|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PHP Extension) PKCS11 Get Token InfoSee more PKCS11 ExamplesExample showing how to discover the readers (slots) and smart cards and tokens available through a vendor's PKCS11 Cryptoki module, and get token information for each.
<?php include("chilkat_9_5_0.php"); // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: Chilkat's PKCS11 implementation runs on Windows, Linux, Mac OS X, and other supported operating systems. $pkcs11 = new CkPkcs11(); // Specify the vendor's Cryptoki module DLL / shared lib. // The following PKCS11 driver DLL is for the WatchData ProxKey USB token. // You would use your smartcard/token vendor's PKCS11 driver DLL. $pkcs11->put_SharedLibPath('SignatureP11.dll'); $success = $pkcs11->Initialize(); if ($success == false) { print $pkcs11->lastErrorText() . "\n"; exit; } // Call Discover to discover what's available. // Indicate that we only want to return slots (readers) where tokens (or smart cards) are present. $onlyTokensPresent = true; $json = new CkJsonObject(); $success = $pkcs11->Discover($onlyTokensPresent,$json); if ($success == false) { print $pkcs11->lastErrorText() . "\n"; exit; } $json->put_EmitCompact(false); print $json->emit() . "\n"; // Sample JSON output. // Code for parsing this JSON is shown below.. // { // "cryptokiVersion": { // "major": 2, // "minor": 10 // }, // "manufacturerID": "WatchData", // "libraryDescription": "PKCS#11 cryptoki module", // "libraryVersion": { // "major": 3, // "minor": 10 // }, // "slot": [ // { // "id": 16385, // "slotDescription": "Watchdata IC CARD Reader/Writer", // "manufacturerID": "Watchdata", // "tokenPresent": true, // "removableDevice": true, // "hardwareSlot": true, // "hardwareVersion": { // "major": 1, // "minor": 0 // }, // "firmwareVersion": { // "major": 1, // "minor": 0 // }, // "token": { // "label": "WD PROXKey", // "manufacturerID": "Watchdata Corp.", // "model": "TimeCos/PK", // "serialNumber": "WD05376504", // "flags": [ // "CKF_RNG", // "CKF_LOGIN_REQUIRED", // "CKF_USER_PIN_INITIALIZED", // "CKF_DUAL_CRYPTO_OPERATIONS", // "CKF_TOKEN_INITIALIZED" // ], // "maxSessionCount": 0, // "sessionCount": 0, // "maxRwSessionCount": 0, // "rwSessionCount": 0, // "maxPinLen": 32, // "minPinLen": 6, // "totalPublicMemory": 61440, // "freePublicMemory": 70144, // "totalPrivateMemory": 61440, // "freePrivateMemory": 70144, // "hardwareVersion": { // "major": 2, // "minor": 1 // }, // "firmwareVersion": { // "major": 0, // "minor": 0 // }, // "utcTime": "2024011509254600", // "mechanism": [ // "CKM_RSA_PKCS_KEY_PAIR_GEN", // "CKM_EC_KEY_PAIR_GEN", // "CKM_DES_KEY_GEN", // "80000001", // "8000000B", // "CKM_AES_KEY_GEN", // "CKM_DES2_KEY_GEN", // "CKM_DES3_KEY_GEN", // "CKM_RSA_PKCS", // "CKM_RSA_X_509", // "CKM_ECDSA", // "CKM_ECDSA_SHA1", // "CKM_MD2_RSA_PKCS", // "CKM_MD5_RSA_PKCS", // "CKM_SHA1_RSA_PKCS", // "CKM_SHA256_RSA_PKCS", // "CKM_DES_ECB", // "CKM_DES_CBC", // "CKM_DES_CBC_PAD", // "80000002", // "CKM_CPK_ECDSA", // "CKM_CPK_ECDSA_SHA1", // "8000000C", // "8000000D", // "8000000E", // "CKM_AES_ECB", // "CKM_AES_CBC", // "CKM_AES_CBC_PAD", // "CKM_DES3_ECB", // "CKM_DES3_CBC", // "CKM_DES3_CBC_PAD", // "CKM_SHA_1", // "CKM_SHA_1_HMAC", // "CKM_SHA_1_HMAC_GENERAL", // "CKM_SHA256", // "CKM_SHA256_HMAC", // "CKM_SHA256_HMAC_GENERAL", // "CKM_MD2", // "CKM_MD2_HMAC", // "CKM_MD2_HMAC_GENERAL", // "CKM_MD5", // "CKM_MD5_HMAC", // "CKM_MD5_HMAC_GENERAL", // "CKM_SSL3_PRE_MASTER_KEY_GEN", // "CKM_SSL3_MASTER_KEY_DERIVE", // "CKM_SSL3_KEY_AND_MAC_DERIVE", // "CKM_SSL3_MD5_MAC", // "CKM_SSL3_SHA1_MAC" // ], // "rsa": { // "minKeySize": 1024, // "maxKeySize": 4096 // } // } // } // ] // } // Use this online tool to generate parsing code from sample JSON: // Generate Parsing Code from JSON // Use this online tool to generate parsing code from sample JSON: // Generate Parsing Code from JSON $cryptokiVersionMajor = $json->IntOf('cryptokiVersion.major'); $cryptokiVersionMinor = $json->IntOf('cryptokiVersion.minor'); $manufacturerID = $json->stringOf('manufacturerID'); $libraryDescription = $json->stringOf('libraryDescription'); $libraryVersionMajor = $json->IntOf('libraryVersion.major'); $libraryVersionMinor = $json->IntOf('libraryVersion.minor'); $i = 0; $count_i = $json->SizeOfArray('slot'); while ($i < $count_i) { $json->put_I($i); $id = $json->IntOf('slot[i].id'); $slotDescription = $json->stringOf('slot[i].slotDescription'); $manufacturerID = $json->stringOf('slot[i].manufacturerID'); $tokenPresent = $json->BoolOf('slot[i].tokenPresent'); $removableDevice = $json->BoolOf('slot[i].removableDevice'); $hardwareSlot = $json->BoolOf('slot[i].hardwareSlot'); $hardwareVersionMajor = $json->IntOf('slot[i].hardwareVersion.major'); $hardwareVersionMinor = $json->IntOf('slot[i].hardwareVersion.minor'); $firmwareVersionMajor = $json->IntOf('slot[i].firmwareVersion.major'); $firmwareVersionMinor = $json->IntOf('slot[i].firmwareVersion.minor'); $tokenLabel = $json->stringOf('slot[i].token.label'); $tokenManufacturerID = $json->stringOf('slot[i].token.manufacturerID'); $tokenModel = $json->stringOf('slot[i].token.model'); $tokenSerialNumber = $json->stringOf('slot[i].token.serialNumber'); $tokenMaxSessionCount = $json->IntOf('slot[i].token.maxSessionCount'); $tokenSessionCount = $json->IntOf('slot[i].token.sessionCount'); $tokenMaxRwSessionCount = $json->IntOf('slot[i].token.maxRwSessionCount'); $tokenRwSessionCount = $json->IntOf('slot[i].token.rwSessionCount'); $tokenMaxPinLen = $json->IntOf('slot[i].token.maxPinLen'); $tokenMinPinLen = $json->IntOf('slot[i].token.minPinLen'); $tokenTotalPublicMemory = $json->IntOf('slot[i].token.totalPublicMemory'); $tokenFreePublicMemory = $json->IntOf('slot[i].token.freePublicMemory'); $tokenTotalPrivateMemory = $json->IntOf('slot[i].token.totalPrivateMemory'); $tokenFreePrivateMemory = $json->IntOf('slot[i].token.freePrivateMemory'); $tokenHardwareVersionMajor = $json->IntOf('slot[i].token.hardwareVersion.major'); $tokenHardwareVersionMinor = $json->IntOf('slot[i].token.hardwareVersion.minor'); $tokenFirmwareVersionMajor = $json->IntOf('slot[i].token.firmwareVersion.major'); $tokenFirmwareVersionMinor = $json->IntOf('slot[i].token.firmwareVersion.minor'); $tokenUtcTime = $json->stringOf('slot[i].token.utcTime'); $tokenRsaMinKeySize = $json->IntOf('slot[i].token.rsa.minKeySize'); $tokenRsaMaxKeySize = $json->IntOf('slot[i].token.rsa.maxKeySize'); // The following token flag strings are possible: // CKF_RNG: has random # generator // CKF_WRITE_PROTECTED: token is write-protected // CKF_LOGIN_REQUIRED:user must login // CKF_USER_PIN_INITIALIZED:normal user's PIN is set // CKF_RESTORE_KEY_NOT_NEEDED: Every time the state of cryptographic operations of a session is // successfully saved, all keys needed to continue those operations are stored in the state // CKF_CLOCK_ON_TOKEN: The token has some sort of clock. The time on the clock is returned in the slot[i].token.utcTime // CKF_PROTECTED_AUTHENTICATION_PATH: There is some way for the user to login without sending a PIN through the Cryptoki library itself // CKF_DUAL_CRYPTO_OPERATIONS: A single session with the token can perform dual simultaneous cryptographic operations // (digest and encrypt; decrypt and digest; sign and encrypt; and decrypt and sign) // CKF_TOKEN_INITIALIZED: The token has been initialized. // CKF_SECONDARY_AUTHENTICATION: The token supports secondary authentication for private key objects. // CKF_USER_PIN_COUNT_LOW: An incorrect user login PIN has been entered at least once since the last successful authentication. // CKF_USER_PIN_FINAL_TRY: Supplying an incorrect user PIN will it to become locked. // CKF_USER_PIN_LOCKED: The user PIN has been locked. User login to the token is not possible. // CKF_USER_PIN_TO_BE_CHANGED: The user PIN value is the default value set by token initialization or manufacturing, // or the PIN has been expired by the card. // CKF_SO_PIN_COUNT_LOW: An incorrect SO login PIN has been entered at least once since the last successful authentication. // CKF_SO_PIN_FINAL_TRY: Supplying an incorrect SO PIN will it to become locked. // CKF_SO_PIN_LOCKED: The SO PIN has been locked. SO login to the token is not possible. // CKF_SO_PIN_TO_BE_CHANGED: The SO PIN value is the default value set by token initialization or manufacturing, // or the PIN has been expired by the card. // To see if particular flags are present: // aFlags is a CkJsonArray $aFlags = $json->ArrayOf('slot[i].token.flags'); if ($aFlags->FindString('CKF_USER_PIN_LOCKED',true) >= 0) { print 'The token is locked.' . "\n"; } if ($aFlags->FindString('CKF_RNG',true) >= 0) { print 'The token has a random number generator.' . "\n"; } // ... // To iterate over all flags.. $j = 0; $count_j = $json->SizeOfArray('slot[i].token.flags'); while ($j < $count_j) { $json->put_J($j); $tokenFlag = $json->stringOf('slot[i].token.flags[j]'); $j = $j + 1; } $j = 0; $count_j = $json->SizeOfArray('slot[i].token.mechanism'); while ($j < $count_j) { $json->put_J($j); $strVal = $json->stringOf('slot[i].token.mechanism[j]'); $j = $j + 1; } $i = $i + 1; } ?> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.