summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexey Melnikov <alexey.melnikov@isode.com>2012-03-09 20:19:19 (GMT)
committerKevin Smith <git@kismith.co.uk>2012-04-11 10:25:16 (GMT)
commitd5f885dd9aa65d18145a99826a1c30aeb62aca8e (patch)
treebef9f1478f3dcc602d3aa8595ab27eb7356d4da8 /Swiften/TLS/CAPICertificate.h
parent1e61cace31a3395f5470a03c3bcf2b7f32d79d03 (diff)
downloadswift-contrib-d5f885dd9aa65d18145a99826a1c30aeb62aca8e.zip
swift-contrib-d5f885dd9aa65d18145a99826a1c30aeb62aca8e.tar.bz2
Added support for determining SmartCard Reader associated with a certificate (if any)
This patch implements monitoring for SmartCard ejection. This is done by periodically (currently every second) polling smart card reader for the smart card status. If the smart card status becomes "absent" or "unknown" (an error to query the smartcard), the TLS session is aborted. This usually results in an attempt to reestablish TLS which will pop up "please insert the smart card" dialog. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
Diffstat (limited to 'Swiften/TLS/CAPICertificate.h')
-rw-r--r--Swiften/TLS/CAPICertificate.h25
1 files changed, 24 insertions, 1 deletions
diff --git a/Swiften/TLS/CAPICertificate.h b/Swiften/TLS/CAPICertificate.h
index 4204a6b..c8c00fe 100644
--- a/Swiften/TLS/CAPICertificate.h
+++ b/Swiften/TLS/CAPICertificate.h
@@ -6,17 +6,26 @@
#pragma once
+#include <Swiften/Base/boost_bsignals.h>
#include <Swiften/Base/SafeByteArray.h>
#include <Swiften/TLS/CertificateWithKey.h>
+#include <Swiften/Network/Timer.h>
#define SECURITY_WIN32
#include <Windows.h>
#include <WinCrypt.h>
+#include <Winscard.h>
+
+/* In ms */
+#define SMARTCARD_EJECTION_CHECK_FREQ 1000
namespace Swift {
+ class TimerFactory;
+
class CAPICertificate : public Swift::CertificateWithKey {
public:
- CAPICertificate(const std::string& capiUri);
+////Allow timerFactory to be NULL?
+ CAPICertificate(const std::string& capiUri, TimerFactory* timerFactory);
virtual ~CAPICertificate();
@@ -26,18 +35,32 @@ namespace Swift {
const std::string& getCertName() const;
+ const std::string& getSmartCardReaderName() const;
+
+ public:
+ boost::signal<void ()> onCertificateCardRemoved;
+
private:
void setUri (const std::string& capiUri);
+ void handleSmartCardTimerTick();
+
+ bool checkIfSmartCardPresent();
+
private:
bool valid_;
std::string uri_;
HCERTSTORE certStoreHandle_;
+ SCARDCONTEXT scardContext_;
+ SCARDHANDLE cardHandle_;
/* Parsed components of the uri_ */
std::string certStore_;
std::string certName_;
+ std::string smartCardReaderName_;
+ boost::shared_ptr<Timer> smartCardTimer_;
+ TimerFactory* timerFactory_;
};
PCCERT_CONTEXT findCertificateInStore (HCERTSTORE certStoreHandle, const std::string &certName);