001 /* Copyright (c) 2002 Graz University of Technology. All rights reserved. 002 * 003 * Redistribution and use in source and binary forms, with or without 004 * modification, are permitted provided that the following conditions are met: 005 * 006 * 1. Redistributions of source code must retain the above copyright notice, 007 * this list of conditions and the following disclaimer. 008 * 009 * 2. Redistributions in binary form must reproduce the above copyright notice, 010 * this list of conditions and the following disclaimer in the documentation 011 * and/or other materials provided with the distribution. 012 * 013 * 3. The end-user documentation included with the redistribution, if any, must 014 * include the following acknowledgment: 015 * 016 * "This product includes software developed by IAIK of Graz University of 017 * Technology." 018 * 019 * Alternately, this acknowledgment may appear in the software itself, if 020 * and wherever such third-party acknowledgments normally appear. 021 * 022 * 4. The names "Graz University of Technology" and "IAIK of Graz University of 023 * Technology" must not be used to endorse or promote products derived from 024 * this software without prior written permission. 025 * 026 * 5. Products derived from this software may not be called 027 * "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior 028 * written permission of Graz University of Technology. 029 * 030 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED 031 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 032 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 033 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE 034 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 035 * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 036 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 037 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 038 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 039 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 040 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 041 * POSSIBILITY OF SUCH DAMAGE. 042 */ 043 044 package demo.pkcs.pkcs11; 045 046 import java.io.BufferedReader; 047 import java.io.ByteArrayInputStream; 048 import java.io.InputStreamReader; 049 import java.io.PrintWriter; 050 import java.security.cert.Certificate; 051 import java.security.cert.CertificateFactory; 052 053 import iaik.pkcs.pkcs11.DefaultInitializeArgs; 054 import iaik.pkcs.pkcs11.Info; 055 import iaik.pkcs.pkcs11.Mechanism; 056 import iaik.pkcs.pkcs11.MechanismInfo; 057 import iaik.pkcs.pkcs11.Module; 058 import iaik.pkcs.pkcs11.Session; 059 import iaik.pkcs.pkcs11.SessionInfo; 060 import iaik.pkcs.pkcs11.Slot; 061 import iaik.pkcs.pkcs11.SlotInfo; 062 import iaik.pkcs.pkcs11.Token; 063 import iaik.pkcs.pkcs11.TokenInfo; 064 import iaik.pkcs.pkcs11.objects.Object; 065 import iaik.pkcs.pkcs11.objects.X509AttributeCertificate; 066 import iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate; 067 068 069 070 /** 071 * This demo program lists information about a library, the available slots, 072 * the available tokens and the objects on them. It takes the name of the module 073 * and prompts the user PIN. If the user PIN is not available, 074 * the program will list only public objects but no private objects; i.e. as 075 * defined in PKCS#11 for public read-only sessions. 076 * 077 * @author <a href="mailto:Karl.Scheibelhofer@iaik.at"> Karl Scheibelhofer </a> 078 * @version 0.1 079 * @invariants 080 */ 081 public class GetInfo { 082 083 static PrintWriter output_; 084 085 static BufferedReader input_; 086 087 static { 088 try { 089 //output_ = new PrintWriter(new FileWriter("GetInfo_output.txt"), true); 090 output_ = new PrintWriter(System.out, true); 091 input_ = new BufferedReader(new InputStreamReader(System.in)); 092 } catch (Throwable thr) { 093 thr.printStackTrace(); 094 output_ = new PrintWriter(System.out, true); 095 input_ = new BufferedReader(new InputStreamReader(System.in)); 096 } 097 } 098 099 public static void main(String[] args) { 100 if ((args.length == 1) || (args.length == 2)) { 101 try { 102 output_.println("################################################################################"); 103 output_.println("load and initialize module: " + args[0]); 104 output_.flush(); 105 Module pkcs11Module = Module.getInstance(args[0]); 106 107 if (args.length == 1) { 108 pkcs11Module.initialize(null); 109 } else { 110 DefaultInitializeArgs arguments = new DefaultInitializeArgs(); 111 byte[] stringBytes = args[1].getBytes(); 112 byte[] reservedBytes = new byte[stringBytes.length + 5]; 113 System.arraycopy(stringBytes, 0, reservedBytes, 0, stringBytes.length); 114 arguments.setReserved(reservedBytes); 115 pkcs11Module.initialize(arguments); 116 } 117 118 Info info = pkcs11Module.getInfo(); 119 output_.println(info); 120 output_.println("################################################################################"); 121 122 123 output_.println("################################################################################"); 124 output_.println("getting list of all slots"); 125 Slot[] slots = pkcs11Module.getSlotList(Module.SlotRequirement.ALL_SLOTS); 126 127 for (int i = 0; i < slots.length; i++) { 128 output_.println("________________________________________________________________________________"); 129 SlotInfo slotInfo = slots[i].getSlotInfo(); 130 output_.print("Slot with ID: "); 131 output_.println(slots[i].getSlotID()); 132 output_.println("--------------------------------------------------------------------------------"); 133 output_.println(slotInfo); 134 output_.println("________________________________________________________________________________"); 135 } 136 output_.println("################################################################################"); 137 138 139 output_.println("################################################################################"); 140 output_.println("getting list of all tokens"); 141 Slot[] slotsWithToken = pkcs11Module.getSlotList(Module.SlotRequirement.TOKEN_PRESENT); 142 Token[] tokens = new Token[slotsWithToken.length]; 143 144 for (int i = 0; i < slotsWithToken.length; i++) { 145 output_.println("________________________________________________________________________________"); 146 tokens[i] = slotsWithToken[i].getToken(); 147 TokenInfo tokenInfo = tokens[i].getTokenInfo(); 148 output_.print("Token in slot with ID: "); 149 output_.println(tokens[i].getSlot().getSlotID()); 150 output_.println("--------------------------------------------------------------------------------"); 151 output_.println(tokenInfo); 152 153 output_.println("supported Mechanisms:"); 154 Mechanism[] supportedMechanisms = tokens[i].getMechanismList(); 155 for (int j = 0; j < supportedMechanisms.length; j++) { 156 output_.println("--------------------------------------------------------------------------------"); 157 output_.println("Mechanism Name: " + supportedMechanisms[j].getName()); 158 MechanismInfo mechanismInfo = tokens[i].getMechanismInfo(supportedMechanisms[j]); 159 output_.println(mechanismInfo); 160 output_.println("--------------------------------------------------------------------------------"); 161 } 162 output_.println("________________________________________________________________________________"); 163 } 164 output_.println("################################################################################"); 165 166 output_.println("################################################################################"); 167 output_.println("listing objects on tokens"); 168 for (int i = 0; i < tokens.length; i++) { 169 output_.println("________________________________________________________________________________"); 170 output_.println("listing objects for token: "); 171 TokenInfo tokenInfo = tokens[i].getTokenInfo(); 172 output_.println(tokenInfo); 173 Session session = tokens[i] 174 .openSession(Token.SessionType.SERIAL_SESSION, Token.SessionReadWriteBehavior.RO_SESSION, null, null); 175 176 if (tokenInfo.isLoginRequired()) { 177 if (tokenInfo.isProtectedAuthenticationPath()) { 178 session.login(Session.UserType.USER, null); // the token prompts the PIN by other means; e.g. PIN-pad 179 } else { 180 output_.print("Enter user-PIN or press [return] to list just public objects: "); 181 output_.flush(); 182 String userPINString = input_.readLine(); 183 output_.println(); 184 output_.print("listing all" + ((userPINString.length() > 0) ? "" : " public") + " objects on token"); 185 if (userPINString.length() > 0) { 186 // login user 187 session.login(Session.UserType.USER, userPINString.toCharArray()); 188 } 189 } 190 } 191 SessionInfo sessionInfo = session.getSessionInfo(); 192 output_.println(" using session:"); 193 output_.println(sessionInfo); 194 195 session.findObjectsInit(null); 196 Object[] objects = session.findObjects(1); 197 198 CertificateFactory x509CertificateFactory = null; 199 while (objects.length > 0) { 200 Object object = objects[0]; 201 output_.println("--------------------------------------------------------------------------------"); 202 output_.println("Object with handle: " + objects[0].getObjectHandle()); 203 output_.println(object); 204 if (object instanceof X509PublicKeyCertificate) { 205 try { 206 byte[] encodedCertificate = ((X509PublicKeyCertificate) object).getValue().getByteArrayValue(); 207 if (x509CertificateFactory == null) { 208 x509CertificateFactory = CertificateFactory.getInstance("X.509"); 209 } 210 Certificate certificate = 211 x509CertificateFactory.generateCertificate(new ByteArrayInputStream(encodedCertificate)); 212 output_.println("................................................................................"); 213 output_.println("The decoded X509PublicKeyCertificate is:"); 214 output_.println(certificate.toString()); 215 output_.println("................................................................................"); 216 } catch (Exception ex) { 217 output_.println("Could not decode this X509PublicKeyCertificate. Exception is: " + ex.toString()); 218 } 219 } else if (object instanceof X509AttributeCertificate) { 220 try { 221 byte[] encodedCertificate = ((X509AttributeCertificate) object).getValue().getByteArrayValue(); 222 if (x509CertificateFactory == null) { 223 x509CertificateFactory = CertificateFactory.getInstance("X.509"); 224 } 225 Certificate certificate = 226 x509CertificateFactory.generateCertificate(new ByteArrayInputStream(encodedCertificate)); 227 output_.println("................................................................................"); 228 output_.println("The decoded X509AttributeCertificate is:"); 229 output_.println(certificate.toString()); 230 output_.println("................................................................................"); 231 } catch (Exception ex) { 232 output_.println("Could not decode this X509AttributeCertificate. Exception is: " + ex.toString()); 233 } 234 } 235 // test the (deep) cloning feature 236 // Object clonedObject = (Object) object.clone(); 237 output_.println("--------------------------------------------------------------------------------"); 238 objects = session.findObjects(1); 239 } 240 session.findObjectsFinal(); 241 242 session.closeSession(); 243 output_.println("________________________________________________________________________________"); 244 } 245 output_.println("################################################################################"); 246 pkcs11Module.finalize(null); 247 } catch (Throwable ex) { 248 ex.printStackTrace(); 249 } 250 } else { 251 printUsage(); 252 } 253 System.gc(); // to finalize and disconnect the pkcs11Module 254 System.exit(0); 255 } 256 257 protected static void printUsage() { 258 output_.println("GetInfo <PKCS#11 module name> [<initialization parameters>]"); 259 output_.println("e.g.: GetInfo pk2priv.dll"); 260 } 261 262 }