rvtr/ctr_eFuse
1
Fork 0
mirror of https://github.com/rvtr/ctr_eFuse.git synced 2025-11-02 00:11:04 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

hsm_utils:RSA秘密鍵のインポートに成功(コードはメチャメチャだが、動いているのでコミット)

Browse Source 
git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@83 ff987cc8-cf2f-4642-8568-d52cce064691
This commit is contained in:
kubodera_yuichi 2009-12-24 11:49:02 +00:00
parent b2e6de4d10
commit 6903586a02
1 changed files with 473 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

555
hsm_utils/import_asymmetric_key.c
View File

@ -38,25 +38,46 @@ typedef struct _NFast_Call_Context
NFast_Call_Context; NFast_Call_Context;
NFast_Call_Context context; NFast_Call_Context context;
typedef struct NFast_Transaction_Context
{
M_Command cmd;
M_Reply reply;
}
NFast_Transaction_Context;
NFast_Transaction_Context tc;
static void *my_malloc( size_t nbytes, static void *my_malloc( size_t nbytes,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx ); struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
static void *my_realloc( void *ptr, size_t nbytes, static void *my_realloc( void *ptr, size_t nbytes,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx ); struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
static void my_free( void *ptr, static void my_free( void *ptr,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx ); struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
int sbn_bin2bignum ( struct NFast_Bignum **ppBN_out,
struct NFast_Application *app,
const unsigned char *bin, const int size );
void PrintArray( char *pStr, const unsigned char *pData, int length );
int sbn_bin2bignum2 ( struct NFast_Bignum **ppBN_out,
struct NFast_Application *app,
const unsigned char *bin, const int size );
// bignum upcalls // bignum upcalls
int my_bignumreceiveupcall(struct NFast_Application *app,
struct NFast_Call_Context *cctx,
struct NFast_Transaction_Context *tctx,
M_Bignum *bignum, int nbytes,
const void *source,
int msbitfirst, int mswordfirst);
int my_bignumsendlenupcall( struct NFast_Application *app, int my_bignumsendlenupcall( struct NFast_Application *app,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx, struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx,
const M_Bignum *bignum, int *nbytes_r ); const M_Bignum *bignum, int *nbytes_r );
int my_bignumsendupcall(struct NFast_Application *app,
struct NFast_Call_Context *cctx,
struct NFast_Transaction_Context *tctx,
const M_Bignum *bignum, int nbytes,
void *dest, int msbitfirst, int mswordfirst);
void my_bignumfreeupcall(struct NFast_Application *app,
struct NFast_Call_Context *cctx,
struct NFast_Transaction_Context *tctx,
M_Bignum *bignum);
int my_bignumformatupcall(struct NFast_Application *app,
struct NFast_Call_Context *cctx,
struct NFast_Transaction_Context *tctx,
int *msbitfirst_io, int *mswordfirst_io);
const NFast_MallocUpcalls my_malloc_upcalls = const NFast_MallocUpcalls my_malloc_upcalls =
{ {
@ -81,17 +102,225 @@ static void my_free( void *ptr,
free( ptr ); free( ptr );
} }
int my_bignumreceiveupcall(struct NFast_Application *app,
struct NFast_Call_Context *cctx,
struct NFast_Transaction_Context *tctx,
M_Bignum *bignum, int nbytes,
const void *source,
int msbitfirst, int mswordfirst)
{
struct NFast_Bignum *pBN;
printf( "my_bignumreceiveupcall\n" );
if ( nbytes > MAXBIGNUMBITS/8 ) return Status_OutOfRange;
assert( (nbytes & 3)==0 );
pBN = (struct NFast_Bignum *)NFastApp_Malloc(app, sizeof(struct NFast_Bignum), cctx, tctx);
if ( !pBN ) return NOMEM;
nfutil_copybytes(pBN->bytes, (const unsigned char *)source,
nbytes, 0, 0);
pBN->msb_first = msbitfirst;
pBN->msw_first = mswordfirst;
pBN->nbytes=nbytes;
*bignum=pBN;
return Status_OK;
}
int my_bignumsendlenupcall( struct NFast_Application *app, int my_bignumsendlenupcall( struct NFast_Application *app,
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx, struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx,
const M_Bignum *bignum, int *nbytes_r ) const M_Bignum *bignum, int *nbytes_r )
{ {
char *ptr = (char*)bignum; printf( "my_bignumsendlenupcall\n" );
printf( "%08X\n", (unsigned int)ptr );
while( *ptr ) assert( ((*bignum)->nbytes & 3)==0 );
printf( "%02X ", *(ptr++) ); *nbytes_r= (*bignum)->nbytes;
//printf( "done\n" );
return Status_OK;
}
int my_bignumsendupcall(struct NFast_Application *app,
struct NFast_Call_Context *cctx,
struct NFast_Transaction_Context *tctx,
const M_Bignum *bignum, int nbytes,
void *dest, int msbitfirst, int mswordfirst)
{
int swapends, swapwords;
struct NFast_Bignum *pBN = *bignum;
printf( "my_bignumsendupcall\n" );
*nbytes_r = BN_num_bytes( (BIGNUM *)bignum ); assert( pBN->nbytes==nbytes );
return Status_OK;;
/* Is format which we're sending in the same as that of the
bignumber?
(NB '!' used to constrain result to 0,1 range)
If not, work out which ends to swap.
*/
swapends = (!msbitfirst) ^ (!pBN->msb_first);
swapwords = (!mswordfirst) ^ (!pBN->msw_first);
nfutil_copybytes( (unsigned char *)dest, (*bignum)->bytes, nbytes,
swapends, swapwords );
return Status_OK;
}
void my_bignumfreeupcall(struct NFast_Application *app,
struct NFast_Call_Context *cctx,
struct NFast_Transaction_Context *tctx,
M_Bignum *bignum)
{
printf( "my_bignumfreeupcall\n" );
NFastApp_Free(app, (*bignum), cctx, tctx);
*bignum=NULL;
}
int my_bignumformatupcall(struct NFast_Application *app,
struct NFast_Call_Context *cctx,
struct NFast_Transaction_Context *tctx,
int *msbitfirst_io, int *mswordfirst_io)
{
printf( "my_bignumformatupcall\n" );
/* Send to the module in little-endian format.
(This is not officially necessary. However, some
versions of the monitor (Maintenance mode) don't accept
big-endian bignums due to a bug) */
*msbitfirst_io=0;
*mswordfirst_io=0;
return Status_OK;
}
// almost copy sbn_char2bignum
int sbn_bin2bignum ( struct NFast_Bignum **ppBN_out,
struct NFast_Application *app,
const unsigned char *bin, const int size )
{
struct NFast_Bignum *pBN;
int d;
size_t len, i;
len = size;
if ( len > MAXBIGNUMBITS/4 ) return Status_OutOfRange;
//pBN = (struct NFast_Bignum *)NFastApp_Malloc(app, sizeof(struct NFast_Bignum), cctx, tctx);
pBN = (struct NFast_Bignum *)NFastApp_Malloc( app, sizeof(struct NFast_Bignum), NULL, NULL );
if ( !pBN ) return NOMEM;
pBN->msb_first = 0;
pBN->msw_first = 0;
//memcpy( pBN->bytes, bin, len );
for ( i = 0; i < len; i++ )
pBN->bytes[i] = bin[len-1-i];
while ( (i & 3) != 0 )
pBN->bytes[i++] = 0;
pBN->nbytes = i;
*ppBN_out = pBN;
//PrintArray( (char*)"bin2bn array", (const char*)pBN->bytes, pBN->nbytes );
#if 0
/* Read in from the LS digit */
for ( i=0; i<len; i++ )
{
//d = char2hex(text[len-1-i]);
d = bin[ len-1-i ];
// ???
if ( d < 0 ) return Status_Malformed;
if ( i & 1 )
pBN->bytes[i/2] |= (d << 4);
else
pBN->bytes[i/2] = d;
}
/* Pad to words if necessary */
i = (len+1)/2;
while ( (i & 3) != 0 )
pBN->bytes[i++] = 0;
assert(i <= INT_MAX);
pBN->nbytes=(int)i;
*ppBN_out=pBN;
#endif
return Status_OK;
}
int sbn_bin2bignum2 ( struct NFast_Bignum **ppBN_out,
struct NFast_Application *app,
const unsigned char *bin, const int size )
{
struct NFast_Bignum *pBN;
int d;
size_t len, i;
/* Strip leading whitespace */
// while ( text[0] != 0 && isspace((unsigned char)text[0]) )
// text++;
/* Strip trailing whitespace */
// len=strlen(text);
// while ( len > 0 && isspace((unsigned char)text[len-1]) )
// len--;
len = size;
if ( len > MAXBIGNUMBITS/4 ) return Status_OutOfRange;
pBN = (struct NFast_Bignum *)NFastApp_Malloc(app, sizeof(struct NFast_Bignum), NULL, NULL );
if ( !pBN ) return NOMEM;
pBN->msb_first = 0;
pBN->msw_first = 0;
/* Read in from the LS digit */
for ( i=0; i<len; i++ )
{
//d = char2hex(text[len-1-i]);
d = bin[len-1-i];
if ( d < 0 ) return Status_Malformed;
if ( i & 1 )
pBN->bytes[i/2] |= (d << 4);
else
pBN->bytes[i/2] = d;
}
/* Pad to words if necessary */
i = (len+1)/2;
while ( (i & 3) != 0 )
pBN->bytes[i++] = 0;
assert(i <= INT_MAX);
pBN->nbytes=(int)i;
*ppBN_out=pBN;
//PrintArray( (char*)"bin2bn2 array", (const char*)pBN->bytes, pBN->nbytes );
return Status_OK;
}
void PrintArray( char *pStr, const unsigned char *pData, int length )
{
int i;
printf( "%s(%d bytes)", pStr, length );
for ( i = 0; i < length; i++ )
{
if ( (i % 16) == 0 ) printf( "\n" );
printf( "%02X ", pData[ i ] );
}
printf( "\n" );
} }
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
@ -100,6 +329,12 @@ int main( int argc, char *argv[] )
int result = 0; int result = 0;
int rand_size = 80; int rand_size = 80;
M_Command cmd;
M_Reply reply;
memset( &cmd, 0, sizeof( cmd ) );
memset( &reply, 0, sizeof( reply ) );
NFast_AppHandle handle; NFast_AppHandle handle;
NFastApp_Connection nc; NFastApp_Connection nc;
NFKM_WorldInfo *world = NULL; NFKM_WorldInfo *world = NULL;
@ -121,24 +356,99 @@ int main( int argc, char *argv[] )
printf( "error : open %s file\n", PUB_KEY_FILE ); printf( "error : open %s file\n", PUB_KEY_FILE );
return 0; return 0;
} }
printf( "before : %08X\n", privkey );
privkey = d2i_RSAPrivateKey_fp( fp, NULL ); privkey = d2i_RSAPrivateKey_fp( fp, NULL );
if ( !privkey ) if ( !privkey )
{ {
printf( "error : d2i_RSAPrivateKey_fp\n" ); printf( "error : d2i_RSAPrivateKey_fp\n" );
return 0; return 0;
} }
printf( "after : %08X\n", privkey ); printf( "RSA(p) : %d bytes\n", BN_num_bytes( privkey->p ) );
printf( "RSA(q) : %d bytes\n", BN_num_bytes( privkey->q ) );
printf( "RSA(dmp1) : %d bytes\n", BN_num_bytes( privkey->dmp1 ) );
printf( "RSA(dmq1) : %d bytes\n", BN_num_bytes( privkey->dmq1 ) );
printf( "RSA(iqmp) : %d bytes\n", BN_num_bytes( privkey->iqmp ) );
printf( "RSA(e) : %d bytes\n", BN_num_bytes( privkey->e ) );
// p
unsigned char *pPtr;
int pLen = BN_num_bytes( privkey->p );
pPtr = (char *)malloc( pLen );
if ( pLen != BN_bn2bin( privkey->p, pPtr ) )
{
printf( "BN_bn2bin failed!(p)\n" );
}
// q
unsigned char *qPtr;
int qLen = BN_num_bytes( privkey->q );
qPtr = (char *)malloc( qLen );
if ( qLen != BN_bn2bin( privkey->q, qPtr ) )
{
printf( "BN_bn2bin failed!(q)\n" );
}
// dmp1
unsigned char *dmp1Ptr;
int dmp1Len = BN_num_bytes( privkey->dmp1 );
dmp1Ptr = (char *)malloc( dmp1Len );
if ( dmp1Len != BN_bn2bin( privkey->dmp1, dmp1Ptr ) )
{
printf( "BN_bn2bin failed!(dmp1)\n" );
}
// dmq1
unsigned char *dmq1Ptr;
int dmq1Len = BN_num_bytes( privkey->dmq1 );
dmq1Ptr = (char *)malloc( dmq1Len );
if ( dmq1Len != BN_bn2bin( privkey->dmq1, dmq1Ptr ) )
{
printf( "BN_bn2bin failed!(dmq1)\n" );
}
// iqmp
unsigned char *iqmpPtr;
int iqmpLen = BN_num_bytes( privkey->iqmp );
iqmpPtr = (char *)malloc( iqmpLen );
if ( iqmpLen != BN_bn2bin( privkey->iqmp, iqmpPtr ) )
{
printf( "BN_bn2bin failed!(dmq1)\n" );
}
// e
unsigned char *ePtr;
int eLen = BN_num_bytes( privkey->e );
ePtr = (char *)malloc( eLen );
if ( eLen != BN_bn2bin( privkey->e, ePtr ) )
{
printf( "BN_bn2bin failed!(e)\n" );
}
printf( "\n" );
printf( "RSA(p) : 0x%08X\n", (unsigned int)pPtr );
printf( "RSA(q) : 0x%08X\n", (unsigned int)qPtr );
printf( "RSA(dmp1) : 0x%08X\n", (unsigned int)dmp1Ptr );
printf( "RSA(dmq1) : 0x%08X\n", (unsigned int)dmq1Ptr );
printf( "RSA(iqmp) : 0x%08X\n", (unsigned int)iqmpPtr );
printf( "RSA(e) : 0x%08X\n", (unsigned int)ePtr );
#if 0
for ( i = 0; i < pLen; i++ )
{
if ( i % 16 == 0 )
printf( "\n" );
printf( "%02X ", (unsigned char)pPtr[i] );
}
#endif
// init nFast // init nFast
NFastAppInitArgs app_init_args; //NFastAppInitArgs app_init_args;
memset( &app_init_args, 0, sizeof( app_init_args ) ); //memset( &app_init_args, 0, sizeof( app_init_args ) );
app_init_args.flags = NFAPP_IF_MALLOC | NFAPP_IF_BIGNUM; //app_init_args.flags = NFAPP_IF_MALLOC | NFAPP_IF_BIGNUM;
app_init_args.mallocupcalls = &my_malloc_upcalls; //app_init_args.mallocupcalls = &my_malloc_upcalls;
app_init_args.bignumupcalls = &sbn_upcalls; //app_init_args.bignumupcalls = &sbn_upcalls;
//app_init_args.newthreadupcalls = &newthread_upcalls; //app_init_args.newthreadupcalls = &newthread_upcalls;
result = NFastApp_InitEx( &handle, &app_init_args, NULL ); result = NFastApp_InitEx( &handle, NULL, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : NFastApp_InitEx\n", result ); printf( "error(%d) : NFastApp_InitEx\n", result );
@ -146,6 +456,7 @@ int main( int argc, char *argv[] )
// connecting to hardserver // connecting to hardserver
result = NFastApp_Connect( handle, &nc, 0, NULL ); result = NFastApp_Connect( handle, &nc, 0, NULL );
//result = NFastApp_Connect( handle, &nc, NFastApp_ConnectionFlags_Privileged, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : NFastApp_Connect\n", result ); printf( "error(%d) : NFastApp_Connect\n", result );
@ -195,7 +506,7 @@ int main( int argc, char *argv[] )
} }
// get strict-FIPS authorization // get strict-FIPS authorization
#if 0 #if 1
NFKM_FIPS140AuthHandle fipsHandle; NFKM_FIPS140AuthHandle fipsHandle;
M_SlotID slotId; M_SlotID slotId;
result = RQCard_fips_get( &fips, 1, &fipsHandle, &slotId ); result = RQCard_fips_get( &fips, 1, &fipsHandle, &slotId );
@ -208,7 +519,8 @@ int main( int argc, char *argv[] )
printf( "this sworld isn't strict-FIPS.\n" ); printf( "this sworld isn't strict-FIPS.\n" );
} }
#endif #endif
#if 1
// list cardsets // list cardsets
int card_num; int card_num;
NFKM_CardSetIdent *cardident = NULL; NFKM_CardSetIdent *cardident = NULL;
@ -247,7 +559,8 @@ int main( int argc, char *argv[] )
{ {
printf( "error(%d) : card module event loop\n", result ); printf( "error(%d) : card module event loop\n", result );
} }
#endif
// get usable module // get usable module
NFKM_ModuleInfo *moduleinfo = world->modules[0]; NFKM_ModuleInfo *moduleinfo = world->modules[0];
result = NFKM_getusablemodule( world, MODULE_ID, &moduleinfo ); result = NFKM_getusablemodule( world, MODULE_ID, &moduleinfo );
@ -258,66 +571,144 @@ int main( int argc, char *argv[] )
// make ACL // make ACL
NFKM_MakeACLParams map; NFKM_MakeACLParams map;
NFKM_MakeBlobsParams mbp;
memset( &map, 0, sizeof( map ) ); memset( &map, 0, sizeof( map ) );
map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionCardSet; map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionCardSet;
map.op_base = (NFKM_DEFOPPERMS_SIGN | NFKM_DEFOPPERMS_VERIFY | // map.op_base = (NFKM_DEFOPPERMS_SIGN | NFKM_DEFOPPERMS_VERIFY |
NFKM_DEFOPPERMS_ENCRYPT | NFKM_DEFOPPERMS_DECRYPT ); // NFKM_DEFOPPERMS_ENCRYPT | NFKM_DEFOPPERMS_DECRYPT );
map.op_base = NFKM_DEFOPPERMS_SIGN | NFKM_DEFOPPERMS_DECRYPT;
map.cs = cardset; map.cs = cardset;
result = NFKM_newkey_makeaclx( handle, nc, world, &map, result = NFKM_newkey_makeaclx( handle, nc, world, &map,
&(tc.cmd.args.import.acl), NULL ); &(cmd.args.import.acl), NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : NFKM_newkey_makeaclx\n", result ); printf( "error(%d) : NFKM_newkey_makeaclx\n", result );
} }
#if 0
// set bignum upcalls setting // set bignum upcalls setting
result = NFastApp_SetBignumUpcalls( result = NFastApp_SetBignumUpcalls(
handle, handle,
sbn_bignumreceiveupcall, my_bignumreceiveupcall,
my_bignumsendlenupcall, my_bignumsendlenupcall,
sbn_bignumsendupcall, my_bignumsendupcall,
sbn_bignumfreeupcall, my_bignumfreeupcall,
sbn_bignumformatupcall, my_bignumformatupcall,
NULL ); NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : NFastApp_SetBignumUpcalls\n", result ); printf( "error(%d) : NFastApp_SetBignumUpcalls\n", result );
} }
#endif
// convert bin -> M_Bignum
struct NFast_Bignum *pBn = NULL;
struct NFast_Bignum *qBn = NULL;
struct NFast_Bignum *dmp1Bn = NULL;
struct NFast_Bignum *dmq1Bn = NULL;
struct NFast_Bignum *iqmpBn = NULL;
struct NFast_Bignum *eBn = NULL;
{
// p
result = sbn_bin2bignum( &pBn, handle, pPtr, pLen );
if ( result != Status_OK )
{
printf( "error(%d) : sbn_bin2bignum( p )\n", result );
return 0;
}
// q
result = sbn_bin2bignum( &qBn, handle, qPtr, qLen );
if ( result != Status_OK )
{
printf( "error(%d) : sbn_bin2bignum( q )\n", result );
return 0;
}
// dmp1
result = sbn_bin2bignum( &dmp1Bn, handle, dmp1Ptr, dmp1Len );
if ( result != Status_OK )
{
printf( "error(%d) : sbn_bin2bignum( dmp1 )\n", result );
return 0;
}
// dmq1
result = sbn_bin2bignum( &dmq1Bn, handle, dmq1Ptr, dmq1Len );
if ( result != Status_OK )
{
printf( "error(%d) : sbn_bin2bignum( dmq1 )\n", result );
return 0;
}
// iqmp
result = sbn_bin2bignum( &iqmpBn, handle, iqmpPtr, iqmpLen );
if ( result != Status_OK )
{
printf( "error(%d) : sbn_bin2bignum( iqmp )\n", result );
return 0;
}
// e
result = sbn_bin2bignum( &eBn, handle, ePtr, eLen );
if ( result != Status_OK )
{
printf( "error(%d) : sbn_bin2bignum( e )\n", result );
return 0;
}
}
printf( "import ...\n" );
// import key // import key
NFKM_KeyIdent keyident = { (char*)"simple", (char*)"rsa-import-privkey" }; NFKM_KeyIdent keyident = { (char*)"simple", (char*)"rsa-import-privkey" };
tc.cmd.cmd = Cmd_Import; cmd.cmd = Cmd_Import;
tc.cmd.args.import.module = MODULE_ID; cmd.args.import.module = MODULE_ID;
tc.cmd.args.import.data.type = KeyType_RSAPrivate; cmd.args.import.data.type = KeyType_RSAPrivate;
tc.cmd.args.import.data.data.rsaprivate.p = cmd.args.import.data.data.rsaprivate.p = pBn;
tc.cmd.args.import.data.data.rsapublic.e = (M_Bignum)privkey->e; // Public exponent of the RSA keypair cmd.args.import.data.data.rsaprivate.q = qBn;
tc.cmd.args.import.data.data.rsapublic.n = (M_Bignum)privkey->n; // Modules of the RSA keypair cmd.args.import.data.data.rsaprivate.dmp1 = dmp1Bn;
result = NFastApp_Transact( nc, NULL, &(tc.cmd), &(tc.reply), NULL ); cmd.args.import.data.data.rsaprivate.dmq1 = dmq1Bn;
cmd.args.import.data.data.rsaprivate.iqmp = iqmpBn;
cmd.args.import.data.data.rsaprivate.e = eBn;
result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : NFKM_newkey_makeaclx\n", result ); printf( "error(%d) : Cmd_Import\n", result );
} }
result = reply.status;
if ( result != Status_OK )
{
printf( "error(%d) : Cmd_Import(reply)\n", result );
}
printf( "keyid : 0x%08X\n", (unsigned int)reply.reply.import.key );
printf( "done. next : make blob ...\n" );
// make blobs // make blobs
NFKM_MakeBlobsParams mbp;
NFKM_Key reg_key; NFKM_Key reg_key;
memset( &mbp, 0, sizeof( mbp ) ); memset( &mbp, 0, sizeof( mbp ) );
memset( &reg_key, 0, sizeof( reg_key ) ); memset( &reg_key, 0, sizeof( reg_key ) );
mbp.f = map.f;
mbp.kpriv = tc.reply.reply.import.key;
mbp.lt = ltid;
mbp.cs = cardset;
reg_key.v = Key__maxversion; // TORIAEZU Version Max (8) reg_key.v = Key__maxversion; // TORIAEZU Version Max (8)
reg_key.name = keyident.ident; reg_key.name = keyident.ident;
reg_key.appname = keyident.appname; reg_key.appname = keyident.appname;
reg_key.ident = keyident.ident; reg_key.ident = keyident.ident;
time( &(reg_key.gentime) ); time( &(reg_key.gentime) );
mbp.f = map.f;
mbp.kpriv = reply.reply.import.key;
mbp.lt = ltid;
mbp.cs = cardset;
result = NFKM_newkey_makeblobsx( handle, nc, world, &mbp, &reg_key, NULL ); result = NFKM_newkey_makeblobsx( handle, nc, world, &mbp, &reg_key, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : NFKM_newkey_makeblobsx\n", result ); printf( "error(%d) : NFKM_newkey_makeblobsx\n", result );
return 0;
} }
printf( "done. next : record blob ...\n" );
// record key to disk // record key to disk
result = NFKM_recordkey( handle, &reg_key, NULL ); result = NFKM_recordkey( handle, &reg_key, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
@ -328,7 +719,7 @@ int main( int argc, char *argv[] )
printf( "record key success?\n" ); printf( "record key success?\n" );
// destroy key // destroy key
result = NFKM_cmd_destroy( handle, nc, 0, tc.reply.reply.import.key, result = NFKM_cmd_destroy( handle, nc, 0, reply.reply.import.key,
"import.key", NULL ); "import.key", NULL );
// list key // list key
@ -348,7 +739,7 @@ int main( int argc, char *argv[] )
#endif #endif
// find key // find key
NFKM_KeyIdent ki_v = { (char*)"custom", (char*)"rsa-import-privkey" }; NFKM_KeyIdent ki_v = { (char*)"simple", (char*)"rsa-import-privkey" };
printf( "appname : %s, ident : %s\n", ki_v.appname, ki_v.ident ); printf( "appname : %s, ident : %s\n", ki_v.appname, ki_v.ident );
@ -377,15 +768,15 @@ int main( int argc, char *argv[] )
printf( "key ID : %u\n", (unsigned int)keyid ); printf( "key ID : %u\n", (unsigned int)keyid );
// get key info // get key info
tc.cmd.cmd = Cmd_GetKeyInfo; cmd.cmd = Cmd_GetKeyInfo;
tc.cmd.args.getkeyinfo.key = keyid; cmd.args.getkeyinfo.key = keyid;
result = NFastApp_Transact( nc, NULL, &(tc.cmd), &(tc.reply), NULL ); result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : FastApp_Transact(Cmd_GetKeyInfo)\n", result ); printf( "error(%d) : FastApp_Transact(Cmd_GetKeyInfo)\n", result );
} }
// if type == 30 then Rijndael(AES) // if type == 30 then Rijndael(AES)
printf( "keytype : %d\n", tc.reply.reply.getkeyinfo.type ); printf( "keytype : %d\n", reply.reply.getkeyinfo.type );
// encrypt & dectypt test // encrypt & dectypt test
{ {
@ -406,31 +797,31 @@ int main( int argc, char *argv[] )
dec_iv = base_iv; dec_iv = base_iv;
// encrypt : my ver // encrypt : my ver
tc.cmd.cmd = Cmd_Encrypt; cmd.cmd = Cmd_Encrypt;
tc.cmd.args.encrypt.key = keyid; cmd.args.encrypt.key = keyid;
tc.cmd.args.encrypt.mech = Mech_RijndaelmCBCpNONE; cmd.args.encrypt.mech = Mech_RijndaelmCBCpNONE;
tc.cmd.args.encrypt.plain.type = PlainTextType_Bytes; cmd.args.encrypt.plain.type = PlainTextType_Bytes;
tc.cmd.args.encrypt.plain.data.bytes.data = enc_input; cmd.args.encrypt.plain.data.bytes.data = enc_input;
tc.cmd.args.encrypt.flags = Cmd_Encrypt_Args_flags_given_iv_present; cmd.args.encrypt.flags = Cmd_Encrypt_Args_flags_given_iv_present;
tc.cmd.args.encrypt.given_iv = &enc_iv; cmd.args.encrypt.given_iv = &enc_iv;
result = NFastApp_Transact( nc, NULL, &(tc.cmd), &(tc.reply), NULL ); result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : FastApp_Transact(Cmd_Encrypt)\n", result ); printf( "error(%d) : FastApp_Transact(Cmd_Encrypt)\n", result );
} }
result = tc.reply.status; result = reply.status;
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : reply.status(Cmd_Encrypt)\n", result ); printf( "error(%d) : reply.status(Cmd_Encrypt)\n", result );
} }
enc_output.len = tc.reply.reply.encrypt.cipher.data.generic128.cipher.len; enc_output.len = reply.reply.encrypt.cipher.data.generic128.cipher.len;
if ( enc_output.len != DATA_LEN ) if ( enc_output.len != DATA_LEN )
{ {
printf( "error : output data size isn't %d bytes(Cmd_Encrypt)\n", (int)enc_output.len ); printf( "error : output data size isn't %d bytes(Cmd_Encrypt)\n", (int)enc_output.len );
} }
enc_output.ptr = (unsigned char*)malloc( enc_output.len ); enc_output.ptr = (unsigned char*)malloc( enc_output.len );
memcpy( enc_output.ptr, memcpy( enc_output.ptr,
tc.reply.reply.encrypt.cipher.data.generic128.cipher.ptr, reply.reply.encrypt.cipher.data.generic128.cipher.ptr,
enc_output.len ); enc_output.len );
printf( "encrypt ok\n" ); printf( "encrypt ok\n" );
@ -439,51 +830,51 @@ int main( int argc, char *argv[] )
dec_input.ptr = (unsigned char*)malloc( dec_input.len ); dec_input.ptr = (unsigned char*)malloc( dec_input.len );
memcpy( dec_input.ptr, enc_output.ptr, DATA_LEN ); memcpy( dec_input.ptr, enc_output.ptr, DATA_LEN );
NFastApp_Free_Reply( handle, NULL, NULL, &(tc.reply) ); NFastApp_Free_Reply( handle, NULL, NULL, &reply );
// decrypt : my ver // decrypt : my ver
tc.cmd.cmd = Cmd_Decrypt; cmd.cmd = Cmd_Decrypt;
tc.cmd.args.decrypt.flags = 0; cmd.args.decrypt.flags = 0;
tc.cmd.args.decrypt.key = keyid; cmd.args.decrypt.key = keyid;
tc.cmd.args.decrypt.mech = Mech_RijndaelmCBCpNONE; cmd.args.decrypt.mech = Mech_RijndaelmCBCpNONE;
tc.cmd.args.decrypt.cipher.mech = Mech_RijndaelmCBCpNONE; cmd.args.decrypt.cipher.mech = Mech_RijndaelmCBCpNONE;
tc.cmd.args.decrypt.cipher.data.generic128.cipher = dec_input; cmd.args.decrypt.cipher.data.generic128.cipher = dec_input;
tc.cmd.args.decrypt.cipher.iv = dec_iv.iv; cmd.args.decrypt.cipher.iv = dec_iv.iv;
tc.cmd.args.decrypt.reply_type = PlainTextType_Bytes; cmd.args.decrypt.reply_type = PlainTextType_Bytes;
result = NFastApp_Transact( nc, NULL, &(tc.cmd), &(tc.reply), NULL ); result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : FastApp_Transact(Cmd_Decrypt)\n", result ); printf( "error(%d) : FastApp_Transact(Cmd_Decrypt)\n", result );
} }
result = tc.reply.status; result = reply.status;
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : reply.status(Cmd_Decrypt)\n", result ); printf( "error(%d) : reply.status(Cmd_Decrypt)\n", result );
} }
dec_output.len = tc.reply.reply.decrypt.plain.data.bytes.data.len; dec_output.len = reply.reply.decrypt.plain.data.bytes.data.len;
if ( dec_output.len != DATA_LEN ) if ( dec_output.len != DATA_LEN )
{ {
printf( "error : output size isn't %d bytes(Cmd_Decrypt)\n", (int)enc_output.len ); printf( "error : output size isn't %d bytes(Cmd_Decrypt)\n", (int)enc_output.len );
} }
dec_output.ptr = (unsigned char*)malloc( dec_output.len ); dec_output.ptr = (unsigned char*)malloc( dec_output.len );
memcpy( dec_output.ptr, memcpy( dec_output.ptr,
tc.reply.reply.decrypt.plain.data.bytes.data.ptr, reply.reply.decrypt.plain.data.bytes.data.ptr,
dec_output.len ); dec_output.len );
printf( "decrypt ok\n" ); printf( "decrypt ok\n" );
NFastApp_Free_Reply( handle, NULL, NULL, &(tc.reply) ); NFastApp_Free_Reply( handle, NULL, NULL, &reply );
// key destroy // key destroy
memset( &(tc.cmd), 0, sizeof( tc.cmd ) ); // fail if NFastApp_Free_Command memset( &cmd, 0, sizeof( cmd ) ); // fail if NFastApp_Free_Command
tc.cmd.cmd = Cmd_Destroy; cmd.cmd = Cmd_Destroy;
tc.cmd.args.destroy.key = keyid; cmd.args.destroy.key = keyid;
result = NFastApp_Transact( nc, NULL, &(tc.cmd), &(tc.reply), NULL ); result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
if ( result != Status_OK ) if ( result != Status_OK )
{ {
printf( "error(%d) : NFastApp_Transact(Cmd_Destroy)\n", result ); printf( "error(%d) : NFastApp_Transact(Cmd_Destroy)\n", result );
} }
NFastApp_Free_Reply( handle, NULL, NULL, &(tc.reply) ); NFastApp_Free_Reply( handle, NULL, NULL, &reply );
// data show // data show
printf( "enc_input : (%d bytes)", (int)enc_input.len ); printf( "enc_input : (%d bytes)", (int)enc_input.len );