cr_specific.c

IBM的Linux上的PKCS#11实现

	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	// exponent 1: d mod(p-1)
	//
	bignum = rsa->dmp1;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_EXPONENT_1, ssl_ptr, BNLength, &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	// exponent 2: d mod(q-1)
	//
	bignum = rsa->dmq1;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_EXPONENT_2, ssl_ptr, BNLength, &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	// CRT coefficient:  q_inverse mod(p)
	//
	bignum = rsa->iqmp;
	BNLength = BN_num_bytes(bignum);
	ssl_ptr = malloc(BNLength);
	if (ssl_ptr == NULL) {
		st_err_log(1, __FILE__, __LINE__);
		rc = CKR_HOST_MEMORY;
		goto done;
	}
	BNLength = BN_bn2bin(bignum, ssl_ptr);
	rc = build_attribute( CKA_COEFFICIENT, ssl_ptr, BNLength, &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );
	free(ssl_ptr);

	flag = TRUE;
	rc = build_attribute( CKA_LOCAL, &flag, sizeof(CK_BBOOL), &attr );
	if (rc != CKR_OK){
		st_err_log(84, __FILE__, __LINE__);
		goto done;
	}
	template_update_attribute( priv_tmpl, attr );

done:
	RSA_free(rsa);
	return rc;
}

CK_RV
token_specific_rsa_generate_keypair( TEMPLATE  * publ_tmpl,
                                     TEMPLATE  * priv_tmpl )
{
	CK_RV                rc;

	rc = os_specific_rsa_keygen(publ_tmpl,priv_tmpl);
	if (rc != CKR_OK)
		st_err_log(91, __FILE__, __LINE__);
	return rc;
}

CK_RV token_specific_rsa_encrypt( CK_BYTE   *in_data,
                                  CK_ULONG  in_data_len,
                                  CK_BYTE   *out_data,
                                  OBJECT    *key_obj )
{
    RC              rc;
    CK_RV           ret_val ;
    rsa_key         *mexp;
    token           ciphertext, plaintext ;
    CK_ULONG        count ;

    mexp = (rsa_key *)rsa_convert_public_key(key_obj);
    if (mexp == NULL) 
          return CKR_FUNCTION_FAILED;

    /* Setup the input and output Corrent tokens */
    plaintext.p_data     = in_data ;
    plaintext.data_size  = in_data_len ;
    ciphertext.p_data    = out_data ;
    ciphertext.data_size = in_data_len ; /* will be updated by the CR lib */

    rc = CR_mod_exp_mont(&ciphertext, &plaintext, mexp->modulus, mexp->exponent) ;
    if ( rc == SUCCESS )
        ret_val = CKR_OK;
    else
        ret_val = CKR_FUNCTION_FAILED;

    /* Corrent library may return results after triming leading zeros. Insert the leading
       zeros back and adjust length below, if necessary */
    if (ciphertext.data_size < in_data_len) 
    {
        memmove(&out_data[in_data_len-ciphertext.data_size], &out_data[0], ciphertext.data_size) ;
        memset(&out_data[0], 0, in_data_len-ciphertext.data_size) ;
        ciphertext.data_size = in_data_len ;
    }

    /* Free the key storage for CR format */
    destroy_rsa_key((rsa_key *) mexp) ;

    return ret_val ;

} /* end token_specific_rsa_encrypt() */

CK_RV token_specific_rsa_decrypt( CK_BYTE   *in_data,
                                  CK_ULONG  in_data_len,
                                  CK_BYTE   *out_data,
                                  OBJECT    *key_obj )
{
    CK_ATTRIBUTE    *modulus ;
    RC              rc ;
    CK_RV           ret_val;
    rsa_crt_key     *privKey = NULL;
    rsa_key         *privKey2 = NULL;
    token           ciphertext, plaintext ;
    INT32           count ;

    rc  = template_attribute_find( key_obj->template, CKA_MODULUS, &modulus );
    if ( rc == FALSE) 
        return CKR_FUNCTION_FAILED;

    /* CRT operations are faster for N>1024 operations. For all other operations, 
       perform non-CRT operations */

    if (modulus->ulValueLen > 1024)
        privKey = (rsa_crt_key *)rsa_convert_private_key(key_obj);
    else
        privKey2 = (rsa_key *)rsa_convert_private_key(key_obj);

    if ((privKey == NULL) && (privKey2 == NULL))
       return CKR_FUNCTION_FAILED;

    memset(out_data, 0, in_data_len) ;

    /* Setup the input and output Corrent tokens */
    ciphertext.p_data     = in_data ;
    ciphertext.data_size  = in_data_len ;
    plaintext.p_data      = out_data ;
    plaintext.data_size   = in_data_len ; /* will be updated by the CR lib */
 
    /* Based on modulus size, invoke CRT or non-CRT */
    if (modulus->ulValueLen > 1024)
        rc = CR_mod_exp_crt(&plaintext, &ciphertext, privKey->prime_p, privKey->prime_q, 
                            privKey->dmp1, privKey->dmq1, privKey->iqmp) ;
    else
        rc = CR_mod_exp_mont(&plaintext, &ciphertext, privKey2->modulus, privKey2->exponent) ;

    /* Corrent library returns results after triming leading zeros. Insert the leading
       zeros back and adjust length below, if necessary */
    if (plaintext.data_size < in_data_len) 
    {
        memmove(&out_data[in_data_len-plaintext.data_size], &out_data[0], plaintext.data_size) ;
        memset(&out_data[0], 0, in_data_len-plaintext.data_size) ;
        plaintext.data_size = in_data_len ;
    }

    if ( rc == SUCCESS )
        ret_val = CKR_OK;
    else
        ret_val = CKR_FUNCTION_FAILED;

    /* Free the key storage for CR format */
    if (modulus->ulValueLen > 1024)
        destroy_rsa_crt_key((rsa_crt_key *) privKey) ;
    else
        destroy_rsa_key((rsa_key *) privKey2) ;

    return ret_val ;

} /* end token_specific_rsa_decrypt() */


CK_RV
token_specific_des_ecb(CK_BYTE * in_data,
                       CK_ULONG in_data_len,
                       CK_BYTE *out_data,
                       CK_ULONG *out_data_len,
                       CK_BYTE  *key_value,
                       CK_BYTE  encrypt)
{
	CK_ULONG       rc;
	
	des_key_schedule des_key2;
   	const_des_cblock key_val_SSL, in_key_data;
	des_cblock out_key_data;
	int i,j;
   	int ret;

  	// Create the key schedule
	memcpy(&key_val_SSL, key_value, 8);
	des_set_key_unchecked(&key_val_SSL, des_key2);

	// the des decrypt will only fail if the data length is not evenly divisible
	// by 8
	if (in_data_len % 8 ){
		st_err_log(11, __FILE__, __LINE__);
		return CKR_DATA_LEN_RANGE;
	}

	// Both the encrypt and the decrypt are done 8 bytes at a time
	if (encrypt) {
		for (i=0; i<in_data_len; i=i+8) {
			memcpy(in_key_data, in_data+i, 8);
			des_ecb_encrypt(&in_key_data, &out_key_data, des_key2, DES_ENCRYPT);
			memcpy(out_data+i, out_key_data, 8);
		}

		*out_data_len = in_data_len;
		rc = CKR_OK;
	} else {
 
		for(j=0; j < in_data_len; j=j+8) {
			memcpy(in_key_data, in_data+j, 8);
			des_ecb_encrypt(&in_key_data, &out_key_data, des_key2, DES_DECRYPT);
			memcpy(out_data+j, out_key_data, 8);
		}
     
	*out_data_len = in_data_len;
	rc = CKR_OK;
	}

   return rc;
}

CK_RV
token_specific_des_cbc(CK_BYTE * in_data,
                       CK_ULONG in_data_len,
                       CK_BYTE *out_data,
                       CK_ULONG *out_data_len,
                       CK_BYTE  *key_value, 
                       CK_BYTE *init_v,
                       CK_BYTE  encrypt)
{
	CK_ULONG         rc;
	
	des_cblock ivec;
	int ret;

	des_key_schedule des_key2;
   	const_des_cblock key_val_SSL, in_key_data;
	des_cblock out_key_data;

	// Create the key schedule
	memcpy(&key_val_SSL, key_value, 8);
   	des_set_key_unchecked(&key_val_SSL, des_key2);
   
	memcpy(&ivec, init_v, 8);
	// the des decrypt will only fail if the data length is not evenly divisible
	// by 8
	if (in_data_len % 8 ){
		st_err_log(11, __FILE__, __LINE__);
		return CKR_DATA_LEN_RANGE;
	}


	if ( encrypt){
		des_ncbc_encrypt(in_data, out_data, in_data_len, des_key2, &ivec, DES_ENCRYPT);
		*out_data_len = in_data_len;
		rc = CKR_OK;
	} else {
		des_ncbc_encrypt(in_data, out_data, in_data_len, des_key2, &ivec, DES_DECRYPT);
		*out_data_len = in_data_len;
		rc = CKR_OK;
	}
	return rc;
}

CK_RV
token_specific_tdes_ecb(CK_BYTE * in_data,
                       CK_ULONG in_data_len,
                       CK_BYTE *out_data,
                       CK_ULONG *out_data_len,
                       CK_BYTE  *key_value,
                       CK_BYTE  encrypt)
{
	CK_RV  rc;

	int k,j, ret;
	des_cblock out_temp;
	des_key_schedule des_key1;
	des_key_schedule des_key2;
	des_key_schedule des_key3;

   	const_des_cblock key_SSL1, key_SSL2, key_SSL3, in_key_data;
	des_cblock out_key_data;

	// The key as passed is a 24 byte long string containing three des keys
	// pick them apart and create the 3 corresponding key schedules
	memcpy(&key_SSL1, key_value, 8);
	memcpy(&key_SSL2, key_value+8, 8);
	memcpy(&key_SSL3, key_value+16, 8);
	des_set_key_unchecked(&key_SSL1, des_key1);
	des_set_key_unchecked(&key_SSL2, des_key2);
	des_set_key_unchecked(&key_SSL3, des_key3);

	// the des decrypt will only fail if the data length is not evenly divisible
	// by 8
	if (in_data_len % 8 ){
		st_err_log(11, __FILE__, __LINE__);
		return CKR_DATA_LEN_RANGE;
	}

	// the encrypt and decrypt are done 8 bytes at a time
	if (encrypt) {
		for(k=0;k<in_data_len;k=k+8){
		memcpy(in_key_data, in_data+k, 8);
		des_ecb3_encrypt(&in_key_data, 
				&out_key_data, 
				des_key1, 
				des_key2,
				des_key3,
				DES_ENCRYPT);
		memcpy(out_data+k, out_key_data, 8);
	}
	*out_data_len = in_data_len;
	rc = CKR_OK;
	} else {
		for (j=0;j<in_data_len;j=j+8){
		memcpy(in_key_data, in_data+j, 8);
		des_ecb3_encrypt(&in_key_data,
				&out_key_data, 
				des_key1,
				des_key2,
				des_key3, 
				DES_DECRYPT);
		memcpy(out_data+j, out_key_data, 8);
	}
      *out_data_len = in_data_len;
      rc = CKR_OK;
   }
   return rc;
}

CK_RV
token_specific_tdes_cbc(CK_BYTE * in_data,
                       CK_ULONG in_data_len,
                       CK_BYTE *out_data,
                       CK_ULONG *out_data_len,
                       CK_BYTE  *key_value, 
                       CK_BYTE *init_v,
                       CK_BYTE  encrypt)
{