📄 cryptool.cpp
字号:
};
rv = (*pFunctionList->C_GetAttributeValue)(hSession,hCert,templateAttr,1);
*pIssuerLen=templateAttr[0].ulValueLen;
return rv;
}
CK_RV login(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_CHAR_PTR pinCode, CK_ULONG len)
{
CK_RV rv=CKR_OK;
//trying to log using pin number
rv = (*pFunctionList->C_Login)(hSession,CKU_USER,pinCode,len);
if (rv == CKR_OK)
{
return rv;
}
return rv;
}
CK_RV logout(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession)
{
CK_RV rv=CKR_OK;
rv = (*pFunctionList->C_Logout)(hSession);
return rv;
}
CK_RV getAllX509CertificateList(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phCertList, CK_ULONG_PTR pCertListSize)
/* DREN le 11/07/2002 : Fin */
{
CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
CK_CERTIFICATE_TYPE certType = CKC_X_509;
CK_ATTRIBUTE certTemplate[] = {
{CKA_CLASS,&certClass,sizeof(certClass)},
{CKA_CERTIFICATE_TYPE,&certType,sizeof(certType)}
};
return getCertListFromAttr(pFunctionList, hSession, certTemplate, sizeof(certTemplate)/sizeof(CK_ATTRIBUTE), phCertList, pCertListSize);
}
CK_RV getCertListFromAttr(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pCertTemplate, CK_ULONG certTemplateSize, CK_OBJECT_HANDLE_PTR phCertList, CK_ULONG_PTR pCertListSize)
{
CK_RV rv=CKR_OK;
rv = (*pFunctionList->C_FindObjectsInit)(hSession,pCertTemplate,certTemplateSize);
if (rv == CKR_OK)
{
rv = (*pFunctionList->C_FindObjects)(hSession,phCertList,*pCertListSize, pCertListSize);
if ( (rv != CKR_OK) || (*pCertListSize == 0) )
if (*pCertListSize == 0)
rv=-1;
rv = (*pFunctionList->C_FindObjectsFinal)(hSession);
}
return rv;
}
CK_RV getPrivateKeyFromX509Cert(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phKey, CK_OBJECT_HANDLE hCert)
{
return getKeyFromX509Cert(pFunctionList, hSession,phKey, hCert, CKO_PRIVATE_KEY,0);
}
CK_RV getPublicKeyFromX509Cert(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phKey, CK_OBJECT_HANDLE hCert)
{
return getKeyFromX509Cert(pFunctionList, hSession,phKey, hCert, CKO_PUBLIC_KEY,0);
}
CK_RV getKeyType(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey,
CK_KEY_TYPE * keyType)
{
CK_RV rv=CKR_OK;
CK_ATTRIBUTE templateAttr [] =
{
{CKA_KEY_TYPE,keyType,sizeof(CK_KEY_TYPE)}
};
rv = (*pFunctionList->C_GetAttributeValue)(hSession,hKey,templateAttr,1);
return rv;
}
CK_RV getSlotListWithToken(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID_PTR tokenInSlotList, CK_ULONG_PTR pTokenInSlotListSize)
{
CK_RV rv=CKR_OK;
CK_ULONG ulCount;
CK_SLOT_ID_PTR pSlotList;
CK_SLOT_INFO slotInfo;
int i = 0;
rv = (*pFunctionList->C_GetSlotList)(FALSE,NULL_PTR,&ulCount);
if ( (rv== CKR_OK) && (ulCount>0))
{
//Get slot list
pSlotList = (CK_SLOT_ID_PTR) malloc(ulCount*sizeof(CK_SLOT_ID));
rv = (*pFunctionList->C_GetSlotList)(FALSE,pSlotList,&ulCount);
if (rv == CKR_OK)
{
for (unsigned int j=0; j<min(ulCount,*pTokenInSlotListSize); j++) {
//Get slot information for slotId
rv = (*pFunctionList->C_GetSlotInfo)(pSlotList[j], &slotInfo);
if ((rv == CKR_OK)&&((slotInfo.flags & CKF_TOKEN_PRESENT) != 0)) {
tokenInSlotList[i] = pSlotList[j];
i++;
}
}
}
free(pSlotList);
}
*pTokenInSlotListSize=i;
return rv;
}
CK_RV openSession(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID slotId, CK_SESSION_HANDLE_PTR phSession)
{
CK_RV rv=CKR_OK;
//open session with token
rv = (*pFunctionList->C_OpenSession)(slotId,CKF_SERIAL_SESSION,NULL_PTR,NULL_PTR,phSession);
return rv;
}
CK_RV closeSession(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession)
{
CK_RV rv=CKR_OK;
rv = (*pFunctionList->C_CloseSession)(hSession);
return rv;
}
CK_RV getX509Value(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hCert,
CK_BYTE_PTR value, CK_ULONG_PTR plenValue
)
{
CK_RV rv=CKR_OK;
if ( getTraceLevel() > 1)
TRACE_local(__LINE__,"getX509Value():");
CK_ATTRIBUTE templateAttr [] =
{
{CKA_VALUE,value,*plenValue}
};
rv = (*pFunctionList->C_GetAttributeValue)(hSession,hCert,templateAttr,1);
*plenValue=templateAttr[0].ulValueLen;
if ( getTraceLevel() > 1)
TRACE_local(__LINE__,"C_GetAttributeValue()=0x%x",rv);
return rv;
}
CK_RV getSlotList(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pSlotListSize)
{
CK_RV rv= (*pFunctionList->C_GetSlotList)(FALSE,pSlotList,pSlotListSize);
return rv;
}
CK_RV waitForSlotEvent(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID_PTR pSlotId)
{
CK_RV rv=CKR_OK;
CK_FLAGS flags = 0;
rv = (*pFunctionList->C_WaitForSlotEvent)(flags, pSlotId, NULL_PTR);
return rv;
}
bool propCertChain(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hCert,unsigned char * valuecert,unsigned long valuecertLen){
HCERTSTORE hCertStore = NULL;
PCCERT_CONTEXT pCertContext,pDesiredCert;
HCRYPTPROV hProv;
bool root=FALSE;
CK_BYTE_PTR pSubject;
CK_ULONG subjectLen=0;
CK_BYTE_PTR pIssuer;
CK_ULONG issuerLen=0;
CK_RV rv=CKR_OK;
TRACE_local(__LINE__,"propCertChain : BEGIN",NULL);
/* on r閏up鑢e le subject name*/
rv = getX509Subject(pFunctionList, hSession, hCert,NULL_PTR, &subjectLen);
if (rv!=CKR_OK)
return false;
pSubject=(CK_BYTE_PTR) malloc(subjectLen*sizeof(CK_BYTE));
rv = getX509Subject( pFunctionList, hSession, hCert,pSubject, &subjectLen);
if(rv!=CKR_OK)
{
free(pSubject);
return false;
}
TRACE_local(__LINE__,"pSubject : %s",pSubject);
/* on r閏up鑢e l'issuer name*/
rv = getX509Issuer(pFunctionList, hSession, hCert,NULL_PTR, &issuerLen);
if (rv!=CKR_OK){
free(pSubject);
return false;
}
pIssuer=(CK_BYTE_PTR) malloc(issuerLen*sizeof(CK_BYTE));
rv = getX509Issuer( pFunctionList, hSession, hCert,pIssuer, &issuerLen);
if(rv!=CKR_OK)
{
free(pIssuer);
free(pSubject);
return false;
}
TRACE_local(__LINE__,"pIssuer : %s",pIssuer);
if(memcmp(pIssuer,pSubject,issuerLen)==0)
root=true;
free(pSubject);
free(pIssuer);
if (RCRYPT_FAILED(CryptAcquireContext(&hProv,NULL,NULL,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT )))
{
DWORD dw=GetLastError();
TRACE_local(__LINE__,"CryptAcquireContext ERROR: %d",dw);
return false;
}
// Open the user's specified store for writing.
//
if(root)
hCertStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_W,
0,
hProv,
CERT_STORE_NO_CRYPT_RELEASE_FLAG |
CERT_SYSTEM_STORE_CURRENT_USER,
L"Root");
else
hCertStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_W,
0,
hProv,
CERT_STORE_NO_CRYPT_RELEASE_FLAG |
CERT_SYSTEM_STORE_CURRENT_USER,
L"CA");
if (NULL == hCertStore){
TRACE_local(__LINE__,"CertOpenStore FAILED ",NULL);
return false;
}
//
// Build certificate context for this certificate.
//
pCertContext = CertCreateCertificateContext(X509_ASN_ENCODING,
valuecert,
valuecertLen);
if (pCertContext == NULL)
{
TRACE_local(__LINE__,"CertCreateCertificateContext FAILED ",NULL);
return false;
}
if(pDesiredCert=CertFindCertificateInStore(
hCertStore,
X509_ASN_ENCODING,
0,
CERT_FIND_EXISTING,
pCertContext,
NULL))
{
TRACE_local(__LINE__,"propCertChain CERTIFICATE ALREADY INSTALLED TRUE",NULL);
if (pCertContext != NULL)
CertFreeCertificateContext(pCertContext);
CryptReleaseContext(hProv,0);
if (hCertStore != NULL)
CertCloseStore(hCertStore, CERT_CLOSE_STORE_FORCE_FLAG);
return true;
}
//
// Put the cert in the store!
//
if (!CertAddCertificateContextToStore(hCertStore,
pCertContext,
CERT_STORE_ADD_REPLACE_EXISTING,
// or CERT_STORE_ADD_NEW
NULL))
{
TRACE_local(__LINE__,"CertAddCertificateContextToStore FAILED ",NULL);
return false;
}
if (pCertContext != NULL)
{
CertFreeCertificateContext(pCertContext);
}
CryptReleaseContext(hProv,0);
if (hCertStore != NULL)
{
CertCloseStore(hCertStore, CERT_CLOSE_STORE_FORCE_FLAG);
}
TRACE_local(__LINE__,"propCertChain : TRUE",NULL);
return true;
}
/*
%--------------------------------------------------------------------------
% propCert
%
% R鬺e : La fonction propCert est utilis閑 pour ins閞er des certificats
% vers CAPI ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -