|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(SQL Server) PKCS11 Get Token InfoSee more PKCS11 ExamplesExample showing how to discover the readers (slots) and smart cards and tokens available through a vendor's PKCS11 Cryptoki module, and get token information for each.
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int DECLARE @iTmp0 int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) -- This example requires the Chilkat API to have been previously unlocked. -- See Global Unlock Sample for sample code. -- Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems. DECLARE @pkcs11 int -- Use "Chilkat_9_5_0.Pkcs11" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Pkcs11', @pkcs11 OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END -- Specify the vendor's Cryptoki module DLL / shared lib. -- The following PKCS11 driver DLL is for the WatchData ProxKey USB token. -- You would use your smartcard/token vendor's PKCS11 driver DLL. EXEC sp_OASetProperty @pkcs11, 'SharedLibPath', 'SignatureP11.dll' DECLARE @success int EXEC sp_OAMethod @pkcs11, 'Initialize', @success OUT IF @success = 0 BEGIN EXEC sp_OAGetProperty @pkcs11, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @pkcs11 RETURN END -- Call Discover to discover what's available. -- Indicate that we only want to return slots (readers) where tokens (or smart cards) are present. DECLARE @onlyTokensPresent int SELECT @onlyTokensPresent = 1 DECLARE @json int -- Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT EXEC sp_OAMethod @pkcs11, 'Discover', @success OUT, @onlyTokensPresent, @json IF @success = 0 BEGIN EXEC sp_OAGetProperty @pkcs11, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @pkcs11 EXEC @hr = sp_OADestroy @json RETURN END EXEC sp_OASetProperty @json, 'EmitCompact', 0 EXEC sp_OAMethod @json, 'Emit', @sTmp0 OUT PRINT @sTmp0 -- Sample JSON output. -- Code for parsing this JSON is shown below.. -- { -- "cryptokiVersion": { -- "major": 2, -- "minor": 10 -- }, -- "manufacturerID": "WatchData", -- "libraryDescription": "PKCS#11 cryptoki module", -- "libraryVersion": { -- "major": 3, -- "minor": 10 -- }, -- "slot": [ -- { -- "id": 16385, -- "slotDescription": "Watchdata IC CARD Reader/Writer", -- "manufacturerID": "Watchdata", -- "tokenPresent": true, -- "removableDevice": true, -- "hardwareSlot": true, -- "hardwareVersion": { -- "major": 1, -- "minor": 0 -- }, -- "firmwareVersion": { -- "major": 1, -- "minor": 0 -- }, -- "token": { -- "label": "WD PROXKey", -- "manufacturerID": "Watchdata Corp.", -- "model": "TimeCos/PK", -- "serialNumber": "WD05376504", -- "flags": [ -- "CKF_RNG", -- "CKF_LOGIN_REQUIRED", -- "CKF_USER_PIN_INITIALIZED", -- "CKF_DUAL_CRYPTO_OPERATIONS", -- "CKF_TOKEN_INITIALIZED" -- ], -- "maxSessionCount": 0, -- "sessionCount": 0, -- "maxRwSessionCount": 0, -- "rwSessionCount": 0, -- "maxPinLen": 32, -- "minPinLen": 6, -- "totalPublicMemory": 61440, -- "freePublicMemory": 70144, -- "totalPrivateMemory": 61440, -- "freePrivateMemory": 70144, -- "hardwareVersion": { -- "major": 2, -- "minor": 1 -- }, -- "firmwareVersion": { -- "major": 0, -- "minor": 0 -- }, -- "utcTime": "2024011509254600", -- "mechanism": [ -- "CKM_RSA_PKCS_KEY_PAIR_GEN", -- "CKM_EC_KEY_PAIR_GEN", -- "CKM_DES_KEY_GEN", -- "80000001", -- "8000000B", -- "CKM_AES_KEY_GEN", -- "CKM_DES2_KEY_GEN", -- "CKM_DES3_KEY_GEN", -- "CKM_RSA_PKCS", -- "CKM_RSA_X_509", -- "CKM_ECDSA", -- "CKM_ECDSA_SHA1", -- "CKM_MD2_RSA_PKCS", -- "CKM_MD5_RSA_PKCS", -- "CKM_SHA1_RSA_PKCS", -- "CKM_SHA256_RSA_PKCS", -- "CKM_DES_ECB", -- "CKM_DES_CBC", -- "CKM_DES_CBC_PAD", -- "80000002", -- "CKM_CPK_ECDSA", -- "CKM_CPK_ECDSA_SHA1", -- "8000000C", -- "8000000D", -- "8000000E", -- "CKM_AES_ECB", -- "CKM_AES_CBC", -- "CKM_AES_CBC_PAD", -- "CKM_DES3_ECB", -- "CKM_DES3_CBC", -- "CKM_DES3_CBC_PAD", -- "CKM_SHA_1", -- "CKM_SHA_1_HMAC", -- "CKM_SHA_1_HMAC_GENERAL", -- "CKM_SHA256", -- "CKM_SHA256_HMAC", -- "CKM_SHA256_HMAC_GENERAL", -- "CKM_MD2", -- "CKM_MD2_HMAC", -- "CKM_MD2_HMAC_GENERAL", -- "CKM_MD5", -- "CKM_MD5_HMAC", -- "CKM_MD5_HMAC_GENERAL", -- "CKM_SSL3_PRE_MASTER_KEY_GEN", -- "CKM_SSL3_MASTER_KEY_DERIVE", -- "CKM_SSL3_KEY_AND_MAC_DERIVE", -- "CKM_SSL3_MD5_MAC", -- "CKM_SSL3_SHA1_MAC" -- ], -- "rsa": { -- "minKeySize": 1024, -- "maxKeySize": 4096 -- } -- } -- } -- ] -- } -- Use this online tool to generate parsing code from sample JSON: -- Generate Parsing Code from JSON DECLARE @id int DECLARE @slotDescription nvarchar(4000) DECLARE @tokenPresent int DECLARE @removableDevice int DECLARE @hardwareSlot int DECLARE @hardwareVersionMajor int DECLARE @hardwareVersionMinor int DECLARE @firmwareVersionMajor int DECLARE @firmwareVersionMinor int DECLARE @tokenLabel nvarchar(4000) DECLARE @tokenManufacturerID nvarchar(4000) DECLARE @tokenModel nvarchar(4000) DECLARE @tokenSerialNumber nvarchar(4000) DECLARE @tokenMaxSessionCount int DECLARE @tokenSessionCount int DECLARE @tokenMaxRwSessionCount int DECLARE @tokenRwSessionCount int DECLARE @tokenMaxPinLen int DECLARE @tokenMinPinLen int DECLARE @tokenTotalPublicMemory int DECLARE @tokenFreePublicMemory int DECLARE @tokenTotalPrivateMemory int DECLARE @tokenFreePrivateMemory int DECLARE @tokenHardwareVersionMajor int DECLARE @tokenHardwareVersionMinor int DECLARE @tokenFirmwareVersionMajor int DECLARE @tokenFirmwareVersionMinor int DECLARE @tokenUtcTime nvarchar(4000) DECLARE @tokenRsaMinKeySize int DECLARE @tokenRsaMaxKeySize int DECLARE @j int DECLARE @count_j int DECLARE @strVal nvarchar(4000) DECLARE @tokenFlag nvarchar(4000) -- Use this online tool to generate parsing code from sample JSON: -- Generate Parsing Code from JSON DECLARE @cryptokiVersionMajor int EXEC sp_OAMethod @json, 'IntOf', @cryptokiVersionMajor OUT, 'cryptokiVersion.major' DECLARE @cryptokiVersionMinor int EXEC sp_OAMethod @json, 'IntOf', @cryptokiVersionMinor OUT, 'cryptokiVersion.minor' DECLARE @manufacturerID nvarchar(4000) EXEC sp_OAMethod @json, 'StringOf', @manufacturerID OUT, 'manufacturerID' DECLARE @libraryDescription nvarchar(4000) EXEC sp_OAMethod @json, 'StringOf', @libraryDescription OUT, 'libraryDescription' DECLARE @libraryVersionMajor int EXEC sp_OAMethod @json, 'IntOf', @libraryVersionMajor OUT, 'libraryVersion.major' DECLARE @libraryVersionMinor int EXEC sp_OAMethod @json, 'IntOf', @libraryVersionMinor OUT, 'libraryVersion.minor' DECLARE @i int SELECT @i = 0 DECLARE @count_i int EXEC sp_OAMethod @json, 'SizeOfArray', @count_i OUT, 'slot' WHILE @i < @count_i BEGIN EXEC sp_OASetProperty @json, 'I', @i EXEC sp_OAMethod @json, 'IntOf', @id OUT, 'slot[i].id' EXEC sp_OAMethod @json, 'StringOf', @slotDescription OUT, 'slot[i].slotDescription' EXEC sp_OAMethod @json, 'StringOf', @manufacturerID OUT, 'slot[i].manufacturerID' EXEC sp_OAMethod @json, 'BoolOf', @tokenPresent OUT, 'slot[i].tokenPresent' EXEC sp_OAMethod @json, 'BoolOf', @removableDevice OUT, 'slot[i].removableDevice' EXEC sp_OAMethod @json, 'BoolOf', @hardwareSlot OUT, 'slot[i].hardwareSlot' EXEC sp_OAMethod @json, 'IntOf', @hardwareVersionMajor OUT, 'slot[i].hardwareVersion.major' EXEC sp_OAMethod @json, 'IntOf', @hardwareVersionMinor OUT, 'slot[i].hardwareVersion.minor' EXEC sp_OAMethod @json, 'IntOf', @firmwareVersionMajor OUT, 'slot[i].firmwareVersion.major' EXEC sp_OAMethod @json, 'IntOf', @firmwareVersionMinor OUT, 'slot[i].firmwareVersion.minor' EXEC sp_OAMethod @json, 'StringOf', @tokenLabel OUT, 'slot[i].token.label' EXEC sp_OAMethod @json, 'StringOf', @tokenManufacturerID OUT, 'slot[i].token.manufacturerID' EXEC sp_OAMethod @json, 'StringOf', @tokenModel OUT, 'slot[i].token.model' EXEC sp_OAMethod @json, 'StringOf', @tokenSerialNumber OUT, 'slot[i].token.serialNumber' EXEC sp_OAMethod @json, 'IntOf', @tokenMaxSessionCount OUT, 'slot[i].token.maxSessionCount' EXEC sp_OAMethod @json, 'IntOf', @tokenSessionCount OUT, 'slot[i].token.sessionCount' EXEC sp_OAMethod @json, 'IntOf', @tokenMaxRwSessionCount OUT, 'slot[i].token.maxRwSessionCount' EXEC sp_OAMethod @json, 'IntOf', @tokenRwSessionCount OUT, 'slot[i].token.rwSessionCount' EXEC sp_OAMethod @json, 'IntOf', @tokenMaxPinLen OUT, 'slot[i].token.maxPinLen' EXEC sp_OAMethod @json, 'IntOf', @tokenMinPinLen OUT, 'slot[i].token.minPinLen' EXEC sp_OAMethod @json, 'IntOf', @tokenTotalPublicMemory OUT, 'slot[i].token.totalPublicMemory' EXEC sp_OAMethod @json, 'IntOf', @tokenFreePublicMemory OUT, 'slot[i].token.freePublicMemory' EXEC sp_OAMethod @json, 'IntOf', @tokenTotalPrivateMemory OUT, 'slot[i].token.totalPrivateMemory' EXEC sp_OAMethod @json, 'IntOf', @tokenFreePrivateMemory OUT, 'slot[i].token.freePrivateMemory' EXEC sp_OAMethod @json, 'IntOf', @tokenHardwareVersionMajor OUT, 'slot[i].token.hardwareVersion.major' EXEC sp_OAMethod @json, 'IntOf', @tokenHardwareVersionMinor OUT, 'slot[i].token.hardwareVersion.minor' EXEC sp_OAMethod @json, 'IntOf', @tokenFirmwareVersionMajor OUT, 'slot[i].token.firmwareVersion.major' EXEC sp_OAMethod @json, 'IntOf', @tokenFirmwareVersionMinor OUT, 'slot[i].token.firmwareVersion.minor' EXEC sp_OAMethod @json, 'StringOf', @tokenUtcTime OUT, 'slot[i].token.utcTime' EXEC sp_OAMethod @json, 'IntOf', @tokenRsaMinKeySize OUT, 'slot[i].token.rsa.minKeySize' EXEC sp_OAMethod @json, 'IntOf', @tokenRsaMaxKeySize OUT, 'slot[i].token.rsa.maxKeySize' -- The following token flag strings are possible: -- CKF_RNG: has random # generator -- CKF_WRITE_PROTECTED: token is write-protected -- CKF_LOGIN_REQUIRED:user must login -- CKF_USER_PIN_INITIALIZED:normal user's PIN is set -- CKF_RESTORE_KEY_NOT_NEEDED: Every time the state of cryptographic operations of a session is -- successfully saved, all keys needed to continue those operations are stored in the state -- CKF_CLOCK_ON_TOKEN: The token has some sort of clock. The time on the clock is returned in the slot[i].token.utcTime -- CKF_PROTECTED_AUTHENTICATION_PATH: There is some way for the user to login without sending a PIN through the Cryptoki library itself -- CKF_DUAL_CRYPTO_OPERATIONS: A single session with the token can perform dual simultaneous cryptographic operations -- (digest and encrypt; decrypt and digest; sign and encrypt; and decrypt and sign) -- CKF_TOKEN_INITIALIZED: The token has been initialized. -- CKF_SECONDARY_AUTHENTICATION: The token supports secondary authentication for private key objects. -- CKF_USER_PIN_COUNT_LOW: An incorrect user login PIN has been entered at least once since the last successful authentication. -- CKF_USER_PIN_FINAL_TRY: Supplying an incorrect user PIN will it to become locked. -- CKF_USER_PIN_LOCKED: The user PIN has been locked. User login to the token is not possible. -- CKF_USER_PIN_TO_BE_CHANGED: The user PIN value is the default value set by token initialization or manufacturing, -- or the PIN has been expired by the card. -- CKF_SO_PIN_COUNT_LOW: An incorrect SO login PIN has been entered at least once since the last successful authentication. -- CKF_SO_PIN_FINAL_TRY: Supplying an incorrect SO PIN will it to become locked. -- CKF_SO_PIN_LOCKED: The SO PIN has been locked. SO login to the token is not possible. -- CKF_SO_PIN_TO_BE_CHANGED: The SO PIN value is the default value set by token initialization or manufacturing, -- or the PIN has been expired by the card. -- To see if particular flags are present: DECLARE @aFlags int EXEC sp_OAMethod @json, 'ArrayOf', @aFlags OUT, 'slot[i].token.flags' EXEC sp_OAMethod @aFlags, 'FindString', @iTmp0 OUT, 'CKF_USER_PIN_LOCKED', 1 IF @iTmp0 >= 0 BEGIN PRINT 'The token is locked.' END EXEC sp_OAMethod @aFlags, 'FindString', @iTmp0 OUT, 'CKF_RNG', 1 IF @iTmp0 >= 0 BEGIN PRINT 'The token has a random number generator.' END -- ... EXEC @hr = sp_OADestroy @aFlags -- To iterate over all flags.. SELECT @j = 0 EXEC sp_OAMethod @json, 'SizeOfArray', @count_j OUT, 'slot[i].token.flags' WHILE @j < @count_j BEGIN EXEC sp_OASetProperty @json, 'J', @j EXEC sp_OAMethod @json, 'StringOf', @tokenFlag OUT, 'slot[i].token.flags[j]' SELECT @j = @j + 1 END SELECT @j = 0 EXEC sp_OAMethod @json, 'SizeOfArray', @count_j OUT, 'slot[i].token.mechanism' WHILE @j < @count_j BEGIN EXEC sp_OASetProperty @json, 'J', @j EXEC sp_OAMethod @json, 'StringOf', @strVal OUT, 'slot[i].token.mechanism[j]' SELECT @j = @j + 1 END SELECT @i = @i + 1 END EXEC @hr = sp_OADestroy @pkcs11 EXEC @hr = sp_OADestroy @json END GO |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.