1 | #include "cryptotoken.h" |
---|
2 | |
---|
3 | #include <QSslCertificate> |
---|
4 | |
---|
5 | #include <assert.h> |
---|
6 | #include <iostream> |
---|
7 | #include <stdexcept> |
---|
8 | |
---|
9 | #define BINARY_SHA1_LENGTH 20 |
---|
10 | #define BINARY_SHA224_LENGTH 28 |
---|
11 | #define BINARY_SHA256_LENGTH 32 |
---|
12 | #define BINARY_SHA384_LENGTH 48 |
---|
13 | #define BINARY_SHA512_LENGTH 64 |
---|
14 | |
---|
15 | |
---|
16 | CryptoToken::CryptoToken() |
---|
17 | { |
---|
18 | } |
---|
19 | |
---|
20 | |
---|
21 | CryptoToken::~CryptoToken() |
---|
22 | { |
---|
23 | } |
---|
24 | |
---|
25 | |
---|
26 | bool CryptoToken::initializeCriptoki() |
---|
27 | { |
---|
28 | QString error(""); |
---|
29 | CK_RV rv; |
---|
30 | rv = C_Initialize(NULL_PTR); |
---|
31 | if (rv != CKR_OK) |
---|
32 | { |
---|
33 | if (rv == CKR_DEVICE_ERROR) |
---|
34 | { |
---|
35 | error = returnErrorToQString(rv); |
---|
36 | qDebug("%s", qPrintable(error)); |
---|
37 | return false; |
---|
38 | } |
---|
39 | error = returnErrorToQString(rv); |
---|
40 | qDebug("%s", qPrintable(error)); |
---|
41 | return false; |
---|
42 | } |
---|
43 | else |
---|
44 | { |
---|
45 | return true; |
---|
46 | } |
---|
47 | } |
---|
48 | |
---|
49 | void CryptoToken::finalize() { |
---|
50 | CK_RV rv; |
---|
51 | rv = C_Finalize(NULL_PTR); |
---|
52 | QString error(""); |
---|
53 | if (rv != CKR_OK) |
---|
54 | { |
---|
55 | qDebug("** Destruyendo ... ~SmartCard"); |
---|
56 | if (rv == CKR_DEVICE_ERROR) |
---|
57 | { |
---|
58 | error = returnErrorToQString(rv); |
---|
59 | qDebug("%s", qPrintable(error)); |
---|
60 | } |
---|
61 | error = returnErrorToQString(rv); |
---|
62 | qDebug("%s", qPrintable(error)); |
---|
63 | } |
---|
64 | } |
---|
65 | |
---|
66 | CK_SESSION_HANDLE CryptoToken::openSession(char * Pin, CK_SLOT_ID & slotID, bool requiredlogin) |
---|
67 | { |
---|
68 | qDebug("openSession()"); |
---|
69 | QString error(""); |
---|
70 | |
---|
71 | CK_RV rv; |
---|
72 | |
---|
73 | CK_SLOT_ID SlotList[10]; |
---|
74 | CK_ULONG ulCount = sizeof(SlotList)/sizeof(CK_SLOT_ID); |
---|
75 | |
---|
76 | CK_SESSION_HANDLE hSession; |
---|
77 | |
---|
78 | /* |
---|
79 | ** Find the first slot available that has a token present |
---|
80 | */ |
---|
81 | rv = C_GetSlotList(TRUE,SlotList,&ulCount); |
---|
82 | //assert(rv==CKR_OK); |
---|
83 | //assert(ulCount>0); |
---|
84 | //if ( (rv != CKR_OK) && (ulCount<=0) ) |
---|
85 | if (rv != CKR_OK) |
---|
86 | { |
---|
87 | error = returnErrorToQString(rv); |
---|
88 | qDebug("%s", qPrintable("Insertar una tarjeta en el lector. " + error)); |
---|
89 | throw std::runtime_error(qPrintable(error)); |
---|
90 | //return CK_INVALID_HANDLE; |
---|
91 | |
---|
92 | } |
---|
93 | if ( ulCount<=0 ) |
---|
94 | { |
---|
95 | error = returnErrorToQString(rv); |
---|
96 | qDebug("%s", qPrintable("ulCount <= 0"+ error)); |
---|
97 | throw std::runtime_error(qPrintable("Error: no hay dispositivo conectado.")); |
---|
98 | //return CK_INVALID_HANDLE; |
---|
99 | |
---|
100 | } |
---|
101 | //slotID = new CK_SLOT_ID() ; |
---|
102 | slotID = SlotList[0]; |
---|
103 | |
---|
104 | /* |
---|
105 | ** Log in the User to session |
---|
106 | */ |
---|
107 | if ( requiredlogin ) { |
---|
108 | |
---|
109 | /* |
---|
110 | ** Open a read/write session with this slot's token |
---|
111 | */ |
---|
112 | //rv = C_OpenSession(slotID,CKF_SERIAL_SESSION|CKF_RW_SESSION,0,0,&hSession); |
---|
113 | rv = C_OpenSession(slotID, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, (CK_NOTIFY) NULL_PTR, &hSession); |
---|
114 | |
---|
115 | //assert(rv==CKR_OK); |
---|
116 | if (rv != CKR_OK) |
---|
117 | { |
---|
118 | error = returnErrorToQString(rv); |
---|
119 | qDebug("%s", qPrintable("C_OpenSession" + error)); |
---|
120 | throw std::runtime_error(qPrintable(error)); |
---|
121 | //return CK_INVALID_HANDLE; |
---|
122 | } |
---|
123 | |
---|
124 | rv = C_Login(hSession,CKU_USER, (unsigned char *) Pin,strlen(Pin)); |
---|
125 | //assert(rv==CKR_OK); |
---|
126 | if (rv != CKR_OK) |
---|
127 | { |
---|
128 | error = returnErrorToQString(rv); |
---|
129 | QString plus(""); |
---|
130 | if ((rv == CKR_PIN_INCORRECT) || (rv == CKR_DATA_LEN_RANGE) || (rv == CKR_ARGUMENTS_BAD)) |
---|
131 | plus = "El PIN introducido es incorrecto!"; |
---|
132 | qDebug("%s", qPrintable("C_login: " + error + " " +plus)); |
---|
133 | throw std::runtime_error(qPrintable("Error: pin incorrecto.")); |
---|
134 | //return CK_INVALID_HANDLE; |
---|
135 | } |
---|
136 | |
---|
137 | } else { |
---|
138 | rv = C_OpenSession(slotID, CKF_SERIAL_SESSION, NULL_PTR,(CK_NOTIFY) NULL_PTR, &hSession); |
---|
139 | |
---|
140 | //assert(rv==CKR_OK); |
---|
141 | if (rv != CKR_OK) |
---|
142 | { |
---|
143 | error = returnErrorToQString(rv); |
---|
144 | qDebug("%s", qPrintable("C_OpenSession" + error)); |
---|
145 | throw std::runtime_error(qPrintable(error)); |
---|
146 | //return CK_INVALID_HANDLE; |
---|
147 | } |
---|
148 | } |
---|
149 | /* |
---|
150 | ** Return the session handle and exit |
---|
151 | */ |
---|
152 | return hSession; |
---|
153 | } |
---|
154 | |
---|
155 | |
---|
156 | |
---|
157 | void CryptoToken::closeSession(CK_SESSION_HANDLE hSession) |
---|
158 | { |
---|
159 | CK_RV rv; |
---|
160 | rv = C_CloseSession(hSession); |
---|
161 | QString error(""); |
---|
162 | if (rv != CKR_OK){ |
---|
163 | qDebug("** Destruyendo ... ~SmartCard"); |
---|
164 | if (rv == CKR_DEVICE_ERROR) |
---|
165 | { |
---|
166 | error = returnErrorToQString(rv); |
---|
167 | qDebug("%s", qPrintable("C_Finalize" + error)); |
---|
168 | |
---|
169 | } |
---|
170 | error = returnErrorToQString(rv); |
---|
171 | qDebug("%s", qPrintable("C_Finalize" + error)); |
---|
172 | } |
---|
173 | |
---|
174 | } |
---|
175 | |
---|
176 | |
---|
177 | CK_OBJECT_HANDLE CryptoToken::getPrivateKey(CK_SESSION_HANDLE hSession, CK_SLOT_ID slotID, QString id) |
---|
178 | { |
---|
179 | QString error(""); |
---|
180 | |
---|
181 | CK_RV rv; |
---|
182 | CK_OBJECT_HANDLE hObject = CK_INVALID_HANDLE; |
---|
183 | CK_OBJECT_CLASS objClass = CKO_PRIVATE_KEY; |
---|
184 | CK_ULONG ulCount = 0; |
---|
185 | |
---|
186 | |
---|
187 | //CK_BYTE keyid[strlen(id)+1]; |
---|
188 | //strcpy((char *)keyid,id); |
---|
189 | int idLen = strlen(qPrintable(id))+1; |
---|
190 | |
---|
191 | CK_UTF8CHAR label[idLen]; |
---|
192 | |
---|
193 | strcpy((char *) label, qPrintable(id)); |
---|
194 | qDebug("SmartCard::getPrivateKey label:"); |
---|
195 | qDebug("%s", (char *) label); |
---|
196 | |
---|
197 | //qDebug("VALOR DE keyid"); |
---|
198 | //qDebug((char *)keyid); |
---|
199 | |
---|
200 | CK_ATTRIBUTE privateKeyTemplate[] = { |
---|
201 | { CKA_CLASS, &objClass, sizeof (objClass) }, |
---|
202 | { CKA_LABEL, label, sizeof(label)-1 } |
---|
203 | //{CKA_ID, keyid, sizeof (keyid)} |
---|
204 | }; |
---|
205 | |
---|
206 | CK_ULONG ulTemplateCount = sizeof (privateKeyTemplate) / sizeof (privateKeyTemplate[0]); |
---|
207 | |
---|
208 | /* Pre-condition checks. */ |
---|
209 | assert (hSession != NULL_PTR); |
---|
210 | |
---|
211 | // comienza la busqueda de clave privada |
---|
212 | qDebug ("Inicia busqueda de clave privada ... \n"); |
---|
213 | |
---|
214 | rv = C_FindObjectsInit(hSession, privateKeyTemplate, ulTemplateCount); |
---|
215 | qDebug ("C_FindObjectsInit rv = %x",rv); |
---|
216 | qDebug ("\n"); |
---|
217 | //assert(rv==CKR_OK); |
---|
218 | if (rv != CKR_OK) |
---|
219 | { |
---|
220 | error = returnErrorToQString(rv); |
---|
221 | qDebug("%s", qPrintable("C_FindObjectsInit: "+error)); |
---|
222 | return CK_INVALID_HANDLE; |
---|
223 | |
---|
224 | } |
---|
225 | |
---|
226 | |
---|
227 | // se realiza la busqueda |
---|
228 | rv = C_FindObjects(hSession, &hObject, 1, &ulCount); |
---|
229 | qDebug ("C_FindObjects rv = %x",rv); |
---|
230 | qDebug ("\n"); |
---|
231 | //assert(rv==CKR_OK); |
---|
232 | |
---|
233 | qDebug("*-*-*-*-*getPrivateKey VALOR DE ulCount %u: ", ulCount); |
---|
234 | //if (rv != CKR_OK) |
---|
235 | if ((rv != CKR_OK) )//|| (ulCount == 0)) |
---|
236 | { |
---|
237 | if (ulCount == 0) |
---|
238 | qDebug("ulCount == 0"); |
---|
239 | |
---|
240 | error = returnErrorToQString(rv); |
---|
241 | qDebug("%s", qPrintable("C_FindObjects: "+error)); |
---|
242 | return CK_INVALID_HANDLE; |
---|
243 | |
---|
244 | } |
---|
245 | |
---|
246 | rv = C_FindObjectsFinal(hSession); |
---|
247 | qDebug ("C_FindObjectsFinal rv = %x",rv); |
---|
248 | qDebug ("\n"); |
---|
249 | //assert(rv==CKR_OK); |
---|
250 | if (rv != CKR_OK) |
---|
251 | { |
---|
252 | error = returnErrorToQString(rv); |
---|
253 | qDebug("%s", qPrintable("C_FindObjectsFinal: "+error)); |
---|
254 | return CK_INVALID_HANDLE; |
---|
255 | } |
---|
256 | |
---|
257 | if (ulCount == 0) |
---|
258 | { |
---|
259 | qDebug (" \nNinguna clave privada encontrada!\n"); |
---|
260 | // cerrar la sesion |
---|
261 | /*rv = C_CloseAllSessions(slotID); |
---|
262 | qDebug("C_CloseAllSessions rv = %x", rv); |
---|
263 | qDebug ("\n"); |
---|
264 | assert(rv==CKR_OK);*/ |
---|
265 | return CK_INVALID_HANDLE; |
---|
266 | } |
---|
267 | else |
---|
268 | { |
---|
269 | //qDebug (" \nObjeto encontrado (object=0x%04X)\n", hObject); |
---|
270 | qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", hObject); |
---|
271 | return hObject; |
---|
272 | } |
---|
273 | } |
---|
274 | |
---|
275 | CK_OBJECT_HANDLE CryptoToken::getPrivateKey(CK_SESSION_HANDLE hSession, CK_SLOT_ID slotID, int certificateIndex) |
---|
276 | { |
---|
277 | QString error(""); |
---|
278 | |
---|
279 | CK_RV rv; |
---|
280 | CK_OBJECT_HANDLE hObject = CK_INVALID_HANDLE; |
---|
281 | CK_OBJECT_CLASS objClass = CKO_PRIVATE_KEY; |
---|
282 | CK_ULONG ulCount = 2; |
---|
283 | |
---|
284 | std::vector<CK_OBJECT_HANDLE> objectHandle(ulCount); |
---|
285 | |
---|
286 | //CK_BYTE keyid[strlen(id)+1]; |
---|
287 | //strcpy((char *)keyid,id); |
---|
288 | //int idLen = strlen(qPrintable(id))+1; |
---|
289 | |
---|
290 | //CK_UTF8CHAR label[idLen]; |
---|
291 | |
---|
292 | //strcpy((char *) label, qPrintable(id)); |
---|
293 | //qDebug("SmartCard::getPrivateKey label:"); |
---|
294 | //qDebug((char *) label); |
---|
295 | |
---|
296 | //qDebug("VALOR DE keyid"); |
---|
297 | //qDebug((char *)keyid); |
---|
298 | |
---|
299 | CK_ATTRIBUTE privateKeyTemplate[] = { |
---|
300 | { CKA_CLASS, &objClass, sizeof (objClass) }, |
---|
301 | //{ CKA_LABEL, label, sizeof(label)-1 } |
---|
302 | //{CKA_ID, keyid, sizeof (keyid)} |
---|
303 | }; |
---|
304 | |
---|
305 | CK_ULONG ulTemplateCount = sizeof (privateKeyTemplate) / sizeof (privateKeyTemplate[0]); |
---|
306 | |
---|
307 | /* Pre-condition checks. */ |
---|
308 | assert (hSession != NULL_PTR); |
---|
309 | |
---|
310 | // comienza la busqueda de clave privada |
---|
311 | qDebug ("Inicia busqueda de clave privada ... \n"); |
---|
312 | |
---|
313 | rv = C_FindObjectsInit(hSession, privateKeyTemplate, ulTemplateCount); |
---|
314 | qDebug ("C_FindObjectsInit rv = %x",rv); |
---|
315 | qDebug ("\n"); |
---|
316 | //assert(rv==CKR_OK); |
---|
317 | if (rv != CKR_OK) |
---|
318 | { |
---|
319 | error = returnErrorToQString(rv); |
---|
320 | qDebug("%s", qPrintable("C_FindObjectsInit: "+error)); |
---|
321 | return CK_INVALID_HANDLE; |
---|
322 | |
---|
323 | } |
---|
324 | |
---|
325 | |
---|
326 | // se realiza la busqueda |
---|
327 | //rv = C_FindObjects(hSession, &hObject, 3, &ulCount); |
---|
328 | rv = C_FindObjects(hSession, objectHandle.data(), objectHandle.size(), &ulCount); |
---|
329 | qDebug ("C_FindObjects rv = %x",rv); |
---|
330 | qDebug ("\n"); |
---|
331 | //assert(rv==CKR_OK); |
---|
332 | |
---|
333 | qDebug("*-*-*-*-*getPrivateKey VALOR DE ulCount %u: ", ulCount); |
---|
334 | //if (rv != CKR_OK) |
---|
335 | if ((rv != CKR_OK) )//|| (ulCount == 0)) |
---|
336 | { |
---|
337 | if (ulCount == 0) |
---|
338 | qDebug("ulCount == 0"); |
---|
339 | |
---|
340 | error = returnErrorToQString(rv); |
---|
341 | qDebug("%s", qPrintable("C_FindObjects: "+error)); |
---|
342 | return CK_INVALID_HANDLE; |
---|
343 | |
---|
344 | } |
---|
345 | |
---|
346 | rv = C_FindObjectsFinal(hSession); |
---|
347 | qDebug ("C_FindObjectsFinal rv = %x",rv); |
---|
348 | qDebug ("\n"); |
---|
349 | //assert(rv==CKR_OK); |
---|
350 | if (rv != CKR_OK) |
---|
351 | { |
---|
352 | error = returnErrorToQString(rv); |
---|
353 | qDebug("%s", qPrintable("C_FindObjectsFinal: "+error)); |
---|
354 | return CK_INVALID_HANDLE; |
---|
355 | } |
---|
356 | |
---|
357 | if (ulCount == 0) |
---|
358 | { |
---|
359 | qDebug (" \nNinguna clave privada encontrada!\n"); |
---|
360 | // cerrar la sesion |
---|
361 | /*rv = C_CloseAllSessions(slotID); |
---|
362 | qDebug("C_CloseAllSessions rv = %x", rv); |
---|
363 | qDebug ("\n"); |
---|
364 | assert(rv==CKR_OK);*/ |
---|
365 | return CK_INVALID_HANDLE; |
---|
366 | } |
---|
367 | else |
---|
368 | { |
---|
369 | //qDebug (" \nObjeto encontrado (object=0x%04X)\n", hObject); |
---|
370 | //qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", hObject); |
---|
371 | //return hObject; |
---|
372 | |
---|
373 | objectHandle.resize(ulCount); |
---|
374 | qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", objectHandle[certificateIndex]); |
---|
375 | return objectHandle[certificateIndex]; |
---|
376 | } |
---|
377 | } |
---|
378 | |
---|
379 | |
---|
380 | |
---|
381 | bool CryptoToken::signSomeData(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE privateKey, CK_BYTE_PTR someData, |
---|
382 | CK_ULONG someDataLen, CK_BYTE_PTR sign, CK_ULONG_PTR signLen ) |
---|
383 | { |
---|
384 | CK_RV rv; |
---|
385 | qDebug (" \nProceso de firma digital de datos con la clave privada que mantiene la tarjeta...\n"); |
---|
386 | qDebug("valor de sign antes de firmar: \n %s\n", sign); |
---|
387 | |
---|
388 | //CK_ULONG someDataLen, slen; |
---|
389 | //someDataLen = strlen((char *) someData); |
---|
390 | |
---|
391 | //CK_ULONG slen; |
---|
392 | //slen = BUFFERSIZ; |
---|
393 | //slen = signLen; |
---|
394 | |
---|
395 | // definicion del algoritmo de firma |
---|
396 | CK_MECHANISM signMechanism = { CKM_RSA_PKCS /*CKM_SHA1_RSA_PKCS*/, 0 /*NULL_PTR*/, 0}; |
---|
397 | |
---|
398 | rv = C_SignInit(hSession, &signMechanism, privateKey); |
---|
399 | |
---|
400 | if (rv != CKR_OK) { |
---|
401 | qDebug("C_SignInit: rv = 0x%.8X\n", rv); |
---|
402 | rv = C_CloseSession(hSession); |
---|
403 | qDebug ("C_CloseSession: rv = %x",rv); |
---|
404 | qDebug ("\n"); |
---|
405 | assert(rv == CKR_OK); |
---|
406 | rv = C_Finalize(NULL_PTR); |
---|
407 | qDebug ("C_Finalize: rv = %x",rv); |
---|
408 | qDebug ("\n"); |
---|
409 | assert(rv == CKR_OK); |
---|
410 | return false; |
---|
411 | } |
---|
412 | |
---|
413 | qDebug("C_SignInit: rv = 0x%.8X\n", rv); |
---|
414 | qDebug ("\n"); |
---|
415 | assert(rv==CKR_OK); |
---|
416 | |
---|
417 | rv = C_Sign(hSession, someData, someDataLen, sign, signLen); |
---|
418 | |
---|
419 | if (rv != CKR_OK) { |
---|
420 | qDebug("C_Sign: rv = 0x%.8X\n", rv); |
---|
421 | rv = C_CloseSession(hSession); |
---|
422 | qDebug ("C_CloseSession: rv = %x",rv); |
---|
423 | qDebug ("\n"); |
---|
424 | assert(rv == CKR_OK); |
---|
425 | rv = C_Finalize(NULL_PTR); |
---|
426 | qDebug ("C_Finalize: rv = %x",rv); |
---|
427 | qDebug ("\n"); |
---|
428 | assert(rv == CKR_OK); |
---|
429 | return false;//1; |
---|
430 | } |
---|
431 | |
---|
432 | qDebug("Valor de la firma sign: \n%s\n", sign); |
---|
433 | qDebug("\nValor de signLen: \n%u\n", *signLen); |
---|
434 | |
---|
435 | qDebug("C_Sign: rv = 0x%.8X\n", rv); |
---|
436 | qDebug ("\n"); |
---|
437 | assert(rv==CKR_OK); |
---|
438 | |
---|
439 | |
---|
440 | qDebug("\nMessage was successfully signed with private key!\n"); |
---|
441 | return true; |
---|
442 | |
---|
443 | } |
---|
444 | |
---|
445 | |
---|
446 | std::vector<unsigned char> CryptoToken::signHash(QString hashToSign, QString pin, QString label) |
---|
447 | { |
---|
448 | |
---|
449 | std::vector<unsigned char> hash = fromHex(hashToSign); |
---|
450 | |
---|
451 | QString error(""); |
---|
452 | CK_RV rv; |
---|
453 | |
---|
454 | CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; |
---|
455 | CK_SLOT_ID slotID; |
---|
456 | |
---|
457 | // initialize criptoki |
---|
458 | rv = C_Initialize(NULL_PTR); |
---|
459 | if (rv != CKR_OK) |
---|
460 | { |
---|
461 | if (rv == CKR_DEVICE_ERROR) |
---|
462 | { |
---|
463 | error = returnErrorToQString(rv); |
---|
464 | qDebug("%s", qPrintable(error)); |
---|
465 | throw std::runtime_error(qPrintable(error)); |
---|
466 | } |
---|
467 | error = returnErrorToQString(rv); |
---|
468 | qDebug("%s", qPrintable(error)); |
---|
469 | throw std::runtime_error(qPrintable(error)); |
---|
470 | } |
---|
471 | |
---|
472 | hSession = openSession((char *) qPrintable(pin), slotID); |
---|
473 | if (hSession == CK_INVALID_HANDLE) |
---|
474 | { |
---|
475 | qDebug("Fallo ptr_SC->openSession"); |
---|
476 | rv = C_Finalize(NULL_PTR); |
---|
477 | qDebug("C_Finalize: rv = %x",rv); |
---|
478 | assert(rv == CKR_OK); |
---|
479 | throw std::runtime_error("Error openning a session"); |
---|
480 | } |
---|
481 | |
---|
482 | // obtencion de la clave privada para firmar los datos |
---|
483 | CK_OBJECT_HANDLE privateKey = CK_INVALID_HANDLE; |
---|
484 | |
---|
485 | //QString label = "New Key aaraujo"; |
---|
486 | privateKey = getPrivateKey(hSession, slotID, label); |
---|
487 | |
---|
488 | // https://github.com/open-eid/chrome-token-signing/blob/master/host-shared/PKCS11CardManager.h |
---|
489 | |
---|
490 | if (privateKey == CK_INVALID_HANDLE) |
---|
491 | { |
---|
492 | qDebug("Fallo ptr_SC->getPrivateKey"); |
---|
493 | rv = C_CloseSession(hSession); |
---|
494 | qDebug("C_CloseSession: rv = %x",rv); |
---|
495 | assert(rv == CKR_OK); |
---|
496 | rv = C_Finalize(NULL_PTR); |
---|
497 | qDebug("C_Finalize: rv = %x",rv); |
---|
498 | assert(rv == CKR_OK); |
---|
499 | throw std::runtime_error("Error finding private key"); |
---|
500 | } |
---|
501 | |
---|
502 | CK_MECHANISM mechanism = {CKM_RSA_PKCS, 0, 0}; |
---|
503 | |
---|
504 | |
---|
505 | rv = C_SignInit(hSession, &mechanism, privateKey); |
---|
506 | |
---|
507 | if (rv != CKR_OK) { |
---|
508 | qDebug("C_SignInit: rv = 0x%.8X\n", rv); |
---|
509 | rv = C_CloseSession(hSession); |
---|
510 | qDebug ("C_CloseSession: rv = %x",rv); |
---|
511 | qDebug ("\n"); |
---|
512 | assert(rv == CKR_OK); |
---|
513 | rv = C_Finalize(NULL_PTR); |
---|
514 | qDebug ("C_Finalize: rv = %x",rv); |
---|
515 | qDebug ("\n"); |
---|
516 | assert(rv == CKR_OK); |
---|
517 | throw std::runtime_error("Error C_SignInit"); |
---|
518 | } |
---|
519 | |
---|
520 | qDebug("C_SignInit: rv = 0x%.8X\n", rv); |
---|
521 | qDebug ("\n"); |
---|
522 | assert(rv==CKR_OK); |
---|
523 | |
---|
524 | std::vector<unsigned char> hashWithPadding; |
---|
525 | switch (hash.size()) { |
---|
526 | case BINARY_SHA1_LENGTH: |
---|
527 | hashWithPadding = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}; |
---|
528 | break; |
---|
529 | case BINARY_SHA224_LENGTH: |
---|
530 | hashWithPadding = {0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c}; |
---|
531 | break; |
---|
532 | case BINARY_SHA256_LENGTH: |
---|
533 | hashWithPadding = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}; |
---|
534 | break; |
---|
535 | case BINARY_SHA384_LENGTH: |
---|
536 | hashWithPadding = {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}; |
---|
537 | break; |
---|
538 | case BINARY_SHA512_LENGTH: |
---|
539 | hashWithPadding = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}; |
---|
540 | break; |
---|
541 | default: |
---|
542 | throw std::runtime_error("incorrect digest length, dropping padding"); |
---|
543 | } |
---|
544 | hashWithPadding.insert(hashWithPadding.end(), hash.begin(), hash.end()); |
---|
545 | |
---|
546 | CK_ULONG signatureLength = 0; |
---|
547 | |
---|
548 | |
---|
549 | rv = C_Sign(hSession, hashWithPadding.data(), hashWithPadding.size(), nullptr, &signatureLength); |
---|
550 | |
---|
551 | if (rv != CKR_OK) { |
---|
552 | qDebug("C_Sign: rv = 0x%.8X\n", rv); |
---|
553 | rv = C_CloseSession(hSession); |
---|
554 | qDebug ("C_CloseSession: rv = %x",rv); |
---|
555 | qDebug ("\n"); |
---|
556 | assert(rv == CKR_OK); |
---|
557 | rv = C_Finalize(NULL_PTR); |
---|
558 | qDebug ("C_Finalize: rv = %x",rv); |
---|
559 | qDebug ("\n"); |
---|
560 | assert(rv == CKR_OK); |
---|
561 | throw std::runtime_error("Error C_Sign1"); |
---|
562 | } |
---|
563 | |
---|
564 | std::vector<unsigned char> signature(signatureLength, 0); |
---|
565 | |
---|
566 | rv = C_Sign(hSession, hashWithPadding.data(), hashWithPadding.size(), signature.data(), &signatureLength); |
---|
567 | |
---|
568 | if (rv != CKR_OK) { |
---|
569 | qDebug("C_Sign: rv = 0x%.8X\n", rv); |
---|
570 | rv = C_CloseSession(hSession); |
---|
571 | qDebug ("C_CloseSession: rv = %x",rv); |
---|
572 | qDebug ("\n"); |
---|
573 | assert(rv == CKR_OK); |
---|
574 | rv = C_Finalize(NULL_PTR); |
---|
575 | qDebug ("C_Finalize: rv = %x",rv); |
---|
576 | qDebug ("\n"); |
---|
577 | assert(rv == CKR_OK); |
---|
578 | throw std::runtime_error("Error C_Sign2"); |
---|
579 | } |
---|
580 | |
---|
581 | |
---|
582 | qDebug("C_Sign: rv = 0x%.8X\n", rv); |
---|
583 | qDebug ("\n"); |
---|
584 | assert(rv==CKR_OK); |
---|
585 | |
---|
586 | closeSession(hSession); |
---|
587 | finalize(); |
---|
588 | |
---|
589 | return signature; |
---|
590 | |
---|
591 | } |
---|
592 | |
---|
593 | std::vector<unsigned char> CryptoToken::signHash(QString hashToSign, QString pin, int certificateIndex) |
---|
594 | { |
---|
595 | |
---|
596 | std::vector<unsigned char> hash = fromHex(hashToSign); |
---|
597 | |
---|
598 | QString error(""); |
---|
599 | CK_RV rv; |
---|
600 | |
---|
601 | CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; |
---|
602 | CK_SLOT_ID slotID; |
---|
603 | |
---|
604 | // initialize criptoki |
---|
605 | rv = C_Initialize(NULL_PTR); |
---|
606 | if (rv != CKR_OK) |
---|
607 | { |
---|
608 | if (rv == CKR_DEVICE_ERROR) |
---|
609 | { |
---|
610 | error = returnErrorToQString(rv); |
---|
611 | qDebug("%s", qPrintable(error)); |
---|
612 | throw std::runtime_error(qPrintable(error)); |
---|
613 | } |
---|
614 | error = returnErrorToQString(rv); |
---|
615 | qDebug("%s", qPrintable(error)); |
---|
616 | throw std::runtime_error(qPrintable(error)); |
---|
617 | } |
---|
618 | |
---|
619 | hSession = openSession((char *) qPrintable(pin), slotID); |
---|
620 | if (hSession == CK_INVALID_HANDLE) |
---|
621 | { |
---|
622 | qDebug("Fallo ptr_SC->openSession"); |
---|
623 | rv = C_Finalize(NULL_PTR); |
---|
624 | qDebug("C_Finalize: rv = %x",rv); |
---|
625 | assert(rv == CKR_OK); |
---|
626 | throw std::runtime_error("Error openning a session"); |
---|
627 | } |
---|
628 | |
---|
629 | // obtencion de la clave privada para firmar los datos |
---|
630 | CK_OBJECT_HANDLE privateKey = CK_INVALID_HANDLE; |
---|
631 | |
---|
632 | //QString label = "New Key aaraujo"; |
---|
633 | privateKey = getPrivateKey(hSession, slotID, certificateIndex); |
---|
634 | |
---|
635 | // https://github.com/open-eid/chrome-token-signing/blob/master/host-shared/PKCS11CardManager.h |
---|
636 | |
---|
637 | if (privateKey == CK_INVALID_HANDLE) |
---|
638 | { |
---|
639 | qDebug("Fallo ptr_SC->getPrivateKey"); |
---|
640 | rv = C_CloseSession(hSession); |
---|
641 | qDebug("C_CloseSession: rv = %x",rv); |
---|
642 | assert(rv == CKR_OK); |
---|
643 | rv = C_Finalize(NULL_PTR); |
---|
644 | qDebug("C_Finalize: rv = %x",rv); |
---|
645 | assert(rv == CKR_OK); |
---|
646 | throw std::runtime_error("Error finding private key"); |
---|
647 | } |
---|
648 | |
---|
649 | CK_MECHANISM mechanism = {CKM_RSA_PKCS, 0, 0}; |
---|
650 | |
---|
651 | |
---|
652 | rv = C_SignInit(hSession, &mechanism, privateKey); |
---|
653 | |
---|
654 | if (rv != CKR_OK) { |
---|
655 | qDebug("C_SignInit: rv = 0x%.8X\n", rv); |
---|
656 | rv = C_CloseSession(hSession); |
---|
657 | qDebug ("C_CloseSession: rv = %x",rv); |
---|
658 | qDebug ("\n"); |
---|
659 | assert(rv == CKR_OK); |
---|
660 | rv = C_Finalize(NULL_PTR); |
---|
661 | qDebug ("C_Finalize: rv = %x",rv); |
---|
662 | qDebug ("\n"); |
---|
663 | assert(rv == CKR_OK); |
---|
664 | throw std::runtime_error("Error C_SignInit"); |
---|
665 | } |
---|
666 | |
---|
667 | qDebug("C_SignInit: rv = 0x%.8X\n", rv); |
---|
668 | qDebug ("\n"); |
---|
669 | assert(rv==CKR_OK); |
---|
670 | |
---|
671 | std::vector<unsigned char> hashWithPadding; |
---|
672 | switch (hash.size()) { |
---|
673 | case BINARY_SHA1_LENGTH: |
---|
674 | hashWithPadding = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}; |
---|
675 | break; |
---|
676 | case BINARY_SHA224_LENGTH: |
---|
677 | hashWithPadding = {0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c}; |
---|
678 | break; |
---|
679 | case BINARY_SHA256_LENGTH: |
---|
680 | hashWithPadding = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}; |
---|
681 | break; |
---|
682 | case BINARY_SHA384_LENGTH: |
---|
683 | hashWithPadding = {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}; |
---|
684 | break; |
---|
685 | case BINARY_SHA512_LENGTH: |
---|
686 | hashWithPadding = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}; |
---|
687 | break; |
---|
688 | default: |
---|
689 | throw std::runtime_error("incorrect digest length, dropping padding"); |
---|
690 | } |
---|
691 | hashWithPadding.insert(hashWithPadding.end(), hash.begin(), hash.end()); |
---|
692 | |
---|
693 | CK_ULONG signatureLength = 0; |
---|
694 | |
---|
695 | |
---|
696 | rv = C_Sign(hSession, hashWithPadding.data(), hashWithPadding.size(), nullptr, &signatureLength); |
---|
697 | |
---|
698 | if (rv != CKR_OK) { |
---|
699 | qDebug("C_Sign: rv = 0x%.8X\n", rv); |
---|
700 | rv = C_CloseSession(hSession); |
---|
701 | qDebug ("C_CloseSession: rv = %x",rv); |
---|
702 | qDebug ("\n"); |
---|
703 | assert(rv == CKR_OK); |
---|
704 | rv = C_Finalize(NULL_PTR); |
---|
705 | qDebug ("C_Finalize: rv = %x",rv); |
---|
706 | qDebug ("\n"); |
---|
707 | assert(rv == CKR_OK); |
---|
708 | throw std::runtime_error("Error C_Sign1"); |
---|
709 | } |
---|
710 | |
---|
711 | std::vector<unsigned char> signature(signatureLength, 0); |
---|
712 | |
---|
713 | rv = C_Sign(hSession, hashWithPadding.data(), hashWithPadding.size(), signature.data(), &signatureLength); |
---|
714 | |
---|
715 | if (rv != CKR_OK) { |
---|
716 | qDebug("C_Sign: rv = 0x%.8X\n", rv); |
---|
717 | rv = C_CloseSession(hSession); |
---|
718 | qDebug ("C_CloseSession: rv = %x",rv); |
---|
719 | qDebug ("\n"); |
---|
720 | assert(rv == CKR_OK); |
---|
721 | rv = C_Finalize(NULL_PTR); |
---|
722 | qDebug ("C_Finalize: rv = %x",rv); |
---|
723 | qDebug ("\n"); |
---|
724 | assert(rv == CKR_OK); |
---|
725 | throw std::runtime_error("Error C_Sign2"); |
---|
726 | } |
---|
727 | |
---|
728 | |
---|
729 | qDebug("C_Sign: rv = 0x%.8X\n", rv); |
---|
730 | qDebug ("\n"); |
---|
731 | assert(rv==CKR_OK); |
---|
732 | |
---|
733 | closeSession(hSession); |
---|
734 | finalize(); |
---|
735 | |
---|
736 | return signature; |
---|
737 | |
---|
738 | } |
---|
739 | |
---|
740 | |
---|
741 | /* |
---|
742 | std::vector<CK_OBJECT_HANDLE> CryptoToken::findObject(CK_OBJECT_CLASS objectClass, CK_ULONG max = 2) const { |
---|
743 | if (!fl) { |
---|
744 | throw std::runtime_error("PKCS11 is not loaded"); |
---|
745 | } |
---|
746 | CK_ATTRIBUTE searchAttribute = {CKA_CLASS, &objectClass, sizeof(objectClass)}; |
---|
747 | |
---|
748 | |
---|
749 | |
---|
750 | C(FindObjectsInit, session, &searchAttribute, 1); |
---|
751 | CK_ULONG objectCount = max; |
---|
752 | std::vector<CK_OBJECT_HANDLE> objectHandle(objectCount); |
---|
753 | C(FindObjects, session, objectHandle.data(), objectHandle.size(), &objectCount); |
---|
754 | C(FindObjectsFinal, session); |
---|
755 | objectHandle.resize(objectCount); |
---|
756 | return objectHandle; |
---|
757 | } |
---|
758 | */ |
---|
759 | |
---|
760 | QStringList CryptoToken::getPrivateKeyLabels(QString pin) |
---|
761 | { |
---|
762 | qDebug("...CryptoToken::getPrivateKeyLabels"); |
---|
763 | QStringList list; |
---|
764 | |
---|
765 | QString error(""); |
---|
766 | CK_RV rv; |
---|
767 | |
---|
768 | CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; |
---|
769 | CK_SLOT_ID slotID; |
---|
770 | |
---|
771 | // initialize criptoki |
---|
772 | rv = C_Initialize(NULL_PTR); |
---|
773 | if (rv != CKR_OK) |
---|
774 | { |
---|
775 | if (rv == CKR_DEVICE_ERROR) |
---|
776 | { |
---|
777 | error = returnErrorToQString(rv); |
---|
778 | qDebug("%s", qPrintable(error)); |
---|
779 | throw std::runtime_error(qPrintable(error)); |
---|
780 | } |
---|
781 | error = returnErrorToQString(rv); |
---|
782 | qDebug("%s", qPrintable(error)); |
---|
783 | throw std::runtime_error(qPrintable(error)); |
---|
784 | } |
---|
785 | |
---|
786 | hSession = openSession((char *) qPrintable(pin), slotID, false); |
---|
787 | if (hSession == CK_INVALID_HANDLE) |
---|
788 | { |
---|
789 | qDebug("Fallo ptr_SC->openSession"); |
---|
790 | rv = C_Finalize(NULL_PTR); |
---|
791 | qDebug("C_Finalize: rv = %x",rv); |
---|
792 | assert(rv == CKR_OK); |
---|
793 | throw std::runtime_error("Error openning a session"); |
---|
794 | } |
---|
795 | |
---|
796 | CK_OBJECT_CLASS objectClass = CKO_PRIVATE_KEY; |
---|
797 | //CK_OBJECT_CLASS objectClass = CKO_PUBLIC_KEY; |
---|
798 | //CK_OBJECT_CLASS objectClass = CKO_CERTIFICATE; |
---|
799 | |
---|
800 | CK_OBJECT_HANDLE hObject = CK_INVALID_HANDLE; |
---|
801 | CK_ATTRIBUTE searchAttribute = {CKA_CLASS, &objectClass, sizeof(objectClass)}; |
---|
802 | CK_ULONG ulCount = 0; |
---|
803 | |
---|
804 | rv = C_FindObjectsInit(hSession, &searchAttribute, 1); |
---|
805 | qDebug ("C_FindObjectsInit rv = %x",rv); |
---|
806 | qDebug ("\n"); |
---|
807 | //assert(rv==CKR_OK); |
---|
808 | if (rv != CKR_OK) |
---|
809 | { |
---|
810 | error = returnErrorToQString(rv); |
---|
811 | qDebug("%s", qPrintable("C_FindObjectsInit: "+error)); |
---|
812 | //return list; |
---|
813 | throw std::runtime_error(qPrintable(error)); |
---|
814 | } |
---|
815 | |
---|
816 | CK_ULONG objectCount = 3; |
---|
817 | std::vector<CK_OBJECT_HANDLE> objectHandle(objectCount); |
---|
818 | |
---|
819 | // se realiza la busqueda |
---|
820 | //rv = C_FindObjects(hSession, &hObject, 2, &ulCount); |
---|
821 | rv = C_FindObjects(hSession, objectHandle.data(), objectHandle.size(), &objectCount); |
---|
822 | |
---|
823 | qDebug ("C_FindObjects rv = %x",rv); |
---|
824 | qDebug ("\n"); |
---|
825 | //assert(rv==CKR_OK); |
---|
826 | |
---|
827 | qDebug("*-*-*-*-*getPrivateKeyLabels VALOR DE objectCount %u: ", objectCount); |
---|
828 | //if (rv != CKR_OK) |
---|
829 | if ((rv != CKR_OK) )//|| (ulCount == 0)) |
---|
830 | { |
---|
831 | if (ulCount == 0) |
---|
832 | qDebug("ulCount == 0"); |
---|
833 | |
---|
834 | error = returnErrorToQString(rv); |
---|
835 | qDebug("%s", qPrintable("C_FindObjects: "+error)); |
---|
836 | //return list; |
---|
837 | throw std::runtime_error(qPrintable(error)); |
---|
838 | } |
---|
839 | |
---|
840 | rv = C_FindObjectsFinal(hSession); |
---|
841 | qDebug ("C_FindObjectsFinal rv = %x",rv); |
---|
842 | qDebug ("\n"); |
---|
843 | //assert(rv==CKR_OK); |
---|
844 | if (rv != CKR_OK) |
---|
845 | { |
---|
846 | error = returnErrorToQString(rv); |
---|
847 | qDebug("%s", qPrintable("C_FindObjectsFinal: "+error)); |
---|
848 | //return list; |
---|
849 | throw std::runtime_error(qPrintable(error)); |
---|
850 | } |
---|
851 | objectHandle.resize(objectCount); |
---|
852 | |
---|
853 | //if (ulCount == 0) |
---|
854 | if (objectHandle.size() == 0) |
---|
855 | { |
---|
856 | qDebug (" \nNingun objeto encontrado!\n"); |
---|
857 | // cerrar la sesion |
---|
858 | /*rv = C_CloseAllSessions(slotID); |
---|
859 | qDebug("C_CloseAllSessions rv = %x", rv); |
---|
860 | qDebug ("\n"); |
---|
861 | assert(rv==CKR_OK);*/ |
---|
862 | //return list; |
---|
863 | throw std::runtime_error(qPrintable(error)); |
---|
864 | } |
---|
865 | else |
---|
866 | { |
---|
867 | //qDebug (" \nObjeto encontrado (object=0x%04X)\n", hObject); |
---|
868 | qDebug("se econtraron %d objetos", objectHandle.size()); |
---|
869 | //qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", hObject); |
---|
870 | for (int i=0; i< objectHandle.size(); i++) |
---|
871 | { |
---|
872 | qDebug("objeto encontrado: 0x%4X", objectHandle[i]); |
---|
873 | list.append(getKeyLabel(hSession, objectHandle[i])); |
---|
874 | } |
---|
875 | } |
---|
876 | |
---|
877 | closeSession(hSession); |
---|
878 | finalize(); |
---|
879 | |
---|
880 | return list; |
---|
881 | } |
---|
882 | |
---|
883 | QStringList CryptoToken::getLabel() |
---|
884 | { |
---|
885 | qDebug("...CryptoToken::getLabel"); |
---|
886 | QStringList list; |
---|
887 | |
---|
888 | QString error(""); |
---|
889 | CK_RV rv; |
---|
890 | |
---|
891 | CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; |
---|
892 | CK_SLOT_ID slotID; |
---|
893 | |
---|
894 | // initialize criptoki |
---|
895 | rv = C_Initialize(NULL_PTR); |
---|
896 | if (rv != CKR_OK) |
---|
897 | { |
---|
898 | if (rv == CKR_DEVICE_ERROR) |
---|
899 | { |
---|
900 | error = returnErrorToQString(rv); |
---|
901 | qDebug("%s", qPrintable(error)); |
---|
902 | throw std::runtime_error(qPrintable(error)); |
---|
903 | } |
---|
904 | error = returnErrorToQString(rv); |
---|
905 | qDebug("%s", qPrintable(error)); |
---|
906 | throw std::runtime_error(qPrintable(error)); |
---|
907 | } |
---|
908 | |
---|
909 | hSession = openSession((char *) qPrintable(/*pin*/ ""), slotID, false); |
---|
910 | if (hSession == CK_INVALID_HANDLE) |
---|
911 | { |
---|
912 | qDebug("Fallo ptr_SC->openSession"); |
---|
913 | rv = C_Finalize(NULL_PTR); |
---|
914 | qDebug("C_Finalize: rv = %x",rv); |
---|
915 | assert(rv == CKR_OK); |
---|
916 | throw std::runtime_error("Error openning a session"); |
---|
917 | } |
---|
918 | |
---|
919 | //CK_OBJECT_CLASS objectClass = CKO_PRIVATE_KEY; |
---|
920 | CK_OBJECT_CLASS objectClass = CKO_PUBLIC_KEY; |
---|
921 | //CK_OBJECT_CLASS objectClass = CKO_CERTIFICATE; |
---|
922 | |
---|
923 | CK_OBJECT_HANDLE hObject = CK_INVALID_HANDLE; |
---|
924 | CK_ATTRIBUTE searchAttribute = {CKA_CLASS, &objectClass, sizeof(objectClass)}; |
---|
925 | CK_ULONG ulCount = 0; |
---|
926 | |
---|
927 | rv = C_FindObjectsInit(hSession, &searchAttribute, 1); |
---|
928 | qDebug ("C_FindObjectsInit rv = %x",rv); |
---|
929 | qDebug ("\n"); |
---|
930 | //assert(rv==CKR_OK); |
---|
931 | if (rv != CKR_OK) |
---|
932 | { |
---|
933 | error = returnErrorToQString(rv); |
---|
934 | qDebug("%s", qPrintable("C_FindObjectsInit: "+error)); |
---|
935 | //return list; |
---|
936 | throw std::runtime_error(qPrintable(error)); |
---|
937 | } |
---|
938 | |
---|
939 | CK_ULONG objectCount = 3; |
---|
940 | std::vector<CK_OBJECT_HANDLE> objectHandle(objectCount); |
---|
941 | |
---|
942 | // se realiza la busqueda |
---|
943 | //rv = C_FindObjects(hSession, &hObject, 2, &ulCount); |
---|
944 | rv = C_FindObjects(hSession, objectHandle.data(), objectHandle.size(), &objectCount); |
---|
945 | |
---|
946 | qDebug ("C_FindObjects rv = %x",rv); |
---|
947 | qDebug ("\n"); |
---|
948 | //assert(rv==CKR_OK); |
---|
949 | |
---|
950 | qDebug("*-*-*-*-*getPrivateKeyLabels VALOR DE objectCount %u: ", objectCount); |
---|
951 | //if (rv != CKR_OK) |
---|
952 | if ((rv != CKR_OK) )//|| (ulCount == 0)) |
---|
953 | { |
---|
954 | if (ulCount == 0) |
---|
955 | qDebug("ulCount == 0"); |
---|
956 | |
---|
957 | error = returnErrorToQString(rv); |
---|
958 | qDebug("%s", qPrintable("C_FindObjects: "+error)); |
---|
959 | //return list; |
---|
960 | throw std::runtime_error(qPrintable(error)); |
---|
961 | } |
---|
962 | |
---|
963 | rv = C_FindObjectsFinal(hSession); |
---|
964 | qDebug ("C_FindObjectsFinal rv = %x",rv); |
---|
965 | qDebug ("\n"); |
---|
966 | //assert(rv==CKR_OK); |
---|
967 | if (rv != CKR_OK) |
---|
968 | { |
---|
969 | error = returnErrorToQString(rv); |
---|
970 | qDebug("%s", qPrintable("C_FindObjectsFinal: "+error)); |
---|
971 | //return list; |
---|
972 | throw std::runtime_error(qPrintable(error)); |
---|
973 | } |
---|
974 | objectHandle.resize(objectCount); |
---|
975 | |
---|
976 | //if (ulCount == 0) |
---|
977 | if (objectHandle.size() == 0) |
---|
978 | { |
---|
979 | qDebug (" \nNingun objeto encontrado!\n"); |
---|
980 | // cerrar la sesion |
---|
981 | /*rv = C_CloseAllSessions(slotID); |
---|
982 | qDebug("C_CloseAllSessions rv = %x", rv); |
---|
983 | qDebug ("\n"); |
---|
984 | assert(rv==CKR_OK);*/ |
---|
985 | //return list; |
---|
986 | throw std::runtime_error(qPrintable(error)); |
---|
987 | } |
---|
988 | else |
---|
989 | { |
---|
990 | //qDebug (" \nObjeto encontrado (object=0x%04X)\n", hObject); |
---|
991 | qDebug("se econtraron %d objetos", objectHandle.size()); |
---|
992 | //qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", hObject); |
---|
993 | for (int i=0; i< objectHandle.size(); i++) |
---|
994 | { |
---|
995 | qDebug("objeto encontrado: 0x%4X", objectHandle[i]); |
---|
996 | list.append(getKeyLabel(hSession, objectHandle[i])); |
---|
997 | qDebug("label: %s", qPrintable(getKeyLabel(hSession, objectHandle[i]))); |
---|
998 | } |
---|
999 | } |
---|
1000 | |
---|
1001 | closeSession(hSession); |
---|
1002 | finalize(); |
---|
1003 | |
---|
1004 | return list; |
---|
1005 | |
---|
1006 | |
---|
1007 | |
---|
1008 | |
---|
1009 | } |
---|
1010 | |
---|
1011 | |
---|
1012 | QString CryptoToken::getKeyLabel(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE key) |
---|
1013 | { |
---|
1014 | qDebug("CryptoToken::getKeyLabel"); |
---|
1015 | |
---|
1016 | CK_RV rv = CKR_OK; |
---|
1017 | CK_ATTRIBUTE keyid_attr[1] = { |
---|
1018 | { CKA_LABEL, NULL, 0 } |
---|
1019 | //{ CKA_VALUE, NULL, 0 } |
---|
1020 | }; |
---|
1021 | |
---|
1022 | if ((rv = C_GetAttributeValue(hSession, key, keyid_attr, 1)) != CKR_OK) |
---|
1023 | { |
---|
1024 | //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la obtencion del atributo ID")); |
---|
1025 | qDebug("fallo la obtencion del atributo ID"); |
---|
1026 | return ""; |
---|
1027 | } |
---|
1028 | |
---|
1029 | if ((keyid_attr[0].pValue = malloc(keyid_attr[0].ulValueLen)) == NULL) |
---|
1030 | { |
---|
1031 | //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la asignacion de memoria del atributo ID")); |
---|
1032 | qDebug("fallo la asignacion de memoria del atributo ID"); |
---|
1033 | return ""; |
---|
1034 | } |
---|
1035 | if ((rv = C_GetAttributeValue(hSession, key, keyid_attr, 1)) != CKR_OK) |
---|
1036 | { |
---|
1037 | //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la obtencion 2 del atributo ID")); |
---|
1038 | qDebug("fallo la obtencion 2 del atributo ID"); |
---|
1039 | return ""; |
---|
1040 | } |
---|
1041 | |
---|
1042 | //qDebug("\n*-** VALOR DE ID: %s\n", keyid_attr[0].pValue); |
---|
1043 | qDebug("\n*-** VALOR DE atributo: %s\n", keyid_attr[0].pValue); |
---|
1044 | QString label = (const char *) keyid_attr[0].pValue; |
---|
1045 | |
---|
1046 | qDebug("%s", qPrintable(label)); |
---|
1047 | qDebug("%s", qPrintable(QString::number(label.size()))); |
---|
1048 | |
---|
1049 | return label; |
---|
1050 | } |
---|
1051 | |
---|
1052 | |
---|
1053 | QList<QStringList> CryptoToken::getCertificateCNandExpirationDate() |
---|
1054 | { |
---|
1055 | qDebug("...CryptoToken::getCertificateCNandExpirationDate"); |
---|
1056 | QList<QStringList> list; |
---|
1057 | |
---|
1058 | QString error(""); |
---|
1059 | CK_RV rv; |
---|
1060 | |
---|
1061 | CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; |
---|
1062 | CK_SLOT_ID slotID; |
---|
1063 | |
---|
1064 | // initialize criptoki |
---|
1065 | rv = C_Initialize(NULL_PTR); |
---|
1066 | if (rv != CKR_OK) |
---|
1067 | { |
---|
1068 | if (rv == CKR_DEVICE_ERROR) |
---|
1069 | { |
---|
1070 | qDebug("CKR_DEVICE_ERROR"); |
---|
1071 | error = returnErrorToQString(rv); |
---|
1072 | qDebug("%s", qPrintable(error)); |
---|
1073 | throw std::runtime_error(qPrintable(error)); |
---|
1074 | } |
---|
1075 | qDebug("****"); |
---|
1076 | error = returnErrorToQString(rv); |
---|
1077 | qDebug("%s", qPrintable(error)); |
---|
1078 | throw std::runtime_error(qPrintable(error)); |
---|
1079 | } |
---|
1080 | |
---|
1081 | //hSession = openSession((char *) qPrintable(pin), slotID); |
---|
1082 | hSession = openSession((char *) qPrintable(""), slotID, false); |
---|
1083 | if (hSession == CK_INVALID_HANDLE) |
---|
1084 | { |
---|
1085 | qDebug("Fallo ptr_SC->openSession"); |
---|
1086 | rv = C_Finalize(NULL_PTR); |
---|
1087 | qDebug("C_Finalize: rv = %x",rv); |
---|
1088 | assert(rv == CKR_OK); |
---|
1089 | throw std::runtime_error("Error openning a session inside the device"); |
---|
1090 | } |
---|
1091 | |
---|
1092 | CK_OBJECT_CLASS objectClass = CKO_CERTIFICATE; |
---|
1093 | |
---|
1094 | CK_OBJECT_HANDLE hObject = CK_INVALID_HANDLE; |
---|
1095 | CK_ATTRIBUTE searchAttribute = {CKA_CLASS, &objectClass, sizeof(objectClass)}; |
---|
1096 | CK_ULONG ulCount = 0; |
---|
1097 | |
---|
1098 | rv = C_FindObjectsInit(hSession, &searchAttribute, 1); |
---|
1099 | qDebug ("C_FindObjectsInit rv = %x",rv); |
---|
1100 | qDebug ("\n"); |
---|
1101 | //assert(rv==CKR_OK); |
---|
1102 | if (rv != CKR_OK) |
---|
1103 | { |
---|
1104 | error = returnErrorToQString(rv); |
---|
1105 | qDebug("%s", qPrintable("C_FindObjectsInit: "+error)); |
---|
1106 | //return list; |
---|
1107 | throw std::runtime_error(qPrintable(error)); |
---|
1108 | } |
---|
1109 | |
---|
1110 | CK_ULONG objectCount = 3; |
---|
1111 | std::vector<CK_OBJECT_HANDLE> objectHandle(objectCount); |
---|
1112 | |
---|
1113 | // se realiza la busqueda |
---|
1114 | //rv = C_FindObjects(hSession, &hObject, 2, &ulCount); |
---|
1115 | rv = C_FindObjects(hSession, objectHandle.data(), objectHandle.size(), &objectCount); |
---|
1116 | |
---|
1117 | qDebug ("C_FindObjects rv = %x",rv); |
---|
1118 | qDebug ("\n"); |
---|
1119 | //assert(rv==CKR_OK); |
---|
1120 | |
---|
1121 | qDebug("*-*-*-*-*getPrivateKeyLabels VALOR DE objectCount %u: ", objectCount); |
---|
1122 | //if (rv != CKR_OK) |
---|
1123 | if ((rv != CKR_OK) )//|| (ulCount == 0)) |
---|
1124 | { |
---|
1125 | if (ulCount == 0) |
---|
1126 | qDebug("ulCount == 0"); |
---|
1127 | |
---|
1128 | error = returnErrorToQString(rv); |
---|
1129 | qDebug("%s", qPrintable("C_FindObjects: "+error)); |
---|
1130 | //return list; |
---|
1131 | throw std::runtime_error(qPrintable(error)); |
---|
1132 | } |
---|
1133 | |
---|
1134 | rv = C_FindObjectsFinal(hSession); |
---|
1135 | qDebug ("C_FindObjectsFinal rv = %x",rv); |
---|
1136 | qDebug ("\n"); |
---|
1137 | //assert(rv==CKR_OK); |
---|
1138 | if (rv != CKR_OK) |
---|
1139 | { |
---|
1140 | error = returnErrorToQString(rv); |
---|
1141 | qDebug("%s", qPrintable("C_FindObjectsFinal: "+error)); |
---|
1142 | //return list; |
---|
1143 | throw std::runtime_error(qPrintable(error)); |
---|
1144 | } |
---|
1145 | objectHandle.resize(objectCount); |
---|
1146 | |
---|
1147 | //if (ulCount == 0) |
---|
1148 | if (objectHandle.size() == 0) |
---|
1149 | { |
---|
1150 | qDebug (" \nNingun objeto encontrado!\n"); |
---|
1151 | // cerrar la sesion |
---|
1152 | /*rv = C_CloseAllSessions(slotID); |
---|
1153 | qDebug("C_CloseAllSessions rv = %x", rv); |
---|
1154 | qDebug ("\n"); |
---|
1155 | assert(rv==CKR_OK);*/ |
---|
1156 | //return list; |
---|
1157 | throw std::runtime_error(qPrintable(error)); |
---|
1158 | } |
---|
1159 | else |
---|
1160 | { |
---|
1161 | //qDebug (" \nObjeto encontrado (object=0x%04X)\n", hObject); |
---|
1162 | qDebug("se econtraron %d objetos", objectHandle.size()); |
---|
1163 | //qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", hObject); |
---|
1164 | |
---|
1165 | for (int i=0; i< objectHandle.size(); i++) |
---|
1166 | { |
---|
1167 | QStringList certInformation; |
---|
1168 | qDebug("objeto encontrado: 0x%4X", objectHandle[i]); |
---|
1169 | certInformation = getCertificateInformation(hSession, objectHandle[i]); |
---|
1170 | //list.append(getCertificateInformation(hSession, objectHandle[i])[0]); |
---|
1171 | //list.append(getCertificateInformation(hSession, objectHandle[i])[0]); |
---|
1172 | list.append(certInformation); |
---|
1173 | } |
---|
1174 | } |
---|
1175 | |
---|
1176 | closeSession(hSession); |
---|
1177 | finalize(); |
---|
1178 | |
---|
1179 | return list; |
---|
1180 | } |
---|
1181 | |
---|
1182 | QStringList CryptoToken::getCertificateInformation(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE certificate) |
---|
1183 | { |
---|
1184 | qDebug("...getCertificateInformation..."); |
---|
1185 | |
---|
1186 | CK_RV rv = CKR_OK; |
---|
1187 | CK_ATTRIBUTE keyid_attr[2] = { |
---|
1188 | { CKA_LABEL, NULL, 0 }, |
---|
1189 | { CKA_VALUE, NULL, 0 } |
---|
1190 | }; |
---|
1191 | |
---|
1192 | QStringList list; |
---|
1193 | |
---|
1194 | |
---|
1195 | if ((rv = C_GetAttributeValue(hSession, certificate, keyid_attr, 2)) != CKR_OK) |
---|
1196 | { |
---|
1197 | //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la obtencion del atributo ID")); |
---|
1198 | qDebug("fallo la obtencion del atributo ID"); |
---|
1199 | return list; |
---|
1200 | } |
---|
1201 | |
---|
1202 | if ((keyid_attr[1].pValue = malloc(keyid_attr[1].ulValueLen)) == NULL) |
---|
1203 | { |
---|
1204 | //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la asignacion de memoria del atributo ID")); |
---|
1205 | qDebug("fallo la asignacion de memoria del atributo ID"); |
---|
1206 | return list; |
---|
1207 | } |
---|
1208 | if ((rv = C_GetAttributeValue(hSession, certificate, keyid_attr, 2)) != CKR_OK) |
---|
1209 | { |
---|
1210 | //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la obtencion 2 del atributo ID")); |
---|
1211 | qDebug("fallo la obtencion 2 del atributo ID"); |
---|
1212 | return list; |
---|
1213 | } |
---|
1214 | |
---|
1215 | //qDebug("\n*-** VALOR DE ID: %s\n", keyid_attr[0].pValue); |
---|
1216 | //qDebug("\n*-** VALOR DE atributo: %s\n", keyid_attr[0].pValue); |
---|
1217 | //QString x = (const char *) keyid_attr[1].pValue; |
---|
1218 | |
---|
1219 | //qDebug(qPrintable(x)); |
---|
1220 | //qDebug(qPrintable(QString::number(x.size()))); |
---|
1221 | |
---|
1222 | |
---|
1223 | //qDebug("prueba de generar un QSslCertificate"); |
---|
1224 | |
---|
1225 | QSslCertificate qcert(QByteArray((const char *) keyid_attr[1].pValue, (int) keyid_attr[1].ulValueLen), QSsl::Der); |
---|
1226 | |
---|
1227 | if (qcert.isNull()){ |
---|
1228 | qDebug("qcert es null"); |
---|
1229 | } |
---|
1230 | |
---|
1231 | //qDebug("mira el contenido qcert"); |
---|
1232 | |
---|
1233 | /* |
---|
1234 | QStringList list = qcert.subjectInfo(QSslCertificate::EmailAddress); |
---|
1235 | QStringList l2 = qcert.subjectInfo(QSslCertificate::DistinguishedNameQualifier); |
---|
1236 | QStringList l3 = qcert.subjectInfo( QSslCertificate::CommonName ); |
---|
1237 | QStringList l4 = qcert.subjectInfo( QSslCertificate::Organization ); |
---|
1238 | QStringList l5 = qcert.subjectInfo( QSslCertificate::LocalityName ); |
---|
1239 | QStringList l6 = qcert.subjectInfo( QSslCertificate::OrganizationalUnitName ); |
---|
1240 | QStringList l7 = qcert.subjectInfo( QSslCertificate::StateOrProvinceName ); |
---|
1241 | */ |
---|
1242 | qDebug("List APPENDING...1"); |
---|
1243 | list.append(qcert.subjectInfo( QSslCertificate::CommonName )); |
---|
1244 | list.append(qcert.subjectInfo( QSslCertificate::Organization )); |
---|
1245 | list.append(qcert.expiryDate().date().toString("dd.MM.yyyy")); |
---|
1246 | list.append(qcert.toDer().toHex()); |
---|
1247 | list.append(qcert.toPem()); |
---|
1248 | |
---|
1249 | qDebug("List APPENDING...2...size:|%d|", list.size()); |
---|
1250 | |
---|
1251 | //qDebug(qPrintable(qcert.effectiveDate().date().toString("dd.MM.yyyy"))); |
---|
1252 | //qDebug(qPrintable(qcert.expiryDate().date().toString("dd.MM.yyyy"))); |
---|
1253 | |
---|
1254 | return list; |
---|
1255 | } |
---|
1256 | |
---|
1257 | |
---|
1258 | QList<QStringList> CryptoToken::getDeviceCertificates() |
---|
1259 | { |
---|
1260 | qDebug("...getDeviceCertificates"); |
---|
1261 | |
---|
1262 | |
---|
1263 | //QStringList labelList = getPrivateKeyLabels(pin); |
---|
1264 | |
---|
1265 | QList<QStringList> nameExpirationList = getCertificateCNandExpirationDate(); |
---|
1266 | |
---|
1267 | QList<QStringList> certificateInformationList; |
---|
1268 | |
---|
1269 | for (int i=0; i<nameExpirationList.size()/*labelList.size()*/; i++) |
---|
1270 | { |
---|
1271 | QStringList l; |
---|
1272 | //qDebug("... antes de insertar label"); |
---|
1273 | //l.append(labelList[i]); |
---|
1274 | //qDebug("... antes de insertar commonName"); |
---|
1275 | l.append(nameExpirationList[i][0]); |
---|
1276 | //qDebug("... antes de insertar organizationName"); |
---|
1277 | l.append(nameExpirationList[i][1]); |
---|
1278 | //qDebug("... antes de insertar expirationDate"); |
---|
1279 | l.append(nameExpirationList[i][2]); |
---|
1280 | |
---|
1281 | l.append(nameExpirationList[i][3]); |
---|
1282 | |
---|
1283 | //l.append(nameExpirationList[i][4]); |
---|
1284 | |
---|
1285 | //qDebug("... antes de insertar en certificateInformationList"); |
---|
1286 | certificateInformationList.append(l); |
---|
1287 | } |
---|
1288 | |
---|
1289 | return certificateInformationList; |
---|
1290 | } |
---|
1291 | |
---|
1292 | |
---|
1293 | void CryptoToken::getCertificateAttributes(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hCert) |
---|
1294 | { |
---|
1295 | CK_ATTRIBUTE pTemplate[2] = { |
---|
1296 | //List your desired attributes here |
---|
1297 | { CKA_LABEL, NULL, 0 } |
---|
1298 | //{ CKA_LABEL, NULL, 0 } |
---|
1299 | }; |
---|
1300 | |
---|
1301 | CK_RV rv = C_GetAttributeValue(hSession, hCert, pTemplate, /*pTemplateLen*/ 2); |
---|
1302 | if (rv == CKR_OK) { |
---|
1303 | //here you have your desired certificate attributes |
---|
1304 | qDebug("chequea los atributos"); |
---|
1305 | |
---|
1306 | } |
---|
1307 | } |
---|
1308 | |
---|
1309 | |
---|
1310 | |
---|
1311 | |
---|
1312 | |
---|
1313 | |
---|
1314 | |
---|
1315 | |
---|
1316 | |
---|
1317 | |
---|
1318 | |
---|
1319 | // slot para obtener informacion del modulo PKCS11 |
---|
1320 | QString CryptoToken::getInfoCryptoki() |
---|
1321 | { |
---|
1322 | // Generales |
---|
1323 | //if ( !CHECKACCESS_ONE("smartcard information", "execute") ) return; |
---|
1324 | CK_INFO info; |
---|
1325 | |
---|
1326 | /* Valor devuelto por las funciones */ |
---|
1327 | CK_RV rv; |
---|
1328 | |
---|
1329 | QString error(""); |
---|
1330 | QString mensaje; |
---|
1331 | mensaje.clear(); |
---|
1332 | |
---|
1333 | rv = C_Initialize(NULL_PTR); |
---|
1334 | |
---|
1335 | //fqDebug(stderr, "C_Initialize: rv = 0x%.8X\n", rv); |
---|
1336 | //cout << "valor decimal de rv: " << rv ; |
---|
1337 | |
---|
1338 | //assert(rv == CKR_OK); |
---|
1339 | //mensaje->append("C_Initialize\n"); |
---|
1340 | if (rv != CKR_OK) |
---|
1341 | { |
---|
1342 | |
---|
1343 | if (rv == CKR_DEVICE_ERROR) |
---|
1344 | { |
---|
1345 | error = returnErrorToQString(rv); |
---|
1346 | qDebug("Probablemente el lector no este conectado"); |
---|
1347 | return error; |
---|
1348 | } |
---|
1349 | error = returnErrorToQString(rv); |
---|
1350 | qDebug("valor de x despues de returnError: %s", qPrintable(error)); |
---|
1351 | return error; |
---|
1352 | } |
---|
1353 | |
---|
1354 | |
---|
1355 | rv = C_GetInfo(&info); |
---|
1356 | //fqDebug(stderr, "C_GetInfo: rv = 0x%.8X\n", rv); |
---|
1357 | //cout << "valor decimal de rv: " << rv ; |
---|
1358 | |
---|
1359 | if (rv != CKR_OK) |
---|
1360 | { |
---|
1361 | error = returnErrorToQString(rv); |
---|
1362 | return error; |
---|
1363 | } |
---|
1364 | //assert(rv == CKR_OK); |
---|
1365 | |
---|
1366 | QString y("Descripcion: "); |
---|
1367 | y.append((const char *) info.libraryDescription); |
---|
1368 | mensaje.append(y); |
---|
1369 | |
---|
1370 | QString x("Fabricante: "); |
---|
1371 | x.append((const char *) info.manufacturerID); |
---|
1372 | mensaje.append(x); |
---|
1373 | |
---|
1374 | QString cryptokiVersion("Version: "); |
---|
1375 | cryptokiVersion.append(QString::number(info.cryptokiVersion.major)); |
---|
1376 | cryptokiVersion.append("."); |
---|
1377 | cryptokiVersion.append(QString::number(info.cryptokiVersion.minor)); |
---|
1378 | qDebug("%s", qPrintable(cryptokiVersion)); |
---|
1379 | mensaje.append(cryptokiVersion); |
---|
1380 | |
---|
1381 | rv = C_Finalize(NULL_PTR); |
---|
1382 | if (rv != CKR_OK) |
---|
1383 | { |
---|
1384 | error = returnErrorToQString(rv); |
---|
1385 | return error; |
---|
1386 | } |
---|
1387 | assert(rv == CKR_OK); |
---|
1388 | //mensaje->append("C_Finalize\n"); |
---|
1389 | |
---|
1390 | //qDebug("***********************mensaje:"); |
---|
1391 | //qDebug(qPrintable(mensaje)); |
---|
1392 | return mensaje; |
---|
1393 | } |
---|
1394 | |
---|
1395 | |
---|
1396 | |
---|
1397 | |
---|
1398 | QString CryptoToken::returnErrorToQString(CK_RV rv) |
---|
1399 | { |
---|
1400 | QString x(""); |
---|
1401 | qDebug("returnErrorToQString"); |
---|
1402 | //qDebug("valor de x: ", x); |
---|
1403 | //qDebug("valor de rv: "+ QString::number(rv,16)); |
---|
1404 | |
---|
1405 | /* CK_RV is a value that identifies the return value of a |
---|
1406 | * Cryptoki function */ |
---|
1407 | /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ |
---|
1408 | //typedef CK_ULONG CK_RV; |
---|
1409 | |
---|
1410 | if (rv == CKR_OK) // CKR_OK 0x00000000 |
---|
1411 | { |
---|
1412 | x = "CKR_OK"; |
---|
1413 | } else if (rv == CKR_CANCEL) // CKR_CANCEL 0x00000001 |
---|
1414 | { |
---|
1415 | x = "CKR_CANCEL"; |
---|
1416 | } else if (rv == CKR_HOST_MEMORY) //CKR_HOST_MEMORY 0x00000002 |
---|
1417 | { |
---|
1418 | x = "CKR_HOST_MEMORY"; |
---|
1419 | } else if (rv == CKR_SLOT_ID_INVALID) //CKR_SLOT_ID_INVALID 0x00000003 |
---|
1420 | { |
---|
1421 | x = "CKR_SLOT_ID_INVALID"; |
---|
1422 | } |
---|
1423 | /* CKR_FLAGS_INVALID was removed for v2.0 */ |
---|
1424 | /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ |
---|
1425 | else if (rv == CKR_GENERAL_ERROR) //CKR_GENERAL_ERROR 0x00000005 |
---|
1426 | { |
---|
1427 | x = "CKR_GENERAL_ERROR"; |
---|
1428 | } else if (rv == CKR_FUNCTION_FAILED) //CKR_FUNCTION_FAILED 0x00000006 |
---|
1429 | { |
---|
1430 | x = "CKR_FUNCTION_FAILED"; |
---|
1431 | return x; |
---|
1432 | } |
---|
1433 | /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, |
---|
1434 | * and CKR_CANT_LOCK are new for v2.01 */ |
---|
1435 | else if (rv == CKR_ARGUMENTS_BAD) // CKR_ARGUMENTS_BAD 0x00000007 |
---|
1436 | { |
---|
1437 | x = "CKR_ARGUMENTS_BAD"; |
---|
1438 | } else if (rv == CKR_NO_EVENT) //CKR_NO_EVENT 0x00000008 |
---|
1439 | { |
---|
1440 | x = "CKR_NO_EVENT"; |
---|
1441 | } else if (rv == CKR_NEED_TO_CREATE_THREADS) //CKR_NEED_TO_CREATE_THREADS 0x00000009 |
---|
1442 | { |
---|
1443 | x = "CKR_NEED_TO_CREATE_THREADS"; |
---|
1444 | } else if (rv == CKR_CANT_LOCK) // CKR_CANT_LOCK 0x0000000A |
---|
1445 | { |
---|
1446 | x = "CKR_CANT_LOCK"; |
---|
1447 | } else if (rv == CKR_ATTRIBUTE_READ_ONLY) // CKR_ATTRIBUTE_READ_ONLY 0x00000010 |
---|
1448 | { |
---|
1449 | x = "CKR_ATTRIBUTE_READ_ONLY"; |
---|
1450 | } else if (rv == CKR_ATTRIBUTE_SENSITIVE) // CKR_ATTRIBUTE_SENSITIVE 0x00000011 |
---|
1451 | { |
---|
1452 | x = "CKR_ATTRIBUTE_SENSITIVE"; |
---|
1453 | } else if (rv == CKR_ATTRIBUTE_TYPE_INVALID) // CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 |
---|
1454 | { |
---|
1455 | x = "CKR_ATTRIBUTE_TYPE_INVALID"; |
---|
1456 | return x; |
---|
1457 | } else if (rv == CKR_ATTRIBUTE_VALUE_INVALID)// CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 |
---|
1458 | { |
---|
1459 | x = "CKR_ATTRIBUTE_VALUE_INVALID"; |
---|
1460 | } else if (rv == CKR_DATA_INVALID)//#define CKR_DATA_INVALID 0x00000020 |
---|
1461 | { |
---|
1462 | x = "CKR_DATA_INVALID"; |
---|
1463 | } else if (rv == CKR_DATA_LEN_RANGE) //#define CKR_DATA_LEN_RANGE 0x00000021 |
---|
1464 | { |
---|
1465 | x = "CKR_DATA_LEN_RANGE"; |
---|
1466 | } else if (rv == CKR_DEVICE_ERROR) //#define CKR_DEVICE_ERROR 0x00000030 |
---|
1467 | { |
---|
1468 | x = "CKR_DEVICE_ERROR"; |
---|
1469 | qDebug("FUCK"); |
---|
1470 | } else if (rv == CKR_DEVICE_MEMORY) //#define CKR_DEVICE_MEMORY 0x00000031 |
---|
1471 | { |
---|
1472 | x = "CKR_DEVICE_MEMORY"; |
---|
1473 | |
---|
1474 | } else if (rv == CKR_DEVICE_REMOVED) //#define CKR_DEVICE_REMOVED 0x00000032 |
---|
1475 | { |
---|
1476 | x = "CKR_DEVICE_REMOVED"; |
---|
1477 | } else if (rv == CKR_ENCRYPTED_DATA_INVALID) //#define CKR_ENCRYPTED_DATA_INVALID 0x00000040 |
---|
1478 | { |
---|
1479 | x = "CKR_ENCRYPTED_DATA_INVALID"; |
---|
1480 | } else if (rv == CKR_ENCRYPTED_DATA_LEN_RANGE) //#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 |
---|
1481 | { |
---|
1482 | x = "CKR_ENCRYPTED_DATA_LEN_RANGE"; |
---|
1483 | } else if (rv == CKR_FUNCTION_CANCELED) //#define CKR_FUNCTION_CANCELED 0x00000050 |
---|
1484 | { |
---|
1485 | x = "CKR_FUNCTION_CANCELED"; |
---|
1486 | } else if (rv == CKR_FUNCTION_NOT_PARALLEL) //#define CKR_FUNCTION_NOT_PARALLEL 0x00000051 |
---|
1487 | { |
---|
1488 | x = "CKR_FUNCTION_NOT_PARALLEL"; |
---|
1489 | } |
---|
1490 | /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ |
---|
1491 | else if (rv == CKR_FUNCTION_NOT_SUPPORTED) //#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 |
---|
1492 | { |
---|
1493 | x = "CKR_FUNCTION_NOT_SUPPORTED"; |
---|
1494 | } else if (rv == CKR_KEY_HANDLE_INVALID) //#define CKR_KEY_HANDLE_INVALID 0x00000060 |
---|
1495 | { |
---|
1496 | x = "CKR_KEY_HANDLE_INVALID"; |
---|
1497 | } |
---|
1498 | /* CKR_KEY_SENSITIVE was removed for v2.0 */ |
---|
1499 | else if (rv == CKR_KEY_SIZE_RANGE) //#define CKR_KEY_SIZE_RANGE 0x00000062 |
---|
1500 | { |
---|
1501 | x = "CKR_KEY_SIZE_RANGE"; |
---|
1502 | } else if (rv == CKR_KEY_TYPE_INCONSISTENT)//#define CKR_KEY_TYPE_INCONSISTENT 0x00000063 |
---|
1503 | { |
---|
1504 | x = "CKR_KEY_TYPE_INCONSISTENT"; |
---|
1505 | } |
---|
1506 | /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, |
---|
1507 | * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, |
---|
1508 | * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for |
---|
1509 | * v2.0 */ |
---|
1510 | else if (rv == CKR_KEY_NOT_NEEDED) //#define CKR_KEY_NOT_NEEDED 0x00000064 |
---|
1511 | { |
---|
1512 | x = "CKR_KEY_NOT_NEEDED"; |
---|
1513 | } else if (rv == CKR_KEY_CHANGED) //#define CKR_KEY_CHANGED 0x00000065 |
---|
1514 | { |
---|
1515 | x = "CKR_KEY_CHANGED"; |
---|
1516 | } else if (rv == CKR_KEY_NEEDED) //#define CKR_KEY_NEEDED 0x00000066 |
---|
1517 | { |
---|
1518 | x = "CKR_KEY_NEEDED"; |
---|
1519 | } else if (rv == CKR_KEY_INDIGESTIBLE)//#define CKR_KEY_INDIGESTIBLE 0x00000067 |
---|
1520 | { |
---|
1521 | x = "CKR_KEY_INDIGESTIBLE"; |
---|
1522 | } else if (rv == CKR_KEY_FUNCTION_NOT_PERMITTED)//#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 |
---|
1523 | { |
---|
1524 | x = "CKR_KEY_FUNCTION_NOT_PERMITTED"; |
---|
1525 | } else if (rv == CKR_KEY_NOT_WRAPPABLE)//#define CKR_KEY_NOT_WRAPPABLE 0x00000069 |
---|
1526 | { |
---|
1527 | x = "CKR_KEY_NOT_WRAPPABLE"; |
---|
1528 | } else if (rv == CKR_KEY_UNEXTRACTABLE)//#define CKR_KEY_UNEXTRACTABLE 0x0000006A |
---|
1529 | { |
---|
1530 | x = "CKR_KEY_UNEXTRACTABLE"; |
---|
1531 | } else if (rv == CKR_MECHANISM_INVALID)//#define CKR_MECHANISM_INVALID 0x00000070 |
---|
1532 | { |
---|
1533 | x = "CKR_SLOTCKR_MECHANISM_INVALID"; |
---|
1534 | } else if (rv == CKR_MECHANISM_PARAM_INVALID)//#define CKR_MECHANISM_PARAM_INVALID 0x00000071 |
---|
1535 | { |
---|
1536 | x = "CKR_MECHANISM_PARAM_INVALID"; |
---|
1537 | } |
---|
1538 | /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID |
---|
1539 | * were removed for v2.0 */ |
---|
1540 | else if (rv == CKR_OBJECT_HANDLE_INVALID)//#define CKR_OBJECT_HANDLE_INVALID 0x00000082 |
---|
1541 | { |
---|
1542 | x = "CKR_OBJECT_HANDLE_INVALID"; |
---|
1543 | } else if (rv == CKR_OPERATION_ACTIVE)//#define CKR_OPERATION_ACTIVE 0x00000090 |
---|
1544 | { |
---|
1545 | x = "CKR_OPERATION_ACTIVE"; |
---|
1546 | } else if (rv == CKR_OPERATION_NOT_INITIALIZED)//#define CKR_OPERATION_NOT_INITIALIZED 0x00000091 |
---|
1547 | { |
---|
1548 | x = "CKR_OPERATION_NOT_INITIALIZED"; |
---|
1549 | } else if (rv == CKR_PIN_INCORRECT)//#define CKR_PIN_INCORRECT 0x000000A0 |
---|
1550 | { |
---|
1551 | x = "CKR_PIN_INCORRECT"; |
---|
1552 | } else if (rv == CKR_PIN_INVALID)//#define CKR_PIN_INVALID 0x000000A1 |
---|
1553 | { |
---|
1554 | x = "CKR_PIN_INVALID"; |
---|
1555 | } else if (rv == CKR_PIN_LEN_RANGE)//#define CKR_PIN_LEN_RANGE 0x000000A2 |
---|
1556 | { |
---|
1557 | x = "CKR_PIN_LEN_RANGE"; |
---|
1558 | } /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ |
---|
1559 | else if (rv == CKR_PIN_EXPIRED)//#define CKR_PIN_EXPIRED 0x000000A3 |
---|
1560 | { |
---|
1561 | x = "CKR_PIN_EXPIRED"; |
---|
1562 | } else if (rv == CKR_PIN_LOCKED)//#define CKR_PIN_LOCKED 0x000000A4 |
---|
1563 | { |
---|
1564 | x = "CKR_PIN_LOCKED"; |
---|
1565 | } else if (rv == CKR_SESSION_CLOSED)//#define CKR_SESSION_CLOSED 0x000000B0 |
---|
1566 | { |
---|
1567 | x = "CKR_SESSION_CLOSED"; |
---|
1568 | } else if (rv == CKR_SESSION_COUNT)//#define CKR_SESSION_COUNT 0x000000B1 |
---|
1569 | { |
---|
1570 | x = "CKR_SESSION_COUNT"; |
---|
1571 | } else if (rv == CKR_SESSION_HANDLE_INVALID)//#define CKR_SESSION_HANDLE_INVALID 0x000000B3 |
---|
1572 | { |
---|
1573 | x = "CKR_SESSION_HANDLE_INVALID"; |
---|
1574 | } else if (rv == CKR_SESSION_PARALLEL_NOT_SUPPORTED)//#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 |
---|
1575 | { |
---|
1576 | x = "CKR_SESSION_PARALLEL_NOT_SUPPORTED"; |
---|
1577 | } else if (rv == CKR_SESSION_READ_ONLY)//#define CKR_SESSION_READ_ONLY 0x000000B5 |
---|
1578 | { |
---|
1579 | x = "CKR_SESSION_READ_ONLY"; |
---|
1580 | } else if (rv == CKR_SESSION_EXISTS)//#define CKR_SESSION_EXISTS 0x000000B6 |
---|
1581 | { |
---|
1582 | x = "CKR_SESSION_EXISTS"; |
---|
1583 | } |
---|
1584 | /* CKR_SESSION_READ_ONLY_EXISTS and |
---|
1585 | * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ |
---|
1586 | |
---|
1587 | else if (rv == CKR_SESSION_READ_ONLY_EXISTS)//#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 |
---|
1588 | { |
---|
1589 | x = "CKR_SESSION_READ_ONLY_EXISTS"; |
---|
1590 | } else if (rv == CKR_SESSION_READ_WRITE_SO_EXISTS)//#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 |
---|
1591 | { |
---|
1592 | x = "CKR_SESSION_READ_WRITE_SO_EXISTS"; |
---|
1593 | } else if (rv == CKR_SIGNATURE_INVALID)//#define CKR_SIGNATURE_INVALID 0x000000C0 |
---|
1594 | { |
---|
1595 | x = "CKR_SIGNATURE_INVALID"; |
---|
1596 | } else if (rv == CKR_SIGNATURE_LEN_RANGE)//#define CKR_SIGNATURE_LEN_RANGE 0x000000C1 |
---|
1597 | { |
---|
1598 | x = "CKR_SIGNATURE_LEN_RANGE"; |
---|
1599 | } else if (rv == CKR_TEMPLATE_INCOMPLETE)//#define CKR_TEMPLATE_INCOMPLETE 0x000000D0 |
---|
1600 | { |
---|
1601 | x = "CKR_TEMPLATE_INCOMPLETE"; |
---|
1602 | } else if (rv == CKR_TEMPLATE_INCONSISTENT)//#define CKR_TEMPLATE_INCONSISTENT 0x000000D1 |
---|
1603 | { |
---|
1604 | x = "CKR_TEMPLATE_INCONSISTENT"; |
---|
1605 | } else if (rv == CKR_TOKEN_NOT_PRESENT)//#define CKR_TOKEN_NOT_PRESENT 0x000000E0 |
---|
1606 | { |
---|
1607 | x = "CKR_TOKEN_NOT_PRESENT"; |
---|
1608 | } else if (rv == CKR_TOKEN_NOT_RECOGNIZED)//#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 |
---|
1609 | { |
---|
1610 | x = "CKR_TOKEN_NOT_RECOGNIZED"; |
---|
1611 | } else if (rv == CKR_TOKEN_WRITE_PROTECTED)//#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 |
---|
1612 | { |
---|
1613 | x = "CKR_TOKEN_WRITE_PROTECTED"; |
---|
1614 | } else if (rv == CKR_UNWRAPPING_KEY_HANDLE_INVALID)//#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 |
---|
1615 | { |
---|
1616 | x = "CKR_UNWRAPPING_KEY_HANDLE_INVALID"; |
---|
1617 | } else if (rv == CKR_UNWRAPPING_KEY_SIZE_RANGE)//#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 |
---|
1618 | { |
---|
1619 | x = "CKR_UNWRAPPING_KEY_SIZE_RANGE"; |
---|
1620 | } else if (rv == CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT)//#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 |
---|
1621 | { |
---|
1622 | x = "CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT"; |
---|
1623 | } else if (rv == CKR_USER_ALREADY_LOGGED_IN)//#define CKR_USER_ALREADY_LOGGED_IN 0x00000100 |
---|
1624 | { |
---|
1625 | x = "CKR_USER_ALREADY_LOGGED_IN"; |
---|
1626 | } else if (rv == CKR_USER_NOT_LOGGED_IN)//#define CKR_USER_NOT_LOGGED_IN 0x00000101 |
---|
1627 | { |
---|
1628 | x = "CKR_USER_NOT_LOGGED_IN"; |
---|
1629 | } else if (rv == CKR_USER_PIN_NOT_INITIALIZED)//#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 |
---|
1630 | { |
---|
1631 | x = "CKR_USER_PIN_NOT_INITIALIZED"; |
---|
1632 | } else if (rv == CKR_USER_TYPE_INVALID)//#define CKR_USER_TYPE_INVALID 0x00000103 |
---|
1633 | { |
---|
1634 | x = "CKR_USER_TYPE_INVALID"; |
---|
1635 | } |
---|
1636 | /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES |
---|
1637 | * are new to v2.01 */ |
---|
1638 | else if (rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN)//#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 |
---|
1639 | { |
---|
1640 | x = "CKR_USER_ANOTHER_ALREADY_LOGGED_IN"; |
---|
1641 | } else if (rv == CKR_USER_TOO_MANY_TYPES)//#define CKR_USER_TOO_MANY_TYPES 0x00000105 |
---|
1642 | { |
---|
1643 | x = "CKR_USER_TOO_MANY_TYPES"; |
---|
1644 | } else if (rv == CKR_WRAPPED_KEY_INVALID)//#define CKR_WRAPPED_KEY_INVALID 0x00000110 |
---|
1645 | { |
---|
1646 | x = "CKR_WRAPPED_KEY_INVALID"; |
---|
1647 | } else if (rv == CKR_WRAPPED_KEY_LEN_RANGE)//#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 |
---|
1648 | { |
---|
1649 | x = "CKR_SLOT_CKR_WRAPPED_KEY_LEN_RANGE"; |
---|
1650 | } else if (rv == CKR_WRAPPING_KEY_HANDLE_INVALID)//#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 |
---|
1651 | { |
---|
1652 | x = "CKR_WRAPPING_KEY_HANDLE_INVALID"; |
---|
1653 | } else if (rv == CKR_WRAPPING_KEY_SIZE_RANGE)//#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 |
---|
1654 | { |
---|
1655 | x = "CKR_WRAPPING_KEY_SIZE_RANGE"; |
---|
1656 | } else if (rv == CKR_WRAPPING_KEY_TYPE_INCONSISTENT)//#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 |
---|
1657 | { |
---|
1658 | x = "CKR_WRAPPING_KEY_TYPE_INCONSISTENT"; |
---|
1659 | } else if (rv == CKR_RANDOM_SEED_NOT_SUPPORTED)//#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 |
---|
1660 | { |
---|
1661 | x = "CKR_RANDOM_SEED_NOT_SUPPORTED"; |
---|
1662 | } |
---|
1663 | /* These are new to v2.0 */ |
---|
1664 | else if (rv == CKR_RANDOM_NO_RNG)//#define CKR_RANDOM_NO_RNG 0x00000121 |
---|
1665 | { |
---|
1666 | x = "CKR_RANDOM_NO_RNG"; |
---|
1667 | } |
---|
1668 | /* These are new to v2.11 */ |
---|
1669 | else if (rv == CKR_DOMAIN_PARAMS_INVALID)//#define CKR_DOMAIN_PARAMS_INVALID 0x00000130 |
---|
1670 | { |
---|
1671 | x = "CKR_DOMAIN_PARAMS_INVALID"; |
---|
1672 | } |
---|
1673 | /* These are new to v2.0 */ |
---|
1674 | else if (rv == CKR_BUFFER_TOO_SMALL)//#define CKR_BUFFER_TOO_SMALL 0x00000150 |
---|
1675 | { |
---|
1676 | x = "CKR_BUFFER_TOO_SMALL"; |
---|
1677 | } else if (rv == CKR_SAVED_STATE_INVALID)//#define CKR_SAVED_STATE_INVALID 0x00000160 |
---|
1678 | { |
---|
1679 | x = "CKR_SAVED_STATE_INVALID"; |
---|
1680 | } else if (rv == CKR_INFORMATION_SENSITIVE)//#define CKR_INFORMATION_SENSITIVE 0x00000170 |
---|
1681 | { |
---|
1682 | x = "CKR_INFORMATION_SENSITIVE"; |
---|
1683 | } else if (rv == CKR_STATE_UNSAVEABLE)//#define CKR_STATE_UNSAVEABLE 0x00000180 |
---|
1684 | { |
---|
1685 | x = "CKR_STATE_UNSAVEABLE"; |
---|
1686 | } |
---|
1687 | /* These are new to v2.01 */ |
---|
1688 | else if (rv == CKR_CRYPTOKI_NOT_INITIALIZED)//#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 |
---|
1689 | { |
---|
1690 | x = "CKR_CRYPTOKI_NOT_INITIALIZED"; |
---|
1691 | } else if (rv == CKR_CRYPTOKI_ALREADY_INITIALIZED) //#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 |
---|
1692 | { |
---|
1693 | x = "CKR_CRYPTOKI_ALREADY_INITIALIZED"; |
---|
1694 | } else if (rv == CKR_MUTEX_BAD)//#define CKR_MUTEX_BAD 0x000001A0 |
---|
1695 | { |
---|
1696 | x = "CKR_MUTEX_BAD"; |
---|
1697 | } else if (rv == CKR_MUTEX_NOT_LOCKED)//#define CKR_MUTEX_NOT_LOCKED 0x000001A1 |
---|
1698 | { |
---|
1699 | x = "CKR_MUTEX_NOT_LOCKED"; |
---|
1700 | |
---|
1701 | } else if (rv == CKR_VENDOR_DEFINED)//#define CKR_VENDOR_DEFINED 0x80000000 |
---|
1702 | { |
---|
1703 | x = "CKR_VENDOR_DEFINED"; |
---|
1704 | } else |
---|
1705 | { |
---|
1706 | x = "-1"; |
---|
1707 | } |
---|
1708 | |
---|
1709 | return x; |
---|
1710 | } |
---|
1711 | |
---|
1712 | |
---|
1713 | QByteArray CryptoToken::toHex(const std::vector<unsigned char> &data) |
---|
1714 | { |
---|
1715 | return QByteArray((const char*)data.data(), data.size()).toHex(); |
---|
1716 | } |
---|
1717 | |
---|
1718 | std::vector<unsigned char> CryptoToken::fromHex(const QString &data) |
---|
1719 | { |
---|
1720 | QByteArray bin = QByteArray::fromHex(data.toLatin1()); |
---|
1721 | return std::vector<unsigned char>(bin.constData(), bin.constData() + bin.size()); |
---|
1722 | } |
---|