|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C) PKCS11 Get Token InfoSee more PKCS11 ExamplesExample showing how to discover the readers (slots) and smart cards and tokens available through a vendor's PKCS11 Cryptoki module, and get token information for each.
#include <C_CkPkcs11.h> #include <C_CkJsonObject.h> #include <C_CkJsonArray.h> void ChilkatSample(void) { HCkPkcs11 pkcs11; BOOL success; BOOL onlyTokensPresent; HCkJsonObject json; int id; const char *slotDescription; BOOL tokenPresent; BOOL removableDevice; BOOL hardwareSlot; int hardwareVersionMajor; int hardwareVersionMinor; int firmwareVersionMajor; int firmwareVersionMinor; const char *tokenLabel; const char *tokenManufacturerID; const char *tokenModel; const char *tokenSerialNumber; int tokenMaxSessionCount; int tokenSessionCount; int tokenMaxRwSessionCount; int tokenRwSessionCount; int tokenMaxPinLen; int tokenMinPinLen; int tokenTotalPublicMemory; int tokenFreePublicMemory; int tokenTotalPrivateMemory; int tokenFreePrivateMemory; int tokenHardwareVersionMajor; int tokenHardwareVersionMinor; int tokenFirmwareVersionMajor; int tokenFirmwareVersionMinor; const char *tokenUtcTime; int tokenRsaMinKeySize; int tokenRsaMaxKeySize; int j; int count_j; const char *strVal; const char *tokenFlag; int cryptokiVersionMajor; int cryptokiVersionMinor; const char *manufacturerID; const char *libraryDescription; int libraryVersionMajor; int libraryVersionMinor; int i; int count_i; HCkJsonArray aFlags; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems. pkcs11 = CkPkcs11_Create(); // Specify the vendor's Cryptoki module DLL / shared lib. // The following PKCS11 driver DLL is for the WatchData ProxKey USB token. // You would use your smartcard/token vendor's PKCS11 driver DLL. CkPkcs11_putSharedLibPath(pkcs11,"SignatureP11.dll"); success = CkPkcs11_Initialize(pkcs11); if (success == FALSE) { printf("%s\n",CkPkcs11_lastErrorText(pkcs11)); CkPkcs11_Dispose(pkcs11); return; } // Call Discover to discover what's available. // Indicate that we only want to return slots (readers) where tokens (or smart cards) are present. onlyTokensPresent = TRUE; json = CkJsonObject_Create(); success = CkPkcs11_Discover(pkcs11,onlyTokensPresent,json); if (success == FALSE) { printf("%s\n",CkPkcs11_lastErrorText(pkcs11)); CkPkcs11_Dispose(pkcs11); CkJsonObject_Dispose(json); return; } CkJsonObject_putEmitCompact(json,FALSE); printf("%s\n",CkJsonObject_emit(json)); // Sample JSON output. // Code for parsing this JSON is shown below.. // { // "cryptokiVersion": { // "major": 2, // "minor": 10 // }, // "manufacturerID": "WatchData", // "libraryDescription": "PKCS#11 cryptoki module", // "libraryVersion": { // "major": 3, // "minor": 10 // }, // "slot": [ // { // "id": 16385, // "slotDescription": "Watchdata IC CARD Reader/Writer", // "manufacturerID": "Watchdata", // "tokenPresent": true, // "removableDevice": true, // "hardwareSlot": true, // "hardwareVersion": { // "major": 1, // "minor": 0 // }, // "firmwareVersion": { // "major": 1, // "minor": 0 // }, // "token": { // "label": "WD PROXKey", // "manufacturerID": "Watchdata Corp.", // "model": "TimeCos/PK", // "serialNumber": "WD05376504", // "flags": [ // "CKF_RNG", // "CKF_LOGIN_REQUIRED", // "CKF_USER_PIN_INITIALIZED", // "CKF_DUAL_CRYPTO_OPERATIONS", // "CKF_TOKEN_INITIALIZED" // ], // "maxSessionCount": 0, // "sessionCount": 0, // "maxRwSessionCount": 0, // "rwSessionCount": 0, // "maxPinLen": 32, // "minPinLen": 6, // "totalPublicMemory": 61440, // "freePublicMemory": 70144, // "totalPrivateMemory": 61440, // "freePrivateMemory": 70144, // "hardwareVersion": { // "major": 2, // "minor": 1 // }, // "firmwareVersion": { // "major": 0, // "minor": 0 // }, // "utcTime": "2024011509254600", // "mechanism": [ // "CKM_RSA_PKCS_KEY_PAIR_GEN", // "CKM_EC_KEY_PAIR_GEN", // "CKM_DES_KEY_GEN", // "80000001", // "8000000B", // "CKM_AES_KEY_GEN", // "CKM_DES2_KEY_GEN", // "CKM_DES3_KEY_GEN", // "CKM_RSA_PKCS", // "CKM_RSA_X_509", // "CKM_ECDSA", // "CKM_ECDSA_SHA1", // "CKM_MD2_RSA_PKCS", // "CKM_MD5_RSA_PKCS", // "CKM_SHA1_RSA_PKCS", // "CKM_SHA256_RSA_PKCS", // "CKM_DES_ECB", // "CKM_DES_CBC", // "CKM_DES_CBC_PAD", // "80000002", // "CKM_CPK_ECDSA", // "CKM_CPK_ECDSA_SHA1", // "8000000C", // "8000000D", // "8000000E", // "CKM_AES_ECB", // "CKM_AES_CBC", // "CKM_AES_CBC_PAD", // "CKM_DES3_ECB", // "CKM_DES3_CBC", // "CKM_DES3_CBC_PAD", // "CKM_SHA_1", // "CKM_SHA_1_HMAC", // "CKM_SHA_1_HMAC_GENERAL", // "CKM_SHA256", // "CKM_SHA256_HMAC", // "CKM_SHA256_HMAC_GENERAL", // "CKM_MD2", // "CKM_MD2_HMAC", // "CKM_MD2_HMAC_GENERAL", // "CKM_MD5", // "CKM_MD5_HMAC", // "CKM_MD5_HMAC_GENERAL", // "CKM_SSL3_PRE_MASTER_KEY_GEN", // "CKM_SSL3_MASTER_KEY_DERIVE", // "CKM_SSL3_KEY_AND_MAC_DERIVE", // "CKM_SSL3_MD5_MAC", // "CKM_SSL3_SHA1_MAC" // ], // "rsa": { // "minKeySize": 1024, // "maxKeySize": 4096 // } // } // } // ] // } // Use this online tool to generate parsing code from sample JSON: // Generate Parsing Code from JSON // Chilkat functions returning "const char *" return a pointer to temporary internal memory owned and managed by Chilkat. // See this example explaining how this memory should be used: const char * functions. // Use this online tool to generate parsing code from sample JSON: // Generate Parsing Code from JSON cryptokiVersionMajor = CkJsonObject_IntOf(json,"cryptokiVersion.major"); cryptokiVersionMinor = CkJsonObject_IntOf(json,"cryptokiVersion.minor"); manufacturerID = CkJsonObject_stringOf(json,"manufacturerID"); libraryDescription = CkJsonObject_stringOf(json,"libraryDescription"); libraryVersionMajor = CkJsonObject_IntOf(json,"libraryVersion.major"); libraryVersionMinor = CkJsonObject_IntOf(json,"libraryVersion.minor"); i = 0; count_i = CkJsonObject_SizeOfArray(json,"slot"); while (i < count_i) { CkJsonObject_putI(json,i); id = CkJsonObject_IntOf(json,"slot[i].id"); slotDescription = CkJsonObject_stringOf(json,"slot[i].slotDescription"); manufacturerID = CkJsonObject_stringOf(json,"slot[i].manufacturerID"); tokenPresent = CkJsonObject_BoolOf(json,"slot[i].tokenPresent"); removableDevice = CkJsonObject_BoolOf(json,"slot[i].removableDevice"); hardwareSlot = CkJsonObject_BoolOf(json,"slot[i].hardwareSlot"); hardwareVersionMajor = CkJsonObject_IntOf(json,"slot[i].hardwareVersion.major"); hardwareVersionMinor = CkJsonObject_IntOf(json,"slot[i].hardwareVersion.minor"); firmwareVersionMajor = CkJsonObject_IntOf(json,"slot[i].firmwareVersion.major"); firmwareVersionMinor = CkJsonObject_IntOf(json,"slot[i].firmwareVersion.minor"); tokenLabel = CkJsonObject_stringOf(json,"slot[i].token.label"); tokenManufacturerID = CkJsonObject_stringOf(json,"slot[i].token.manufacturerID"); tokenModel = CkJsonObject_stringOf(json,"slot[i].token.model"); tokenSerialNumber = CkJsonObject_stringOf(json,"slot[i].token.serialNumber"); tokenMaxSessionCount = CkJsonObject_IntOf(json,"slot[i].token.maxSessionCount"); tokenSessionCount = CkJsonObject_IntOf(json,"slot[i].token.sessionCount"); tokenMaxRwSessionCount = CkJsonObject_IntOf(json,"slot[i].token.maxRwSessionCount"); tokenRwSessionCount = CkJsonObject_IntOf(json,"slot[i].token.rwSessionCount"); tokenMaxPinLen = CkJsonObject_IntOf(json,"slot[i].token.maxPinLen"); tokenMinPinLen = CkJsonObject_IntOf(json,"slot[i].token.minPinLen"); tokenTotalPublicMemory = CkJsonObject_IntOf(json,"slot[i].token.totalPublicMemory"); tokenFreePublicMemory = CkJsonObject_IntOf(json,"slot[i].token.freePublicMemory"); tokenTotalPrivateMemory = CkJsonObject_IntOf(json,"slot[i].token.totalPrivateMemory"); tokenFreePrivateMemory = CkJsonObject_IntOf(json,"slot[i].token.freePrivateMemory"); tokenHardwareVersionMajor = CkJsonObject_IntOf(json,"slot[i].token.hardwareVersion.major"); tokenHardwareVersionMinor = CkJsonObject_IntOf(json,"slot[i].token.hardwareVersion.minor"); tokenFirmwareVersionMajor = CkJsonObject_IntOf(json,"slot[i].token.firmwareVersion.major"); tokenFirmwareVersionMinor = CkJsonObject_IntOf(json,"slot[i].token.firmwareVersion.minor"); tokenUtcTime = CkJsonObject_stringOf(json,"slot[i].token.utcTime"); tokenRsaMinKeySize = CkJsonObject_IntOf(json,"slot[i].token.rsa.minKeySize"); tokenRsaMaxKeySize = CkJsonObject_IntOf(json,"slot[i].token.rsa.maxKeySize"); // The following token flag strings are possible: // CKF_RNG: has random # generator // CKF_WRITE_PROTECTED: token is write-protected // CKF_LOGIN_REQUIRED:user must login // CKF_USER_PIN_INITIALIZED:normal user's PIN is set // CKF_RESTORE_KEY_NOT_NEEDED: Every time the state of cryptographic operations of a session is // successfully saved, all keys needed to continue those operations are stored in the state // CKF_CLOCK_ON_TOKEN: The token has some sort of clock. The time on the clock is returned in the slot[i].token.utcTime // CKF_PROTECTED_AUTHENTICATION_PATH: There is some way for the user to login without sending a PIN through the Cryptoki library itself // CKF_DUAL_CRYPTO_OPERATIONS: A single session with the token can perform dual simultaneous cryptographic operations // (digest and encrypt; decrypt and digest; sign and encrypt; and decrypt and sign) // CKF_TOKEN_INITIALIZED: The token has been initialized. // CKF_SECONDARY_AUTHENTICATION: The token supports secondary authentication for private key objects. // CKF_USER_PIN_COUNT_LOW: An incorrect user login PIN has been entered at least once since the last successful authentication. // CKF_USER_PIN_FINAL_TRY: Supplying an incorrect user PIN will it to become locked. // CKF_USER_PIN_LOCKED: The user PIN has been locked. User login to the token is not possible. // CKF_USER_PIN_TO_BE_CHANGED: The user PIN value is the default value set by token initialization or manufacturing, // or the PIN has been expired by the card. // CKF_SO_PIN_COUNT_LOW: An incorrect SO login PIN has been entered at least once since the last successful authentication. // CKF_SO_PIN_FINAL_TRY: Supplying an incorrect SO PIN will it to become locked. // CKF_SO_PIN_LOCKED: The SO PIN has been locked. SO login to the token is not possible. // CKF_SO_PIN_TO_BE_CHANGED: The SO PIN value is the default value set by token initialization or manufacturing, // or the PIN has been expired by the card. // To see if particular flags are present: aFlags = CkJsonObject_ArrayOf(json,"slot[i].token.flags"); if (CkJsonArray_FindString(aFlags,"CKF_USER_PIN_LOCKED",TRUE) >= 0) { printf("The token is locked.\n"); } if (CkJsonArray_FindString(aFlags,"CKF_RNG",TRUE) >= 0) { printf("The token has a random number generator.\n"); } // ... CkJsonArray_Dispose(aFlags); // To iterate over all flags.. j = 0; count_j = CkJsonObject_SizeOfArray(json,"slot[i].token.flags"); while (j < count_j) { CkJsonObject_putJ(json,j); tokenFlag = CkJsonObject_stringOf(json,"slot[i].token.flags[j]"); j = j + 1; } j = 0; count_j = CkJsonObject_SizeOfArray(json,"slot[i].token.mechanism"); while (j < count_j) { CkJsonObject_putJ(json,j); strVal = CkJsonObject_stringOf(json,"slot[i].token.mechanism[j]"); j = j + 1; } i = i + 1; } CkPkcs11_Dispose(pkcs11); CkJsonObject_Dispose(json); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.