PKCS#11的部分使用例码
2012-08-08 10:35
190 查看
//PKCS#11的部分使用例码,仅供参考
BOOL _ReadFile(LPCSTR FilePath, BYTE *FileContent, DWORD *FileLength)
{
FILE *stream = NULL;
DWORD ContentLen = 0;
DWORD ReadLen = 0;
if ((FilePath == NULL) || (FileLength == NULL))
{
return FALSE;
}
stream = fopen(FilePath, "rb");
if (stream == NULL)
{
return FALSE;
}
fseek(stream, 0, SEEK_END);
ContentLen = ftell(stream);
fseek(stream, 0, SEEK_SET);
if ((FileContent == NULL) || (*FileLength < ContentLen))
{
*FileLength = ContentLen;
fclose(stream);
return FALSE;
}
*FileLength = ContentLen;
ReadLen = fread(FileContent, 1, ContentLen, stream);
fclose(stream);
if (ReadLen != ContentLen)
{
return FALSE;
}
return TRUE;
}
BOOL OpenSession(CK_SESSION_HANDLE *Session)
{
CK_RV Result = CKR_OK;
CK_SESSION_HANDLE TmpSession = 0;
if (Session == NULL)
{
return FALSE;
}
Result = C_Initialize(NULL_PTR);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_OpenSession(0, CKF_RW_SESSION|CKF_SERIAL_SESSION, NULL, NULL, &TmpSession);
if (Result != CKR_OK)
{
C_Finalize(NULL_PTR);
return FALSE;
}
Result = C_Login(TmpSession, CKU_USER, (CK_UTF8CHAR_PTR)"12345678", 8);
if (Result != CKR_OK)
{
C_CloseSession(TmpSession);
C_Finalize(NULL_PTR);
return FALSE;
}
*Session = TmpSession;
return TRUE;
}
BOOL CloseSession(CK_SESSION_HANDLE Session)
{
C_Logout(Session);
C_CloseSession(Session);
C_Finalize(NULL_PTR);
return TRUE;
}
BOOL ImportPubKey(CK_SESSION_HANDLE Session)
{
BIO *PubFile = NULL;
RSA *RSAPubKey = NULL;
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE publab[] = "PubKey";
CK_VOID_PTR RSA_PUB_N = NULL;
CK_VOID_PTR RSA_PUB_E = NULL;
CK_OBJECT_HANDLE PubHandle = 0;
CK_ULONG ObjCount = 0;
PubFile = BIO_new(BIO_s_file());
if (PubFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PubFile, "PubKey.pub");
if (Result != 1)
{
BIO_free(PubFile);
return FALSE;
}
RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL);
if (RSAPubKey == NULL)
{
BIO_free(PubFile);
return FALSE;
}
RSA_PUB_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->n));
Result = BN_bn2bin(RSAPubKey->n, (BYTE*)RSA_PUB_N);
if (Result != BN_num_bytes(RSAPubKey->n))
{
free(RSA_PUB_N);
RSA_free(RSAPubKey);
BIO_free(PubFile);
return FALSE;
}
RSA_PUB_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->e));
Result = BN_bn2bin(RSAPubKey->e, (BYTE*)RSA_PUB_E);
if (Result != BN_num_bytes(RSAPubKey->e))
{
free(RSA_PUB_E);
free(RSA_PUB_N);
RSA_free(RSAPubKey);
BIO_free(PubFile);
return FALSE;
}
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, publab, sizeof(publab)-1},
{CKA_ENCRYPT, &truevalue, sizeof(truevalue)},
{CKA_VERIFY, &truevalue, sizeof(truevalue)},
{CKA_PRIVATE, &falsevalue, sizeof(falsevalue)},
{CKA_MODULUS, RSA_PUB_N, BN_num_bytes(RSAPubKey->n)},
{CKA_PUBLIC_EXPONENT, RSA_PUB_E, BN_num_bytes(RSAPubKey->e)}
};
Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
if (Result != CKR_OK)
{
free(RSA_PUB_E);
free(RSA_PUB_N);
RSA_free(RSAPubKey);
BIO_free(PubFile);
return FALSE;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
if ((Result == CKR_OK) && (ObjCount == 1))
{
C_DestroyObject(Session, PubHandle);
}
Result = C_CreateObject(
Session,
PubKeyAttr,
9,
&PubHandle);
C_FindObjectsFinal(Session);
if (Result != CKR_OK)
{
free(RSA_PUB_E);
free(RSA_PUB_N);
RSA_free(RSAPubKey);
BIO_free(PubFile);
return FALSE;
}
free(RSA_PUB_E);
free(RSA_PUB_N);
RSA_free(RSAPubKey);
BIO_free(PubFile);
return TRUE;
}
BOOL ImportPriKey(CK_SESSION_HANDLE Session)
{
BIO *PriFile = NULL;
RSA *RSAPriKey = NULL;
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE prilab[] = "PriKey";
CK_VOID_PTR RSA_PRI_N = NULL;
CK_VOID_PTR RSA_PRI_E = NULL;
CK_VOID_PTR RSA_PRI_P = NULL;
CK_VOID_PTR RSA_PRI_Q = NULL;
CK_VOID_PTR RSA_PRI_D = NULL;
CK_VOID_PTR RSA_PRI_DMP1 = NULL;
CK_VOID_PTR RSA_PRI_DMQ1 = NULL;
CK_VOID_PTR RSA_PRI_IQMP = NULL;
CK_OBJECT_HANDLE PriHandle = 0;
CK_ULONG ObjCount = 0;
PriFile = BIO_new(BIO_s_file());
if (PriFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PriFile, "PriKey.pri");
if (Result != 1)
{
BIO_free(PriFile);
return FALSE;
}
RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL);
if (RSAPriKey == NULL)
{
BIO_free(PriFile);
return NULL;
}
RSA_PRI_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->n));
Result = BN_bn2bin(RSAPriKey->n, (BYTE*)RSA_PRI_N);
if (Result != BN_num_bytes(RSAPriKey->n))
{
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_PRI_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->e));
Result = BN_bn2bin(RSAPriKey->e, (BYTE*)RSA_PRI_E);
if (Result != BN_num_bytes(RSAPriKey->e))
{
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_PRI_P = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->p));
Result = BN_bn2bin(RSAPriKey->p, (BYTE*)RSA_PRI_P);
if (Result != BN_num_bytes(RSAPriKey->p))
{
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_PRI_Q = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->q));
Result = BN_bn2bin(RSAPriKey->q, (BYTE*)RSA_PRI_Q);
if (Result != BN_num_bytes(RSAPriKey->q))
{
free(RSA_PRI_Q);
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_PRI_D = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->d));
Result = BN_bn2bin(RSAPriKey->d, (BYTE*)RSA_PRI_D);
if (Result != BN_num_bytes(RSAPriKey->d))
{
free(RSA_PRI_D);
free(RSA_PRI_Q);
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_PRI_DMP1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmp1));
Result = BN_bn2bin(RSAPriKey->dmp1, (BYTE*)RSA_PRI_DMP1);
if (Result != BN_num_bytes(RSAPriKey->dmp1))
{
free(RSA_PRI_DMP1);
free(RSA_PRI_D);
free(RSA_PRI_Q);
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_PRI_DMQ1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmq1));
Result = BN_bn2bin(RSAPriKey->dmq1, (BYTE*)RSA_PRI_DMQ1);
if (Result != BN_num_bytes(RSAPriKey->dmq1))
{
free(RSA_PRI_DMQ1);
free(RSA_PRI_DMP1);
free(RSA_PRI_D);
free(RSA_PRI_Q);
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_PRI_IQMP = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->iqmp));
Result = BN_bn2bin(RSAPriKey->iqmp, (BYTE*)RSA_PRI_IQMP);
if (Result != BN_num_bytes(RSAPriKey->iqmp))
{
free(RSA_PRI_IQMP);
free(RSA_PRI_DMQ1);
free(RSA_PRI_DMP1);
free(RSA_PRI_D);
free(RSA_PRI_Q);
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
CK_ATTRIBUTE PriKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, prilab, sizeof(prilab)-1},
{CKA_DECRYPT, &truevalue, sizeof(truevalue)},
{CKA_SIGN, &truevalue, sizeof(truevalue)},
{CKA_PRIVATE, &truevalue, sizeof(truevalue)},
{CKA_MODULUS, RSA_PRI_N, BN_num_bytes(RSAPriKey->n)},
{CKA_PUBLIC_EXPONENT, RSA_PRI_E, BN_num_bytes(RSAPriKey->e)},
{CKA_PRIME_1, RSA_PRI_P, BN_num_bytes(RSAPriKey->p)},
{CKA_PRIME_2, RSA_PRI_Q, BN_num_bytes(RSAPriKey->q)},
{CKA_PRIVATE_EXPONENT, RSA_PRI_D, BN_num_bytes(RSAPriKey->d)},
{CKA_EXPONENT_1, RSA_PRI_DMP1, BN_num_bytes(RSAPriKey->dmp1)},
{CKA_EXPONENT_2, RSA_PRI_DMQ1, BN_num_bytes(RSAPriKey->dmq1)},
{CKA_COEFFICIENT, RSA_PRI_IQMP, BN_num_bytes(RSAPriKey->iqmp)}
};
Result = C_FindObjectsInit(Session, PriKeyAttr, 4);
if (Result != CKR_OK)
{
free(RSA_PRI_IQMP);
free(RSA_PRI_DMQ1);
free(RSA_PRI_DMP1);
free(RSA_PRI_D);
free(RSA_PRI_Q);
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
if ((Result == CKR_OK) && (ObjCount == 1))
{
C_DestroyObject(Session, PriHandle);
}
Result = C_CreateObject(
Session,
PriKeyAttr,
15,
&PriHandle);
C_FindObjectsFinal(Session);
if (Result != CKR_OK)
{
free(RSA_PRI_IQMP);
free(RSA_PRI_DMQ1);
free(RSA_PRI_DMP1);
free(RSA_PRI_D);
free(RSA_PRI_Q);
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
free(RSA_PRI_IQMP);
free(RSA_PRI_DMQ1);
free(RSA_PRI_DMP1);
free(RSA_PRI_D);
free(RSA_PRI_Q);
free(RSA_PRI_P);
free(RSA_PRI_E);
free(RSA_PRI_N);
RSA_free(RSAPriKey);
BIO_free(PriFile);
return TRUE;
}BOOL ImportData(CK_SESSION_HANDLE Session){
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_DATA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE datalab[] = "Data";
CK_BYTE databuf[1024] = {0};
CK_ULONG databuflen = 1024;
CK_OBJECT_HANDLE DataHandle = 0;
CK_ULONG ObjCount = 0;
_ReadFile("data.txt", databuf, &databuflen);
CK_ATTRIBUTE DataAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, datalab, sizeof(datalab)-1},
{CKA_VALUE, databuf, databuflen}
};
Result = C_FindObjectsInit(Session, DataAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
if ((Result == CKR_OK) && (ObjCount == 1))
{
C_DestroyObject(Session, DataHandle);
}
Result = C_CreateObject(
Session,
DataAttr,
4,
&DataHandle);
C_FindObjectsFinal(Session);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL P11GernateRSA(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS pubkeyclass = CKO_PUBLIC_KEY;
CK_OBJECT_CLASS prikeyclass = CKO_PRIVATE_KEY;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE pubkeylab[] = "P11PubKey";
CK_BYTE prikeylab[] = "P11PriKey";
CK_ULONG ModBit = 1024;
CK_OBJECT_HANDLE PubHandle = 0;
CK_OBJECT_HANDLE PriHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &pubkeyclass, sizeof(pubkeyclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, pubkeylab, sizeof(pubkeylab)-1},
{CKA_ENCRYPT, &truevalue, sizeof(truevalue)},
{CKA_VERIFY, &truevalue, sizeof(truevalue)},
{CKA_PRIVATE, &falsevalue, sizeof (falsevalue)},
{CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)}
};
CK_ATTRIBUTE PriKeyAttr[] = {
{CKA_CLASS, &prikeyclass, sizeof(prikeyclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, prikeylab, sizeof(prikeylab)-1},
{CKA_DECRYPT, &truevalue, sizeof(truevalue)},
{CKA_SIGN, &truevalue, sizeof(truevalue)},
{CKA_PRIVATE, &truevalue, sizeof(truevalue)},
{CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)}
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PubKeyAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
if (Result == CKR_OK)
{
C_DestroyObject(Session, PubHandle);
}
C_FindObjectsFinal(Session);
Result = C_FindObjectsInit(Session, PriKeyAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
if (Result == CKR_OK)
{
C_DestroyObject(Session, PriHandle);
}
C_FindObjectsFinal(Session);
Result = C_GenerateKeyPair(
Session,
&mechanism,
PubKeyAttr,
7,
PriKeyAttr,
7,
&PubHandle,
&PriHandle);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestReadData(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_DATA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE datalab[] = "Data";
CK_BYTE databuf[1024] = {0};
CK_ULONG databuflen = 1024;
CK_OBJECT_HANDLE DataHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE DataAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, datalab, sizeof(datalab)-1},
{CKA_VALUE, databuf, databuflen}
};
Result = C_FindObjectsInit(Session, DataAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
if ((Result != CKR_OK) || (ObjCount == 0))
{
C_FindObjectsFinal(Session);
return FALSE;
}
Result = C_GetAttributeValue(Session, DataHandle, DataAttr, 4);
C_FindObjectsFinal(Session);
if (Result != CKR_OK)
{
return FALSE;
}
printf("data:\n%s\n", DataAttr[3].pValue);
return TRUE;
}
BOOL TestWriteData(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_DATA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE datalab[] = "Data";
CK_BYTE databuf[] = "hello china";
CK_ULONG databuflen = sizeof(databuf)-1;
CK_OBJECT_HANDLE DataHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE DataAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, datalab, sizeof(datalab)-1},
{CKA_VALUE, databuf, databuflen}
};
Result = C_FindObjectsInit(Session, DataAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
if ((Result != CKR_OK) || (ObjCount == 0))
{
C_FindObjectsFinal(Session);
return FALSE;
}
Result = C_SetAttributeValue(Session, DataHandle, DataAttr, 4);
C_FindObjectsFinal(Session);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestP11RSAEncrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE publab[] = "PubKey";
CK_OBJECT_HANDLE PubHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, publab, sizeof(publab)-1},
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return FALSE;
}
Result = C_EncryptInit(Session, &mechanism, PubHandle);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_Encrypt(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestP11RSADecrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE prilab[] = "PriKey";
CK_OBJECT_HANDLE PriHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PriKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, prilab, sizeof(prilab)-1}
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PriKeyAttr, 4);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return FALSE;
}
Result = C_DecryptInit(Session, &mechanism, PriHandle);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_Decrypt(Session, EnBuf, EnBufLen, DeBuf, DeBufLen);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestOpenSSLRSAEncrypt(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
{
BIO *PubFile = NULL;
RSA *RSAPubKey = NULL;
int Padding = RSA_PKCS1_PADDING;
CK_RV Result = CKR_OK;
PubFile = BIO_new(BIO_s_file());
if (PubFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PubFile, "PubKey.pub");
if (Result != 1)
{
BIO_free(PubFile);
return FALSE;
}
RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL);
if (RSAPubKey == NULL)
{
BIO_free(PubFile);
return FALSE;
}
*EnBufLen = RSA_public_encrypt(DeBufLen, DeBuf, EnBuf, RSAPubKey, Padding);
if (*EnBufLen <= 0)
{
RSA_free(RSAPubKey);
BIO_free(PubFile);
return FALSE;
}
RSA_free(RSAPubKey);
BIO_free(PubFile);
return TRUE;
}
BOOL TestOpenSSLRSADecrypt(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen)
{
BIO *PriFile = NULL;
RSA *RSAPriKey = NULL;
int Padding = RSA_PKCS1_PADDING;
CK_RV Result = CKR_OK;
PriFile = BIO_new(BIO_s_file());
if (PriFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PriFile, "PriKey.pri");
if (Result != 1)
{
BIO_free(PriFile);
return FALSE;
}
RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL);
if (RSAPriKey == NULL)
{
BIO_free(PriFile);
return FALSE;
}
*DeBufLen = RSA_private_decrypt(EnBufLen, EnBuf, DeBuf, RSAPriKey, Padding);
if (*DeBufLen <= 0)
{
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_free(RSAPriKey);
BIO_free(PriFile);
return TRUE;
}
BOOL TestP11RSASign(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE prilab[] = "PriKey";
CK_OBJECT_HANDLE PriHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PriKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, prilab, sizeof(prilab)-1}
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PriKeyAttr, 4);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return FALSE;
}
Result = C_SignInit(Session, &mechanism, PriHandle);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_Sign(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestP11RSAVerify(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE publab[] = "PubKey";
CK_OBJECT_HANDLE PubHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, publab, sizeof(publab)-1},
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return FALSE;
}
Result = C_VerifyInit(Session, &mechanism, PubHandle);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_Verify(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestOpenSSLRSASign(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
{
BIO *PriFile = NULL;
RSA *RSAPriKey = NULL;
int Padding = RSA_PKCS1_PADDING;
CK_RV Result = CKR_OK;
PriFile = BIO_new(BIO_s_file());
if (PriFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PriFile, "PriKey.pri");
if (Result != 1)
{
BIO_free(PriFile);
return FALSE;
}
RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL);
if (RSAPriKey == NULL)
{
BIO_free(PriFile);
return FALSE;
}
Result = RSA_sign(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, (unsigned int*)EnBufLen, RSAPriKey);
if (Result != 1)
{
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_free(RSAPriKey);
BIO_free(PriFile);
return TRUE;
}
BOOL TestOpenSSLRSAVerify(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen)
{
BIO *PubFile = NULL;
RSA *RSAPubKey = NULL;
int Padding = RSA_PKCS1_PADDING;
CK_RV Result = CKR_OK;
PubFile = BIO_new(BIO_s_file());
if (PubFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PubFile, "PubKey.pub");
if (Result != 1)
{
BIO_free(PubFile);
return FALSE;
}
RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL);
if (RSAPubKey == NULL)
{
BIO_free(PubFile);
return FALSE;
}
Result = RSA_verify(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, EnBufLen, RSAPubKey);
if (Result != 1)
{
RSA_free(RSAPubKey);
BIO_free(PubFile);
return FALSE;
}
RSA_free(RSAPubKey);
BIO_free(PubFile);
return TRUE;
}
RSA* GetRSAPubKey(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
RSA *PubKey = NULL;
CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE publab[] = "PubKey";
CK_OBJECT_HANDLE PubHandle = 0;
CK_ULONG ObjCount = 0;
CK_BYTE RSA_PUB_N[1024] = {0};
CK_ULONG RSA_PUB_N_LEN = 1024;
CK_BYTE RSA_PUB_E[1024] = {0};
CK_ULONG RSA_PUB_E_LEN = 1024;
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, publab, sizeof(publab)-1},
{CKA_ENCRYPT, &truevalue, sizeof(truevalue)},
{CKA_VERIFY, &truevalue, sizeof(truevalue)},
{CKA_PRIVATE, &falsevalue, sizeof(falsevalue)},
{CKA_MODULUS, RSA_PUB_N, RSA_PUB_N_LEN},
{CKA_PUBLIC_EXPONENT, RSA_PUB_E, RSA_PUB_E_LEN}
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
if (Result != CKR_OK)
{
return NULL;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return NULL;
}
Result = C_GetAttributeValue(Session, PubHandle, PubKeyAttr, 9);
if (Result != CKR_OK)
{
return NULL;
}
PubKey = RSA_new();
PubKey->n = BN_bin2bn((const unsigned char*)PubKeyAttr[7].pValue, PubKeyAttr[7].ulValueLen, NULL);
PubKey->e = BN_bin2bn((const unsigned char*)PubKeyAttr[8].pValue, PubKeyAttr[8].ulValueLen, NULL);
return PubKey;
}
VOID FreeRSA(RSA *rsa)
{
if (rsa != NULL)
{
RSA_free(rsa);
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- PKCS#11的部分使用例码,仅供参考
- 在 IBM Lotus Domino 7 中使用 Web 服务,第 3 部分: 编写复杂的 Web 服务
- 使用faster rcnn训练imageNet上的部分数据集
- 使用 ftrace 调试 Linux 内核,第 1 部分
- sublime text3中使用Emmet部分标签无法闭合
- Silverlight教程第八部分:使用WPF创建一个Digg桌面应用
- Windows 8系统默认开启的.Net Framework版本是4.0,而部分用户可能需要使用到3.5或以下版本,简单添加方法
- 使用rman恢复部分表空间
- 总结:ADO.NET在开发中的部分使用方法和技巧 (转贴)
- 通用线程:POSIX 线程详解,第 3 部分 使用条件变量提高效率
- 在 Android 上使用 XML 和 JSON,第 2 部分: 交付混合了 JSON 的 Android 应用程序
- 如何更有效使用 Rational AppScan 扫描大型网站,第 1 部分: 工作原理及技术分析 推荐
- 在asp.net mvc中使用PartialView返回部分HTML段
- 在asp.net mvc中使用PartialView返回部分HTML段
- 掌握 Ajax,第 10 部分: 使用 JSON 进行数据传输
- Linux/Unix下Shell快捷键操作大集合及部分Bash使用技巧-另附Ubuntu常用快捷键
- springMVC使用modelAttribute部分更新
- 《初入linux》--第四部分-vim编辑器的使用与gedit编辑器简单介绍
- JavaScript语法基础和部分使用
- 使用 jQuery,第 2 部分: 构建未来的 Web 应用程序