loadkey.c

cryptlib安全工具包

	cryptDestroyComponents( dsaKey );
	free( dsaKey );
	if( cryptStatusError( status ) )
		{
		if( signContext != NULL )
			{
			cryptDestroyContext( *signContext );
			if( isDevice )
				cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME,
								signContextLabel );
			}
		cryptDestroyContext( *sigCheckContext );
		if( isDevice )
			cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME,
							sigCheckContextLabel );
		printf( "Public key load failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}

	return( TRUE );
	}

BOOLEAN loadDSAContexts( const CRYPT_DEVICE cryptDevice,
						 CRYPT_CONTEXT *signContext,
						 CRYPT_CONTEXT *sigCheckContext )
	{
	return( loadDSAContextsEx( cryptDevice, signContext, sigCheckContext,
							   DSA_PRIVKEY_LABEL, DSA_PUBKEY_LABEL ) );
	}

BOOLEAN loadElgamalContexts( CRYPT_CONTEXT *cryptContext,
							 CRYPT_CONTEXT *decryptContext )
	{
	CRYPT_PKCINFO_DLP *elgamalKey;
	int status;

	/* Allocate room for the public-key components */
	if( ( elgamalKey = ( CRYPT_PKCINFO_DLP * ) malloc( sizeof( CRYPT_PKCINFO_DLP ) ) ) == NULL )
		return( FALSE );

	/* Create the encryption context */
	if( cryptContext != NULL )
		{
		status = cryptCreateContext( cryptContext, CRYPT_UNUSED,
									 CRYPT_ALGO_ELGAMAL );
		if( cryptStatusError( status ) )
			{
			free( elgamalKey );
			printf( "cryptCreateContext() failed with error code %d, "
					"line %d.\n", status, __LINE__ );
			return( FALSE );
			}
		if( !setLabel( *cryptContext, ELGAMAL_PUBKEY_LABEL ) )
			{
			free( elgamalKey );
			cryptDestroyContext( *cryptContext );
			return( FALSE );
			}
		cryptInitComponents( elgamalKey, CRYPT_KEYTYPE_PUBLIC );
		cryptSetComponent( elgamalKey->p, dlp1024TestKey.p, dlp1024TestKey.pLen );
		cryptSetComponent( elgamalKey->g, dlp1024TestKey.g, dlp1024TestKey.gLen );
		cryptSetComponent( elgamalKey->q, dlp1024TestKey.q, dlp1024TestKey.qLen );
		cryptSetComponent( elgamalKey->y, dlp1024TestKey.y, dlp1024TestKey.yLen );
		status = cryptSetAttributeString( *cryptContext,
									CRYPT_CTXINFO_KEY_COMPONENTS, elgamalKey,
									sizeof( CRYPT_PKCINFO_DLP ) );
		cryptDestroyComponents( elgamalKey );
		if( cryptStatusError( status ) )
			{
			free( elgamalKey );
			cryptDestroyContext( *cryptContext );
			printf( "Public key load failed with error code %d, line %d.\n", 
					status, __LINE__ );
			return( FALSE );
			}
		if( decryptContext == NULL )
			{
			free( elgamalKey );
			return( TRUE );
			}
		}

	/* Create the decryption context */
	status = cryptCreateContext( decryptContext, CRYPT_UNUSED,
								 CRYPT_ALGO_ELGAMAL );
	if( cryptStatusError( status ) )
		{
		free( elgamalKey );
		if( cryptContext != NULL )
			cryptDestroyContext( *cryptContext );
		printf( "cryptCreateContext() failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}
	if( !setLabel( *decryptContext, ELGAMAL_PRIVKEY_LABEL ) )
		{
		free( elgamalKey );
		if( cryptContext != NULL )
			cryptDestroyContext( *cryptContext );
		cryptDestroyContext( *decryptContext );
		return( FALSE );
		}
	cryptInitComponents( elgamalKey, CRYPT_KEYTYPE_PRIVATE );
	cryptSetComponent( elgamalKey->p, dlp1024TestKey.p, dlp1024TestKey.pLen );
	cryptSetComponent( elgamalKey->g, dlp1024TestKey.g, dlp1024TestKey.gLen );
	cryptSetComponent( elgamalKey->q, dlp1024TestKey.q, dlp1024TestKey.qLen );
	cryptSetComponent( elgamalKey->y, dlp1024TestKey.y, dlp1024TestKey.yLen );
	cryptSetComponent( elgamalKey->x, dlp1024TestKey.x, dlp1024TestKey.xLen );
	status = cryptSetAttributeString( *decryptContext,
									  CRYPT_CTXINFO_KEY_COMPONENTS, elgamalKey,
									  sizeof( CRYPT_PKCINFO_DLP ) );
	cryptDestroyComponents( elgamalKey );
	free( elgamalKey );
	if( cryptStatusError( status ) )
		{
		cryptDestroyContext( *cryptContext );
		cryptDestroyContext( *decryptContext );
		printf( "Private key load failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}

	return( TRUE );
	}

/* Load Diffie-Hellman encrytion contexts */

BOOLEAN loadDHContexts( CRYPT_CONTEXT *cryptContext1,
						CRYPT_CONTEXT *cryptContext2 )
	{
	CRYPT_PKCINFO_DLP *dhKey;
	int status;

	/* Allocate room for the public-key components */
	if( ( dhKey = ( CRYPT_PKCINFO_DLP * ) malloc( sizeof( CRYPT_PKCINFO_DLP ) ) ) == NULL )
		return( FALSE );

	/* Create the first encryption context */
	status = cryptCreateContext( cryptContext1, CRYPT_UNUSED, CRYPT_ALGO_DH );
	if( cryptStatusError( status ) )
		{
		free( dhKey );
		printf( "cryptCreateContext() failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}
	if( !setLabel( *cryptContext1, DH_KEY1_LABEL ) )
		{
		free( dhKey );
		cryptDestroyContext( *cryptContext1 );
		return( FALSE );
		}
	cryptInitComponents( dhKey, CRYPT_KEYTYPE_PUBLIC );
	cryptSetComponent( dhKey->p, dlp1024TestKey.p, dlp1024TestKey.pLen );
	cryptSetComponent( dhKey->q, dlp1024TestKey.q, dlp1024TestKey.qLen );
	cryptSetComponent( dhKey->g, dlp1024TestKey.g, dlp1024TestKey.gLen );
	status = cryptSetAttributeString( *cryptContext1,
									  CRYPT_CTXINFO_KEY_COMPONENTS, dhKey,
									  sizeof( CRYPT_PKCINFO_DLP ) );
	cryptDestroyComponents( dhKey );
	if( cryptStatusError( status ) )
		{
		free( dhKey );
		printf( "DH #1 key load failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}
	if( cryptContext2 == NULL )
		{
		free( dhKey );
		return( TRUE );
		}

	/* Create the second encryption context */
	status = cryptCreateContext( cryptContext2, CRYPT_UNUSED, CRYPT_ALGO_DH );
	if( cryptStatusError( status ) )
		{
		free( dhKey );
		printf( "cryptCreateContext() failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}
	if( !setLabel( *cryptContext2, DH_KEY2_LABEL ) )
		{
		free( dhKey );
		if( cryptContext1 != NULL )
			cryptDestroyContext( *cryptContext1 );
		cryptDestroyContext( *cryptContext2 );
		return( FALSE );
		}
	cryptInitComponents( dhKey, CRYPT_KEYTYPE_PUBLIC );
	cryptSetComponent( dhKey->p, dlp1024TestKey.p, dlp1024TestKey.pLen );
	cryptSetComponent( dhKey->q, dlp1024TestKey.q, dlp1024TestKey.qLen );
	cryptSetComponent( dhKey->g, dlp1024TestKey.g, dlp1024TestKey.gLen );
	status = cryptSetAttributeString( *cryptContext2,
									  CRYPT_CTXINFO_KEY_COMPONENTS, dhKey,
									  sizeof( CRYPT_PKCINFO_DLP ) );
	cryptDestroyComponents( dhKey );
	free( dhKey );
	if( cryptStatusError( status ) )
		{
		printf( "DH #2 key load failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}

	return( TRUE );
	}

/* Load ECDSA encrytion contexts */

BOOLEAN loadECDSAContexts( CRYPT_CONTEXT *signContext,
						   CRYPT_CONTEXT *sigCheckContext )
	{
	CRYPT_PKCINFO_ECC *eccKey;
	const ECC_KEY *eccKeyData = &eccP192TestKey;
	int status;

	/* Allocate room for the public-key components */
	if( ( eccKey = ( CRYPT_PKCINFO_ECC * ) malloc( sizeof( CRYPT_PKCINFO_ECC ) ) ) == NULL )
		return( FALSE );

	/* Create the signature context */
	if( signContext != NULL )
		{
		status = cryptCreateContext( signContext, CRYPT_UNUSED,
									 CRYPT_ALGO_ECDSA );
		if( cryptStatusError( status ) )
			{
			free( eccKey );
			printf( "cryptCreateContext() failed with error code %d, "
					"line %d.\n", status, __LINE__ );
			return( FALSE );
			}
		if( !setLabel( *signContext, ECDSA_PRIVKEY_LABEL ) )
			{
			free( eccKey );
			cryptDestroyContext( *signContext );
			return( FALSE );
			}
		cryptInitComponents( eccKey, CRYPT_KEYTYPE_PRIVATE );
		cryptSetComponent( eccKey->p, eccKeyData->p, eccKeyData->pLen );
		cryptSetComponent( eccKey->a, eccKeyData->a, eccKeyData->aLen );
		cryptSetComponent( eccKey->b, eccKeyData->b, eccKeyData->bLen );
		cryptSetComponent( eccKey->gx, eccKeyData->gx, eccKeyData->gxLen );
		cryptSetComponent( eccKey->gy, eccKeyData->gy, eccKeyData->gyLen );
		cryptSetComponent( eccKey->r, eccKeyData->r, eccKeyData->rLen );
		cryptSetComponent( eccKey->qx, eccKeyData->qx, eccKeyData->qxLen );
		cryptSetComponent( eccKey->qy, eccKeyData->qy, eccKeyData->qyLen );
		cryptSetComponent( eccKey->d, eccKeyData->d, eccKeyData->dLen );
		status = cryptSetAttributeString( *signContext,
									CRYPT_CTXINFO_KEY_COMPONENTS, eccKey,
									sizeof( CRYPT_PKCINFO_ECC ) );
		cryptDestroyComponents( eccKey );
		if( cryptStatusError( status ) )
			{
			free( eccKey );
			cryptDestroyContext( *signContext );
			printf( "Private key load failed with error code %d, line %d.\n", 
					status, __LINE__ );
			return( FALSE );
			}
		if( sigCheckContext == NULL )
			{
			free( eccKey );
			return( TRUE );
			}
		}

	/* Create the sig.check context */
	status = cryptCreateContext( sigCheckContext, CRYPT_UNUSED,
								 CRYPT_ALGO_ECDSA );
	if( cryptStatusError( status ) )
		{
		free( eccKey );
		if( signContext != NULL )
			cryptDestroyContext( *signContext );
		printf( "cryptCreateContext() failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}
	if( !setLabel( *sigCheckContext, ECDSA_PRIVKEY_LABEL ) )
		{
		if( signContext != NULL )
			cryptDestroyContext( *signContext );
		cryptDestroyContext( *sigCheckContext );
		return( FALSE );
		}
	cryptInitComponents( eccKey, CRYPT_KEYTYPE_PUBLIC );
	cryptSetComponent( eccKey->p, eccKeyData->p, eccKeyData->pLen );
	cryptSetComponent( eccKey->a, eccKeyData->a, eccKeyData->aLen );
	cryptSetComponent( eccKey->b, eccKeyData->b, eccKeyData->bLen );
	cryptSetComponent( eccKey->gx, eccKeyData->gx, eccKeyData->gxLen );
	cryptSetComponent( eccKey->gy, eccKeyData->gy, eccKeyData->gyLen );
	cryptSetComponent( eccKey->r, eccKeyData->r, eccKeyData->rLen );
	status = cryptSetAttributeString( *sigCheckContext,
									  CRYPT_CTXINFO_KEY_COMPONENTS, eccKey,
									  sizeof( CRYPT_PKCINFO_ECC ) );
	cryptDestroyComponents( eccKey );
	free( eccKey );
	if( cryptStatusError( status ) )
		{
		if( signContext != NULL )
			cryptDestroyContext( *signContext );
		cryptDestroyContext( *sigCheckContext );
		printf( "Public key load failed with error code %d, line %d.\n", 
				status, __LINE__ );
		return( FALSE );
		}

	return( TRUE );
	}

/* Destroy the encryption contexts */

void destroyContexts( const CRYPT_DEVICE cryptDevice,
					  CRYPT_CONTEXT cryptContext,
					  CRYPT_CONTEXT decryptContext )
	{
	int cryptAlgo, status;

	cryptGetAttribute( cryptContext, CRYPT_CTXINFO_ALGO, &cryptAlgo );
	status = cryptDestroyContext( cryptContext );
	if( cryptStatusError( status ) )
		printf( "cryptDestroyContext() failed with error code %d, "
				"line %d.\n", status, __LINE__ );
	status = cryptDestroyContext( decryptContext );
	if( cryptStatusError( status ) )
		printf( "cryptDestroyContext() failed with error code %d, "
				"line %d.\n", status, __LINE__ );
	if( cryptDevice == CRYPT_UNUSED )
		return;

	/* If the context is associated with a device then creating the object
	   will generally also create a persistent object in the device, after
	   performing the tests we have to explicitly delete the persistent
	   object */
	if( cryptAlgo == CRYPT_ALGO_RSA )
		{
		cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME, RSA_PUBKEY_LABEL );
		cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME, RSA_PRIVKEY_LABEL );
		}
	else
		if( cryptAlgo == CRYPT_ALGO_DSA )
			{
			cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME, DSA_PUBKEY_LABEL );
			cryptDeleteKey( cryptDevice, CRYPT_KEYID_NAME, DSA_PRIVKEY_LABEL );
			}
	}