From a6f8877d65fb538222616a8cefd61eebba6f8c75 Mon Sep 17 00:00:00 2001 From: kubodera_yuichi Date: Tue, 29 Dec 2009 00:43:26 +0000 Subject: [PATCH] =?UTF-8?q?hsm=5Futils:ECDSA=E3=82=AD=E3=83=BC=E3=83=9A?= =?UTF-8?q?=E3=82=A2=E3=82=A4=E3=83=B3=E3=83=9D=E3=83=BC=E3=83=88=E6=88=90?= =?UTF-8?q?=E5=8A=9F(=E7=BD=B2=E5=90=8D=E3=81=A8=E6=A4=9C=E8=A8=BC?= =?UTF-8?q?=E3=81=AF=E3=81=93=E3=82=8C=E3=81=8B=E3=82=89)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@121 ff987cc8-cf2f-4642-8568-d52cce064691 --- hsm_utils/import_ecdsa_keypair.c | 41 ++++++++++++++++---------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/hsm_utils/import_ecdsa_keypair.c b/hsm_utils/import_ecdsa_keypair.c index ff45aff..ec13c64 100644 --- a/hsm_utils/import_ecdsa_keypair.c +++ b/hsm_utils/import_ecdsa_keypair.c @@ -10,7 +10,8 @@ #include #include #include -#include +#include +#include "ec_lcl.h" #include #include #include @@ -20,13 +21,11 @@ #include "rqcard-applic.h" #include "rqcard-fips.h" -//#include "picky-upcalls.h" - #include "my_hsm_bignum.h" #include "my_hsm_alloc.h" -#define PRIV_KEY_FILE "./test-ecdsa-privkey.der" -#define PUB_KEY_FILE "./test-ecdsa-pubkey.der" +#define PRIV_KEY_FILE "./test_key/test-ecdsa-privkey.der" +#define PUB_KEY_FILE "./test_key/test-ecdsa-pubkey.der" #define MODULE_ID 1 #define DATA_LEN 256 // bytes @@ -105,13 +104,13 @@ int importECDSAPrivate( NFKM_KeyIdent keyident ) } fclose( fp ); -#if 1 +#if 0 printf( "\nEC(d) = " ); BN_print_fp( stdout, privkey->priv_key ); printf( "\n" ); #endif -#if 1 +#if 0 printf( "EC bignum(Openssl) size\n" ); printf( "EC(d) : %d bytes\n", BN_num_bytes( privkey->priv_key ) ); #endif @@ -121,14 +120,14 @@ int importECDSAPrivate( NFKM_KeyIdent keyident ) // d dLen = BN_num_bytes( privkey->priv_key ); dPtr = (unsigned char *)malloc( dLen ); - if ( pLen != BN_bn2bin( privkey->priv_key, dPtr ) ) + if ( dLen != BN_bn2bin( privkey->priv_key, dPtr ) ) { printf( "BN_bn2bin failed!(d)\n" ); return 1; } } // ec bignum(openssl) -> bin -#if 1 +#if 0 printf( "EC bin addr\n" ); printf( "EC(d) : 0x%08X\n", (unsigned int)dPtr ); #endif @@ -139,11 +138,11 @@ int importECDSAPrivate( NFKM_KeyIdent keyident ) free( dPtr ); } -#if 1 +#if 0 my_printbignum ( stdout, "EC(d)", privBn.d ); #endif -#if 1 +#if 0 printf( "EC bn addr\n" ); printf( "EC(d) : 0x%08X\n", (unsigned int)privBn.d ); #endif @@ -155,7 +154,7 @@ int importECDSAPrivate( NFKM_KeyIdent keyident ) map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionModule; // 秘密鍵には DECRYPT と SIGN // 公開鍵には ENCRYPT と VERIFY しかセットできない?? - map.op_base = NFKM_DEFOPPERMS_DECRYPT | NFKM_DEFOPPERMS_SIGN; + map.op_base = NFKM_DEFOPPERMS_SIGN; // ECDSA priv key : sign only map.cs = cardset; result = NFKM_newkey_makeaclx( handle, nc, world, &map, &(cmd.args.import.acl), NULL ); if ( result != Status_OK ) @@ -168,8 +167,8 @@ int importECDSAPrivate( NFKM_KeyIdent keyident ) cmd.cmd = Cmd_Import; cmd.args.import.module = MODULE_ID; cmd.args.import.data.type = KeyType_ECDSAPrivate; - cmd.args.import.data.data.ecdsaprivate.curve.name = ECName_NISTB233; // 名前を指定することで - cmd.args.import.data.data.ecdsaprivate.d = privBn.d; // d だけ設定すれば良い + cmd.args.import.data.data.ecprivate.curve.name = ECName_NISTB233; // 名前を指定することで + cmd.args.import.data.data.ecprivate.d = privBn.d; // d だけ設定すれば良い result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL ); if ( result != Status_OK ) { @@ -260,7 +259,7 @@ int importECDSAPublic( NFKM_KeyIdent keyident ) } fclose( fp ); -#if 1 +#if 0 printf( "EC bignum(Openssl) size\n" ); printf( "EC(qx) : %d bytes\n", BN_num_bytes( &pubkey->pub_key->X ) ); @@ -287,7 +286,7 @@ int importECDSAPublic( NFKM_KeyIdent keyident ) } } // ECDSA bignum(openssl) -> bin -#if 1 +#if 0 printf( "EC bin addr\n" ); printf( "EC(qx) : 0x%08X\n", (unsigned int)qxPtr ); printf( "EC(qy) : 0x%08X\n", (unsigned int)qyPtr ); @@ -301,7 +300,7 @@ int importECDSAPublic( NFKM_KeyIdent keyident ) free( qyPtr ); } -#if 1 +#if 0 printf( "EC bn addr\n" ); printf( "EC(qx) : 0x%08X\n", (unsigned int)pubBn.qx ); printf( "EC(qy) : 0x%08X\n", (unsigned int)pubBn.qy ); @@ -314,7 +313,7 @@ int importECDSAPublic( NFKM_KeyIdent keyident ) map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionModule | NFKM_NKF_PublicKey; // 秘密鍵には DECRYPT と SIGN // 公開鍵には ENCRYPT と VERIFY しかセットできない?? - map.op_base = NFKM_DEFOPPERMS_ENCRYPT | NFKM_DEFOPPERMS_VERIFY; + map.op_base = NFKM_DEFOPPERMS_VERIFY; // ECDSA public key : verify only map.cs = cardset; result = NFKM_newkey_makeaclx( handle, nc, world, &map, &(cmd.args.import.acl), NULL ); if ( result != Status_OK ) @@ -327,9 +326,9 @@ int importECDSAPublic( NFKM_KeyIdent keyident ) cmd.cmd = Cmd_Import; cmd.args.import.module = MODULE_ID; cmd.args.import.data.type = KeyType_ECDSAPublic; - cmd.args.import.data.data.ecdsapublic.curve.name = ECName_NISTB233; // 名前を指定することで - cmd.args.import.data.data.ecdsapublic.Q.x = privBn.qx; // qx - cmd.args.import.data.data.ecdsapublic.Q.y = privBn.qy; // qy だけを指定すればよい? + cmd.args.import.data.data.ecpublic.curve.name = ECName_NISTB233; // 名前を指定することで + cmd.args.import.data.data.ecpublic.Q.x = pubBn.qx; // qx + cmd.args.import.data.data.ecpublic.Q.y = pubBn.qy; // qy だけを指定すればよい? result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL ); if ( result != Status_OK ) {