rvtr/ctr_eFuse
1
Fork 0
mirror of https://github.com/rvtr/ctr_eFuse.git synced 2025-11-02 00:11:04 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

AES鍵インポートプログラムが古いままだったので、修正

Browse Source 
git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@143 ff987cc8-cf2f-4642-8568-d52cce064691
This commit is contained in:
kubodera_yuichi 2010-01-06 05:35:46 +00:00
parent 52a6970b70
commit 1bcaa44891
2 changed files with 55 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
hsm_utils/import_common_key.c → hsm_utils/import_aes_key.c
View File

@ -11,15 +11,19 @@
#include "rqcard-applic.h"
#include "rqcard-fips.h"
//#include "ncthread-upcalls.h"
//#include "picky-upcalls.h"
#include "my_hsm_bignum.h"
#include "my_hsm_alloc.h"
#define MODULE_ID 1
#define DATA_LEN 256 // bytes
#define KEY_FILE "/opt/nfast/work/ctr_eFuse/hsm_utils/aes-key.der"
const NFKM_KeyIdent keyident = { (char*)"simple", (char*)"import-aes-key" };
//#define CARD_PROTECT
//#define EXPORT_KEY
//#define STRICT_FIPS
unsigned char aes_key_data[32];
typedef struct _NFast_Call_Context
@ -37,41 +41,10 @@ typedef struct NFast_Transaction_Context
NFast_Transaction_Context;
NFast_Transaction_Context tc;
static void *my_malloc( size_t nbytes,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
static void *my_realloc( void *ptr, size_t nbytes,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
static void my_free( void *ptr,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
const NFast_MallocUpcalls my_malloc_upcalls =
{
my_malloc, my_realloc, my_free
};
static void *my_malloc( size_t nbytes,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx )
{
return malloc( nbytes );
}
static void *my_realloc( void *ptr, size_t nbytes,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx )
{
return realloc( ptr, nbytes );
}
static void my_free( void *ptr,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx )
{
free( ptr );
}
int main( int argc, char *argv[] )
{
int i;
int result = 0;
int rand_size = 80;
NFast_AppHandle handle;
NFastApp_Connection nc;
@ -81,25 +54,14 @@ int main( int argc, char *argv[] )
M_KeyID ltid; // the cardset loaded into the module
M_KeyID keyid;
NFKM_Key *keyinfo;
if ( argc == 2 )
rand_size = atoi( argv[1] );
// input aes key data
for ( i = 0; i < 32; i++ )
aes_key_data[i] = i;
NFKM_CardSet *cardset = NULL;
// init nFast
NFastAppInitArgs app_init_args;
memset( &app_init_args, 0, sizeof( app_init_args ) );
app_init_args.flags = NFAPP_IF_MALLOC | NFAPP_IF_BIGNUM;
app_init_args.mallocupcalls = &my_malloc_upcalls;
app_init_args.bignumupcalls = &my_upcalls;
//app_init_args.newthreadupcalls = &newthread_upcalls;
result = NFastApp_InitEx( &handle, &app_init_args, NULL );
result = NFastApp_InitEx( &handle, NULL, NULL );
if ( result != Status_OK )
{
printf( "error(%d) : NFastApp_InitEx\n", result );
return 0;
}
// connecting to hardserver
@ -107,6 +69,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : NFastApp_Connect\n", result );
return 0;
}
// set bignum upcalls setting
@ -124,6 +87,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_getinfo\n", result );
return 0;
}
// init card-loading lib
@ -131,6 +95,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : RQCard_init\n", result );
return 0;
}
// init FIPS state
@ -138,6 +103,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : RQCard_fips_init\n", result );
return 0;
}
// ui select
@ -146,16 +112,18 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : RQCard_ui_xxx\n", result );
return 0;
}
// get strict-FIPS authorization
#if 0
#ifdef STRICT_FIPS
NFKM_FIPS140AuthHandle fipsHandle;
M_SlotID slotId;
result = RQCard_fips_get( &fips, 1, &fipsHandle, &slotId );
if ( result != Status_OK )
{
printf( "error(%d) : RQCard_fips_get\n", result );
return 0;
}
if ( fipsHandle == NULL )
{
@ -163,6 +131,7 @@ int main( int argc, char *argv[] )
}
#endif
#ifdef CARD_PROTECT
// list cardsets
int card_num;
NFKM_CardSetIdent *cardident = NULL;
@ -170,14 +139,15 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_listcardsets\n", result );
return 0;
}
// find cardsets
NFKM_CardSet *cardset = NULL;
result = NFKM_findcardset( handle, cardident, &cardset, NULL );
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_findcardset\n", result );
return 0;
}
// load cardset
@ -185,6 +155,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : RQCard_logic_ocs_specific\n", result );
return 0;
}
// use specific module : #1
@ -193,6 +164,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : RQCard_whichmodule_specific\n", result );
return 0;
}
// wait event loop
@ -200,29 +172,35 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : card module event loop\n", result );
return 0;
}
#endif
// get usable module
NFKM_ModuleInfo *moduleinfo = world->modules[0];
result = NFKM_getusablemodule( world, MODULE_ID, &moduleinfo );
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_getusablemodule\n", result );
return 0;
}
// make ACL
NFKM_MakeACLParams map;
NFKM_MakeBlobsParams mbp;
memset( &map, 0, sizeof( map ) );
map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionCardSet;
map.op_base = (NFKM_DEFOPPERMS_SIGN | NFKM_DEFOPPERMS_VERIFY |
NFKM_DEFOPPERMS_ENCRYPT | NFKM_DEFOPPERMS_DECRYPT );
if ( cardset != NULL )
map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionCardSet;
else
map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionModule;
map.op_base = ( NFKM_DEFOPPERMS_ENCRYPT | NFKM_DEFOPPERMS_DECRYPT );
map.cs = cardset;
result = NFKM_newkey_makeaclx( handle, nc, world, &map,
&(tc.cmd.args.import.acl), NULL );
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_newkey_makeaclx\n", result );
return 0;
}
// import key
@ -236,6 +214,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_newkey_makeaclx\n", result );
return 0;
}
// make blobs
@ -255,16 +234,19 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_newkey_makeblobsx\n", result );
return 0;
}
// record key to disk
result = NFKM_recordkey( handle, &reg_key, NULL );
if ( result != Status_OK )
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_recordkey\n", result );
return 0;
}
printf( "record key success?\n" );
printf( "record key success : appname=%s, ident=%s\n",
keyident.appname, keyident.ident );
// destroy key
result = NFKM_cmd_destroy( handle, nc, 0, tc.reply.reply.import.key,
@ -278,6 +260,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_listkeys\n", result );
return 0;
}
NFKM_KeyIdent **tkp = &keylist;
for ( i = 0; i < key_num; i++ )
@ -287,11 +270,7 @@ int main( int argc, char *argv[] )
#endif
// find key
NFKM_KeyIdent ki_v = { (char*)"custom", (char*)"aes-import-key" };
printf( "appname : %s, ident : %s\n", ki_v.appname, ki_v.ident );
result = NFKM_findkey( handle, ki_v, &keyinfo, NULL );
result = NFKM_findkey( handle, keyident, &keyinfo, NULL );
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_findkey\n", result );
@ -312,9 +291,10 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : NFKM_cmd_loadblob\n", result );
return 0;
}
printf( "key ID : %u\n", (unsigned int)keyid );
#if 0
// get key info
tc.cmd.cmd = Cmd_GetKeyInfo;
tc.cmd.args.getkeyinfo.key = keyid;
@ -325,6 +305,7 @@ int main( int argc, char *argv[] )
}
// if type == 30 then Rijndael(AES)
printf( "keytype : %d\n", tc.reply.reply.getkeyinfo.type );
#endif
// encrypt & dectypt test
{
@ -356,23 +337,26 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : FastApp_Transact(Cmd_Encrypt)\n", result );
return 0;
}
result = tc.reply.status;
if ( result != Status_OK )
{
printf( "error(%d) : reply.status(Cmd_Encrypt)\n", result );
return 0;
}
enc_output.len = tc.reply.reply.encrypt.cipher.data.generic128.cipher.len;
if ( enc_output.len != DATA_LEN )
{
printf( "error : output data size isn't %d bytes(Cmd_Encrypt)\n", (int)enc_output.len );
return 0;
}
enc_output.ptr = (unsigned char*)malloc( enc_output.len );
memcpy( enc_output.ptr,
tc.reply.reply.encrypt.cipher.data.generic128.cipher.ptr,
enc_output.len );
printf( "encrypt ok\n" );
printf( "encrypt ok.\n" );
dec_input.len = enc_output.len;
dec_input.ptr = (unsigned char*)malloc( dec_input.len );
@ -393,23 +377,26 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : FastApp_Transact(Cmd_Decrypt)\n", result );
return 0;
}
result = tc.reply.status;
if ( result != Status_OK )
{
printf( "error(%d) : reply.status(Cmd_Decrypt)\n", result );
return 0;
}
dec_output.len = tc.reply.reply.decrypt.plain.data.bytes.data.len;
if ( dec_output.len != DATA_LEN )
{
printf( "error : output size isn't %d bytes(Cmd_Decrypt)\n", (int)enc_output.len );
return 0;
}
dec_output.ptr = (unsigned char*)malloc( dec_output.len );
memcpy( dec_output.ptr,
tc.reply.reply.decrypt.plain.data.bytes.data.ptr,
dec_output.len );
printf( "decrypt ok\n" );
printf( "decrypt ok.\n" );
NFastApp_Free_Reply( handle, NULL, NULL, &(tc.reply) );
@ -421,6 +408,7 @@ int main( int argc, char *argv[] )
if ( result != Status_OK )
{
printf( "error(%d) : NFastApp_Transact(Cmd_Destroy)\n", result );
return 0;
}
NFastApp_Free_Reply( handle, NULL, NULL, &(tc.reply) );

2
hsm_utils/import_ecdsa_keypair.c
View File

@ -25,7 +25,7 @@
#include "my_hsm_alloc.h"
#define PRIV_KEY_FILE "/opt/nfast/work/hoge/ctr_eFuse/dummyKey/dev/NintendoCTR2_priv_dummy.der"
#define PUB_KEY_FILE "/opt/nfast/work/hoge/ctr_eFuse/dummyKey/dev/NintendoCTR2_pub_dummy.der"
#define PUB_KEY_FILE "/opt/nfast/work/hoge/ctr_eFuse/dummyKey/dev/NintendoCTR2_pub_dummy.der"
#define MODULE_ID 1
#define DATA_LEN 256 // bytes