📄 rijndael.c
字号:
return rc;}int do_AES_KAT_256_CBC(void){ int i, j, k; CK_RV rc; CK_BYTE pt[AES_BLOCK_SIZE], old_ct[AES_BLOCK_SIZE], ct[32], // larger to acct for trailing ciphertext final_pt[AES_BLOCK_SIZE], cv[AES_BLOCK_SIZE], iv[AES_BLOCK_SIZE]; CK_BYTE key[AES_KEY_SIZE_256]; CK_ULONG pt_len = AES_BLOCK_SIZE; CK_ULONG ct_len = AES_BLOCK_SIZE; CK_ULONG key_size = AES_KEY_SIZE_256; CK_OBJECT_CLASS class = CKO_SECRET_KEY; CK_KEY_TYPE key_type = CKK_AES; CK_UTF8CHAR label[] = "AES secret key object"; CK_BBOOL true = TRUE; CK_ATTRIBUTE template[] = { {CKA_CLASS, &class, sizeof(class)}, {CKA_KEY_TYPE, &key_type, sizeof(key_type)}, {CKA_TOKEN, &true, sizeof(true)}, {CKA_LABEL, label, sizeof(label)-1}, {CKA_ENCRYPT, &true, sizeof(true)}, {CKA_VALUE, key, sizeof(key)}, {CKA_VALUE_LEN, &key_size, sizeof(key_size)} }; CK_OBJECT_HANDLE h_key; CK_MECHANISM mech; memset( key, 0, sizeof(key) ); memset( pt, 0, sizeof(pt) ); memset( ct, 0, sizeof(ct) ); memset( cv, 0, sizeof(cv) ); memset( final_pt, 0, sizeof(final_pt) ); memset( iv, 0, sizeof(iv) ); if( (rc = funcs->C_CreateObject(sess, template, 7, &h_key)) != CKR_OK) { OC_ERR_MSG("C_CreateObject #1", rc); goto done; } mech.mechanism = CKM_AES_CBC; mech.ulParameterLen = sizeof(iv); mech.pParameter = iv; for( i=0; i<400; i++) { if(i==399) memcpy(final_pt, pt, sizeof(final_pt)); for( j=0; j<10000; j++) { for( k=0; k<sizeof(pt); k++) pt[k] ^= cv[k]; memcpy(old_ct, ct+16, sizeof(old_ct)); rc = funcs->C_EncryptInit(sess, &mech, h_key); if (rc != CKR_OK) { OC_ERR_MSG(" C_EncryptInit #1", rc); goto done; } rc = funcs->C_Encrypt(sess, pt, pt_len, ct+16, &ct_len); if (rc != CKR_OK) { OC_ERR_MSG(" C_Encrypt #1", rc); goto done; } memcpy(ct, old_ct, 16); memcpy(pt, old_ct, sizeof(pt)); memcpy(cv, ct+16, sizeof(cv)); /* After the final encrypt, we need to keep the * plain text pure */ if(i == 399 && j == 9999) goto print_done; } for( k=0; k<sizeof(ct); k++) key[k] ^= ct[k]; if( (rc = funcs->C_DestroyObject(sess, h_key)) != CKR_OK) { OC_ERR_MSG("C_DestroyObject", rc); goto done; } if( (rc = funcs->C_CreateObject(sess, template, 7, &h_key)) != CKR_OK) { OC_ERR_MSG("C_CreateObject #2", rc); goto done; } /* One status tick */ if(!(i%5)) { printf("."); fflush(stdout); } }print_done: printf("\n"); for( i=0; i<sizeof(key); i++) { if(key[i] != KAT_256_CBC_KEY[i]) { printf("%s:%d Error: key data does not match known " "key data at byte %d.\n", __FILE__, __LINE__, i); rc = -1; goto done; } } for( i=0; i<sizeof(final_pt); i++) { if(final_pt[i] != KAT_256_CBC_PT[i]) { printf("%s:%d Error: Plain text does not match known " "plain text at byte %d.\n", __FILE__, __LINE__, i); rc = -1; goto done; } } for( i=0; i<AES_BLOCK_SIZE; i++) { if(ct[i+16] != KAT_256_CBC_CT[i]) { printf("%s:%d Error: Cipher text does not match known " "cipher text at byte %d.\n", __FILE__, __LINE__, i); rc = -1; goto done; } }done: return rc;}int main(int argc, char **argv){ int i; CK_RV rc; CK_C_INITIALIZE_ARGS initialize_args; /* Set default slot to 0 */ slot_id = 0; /* Parse the command line */ for( i = 1; i < argc; i++ ) { if(strncmp(argv[i], "-slot", 5) == 0) { slot_id = atoi(argv[i + 1]); i++; break; } } printf("Using slot %d...\n\n", slot_id); if(do_GetFunctionList()) return -1; /* There will be no multi-threaded Cryptoki access in this app */ memset( &initialize_args, 0, sizeof(initialize_args) ); if( (rc = funcs->C_Initialize( &initialize_args )) != CKR_OK ) { OC_ERR_MSG("C_Initialize", rc); return; } /* Open a session with the token */ if( (rc = funcs->C_OpenSession(slot_id, (CKF_SERIAL_SESSION|CKF_RW_SESSION), NULL_PTR, NULL_PTR, &sess)) != CKR_OK ) { OC_ERR_MSG("C_OpenSession #1", rc); goto done; } // Login correctly rc = funcs->C_Login(sess, CKU_USER, GOOD_USER_PIN, GOOD_USER_PIN_LEN); if( rc != CKR_OK ) { OC_ERR_MSG("C_Login #1", rc); goto session_close; } printf("do_AES_KAT_128_ECB...\n"); rc = do_AES_KAT_128_ECB(); if(rc) goto logout; printf("Looks good...\n"); printf("do_AES_KAT_192_ECB...\n"); rc = do_AES_KAT_192_ECB(); if(rc) goto logout; printf("Looks good...\n"); printf("do_AES_KAT_256_ECB...\n"); rc = do_AES_KAT_256_ECB(); if(rc) goto logout; printf("Looks good...\n"); printf("do_AES_KAT_128_CBC...\n"); rc = do_AES_KAT_128_CBC(); if(rc) goto logout; printf("Looks good...\n"); printf("do_AES_KAT_192_CBC...\n"); rc = do_AES_KAT_192_CBC(); if(rc) goto logout; printf("Looks good...\n"); printf("do_AES_KAT_256_CBC...\n"); rc = do_AES_KAT_256_CBC(); if(rc) goto logout; printf("Rijndael tests succeeded.\n"); logout: rc = funcs->C_Logout(sess); if( rc != CKR_OK ) OC_ERR_MSG("C_Logout #1", rc);session_close: /* Close the session */ if( (rc = funcs->C_CloseSession(sess)) != CKR_OK ) OC_ERR_MSG("C_CloseSession", rc); done: /* Call C_Finalize and dlclose the library */ return clean_up();}int clean_up(void){ int rc; if( (rc = funcs->C_Finalize(NULL)) != CKR_OK) OC_ERR_MSG("C_Finalize", rc); /* Decrement the reference count to PKCS11_API.so */ dlclose(dl_handle); return rc;}int do_GetFunctionList(void){ char *pkcslib = "/usr/lib/pkcs11/PKCS11_API.so"; CK_RV (*func_ptr)(); int rc; if( (dl_handle = dlopen(pkcslib, RTLD_NOW)) == NULL) { printf("dlopen: %s\n", dlerror()); return -1; } func_ptr = (CK_RV (*)())dlsym(dl_handle, "C_GetFunctionList"); if(func_ptr == NULL) return -1; if( (rc = func_ptr(&funcs)) != CKR_OK) { OC_ERR_MSG("C_GetFunctionList", rc); return -1; } return 0;}void process_ret_code( CK_RV rc ){ switch (rc) { case CKR_OK:printf(" CKR_OK");break; case CKR_CANCEL: printf(" CKR_CANCEL"); break; case CKR_HOST_MEMORY: printf(" CKR_HOST_MEMORY"); break; case CKR_SLOT_ID_INVALID: printf(" CKR_SLOT_ID_INVALID"); break; case CKR_GENERAL_ERROR: printf(" CKR_GENERAL_ERROR"); break; case CKR_FUNCTION_FAILED: printf(" CKR_FUNCTION_FAILED"); break; case CKR_ARGUMENTS_BAD: printf(" CKR_ARGUMENTS_BAD"); break; case CKR_NO_EVENT: printf(" CKR_NO_EVENT"); break; case CKR_NEED_TO_CREATE_THREADS: printf(" CKR_NEED_TO_CREATE_THREADS"); break; case CKR_CANT_LOCK: printf(" CKR_CANT_LOCK"); break; case CKR_ATTRIBUTE_READ_ONLY: printf(" CKR_ATTRIBUTE_READ_ONLY"); break; case CKR_ATTRIBUTE_SENSITIVE: printf(" CKR_ATTRIBUTE_SENSITIVE"); break; case CKR_ATTRIBUTE_TYPE_INVALID: printf(" CKR_ATTRIBUTE_TYPE_INVALID"); break; case CKR_ATTRIBUTE_VALUE_INVALID: printf(" CKR_ATTRIBUTE_VALUE_INVALID"); break; case CKR_DATA_INVALID: printf(" CKR_DATA_INVALID"); break; case CKR_DATA_LEN_RANGE: printf(" CKR_DATA_LEN_RANGE"); break; case CKR_DEVICE_ERROR: printf(" CKR_DEVICE_ERROR"); break; case CKR_DEVICE_MEMORY: printf(" CKR_DEVICE_MEMORY"); break; case CKR_DEVICE_REMOVED: printf(" CKR_DEVICE_REMOVED"); break; case CKR_ENCRYPTED_DATA_INVALID: printf(" CKR_ENCRYPTED_DATA_INVALID"); break; case CKR_ENCRYPTED_DATA_LEN_RANGE: printf(" CKR_ENCRYPTED_DATA_LEN_RANGE"); break; case CKR_FUNCTION_CANCELED: printf(" CKR_FUNCTION_CANCELED"); break; case CKR_FUNCTION_NOT_PARALLEL: printf(" CKR_FUNCTION_NOT_PARALLEL"); break; case CKR_FUNCTION_NOT_SUPPORTED: printf(" CKR_FUNCTION_NOT_SUPPORTED"); break; case CKR_KEY_HANDLE_INVALID: printf(" CKR_KEY_HANDLE_INVALID"); break; case CKR_KEY_SIZE_RANGE: printf(" CKR_KEY_SIZE_RANGE"); break; case CKR_KEY_TYPE_INCONSISTENT: printf(" CKR_KEY_TYPE_INCONSISTENT"); break; case CKR_KEY_NOT_NEEDED: printf(" CKR_KEY_NOT_NEEDED"); break; case CKR_KEY_CHANGED: printf(" CKR_KEY_CHANGED"); break; case CKR_KEY_NEEDED: printf(" CKR_KEY_NEEDED"); break; case CKR_KEY_INDIGESTIBLE: printf(" CKR_KEY_INDIGESTIBLE"); break; case CKR_KEY_FUNCTION_NOT_PERMITTED: printf(" CKR_KEY_FUNCTION_NOT_PERMITTED"); break; case CKR_KEY_NOT_WRAPPABLE: printf(" CKR_KEY_NOT_WRAPPABLE"); break; case CKR_KEY_UNEXTRACTABLE: printf(" CKR_KEY_UNEXTRACTABLE"); break; case CKR_MECHANISM_INVALID: printf(" CKR_MECHANISM_INVALID"); break; case CKR_MECHANISM_PARAM_INVALID: printf(" CKR_MECHANISM_PARAM_INVALID"); break; case CKR_OBJECT_HANDLE_INVALID: printf(" CKR_OBJECT_HANDLE_INVALID"); break; case CKR_OPERATION_ACTIVE: printf(" CKR_OPERATION_ACTIVE"); break; case CKR_OPERATION_NOT_INITIALIZED: printf(" CKR_OPERATION_NOT_INITIALIZED"); break; case CKR_PIN_INCORRECT: printf(" CKR_PIN_INCORRECT"); break; case CKR_PIN_INVALID: printf(" CKR_PIN_INVALID"); break; case CKR_PIN_LEN_RANGE: printf(" CKR_PIN_LEN_RANGE"); break; case CKR_PIN_EXPIRED: printf(" CKR_PIN_EXPIRED"); break; case CKR_PIN_LOCKED: printf(" CKR_PIN_LOCKED"); break; case CKR_SESSION_CLOSED: printf(" CKR_SESSION_CLOSED"); break; case CKR_SESSION_COUNT: printf(" CKR_SESSION_COUNT"); break; case CKR_SESSION_HANDLE_INVALID: printf(" CKR_SESSION_HANDLE_INVALID"); break; case CKR_SESSION_PARALLEL_NOT_SUPPORTED: printf(" CKR_SESSION_PARALLEL_NOT_SUPPORTED"); break; case CKR_SESSION_READ_ONLY: printf(" CKR_SESSION_READ_ONLY"); break; case CKR_SESSION_EXISTS: printf(" CKR_SESSION_EXISTS"); break; case CKR_SESSION_READ_ONLY_EXISTS: printf(" CKR_SESSION_READ_ONLY_EXISTS"); break; case CKR_SESSION_READ_WRITE_SO_EXISTS: printf(" CKR_SESSION_READ_WRITE_SO_EXISTS"); break; case CKR_SIGNATURE_INVALID: printf(" CKR_SIGNATURE_INVALID"); break; case CKR_SIGNATURE_LEN_RANGE: printf(" CKR_SIGNATURE_LEN_RANGE"); break; case CKR_TEMPLATE_INCOMPLETE: printf(" CKR_TEMPLATE_INCOMPLETE"); break; case CKR_TEMPLATE_INCONSISTENT: printf(" CKR_TEMPLATE_INCONSISTENT"); break; case CKR_TOKEN_NOT_PRESENT: printf(" CKR_TOKEN_NOT_PRESENT"); break; case CKR_TOKEN_NOT_RECOGNIZED: printf(" CKR_TOKEN_NOT_RECOGNIZED"); break; case CKR_TOKEN_WRITE_PROTECTED: printf(" CKR_TOKEN_WRITE_PROTECTED"); break; case CKR_UNWRAPPING_KEY_HANDLE_INVALID: printf(" CKR_UNWRAPPING_KEY_HANDLE_INVALID"); break; case CKR_UNWRAPPING_KEY_SIZE_RANGE: printf(" CKR_UNWRAPPING_KEY_SIZE_RANGE"); break; case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT: printf(" CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT"); break; case CKR_USER_ALREADY_LOGGED_IN: printf(" CKR_USER_ALREADY_LOGGED_IN"); break; case CKR_USER_NOT_LOGGED_IN: printf(" CKR_USER_NOT_LOGGED_IN"); break; case CKR_USER_PIN_NOT_INITIALIZED: printf(" CKR_USER_PIN_NOT_INITIALIZED"); break; case CKR_USER_TYPE_INVALID: printf(" CKR_USER_TYPE_INVALID"); break; case CKR_USER_ANOTHER_ALREADY_LOGGED_IN: printf(" CKR_USER_ANOTHER_ALREADY_LOGGED_IN"); break; case CKR_USER_TOO_MANY_TYPES: printf(" CKR_USER_TOO_MANY_TYPES"); break; case CKR_WRAPPED_KEY_INVALID: printf(" CKR_WRAPPED_KEY_INVALID"); break; case CKR_WRAPPED_KEY_LEN_RANGE: printf(" CKR_WRAPPED_KEY_LEN_RANGE"); break; case CKR_WRAPPING_KEY_HANDLE_INVALID: printf(" CKR_WRAPPING_KEY_HANDLE_INVALID"); break; case CKR_WRAPPING_KEY_SIZE_RANGE: printf(" CKR_WRAPPING_KEY_SIZE_RANGE"); break; case CKR_WRAPPING_KEY_TYPE_INCONSISTENT: printf(" CKR_WRAPPING_KEY_TYPE_INCONSISTENT"); break; case CKR_RANDOM_SEED_NOT_SUPPORTED: printf(" CKR_RANDOM_SEED_NOT_SUPPORTED"); break; case CKR_RANDOM_NO_RNG: printf(" CKR_RANDOM_NO_RNG"); break; case CKR_BUFFER_TOO_SMALL: printf(" CKR_BUFFER_TOO_SMALL"); break; case CKR_SAVED_STATE_INVALID: printf(" CKR_SAVED_STATE_INVALID"); break; case CKR_INFORMATION_SENSITIVE: printf(" CKR_INFORMATION_SENSITIVE"); break; case CKR_STATE_UNSAVEABLE: printf(" CKR_STATE_UNSAVEABLE"); break; case CKR_CRYPTOKI_NOT_INITIALIZED: printf(" CKR_CRYPTOKI_NOT_INITIALIZED"); break; case CKR_CRYPTOKI_ALREADY_INITIALIZED: printf(" CKR_CRYPTOKI_ALREADY_INITIALIZED"); break; case CKR_MUTEX_BAD: printf(" CKR_MUTEX_BAD");break; case CKR_MUTEX_NOT_LOCKED: printf(" CKR_MUTEX_NOT_LOCKED");break; }}void oc_err_msg( char *file, int line, char *str, CK_RV rc ){ printf("%s:%d Error: %s returned: %d ", file, line, str, rc ); process_ret_code( rc ); printf("\n\n");}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -