TEST(SKF_DEV_MANAGE,SKF_ConnectDev_Test)
{
ULONG result;
SKF_ConnectDev skf_connetDev = SKF_ConnectDev(GetProcAddress(hmodule,"SKF_ConnectDev"));
devHandle = new DEVHANDLE();
result = skf_connetDev(devName,devHandle);
EXPECT_EQ(0,(int)result);
EXPECT_NE(0,(int)(*devHandle));
}
TEST(SKF_ACCESS_CONTROL,SKF_DEVAUTH_Test)
{
ULONG result;
/*BYTE pbRandom[32] = {0};
SKF_GenRandom skf_genRandom = SKF_GenRandom(GetProcAddress(hmodule,"SKF_GenRandom"));
result = skf_genRandom(*devHandle,pbRandom,8);
EXPECT_EQ(0,(int)result);*/
SKF_ConnectDev skf_connetDev = SKF_ConnectDev(GetProcAddress(hmodule,"SKF_ConnectDev"));
devHandle = new DEVHANDLE();
result = skf_connetDev(devName,devHandle);
EXPECT_EQ(0,(int)result);
BYTE* pbRandom =(BYTE*) malloc(sizeof(BYTE)*32);
SKF_GenRandom skf_genRandom = SKF_GenRandom(GetProcAddress(hmodule,"SKF_GenRandom"));
result = skf_genRandom(*devHandle,pbRandom,8);
EXPECT_EQ(0,(int)result);
HANDLE hKey = NULL;
char *dev_auth_key = "1234567812345678";
SKF_SetSymmKey skf_setSymmKey = SKF_SetSymmKey(GetProcAddress(hmodule,"SKF_SetSymmKey"));
result = skf_setSymmKey(*devHandle,(unsigned char*)dev_auth_key,0x00000401,&hKey);
EXPECT_EQ(0,(int)result);
SKF_EncryptInit skf_encryptInit = SKF_EncryptInit(GetProcAddress(hmodule,"SKF_EncryptInit"));
BLOCKCIPHERPARAM bp = {0};
result = skf_encryptInit(hKey, bp);
EXPECT_EQ(0,(int)result);
SKF_Encrypt skf_encrypt = SKF_Encrypt(GetProcAddress(hmodule,"SKF_Encrypt"));
BYTE szEncryptedData[256] = {0};
ULONG ulEncryptedDataLen = 256;
result = skf_encrypt(hKey, pbRandom, 16, szEncryptedData, &ulEncryptedDataLen);
EXPECT_EQ(0,(int)result);
SKF_DevAuth skf_devAuth = SKF_DevAuth(GetProcAddress(hmodule,"SKF_DevAuth"));
result = skf_devAuth(*devHandle,szEncryptedData,ulEncryptedDataLen);
EXPECT_EQ(0,(int)result);
}
int main(int argc, char * argv[])
{
unsigned long ulRet = 0;
unsigned long ulRetry = 0;
unsigned long len = 0;
OPST_DEV szDevValue[MAX_DEV_NUM] = {0};
unsigned long ulDevCount = MAX_DEV_NUM;
unsigned long pw_usb_len = 8;
unsigned char pw_usb_value[] = "88888888";
OPT_HDEVICE hDevice = NULL;
OPT_HCONTAINER hContainer = NULL;
unsigned char ContainerTest[] = "testContainer";
OPST_CONTAINER szConValue[10];
unsigned long ulConCount = 10;
unsigned long ulConType = OPE_CON_TYPE_ENCYPT;
unsigned long timeStart = 0;
unsigned long timeEnd = 365 * 10;
unsigned char * data_value = NULL;
unsigned long data_len = 1024 * 20;
unsigned char * data_value_csr = NULL;
unsigned long data_len_csr = 1024 * 20;
unsigned char * data_value_cert = NULL;
unsigned long data_len_cert = 1024 * 20;
unsigned long prv_data_len = 32;
unsigned long x_data_len = 32;
unsigned long y_data_len = 32;
unsigned char * data_value_ca = NULL;
unsigned long data_len_ca = 1024 * 20;
unsigned long ulUserID[4] = {0};
unsigned long data_len_crl = 1024 * 2;
unsigned char data_value_crl[2048];
data_value = (unsigned char *)malloc(data_len);
data_value_cert = (unsigned char *)malloc(data_len_cert);
data_value_csr = (unsigned char *)malloc(data_len_csr);
data_value_ca = (unsigned char *)malloc(data_len_ca);
unsigned char prv_data_value[] = {
0x61 , 0x56 , 0xb0 , 0xf6 , 0x27 , 0x57 , 0x26 , 0xdc ,
0x21 , 0xae , 0x6c , 0x68 , 0xbc , 0x49 , 0x82 , 0xe6 ,
0x67 , 0x51 , 0x6c , 0xe9 , 0xfd , 0x59 , 0x0d , 0x58 ,
0xdd , 0x54 , 0x32 , 0xb7 , 0x88 , 0x6a , 0x23 , 0x70};
unsigned char x_data_value[] = {
0x91 , 0x1b , 0x13 , 0x80 , 0x41 , 0xbe , 0x68 , 0x6f ,
0xa9 , 0x52 , 0xd6 , 0xb4 , 0x2d , 0x93 , 0xcc , 0x10 ,
0x14 , 0xe7 , 0xd5 , 0x0c , 0x05 , 0x22 , 0xfb , 0x8a ,
0xdb , 0x98 , 0xd2 , 0x3b , 0x3a , 0xf6 , 0x45 , 0x23};
unsigned char y_data_value[] = {
0x40 , 0xaf , 0xbb , 0xd1 , 0x85 , 0xea , 0x29 , 0x3c ,
0x58 , 0x54 , 0xb6 , 0xe6 , 0x9e , 0x05 , 0x0e , 0xc7 ,
0xbb , 0xea , 0x6b , 0xda , 0xb9 , 0x8c , 0xee , 0x6e ,
0x4d , 0x85 , 0xa5 , 0x71 , 0x81 , 0x79 , 0xf8 , 0xb1};
OPST_USERINFO userInfo = {0};
wchar_t* countryName = L"中国";
wchar_t* stateOrProvinceName = L"北京";
wchar_t* localityName = L"北京";
wchar_t* organizationName = L"赢达信";
wchar_t* organizationalUnitName = L"赢达信";
wchar_t* commonName = L"李强强";
wchar_t* emailAddress = L"*****@*****.**";
wchar_t* challengePassword = L"123";
wchar_t* unstructuredName = L"测试";
HANDLE hHandlePCI = 0, hHandleSession = 0;
char * str_xy =
"MIICuDCCAl6gAwIBAgIKFBEAAAAAAAAIQzAKBggqgRzPVQGDdTBNMQswCQYDVQQGEwJDTjERMA8GA1UECgwIQ0hJTkFNU0ExETAPBgNVBAsMCENISU5BTVNBMRgwFgYDVQQDDA9DSElOQU1TQSBTTTIgQ0EwHhcNMTUwOTEwMTYwMDAwWhcNMTgwOTExMTU1OTU5WjBTMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYDVQQHDAbkuJzln44xIjAgBgNVBAMMGea1t+S6i+S4quS6uua1i+ivlVRG5Y2hMTAwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATU7yKIK31DFXlYglDck41GUpeVaFU5+64d0IHRLg3LashmnoS659CTBZAt9iuhQh32H17F+3UgSdEBcpoSXzaVo4IBHjCCARowHwYDVR0jBBgwFoAUcWzpmZA0N7fJ6ciCy5fLmv72uF0wHQYDVR0OBBYEFN27An45JjWvMK5c6/ywmPmyp8sfMAsGA1UdDwQEAwIGwDCBpgYDVR0fBIGeMIGbMGigZqBkpGIwYDELMAkGA1UEBhMCQ04xETAPBgNVBAoMCENISU5BTVNBMREwDwYDVQQLDAhDSElOQU1TQTEYMBYGA1UEAwwPQ0hJTkFNU0EgU00yIENBMREwDwYDVQQDEwhjYTExY3JsMTAvoC2gK4YpaHR0cDovLzE5OC4zMi4yMjcuMTo4MDAwL2NybC9jYTExY3JsMS5jcmwwIgYIYIZIAYb4RAIEFgwUU0YxMzAxODUxOTgzMDEyNDM0MTUwCgYIKoEcz1UBg3UDSAAwRQIhAJDsqHbDolgi85eHxodn0OmTm/6DnVjnhZ8Wq2GuL7x/AiAS7/PU/ROiXzeuPFWTOzeZeZdK8gE6kTBsD3BJ8VXwGQ==";
byte * byte_xy = new byte[64];
char * str_prv = "e83d63ffb8be0ae8412dacf65b8174fed36aeed2e04e35a929171966df7650ef";
byte * byte_prv = new byte[64];
OPF_Str2Bin(str_xy,128,byte_xy,&len);
// 公钥私钥
{
OPF_Str2Bin(str_prv,64,prv_data_value,&prv_data_len);
OPF_Str2Bin(str_xy,64,x_data_value,&x_data_len);
OPF_Str2Bin(str_xy+64,64,y_data_value,&y_data_len);
}
char szDevNameLists[BUFFER_LEN_1K];
unsigned long ulDevNameLists = BUFFER_LEN_1K;
HANDLE hDevSKF;
char szAppNameLists[BUFFER_LEN_1K];
unsigned long ulAppNameLists = BUFFER_LEN_1K;
HANDLE hAppSKF;
char szConNameLists[BUFFER_LEN_1K];
unsigned long ulConNameLists = BUFFER_LEN_1K;
HANDLE hConSKF;
ulRet = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);
ulRet = SKF_ConnectDev(szDevNameLists,&hDevSKF);
ulRet = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);
if (ulAppNameLists < 2)
{
// 第一步设备认证
unsigned char bRandom[16], bAuthData[16];
unsigned long ulRandomLen, ulAuthDataLen;
BLOCKCIPHERPARAM EncryptParam;
unsigned char bSymKey[16];
HANDLE hSymKey=NULL;
DEVINFO DevInfo;
// 取16字节随机数
ulRandomLen = sizeof(bRandom);
ulRet = SKF_GenRandom(hDevSKF, bRandom, ulRandomLen);
if(ulRet != 0)
{
printf("SKF_GenRandom error, ret=0x%x\n", ulRet);
}
printf("SKF_GenRandom succeeds");
ulRet = SKF_GetDevInfo(hDevSKF, &DevInfo);
// 加密随机化
// 默认外部认证密钥为:1234567812345678
memcpy(bSymKey, (unsigned char*)"\x31\x32\x33\x34\x35\x36\x37\x38\x31\x32\x33\x34\x35\x36\x37\x38", 16);
ulRet = SKF_SetSymmKey(hDevSKF, bSymKey, DevInfo.DevAuthAlgId, &hSymKey);
if(ulRet != 0)
{
printf("SKF_SetSymmKey error, ret=0x%x\n", ulRet);
}
printf("SKF_SetSymmKey succeeds.\n");
// 加密初始化
EncryptParam.PaddingType = 0;
ulRet = SKF_EncryptInit(hSymKey, EncryptParam);
if(ulRet != 0)
{
printf("SKF_EncryptInit error, ret=0x%x\n", ulRet);
}
printf("SKF_EncryptInit succeeds.\n");
// 加密随机数
ulAuthDataLen = sizeof(bAuthData);
memset(bAuthData, 0x00, ulAuthDataLen);
ulRet = SKF_Encrypt(hSymKey, bRandom, ulRandomLen, bAuthData, &ulAuthDataLen);
if(ulRet != 0)
{
printf("SKF_Encrypt error, ret=0x%x\n", ulRet);
}
printf("SKF_Encrypt succeeds.\n");
// 外部认证
ulRet = SKF_DevAuth(hDevSKF, bAuthData, ulAuthDataLen);
if(ulRet != 0)
{
printf("SKF_DevAuth error, ret=0x%x\n", ulRet);
}
printf("SKF_DevAuth succeeds.\n");
// 创建应用
ulRet = SKF_CreateApplication(hDevSKF,"DEFAULT_APPLICATION", (char*)pw_usb_value,8,
(char*)pw_usb_value, 8,0,&hAppSKF);
}
else
{
ulRet = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
}
ulRet = SKF_VerifyPIN(hAppSKF, 1, (char*)pw_usb_value,&ulRetry);
ulRet = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);
if (ulConNameLists < 2)
{
ulRet = SKF_CreateContainer(hAppSKF, "DEFAULT_CONTAINER", &hConSKF);
}
else
{
ulRet = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
}
ECCPUBLICKEYBLOB pubkeyBlob;
ENVELOPEDKEYBLOB * pENVELOPEDKEY_Dev = (ENVELOPEDKEYBLOB*)malloc(sizeof(ENVELOPEDKEYBLOB) + SM2_BYTES_LEN);
ENVELOPEDKEYBLOB * pENVELOPEDKEY_DB = (ENVELOPEDKEYBLOB*)malloc(sizeof(ENVELOPEDKEYBLOB) + SM2_BYTES_LEN);
ulRet = SKF_GenECCKeyPair(hConSKF, SGD_SM2_1,&pubkeyBlob);
/*ulRet = PCI_Open(&hHandlePCI, &hHandleSession);
ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[0]),&ulRetry);
ulRet = PCI_CheckExistRootSM2Keys(hHandleSession);
ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[1]),&ulRetry);
ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[2]),&ulRetry);
ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[3]),&ulRetry);
ulRet = PCI_GenRootSM2Keys(hHandleSession, data_value,&data_len);
ulRet = PCI_BackupInit(hHandleSession);
ulRet = PCI_BackupKeyComponent(hHandleSession, 1, (unsigned char *)"12345678", 8);
ulRet = PCI_BackupKeyComponent(hHandleSession, 2, (unsigned char *)"12345678", 8);
ulRet = PCI_BackupKeyComponent(hHandleSession, 3, (unsigned char *)"12345678", 8);
ulRet = PCI_BackupECC(hHandleSession,1, data_value, &data_len);
ulRet = PCI_BackupFinal(hHandleSession);
ulRet = PCI_RestoreInit(hHandleSession);
ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
ulRet = PCI_RestoreECC(hHandleSession, 0, data_value, 96 * 2);
ulRet = PCI_RestoreFinal(hHandleSession);
ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[0]),&ulRetry);
ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[1]),&ulRetry);
ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[2]),&ulRetry);
ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[3]),&ulRetry);
*/
//ulRet = PCI_BackupInit(hHandleSession);
//ulRet = PCI_BackupKeyComponent(hHandleSession, 1, (unsigned char *)"12345678", 8);
//ulRet = PCI_BackupKeyComponent(hHandleSession, 2, (unsigned char *)"12345678", 8);
//ulRet = PCI_BackupKeyComponent(hHandleSession, 3, (unsigned char *)"12345678", 8);
//ulRet = PCI_BackupECC(hHandleSession,1, data_value, &data_len);
//ulRet = PCI_BackupFinal(hHandleSession);
/*ulRet = PCI_RestoreInit(hHandleSession);
ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
ulRet = PCI_RestoreECC(hHandleSession, 0, data_value, 96 *2);
ulRet = PCI_RestoreFinal(hHandleSession);
ulRet = PCI_SignWithRootSM2Keys(hHandleSession,data_value, 32, data_value, 32, 0, data_value, &data_len);
*/
//ulRet = PCI_GenExportSM2EnvelopedKey(hHandleSession,
// pubkeyBlob.XCoordinate + 32,
// pubkeyBlob.YCoordinate + 32,
// (void *)pENVELOPEDKEY_DB,
// (void *)pENVELOPEDKEY_Dev
// );
ulRet = SKF_ImportECCKeyPair(hConSKF,pENVELOPEDKEY_Dev);
ulRet = SKF_GenECCKeyPair(hConSKF, SGD_SM2_1,&pubkeyBlob);
ulRet = PCI_RestoreExportSM2EnvelopedKey(hHandleSession,
pubkeyBlob.XCoordinate + 32,
pubkeyBlob.YCoordinate + 32,
(void *)pENVELOPEDKEY_DB,
(void *)pENVELOPEDKEY_Dev
);
ulRet = SKF_ImportECCKeyPair(hConSKF,pENVELOPEDKEY_Dev);
return 0;
//ulRet = OPF_Initialize();
//ulRet = OpenSSL_SM2GenCSRWithPubkey(&userInfo,
// x_data_value, x_data_len,
// y_data_value, y_data_len,
// data_value,&data_len);
//ulRet = OpenSSL_SM2GenRootCert(data_value,data_len, 123456789,timeStart,timeEnd,
// data_value_cert,&data_len_cert);
//OPST_CRL crllists[3] = {{2,2,2},{3,3,3},{4,4,4}};
//ulRet = OpenSSL_SM2GenCRL(crllists, sizeof(crllists)/sizeof(OPST_CRL),data_value_ca, data_len_ca, data_value_crl, &data_len_crl);
//ulRet = OPF_SM2SignCRL(hHandleSession,data_value_ca,data_len_ca,data_value_crl,data_len_crl,0,data_value_crl,&data_len_crl);
//ulRet = OpenSSL_SM2VerifyCRL(data_value_crl,data_len_crl,0,x_data_value,32 , y_data_value,32);
//userInfo.ulLenC = wcslen(countryName)*2;
//userInfo.ulLenST = wcslen(stateOrProvinceName)*2;
//userInfo.ulLenL = wcslen(localityName)*2;
//userInfo.ulLenO = wcslen(organizationName)*2;
//userInfo.ulLenOU = wcslen(organizationalUnitName)*2;
//userInfo.ulLenCN = wcslen(commonName)*2;
//userInfo.ulLenEA = wcslen(emailAddress)*2;
//userInfo.ulLenCP = wcslen(challengePassword)*2;
//userInfo.ulLenUN = wcslen(unstructuredName)*2;
//memcpy(userInfo.countryName, countryName, userInfo.ulLenC);
//memcpy( userInfo.stateOrProvinceName ,stateOrProvinceName, userInfo.ulLenST);
//memcpy( userInfo.localityName,localityName, userInfo.ulLenL);
//memcpy( userInfo.organizationName, organizationName,userInfo.ulLenO);
//memcpy(userInfo.organizationalUnitName,organizationalUnitName, userInfo.ulLenOU);
//memcpy( userInfo.commonName,commonName,userInfo.ulLenCN);
////strcpy((char *) userInfo.commonName, "34");
//memcpy( userInfo.emailAddress,emailAddress,userInfo.ulLenEA);
//memcpy( userInfo.challengePassword,challengePassword, userInfo.ulLenCP);
//memcpy( userInfo.unstructuredName,unstructuredName, userInfo.ulLenUN);
// 初始化库;
//ulRet = PKCS11_EnumDevices(szDevValue, &ulDevCount);
//ulRet = PKCS11_OpenDevice(szDevValue[0], & hDevice);
//ulRet = PKCS11_Login(hDevice, 1, pw_usb_value,pw_usb_len, &ulRetry);
//ulRet = PKCS11_CheckContainerExist(hDevice, ContainerTest,sizeof(ContainerTest));
//if (ulRet)
//{
// ulRet = PKCS11_CreateContainer(hDevice,ContainerTest ,sizeof(ContainerTest));
// ulRet = PKCS11_DeleteContainer(hDevice,ContainerTest ,sizeof(ContainerTest));
// ulRet = PKCS11_CreateContainer(hDevice,ContainerTest ,sizeof(ContainerTest));
//}
//ulRet = PKCS11_EnumContainers(hDevice, szConValue, &ulConCount);
//ulRet = PKCS11_OpenContainer(hDevice, ContainerTest,sizeof(ContainerTest),ulConType, &hContainer);
//if (ulConType == OPE_CON_TYPE_ENCYPT)
//{
// // client
// ulRet = PKCS11_SM2GenKeys(hContainer);
// //ulRet = PKCS11_SM2ImportKeys(hContainer, hContainer, prv_data_value, 32, x_data_value, 32, y_data_value, 32);
// ulRet = OPF_SM2GenCSR(hContainer,&userInfo, data_value, &data_len);
// ulRet = OPF_SM2SignCSR(hContainer, data_value,data_len, 0, data_value_csr, &data_len_csr);
// {
// FILE * fileIN = fopen("d:/rootca.cer","r+b");
// data_len_ca = fread(data_value_ca ,1, 10240, fileIN);
// fclose(fileIN);
// }
// // server
// ulRet = OpenSSL_SM2GenCert(data_value_csr,data_len_csr,data_value_ca, data_len_ca,123456789,timeStart,timeEnd,
// 0,data_value_cert,&data_len_cert);
// ulRet = OPF_SM2SignCert(hHandleSession,data_value_cert,data_len_cert, 0,data_value_cert, &data_len_cert);
// {
// FILE * fileOUT = fopen("d:/usr.cer","w+b");
// data_len_cert = fwrite(data_value_cert ,1, data_len_cert, fileOUT);
// fclose(fileOUT);
// }
// //ulRet = OPF_SignCert(hHandleSession, data_value_cert,data_len_cert, 0,
// // data_value_cert,&data_len_cert);
//}
//else
//{
// ulRet = OPF_SM2GenCSR(hContainer,&userInfo, data_value, &data_len);
// ulRet = OpenSSL_SM2GenRootCert(data_value,data_len, 123456789,timeStart,timeEnd,
// data_value_cert,&data_len_cert);
// ulRet = OPF_SM2SignCert(hHandleSession, data_value_cert,data_len_cert, 0,
// data_value_cert,&data_len_cert);
//}
//ulRet = OPF_CertImport(hContainer, data_value_cert, data_len_cert);
//ulRet = PKCS11_CloseContainer(hContainer);
//ulRet = PKCS11_Logout(hDevice);
//ulRet = PKCS11_CloseDevice(hDevice);
// 释放库资源.
//ulRet = OPF_Finalize();
#if _PCI_TEST_
ulRet = PCI_Close(hHandlePCI, hHandleSession);
#endif
return 0;
}
DWORD WINAPI ThreadFuncSKFGenCSR(LPVOID aThisClass)
{
CClassCommon * thisClass = (CClassCommon*)aThisClass;
char szDevNameLists[BUFFER_LEN_1K] = {0};
char szAppNameLists[BUFFER_LEN_1K] = {0};
char szConNameLists[BUFFER_LEN_1K];
ULONG ulDevNameLists = BUFFER_LEN_1K;
ULONG ulAppNameLists = BUFFER_LEN_1K;
ULONG ulConNameLists = BUFFER_LEN_1K;
HANDLE hDevSKF = NULL;
HANDLE hConSKF = NULL;
HANDLE hAppSKF = NULL;
unsigned long ulPublicKeyLen = 2 * SM2_BYTES_LEN + 1;
unsigned char pbPublicKey[2 * SM2_BYTES_LEN + 1] = {0};
unsigned char pbDigest[SM2_BYTES_LEN] = {0};
unsigned int ulDigestLen = SM2_BYTES_LEN;
unsigned char szX509content[BUFFER_LEN_1K * 4];
unsigned long ulX509ContentLen = BUFFER_LEN_1K * 4;
ECCSIGNATUREBLOB stSigBlob = {0};
// 初始化
thisClass->ulResult = OpenSSL_Initialize();
if(thisClass->ulResult)
{
goto err;
}
thisClass->m_iCsrLen = BUFFER_LEN_1K * 4;
thisClass->ulResult = OpenSSL_SM2GenCSRWithPubkey(
&(thisClass->userInfo),
thisClass->m_szPublicKeySIGN,SM2_BYTES_LEN,
thisClass->m_szPublicKeySIGN+SM2_BYTES_LEN,SM2_BYTES_LEN,
thisClass->m_szCsr, &(thisClass->m_iCsrLen)
);
FILE_LOG_FMT(file_log_name, "%s %d %d", __FUNCTION__, __LINE__, 2);
FILE_LOG_HEX(file_log_name, thisClass->m_szCsr, thisClass->m_iCsrLen);
// 签名证书请求
thisClass->m_iSignedCsrLen = BUFFER_LEN_1K * 4;
FILE_LOG_STRING(file_log_name, "8");
// 枚举设备
thisClass->ulResult = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);
if(thisClass->ulResult)
{
goto err;
}
if(ulDevNameLists < 2)
{
thisClass->ulResult = OPE_ERR_NO_DEV;
goto err;
}
// 打开设备
thisClass->ulResult = SKF_ConnectDev(szDevNameLists,&hDevSKF);
if(ulDevNameLists < 2)
{
goto err;
}
thisClass->ulResult = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);
// 设备认证或者打开一个应用
if (ulAppNameLists < 2)
{
thisClass->ulResult = FuncSKF_DevAuth(hDevSKF,&hAppSKF,(thisClass->m_szPIN),8);
}
else
{
thisClass->ulResult = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
}
// 验证密码
thisClass->ulResult = SKF_VerifyPIN(hAppSKF, 1, (thisClass->m_szPIN),&(thisClass->m_ulRetry));
if(thisClass->ulResult)
{
goto err;
}
// 枚举容器
thisClass->ulResult = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);
if(thisClass->ulResult)
{
goto err;
}
// 创建或打开容器
if (ulConNameLists < 2)
{
thisClass->ulResult = SKF_CreateContainer(hAppSKF, DEFAULT_CONTAINER, &hConSKF);
}
else
{
thisClass->ulResult = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
}
if(thisClass->ulResult)
{
goto err;
}
memcpy(pbPublicKey, "\x04", 1);
memcpy(pbPublicKey + 1 , thisClass->m_szPublicKeySIGN, SM2_BYTES_LEN * 2);
thisClass->ulResult = OpenSSL_GetX509Content(thisClass->m_szCsr, thisClass->m_iCsrLen,
X509_TYPE_CSR,
szX509content,&ulX509ContentLen
);
if(thisClass->ulResult)
{
goto err;
}
thisClass->ulResult = tcm_get_message_hash(
szX509content, ulX509ContentLen,
(unsigned char *)"1234567812345678", 16,
pbPublicKey, ulPublicKeyLen,pbDigest,&ulDigestLen);
if(thisClass->ulResult)
{
goto err;
}
FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"pbPublicKey");
FILE_LOG_HEX(file_log_name,pbPublicKey, SM2_BYTES_LEN * 2 + 1);
FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"pbDigest");
FILE_LOG_HEX(file_log_name,pbDigest, ulDigestLen);
FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"m_szCsr");
FILE_LOG_HEX(file_log_name,thisClass->m_szCsr, thisClass->m_iCsrLen);
FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"szX509content");
FILE_LOG_HEX(file_log_name,szX509content, ulX509ContentLen);
thisClass->ulResult = SKF_ECCSignData(hConSKF,pbDigest,ulDigestLen,&stSigBlob);
if(thisClass->ulResult)
{
goto err;
}
thisClass->ulResult = OpenSSL_SM2SetX509SignValue(
thisClass->m_szCsr, thisClass->m_iCsrLen,
X509_TYPE_CSR,
stSigBlob.r + SM2_BYTES_LEN,SM2_BYTES_LEN,
stSigBlob.s + SM2_BYTES_LEN,SM2_BYTES_LEN,
thisClass->m_szSignedCsr, &(thisClass->m_iSignedCsrLen)
);
if(thisClass->ulResult)
{
goto err;
}
::FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"RS");
::FILE_LOG_HEX(file_log_name, stSigBlob.r + SM2_BYTES_LEN , SM2_BYTES_LEN);
::FILE_LOG_HEX(file_log_name, stSigBlob.r + SM2_BYTES_LEN , SM2_BYTES_LEN);
err:
if (hConSKF)
{
SKF_CloseContainer(hConSKF);
}
if (hAppSKF)
{
SKF_CloseApplication(hAppSKF);
}
if (hDevSKF)
{
SKF_DisConnectDev(hDevSKF);
}
OpenSSL_Finalize();
return 0;
}
DWORD WINAPI ThreadFuncSKFImportCerts(LPVOID aThisClass)
{
CClassCommon * thisClass = (CClassCommon*)aThisClass;
char szDevNameLists[BUFFER_LEN_1K] = {0};
char szAppNameLists[BUFFER_LEN_1K] = {0};
char szConNameLists[BUFFER_LEN_1K];
ULONG ulDevNameLists = BUFFER_LEN_1K;
ULONG ulAppNameLists = BUFFER_LEN_1K;
ULONG ulConNameLists = BUFFER_LEN_1K;
HANDLE hDevSKF = NULL;
HANDLE hConSKF = NULL;
HANDLE hAppSKF = NULL;
// 枚举设备
thisClass->ulResult = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);
if(thisClass->ulResult)
{
goto err;
}
if(ulDevNameLists < 2)
{
thisClass->ulResult = OPE_ERR_NO_DEV;
goto err;
}
// 打开设备
thisClass->ulResult = SKF_ConnectDev(szDevNameLists,&hDevSKF);
if(ulDevNameLists < 2)
{
goto err;
}
thisClass->ulResult = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);
// 设备认证或者打开一个应用
if (ulAppNameLists < 2)
{
thisClass->ulResult = FuncSKF_DevAuth(hDevSKF,&hAppSKF,(thisClass->m_szPIN),8);
}
else
{
thisClass->ulResult = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
}
// 验证密码
thisClass->ulResult = SKF_VerifyPIN(hAppSKF, 1, (thisClass->m_szPIN),&(thisClass->m_ulRetry));
if(thisClass->ulResult)
{
goto err;
}
// 枚举容器
thisClass->ulResult = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);
if(thisClass->ulResult)
{
goto err;
}
// 创建或打开容器
if (ulConNameLists < 2)
{
thisClass->ulResult = SKF_CreateContainer(hAppSKF, DEFAULT_CONTAINER, &hConSKF);
}
else
{
thisClass->ulResult = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
}
if(thisClass->ulResult)
{
goto err;
}
// 导入证书
thisClass->ulResult = SKF_ImportCertificate(hConSKF, 1, thisClass->m_szCertSIGN,thisClass->m_iCertSIGNLen);
if(thisClass->ulResult)
{
goto err;
}
// 导入证书
thisClass->ulResult = SKF_ImportCertificate(hConSKF, 0, thisClass->m_szCertEX,thisClass->m_iCertEXLen);
if(thisClass->ulResult)
{
goto err;
}
// 拷贝签名公钥
memcpy(thisClass->m_szPublicKeyEX,
thisClass->m_stEnvelopedKeyBlobEX.PubKey.XCoordinate + SM2_BYTES_LEN,
SM2_BYTES_LEN);
memcpy(thisClass->m_szPublicKeyEX+SM2_BYTES_LEN,
thisClass->m_stEnvelopedKeyBlobEX.PubKey.YCoordinate + SM2_BYTES_LEN,
SM2_BYTES_LEN);
FILE_LOG_FMT(file_log_name, "%s %d %d", __FUNCTION__, __LINE__, 1);
FILE_LOG_HEX(file_log_name,thisClass->m_szPublicKeyEX,SM2_BYTES_LEN * 2);
err:
if (hConSKF)
{
SKF_CloseContainer(hConSKF);
}
if (hAppSKF)
{
SKF_CloseApplication(hAppSKF);
}
if (hDevSKF)
{
SKF_DisConnectDev(hDevSKF);
}
return 0;
}
DWORD WINAPI ThreadFuncSKFGenSM2KeyPair(LPVOID aThisClass)
{
CClassCommon * thisClass = (CClassCommon*)aThisClass;
char szDevNameLists[BUFFER_LEN_1K] = {0};
char szAppNameLists[BUFFER_LEN_1K] = {0};
char szConNameLists[BUFFER_LEN_1K];
ULONG ulDevNameLists = BUFFER_LEN_1K;
ULONG ulAppNameLists = BUFFER_LEN_1K;
ULONG ulConNameLists = BUFFER_LEN_1K;
HANDLE hDevSKF = NULL;
HANDLE hConSKF = NULL;
HANDLE hAppSKF = NULL;
ECCPUBLICKEYBLOB pubkeyBlob = {0};
// 枚举设备
thisClass->ulResult = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);
if(thisClass->ulResult)
{
goto err;
}
::FILE_LOG_STRING(file_log_name, "SKF_EnumDev");
if(ulDevNameLists < 2)
{
thisClass->ulResult = OPE_ERR_NO_DEV;
goto err;
}
// 打开设备
thisClass->ulResult = SKF_ConnectDev(szDevNameLists,&hDevSKF);
if(ulDevNameLists < 2)
{
goto err;
}
::FILE_LOG_STRING(file_log_name, "SKF_ConnectDev");
thisClass->ulResult = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);
if (ulAppNameLists < 2)
{
thisClass->ulResult = FuncSKF_DevAuth(hDevSKF,&hAppSKF,(thisClass->m_szPIN),8);
}
else
{
thisClass->ulResult = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
}
::FILE_LOG_STRING(file_log_name, "FuncSKF_DevAuth SKF_OpenApplication");
thisClass->ulResult = SKF_VerifyPIN(hAppSKF, 1, (thisClass->m_szPIN),&(thisClass->m_ulRetry));
if(thisClass->ulResult)
{
goto err;
}
::FILE_LOG_STRING(file_log_name, "SKF_VerifyPIN");
thisClass->ulResult = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);
if(thisClass->ulResult)
{
goto err;
}
::FILE_LOG_STRING(file_log_name, "SKF_EnumContainer");
if (ulConNameLists < 2)
{
thisClass->ulResult = SKF_CreateContainer(hAppSKF, DEFAULT_CONTAINER, &hConSKF);
}
else
{
thisClass->ulResult = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
}
::FILE_LOG_STRING(file_log_name, "SKF_CreateContainer SKF_OpenContainer");
if(thisClass->ulResult)
{
goto err;
}
// 生成签名公钥
thisClass->ulResult = SKF_GenECCKeyPair(hConSKF, SGD_SM2_1,&pubkeyBlob);
if(thisClass->ulResult)
{
goto err;
}
::FILE_LOG_STRING(file_log_name, "SKF_GenECCKeyPair");
// 拷贝签名公钥
memcpy(thisClass->m_szPublicKeySIGN, pubkeyBlob.XCoordinate + SM2_BYTES_LEN, SM2_BYTES_LEN);
memcpy(thisClass->m_szPublicKeySIGN+SM2_BYTES_LEN, pubkeyBlob.YCoordinate + SM2_BYTES_LEN, SM2_BYTES_LEN);
err:
if (hConSKF)
{
SKF_CloseContainer(hConSKF);
}
if (hAppSKF)
{
SKF_CloseApplication(hAppSKF);
}
if (hDevSKF)
{
SKF_DisConnectDev(hDevSKF);
}
return 0;
}