DataFlex
DataFlex
PKCS11 Get Token Info
See more PKCS11 Examples
Example showing how to discover the readers (slots) and smart cards and tokens available through a vendor's PKCS11 Cryptoki module, and get token information for each.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoPkcs11
Boolean iOnlyTokensPresent
Variant vJson
Handle hoJson
Integer iId
String sSlotDescription
Boolean iTokenPresent
Boolean iRemovableDevice
Boolean iHardwareSlot
Integer iHardwareVersionMajor
Integer iHardwareVersionMinor
Integer iFirmwareVersionMajor
Integer iFirmwareVersionMinor
String sTokenLabel
String sTokenManufacturerID
String sTokenModel
String sTokenSerialNumber
Integer iTokenMaxSessionCount
Integer iTokenSessionCount
Integer iTokenMaxRwSessionCount
Integer iTokenRwSessionCount
Integer iTokenMaxPinLen
Integer iTokenMinPinLen
Integer iTokenTotalPublicMemory
Integer iTokenFreePublicMemory
Integer iTokenTotalPrivateMemory
Integer iTokenFreePrivateMemory
Integer iTokenHardwareVersionMajor
Integer iTokenHardwareVersionMinor
Integer iTokenFirmwareVersionMajor
Integer iTokenFirmwareVersionMinor
String sTokenUtcTime
Integer iTokenRsaMinKeySize
Integer iTokenRsaMaxKeySize
Integer j
Integer iCount_j
String sStrVal
String sTokenFlag
Integer iCryptokiVersionMajor
Integer iCryptokiVersionMinor
String sManufacturerID
String sLibraryDescription
Integer iLibraryVersionMajor
Integer iLibraryVersionMinor
Integer i
Integer iCount_i
Variant vAFlags
Handle hoAFlags
String sTemp1
Integer iTemp1
Move False To iSuccess
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems.
Get Create (RefClass(cComChilkatPkcs11)) To hoPkcs11
If (Not(IsComObjectCreated(hoPkcs11))) Begin
Send CreateComObject of hoPkcs11
End
// Specify the vendor's Cryptoki module DLL / shared lib.
// The following PKCS11 driver DLL is for the WatchData ProxKey USB token.
// You would use your smartcard/token vendor's PKCS11 driver DLL.
Set ComSharedLibPath Of hoPkcs11 To "SignatureP11.dll"
Get ComInitialize Of hoPkcs11 To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoPkcs11 To sTemp1
Showln sTemp1
Procedure_Return
End
// Call Discover to discover what's available.
// Indicate that we only want to return slots (readers) where tokens (or smart cards) are present.
Move True To iOnlyTokensPresent
Get Create (RefClass(cComChilkatJsonObject)) To hoJson
If (Not(IsComObjectCreated(hoJson))) Begin
Send CreateComObject of hoJson
End
Get pvComObject of hoJson to vJson
Get ComDiscover Of hoPkcs11 iOnlyTokensPresent vJson To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoPkcs11 To sTemp1
Showln sTemp1
Procedure_Return
End
Set ComEmitCompact Of hoJson To False
Get ComEmit Of hoJson To sTemp1
Showln sTemp1
// Sample JSON output.
// Code for parsing this JSON is shown below..
// {
// "cryptokiVersion": {
// "major": 2,
// "minor": 10
// },
// "manufacturerID": "WatchData",
// "libraryDescription": "PKCS#11 cryptoki module",
// "libraryVersion": {
// "major": 3,
// "minor": 10
// },
// "slot": [
// {
// "id": 16385,
// "slotDescription": "Watchdata IC CARD Reader/Writer",
// "manufacturerID": "Watchdata",
// "tokenPresent": true,
// "removableDevice": true,
// "hardwareSlot": true,
// "hardwareVersion": {
// "major": 1,
// "minor": 0
// },
// "firmwareVersion": {
// "major": 1,
// "minor": 0
// },
// "token": {
// "label": "WD PROXKey",
// "manufacturerID": "Watchdata Corp.",
// "model": "TimeCos/PK",
// "serialNumber": "WD05376504",
// "flags": [
// "CKF_RNG",
// "CKF_LOGIN_REQUIRED",
// "CKF_USER_PIN_INITIALIZED",
// "CKF_DUAL_CRYPTO_OPERATIONS",
// "CKF_TOKEN_INITIALIZED"
// ],
// "maxSessionCount": 0,
// "sessionCount": 0,
// "maxRwSessionCount": 0,
// "rwSessionCount": 0,
// "maxPinLen": 32,
// "minPinLen": 6,
// "totalPublicMemory": 61440,
// "freePublicMemory": 70144,
// "totalPrivateMemory": 61440,
// "freePrivateMemory": 70144,
// "hardwareVersion": {
// "major": 2,
// "minor": 1
// },
// "firmwareVersion": {
// "major": 0,
// "minor": 0
// },
// "utcTime": "2024011509254600",
// "mechanism": [
// "CKM_RSA_PKCS_KEY_PAIR_GEN",
// "CKM_EC_KEY_PAIR_GEN",
// "CKM_DES_KEY_GEN",
// "80000001",
// "8000000B",
// "CKM_AES_KEY_GEN",
// "CKM_DES2_KEY_GEN",
// "CKM_DES3_KEY_GEN",
// "CKM_RSA_PKCS",
// "CKM_RSA_X_509",
// "CKM_ECDSA",
// "CKM_ECDSA_SHA1",
// "CKM_MD2_RSA_PKCS",
// "CKM_MD5_RSA_PKCS",
// "CKM_SHA1_RSA_PKCS",
// "CKM_SHA256_RSA_PKCS",
// "CKM_DES_ECB",
// "CKM_DES_CBC",
// "CKM_DES_CBC_PAD",
// "80000002",
// "CKM_CPK_ECDSA",
// "CKM_CPK_ECDSA_SHA1",
// "8000000C",
// "8000000D",
// "8000000E",
// "CKM_AES_ECB",
// "CKM_AES_CBC",
// "CKM_AES_CBC_PAD",
// "CKM_DES3_ECB",
// "CKM_DES3_CBC",
// "CKM_DES3_CBC_PAD",
// "CKM_SHA_1",
// "CKM_SHA_1_HMAC",
// "CKM_SHA_1_HMAC_GENERAL",
// "CKM_SHA256",
// "CKM_SHA256_HMAC",
// "CKM_SHA256_HMAC_GENERAL",
// "CKM_MD2",
// "CKM_MD2_HMAC",
// "CKM_MD2_HMAC_GENERAL",
// "CKM_MD5",
// "CKM_MD5_HMAC",
// "CKM_MD5_HMAC_GENERAL",
// "CKM_SSL3_PRE_MASTER_KEY_GEN",
// "CKM_SSL3_MASTER_KEY_DERIVE",
// "CKM_SSL3_KEY_AND_MAC_DERIVE",
// "CKM_SSL3_MD5_MAC",
// "CKM_SSL3_SHA1_MAC"
// ],
// "rsa": {
// "minKeySize": 1024,
// "maxKeySize": 4096
// }
// }
// }
// ]
// }
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
Get ComIntOf Of hoJson "cryptokiVersion.major" To iCryptokiVersionMajor
Get ComIntOf Of hoJson "cryptokiVersion.minor" To iCryptokiVersionMinor
Get ComStringOf Of hoJson "manufacturerID" To sManufacturerID
Get ComStringOf Of hoJson "libraryDescription" To sLibraryDescription
Get ComIntOf Of hoJson "libraryVersion.major" To iLibraryVersionMajor
Get ComIntOf Of hoJson "libraryVersion.minor" To iLibraryVersionMinor
Move 0 To i
Get ComSizeOfArray Of hoJson "slot" To iCount_i
While (i < iCount_i)
Set ComI Of hoJson To i
Get ComIntOf Of hoJson "slot[i].id" To iId
Get ComStringOf Of hoJson "slot[i].slotDescription" To sSlotDescription
Get ComStringOf Of hoJson "slot[i].manufacturerID" To sManufacturerID
Get ComBoolOf Of hoJson "slot[i].tokenPresent" To iTokenPresent
Get ComBoolOf Of hoJson "slot[i].removableDevice" To iRemovableDevice
Get ComBoolOf Of hoJson "slot[i].hardwareSlot" To iHardwareSlot
Get ComIntOf Of hoJson "slot[i].hardwareVersion.major" To iHardwareVersionMajor
Get ComIntOf Of hoJson "slot[i].hardwareVersion.minor" To iHardwareVersionMinor
Get ComIntOf Of hoJson "slot[i].firmwareVersion.major" To iFirmwareVersionMajor
Get ComIntOf Of hoJson "slot[i].firmwareVersion.minor" To iFirmwareVersionMinor
Get ComStringOf Of hoJson "slot[i].token.label" To sTokenLabel
Get ComStringOf Of hoJson "slot[i].token.manufacturerID" To sTokenManufacturerID
Get ComStringOf Of hoJson "slot[i].token.model" To sTokenModel
Get ComStringOf Of hoJson "slot[i].token.serialNumber" To sTokenSerialNumber
Get ComIntOf Of hoJson "slot[i].token.maxSessionCount" To iTokenMaxSessionCount
Get ComIntOf Of hoJson "slot[i].token.sessionCount" To iTokenSessionCount
Get ComIntOf Of hoJson "slot[i].token.maxRwSessionCount" To iTokenMaxRwSessionCount
Get ComIntOf Of hoJson "slot[i].token.rwSessionCount" To iTokenRwSessionCount
Get ComIntOf Of hoJson "slot[i].token.maxPinLen" To iTokenMaxPinLen
Get ComIntOf Of hoJson "slot[i].token.minPinLen" To iTokenMinPinLen
Get ComIntOf Of hoJson "slot[i].token.totalPublicMemory" To iTokenTotalPublicMemory
Get ComIntOf Of hoJson "slot[i].token.freePublicMemory" To iTokenFreePublicMemory
Get ComIntOf Of hoJson "slot[i].token.totalPrivateMemory" To iTokenTotalPrivateMemory
Get ComIntOf Of hoJson "slot[i].token.freePrivateMemory" To iTokenFreePrivateMemory
Get ComIntOf Of hoJson "slot[i].token.hardwareVersion.major" To iTokenHardwareVersionMajor
Get ComIntOf Of hoJson "slot[i].token.hardwareVersion.minor" To iTokenHardwareVersionMinor
Get ComIntOf Of hoJson "slot[i].token.firmwareVersion.major" To iTokenFirmwareVersionMajor
Get ComIntOf Of hoJson "slot[i].token.firmwareVersion.minor" To iTokenFirmwareVersionMinor
Get ComStringOf Of hoJson "slot[i].token.utcTime" To sTokenUtcTime
Get ComIntOf Of hoJson "slot[i].token.rsa.minKeySize" To iTokenRsaMinKeySize
Get ComIntOf Of hoJson "slot[i].token.rsa.maxKeySize" To iTokenRsaMaxKeySize
// The following token flag strings are possible:
// CKF_RNG: has random # generator
// CKF_WRITE_PROTECTED: token is write-protected
// CKF_LOGIN_REQUIRED:user must login
// CKF_USER_PIN_INITIALIZED:normal user's PIN is set
// CKF_RESTORE_KEY_NOT_NEEDED: Every time the state of cryptographic operations of a session is
// successfully saved, all keys needed to continue those operations are stored in the state
// CKF_CLOCK_ON_TOKEN: The token has some sort of clock. The time on the clock is returned in the slot[i].token.utcTime
// CKF_PROTECTED_AUTHENTICATION_PATH: There is some way for the user to login without sending a PIN through the Cryptoki library itself
// CKF_DUAL_CRYPTO_OPERATIONS: A single session with the token can perform dual simultaneous cryptographic operations
// (digest and encrypt; decrypt and digest; sign and encrypt; and decrypt and sign)
// CKF_TOKEN_INITIALIZED: The token has been initialized.
// CKF_SECONDARY_AUTHENTICATION: The token supports secondary authentication for private key objects.
// CKF_USER_PIN_COUNT_LOW: An incorrect user login PIN has been entered at least once since the last successful authentication.
// CKF_USER_PIN_FINAL_TRY: Supplying an incorrect user PIN will it to become locked.
// CKF_USER_PIN_LOCKED: The user PIN has been locked. User login to the token is not possible.
// CKF_USER_PIN_TO_BE_CHANGED: The user PIN value is the default value set by token initialization or manufacturing,
// or the PIN has been expired by the card.
// CKF_SO_PIN_COUNT_LOW: An incorrect SO login PIN has been entered at least once since the last successful authentication.
// CKF_SO_PIN_FINAL_TRY: Supplying an incorrect SO PIN will it to become locked.
// CKF_SO_PIN_LOCKED: The SO PIN has been locked. SO login to the token is not possible.
// CKF_SO_PIN_TO_BE_CHANGED: The SO PIN value is the default value set by token initialization or manufacturing,
// or the PIN has been expired by the card.
// To see if particular flags are present:
Get ComArrayOf Of hoJson "slot[i].token.flags" To vAFlags
If (IsComObject(vAFlags)) Begin
Get Create (RefClass(cComChilkatJsonArray)) To hoAFlags
Set pvComObject Of hoAFlags To vAFlags
End
Get ComFindString Of hoAFlags "CKF_USER_PIN_LOCKED" True To iTemp1
If (iTemp1 >= 0) Begin
Showln "The token is locked."
End
Get ComFindString Of hoAFlags "CKF_RNG" True To iTemp1
If (iTemp1 >= 0) Begin
Showln "The token has a random number generator."
End
// ...
Send Destroy of hoAFlags
// To iterate over all flags..
Move 0 To j
Get ComSizeOfArray Of hoJson "slot[i].token.flags" To iCount_j
While (j < iCount_j)
Set ComJ Of hoJson To j
Get ComStringOf Of hoJson "slot[i].token.flags[j]" To sTokenFlag
Move (j + 1) To j
Loop
Move 0 To j
Get ComSizeOfArray Of hoJson "slot[i].token.mechanism" To iCount_j
While (j < iCount_j)
Set ComJ Of hoJson To j
Get ComStringOf Of hoJson "slot[i].token.mechanism[j]" To sStrVal
Move (j + 1) To j
Loop
Move (i + 1) To i
Loop
End_Procedure