static uint8_t receiveMessage(struct Message* received, struct Interface* interface)
{
struct CryptoAuth_Wrapper* wrapper =
Identity_cast((struct CryptoAuth_Wrapper*) interface->receiverContext);
union Headers_CryptoAuth* header = (union Headers_CryptoAuth*) received->bytes;
if (received->length < (wrapper->authenticatePackets ? 20 : 4)) {
cryptoAuthDebug0(wrapper, "Dropped runt");
return Error_UNDERSIZE_MESSAGE;
}
Assert_true(received->padding >= 12 || "need at least 12 bytes of padding in incoming message");
#ifdef Log_DEBUG
Assert_true(!((uintptr_t)received->bytes % 4) || !"alignment fault");
#endif
Message_shift(received, -4);
uint32_t nonce = Endian_bigEndianToHost32(header->nonce);
if (wrapper->nextNonce < 5) {
if (nonce > 3 && nonce != UINT32_MAX && knowHerKey(wrapper)) {
cryptoAuthDebug(wrapper, "Trying final handshake step, nonce=%u\n", nonce);
uint8_t secret[32];
getSharedSecret(secret,
wrapper->secret,
wrapper->tempKey,
NULL,
wrapper->context->logger);
// We'll optimistically advance the nextNonce value because decryptMessage()
// passes the message on to the upper level and if this message causes a
// response, we want the CA to be in ESTABLISHED state.
// if the decryptMessage() call fails, we CryptoAuth_reset() it back.
wrapper->nextNonce += 3;
if (decryptMessage(wrapper, nonce, received, secret)) {
cryptoAuthDebug0(wrapper, "Final handshake step succeeded");
Bits_memcpyConst(wrapper->secret, secret, 32);
return callReceivedMessage(wrapper, received);
}
CryptoAuth_reset(&wrapper->externalInterface);
cryptoAuthDebug0(wrapper, "Final handshake step failed");
return Error_UNDELIVERABLE;
}
} else if (nonce > 4) {
if (decryptMessage(wrapper, nonce, received, wrapper->secret)) {
return callReceivedMessage(wrapper, received);
} else {
cryptoAuthDebug0(wrapper, "Failed to decrypt message");
return Error_UNDELIVERABLE;
}
} else {
cryptoAuthDebug0(wrapper, "Received handshake message during established connection");
}
Message_shift(received, 4);
return decryptHandshake(wrapper, nonce, received, header);
}
jstring __MIX_PREFIX_FUNC_PASTE(MIX_PREFIX_UPAPI_FUNC,decryptMessage(JNIEnv* env, jobject javaThis, jstring str_msg_in, jstring str_encryt_alg, jstring str_cert_id))
{
char * szData = malloc(MAX_BUFFER_LEN);
memset(szData, 0, MAX_BUFFER_LEN);
if(!str_msg_in || !str_encryt_alg || !str_cert_id)
{
setLastErrInfo(EStateErrorInvalidArg);
return NULL;
}
decryptMessage(szData,
(* env)->GetStringUTFChars(env, str_msg_in, 0),
(* env)->GetStringUTFChars(env, str_encryt_alg, 0),
atoi((* env)->GetStringUTFChars(env, str_cert_id, 0))
);
jstring strRet = (*env)->NewStringUTF(env, szData);
free(szData);
return strRet;
}
static uint8_t receiveMessage(struct Message* received, struct Interface* interface)
{
struct CryptoAuth_Wrapper* wrapper = (struct CryptoAuth_Wrapper*) interface->receiverContext;
union Headers_CryptoAuth* header = (union Headers_CryptoAuth*) received->bytes;
if (received->length < (wrapper->authenticatePackets ? 20 : 4)) {
Log_debug(wrapper->context->logger, "Dropped runt");
return Error_UNDERSIZE_MESSAGE;
}
Assert_true(received->padding >= 12 || "need at least 12 bytes of padding in incoming message");
#ifdef Log_DEBUG
Assert_true(!((uintptr_t)received->bytes % 4) || !"alignment fault");
#endif
Message_shift(received, -4);
uint32_t nonce = Endian_bigEndianToHost32(header->nonce);
if (wrapper->nextNonce < 5) {
if (nonce > 3 && nonce != UINT32_MAX && knowHerKey(wrapper)) {
Log_debug(wrapper->context->logger,
"@%p Trying final handshake step, nonce=%u\n", (void*) wrapper, nonce);
uint8_t secret[32];
getSharedSecret(secret,
wrapper->secret,
wrapper->tempKey,
NULL,
wrapper->context->logger);
if (decryptMessage(wrapper, nonce, received, secret)) {
Log_debug(wrapper->context->logger, "Final handshake step succeeded.\n");
wrapper->nextNonce += 3;
Bits_memcpyConst(wrapper->secret, secret, 32);
return Error_NONE;
}
CryptoAuth_reset(&wrapper->externalInterface);
Log_debug(wrapper->context->logger, "Final handshake step failed.\n");
}
} else if (nonce > 2 && decryptMessage(wrapper, nonce, received, wrapper->secret)) {
// If decryptMessage returns false then we will try the packet as a handshake.
return Error_NONE;
} else {
Log_debug(wrapper->context->logger, "Decryption failed, trying message as a handshake.\n");
}
Message_shift(received, 4);
return decryptHandshake(wrapper, nonce, received, header);
}
void generate_session_key(unsigned char* oldSap, unsigned char* messageIn, unsigned char* sessionKey)
{
unsigned char decryptedMessage[128];
unsigned char newSap[320];
unsigned char Q[210];
int i;
int round;
unsigned char md5[16];
unsigned char otherHash[16];
decryptMessage(messageIn, decryptedMessage);
// Now that we have the decrypted message, we can combine it with our initial sap to form the 5 blocks needed to generate the 5 words which, when added together, give
// the session key.
memcpy(&newSap[0x000], static_source_1, 0x11);
memcpy(&newSap[0x011], decryptedMessage, 0x80);
memcpy(&newSap[0x091], &oldSap[0x80], 0x80);
memcpy(&newSap[0x111], static_source_2, 0x2f);
memcpy(sessionKey, initial_session_key, 16);
for (round = 0; round < 5; round++)
{
unsigned char* base = &newSap[round * 64];
print_block("Input block: ", &base[0]);
print_block("Input block: ", &base[0x10]);
print_block("Input block: ", &base[0x20]);
print_block("Input block: ", &base[0x30]);
modified_md5(base, sessionKey, md5);
printf("MD5 OK\n");
sap_hash(base, sessionKey);
printf("OtherHash OK\n");
printf("MD5 = ");
for (i = 0; i < 4; i++)
printf("%08x ", ((uint32_t*)md5)[i]);
printf("\nOtherHash = ");
for (i = 0; i < 4; i++)
printf("%08x ", ((uint32_t*)sessionKey)[i]);
printf("\n");
uint32_t* sessionKeyWords = (uint32_t*)sessionKey;
uint32_t* md5Words = (uint32_t*)md5;
for (i = 0; i < 4; i++)
{
sessionKeyWords[i] = (sessionKeyWords[i] + md5Words[i]) & 0xffffffff;
}
printf("Current key: ");
for (i = 0; i < 16; i++)
printf("%02x", sessionKey[i]);
printf("\n");
}
for (i = 0; i < 16; i+=4)
{
swap_bytes(&sessionKey[i], &sessionKey[i+3]);
swap_bytes(&sessionKey[i+1], &sessionKey[i+2]);
}
// Finally the whole thing is XORd with 121:
for (i = 0; i < 16; i++)
sessionKey[i] ^= 121;
print_block("Session key computed as: ", sessionKey);
}
static uint8_t receiveMessage(struct Message* received, struct Interface* interface)
{
struct CryptoAuth_Wrapper* wrapper =
Identity_check((struct CryptoAuth_Wrapper*) interface->receiverContext);
union Headers_CryptoAuth* header = (union Headers_CryptoAuth*) received->bytes;
if (received->length < 20) {
cryptoAuthDebug0(wrapper, "DROP runt");
return Error_UNDERSIZE_MESSAGE;
}
Assert_true(received->padding >= 12 || "need at least 12 bytes of padding in incoming message");
Assert_true(!((uintptr_t)received->bytes % 4) || !"alignment fault");
Message_shift(received, -4, NULL);
uint32_t nonce = Endian_bigEndianToHost32(header->nonce);
if (!wrapper->established) {
if (nonce > 3 && nonce != UINT32_MAX) {
if (wrapper->nextNonce < 3) {
// This is impossible because we have not exchanged hello and key messages.
cryptoAuthDebug0(wrapper, "DROP Received a run message to an un-setup session");
return Error_UNDELIVERABLE;
}
cryptoAuthDebug(wrapper, "Trying final handshake step, nonce=%u\n", nonce);
uint8_t secret[32];
Assert_ifParanoid(!Bits_isZero(wrapper->ourTempPrivKey, 32));
Assert_ifParanoid(!Bits_isZero(wrapper->herTempPubKey, 32));
getSharedSecret(secret,
wrapper->ourTempPrivKey,
wrapper->herTempPubKey,
NULL,
wrapper->context->logger);
// We'll optimistically advance the nextNonce value because decryptMessage()
// passes the message on to the upper level and if this message causes a
// response, we want the CA to be in ESTABLISHED state.
// if the decryptMessage() call fails, we CryptoAuth_reset() it back.
wrapper->nextNonce += 3;
if (decryptMessage(wrapper, nonce, received, secret)) {
cryptoAuthDebug0(wrapper, "Final handshake step succeeded");
Bits_memcpyConst(wrapper->sharedSecret, secret, 32);
// Now we're in run mode, no more handshake packets will be accepted
Bits_memset(wrapper->ourTempPrivKey, 0, 32);
Bits_memset(wrapper->ourTempPubKey, 0, 32);
Bits_memset(wrapper->herTempPubKey, 0, 32);
wrapper->established = true;
return callReceivedMessage(wrapper, received);
}
CryptoAuth_reset(&wrapper->externalInterface);
cryptoAuthDebug0(wrapper, "DROP Final handshake step failed");
return Error_UNDELIVERABLE;
}
Message_shift(received, 4, NULL);
return decryptHandshake(wrapper, nonce, received, header);
} else if (nonce > 3 && nonce != UINT32_MAX) {
Assert_ifParanoid(!Bits_isZero(wrapper->sharedSecret, 32));
if (decryptMessage(wrapper, nonce, received, wrapper->sharedSecret)) {
return callReceivedMessage(wrapper, received);
} else {
cryptoAuthDebug0(wrapper, "DROP Failed to decrypt message");
return Error_UNDELIVERABLE;
}
} else if (nonce < 2) {
cryptoAuthDebug(wrapper, "hello packet during established session nonce=[%d]", nonce);
Message_shift(received, 4, NULL);
return decryptHandshake(wrapper, nonce, received, header);
} else {
// setup keys are already zeroed, not much we can do here.
cryptoAuthDebug(wrapper, "DROP key packet during established session nonce=[%d]", nonce);
return Error_UNDELIVERABLE;
}
Assert_true(0);
}
/** @return 0 on success, -1 otherwise. */
int CryptoAuth_decrypt(struct CryptoAuth_Session* sessionPub, struct Message* msg)
{
struct CryptoAuth_Session_pvt* session =
Identity_check((struct CryptoAuth_Session_pvt*) sessionPub);
union CryptoHeader* header = (union CryptoHeader*) msg->bytes;
if (msg->length < 20) {
cryptoAuthDebug0(session, "DROP runt");
return -1;
}
Assert_true(msg->padding >= 12 || "need at least 12 bytes of padding in incoming message");
Assert_true(!((uintptr_t)msg->bytes % 4) || !"alignment fault");
Assert_true(!(msg->capacity % 4) || !"length fault");
Message_shift(msg, -4, NULL);
uint32_t nonce = Endian_bigEndianToHost32(header->nonce);
if (!session->established) {
if (nonce > 3) {
if (session->nextNonce < 3) {
// This is impossible because we have not exchanged hello and key messages.
cryptoAuthDebug0(session, "DROP Received a run message to an un-setup session");
return -1;
}
cryptoAuthDebug(session, "Trying final handshake step, nonce=%u\n", nonce);
uint8_t secret[32];
Assert_ifParanoid(!Bits_isZero(session->ourTempPrivKey, 32));
Assert_ifParanoid(!Bits_isZero(session->herTempPubKey, 32));
getSharedSecret(secret,
session->ourTempPrivKey,
session->herTempPubKey,
NULL,
session->context->logger);
if (decryptMessage(session, nonce, msg, secret)) {
cryptoAuthDebug0(session, "Final handshake step succeeded");
Bits_memcpyConst(session->sharedSecret, secret, 32);
// Now we're in run mode, no more handshake packets will be accepted
Bits_memset(session->ourTempPrivKey, 0, 32);
Bits_memset(session->ourTempPubKey, 0, 32);
Bits_memset(session->herTempPubKey, 0, 32);
session->established = true;
session->nextNonce += 3;
updateTime(session, msg);
return 0;
}
cryptoAuthDebug0(session, "DROP Final handshake step failed");
return -1;
}
Message_shift(msg, 4, NULL);
return decryptHandshake(session, nonce, msg, header);
} else if (nonce > 3) {
Assert_ifParanoid(!Bits_isZero(session->sharedSecret, 32));
if (decryptMessage(session, nonce, msg, session->sharedSecret)) {
updateTime(session, msg);
return 0;
} else {
cryptoAuthDebug0(session, "DROP Failed to decrypt message");
return -1;
}
} else if (nonce < 2) {
cryptoAuthDebug(session, "hello packet during established session nonce=[%d]", nonce);
Message_shift(msg, 4, NULL);
return decryptHandshake(session, nonce, msg, header);
} else {
// setup keys are already zeroed, not much we can do here.
cryptoAuthDebug(session, "DROP key packet during established session nonce=[%d]", nonce);
return -1;
}
Assert_true(0);
}
bool WindowsGSSAPIClientAuthenticator::setChallenge(const boost::optional<ByteArray>& challengeData) {
/* Following http://tools.ietf.org/html/rfc4752, https://msdn.microsoft.com/en-us/library/windows/desktop/aa380496%28v=vs.85%29.aspx */
if (step_ == BuildingSecurityContext) {
buildSecurityContext(challengeData);
}
else if (step_ == SecurityLayerNegotiation) {
if (!challengeData) {
SWIFT_LOG(debug) << "Empty message received from the server" << std::endl;
error_ = true;
return false;
}
SafeByteArray challenge;
errorCode_ = decryptMessage(&contextHandle_, challengeData.get(), challenge);
if (isError()) {
return false;
}
if (challenge.size() != 4) {
SWIFT_LOG(debug) << "Token received from the server of incorrect length: " << challenge.size() << std::endl;
error_ = true;
return false;
}
unsigned char* challengePointer = vecptr(challenge);
unsigned char serverSecurityLayer = challengePointer[0];
if (serverSecurityLayer == 0) {
SWIFT_LOG(debug) << "Server supports unknown security layer, assuming no security layer" << std::endl;
serverSecurityLayer = SECURITY_LAYER_NONE;
}
else if (serverSecurityLayer == SECURITY_LAYER_NONE) {
SWIFT_LOG(debug) << "Server supports no security layer" << std::endl;
}
else {
SWIFT_LOG(debug) << "Server supports security layer" << std::endl;
}
unsigned int serverMaximumBuffer = (challengePointer[1] << 16) |
(challengePointer[2] << 8) |
(challengePointer[3] << 0);
if ((serverSecurityLayer == SECURITY_LAYER_NONE) && (serverMaximumBuffer != 0)) {
SWIFT_LOG(debug) << "Server supports no security layer but has maximum buffer size" << serverMaximumBuffer << std::endl;
error_ = true;
return false;
}
SafeByteArray message(4);
/* Commenting this out as streamSizes was not obtained before
if (message.size() > streamSizes_.cbMaximumMessage) {
error_ = true;
return false;
} */
unsigned char* messagePointer = vecptr(message);
messagePointer[0] = SECURITY_LAYER_NONE;
/* The next 3 bytes indicate the client's maximum size buffer which is set to 0 as we do not support a security layer */
messagePointer[1] = 0;
messagePointer[2] = 0;
messagePointer[3] = 0;
/* The authorization identity is omitted as it is the same as the authentication identity */
errorCode_ = encryptMessage(&contextHandle_, sizes_, message, response_);
if (isError()) {
return false;
}
step_ = ServerAuthenticated;
}
if (isError()) {
return false;
}
return true;
}
int main()
{
int ulRet = 0;
char data_value[2048] = {0};
int data_len = 2048;
char szDBPath [1024] = {0};
int i = 0;
int j = 0;
unsigned char dataKey[16];
unsigned char keyIV[10];
unsigned char input[48] ;
unsigned char output[33];
unsigned char output1[33];
unsigned int outputlen = 1024, outputlen1 = 1024;
int keyPairCnt = 0;
//for (i = 0; i < 16;i++)
//{
// dataKey[i] = i;
//}
//for (i = 0; i < 10;i++)
//{
// keyIV[i] = i;
//}
//funcddd((unsigned char *)"MHgCIGujeBGA0OXGoh1WYU7LKorsgKoiHqDQMn4ih1elxxDuAiB89t9D1kA4y95TThSBSjdZTMyToc1JBMMbj+r+yi9u6AQgIuMHlcX/N7mKvOfvU6jcYEeO9E+CM34VVQSQd7T1+MMEEIBRaH9mAh7qTuOPDVIrY14=",strlen("MHgCIGujeBGA0OXGoh1WYU7LKorsgKoiHqDQMn4ih1elxxDuAiB89t9D1kA4y95TThSBSjdZTMyToc1JBMMbj+r+yi9u6AQgIuMHlcX/N7mKvOfvU6jcYEeO9E+CM34VVQSQd7T1+MMEEIBRaH9mAh7qTuOPDVIrY14="));
//funcddd(0,1);
strcpy((char *)input, "work hard");
//cryptoWithSeckey(dataKey,sizeof(dataKey),
// keyIV,sizeof(keyIV),
// 0x00001082,0,
// input,48,
// output,&outputlen);
//outputlen = 1024;
//cryptoWithSeckey(dataKey,sizeof(dataKey),
// keyIV,sizeof(keyIV),
// 0x00001082,1,
// output,48,
// output1,&outputlen1);
setLicense("1","1");
setSystemDBDir("d:/nss_db");
for(i; i < 1000000; i++)
{
sprintf(szDBPath, "%s%d/", "d:/nss_db/", i);
if( _mkdir(szDBPath) == 0 )
{
if (0 == i % 1)
{
printf("mkdir %s OK\n", szDBPath);
}
}
else
{
printf("mkdir %s ERR\n", szDBPath);
}
setSystemDBDir(szDBPath);
ulRet = verifyPIN("","12345678", 0);
//{
// int certCnt;
// char nickname[255] = {0};
// char buffer[1024*4];
// ulRet = filterCert(&certCnt,"","","",0,0);
// getCertNickName(nickname, 0);
// ulRet = filterCert(&certCnt,"","","",0,0);
// ulRet = encryptMessage(buffer, "abc","SM3",1);
// ulRet = decryptMessage(buffer, buffer,"SM3",1);
// ulRet = signMessage(buffer, "abc",0,"SM3",0);
// ulRet = verifyMessage("abc",buffer,0,"SM3",0);
// certCnt = 1;
//}
//ulRet = InitPIN("0Mozilla", "0Mozilla");
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = InitPIN("0Mozilla", "0Mozilla");
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
//ulRet = verifyPIN("","0Mozilla1", 0);
if (0 == ulRet)
{
}
else if (3 != ulRet)
{
printf("%s err\n", "verifyPIN");
break;
}
else
{
#if defined(PKCS11_USE_SO_PIN)
ulRet = SetPIN("","12345678",0);
if (ulRet)
{
printf("%s err\n", "SetPIN");
break;
}
ulRet = InitPIN("12345678", "12345678");
if (ulRet)
{
printf("%s err\n", "InitPIN");
break;
}
#else
ulRet = changePIN("", "", "0Mozilla");
if (ulRet)
{
printf("%s err\n", "InitPIN");
break;
}
#endif
}
for( j = 0; j < 1; j++)
{
// 0
ulRet = verifyPIN("","12345678", 0);
if (ulRet)
{
printf("%s err\n", "verifyPIN");
break;
}
//test_process("0Mozilla", 1);
{
char * tt = "MIIB0zCCAXigAwIBAgICNTUwCgYIKoEcz1UBg3UwEzERMA8GA1UEAx4Ilj9lr4SCgqwwHhcNMTYwNjIwMTA0NzE0WhcNMTYwNzEwMTA0NzE0WjBSMQ4wDAYDVQQKEwV0cnVzdDEOMAwGA1UECxMFdHJ1c3QxHzAdBgkqhkiG9w0BCQEWEDI0NDU0MDQ5OUBxcS5jb20xDzANBgNVBAMMBsDux7/HvzBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABKfvhpW55Z/E4DIA+sUof7EeVUkZJuI5DDSrdG4Zf7LaCDEzBb8CJ0Gvlls0OxkoPGIS4ECKMrBpodjjcX7HWyijfTB7MA8GA1UdEwEB/wQFMAMCAQEwHQYDVR0OBBYEFJ0dh7sd1NP3L0/mVZLC1687ww6tMDwGA1UdIwQ1MDOAFPWFFozl/60F0a0Vw5b/98Fz4bTToRekFTATMREwDwYDVQQDHgiWP2WvhIKCrIICRkYwCwYDVR0PBAQDAgbAMAoGCCqBHM9VAYN1A0kAMEYCIQCmJIXfnVUYW2WdP1SwZeeUAVXDnORKoppe1dBudKTaOAIhAIbeAZ+ndEPRAr6hQDhjYIAz4gnFPM28DOP/gxUTPgk0";
int certCnt;
char nickname[255] = {0};
char * filepw = "12345678";
char * filename = "sm2.pfx";
char buffer[1024*4];
char pfxBuffer[1024*4];
int pfxBufferLen = 1024*4;
FILE_READ("","SN-100000100000004.pfx",pfxBuffer,&pfxBufferLen);
//importCert(0,tt);
//ulRet = filterCert(&certCnt,"","","",0,0);
ulRet = filterCert(&certCnt,"","","",0,0);
getCertNickName(nickname, 0);
//ulRet = FilePfxExport_main(pfxBuffer,&pfxBufferLen,filepw,nickname,NULL);
//FILE_WRITE("","ppk.pfx",pfxBuffer,pfxBufferLen);
ulRet = FilePfxImport_main(pfxBuffer, pfxBufferLen,filepw,nickname,NULL);
ulRet = filterCert(&certCnt,"","","",0,0);
ulRet = encryptMessage(buffer, "abc","SM3",1);
ulRet = decryptMessage(buffer, buffer,"SM3",1);
ulRet = signMessage(buffer, "abc",0,"SM3",0);
ulRet = verifyMessage("abc",buffer,0,"SM3",0);
certCnt = 1;
}
return 0;
ulRet = genCSR( data_value, "", "李强强", "*****@*****.**", "trust", "trust", 256, "SM2");
if (ulRet)
{
printf("%s err\n", "genCSR");
break;
}
#if defined(PKCS11_USE_SO_PIN)
// 1
ulRet = SetPIN("0Mozilla",szDBPath,0);
if (ulRet)
{
printf("%s err\n", "SetPIN");
break;
}
ulRet = verifyPIN("","0Mozilla", 0);
if (ulRet)
{
printf("%s err\n", "verifyPIN");
break;
}
ulRet = genCSR( data_value, "", "李强强", "*****@*****.**", "trust", "trust", 2048, "RSA");
if (ulRet)
{
printf("%s err\n", "genCSR");
break;
}
//2
ulRet = SetPIN("0Mozilla",szDBPath,1);
if (ulRet)
{
printf("%s err\n", "SetPIN");
break;
}
ulRet = verifyPIN("",szDBPath, 0);
if (ulRet)
{
printf("%s err\n", "verifyPIN");
break;
}
ulRet = genCSR( data_value, "", "李强强", "*****@*****.**", "trust", "trust", 256, "SM2");
if (ulRet)
{
printf("%s err\n", "genCSR");
break;
}
//3
ulRet = SetPIN(szDBPath, "0Mozilla",0);
if (ulRet)
{
printf("%s err\n", "SetPIN");
break;
}
ulRet = verifyPIN("",szDBPath, 0);
if (ulRet)
{
printf("%s err\n", "verifyPIN");
break;
}
ulRet = genCSR( data_value, "", "李强强", "*****@*****.**", "trust", "trust", 256, "SM2");
if (ulRet)
{
printf("%s err\n", "genCSR");
break;
}
//4
ulRet = InitPIN("0Mozilla","0Mozilla");
if (ulRet)
{
printf("%s err\n", "InitPIN");
break;
}
ulRet = verifyPIN("","0Mozilla", 0);
if (ulRet)
{
printf("%s err\n", "verifyPIN");
break;
}
ulRet = genCSR( data_value, "", "李强强", "*****@*****.**", "trust", "trust", 256, "SM2");
if (ulRet)
{
printf("%s err\n", "genCSR");
break;
}
#else
ulRet = SetPIN("0Mozilla","test",1);
if (ulRet)
{
printf("%s err\n", "SetPIN");
break;
}
ulRet = verifyPIN("","test", 0);
if (ulRet)
{
printf("%s err\n", "verifyPIN");
break;
}
ulRet = genCSR( data_value, "", "李强强", "*****@*****.**", "trust", "trust", 256, "SM2");
if (ulRet)
{
printf("%s err\n", "genCSR");
break;
}
ulRet = changePIN("", "test","0Mozilla");
if (ulRet)
{
printf("%s err\n", "SetPIN");
break;
}
ulRet = verifyPIN("","0Mozilla", 0);
if (ulRet)
{
printf("%s err\n", "verifyPIN");
break;
}
ulRet = genCSR( data_value, "", "李强强", "*****@*****.**", "trust", "trust", 256, "SM2");
if (ulRet)
{
printf("%s err\n", "genCSR");
break;
}
#endif
printf("current j = %d\n" , j);
}
//ulRet = genCSR( data_value, "", "李强强", "*****@*****.**", "trust", "trust", 256, "SM2");
//ulRet = enumKeyPair(&keyPairCnt);
//{
// char * digital = "MHgCIF1PHwjtpIM8tOnxvBwVXVt6xJoyAgBZqb7H4wE0SN9RAiDsiL8W8TLVmslY57rUC50tGQbq3uHIMVBy6++MrWyo0AQg/UR08eazuJPhNDfIkN3g5O18iqj1J6ekoA9pdekv0/wEEKOO0iOf0QpP7lTgnVtV0/o=";
// char * iv = "hqF+O1JTu1xnOHKZsrpMmA==";
// char * key = "nGameazgInZiRHBycWzXfkH3FtzSM8FVDTn4MVRjAh+TikzDtd1K4FkPzghs58zh";
// importDEPrivateKey(0,digital,0x00001082,iv,key);
//}
{
//char * tt = "MIICAjCCAaigAwIBAgIBATAKBggqgRzPVQGDdTArMQ0wCwYDVQQDEwRyb290MRowGAYJKoZIhvcNAQkBFgtyb290QGNhLmNvbTAeFw0xNTExMTMwNjEyMDJaFw0xNjAxMDcwNjEyMDJaMFIxDjAMBgNVBAoTBXRydXN0MQ4wDAYDVQQLEwV0cnVzdDEfMB0GCSqGSIb3DQEJARYQMjQ0NTQwNDk5QHFxLmNvbTEPMA0GA1UEAwwGwO7Hv8e/MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEzx3tRmgaUr0d0Q9NcoZQ26Srn/g3TyooA20MSiDRKgOm9HnYp4bkYbvOQki25vz5hdUV+KAR/BrLgW8474zIeqOBlTCBkjAPBgNVHRMBAf8EBTADAgEBMB0GA1UdDgQWBBSe2mE9d+LGYPimZ7Dstz5LgW6i/DBTBgNVHSMETDBKgBRT9Im/OTjF4gLZpb1RTRwYg9RhVaEvpC0wKzENMAsGA1UEAxMEcm9vdDEaMBgGCSqGSIb3DQEJARYLcm9vdEBjYS5jb22CAQEwCwYDVR0PBAQDAgbAMAoGCCqBHM9VAYN1A0gAMEUCIEaMK0VHMuWoUQZsYF8I8/J0CUEIA8zlHmLoFY5e6MFlAiEAotRlzDuUDk/b0mqjEBTagZMJxbuUToHgvFbKnAht6Xc=";
//int certCnt;
//char buffer[10000];
//importCert(0,tt);
//ulRet = filterCert(&certCnt,"","","",0,0);
//ulRet = signMessage(buffer, "abc",0,"SM3",1);
//ulRet = verifyMessage("abc",buffer,0,"SM3",1);
//certCnt = 1;
}
{
//unsigned char datakey[32] = {0xC2,0x17,0x51,0x1E,0x23,0x5A,0x2A,0xCE,0x72,0x15,0xCF,0x7F,0xE6,0x26,0x7D,0xD1,0xBB,0x1C,0x57,0x21,0x4A,0xC9,0x8A,0xFF,0x34,0x68,0x02,0xEC,0x28,0x68,0xDC,0xF3};
//ulRet = importSM2PrivateKey(datakey, 32);
}
if (0 == i%1)
{
unsigned char in_value[32] = {0};
unsigned int in_len = 32;
unsigned int out_len = 256;
unsigned char out_value[256] = {0};
int certID = 0;
char nickname[100] = {0};
memcpy(in_value,"112233445566", 12);
ulRet = enumKeyPair(&keyPairCnt);
if (ulRet)
{
printf("%s err\n", "enumKeyPair");
break;
}
ulRet = cryptoWithKeyPairID(0,0,in_value, in_len,out_value,&out_len);
if (ulRet)
{
printf("%s err\n", "cryptoWithKeyPairID");
break;
}
memset(in_value, 0, in_len);
in_len *= 2;
ulRet = cryptoWithKeyPairID(0,1,out_value, out_len,in_value,&in_len);
if (ulRet)
{
printf("%s err\n", "cryptoWithKeyPairID");
break;
}
ulRet = sgnvfyMsgWithKeyPairID(0,0,320, in_value, in_len,out_value,&out_len);
if (ulRet)
{
printf("%s err\n", "sgnvfyMsgWithKeyPairID");
break;
}
ulRet = sgnvfyMsgWithKeyPairID(0,1,320,in_value, in_len,out_value,&out_len);
FILE_LOG_HEX("cc.txt",out_value,(unsigned long)out_len);
if (ulRet)
{
printf("%s err\n", "sgnvfyMsgWithKeyPairID");
break;
}
printf("%s %d\n", "enumKeyPair", keyPairCnt);
}
}
printf("number %d is ok\n",i);
printf("input any key to close\n",i);
getchar();
return 0;
}