PKCS#11的部分使用例码

最新推荐文章于 2022-04-25 15:40:21 发布
最新推荐文章于 2022-04-25 15:40:21 发布
阅读量1.6k 收藏 1
点赞数 1
分类专栏: PKCS#11 文章标签: pkcs#11 session byte null object class 
//PKCS#11的部分使用例码,仅供参考 
BOOL _ReadFile(LPCSTR FilePath, BYTE *FileContent, DWORD *FileLength) 
{ 
    FILE *stream = NULL; 
    DWORD ContentLen = 0; 
    DWORD ReadLen = 0; 

    if ((FilePath == NULL) || (FileLength == NULL)) 
    { 
        return FALSE; 
    } 

    stream = fopen(FilePath, "rb"); 
    if (stream == NULL) 
    { 
        return FALSE; 
    } 

    fseek(stream, 0, SEEK_END); 
    ContentLen = ftell(stream); 
    fseek(stream, 0, SEEK_SET); 

    if ((FileContent == NULL) || (*FileLength < ContentLen)) 
    { 
        *FileLength = ContentLen; 
        fclose(stream); 
        return FALSE; 
    } 

    *FileLength = ContentLen; 
    ReadLen = fread(FileContent, 1, ContentLen, stream); 
    fclose(stream); 
    if (ReadLen != ContentLen) 
    { 
        return FALSE; 
    } 

    return TRUE; 
} 

BOOL OpenSession(CK_SESSION_HANDLE *Session) 
{ 
    CK_RV Result = CKR_OK; 
    CK_SESSION_HANDLE TmpSession = 0; 

    if (Session == NULL) 
    { 
        return FALSE; 
    } 

    Result = C_Initialize(NULL_PTR); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 

    Result = C_OpenSession(0, CKF_RW_SESSION|CKF_SERIAL_SESSION, NULL, NULL, &TmpSession); 
    if (Result != CKR_OK) 
    { 
        C_Finalize(NULL_PTR); 
        return FALSE; 
    } 

    Result = C_Login(TmpSession, CKU_USER, (CK_UTF8CHAR_PTR)"12345678", 8); 
    if (Result != CKR_OK) 
    { 
        C_CloseSession(TmpSession); 
        C_Finalize(NULL_PTR); 
        return FALSE; 
    } 

    *Session = TmpSession; 
    return TRUE; 
} 

BOOL CloseSession(CK_SESSION_HANDLE Session) 
{ 
    C_Logout(Session); 
    C_CloseSession(Session); 
    C_Finalize(NULL_PTR); 
    return TRUE; 
} 

BOOL ImportPubKey(CK_SESSION_HANDLE Session) 
{ 
    BIO *PubFile = NULL; 
    RSA *RSAPubKey = NULL; 

    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; 
    CK_KEY_TYPE keytype = CKK_RSA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE publab[] = "PubKey"; 
    CK_VOID_PTR RSA_PUB_N = NULL; 
    CK_VOID_PTR RSA_PUB_E = NULL; 
    CK_OBJECT_HANDLE PubHandle = 0; 
    CK_ULONG ObjCount = 0; 

    PubFile = BIO_new(BIO_s_file()); 
    if (PubFile == NULL) 
    { 
        return FALSE; 
    } 

    Result = BIO_read_filename(PubFile, "PubKey.pub"); 
    if (Result != 1) 
    { 
        BIO_free(PubFile); 
        return FALSE; 
    } 

    RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL); 
    if (RSAPubKey == NULL) 
    { 
        BIO_free(PubFile); 
        return FALSE; 
    } 

    RSA_PUB_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->n)); 
    Result = BN_bn2bin(RSAPubKey->n, (BYTE*)RSA_PUB_N); 
    if (Result != BN_num_bytes(RSAPubKey->n)) 
    { 
        free(RSA_PUB_N); 
        RSA_free(RSAPubKey); 
        BIO_free(PubFile); 
        return FALSE; 
    } 

    RSA_PUB_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPubKey->e)); 
    Result = BN_bn2bin(RSAPubKey->e, (BYTE*)RSA_PUB_E); 
    if (Result != BN_num_bytes(RSAPubKey->e)) 
    { 
        free(RSA_PUB_E); 
        free(RSA_PUB_N); 
        RSA_free(RSAPubKey); 
        BIO_free(PubFile); 
        return FALSE; 
    } 

    CK_ATTRIBUTE PubKeyAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, publab, sizeof(publab)-1}, 
        {CKA_ENCRYPT, &truevalue, sizeof(truevalue)}, 
        {CKA_VERIFY, &truevalue, sizeof(truevalue)}, 
        {CKA_PRIVATE, &falsevalue, sizeof(falsevalue)}, 
        {CKA_MODULUS, RSA_PUB_N, BN_num_bytes(RSAPubKey->n)}, 
        {CKA_PUBLIC_EXPONENT, RSA_PUB_E, BN_num_bytes(RSAPubKey->e)} 
    }; 

    Result = C_FindObjectsInit(Session, PubKeyAttr, 4); 
    if (Result != CKR_OK) 
    { 
        free(RSA_PUB_E); 
        free(RSA_PUB_N); 
        RSA_free(RSAPubKey); 
        BIO_free(PubFile); 
        return FALSE; 
    } 

    Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); 
    if ((Result == CKR_OK) && (ObjCount == 1)) 
    { 
        C_DestroyObject(Session, PubHandle); 
    } 

    Result = C_CreateObject( 
        Session, 
        PubKeyAttr, 
        9, 
        &PubHandle); 
    C_FindObjectsFinal(Session); 
    if (Result != CKR_OK) 
    { 
        free(RSA_PUB_E); 
        free(RSA_PUB_N); 
        RSA_free(RSAPubKey); 
        BIO_free(PubFile); 
        return FALSE; 
    } 

    free(RSA_PUB_E); 
    free(RSA_PUB_N); 
    RSA_free(RSAPubKey); 
    BIO_free(PubFile); 
    return TRUE; 
} 

BOOL ImportPriKey(CK_SESSION_HANDLE Session) 
{ 
    BIO *PriFile = NULL; 
    RSA *RSAPriKey = NULL; 

    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY; 
    CK_KEY_TYPE keytype = CKK_RSA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE prilab[] = "PriKey"; 
    CK_VOID_PTR RSA_PRI_N = NULL; 
    CK_VOID_PTR RSA_PRI_E = NULL; 
    CK_VOID_PTR RSA_PRI_P = NULL; 
    CK_VOID_PTR RSA_PRI_Q = NULL; 
    CK_VOID_PTR RSA_PRI_D = NULL; 
    CK_VOID_PTR RSA_PRI_DMP1 = NULL; 
    CK_VOID_PTR RSA_PRI_DMQ1 = NULL; 
    CK_VOID_PTR RSA_PRI_IQMP = NULL; 
    CK_OBJECT_HANDLE PriHandle = 0; 
    CK_ULONG ObjCount = 0; 

    PriFile = BIO_new(BIO_s_file()); 
    if (PriFile == NULL) 
    { 
        return FALSE; 
    } 

    Result = BIO_read_filename(PriFile, "PriKey.pri"); 
    if (Result != 1) 
    { 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL); 
    if (RSAPriKey == NULL) 
    { 
        BIO_free(PriFile); 
        return NULL; 
    } 

    RSA_PRI_N = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->n)); 
    Result = BN_bn2bin(RSAPriKey->n, (BYTE*)RSA_PRI_N); 
    if (Result != BN_num_bytes(RSAPriKey->n)) 
    { 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    RSA_PRI_E = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->e)); 
    Result = BN_bn2bin(RSAPriKey->e, (BYTE*)RSA_PRI_E); 
    if (Result != BN_num_bytes(RSAPriKey->e)) 
    { 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    RSA_PRI_P = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->p)); 
    Result = BN_bn2bin(RSAPriKey->p, (BYTE*)RSA_PRI_P); 
    if (Result != BN_num_bytes(RSAPriKey->p)) 
    { 
        free(RSA_PRI_P); 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    RSA_PRI_Q = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->q)); 
    Result = BN_bn2bin(RSAPriKey->q, (BYTE*)RSA_PRI_Q); 
    if (Result != BN_num_bytes(RSAPriKey->q)) 
    { 
        free(RSA_PRI_Q); 
        free(RSA_PRI_P); 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    RSA_PRI_D = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->d)); 
    Result = BN_bn2bin(RSAPriKey->d, (BYTE*)RSA_PRI_D); 
    if (Result != BN_num_bytes(RSAPriKey->d)) 
    { 
        free(RSA_PRI_D); 
        free(RSA_PRI_Q); 
        free(RSA_PRI_P); 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    RSA_PRI_DMP1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmp1)); 
    Result = BN_bn2bin(RSAPriKey->dmp1, (BYTE*)RSA_PRI_DMP1); 
    if (Result != BN_num_bytes(RSAPriKey->dmp1)) 
    { 
        free(RSA_PRI_DMP1); 
        free(RSA_PRI_D); 
        free(RSA_PRI_Q); 
        free(RSA_PRI_P); 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    RSA_PRI_DMQ1 = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->dmq1)); 
    Result = BN_bn2bin(RSAPriKey->dmq1, (BYTE*)RSA_PRI_DMQ1); 
    if (Result != BN_num_bytes(RSAPriKey->dmq1)) 
    { 
        free(RSA_PRI_DMQ1); 
        free(RSA_PRI_DMP1); 
        free(RSA_PRI_D); 
        free(RSA_PRI_Q); 
        free(RSA_PRI_P); 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    RSA_PRI_IQMP = (CK_VOID_PTR)malloc(BN_num_bytes(RSAPriKey->iqmp)); 
    Result = BN_bn2bin(RSAPriKey->iqmp, (BYTE*)RSA_PRI_IQMP); 
    if (Result != BN_num_bytes(RSAPriKey->iqmp)) 
    { 
        free(RSA_PRI_IQMP); 
        free(RSA_PRI_DMQ1); 
        free(RSA_PRI_DMP1); 
        free(RSA_PRI_D); 
        free(RSA_PRI_Q); 
        free(RSA_PRI_P); 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    CK_ATTRIBUTE PriKeyAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, prilab, sizeof(prilab)-1}, 
        {CKA_DECRYPT, &truevalue, sizeof(truevalue)}, 
        {CKA_SIGN, &truevalue, sizeof(truevalue)}, 
        {CKA_PRIVATE, &truevalue, sizeof(truevalue)}, 
        {CKA_MODULUS, RSA_PRI_N, BN_num_bytes(RSAPriKey->n)}, 
        {CKA_PUBLIC_EXPONENT, RSA_PRI_E, BN_num_bytes(RSAPriKey->e)}, 
        {CKA_PRIME_1, RSA_PRI_P, BN_num_bytes(RSAPriKey->p)}, 
        {CKA_PRIME_2, RSA_PRI_Q, BN_num_bytes(RSAPriKey->q)}, 
        {CKA_PRIVATE_EXPONENT, RSA_PRI_D, BN_num_bytes(RSAPriKey->d)}, 
        {CKA_EXPONENT_1, RSA_PRI_DMP1, BN_num_bytes(RSAPriKey->dmp1)}, 
        {CKA_EXPONENT_2, RSA_PRI_DMQ1, BN_num_bytes(RSAPriKey->dmq1)}, 
        {CKA_COEFFICIENT, RSA_PRI_IQMP, BN_num_bytes(RSAPriKey->iqmp)} 
    }; 

    Result = C_FindObjectsInit(Session, PriKeyAttr, 4); 
    if (Result != CKR_OK) 
    { 
        free(RSA_PRI_IQMP); 
        free(RSA_PRI_DMQ1); 
        free(RSA_PRI_DMP1); 
        free(RSA_PRI_D); 
        free(RSA_PRI_Q); 
        free(RSA_PRI_P); 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); 
    if ((Result == CKR_OK) && (ObjCount == 1)) 
    { 
        C_DestroyObject(Session, PriHandle); 
    } 

    Result = C_CreateObject( 
        Session, 
        PriKeyAttr, 
        15, 
        &PriHandle); 
    C_FindObjectsFinal(Session); 
    if (Result != CKR_OK) 
    { 
        free(RSA_PRI_IQMP); 
        free(RSA_PRI_DMQ1); 
        free(RSA_PRI_DMP1); 
        free(RSA_PRI_D); 
        free(RSA_PRI_Q); 
        free(RSA_PRI_P); 
        free(RSA_PRI_E); 
        free(RSA_PRI_N); 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 

    free(RSA_PRI_IQMP); 
    free(RSA_PRI_DMQ1); 
    free(RSA_PRI_DMP1); 
    free(RSA_PRI_D); 
    free(RSA_PRI_Q); 
    free(RSA_PRI_P); 
    free(RSA_PRI_E); 
    free(RSA_PRI_N); 
    RSA_free(RSAPriKey); 
    BIO_free(PriFile); 
    return TRUE; 
} 

BOOL ImportData(CK_SESSION_HANDLE Session) 
{ 
    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_DATA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE datalab[] = "Data"; 
    CK_BYTE databuf[1024] = {0}; 
    CK_ULONG databuflen = 1024; 
    CK_OBJECT_HANDLE DataHandle = 0; 
    CK_ULONG ObjCount = 0; 
    _ReadFile("data.txt", databuf, &databuflen); 
    CK_ATTRIBUTE DataAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, datalab, sizeof(datalab)-1}, 
        {CKA_VALUE, databuf, databuflen} 
    }; 
    Result = C_FindObjectsInit(Session, DataAttr, 3); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount); 
    if ((Result == CKR_OK) && (ObjCount == 1)) 
    { 
        C_DestroyObject(Session, DataHandle); 
    } 
    Result = C_CreateObject( 
        Session, 
        DataAttr, 
        4, 
        &DataHandle); 
    C_FindObjectsFinal(Session); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    return TRUE; 
} 
BOOL P11GernateRSA(CK_SESSION_HANDLE Session) 
{ 
    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS pubkeyclass = CKO_PUBLIC_KEY; 
    CK_OBJECT_CLASS prikeyclass = CKO_PRIVATE_KEY; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE pubkeylab[] = "P11PubKey"; 
    CK_BYTE prikeylab[] = "P11PriKey"; 
    CK_ULONG ModBit = 1024; 
    CK_OBJECT_HANDLE PubHandle = 0; 
    CK_OBJECT_HANDLE PriHandle = 0; 
    CK_ULONG ObjCount = 0; 
    CK_ATTRIBUTE PubKeyAttr[] = { 
        {CKA_CLASS, &pubkeyclass, sizeof(pubkeyclass)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, pubkeylab, sizeof(pubkeylab)-1}, 
        {CKA_ENCRYPT, &truevalue, sizeof(truevalue)}, 
        {CKA_VERIFY, &truevalue, sizeof(truevalue)}, 
        {CKA_PRIVATE, &falsevalue, sizeof (falsevalue)}, 
        {CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)} 
    }; 
    CK_ATTRIBUTE PriKeyAttr[] = { 
        {CKA_CLASS, &prikeyclass, sizeof(prikeyclass)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, prikeylab, sizeof(prikeylab)-1}, 
        {CKA_DECRYPT, &truevalue, sizeof(truevalue)}, 
        {CKA_SIGN, &truevalue, sizeof(truevalue)}, 
        {CKA_PRIVATE, &truevalue, sizeof(truevalue)}, 
        {CKA_MODULUS_BITS, &ModBit, sizeof(ModBit)} 
    }; 
    CK_MECHANISM mechanism = {CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0}; 

    Result = C_FindObjectsInit(Session, PubKeyAttr, 3); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); 
    if (Result == CKR_OK) 
    { 
        C_DestroyObject(Session, PubHandle); 
    } 
    C_FindObjectsFinal(Session); 
    Result = C_FindObjectsInit(Session, PriKeyAttr, 3); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); 
    if (Result == CKR_OK) 
    { 
        C_DestroyObject(Session, PriHandle); 
    } 
    C_FindObjectsFinal(Session); 
    Result = C_GenerateKeyPair( 
        Session, 
        &mechanism, 
        PubKeyAttr, 
        7, 
        PriKeyAttr, 
        7, 
        &PubHandle, 
        &PriHandle); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    return TRUE; 
} 
BOOL TestReadData(CK_SESSION_HANDLE Session) 
{ 
    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_DATA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE datalab[] = "Data"; 
    CK_BYTE databuf[1024] = {0}; 
    CK_ULONG databuflen = 1024; 
    CK_OBJECT_HANDLE DataHandle = 0; 
    CK_ULONG ObjCount = 0; 
    CK_ATTRIBUTE DataAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, datalab, sizeof(datalab)-1}, 
        {CKA_VALUE, databuf, databuflen} 
    }; 
    Result = C_FindObjectsInit(Session, DataAttr, 3); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount); 
    if ((Result != CKR_OK) || (ObjCount == 0)) 
    { 
        C_FindObjectsFinal(Session); 
        return FALSE; 
    } 
    Result = C_GetAttributeValue(Session, DataHandle, DataAttr, 4); 
    C_FindObjectsFinal(Session); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    printf("data:\n%s\n", DataAttr[3].pValue); 
    return TRUE; 
} 
BOOL TestWriteData(CK_SESSION_HANDLE Session) 
{ 
    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_DATA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE datalab[] = "Data"; 
    CK_BYTE databuf[] = "hello china"; 
    CK_ULONG databuflen = sizeof(databuf)-1; 
    CK_OBJECT_HANDLE DataHandle = 0; 
    CK_ULONG ObjCount = 0; 
    CK_ATTRIBUTE DataAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, datalab, sizeof(datalab)-1}, 
        {CKA_VALUE, databuf, databuflen} 
    }; 
    Result = C_FindObjectsInit(Session, DataAttr, 3); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &DataHandle, 1, &ObjCount); 
    if ((Result != CKR_OK) || (ObjCount == 0)) 
    { 
        C_FindObjectsFinal(Session); 
        return FALSE; 
    } 
    Result = C_SetAttributeValue(Session, DataHandle, DataAttr, 4); 
    C_FindObjectsFinal(Session); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    return TRUE; 
} 
BOOL TestP11RSAEncrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen) 
{ 
    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; 
    CK_KEY_TYPE keytype = CKK_RSA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE publab[] = "PubKey"; 
    CK_OBJECT_HANDLE PubHandle = 0; 
    CK_ULONG ObjCount = 0; 
    CK_ATTRIBUTE PubKeyAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, publab, sizeof(publab)-1}, 
    }; 
    CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; 
    Result = C_FindObjectsInit(Session, PubKeyAttr, 4); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); 
    C_FindObjectsFinal(Session); 
    if ((Result != CKR_OK) || (ObjCount == 0)) 
    { 
        return FALSE; 
    } 
    Result = C_EncryptInit(Session, &mechanism, PubHandle); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_Encrypt(Session, DeBuf, DeBufLen, EnBuf, EnBufLen); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    return TRUE; 
} 
BOOL TestP11RSADecrypt(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen) 
{ 
    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY; 
    CK_KEY_TYPE keytype = CKK_RSA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE prilab[] = "PriKey"; 
    CK_OBJECT_HANDLE PriHandle = 0; 
    CK_ULONG ObjCount = 0; 
    CK_ATTRIBUTE PriKeyAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, prilab, sizeof(prilab)-1} 
    }; 
    CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; 
    Result = C_FindObjectsInit(Session, PriKeyAttr, 4); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); 
    C_FindObjectsFinal(Session); 
    if ((Result != CKR_OK) || (ObjCount == 0)) 
    { 
        return FALSE; 
    } 
    Result = C_DecryptInit(Session, &mechanism, PriHandle); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_Decrypt(Session, EnBuf, EnBufLen, DeBuf, DeBufLen); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    return TRUE; 
} 
BOOL TestOpenSSLRSAEncrypt(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen) 
{ 
    BIO *PubFile = NULL; 
    RSA *RSAPubKey = NULL; 
    int Padding = RSA_PKCS1_PADDING; 
    CK_RV Result = CKR_OK; 
    PubFile = BIO_new(BIO_s_file()); 
    if (PubFile == NULL) 
    { 
        return FALSE; 
    } 
    Result = BIO_read_filename(PubFile, "PubKey.pub"); 
    if (Result != 1) 
    { 
        BIO_free(PubFile); 
        return FALSE; 
    } 
    RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL); 
    if (RSAPubKey == NULL) 
    { 
        BIO_free(PubFile); 
        return FALSE; 
    } 
    *EnBufLen = RSA_public_encrypt(DeBufLen, DeBuf, EnBuf, RSAPubKey, Padding); 
    if (*EnBufLen <= 0) 
    { 
        RSA_free(RSAPubKey); 
        BIO_free(PubFile); 
        return FALSE; 
    } 
    RSA_free(RSAPubKey); 
    BIO_free(PubFile); 
    return TRUE; 
} 
BOOL TestOpenSSLRSADecrypt(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG_PTR DeBufLen) 
{ 
    BIO *PriFile = NULL; 
    RSA *RSAPriKey = NULL; 
    int Padding = RSA_PKCS1_PADDING; 
    CK_RV Result = CKR_OK; 
    PriFile = BIO_new(BIO_s_file()); 
    if (PriFile == NULL) 
    { 
        return FALSE; 
    } 
    Result = BIO_read_filename(PriFile, "PriKey.pri"); 
    if (Result != 1) 
    { 
        BIO_free(PriFile); 
        return FALSE; 
    } 
    RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL); 
    if (RSAPriKey == NULL) 
    { 
        BIO_free(PriFile); 
        return FALSE; 
    } 
    *DeBufLen = RSA_private_decrypt(EnBufLen, EnBuf, DeBuf, RSAPriKey, Padding); 
    if (*DeBufLen <= 0) 
    { 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 
    RSA_free(RSAPriKey); 
    BIO_free(PriFile); 
    return TRUE; 
} 
BOOL TestP11RSASign(CK_SESSION_HANDLE Session, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen) 
{ 
    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_PRIVATE_KEY; 
    CK_KEY_TYPE keytype = CKK_RSA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE prilab[] = "PriKey"; 
    CK_OBJECT_HANDLE PriHandle = 0; 
    CK_ULONG ObjCount = 0; 
    CK_ATTRIBUTE PriKeyAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, prilab, sizeof(prilab)-1} 
    }; 
    CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; 
    Result = C_FindObjectsInit(Session, PriKeyAttr, 4); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &PriHandle, 1, &ObjCount); 
    C_FindObjectsFinal(Session); 
    if ((Result != CKR_OK) || (ObjCount == 0)) 
    { 
        return FALSE; 
    } 
    Result = C_SignInit(Session, &mechanism, PriHandle); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_Sign(Session, DeBuf, DeBufLen, EnBuf, EnBufLen); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    return TRUE; 
} 
BOOL TestP11RSAVerify(CK_SESSION_HANDLE Session, CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen) 
{ 
    CK_RV Result = CKR_OK; 
    CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; 
    CK_KEY_TYPE keytype = CKK_RSA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE publab[] = "PubKey"; 
    CK_OBJECT_HANDLE PubHandle = 0; 
    CK_ULONG ObjCount = 0; 
    CK_ATTRIBUTE PubKeyAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, publab, sizeof(publab)-1}, 
    }; 
    CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; 
    Result = C_FindObjectsInit(Session, PubKeyAttr, 4); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); 
    C_FindObjectsFinal(Session); 
    if ((Result != CKR_OK) || (ObjCount == 0)) 
    { 
        return FALSE; 
    } 
    Result = C_VerifyInit(Session, &mechanism, PubHandle); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    Result = C_Verify(Session, DeBuf, DeBufLen, EnBuf, EnBufLen); 
    if (Result != CKR_OK) 
    { 
        return FALSE; 
    } 
    return TRUE; 
} 
BOOL TestOpenSSLRSASign(CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen, CK_BYTE_PTR EnBuf, CK_ULONG_PTR EnBufLen) 
{ 
    BIO *PriFile = NULL; 
    RSA *RSAPriKey = NULL; 
    int Padding = RSA_PKCS1_PADDING; 
    CK_RV Result = CKR_OK; 
    PriFile = BIO_new(BIO_s_file()); 
    if (PriFile == NULL) 
    { 
        return FALSE; 
    } 
    Result = BIO_read_filename(PriFile, "PriKey.pri"); 
    if (Result != 1) 
    { 
        BIO_free(PriFile); 
        return FALSE; 
    } 
    RSAPriKey = d2i_RSAPrivateKey_bio(PriFile, NULL); 
    if (RSAPriKey == NULL) 
    { 
        BIO_free(PriFile); 
        return FALSE; 
    } 
    Result = RSA_sign(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, (unsigned int*)EnBufLen, RSAPriKey); 
    if (Result != 1) 
    { 
        RSA_free(RSAPriKey); 
        BIO_free(PriFile); 
        return FALSE; 
    } 
    RSA_free(RSAPriKey); 
    BIO_free(PriFile); 
    return TRUE; 
} 
BOOL TestOpenSSLRSAVerify(CK_BYTE_PTR EnBuf, CK_ULONG EnBufLen, CK_BYTE_PTR DeBuf, CK_ULONG DeBufLen) 
{ 
    BIO *PubFile = NULL; 
    RSA *RSAPubKey = NULL; 
    int Padding = RSA_PKCS1_PADDING; 
    CK_RV Result = CKR_OK; 
    PubFile = BIO_new(BIO_s_file()); 
    if (PubFile == NULL) 
    { 
        return FALSE; 
    } 
    Result = BIO_read_filename(PubFile, "PubKey.pub"); 
    if (Result != 1) 
    { 
        BIO_free(PubFile); 
        return FALSE; 
    } 
    RSAPubKey = d2i_RSA_PUBKEY_bio(PubFile, NULL); 
    if (RSAPubKey == NULL) 
    { 
        BIO_free(PubFile); 
        return FALSE; 
    } 
    Result = RSA_verify(NID_md5_sha1, DeBuf, DeBufLen, EnBuf, EnBufLen, RSAPubKey); 
    if (Result != 1) 
    { 
        RSA_free(RSAPubKey); 
        BIO_free(PubFile); 
        return FALSE; 
    } 
    RSA_free(RSAPubKey); 
    BIO_free(PubFile); 
    return TRUE; 
} 
RSA* GetRSAPubKey(CK_SESSION_HANDLE Session) 
{ 
    CK_RV Result = CKR_OK; 
    RSA *PubKey = NULL; 
    CK_OBJECT_CLASS objectclass = CKO_PUBLIC_KEY; 
    CK_KEY_TYPE keytype = CKK_RSA; 
    CK_BYTE truevalue = TRUE; 
    CK_BYTE falsevalue = FALSE; 
    CK_BYTE publab[] = "PubKey"; 
    CK_OBJECT_HANDLE PubHandle = 0; 
    CK_ULONG ObjCount = 0; 
    CK_BYTE RSA_PUB_N[1024] = {0}; 
    CK_ULONG RSA_PUB_N_LEN = 1024; 
    CK_BYTE RSA_PUB_E[1024] = {0}; 
    CK_ULONG RSA_PUB_E_LEN = 1024; 
    CK_ATTRIBUTE PubKeyAttr[] = { 
        {CKA_CLASS, &objectclass, sizeof(objectclass)}, 
        {CKA_KEY_TYPE, &keytype, sizeof(keytype)}, 
        {CKA_TOKEN, &truevalue, sizeof (truevalue)}, 
        {CKA_LABEL, publab, sizeof(publab)-1}, 
        {CKA_ENCRYPT, &truevalue, sizeof(truevalue)}, 
        {CKA_VERIFY, &truevalue, sizeof(truevalue)}, 
        {CKA_PRIVATE, &falsevalue, sizeof(falsevalue)}, 
        {CKA_MODULUS, RSA_PUB_N, RSA_PUB_N_LEN}, 
        {CKA_PUBLIC_EXPONENT, RSA_PUB_E, RSA_PUB_E_LEN} 
    }; 
    CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL_PTR, 0}; 
    Result = C_FindObjectsInit(Session, PubKeyAttr, 4); 
    if (Result != CKR_OK) 
    { 
        return NULL; 
    } 
    Result = C_FindObjects(Session, &PubHandle, 1, &ObjCount); 
    C_FindObjectsFinal(Session); 
    if ((Result != CKR_OK) || (ObjCount == 0)) 
    { 
        return NULL; 
    } 
    Result = C_GetAttributeValue(Session, PubHandle, PubKeyAttr, 9); 
    if (Result != CKR_OK) 
    { 
        return NULL; 
    } 
    PubKey = RSA_new(); 
    PubKey->n = BN_bin2bn((const unsigned char*)PubKeyAttr[7].pValue, PubKeyAttr[7].ulValueLen, NULL); 
    PubKey->e = BN_bin2bn((const unsigned char*)PubKeyAttr[8].pValue, PubKeyAttr[8].ulValueLen, NULL); 
    return PubKey; 
} 
VOID FreeRSA(RSA *rsa) 
{ 
    if (rsa != NULL) 
    { 
        RSA_free(rsa); 
    } 
}

wdt3385
关注
  • 1
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
PKCS#11部分使用,仅供参考
rambo的专栏
12-24 5529
//PKCS#11部分使用,仅供参考 BOOL _ReadFile(LPCSTR FilePath, BYTE *FileContent, DWORD *FileLength){    FILE *stream = NULL;    DWORD ContentLen = 0;    DWORD ReadLen = 0;    if ((FilePath =
PKCS11标准(中文版)
03-03
这是PKCS #11 v2.11令牌接口标准,详细描述了PKCS11的各种技术概念和开发标准,主要提供给开发人员,用于系统的设计、开发。
PKCS#11的应用--USBKEY
Netfilter
07-19 8147
ssl是一个安全协议,为互联网应用提供了安全,数字证书被证明能够带来比单纯的密或者指纹,瞳孔认证之类的方式更安全的保护,可是如此安全的机制需要一个安全的基层平台,事实证明计算机并不是一个足够安全的平台,计算机好比公共汽车,而操作系统以及C库的调用规范或者安全级别的设计被视为道德,众做周知道德不是强制的,它只在遵守它的实体中间起作用,比如堆栈的使用提供了强有力的安全机制和性能因素,可是还可以用于溢出,即使有弥补的方法也不能彻底根治,实为道高一筹魔高一丈,本质上说计算机是一个不安全的模型,公用内存就是黑客和白
PKCS#11标准解读-Cryptoki库如何工作(4)
好习惯成就伟大
04-25 1000
此为完结篇,介绍Cryptoki库如何工作。 PKCS#11使用非常普遍的密设备接口,在实际应用中,国密的密设备应用接口规范GMT0018与之作用相同,在技术体系架构中处于类似的位置。 在密产品的开发中,按照PKCS#11或者GMT0018接口规范提供相应的接口封装,应用程序无需改动或者微小改动就可以更换底层密设备。 PKCS#11的标准内容比较多,v2-20版本有400页,相应的,PKCS#11的标准解读,将按照概念及常用接口、角色、会话、对象、机制分别进行,最后介绍应用的调用流程,串起各
JRE包,uniapp生成自有证书使用
09-01
在IT行业中,尤其是在移动应用开发领域,安全性和签名证书是至关重要的部分。本文将深入探讨“JRE包,uniapp生成自有证书使用”的主题,针对Android平台,详细讲解如何使用uniapp来创建和使用自签名的SSL证书,以及...
学代完整版密学代完整版
01-21
9. **PKCS#7**:PKCS(Public-Key Cryptography Standards)是一系列关于密学的标准,其中PKCS#7定义了一种数据封装格式,用于包含数字签名、证书、加密等信息。它允许填充数据以适应特定的块大小,确保了数据完整...
day-04job.zip
最新发布
11-01
加密过程使用了特定的算法,如传统的PKCS#5 (使用DES或AES),或者更现代的加密标准,如AES-256。 5. **在编程中的应用**:在编程领域,许多语言都有处理ZIP文件的库或API。例如,Python有`zipfile`模块,Java有`...
集中式对称密钥分配
11-16
我们将以Java编程语言为例,解析其在信息安全课程实验中的应用。 首先,对称密钥加密是密学中最基础的加密方式。在这种方法中,加密和解密使用的是同一把密钥。虽然对称加密速度快、效率高,但密钥的管理和分发...
【windows环境 PKCS11库Demo 用于劫持PKCS11库并打印参数】
qq_43368574的博客
04-17 813
windows环境 PKCS11库Demo 用于劫持PKCS11库并打印参数背景PKCS11函数表功能快捷键合理的创建标题,有助于目录的生成如何改变文本的样式插入链接与图片如何插入一段漂亮的代片生成一个适合你的列表创建一个表格设定内容居中、居左、居右SmartyPants创建一个自定义列表如何创建一个注脚注释也是必不可少的KaTeX数学公式新的甘特图功能,丰富你的文章UML 图表FLowchart流程图导出与导入导出导入 背景 PKCS(Public—Key Cryptography Standards)
Solaris中的PKCS11接口参考
happy井二胖
11-16 2830
转自http://blog.csdn.net/ymt/article/details/5033872 Cryptoki 库概述 Solaris 加密框架中的用户级应用程序通过 libpkcs11.so 模块中所提供的 cryptoki 库来访问 PKCS #11 函数。pkcs11_softtoken.so 模块是由 Sun Microsystems, Inc. 提供的 PKCS
PKCS#11与OpenSSL RSA加解密代示例
wangminshe89
12-16 212
BOOL _ReadFile(LPCSTR FilePath, BYTE *FileContent, DWORD *FileLength) { FILE *stream = NULL; DWORD ContentLen = 0; DWORD ReadLen = 0; if ((FilePath == NULL) || (FileLength ...
PKCS#11数据加密国际标准解读-对象
安当加密
12-13 674
PKCS#11标准解读-对象,此为第三篇,介绍对象和属性。 PKCS#11使用非常普遍的密设备接口,在实际应用中,国密的密设备应用接口规范GMT0018与之作用相同,在技术体系架构中处于类似的位置。 在密产品的开发中,按照PKCS#11或者GMT0018接口规范提供相应的接口封装,应用程序无需改动或者微小改动就可以更换底层密设备。 PKCS#11的标准内容比较多,v2-20版本有400页,相应的,PKCS#11的标准解读,将按照概念及常用接口、角色、会话、对象、机制分别进行,最后介绍应用的调
所有常见证书处理函数的实现
zhulianhai0927的专栏
04-01 1282
// 转换私钥编格式          BOOL ConvertKeyFormat(char *oldKey,int oldKeyLen,int oldFormat,      char *newKeyFile,int newFormat)     {      EVP_PKEY *key=NULL;      BIO *biout=NULL;      int ret;    
PKCS11接口解析
热门推荐
zhubeifen_521的博客
04-17 1万+
pkcs中间件位于上层应用和底层安全设备之间,应用基于 PKCS#11 标准接口开发各类应用程序。主要包括2个库 主API库: 提供给应用的PKCS11接口。 tokenDLL库:由主 API 库调用,完成从上向下到指定设备的套接。 安全密设备:安全服务资源和实施的载体,完成具体安全功能支撑。 表pkcs11函数接口 种类 函数 ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值