📄 pkcs.cpp
字号:
if(tokenInSlotList)
free(tokenInSlotList);
if(phCertList)
free(phCertList);
TRACE(__LINE__,"PKCS CreateContainerTable TRUE",NULL );
return TRUE;
}
/*
%--------------------------------------------------------------------------
% ~Pkcs()
%
% ~Pkcs() est le destructor
%---------------------------------------------------------------------------
*/
Pkcs::~Pkcs()
{
}
/*
%--------------------------------------------------------------------------
% VerifyContainerExistance
%
% VerifyContainerExistance checks the existance container
%
%
% Parameters of entry :
% IN container The required container
%
% return : TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL Pkcs::VerifyContainerExistance(PKCSContainer* container)
{
TRACE(__LINE__,"VerifyContainerExistance",NULL );
return table_Containers.VerifyEntry(container);
}
/*
%--------------------------------------------------------------------------
% GetContainer
%
% GetContainer is used to recover a container starting from its name
% in the table container_table
%
%
% Parameters of entry :
% IN szContainerName the name of the required container
%
% return : the container
%---------------------------------------------------------------------------
*/
PKCSContainer* Pkcs::GetContainer(const CHAR IN * szContainerName)
{
TRACE(__LINE__,"Pkcs::GetContainer",NULL );
if(!szContainerName)
return NULL;
int iCookie = START;
table_Containers.Lock();
PKCSContainer * pCnt;
/*One seeks the Container with the good name*/
do
{
pCnt = (PKCSContainer*)table_Containers.GetNext(iCookie);
} while(pCnt && strcmp(pCnt->GetName(), szContainerName) != 0);
table_Containers.Unlock();
return pCnt;
}
/*
%--------------------------------------------------------------------------
% DoSign
%
% DoSign is used to sign data. Two calls are carried out to DoSign
% the first call, in order to recover the size with alouer for the signature
% the second call, in order to really carry out the signature
%
%
% Parameters of entry :
% IN pContainer the container to be used
% IN pbyHashLen length of the data to be signed
% IN pbyHash data to be signed
% IN dwKeySpec type of key to be used
% OUT pbySignature signed data
% OUT pdwSigLen length of the signed data
% IN g_strPwd pine code to use to reach the key private
%
% return : TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL Pkcs::DoSign(PKCSContainer* pContainer, unsigned long pbyHashLen, LPBYTE pbyHash,DWORD dwKeySpec, LPBYTE pbySignature, LPDWORD pdwSigLen)
{
CK_RV rv = CKR_OK;
CK_OBJECT_HANDLE hPrivKey=NULL;
CK_TOKEN_INFO tokenInfo;
CK_BYTE_PTR signature=NULL;
bool bret;
bool correctPin=false;
TRACE(__LINE__,"Pkcs::DoSign BEGIN",NULL );
CK_SESSION_INFO info;
/* one loggs */
/* Are we already logged */
rv=((pContainer->GetpFunctionList())->C_GetSessionInfo)(pContainer->GethSession(),&info);
if(rv!=CKR_OK)
return FALSE;
if(info.state!= CKS_RW_USER_FUNCTIONS && info.state!= CKS_RO_USER_FUNCTIONS)
{
do
{
unsigned char * codepin=(unsigned char *)malloc(MAX_PIN_LEN);
CK_ULONG codepinLen=MAX_PIN_LEN;
rv=getCodePorteur(codepin,codepinLen);
if(rv!=CKR_OK){
free(codepin);
TRACE(__LINE__,"Pkcs::DoSign Cancel of code pin",NULL );
return FALSE;
}
rv = login(pContainer->GetpFunctionList(), pContainer->GethSession(),codepin,strlen((const char *)codepin));
if(rv==CKR_OK)
{
correctPin=true;
}
memset(codepin,0,codepinLen);
if(rv==CKR_PIN_INCORRECT)
{
rv =((pContainer->GetpFunctionList())->C_GetTokenInfo)(pContainer->GetslotID(), &tokenInfo);
if ((rv == CKR_OK)&&((tokenInfo.flags & CKF_USER_PIN_FINAL_TRY)))
{
rv=getCodePorteur(codepin,codepinLen);
if(rv!=CKR_OK){
free(codepin);
TRACE(__LINE__,"DoSign::Decrypt Cancel of code pin",NULL );
return FALSE;
}
rv = login(pContainer->GetpFunctionList(), pContainer->GethSession(),codepin,strlen((const char *)codepin));
if(rv!=CKR_OK)
{
free(codepin);
TRACE(__LINE__,"Pkcs::DoSign FALSE",NULL );
return FALSE;
}
free(codepin);
break;
}
else if(rv != CKR_OK)
{
free(codepin);
TRACE(__LINE__,"Pkcs::DoSign FALSE",NULL );
return FALSE;
}
}
if((rv!=CKR_OK)&&(rv!=CKR_PIN_INCORRECT))
{
free(codepin);
TRACE(__LINE__,"Pkcs::DoSign FALSE",NULL );
return FALSE;
}
}while(!correctPin);
}
/* Recovery of the private key */
rv = getPrivateKeyFromX509Cert(pContainer->GetpFunctionList(),pContainer->GethSession(), &hPrivKey, pContainer->Gethcert());
if (rv!=CKR_OK) {
TRACE(__LINE__,"Pkcs::DoSign FALSE",NULL );
return FALSE;
}
/* If one invites CPSign the first time in order to recover the size to allow for the signature */
if(!pbySignature)
{
/*CK_BYTE_PTR defaultSignature=(CK_BYTE_PTR)malloc(256*sizeof(CK_BYTE));
CK_ULONG defaultSignatureLength=256;*/
rv = sign(pContainer->GetpFunctionList(),pContainer->GethSession(),hPrivKey, (CK_BYTE_PTR)pbyHash,pbyHashLen,NULL_PTR/*defaultSignature*/,(CK_ULONG_PTR)pdwSigLen/*&defaultSignatureLength*/,1);
if(rv!=CKR_OK){
TRACE(__LINE__,"Pkcs::DoSign FALSE",NULL );
free(signature);
return FALSE;
}
//*pdwSigLen=defaultSignatureLength;
}
/* Recovery of the signature */
else
{
/* real signature */
signature=(CK_BYTE_PTR)malloc((*pdwSigLen)*sizeof(CK_BYTE));
rv = sign(pContainer->GetpFunctionList(),pContainer->GethSession(),hPrivKey, (CK_BYTE_PTR)pbyHash,pbyHashLen,(CK_BYTE_PTR)signature,(CK_ULONG_PTR)pdwSigLen,1);
if(rv!=CKR_OK){
TRACE(__LINE__,"Pkcs::DoSign FALSE",NULL );
free(signature);
return FALSE;
}
/* Inversion of the block signature because CAPI awaits a turned over block*/
int i,j;
for (i=(*pdwSigLen)-1, j=0; i > j; --i, ++j)
{
CK_BYTE bTmp = signature[i];
signature[i] = signature[j];
signature[j] = bTmp;
}
memcpy(pbySignature,signature,*pdwSigLen);
}
if(signature)
free(signature);
bret=TRUE;
TRACE(__LINE__,"Pkcs::DoSign TRUE",NULL );
return bret;
}
/*
%--------------------------------------------------------------------------
% Decrypt
%
% Decrypt is used to decipher data
%
%
% Parameters of entry :
% IN hPubKey handle on the container to use to decipher
% IN pbySource data to be deciphered
% IN wSourceLength length of data to be deciphered
% OUT pbyDestination deciphered data
% OUT pwDestinationLen length of deciphered data
% IN pass pine code to use to reach the key private
%
% return : TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL Pkcs::Decrypt(HCRYPTKEY hPubKey, BYTE* pbySource, DWORD wSourceLength, BYTE* pbyDestination, DWORD* pwDestinationLen)
{
CK_RV rv = CKR_OK;
CK_TOKEN_INFO tokenInfo;
bool correctPin=false;
TRACE(__LINE__,"Pkcs::Decrypt BEGIN",NULL );
if(!Pkcs::VerifyContainerExistance((PKCSContainer*) hPubKey)){
TRACE(__LINE__,"Pkcs::Decrypt FALSE",NULL );
return FALSE;
}
CK_SESSION_INFO info;
/* one loggs */
/* Are we already logged */
rv=((((PKCSContainer*) hPubKey)->GetpFunctionList())->C_GetSessionInfo)(((PKCSContainer*) hPubKey)->GethSession(),&info);
if(rv!=CKR_OK)
return FALSE;
if(info.state!= CKS_RW_USER_FUNCTIONS && info.state!= CKS_RO_USER_FUNCTIONS)
{
/* we logg */
do
{
unsigned char * codepin=(unsigned char *)malloc(MAX_PIN_LEN);
CK_ULONG codepinLen=MAX_PIN_LEN;
rv=getCodePorteur(codepin,codepinLen);
if(rv!=CKR_OK){
free(codepin);
TRACE(__LINE__,"Pkcs::Decrypt Cancel of code pin",NULL );
return FALSE;
}
rv = login(((PKCSContainer*) hPubKey)->GetpFunctionList(), ((PKCSContainer*) hPubKey)->GethSession(),codepin,strlen((const char *)codepin));
if(rv==CKR_OK)
{
correctPin=true;
}
memset(codepin,0,codepinLen);
if(rv==CKR_PIN_INCORRECT)
{
rv =((((PKCSContainer*) hPubKey)->GetpFunctionList())->C_GetTokenInfo)(((PKCSContainer*) hPubKey)->GetslotID(), &tokenInfo);
if ((rv == CKR_OK)&&((tokenInfo.flags & CKF_USER_PIN_FINAL_TRY)))
{
rv=getCodePorteur(codepin,codepinLen);
if(rv!=CKR_OK){
free(codepin);
TRACE(__LINE__,"Pkcs::Decrypt Cancel of code pin",NULL );
return FALSE;
}
rv = login(((PKCSContainer*) hPubKey)->GetpFunctionList(), ((PKCSContainer*) hPubKey)->GethSession(),codepin,strlen((const char *)codepin));
if(rv!=CKR_OK)
{
free(codepin);
TRACE(__LINE__,"Pkcs::Decrypt FALSE",NULL );
return FALSE;
}
free(codepin);
break;
}
else if(rv != CKR_OK)
{
free(codepin);
TRACE(__LINE__,"Pkcs::Decrypt FALSE",NULL );
return FALSE;
}
}
if((rv!=CKR_OK)&&(rv!=CKR_PIN_INCORRECT))
{
free(codepin);
TRACE(__LINE__,"Pkcs::Decrypt FALSE",NULL );
return FALSE;
}
}while(!correctPin);
}
/* one recovers a handle on the private key */
CK_OBJECT_HANDLE hPrivKey=NULL;
rv = getPrivateKeyFromX509Cert(((PKCSContainer*)hPubKey)->GetpFunctionList(), ((PKCSContainer*)hPubKey)->GethSession(), &hPrivKey, ((PKCSContainer*)hPubKey)->Gethcert());
if (rv!=CKR_OK) {
TRACE(__LINE__,"Pkcs::Decrypt FALSE",NULL );
return FALSE;
}
/* the data are deciphered */
rv=decrypt(((PKCSContainer*)hPubKey)->GetpFunctionList(), ((PKCSContainer*)hPubKey)->GethSession(), hPrivKey, (CK_BYTE_PTR) pbySource, (CK_ULONG_PTR)&wSourceLength,(CK_BYTE_PTR)pbyDestination,(CK_ULONG_PTR)pwDestinationLen);
if (rv!=CKR_OK) {
TRACE(__LINE__,"Pkcs::Decrypt FALSE",NULL );
return FALSE;
}
TRACE(__LINE__,"Pkcs::Decrypt TRUE",NULL );
return TRUE;
}
CK_RV getCodePorteur(unsigned char * pCodePorteur, CK_ULONG codePorteurLen) {
CK_RV rv=CKR_OK;
if (pCodePorteur==NULL) {
rv=CKR_ARGUMENTS_BAD;
return rv;
}
// get the pin code
DialogBox(g_hModule, MAKEINTRESOURCE(IDD_PWD), NULL, DialogProc);
if (!strcmp((const char*)g_strPwd,"CANCEL")){
memset(g_strPwd,0,sizeof(g_strPwd));
rv=CKR_CANCEL;
return rv;
}
memcpy(pCodePorteur, g_strPwd, codePorteurLen);
memset(g_strPwd,0,sizeof(g_strPwd));
return rv;
}
/*
%--------------------------------------------------------------------------
% DialogProc
%
% return : TRUE if the operation occurred well, FALSE if not
%---------------------------------------------------------------------------
*/
BOOL CALLBACK DialogProc(
HWND hwndDlg, /* handle to dialog box*/
UINT uMsg, /* message*/
WPARAM wParam, /* first message parameter*/
LPARAM lParam /* second message parameter*/
)
{
switch( uMsg )
{
case WM_INITDIALOG:
break;
case WM_COMMAND:
switch ( idCtrl(wParam, lParam) )
{
case IDOK:
// memorisation du mot de passe
GetDlgItemText(hwndDlg,IDC_PWD,(char *)g_strPwd,30);
EndDialog(hwndDlg, idCtrl(wParam, lParam));
return TRUE;
case IDCANCEL:
strncpy((char *)g_strPwd,"CANCEL",6);
EndDialog(hwndDlg, idCtrl(wParam, lParam));
return TRUE;
}
return TRUE;
break;
}
return FALSE;
}
char getchar(char val){
int valMod=val&0x0F;
char temp;
if(valMod<=9)
temp='0'+valMod;
else
temp='A'+(valMod-0xA);
return temp;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -