Unicode C
Unicode C
PKCS11 Get Token Info
See more PKCS11 Examples
Example showing how to discover the readers (slots) and smart cards and tokens available through a vendor's PKCS11 Cryptoki module, and get token information for each.Chilkat Unicode C Downloads
#include <C_CkPkcs11W.h>
#include <C_CkJsonObjectW.h>
#include <C_CkJsonArrayW.h>
void ChilkatSample(void)
{
BOOL success;
HCkPkcs11W pkcs11;
BOOL onlyTokensPresent;
HCkJsonObjectW json;
int id;
const wchar_t *slotDescription;
BOOL tokenPresent;
BOOL removableDevice;
BOOL hardwareSlot;
int hardwareVersionMajor;
int hardwareVersionMinor;
int firmwareVersionMajor;
int firmwareVersionMinor;
const wchar_t *tokenLabel;
const wchar_t *tokenManufacturerID;
const wchar_t *tokenModel;
const wchar_t *tokenSerialNumber;
int tokenMaxSessionCount;
int tokenSessionCount;
int tokenMaxRwSessionCount;
int tokenRwSessionCount;
int tokenMaxPinLen;
int tokenMinPinLen;
int tokenTotalPublicMemory;
int tokenFreePublicMemory;
int tokenTotalPrivateMemory;
int tokenFreePrivateMemory;
int tokenHardwareVersionMajor;
int tokenHardwareVersionMinor;
int tokenFirmwareVersionMajor;
int tokenFirmwareVersionMinor;
const wchar_t *tokenUtcTime;
int tokenRsaMinKeySize;
int tokenRsaMaxKeySize;
int j;
int count_j;
const wchar_t *strVal;
const wchar_t *tokenFlag;
int cryptokiVersionMajor;
int cryptokiVersionMinor;
const wchar_t *manufacturerID;
const wchar_t *libraryDescription;
int libraryVersionMajor;
int libraryVersionMinor;
int i;
int count_i;
HCkJsonArrayW aFlags;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems.
pkcs11 = CkPkcs11W_Create();
// Specify the vendor's Cryptoki module DLL / shared lib.
// The following PKCS11 driver DLL is for the WatchData ProxKey USB token.
// You would use your smartcard/token vendor's PKCS11 driver DLL.
CkPkcs11W_putSharedLibPath(pkcs11,L"SignatureP11.dll");
success = CkPkcs11W_Initialize(pkcs11);
if (success == FALSE) {
wprintf(L"%s\n",CkPkcs11W_lastErrorText(pkcs11));
CkPkcs11W_Dispose(pkcs11);
return;
}
// Call Discover to discover what's available.
// Indicate that we only want to return slots (readers) where tokens (or smart cards) are present.
onlyTokensPresent = TRUE;
json = CkJsonObjectW_Create();
success = CkPkcs11W_Discover(pkcs11,onlyTokensPresent,json);
if (success == FALSE) {
wprintf(L"%s\n",CkPkcs11W_lastErrorText(pkcs11));
CkPkcs11W_Dispose(pkcs11);
CkJsonObjectW_Dispose(json);
return;
}
CkJsonObjectW_putEmitCompact(json,FALSE);
wprintf(L"%s\n",CkJsonObjectW_emit(json));
// Sample JSON output.
// Code for parsing this JSON is shown below..
// {
// "cryptokiVersion": {
// "major": 2,
// "minor": 10
// },
// "manufacturerID": "WatchData",
// "libraryDescription": "PKCS#11 cryptoki module",
// "libraryVersion": {
// "major": 3,
// "minor": 10
// },
// "slot": [
// {
// "id": 16385,
// "slotDescription": "Watchdata IC CARD Reader/Writer",
// "manufacturerID": "Watchdata",
// "tokenPresent": true,
// "removableDevice": true,
// "hardwareSlot": true,
// "hardwareVersion": {
// "major": 1,
// "minor": 0
// },
// "firmwareVersion": {
// "major": 1,
// "minor": 0
// },
// "token": {
// "label": "WD PROXKey",
// "manufacturerID": "Watchdata Corp.",
// "model": "TimeCos/PK",
// "serialNumber": "WD05376504",
// "flags": [
// "CKF_RNG",
// "CKF_LOGIN_REQUIRED",
// "CKF_USER_PIN_INITIALIZED",
// "CKF_DUAL_CRYPTO_OPERATIONS",
// "CKF_TOKEN_INITIALIZED"
// ],
// "maxSessionCount": 0,
// "sessionCount": 0,
// "maxRwSessionCount": 0,
// "rwSessionCount": 0,
// "maxPinLen": 32,
// "minPinLen": 6,
// "totalPublicMemory": 61440,
// "freePublicMemory": 70144,
// "totalPrivateMemory": 61440,
// "freePrivateMemory": 70144,
// "hardwareVersion": {
// "major": 2,
// "minor": 1
// },
// "firmwareVersion": {
// "major": 0,
// "minor": 0
// },
// "utcTime": "2024011509254600",
// "mechanism": [
// "CKM_RSA_PKCS_KEY_PAIR_GEN",
// "CKM_EC_KEY_PAIR_GEN",
// "CKM_DES_KEY_GEN",
// "80000001",
// "8000000B",
// "CKM_AES_KEY_GEN",
// "CKM_DES2_KEY_GEN",
// "CKM_DES3_KEY_GEN",
// "CKM_RSA_PKCS",
// "CKM_RSA_X_509",
// "CKM_ECDSA",
// "CKM_ECDSA_SHA1",
// "CKM_MD2_RSA_PKCS",
// "CKM_MD5_RSA_PKCS",
// "CKM_SHA1_RSA_PKCS",
// "CKM_SHA256_RSA_PKCS",
// "CKM_DES_ECB",
// "CKM_DES_CBC",
// "CKM_DES_CBC_PAD",
// "80000002",
// "CKM_CPK_ECDSA",
// "CKM_CPK_ECDSA_SHA1",
// "8000000C",
// "8000000D",
// "8000000E",
// "CKM_AES_ECB",
// "CKM_AES_CBC",
// "CKM_AES_CBC_PAD",
// "CKM_DES3_ECB",
// "CKM_DES3_CBC",
// "CKM_DES3_CBC_PAD",
// "CKM_SHA_1",
// "CKM_SHA_1_HMAC",
// "CKM_SHA_1_HMAC_GENERAL",
// "CKM_SHA256",
// "CKM_SHA256_HMAC",
// "CKM_SHA256_HMAC_GENERAL",
// "CKM_MD2",
// "CKM_MD2_HMAC",
// "CKM_MD2_HMAC_GENERAL",
// "CKM_MD5",
// "CKM_MD5_HMAC",
// "CKM_MD5_HMAC_GENERAL",
// "CKM_SSL3_PRE_MASTER_KEY_GEN",
// "CKM_SSL3_MASTER_KEY_DERIVE",
// "CKM_SSL3_KEY_AND_MAC_DERIVE",
// "CKM_SSL3_MD5_MAC",
// "CKM_SSL3_SHA1_MAC"
// ],
// "rsa": {
// "minKeySize": 1024,
// "maxKeySize": 4096
// }
// }
// }
// ]
// }
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
// Chilkat functions returning "const char *" return a pointer to temporary internal memory owned and managed by Chilkat.
// See this example explaining how this memory should be used: const char * functions.
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
cryptokiVersionMajor = CkJsonObjectW_IntOf(json,L"cryptokiVersion.major");
cryptokiVersionMinor = CkJsonObjectW_IntOf(json,L"cryptokiVersion.minor");
manufacturerID = CkJsonObjectW_stringOf(json,L"manufacturerID");
libraryDescription = CkJsonObjectW_stringOf(json,L"libraryDescription");
libraryVersionMajor = CkJsonObjectW_IntOf(json,L"libraryVersion.major");
libraryVersionMinor = CkJsonObjectW_IntOf(json,L"libraryVersion.minor");
i = 0;
count_i = CkJsonObjectW_SizeOfArray(json,L"slot");
while (i < count_i) {
CkJsonObjectW_putI(json,i);
id = CkJsonObjectW_IntOf(json,L"slot[i].id");
slotDescription = CkJsonObjectW_stringOf(json,L"slot[i].slotDescription");
manufacturerID = CkJsonObjectW_stringOf(json,L"slot[i].manufacturerID");
tokenPresent = CkJsonObjectW_BoolOf(json,L"slot[i].tokenPresent");
removableDevice = CkJsonObjectW_BoolOf(json,L"slot[i].removableDevice");
hardwareSlot = CkJsonObjectW_BoolOf(json,L"slot[i].hardwareSlot");
hardwareVersionMajor = CkJsonObjectW_IntOf(json,L"slot[i].hardwareVersion.major");
hardwareVersionMinor = CkJsonObjectW_IntOf(json,L"slot[i].hardwareVersion.minor");
firmwareVersionMajor = CkJsonObjectW_IntOf(json,L"slot[i].firmwareVersion.major");
firmwareVersionMinor = CkJsonObjectW_IntOf(json,L"slot[i].firmwareVersion.minor");
tokenLabel = CkJsonObjectW_stringOf(json,L"slot[i].token.label");
tokenManufacturerID = CkJsonObjectW_stringOf(json,L"slot[i].token.manufacturerID");
tokenModel = CkJsonObjectW_stringOf(json,L"slot[i].token.model");
tokenSerialNumber = CkJsonObjectW_stringOf(json,L"slot[i].token.serialNumber");
tokenMaxSessionCount = CkJsonObjectW_IntOf(json,L"slot[i].token.maxSessionCount");
tokenSessionCount = CkJsonObjectW_IntOf(json,L"slot[i].token.sessionCount");
tokenMaxRwSessionCount = CkJsonObjectW_IntOf(json,L"slot[i].token.maxRwSessionCount");
tokenRwSessionCount = CkJsonObjectW_IntOf(json,L"slot[i].token.rwSessionCount");
tokenMaxPinLen = CkJsonObjectW_IntOf(json,L"slot[i].token.maxPinLen");
tokenMinPinLen = CkJsonObjectW_IntOf(json,L"slot[i].token.minPinLen");
tokenTotalPublicMemory = CkJsonObjectW_IntOf(json,L"slot[i].token.totalPublicMemory");
tokenFreePublicMemory = CkJsonObjectW_IntOf(json,L"slot[i].token.freePublicMemory");
tokenTotalPrivateMemory = CkJsonObjectW_IntOf(json,L"slot[i].token.totalPrivateMemory");
tokenFreePrivateMemory = CkJsonObjectW_IntOf(json,L"slot[i].token.freePrivateMemory");
tokenHardwareVersionMajor = CkJsonObjectW_IntOf(json,L"slot[i].token.hardwareVersion.major");
tokenHardwareVersionMinor = CkJsonObjectW_IntOf(json,L"slot[i].token.hardwareVersion.minor");
tokenFirmwareVersionMajor = CkJsonObjectW_IntOf(json,L"slot[i].token.firmwareVersion.major");
tokenFirmwareVersionMinor = CkJsonObjectW_IntOf(json,L"slot[i].token.firmwareVersion.minor");
tokenUtcTime = CkJsonObjectW_stringOf(json,L"slot[i].token.utcTime");
tokenRsaMinKeySize = CkJsonObjectW_IntOf(json,L"slot[i].token.rsa.minKeySize");
tokenRsaMaxKeySize = CkJsonObjectW_IntOf(json,L"slot[i].token.rsa.maxKeySize");
// The following token flag strings are possible:
// CKF_RNG: has random # generator
// CKF_WRITE_PROTECTED: token is write-protected
// CKF_LOGIN_REQUIRED:user must login
// CKF_USER_PIN_INITIALIZED:normal user's PIN is set
// CKF_RESTORE_KEY_NOT_NEEDED: Every time the state of cryptographic operations of a session is
// successfully saved, all keys needed to continue those operations are stored in the state
// CKF_CLOCK_ON_TOKEN: The token has some sort of clock. The time on the clock is returned in the slot[i].token.utcTime
// CKF_PROTECTED_AUTHENTICATION_PATH: There is some way for the user to login without sending a PIN through the Cryptoki library itself
// CKF_DUAL_CRYPTO_OPERATIONS: A single session with the token can perform dual simultaneous cryptographic operations
// (digest and encrypt; decrypt and digest; sign and encrypt; and decrypt and sign)
// CKF_TOKEN_INITIALIZED: The token has been initialized.
// CKF_SECONDARY_AUTHENTICATION: The token supports secondary authentication for private key objects.
// CKF_USER_PIN_COUNT_LOW: An incorrect user login PIN has been entered at least once since the last successful authentication.
// CKF_USER_PIN_FINAL_TRY: Supplying an incorrect user PIN will it to become locked.
// CKF_USER_PIN_LOCKED: The user PIN has been locked. User login to the token is not possible.
// CKF_USER_PIN_TO_BE_CHANGED: The user PIN value is the default value set by token initialization or manufacturing,
// or the PIN has been expired by the card.
// CKF_SO_PIN_COUNT_LOW: An incorrect SO login PIN has been entered at least once since the last successful authentication.
// CKF_SO_PIN_FINAL_TRY: Supplying an incorrect SO PIN will it to become locked.
// CKF_SO_PIN_LOCKED: The SO PIN has been locked. SO login to the token is not possible.
// CKF_SO_PIN_TO_BE_CHANGED: The SO PIN value is the default value set by token initialization or manufacturing,
// or the PIN has been expired by the card.
// To see if particular flags are present:
aFlags = CkJsonObjectW_ArrayOf(json,L"slot[i].token.flags");
if (CkJsonArrayW_FindString(aFlags,L"CKF_USER_PIN_LOCKED",TRUE) >= 0) {
wprintf(L"The token is locked.\n");
}
if (CkJsonArrayW_FindString(aFlags,L"CKF_RNG",TRUE) >= 0) {
wprintf(L"The token has a random number generator.\n");
}
// ...
CkJsonArrayW_Dispose(aFlags);
// To iterate over all flags..
j = 0;
count_j = CkJsonObjectW_SizeOfArray(json,L"slot[i].token.flags");
while (j < count_j) {
CkJsonObjectW_putJ(json,j);
tokenFlag = CkJsonObjectW_stringOf(json,L"slot[i].token.flags[j]");
j = j + 1;
}
j = 0;
count_j = CkJsonObjectW_SizeOfArray(json,L"slot[i].token.mechanism");
while (j < count_j) {
CkJsonObjectW_putJ(json,j);
strVal = CkJsonObjectW_stringOf(json,L"slot[i].token.mechanism[j]");
j = j + 1;
}
i = i + 1;
}
CkPkcs11W_Dispose(pkcs11);
CkJsonObjectW_Dispose(json);
}