📄 stacrypt.c
字号:
rc = sha_hash(in_octets, hash_result, more); break; default: sca_errno = EINVALGID; set_errmsg(); goto errcase; } /* end switch */ if (rc < 0) { sca_errno = M_EHASH; set_errmsg(); goto errcase; } /*-----------------------------------------------------*/ /* Now hashing is done */ /* If last call of sca_sign ( more = END) */ /* then call sct-interface */ /*-----------------------------------------------------*/ if (more == END) { /* last call of sca_sign */#ifdef TEST fprintf(stdout, "hash result: \n"); aux_fxdump(stdout, hash_result->octets, hash_result->noctets, 0);#endif#ifdef VERSION10 /* hash-value must have the same length as the modulus */ modulus_len = RSA_PARM(signature->signAI->parm) / 8;#ifdef TEST fprintf(stdout, "modulus len: %d \n", modulus_len);#endif if (hash_result->noctets < modulus_len) { if(algspecial == PKCS_BT_01 || algspecial == PKCS_BT_TD) { /* Here goes PKCS#1 ... */ encodedDigest = aux_create_PKCS_MIC_D(hash_result, signature->signAI); aux_free_OctetString(&hash_result); hash_result = aux_create_PKCSBlock(algspecial, encodedDigest); if(encodedDigest) aux_free_OctetString(&encodedDigest); }#ifdef VERSION10 ALLOC_OCTET(hash2_result, OctetString); hash2_result->noctets = 0; ALLOC_CHAR(hash2_result->octets, (RSA_PARM(signature->signAI->parm) + 7) / 8);#endif i = modulus_len - hash_result->noctets; for (j = 0; j < i; j++) hash2_result->octets[j] = 0x00; for (i = 0; i < hash_result->noctets; i++, j++) hash2_result->octets[j] = hash_result->octets[i]; hash2_result->noctets = modulus_len; aux_free_OctetString(&hash_result); hash_result = hash2_result;#ifdef TEST fprintf(stdout, "hash result: \n"); aux_fxdump(stdout, hash_result->octets, 64, 0);#endif }#endif /*-----------------------------------------------------*/ /* Prepare parameters for the SCT Interface */ /*-----------------------------------------------------*/ command = S_RSA_SIGN; request.rq_p1.kid = sct_keyid; sctint_hash.nbytes = hash_result->noctets; sctint_hash.bytes = hash_result->octets; request.rq_datafield.hash = &sctint_hash; /*-----------------------------------------------------*/ /* Call SCT Interface */ /*-----------------------------------------------------*/ rc = sct_interface(sct_id, command, &request, &response); if (rc < 0) { sca_errno = sct_errno; sca_errmsg = sct_errmsg; err_analyse(sct_id); goto errcase; } /*-----------------------------------------------------*/ /* 1) get returned signature and */ /* 2) if returned modulus length <> given modulus */ /* length (signature->signAI->parm), then the */ /* correct value and M_KEYLEN is returned. */ /*-----------------------------------------------------*/ signature->signature.nbits = 8 * (response.nbytes - 1); for (i = 0; i < (response.nbytes - 1); i++) { signature->signature.bits[i] = response.bytes[i + 1]; }#ifdef TEST fprintf(stdout, "returned signature:\n"); aux_fxdump(stdout, signature->signature.bits, signature->signature.nbits / 8, 0); fprintf(stdout, "\n"); fprintf(stdout, "returned keylength:\n"); aux_fxdump(stdout, &response.bytes[0], 1, 0); fprintf(stdout, "\n"); fprintf(stdout, "given keysize: %d ", RSA_PARM(signature->signAI->parm));#endif if (signature->signAI->parm) { if ((RSA_PARM(signature->signAI->parm) != (int) response.bytes[0]) * 8) { *signature->signAI->parm = (int) response.bytes[0] * 8; sca_errno = M_KEYLEN; } }#ifdef TEST fprintf(stdout, "\nreturned keysize: %d ", RSA_PARM(signature->signAI->parm));#endif /*-----------------------------------------------------*/ /* Normal End (Release storage) */ /*-----------------------------------------------------*/ aux_free_OctetString(&hash_result); sta_aux_bytestr_free(&response); act_function = F_null; } /* end if (more == END) */#ifdef TEST fprintf(stdout, "\n***** Normal end of sca_sign *********************************************\n\n");#endif return (sca_errno); /*-----------------------------------------------------*/ /* In error case release all allocated storage */ /*------------------------------------------------------*/errcase: aux_free_OctetString(&hash_result); free(signature->signature.bits); act_function = F_null; return (-1);} /* end sca_sign *//*-------------------------------------------------------------*//* E N D O F P R O C E D U R E sca_sign *//*-------------------------------------------------------------*/#endif#ifdef ASSEMBLER/*-------------------------------------------------------------*//* | GMD *//* +-----*//* PROC sca_verify VERSION 1.0 *//* DATE Januar 1992 *//* BY U.Viebeg *//*Achtung: Folgende Besonderheit ist NICHT implementiert: Das SCT erwartet im S-RSA-VERIFY Kommando als Laenge des Exponenten: - entweder die X'00' => die Fermatzahl F4 wird vom SCT als Exponent verwendet, oder - die Laenge des Exponenten muss gleich der Laenge des Modulus sein, in diesem Fall muesste der Wert des Exponenten entsprechend mit fuehrenden Nullen aufgefuellt werden. Da das T-1 Programm des SCT kein chaining kann, wuerde die verarbeitbare APDU- Laenge ueberschritten, wenn die Modulus-Laenge = 512 waere. *//* *//* DESCRIPTION *//* Verify a digital signature. *//* The signature algorithm is taken from signature->signAI. *//* *//* A smartcard is not expected. *//* *//* *//* Observe that: *//* If VERSION10 is defined *//* then the result of the hash-function is padded with *//* leading zeroes (X'00') to the modulus length. *//* then the given signature is padded with *//* leading zeroes (X'00') to the modulus length. *//* *//* *//* IN DESCRIPTION *//* sct_id SCT identifier *//* *//* in_octets Octetstring of the data to be *//* signed. *//* *//* signature Signature to be verified and *//* corresponding algorithm *//* *//* more = MORE -> more data is expected *//* = END -> Last data for this *//* verification process. *//* *//* key_sel Structure which identifies the *//* verification key. *//* In the current version only the *//* delivery of a public RSA key is *//* supported (key_sel->key_bits). *//* *//* hash_par Additional algorithm (hash_alg) *//* specific parameters or the NULL *//* pointer. *//* *//* OUT *//* *//* *//* RETURN DESCRIPTION *//* 0 o.k *//* 1 M_SIGOK *//* -1 error *//* M_EINDATA *//* M_EPOINTER *//* EINVALGID *//* M_EMORE *//* M_EHASHPAR *//* M_EMEMORY *//* M_EFUNCTION *//* M_EHASH *//* M_EKEY *//* *//* CALLED FUNCTIONS *//* check_sct_sc ERROR-Codes *//* ENOCARD *//* ESIDUNK *//* ENOSHELL *//* EOPERR *//* EEMPTY *//* EMEMAVAIL *//* ECLERR *//* ESIDUNK *//* ERDERR *//* EINVARG *//* ETOOLONG *//* sw1/sw2 from SCT response *//* T1 - ERROR *//* *//* get_sct_algid ERROR-Codes *//* EINVALGID *//* EKEYLENINV *//* *//* *//* compare *//* *//* rsa_get_key ERROR-Codes *//* -1 -> M_EHASHPAR *//* *//* hash_sqmodn ERROR-Codes *//* -1 -> M_EHASH *//* *//* md2_hash ERROR-Codes *//* -1 -> M_EHASH *//* *//* md4_hash ERROR_Codes *//* -1 -> M_EHASH *//* *//* md5_hash ERROR-Codes *//* -1 -> M_EHASH *//* *//* sct_interface ERROR-Codes *//* EINVARG *//* ETOOLONG *//* EMEMAVAIL *//* ESIDUNK *//* EPARMISSED *//* INVPAR *//* EINVINS *//* sw1/sw2 from SCT response *//* T1 - ERROR *//* *//* err_analyse ERROR_Codes *//* ENOSHELL *//* EOPERR *//* EEMPTY *//* ECLERR *//* ESIDUNK *//* ERDERR *//* *//* set_errmsg *//* *//* sta_aux_bytestr_free *//* *//* aux_free_OctetString *//* *//*-------------------------------------------------------------*/intsca_verify(sct_id, in_octets, signature, more, key_sel, hash_par) int sct_id; OctetString *in_octets; Signature *signature; More more; KeySel *key_sel; HashPar *hash_par;{ /*----------------------------------------------------------*/ /* Definitions */ /*----------------------------------------------------------*/ int i; int rc; KeyAlgId sct_algid; /* SCT specific alg_id */ Bytestring sctint_hash; /* hash string for SCT-Interface */ Bytestring sctint_modulus; /* modulus for SCT-Interface */ Bytestring sctint_exponent; /* exponent for SCT-Interface */ Bytestring sctint_signature; /* signature for * SCT-Interface */ static AlgHash alghash; static AlgEnc algenc; static AlgSpecial algspecial; static OctetString *hash_result; OctetString *encodedDigest, *o1; char *proc = "sca_verify";#ifdef VERSION10 int j; static OctetString *hash2_result; /* is used for padding the * hash-res⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -