/* * my_hsm_setup.c */ #include #include #include #include #include #include #include "nfastapp.h" #include "nfkm.h" #include "nfutil.h" #include "rqcard-applic.h" #include "rqcard-fips.h" #include "my_hsm_setup.h" #include "my_hsm_bignum.h" #define MODULE_ID 1 #define PRINT_DETAIL 1 // internal functions int i_my_hsm_initialize_common_1st( NFast_AppHandle *pHandle, NFastApp_Connection *pConnection, NFKM_WorldInfo **ppWorld, RQCard *pCard, RQCard_FIPS *pFips ); int i_my_hsm_initialize_common_2nd( NFKM_WorldInfo **ppWorld, NFKM_ModuleInfo **pModuleinfo ); /* --------------------- */ int i_my_hsm_initialize_common_1st( NFast_AppHandle *pHandle, NFastApp_Connection *pConnection, NFKM_WorldInfo **ppWorld, RQCard *pCard, RQCard_FIPS *pFips ) { int status = Status_OK; // init nFast status = NFastApp_InitEx( pHandle, NULL, NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : NFastApp_InitEx\n", status ); #endif return status; } // connecting to hardserver status = NFastApp_Connect( *pHandle, pConnection, 0, NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : NFastApp_Connect\n", status ); #endif return status; } // set bignum upcalls setting status = NFastApp_SetBignumUpcalls( *pHandle, my_bignumreceiveupcall, my_bignumsendlenupcall, my_bignumsendupcall, my_bignumfreeupcall, my_bignumformatupcall, NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : NFastApp_SetBignumUpcalls\n", status ); #endif return status; } // NFKM getinfo status = NFKM_getinfo( *pHandle, ppWorld, NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : NFKM_getinfo\n", status ); #endif return status; } // init card-loading lib status = RQCard_init( pCard, *pHandle, *pConnection, *ppWorld, NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : RQCard_init\n", status ); #endif return status; } // init FIPS state status = RQCard_fips_init( pCard, pFips ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : RQCard_fips_init\n", status ); #endif return status; } // ui select status = RQCard_ui_default( pCard ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : RQCard_ui_default\n", status ); #endif return status; } return status; } /* --------------------- */ int i_my_hsm_initialize_common_2nd( NFKM_WorldInfo **ppWorld, NFKM_ModuleInfo **ppModuleinfo ) { int status = Status_OK; // get usable module *ppModuleinfo = (*ppWorld)->modules[0]; status = NFKM_getusablemodule( *ppWorld, MODULE_ID, ppModuleinfo ); if ( status != Status_OK ) { printf( "error(%d) : NFKM_getusablemodule\n", status ); return status; } return status; } /* --------------------- */ int my_hsm_initialize( NFast_AppHandle *pHandle, NFastApp_Connection *pConnection, NFKM_WorldInfo **ppWorld, RQCard *pCard, RQCard_FIPS *pFips, NFKM_ModuleInfo **ppModuleinfo ) { int status = Status_OK; status = i_my_hsm_initialize_common_1st( pHandle, pConnection, ppWorld, pCard, pFips ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : i_my_hsm_initialize_common_1st\n", status ); #endif return status; } status = i_my_hsm_initialize_common_2nd( ppWorld, ppModuleinfo ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : i_my_hsm_initialize_common_2nd\n", status ); #endif return status; } return status; } /* --------------------- */ int my_hsm_initialize_ex( NFast_AppHandle *pHandle, NFastApp_Connection *pConnection, NFKM_WorldInfo **ppWorld, RQCard *pCard, RQCard_FIPS *pFips, NFKM_ModuleInfo **ppModuleinfo, NFKM_FIPS140AuthHandle fipsHandle, M_SlotID *pSlotId ) { int status = Status_OK; status = i_my_hsm_initialize_common_1st( pHandle, pConnection, ppWorld, pCard, pFips ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : i_my_hsm_initialize_essential\n", status ); #endif return status; } // get strict-FIPS authorization status = RQCard_fips_get( pFips, 1, &fipsHandle, pSlotId ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : RQCard_fips_get\n", status ); #endif return status; } if ( fipsHandle == NULL ) { #ifdef PRINT_DETAIL printf( "this sworld isn't strict-FIPS.\n" ); #endif } // list cardsets int card_num; NFKM_CardSetIdent *cardident = NULL; status = NFKM_listcardsets( *pHandle, &card_num, &cardident, NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : NFKM_listcardsets\n", status ); #endif return status; } // find cardsets NFKM_CardSet *cardset = NULL; status = NFKM_findcardset( *pHandle, cardident, &cardset, NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : NFKM_findcardset\n", status ); #endif return status; } // load cardset status = RQCard_logic_ocs_specific( pCard, &(cardset->hkltu), "Load Cardset" ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : RQCard_logic_ocs_specific\n", status ); #endif return status; } // use specific module : #1 // important!! : if you set resultplace(arg3)=NULL, abort. (possibility is 100%) M_KeyID ltid = 0; // the cardset loaded into the module status = RQCard_whichmodule_specific( pCard, (*ppWorld)->modules[0]->module, <id ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : RQCard_whichmodule_specific\n", status ); #endif return status; } // wait event loop status = pCard->uf->eventloop( pCard ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : card module event loop\n", status ); #endif return status; } status = i_my_hsm_initialize_common_2nd( ppWorld, ppModuleinfo ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : i_my_hsm_initialize_common_2nd\n", status ); #endif return status; } // list key int key_num; NFKM_KeyIdent *keylist = NULL; status = NFKM_listkeys( *pHandle, &key_num, &keylist, "simple", NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : NFKM_listkeys\n", status ); #endif return status; } NFKM_KeyIdent **tkp = &keylist; { int i; for ( i = 0; i < key_num; i++ ) { #ifdef PRINT_DETAIL printf( "appname : %s, ident : %s\n", tkp[i]->appname, tkp[i]->ident ); #endif } } return status; } /* --------------------- */ int my_hsm_finalize( NFast_AppHandle *pHandle, NFastApp_Connection *pConnection, NFKM_WorldInfo **ppWorld, RQCard *pCard, RQCard_FIPS *pFips ) { int status = Status_OK; RQCard_fips_free( pCard, pFips ); RQCard_destroy( pCard ); NFKM_freeinfo( *pHandle, ppWorld, NULL ); status = NFastApp_Disconnect( *pConnection, NULL ); if ( status != Status_OK ) { #ifdef PRINT_DETAIL printf( "error(%d) : NFastApp_Disconnect\n", status ); #endif return status; } NFastApp_Finish( *pHandle, NULL ); return status; }