) <<" Flags: "<<(info.readwrite()
?"read/write":"read only")<<std::endl ?"read/write":"read only")<<std::endl
<<" Device Error: "<<info.ulDeviceError<<std::endl; <<" Device Error: "<<info.ulDeviceError<<std::endl;
cryptoki::ObjectList certs suisseid::Certificates certs((*card)->certificates());
(session.find(cryptoki::Attribute(CKA_CLASS)
.from<CK_OBJECT_CLASS>(CKO_CERTIFICATE)));
std::cout<<" Certificates: "<<certs.size()<<std::endl; std::cout<<" Certificates: "<<certs.size()<<std::endl;
std::cout<<"--------------------------------------------------"<<std::endl std::cout<<"--------------------------------------------------"<<std::endl
<<"Your Order Sir:"<<std::endl <<"Your Order Sir:"<<std::endl
@@ -81,10 +78,9 @@ int main(int argc, char** argv) try {
TextualCycle check(*card); TextualCycle check(*card);
check.installCerts(true); check.installCerts(true);
} else if (choice=="z") { } else if (choice=="z") {
for (cryptoki::ObjectList::iterator cert(certs.begin()); for (suisseid::Certificates::iterator cert(certs.begin());
cert!=certs.end(); ++cert) { cert!=certs.end(); ++cert) {
std::string data(cert->attribute(CKA_VALUE).value); QByteArray der(QByteArray(cert->data(), cert->size()));
QByteArray der(QByteArray(data.data(), data.size()));
QSslCertificate c(der, QSsl::Der); QSslCertificate c(der, QSsl::Der);
std::cout<<"Certificate info: CN=" std::cout<<"Certificate info: CN="
<<QString(c.subjectInfo(QSslCertificate::CommonName) <<QString(c.subjectInfo(QSslCertificate::CommonName)

65
src/cryptoki.hxx
View File

@@ -586,6 +586,9 @@ namespace cryptoki {
} }
}; };
struct TokenInfo; // forward declaration
std::ostream& operator<<(std::ostream& out, const TokenInfo& ti);
struct TokenInfo { struct TokenInfo {
FixString<32> label; FixString<32> label;
FixString<32> manufacturerID; FixString<32> manufacturerID;
@@ -607,6 +610,7 @@ namespace cryptoki {
FixString<16> utcTime; FixString<16> utcTime;
TokenInfo() { TokenInfo() {
CRYPTOLOG("log");
} }
//! Convert C-Structure of Token Information Into C++ //! Convert C-Structure of Token Information Into C++
@@ -629,9 +633,35 @@ namespace cryptoki {
hardwareVersion(cInfo.hardwareVersion), hardwareVersion(cInfo.hardwareVersion),
firmwareVersion(cInfo.firmwareVersion), firmwareVersion(cInfo.firmwareVersion),
utcTime(cInfo.utcTime) { utcTime(cInfo.utcTime) {
CRYPTOLOG("log *this={"<<std::endl<<*this);//<<std::endl<<'}');
} }
}; };
std::ostream& operator<<(std::ostream& out, const TokenInfo& ti) {
return out
<<"label="<<ti.label<<std::endl
<<"manufacturerID="<<ti.manufacturerID<<std::endl
<<"model="<<ti.model<<std::endl
<<"serialNumber="<<ti.serialNumber<<std::endl
<<"flags="<<ti.flags<<std::endl
<<"maxSessionCount="<<ti.maxSessionCount<<std::endl
<<"sessionCount="<<ti.sessionCount<<std::endl
<<"maxRwSessionCount="<<ti.maxRwSessionCount<<std::endl
<<"rwSessionCount="<<ti.rwSessionCount<<std::endl
<<"maxPinLen="<<ti.maxPinLen<<std::endl
<<"minPinLen="<<ti.minPinLen<<std::endl
<<"totalPublicMemory="<<ti.totalPublicMemory<<std::endl
<<"freePublicMemory="<<ti.freePublicMemory<<std::endl
<<"totalPrivateMemory="<<ti.totalPrivateMemory<<std::endl
<<"freePrivateMemory="<<ti.freePrivateMemory<<std::endl
<<"hardwareVersion="<<ti.hardwareVersion.major<<'.'
<<ti.hardwareVersion.minor<<std::endl
<<"firmwareVersion="<<ti.firmwareVersion.major<<'.'
<<ti.firmwareVersion.minor<<std::endl
<<"utcTime="<<ti.utcTime;
}
struct Info { struct Info {
CK_VERSION cryptokiVersion; CK_VERSION cryptokiVersion;
FixString<32> manufacturerID; FixString<32> manufacturerID;
@@ -916,6 +946,7 @@ namespace cryptoki {
//! calls @c C_GetSlotInfo //! calls @c C_GetSlotInfo
if (!check(_library->C_GetSlotInfo(_slot, &cInfo), if (!check(_library->C_GetSlotInfo(_slot, &cInfo),
CRYPTOKI_FN_LOG("C_GetSlotInfo"))) CRYPTOKI_FN_LOG("C_GetSlotInfo")))
return SlotInfo();
return SlotInfo(cInfo); return SlotInfo(cInfo);
} }
@@ -926,6 +957,7 @@ namespace cryptoki {
CK_TOKEN_INFO cInfo; CK_TOKEN_INFO cInfo;
if (!check(_library->C_GetTokenInfo(_slot, &cInfo), if (!check(_library->C_GetTokenInfo(_slot, &cInfo),
CRYPTOKI_FN_LOG("C_GetTokenInfo"))) CRYPTOKI_FN_LOG("C_GetTokenInfo")))
return TokenInfo();
return TokenInfo(cInfo); return TokenInfo(cInfo);
} }
@@ -1266,7 +1298,27 @@ namespace cryptoki {
- @c ulDeviceError An error code defined by the - @c ulDeviceError An error code defined by the
cryptographic device. Used for errors not covered by cryptographic device. Used for errors not covered by
Cryptoki. */ Cryptoki. */
typedef CK_SESSION_INFO Info; struct Info: public CK_SESSION_INFO {
Info(const CK_SESSION_INFO& si): CK_SESSION_INFO(si) {
}
bool readonly() {
return !readwrite();
}
bool readwrite() {
return flags|CKF_RW_SESSION;
}
std::string stateString() {
switch (state) {
case 0: return "CKS_RO_PUBLIC_SESSION";
case 1: return "CKS_RO_USER_FUNCTIONS";
case 2: return "CKS_RW_PUBLIC_SESSION ";
case 3: return "CKS_RW_USER_FUNCTIONS";
case 4: return "CKS_RW_SO_FUNCTIONS";
default: return "<UNKNOWN>";
}
}
};
/** @return session information */ /** @return session information */
Info getsessioninfo() { Info getsessioninfo() {
@@ -1278,17 +1330,6 @@ namespace cryptoki {
return info; return info;
} }
std::string state(const Info& info) {
switch (info.state) {
case 0: return "CKS_RO_PUBLIC_SESSION";
case 1: return "CKS_RO_USER_FUNCTIONS";
case 2: return "CKS_RW_PUBLIC_SESSION ";
case 3: return "CKS_RW_USER_FUNCTIONS";
case 4: return "CKS_RW_SO_FUNCTIONS";
default: return "<UNKNOWN>";
}
}
/*! @todo Not implemented: /*! @todo Not implemented:
@code @code
bool initpin() { bool initpin() {

23
src/suisseid.hxx
View File

@@ -75,6 +75,9 @@ namespace suisseid {
*/ */
/// List of DER encoded binary certificates
typedef std::vector<std::string> Certificates;
//! Represents a SuisseID Card //! Represents a SuisseID Card
/*! This is the parent class for special classes for the respecive /*! This is the parent class for special classes for the respecive
SuisseID providers. */ SuisseID providers. */
@@ -123,6 +126,26 @@ namespace suisseid {
return MISSING; return MISSING;
} }
cryptoki::Session session() {
return cryptoki::Session(slot());
}
cryptoki::Session::Info sessionInfo() {
return session().getsessioninfo();
}
/// @returns Certificates in DER format.
Certificates certificates() {
Certificates res;
cryptoki::ObjectList certs
(session().find(cryptoki::Attribute(CKA_CLASS)
.from<CK_OBJECT_CLASS>(CKO_CERTIFICATE)));
for (cryptoki::ObjectList::iterator cert(certs.begin());
cert!=certs.end(); ++cert)
res.push_back(cert->attribute(CKA_VALUE).value);
return res;
}
protected: protected:
cryptoki::Library _cryptoki; cryptoki::Library _cryptoki;