Loading...
Select Version
&pagelevel(3)&pagelevel
The following CRYPT functions are used in the sample program:
C_OpenSession is used to open a session between an application and a token in a specified slot.
C_GenerateKey generates a secret key.
Then C_EncryptInit is used to initialize an encryption operation and C_EncryptUpdate used to continue it.
C_EncryptFinal terminates a multiple-part encryption operation.
Then C_DecryptInit is used to initialize a decryption operation and C_DecryptUpdate used to continue it.
C_DecryptFinal terminates a multiple-part decryption operation.
The session is then closed using C_CloseSession.
Program source:
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include "pkcs11.h"
static CK_BBOOL aTrue = TRUE;
static CK_BBOOL aFalse = FALSE;
void main()
{
CK_MECHANISM MGDES1 = {CKM_DES_KEY_GEN, 0, 0};
CK_MECHANISM MCDES1E = {CKM_DES_ECB, 0, 0};
CK_ATTRIBUTE AGDES[] =
{
{CKA_EXTRACTABLE, &aTrue, sizeof(aTrue)}
,{CKA_SENSITIVE, &aFalse, sizeof(aFalse)}
,{CKA_ENCRYPT, &aTrue, sizeof(aTrue)}
,{CKA_DECRYPT, &aTrue, sizeof(aTrue)}
};
CK_ULONG NGDES = sizeof(AGDES)/12;
CK_MECHANISM_PTR mgdes1 = &MGDES1;
void *encin = 0;
void *encout = 0;
void *decout = 0;
unsigned int encinlen = 32*1024;
unsigned int encoutlen = 34*1024;
unsigned int decoutlen = 34*1024;
CK_BYTE_PTR encAktIn;
CK_BYTE_PTR encAktOut;
CK_BYTE_PTR decAktOut;
CK_ULONG encAcrylOutLen = 0;
CK_ULONG decAcrylOutLen = 0;
unsigned int i;
CK_RV rc;
CK_SESSION_HANDLE session;
CK_OBJECT_HANDLE key;
CK_ULONG inLen;
CK_ULONG outLen;
char *nextChar;
encin = calloc(encinlen, 1);
if (!encin)
{
printf("----no more memory\n");
return;
}
nextChar = (char*) encin;
for (i = 0; i < encinlen; i++)
*nextChar++ = i % 256;
encout = malloc(encoutlen);
if (!encout)
{
printf("----no more memory\n");
return;
}
decout = malloc(decoutlen);
if (!decout)
{
printf ("----no more memory\n");
return;
}
/* Opening the session */
rc = C_OpenSession(0, CKF_SERIAL_SESSION | CKF_RW_SESSION,
NULL_PTR, NULL_PTR, &session);
if (rc != CKR_OK)
{
printf("---- open session rc: %08x\n", rc);
return;
}
printf("++++ open session: ok; session: %08X\n", session);
/* Generating a secret key */
rc = C_GenerateKey(session, mgdes1, AGDES, NGDES, &key);
if (rc != CKR_OK)
{
printf("---- genkey rc: %08x\n", rc);
return;
}
printf("++++ genkey: ok; key: %08X\n", key);
/* Initializing an encryption operation */
rc = C_EncryptInit(session, &MCDES1E, key);
if (rc != CKR_OK)
{
printf("---- cryini rc: %08x\n", rc);
return;
}
printf("++++ cryini: encryptinit DES_ECB ok\n");
encAktIn = (CK_BYTE_PTR) encin;
encAktOut = (CK_BYTE_PTR) encout;
for (i = 0; i < 32; i++)
{
/* outLen = 1024; */
outLen = encoutlen - encAcrylOutLen;
/* Continuing a multiple-part encryption operation */
rc = C_EncryptUpdate(session, encAktIn, 1024, encAktOut, &outLen);
if (rc != CKR_OK)
{
printf("---- cry rc: %08x\n", rc);
return;
}
encAcrylOutLen += outLen;
encAktIn += 1024; /* next portion */
encAktOut += outLen;
} /* for (i = 0; i < 32; i++) */
outLen = encoutlen - encAcrylOutLen;
/* Terminating an encryption operation */
rc = C_EncryptFinal(session, encAktOut, &outLen);
if (rc != CKR_OK)
{
printf("---- cryfin rc: %08x\n", rc);
return;
}
encAcrylOutLen += outLen;
printf("++++ cry: encrypt DES_ECB ok\n");
/* Initializing a decryption operation */
rc = C_DecryptInit(session, &MCDES1E, key);
if (rc != CKR_OK)
{
printf("---- cryini rc: %08x\n", rc);
return;
}
printf("++++ cryini: decryptinit DES_ECB ok\n");
encAktOut = (CK_BYTE_PTR) encout;
decAktOut = (CK_BYTE_PTR) decout;
inLen = encAcrylOutLen >= 1024 ? 1024 : encAcrylOutLen;
while (inLen > 0)
{
/* outLen = 1024; */
outLen = decoutlen - decAcrylOutLen;
/* Continuing a multiple-part decryption operation */
rc = C_DecryptUpdate(session, encAktOut, inLen,
decAktOut, &outLen);
if (rc != CKR_OK)
{
printf("---- cry rc: %08x\n", rc);
return;
}
encAcrylOutLen -= inLen;
if (encAcrylOutLen < 1024)
inLen = encAcrylOutLen;
decAcrylOutLen += outLen;
encAktOut += 1024; /* next portion */
decAktOut += outLen;
} /* while (encAcrylOutLen > 0) */
outLen = decoutlen - decAcrylOutLen;
/* Terminating a decryption operation */
rc = C_DecryptFinal(session, decAktOut, &outLen);
decAcrylOutLen += outLen;
printf("++++ cry: decrypt DES_ECB ok\n");
if (decAcrylOutLen == encinlen)
{
printf("++++ length ok \n");
}
else
{
printf("---- enc/dec: length diff %d %d\n", encinlen,
decAcrylOutLen);
return;
}
if (memcmp(encin, decout, decAcrylOutLen) == 0)
{
printf("++++ output ok \n");
}
else
{
printf("---- enc/dec: diff \n");
return;
}
/* Sitzung schließen */
rc = C_CloseSession(session);
if (rc != CKR_OK)
{
printf("---- close session rc: %08x\n", rc);
return;
}
printf ("++++ close session: ok\n");
}
Schematic compiler invocation:
/START-CPLUS-COMPILER //MODIFY-SOURCE-PROPERTIES - // LANG=*C(MODE=*ANSI) //MODIFY-INCLUDE-LIBRARIES - // STD-INCLUDE-LIBRARY=*USER-INCLUDE-LIBRARY, - // USER-INCLUDE-LIBRARY=( - // $.SYSLIB.CRYPT.nnn .... //...
Schematic BINDER invocation:
/START-BINDER ... //INCLUDE-MODULES ELEMENT= //INCLUDE-MODULES ELEMENT=CRYADAP,LIB=$.SYSLIB.CRYPT.nnn //RESOLVE-BY-AUTOLINK LIBRARY=... //... //SAVE-LLM LIB=... //END