From d54e4f7a2f0dd4abf351636867611075f18bbab0 Mon Sep 17 00:00:00 2001 From: kubodera_yuichi Date: Wed, 23 Dec 2009 06:51:41 +0000 Subject: [PATCH] =?UTF-8?q?TODO:AES=E3=81=AE=E5=88=87=E6=9B=BF=E3=81=AF?= =?UTF-8?q?=E4=B8=8A=E6=89=8B=E3=81=8F=E3=81=84=E3=81=A3=E3=81=9F=E3=81=AE?= =?UTF-8?q?=E3=81=A7=E3=80=81=E3=81=9D=E3=81=AE=E3=81=BE=E3=81=BETODO:RSA?= =?UTF-8?q?=E3=81=AE=E5=88=87=E6=9B=BF=E5=87=A6=E7=90=86=E5=AF=BE=E7=AD=96?= =?UTF-8?q?=20=EF=BC=88=E3=81=BE=E3=81=9F=E3=80=81=E3=81=93=E3=81=AE?= =?UTF-8?q?=E3=82=B3=E3=83=9F=E3=83=83=E3=83=88=E3=81=A7=E9=8D=B5=E3=83=AD?= =?UTF-8?q?=E3=83=BC=E3=83=89=E6=99=82=E3=81=AE=20eventloop=20=E5=87=A6?= =?UTF-8?q?=E7=90=86=E3=81=AF=E3=81=A9=E3=81=A1=E3=82=89=E3=81=8B=E3=82=89?= =?UTF-8?q?=E3=82=82=E5=89=8A=E9=99=A4=E3=81=95=E3=82=8C=E3=81=9F=E3=80=82?= =?UTF-8?q?=EF=BC=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@58 ff987cc8-cf2f-4642-8568-d52cce064691 --- cr_hsm_code.c | 74 ++++++++++++++------------------------------------- 1 file changed, 20 insertions(+), 54 deletions(-) diff --git a/cr_hsm_code.c b/cr_hsm_code.c index 2007c79..40cd995 100644 --- a/cr_hsm_code.c +++ b/cr_hsm_code.c @@ -148,11 +148,11 @@ const NFKM_KeyIdent hsmAesKeyidentProd = { (char*)"simple", (char*)"aes-dummykey static int hsm_aes_load_key( NFKM_KeyIdent keyident, M_KeyID *keyid ); #else // !ENCRYPT_AES -M_KeyID hsmRsaPrivkeyid, hsmRsaPubkeyid; -const NFKM_KeyIdent hsmRsakeyident = { (char*)"simple", (char*)"rsa-dummy-keypair" }; -NFKM_Key *hsmRsakeyinfo = NULL; // allocate +M_KeyID hsmRsaPrivkeyidDev, hsmRsaPubkeyidDev, hsmRsaPrivkeyidProd, hsmRsaPubkeyidProd; +const NFKM_KeyIdent hsmRsaKeyidentDev = { (char*)"simple", (char*)"rsa-dummykeypair-dev" }; +const NFKM_KeyIdent hsmRsaKeyidentProd = { (char*)"simple", (char*)"rsa-dummykeypair-prod" }; -static int hsm_rsa_load_keypair( void ); +static int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *pubKeyid ); #endif // ENCRYPT_AES // init HSM @@ -260,9 +260,7 @@ void hsm_finalize( void ) RQCard_destroy( &hsmCard ); // TODO: 開発実機鍵/製品実機鍵の両方を処理するようにする。 -#ifdef ENCRYPT_AES - -#else // !ENCRYPT_AES +#ifndef ENCRYPT_AES NFKM_freekey( hsmHandle, hsmRsakeyinfo, NULL ); #endif // ENCRYPT_AES @@ -479,80 +477,49 @@ int hsm_aes_decrypt( unsigned char *dst_buf, unsigned char *org_buf, int size, u #else // !ENCRYPT_AES -int hsm_rsa_load_keypair( void ) +int hsm_rsa_load_keypair( NFKM_KeyIdent keyident, M_KeyID *privKeyid, M_KeyID *pubKeyid ) { int ret_code = CR_GENID_SUCCESS; + NFKM_Key *keyinfo = NULL; // find key - ret_code = NFKM_findkey( hsmHandle, hsmRsakeyident, &hsmRsakeyinfo, NULL ); + ret_code = NFKM_findkey( hsmHandle, keyident, &keyinfo, NULL ); if ( ret_code != CR_GENID_SUCCESS ) { - printf( "error(%d) : NFKM_findkey\n", ret_code ); return ret_code; } - // if Key_flags_ProtectionCardSet is enable, eventloop is an essential. - if ( hsmRsakeyinfo->flags & Key_flags_ProtectionCardSet ) - { - // load specific OCS - ret_code = RQCard_logic_ocs_specific( &hsmCard, &hsmRsakeyinfo->cardset, NULL ); - if ( ret_code != CR_GENID_SUCCESS ) - { - printf( "error(%d) : RQCard_logic_ocs_specific\n", ret_code ); - return ret_code; - } - - // use specific Module - ret_code = RQCard_whichmodule_specific( &hsmCard, HSM_MODULE_ID, &hsmLtid ); - if ( ret_code != CR_GENID_SUCCESS ) - { - printf( "error(%d) : RQCard_whichmodule_specific\n", ret_code ); - return ret_code; - } - - // eventloop - ret_code = hsmCard.uf->eventloop( &hsmCard ); - if ( ret_code != CR_GENID_SUCCESS ) - { - printf( "error(%d) : Card eventloop\n", ret_code ); - return ret_code; - } - } - // get usable Module hsmModuleinfo = hsmWorld->modules[0]; ret_code = NFKM_getusablemodule( hsmWorld, HSM_MODULE_ID, &hsmModuleinfo ); if ( ret_code != CR_GENID_SUCCESS ) { - printf( "error(%d) : NFKM_getusablemodule\n", ret_code ); return ret_code; } - // load key blob - printf( "pubblob.len : %d, privblob.len : %d\n", - (int)hsmRsakeyinfo->pubblob.len, (int)hsmRsakeyinfo->privblob.len ); - hsmBlobptr = &hsmRsakeyinfo->privblob; + // load private key blob + hsmBlobptr = &keyinfo->privblob; ret_code = NFKM_cmd_loadblob( hsmHandle, hsmConnection, hsmModuleinfo->module, hsmBlobptr, - hsmLtid, &hsmRsaPrivkeyid, - "loading priv-key blob", NULL ); + hsmLtid, &privKeyid, + "loading priv key blob", NULL ); if ( ret_code != CR_GENID_SUCCESS ) { - printf( "error(%d) : NFKM_cmd_loadblob(priv-key)\n", ret_code ); return ret_code; } - printf( "RSA private key object load : ok\n" ); - hsmBlobptr = &hsmRsakeyinfo->pubblob; + + // load public key blob + hsmBlobptr = &keyinfo->privblob; ret_code = NFKM_cmd_loadblob( hsmHandle, hsmConnection, hsmModuleinfo->module, hsmBlobptr, - hsmLtid, &hsmRsaPubkeyid, - "loading pub-key blob", NULL ); - if ( ret_code != Status_OK ) + hsmLtid, &pubKeyid, + "loading pub key blob", NULL ); + if ( ret_code != CR_GENID_SUCCESS ) { - printf( "error(%d) : NFKM_cmd_loadblob(pub-key)\n", ret_code ); + return ret_code; } - printf( "RSA public key object load : ok\n" ); +#if 0 // get key info { M_Command cmd; @@ -570,7 +537,6 @@ int hsm_rsa_load_keypair( void ) } } -#if 0 // get & set key acl { int i, j;