Esempio n. 1
0
TEST(SKF_DEV_MANAGE,SKF_EnumDev_Test)
{
    SKF_EnumDev skf_enumDev = SKF_EnumDev(GetProcAddress(hmodule,"SKF_EnumDev"));
    ULONG* pulSize = new ULONG();
    skf_enumDev(true,NULL,pulSize);
    ASSERT_NE(0,*pulSize);
    devName = (char*)malloc(*pulSize);
    skf_enumDev(true,devName,pulSize);

    EXPECT_STRNE("",devName);
}
Esempio n. 2
0
int main(int argc, char * argv[])
{
	unsigned long ulRet = 0;
	unsigned long ulRetry = 0;
	unsigned long len = 0;
	OPST_DEV szDevValue[MAX_DEV_NUM] = {0};
	unsigned long ulDevCount = MAX_DEV_NUM;
	unsigned long pw_usb_len = 8;
	unsigned char pw_usb_value[] = "88888888";
	OPT_HDEVICE		hDevice = NULL;
	OPT_HCONTAINER  hContainer = NULL;
	unsigned char ContainerTest[] = "testContainer";
	OPST_CONTAINER szConValue[10];
	unsigned long ulConCount = 10;
	unsigned long ulConType = OPE_CON_TYPE_ENCYPT;
	unsigned long timeStart = 0;
	unsigned long timeEnd	= 365 * 10;
	unsigned char * data_value = NULL; 
	unsigned long data_len = 1024 * 20;
	unsigned char * data_value_csr = NULL; 
	unsigned long data_len_csr = 1024 * 20;
	unsigned char * data_value_cert = NULL; 
	unsigned long data_len_cert = 1024 * 20;
	unsigned long prv_data_len = 32;
	unsigned long x_data_len = 32;
	unsigned long y_data_len = 32;
	unsigned char * data_value_ca = NULL; 
	unsigned long data_len_ca = 1024 * 20;
	unsigned long ulUserID[4] = {0};

	unsigned long data_len_crl = 1024 * 2;
	unsigned char data_value_crl[2048]; 

	data_value = (unsigned char *)malloc(data_len);
	data_value_cert = (unsigned char *)malloc(data_len_cert);
	data_value_csr = (unsigned char *)malloc(data_len_csr);
	data_value_ca = (unsigned char *)malloc(data_len_ca);

	unsigned char prv_data_value[] = {
		0x61 , 0x56 , 0xb0 , 0xf6 , 0x27 , 0x57 , 0x26 , 0xdc , 
		0x21 , 0xae , 0x6c , 0x68 , 0xbc , 0x49 , 0x82 , 0xe6 , 
		0x67 , 0x51 , 0x6c , 0xe9 , 0xfd , 0x59 , 0x0d , 0x58 , 
		0xdd , 0x54 , 0x32 , 0xb7 , 0x88 , 0x6a , 0x23 , 0x70};

	unsigned char x_data_value[] = {
		0x91 , 0x1b , 0x13 , 0x80 , 0x41 , 0xbe , 0x68 , 0x6f , 
		0xa9 , 0x52 , 0xd6 , 0xb4 , 0x2d , 0x93 , 0xcc , 0x10 , 
		0x14 , 0xe7 , 0xd5 , 0x0c , 0x05 , 0x22 , 0xfb , 0x8a , 
		0xdb , 0x98 , 0xd2 , 0x3b , 0x3a , 0xf6 , 0x45 , 0x23};

	unsigned char y_data_value[] = {
		0x40 , 0xaf , 0xbb , 0xd1 , 0x85 , 0xea , 0x29 , 0x3c , 
		0x58 , 0x54 , 0xb6 , 0xe6 , 0x9e , 0x05 , 0x0e , 0xc7 , 
		0xbb , 0xea , 0x6b , 0xda , 0xb9 , 0x8c , 0xee , 0x6e , 
		0x4d , 0x85 , 0xa5 , 0x71 , 0x81 , 0x79 , 0xf8 , 0xb1};

	OPST_USERINFO userInfo = {0};

	wchar_t* countryName = L"中国";
	wchar_t* stateOrProvinceName = L"北京";
	wchar_t* localityName = L"北京";
	wchar_t* organizationName = L"赢达信";
	wchar_t* organizationalUnitName = L"赢达信";
	wchar_t* commonName = L"李强强";
	wchar_t* emailAddress = L"*****@*****.**";
	wchar_t* challengePassword = L"123";
	wchar_t* unstructuredName = L"测试";
	HANDLE hHandlePCI = 0, hHandleSession = 0;

	char * str_xy =
		"MIICuDCCAl6gAwIBAgIKFBEAAAAAAAAIQzAKBggqgRzPVQGDdTBNMQswCQYDVQQGEwJDTjERMA8GA1UECgwIQ0hJTkFNU0ExETAPBgNVBAsMCENISU5BTVNBMRgwFgYDVQQDDA9DSElOQU1TQSBTTTIgQ0EwHhcNMTUwOTEwMTYwMDAwWhcNMTgwOTExMTU1OTU5WjBTMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYDVQQHDAbkuJzln44xIjAgBgNVBAMMGea1t+S6i+S4quS6uua1i+ivlVRG5Y2hMTAwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATU7yKIK31DFXlYglDck41GUpeVaFU5+64d0IHRLg3LashmnoS659CTBZAt9iuhQh32H17F+3UgSdEBcpoSXzaVo4IBHjCCARowHwYDVR0jBBgwFoAUcWzpmZA0N7fJ6ciCy5fLmv72uF0wHQYDVR0OBBYEFN27An45JjWvMK5c6/ywmPmyp8sfMAsGA1UdDwQEAwIGwDCBpgYDVR0fBIGeMIGbMGigZqBkpGIwYDELMAkGA1UEBhMCQ04xETAPBgNVBAoMCENISU5BTVNBMREwDwYDVQQLDAhDSElOQU1TQTEYMBYGA1UEAwwPQ0hJTkFNU0EgU00yIENBMREwDwYDVQQDEwhjYTExY3JsMTAvoC2gK4YpaHR0cDovLzE5OC4zMi4yMjcuMTo4MDAwL2NybC9jYTExY3JsMS5jcmwwIgYIYIZIAYb4RAIEFgwUU0YxMzAxODUxOTgzMDEyNDM0MTUwCgYIKoEcz1UBg3UDSAAwRQIhAJDsqHbDolgi85eHxodn0OmTm/6DnVjnhZ8Wq2GuL7x/AiAS7/PU/ROiXzeuPFWTOzeZeZdK8gE6kTBsD3BJ8VXwGQ==";
	byte * byte_xy = new byte[64];

	char * str_prv = "e83d63ffb8be0ae8412dacf65b8174fed36aeed2e04e35a929171966df7650ef";
	byte * byte_prv = new byte[64];

	OPF_Str2Bin(str_xy,128,byte_xy,&len);

	// 公钥私钥
	{
		OPF_Str2Bin(str_prv,64,prv_data_value,&prv_data_len);
		OPF_Str2Bin(str_xy,64,x_data_value,&x_data_len);
		OPF_Str2Bin(str_xy+64,64,y_data_value,&y_data_len);
	}

	char szDevNameLists[BUFFER_LEN_1K];
	unsigned long ulDevNameLists = BUFFER_LEN_1K;
	HANDLE hDevSKF;

	char szAppNameLists[BUFFER_LEN_1K];
	unsigned long ulAppNameLists = BUFFER_LEN_1K;
	HANDLE hAppSKF;

	char szConNameLists[BUFFER_LEN_1K];
	unsigned long ulConNameLists = BUFFER_LEN_1K;
	HANDLE hConSKF;


	ulRet = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);

	ulRet = SKF_ConnectDev(szDevNameLists,&hDevSKF);

	ulRet = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);

	if (ulAppNameLists < 2)
	{
		// 第一步设备认证
		unsigned char	bRandom[16], bAuthData[16];
		unsigned long	ulRandomLen, ulAuthDataLen;
		BLOCKCIPHERPARAM EncryptParam;
		unsigned char	bSymKey[16];
		HANDLE			hSymKey=NULL;

		DEVINFO			DevInfo;

		// 取16字节随机数
		ulRandomLen = sizeof(bRandom);
		ulRet = SKF_GenRandom(hDevSKF, bRandom, ulRandomLen);
		if(ulRet != 0)
		{
			printf("SKF_GenRandom error, ret=0x%x\n", ulRet);
		}
		printf("SKF_GenRandom succeeds");


		ulRet = SKF_GetDevInfo(hDevSKF, &DevInfo);
		// 加密随机化
		// 默认外部认证密钥为:1234567812345678
		memcpy(bSymKey, (unsigned char*)"\x31\x32\x33\x34\x35\x36\x37\x38\x31\x32\x33\x34\x35\x36\x37\x38", 16);

		ulRet = SKF_SetSymmKey(hDevSKF, bSymKey, DevInfo.DevAuthAlgId, &hSymKey);
		if(ulRet != 0)
		{
			printf("SKF_SetSymmKey error, ret=0x%x\n", ulRet);
		}
		printf("SKF_SetSymmKey succeeds.\n");

		// 加密初始化
		EncryptParam.PaddingType = 0;
		ulRet = SKF_EncryptInit(hSymKey, EncryptParam);
		if(ulRet != 0)
		{
			printf("SKF_EncryptInit error, ret=0x%x\n", ulRet);
		}
		printf("SKF_EncryptInit succeeds.\n");

		// 加密随机数
		ulAuthDataLen = sizeof(bAuthData);
		memset(bAuthData, 0x00, ulAuthDataLen);
		ulRet = SKF_Encrypt(hSymKey, bRandom, ulRandomLen, bAuthData, &ulAuthDataLen);
		if(ulRet != 0)
		{
			printf("SKF_Encrypt error, ret=0x%x\n", ulRet);
		}
		printf("SKF_Encrypt succeeds.\n");

		// 外部认证
		ulRet = SKF_DevAuth(hDevSKF, bAuthData, ulAuthDataLen);
		if(ulRet != 0)
		{
			printf("SKF_DevAuth error, ret=0x%x\n", ulRet);
		}
		printf("SKF_DevAuth succeeds.\n");

		// 创建应用
		ulRet = SKF_CreateApplication(hDevSKF,"DEFAULT_APPLICATION", (char*)pw_usb_value,8,
			(char*)pw_usb_value, 8,0,&hAppSKF);
	}
	else
	{
		ulRet = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
	}

	ulRet = SKF_VerifyPIN(hAppSKF, 1, (char*)pw_usb_value,&ulRetry);
	
	ulRet = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);

	if (ulConNameLists < 2)
	{
		ulRet = SKF_CreateContainer(hAppSKF, "DEFAULT_CONTAINER", &hConSKF);
	}
	else
	{
		ulRet = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
	}

	ECCPUBLICKEYBLOB pubkeyBlob;

	ENVELOPEDKEYBLOB * pENVELOPEDKEY_Dev = (ENVELOPEDKEYBLOB*)malloc(sizeof(ENVELOPEDKEYBLOB) + SM2_BYTES_LEN);
	ENVELOPEDKEYBLOB * pENVELOPEDKEY_DB = (ENVELOPEDKEYBLOB*)malloc(sizeof(ENVELOPEDKEYBLOB) + SM2_BYTES_LEN);

	ulRet = SKF_GenECCKeyPair(hConSKF, SGD_SM2_1,&pubkeyBlob);
	
	/*ulRet = PCI_Open(&hHandlePCI, &hHandleSession);

	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[0]),&ulRetry);

	ulRet = PCI_CheckExistRootSM2Keys(hHandleSession);

	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[1]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[2]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[3]),&ulRetry);

	ulRet = PCI_GenRootSM2Keys(hHandleSession, data_value,&data_len);

	ulRet = PCI_BackupInit(hHandleSession);
	ulRet = PCI_BackupKeyComponent(hHandleSession, 1, (unsigned char *)"12345678", 8);
	ulRet = PCI_BackupKeyComponent(hHandleSession, 2, (unsigned char *)"12345678", 8);
	ulRet = PCI_BackupKeyComponent(hHandleSession, 3, (unsigned char *)"12345678", 8);
	ulRet = PCI_BackupECC(hHandleSession,1, data_value, &data_len);
	ulRet = PCI_BackupFinal(hHandleSession);

	ulRet = PCI_RestoreInit(hHandleSession);
	ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
	ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
	ulRet = PCI_RestoreECC(hHandleSession, 0, data_value, 96 * 2);
	ulRet = PCI_RestoreFinal(hHandleSession);

	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[0]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[1]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[2]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[3]),&ulRetry);
	*/
	//ulRet = PCI_BackupInit(hHandleSession);
	//ulRet = PCI_BackupKeyComponent(hHandleSession, 1, (unsigned char *)"12345678", 8);
	//ulRet = PCI_BackupKeyComponent(hHandleSession, 2, (unsigned char *)"12345678", 8);
	//ulRet = PCI_BackupKeyComponent(hHandleSession, 3, (unsigned char *)"12345678", 8);
	//ulRet = PCI_BackupECC(hHandleSession,1, data_value, &data_len);
	//ulRet = PCI_BackupFinal(hHandleSession);

	/*ulRet = PCI_RestoreInit(hHandleSession);
	ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
	ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
	ulRet = PCI_RestoreECC(hHandleSession, 0, data_value, 96 *2);
	ulRet = PCI_RestoreFinal(hHandleSession);

	ulRet = PCI_SignWithRootSM2Keys(hHandleSession,data_value, 32, data_value, 32, 0, data_value, &data_len);
	*/
	//ulRet = PCI_GenExportSM2EnvelopedKey(hHandleSession,
	//	pubkeyBlob.XCoordinate + 32, 
	//	pubkeyBlob.YCoordinate + 32,
	//	(void *)pENVELOPEDKEY_DB,
	//	(void *)pENVELOPEDKEY_Dev
	//	);

	ulRet = SKF_ImportECCKeyPair(hConSKF,pENVELOPEDKEY_Dev);

	ulRet = SKF_GenECCKeyPair(hConSKF, SGD_SM2_1,&pubkeyBlob);

	ulRet = PCI_RestoreExportSM2EnvelopedKey(hHandleSession,
		pubkeyBlob.XCoordinate + 32, 
		pubkeyBlob.YCoordinate + 32,
		(void *)pENVELOPEDKEY_DB,
		(void *)pENVELOPEDKEY_Dev
		);

	ulRet = SKF_ImportECCKeyPair(hConSKF,pENVELOPEDKEY_Dev);

	return 0;

	//ulRet = OPF_Initialize();

	//ulRet = OpenSSL_SM2GenCSRWithPubkey(&userInfo,
	//	x_data_value, x_data_len,
	//	y_data_value, y_data_len,
	//	data_value,&data_len);

	//ulRet = OpenSSL_SM2GenRootCert(data_value,data_len, 123456789,timeStart,timeEnd,
	//	data_value_cert,&data_len_cert);

	//OPST_CRL crllists[3] = {{2,2,2},{3,3,3},{4,4,4}};

	//ulRet = OpenSSL_SM2GenCRL(crllists, sizeof(crllists)/sizeof(OPST_CRL),data_value_ca, data_len_ca, data_value_crl, &data_len_crl);

	//ulRet = OPF_SM2SignCRL(hHandleSession,data_value_ca,data_len_ca,data_value_crl,data_len_crl,0,data_value_crl,&data_len_crl);

	//ulRet = OpenSSL_SM2VerifyCRL(data_value_crl,data_len_crl,0,x_data_value,32 , y_data_value,32);

	//userInfo.ulLenC = wcslen(countryName)*2;
	//userInfo.ulLenST = wcslen(stateOrProvinceName)*2;
	//userInfo.ulLenL = wcslen(localityName)*2;
	//userInfo.ulLenO = wcslen(organizationName)*2;
	//userInfo.ulLenOU = wcslen(organizationalUnitName)*2;
	//userInfo.ulLenCN = wcslen(commonName)*2;
	//userInfo.ulLenEA = wcslen(emailAddress)*2;
	//userInfo.ulLenCP = wcslen(challengePassword)*2;
	//userInfo.ulLenUN = wcslen(unstructuredName)*2;

	//memcpy(userInfo.countryName, countryName, userInfo.ulLenC);
	//memcpy( userInfo.stateOrProvinceName ,stateOrProvinceName, userInfo.ulLenST);
	//memcpy( userInfo.localityName,localityName, userInfo.ulLenL);
	//memcpy( userInfo.organizationName, organizationName,userInfo.ulLenO);
	//memcpy(userInfo.organizationalUnitName,organizationalUnitName, userInfo.ulLenOU);
	//memcpy( userInfo.commonName,commonName,userInfo.ulLenCN);
	////strcpy((char *) userInfo.commonName, "34");
	//memcpy( userInfo.emailAddress,emailAddress,userInfo.ulLenEA);
	//memcpy( userInfo.challengePassword,challengePassword, userInfo.ulLenCP);
	//memcpy( userInfo.unstructuredName,unstructuredName, userInfo.ulLenUN);
	
	// 初始化库;

	//ulRet = PKCS11_EnumDevices(szDevValue, &ulDevCount);

	//ulRet = PKCS11_OpenDevice(szDevValue[0], & hDevice);

	//ulRet = PKCS11_Login(hDevice, 1, pw_usb_value,pw_usb_len, &ulRetry);

	//ulRet = PKCS11_CheckContainerExist(hDevice, ContainerTest,sizeof(ContainerTest));

	//if (ulRet)
	//{
	//	ulRet = PKCS11_CreateContainer(hDevice,ContainerTest ,sizeof(ContainerTest));

	//	ulRet = PKCS11_DeleteContainer(hDevice,ContainerTest ,sizeof(ContainerTest));

	//	ulRet = PKCS11_CreateContainer(hDevice,ContainerTest ,sizeof(ContainerTest));
	//}

	//ulRet = PKCS11_EnumContainers(hDevice, szConValue, &ulConCount);

	//ulRet = PKCS11_OpenContainer(hDevice, ContainerTest,sizeof(ContainerTest),ulConType, &hContainer);

	//if (ulConType == OPE_CON_TYPE_ENCYPT)
	//{
	//	// client
	//	ulRet = PKCS11_SM2GenKeys(hContainer);

	//	//ulRet = PKCS11_SM2ImportKeys(hContainer, hContainer, prv_data_value, 32, x_data_value, 32, y_data_value, 32);

	//	ulRet = OPF_SM2GenCSR(hContainer,&userInfo, data_value, &data_len);

	//	ulRet = OPF_SM2SignCSR(hContainer, data_value,data_len, 0, data_value_csr, &data_len_csr);

	//	{
	//		FILE * fileIN = fopen("d:/rootca.cer","r+b");

	//		data_len_ca = fread(data_value_ca ,1, 10240, fileIN);

	//		fclose(fileIN);
	//	}

	//	// server
	//	ulRet = OpenSSL_SM2GenCert(data_value_csr,data_len_csr,data_value_ca, data_len_ca,123456789,timeStart,timeEnd,
	//		0,data_value_cert,&data_len_cert);

	//	ulRet = OPF_SM2SignCert(hHandleSession,data_value_cert,data_len_cert, 0,data_value_cert, &data_len_cert);


	//	{
	//		FILE * fileOUT = fopen("d:/usr.cer","w+b");

	//		data_len_cert = fwrite(data_value_cert ,1, data_len_cert, fileOUT);

	//		fclose(fileOUT);
	//	}
	//	//ulRet = OPF_SignCert(hHandleSession, data_value_cert,data_len_cert, 0,
	//	//	data_value_cert,&data_len_cert);
	//}
	//else
	//{
	//	ulRet = OPF_SM2GenCSR(hContainer,&userInfo, data_value, &data_len);

	//	ulRet = OpenSSL_SM2GenRootCert(data_value,data_len, 123456789,timeStart,timeEnd,
	//		data_value_cert,&data_len_cert);

	//	ulRet = OPF_SM2SignCert(hHandleSession, data_value_cert,data_len_cert, 0,
	//		data_value_cert,&data_len_cert);
	//}

	//ulRet = OPF_CertImport(hContainer, data_value_cert, data_len_cert);

	//ulRet = PKCS11_CloseContainer(hContainer);

	//ulRet = PKCS11_Logout(hDevice);

	//ulRet = PKCS11_CloseDevice(hDevice);

	// 释放库资源.
	//ulRet = OPF_Finalize();

#if _PCI_TEST_
	ulRet = PCI_Close(hHandlePCI, hHandleSession);
#endif

	return 0; 
}
Esempio n. 3
0
DWORD WINAPI ThreadFuncSKFImportCerts(LPVOID aThisClass)
{
	CClassCommon * thisClass = (CClassCommon*)aThisClass;

	char szDevNameLists[BUFFER_LEN_1K] = {0};
	char szAppNameLists[BUFFER_LEN_1K] = {0};
	char szConNameLists[BUFFER_LEN_1K];

	ULONG ulDevNameLists = BUFFER_LEN_1K;
	ULONG ulAppNameLists = BUFFER_LEN_1K;
	ULONG ulConNameLists = BUFFER_LEN_1K;

	HANDLE hDevSKF = NULL;
	HANDLE hConSKF = NULL;
	HANDLE hAppSKF = NULL;

	// 枚举设备
	thisClass->ulResult = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);
	if(thisClass->ulResult)
	{
		goto err;
	}

	if(ulDevNameLists < 2)
	{
		thisClass->ulResult = OPE_ERR_NO_DEV;
		goto err;
	}
	// 打开设备
	thisClass->ulResult = SKF_ConnectDev(szDevNameLists,&hDevSKF);
	if(ulDevNameLists < 2)
	{
		goto err;
	}

	thisClass->ulResult = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);

	// 设备认证或者打开一个应用
	if (ulAppNameLists < 2)
	{
		thisClass->ulResult = FuncSKF_DevAuth(hDevSKF,&hAppSKF,(thisClass->m_szPIN),8);
	}
	else
	{
		thisClass->ulResult = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
	}

	// 验证密码
	thisClass->ulResult = SKF_VerifyPIN(hAppSKF, 1, (thisClass->m_szPIN),&(thisClass->m_ulRetry));
	if(thisClass->ulResult)
	{
		goto err;
	}

	// 枚举容器
	thisClass->ulResult = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);
	if(thisClass->ulResult)
	{
		goto err;
	}
	// 创建或打开容器
	if (ulConNameLists < 2)
	{
		thisClass->ulResult = SKF_CreateContainer(hAppSKF, DEFAULT_CONTAINER, &hConSKF);
	}
	else
	{
		thisClass->ulResult = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
	}

	if(thisClass->ulResult)
	{
		goto err;
	}
	// 导入证书
	thisClass->ulResult = SKF_ImportCertificate(hConSKF, 1, thisClass->m_szCertSIGN,thisClass->m_iCertSIGNLen);
	if(thisClass->ulResult)
	{
		goto err;
	}
	// 导入证书
	thisClass->ulResult = SKF_ImportCertificate(hConSKF, 0, thisClass->m_szCertEX,thisClass->m_iCertEXLen);
	if(thisClass->ulResult)
	{
		goto err;
	}

	// 拷贝签名公钥
	memcpy(thisClass->m_szPublicKeyEX, 
		thisClass->m_stEnvelopedKeyBlobEX.PubKey.XCoordinate + SM2_BYTES_LEN, 
		SM2_BYTES_LEN);
	memcpy(thisClass->m_szPublicKeyEX+SM2_BYTES_LEN, 
		thisClass->m_stEnvelopedKeyBlobEX.PubKey.YCoordinate + SM2_BYTES_LEN, 
		SM2_BYTES_LEN);

	FILE_LOG_FMT(file_log_name, "%s %d %d", __FUNCTION__, __LINE__, 1);

	FILE_LOG_HEX(file_log_name,thisClass->m_szPublicKeyEX,SM2_BYTES_LEN * 2);

err:
	if (hConSKF)
	{
		SKF_CloseContainer(hConSKF);
	}

	if (hAppSKF)
	{
		SKF_CloseApplication(hAppSKF);
	}

	if (hDevSKF)
	{
		SKF_DisConnectDev(hDevSKF);
	}

	return 0;
}
Esempio n. 4
0
DWORD WINAPI ThreadFuncSKFGenCSR(LPVOID aThisClass)
{
	CClassCommon * thisClass = (CClassCommon*)aThisClass;

	char szDevNameLists[BUFFER_LEN_1K] = {0};
	char szAppNameLists[BUFFER_LEN_1K] = {0};
	char szConNameLists[BUFFER_LEN_1K];

	ULONG ulDevNameLists = BUFFER_LEN_1K;
	ULONG ulAppNameLists = BUFFER_LEN_1K;
	ULONG ulConNameLists = BUFFER_LEN_1K;

	HANDLE hDevSKF = NULL;
	HANDLE hConSKF = NULL;
	HANDLE hAppSKF = NULL;

	unsigned long ulPublicKeyLen = 2 * SM2_BYTES_LEN + 1;
	unsigned char pbPublicKey[2 * SM2_BYTES_LEN + 1] = {0};
	unsigned char pbDigest[SM2_BYTES_LEN] = {0};
	unsigned int ulDigestLen = SM2_BYTES_LEN;

	unsigned char szX509content[BUFFER_LEN_1K * 4];
	unsigned long ulX509ContentLen = BUFFER_LEN_1K * 4;

	ECCSIGNATUREBLOB stSigBlob = {0};

	// 初始化
	thisClass->ulResult = OpenSSL_Initialize();

	if(thisClass->ulResult)
	{
		goto err;
	}
	
	thisClass->m_iCsrLen = BUFFER_LEN_1K * 4;

	thisClass->ulResult = OpenSSL_SM2GenCSRWithPubkey(
		&(thisClass->userInfo),
		thisClass->m_szPublicKeySIGN,SM2_BYTES_LEN,
		thisClass->m_szPublicKeySIGN+SM2_BYTES_LEN,SM2_BYTES_LEN,
		thisClass->m_szCsr, &(thisClass->m_iCsrLen)
		);

	FILE_LOG_FMT(file_log_name, "%s %d %d", __FUNCTION__, __LINE__, 2);
	FILE_LOG_HEX(file_log_name, thisClass->m_szCsr, thisClass->m_iCsrLen);

	// 签名证书请求
	thisClass->m_iSignedCsrLen = BUFFER_LEN_1K * 4;
	FILE_LOG_STRING(file_log_name, "8");

	// 枚举设备
	thisClass->ulResult = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);
	if(thisClass->ulResult)
	{
		goto err;
	}

	if(ulDevNameLists < 2)
	{
		thisClass->ulResult = OPE_ERR_NO_DEV;
		goto err;
	}
	// 打开设备
	thisClass->ulResult = SKF_ConnectDev(szDevNameLists,&hDevSKF);
	if(ulDevNameLists < 2)
	{
		goto err;
	}

	thisClass->ulResult = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);

	// 设备认证或者打开一个应用
	if (ulAppNameLists < 2)
	{
		thisClass->ulResult = FuncSKF_DevAuth(hDevSKF,&hAppSKF,(thisClass->m_szPIN),8);
	}
	else
	{
		thisClass->ulResult = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
	}

	// 验证密码
	thisClass->ulResult = SKF_VerifyPIN(hAppSKF, 1, (thisClass->m_szPIN),&(thisClass->m_ulRetry));
	if(thisClass->ulResult)
	{
		goto err;
	}

	// 枚举容器
	thisClass->ulResult = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);
	if(thisClass->ulResult)
	{
		goto err;
	}
	// 创建或打开容器
	if (ulConNameLists < 2)
	{
		thisClass->ulResult = SKF_CreateContainer(hAppSKF, DEFAULT_CONTAINER, &hConSKF);
	}
	else
	{
		thisClass->ulResult = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
	}

	if(thisClass->ulResult)
	{
		goto err;
	}

	memcpy(pbPublicKey, "\x04", 1);
	memcpy(pbPublicKey + 1 , thisClass->m_szPublicKeySIGN, SM2_BYTES_LEN * 2);


	thisClass->ulResult = OpenSSL_GetX509Content(thisClass->m_szCsr, thisClass->m_iCsrLen,
		X509_TYPE_CSR,
		szX509content,&ulX509ContentLen
		);

	if(thisClass->ulResult)
	{
		goto err;
	}

	thisClass->ulResult = tcm_get_message_hash(
		szX509content, ulX509ContentLen,
		(unsigned char *)"1234567812345678", 16,
		pbPublicKey, ulPublicKeyLen,pbDigest,&ulDigestLen);
	if(thisClass->ulResult)
	{
		goto err;
	}

	FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"pbPublicKey");
	FILE_LOG_HEX(file_log_name,pbPublicKey, SM2_BYTES_LEN * 2 + 1);

	FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"pbDigest");
	FILE_LOG_HEX(file_log_name,pbDigest, ulDigestLen);

	FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"m_szCsr");
	FILE_LOG_HEX(file_log_name,thisClass->m_szCsr, thisClass->m_iCsrLen);

	FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"szX509content");
	FILE_LOG_HEX(file_log_name,szX509content, ulX509ContentLen);

	thisClass->ulResult = SKF_ECCSignData(hConSKF,pbDigest,ulDigestLen,&stSigBlob);
	if(thisClass->ulResult)
	{
		goto err;
	}

	thisClass->ulResult = OpenSSL_SM2SetX509SignValue(
		thisClass->m_szCsr, thisClass->m_iCsrLen,
		X509_TYPE_CSR,
		stSigBlob.r + SM2_BYTES_LEN,SM2_BYTES_LEN,
		stSigBlob.s + SM2_BYTES_LEN,SM2_BYTES_LEN,
		thisClass->m_szSignedCsr, &(thisClass->m_iSignedCsrLen)
		);

	if(thisClass->ulResult)
	{
		goto err;
	}

	::FILE_LOG_FMT(file_log_name, "%s %d %s", __FUNCTION__, __LINE__,"RS");
	::FILE_LOG_HEX(file_log_name, stSigBlob.r + SM2_BYTES_LEN , SM2_BYTES_LEN);
	::FILE_LOG_HEX(file_log_name, stSigBlob.r + SM2_BYTES_LEN , SM2_BYTES_LEN);

err:
	if (hConSKF)
	{
		SKF_CloseContainer(hConSKF);
	}

	if (hAppSKF)
	{
		SKF_CloseApplication(hAppSKF);
	}

	if (hDevSKF)
	{
		SKF_DisConnectDev(hDevSKF);
	}

	OpenSSL_Finalize();

	return 0;
}
Esempio n. 5
0
DWORD WINAPI ThreadFuncSKFGenSM2KeyPair(LPVOID aThisClass)
{
	CClassCommon * thisClass = (CClassCommon*)aThisClass;

	char szDevNameLists[BUFFER_LEN_1K] = {0};
	char szAppNameLists[BUFFER_LEN_1K] = {0};
	char szConNameLists[BUFFER_LEN_1K];

	ULONG ulDevNameLists = BUFFER_LEN_1K;
	ULONG ulAppNameLists = BUFFER_LEN_1K;
	ULONG ulConNameLists = BUFFER_LEN_1K;
	
	HANDLE hDevSKF = NULL;
	HANDLE hConSKF = NULL;
	HANDLE hAppSKF = NULL;

	ECCPUBLICKEYBLOB pubkeyBlob = {0};
	// 枚举设备
	thisClass->ulResult = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);
	if(thisClass->ulResult)
	{
		goto err;
	}
	::FILE_LOG_STRING(file_log_name, "SKF_EnumDev");
	if(ulDevNameLists < 2)
	{
		thisClass->ulResult = OPE_ERR_NO_DEV;
		goto err;
	}
	// 打开设备
	thisClass->ulResult = SKF_ConnectDev(szDevNameLists,&hDevSKF);
	if(ulDevNameLists < 2)
	{
		goto err;
	}
	::FILE_LOG_STRING(file_log_name, "SKF_ConnectDev");
	thisClass->ulResult = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);

	if (ulAppNameLists < 2)
	{
		thisClass->ulResult = FuncSKF_DevAuth(hDevSKF,&hAppSKF,(thisClass->m_szPIN),8);
	}
	else
	{
		thisClass->ulResult = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
	}
	::FILE_LOG_STRING(file_log_name, "FuncSKF_DevAuth SKF_OpenApplication");
	thisClass->ulResult = SKF_VerifyPIN(hAppSKF, 1, (thisClass->m_szPIN),&(thisClass->m_ulRetry));
	if(thisClass->ulResult)
	{
		goto err;
	}
	::FILE_LOG_STRING(file_log_name, "SKF_VerifyPIN");
	thisClass->ulResult = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);
	if(thisClass->ulResult)
	{
		goto err;
	}
	::FILE_LOG_STRING(file_log_name, "SKF_EnumContainer");
	if (ulConNameLists < 2)
	{
		thisClass->ulResult = SKF_CreateContainer(hAppSKF, DEFAULT_CONTAINER, &hConSKF);
	}
	else
	{
		thisClass->ulResult = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
	}
	::FILE_LOG_STRING(file_log_name, "SKF_CreateContainer SKF_OpenContainer");
	if(thisClass->ulResult)
	{
		goto err;
	}
	// 生成签名公钥
	thisClass->ulResult = SKF_GenECCKeyPair(hConSKF, SGD_SM2_1,&pubkeyBlob);
	if(thisClass->ulResult)
	{
		goto err;
	}
	::FILE_LOG_STRING(file_log_name, "SKF_GenECCKeyPair");
	// 拷贝签名公钥
	memcpy(thisClass->m_szPublicKeySIGN, pubkeyBlob.XCoordinate + SM2_BYTES_LEN, SM2_BYTES_LEN);
	memcpy(thisClass->m_szPublicKeySIGN+SM2_BYTES_LEN, pubkeyBlob.YCoordinate + SM2_BYTES_LEN, SM2_BYTES_LEN);

err:
	if (hConSKF)
	{
		SKF_CloseContainer(hConSKF);
	}

	if (hAppSKF)
	{
		SKF_CloseApplication(hAppSKF);
	}

	if (hDevSKF)
	{
		SKF_DisConnectDev(hDevSKF);
	}

	return 0;
}