BOOL _ReadFile(LPCSTR FilePath, BYTE *FileContent, DWORD *FileLength) { FILE *stream = NULL; DWORD ContentLen = 0; DWORD ReadLen = 0; if ((FilePath == NULL) || (FileLength == NULL)) { return FALSE; } stream = fopen(FilePath, "rb"); if (stream == NULL) { return FALSE; } fseek(stream, 0, SEEK_END); ContentLen = ftell(stream); fseek(stream, 0, SEEK_SET); if ((FileContent == NULL) || (*FileLength < ContentLen)) { *FileLength = ContentLen; fclose(stream); return FALSE; } *FileLength = ContentLen; ReadLen = fread(FileContent, 1, ContentLen, stream); fclose(stream); if (ReadLen != ContentLen) { return FALSE; } return TRUE; } BOOL OpenSession(CK_SESSION_HANDLE *Session) { CK_RV Result = CKR_OK; CK_SESSION_HANDLE TmpSession = 0; if (Session == NULL) { return FALSE; } Result = C_Initialize(NULL_PTR); if (Result != CKR_OK) { return FALSE; } Result = C_OpenSession(0, CKF_RW_SESSION|CKF_SERIAL_SESSION, NULL, NULL, &TmpSession); if (Result != CKR_OK) { C_Finalize(NULL_PTR); return FALSE; } Result = C_Login(TmpSession, CKU_USER, (CK_UTF8CHAR_PTR)"12345678", 8); if (Result != CKR_OK) { C_CloseSession(TmpSession); C_Finalize(NULL_PTR); return FALSE; } *Session = TmpSession; return TRUE; } BOOL CloseSession(CK_SESSION_HANDLE Session) { C_Logout(Session); C_CloseSession(Session); C_Finalize(NULL_PTR); return TRUE; } BOOL ImportPubKey(CK_SESSION_HANDLE Session) { BIO *PubFile = NULL; RSA *RSAPubKey = NULL; CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE publab[] = "PubKey"; CK_VOID_PTR RSA_PUB_N = NULL; CK_VOID_PTR RSA_PUB_E = NULL; CK_OBJECT_HANDLE PubHandle = 0; CK_ULONG ObjCount = 0; PubFile = BIO_new(BIO_s_file()); if (PubFile == NULL) { return FALSE; } Result = BIO_read_filename(PubFile, "PubKey.pub"); if (Result != 1) { BIO_free(PubFile); return FALSE; } RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL); if (RSAPubKey == NULL) { BIO_free(PubFile); return FALSE; } RSA_PUB_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->n)); Result = BN_bn2bin(RSAPubKey->n, (BYTE*)RSA_PUB_N); if (Result != BN_num_bytes(RSAPubKey->n)) { free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } RSA_PUB_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->e)); Result = BN_bn2bin(RSAPubKey->e, (BYTE*)RSA_PUB_E); if (Result != BN_num_bytes(RSAPubKey->e)) { free(RSA_PUB_E); free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } CK_ATTRIBUTE PubKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, publab, sizeof(publab)-1}, {CKA_ENCRYPT, &truevalue, sizeof(truevalue)}, {CKA_VERIFY, &truevalue, sizeof(truevalue)}, {CKA_PRIVATE, &falsevalue, sizeof(falsevalue)}, {CKA_MODULUS, RSA_PUB_N, BN_num_bytes(RSAPubKey->n)}, {CKA_PUBLIC_EXPONENT, RSA_PUB_E, BN_num_bytes(RSAPubKey->e)} }; Result = C_FindObjectsInit(Session, PubKeyAttr, 4); if (Result != CKR_OK) { free(RSA_PUB_E); free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); if ((Result == CKR_OK) && (ObjCount == 1)) { C_DestroyObject(Session, PubHandle); } Result = C_CreateObject( Session, PubKeyAttr, 9, &PubHandle); C_FindObjectsFinal(Session); if (Result != CKR_OK) { free(RSA_PUB_E); free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } free(RSA_PUB_E); free(RSA_PUB_N); RSA_free(RSAPubKey); BIO_free(PubFile); return TRUE; } BOOL ImportPriKey(CK_SESSION_HANDLE Session) { BIO *PriFile = NULL; RSA *RSAPriKey = NULL; CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE prilab[] = "PriKey"; CK_VOID_PTR RSA_PRI_N = NULL; CK_VOID_PTR RSA_PRI_E = NULL; CK_VOID_PTR RSA_PRI_P = NULL; CK_VOID_PTR RSA_PRI_Q = NULL; CK_VOID_PTR RSA_PRI_D = NULL; CK_VOID_PTR RSA_PRI_DMP1 = NULL; CK_VOID_PTR RSA_PRI_DMQ1 = NULL; CK_VOID_PTR RSA_PRI_IQMP = NULL; CK_OBJECT_HANDLE PriHandle = 0; CK_ULONG ObjCount = 0; PriFile = BIO_new(BIO_s_file()); if (PriFile == NULL) { return FALSE; } Result = BIO_read_filename(PriFile, "PriKey.pri"); if (Result != 1) { BIO_free(PriFile); return FALSE; } RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL); if (RSAPriKey == NULL) { BIO_free(PriFile); return NULL; } RSA_PRI_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->n)); Result = BN_bn2bin(RSAPriKey->n, (BYTE*)RSA_PRI_N); if (Result != BN_num_bytes(RSAPriKey->n)) { free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->e)); Result = BN_bn2bin(RSAPriKey->e, (BYTE*)RSA_PRI_E); if (Result != BN_num_bytes(RSAPriKey->e)) { free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_P = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->p)); Result = BN_bn2bin(RSAPriKey->p, (BYTE*)RSA_PRI_P); if (Result != BN_num_bytes(RSAPriKey->p)) { free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_Q = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->q)); Result = BN_bn2bin(RSAPriKey->q, (BYTE*)RSA_PRI_Q); if (Result != BN_num_bytes(RSAPriKey->q)) { free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_D = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->d)); Result = BN_bn2bin(RSAPriKey->d, (BYTE*)RSA_PRI_D); if (Result != BN_num_bytes(RSAPriKey->d)) { free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_DMP1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmp1)); Result = BN_bn2bin(RSAPriKey->dmp1, (BYTE*)RSA_PRI_DMP1); if (Result != BN_num_bytes(RSAPriKey->dmp1)) { free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_DMQ1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmq1)); Result = BN_bn2bin(RSAPriKey->dmq1, (BYTE*)RSA_PRI_DMQ1); if (Result != BN_num_bytes(RSAPriKey->dmq1)) { free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_PRI_IQMP = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->iqmp)); Result = BN_bn2bin(RSAPriKey->iqmp, (BYTE*)RSA_PRI_IQMP); if (Result != BN_num_bytes(RSAPriKey->iqmp)) { free(RSA_PRI_IQMP); free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } CK_ATTRIBUTE PriKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, prilab, sizeof(prilab)-1}, {CKA_DECRYPT, &truevalue, sizeof(truevalue)}, {CKA_SIGN, &truevalue, sizeof(truevalue)}, {CKA_PRIVATE, &truevalue, sizeof(truevalue)}, {CKA_MODULUS, RSA_PRI_N, BN_num_bytes(RSAPriKey->n)}, {CKA_PUBLIC_EXPONENT, RSA_PRI_E, BN_num_bytes(RSAPriKey->e)}, {CKA_PRIME_1, RSA_PRI_P, BN_num_bytes(RSAPriKey->p)}, {CKA_PRIME_2, RSA_PRI_Q, BN_num_bytes(RSAPriKey->q)}, {CKA_PRIVATE_EXPONENT, RSA_PRI_D, BN_num_bytes(RSAPriKey->d)}, {CKA_EXPONENT_1, RSA_PRI_DMP1, BN_num_bytes(RSAPriKey->dmp1)}, {CKA_EXPONENT_2, RSA_PRI_DMQ1, BN_num_bytes(RSAPriKey->dmq1)}, {CKA_COEFFICIENT, RSA_PRI_IQMP, BN_num_bytes(RSAPriKey->iqmp)} }; Result = C_FindObjectsInit(Session, PriKeyAttr, 4); if (Result != CKR_OK) { free(RSA_PRI_IQMP); free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); if ((Result == CKR_OK) && (ObjCount == 1)) { C_DestroyObject(Session, PriHandle); } Result = C_CreateObject( Session, PriKeyAttr, 15, &PriHandle); C_FindObjectsFinal(Session); if (Result != CKR_OK) { free(RSA_PRI_IQMP); free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } free(RSA_PRI_IQMP); free(RSA_PRI_DMQ1); free(RSA_PRI_DMP1); free(RSA_PRI_D); free(RSA_PRI_Q); free(RSA_PRI_P); free(RSA_PRI_E); free(RSA_PRI_N); RSA_free(RSAPriKey); BIO_free(PriFile); return TRUE; } BOOL ImportData(CK_SESSION_HANDLE Session) { CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_DATA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE datalab[] = "Data"; CK_BYTE databuf[1024] = {0}; CK_ULONG databuflen = 1024; CK_OBJECT_HANDLE DataHandle = 0; CK_ULONG ObjCount = 0; _ReadFile("data.txt", databuf, &databuflen); CK_ATTRIBUTE DataAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, datalab, sizeof(datalab)-1}, {CKA_VALUE, databuf, databuflen} }; Result = C_FindObjectsInit(Session, DataAttr, 3); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount); if ((Result == CKR_OK) && (ObjCount == 1)) { C_DestroyObject(Session, DataHandle); } Result = C_CreateObject( Session, DataAttr, 4, &DataHandle); C_FindObjectsFinal(Session); if (Result != CKR_OK) { return FALSE; } return TRUE; } BOOL P11GernateRSA(CK_SESSION_HANDLE Session) { CK_RV Result = CKR_OK; CK_OBJECT_CLASS pubkeyclass = CKO_PUBLIC_KEY; CK_OBJECT_CLASS prikeyclass = CKO_PRIVATE_KEY; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE pubkeylab[] = "P11PubKey"; CK_BYTE prikeylab[] = "P11PriKey"; CK_ULONG ModBit = 1024; CK_OBJECT_HANDLE PubHandle = 0; CK_OBJECT_HANDLE PriHandle = 0; CK_ULONG ObjCount = 0; CK_ATTRIBUTE PubKeyAttr[] = { {CKA_CLASS, &pubkeyclass, sizeof(pubkeyclass)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, pubkeylab, sizeof(pubkeylab)-1}, {CKA_ENCRYPT, &truevalue, sizeof(truevalue)}, {CKA_VERIFY, &truevalue, sizeof(truevalue)}, {CKA_PRIVATE, &falsevalue, sizeof (falsevalue)}, {CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)} }; CK_ATTRIBUTE PriKeyAttr[] = { {CKA_CLASS, &prikeyclass, sizeof(prikeyclass)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, prikeylab, sizeof(prikeylab)-1}, {CKA_DECRYPT, &truevalue, sizeof(truevalue)}, {CKA_SIGN, &truevalue, sizeof(truevalue)}, {CKA_PRIVATE, &truevalue, sizeof(truevalue)}, {CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)} }; CK_MECHANISM mechanism = {CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0}; Result = C_FindObjectsInit(Session, PubKeyAttr, 3); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); if (Result == CKR_OK) { C_DestroyObject(Session, PubHandle); } C_FindObjectsFinal(Session); Result = C_FindObjectsInit(Session, PriKeyAttr, 3); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); if (Result == CKR_OK) { C_DestroyObject(Session, PriHandle); } C_FindObjectsFinal(Session); Result = C_GenerateKeyPair( Session, &mechanism, PubKeyAttr, 7, PriKeyAttr, 7, &PubHandle, &PriHandle); if (Result != CKR_OK) { return FALSE; } return TRUE; } BOOL TestReadData(CK_SESSION_HANDLE Session) { CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_DATA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE datalab[] = "Data"; CK_BYTE databuf[1024] = {0}; CK_ULONG databuflen = 1024; CK_OBJECT_HANDLE DataHandle = 0; CK_ULONG ObjCount = 0; CK_ATTRIBUTE DataAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, datalab, sizeof(datalab)-1}, {CKA_VALUE, databuf, databuflen} }; Result = C_FindObjectsInit(Session, DataAttr, 3); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount); if ((Result != CKR_OK) || (ObjCount == 0)) { C_FindObjectsFinal(Session); return FALSE; } Result = C_GetAttributeValue(Session, DataHandle, DataAttr, 4); C_FindObjectsFinal(Session); if (Result != CKR_OK) { return FALSE; } printf("data:/n%s/n", DataAttr[3].pValue); return TRUE; } BOOL TestWriteData(CK_SESSION_HANDLE Session) { CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_DATA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE datalab[] = "Data"; CK_BYTE databuf[] = "hello china"; CK_ULONG databuflen = sizeof(databuf)-1; CK_OBJECT_HANDLE DataHandle = 0; CK_ULONG ObjCount = 0; CK_ATTRIBUTE DataAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, datalab, sizeof(datalab)-1}, {CKA_VALUE, databuf, databuflen} }; Result = C_FindObjectsInit(Session, DataAttr, 3); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount); if ((Result != CKR_OK) || (ObjCount == 0)) { C_FindObjectsFinal(Session); return FALSE; } Result = C_SetAttributeValue(Session, DataHandle, DataAttr, 4); C_FindObjectsFinal(Session); if (Result != CKR_OK) { return FALSE; } return TRUE; } BOOL TestP11RSAEncrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen) { CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE publab[] = "PubKey"; CK_OBJECT_HANDLE PubHandle = 0; CK_ULONG ObjCount = 0; CK_ATTRIBUTE PubKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, publab, sizeof(publab)-1}, }; CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; Result = C_FindObjectsInit(Session, PubKeyAttr, 4); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); C_FindObjectsFinal(Session); if ((Result != CKR_OK) || (ObjCount == 0)) { return FALSE; } Result = C_EncryptInit(Session, &mechanism, PubHandle); if (Result != CKR_OK) { return FALSE; } Result = C_Encrypt(Session, DeBuf, DeBufLen, EnBuf, EnBufLen); if (Result != CKR_OK) { return FALSE; } return TRUE; } BOOL TestP11RSADecrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen) { CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE prilab[] = "PriKey"; CK_OBJECT_HANDLE PriHandle = 0; CK_ULONG ObjCount = 0; CK_ATTRIBUTE PriKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, prilab, sizeof(prilab)-1} }; CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; Result = C_FindObjectsInit(Session, PriKeyAttr, 4); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); C_FindObjectsFinal(Session); if ((Result != CKR_OK) || (ObjCount == 0)) { return FALSE; } Result = C_DecryptInit(Session, &mechanism, PriHandle); if (Result != CKR_OK) { return FALSE; } Result = C_Decrypt(Session, EnBuf, EnBufLen, DeBuf, DeBufLen); if (Result != CKR_OK) { return FALSE; } return TRUE; } BOOL TestOpenSSLRSAEncrypt(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen) { BIO *PubFile = NULL; RSA *RSAPubKey = NULL; int Padding = RSA_PKCS1_PADDING; CK_RV Result = CKR_OK; PubFile = BIO_new(BIO_s_file()); if (PubFile == NULL) { return FALSE; } Result = BIO_read_filename(PubFile, "PubKey.pub"); if (Result != 1) { BIO_free(PubFile); return FALSE; } RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL); if (RSAPubKey == NULL) { BIO_free(PubFile); return FALSE; } *EnBufLen = RSA_public_encrypt(DeBufLen, DeBuf, EnBuf, RSAPubKey, Padding); if (*EnBufLen <= 0) { RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } RSA_free(RSAPubKey); BIO_free(PubFile); return TRUE; } BOOL TestOpenSSLRSADecrypt(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen) { BIO *PriFile = NULL; RSA *RSAPriKey = NULL; int Padding = RSA_PKCS1_PADDING; CK_RV Result = CKR_OK; PriFile = BIO_new(BIO_s_file()); if (PriFile == NULL) { return FALSE; } Result = BIO_read_filename(PriFile, "PriKey.pri"); if (Result != 1) { BIO_free(PriFile); return FALSE; } RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL); if (RSAPriKey == NULL) { BIO_free(PriFile); return FALSE; } *DeBufLen = RSA_private_decrypt(EnBufLen, EnBuf, DeBuf, RSAPriKey, Padding); if (*DeBufLen <= 0) { RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_free(RSAPriKey); BIO_free(PriFile); return TRUE; } BOOL TestP11RSASign(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen) { CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE prilab[] = "PriKey"; CK_OBJECT_HANDLE PriHandle = 0; CK_ULONG ObjCount = 0; CK_ATTRIBUTE PriKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, prilab, sizeof(prilab)-1} }; CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; Result = C_FindObjectsInit(Session, PriKeyAttr, 4); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); C_FindObjectsFinal(Session); if ((Result != CKR_OK) || (ObjCount == 0)) { return FALSE; } Result = C_SignInit(Session, &mechanism, PriHandle); if (Result != CKR_OK) { return FALSE; } Result = C_Sign(Session, DeBuf, DeBufLen, EnBuf, EnBufLen); if (Result != CKR_OK) { return FALSE; } return TRUE; } BOOL TestP11RSAVerify(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen) { CK_RV Result = CKR_OK; CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE publab[] = "PubKey"; CK_OBJECT_HANDLE PubHandle = 0; CK_ULONG ObjCount = 0; CK_ATTRIBUTE PubKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, publab, sizeof(publab)-1}, }; CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; Result = C_FindObjectsInit(Session, PubKeyAttr, 4); if (Result != CKR_OK) { return FALSE; } Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); C_FindObjectsFinal(Session); if ((Result != CKR_OK) || (ObjCount == 0)) { return FALSE; } Result = C_VerifyInit(Session, &mechanism, PubHandle); if (Result != CKR_OK) { return FALSE; } Result = C_Verify(Session, DeBuf, DeBufLen, EnBuf, EnBufLen); if (Result != CKR_OK) { return FALSE; } return TRUE; } BOOL TestOpenSSLRSASign(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen) { BIO *PriFile = NULL; RSA *RSAPriKey = NULL; int Padding = RSA_PKCS1_PADDING; CK_RV Result = CKR_OK; PriFile = BIO_new(BIO_s_file()); if (PriFile == NULL) { return FALSE; } Result = BIO_read_filename(PriFile, "PriKey.pri"); if (Result != 1) { BIO_free(PriFile); return FALSE; } RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL); if (RSAPriKey == NULL) { BIO_free(PriFile); return FALSE; } Result = RSA_sign(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, (unsigned int*)EnBufLen, RSAPriKey); if (Result != 1) { RSA_free(RSAPriKey); BIO_free(PriFile); return FALSE; } RSA_free(RSAPriKey); BIO_free(PriFile); return TRUE; } BOOL TestOpenSSLRSAVerify(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen) { BIO *PubFile = NULL; RSA *RSAPubKey = NULL; int Padding = RSA_PKCS1_PADDING; CK_RV Result = CKR_OK; PubFile = BIO_new(BIO_s_file()); if (PubFile == NULL) { return FALSE; } Result = BIO_read_filename(PubFile, "PubKey.pub"); if (Result != 1) { BIO_free(PubFile); return FALSE; } RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL); if (RSAPubKey == NULL) { BIO_free(PubFile); return FALSE; } Result = RSA_verify(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, EnBufLen, RSAPubKey); if (Result != 1) { RSA_free(RSAPubKey); BIO_free(PubFile); return FALSE; } RSA_free(RSAPubKey); BIO_free(PubFile); return TRUE; } RSA* GetRSAPubKey(CK_SESSION_HANDLE Session) { CK_RV Result = CKR_OK; RSA *PubKey = NULL; CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; CK_KEY_TYPE keytype = CKK_RSA; CK_BYTE truevalue = TRUE; CK_BYTE falsevalue = FALSE; CK_BYTE publab[] = "PubKey"; CK_OBJECT_HANDLE PubHandle = 0; CK_ULONG ObjCount = 0; CK_BYTE RSA_PUB_N[1024] = {0}; CK_ULONG RSA_PUB_N_LEN = 1024; CK_BYTE RSA_PUB_E[1024] = {0}; CK_ULONG RSA_PUB_E_LEN = 1024; CK_ATTRIBUTE PubKeyAttr[] = { {CKA_CLASS, &objectclass, sizeof(objectclass)}, {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, {CKA_TOKEN, &truevalue, sizeof (truevalue)}, {CKA_LABEL, publab, sizeof(publab)-1}, {CKA_ENCRYPT, &truevalue, sizeof(truevalue)}, {CKA_VERIFY, &truevalue, sizeof(truevalue)}, {CKA_PRIVATE, &falsevalue, sizeof(falsevalue)}, {CKA_MODULUS, RSA_PUB_N, RSA_PUB_N_LEN}, {CKA_PUBLIC_EXPONENT, RSA_PUB_E, RSA_PUB_E_LEN} }; CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; Result = C_FindObjectsInit(Session, PubKeyAttr, 4); if (Result != CKR_OK) { return NULL; } Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); C_FindObjectsFinal(Session); if ((Result != CKR_OK) || (ObjCount == 0)) { return NULL; } Result = C_GetAttributeValue(Session, PubHandle, PubKeyAttr, 9); if (Result != CKR_OK) { return NULL; } PubKey = RSA_new(); PubKey->n = BN_bin2bn((const unsigned char*)PubKeyAttr[7].pValue, PubKeyAttr[7].ulValueLen, NULL); PubKey->e = BN_bin2bn((const unsigned char*)PubKeyAttr[8].pValue, PubKeyAttr[8].ulValueLen, NULL); return PubKey; } VOID FreeRSA(RSA *rsa) { if (rsa != NULL) { RSA_free(rsa); } }