PKCS11:查找公钥对象

        在PKCS11中,如果要查找公钥对象,需要对应对象属性模板。一般公钥对象分为“加密公钥”和“验证签名公钥”,由此可以定义两个不同的属性模板。比如:

1、加密公钥查找属性模板:

	CK_ATTRIBUTE encryptKey_Attrs[ 5 ] = {
		{ CKA_CLASS, (unsigned *)&ckoPubKey, sizeof(unsigned) },
		{ CKA_TOKEN, (unsigned char *)&trueValue, 1 },
		{ CKA_PRIVATE, (unsigned char *)&falseValue, 1 },
		{ CKA_ENCRYPT, (unsigned char *)&trueValue, 1 },
		{ CKA_KEY_TYPE, (LPBYTE)&ckkRsa, 4 },
	};

2、验签公钥查找属性模板:

	CK_ATTRIBUTE verifyKey_Attrs[ 5 ] = {
		{ CKA_CLASS, (unsigned *)&ckoPubKey, sizeof(unsigned) },
		{ CKA_TOKEN, (unsigned char *)&trueValue, 1 },
		{ CKA_PRIVATE, (unsigned char *)&falseValue, 1 },
		{ CKA_VERIFY, (unsigned char *)&trueValue, 1 },
		{ CKA_KEY_TYPE, (LPBYTE)&ckkRsa, 4 },
	};

其中:

ckoPubKey定义为:CKO_PUBLIC_KEY

ckkRsa定义为:CKK_RSA

trueValue定义为:1

falseValue定义为:0

        有了模板之后,可以根据实际需要、指定公钥算法类型等进行查找。完整代码如下:

CK_OBJECT_HANDLE _FindPubKeyObj(CK_SESSION_HANDLE hSession, BOOL bIsExchKey, ULONG ckaType, LPBYTE data, ULONG size)
{
	CK_RV rv = CKR_OK;
	CK_ULONG findCount = 0;
	CK_OBJECT_HANDLE hKey = 0;
	CK_ATTRIBUTE encryptKey_Attrs[ 5 ] = {
		{ CKA_CLASS, (unsigned *)&ckoPubKey, sizeof(unsigned) },
		{ CKA_TOKEN, (unsigned char *)&trueValue, 1 },
		{ CKA_PRIVATE, (unsigned char *)&falseValue, 1 },
		{ CKA_ENCRYPT, (unsigned char *)&trueValue, 1 },
		{ ckaType, data, size },
	};
	CK_ATTRIBUTE verifyKey_Attrs[ 5 ] = {
		{ CKA_CLASS, (unsigned *)&ckoPubKey, sizeof(unsigned) },
		{ CKA_TOKEN, (unsigned char *)&trueValue, 1 },
		{ CKA_PRIVATE, (unsigned char *)&falseValue, 1 },
		{ CKA_VERIFY, (unsigned char *)&trueValue, 1 },
		{ ckaType, data, size },
	};

	FUNC_BEGIN;
	rv = m_pPKCS11Proxy->C_FindObjectsInit( hSession, bIsExchKey ? encryptKey_Attrs : verifyKey_Attrs, data ? 5 : 4);
	rv = m_pPKCS11Proxy->C_FindObjects( hSession, &hKey, 1, &findCount);
	rv = m_pPKCS11Proxy->C_FindObjectsFinal( hSession );
	FUNC_END;

	return hKey;
}
如果要查找RSA加密公钥,则只需调用:

CK_OBJECT_HANDLE hPubKey = 0;
hPubKey = _FindPubKeyObj(m_hSession, TRUE, CKA_KEY_TYPE, (LPBYTE)&ckkRsa, 4);
如果是查找验证签名公钥,则只需要调用:

CK_OBJECT_HANDLE hPubKey = 0;
hPubKey = _FindPubKeyObj(m_hSession, FLASE, CKA_KEY_TYPE, (LPBYTE)&ckkRsa, 4);


©️2020 CSDN 皮肤主题: 大白 设计师: CSDN官方博客 返回首页
实付0元
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值