PKCS#11的部分使用例码
2012-08-08 10:35
190 查看
//PKCS#11的部分使用例码,仅供参考 BOOL _ReadFile(LPCSTR FilePath, BYTE *FileContent, DWORD *FileLength) { FILE *stream = NULL; DWORD ContentLen = 0; DWORD ReadLen = 0; if ((FilePath == NULL) || (FileLength == NULL)) { return FALSE; } stream = fopen(FilePath, "rb"); if (stream == NULL) { return FALSE; } fseek(stream, 0, SEEK_END); ContentLen = ftell(stream); fseek(stream, 0, SEEK_SET); if ((FileContent == NULL) || (*FileLength < ContentLen)) { *FileLength = ContentLen; fclose(stream); return FALSE; } *FileLength = ContentLen; ReadLen = fread(FileContent, 1, ContentLen, stream); fclose(stream); if (ReadLen != ContentLen) { return FALSE; } return TRUE; } BOOL OpenSession(CK_SESSION_HANDLE *Session) { CK_RV Result = CKR_OK; CK_SESSION_HANDLE TmpSession = 0; if (Session == NULL) { return FALSE; } Result = C_Initialize(NULL_PTR); if (Result != CKR_OK) { return FALSE; } Result = C_OpenSession(0, CKF_RW_SESSION|CKF_SERIAL_SESSION, NULL, NULL, &TmpSession); if (Result != CKR_OK) { C_Finalize(NULL_PTR); return FALSE; } Result = C_Login(TmpSession, CKU_USER, (CK_UTF8CHAR_PTR)"12345678", 8); if (Result != CKR_OK) { C_CloseSession(TmpSession); C_Finalize(NULL_PTR); return FALSE; } *Session = TmpSession; return TRUE; } BOOL CloseSession(CK_SESSION_HANDLE Session) { C_Logout(Session); C_CloseSession(Session); C_Finalize(NULL_PTR); return TRUE; } BOOL ImportPubKey(CK_SESSION_HANDLE Session) { BIO *PubFile = NULL; RSA *RSAPubKey = NULL; CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE publab[] = "PubKey"; CK_VOID_PTR RSA_PUB_N = NULL; CK_VOID_PTR RSA_PUB_E = NULL; CK_OBJECT_HANDLE PubHandle = 0; CK_ULONG ObjCount = 0; PubFile = BIO_new(BIO_s_file()); if (PubFile == NULL) { return FALSE; } Result = BIO_read_filename(PubFile, "PubKey.pub"); if (Result != 1) { BIO_free(PubFile); return FALSE; } RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL); if (RSAPubKey == NULL) { BIO_free(PubFile); return FALSE; } RSA_PUB_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->n)); Result = BN_bn2bin(RSAPubKey->n, (BYTE*)RSA_PUB_N); if (Result != BN_num_bytes(RSAPubKey->n)) { free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } RSA_PUB_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->e)); Result = BN_bn2bin(RSAPubKey->e, (BYTE*)RSA_PUB_E); if (Result != BN_num_bytes(RSAPubKey->e)) { free(RSA_PUB_E); free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } CK_ATTRIBUTE PubKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, publab, sizeof(publab)-1}, {CKA_ENCRYPT, &truevalue, sizeof(truevalue)}, {CKA_VERIFY, &truevalue, sizeof(truevalue)}, {CKA_PRIVATE, &falsevalue, sizeof(falsevalue)}, {CKA_MODULUS, RSA_PUB_N, BN_num_bytes(RSAPubKey->n)}, {CKA_PUBLIC_EXPONENT, RSA_PUB_E, BN_num_bytes(RSAPubKey->e)} }; Result = C_FindObjectsInit(Session, PubKeyAttr, 4); if (Result != CKR_OK) { free(RSA_PUB_E); free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); if ((Result == CKR_OK) && (ObjCount == 1)) { C_DestroyObject(Session, PubHandle); } Result = C_CreateObject( Session, PubKeyAttr, 9, &PubHandle); C_FindObjectsFinal(Session); if (Result != CKR_OK) { free(RSA_PUB_E); free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } free(RSA_PUB_E); free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return TRUE; } BOOL ImportPriKey(CK_SESSION_HANDLE Session) { BIO *PriFile = NULL; RSA *RSAPriKey = NULL; CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE prilab[] = "PriKey"; CK_VOID_PTR RSA_PRI_N = NULL; CK_VOID_PTR RSA_PRI_E = NULL; CK_VOID_PTR RSA_PRI_P = NULL; CK_VOID_PTR RSA_PRI_Q = NULL; CK_VOID_PTR RSA_PRI_D = NULL; CK_VOID_PTR RSA_PRI_DMP1 = NULL; CK_VOID_PTR RSA_PRI_DMQ1 = NULL; CK_VOID_PTR RSA_PRI_IQMP = NULL; CK_OBJECT_HANDLE PriHandle = 0; CK_ULONG ObjCount = 0; PriFile = BIO_new(BIO_s_file()); if (PriFile == NULL) { return FALSE; } Result = BIO_read_filename(PriFile, "PriKey.pri"); if (Result != 1) { BIO_free(PriFile); return FALSE; } RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL); if (RSAPriKey == NULL) { BIO_free(PriFile); return NULL; } RSA_PRI_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->n)); Result = BN_bn2bin(RSAPriKey->n, (BYTE*)RSA_PRI_N); if (Result != BN_num_bytes(RSAPriKey->n)) { free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->e)); Result = BN_bn2bin(RSAPriKey->e, (BYTE*)RSA_PRI_E); if (Result != BN_num_bytes(RSAPriKey->e)) { free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_P = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->p)); Result = BN_bn2bin(RSAPriKey->p, (BYTE*)RSA_PRI_P); if (Result != BN_num_bytes(RSAPriKey->p)) { free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_Q = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->q)); Result = BN_bn2bin(RSAPriKey->q, (BYTE*)RSA_PRI_Q); if (Result != BN_num_bytes(RSAPriKey->q)) { free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_D = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->d)); Result = BN_bn2bin(RSAPriKey->d, (BYTE*)RSA_PRI_D); if (Result != BN_num_bytes(RSAPriKey->d)) { free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_DMP1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmp1)); Result = BN_bn2bin(RSAPriKey->dmp1, (BYTE*)RSA_PRI_DMP1); if (Result != BN_num_bytes(RSAPriKey->dmp1)) { free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_DMQ1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmq1)); Result = BN_bn2bin(RSAPriKey->dmq1, (BYTE*)RSA_PRI_DMQ1); if (Result != BN_num_bytes(RSAPriKey->dmq1)) { free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_IQMP = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->iqmp)); Result = BN_bn2bin(RSAPriKey->iqmp, (BYTE*)RSA_PRI_IQMP); if (Result != BN_num_bytes(RSAPriKey->iqmp)) { free(RSA_PRI_IQMP); free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } CK_ATTRIBUTE PriKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, prilab, sizeof(prilab)-1}, {CKA_DECRYPT, &truevalue, sizeof(truevalue)}, {CKA_SIGN, &truevalue, sizeof(truevalue)}, {CKA_PRIVATE, &truevalue, sizeof(truevalue)}, {CKA_MODULUS, RSA_PRI_N, BN_num_bytes(RSAPriKey->n)}, {CKA_PUBLIC_EXPONENT, RSA_PRI_E, BN_num_bytes(RSAPriKey->e)}, {CKA_PRIME_1, RSA_PRI_P, BN_num_bytes(RSAPriKey->p)}, {CKA_PRIME_2, RSA_PRI_Q, BN_num_bytes(RSAPriKey->q)}, {CKA_PRIVATE_EXPONENT, RSA_PRI_D, BN_num_bytes(RSAPriKey->d)}, {CKA_EXPONENT_1, RSA_PRI_DMP1, BN_num_bytes(RSAPriKey->dmp1)}, {CKA_EXPONENT_2, RSA_PRI_DMQ1, BN_num_bytes(RSAPriKey->dmq1)}, {CKA_COEFFICIENT, RSA_PRI_IQMP, BN_num_bytes(RSAPriKey->iqmp)} }; Result = C_FindObjectsInit(Session, PriKeyAttr, 4); if (Result != CKR_OK) { free(RSA_PRI_IQMP); free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); if ((Result == CKR_OK) && (ObjCount == 1)) { C_DestroyObject(Session, PriHandle); } Result = C_CreateObject( Session, PriKeyAttr, 15, &PriHandle); C_FindObjectsFinal(Session); if (Result != CKR_OK) { free(RSA_PRI_IQMP); free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } free(RSA_PRI_IQMP); free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return TRUE; }BOOL ImportData(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_DATA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE datalab[] = "Data";
CK_BYTE databuf[1024] = {0};
CK_ULONG databuflen = 1024;
CK_OBJECT_HANDLE DataHandle = 0;
CK_ULONG ObjCount = 0;
_ReadFile("data.txt", databuf, &databuflen);
CK_ATTRIBUTE DataAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, datalab, sizeof(datalab)-1},
{CKA_VALUE, databuf, databuflen}
};
Result = C_FindObjectsInit(Session, DataAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
if ((Result == CKR_OK) && (ObjCount == 1))
{
C_DestroyObject(Session, DataHandle);
}
Result = C_CreateObject(
Session,
DataAttr,
4,
&DataHandle);
C_FindObjectsFinal(Session);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL P11GernateRSA(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS pubkeyclass = CKO_PUBLIC_KEY;
CK_OBJECT_CLASS prikeyclass = CKO_PRIVATE_KEY;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE pubkeylab[] = "P11PubKey";
CK_BYTE prikeylab[] = "P11PriKey";
CK_ULONG ModBit = 1024;
CK_OBJECT_HANDLE PubHandle = 0;
CK_OBJECT_HANDLE PriHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &pubkeyclass, sizeof(pubkeyclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, pubkeylab, sizeof(pubkeylab)-1},
{CKA_ENCRYPT, &truevalue, sizeof(truevalue)},
{CKA_VERIFY, &truevalue, sizeof(truevalue)},
{CKA_PRIVATE, &falsevalue, sizeof (falsevalue)},
{CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)}
};
CK_ATTRIBUTE PriKeyAttr[] = {
{CKA_CLASS, &prikeyclass, sizeof(prikeyclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, prikeylab, sizeof(prikeylab)-1},
{CKA_DECRYPT, &truevalue, sizeof(truevalue)},
{CKA_SIGN, &truevalue, sizeof(truevalue)},
{CKA_PRIVATE, &truevalue, sizeof(truevalue)},
{CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)}
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PubKeyAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
if (Result == CKR_OK)
{
C_DestroyObject(Session, PubHandle);
}
C_FindObjectsFinal(Session);
Result = C_FindObjectsInit(Session, PriKeyAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
if (Result == CKR_OK)
{
C_DestroyObject(Session, PriHandle);
}
C_FindObjectsFinal(Session);
Result = C_GenerateKeyPair(
Session,
&mechanism,
PubKeyAttr,
7,
PriKeyAttr,
7,
&PubHandle,
&PriHandle);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestReadData(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_DATA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE datalab[] = "Data";
CK_BYTE databuf[1024] = {0};
CK_ULONG databuflen = 1024;
CK_OBJECT_HANDLE DataHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE DataAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, datalab, sizeof(datalab)-1},
{CKA_VALUE, databuf, databuflen}
};
Result = C_FindObjectsInit(Session, DataAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
if ((Result != CKR_OK) || (ObjCount == 0))
{
C_FindObjectsFinal(Session);
return FALSE;
}
Result = C_GetAttributeValue(Session, DataHandle, DataAttr, 4);
C_FindObjectsFinal(Session);
if (Result != CKR_OK)
{
return FALSE;
}
printf("data:\n%s\n", DataAttr[3].pValue);
return TRUE;
}
BOOL TestWriteData(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_DATA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE datalab[] = "Data";
CK_BYTE databuf[] = "hello china";
CK_ULONG databuflen = sizeof(databuf)-1;
CK_OBJECT_HANDLE DataHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE DataAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, datalab, sizeof(datalab)-1},
{CKA_VALUE, databuf, databuflen}
};
Result = C_FindObjectsInit(Session, DataAttr, 3);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
if ((Result != CKR_OK) || (ObjCount == 0))
{
C_FindObjectsFinal(Session);
return FALSE;
}
Result = C_SetAttributeValue(Session, DataHandle, DataAttr, 4);
C_FindObjectsFinal(Session);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestP11RSAEncrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE publab[] = "PubKey";
CK_OBJECT_HANDLE PubHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, publab, sizeof(publab)-1},
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return FALSE;
}
Result = C_EncryptInit(Session, &mechanism, PubHandle);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_Encrypt(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestP11RSADecrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE prilab[] = "PriKey";
CK_OBJECT_HANDLE PriHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PriKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, prilab, sizeof(prilab)-1}
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PriKeyAttr, 4);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return FALSE;
}
Result = C_DecryptInit(Session, &mechanism, PriHandle);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_Decrypt(Session, EnBuf, EnBufLen, DeBuf, DeBufLen);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestOpenSSLRSAEncrypt(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
{
BIO *PubFile = NULL;
RSA *RSAPubKey = NULL;
int Padding = RSA_PKCS1_PADDING;
CK_RV Result = CKR_OK;
PubFile = BIO_new(BIO_s_file());
if (PubFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PubFile, "PubKey.pub");
if (Result != 1)
{
BIO_free(PubFile);
return FALSE;
}
RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL);
if (RSAPubKey == NULL)
{
BIO_free(PubFile);
return FALSE;
}
*EnBufLen = RSA_public_encrypt(DeBufLen, DeBuf, EnBuf, RSAPubKey, Padding);
if (*EnBufLen <= 0)
{
RSA_free(RSAPubKey);
BIO_free(PubFile);
return FALSE;
}
RSA_free(RSAPubKey);
BIO_free(PubFile);
return TRUE;
}
BOOL TestOpenSSLRSADecrypt(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen)
{
BIO *PriFile = NULL;
RSA *RSAPriKey = NULL;
int Padding = RSA_PKCS1_PADDING;
CK_RV Result = CKR_OK;
PriFile = BIO_new(BIO_s_file());
if (PriFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PriFile, "PriKey.pri");
if (Result != 1)
{
BIO_free(PriFile);
return FALSE;
}
RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL);
if (RSAPriKey == NULL)
{
BIO_free(PriFile);
return FALSE;
}
*DeBufLen = RSA_private_decrypt(EnBufLen, EnBuf, DeBuf, RSAPriKey, Padding);
if (*DeBufLen <= 0)
{
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_free(RSAPriKey);
BIO_free(PriFile);
return TRUE;
}
BOOL TestP11RSASign(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE prilab[] = "PriKey";
CK_OBJECT_HANDLE PriHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PriKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, prilab, sizeof(prilab)-1}
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PriKeyAttr, 4);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return FALSE;
}
Result = C_SignInit(Session, &mechanism, PriHandle);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_Sign(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestP11RSAVerify(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen)
{
CK_RV Result = CKR_OK;
CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE publab[] = "PubKey";
CK_OBJECT_HANDLE PubHandle = 0;
CK_ULONG ObjCount = 0;
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, publab, sizeof(publab)-1},
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return FALSE;
}
Result = C_VerifyInit(Session, &mechanism, PubHandle);
if (Result != CKR_OK)
{
return FALSE;
}
Result = C_Verify(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
if (Result != CKR_OK)
{
return FALSE;
}
return TRUE;
}
BOOL TestOpenSSLRSASign(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
{
BIO *PriFile = NULL;
RSA *RSAPriKey = NULL;
int Padding = RSA_PKCS1_PADDING;
CK_RV Result = CKR_OK;
PriFile = BIO_new(BIO_s_file());
if (PriFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PriFile, "PriKey.pri");
if (Result != 1)
{
BIO_free(PriFile);
return FALSE;
}
RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL);
if (RSAPriKey == NULL)
{
BIO_free(PriFile);
return FALSE;
}
Result = RSA_sign(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, (unsigned int*)EnBufLen, RSAPriKey);
if (Result != 1)
{
RSA_free(RSAPriKey);
BIO_free(PriFile);
return FALSE;
}
RSA_free(RSAPriKey);
BIO_free(PriFile);
return TRUE;
}
BOOL TestOpenSSLRSAVerify(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen)
{
BIO *PubFile = NULL;
RSA *RSAPubKey = NULL;
int Padding = RSA_PKCS1_PADDING;
CK_RV Result = CKR_OK;
PubFile = BIO_new(BIO_s_file());
if (PubFile == NULL)
{
return FALSE;
}
Result = BIO_read_filename(PubFile, "PubKey.pub");
if (Result != 1)
{
BIO_free(PubFile);
return FALSE;
}
RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL);
if (RSAPubKey == NULL)
{
BIO_free(PubFile);
return FALSE;
}
Result = RSA_verify(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, EnBufLen, RSAPubKey);
if (Result != 1)
{
RSA_free(RSAPubKey);
BIO_free(PubFile);
return FALSE;
}
RSA_free(RSAPubKey);
BIO_free(PubFile);
return TRUE;
}
RSA* GetRSAPubKey(CK_SESSION_HANDLE Session)
{
CK_RV Result = CKR_OK;
RSA *PubKey = NULL;
CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
CK_KEY_TYPE keytype = CKK_RSA;
CK_BYTE truevalue = TRUE;
CK_BYTE falsevalue = FALSE;
CK_BYTE publab[] = "PubKey";
CK_OBJECT_HANDLE PubHandle = 0;
CK_ULONG ObjCount = 0;
CK_BYTE RSA_PUB_N[1024] = {0};
CK_ULONG RSA_PUB_N_LEN = 1024;
CK_BYTE RSA_PUB_E[1024] = {0};
CK_ULONG RSA_PUB_E_LEN = 1024;
CK_ATTRIBUTE PubKeyAttr[] = {
{CKA_CLASS, &objectclass, sizeof(objectclass)},
{CKA_KEY_TYPE, &keytype, sizeof(keytype)},
{CKA_TOKEN, &truevalue, sizeof (truevalue)},
{CKA_LABEL, publab, sizeof(publab)-1},
{CKA_ENCRYPT, &truevalue, sizeof(truevalue)},
{CKA_VERIFY, &truevalue, sizeof(truevalue)},
{CKA_PRIVATE, &falsevalue, sizeof(falsevalue)},
{CKA_MODULUS, RSA_PUB_N, RSA_PUB_N_LEN},
{CKA_PUBLIC_EXPONENT, RSA_PUB_E, RSA_PUB_E_LEN}
};
CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
if (Result != CKR_OK)
{
return NULL;
}
Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
C_FindObjectsFinal(Session);
if ((Result != CKR_OK) || (ObjCount == 0))
{
return NULL;
}
Result = C_GetAttributeValue(Session, PubHandle, PubKeyAttr, 9);
if (Result != CKR_OK)
{
return NULL;
}
PubKey = RSA_new();
PubKey->n = BN_bin2bn((const unsigned char*)PubKeyAttr[7].pValue, PubKeyAttr[7].ulValueLen, NULL);
PubKey->e = BN_bin2bn((const unsigned char*)PubKeyAttr[8].pValue, PubKeyAttr[8].ulValueLen, NULL);
return PubKey;
}
VOID FreeRSA(RSA *rsa)
{
if (rsa != NULL)
{
RSA_free(rsa);
}
}
相关文章推荐
- PKCS#11的部分使用例码,仅供参考
- 在 IBM Lotus Domino 7 中使用 Web 服务,第 3 部分: 编写复杂的 Web 服务
- 使用faster rcnn训练imageNet上的部分数据集
- 使用 ftrace 调试 Linux 内核,第 1 部分
- sublime text3中使用Emmet部分标签无法闭合
- Silverlight教程第八部分:使用WPF创建一个Digg桌面应用
- Windows 8系统默认开启的.Net Framework版本是4.0,而部分用户可能需要使用到3.5或以下版本,简单添加方法
- 使用rman恢复部分表空间
- 总结:ADO.NET在开发中的部分使用方法和技巧 (转贴)
- 通用线程:POSIX 线程详解,第 3 部分 使用条件变量提高效率
- 在 Android 上使用 XML 和 JSON,第 2 部分: 交付混合了 JSON 的 Android 应用程序
- 如何更有效使用 Rational AppScan 扫描大型网站,第 1 部分: 工作原理及技术分析 推荐
- 在asp.net mvc中使用PartialView返回部分HTML段
- 在asp.net mvc中使用PartialView返回部分HTML段
- 掌握 Ajax,第 10 部分: 使用 JSON 进行数据传输
- Linux/Unix下Shell快捷键操作大集合及部分Bash使用技巧-另附Ubuntu常用快捷键
- springMVC使用modelAttribute部分更新
- 《初入linux》--第四部分-vim编辑器的使用与gedit编辑器简单介绍
- JavaScript语法基础和部分使用
- 使用 jQuery,第 2 部分: 构建未来的 Web 应用程序