libraries
/
libpcscxx
1
0
Fork 0
Code Issues Releases Activity

better interface to get binary certificates; refs #28

Browse Source
master
Marc Wäckerlin 11 years ago
parent d8f6abe3ce
commit e8c230ce1b
3 changed files with 85 additions and 25 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      doc/examples/suisse-id-demo.cxx
  2. 69
      src/cryptoki.hxx
  3. 23
      src/suisseid.hxx

16
doc/examples/suisse-id-demo.cxx
Unescape View File

@ -37,17 +37,14 @@ int main(int argc, char** argv) try {
<<" SigG: "<<(*card)->sigGPinRetries()<<std::endl <<" SigG: "<<(*card)->sigGPinRetries()<<std::endl
<<" Transport: "<<(*card)->transportPinRetries()<<std::endl <<" Transport: "<<(*card)->transportPinRetries()<<std::endl
<<" PUK: "<<(*card)->pukRetries()<<std::endl; <<" PUK: "<<(*card)->pukRetries()<<std::endl;
cryptoki::Session session((*card)->slot()); cryptoki::Session::Info info((*card)->sessionInfo());
cryptoki::Session::Info info(session.getsessioninfo());
std::cout<<" Session:"<<std::endl std::cout<<" Session:"<<std::endl
<<" Slot: "<<info.slotID<<std::endl <<" Slot: "<<info.slotID<<std::endl
<<" State: "<<session.state(info)<<std::endl <<" State: "<<info.stateString()<<std::endl
<<" Flags: "<<((info.flags|CKF_RW_SESSION) <<" Flags: "<<(info.readwrite()
?"read/write":"read only")<<std::endl ?"read/write":"read only")<<std::endl
<<" Device Error: "<<info.ulDeviceError<<std::endl; <<" Device Error: "<<info.ulDeviceError<<std::endl;
cryptoki::ObjectList certs suisseid::Certificates certs((*card)->certificates());
(session.find(cryptoki::Attribute(CKA_CLASS)
.from<CK_OBJECT_CLASS>(CKO_CERTIFICATE)));
std::cout<<" Certificates: "<<certs.size()<<std::endl; std::cout<<" Certificates: "<<certs.size()<<std::endl;
std::cout<<"--------------------------------------------------"<<std::endl std::cout<<"--------------------------------------------------"<<std::endl
<<"Your Order Sir:"<<std::endl <<"Your Order Sir:"<<std::endl
@ -81,10 +78,9 @@ int main(int argc, char** argv) try {
TextualCycle check(*card); TextualCycle check(*card);
check.installCerts(true); check.installCerts(true);
} else if (choice=="z") { } else if (choice=="z") {
for (cryptoki::ObjectList::iterator cert(certs.begin()); for (suisseid::Certificates::iterator cert(certs.begin());
cert!=certs.end(); ++cert) { cert!=certs.end(); ++cert) {
std::string data(cert->attribute(CKA_VALUE).value); QByteArray der(QByteArray(cert->data(), cert->size()));
QByteArray der(QByteArray(data.data(), data.size()));
QSslCertificate c(der, QSsl::Der); QSslCertificate c(der, QSsl::Der);
std::cout<<"Certificate info: CN=" std::cout<<"Certificate info: CN="
<<QString(c.subjectInfo(QSslCertificate::CommonName) <<QString(c.subjectInfo(QSslCertificate::CommonName)

69
src/cryptoki.hxx
Unescape View File

@ -586,6 +586,9 @@ namespace cryptoki {
} }
}; };
struct TokenInfo; // forward declaration
std::ostream& operator<<(std::ostream& out, const TokenInfo& ti);
struct TokenInfo { struct TokenInfo {
FixString<32> label; FixString<32> label;
FixString<32> manufacturerID; FixString<32> manufacturerID;
@ -607,6 +610,7 @@ namespace cryptoki {
FixString<16> utcTime; FixString<16> utcTime;
TokenInfo() { TokenInfo() {
CRYPTOLOG("log");
} }
//! Convert C-Structure of Token Information Into C++ //! Convert C-Structure of Token Information Into C++
@ -629,9 +633,35 @@ namespace cryptoki {
hardwareVersion(cInfo.hardwareVersion), hardwareVersion(cInfo.hardwareVersion),
firmwareVersion(cInfo.firmwareVersion), firmwareVersion(cInfo.firmwareVersion),
utcTime(cInfo.utcTime) { utcTime(cInfo.utcTime) {
CRYPTOLOG("log *this={"<<std::endl<<*this);//<<std::endl<<'}');
} }
}; };
std::ostream& operator<<(std::ostream& out, const TokenInfo& ti) {
return out
<<"label="<<ti.label<<std::endl
<<"manufacturerID="<<ti.manufacturerID<<std::endl
<<"model="<<ti.model<<std::endl
<<"serialNumber="<<ti.serialNumber<<std::endl
<<"flags="<<ti.flags<<std::endl
<<"maxSessionCount="<<ti.maxSessionCount<<std::endl
<<"sessionCount="<<ti.sessionCount<<std::endl
<<"maxRwSessionCount="<<ti.maxRwSessionCount<<std::endl
<<"rwSessionCount="<<ti.rwSessionCount<<std::endl
<<"maxPinLen="<<ti.maxPinLen<<std::endl
<<"minPinLen="<<ti.minPinLen<<std::endl
<<"totalPublicMemory="<<ti.totalPublicMemory<<std::endl
<<"freePublicMemory="<<ti.freePublicMemory<<std::endl
<<"totalPrivateMemory="<<ti.totalPrivateMemory<<std::endl
<<"freePrivateMemory="<<ti.freePrivateMemory<<std::endl
<<"hardwareVersion="<<ti.hardwareVersion.major<<'.'
<<ti.hardwareVersion.minor<<std::endl
<<"firmwareVersion="<<ti.firmwareVersion.major<<'.'
<<ti.firmwareVersion.minor<<std::endl
<<"utcTime="<<ti.utcTime;
}
struct Info { struct Info {
CK_VERSION cryptokiVersion; CK_VERSION cryptokiVersion;
FixString<32> manufacturerID; FixString<32> manufacturerID;
@ -916,7 +946,8 @@ namespace cryptoki {
//! calls @c C_GetSlotInfo //! calls @c C_GetSlotInfo
if (!check(_library->C_GetSlotInfo(_slot, &cInfo), if (!check(_library->C_GetSlotInfo(_slot, &cInfo),
CRYPTOKI_FN_LOG("C_GetSlotInfo"))) CRYPTOKI_FN_LOG("C_GetSlotInfo")))
return SlotInfo(cInfo); return SlotInfo();
return SlotInfo(cInfo);
} }
//! Read Token Information //! Read Token Information
@ -926,7 +957,8 @@ namespace cryptoki {
CK_TOKEN_INFO cInfo; CK_TOKEN_INFO cInfo;
if (!check(_library->C_GetTokenInfo(_slot, &cInfo), if (!check(_library->C_GetTokenInfo(_slot, &cInfo),
CRYPTOKI_FN_LOG("C_GetTokenInfo"))) CRYPTOKI_FN_LOG("C_GetTokenInfo")))
return TokenInfo(cInfo); return TokenInfo();
return TokenInfo(cInfo);
} }
/*! @bug does not compile: /*! @bug does not compile:
@ -1266,7 +1298,27 @@ namespace cryptoki {
- @c ulDeviceError An error code defined by the - @c ulDeviceError An error code defined by the
cryptographic device. Used for errors not covered by cryptographic device. Used for errors not covered by
Cryptoki. */ Cryptoki. */
typedef CK_SESSION_INFO Info; struct Info: public CK_SESSION_INFO {
Info(const CK_SESSION_INFO& si): CK_SESSION_INFO(si) {
}
bool readonly() {
return !readwrite();
}
bool readwrite() {
return flags|CKF_RW_SESSION;
}
std::string stateString() {
switch (state) {
case 0: return "CKS_RO_PUBLIC_SESSION";
case 1: return "CKS_RO_USER_FUNCTIONS";
case 2: return "CKS_RW_PUBLIC_SESSION ";
case 3: return "CKS_RW_USER_FUNCTIONS";
case 4: return "CKS_RW_SO_FUNCTIONS";
default: return "<UNKNOWN>";
}
}
};
/** @return session information */ /** @return session information */
Info getsessioninfo() { Info getsessioninfo() {
@ -1278,17 +1330,6 @@ namespace cryptoki {
return info; return info;
} }
std::string state(const Info& info) {
switch (info.state) {
case 0: return "CKS_RO_PUBLIC_SESSION";
case 1: return "CKS_RO_USER_FUNCTIONS";
case 2: return "CKS_RW_PUBLIC_SESSION ";
case 3: return "CKS_RW_USER_FUNCTIONS";
case 4: return "CKS_RW_SO_FUNCTIONS";
default: return "<UNKNOWN>";
}
}
/*! @todo Not implemented: /*! @todo Not implemented:
@code @code
bool initpin() { bool initpin() {

23
src/suisseid.hxx
Unescape View File

@ -75,6 +75,9 @@ namespace suisseid {
*/ */
/// List of DER encoded binary certificates
typedef std::vector<std::string> Certificates;
//! Represents a SuisseID Card //! Represents a SuisseID Card
/*! This is the parent class for special classes for the respecive /*! This is the parent class for special classes for the respecive
SuisseID providers. */ SuisseID providers. */
@ -123,6 +126,26 @@ namespace suisseid {
return MISSING; return MISSING;
} }
cryptoki::Session session() {
return cryptoki::Session(slot());
}
cryptoki::Session::Info sessionInfo() {
return session().getsessioninfo();
}
/// @returns Certificates in DER format.
Certificates certificates() {
Certificates res;
cryptoki::ObjectList certs
(session().find(cryptoki::Attribute(CKA_CLASS)
.from<CK_OBJECT_CLASS>(CKO_CERTIFICATE)));
for (cryptoki::ObjectList::iterator cert(certs.begin());
cert!=certs.end(); ++cert)
res.push_back(cert->attribute(CKA_VALUE).value);
return res;
}
protected: protected:
cryptoki::Library _cryptoki; cryptoki::Library _cryptoki;

Write Preview
Loading…
Cancel
Save