A simple Qt based browser with no bullshit that supports PKCS#11 tokens (such as the SuisseID).
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

144 lines
3.1 KiB

#include <actITokenKey.h>
#include <actIToken.h>
#include <actISlot.h>
#include <actUtility.h>
#include <actDebug.h>
#include <actMode.h>
#include <actCertificate.h>
#include "CardObject.h"
#include "SlotList.h"
#include <memory>
CardObject::CardObject(SlotList *sl)
: m_search_type(0)
, m_selected_token(NULL)
, m_found_key(NULL)
, m_slot_list(sl)
{
}
CardObject::~CardObject()
{
// We keep ownership of the token object itself but we're expected to pawn off the resulting key
// or certificate object we find.
if(m_selected_token)
m_selected_token->Release();
}
bool CardObject::searchFor(int searchType, const char *s_key_id)
{
// Only one successful search operation allowed
ACT_ASSERT(m_selected_token == NULL);
if(m_selected_token != NULL)
return false;
std::string key_id_string(s_key_id);
act::ISlot* selected_slot = NULL;
act::ITokenKey* selected_key = NULL;
size_t pos = 0;
// Slot selection: Currently only "slot_<decimalno>" supported
if(key_id_string.substr(pos,5) == "slot-")
{
pos += 5;
size_t slot_num = 0;
while(pos < key_id_string.length() && key_id_string[pos] >= '0' && key_id_string[pos] <= '9')
slot_num = slot_num * 10 + (key_id_string[pos++] - '0');
m_selected_token = m_slot_list->getToken(slot_num);
}
else
return false;
// Bail out if the selected slot is a dud.
if(!m_selected_token)
return false;
// Key (or cert) selection with "id_<hexid>"
if(key_id_string.substr(pos,4) == "-id-")
{
pos += 4;
act::Blob id_blob;
act::hex2blob(key_id_string.substr(pos).c_str()).swap(id_blob);
if(searchType != act::CERTIFICATE)
{
for(int i=m_selected_token->GetKeyNumber();i--;)
{
act::ITokenKey* key = dynamic_cast<act::ITokenKey*>(m_selected_token->GetKey(i));
if(key == NULL)
continue;
if(key->GetType() != act::KEY_RSA || key->GetID() != id_blob)
continue;
// Found it, deposit a copy for the caller's retrieval
m_found_key = key->Clone();
return true;
}
return false;
}
else
{
for(int i=m_selected_token->GetCertificateNumber();i--;)
{
act::CertEntry ce(m_selected_token->GetCertificate(i));
std::auto_ptr<act::Certificate> cert(new act::Certificate("X509", ce.certblob));
if(cert.get() == NULL)
continue;
act::Blob serno;
cert->GetParam(act::SERIALNR, serno);
if(serno != id_blob)
continue;
// Else we found what we're looking for, deposit a pointer for the caller's retrieval
m_found_certificate = ce.certblob;
return true;
}
}
}
else if(key_id_string.substr(pos,6) == "-name-") // Key selection with "name-<keyname>"
{
pos += 6;
std::string name(key_id_string.substr(pos));
ACT_ASSERT(searchType != act::CERTIFICATE);
for(int i=m_selected_token->GetKeyNumber();i--;)
{
act::ITokenKey* key = dynamic_cast<act::ITokenKey*>(m_selected_token->GetKey(i));
if(key == NULL)
continue;
if(key->GetType() != act::KEY_RSA || name != key->GetName())
continue;
// Found it, deposit a copy for the caller's retrieval
m_found_key = key->Clone();
return true;
}
return false;
}
return false;
}