aeptok_specific.c

IBM的Linux上的PKCS#11实现

}

void *
rsa_convert_private_key(OBJECT *key_obj, int * mLen)
{
	CK_ATTRIBUTE      * attr     = NULL;
	CK_ATTRIBUTE      * modulus  = NULL;
	CK_ATTRIBUTE      * priv_exp = NULL;
	CK_ATTRIBUTE      * prime1   = NULL;
	CK_ATTRIBUTE      * prime2   = NULL;
	CK_ATTRIBUTE      * exp1     = NULL;
	CK_ATTRIBUTE      * exp2     = NULL;
	CK_ATTRIBUTE      * coeff    = NULL;
	CK_BBOOL          rc;

	RSA *rsa;
	BIGNUM *bn_mod, *bn_priv_exp, *bn_p1, *bn_p2, *bn_e1, *bn_e2, *bn_cf;
	int tmp;

	rc  = template_attribute_find( key_obj->template, CKA_MODULUS,
				       &modulus );
	rc &= template_attribute_find( key_obj->template, CKA_PRIVATE_EXPONENT,
				       &priv_exp );
	rc &= template_attribute_find( key_obj->template, CKA_PRIME_1,
				       &prime1 );
	rc &= template_attribute_find( key_obj->template, CKA_PRIME_2,
				       &prime2 );
	rc &= template_attribute_find( key_obj->template, CKA_EXPONENT_1,
				       &exp1 );
	rc &= template_attribute_find( key_obj->template, CKA_EXPONENT_2,
				       &exp2 );
	rc &= template_attribute_find( key_obj->template, CKA_COEFFICIENT,
				       &coeff );

	if ( !prime2 && !modulus ){
        	return NULL;
	}

	// Create and init all the RSA and BIGNUM structs we need.
	rsa = RSA_new();
	if (rsa == NULL)
		return NULL;
	RSA_blinding_off(rsa);

	bn_mod = BN_new();
	bn_priv_exp = BN_new();
	bn_p1 = BN_new();
	bn_p2 = BN_new();
	bn_e1 = BN_new();
	bn_e2 = BN_new();
	bn_cf = BN_new();

	if ((bn_cf == NULL) || (bn_e2 == NULL) || (bn_e1 == NULL) || 
	    (bn_p2 == NULL) || (bn_p1 == NULL) || (bn_priv_exp == NULL) ||
	    (bn_mod == NULL))
	{
		if (rsa)	 RSA_free(rsa);
		if (bn_mod)	 BN_free(bn_mod);
		if (bn_priv_exp) BN_free(bn_priv_exp);
		if (bn_p1)	 BN_free(bn_p1);
		if (bn_p2)	 BN_free(bn_p2);
		if (bn_e1)	 BN_free(bn_e1);
		if (bn_e2)	 BN_free(bn_e2);
		if (bn_cf)	 BN_free(bn_cf);
		return NULL;
	}

	// CRT key?
	if ( prime1){

		if (!prime2 || !exp1 ||!exp2 || !coeff) {
			return NULL;
		}
		// Even though this is CRT key, OpenSSL requires the
		// modulus and exponents filled in or encrypt and decrypt will
		// not work
		BN_bin2bn((char *)modulus->pValue, 
			  modulus->ulValueLen, bn_mod);
		rsa->n = bn_mod;
		BN_bin2bn((char *)priv_exp->pValue, 
			  priv_exp->ulValueLen, bn_priv_exp);
		rsa->d = bn_priv_exp;
		BN_bin2bn((char *)prime1->pValue, 
			  prime1->ulValueLen, bn_p1);
		rsa->p = bn_p1;
		BN_bin2bn((char *)prime2->pValue, 
			  prime2->ulValueLen, bn_p2);
		rsa->q = bn_p2;
		BN_bin2bn((char *)exp1->pValue, 
			  exp1->ulValueLen, bn_e1);
		rsa->dmp1 = bn_e1;
		BN_bin2bn((char *)exp2->pValue, 
			  exp2->ulValueLen, bn_e2);
		rsa->dmq1 = bn_e2;
		BN_bin2bn((char *)coeff->pValue, 
			  coeff->ulValueLen, bn_cf);
		rsa->iqmp = bn_cf;

		/* get the length of modulus for the modexp operation */
		*mLen = BN_num_bits(rsa->p);
		tmp =  BN_num_bits(rsa->q);
		*mLen = (tmp > *mLen) ? tmp : *mLen;

		return rsa;

	} else {   // must be a non-CRT key
		if (!priv_exp) {
			return NULL;
		}
		BN_bin2bn((char *)modulus->pValue, 
			  modulus->ulValueLen, bn_mod);
		rsa->n = bn_mod;
		BN_bin2bn((char *)priv_exp->pValue,
			  priv_exp->ulValueLen, bn_priv_exp);
		rsa->d = bn_priv_exp;

		/* get the length of modulus for the modexp operation */
		*mLen = BN_num_bits(rsa->n);
	}
	return (void *)rsa;
}

#define RNG_BUF_SIZE 100


// This function is only required if public key cryptography
// has been selected in your variant set up.
// Set a mutex in this function and get a cache;
// using the ICA device to get random numbers a byte at a
//  time is VERY slow..  Keygen is gated by this function.

unsigned char
nextRandom (void) 
{

	static unsigned char  buffer[RNG_BUF_SIZE];
	unsigned char  byte;
	static int used = (RNG_BUF_SIZE); // protected access by the mutex
	
	pthread_mutex_lock(&nextmutex);
	if (used >= RNG_BUF_SIZE){
		rng_generate(buffer,sizeof(buffer));
		used = 0;
	}
	
	byte = buffer[used++];
	pthread_mutex_unlock(&nextmutex);
	return((unsigned char)byte);
	
}


CK_RV
os_specific_rsa_keygen(TEMPLATE *publ_tmpl,  TEMPLATE *priv_tmpl)
{
	CK_ATTRIBUTE       * publ_exp = NULL;
	CK_ATTRIBUTE       * attr     = NULL;
	CK_ULONG             mod_bits;
	CK_BBOOL             flag;
	CK_RV                rc;
	CK_ULONG             BNLength;
	RSA *rsa;
	BIGNUM *bignum;
	CK_BYTE *ssl_ptr;
	unsigned long three = 3;
	unsigned char *exp_str;
	unsigned long exponent;

	flag = template_attribute_find( publ_tmpl, CKA_MODULUS_BITS, &attr );
	if (!flag){
		st_err_log(48, __FILE__, __LINE__);
		return CKR_TEMPLATE_INCOMPLETE;  // should never happen
        }
	mod_bits = *(CK_ULONG *)attr->pValue;
	flag = template_attribute_find( publ_tmpl, CKA_PUBLIC_EXPONENT, 
					&publ_exp );
	if (!flag){
		st_err_log(48, __FILE__, __LINE__);
		return CKR_TEMPLATE_INCOMPLETE;
	}

	if (mod_bits < 512 || mod_bits > 2048) {
		st_err_log(19, __FILE__, __LINE__);
		return CKR_KEY_SIZE_RANGE;
	}

	// Because of a limition of OpenSSL, this token only supports
	// 3 as an exponent in RSA key generation

	rsa = RSA_new();
	if (rsa == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		return CKR_HOST_MEMORY;
	}
	RSA_blinding_off(rsa);
	rsa = RSA_generate_key(mod_bits, three, NULL, NULL);
	if (rsa == NULL) {
		st_err_log(4, __FILE__, __LINE__);
		return CKR_FUNCTION_FAILED;
	}

	// Now fill in the objects..
	//
	// modulus: n
	//
	bignum = rsa->n;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_MODULUS, ssl_ptr, 
			      BNLength, &attr ); // in bytes
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
        }
	template_update_attribute( publ_tmpl, attr );
	free(ssl_ptr);

	// Public Exponent
        bignum = rsa->e;
        BNLength = BN_num_bytes(bignum);
        ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
        BNLength = BN_bn2bin(bignum, ssl_ptr);
        rc = build_attribute( CKA_PUBLIC_EXPONENT, ssl_ptr, 
			      BNLength, &attr ); // in bytes
        if (rc != CKR_OK){
                st_err_log(84, __FILE__, __LINE__);
                goto done;
        }
        template_update_attribute( publ_tmpl, attr );
        free(ssl_ptr);

	// local = TRUE
	//
	flag = TRUE;
	rc = build_attribute( CKA_LOCAL, &flag, sizeof(CK_BBOOL), &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( publ_tmpl, attr );

	//
	// now, do the private key
	//
	// Cheat here and put the whole original key into the CKA_VALUE... 
	// remember to force the system to not return this for RSA keys..

	// Add the modulus to the private key information

	bignum = rsa->n;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_MODULUS, ssl_ptr, 
			      BNLength ,&attr ); // in bytes
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	// Private Exponent

        bignum = rsa->d;
        BNLength = BN_num_bytes(bignum);
        ssl_ptr = malloc( BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
        BNLength = BN_bn2bin(bignum, ssl_ptr);
        rc = build_attribute( CKA_PRIVATE_EXPONENT, ssl_ptr, BNLength, &attr );
        if (rc != CKR_OK){
                st_err_log(84, __FILE__, __LINE__);
                goto done;
        }
        template_update_attribute( priv_tmpl, attr );
        free(ssl_ptr);

	// prime #1: p
	//
	bignum = rsa->p;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_PRIME_1, ssl_ptr, BNLength, &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	// prime #2: q
	//
	bignum = rsa->q;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_PRIME_2, ssl_ptr, BNLength, &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	// exponent 1: d mod(p-1)
	//
	bignum = rsa->dmp1;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_EXPONENT_1, ssl_ptr, BNLength, &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	// exponent 2: d mod(q-1)
	//
	bignum = rsa->dmq1;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_EXPONENT_2, ssl_ptr, BNLength, &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	// CRT coefficient:  q_inverse mod(p)
	//
	bignum = rsa->iqmp;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_COEFFICIENT, ssl_ptr, BNLength, &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	flag = TRUE;
	rc = build_attribute( CKA_LOCAL, &flag, sizeof(CK_BBOOL), &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	
done:
	RSA_free(rsa);
	return rc;
}

CK_RV
token_specific_rsa_generate_keypair( TEMPLATE  * publ_tmpl,
				     TEMPLATE  * priv_tmpl )
{