This library provides a simple and nice C++ wrapper around these libraries, so that programmers can concentrate on functionality. It offers general support for PCSC-lite, OpenSSL, PKCS#11, plus specific functionality for the SuisseID.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

131 lines
5.5 KiB

/*! @file
@id $Id$
*/
// 1 2 3 4 5 6 7 8
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
#include <suisse-id-demo.hxx>
#include <mrw/args.hxx>
#include <QtNetwork/QSslCertificate>
#include <QtCore/QDateTime>
// show certificate information
void show(const suisseid::Certificate& cert) {
// makes use of qt library's certificate class
QSslCertificate c(QByteArray(cert.data(), cert.size()), QSsl::Der);
std::cout<<"Certificate info: CN="
<<QString(c.subjectInfo(QSslCertificate::CommonName)
.toUtf8()).toStdString()
<<std::endl
<<" Valid until: "
<<QString(c.expiryDate().toString().toUtf8()).toStdString()
<<std::endl;
}
// call with option -h for help
int main(int argc, char** argv) try {
std::string lib("libcvP11.so"); // default pkcs#11/cryptoki library
mrw::args::parse(argc, argv,
"Sign a text (optionally several times for performance"
" measurements).",
mrw::args::defaults()
<<mrw::args::decl("l", "library", "cryptoki lirary to load",
mrw::args::decl::param_list()
<<mrw::args::param(lib, "lib")));
// now lib contains the dynamic library to load
// scan for suisseid cards
suisseid::Cards cards(suisseid::Scanner(lib).scan());
for (suisseid::Cards::iterator card(cards.begin());
card!=cards.end(); ++card) {
std::string choice;
while (choice!="n") try {
std::cout<<"=================================================="<<std::endl
<<"Found SuisseID:"<<std::endl
<<" Reader Name: "<<(*card)->name()<<std::endl
<<" Version: "<<(*card)->version()<<std::endl
<<" PIN-Length: "<<(*card)->minimalPinLength()
<<" - "<<(*card)->maximalPinLength()<<std::endl
<<" PIN retries:"<<std::endl
<<" PKCS#15: "<<(*card)->pkcs15PinRetries()<<std::endl
<<" SigG: "<<(*card)->sigGPinRetries()<<std::endl
<<" Transport: "<<(*card)->transportPinRetries()<<std::endl
<<" PUK: "<<(*card)->pukRetries()<<std::endl;
cryptoki::Session::Info info((*card)->sessionInfo());
std::cout<<" Session:"<<std::endl
<<" Slot: "<<info.slotID<<std::endl
<<" State: "<<info.stateString()<<std::endl
<<" Flags: "<<(info.readwrite()
?"read/write":"read only")<<std::endl
<<" Device Error: "<<info.ulDeviceError<<std::endl;
suisseid::Certificates certs((*card)->certificates());
std::cout<<" Certificates: "<<certs.size()<<std::endl;
std::cout<<"--------------------------------------------------"<<std::endl
<<"Your Order Sir:"<<std::endl
<<" n: proceed to next card"<<std::endl
<<" c: check this card"<<std::endl
<<" r: remove all certificates"<<std::endl
<<" p: PIN change"<<std::endl
<<" i: (re-) import certificates"<<std::endl
<<" z: show certificates"<<std::endl
<<" a: show authentication certificate"<<std::endl
<<" d: show digital signature certificate"<<std::endl
<<" q: quit"<<std::endl;
std::cin>>choice; // small user menu
try {
if (choice=="n") { // handled above in the while-loop
} else if (choice=="c") {
// run a check of the card status
TextualCycle check(*card);
if (check.run())
std::cout<<"----> SuisseID is fine"<<std::endl;
else
std::cout<<"****> SuisseID is bad"<<std::endl;
} else if (choice=="r") {
std::cout<<"Not yet implemented."<<std::endl;
} else if (choice=="p") {
// change card pins
std::string oldpin, newpin;
std::cout<<"Enter Old PIN: ";
std::cin>>oldpin;
std::cout<<"Enter New PIN: ";
std::cin>>newpin;
if (oldpin.size() && newpin.size())
(*card)->changePins(newpin, oldpin);
} else if (choice=="i") {
// install new certificates - not fully implemented
TextualCycle check(*card);
check.installCerts(true);
} else if (choice=="z") {
// show all certificates on the card
for (suisseid::Certificates::iterator cert(certs.begin());
cert!=certs.end(); ++cert) {
show(*cert);
}
} else if (choice=="a") {
// show authentication certificate only
show((*card)->authenticationCertificate());
} else if (choice=="d") {
// show authentication certificate only
show((*card)->digitalSignatureCertificate());
} else if (choice=="q") {
// done, user quits
return 0;
} else {
// unknown user command
std::cout<<"I beg your pardon, Sir?"<<std::endl;
}
} catch (const std::exception& x) {
std::cerr<<"**** ERROR: "<<x.what()<<std::endl;
}
} catch (std::exception& x) {
std::cerr<<"**** ERROR: "<<x.what()<<std::endl;
choice="n"; // proceed to next card
}
}
return 0;
} catch (std::exception& x) {
std::cerr<<"**** ERROR: "<<x.what()<<std::endl;
}