#include "cryptotoken.h" #include #include #include #include #define BINARY_SHA1_LENGTH 20 #define BINARY_SHA224_LENGTH 28 #define BINARY_SHA256_LENGTH 32 #define BINARY_SHA384_LENGTH 48 #define BINARY_SHA512_LENGTH 64 CryptoToken::CryptoToken() { } CryptoToken::~CryptoToken() { } bool CryptoToken::initializeCriptoki() { QString error(""); CK_RV rv; rv = C_Initialize(NULL_PTR); if (rv != CKR_OK) { if (rv == CKR_DEVICE_ERROR) { error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); return false; } error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); return false; } else { return true; } } void CryptoToken::finalize() { CK_RV rv; rv = C_Finalize(NULL_PTR); QString error(""); if (rv != CKR_OK) { qDebug("** Destruyendo ... ~SmartCard"); if (rv == CKR_DEVICE_ERROR) { error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); } error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); } } CK_SESSION_HANDLE CryptoToken::openSession(char * Pin, CK_SLOT_ID & slotID, bool requiredlogin) { qDebug("openSession()"); QString error(""); CK_RV rv; CK_SLOT_ID SlotList[10]; CK_ULONG ulCount = sizeof(SlotList)/sizeof(CK_SLOT_ID); CK_SESSION_HANDLE hSession; /* ** Find the first slot available that has a token present */ rv = C_GetSlotList(TRUE,SlotList,&ulCount); //assert(rv==CKR_OK); //assert(ulCount>0); //if ( (rv != CKR_OK) && (ulCount<=0) ) if ( (rv != CKR_OK) || (ulCount<=0) ) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("Insertar una tarjeta en el lector. " + error)); return CK_INVALID_HANDLE; } //slotID = new CK_SLOT_ID() ; slotID = SlotList[0]; /* ** Open a read/write session with this slot's token */ //rv = C_OpenSession(slotID,CKF_SERIAL_SESSION|CKF_RW_SESSION,0,0,&hSession); rv = C_OpenSession(slotID,CKF_SERIAL_SESSION|CKF_RW_SESSION,NULL_PTR,(CK_NOTIFY)NULL_PTR,&hSession); //assert(rv==CKR_OK); if (rv != CKR_OK) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_OpenSession" + error)); return CK_INVALID_HANDLE; } /* ** Log in the User to session */ if ( requiredlogin ) { rv = C_Login(hSession,CKU_USER, (unsigned char *) Pin,strlen(Pin)); //assert(rv==CKR_OK); if (rv != CKR_OK) { error = returnErrorToQString(rv); QString plus(""); if ((rv == CKR_PIN_INCORRECT) || (rv == CKR_DATA_LEN_RANGE) || (rv == CKR_ARGUMENTS_BAD)) plus = "El PIN introducido es incorrecto!"; qDebug("%s", qPrintable("C_login: " + error + " " +plus)); return CK_INVALID_HANDLE; } } /* ** Return the session handle and exit */ return hSession; } void CryptoToken::closeSession(CK_SESSION_HANDLE hSession) { CK_RV rv; rv = C_CloseSession(hSession); QString error(""); if (rv != CKR_OK){ qDebug("** Destruyendo ... ~SmartCard"); if (rv == CKR_DEVICE_ERROR) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_Finalize" + error)); } error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_Finalize" + error)); } } CK_OBJECT_HANDLE CryptoToken::getPrivateKey(CK_SESSION_HANDLE hSession, CK_SLOT_ID slotID, QString id) { QString error(""); CK_RV rv; CK_OBJECT_HANDLE hObject = CK_INVALID_HANDLE; CK_OBJECT_CLASS objClass = CKO_PRIVATE_KEY; CK_ULONG ulCount = 0; //CK_BYTE keyid[strlen(id)+1]; //strcpy((char *)keyid,id); int idLen = strlen(qPrintable(id))+1; CK_UTF8CHAR label[idLen]; strcpy((char *) label, qPrintable(id)); qDebug("SmartCard::getPrivateKey label:"); qDebug("%s", (char *) label); //qDebug("VALOR DE keyid"); //qDebug((char *)keyid); CK_ATTRIBUTE privateKeyTemplate[] = { { CKA_CLASS, &objClass, sizeof (objClass) }, { CKA_LABEL, label, sizeof(label)-1 } //{CKA_ID, keyid, sizeof (keyid)} }; CK_ULONG ulTemplateCount = sizeof (privateKeyTemplate) / sizeof (privateKeyTemplate[0]); /* Pre-condition checks. */ assert (hSession != NULL_PTR); // comienza la busqueda de clave privada qDebug ("Inicia busqueda de clave privada ... \n"); rv = C_FindObjectsInit(hSession, privateKeyTemplate, ulTemplateCount); qDebug ("C_FindObjectsInit rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); if (rv != CKR_OK) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjectsInit: "+error)); return CK_INVALID_HANDLE; } // se realiza la busqueda rv = C_FindObjects(hSession, &hObject, 1, &ulCount); qDebug ("C_FindObjects rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); qDebug("*-*-*-*-*getPrivateKey VALOR DE ulCount %u: ", ulCount); //if (rv != CKR_OK) if ((rv != CKR_OK) )//|| (ulCount == 0)) { if (ulCount == 0) qDebug("ulCount == 0"); error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjects: "+error)); return CK_INVALID_HANDLE; } rv = C_FindObjectsFinal(hSession); qDebug ("C_FindObjectsFinal rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); if (rv != CKR_OK) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjectsFinal: "+error)); return CK_INVALID_HANDLE; } if (ulCount == 0) { qDebug (" \nNinguna clave privada encontrada!\n"); // cerrar la sesion /*rv = C_CloseAllSessions(slotID); qDebug("C_CloseAllSessions rv = %x", rv); qDebug ("\n"); assert(rv==CKR_OK);*/ return CK_INVALID_HANDLE; } else { //qDebug (" \nObjeto encontrado (object=0x%04X)\n", hObject); qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", hObject); return hObject; } } bool CryptoToken::signSomeData(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE privateKey, CK_BYTE_PTR someData, CK_ULONG someDataLen, CK_BYTE_PTR sign, CK_ULONG_PTR signLen ) { CK_RV rv; qDebug (" \nProceso de firma digital de datos con la clave privada que mantiene la tarjeta...\n"); qDebug("valor de sign antes de firmar: \n %s\n", sign); //CK_ULONG someDataLen, slen; //someDataLen = strlen((char *) someData); //CK_ULONG slen; //slen = BUFFERSIZ; //slen = signLen; // definicion del algoritmo de firma CK_MECHANISM signMechanism = { CKM_RSA_PKCS /*CKM_SHA1_RSA_PKCS*/, 0 /*NULL_PTR*/, 0}; rv = C_SignInit(hSession, &signMechanism, privateKey); if (rv != CKR_OK) { qDebug("C_SignInit: rv = 0x%.8X\n", rv); rv = C_CloseSession(hSession); qDebug ("C_CloseSession: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); rv = C_Finalize(NULL_PTR); qDebug ("C_Finalize: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); return false; } qDebug("C_SignInit: rv = 0x%.8X\n", rv); qDebug ("\n"); assert(rv==CKR_OK); rv = C_Sign(hSession, someData, someDataLen, sign, signLen); if (rv != CKR_OK) { qDebug("C_Sign: rv = 0x%.8X\n", rv); rv = C_CloseSession(hSession); qDebug ("C_CloseSession: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); rv = C_Finalize(NULL_PTR); qDebug ("C_Finalize: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); return false;//1; } qDebug("Valor de la firma sign: \n%s\n", sign); qDebug("\nValor de signLen: \n%u\n", *signLen); qDebug("C_Sign: rv = 0x%.8X\n", rv); qDebug ("\n"); assert(rv==CKR_OK); qDebug("\nMessage was successfully signed with private key!\n"); return true; } std::vector CryptoToken::signHash(QString hashToSign, QString pin, QString label) { std::vector hash = fromHex(hashToSign); QString error(""); CK_RV rv; CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; CK_SLOT_ID slotID; // initialize criptoki rv = C_Initialize(NULL_PTR); if (rv != CKR_OK) { if (rv == CKR_DEVICE_ERROR) { error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); throw std::runtime_error(qPrintable(error)); } error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); throw std::runtime_error(qPrintable(error)); } hSession = openSession((char *) qPrintable(pin), slotID); if (hSession == CK_INVALID_HANDLE) { qDebug("Fallo ptr_SC->openSession"); rv = C_Finalize(NULL_PTR); qDebug("C_Finalize: rv = %x",rv); assert(rv == CKR_OK); throw std::runtime_error("Error openning a session"); } // obtencion de la clave privada para firmar los datos CK_OBJECT_HANDLE privateKey = CK_INVALID_HANDLE; //QString label = "New Key aaraujo"; privateKey = getPrivateKey(hSession, slotID, label); // https://github.com/open-eid/chrome-token-signing/blob/master/host-shared/PKCS11CardManager.h if (privateKey == CK_INVALID_HANDLE) { qDebug("Fallo ptr_SC->getPrivateKey"); rv = C_CloseSession(hSession); qDebug("C_CloseSession: rv = %x",rv); assert(rv == CKR_OK); rv = C_Finalize(NULL_PTR); qDebug("C_Finalize: rv = %x",rv); assert(rv == CKR_OK); throw std::runtime_error("Error finding private key"); } CK_MECHANISM mechanism = {CKM_RSA_PKCS, 0, 0}; rv = C_SignInit(hSession, &mechanism, privateKey); if (rv != CKR_OK) { qDebug("C_SignInit: rv = 0x%.8X\n", rv); rv = C_CloseSession(hSession); qDebug ("C_CloseSession: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); rv = C_Finalize(NULL_PTR); qDebug ("C_Finalize: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); throw std::runtime_error("Error C_SignInit"); } qDebug("C_SignInit: rv = 0x%.8X\n", rv); qDebug ("\n"); assert(rv==CKR_OK); std::vector hashWithPadding; switch (hash.size()) { case BINARY_SHA1_LENGTH: hashWithPadding = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}; break; case BINARY_SHA224_LENGTH: hashWithPadding = {0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c}; break; case BINARY_SHA256_LENGTH: hashWithPadding = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}; break; case BINARY_SHA384_LENGTH: hashWithPadding = {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}; break; case BINARY_SHA512_LENGTH: hashWithPadding = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}; break; default: throw std::runtime_error("incorrect digest length, dropping padding"); } hashWithPadding.insert(hashWithPadding.end(), hash.begin(), hash.end()); CK_ULONG signatureLength = 0; rv = C_Sign(hSession, hashWithPadding.data(), hashWithPadding.size(), nullptr, &signatureLength); if (rv != CKR_OK) { qDebug("C_Sign: rv = 0x%.8X\n", rv); rv = C_CloseSession(hSession); qDebug ("C_CloseSession: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); rv = C_Finalize(NULL_PTR); qDebug ("C_Finalize: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); throw std::runtime_error("Error C_Sign1"); } std::vector signature(signatureLength, 0); rv = C_Sign(hSession, hashWithPadding.data(), hashWithPadding.size(), signature.data(), &signatureLength); if (rv != CKR_OK) { qDebug("C_Sign: rv = 0x%.8X\n", rv); rv = C_CloseSession(hSession); qDebug ("C_CloseSession: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); rv = C_Finalize(NULL_PTR); qDebug ("C_Finalize: rv = %x",rv); qDebug ("\n"); assert(rv == CKR_OK); throw std::runtime_error("Error C_Sign2"); } qDebug("C_Sign: rv = 0x%.8X\n", rv); qDebug ("\n"); assert(rv==CKR_OK); closeSession(hSession); finalize(); return signature; } /* std::vector CryptoToken::findObject(CK_OBJECT_CLASS objectClass, CK_ULONG max = 2) const { if (!fl) { throw std::runtime_error("PKCS11 is not loaded"); } CK_ATTRIBUTE searchAttribute = {CKA_CLASS, &objectClass, sizeof(objectClass)}; C(FindObjectsInit, session, &searchAttribute, 1); CK_ULONG objectCount = max; std::vector objectHandle(objectCount); C(FindObjects, session, objectHandle.data(), objectHandle.size(), &objectCount); C(FindObjectsFinal, session); objectHandle.resize(objectCount); return objectHandle; } */ QStringList CryptoToken::getPrivateKeyLabels(QString pin) { qDebug("...CryptoToken::getPrivateKeyLabels"); QStringList list; QString error(""); CK_RV rv; CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; CK_SLOT_ID slotID; // initialize criptoki rv = C_Initialize(NULL_PTR); if (rv != CKR_OK) { if (rv == CKR_DEVICE_ERROR) { error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); throw std::runtime_error(qPrintable(error)); } error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); throw std::runtime_error(qPrintable(error)); } hSession = openSession((char *) qPrintable(pin), slotID); if (hSession == CK_INVALID_HANDLE) { qDebug("Fallo ptr_SC->openSession"); rv = C_Finalize(NULL_PTR); qDebug("C_Finalize: rv = %x",rv); assert(rv == CKR_OK); throw std::runtime_error("Error openning a session"); } CK_OBJECT_CLASS objectClass = CKO_PRIVATE_KEY; //CK_OBJECT_CLASS objectClass = CKO_PUBLIC_KEY; //CK_OBJECT_CLASS objectClass = CKO_CERTIFICATE; CK_OBJECT_HANDLE hObject = CK_INVALID_HANDLE; CK_ATTRIBUTE searchAttribute = {CKA_CLASS, &objectClass, sizeof(objectClass)}; CK_ULONG ulCount = 0; rv = C_FindObjectsInit(hSession, &searchAttribute, 1); qDebug ("C_FindObjectsInit rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); if (rv != CKR_OK) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjectsInit: "+error)); //return list; throw std::runtime_error(qPrintable(error)); } CK_ULONG objectCount = 3; std::vector objectHandle(objectCount); // se realiza la busqueda //rv = C_FindObjects(hSession, &hObject, 2, &ulCount); rv = C_FindObjects(hSession, objectHandle.data(), objectHandle.size(), &objectCount); qDebug ("C_FindObjects rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); qDebug("*-*-*-*-*getPrivateKeyLabels VALOR DE objectCount %u: ", objectCount); //if (rv != CKR_OK) if ((rv != CKR_OK) )//|| (ulCount == 0)) { if (ulCount == 0) qDebug("ulCount == 0"); error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjects: "+error)); //return list; throw std::runtime_error(qPrintable(error)); } rv = C_FindObjectsFinal(hSession); qDebug ("C_FindObjectsFinal rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); if (rv != CKR_OK) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjectsFinal: "+error)); //return list; throw std::runtime_error(qPrintable(error)); } objectHandle.resize(objectCount); //if (ulCount == 0) if (objectHandle.size() == 0) { qDebug (" \nNingun objeto encontrado!\n"); // cerrar la sesion /*rv = C_CloseAllSessions(slotID); qDebug("C_CloseAllSessions rv = %x", rv); qDebug ("\n"); assert(rv==CKR_OK);*/ //return list; throw std::runtime_error(qPrintable(error)); } else { //qDebug (" \nObjeto encontrado (object=0x%04X)\n", hObject); qDebug("se econtraron %d objetos", objectHandle.size()); //qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", hObject); for (int i=0; i< objectHandle.size(); i++) { qDebug("objeto encontrado: 0x%4X", objectHandle[i]); list.append(getKeyLabel(hSession, objectHandle[i])); } } closeSession(hSession); finalize(); return list; } QString CryptoToken::getKeyLabel(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE key) { qDebug("CryptoToken::getKeyLabel"); CK_RV rv = CKR_OK; CK_ATTRIBUTE keyid_attr[1] = { { CKA_LABEL, NULL, 0 } //{ CKA_VALUE, NULL, 0 } }; if ((rv = C_GetAttributeValue(hSession, key, keyid_attr, 1)) != CKR_OK) { //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la obtencion del atributo ID")); qDebug("fallo la obtencion del atributo ID"); return ""; } if ((keyid_attr[0].pValue = malloc(keyid_attr[0].ulValueLen)) == NULL) { //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la asignacion de memoria del atributo ID")); qDebug("fallo la asignacion de memoria del atributo ID"); return ""; } if ((rv = C_GetAttributeValue(hSession, key, keyid_attr, 1)) != CKR_OK) { //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la obtencion 2 del atributo ID")); qDebug("fallo la obtencion 2 del atributo ID"); return ""; } //qDebug("\n*-** VALOR DE ID: %s\n", keyid_attr[0].pValue); qDebug("\n*-** VALOR DE atributo: %s\n", keyid_attr[0].pValue); QString label = (const char *) keyid_attr[0].pValue; qDebug("%s", qPrintable(label)); qDebug("%s", qPrintable(QString::number(label.size()))); return label; } QList CryptoToken::getCertificateCNandExpirationDate(QString pin) { qDebug("...CryptoToken::getCertificateCNandExpirationDate"); QList list; QString error(""); CK_RV rv; CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; CK_SLOT_ID slotID; // initialize criptoki rv = C_Initialize(NULL_PTR); if (rv != CKR_OK) { if (rv == CKR_DEVICE_ERROR) { qDebug("CKR_DEVICE_ERROR"); error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); throw std::runtime_error(qPrintable(error)); } qDebug("****"); error = returnErrorToQString(rv); qDebug("%s", qPrintable(error)); throw std::runtime_error(qPrintable(error)); } hSession = openSession((char *) qPrintable(pin), slotID); if (hSession == CK_INVALID_HANDLE) { qDebug("Fallo ptr_SC->openSession"); rv = C_Finalize(NULL_PTR); qDebug("C_Finalize: rv = %x",rv); assert(rv == CKR_OK); throw std::runtime_error("Error openning a session inside the device"); } CK_OBJECT_CLASS objectClass = CKO_CERTIFICATE; CK_OBJECT_HANDLE hObject = CK_INVALID_HANDLE; CK_ATTRIBUTE searchAttribute = {CKA_CLASS, &objectClass, sizeof(objectClass)}; CK_ULONG ulCount = 0; rv = C_FindObjectsInit(hSession, &searchAttribute, 1); qDebug ("C_FindObjectsInit rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); if (rv != CKR_OK) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjectsInit: "+error)); //return list; throw std::runtime_error(qPrintable(error)); } CK_ULONG objectCount = 3; std::vector objectHandle(objectCount); // se realiza la busqueda //rv = C_FindObjects(hSession, &hObject, 2, &ulCount); rv = C_FindObjects(hSession, objectHandle.data(), objectHandle.size(), &objectCount); qDebug ("C_FindObjects rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); qDebug("*-*-*-*-*getPrivateKeyLabels VALOR DE objectCount %u: ", objectCount); //if (rv != CKR_OK) if ((rv != CKR_OK) )//|| (ulCount == 0)) { if (ulCount == 0) qDebug("ulCount == 0"); error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjects: "+error)); //return list; throw std::runtime_error(qPrintable(error)); } rv = C_FindObjectsFinal(hSession); qDebug ("C_FindObjectsFinal rv = %x",rv); qDebug ("\n"); //assert(rv==CKR_OK); if (rv != CKR_OK) { error = returnErrorToQString(rv); qDebug("%s", qPrintable("C_FindObjectsFinal: "+error)); //return list; throw std::runtime_error(qPrintable(error)); } objectHandle.resize(objectCount); //if (ulCount == 0) if (objectHandle.size() == 0) { qDebug (" \nNingun objeto encontrado!\n"); // cerrar la sesion /*rv = C_CloseAllSessions(slotID); qDebug("C_CloseAllSessions rv = %x", rv); qDebug ("\n"); assert(rv==CKR_OK);*/ //return list; throw std::runtime_error(qPrintable(error)); } else { //qDebug (" \nObjeto encontrado (object=0x%04X)\n", hObject); qDebug("se econtraron %d objetos", objectHandle.size()); //qDebug (" \nClave privada encontrada: (clave = 0x%4X)\n", hObject); for (int i=0; i< objectHandle.size(); i++) { QStringList certInformation; qDebug("objeto encontrado: 0x%4X", objectHandle[i]); certInformation = getCertificateInformation(hSession, objectHandle[i]); //list.append(getCertificateInformation(hSession, objectHandle[i])[0]); //list.append(getCertificateInformation(hSession, objectHandle[i])[0]); list.append(certInformation); } } closeSession(hSession); finalize(); return list; } QStringList CryptoToken::getCertificateInformation(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE certificate) { qDebug("...getCertificateInformation..."); CK_RV rv = CKR_OK; CK_ATTRIBUTE keyid_attr[2] = { { CKA_LABEL, NULL, 0 }, { CKA_VALUE, NULL, 0 } }; QStringList list; if ((rv = C_GetAttributeValue(hSession, certificate, keyid_attr, 2)) != CKR_OK) { //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la obtencion del atributo ID")); qDebug("fallo la obtencion del atributo ID"); return list; } if ((keyid_attr[1].pValue = malloc(keyid_attr[1].ulValueLen)) == NULL) { //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la asignacion de memoria del atributo ID")); qDebug("fallo la asignacion de memoria del atributo ID"); return list; } if ((rv = C_GetAttributeValue(hSession, certificate, keyid_attr, 2)) != CKR_OK) { //QMessageBox::critical(this,tr("UserAccess"),tr("fallo la obtencion 2 del atributo ID")); qDebug("fallo la obtencion 2 del atributo ID"); return list; } //qDebug("\n*-** VALOR DE ID: %s\n", keyid_attr[0].pValue); //qDebug("\n*-** VALOR DE atributo: %s\n", keyid_attr[1].pValue); //QString x = (const char *) keyid_attr[1].pValue; //qDebug(qPrintable(x)); //qDebug(qPrintable(QString::number(x.size()))); //qDebug("prueba de generar un QSslCertificate"); QSslCertificate qcert(QByteArray((const char *) keyid_attr[1].pValue, (int) keyid_attr[1].ulValueLen), QSsl::Der); if (qcert.isNull()){ qDebug("qcert es null"); } //qDebug("mira el contenido qcert"); /* QStringList list = qcert.subjectInfo(QSslCertificate::EmailAddress); QStringList l2 = qcert.subjectInfo(QSslCertificate::DistinguishedNameQualifier); QStringList l3 = qcert.subjectInfo( QSslCertificate::CommonName ); QStringList l4 = qcert.subjectInfo( QSslCertificate::Organization ); QStringList l5 = qcert.subjectInfo( QSslCertificate::LocalityName ); QStringList l6 = qcert.subjectInfo( QSslCertificate::OrganizationalUnitName ); QStringList l7 = qcert.subjectInfo( QSslCertificate::StateOrProvinceName ); */ list.append(qcert.subjectInfo( QSslCertificate::CommonName )); list.append(qcert.expiryDate().date().toString("dd.MM.yyyy")); //qDebug(qPrintable(qcert.effectiveDate().date().toString("dd.MM.yyyy"))); //qDebug(qPrintable(qcert.expiryDate().date().toString("dd.MM.yyyy"))); return list; } QList CryptoToken::getDeviceCertificates(QString pin) { qDebug("...getDeviceCertificates"); QStringList labelList = getPrivateKeyLabels(pin); QList nameExpirationList = getCertificateCNandExpirationDate(pin); QList certificateInformationList; for (int i=0; iappend("C_Initialize\n"); if (rv != CKR_OK) { if (rv == CKR_DEVICE_ERROR) { error = returnErrorToQString(rv); qDebug("Probablemente el lector no este conectado"); return error; } error = returnErrorToQString(rv); qDebug("valor de x despues de returnError: %s", qPrintable(error)); return error; } rv = C_GetInfo(&info); //fqDebug(stderr, "C_GetInfo: rv = 0x%.8X\n", rv); //cout << "valor decimal de rv: " << rv ; if (rv != CKR_OK) { error = returnErrorToQString(rv); return error; } //assert(rv == CKR_OK); QString y("Descripcion: "); y.append((const char *) info.libraryDescription); mensaje.append(y); QString x("Fabricante: "); x.append((const char *) info.manufacturerID); mensaje.append(x); QString cryptokiVersion("Version: "); cryptokiVersion.append(QString::number(info.cryptokiVersion.major)); cryptokiVersion.append("."); cryptokiVersion.append(QString::number(info.cryptokiVersion.minor)); qDebug("%s", qPrintable(cryptokiVersion)); mensaje.append(cryptokiVersion); rv = C_Finalize(NULL_PTR); if (rv != CKR_OK) { error = returnErrorToQString(rv); return error; } assert(rv == CKR_OK); //mensaje->append("C_Finalize\n"); //qDebug("***********************mensaje:"); //qDebug(qPrintable(mensaje)); return mensaje; } QString CryptoToken::returnErrorToQString(CK_RV rv) { QString x(""); qDebug("returnErrorToQString"); //qDebug("valor de x: ", x); //qDebug("valor de rv: "+ QString::number(rv,16)); /* CK_RV is a value that identifies the return value of a * Cryptoki function */ /* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ //typedef CK_ULONG CK_RV; if (rv == CKR_OK) // CKR_OK 0x00000000 { x = "CKR_OK"; } else if (rv == CKR_CANCEL) // CKR_CANCEL 0x00000001 { x = "CKR_CANCEL"; } else if (rv == CKR_HOST_MEMORY) //CKR_HOST_MEMORY 0x00000002 { x = "CKR_HOST_MEMORY"; } else if (rv == CKR_SLOT_ID_INVALID) //CKR_SLOT_ID_INVALID 0x00000003 { x = "CKR_SLOT_ID_INVALID"; } /* CKR_FLAGS_INVALID was removed for v2.0 */ /* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ else if (rv == CKR_GENERAL_ERROR) //CKR_GENERAL_ERROR 0x00000005 { x = "CKR_GENERAL_ERROR"; } else if (rv == CKR_FUNCTION_FAILED) //CKR_FUNCTION_FAILED 0x00000006 { x = "CKR_FUNCTION_FAILED"; return x; } /* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, * and CKR_CANT_LOCK are new for v2.01 */ else if (rv == CKR_ARGUMENTS_BAD) // CKR_ARGUMENTS_BAD 0x00000007 { x = "CKR_ARGUMENTS_BAD"; } else if (rv == CKR_NO_EVENT) //CKR_NO_EVENT 0x00000008 { x = "CKR_NO_EVENT"; } else if (rv == CKR_NEED_TO_CREATE_THREADS) //CKR_NEED_TO_CREATE_THREADS 0x00000009 { x = "CKR_NEED_TO_CREATE_THREADS"; } else if (rv == CKR_CANT_LOCK) // CKR_CANT_LOCK 0x0000000A { x = "CKR_CANT_LOCK"; } else if (rv == CKR_ATTRIBUTE_READ_ONLY) // CKR_ATTRIBUTE_READ_ONLY 0x00000010 { x = "CKR_ATTRIBUTE_READ_ONLY"; } else if (rv == CKR_ATTRIBUTE_SENSITIVE) // CKR_ATTRIBUTE_SENSITIVE 0x00000011 { x = "CKR_ATTRIBUTE_SENSITIVE"; } else if (rv == CKR_ATTRIBUTE_TYPE_INVALID) // CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 { x = "CKR_ATTRIBUTE_TYPE_INVALID"; return x; } else if (rv == CKR_ATTRIBUTE_VALUE_INVALID)// CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 { x = "CKR_ATTRIBUTE_VALUE_INVALID"; } else if (rv == CKR_DATA_INVALID)//#define CKR_DATA_INVALID 0x00000020 { x = "CKR_DATA_INVALID"; } else if (rv == CKR_DATA_LEN_RANGE) //#define CKR_DATA_LEN_RANGE 0x00000021 { x = "CKR_DATA_LEN_RANGE"; } else if (rv == CKR_DEVICE_ERROR) //#define CKR_DEVICE_ERROR 0x00000030 { x = "CKR_DEVICE_ERROR"; qDebug("FUCK"); } else if (rv == CKR_DEVICE_MEMORY) //#define CKR_DEVICE_MEMORY 0x00000031 { x = "CKR_DEVICE_MEMORY"; } else if (rv == CKR_DEVICE_REMOVED) //#define CKR_DEVICE_REMOVED 0x00000032 { x = "CKR_DEVICE_REMOVED"; } else if (rv == CKR_ENCRYPTED_DATA_INVALID) //#define CKR_ENCRYPTED_DATA_INVALID 0x00000040 { x = "CKR_ENCRYPTED_DATA_INVALID"; } else if (rv == CKR_ENCRYPTED_DATA_LEN_RANGE) //#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 { x = "CKR_ENCRYPTED_DATA_LEN_RANGE"; } else if (rv == CKR_FUNCTION_CANCELED) //#define CKR_FUNCTION_CANCELED 0x00000050 { x = "CKR_FUNCTION_CANCELED"; } else if (rv == CKR_FUNCTION_NOT_PARALLEL) //#define CKR_FUNCTION_NOT_PARALLEL 0x00000051 { x = "CKR_FUNCTION_NOT_PARALLEL"; } /* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ else if (rv == CKR_FUNCTION_NOT_SUPPORTED) //#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 { x = "CKR_FUNCTION_NOT_SUPPORTED"; } else if (rv == CKR_KEY_HANDLE_INVALID) //#define CKR_KEY_HANDLE_INVALID 0x00000060 { x = "CKR_KEY_HANDLE_INVALID"; } /* CKR_KEY_SENSITIVE was removed for v2.0 */ else if (rv == CKR_KEY_SIZE_RANGE) //#define CKR_KEY_SIZE_RANGE 0x00000062 { x = "CKR_KEY_SIZE_RANGE"; } else if (rv == CKR_KEY_TYPE_INCONSISTENT)//#define CKR_KEY_TYPE_INCONSISTENT 0x00000063 { x = "CKR_KEY_TYPE_INCONSISTENT"; } /* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for * v2.0 */ else if (rv == CKR_KEY_NOT_NEEDED) //#define CKR_KEY_NOT_NEEDED 0x00000064 { x = "CKR_KEY_NOT_NEEDED"; } else if (rv == CKR_KEY_CHANGED) //#define CKR_KEY_CHANGED 0x00000065 { x = "CKR_KEY_CHANGED"; } else if (rv == CKR_KEY_NEEDED) //#define CKR_KEY_NEEDED 0x00000066 { x = "CKR_KEY_NEEDED"; } else if (rv == CKR_KEY_INDIGESTIBLE)//#define CKR_KEY_INDIGESTIBLE 0x00000067 { x = "CKR_KEY_INDIGESTIBLE"; } else if (rv == CKR_KEY_FUNCTION_NOT_PERMITTED)//#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 { x = "CKR_KEY_FUNCTION_NOT_PERMITTED"; } else if (rv == CKR_KEY_NOT_WRAPPABLE)//#define CKR_KEY_NOT_WRAPPABLE 0x00000069 { x = "CKR_KEY_NOT_WRAPPABLE"; } else if (rv == CKR_KEY_UNEXTRACTABLE)//#define CKR_KEY_UNEXTRACTABLE 0x0000006A { x = "CKR_KEY_UNEXTRACTABLE"; } else if (rv == CKR_MECHANISM_INVALID)//#define CKR_MECHANISM_INVALID 0x00000070 { x = "CKR_SLOTCKR_MECHANISM_INVALID"; } else if (rv == CKR_MECHANISM_PARAM_INVALID)//#define CKR_MECHANISM_PARAM_INVALID 0x00000071 { x = "CKR_MECHANISM_PARAM_INVALID"; } /* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID * were removed for v2.0 */ else if (rv == CKR_OBJECT_HANDLE_INVALID)//#define CKR_OBJECT_HANDLE_INVALID 0x00000082 { x = "CKR_OBJECT_HANDLE_INVALID"; } else if (rv == CKR_OPERATION_ACTIVE)//#define CKR_OPERATION_ACTIVE 0x00000090 { x = "CKR_OPERATION_ACTIVE"; } else if (rv == CKR_OPERATION_NOT_INITIALIZED)//#define CKR_OPERATION_NOT_INITIALIZED 0x00000091 { x = "CKR_OPERATION_NOT_INITIALIZED"; } else if (rv == CKR_PIN_INCORRECT)//#define CKR_PIN_INCORRECT 0x000000A0 { x = "CKR_PIN_INCORRECT"; } else if (rv == CKR_PIN_INVALID)//#define CKR_PIN_INVALID 0x000000A1 { x = "CKR_PIN_INVALID"; } else if (rv == CKR_PIN_LEN_RANGE)//#define CKR_PIN_LEN_RANGE 0x000000A2 { x = "CKR_PIN_LEN_RANGE"; } /* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ else if (rv == CKR_PIN_EXPIRED)//#define CKR_PIN_EXPIRED 0x000000A3 { x = "CKR_PIN_EXPIRED"; } else if (rv == CKR_PIN_LOCKED)//#define CKR_PIN_LOCKED 0x000000A4 { x = "CKR_PIN_LOCKED"; } else if (rv == CKR_SESSION_CLOSED)//#define CKR_SESSION_CLOSED 0x000000B0 { x = "CKR_SESSION_CLOSED"; } else if (rv == CKR_SESSION_COUNT)//#define CKR_SESSION_COUNT 0x000000B1 { x = "CKR_SESSION_COUNT"; } else if (rv == CKR_SESSION_HANDLE_INVALID)//#define CKR_SESSION_HANDLE_INVALID 0x000000B3 { x = "CKR_SESSION_HANDLE_INVALID"; } else if (rv == CKR_SESSION_PARALLEL_NOT_SUPPORTED)//#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 { x = "CKR_SESSION_PARALLEL_NOT_SUPPORTED"; } else if (rv == CKR_SESSION_READ_ONLY)//#define CKR_SESSION_READ_ONLY 0x000000B5 { x = "CKR_SESSION_READ_ONLY"; } else if (rv == CKR_SESSION_EXISTS)//#define CKR_SESSION_EXISTS 0x000000B6 { x = "CKR_SESSION_EXISTS"; } /* CKR_SESSION_READ_ONLY_EXISTS and * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ else if (rv == CKR_SESSION_READ_ONLY_EXISTS)//#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 { x = "CKR_SESSION_READ_ONLY_EXISTS"; } else if (rv == CKR_SESSION_READ_WRITE_SO_EXISTS)//#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 { x = "CKR_SESSION_READ_WRITE_SO_EXISTS"; } else if (rv == CKR_SIGNATURE_INVALID)//#define CKR_SIGNATURE_INVALID 0x000000C0 { x = "CKR_SIGNATURE_INVALID"; } else if (rv == CKR_SIGNATURE_LEN_RANGE)//#define CKR_SIGNATURE_LEN_RANGE 0x000000C1 { x = "CKR_SIGNATURE_LEN_RANGE"; } else if (rv == CKR_TEMPLATE_INCOMPLETE)//#define CKR_TEMPLATE_INCOMPLETE 0x000000D0 { x = "CKR_TEMPLATE_INCOMPLETE"; } else if (rv == CKR_TEMPLATE_INCONSISTENT)//#define CKR_TEMPLATE_INCONSISTENT 0x000000D1 { x = "CKR_TEMPLATE_INCONSISTENT"; } else if (rv == CKR_TOKEN_NOT_PRESENT)//#define CKR_TOKEN_NOT_PRESENT 0x000000E0 { x = "CKR_TOKEN_NOT_PRESENT"; } else if (rv == CKR_TOKEN_NOT_RECOGNIZED)//#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 { x = "CKR_TOKEN_NOT_RECOGNIZED"; } else if (rv == CKR_TOKEN_WRITE_PROTECTED)//#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 { x = "CKR_TOKEN_WRITE_PROTECTED"; } else if (rv == CKR_UNWRAPPING_KEY_HANDLE_INVALID)//#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 { x = "CKR_UNWRAPPING_KEY_HANDLE_INVALID"; } else if (rv == CKR_UNWRAPPING_KEY_SIZE_RANGE)//#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 { x = "CKR_UNWRAPPING_KEY_SIZE_RANGE"; } else if (rv == CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT)//#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 { x = "CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT"; } else if (rv == CKR_USER_ALREADY_LOGGED_IN)//#define CKR_USER_ALREADY_LOGGED_IN 0x00000100 { x = "CKR_USER_ALREADY_LOGGED_IN"; } else if (rv == CKR_USER_NOT_LOGGED_IN)//#define CKR_USER_NOT_LOGGED_IN 0x00000101 { x = "CKR_USER_NOT_LOGGED_IN"; } else if (rv == CKR_USER_PIN_NOT_INITIALIZED)//#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 { x = "CKR_USER_PIN_NOT_INITIALIZED"; } else if (rv == CKR_USER_TYPE_INVALID)//#define CKR_USER_TYPE_INVALID 0x00000103 { x = "CKR_USER_TYPE_INVALID"; } /* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES * are new to v2.01 */ else if (rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN)//#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 { x = "CKR_USER_ANOTHER_ALREADY_LOGGED_IN"; } else if (rv == CKR_USER_TOO_MANY_TYPES)//#define CKR_USER_TOO_MANY_TYPES 0x00000105 { x = "CKR_USER_TOO_MANY_TYPES"; } else if (rv == CKR_WRAPPED_KEY_INVALID)//#define CKR_WRAPPED_KEY_INVALID 0x00000110 { x = "CKR_WRAPPED_KEY_INVALID"; } else if (rv == CKR_WRAPPED_KEY_LEN_RANGE)//#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 { x = "CKR_SLOT_CKR_WRAPPED_KEY_LEN_RANGE"; } else if (rv == CKR_WRAPPING_KEY_HANDLE_INVALID)//#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 { x = "CKR_WRAPPING_KEY_HANDLE_INVALID"; } else if (rv == CKR_WRAPPING_KEY_SIZE_RANGE)//#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 { x = "CKR_WRAPPING_KEY_SIZE_RANGE"; } else if (rv == CKR_WRAPPING_KEY_TYPE_INCONSISTENT)//#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 { x = "CKR_WRAPPING_KEY_TYPE_INCONSISTENT"; } else if (rv == CKR_RANDOM_SEED_NOT_SUPPORTED)//#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 { x = "CKR_RANDOM_SEED_NOT_SUPPORTED"; } /* These are new to v2.0 */ else if (rv == CKR_RANDOM_NO_RNG)//#define CKR_RANDOM_NO_RNG 0x00000121 { x = "CKR_RANDOM_NO_RNG"; } /* These are new to v2.11 */ else if (rv == CKR_DOMAIN_PARAMS_INVALID)//#define CKR_DOMAIN_PARAMS_INVALID 0x00000130 { x = "CKR_DOMAIN_PARAMS_INVALID"; } /* These are new to v2.0 */ else if (rv == CKR_BUFFER_TOO_SMALL)//#define CKR_BUFFER_TOO_SMALL 0x00000150 { x = "CKR_BUFFER_TOO_SMALL"; } else if (rv == CKR_SAVED_STATE_INVALID)//#define CKR_SAVED_STATE_INVALID 0x00000160 { x = "CKR_SAVED_STATE_INVALID"; } else if (rv == CKR_INFORMATION_SENSITIVE)//#define CKR_INFORMATION_SENSITIVE 0x00000170 { x = "CKR_INFORMATION_SENSITIVE"; } else if (rv == CKR_STATE_UNSAVEABLE)//#define CKR_STATE_UNSAVEABLE 0x00000180 { x = "CKR_STATE_UNSAVEABLE"; } /* These are new to v2.01 */ else if (rv == CKR_CRYPTOKI_NOT_INITIALIZED)//#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 { x = "CKR_CRYPTOKI_NOT_INITIALIZED"; } else if (rv == CKR_CRYPTOKI_ALREADY_INITIALIZED) //#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 { x = "CKR_CRYPTOKI_ALREADY_INITIALIZED"; } else if (rv == CKR_MUTEX_BAD)//#define CKR_MUTEX_BAD 0x000001A0 { x = "CKR_MUTEX_BAD"; } else if (rv == CKR_MUTEX_NOT_LOCKED)//#define CKR_MUTEX_NOT_LOCKED 0x000001A1 { x = "CKR_MUTEX_NOT_LOCKED"; } else if (rv == CKR_VENDOR_DEFINED)//#define CKR_VENDOR_DEFINED 0x80000000 { x = "CKR_VENDOR_DEFINED"; } else { x = "-1"; } return x; } QByteArray CryptoToken::toHex(const std::vector &data) { return QByteArray((const char*)data.data(), data.size()).toHex(); } std::vector CryptoToken::fromHex(const QString &data) { QByteArray bin = QByteArray::fromHex(data.toLatin1()); return std::vector(bin.constData(), bin.constData() + bin.size()); }