|
|
|
@ -11,6 +11,7 @@ |
|
|
|
#include <pinentry.hxx> |
|
|
|
#include <pinentry.hxx> |
|
|
|
|
|
|
|
|
|
|
|
#include <cryptoki.hxx> |
|
|
|
#include <cryptoki.hxx> |
|
|
|
|
|
|
|
#include <pcsc.hxx> |
|
|
|
#include <openssl-engine.hxx> |
|
|
|
#include <openssl-engine.hxx> |
|
|
|
#include <openssl.hxx> |
|
|
|
#include <openssl.hxx> |
|
|
|
|
|
|
|
|
|
|
|
@ -56,20 +57,13 @@ class CryptokiEngine: public QObject, public openssl::Engine { |
|
|
|
|
|
|
|
|
|
|
|
QByteArray pem // empty dummy key for qt object instantiation
|
|
|
|
QByteArray pem // empty dummy key for qt object instantiation
|
|
|
|
("-----BEGIN RSA PRIVATE KEY-----\n" |
|
|
|
("-----BEGIN RSA PRIVATE KEY-----\n" |
|
|
|
"MIIBOwIBAAJBAMH2yqAGeVNPdgeZ2GoHo" |
|
|
|
"MIIBOwIBAAJBAMH2yqAGeVNPdgeZ2GoHo31m9aUxZ7QfK2Go2qLTahLpQ3UL1C8G\n" |
|
|
|
"31m9aUxZ7QfK2Go2qLTahLpQ3UL1C8G\n" |
|
|
|
"LkuMS8SNK0ZGfRMalIpIhv6bW5l3kjogOncCAwEAAQJABVGECtFCoGMsZFb2lSmy\n" |
|
|
|
"LkuMS8SNK0ZGfRMalIpIhv6bW5l3kjogO" |
|
|
|
"dOzOzYHGSy0TnnDn1dEgNnZ8sIljElPtUzm9dyXs2P3ICL1sOd7qjpzfJeyxknDL\n" |
|
|
|
"ncCAwEAAQJABVGECtFCoGMsZFb2lSmy\n" |
|
|
|
"AQIhAO5iKdLmhyuW+EDEH19vDs1Pmqs3/ZnT5UgUiJnTJqz3AiEA0ExIfUOCnxq2\n" |
|
|
|
"dOzOzYHGSy0TnnDn1dEgNnZ8sIljElPtU" |
|
|
|
"a3Z46KEivcr8JB2P9VqouBbVryiq/oECIQDj8bPCejMoiEzMSX0iWWTTB9qC/KAg\n" |
|
|
|
"zm9dyXs2P3ICL1sOd7qjpzfJeyxknDL\n" |
|
|
|
"FtF4skHIrXKfEwIgPCs86Uo+Ch2aQjKHvJMHSRHAgeI0OmiEwiB+e0lhE4ECIQDd\n" |
|
|
|
"AQIhAO5iKdLmhyuW+EDEH19vDs1Pmqs3/" |
|
|
|
"IbUmHIXt6oHLJmoGFX46bCcfil5eE5FXfiaw7Q9iPw==\n" |
|
|
|
"ZnT5UgUiJnTJqz3AiEA0ExIfUOCnxq2\n" |
|
|
|
|
|
|
|
"a3Z46KEivcr8JB2P9VqouBbVryiq/oECI" |
|
|
|
|
|
|
|
"QDj8bPCejMoiEzMSX0iWWTTB9qC/KAg\n" |
|
|
|
|
|
|
|
"FtF4skHIrXKfEwIgPCs86Uo+Ch2aQjKHv" |
|
|
|
|
|
|
|
"JMHSRHAgeI0OmiEwiB+e0lhE4ECIQDd\n" |
|
|
|
|
|
|
|
"IbUmHIXt6oHLJmoGFX46bCcfil5eE5FXf" |
|
|
|
|
|
|
|
"iaw7Q9iPw==\n" |
|
|
|
|
|
|
|
"-----END RSA PRIVATE KEY-----\n"); |
|
|
|
"-----END RSA PRIVATE KEY-----\n"); |
|
|
|
QSslKey privkey(pem, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey); |
|
|
|
QSslKey privkey(pem, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey); |
|
|
|
RSA* rsa(0); |
|
|
|
RSA* rsa(0); |
|
|
|
@ -200,7 +194,8 @@ class SmartCardAuth: public QObject { |
|
|
|
PinEntry pinEntry(QSslCertificate(QByteArray(c.data.data(), |
|
|
|
PinEntry pinEntry(QSslCertificate(QByteArray(c.data.data(), |
|
|
|
c.data.size()), |
|
|
|
c.data.size()), |
|
|
|
QSsl::Der), _parent); |
|
|
|
QSsl::Der), _parent); |
|
|
|
while (pinEntry.exec()==PinEntry::Accepted) |
|
|
|
while (pinEntry.retries(retries(c.slot->slotinfo().slotDescription)) |
|
|
|
|
|
|
|
.exec()==PinEntry::Accepted) |
|
|
|
try { |
|
|
|
try { |
|
|
|
_session = // session login with pin
|
|
|
|
_session = // session login with pin
|
|
|
|
std::auto_ptr<cryptoki::Session> |
|
|
|
std::auto_ptr<cryptoki::Session> |
|
|
|
@ -228,6 +223,42 @@ class SmartCardAuth: public QObject { |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private: |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int retries(const std::string& name) try { |
|
|
|
|
|
|
|
qDebug()<<__PRETTY_FUNCTION__<<name.c_str(); |
|
|
|
|
|
|
|
pcsc::Connection pcsc; |
|
|
|
|
|
|
|
pcsc::Connection::Reader& reader(pcsc.reader(name)); |
|
|
|
|
|
|
|
#ifndef Q_OS_MAC |
|
|
|
|
|
|
|
pcsc::Connection::Reader::Transaction lock(reader); |
|
|
|
|
|
|
|
#endif |
|
|
|
|
|
|
|
// first try to read version info
|
|
|
|
|
|
|
|
if (reader.transmit(0x00, 0xA4, 0x08, 0x0C, "\x3f\x00\x56\x49", 4) |
|
|
|
|
|
|
|
!= std::string("\x90\x00", 2) || !reader) return -2; |
|
|
|
|
|
|
|
std::string res(reader.transmit(0x00, 0xB0, 0x00, 0x00)); |
|
|
|
|
|
|
|
qDebug()<<" T E X T I S : "<<res.substr(6, res[5]).c_str(); |
|
|
|
|
|
|
|
if (res.substr(0, 2)!=std::string("\x90\x00", 2) || |
|
|
|
|
|
|
|
res.substr(6, res[5]) == "PZ2007") return -2; |
|
|
|
|
|
|
|
if (retCode(reader.transmit(0x00, 0xA4, 0x00, 0x0C)) == 0x9000) { |
|
|
|
|
|
|
|
int value(retCode(reader.transmit(0x00, 0x20, 0x00, 0x81))); |
|
|
|
|
|
|
|
if ((value&0x63C0)==0x63C0) return value&0x0F; |
|
|
|
|
|
|
|
} else { |
|
|
|
|
|
|
|
qDebug()<<"**** ERROR in select MF while reading pin status"; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
return -1; // locked
|
|
|
|
|
|
|
|
} catch (const std::exception& x) { |
|
|
|
|
|
|
|
qDebug()<<"**** ERROR while reading pin status: "<<x.what(); |
|
|
|
|
|
|
|
return -2; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int retCode(const std::string& res) { |
|
|
|
|
|
|
|
if (res.size()>=2) |
|
|
|
|
|
|
|
return ((((unsigned int)(unsigned char)res[res.size()-2])*256) |
|
|
|
|
|
|
|
+((unsigned int)(unsigned char)res[res.size()-1])); |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
return -1; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
private: |
|
|
|
private: |
|
|
|
|
|
|
|
|
|
|
|
struct CertInfo { |
|
|
|
struct CertInfo { |
|
|
|
|
Marc Wäckerlin
14 years ago