📄 mech_aes.c
字号:
ENCR_DECR_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len ){ AES_CONTEXT * context = NULL; CK_ATTRIBUTE * attr = NULL; OBJECT * key = NULL; CK_BYTE * clear = NULL; CK_BYTE key_value[AES_KEY_SIZE_256]; CK_KEY_TYPE keytype; CK_ULONG total, remain, out_len; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } context = (AES_CONTEXT *)ctx->context; total = (context->len + in_data_len); // note, this is subtly different from the other encrypt update routines // if (total <= AES_BLOCK_SIZE) { if (length_only == FALSE) { memcpy( context->data + context->len, in_data, in_data_len ); context->len += in_data_len; } *out_data_len = 0; return CKR_OK; } else { remain = (total % AES_BLOCK_SIZE); out_len = total - remain; // out_len is a multiple of DES_BLOCK_SIZE if (remain == 0) { remain = AES_BLOCK_SIZE; out_len -= AES_BLOCK_SIZE; } if (length_only == TRUE) { *out_data_len = out_len; return CKR_OK; } // at this point, we should have: // 1) remain != 0 // 2) out_len != 0 // rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc; } rc = template_attribute_find( key->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } keytype = *(CK_KEY_TYPE *)attr->pValue; rc = template_attribute_find( key->template, CKA_VALUE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } memcpy( key_value, attr->pValue, attr->ulValueLen ); // these buffers need to be longword aligned // clear = (CK_BYTE *)malloc( out_len ); if (!clear){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } // copy any data left over from the previous encryption operation first // memcpy( clear, context->data, context->len ); memcpy( clear + context->len, in_data, out_len - context->len ); // // we don't do padding during the update // rc = ckm_aes_cbc_encrypt( clear, out_len, out_data, out_data_len, ctx->mech.pParameter, key_value, attr->ulValueLen ); if (rc == CKR_OK) { // the new init_v is the last encrypted data block // memcpy( ctx->mech.pParameter, out_data + (*out_data_len - AES_BLOCK_SIZE), AES_BLOCK_SIZE ); // copy the remaining 'new' input data to the temporary space // if (remain != 0) memcpy( context->data, in_data + (in_data_len - remain), remain ); context->len = remain; } free( clear ); return rc; }}////CK_RVaes_cbc_pad_decrypt_update( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len ){ AES_CONTEXT * context = NULL; CK_ATTRIBUTE * attr = NULL; OBJECT * key = NULL; CK_BYTE * cipher = NULL; CK_BYTE key_value[AES_KEY_SIZE_256]; CK_KEY_TYPE keytype; CK_ULONG total, remain, out_len; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } context = (AES_CONTEXT *)ctx->context; total = (context->len + in_data_len); // note, this is subtly different from the other decrypt update routines // if (total <= AES_BLOCK_SIZE) { if (length_only == FALSE) { memcpy( context->data + context->len, in_data, in_data_len ); context->len += in_data_len; } *out_data_len = 0; return CKR_OK; } else { // we have at least 1 block + 1 byte // remain = total % AES_BLOCK_SIZE; out_len = total - remain; if (remain == 0) { remain = AES_BLOCK_SIZE; out_len -= AES_BLOCK_SIZE; } if (length_only == TRUE) { *out_data_len = out_len; return CKR_OK; } // at this point, we should have: // 1) remain != 0 // 2) out_len != 0 // rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc; } rc = template_attribute_find( key->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } keytype = *(CK_KEY_TYPE *)attr->pValue; rc = template_attribute_find( key->template, CKA_VALUE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } memcpy( key_value, attr->pValue, attr->ulValueLen ); // these buffers need to be longword aligned // cipher = (CK_BYTE *)malloc( out_len ); if (!cipher){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } // copy any data left over from the previous decryption operation first // memcpy( cipher, context->data, context->len ); memcpy( cipher + context->len, in_data, out_len - context->len ); rc = ckm_aes_cbc_decrypt( cipher, out_len, out_data, out_data_len, ctx->mech.pParameter, key_value, attr->ulValueLen ); if (rc == CKR_OK) { // the new init_v is the last input data block // memcpy( ctx->mech.pParameter, cipher + (out_len - AES_BLOCK_SIZE), AES_BLOCK_SIZE ); // copy the remaining 'new' input data to the temporary space // if (remain != 0) memcpy( context->data, in_data + (in_data_len - remain), remain ); context->len = remain; } free( cipher ); return rc; } st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED;}////CK_RVaes_ecb_encrypt_final( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *out_data, CK_ULONG *out_data_len ){ AES_CONTEXT *context = NULL; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // satisfy the compiler // if (length_only) context = NULL; context = (AES_CONTEXT *)ctx->context; // DES3-ECB does no padding so there had better not be // any data in the context buffer. if there is it means // that the overall data length was not a multiple of the blocksize // if (context->len != 0){ st_err_log(11, __FILE__, __LINE__); return CKR_DATA_LEN_RANGE; } *out_data_len = 0; return CKR_OK;}////CK_RVaes_ecb_decrypt_final( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *out_data, CK_ULONG *out_data_len ){ AES_CONTEXT *context = NULL; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // satisfy the compiler // if (length_only) context = NULL; context = (AES_CONTEXT *)ctx->context; // DES3-ECB does no padding so there had better not be // any data in the context buffer. if there is it means // that the overall data length was not a multiple of the blocksize // if (context->len != 0){ st_err_log(11, __FILE__, __LINE__); return CKR_DATA_LEN_RANGE; } *out_data_len = 0; return CKR_OK;}////CK_RVaes_cbc_encrypt_final( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *out_data, CK_ULONG *out_data_len ){ AES_CONTEXT *context = NULL; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // satisfy the compiler // if (length_only) context = NULL; context = (AES_CONTEXT *)ctx->context; // DES3-CBC does no padding so there had better not be // any data in the context buffer. if there is it means // that the overall data length was not a multiple of the blocksize // if (context->len != 0){ st_err_log(11, __FILE__, __LINE__); return CKR_DATA_LEN_RANGE; } *out_data_len = 0; return CKR_OK;}////CK_RVaes_cbc_decrypt_final( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *out_data, CK_ULONG *out_data_len ){ AES_CONTEXT *context = NULL; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // satisfy the compiler // if (length_only) context = NULL; context = (AES_CONTEXT *)ctx->context; if (context->len != 0){ st_err_log(11, __FILE__, __LINE__); return CKR_DATA_LEN_RANGE; } *out_data_len = 0; return CKR_OK;}////CK_RVaes_cbc_pad_encrypt_final( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *out_data, CK_ULONG *out_data_len ){ AES_CONTEXT *context = NULL; OBJECT *key = NULL; CK_ATTRIBUTE *attr = NULL; CK_BYTE clear[2*AES_BLOCK_SIZE]; CK_BYTE key_value[AES_KEY_SIZE_256]; CK_KEY_TYPE keytype; CK_ULONG out_len; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -