digest_func.c

IBM的Linux上的PKCS#11实现

   if (hash_len != MD2_HASH_LEN) {
      printf("   ERROR:  expected len3 to be %d.  Got %d instead\n\n", MD2_HASH_LEN, hash_len );
      return FALSE;
   }


   // the hashes better be the same
   //
   if (memcmp(hash1, hash2, sizeof(hash1)) != 0) {
      printf("   ERROR:  hashes 1 and 2 don't match\n");
      return FALSE;
   }

   if (memcmp(hash1, hash3, sizeof(hash1)) != 0) {
      printf("   ERROR:  hashes 1 and 3 don't match\n");
      return FALSE;
   }


   rc = funcs->C_CloseAllSessions( slot_id );
   if (rc != CKR_OK) {
      show_error("   C_CloseAllSessions #1", rc );
      return FALSE;
   }

   printf("Looks okay...\n");
   return TRUE;
}



//
//
int do_Digest_MD5( void )
{
   CK_SESSION_HANDLE session;
   CK_SLOT_ID        slot_id;
   CK_MECHANISM      mech;
   CK_BYTE           data[BIG_REQUEST];
   CK_BYTE           hash1[MD5_HASH_LEN];
   CK_BYTE           hash2[MD5_HASH_LEN];
   CK_BYTE           hash3[MD5_HASH_LEN];
   CK_ULONG          flags;
   CK_ULONG          data_len;
   CK_ULONG          hash_len;
   CK_ULONG          i;
   CK_RV             rc;


   // SAB new
   MD5_CTX   mdContext;


   printf("do_Digest_MD5...\n");

   slot_id = SLOT_ID;
   flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
   rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session );
   if (rc != CKR_OK) {
      show_error("   C_OpenSession #1", rc );
      return FALSE;
   }

   mech.mechanism      = CKM_MD5;
   mech.ulParameterLen = 0;
   mech.pParameter     = NULL;

   // generate some data to hash
   //
   data_len = sizeof(data);
   for (i=0; i < data_len; i++)
      data[i] = i % 255;


   // first, hash it all in 1 big block
   //
   rc = funcs->C_DigestInit( session, &mech );
   if (rc != CKR_OK) {
      show_error("   C_DigestInit #1", rc );
      return FALSE;
   }

   hash_len = sizeof(hash1);
   rc = funcs->C_Digest( session, data,     data_len,
                                  hash1,   &hash_len );
   if (rc != CKR_OK) {
      show_error("   C_Digest #1", rc );
      return FALSE;
   }

   if (hash_len != MD5_HASH_LEN) {
      printf("   ERROR:  expected len1 to be %d.  Got %d instead\n\n", MD5_HASH_LEN, hash_len );
      return FALSE;
   }

   // SAB Verify...
   MD5Init(&mdContext);
   MD5Update(&mdContext,data,data_len);
   MD5Final(&mdContext);
   if ( bcmp(hash1,mdContext.digest,MD5_HASH_LEN)){
	printf("  Error, Card value does not jive with the Software value \n");

   }

   // now hash in 64-byte chunks
   //
   rc = funcs->C_DigestInit( session, &mech );
   if (rc != CKR_OK) {
      show_error("   C_DigestInit #2", rc );
      return FALSE;
   }

   for (i=0; i < sizeof(data); i += 64) {
      CK_ULONG size = sizeof(data) - i;
      size = MIN(size, 64);

      rc = funcs->C_DigestUpdate( session, &data[i], size );
      if (rc != CKR_OK) {
         show_error("   C_DigestUpdate #1", rc );
         printf("   Offset:  %d\n", i);
         return FALSE;
      }
   }

   hash_len = sizeof(hash2);
   rc = funcs->C_DigestFinal( session, hash2, &hash_len );
   if (rc != CKR_OK) {
      show_error("   C_DigestFinal #1", rc );
      return FALSE;
   }

   if (hash_len != MD5_HASH_LEN) {
      printf("   ERROR:  expected len2 to be %d.  Got %d instead\n\n", MD5_HASH_LEN, hash_len );
      return FALSE;
   }


   rc = funcs->C_DigestInit( session, &mech );
   if (rc != CKR_OK) {
      show_error("   C_DigestInit #3", rc );
      return FALSE;
   }


   // finally, hash it in 47-byte chunks.
   //
   for (i=0; i < sizeof(data); i += 47) {
      CK_ULONG size = sizeof(data) - i;
      size = MIN(size, 47);

      rc = funcs->C_DigestUpdate( session, &data[i], size );
      if (rc != CKR_OK) {
         show_error("   C_DigestUpdate #2", rc );
         printf("   Offset:  %d\n", i);
         return FALSE;
      }
   }

   hash_len = sizeof(hash3);
   rc = funcs->C_DigestFinal( session, hash3, &hash_len );
   if (rc != CKR_OK) {
      show_error("   C_DigestFinal #2", rc );
      return FALSE;
   }

   if (hash_len != MD5_HASH_LEN) {
      printf("   ERROR:  expected len3 to be %d.  Got %d instead\n\n", MD5_HASH_LEN, hash_len );
      return FALSE;
   }


   // the hashes better be the same
   //
   if (memcmp(hash1, hash2, sizeof(hash1)) != 0) {
      printf("   ERROR:  hashes 1 and 2 don't match\n");
      return FALSE;
   }

   if (memcmp(hash1, hash3, sizeof(hash1)) != 0) {
      printf("   ERROR:  hashes 1 and 3 don't match\n");
      return FALSE;
   }


   rc = funcs->C_CloseAllSessions( slot_id );
   if (rc != CKR_OK) {
      show_error("   C_CloseAllSessions #1", rc );
      return FALSE;
   }

   printf("Looks okay...\n");
   return TRUE;
}


//
//
int do_Digest_SHA1_speed( void )
{
   CK_SESSION_HANDLE session;
   CK_SLOT_ID        slot_id;
   CK_MECHANISM      mech;
   CK_BYTE           data[BIG_REQUEST];
   CK_BYTE           hash1[SHA1_HASH_LEN];
   CK_ULONG          flags;
   CK_ULONG          data_len;
   CK_ULONG          hash_len;
   CK_ULONG          i;
   CK_RV             rc;


   printf("do_Digest_SHA1_speed.  Doing 819200 bytes in 8192 byte chunks...\n");

   slot_id = SLOT_ID;
   flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
   rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session );
   if (rc != CKR_OK) {
      show_error("   C_OpenSession #1", rc );
      return FALSE;
   }

   mech.mechanism      = CKM_SHA_1;
   mech.ulParameterLen = 0;
   mech.pParameter     = NULL;

   // generate some data to hash
   //
   data_len = sizeof(data);
   for (i=0; i < data_len; i++)
      data[i] = i % 255;


   for (i=0; i < 100; i++) {
      rc = funcs->C_DigestInit( session, &mech );
      if (rc != CKR_OK) {
         show_error("   C_DigestInit #1", rc );
         return FALSE;
      }

      hash_len = sizeof(hash1);
      rc = funcs->C_Digest( session, data,     data_len,
                                     hash1,   &hash_len );
      if (rc != CKR_OK) {
         show_error("   C_Digest #1", rc );
         return FALSE;
      }

      if (hash_len != SHA1_HASH_LEN) {
         printf("   ERROR:  expected len1 to be %d.  Got %d instead\n\n", SHA1_HASH_LEN, hash_len );
         return FALSE;
      }
   }

   rc = funcs->C_CloseAllSessions( slot_id );
   if (rc != CKR_OK) {
      show_error("   C_CloseAllSessions #1", rc );
      return FALSE;
   }

   printf("Looks okay...\n");
   return TRUE;
}


//
//
int do_Digest_MD5_speed( void )
{
   CK_SESSION_HANDLE session;
   CK_SLOT_ID        slot_id;
   CK_MECHANISM      mech;
   CK_BYTE           data[BIG_REQUEST];
   CK_BYTE           hash1[MD5_HASH_LEN];
   CK_ULONG          flags;
   CK_ULONG          data_len;
   CK_ULONG          hash_len;
   CK_ULONG          i;
   CK_RV             rc;


   printf("do_Digest_MD5_speed.  Doing 819200 bytes in 8192 byte chunks...\n");

   slot_id = SLOT_ID;
   flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
   rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session );
   if (rc != CKR_OK) {
      show_error("   C_OpenSession #1", rc );
      return FALSE;
   }

   mech.mechanism      = CKM_MD5;
   mech.ulParameterLen = 0;
   mech.pParameter     = NULL;

   // generate some data to hash
   //
   data_len = sizeof(data);
   for (i=0; i < data_len; i++)
      data[i] = i % 255;


   for (i=0; i < 100; i++) {
      rc = funcs->C_DigestInit( session, &mech );
      if (rc != CKR_OK) {
         show_error("   C_DigestInit #1", rc );
         return FALSE;
      }

      hash_len = sizeof(hash1);
      rc = funcs->C_Digest( session, data,     data_len,
                                     hash1,   &hash_len );
      if (rc != CKR_OK) {
         show_error("   C_Digest #1", rc );
         return FALSE;
      }

      if (hash_len != MD5_HASH_LEN) {
         printf("   ERROR:  expected len1 to be %d.  Got %d instead\n\n", MD5_HASH_LEN, hash_len );
         return FALSE;
      }
   }

   rc = funcs->C_CloseAllSessions( slot_id );
   if (rc != CKR_OK) {
      show_error("   C_CloseAllSessions #1", rc );
      return FALSE;
   }

   printf("Looks okay...\n");
   return TRUE;
}


//
//
int do_SignVerify_MD5_HMAC( void )
{
   CK_SESSION_HANDLE session;
   CK_SLOT_ID        slot_id;
   CK_MECHANISM      mech;
   CK_ULONG          flags;
   CK_RV             rc;



   printf("do_SignVerify_MD5_HMAC...\n");

   slot_id = SLOT_ID;
   flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
   rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session );
   if (rc != CKR_OK) {
      show_error("   C_OpenSession #1", rc );
      return FALSE;
   }


   mech.mechanism      = CKM_MD5_HMAC;
   mech.ulParameterLen = 0;
   mech.pParameter     = NULL;

   // test 1
   //
   {
      CK_OBJECT_HANDLE  h_key;
      CK_OBJECT_CLASS   key_class  = CKO_SECRET_KEY;
      CK_KEY_TYPE       key_type   = CKK_GENERIC_SECRET;
      CK_BBOOL          false      = FALSE;
      CK_BYTE           hash[MD5_HASH_LEN];
      CK_BYTE           data[10];
      CK_BYTE           expect[] = { 0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xBB,
                                     0x1C, 0x13, 0xf4, 0x8E, 0xf8, 0x15, 0x8b,
                                     0xfc, 0x9d };

      CK_BYTE           key_data[] = { 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb,
                                       0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb, 0xb };
      CK_ULONG          hash_len;
      CK_ULONG          data_len;
      CK_ATTRIBUTE      key_attribs[] =
      {
          {CKA_CLASS,       &key_class,        sizeof(key_class)    },
          {CKA_KEY_TYPE,    &key_type,         sizeof(key_type)     },
          {CKA_TOKEN,       &false,            sizeof(false)        },
          {CKA_VALUE,       &key_data,         sizeof(key_data)     }
      };

      memcpy( data, "Hi There", 8 );
      data_len = 8;

      rc = funcs->C_CreateObject( session, key_attribs, 4, &h_key );
      if (rc != CKR_OK) {
         show_error("   C_CreateObject #1", rc );
         return FALSE;
      }

      rc = funcs->C_SignInit( session, &mech, h_key );
      if (rc != CKR_OK) {
         show_error("   C_SignInit #1", rc );
         return FALSE;
      }

      hash_len = sizeof(hash);
      rc = funcs->C_Sign( session, data, data_len, hash, &hash_len );
      if (rc != CKR_OK) {
         show_error("   C_Sign #1", rc );
         return FALSE;
      }

      if (hash_len != MD5_HASH_LEN) {
         printf("   Error:  C_Sign #1 generated bad HMAC length\n");
         return FALSE;
      }

      if (memcmp(hash, expect, hash_len) != 0) {
         printf("   Error:  C_Sign #1 generated bad HMAC\n");
         return FALSE;
      }

      rc = funcs->C_VerifyInit( session, &mech, h_key );
      if (rc != CKR_OK) {
         show_error("   C_VerifyInit #1", rc );
         return FALSE;
      }

      rc = funcs->C_Verify( session, data, data_len, hash, hash_len );
      if (rc != CKR_OK) {
         show_error("   C_Verify #1", rc );
         return FALSE;
      }


      rc = funcs->C_DestroyObject( session, h_key );
      if (rc != CKR_OK) {
         show_error("   C_DestroyObject #1", rc );