开源opensc工程windows平台下编译,自己结合实际项目中的操作记录下来。至于接口的编写下一篇文章会来介绍。
在Google上搜了一下opensc的简介,没有,算了还是自己说吧。
opensc官方网站http://www.opensc-project.org/
工程简介:对于智能卡的访问,opensc工程提供了一套库和工具。opensc重点放在了卡片的密码操作,推进卡片的应用如邮件加密、认证和签名。opensc实现了PKCS#11的API以便支持Mozilla FireFox(浏览器)和Thunderbird(邮件客户端)能使用它。opensc实现了PKCS#15标准以便兼容所有的应用。
opensc支持以下卡片:
National ID Cards
· Taiwan
· Austrian Bürgerkarte, e-card
· United States PIV card applet
Smart Cards
· Schlumberger/Axalto Cryptoflex
· Schlumberger/Axalto Cyberflex
· EMV
· IBM JCOP
· Micardo
· Oberthur
· OpenPGP
· TCOS based cards (NetKey E4, SignTrust, Smartkey)
USB Tokens
· Rainbow iKey 4000 not supported
· Feitian ePass3000 (中国飞天诚信的epass3000)
二、编译环境
操作系统:Windows XP SP3
开发工具:vistual C++
代码:Engine-pkcs11-0.1.8.tar.gz
库:openssl 0.9.8l.tar.gz、libtool-1.5.26-lib.zip、libp11-0.2.7.tar.gz
三、编译过程
由于engine_pkcs11-0.1.8 使用了libp11-0.2.7库文件,而ibp11-0.2.7库文件又使用了libtool-1.5.26-lib,所以先编译libp11-0.2.7,再编译engine_pkcs11-0.1.8。(libtool-1.5.26-lib在下载时就已经编译好了)
3.1. libtool-1.5.26-lib解压缩至c:/下:其中文件目录如下:
3.2. openssl:把tar.gz包解压至c:/下,编译之,步骤略(google上有很多在windows下编译openssl的例子)
3.3 编译libp11-0.2.7 文件:编辑src/ Makefile.mak。下面贴出编辑好的文件:
LIBLTDL_INC = /IC:/libtool-1.5.26-lib/include # E.g. /IC:/libtool-1.5.8-lib/include 修改为自己电脑上libtool的库文件
LIBLTDL_LIB = C:/libtool-1.5.26-lib/lib/ltdl.lib # E.g. C:/libtool-1.5.8-lib/lib/libltdl.lib 修改为自己电脑上libtool的库文件
OPENSSL_INC = /IC:/openssl-0.9.8l/include # e.g. /IC:/openssl/include 修改为自己电脑上openssl的库文件
OPENSSL_LIB = C:/openssl-0.9.8l/out32dll/libeay32.lib # eg. C:/openssl/out32dll/libeay32.lib修改为自己电脑上openssl的库文件
COPTS = /Zi /MD /nologo /I../ /I. $(OPENSSL_INC) $(LIBLTDL_INC) /D_WIN32_WINNT=0x0400 /DWIN32 /DWIN32_LEAN_AND_MEAN
LINKFLAGS = /DEBUG /NOLOGO /INCREMENTAL:NO /MACHINE:IX86
TARGET = libp11.dll
OBJECTS = libpkcs11.obj p11_attr.obj p11_cert.obj p11_err.obj /
p11_key.obj p11_load.obj p11_misc.obj p11_rsa.obj p11_slot.obj p11_ops.obj
all: $(TARGET) versioninfo.res
RSC_PROJ=/l 0x809 /r /fo"versioninfo.res"
versioninfo.res: versioninfo.rc
rc $(RSC_PROJ) versioninfo.rc
.c.obj::
cl $(COPTS) /c $<
$(TARGET): $(OBJECTS) versioninfo.res
echo LIBRARY $* > $*.def
echo EXPORTS >> $*.def
type $*.exports >> $*.def
link $(LINKFLAGS) /dll /def:$*.def /implib:$*.lib /out:$(TARGET) /
$(OBJECTS) $(OPENSSL_LIB) $(LIBLTDL_LIB) versioninfo.res
if EXIST $*.dll.manifest mt -manifest $*.dll.manifest -outputresource:$*.dll;2
进入cmd的 C:/libp11-0.2.7> 编译 nmake -f Makefile.mak 。输出为:
Microsoft (R) Program Maintenance Utility Version 6.00.8168.0
Copyright (C) Microsoft Corp 1988-1998. All rights reserved.
已复制 1 个文件。
rc /l 0x809 /r /fo"versioninfo.res" versioninfo.rc
cl /Zi /MD /nologo /I../ /I. /IC:/openssl-0.9.8l/include /IC:/libtool-1.
5.26-lib/include /D_WIN32_WINNT=0x0400 /DWIN32 /DWIN32_LEAN_AND_MEAN /c libpkcs1
1.c p11_attr.c p11_cert.c p11_err.c p11_key.c p11_load.c p11_misc.c p11_rsa.c p1
1_slot.c p11_ops.c
libpkcs11.c
p11_attr.c
p11_cert.c
p11_err.c
p11_key.c
p11_load.c
p11_misc.c
p11_rsa.c
p11_slot.c
p11_ops.c
Generating Code...
echo LIBRARY libp11 > libp11.def
echo EXPORTS >> libp11.def
type libp11.exports >> libp11.def
link /DEBUG /NOLOGO /INCREMENTAL:NO /MACHINE:IX86 /dll /def:libp11.def /
implib:libp11.lib /out:libp11.dll libpkcs11.obj p11_attr.obj p11_cert.obj p11_e
rr.obj p11_key.obj p11_load.obj p11_misc.obj p11_rsa.obj p11_slot.
此时生成了libp11.dll和libp11.lib 文件,编译ok
在目录下新建两个文件include和lib ,在inlcude中copy这些头文件config.h、winconfig.h、pkcs11.h 、libp11.h 、libp11-int.h ;而在lib文件夹中copy进 libp11.lib和libp11.dll 就可以了。
3.4 编译engine_pkcs11-0.1.8 文件:把tar.gz包解压至c:/下,编辑src / Makefile.mak。下面贴出编辑好的文件:
# - set the OPENSSL_INCL_DIR below to your openssl include directory, preceded by "/I"
# - set the OPENSSL_LIB below to your openssl lib file
# Note: these instructions obsolete the instructions in opensc.html
OPENSSL_INC = /IC:/openssl-0.9.8l/include # eg. /IC:/openssl/include 修改为自己电脑上openssl的库文件
OPENSSL_LIB = C:/openssl-0.9.8l/out32dll/libeay32.lib # eg. C:/openssl/lib/libeay32.lib修改为自己电脑上openssl的库文件
LIBP11_INC = /IC:/libp11-0.2.7/include # eg. /IC:/libp11/include修改为自己电脑上libp11的库文件
LIBP11_LIB = C:/libp11-0.2.7/lib/libp11.lib # eg. C:/libp11/lib/libp11.lib修改为自己电脑上libp11的库文件
COPTS = /Zi /MD /nologo /I../ /DHAVE_CONFIG_H $(OPENSSL_INC) $(LIBP11_INC) /D_WIN32_WINNT=0x0400 /DWIN32_LEAN_AND_MEAN /DHAVE_OPENSSL
LINKFLAGS = /DEBUG /NOLOGO /INCREMENTAL:NO /MACHINE:IX86
TARGET = engine_pkcs11.dll
OBJECTS = engine_pkcs11.obj hw_pkcs11.obj
all: $(TARGET)
.c.obj::
cl $(COPTS) /c $<
$(TARGET): $(OBJECTS) .
echo LIBRARY $* > $*.def
echo EXPORTS >> $*.def
type $*.exports >> $*.def
link $(LINKFLAGS) /dll /def:$*.def /implib:$*.lib /out:$(TARGET) $(OBJECTS) $(OPENSSL_LIB) $(LIBP11_LIB) gdi32.lib
进入cmd的 C:/ engine_pkcs11-0.1.8>
由于此目录中没有Makefile.mak 将 libp11-0.2.7 目录中的Makefile.mak文件copy到此处。
编译 nmake -f Makefile.mak 。输出为:
Microsoft (R) Program Maintenance Utility Version 6.00.8168.0
Copyright (C) Microsoft Corp 1988-1998. All rights reserved.
cl /Zi /MD /nologo /I../ /DHAVE_CONFIG_H /IC:/openssl-0.9.8l/include /IC
:/libp11-0.2.7/include /D_WIN32_WINNT=0x0400 /DWIN32_LEAN_AND_MEAN /DHAVE_OPENSS
L /c engine_pkcs11.c hw_pkcs11.c
engine_pkcs11.c
hw_pkcs11.c
hw_pkcs11.c(179) : warning C4028: formal parameter 5 different from declaration
hw_pkcs11.c(179) : warning C4024: 'ENGINE_set_ctrl_function' : different types f
or formal and actual parameter 2
Generating Code...
echo LIBRARY engine_pkcs11 > engine_pkcs11.def
echo EXPORTS >> engine_pkcs11.def
type engine_pkcs11.exports >> engine_pkcs11.def
link /DEBUG /NOLOGO /INCREMENTAL:NO /MACHINE:IX86 /dll /def:engine_pkcs1
1.def /implib:engine_pkcs11.lib /out:engine_pkcs11.dll engine_pkcs11.lib 2
此时,engine_pkcs11也编译ok了,可以开始编写接口代码了。代码下一篇文章会贴出:
下面是上面那位网友写的一个关于 opensc 的编译方法,我自己也试过了,可以生成一些命令,结合 OpenSSL 一起使用。
3.5编译opensc-0.11.12 文件:把tar.gz包解压至c:/下,编辑win32 / Make.rules.mak。下面贴出编辑好的文件:
# Note: these instructions obsolete the instructions in opensc.html
# You first need to download the gnuwin32 libtool (e.g. the "Binaries" and "Developer
# files" from http://gnuwin32.sourceforge.net/packages/libtool.htm)
# Then fill in the directory path to ltdl.h on the LIBLTDL_INCL line below, preceeded
# by an "/I"; and fill in the path to the libltdl.lib on the LIBLTDL_LIB line below.
# Then you can build this OpenSC package; and afterwards you'll need to copy the
# libltdl3.dll somewhere on your execution path.
LIBLTDL_INCL = /IC:/libtool-1.5.26-bin/include # E.g. /IC:/libtool-1.5.8-lib/include (这里改成你自己的路径,我的是c盘)
LIBLTDL_LIB = C:/libtool-1.5.26-bin/lib/ltdl.lib # E.g. C:/libtool-1.5.8-lib/lib/libltdl.lib(这里改成你自己的路径,我的是c盘)
OPENSC_FEATURES = pcsc
# If you want support for OpenSSL (needed for a.o. pkcs15-init tool and openssl engine):
# - download and build OpenSSL
# - uncomment the line starting with OPENSSL_DEF
# - set the OPENSSL_INCL_DIR below to your openssl include directory, preceded by "/I"
# - set the OPENSSL_LIB below to your openssl lib file
OPENSSL_DEF = /DENABLE_OPENSSL #把这个选项打开,源代码中使用了openssl,不然会报错
!IF "$(OPENSSL_DEF)" == "/DENABLE_OPENSSL"
OPENSSL_INCL_DIR = /IE:/软件/加密库/openssl/openssl-0.9.7c/include #改这里的路径
OPENSSL_LIB = E:/软件/加密库/openssl/openssl-0.9.7c/out32dll/Debug/libeay32.lib #指向编译好的libeay32.lib
PROGRAMS_OPENSSL = pkcs15-init.exe cryptoflex-tool.exe netkey-tool.exe piv-tool.exe
OPENSC_FEATURES = $(OPENSC_FEATURES) openssl
!ENDIF
# If you want support for zlib (Used for PIV, infocamere and actalis:
# - Download zlib and build
# - uncomment the line starting with ZLIB_DEF
# - set the ZLIB_INCL_DIR below to the zlib include lib proceeded by "/I"
# - set the ZLIB_LIB below to your zlib lib file
#ZLIB_DEF = /DENABLE_ZLIB
!IF "$(ZLIB_DEF)" == "/DENABLE_ZLIB"
ZLIB_INCL_DIR = /IC:/ZLIB/INCLUDE
ZLIB_LIB = C:/ZLIB/LIB/zlib.lib
OPENSC_FEATURES = $(OPENSC_FEATURES) zlib
!ENDIF
COPTS = /D_CRT_SECURE_NO_DEPRECATE /Zi /MD /nologo /DHAVE_CONFIG_H /I$(TOPDIR)/src/include /I$(TOPDIR)/src/include/opensc /I$(TOPDIR)/src/common $(OPENSSL_INCL_DIR) $(ZLIB_INCL_DIR) $(LIBLTDL_INCL) /D_WIN32_WINNT=0x0400 /DWIN32_LEAN_AND_MEAN $(OPENSSL_DEF) $(ZLIB_DEF) /DOPENSC_FEATURES="/"$(OPENSC_FEATURES)/""
LINKFLAGS = /DEBUG /NOLOGO /INCREMENTAL:NO /MACHINE:IX86
install-headers:
@for %i in ( $(HEADERS) ) do /
@xcopy /d /q /y %i $(HEADERSDIR) > nul
install-headers-dir:
@for %i in ( $(HEADERSDIRFROM2) ) do /
@xcopy /d /q /y %i/*.h $(HEADERSDIR2)/*.h > nul
.c.obj::
cl $(COPTS) /c $<
.rc.res::
rc /l 0x0409 /r $<
clean::
del /Q *.obj *.dll *.exe *.pdb *.lib *.def
打开vistudio studio .net 2003 command prompt 窗口,然后在opensc根目录下执行 nmake -f Makefile.mak,编译成功!
opensc是对pkcs 15的实现?好像并不没有实现pkcs11
opensc没有实现pkcs11,是对pkcs11又封了一层对上层提供服务