📄 rsa_func.c
字号:
int do_SignVerifyMD5_RSA_PKCS( void ){ CK_BYTE original[1024]; CK_BYTE sig1[256]; CK_BYTE sig2[256]; CK_BYTE user_pin[8]; CK_SLOT_ID slot_id; CK_SESSION_HANDLE session; CK_MECHANISM mech; CK_OBJECT_HANDLE publ_key, priv_key; CK_FLAGS flags; CK_ULONG user_pin_len; CK_ULONG orig_len, sig1_len, sig2_len; CK_ULONG i, remain; CK_RV rc; CK_ULONG bits = 1024; CK_BYTE pub_exp[] = { 0x3 }; CK_ATTRIBUTE pub_tmpl[] = { {CKA_MODULUS_BITS, &bits, sizeof(bits) }, {CKA_PUBLIC_EXPONENT, &pub_exp, sizeof(pub_exp) } }; printf("do_SignVerifyMD5_RSA_PKCS...\n"); slot_id = SLOT_ID; flags = CKF_SERIAL_SESSION | CKF_RW_SESSION; rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session ); if (rc != CKR_OK) { show_error(" C_OpenSession #1", rc ); return FALSE; } memcpy( user_pin, "12345678", 8 ); user_pin_len = 8; rc = funcs->C_Login( session, CKU_USER, user_pin, user_pin_len ); if (rc != CKR_OK) { show_error(" C_Login #1", rc ); return FALSE; } mech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; mech.ulParameterLen = 0; mech.pParameter = NULL; rc = funcs->C_GenerateKeyPair( session, &mech, pub_tmpl, 2, NULL, 0, &publ_key, &priv_key ); if (rc != CKR_OK) { show_error(" C_GenerateKeyPair #1", rc ); return FALSE; } // now, sign/verify some data // orig_len = sizeof(original); for (i=0; i < orig_len; i++) original[i] = i % 255; mech.mechanism = CKM_MD5_RSA_PKCS; mech.ulParameterLen = 0; mech.pParameter = NULL; rc = funcs->C_SignInit( session, &mech, priv_key ); if (rc != CKR_OK) { show_error(" C_SignInit #1", rc ); return FALSE; } sig1_len = sizeof(sig1); rc = funcs->C_Sign( session, original, orig_len, sig1, &sig1_len ); if (rc != CKR_OK) { show_error(" C_Sign #1", rc ); return FALSE; } rc = funcs->C_SignInit( session, &mech, priv_key ); if (rc != CKR_OK) { show_error(" C_SignInit #2", rc ); return FALSE; } remain = orig_len; for (i=0; i < 1024; i += 53) { int amt; if (remain < 53) amt = remain; else amt = 53; rc = funcs->C_SignUpdate( session, &original[orig_len - remain], amt ); if (rc != CKR_OK) { show_error(" C_SignUpdate #1", rc ); printf(" Iteration: i = %d\n", i ); return FALSE; } remain -= amt; } sig2_len = sizeof(sig2); rc = funcs->C_SignFinal( session, sig2, &sig2_len ); if (rc != CKR_OK) { show_error(" C_SignFinal #1", rc ); return FALSE; } if (sig1_len != sig2_len) { printf(" ERROR: signature lengths don't match\n"); return FALSE; } if (memcmp(sig1, sig2, sig1_len) != 0) { printf(" ERROR: signatures don't match\n"); return FALSE; } // now, verify the signature // rc = funcs->C_VerifyInit( session, &mech, publ_key ); if (rc != CKR_OK) { show_error(" C_VerifyInit #1", rc ); return FALSE; } rc = funcs->C_Verify( session, original, orig_len, sig1, sig1_len ); if (rc != CKR_OK) { show_error(" C_Verify #1", rc ); return FALSE; } rc = funcs->C_VerifyInit( session, &mech, publ_key ); if (rc != CKR_OK) { show_error(" C_VerifyInit #2", rc ); return FALSE; } remain = orig_len; for (i=0; i < 1024; i += 53) { int amt; if (remain < 53) amt = remain; else amt = 53; rc = funcs->C_VerifyUpdate( session, &original[orig_len - remain], amt ); if (rc != CKR_OK) { show_error(" C_VerifyUpdate #1", rc ); printf(" Iteration: i = %d\n", i ); return FALSE; } remain -= amt; } rc = funcs->C_VerifyFinal( session, sig1, sig1_len ); if (rc != CKR_OK) { show_error(" C_VerifyFinal #1", rc ); return FALSE; } // now, corrupt the signature and try to re-verify. // sig1[50] = sig1[50] + 1; rc = funcs->C_VerifyInit( session, &mech, publ_key ); if (rc != CKR_OK) { show_error(" C_VerifyInit #2", rc ); return FALSE; } rc = funcs->C_Verify( session, original, orig_len, sig1, sig1_len ); if (rc != CKR_SIGNATURE_INVALID) { show_error(" C_Verify #2", rc ); printf(" Expected CKR_SIGNATURE_INVALID\n"); return FALSE; } rc = funcs->C_CloseAllSessions( slot_id ); if (rc != CKR_OK) { show_error(" C_CloseAllSessions #1", rc ); return FALSE; } printf("Looks okay...\n"); return TRUE;}////int do_SignVerifySHA1_RSA_PKCS( void ){ CK_BYTE original[1024]; CK_BYTE sig1[256]; CK_BYTE sig2[256]; CK_BYTE user_pin[8]; CK_SLOT_ID slot_id; CK_SESSION_HANDLE session; CK_MECHANISM mech; CK_OBJECT_HANDLE publ_key, priv_key; CK_FLAGS flags; CK_ULONG user_pin_len; CK_ULONG orig_len, sig1_len, sig2_len; CK_ULONG i, remain; CK_RV rc; CK_ULONG bits = 1024; CK_BYTE pub_exp[] = { 0x3 }; CK_ATTRIBUTE pub_tmpl[] = { {CKA_MODULUS_BITS, &bits, sizeof(bits) }, {CKA_PUBLIC_EXPONENT, &pub_exp, sizeof(pub_exp) } }; printf("do_SignVerifySHA1_RSA_PKCS...\n"); slot_id = SLOT_ID; flags = CKF_SERIAL_SESSION | CKF_RW_SESSION; rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session ); if (rc != CKR_OK) { show_error(" C_OpenSession #1", rc ); return FALSE; } memcpy( user_pin, "12345678", 8 ); user_pin_len = 8; rc = funcs->C_Login( session, CKU_USER, user_pin, user_pin_len ); if (rc != CKR_OK) { show_error(" C_Login #1", rc ); return FALSE; } mech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; mech.ulParameterLen = 0; mech.pParameter = NULL; rc = funcs->C_GenerateKeyPair( session, &mech, pub_tmpl, 2, NULL, 0, &publ_key, &priv_key ); if (rc != CKR_OK) { show_error(" C_GenerateKeyPair #1", rc ); return FALSE; } // now, sign/verify some data // orig_len = sizeof(original); for (i=0; i < orig_len; i++) original[i] = i % 255; mech.mechanism = CKM_SHA1_RSA_PKCS; mech.ulParameterLen = 0; mech.pParameter = NULL; rc = funcs->C_SignInit( session, &mech, priv_key ); if (rc != CKR_OK) { show_error(" C_SignInit #1", rc ); return FALSE; } sig1_len = sizeof(sig1); rc = funcs->C_Sign( session, original, orig_len, sig1, &sig1_len ); if (rc != CKR_OK) { show_error(" C_Sign #1", rc ); return FALSE; } rc = funcs->C_SignInit( session, &mech, priv_key ); if (rc != CKR_OK) { show_error(" C_SignInit #2", rc ); return FALSE; } remain = orig_len; for (i=0; i < 1024; i += 53) { int amt; if (remain < 53) amt = remain; else amt = 53; rc = funcs->C_SignUpdate( session, &original[orig_len - remain], amt ); if (rc != CKR_OK) { show_error(" C_SignUpdate #1", rc ); printf(" Iteration: i = %d\n", i ); return FALSE; } remain -= amt; } sig2_len = sizeof(sig2); rc = funcs->C_SignFinal( session, sig2, &sig2_len ); if (rc != CKR_OK) { show_error(" C_SignFinal #1", rc ); return FALSE; } if (sig1_len != sig2_len) { printf(" ERROR: signature lengths don't match\n"); return FALSE; } if (memcmp(sig1, sig2, sig1_len) != 0) { printf(" ERROR: signatures don't match\n"); return FALSE; } // now, verify the signature // rc = funcs->C_VerifyInit( session, &mech, publ_key ); if (rc != CKR_OK) { show_error(" C_VerifyInit #1", rc ); return FALSE; } rc = funcs->C_Verify( session, original, orig_len, sig1, sig1_len ); if (rc != CKR_OK) { show_error(" C_Verify #1", rc ); return FALSE; } rc = funcs->C_VerifyInit( session, &mech, publ_key ); if (rc != CKR_OK) { show_error(" C_VerifyInit #2", rc ); return FALSE; } remain = orig_len; for (i=0; i < 1024; i += 53) { int amt; if (remain < 53) amt = remain; else amt = 53; rc = funcs->C_VerifyUpdate( session, &original[orig_len - remain], amt ); if (rc != CKR_OK) { show_error(" C_VerifyUpdate #1", rc ); printf(" Iteration: i = %d\n", i ); return FALSE; } remain -= amt; } rc = funcs->C_VerifyFinal( session, sig1, sig1_len ); if (rc != CKR_OK) { show_error(" C_VerifyFinal #1", rc ); return FALSE; } // now, corrupt the signature and try to re-verify. // sig1[50] = sig1[50] + 1; rc = funcs->C_VerifyInit( session, &mech, publ_key ); if (rc != CKR_OK) { show_error(" C_VerifyInit #2", rc ); return FALSE; } rc = funcs->C_Verify( session, original, orig_len, sig1, sig1_len ); if (rc != CKR_SIGNATURE_INVALID) { show_error(" C_Verify #2", rc ); printf(" Expected CKR_SIGNATURE_INVALID\n"); return FALSE; } rc = funcs->C_CloseAllSessions( slot_id ); if (rc != CKR_OK) { show_error(" C_CloseAllSessions #1", rc ); return FALSE; } printf("Looks okay...\n"); return TRUE;}int rsa_functions(){ SYSTEMTIME t1, t2; int rc;#if 1 GetSystemTime(&t1); rc = do_GenerateRSAKeyPair(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 ); GetSystemTime(&t1); rc = do_EncryptRSA_PKCS(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 ); GetSystemTime(&t1); rc = do_EncryptRSA_PKCS_Speed(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 ); GetSystemTime(&t1); rc = do_SignRSA_PKCS(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 ); GetSystemTime(&t1); rc = do_WrapUnwrapRSA_PKCS(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 ); GetSystemTime(&t1); rc = do_EncryptRSA_X509(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 ); GetSystemTime(&t1); rc = do_SignRSA_X509(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 ); GetSystemTime(&t1); rc = do_WrapUnwrapRSA_X509(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 );#if MD2 GetSystemTime(&t1); rc = do_SignVerifyMD2_RSA_PKCS(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 );#endif GetSystemTime(&t1); rc = do_SignVerifyMD5_RSA_PKCS(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 ); GetSystemTime(&t1); rc = do_SignVerifySHA1_RSA_PKCS(); if (!rc) return FALSE; GetSystemTime(&t2); process_time( t1, t2 );// GetSystemTime(&t1);// rc = do_EncryptRSA_PKCS_Speed();// if (!rc)// return FALSE;// GetSystemTime(&t2);// process_time( t1, t2 );#endif return TRUE;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -