- //PKCS#11的部分使用例码,仅供参考
- BOOL _ReadFile(LPCSTR FilePath, BYTE *FileContent, DWORD *FileLength)
- {
- FILE *stream = NULL;
- DWORD ContentLen = 0;
- DWORD ReadLen = 0;
- if ((FilePath == NULL) || (FileLength == NULL))
- {
- return FALSE;
- }
- stream = fopen(FilePath, "rb");
- if (stream == NULL)
- {
- return FALSE;
- }
- fseek(stream, 0, SEEK_END);
- ContentLen = ftell(stream);
- fseek(stream, 0, SEEK_SET);
- if ((FileContent == NULL) || (*FileLength < ContentLen))
- {
- *FileLength = ContentLen;
- fclose(stream);
- return FALSE;
- }
- *FileLength = ContentLen;
- ReadLen = fread(FileContent, 1, ContentLen, stream);
- fclose(stream);
- if (ReadLen != ContentLen)
- {
- return FALSE;
- }
- return TRUE;
- }
- BOOL OpenSession(CK_SESSION_HANDLE *Session)
- {
- CK_RV Result = CKR_OK;
- CK_SESSION_HANDLE TmpSession = 0;
- if (Session == NULL)
- {
- return FALSE;
- }
- Result = C_Initialize(NULL_PTR);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_OpenSession(0, CKF_RW_SESSION|CKF_SERIAL_SESSION, NULL, NULL, &TmpSession);
- if (Result != CKR_OK)
- {
- C_Finalize(NULL_PTR);
- return FALSE;
- }
- Result = C_Login(TmpSession, CKU_USER, (CK_UTF8CHAR_PTR)"12345678", 8);
- if (Result != CKR_OK)
- {
- C_CloseSession(TmpSession);
- C_Finalize(NULL_PTR);
- return FALSE;
- }
- *Session = TmpSession;
- return TRUE;
- }
- BOOL CloseSession(CK_SESSION_HANDLE Session)
- {
- C_Logout(Session);
- C_CloseSession(Session);
- C_Finalize(NULL_PTR);
- return TRUE;
- }
- BOOL ImportPubKey(CK_SESSION_HANDLE Session)
- {
- BIO *PubFile = NULL;
- RSA *RSAPubKey = NULL;
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
- CK_KEY_TYPE keytype = CKK_RSA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE publab[] = "PubKey";
- CK_VOID_PTR RSA_PUB_N = NULL;
- CK_VOID_PTR RSA_PUB_E = NULL;
- CK_OBJECT_HANDLE PubHandle = 0;
- CK_ULONG ObjCount = 0;
- PubFile = BIO_new(BIO_s_file());
- if (PubFile == NULL)
- {
- return FALSE;
- }
- Result = BIO_read_filename(PubFile, "PubKey.pub");
- if (Result != 1)
- {
- BIO_free(PubFile);
- return FALSE;
- }
- RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL);
- if (RSAPubKey == NULL)
- {
- BIO_free(PubFile);
- return FALSE;
- }
- RSA_PUB_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->n));
- Result = BN_bn2bin(RSAPubKey->n, (BYTE*)RSA_PUB_N);
- if (Result != BN_num_bytes(RSAPubKey->n))
- {
- free(RSA_PUB_N);
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return FALSE;
- }
- RSA_PUB_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->e));
- Result = BN_bn2bin(RSAPubKey->e, (BYTE*)RSA_PUB_E);
- if (Result != BN_num_bytes(RSAPubKey->e))
- {
- free(RSA_PUB_E);
- free(RSA_PUB_N);
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return FALSE;
- }
- CK_ATTRIBUTE PubKeyAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_KEY_TYPE, &keytype, sizeof(keytype)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, publab, sizeof(publab)-1},
- {CKA_ENCRYPT, &truevalue, sizeof(truevalue)},
- {CKA_VERIFY, &truevalue, sizeof(truevalue)},
- {CKA_PRIVATE, &falsevalue, sizeof(falsevalue)},
- {CKA_MODULUS, RSA_PUB_N, BN_num_bytes(RSAPubKey->n)},
- {CKA_PUBLIC_EXPONENT, RSA_PUB_E, BN_num_bytes(RSAPubKey->e)}
- };
- Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
- if (Result != CKR_OK)
- {
- free(RSA_PUB_E);
- free(RSA_PUB_N);
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return FALSE;
- }
- Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
- if ((Result == CKR_OK) && (ObjCount == 1))
- {
- C_DestroyObject(Session, PubHandle);
- }
- Result = C_CreateObject(
- Session,
- PubKeyAttr,
- 9,
- &PubHandle);
- C_FindObjectsFinal(Session);
- if (Result != CKR_OK)
- {
- free(RSA_PUB_E);
- free(RSA_PUB_N);
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return FALSE;
- }
- free(RSA_PUB_E);
- free(RSA_PUB_N);
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return TRUE;
- }
- BOOL ImportPriKey(CK_SESSION_HANDLE Session)
- {
- BIO *PriFile = NULL;
- RSA *RSAPriKey = NULL;
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY;
- CK_KEY_TYPE keytype = CKK_RSA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE prilab[] = "PriKey";
- CK_VOID_PTR RSA_PRI_N = NULL;
- CK_VOID_PTR RSA_PRI_E = NULL;
- CK_VOID_PTR RSA_PRI_P = NULL;
- CK_VOID_PTR RSA_PRI_Q = NULL;
- CK_VOID_PTR RSA_PRI_D = NULL;
- CK_VOID_PTR RSA_PRI_DMP1 = NULL;
- CK_VOID_PTR RSA_PRI_DMQ1 = NULL;
- CK_VOID_PTR RSA_PRI_IQMP = NULL;
- CK_OBJECT_HANDLE PriHandle = 0;
- CK_ULONG ObjCount = 0;
- PriFile = BIO_new(BIO_s_file());
- if (PriFile == NULL)
- {
- return FALSE;
- }
- Result = BIO_read_filename(PriFile, "PriKey.pri");
- if (Result != 1)
- {
- BIO_free(PriFile);
- return FALSE;
- }
- RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL);
- if (RSAPriKey == NULL)
- {
- BIO_free(PriFile);
- return NULL;
- }
- RSA_PRI_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->n));
- Result = BN_bn2bin(RSAPriKey->n, (BYTE*)RSA_PRI_N);
- if (Result != BN_num_bytes(RSAPriKey->n))
- {
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_PRI_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->e));
- Result = BN_bn2bin(RSAPriKey->e, (BYTE*)RSA_PRI_E);
- if (Result != BN_num_bytes(RSAPriKey->e))
- {
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_PRI_P = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->p));
- Result = BN_bn2bin(RSAPriKey->p, (BYTE*)RSA_PRI_P);
- if (Result != BN_num_bytes(RSAPriKey->p))
- {
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_PRI_Q = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->q));
- Result = BN_bn2bin(RSAPriKey->q, (BYTE*)RSA_PRI_Q);
- if (Result != BN_num_bytes(RSAPriKey->q))
- {
- free(RSA_PRI_Q);
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_PRI_D = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->d));
- Result = BN_bn2bin(RSAPriKey->d, (BYTE*)RSA_PRI_D);
- if (Result != BN_num_bytes(RSAPriKey->d))
- {
- free(RSA_PRI_D);
- free(RSA_PRI_Q);
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_PRI_DMP1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmp1));
- Result = BN_bn2bin(RSAPriKey->dmp1, (BYTE*)RSA_PRI_DMP1);
- if (Result != BN_num_bytes(RSAPriKey->dmp1))
- {
- free(RSA_PRI_DMP1);
- free(RSA_PRI_D);
- free(RSA_PRI_Q);
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_PRI_DMQ1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmq1));
- Result = BN_bn2bin(RSAPriKey->dmq1, (BYTE*)RSA_PRI_DMQ1);
- if (Result != BN_num_bytes(RSAPriKey->dmq1))
- {
- free(RSA_PRI_DMQ1);
- free(RSA_PRI_DMP1);
- free(RSA_PRI_D);
- free(RSA_PRI_Q);
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_PRI_IQMP = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->iqmp));
- Result = BN_bn2bin(RSAPriKey->iqmp, (BYTE*)RSA_PRI_IQMP);
- if (Result != BN_num_bytes(RSAPriKey->iqmp))
- {
- free(RSA_PRI_IQMP);
- free(RSA_PRI_DMQ1);
- free(RSA_PRI_DMP1);
- free(RSA_PRI_D);
- free(RSA_PRI_Q);
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- CK_ATTRIBUTE PriKeyAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_KEY_TYPE, &keytype, sizeof(keytype)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, prilab, sizeof(prilab)-1},
- {CKA_DECRYPT, &truevalue, sizeof(truevalue)},
- {CKA_SIGN, &truevalue, sizeof(truevalue)},
- {CKA_PRIVATE, &truevalue, sizeof(truevalue)},
- {CKA_MODULUS, RSA_PRI_N, BN_num_bytes(RSAPriKey->n)},
- {CKA_PUBLIC_EXPONENT, RSA_PRI_E, BN_num_bytes(RSAPriKey->e)},
- {CKA_PRIME_1, RSA_PRI_P, BN_num_bytes(RSAPriKey->p)},
- {CKA_PRIME_2, RSA_PRI_Q, BN_num_bytes(RSAPriKey->q)},
- {CKA_PRIVATE_EXPONENT, RSA_PRI_D, BN_num_bytes(RSAPriKey->d)},
- {CKA_EXPONENT_1, RSA_PRI_DMP1, BN_num_bytes(RSAPriKey->dmp1)},
- {CKA_EXPONENT_2, RSA_PRI_DMQ1, BN_num_bytes(RSAPriKey->dmq1)},
- {CKA_COEFFICIENT, RSA_PRI_IQMP, BN_num_bytes(RSAPriKey->iqmp)}
- };
- Result = C_FindObjectsInit(Session, PriKeyAttr, 4);
- if (Result != CKR_OK)
- {
- free(RSA_PRI_IQMP);
- free(RSA_PRI_DMQ1);
- free(RSA_PRI_DMP1);
- free(RSA_PRI_D);
- free(RSA_PRI_Q);
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
- if ((Result == CKR_OK) && (ObjCount == 1))
- {
- C_DestroyObject(Session, PriHandle);
- }
- Result = C_CreateObject(
- Session,
- PriKeyAttr,
- 15,
- &PriHandle);
- C_FindObjectsFinal(Session);
- if (Result != CKR_OK)
- {
- free(RSA_PRI_IQMP);
- free(RSA_PRI_DMQ1);
- free(RSA_PRI_DMP1);
- free(RSA_PRI_D);
- free(RSA_PRI_Q);
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- free(RSA_PRI_IQMP);
- free(RSA_PRI_DMQ1);
- free(RSA_PRI_DMP1);
- free(RSA_PRI_D);
- free(RSA_PRI_Q);
- free(RSA_PRI_P);
- free(RSA_PRI_E);
- free(RSA_PRI_N);
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return TRUE;
- }
- BOOL ImportData(CK_SESSION_HANDLE Session)
- {
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_DATA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE datalab[] = "Data";
- CK_BYTE databuf[1024] = {0};
- CK_ULONG databuflen = 1024;
- CK_OBJECT_HANDLE DataHandle = 0;
- CK_ULONG ObjCount = 0;
- _ReadFile("data.txt", databuf, &databuflen);
- CK_ATTRIBUTE DataAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, datalab, sizeof(datalab)-1},
- {CKA_VALUE, databuf, databuflen}
- };
- Result = C_FindObjectsInit(Session, DataAttr, 3);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
- if ((Result == CKR_OK) && (ObjCount == 1))
- {
- C_DestroyObject(Session, DataHandle);
- }
- Result = C_CreateObject(
- Session,
- DataAttr,
- 4,
- &DataHandle);
- C_FindObjectsFinal(Session);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- return TRUE;
- }
- BOOL P11GernateRSA(CK_SESSION_HANDLE Session)
- {
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS pubkeyclass = CKO_PUBLIC_KEY;
- CK_OBJECT_CLASS prikeyclass = CKO_PRIVATE_KEY;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE pubkeylab[] = "P11PubKey";
- CK_BYTE prikeylab[] = "P11PriKey";
- CK_ULONG ModBit = 1024;
- CK_OBJECT_HANDLE PubHandle = 0;
- CK_OBJECT_HANDLE PriHandle = 0;
- CK_ULONG ObjCount = 0;
- CK_ATTRIBUTE PubKeyAttr[] = {
- {CKA_CLASS, &pubkeyclass, sizeof(pubkeyclass)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, pubkeylab, sizeof(pubkeylab)-1},
- {CKA_ENCRYPT, &truevalue, sizeof(truevalue)},
- {CKA_VERIFY, &truevalue, sizeof(truevalue)},
- {CKA_PRIVATE, &falsevalue, sizeof (falsevalue)},
- {CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)}
- };
- CK_ATTRIBUTE PriKeyAttr[] = {
- {CKA_CLASS, &prikeyclass, sizeof(prikeyclass)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, prikeylab, sizeof(prikeylab)-1},
- {CKA_DECRYPT, &truevalue, sizeof(truevalue)},
- {CKA_SIGN, &truevalue, sizeof(truevalue)},
- {CKA_PRIVATE, &truevalue, sizeof(truevalue)},
- {CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)}
- };
- CK_MECHANISM mechanism = {CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0};
- Result = C_FindObjectsInit(Session, PubKeyAttr, 3);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
- if (Result == CKR_OK)
- {
- C_DestroyObject(Session, PubHandle);
- }
- C_FindObjectsFinal(Session);
- Result = C_FindObjectsInit(Session, PriKeyAttr, 3);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
- if (Result == CKR_OK)
- {
- C_DestroyObject(Session, PriHandle);
- }
- C_FindObjectsFinal(Session);
- Result = C_GenerateKeyPair(
- Session,
- &mechanism,
- PubKeyAttr,
- 7,
- PriKeyAttr,
- 7,
- &PubHandle,
- &PriHandle);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- return TRUE;
- }
- BOOL TestReadData(CK_SESSION_HANDLE Session)
- {
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_DATA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE datalab[] = "Data";
- CK_BYTE databuf[1024] = {0};
- CK_ULONG databuflen = 1024;
- CK_OBJECT_HANDLE DataHandle = 0;
- CK_ULONG ObjCount = 0;
- CK_ATTRIBUTE DataAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, datalab, sizeof(datalab)-1},
- {CKA_VALUE, databuf, databuflen}
- };
- Result = C_FindObjectsInit(Session, DataAttr, 3);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
- if ((Result != CKR_OK) || (ObjCount == 0))
- {
- C_FindObjectsFinal(Session);
- return FALSE;
- }
- Result = C_GetAttributeValue(Session, DataHandle, DataAttr, 4);
- C_FindObjectsFinal(Session);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- printf("data:/n%s/n", DataAttr[3].pValue);
- return TRUE;
- }
- BOOL TestWriteData(CK_SESSION_HANDLE Session)
- {
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_DATA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE datalab[] = "Data";
- CK_BYTE databuf[] = "hello china";
- CK_ULONG databuflen = sizeof(databuf)-1;
- CK_OBJECT_HANDLE DataHandle = 0;
- CK_ULONG ObjCount = 0;
- CK_ATTRIBUTE DataAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, datalab, sizeof(datalab)-1},
- {CKA_VALUE, databuf, databuflen}
- };
- Result = C_FindObjectsInit(Session, DataAttr, 3);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount);
- if ((Result != CKR_OK) || (ObjCount == 0))
- {
- C_FindObjectsFinal(Session);
- return FALSE;
- }
- Result = C_SetAttributeValue(Session, DataHandle, DataAttr, 4);
- C_FindObjectsFinal(Session);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- return TRUE;
- }
- BOOL TestP11RSAEncrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
- {
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
- CK_KEY_TYPE keytype = CKK_RSA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE publab[] = "PubKey";
- CK_OBJECT_HANDLE PubHandle = 0;
- CK_ULONG ObjCount = 0;
- CK_ATTRIBUTE PubKeyAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_KEY_TYPE, &keytype, sizeof(keytype)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, publab, sizeof(publab)-1},
- };
- CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
- Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
- C_FindObjectsFinal(Session);
- if ((Result != CKR_OK) || (ObjCount == 0))
- {
- return FALSE;
- }
- Result = C_EncryptInit(Session, &mechanism, PubHandle);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_Encrypt(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- return TRUE;
- }
- BOOL TestP11RSADecrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen)
- {
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY;
- CK_KEY_TYPE keytype = CKK_RSA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE prilab[] = "PriKey";
- CK_OBJECT_HANDLE PriHandle = 0;
- CK_ULONG ObjCount = 0;
- CK_ATTRIBUTE PriKeyAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_KEY_TYPE, &keytype, sizeof(keytype)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, prilab, sizeof(prilab)-1}
- };
- CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
- Result = C_FindObjectsInit(Session, PriKeyAttr, 4);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
- C_FindObjectsFinal(Session);
- if ((Result != CKR_OK) || (ObjCount == 0))
- {
- return FALSE;
- }
- Result = C_DecryptInit(Session, &mechanism, PriHandle);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_Decrypt(Session, EnBuf, EnBufLen, DeBuf, DeBufLen);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- return TRUE;
- }
- BOOL TestOpenSSLRSAEncrypt(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
- {
- BIO *PubFile = NULL;
- RSA *RSAPubKey = NULL;
- int Padding = RSA_PKCS1_PADDING;
- CK_RV Result = CKR_OK;
- PubFile = BIO_new(BIO_s_file());
- if (PubFile == NULL)
- {
- return FALSE;
- }
- Result = BIO_read_filename(PubFile, "PubKey.pub");
- if (Result != 1)
- {
- BIO_free(PubFile);
- return FALSE;
- }
- RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL);
- if (RSAPubKey == NULL)
- {
- BIO_free(PubFile);
- return FALSE;
- }
- *EnBufLen = RSA_public_encrypt(DeBufLen, DeBuf, EnBuf, RSAPubKey, Padding);
- if (*EnBufLen <= 0)
- {
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return FALSE;
- }
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return TRUE;
- }
- BOOL TestOpenSSLRSADecrypt(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen)
- {
- BIO *PriFile = NULL;
- RSA *RSAPriKey = NULL;
- int Padding = RSA_PKCS1_PADDING;
- CK_RV Result = CKR_OK;
- PriFile = BIO_new(BIO_s_file());
- if (PriFile == NULL)
- {
- return FALSE;
- }
- Result = BIO_read_filename(PriFile, "PriKey.pri");
- if (Result != 1)
- {
- BIO_free(PriFile);
- return FALSE;
- }
- RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL);
- if (RSAPriKey == NULL)
- {
- BIO_free(PriFile);
- return FALSE;
- }
- *DeBufLen = RSA_private_decrypt(EnBufLen, EnBuf, DeBuf, RSAPriKey, Padding);
- if (*DeBufLen <= 0)
- {
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return TRUE;
- }
- BOOL TestP11RSASign(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
- {
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY;
- CK_KEY_TYPE keytype = CKK_RSA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE prilab[] = "PriKey";
- CK_OBJECT_HANDLE PriHandle = 0;
- CK_ULONG ObjCount = 0;
- CK_ATTRIBUTE PriKeyAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_KEY_TYPE, &keytype, sizeof(keytype)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, prilab, sizeof(prilab)-1}
- };
- CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
- Result = C_FindObjectsInit(Session, PriKeyAttr, 4);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount);
- C_FindObjectsFinal(Session);
- if ((Result != CKR_OK) || (ObjCount == 0))
- {
- return FALSE;
- }
- Result = C_SignInit(Session, &mechanism, PriHandle);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_Sign(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- return TRUE;
- }
- BOOL TestP11RSAVerify(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen)
- {
- CK_RV Result = CKR_OK;
- CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
- CK_KEY_TYPE keytype = CKK_RSA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE publab[] = "PubKey";
- CK_OBJECT_HANDLE PubHandle = 0;
- CK_ULONG ObjCount = 0;
- CK_ATTRIBUTE PubKeyAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_KEY_TYPE, &keytype, sizeof(keytype)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, publab, sizeof(publab)-1},
- };
- CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
- Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
- C_FindObjectsFinal(Session);
- if ((Result != CKR_OK) || (ObjCount == 0))
- {
- return FALSE;
- }
- Result = C_VerifyInit(Session, &mechanism, PubHandle);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- Result = C_Verify(Session, DeBuf, DeBufLen, EnBuf, EnBufLen);
- if (Result != CKR_OK)
- {
- return FALSE;
- }
- return TRUE;
- }
- BOOL TestOpenSSLRSASign(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen)
- {
- BIO *PriFile = NULL;
- RSA *RSAPriKey = NULL;
- int Padding = RSA_PKCS1_PADDING;
- CK_RV Result = CKR_OK;
- PriFile = BIO_new(BIO_s_file());
- if (PriFile == NULL)
- {
- return FALSE;
- }
- Result = BIO_read_filename(PriFile, "PriKey.pri");
- if (Result != 1)
- {
- BIO_free(PriFile);
- return FALSE;
- }
- RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL);
- if (RSAPriKey == NULL)
- {
- BIO_free(PriFile);
- return FALSE;
- }
- Result = RSA_sign(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, (unsigned int*)EnBufLen, RSAPriKey);
- if (Result != 1)
- {
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return FALSE;
- }
- RSA_free(RSAPriKey);
- BIO_free(PriFile);
- return TRUE;
- }
- BOOL TestOpenSSLRSAVerify(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen)
- {
- BIO *PubFile = NULL;
- RSA *RSAPubKey = NULL;
- int Padding = RSA_PKCS1_PADDING;
- CK_RV Result = CKR_OK;
- PubFile = BIO_new(BIO_s_file());
- if (PubFile == NULL)
- {
- return FALSE;
- }
- Result = BIO_read_filename(PubFile, "PubKey.pub");
- if (Result != 1)
- {
- BIO_free(PubFile);
- return FALSE;
- }
- RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL);
- if (RSAPubKey == NULL)
- {
- BIO_free(PubFile);
- return FALSE;
- }
- Result = RSA_verify(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, EnBufLen, RSAPubKey);
- if (Result != 1)
- {
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return FALSE;
- }
- RSA_free(RSAPubKey);
- BIO_free(PubFile);
- return TRUE;
- }
- RSA* GetRSAPubKey(CK_SESSION_HANDLE Session)
- {
- CK_RV Result = CKR_OK;
- RSA *PubKey = NULL;
- CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY;
- CK_KEY_TYPE keytype = CKK_RSA;
- CK_BYTE truevalue = TRUE;
- CK_BYTE falsevalue = FALSE;
- CK_BYTE publab[] = "PubKey";
- CK_OBJECT_HANDLE PubHandle = 0;
- CK_ULONG ObjCount = 0;
- CK_BYTE RSA_PUB_N[1024] = {0};
- CK_ULONG RSA_PUB_N_LEN = 1024;
- CK_BYTE RSA_PUB_E[1024] = {0};
- CK_ULONG RSA_PUB_E_LEN = 1024;
- CK_ATTRIBUTE PubKeyAttr[] = {
- {CKA_CLASS, &objectclass, sizeof(objectclass)},
- {CKA_KEY_TYPE, &keytype, sizeof(keytype)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_LABEL, publab, sizeof(publab)-1},
- {CKA_ENCRYPT, &truevalue, sizeof(truevalue)},
- {CKA_VERIFY, &truevalue, sizeof(truevalue)},
- {CKA_PRIVATE, &falsevalue, sizeof(falsevalue)},
- {CKA_MODULUS, RSA_PUB_N, RSA_PUB_N_LEN},
- {CKA_PUBLIC_EXPONENT, RSA_PUB_E, RSA_PUB_E_LEN}
- };
- CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0};
- Result = C_FindObjectsInit(Session, PubKeyAttr, 4);
- if (Result != CKR_OK)
- {
- return NULL;
- }
- Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount);
- C_FindObjectsFinal(Session);
- if ((Result != CKR_OK) || (ObjCount == 0))
- {
- return NULL;
- }
- Result = C_GetAttributeValue(Session, PubHandle, PubKeyAttr, 9);
- if (Result != CKR_OK)
- {
- return NULL;
- }
- PubKey = RSA_new();
- PubKey->n = BN_bin2bn((const unsigned char*)PubKeyAttr[7].pValue, PubKeyAttr[7].ulValueLen, NULL);
- PubKey->e = BN_bin2bn((const unsigned char*)PubKeyAttr[8].pValue, PubKeyAttr[8].ulValueLen, NULL);
- return PubKey;
- }
- VOID FreeRSA(RSA *rsa)
- {
- if (rsa != NULL)
- {
- RSA_free(rsa);
- }
- }
PKCS#11的部分使用例码,仅供参考
最新推荐文章于 2024-08-16 08:39:23 发布