mirror of
https://github.com/rvtr/ctr_eFuse.git
synced 2025-11-02 00:11:04 -04:00
e95cee71fd
git-svn-id: file:///Volumes/Transfer/gigaleak_20231201/2020-09-30%20-%20paladin.7z/paladin/ctr_eFuse@108 ff987cc8-cf2f-4642-8568-d52cce064691
739 lines
23 KiB
C
739 lines
23 KiB
C
|
||
// import key (+ encrypt, decrypt) test for nShield
|
||
|
||
#include <assert.h>
|
||
#include <stdio.h>
|
||
#include <stdlib.h>
|
||
#include <string.h>
|
||
|
||
// openssl
|
||
#include <openssl/err.h>
|
||
#include <openssl/bn.h>
|
||
#include <openssl/sha.h>
|
||
#include <openssl/rsa.h>
|
||
#include <openssl/ec.h>
|
||
#include "ec_lcl.h"
|
||
#include <openssl/x509.h>
|
||
#include <openssl/aes.h>
|
||
#include <openssl/pem.h>
|
||
|
||
#include "nfastapp.h"
|
||
#include "nfkm.h"
|
||
#include "rqcard-applic.h"
|
||
#include "rqcard-fips.h"
|
||
|
||
#include "ncthread-upcalls.h"
|
||
//#include "picky-upcalls.h"
|
||
|
||
#include "mybignum.h"
|
||
|
||
|
||
#define PRIV_KEY_FILE "./test_key/test-ecc-privkey.der"
|
||
#define PUB_KEY_FILE "./test_key/test-ecc-pubkey.der"
|
||
|
||
#define MODULE_ID 1
|
||
#define DATA_LEN 256 // bytes
|
||
|
||
typedef struct _NFast_Call_Context
|
||
{
|
||
int notused;
|
||
}
|
||
NFast_Call_Context;
|
||
NFast_Call_Context context;
|
||
|
||
// RSA private key data
|
||
typedef struct
|
||
{
|
||
struct NFast_Bignum *p;
|
||
struct NFast_Bignum *q;
|
||
struct NFast_Bignum *dmp1;
|
||
struct NFast_Bignum *dmq1;
|
||
struct NFast_Bignum *iqmp;
|
||
struct NFast_Bignum *e;
|
||
}
|
||
RSAPrivateKeyData;
|
||
|
||
// RSA public key data
|
||
typedef struct
|
||
{
|
||
struct NFast_Bignum *e;
|
||
struct NFast_Bignum *n;
|
||
}
|
||
RSAPublicKeyData;
|
||
|
||
static void *my_malloc( size_t nbytes,
|
||
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
|
||
static void *my_realloc( void *ptr, size_t nbytes,
|
||
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
|
||
static void my_free( void *ptr,
|
||
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx );
|
||
|
||
void PrintArray( char *pStr, const unsigned char *pData, int length );
|
||
int BN_bn2binWrapper( BIGNUM *bn, unsigned char **ptr, int *len );
|
||
int my_bin2bignumWrapper( NFast_AppHandle app, unsigned char *ptr, struct NFast_Bignum **nbn, int size );
|
||
|
||
const NFast_MallocUpcalls my_malloc_upcalls =
|
||
{
|
||
my_malloc, my_realloc, my_free
|
||
};
|
||
|
||
static void *my_malloc( size_t nbytes,
|
||
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx )
|
||
{
|
||
return malloc( nbytes );
|
||
}
|
||
|
||
static void *my_realloc( void *ptr, size_t nbytes,
|
||
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx )
|
||
{
|
||
return realloc( ptr, nbytes );
|
||
}
|
||
|
||
static void my_free( void *ptr,
|
||
struct NFast_Call_Context *cctx, struct NFast_Transaction_Context *tctx )
|
||
{
|
||
free( ptr );
|
||
}
|
||
|
||
void PrintArray( char *pStr, const unsigned char *pData, int length )
|
||
{
|
||
int i;
|
||
printf( "%s(%d bytes)", pStr, length );
|
||
for ( i = 0; i < length; i++ )
|
||
{
|
||
if ( (i % 16) == 0 ) printf( "\n" );
|
||
printf( "%02X ", pData[ i ] );
|
||
}
|
||
printf( "\n" );
|
||
}
|
||
|
||
int BN_bn2binWrapper( BIGNUM *bn, unsigned char **ptr, int *len )
|
||
{
|
||
*len = BN_num_bytes( bn );
|
||
*ptr = (unsigned char*)malloc( *len );
|
||
if ( *len != BN_bn2bin( bn, *ptr ) )
|
||
{
|
||
printf( "BN_bn2binWrapper failed!\n" );
|
||
return 1;
|
||
}
|
||
return 0;
|
||
} // BN_bn2binWrapper
|
||
|
||
int my_bin2bignumWrapper( NFast_AppHandle app, unsigned char *ptr, struct NFast_Bignum **nbn, int size )
|
||
{
|
||
int result = my_bin2bignum( nbn, app, ptr, size );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : my_bin2bignumWrapper\n", result );
|
||
return result;
|
||
}
|
||
return 0;
|
||
} // my_bin2bignumWrapper
|
||
|
||
int main( int argc, char *argv[] )
|
||
{
|
||
int i;
|
||
int result = 0;
|
||
int rand_size = 80;
|
||
|
||
M_Command cmd;
|
||
M_Reply reply;
|
||
|
||
memset( &cmd, 0, sizeof( cmd ) );
|
||
memset( &reply, 0, sizeof( reply ) );
|
||
|
||
NFast_AppHandle handle;
|
||
NFastApp_Connection nc;
|
||
NFKM_WorldInfo *world = NULL;
|
||
RQCard card;
|
||
RQCard_FIPS fips;
|
||
M_KeyID ltid; // the cardset loaded into the module
|
||
M_KeyID keyid;
|
||
NFKM_Key *keyinfo = NULL;
|
||
NFKM_CardSet *cardset = NULL;
|
||
|
||
if ( argc == 2 )
|
||
rand_size = atoi( argv[1] );
|
||
|
||
// load ecc data (private)
|
||
EC_KEY *privkey = NULL;
|
||
FILE *fp;
|
||
fp = fopen( PRIV_KEY_FILE, "rb" );
|
||
if ( !fp )
|
||
{
|
||
printf( "error : open %s file\n", PRIV_KEY_FILE );
|
||
return 0;
|
||
}
|
||
privkey = d2i_ECPrivateKey_fp( fp, NULL );
|
||
if ( !privkey )
|
||
{
|
||
printf( "error : d2i_ECPrivateKey_fp\n" );
|
||
return 0;
|
||
}
|
||
fclose( fp );
|
||
|
||
// load ecc data (public)
|
||
EC_KEY *pubkey = NULL;
|
||
fp = fopen( PUB_KEY_FILE, "rb" );
|
||
if ( !fp )
|
||
{
|
||
printf( "error : open %s file\n", PUB_KEY_FILE );
|
||
return 0;
|
||
}
|
||
pubkey = d2i_EC_PUBKEY_fp( fp, NULL );
|
||
if ( !pubkey )
|
||
{
|
||
printf( "error : d2i_EC_PUBKEY_fp\n" );
|
||
return 0;
|
||
}
|
||
fclose( fp );
|
||
|
||
#if 1
|
||
printf( "EC pravate element\n" );
|
||
printf( "EC curve name : %d\n", privkey->group->curve_name );
|
||
printf( "EC(F->data->prime->p) : %d bytes\n", BN_num_bytes( &(privkey->group->field) ) );
|
||
printf( "poly : " );
|
||
for ( i = 0; i < 5; i++ )
|
||
printf( "%d ", privkey->group->poly[i] );
|
||
printf( "\n" );
|
||
printf( "EC(a) : %d bytes\n", BN_num_bytes( &(privkey->group->a) ) );
|
||
printf( "EC(b) : %d bytes\n", BN_num_bytes( &(privkey->group->b) ) );
|
||
printf( "EC(g->x) : %d bytes\n", BN_num_bytes( &(privkey->group->generator->X) ) );
|
||
printf( "EC(g->y) : %d bytes\n", BN_num_bytes( &(privkey->group->generator->Y) ) );
|
||
printf( "EC(r) : %d bytes\n", BN_num_bytes( &(privkey->group->order) ) );
|
||
printf( "EC(h) : %d bytes\n", BN_num_bytes( &(privkey->group->cofactor) ) );
|
||
printf( "EC(d) : %d bytes\n", BN_num_bytes( privkey->priv_key ) );
|
||
#endif
|
||
|
||
#if 0
|
||
printf( "EC public element\n" );
|
||
printf( "EC curve name : %d\n", pubkey->group->curve_name );
|
||
printf( "EC(F->data->prime->p) : %d bytes\n", BN_num_bytes( &(pubkey->group->field) ) );
|
||
printf( "poly : " );
|
||
for ( i = 0; i < 5; i++ )
|
||
printf( "%d ", pubkey->group->poly[i] );
|
||
printf( "\n" );
|
||
printf( "EC(a) : %d bytes\n", BN_num_bytes( &(pubkey->group->a) ) );
|
||
printf( "EC(b) : %d bytes\n", BN_num_bytes( &(pubkey->group->b) ) );
|
||
printf( "EC(g->x) : %d bytes\n", BN_num_bytes( &(pubkey->group->generator->X) ) );
|
||
printf( "EC(g->y) : %d bytes\n", BN_num_bytes( &(pubkey->group->generator->Y) ) );
|
||
printf( "EC(r) : %d bytes\n", BN_num_bytes( &(pubkey->group->order) ) );
|
||
printf( "EC(h) : %d bytes\n", BN_num_bytes( &(pubkey->group->cofactor) ) );
|
||
printf( "EC(Q->x) : %d bytes\n", BN_num_bytes( &(pubkey->pub_key->X) ) );
|
||
printf( "EC(Q->y) : %d bytes\n", BN_num_bytes( &(pubkey->pub_key->Y) ) );
|
||
#endif
|
||
|
||
// OpenSSL Bignum to Binary
|
||
// private
|
||
int fdppLen, aLen, bLen, gxLen, gyLen, rLen, hLen, dLen;
|
||
unsigned char *fdppPtr, *aPtr, *bPtr, *gxPtr, *gyPtr, *rPtr, *hPtr, *dPtr;
|
||
fdppPtr = aPtr = bPtr = gxPtr = gyPtr = rPtr = hPtr = NULL;
|
||
BN_bn2binWrapper( &(privkey->group->field), &fdppPtr, &fdppLen );
|
||
BN_bn2binWrapper( &(privkey->group->a), &aPtr, &aLen );
|
||
BN_bn2binWrapper( &(privkey->group->b), &bPtr, &bLen );
|
||
BN_bn2binWrapper( &(privkey->group->generator->X), &gxPtr, &gxLen );
|
||
BN_bn2binWrapper( &(privkey->group->generator->Y), &gyPtr, &gyLen );
|
||
BN_bn2binWrapper( &(privkey->group->order), &rPtr, &rLen );
|
||
BN_bn2binWrapper( &(privkey->group->cofactor), &hPtr, &hLen );
|
||
BN_bn2binWrapper( privkey->priv_key, &dPtr, &dLen );
|
||
|
||
#if 0
|
||
printf( "fdpp : 0x%08X\n", (unsigned int)fdppPtr );
|
||
printf( "a : 0x%08X\n", (unsigned int)aPtr );
|
||
printf( "b : 0x%08X\n", (unsigned int)bPtr );
|
||
printf( "gx : 0x%08X\n", (unsigned int)gxPtr );
|
||
printf( "gy : 0x%08X\n", (unsigned int)gyPtr );
|
||
printf( "r : 0x%08X\n", (unsigned int)rPtr );
|
||
printf( "h : 0x%08X\n", (unsigned int)hPtr );
|
||
printf( "d : 0x%08X\n", (unsigned int)dPtr );
|
||
#endif
|
||
|
||
// init nFast
|
||
result = NFastApp_InitEx( &handle, NULL, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFastApp_InitEx\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// connecting to hardserver
|
||
//result = NFastApp_Connect( handle, &nc, 0, NULL );
|
||
result = NFastApp_Connect( handle, &nc, NFastApp_ConnectionFlags_Privileged, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFastApp_Connect\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// set bignum upcalls setting
|
||
result = NFastApp_SetBignumUpcalls(
|
||
handle,
|
||
my_bignumreceiveupcall,
|
||
my_bignumsendlenupcall,
|
||
my_bignumsendupcall,
|
||
my_bignumfreeupcall,
|
||
my_bignumformatupcall,
|
||
NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFastApp_SetBignumUpcalls\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// NFKM getinfo
|
||
result = NFKM_getinfo( handle, &world, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_getinfo\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// init card-loading lib
|
||
result = RQCard_init( &card, handle, nc, world, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : RQCard_init\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// init FIPS state
|
||
result = RQCard_fips_init( &card, &fips );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : RQCard_fips_init\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// ui select
|
||
result = RQCard_ui_default( &card );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : RQCard_ui_default\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// get strict-FIPS authorization
|
||
#if 0
|
||
NFKM_FIPS140AuthHandle fipsHandle;
|
||
M_SlotID slotId;
|
||
result = RQCard_fips_get( &fips, 1, &fipsHandle, &slotId );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : RQCard_fips_get\n", result );
|
||
return 0;
|
||
}
|
||
if ( fipsHandle == NULL )
|
||
{
|
||
printf( "this sworld isn't strict-FIPS.\n" );
|
||
}
|
||
#endif
|
||
|
||
#if 0 // no card
|
||
// list cardsets
|
||
int card_num;
|
||
NFKM_CardSetIdent *cardident = NULL;
|
||
result = NFKM_listcardsets( handle, &card_num, &cardident, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_listcardsets\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// find cardsets
|
||
result = NFKM_findcardset( handle, cardident, &cardset, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_findcardset\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// load cardset
|
||
result = RQCard_logic_ocs_specific( &card, &(cardset->hkltu), "Load Cardset" );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : RQCard_logic_ocs_specific\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// use specific module : #1
|
||
// important!! : if you set resultplace=NULL, abort. (possibility is 100%)
|
||
result = RQCard_whichmodule_specific( &card, world->modules[0]->module, <id );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : RQCard_whichmodule_specific\n", result );
|
||
}
|
||
|
||
// wait event loop
|
||
result = card.uf->eventloop( &card );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : card module event loop\n", result );
|
||
}
|
||
#endif
|
||
|
||
// get usable module
|
||
NFKM_ModuleInfo *moduleinfo = world->modules[0];
|
||
result = NFKM_getusablemodule( world, MODULE_ID, &moduleinfo );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_getusablemodule\n", result );
|
||
return 0;
|
||
}
|
||
|
||
#if 1
|
||
// ECC enable
|
||
cmd.cmd = Cmd_StaticFeatureEnable;
|
||
cmd.args.staticfeatureenable.module = MODULE_ID;
|
||
cmd.args.staticfeatureenable.info.ver = 0; // ???
|
||
//cmd.args.staticfeatureenable.info.ctrl = FeatureInfo_ctrl_Add | FeatureInfo_ctrl_LongTerm;
|
||
cmd.args.staticfeatureenable.info.ctrl = FeatureInfo_ctrl_LongTerm;
|
||
//cmd.args.staticfeatureenable.info.features = FeatureInfo_features_EllipticCurve | FeatureInfo_features_ECCMQV | FeatureInfo_features_AcceleratedECC;
|
||
cmd.args.staticfeatureenable.info.features = FeatureInfo_features_EllipticCurve;
|
||
result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : Cmd_StaticFeatureEnable\n", result );
|
||
}
|
||
result = reply.status;
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : Cmd_StaticFeatureEnable(reply)\n", result );
|
||
}
|
||
memset( &cmd, 0, sizeof( cmd ) );
|
||
NFastApp_Free_Reply( handle, NULL, NULL, &reply );
|
||
#endif
|
||
|
||
// make ACL
|
||
NFKM_MakeACLParams map;
|
||
memset( &map, 0, sizeof( map ) );
|
||
if ( cardset != NULL )
|
||
map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionCardSet;
|
||
else
|
||
map.f = NFKM_NKF_RecoveryEnabled | NFKM_NKF_ProtectionModule;
|
||
// <20>Í<EFBFBD><C38D><EFBFBD><EFBFBD>ƕ<EFBFBD><C695><EFBFBD><EFBFBD><EFBFBD><EFBFBD>A<EFBFBD><41><EFBFBD><EFBFBD><EFBFBD>ƃx<C683><78><EFBFBD>t<EFBFBD>@<40>C<EFBFBD>ȂǁA<C781><41><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>鑀<EFBFBD><E99180><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>邱<EFBFBD>Ƃ͂ł<CD82><C582>Ȃ<EFBFBD>(<28>G<EFBFBD><47><EFBFBD>[<5B>ɂȂ<C982>)
|
||
// e.g. NFKM_DEFOPPERMS_SIGN | NFKM_DEFOPPERMS_VERIFY -> <20>G<EFBFBD><47><EFBFBD>[
|
||
// e.g. NFKM_DEFOPPERMS_ENCRYPT | NFKM_DEFOPPERMS_DECRYPT -> <20>G<EFBFBD><47><EFBFBD>[
|
||
map.op_base = NFKM_DEFOPPERMS_SIGN | NFKM_DEFOPPERMS_ENCRYPT;
|
||
map.cs = cardset;
|
||
result = NFKM_newkey_makeaclx( handle, nc, world, &map, &(cmd.args.import.acl), NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_newkey_makeaclx\n", result );
|
||
return 0;
|
||
}
|
||
|
||
// convert OpenSSL binary -> NFast_Bignum(M_Bignum)
|
||
struct NFast_Bignum *fdppBn, *aBn, *bBn, *gxBn, *gyBn, *rBn, *hBn, *dBn;
|
||
fdppBn = aBn = bBn = gxBn = gyBn = rBn = hBn = dBn = NULL;
|
||
my_bin2bignumWrapper( handle, fdppPtr, &fdppBn, fdppLen );
|
||
my_bin2bignumWrapper( handle, aPtr, &aBn, aLen );
|
||
my_bin2bignumWrapper( handle, bPtr, &bBn, bLen );
|
||
my_bin2bignumWrapper( handle, gxPtr, &gxBn, gxLen );
|
||
my_bin2bignumWrapper( handle, gyPtr, &gyBn, gyLen );
|
||
my_bin2bignumWrapper( handle, rPtr, &rBn, rLen );
|
||
my_bin2bignumWrapper( handle, hPtr, &hBn, hLen );
|
||
my_bin2bignumWrapper( handle, dPtr, &dBn, dLen );
|
||
|
||
#if 1
|
||
printf( "fdpp : 0x%08X\n", (unsigned int)fdppBn );
|
||
printf( "a : 0x%08X\n", (unsigned int)aBn );
|
||
printf( "b : 0x%08X\n", (unsigned int)bBn );
|
||
printf( "gx : 0x%08X\n", (unsigned int)gxBn );
|
||
printf( "gy : 0x%08X\n", (unsigned int)gyBn );
|
||
printf( "r : 0x%08X\n", (unsigned int)rBn );
|
||
printf( "h : 0x%08X\n", (unsigned int)hBn );
|
||
printf( "d : 0x%08X\n", (unsigned int)dBn );
|
||
#endif
|
||
|
||
printf( "setting ...\n" );
|
||
|
||
// import key
|
||
NFKM_KeyIdent keyident = { (char*)"simple", (char*)"ecc-import-privkey" };
|
||
cmd.cmd = Cmd_Import;
|
||
cmd.args.import.module = MODULE_ID;
|
||
cmd.args.import.data.type = KeyType_ECPrivate;
|
||
cmd.args.import.data.data.ecprivate.curve.name = ECName_NISTK233;
|
||
//cmd.args.import.data.data.ecprivate.curve.name = ECName_NISTB233;
|
||
|
||
#if 0
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.F.type = FieldType_Prime;
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.F.data.prime.flags = 0; // ???
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.F.data.prime.p = fdppBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.a = aBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.b = bBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.g.flags = ECPoint_flags_Infinity; // ??? (valid flags is ECPoint_flags_Infinity only.)
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.g.x = gxBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.g.x = gyBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.r = rBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.custom.h = hPtr[0];
|
||
#else
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.F.type = FieldType_Binary;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.F.data.binary.flags = FieldType_Binary_Data_flags_beta_present;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.F.data.binary.n_exponents = 5;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.F.data.binary.exponents = (M_Word*)privkey->group->poly;
|
||
for ( i = 0; i < 5; i++ )
|
||
{
|
||
printf ( "%d ", (int)cmd.args.import.data.data.ecprivate.curve.data.customlcf.F.data.binary.exponents[i] );
|
||
}
|
||
printf( "\n" );
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.F.data.binary.beta = &fdppBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.a = aBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.b = bBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.g.flags = 0; // ??? (valid flags is ECPoint_flags_Infinity only.)
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.g.x = gxBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.g.x = gyBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.r = rBn;
|
||
cmd.args.import.data.data.ecprivate.curve.data.customlcf.h = hBn;
|
||
#endif
|
||
cmd.args.import.data.data.ecprivate.d = dBn;
|
||
|
||
printf( "import ...\n" );
|
||
|
||
result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : Cmd_Import\n", result );
|
||
}
|
||
result = reply.status;
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : Cmd_Import(reply)\n", result );
|
||
}
|
||
printf( "keyid : 0x%08X\n", (unsigned int)reply.reply.import.key );
|
||
|
||
printf( "done. next : make blob ...\n" );
|
||
|
||
#if 0
|
||
|
||
// make blobs
|
||
NFKM_MakeBlobsParams mbp;
|
||
NFKM_Key reg_key;
|
||
memset( &mbp, 0, sizeof( mbp ) );
|
||
memset( ®_key, 0, sizeof( reg_key ) );
|
||
|
||
reg_key.v = Key__maxversion; // TORIAEZU Version Max (8)
|
||
reg_key.name = keyident.ident;
|
||
reg_key.appname = keyident.appname;
|
||
reg_key.ident = keyident.ident;
|
||
time( &(reg_key.gentime) );
|
||
|
||
mbp.f = map.f;
|
||
mbp.kpriv = reply.reply.import.key;
|
||
mbp.lt = ltid;
|
||
mbp.cs = cardset;
|
||
result = NFKM_newkey_makeblobsx( handle, nc, world, &mbp, ®_key, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_newkey_makeblobsx\n", result );
|
||
return 0;
|
||
}
|
||
|
||
printf( "done. next : record blob ...\n" );
|
||
|
||
// record key to disk
|
||
result = NFKM_recordkey( handle, ®_key, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_recordkey\n", result );
|
||
}
|
||
|
||
printf( "record key success?\n" );
|
||
|
||
// destroy key
|
||
result = NFKM_cmd_destroy( handle, nc, 0, reply.reply.import.key,
|
||
"import.key", NULL );
|
||
|
||
// list key
|
||
#if 0
|
||
int key_num;
|
||
NFKM_KeyIdent *keylist = NULL;
|
||
result = NFKM_listkeys( handle, &key_num, &keylist, "simple", NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_listkeys\n", result );
|
||
}
|
||
NFKM_KeyIdent **tkp = &keylist;
|
||
for ( i = 0; i < key_num; i++ )
|
||
{
|
||
printf( "appname : %s, ident : %s\n", tkp[i]->appname, tkp[i]->ident );
|
||
}
|
||
#endif
|
||
|
||
// find key
|
||
NFKM_KeyIdent ki_v = { (char*)"simple", (char*)"rsa-import-privkey" };
|
||
|
||
printf( "appname : %s, ident : %s\n", ki_v.appname, ki_v.ident );
|
||
|
||
result = NFKM_findkey( handle, ki_v, &keyinfo, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_findkey\n", result );
|
||
}
|
||
|
||
// load blob
|
||
M_ByteBlock *blobptr;
|
||
if ( keyinfo->pubblob.len)
|
||
blobptr = &keyinfo->pubblob;
|
||
else
|
||
{
|
||
blobptr = &keyinfo->privblob;
|
||
}
|
||
|
||
result = NFKM_cmd_loadblob( handle, nc,
|
||
moduleinfo->module, blobptr, ltid, &keyid, "loading key blob", NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFKM_cmd_loadblob\n", result );
|
||
}
|
||
printf( "key ID : %u\n", (unsigned int)keyid );
|
||
|
||
// get key info
|
||
cmd.cmd = Cmd_GetKeyInfo;
|
||
cmd.args.getkeyinfo.key = keyid;
|
||
result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : FastApp_Transact(Cmd_GetKeyInfo)\n", result );
|
||
}
|
||
// if type == 30 then Rijndael(AES)
|
||
printf( "keytype : %d\n", reply.reply.getkeyinfo.type );
|
||
|
||
// encrypt & dectypt test
|
||
{
|
||
M_ByteBlock enc_input, dec_input;
|
||
M_ByteBlock enc_output, dec_output;
|
||
M_IV base_iv, enc_iv, dec_iv;
|
||
|
||
// data setting
|
||
enc_input.len = DATA_LEN;
|
||
enc_input.ptr = (unsigned char*)malloc( DATA_LEN );
|
||
for ( i = 0; i < enc_input.len; i++ )
|
||
enc_input.ptr[i] = i;
|
||
|
||
base_iv.mech = Mech_RijndaelmCBCpNONE;
|
||
for ( i = 0; i < 16; i++ )
|
||
base_iv.iv.generic128.iv.bytes[i] = i;
|
||
enc_iv = base_iv;
|
||
dec_iv = base_iv;
|
||
|
||
// encrypt : my ver
|
||
cmd.cmd = Cmd_Encrypt;
|
||
cmd.args.encrypt.key = keyid;
|
||
cmd.args.encrypt.mech = Mech_RijndaelmCBCpNONE;
|
||
cmd.args.encrypt.plain.type = PlainTextType_Bytes;
|
||
cmd.args.encrypt.plain.data.bytes.data = enc_input;
|
||
cmd.args.encrypt.flags = Cmd_Encrypt_Args_flags_given_iv_present;
|
||
cmd.args.encrypt.given_iv = &enc_iv;
|
||
result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : FastApp_Transact(Cmd_Encrypt)\n", result );
|
||
}
|
||
result = reply.status;
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : reply.status(Cmd_Encrypt)\n", result );
|
||
}
|
||
enc_output.len = reply.reply.encrypt.cipher.data.generic128.cipher.len;
|
||
if ( enc_output.len != DATA_LEN )
|
||
{
|
||
printf( "error : output data size isn't %d bytes(Cmd_Encrypt)\n", (int)enc_output.len );
|
||
}
|
||
enc_output.ptr = (unsigned char*)malloc( enc_output.len );
|
||
memcpy( enc_output.ptr,
|
||
reply.reply.encrypt.cipher.data.generic128.cipher.ptr,
|
||
enc_output.len );
|
||
|
||
printf( "encrypt ok\n" );
|
||
|
||
dec_input.len = enc_output.len;
|
||
dec_input.ptr = (unsigned char*)malloc( dec_input.len );
|
||
memcpy( dec_input.ptr, enc_output.ptr, DATA_LEN );
|
||
|
||
NFastApp_Free_Reply( handle, NULL, NULL, &reply );
|
||
|
||
// decrypt : my ver
|
||
cmd.cmd = Cmd_Decrypt;
|
||
cmd.args.decrypt.flags = 0;
|
||
cmd.args.decrypt.key = keyid;
|
||
cmd.args.decrypt.mech = Mech_RSApPKCS1;
|
||
cmd.args.decrypt.cipher.mech = Mech_RSApPKCS1;
|
||
cmd.args.decrypt.cipher.data.generic128.cipher = dec_input;
|
||
cmd.args.decrypt.cipher.iv = dec_iv.iv;
|
||
cmd.args.decrypt.reply_type = PlainTextType_Bytes;
|
||
result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : FastApp_Transact(Cmd_Decrypt)\n", result );
|
||
}
|
||
result = reply.status;
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : reply.status(Cmd_Decrypt)\n", result );
|
||
}
|
||
dec_output.len = reply.reply.decrypt.plain.data.bytes.data.len;
|
||
if ( dec_output.len != DATA_LEN )
|
||
{
|
||
printf( "error : output size isn't %d bytes(Cmd_Decrypt)\n", (int)enc_output.len );
|
||
}
|
||
dec_output.ptr = (unsigned char*)malloc( dec_output.len );
|
||
memcpy( dec_output.ptr,
|
||
reply.reply.decrypt.plain.data.bytes.data.ptr,
|
||
dec_output.len );
|
||
|
||
printf( "decrypt ok\n" );
|
||
|
||
NFastApp_Free_Reply( handle, NULL, NULL, &reply );
|
||
|
||
// key destroy
|
||
memset( &cmd, 0, sizeof( cmd ) ); // fail if NFastApp_Free_Command
|
||
cmd.cmd = Cmd_Destroy;
|
||
cmd.args.destroy.key = keyid;
|
||
result = NFastApp_Transact( nc, NULL, &cmd, &reply, NULL );
|
||
if ( result != Status_OK )
|
||
{
|
||
printf( "error(%d) : NFastApp_Transact(Cmd_Destroy)\n", result );
|
||
}
|
||
NFastApp_Free_Reply( handle, NULL, NULL, &reply );
|
||
|
||
// data show
|
||
printf( "enc_input : (%d bytes)", (int)enc_input.len );
|
||
for ( i = 0; i < enc_input.len; i++ )
|
||
{
|
||
if ( i % 16 == 0 )
|
||
printf( "\n" );
|
||
printf( "%02X ", enc_input.ptr[i] );
|
||
}
|
||
printf( "\n" );
|
||
|
||
printf( "\nenc_output : (%d bytes)", (int)enc_output.len );
|
||
for ( i = 0; i < enc_output.len; i++ )
|
||
{
|
||
if ( i % 16 == 0 )
|
||
printf( "\n" );
|
||
printf( "%02X ", enc_output.ptr[i] );
|
||
}
|
||
printf( "\n" );
|
||
|
||
printf( "\ndec_output : (%d bytes)", (int)dec_output.len );
|
||
for ( i = 0; i < dec_output.len; i++ )
|
||
{
|
||
if ( i % 16 == 0 )
|
||
printf( "\n" );
|
||
printf( "%02X ", dec_output.ptr[i] );
|
||
}
|
||
printf( "\n" );
|
||
} // encrypt & decrypt
|
||
|
||
// end processing
|
||
RQCard_fips_free( &card, &fips );
|
||
RQCard_destroy( &card );
|
||
NFKM_freekey( handle, keyinfo, NULL );
|
||
NFKM_freeinfo( handle, &world, NULL );
|
||
NFastApp_Disconnect( nc, NULL );
|
||
NFastApp_Finish( handle, NULL );
|
||
#endif
|
||
return 0;
|
||
|
||
} // main
|