mirror of
https://github.com/rvtr/ctr_eFuse.git
synced 2025-11-02 00:11:04 -04:00
TODO:AESの切替は上手くいったので、そのままTODO:RSAの切替処理対策
(また、このコミットで鍵ロード時の eventloop 処理はどちらからも削除された。) git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@58 ff987cc8-cf2f-4642-8568-d52cce064691
This commit is contained in:
kubodera_yuichi
parent
c4ea5cd059
commit
d54e4f7a2f
@ -148,11 +148,11 @@ const NFKM_KeyIdent hsmAesKeyidentProd = { (char*)"simple", (char*)"aes-dummykey
|
||||
|
||||
static int hsm_aes_load_key( NFKM_KeyIdent keyident, M_KeyID *keyid );
|
||||
#else // !ENCRYPT_AES
|
||||
M_KeyID hsmRsaPrivkeyid, hsmRsaPubkeyid;
|
||||
const NFKM_KeyIdent hsmRsakeyident = { (char*)"simple", (char*)"rsa-dummy-keypair" };
|
||||
NFKM_Key *hsmRsakeyinfo = NULL; // allocate
|
||||
M_KeyID hsmRsaPrivkeyidDev, hsmRsaPubkeyidDev, hsmRsaPrivkeyidProd, hsmRsaPubkeyidProd;
|
||||
const NFKM_KeyIdent hsmRsaKeyidentDev = { (char*)"simple", (char*)"rsa-dummykeypair-dev" };
|
||||
const NFKM_KeyIdent hsmRsaKeyidentProd = { (char*)"simple", (char*)"rsa-dummykeypair-prod" };
|
||||
|
||||
static int hsm_rsa_load_keypair( void );
|
||||
static int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *pubKeyid );
|
||||
#endif // ENCRYPT_AES
|
||||
|
||||
// init HSM
|
||||
@ -260,9 +260,7 @@ void hsm_finalize( void )
|
||||
RQCard_destroy( &hsmCard );
|
||||
|
||||
// TODO: 開発実機鍵/製品実機鍵の両方を処理するようにする。
|
||||
#ifdef ENCRYPT_AES
|
||||
|
||||
#else // !ENCRYPT_AES
|
||||
#ifndef ENCRYPT_AES
|
||||
NFKM_freekey( hsmHandle, hsmRsakeyinfo, NULL );
|
||||
#endif // ENCRYPT_AES
|
||||
|
||||
@ -479,80 +477,49 @@ int hsm_aes_decrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, u
|
||||
|
||||
#else // !ENCRYPT_AES
|
||||
|
||||
int hsm_rsa_load_keypair( void )
|
||||
int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *pubKeyid )
|
||||
{
|
||||
int ret_code = CR_GENID_SUCCESS;
|
||||
NFKM_Key *keyinfo = NULL;
|
||||
|
||||
// find key
|
||||
ret_code = NFKM_findkey( hsmHandle, hsmRsakeyident, &hsmRsakeyinfo, NULL );
|
||||
ret_code = NFKM_findkey( hsmHandle, keyident, &keyinfo, NULL );
|
||||
if ( ret_code != CR_GENID_SUCCESS )
|
||||
{
|
||||
printf( "error(%d) : NFKM_findkey\n", ret_code );
|
||||
return ret_code;
|
||||
}
|
||||
|
||||
// if Key_flags_ProtectionCardSet is enable, eventloop is an essential.
|
||||
if ( hsmRsakeyinfo->flags & Key_flags_ProtectionCardSet )
|
||||
{
|
||||
// load specific OCS
|
||||
ret_code = RQCard_logic_ocs_specific( &hsmCard, &hsmRsakeyinfo->cardset, NULL );
|
||||
if ( ret_code != CR_GENID_SUCCESS )
|
||||
{
|
||||
printf( "error(%d) : RQCard_logic_ocs_specific\n", ret_code );
|
||||
return ret_code;
|
||||
}
|
||||
|
||||
// use specific Module
|
||||
ret_code = RQCard_whichmodule_specific( &hsmCard, HSM_MODULE_ID, &hsmLtid );
|
||||
if ( ret_code != CR_GENID_SUCCESS )
|
||||
{
|
||||
printf( "error(%d) : RQCard_whichmodule_specific\n", ret_code );
|
||||
return ret_code;
|
||||
}
|
||||
|
||||
// eventloop
|
||||
ret_code = hsmCard.uf->eventloop( &hsmCard );
|
||||
if ( ret_code != CR_GENID_SUCCESS )
|
||||
{
|
||||
printf( "error(%d) : Card eventloop\n", ret_code );
|
||||
return ret_code;
|
||||
}
|
||||
}
|
||||
|
||||
// get usable Module
|
||||
hsmModuleinfo = hsmWorld->modules[0];
|
||||
ret_code = NFKM_getusablemodule( hsmWorld, HSM_MODULE_ID, &hsmModuleinfo );
|
||||
if ( ret_code != CR_GENID_SUCCESS )
|
||||
{
|
||||
printf( "error(%d) : NFKM_getusablemodule\n", ret_code );
|
||||
return ret_code;
|
||||
}
|
||||
|
||||
// load key blob
|
||||
printf( "pubblob.len : %d, privblob.len : %d\n",
|
||||
(int)hsmRsakeyinfo->pubblob.len, (int)hsmRsakeyinfo->privblob.len );
|
||||
hsmBlobptr = &hsmRsakeyinfo->privblob;
|
||||
// load private key blob
|
||||
hsmBlobptr = &keyinfo->privblob;
|
||||
ret_code = NFKM_cmd_loadblob( hsmHandle, hsmConnection,
|
||||
hsmModuleinfo->module, hsmBlobptr,
|
||||
hsmLtid, &hsmRsaPrivkeyid,
|
||||
"loading priv-key blob", NULL );
|
||||
hsmLtid, &privKeyid,
|
||||
"loading priv key blob", NULL );
|
||||
if ( ret_code != CR_GENID_SUCCESS )
|
||||
{
|
||||
printf( "error(%d) : NFKM_cmd_loadblob(priv-key)\n", ret_code );
|
||||
return ret_code;
|
||||
}
|
||||
printf( "RSA private key object load : ok\n" );
|
||||
hsmBlobptr = &hsmRsakeyinfo->pubblob;
|
||||
|
||||
// load public key blob
|
||||
hsmBlobptr = &keyinfo->privblob;
|
||||
ret_code = NFKM_cmd_loadblob( hsmHandle, hsmConnection,
|
||||
hsmModuleinfo->module, hsmBlobptr,
|
||||
hsmLtid, &hsmRsaPubkeyid,
|
||||
"loading pub-key blob", NULL );
|
||||
if ( ret_code != Status_OK )
|
||||
hsmLtid, &pubKeyid,
|
||||
"loading pub key blob", NULL );
|
||||
if ( ret_code != CR_GENID_SUCCESS )
|
||||
{
|
||||
printf( "error(%d) : NFKM_cmd_loadblob(pub-key)\n", ret_code );
|
||||
return ret_code;
|
||||
}
|
||||
printf( "RSA public key object load : ok\n" );
|
||||
|
||||
#if 0
|
||||
// get key info
|
||||
{
|
||||
M_Command cmd;
|
||||
@ -570,7 +537,6 @@ int hsm_rsa_load_keypair( void )
|
||||
}
|
||||
}
|
||||
|
||||
#if 0
|
||||
// get & set key acl
|
||||
{
|
||||
int i, j;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user