001 /* Copyright (c) 2002 Graz University of Technology. All rights reserved. 002 * 003 * Redistribution and use in source and binary forms, with or without 004 * modification, are permitted provided that the following conditions are met: 005 * 006 * 1. Redistributions of source code must retain the above copyright notice, 007 * this list of conditions and the following disclaimer. 008 * 009 * 2. Redistributions in binary form must reproduce the above copyright notice, 010 * this list of conditions and the following disclaimer in the documentation 011 * and/or other materials provided with the distribution. 012 * 013 * 3. The end-user documentation included with the redistribution, if any, must 014 * include the following acknowledgment: 015 * 016 * "This product includes software developed by IAIK of Graz University of 017 * Technology." 018 * 019 * Alternately, this acknowledgment may appear in the software itself, if 020 * and wherever such third-party acknowledgments normally appear. 021 * 022 * 4. The names "Graz University of Technology" and "IAIK of Graz University of 023 * Technology" must not be used to endorse or promote products derived from 024 * this software without prior written permission. 025 * 026 * 5. Products derived from this software may not be called 027 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior 028 * written permission of Graz University of Technology. 029 * 030 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED 031 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 032 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 033 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 034 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 035 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 036 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 037 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 038 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 039 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 040 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 041 * POSSIBILITY OF SUCH DAMAGE. 042 */ 043 044 package demo.pkcs.pkcs11; 045 046 import java.io.BufferedReader; 047 import java.io.ByteArrayInputStream; 048 import java.io.InputStreamReader; 049 import java.io.PrintWriter; 050 import java.security.cert.Certificate; 051 import java.security.cert.CertificateFactory; 052 053 import iaik.pkcs.pkcs11.DefaultInitializeArgs; 054 import iaik.pkcs.pkcs11.Info; 055 import iaik.pkcs.pkcs11.Mechanism; 056 import iaik.pkcs.pkcs11.MechanismInfo; 057 import iaik.pkcs.pkcs11.Module; 058 import iaik.pkcs.pkcs11.Session; 059 import iaik.pkcs.pkcs11.SessionInfo; 060 import iaik.pkcs.pkcs11.Slot; 061 import iaik.pkcs.pkcs11.SlotInfo; 062 import iaik.pkcs.pkcs11.Token; 063 import iaik.pkcs.pkcs11.TokenInfo; 064 import iaik.pkcs.pkcs11.objects.Object; 065 import iaik.pkcs.pkcs11.objects.X509AttributeCertificate; 066 import iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate; 067 068 069 070 /** 071 * This demo program lists information about a library, the available slots, 072 * the available tokens and the objects on them. It takes the name of the module 073 * and the absolute path to the shared library of the IAIK PKCS#11 Wrapper 074 * and prompts the user PIN. If the user PIN is not available, 075 * the program will list only public objects but no private objects; i.e. as 076 * defined in PKCS#11 for public read-only sessions. 077 * 078 * @author <a href="mailto:jce@iaik.tugraz.at"> Birgit Haas </a> 079 * @version 0.1 080 * @invariants 081 */ 082 public class GetInfoWithWrapperPath { 083 084 static PrintWriter output_; 085 086 static BufferedReader input_; 087 088 static { 089 try { 090 //output_ = new PrintWriter(new FileWriter("GetInfo_output.txt"), true); 091 output_ = new PrintWriter(System.out, true); 092 input_ = new BufferedReader(new InputStreamReader(System.in)); 093 } catch (Throwable thr) { 094 thr.printStackTrace(); 095 output_ = new PrintWriter(System.out, true); 096 input_ = new BufferedReader(new InputStreamReader(System.in)); 097 } 098 } 099 100 public static void main(String[] args) { 101 if ((args.length == 2) || (args.length == 3)) { 102 try { 103 output_.println("################################################################################"); 104 output_.println("load and initialize module: " + args[0]); 105 output_.flush(); 106 Module pkcs11Module = Module.getInstance(args[0], args[1]); 107 108 if (args.length == 2) { 109 pkcs11Module.initialize(null); 110 } else { 111 DefaultInitializeArgs arguments = new DefaultInitializeArgs(); 112 byte[] stringBytes = args[2].getBytes(); 113 byte[] reservedBytes = new byte[stringBytes.length + 5]; 114 System.arraycopy(stringBytes, 0, reservedBytes, 0, stringBytes.length); 115 arguments.setReserved(reservedBytes); 116 pkcs11Module.initialize(arguments); 117 } 118 119 Info info = pkcs11Module.getInfo(); 120 output_.println(info); 121 output_.println("################################################################################"); 122 123 124 output_.println("################################################################################"); 125 output_.println("getting list of all slots"); 126 Slot[] slots = pkcs11Module.getSlotList(Module.SlotRequirement.ALL_SLOTS); 127 128 for (int i = 0; i < slots.length; i++) { 129 output_.println("________________________________________________________________________________"); 130 SlotInfo slotInfo = slots[i].getSlotInfo(); 131 output_.print("Slot with ID: "); 132 output_.println(slots[i].getSlotID()); 133 output_.println("--------------------------------------------------------------------------------"); 134 output_.println(slotInfo); 135 output_.println("________________________________________________________________________________"); 136 } 137 output_.println("################################################################################"); 138 139 140 output_.println("################################################################################"); 141 output_.println("getting list of all tokens"); 142 Slot[] slotsWithToken = pkcs11Module.getSlotList(Module.SlotRequirement.TOKEN_PRESENT); 143 Token[] tokens = new Token[slotsWithToken.length]; 144 145 for (int i = 0; i < slotsWithToken.length; i++) { 146 output_.println("________________________________________________________________________________"); 147 tokens[i] = slotsWithToken[i].getToken(); 148 TokenInfo tokenInfo = tokens[i].getTokenInfo(); 149 output_.print("Token in slot with ID: "); 150 output_.println(tokens[i].getSlot().getSlotID()); 151 output_.println("--------------------------------------------------------------------------------"); 152 output_.println(tokenInfo); 153 154 output_.println("supported Mechanisms:"); 155 Mechanism[] supportedMechanisms = tokens[i].getMechanismList(); 156 for (int j = 0; j < supportedMechanisms.length; j++) { 157 output_.println("--------------------------------------------------------------------------------"); 158 output_.println("Mechanism Name: " + supportedMechanisms[j].getName()); 159 MechanismInfo mechanismInfo = tokens[i].getMechanismInfo(supportedMechanisms[j]); 160 output_.println(mechanismInfo); 161 output_.println("--------------------------------------------------------------------------------"); 162 } 163 output_.println("________________________________________________________________________________"); 164 } 165 output_.println("################################################################################"); 166 167 output_.println("################################################################################"); 168 output_.println("listing objects on tokens"); 169 for (int i = 0; i < tokens.length; i++) { 170 output_.println("________________________________________________________________________________"); 171 output_.println("listing objects for token: "); 172 TokenInfo tokenInfo = tokens[i].getTokenInfo(); 173 output_.println(tokenInfo); 174 Session session = tokens[i] 175 .openSession(Token.SessionType.SERIAL_SESSION, Token.SessionReadWriteBehavior.RO_SESSION, null, null); 176 177 if (tokenInfo.isLoginRequired()) { 178 if (tokenInfo.isProtectedAuthenticationPath()) { 179 session.login(Session.UserType.USER, null); // the token prompts the PIN by other means; e.g. PIN-pad 180 } else { 181 output_.print("Enter user-PIN or press [return] to list just public objects: "); 182 output_.flush(); 183 String userPINString = input_.readLine(); 184 output_.println(); 185 output_.print("listing all" + ((userPINString.length() > 0) ? "" : " public") + " objects on token"); 186 if (userPINString.length() > 0) { 187 // login user 188 session.login(Session.UserType.USER, userPINString.toCharArray()); 189 } 190 } 191 } 192 SessionInfo sessionInfo = session.getSessionInfo(); 193 output_.println(" using session:"); 194 output_.println(sessionInfo); 195 196 session.findObjectsInit(null); 197 Object[] objects = session.findObjects(1); 198 199 CertificateFactory x509CertificateFactory = null; 200 while (objects.length > 0) { 201 Object object = objects[0]; 202 output_.println("--------------------------------------------------------------------------------"); 203 output_.println("Object with handle: " + objects[0].getObjectHandle()); 204 output_.println(object); 205 if (object instanceof X509PublicKeyCertificate) { 206 try { 207 byte[] encodedCertificate = ((X509PublicKeyCertificate) object).getValue().getByteArrayValue(); 208 if (x509CertificateFactory == null) { 209 x509CertificateFactory = CertificateFactory.getInstance("X.509"); 210 } 211 Certificate certificate = 212 x509CertificateFactory.generateCertificate(new ByteArrayInputStream(encodedCertificate)); 213 output_.println("................................................................................"); 214 output_.println("The decoded X509PublicKeyCertificate is:"); 215 output_.println(certificate.toString()); 216 output_.println("................................................................................"); 217 } catch (Exception ex) { 218 output_.println("Could not decode this X509PublicKeyCertificate. Exception is: " + ex.toString()); 219 } 220 } else if (object instanceof X509AttributeCertificate) { 221 try { 222 byte[] encodedCertificate = ((X509AttributeCertificate) object).getValue().getByteArrayValue(); 223 if (x509CertificateFactory == null) { 224 x509CertificateFactory = CertificateFactory.getInstance("X.509"); 225 } 226 Certificate certificate = 227 x509CertificateFactory.generateCertificate(new ByteArrayInputStream(encodedCertificate)); 228 output_.println("................................................................................"); 229 output_.println("The decoded X509AttributeCertificate is:"); 230 output_.println(certificate.toString()); 231 output_.println("................................................................................"); 232 } catch (Exception ex) { 233 output_.println("Could not decode this X509AttributeCertificate. Exception is: " + ex.toString()); 234 } 235 } 236 // test the (deep) cloning feature 237 // Object clonedObject = (Object) object.clone(); 238 output_.println("--------------------------------------------------------------------------------"); 239 objects = session.findObjects(1); 240 } 241 session.findObjectsFinal(); 242 243 session.closeSession(); 244 output_.println("________________________________________________________________________________"); 245 } 246 output_.println("################################################################################"); 247 pkcs11Module.finalize(null); 248 } catch (Throwable ex) { 249 ex.printStackTrace(); 250 } 251 } else { 252 printUsage(); 253 } 254 System.gc(); // to finalize and disconnect the pkcs11Module 255 System.exit(0); 256 } 257 258 protected static void printUsage() { 259 output_.println("GetInfo <PKCS#11 module name> <full path to pkcs11wrapper.dll> [<initialization parameters>]"); 260 output_.println("e.g.: GetInfo aetpkss1.dll C:\\provider\\lib\\win32\\pkcs11wrapper.dll"); 261 } 262 263 }