📄 mech_des.c
字号:
return ckm_des_cbc_encrypt( in_data, in_data_len, out_data, out_data_len, ctx->mech.pParameter, attr->pValue );}////CK_RVdes_cbc_decrypt( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len){ OBJECT *key = NULL; CK_ATTRIBUTE *attr = NULL; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // CKM_DES_CBC requires the input data to be an integral // multiple of the block size // if (in_data_len % DES_BLOCK_SIZE != 0){ st_err_log(112, __FILE__, __LINE__); return CKR_ENCRYPTED_DATA_LEN_RANGE; } rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc; } rc = template_attribute_find( key->template, CKA_VALUE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } if (length_only == TRUE) { *out_data_len = in_data_len; return CKR_OK; } if (*out_data_len < in_data_len) { *out_data_len = in_data_len; st_err_log(111, __FILE__, __LINE__); return CKR_BUFFER_TOO_SMALL; } return ckm_des_cbc_decrypt( in_data, in_data_len, out_data, out_data_len, ctx->mech.pParameter, attr->pValue );}////CK_RVdes_cbc_pad_encrypt( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len){ OBJECT *key = NULL; CK_ATTRIBUTE *attr = NULL; CK_BYTE *clear = NULL; CK_ULONG padded_len; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // DES-CBC-PAD has no input length requirements // rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc; } rc = template_attribute_find( key->template, CKA_VALUE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // compute the output length, accounting for padding // padded_len = DES_BLOCK_SIZE * (in_data_len / DES_BLOCK_SIZE + 1); if (length_only == TRUE) { *out_data_len = padded_len; return CKR_OK; } if (*out_data_len < padded_len) { *out_data_len = padded_len; st_err_log(111, __FILE__, __LINE__); return CKR_BUFFER_TOO_SMALL; } clear = (CK_BYTE *)malloc( padded_len ); if (!clear){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memcpy( clear, in_data, in_data_len ); add_pkcs_padding( clear + in_data_len, DES_BLOCK_SIZE, in_data_len, padded_len ); rc = ckm_des_cbc_encrypt( clear, padded_len, out_data, out_data_len, ctx->mech.pParameter, attr->pValue ); if (rc != CKR_OK) st_err_log(113, __FILE__, __LINE__); free( clear ); return rc;}////CK_RVdes_cbc_pad_decrypt( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len){ OBJECT *key = NULL; CK_ATTRIBUTE *attr = NULL; CK_BYTE *clear = NULL; CK_ULONG padded_len; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // // no need to validate the input length since we'll pad as necessary // rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc; } rc = template_attribute_find( key->template, CKA_VALUE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // we're decrypting so even with CBC-PAD, we should have an integral // number of block to decrypt // if (in_data_len % DES_BLOCK_SIZE != 0){ st_err_log(112, __FILE__, __LINE__); return CKR_ENCRYPTED_DATA_LEN_RANGE; } // the amount of cleartext after stripping the padding will actually be less // than the input bytes... // padded_len = in_data_len; if (length_only == TRUE) { *out_data_len = padded_len; return CKR_OK; } clear = (CK_BYTE *)malloc( padded_len ); if (!clear){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } rc = ckm_des_cbc_decrypt( in_data, in_data_len, clear, &padded_len, ctx->mech.pParameter, attr->pValue ); if (rc == CKR_OK) { strip_pkcs_padding( clear, padded_len, out_data_len ); memcpy( out_data, clear, *out_data_len ); } else st_err_log(114, __FILE__, __LINE__); free( clear ); return rc;}////CK_RVdes_ecb_encrypt_update( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len ){ DES_CONTEXT * context = NULL; CK_ATTRIBUTE * attr = NULL; OBJECT * key = NULL; CK_BYTE * clear = NULL; CK_ULONG total, remain, out_len; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } context = (DES_CONTEXT *)ctx->context; total = (context->len + in_data_len); if (total < DES_BLOCK_SIZE) { if (length_only == FALSE) { memcpy( context->data + context->len, in_data, in_data_len ); context->len += in_data_len; } *out_data_len = 0; return CKR_OK; } else { // we have at least 1 block // remain = (total % DES_BLOCK_SIZE); out_len = (total - remain); // should always be at least 1 block if (length_only == TRUE) { *out_data_len = out_len; return CKR_OK; } rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc; } rc = template_attribute_find( key->template, CKA_VALUE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } clear = (CK_BYTE *)malloc( out_len ); if (!clear){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } // copy any data left over from the previous encryption operation first // memcpy( clear, context->data, context->len ); memcpy( clear + context->len, in_data, out_len - context->len ); rc = ckm_des_ecb_encrypt( clear, out_len, out_data, out_data_len, attr->pValue ); if (rc == CKR_OK) { *out_data_len = out_len; // update the context buffer. we already used the buffer's current // contents so we completely overwrite it // if (remain != 0) memcpy( context->data, in_data + (in_data_len - remain), remain ); context->len = remain; } else st_err_log(115, __FILE__, __LINE__); free( clear ); return rc; } st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; // shouldn't reach this}////CK_RVdes_ecb_decrypt_update( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len ){ DES_CONTEXT * context = NULL; CK_ATTRIBUTE * attr = NULL; OBJECT * key = NULL; CK_BYTE * cipher = NULL; CK_ULONG total, remain, out_len; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } context = (DES_CONTEXT *)ctx->context; total = (context->len + in_data_len); if (total < DES_BLOCK_SIZE) { if (length_only == FALSE) { memcpy( context->data + context->len, in_data, in_data_len ); context->len += in_data_len; } *out_data_len = 0; return CKR_OK; } else { // we have at least 1 block // remain = (total % DES_BLOCK_SIZE); out_len = total - remain; if (length_only == TRUE) { *out_data_len = out_len; return CKR_OK; } rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc; } rc = template_attribute_find( key->template, CKA_VALUE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } cipher = (CK_BYTE *)malloc( out_len ); if (!cipher){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } // copy any data left over from the previous decryption operation first // memcpy( cipher, context->data, context->len ); memcpy( cipher + context->len, in_data, out_len - context->len ); rc = ckm_des_ecb_decrypt( cipher, out_len, out_data, out_data_len, attr->pValue ); if (rc == CKR_OK) { *out_data_len = out_len; // copy the remaining 'new' input data to the context buffer // if (remain != 0) memcpy( context->data, in_data + (in_data_len - remain), remain ); context->len = remain; } else st_err_log(116, __FILE__, __LINE__); free( cipher ); return rc; } st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; // shouldn't reach this}////CK_RVdes_cbc_encrypt_update( SESSION *sess, CK_BBOOL length_only, ENCR_DECR_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len ){ DES_CONTEXT * context = NULL; CK_ATTRIBUTE * attr = NULL; OBJECT * key = NULL; CK_BYTE * clear = NULL; CK_ULONG total, remain, out_len; CK_RV rc; if (!sess || !ctx || !out_data_len){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } context = (DES_CONTEXT *)ctx->context; total = (context->len + in_data_len); if (total < DES_BLOCK_SIZE) { if (length_only == FALSE) { memcpy( context->data + context->len, in_data, in_data_len ); context->len += in_data_len; } *out_data_len = 0; return CKR_OK; } else { // we have at least 1 block // remain = (total % DES_BLOCK_SIZE); out_len = total - remain; if (length_only == TRUE) { *out_data_len = out_len; return CKR_OK; } rc = object_mgr_find_in_map1( ctx->key, &key ); if (rc != CKR_OK){ st_err_log(110, __FILE__, __LINE__); return rc; } rc = template_attribute_find( key->template, CKA_VALUE, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // these buffers need to be longword aligned // clear = (CK_BYTE *)malloc( out_len ); if (!clear){ st_err_log(0, __FILE__, __LINE__); return CKR_HOST_MEMORY; } // copy any data left over from the previous encryption operation first // memcpy( clear, context->data, context->len ); memcpy( clear + context->len, in_data, out_len - context->len ); rc = ckm_des_cbc_encrypt( clear, out_len, out_data, out_data_len, ctx->mech.pParameter, attr->pValue ); if (rc == CKR_OK) { *out_data_len = out_len; // the new init_v is the last encrypted data block // memcpy( ctx->mech.pParameter, out_data + (*out_data_len - DES_BLOCK_SIZE), DES_BLOCK_SIZE );⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -