libdigidocpp
digidoc::PKCS11Signer Class Reference

Implements Signer interface for ID-Cards, which support PKCS#11 protocol. More...

#include <PKCS11Signer.h>

Inherits digidoc::Signer.

Public Member Functions

 PKCS11Signer (const std::string &driver="")
 
virtual ~PKCS11Signer ()
 
void setPin (const std::string &pin)
 
- Public Member Functions inherited from digidoc::Signer
virtual ~Signer ()
 
std::string method () const
 
std::string profile () const
 
bool usingENProfile () const
 
std::string city () const
 
std::string streetAddress () const
 
std::string stateOrProvince () const
 
std::string postalCode () const
 
std::string countryName () const
 
std::vector< std::string > signerRoles () const
 
void setMethod (const std::string &method)
 
void setProfile (const std::string &profile)
 
void setENProfile (bool enable)
 
void setSignatureProductionPlace (const std::string &city, const std::string &stateOrProvince, const std::string &postalCode, const std::string &countryName)
 
void setSignatureProductionPlaceV2 (const std::string &city, const std::string &streetAddress, const std::string &stateOrProvince, const std::string &postalCode, const std::string &countryName)
 
void setSignerRoles (const std::vector< std::string > &signerRoles)
 

Protected Member Functions

virtual std::string pin (const X509Cert &certificate) const
 
virtual X509Cert selectSigningCertificate (const std::vector< X509Cert > &certificates) const
 
- Protected Member Functions inherited from digidoc::Signer
 Signer ()
 

Detailed Description

Implements Signer interface for ID-Cards, which support PKCS#11 protocol.

Abstract method selectSigningCertificate is called if the signer needs to choose the correct signing certificate. It is called also if there is only one certificate found on ID-Card. Parameter certificates provides list of all certificates found in the ID-Card.

Abstract method pin is called if the selected certificate needs PIN to log in.

See also
selectSigningCertificate
pin

Constructor & Destructor Documentation

PKCS11Signer::PKCS11Signer ( const std::string &  driver = "")

Loads PKCS#11 driver.

Parameters
driverfull path to the PKCS#11 driver (e.g. /usr/lib/opensc-pkcs11.so)
Exceptions
Exceptionexception is thrown if the provided PKCS#11 driver loading failed.

References digidoc::Conf::instance(), and digidoc::Conf::PKCS11Driver().

PKCS11Signer::~PKCS11Signer ( )
virtual

Unload PKCS#11 module and releases acquired memory.

Member Function Documentation

string PKCS11Signer::pin ( const X509Cert certificate) const
protectedvirtual

Abstract method that returns PIN code for the selected signing certificate. If PIN code is not needed this method is never called. To cancel the login this method should throw an exception.

Parameters
certificatecertificate that is used for signing and needs a PIN for login.
Returns
returns the PIN code to login.
Exceptions
Exceptionshould throw an exception if the login operation should be canceled.

Referenced by setPin().

X509Cert PKCS11Signer::selectSigningCertificate ( const std::vector< X509Cert > &  certificates) const
protectedvirtual

Abstract method for selecting the correct signing certificate. If none of the certificates suit for signing, this method should throw an Exception. This method is always called, when there is at least 1 certificate available.

Parameters
certificatesavailable certificates to choose from.
Returns
returns the certificate used for signing.
Exceptions
Exceptionshould throw an exception if no suitable certificate is in the list or the operation should be cancelled.
void PKCS11Signer::setPin ( const std::string &  pin)

If sub class does not want reimplement pin method then it is possible set default pin

Parameters
pin

References pin().


The documentation for this class was generated from the following files: