(Lianja) PKCS11 Login / Logout

See more PKCS11 Examples

Sample code showing how to login and logout of a PKCS11 session. A session becomes authenticated when Login is called, and returns to the unauthenticated state when Logout is called. A smart card's PIN is passed to the Login method.

Note: This example requires Chilkat v9.5.0.88 or later.

Chilkat Lianja Extension Download Chilkat Lianja Extension

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems.

loPkcs11 = createobject("CkPkcs11")

// "aetpkss1.dll" is the DLL for the SafeSign Identity Client Standard Version 3.5
// The aetpkss1.dll can be used with the following smart cards or USB tokens:
// Defensiepas
// Defensiepas 2
// G&D Convego Join 4.01 40k/80k
// G&D SkySIM Hercules
// G&D SkySIM Scorpius
// G&D Sm@rtCaf� Expert 3.2
// G&D Sm@rtCaf� Expert 4.0
// G&D Sm@rtCaf� Expert 5.0
// G&D Sm@rtCaf� Expert 6.0
// G&D Sm@rtCaf� Expert 7.0
// G&D Sm@rtCaf� Expert 64
// Gemalto Desineo ICP D72 FXR1 Java
// Gemalto IDCore 30
// Gemalto MultiApp ID v2.1
// Gemalto Optelio D72 FR1
// Gemalto TOP DL v2
// Infineon Oracle JCOS Ed.1
// JCOP21 v2.3
// Morpho IDealCitiz v2.1
// Morpho JMV ProCL V3.0
// NXP J2A080 / J2A081 (JCOP 2.4.1 R3)
// NXP JD081 (JCOP 2.4.1 R3)
// NXP J3A080 (JCOP 2.4.1 R3)
// NXP JCOP 2.4.2 R3
// NXP JCOP 3 SecID P60
// Oberthur IDOne Cosmo v7.0
// RDW ABR kaart
// Rijkspas
// Rijkspas 2
// Sagem YpsID s2
// Sagem YpsID s3
// StarSign Crypto USB Token S
// Swissbit PS-100u SE
// UZI-pas
// UZI-pas 2
loPkcs11.SharedLibPath = "aetpkss1.dll"

llSuccess = loPkcs11.Initialize()
if (llSuccess = .F.) then
    ? loPkcs11.LastErrorText
    release loPkcs11
    return
endif

// We need to call Discover to get the slot ID.
llOnlyTokensPresent = .T.
loJson = createobject("CkJsonObject")
llSuccess = loPkcs11.Discover(llOnlyTokensPresent,loJson)
if (llSuccess = .F.) then
    ? loPkcs11.LastErrorText
    release loPkcs11
    release loJson
    return
endif

loJson.EmitCompact = .F.
? loJson.Emit()

// Make sure we have at least one slot.
if (loJson.SizeOfArray("slot") <= 0) then
    ? "No occuplied slots."
    release loPkcs11
    release loJson
    return
endif

// Get the ID of the 1st slot
lnSlotID = loJson.IntOf("slot[0].id")

// Open a session.
llReadWrite = .T.
llSuccess = loPkcs11.OpenSession(lnSlotID,llReadWrite)
if (llSuccess = .F.) then
    ? loPkcs11.LastErrorText
    release loPkcs11
    release loJson
    return
endif

// Make it an authenticated session by calling Login.
// The smart card PIN is passed to the Login method.
// The user type can be one of three choices:
// 0 - Security Officer
// 1 - Normal User
// 2 - Context Specific.
// You'll likely always login as the Normal User.
lnUserType = 1
lcPin = "0000"
llSuccess = loPkcs11.Login(lnUserType,lcPin)
if (llSuccess = .F.) then
    ? loPkcs11.LastErrorText
    llSuccess = loPkcs11.CloseSession()
    release loPkcs11
    release loJson
    return
endif

// Do what is needed with the authenticated session...
// ...
// ...

// Revert to an unauthenticated session by calling Logout.
llSuccess = loPkcs11.Logout()
if (llSuccess = .F.) then
    ? loPkcs11.LastErrorText
    llSuccess = loPkcs11.CloseSession()
    release loPkcs11
    release loJson
    return
endif

// When finished, close the session.
// It is important to close the session (memory leaks will occur if the session is not properly closed).
llSuccess = loPkcs11.CloseSession()
if (llSuccess = .F.) then
    ? loPkcs11.LastErrorText
    release loPkcs11
    release loJson
    return
endif

? "PKCS11 Login and Logout successfully demonstrated."


release loPkcs11
release loJson