📄 keyload.c
字号:
};
/* The DH key uses cryptlib-internal mechanisms, the following data and
associated test can't be used with an unmodified version of cryptlib */
#ifdef TEST_DH
#define CRYPT_IATTRIBUTE_KEY_SPKI 8015
static const BYTE dh1024SPKI[] = {
0x30, 0x82, 0x01, 0x21,
0x30, 0x82, 0x01, 0x17,
0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3E, 0x02, 0x01,
0x30, 0x82, 0x01, 0x0A,
0x02, 0x81, 0x81, 0x00, /* p */
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0x02, 0x01, /* g */
0x02,
0x02, 0x81, 0x80, /* q */
0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xE4, 0x87, 0xED, 0x51, 0x10, 0xB4, 0x61, 0x1A,
0x62, 0x63, 0x31, 0x45, 0xC0, 0x6E, 0x0E, 0x68,
0x94, 0x81, 0x27, 0x04, 0x45, 0x33, 0xE6, 0x3A,
0x01, 0x05, 0xDF, 0x53, 0x1D, 0x89, 0xCD, 0x91,
0x28, 0xA5, 0x04, 0x3C, 0xC7, 0x1A, 0x02, 0x6E,
0xF7, 0xCA, 0x8C, 0xD9, 0xE6, 0x9D, 0x21, 0x8D,
0x98, 0x15, 0x85, 0x36, 0xF9, 0x2F, 0x8A, 0x1B,
0xA7, 0xF0, 0x9A, 0xB6, 0xB6, 0xA8, 0xE1, 0x22,
0xF2, 0x42, 0xDA, 0xBB, 0x31, 0x2F, 0x3F, 0x63,
0x7A, 0x26, 0x21, 0x74, 0xD3, 0x1B, 0xF6, 0xB5,
0x85, 0xFF, 0xAE, 0x5B, 0x7A, 0x03, 0x5B, 0xF6,
0xF7, 0x1C, 0x35, 0xFD, 0xAD, 0x44, 0xCF, 0xD2,
0xD7, 0x4F, 0x92, 0x08, 0xBE, 0x25, 0x8F, 0xF3,
0x24, 0x94, 0x33, 0x28, 0xF6, 0x73, 0x29, 0xC0,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0x03, 0x04, 0x00,
0x02, 0x01, 0x00 /* y */
};
#endif /* TEST_DH */
/****************************************************************************
* *
* Key Load Routines *
* *
****************************************************************************/
/* Set the label for a device object */
static BOOLEAN setLabel( const CRYPT_CONTEXT cryptContext, const C_STR label )
{
if( cryptSetAttributeString( cryptContext, CRYPT_CTXINFO_LABEL,
label, paramStrlen( label ) ) == CRYPT_ERROR_DUPLICATE )
{
printf( "A key object with the label '%s' already exists inside the\n"
"device. To perform this test, you need to delete the "
"existing object so\nthat cryptlib can create a new one.\n",
label );
return( FALSE );
}
return( TRUE );
}
/* Load DH, RSA, DSA, and Elgamal PKC encrytion contexts */
#ifdef TEST_DH
typedef struct {
void *data; /* Data */
int length; /* Length */
} xRESOURCE_DATA;
#define xsetMessageData( msgDataPtr, dataPtr, dataLength ) \
{ \
( msgDataPtr )->data = ( dataPtr ); \
( msgDataPtr )->length = ( dataLength ); \
}
BOOLEAN loadDHKey( const CRYPT_DEVICE cryptDevice,
CRYPT_CONTEXT *cryptContext )
{
const BOOLEAN isDevice = ( cryptDevice != CRYPT_UNUSED ) ? TRUE : FALSE;
int status;
if( isDevice )
status = cryptDeviceCreateContext( cryptDevice, cryptContext,
CRYPT_ALGO_DH );
else
status = cryptCreateContext( cryptContext, CRYPT_UNUSED,
CRYPT_ALGO_DH );
if( cryptStatusError( status ) )
{
printf( "crypt%sCreateContext() failed with error code %d.\n",
isDevice ? "Device" : "", status );
return( status );
}
if( !setLabel( *cryptContext, "DH key" ) )
{
cryptDestroyContext( *cryptContext );
return( status );
}
if( cryptStatusOK( status ) )
{
#if 1 /* Undefine to test DH keygen */
status = cryptGenerateKey( *cryptContext );
#else
xRESOURCE_DATA msgData;
xsetMessageData( &msgData, ( void * ) dh1024SPKI,
sizeof( dh1024SPKI ) );
#if 0
status = krnlSendMessage( *cryptContext, IMESSAGE_SETATTRIBUTE_S,
&msgData, CRYPT_IATTRIBUTE_KEY_SPKI );
#else
status = cryptDeviceQueryCapability( *cryptContext, 1000,
( CRYPT_QUERY_INFO * ) &msgData );
#endif /* 0 */
#endif /* 0 */
}
if( cryptStatusError( status ) )
{
printf( "DH key load failed, status = %d, line %d.\n", status,
__LINE__ );
cryptDestroyContext( *cryptContext );
return( FALSE );
}
return( TRUE );
}
#endif /* TEST_DH */
static int loadRSAPublicKey( const CRYPT_DEVICE cryptDevice,
CRYPT_CONTEXT *cryptContext,
const C_STR cryptContextLabel,
CRYPT_PKCINFO_RSA *rsaKey,
const BOOLEAN isDevice,
const BOOLEAN useLargeKey )
{
const RSA_KEY *rsaKeyTemplate = useLargeKey ? \
&rsa1024TestKey : &rsa512TestKey;
int status;
if( isDevice )
status = cryptDeviceCreateContext( cryptDevice, cryptContext,
CRYPT_ALGO_RSA );
else
status = cryptCreateContext( cryptContext, CRYPT_UNUSED,
CRYPT_ALGO_RSA );
if( cryptStatusError( status ) )
{
printf( "crypt%sCreateContext() failed with error code %d.\n",
isDevice ? "Device" : "", status );
return( status );
}
if( !setLabel( *cryptContext, cryptContextLabel ) )
{
cryptDestroyContext( *cryptContext );
return( status );
}
cryptInitComponents( rsaKey, CRYPT_KEYTYPE_PUBLIC );
cryptSetComponent( rsaKey->n, rsaKeyTemplate->n, rsaKeyTemplate->nLen );
cryptSetComponent( rsaKey->e, rsaKeyTemplate->e, rsaKeyTemplate->eLen );
status = cryptSetAttributeString( *cryptContext,
CRYPT_CTXINFO_KEY_COMPONENTS, rsaKey,
sizeof( CRYPT_PKCINFO_RSA ) );
cryptDestroyComponents( rsaKey );
if( cryptStatusError( status ) )
cryptDestroyContext( *cryptContext );
return( status );
}
BOOLEAN loadRSAContextsEx( const CRYPT_DEVICE cryptDevice,
CRYPT_CONTEXT *cryptContext,
CRYPT_CONTEXT *decryptContext,
const C_STR cryptContextLabel,
const C_STR decryptContextLabel )
{
CRYPT_PKCINFO_RSA *rsaKey;
const RSA_KEY *rsaKeyTemplate = &rsa512TestKey;
const BOOLEAN isDevice = ( cryptDevice != CRYPT_UNUSED ) ? TRUE : FALSE;
BOOLEAN useLargeKey = FALSE;
int status;
/* Allocate room for the public-key components */
if( ( rsaKey = ( CRYPT_PKCINFO_RSA * ) malloc( sizeof( CRYPT_PKCINFO_RSA ) ) ) == NULL )
return( CRYPT_ERROR_MEMORY );
/* Some devices only support a single key size that isn't the same as
the built-in one so we adjust the key size being used if necessary */
if( isDevice )
{
CRYPT_QUERY_INFO cryptQueryInfo;
status = cryptDeviceQueryCapability( cryptDevice, CRYPT_ALGO_RSA,
&cryptQueryInfo );
if( cryptStatusError( status ) )
return( FALSE );
if( cryptQueryInfo.keySize != 64 )
{
if( cryptQueryInfo.keySize != 128 )
{
printf( "Device requires a %d-bit key, which doesn't "
"correspond to any built-in\ncryptlib key.\n",
cryptQueryInfo.keySize );
return( FALSE );
}
rsaKeyTemplate = &rsa1024TestKey;
useLargeKey = TRUE;
}
}
/* Create the encryption context */
if( cryptContext != NULL )
{
status = loadRSAPublicKey( cryptDevice, cryptContext,
cryptContextLabel, rsaKey, isDevice,
useLargeKey );
if( status == CRYPT_ERROR_NOTAVAIL && isDevice )
{
/* The device doesn't support public-key ops, use a native
context for the public key */
puts( " Warning: Device doesn't support public-key operations, "
"using a cryptlib\n native context instead." );
status = loadRSAPublicKey( CRYPT_UNUSED, cryptContext,
cryptContextLabel, rsaKey, FALSE,
useLargeKey );
}
if( cryptStatusError( status ) )
{
free( rsaKey );
printf( "Key load failed with error code %d.\n", status );
return( FALSE );
}
if( decryptContext == NULL )
{
/* We're only using a public-key context, return */
free( rsaKey );
return( TRUE );
}
}
/* Create the decryption context */
if( isDevice )
status = cryptDeviceCreateContext( cryptDevice, decryptContext,
CRYPT_ALGO_RSA );
else
status = cryptCreateContext( decryptContext, CRYPT_UNUSED,
CRYPT_ALGO_RSA );
if( cryptStatusError( status ) )
{
free( rsaKey );
if( cryptContext != NULL )
{
cryptDestroyContext( *cryptContext );
if( isDevice )
cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME,
cryptContextLabel );
}
printf( "crypt%sCreateContext() failed with error code %d.\n",
isDevice ? "Device" : "", status );
return( FALSE );
}
if( !setLabel( *decryptContext, decryptContextLabel ) )
{
free( rsaKey );
cryptDestroyContext( *decryptContext );
if( cryptContext != NULL )
{
cryptDestroyContext( *cryptContext );
if( isDevice )
cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME,
cryptContextLabel );
}
return( FALSE );
}
cryptInitComponents( rsaKey, CRYPT_KEYTYPE_PRIVATE );
cryptSetComponent( rsaKey->n, rsaKeyTemplate->n, rsaKeyTemplate->nLen );
cryptSetComponent( rsaKey->e, rsaKeyTemplate->e, rsaKeyTemplate->eLen );
cryptSetComponent( rsaKey->d, rsaKeyTemplate->d, rsaKeyTemplate->dLen );
cryptSetComponent( rsaKey->p, rsaKeyTemplate->p, rsaKeyTemplate->pLen );
cryptSetComponent( rsaKey->q, rsaKeyTemplate->q, rsaKeyTemplate->qLen );
cryptSetComponent( rsaKey->u, rsaKeyTemplate->u, rsaKeyTemplate->uLen );
cryptSetComponent( rsaKey->e1, rsaKeyTemplate->e1, rsaKeyTemplate->e1Len );
cryptSetComponent( rsaKey->e2, rsaKeyTemplate->e2, rsaKeyTemplate->e2Len );
status = cryptSetAttributeString( *decryptContext,
CRYPT_CTXINFO_KEY_COMPONENTS, rsaKey,
sizeof( CRYPT_PKCINFO_RSA ) );
cryptDestroyComponents( rsaKey );
free( rsaKey );
if( cryptStatusError( status ) )
{
if( cryptContext != NULL )
{
cryptDestroyContext( *cryptContext );
if( isDevice )
cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME,
cryptContextLabel );
}
cryptDestroyContext( *decryptContext );
if( isDevice )
cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME,
decryptContextLabel );
printf( "Key load failed with error code %d.\n", status );
return( FALSE );
}
return( TRUE );
}
BOOLEAN loadRSAContexts( const CRYPT_DEVICE cryptDevice,
CRYPT_CONTEXT *cryptContext,
CRYPT_CONTEXT *decryptContext )
{
return( loadRSAContextsEx( cryptDevice, cryptContext, decryptContext,
RSA_PUBKEY_LABEL, RSA_PRIVKEY_LABEL ) );
}
BOOLEAN loadDSAContextsEx( const CRYPT_DEVICE cryptDevice,
CRYPT_CONTEXT *signContext,
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -