Exemplo n.º 1
0
BOOL CAuthTest::Test_DevAuth()
{
    SHOW_PROCESS("DevAuth");

    if (NULL == g_hDev)
    {
        printf("Please connect first!\n");
        return FALSE;
    }

    BYTE random[16] = {0};

    ULONG ulReval = SKF_GenRandom(g_hDev, random, 8);
    SHOW_ERROR_EX("GenRandom", ulReval);
    if (SAR_OK != ulReval)
        return FALSE;

    DEVINFO devInfo;
    ulReval = SKF_GetDevInfo(g_hDev, &devInfo);
    SHOW_ERROR_EX("GetDevInfo", ulReval);
    if (SAR_OK != ulReval)
        return FALSE;

    BYTE devKey[16] = {0};
    memcpy(devKey, (BYTE*)"1234567812345678", 16);
    ulReval = SKF_SetSymmKey(g_hDev, devKey, devInfo.DevAuthAlgId, &m_hSessionKey);
    SHOW_ERROR_EX("SetSymmKey", ulReval);
    if (SAR_OK != ulReval)
        return FALSE;

    BLOCKCIPHERPARAM param = {0};
    ulReval = SKF_EncryptInit(m_hSessionKey, param);
    SHOW_ERROR_EX("EncryptInit", ulReval);
    if (SAR_OK != ulReval)
        return FALSE;

    BYTE devkeyenc[16] = {0};
    DWORD dwResultLen = 16;
    ulReval = SKF_Encrypt(m_hSessionKey, random, 16, devkeyenc, &dwResultLen);
    SHOW_ERROR_EX("Encrypt", ulReval);
    if (SAR_OK != ulReval)
        return FALSE;

    ulReval = SKF_DevAuth(g_hDev, devkeyenc, 16);
    SHOW_ERROR(ulReval);

    return (SAR_OK == ulReval);
}
Exemplo n.º 2
0
TEST(SKF_ACCESS_CONTROL,SKF_DEVAUTH_Test)
{
    ULONG result;

    /*BYTE pbRandom[32] = {0};
    SKF_GenRandom skf_genRandom = SKF_GenRandom(GetProcAddress(hmodule,"SKF_GenRandom"));
    result = skf_genRandom(*devHandle,pbRandom,8);
    EXPECT_EQ(0,(int)result);*/

    SKF_ConnectDev skf_connetDev = SKF_ConnectDev(GetProcAddress(hmodule,"SKF_ConnectDev"));
    devHandle = new DEVHANDLE();
    result = skf_connetDev(devName,devHandle);
    EXPECT_EQ(0,(int)result);

    BYTE* pbRandom =(BYTE*) malloc(sizeof(BYTE)*32);
    SKF_GenRandom skf_genRandom = SKF_GenRandom(GetProcAddress(hmodule,"SKF_GenRandom"));
    result = skf_genRandom(*devHandle,pbRandom,8);
    EXPECT_EQ(0,(int)result);

    HANDLE hKey = NULL;
    char *dev_auth_key = "1234567812345678";
    SKF_SetSymmKey skf_setSymmKey = SKF_SetSymmKey(GetProcAddress(hmodule,"SKF_SetSymmKey"));
    result = skf_setSymmKey(*devHandle,(unsigned char*)dev_auth_key,0x00000401,&hKey);
    EXPECT_EQ(0,(int)result);

    SKF_EncryptInit skf_encryptInit = SKF_EncryptInit(GetProcAddress(hmodule,"SKF_EncryptInit"));
    BLOCKCIPHERPARAM bp = {0};
    result = skf_encryptInit(hKey, bp);
    EXPECT_EQ(0,(int)result);

    SKF_Encrypt skf_encrypt = SKF_Encrypt(GetProcAddress(hmodule,"SKF_Encrypt"));
    BYTE szEncryptedData[256] = {0};
    ULONG ulEncryptedDataLen = 256;
    result = skf_encrypt(hKey, pbRandom, 16, szEncryptedData, &ulEncryptedDataLen);
    EXPECT_EQ(0,(int)result);

    SKF_DevAuth skf_devAuth = SKF_DevAuth(GetProcAddress(hmodule,"SKF_DevAuth"));
    result = skf_devAuth(*devHandle,szEncryptedData,ulEncryptedDataLen);
    EXPECT_EQ(0,(int)result);
}
Exemplo n.º 3
0
int main(int argc, char * argv[])
{
	unsigned long ulRet = 0;
	unsigned long ulRetry = 0;
	unsigned long len = 0;
	OPST_DEV szDevValue[MAX_DEV_NUM] = {0};
	unsigned long ulDevCount = MAX_DEV_NUM;
	unsigned long pw_usb_len = 8;
	unsigned char pw_usb_value[] = "88888888";
	OPT_HDEVICE		hDevice = NULL;
	OPT_HCONTAINER  hContainer = NULL;
	unsigned char ContainerTest[] = "testContainer";
	OPST_CONTAINER szConValue[10];
	unsigned long ulConCount = 10;
	unsigned long ulConType = OPE_CON_TYPE_ENCYPT;
	unsigned long timeStart = 0;
	unsigned long timeEnd	= 365 * 10;
	unsigned char * data_value = NULL; 
	unsigned long data_len = 1024 * 20;
	unsigned char * data_value_csr = NULL; 
	unsigned long data_len_csr = 1024 * 20;
	unsigned char * data_value_cert = NULL; 
	unsigned long data_len_cert = 1024 * 20;
	unsigned long prv_data_len = 32;
	unsigned long x_data_len = 32;
	unsigned long y_data_len = 32;
	unsigned char * data_value_ca = NULL; 
	unsigned long data_len_ca = 1024 * 20;
	unsigned long ulUserID[4] = {0};

	unsigned long data_len_crl = 1024 * 2;
	unsigned char data_value_crl[2048]; 

	data_value = (unsigned char *)malloc(data_len);
	data_value_cert = (unsigned char *)malloc(data_len_cert);
	data_value_csr = (unsigned char *)malloc(data_len_csr);
	data_value_ca = (unsigned char *)malloc(data_len_ca);

	unsigned char prv_data_value[] = {
		0x61 , 0x56 , 0xb0 , 0xf6 , 0x27 , 0x57 , 0x26 , 0xdc , 
		0x21 , 0xae , 0x6c , 0x68 , 0xbc , 0x49 , 0x82 , 0xe6 , 
		0x67 , 0x51 , 0x6c , 0xe9 , 0xfd , 0x59 , 0x0d , 0x58 , 
		0xdd , 0x54 , 0x32 , 0xb7 , 0x88 , 0x6a , 0x23 , 0x70};

	unsigned char x_data_value[] = {
		0x91 , 0x1b , 0x13 , 0x80 , 0x41 , 0xbe , 0x68 , 0x6f , 
		0xa9 , 0x52 , 0xd6 , 0xb4 , 0x2d , 0x93 , 0xcc , 0x10 , 
		0x14 , 0xe7 , 0xd5 , 0x0c , 0x05 , 0x22 , 0xfb , 0x8a , 
		0xdb , 0x98 , 0xd2 , 0x3b , 0x3a , 0xf6 , 0x45 , 0x23};

	unsigned char y_data_value[] = {
		0x40 , 0xaf , 0xbb , 0xd1 , 0x85 , 0xea , 0x29 , 0x3c , 
		0x58 , 0x54 , 0xb6 , 0xe6 , 0x9e , 0x05 , 0x0e , 0xc7 , 
		0xbb , 0xea , 0x6b , 0xda , 0xb9 , 0x8c , 0xee , 0x6e , 
		0x4d , 0x85 , 0xa5 , 0x71 , 0x81 , 0x79 , 0xf8 , 0xb1};

	OPST_USERINFO userInfo = {0};

	wchar_t* countryName = L"中国";
	wchar_t* stateOrProvinceName = L"北京";
	wchar_t* localityName = L"北京";
	wchar_t* organizationName = L"赢达信";
	wchar_t* organizationalUnitName = L"赢达信";
	wchar_t* commonName = L"李强强";
	wchar_t* emailAddress = L"*****@*****.**";
	wchar_t* challengePassword = L"123";
	wchar_t* unstructuredName = L"测试";
	HANDLE hHandlePCI = 0, hHandleSession = 0;

	char * str_xy =
		"MIICuDCCAl6gAwIBAgIKFBEAAAAAAAAIQzAKBggqgRzPVQGDdTBNMQswCQYDVQQGEwJDTjERMA8GA1UECgwIQ0hJTkFNU0ExETAPBgNVBAsMCENISU5BTVNBMRgwFgYDVQQDDA9DSElOQU1TQSBTTTIgQ0EwHhcNMTUwOTEwMTYwMDAwWhcNMTgwOTExMTU1OTU5WjBTMQswCQYDVQQGEwJDTjEPMA0GA1UECAwG5YyX5LqsMQ8wDQYDVQQHDAbkuJzln44xIjAgBgNVBAMMGea1t+S6i+S4quS6uua1i+ivlVRG5Y2hMTAwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAATU7yKIK31DFXlYglDck41GUpeVaFU5+64d0IHRLg3LashmnoS659CTBZAt9iuhQh32H17F+3UgSdEBcpoSXzaVo4IBHjCCARowHwYDVR0jBBgwFoAUcWzpmZA0N7fJ6ciCy5fLmv72uF0wHQYDVR0OBBYEFN27An45JjWvMK5c6/ywmPmyp8sfMAsGA1UdDwQEAwIGwDCBpgYDVR0fBIGeMIGbMGigZqBkpGIwYDELMAkGA1UEBhMCQ04xETAPBgNVBAoMCENISU5BTVNBMREwDwYDVQQLDAhDSElOQU1TQTEYMBYGA1UEAwwPQ0hJTkFNU0EgU00yIENBMREwDwYDVQQDEwhjYTExY3JsMTAvoC2gK4YpaHR0cDovLzE5OC4zMi4yMjcuMTo4MDAwL2NybC9jYTExY3JsMS5jcmwwIgYIYIZIAYb4RAIEFgwUU0YxMzAxODUxOTgzMDEyNDM0MTUwCgYIKoEcz1UBg3UDSAAwRQIhAJDsqHbDolgi85eHxodn0OmTm/6DnVjnhZ8Wq2GuL7x/AiAS7/PU/ROiXzeuPFWTOzeZeZdK8gE6kTBsD3BJ8VXwGQ==";
	byte * byte_xy = new byte[64];

	char * str_prv = "e83d63ffb8be0ae8412dacf65b8174fed36aeed2e04e35a929171966df7650ef";
	byte * byte_prv = new byte[64];

	OPF_Str2Bin(str_xy,128,byte_xy,&len);

	// 公钥私钥
	{
		OPF_Str2Bin(str_prv,64,prv_data_value,&prv_data_len);
		OPF_Str2Bin(str_xy,64,x_data_value,&x_data_len);
		OPF_Str2Bin(str_xy+64,64,y_data_value,&y_data_len);
	}

	char szDevNameLists[BUFFER_LEN_1K];
	unsigned long ulDevNameLists = BUFFER_LEN_1K;
	HANDLE hDevSKF;

	char szAppNameLists[BUFFER_LEN_1K];
	unsigned long ulAppNameLists = BUFFER_LEN_1K;
	HANDLE hAppSKF;

	char szConNameLists[BUFFER_LEN_1K];
	unsigned long ulConNameLists = BUFFER_LEN_1K;
	HANDLE hConSKF;


	ulRet = SKF_EnumDev(TRUE,szDevNameLists,&ulDevNameLists);

	ulRet = SKF_ConnectDev(szDevNameLists,&hDevSKF);

	ulRet = SKF_EnumApplication(hDevSKF,szAppNameLists, &ulAppNameLists);

	if (ulAppNameLists < 2)
	{
		// 第一步设备认证
		unsigned char	bRandom[16], bAuthData[16];
		unsigned long	ulRandomLen, ulAuthDataLen;
		BLOCKCIPHERPARAM EncryptParam;
		unsigned char	bSymKey[16];
		HANDLE			hSymKey=NULL;

		DEVINFO			DevInfo;

		// 取16字节随机数
		ulRandomLen = sizeof(bRandom);
		ulRet = SKF_GenRandom(hDevSKF, bRandom, ulRandomLen);
		if(ulRet != 0)
		{
			printf("SKF_GenRandom error, ret=0x%x\n", ulRet);
		}
		printf("SKF_GenRandom succeeds");


		ulRet = SKF_GetDevInfo(hDevSKF, &DevInfo);
		// 加密随机化
		// 默认外部认证密钥为:1234567812345678
		memcpy(bSymKey, (unsigned char*)"\x31\x32\x33\x34\x35\x36\x37\x38\x31\x32\x33\x34\x35\x36\x37\x38", 16);

		ulRet = SKF_SetSymmKey(hDevSKF, bSymKey, DevInfo.DevAuthAlgId, &hSymKey);
		if(ulRet != 0)
		{
			printf("SKF_SetSymmKey error, ret=0x%x\n", ulRet);
		}
		printf("SKF_SetSymmKey succeeds.\n");

		// 加密初始化
		EncryptParam.PaddingType = 0;
		ulRet = SKF_EncryptInit(hSymKey, EncryptParam);
		if(ulRet != 0)
		{
			printf("SKF_EncryptInit error, ret=0x%x\n", ulRet);
		}
		printf("SKF_EncryptInit succeeds.\n");

		// 加密随机数
		ulAuthDataLen = sizeof(bAuthData);
		memset(bAuthData, 0x00, ulAuthDataLen);
		ulRet = SKF_Encrypt(hSymKey, bRandom, ulRandomLen, bAuthData, &ulAuthDataLen);
		if(ulRet != 0)
		{
			printf("SKF_Encrypt error, ret=0x%x\n", ulRet);
		}
		printf("SKF_Encrypt succeeds.\n");

		// 外部认证
		ulRet = SKF_DevAuth(hDevSKF, bAuthData, ulAuthDataLen);
		if(ulRet != 0)
		{
			printf("SKF_DevAuth error, ret=0x%x\n", ulRet);
		}
		printf("SKF_DevAuth succeeds.\n");

		// 创建应用
		ulRet = SKF_CreateApplication(hDevSKF,"DEFAULT_APPLICATION", (char*)pw_usb_value,8,
			(char*)pw_usb_value, 8,0,&hAppSKF);
	}
	else
	{
		ulRet = SKF_OpenApplication(hDevSKF, szAppNameLists,&hAppSKF);
	}

	ulRet = SKF_VerifyPIN(hAppSKF, 1, (char*)pw_usb_value,&ulRetry);
	
	ulRet = SKF_EnumContainer(hAppSKF,szConNameLists,&ulConNameLists);

	if (ulConNameLists < 2)
	{
		ulRet = SKF_CreateContainer(hAppSKF, "DEFAULT_CONTAINER", &hConSKF);
	}
	else
	{
		ulRet = SKF_OpenContainer(hAppSKF, szConNameLists, &hConSKF);
	}

	ECCPUBLICKEYBLOB pubkeyBlob;

	ENVELOPEDKEYBLOB * pENVELOPEDKEY_Dev = (ENVELOPEDKEYBLOB*)malloc(sizeof(ENVELOPEDKEYBLOB) + SM2_BYTES_LEN);
	ENVELOPEDKEYBLOB * pENVELOPEDKEY_DB = (ENVELOPEDKEYBLOB*)malloc(sizeof(ENVELOPEDKEYBLOB) + SM2_BYTES_LEN);

	ulRet = SKF_GenECCKeyPair(hConSKF, SGD_SM2_1,&pubkeyBlob);
	
	/*ulRet = PCI_Open(&hHandlePCI, &hHandleSession);

	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[0]),&ulRetry);

	ulRet = PCI_CheckExistRootSM2Keys(hHandleSession);

	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[1]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[2]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[3]),&ulRetry);

	ulRet = PCI_GenRootSM2Keys(hHandleSession, data_value,&data_len);

	ulRet = PCI_BackupInit(hHandleSession);
	ulRet = PCI_BackupKeyComponent(hHandleSession, 1, (unsigned char *)"12345678", 8);
	ulRet = PCI_BackupKeyComponent(hHandleSession, 2, (unsigned char *)"12345678", 8);
	ulRet = PCI_BackupKeyComponent(hHandleSession, 3, (unsigned char *)"12345678", 8);
	ulRet = PCI_BackupECC(hHandleSession,1, data_value, &data_len);
	ulRet = PCI_BackupFinal(hHandleSession);

	ulRet = PCI_RestoreInit(hHandleSession);
	ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
	ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
	ulRet = PCI_RestoreECC(hHandleSession, 0, data_value, 96 * 2);
	ulRet = PCI_RestoreFinal(hHandleSession);

	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[0]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[1]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[2]),&ulRetry);
	ulRet = PCI_ICLogin(hHandleSession,(unsigned char *)"12345678", 8,&(ulUserID[3]),&ulRetry);
	*/
	//ulRet = PCI_BackupInit(hHandleSession);
	//ulRet = PCI_BackupKeyComponent(hHandleSession, 1, (unsigned char *)"12345678", 8);
	//ulRet = PCI_BackupKeyComponent(hHandleSession, 2, (unsigned char *)"12345678", 8);
	//ulRet = PCI_BackupKeyComponent(hHandleSession, 3, (unsigned char *)"12345678", 8);
	//ulRet = PCI_BackupECC(hHandleSession,1, data_value, &data_len);
	//ulRet = PCI_BackupFinal(hHandleSession);

	/*ulRet = PCI_RestoreInit(hHandleSession);
	ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
	ulRet = PCI_RestoreKeyComponent(hHandleSession,(unsigned char *)"12345678", 8);
	ulRet = PCI_RestoreECC(hHandleSession, 0, data_value, 96 *2);
	ulRet = PCI_RestoreFinal(hHandleSession);

	ulRet = PCI_SignWithRootSM2Keys(hHandleSession,data_value, 32, data_value, 32, 0, data_value, &data_len);
	*/
	//ulRet = PCI_GenExportSM2EnvelopedKey(hHandleSession,
	//	pubkeyBlob.XCoordinate + 32, 
	//	pubkeyBlob.YCoordinate + 32,
	//	(void *)pENVELOPEDKEY_DB,
	//	(void *)pENVELOPEDKEY_Dev
	//	);

	ulRet = SKF_ImportECCKeyPair(hConSKF,pENVELOPEDKEY_Dev);

	ulRet = SKF_GenECCKeyPair(hConSKF, SGD_SM2_1,&pubkeyBlob);

	ulRet = PCI_RestoreExportSM2EnvelopedKey(hHandleSession,
		pubkeyBlob.XCoordinate + 32, 
		pubkeyBlob.YCoordinate + 32,
		(void *)pENVELOPEDKEY_DB,
		(void *)pENVELOPEDKEY_Dev
		);

	ulRet = SKF_ImportECCKeyPair(hConSKF,pENVELOPEDKEY_Dev);

	return 0;

	//ulRet = OPF_Initialize();

	//ulRet = OpenSSL_SM2GenCSRWithPubkey(&userInfo,
	//	x_data_value, x_data_len,
	//	y_data_value, y_data_len,
	//	data_value,&data_len);

	//ulRet = OpenSSL_SM2GenRootCert(data_value,data_len, 123456789,timeStart,timeEnd,
	//	data_value_cert,&data_len_cert);

	//OPST_CRL crllists[3] = {{2,2,2},{3,3,3},{4,4,4}};

	//ulRet = OpenSSL_SM2GenCRL(crllists, sizeof(crllists)/sizeof(OPST_CRL),data_value_ca, data_len_ca, data_value_crl, &data_len_crl);

	//ulRet = OPF_SM2SignCRL(hHandleSession,data_value_ca,data_len_ca,data_value_crl,data_len_crl,0,data_value_crl,&data_len_crl);

	//ulRet = OpenSSL_SM2VerifyCRL(data_value_crl,data_len_crl,0,x_data_value,32 , y_data_value,32);

	//userInfo.ulLenC = wcslen(countryName)*2;
	//userInfo.ulLenST = wcslen(stateOrProvinceName)*2;
	//userInfo.ulLenL = wcslen(localityName)*2;
	//userInfo.ulLenO = wcslen(organizationName)*2;
	//userInfo.ulLenOU = wcslen(organizationalUnitName)*2;
	//userInfo.ulLenCN = wcslen(commonName)*2;
	//userInfo.ulLenEA = wcslen(emailAddress)*2;
	//userInfo.ulLenCP = wcslen(challengePassword)*2;
	//userInfo.ulLenUN = wcslen(unstructuredName)*2;

	//memcpy(userInfo.countryName, countryName, userInfo.ulLenC);
	//memcpy( userInfo.stateOrProvinceName ,stateOrProvinceName, userInfo.ulLenST);
	//memcpy( userInfo.localityName,localityName, userInfo.ulLenL);
	//memcpy( userInfo.organizationName, organizationName,userInfo.ulLenO);
	//memcpy(userInfo.organizationalUnitName,organizationalUnitName, userInfo.ulLenOU);
	//memcpy( userInfo.commonName,commonName,userInfo.ulLenCN);
	////strcpy((char *) userInfo.commonName, "34");
	//memcpy( userInfo.emailAddress,emailAddress,userInfo.ulLenEA);
	//memcpy( userInfo.challengePassword,challengePassword, userInfo.ulLenCP);
	//memcpy( userInfo.unstructuredName,unstructuredName, userInfo.ulLenUN);
	
	// 初始化库;

	//ulRet = PKCS11_EnumDevices(szDevValue, &ulDevCount);

	//ulRet = PKCS11_OpenDevice(szDevValue[0], & hDevice);

	//ulRet = PKCS11_Login(hDevice, 1, pw_usb_value,pw_usb_len, &ulRetry);

	//ulRet = PKCS11_CheckContainerExist(hDevice, ContainerTest,sizeof(ContainerTest));

	//if (ulRet)
	//{
	//	ulRet = PKCS11_CreateContainer(hDevice,ContainerTest ,sizeof(ContainerTest));

	//	ulRet = PKCS11_DeleteContainer(hDevice,ContainerTest ,sizeof(ContainerTest));

	//	ulRet = PKCS11_CreateContainer(hDevice,ContainerTest ,sizeof(ContainerTest));
	//}

	//ulRet = PKCS11_EnumContainers(hDevice, szConValue, &ulConCount);

	//ulRet = PKCS11_OpenContainer(hDevice, ContainerTest,sizeof(ContainerTest),ulConType, &hContainer);

	//if (ulConType == OPE_CON_TYPE_ENCYPT)
	//{
	//	// client
	//	ulRet = PKCS11_SM2GenKeys(hContainer);

	//	//ulRet = PKCS11_SM2ImportKeys(hContainer, hContainer, prv_data_value, 32, x_data_value, 32, y_data_value, 32);

	//	ulRet = OPF_SM2GenCSR(hContainer,&userInfo, data_value, &data_len);

	//	ulRet = OPF_SM2SignCSR(hContainer, data_value,data_len, 0, data_value_csr, &data_len_csr);

	//	{
	//		FILE * fileIN = fopen("d:/rootca.cer","r+b");

	//		data_len_ca = fread(data_value_ca ,1, 10240, fileIN);

	//		fclose(fileIN);
	//	}

	//	// server
	//	ulRet = OpenSSL_SM2GenCert(data_value_csr,data_len_csr,data_value_ca, data_len_ca,123456789,timeStart,timeEnd,
	//		0,data_value_cert,&data_len_cert);

	//	ulRet = OPF_SM2SignCert(hHandleSession,data_value_cert,data_len_cert, 0,data_value_cert, &data_len_cert);


	//	{
	//		FILE * fileOUT = fopen("d:/usr.cer","w+b");

	//		data_len_cert = fwrite(data_value_cert ,1, data_len_cert, fileOUT);

	//		fclose(fileOUT);
	//	}
	//	//ulRet = OPF_SignCert(hHandleSession, data_value_cert,data_len_cert, 0,
	//	//	data_value_cert,&data_len_cert);
	//}
	//else
	//{
	//	ulRet = OPF_SM2GenCSR(hContainer,&userInfo, data_value, &data_len);

	//	ulRet = OpenSSL_SM2GenRootCert(data_value,data_len, 123456789,timeStart,timeEnd,
	//		data_value_cert,&data_len_cert);

	//	ulRet = OPF_SM2SignCert(hHandleSession, data_value_cert,data_len_cert, 0,
	//		data_value_cert,&data_len_cert);
	//}

	//ulRet = OPF_CertImport(hContainer, data_value_cert, data_len_cert);

	//ulRet = PKCS11_CloseContainer(hContainer);

	//ulRet = PKCS11_Logout(hDevice);

	//ulRet = PKCS11_CloseDevice(hDevice);

	// 释放库资源.
	//ulRet = OPF_Finalize();

#if _PCI_TEST_
	ulRet = PCI_Close(hHandlePCI, hHandleSession);
#endif

	return 0; 
}
Exemplo n.º 4
0
ULONG FuncSKF_DevAuth(HANDLE hDevSKF, HAPPLICATION * hAppSKF, char * szPinInit, ULONG uiPinRetry)
{
	// 第一步设备认证
	unsigned char	bRandom[16], bAuthData[16];
	unsigned long	ulRandomLen, ulAuthDataLen;
	BLOCKCIPHERPARAM EncryptParam;
	unsigned char	bSymKey[16];
	HANDLE			hSymKey=NULL;
	ULONG ulRet = 0;
	DEVINFO			DevInfo;

	// 取16字节随机数
	ulRandomLen = sizeof(bRandom);
	ulRet = SKF_GenRandom(hDevSKF, bRandom, ulRandomLen);
	if(ulRet != 0)
	{
		::FILE_LOG_STRING(file_log_name,"SKF_GenRandom");
		goto err;
	}

	ulRet = SKF_GetDevInfo(hDevSKF, &DevInfo);
	if(ulRet != 0)
	{
		::FILE_LOG_STRING(file_log_name,"SKF_GetDevInfo");
		goto err;
	}
	// 加密随机化
	// 默认外部认证密钥为:1234567812345678
	memcpy(bSymKey, (unsigned char*)"\x31\x32\x33\x34\x35\x36\x37\x38\x31\x32\x33\x34\x35\x36\x37\x38", 16);

	ulRet = SKF_SetSymmKey(hDevSKF, bSymKey, DevInfo.DevAuthAlgId, &hSymKey);
	if(ulRet != 0)
	{
		::FILE_LOG_STRING(file_log_name,"SKF_SetSymmKey");
		goto err;
	}

	// 加密初始化
	EncryptParam.PaddingType = 0;
	ulRet = SKF_EncryptInit(hSymKey, EncryptParam);
	if(ulRet != 0)
	{
		::FILE_LOG_STRING(file_log_name,"SKF_EncryptInit");
		goto err;
	}

	// 加密随机数
	ulAuthDataLen = sizeof(bAuthData);
	memset(bAuthData, 0x00, ulAuthDataLen);
	ulRet = SKF_Encrypt(hSymKey, bRandom, ulRandomLen, bAuthData, &ulAuthDataLen);
	if(ulRet != 0)
	{
		::FILE_LOG_STRING(file_log_name,"SKF_Encrypt");
		goto err;
	}

	// 外部认证
	ulRet = SKF_DevAuth(hDevSKF, bAuthData, ulAuthDataLen);
	if(ulRet != 0)
	{
		::FILE_LOG_STRING(file_log_name,"SKF_DevAuth");
		goto err;
	}

	// 创建应用
	ulRet = SKF_CreateApplication(hDevSKF,DEFAULT_APPLICATION, szPinInit,uiPinRetry,
		szPinInit, uiPinRetry, 0, hAppSKF);
err:

	return ulRet;
}