This library provides a simple and nice C++ wrapper around these libraries, so that programmers can concentrate on functionality. It offers general support for PCSC-lite, OpenSSL, PKCS#11, plus specific functionality for the SuisseID.
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
139 lines
5.7 KiB
139 lines
5.7 KiB
/*! @file |
|
|
|
@id $Id$ |
|
*/ |
|
// 1 2 3 4 5 6 7 8 |
|
// 45678901234567890123456789012345678901234567890123456789012345678901234567890 |
|
|
|
#include <suisse-id-demo.hxx> |
|
#include <mrw/args.hxx> |
|
|
|
#include <QtNetwork/QSslCertificate> |
|
#include <QtCore/QDateTime> |
|
#include <QtCore/QStringList> |
|
|
|
void show(const QString& s, const std::string& p="item: ") { |
|
std::cout<<p<<QString(s.toUtf8()).toStdString()<<std::endl; |
|
} |
|
|
|
void show(const QStringList& sl, const std::string& p="item: ") { |
|
for (QStringList::const_iterator s(sl.begin()); s!=sl.end(); ++s) |
|
std::cout<<p<<QString(s->toUtf8()).toStdString()<<std::endl; |
|
} |
|
|
|
// show certificate information |
|
void show(const suisseid::Certificate& cert) { |
|
// makes use of qt library's certificate class |
|
QSslCertificate c(QByteArray(cert.data(), cert.size()), QSsl::Der); |
|
std::cout<<"Certificate info:"; |
|
show(c.subjectInfo(QSslCertificate::CommonName), " CN="); |
|
std::cout<<" Valid until: " |
|
<<QString(c.expiryDate().toString().toUtf8()).toStdString() |
|
<<std::endl; |
|
} |
|
|
|
// call with option -h for help |
|
int main(int argc, char** argv) try { |
|
std::string lib("libcvP11.so"); // default pkcs#11/cryptoki library |
|
mrw::args::parse(argc, argv, |
|
"Sign a text (optionally several times for performance" |
|
" measurements).", |
|
mrw::args::defaults() |
|
<<mrw::args::decl("l", "library", "cryptoki library to load", |
|
mrw::args::decl::param_list() |
|
<<mrw::args::param(lib, "lib"))); |
|
// now lib contains the dynamic library to load |
|
|
|
// scan for suisseid cards |
|
suisseid::Cards cards(suisseid::Scanner(lib).scan()); |
|
for (suisseid::Cards::iterator card(cards.begin()); |
|
card!=cards.end(); ++card) { |
|
std::string choice; |
|
while (choice!="n") try { |
|
std::cout<<"=================================================="<<std::endl |
|
<<"Found SuisseID:"<<std::endl |
|
<<" Reader Name: "<<(*card)->name()<<std::endl |
|
<<" Version: "<<(*card)->version()<<std::endl |
|
<<" PIN-Length: "<<(*card)->minimalPinLength() |
|
<<" - "<<(*card)->maximalPinLength()<<std::endl |
|
<<" PIN retries:"<<std::endl |
|
<<" PKCS#15: "<<(*card)->pkcs15PinRetries()<<std::endl |
|
<<" SigG: "<<(*card)->sigGPinRetries()<<std::endl |
|
<<" Transport: "<<(*card)->transportPinRetries()<<std::endl |
|
<<" PUK: "<<(*card)->pukRetries()<<std::endl; |
|
cryptoki::Session::Info info((*card)->sessionInfo()); |
|
std::cout<<" Session:"<<std::endl |
|
<<" Slot: "<<info.slotID<<std::endl |
|
<<" State: "<<info.stateString()<<std::endl |
|
<<" Flags: "<<(info.readwrite() |
|
?"read/write":"read only")<<std::endl |
|
<<" Device Error: "<<info.ulDeviceError<<std::endl; |
|
suisseid::Certificates certs((*card)->certificates()); |
|
std::cout<<" Certificates: "<<certs.size()<<std::endl; |
|
std::cout<<"--------------------------------------------------"<<std::endl |
|
<<"Your Order Sir:"<<std::endl |
|
<<" n: proceed to next card"<<std::endl |
|
<<" c: check this card"<<std::endl |
|
<<" r: remove all certificates"<<std::endl |
|
<<" p: PIN change"<<std::endl |
|
<<" i: (re-) import certificates"<<std::endl |
|
<<" z: show certificates"<<std::endl |
|
<<" a: show authentication certificate"<<std::endl |
|
<<" d: show digital signature certificate"<<std::endl |
|
<<" q: quit"<<std::endl; |
|
std::cin>>choice; // small user menu |
|
try { |
|
if (choice=="n") { // handled above in the while-loop |
|
} else if (choice=="c") { |
|
// run a check of the card status |
|
TextualCycle check(*card); |
|
if (check.run()) |
|
std::cout<<"----> SuisseID is fine"<<std::endl; |
|
else |
|
std::cout<<"****> SuisseID is bad"<<std::endl; |
|
} else if (choice=="r") { |
|
std::cout<<"Not yet implemented."<<std::endl; |
|
} else if (choice=="p") { |
|
// change card pins |
|
std::string oldpin, newpin; |
|
std::cout<<"Enter Old PIN: "; |
|
std::cin>>oldpin; |
|
std::cout<<"Enter New PIN: "; |
|
std::cin>>newpin; |
|
if (oldpin.size() && newpin.size()) |
|
(*card)->changePins(newpin, oldpin); |
|
} else if (choice=="i") { |
|
// install new certificates - not fully implemented |
|
TextualCycle check(*card); |
|
check.installCerts(true); |
|
} else if (choice=="z") { |
|
// show all certificates on the card |
|
for (suisseid::Certificates::iterator cert(certs.begin()); |
|
cert!=certs.end(); ++cert) { |
|
show(*cert); |
|
} |
|
} else if (choice=="a") { |
|
// show authentication certificate only |
|
show((*card)->authenticationCertificate()); |
|
} else if (choice=="d") { |
|
// show authentication certificate only |
|
show((*card)->digitalSignatureCertificate()); |
|
} else if (choice=="q") { |
|
// done, user quits |
|
return 0; |
|
} else { |
|
// unknown user command |
|
std::cout<<"I beg your pardon, Sir?"<<std::endl; |
|
} |
|
} catch (const std::exception& x) { |
|
std::cerr<<"**** ERROR: "<<x.what()<<std::endl; |
|
} |
|
} catch (std::exception& x) { |
|
std::cerr<<"**** ERROR: "<<x.what()<<std::endl; |
|
choice="n"; // proceed to next card |
|
} |
|
} |
|
return 0; |
|
} catch (std::exception& x) { |
|
std::cerr<<"**** ERROR: "<<x.what()<<std::endl; |
|
}
|
|
|