update

crypto/ec/ec_pmeth.c

@@ -499,6 +499,9 @@ static int pkey_ec_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen
 {
 	EC_KEY *ec_key = ctx->pkey->pkey.ec;
 	ECIES_PARAMS *param = ECIES_get_parameters(ec_key);
+
+	fprintf(stderr, "%s %s %d\n", __FUNCTION__, __FILE__, __LINE__);
+
 	return ECIES_encrypt(out, outlen, param, in, inlen, ec_key);
 }
 
@@ -507,6 +510,7 @@ static int pkey_ec_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen
 {
 	EC_KEY *ec_key = ctx->pkey->pkey.ec;
 	ECIES_PARAMS *param = ECIES_get_parameters(ec_key);
+	fprintf(stderr, "%s %s %d\n", __FUNCTION__, __FILE__, __LINE__);
 	return ECIES_decrypt(out, outlen, param, in, inlen, ec_key);
 }
 #endif

crypto/ecies/ecies_lib.c

@@ -62,17 +62,41 @@
 
 
 static void *ecies_data_dup(void *data) {
-	return data;
+	ECIES_PARAMS *ret = NULL;
+	ECIES_PARAMS *param = (ECIES_PARAMS *)data;
+
+	OPENSSL_assert(data);
+
+	if (!(ret = OPENSSL_malloc(sizeof(ECIES_PARAMS)))) {
+		return NULL;
+	}
+
+	ret->kdf_md = param->kdf_md;
+	ret->sym_cipher = param->sym_cipher;
+	ret->mac_md = param->mac_md;
+
+	return ret;
 }
 
 static void ecies_data_free(void *data) {
+	OPENSSL_free(data);
 	return;
 }
 
 int ECIES_set_parameters(EC_KEY *ec_key, const ECIES_PARAMS *param)
 {
-	if (!EC_KEY_insert_key_method_data(ec_key, param,
+	ECIES_PARAMS *data = NULL;
+	OPENSSL_assert(ec_key);
+	OPENSSL_assert(param);
+
+	data = ecies_data_dup(param);
+
+
+	if (!EC_KEY_insert_key_method_data(ec_key, data,
 		ecies_data_dup, ecies_data_free, ecies_data_free)) {
+
+		printf("EC_KEY_insert_key_method_data() error\n");
+
 		return 0;
 	}
 	return 1;

crypto/evp/pmeth_lib.c

@@ -89,7 +89,7 @@ static const EVP_PKEY_METHOD *standard_methods[] = {
 #endif
 #ifndef OPENSSL_NO_EC
     &ec_pkey_meth,
-    &sm2_pkey_meth,
+    //&sm2_pkey_meth,
 #endif
     &hmac_pkey_meth,
     &cmac_pkey_meth,

crypto/sm2/sm2.h

@@ -103,11 +103,13 @@ int SM2_do_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
 	const SM2_CIPHERTEXT_VALUE *cv, unsigned char *out, size_t *outlen,
 	EC_KEY *ec_key);
 int SM2_encrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
-	point_conversion_form_t point_form, unsigned char *out, size_t *outlen,
-	const unsigned char *in, size_t inlen, EC_KEY *ec_key);
+	point_conversion_form_t point_form,
+	const unsigned char *in, size_t inlen,
+	unsigned char *out, size_t *outlen, EC_KEY *ec_key);
 int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
-	point_conversion_form_t point_form, const unsigned char *in,
-	size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key);
+	point_conversion_form_t point_form,
+	const unsigned char *in, size_t inlen,
+	unsigned char *out, size_t *outlen, EC_KEY *ec_key);
 
 
 #define SM2_signature_size(ec_key)	ECDSA_size(ec_key)

crypto/sm2/sm2_enc.c

@@ -73,11 +73,15 @@ int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *ec_group,
 	if (!point || !bn_ctx) {
 		goto end;
 	}
-	
+
+#if 0	
+	//FIXME: len will be 1 !!!
 	if (!(len = EC_POINT_point2oct(ec_group, point, point_form,
 		NULL, 0, bn_ctx))) {
 		goto end;
 	}
+#endif
+	len = 1 + 2 * ((EC_GROUP_get_degree(ec_group) + 7)/8);
 	len += mlen + EVP_MD_size(mac_md);
 
 	ret = len;
@@ -144,33 +148,44 @@ SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group,
 {
 	int ok = 0;
 	SM2_CIPHERTEXT_VALUE *ret = NULL;
-	BN_CTX *bn_ctx = NULL;
-	int len = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md);
-	int ptlen = len - EVP_MD_size(mac_md);
+	BN_CTX *bn_ctx = BN_CTX_new();
+	int ptlen;
+	int fixlen;
 
-	if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md))) {
+	if (!bn_ctx) {
+		return NULL;
+	}
+
+	if (!(fixlen = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md))) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
-	if (buflen <= len) {
+
+	if (buflen <= fixlen) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 
 	if (!(ret = OPENSSL_malloc(sizeof(SM2_CIPHERTEXT_VALUE)))) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 
 	ret->ephem_point = EC_POINT_new(ec_group);
-	ret->ciphertext_size = buflen - len;
+	ret->ciphertext_size = buflen - fixlen;
 	ret->ciphertext = OPENSSL_malloc(ret->ciphertext_size);
 	if (!ret->ephem_point || !ret->ciphertext) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
-	if (!(bn_ctx = BN_CTX_new())) {
-		goto end;
-	}
-	if (!EC_POINT_oct2point(ec_group, ret->ephem_point, buf, len, bn_ctx)) {
+
+	ptlen = fixlen - EVP_MD_size(mac_md);
+	if (!EC_POINT_oct2point(ec_group, ret->ephem_point, buf, ptlen, bn_ctx)) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
+		ERR_print_errors_fp(stdout);
 		goto end;
 	}
+
 	memcpy(ret->ciphertext, buf + ptlen, ret->ciphertext_size);
 	ret->mactag_size = EVP_MD_size(mac_md);
 	memcpy(ret->mactag, buf + buflen - ret->mactag_size, ret->mactag_size);
@@ -225,8 +240,9 @@ end:
 }
 
 int SM2_encrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
-	point_conversion_form_t point_form, unsigned char *out, size_t *outlen,
-	const unsigned char *in, size_t inlen, EC_KEY *ec_key)
+	point_conversion_form_t point_form,
+	const unsigned char *in, size_t inlen,
+	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
 {
 	int ret = 0;
 	const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key);
@@ -411,8 +427,9 @@ end:
 }
 
 int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
-	point_conversion_form_t point_form, const unsigned char *in,
-	size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key)
+	point_conversion_form_t point_form,
+	const unsigned char *in, size_t inlen,
+	unsigned char *out, size_t *outlen, EC_KEY *ec_key)
 {
 	int ret = 0;
 	const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key);
@@ -420,9 +437,11 @@ int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
 	int len;
 
 	if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md))) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 	if (inlen <= len) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 
@@ -430,13 +449,16 @@ int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md,
 		*outlen = inlen - len;
 		return 1;
 	} else if (*outlen < inlen - len) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		return 0;
 	}
 
 	if (!(cv = SM2_CIPHERTEXT_VALUE_decode(ec_group, point_form, mac_md, in, inlen))) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 	if (!SM2_do_decrypt(kdf_md, mac_md, cv, out, outlen, ec_key)) {
+		fprintf(stderr, "%s %d\n", __FILE__, __LINE__);
 		goto end;
 	}
 

crypto/sm2/sm2test.c

@@ -1,5 +1,10 @@
+/*
+ * cc -Wall -I ../../include/ sm2test.c ../../libcrypto.a 
+ */
+
 #include <stdio.h>
 #include <string.h>
+#include <strings.h>
 #include <openssl/sm2.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
@@ -45,30 +50,45 @@ static int test_sm2_enc(void)
 	SM2_CIPHERTEXT_VALUE *cv = NULL;
 	unsigned char ctbuf[512];
 	unsigned char ptbuf[512];	
-	size_t len;
-	
+	size_t len, len2;
+	BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);	
 
 	ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1);
 	OPENSSL_assert(ec_key);
 	rv = EC_KEY_generate_key(ec_key);
 	OPENSSL_assert(rv == 1);
 
-	cv = SM2_do_encrypt(EVP_sm3(), EVP_sm3(), msg, (size_t)strlen(msg), ec_key);
+	cv = SM2_do_encrypt(EVP_sm3(), EVP_sm3(), (unsigned char *)msg, (size_t)strlen(msg), ec_key);
 	OPENSSL_assert(cv);
+	SM2_CIPHERTEXT_VALUE_print(bio, EC_KEY_get0_group(ec_key), cv, 0, 0);
 
-	{
-		BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);
-		SM2_CIPHERTEXT_VALUE_print(bio, EC_KEY_get0_group(ec_key), cv, 0, 0);	
-	}
-	
+	bzero(ptbuf, sizeof(ptbuf));	
 	len = sizeof(ptbuf);
 	rv = SM2_do_decrypt(EVP_sm3(), EVP_sm3(), cv, ptbuf, &len, ec_key);
 	OPENSSL_assert(rv == 1);
 
+	len = sizeof(ctbuf);
+	rv = SM2_encrypt(EVP_sm3(), EVP_sm3(),
+		SM2_DEFAULT_POINT_CONVERSION_FORM,
+		(unsigned char *)msg, (size_t)strlen(msg), ctbuf, &len, ec_key);
+	OPENSSL_assert(rv == 1);
+
+	bzero(ptbuf, sizeof(ptbuf));
+	len2 = sizeof(ptbuf);
+	rv = SM2_decrypt(EVP_sm3(), EVP_sm3(),
+		SM2_DEFAULT_POINT_CONVERSION_FORM,
+		ctbuf, len, ptbuf, &len2, ec_key);
+	OPENSSL_assert(rv == 1);
+
+	/*
+	printf("original  plaintext: %s\n", msg);
+	printf("decrypted plaintext: %s\n", ptbuf);
+	*/
 	printf("%s() success\n", __FUNCTION__);
 	return 0;
 }
 
+
 int main(int argc, char **argv)
 {
 	test_sm2_sign();

engines/skf/e_skf.c

@@ -0,0 +1,132 @@
+#include <stdio.h>
+
+
+
+#define SKF_ENGINE_ID	"skf"
+#define SKF_ENGINE_NAME	"skf engine"
+
+
+
+static int skf_init(ENGINE *e)
+{
+	ULONG rv;
+
+	rv = SKF_EnumDev(TRUE, szNameList, &ulSize);
+	rv = SKF_ConnectDev(szName, &hDev);
+	rv = SKF_DevAuth(hDev, pbAuthData, ulLen);
+	rv = SKF_EnumApplication(hDev, szAppName, &ulSize);
+	rv = SKF_OpenApplication(hDev, szAppName, &hApp);
+
+	rv = SKF_SetSymmKey(hDev, pbKey, ulAlgID, &hKey);
+	
+	rv = SKF_EncryptInit(hKey, encParam);
+}
+
+
+
+static int skf_finish(ENGINE *e)
+{
+	
+}
+
+void ENGINE_load_skf(void)
+{
+}
+
+static ENGINE *ENGINE_skf(void)
+{
+	ENGINE *eng = ENGINE_new();
+
+	if (!eng) {
+		return NULL;
+	}
+
+	if (!skf_bind_helper(eng)) {
+		ENGINE_free(eng);
+		return NULL;
+	}
+
+	return eng;
+}
+
+static int skf_bind_helper(ENGINE *e)
+{
+	if (!ENGINE_set_id(e, SKF_ENGINE_ID) ||
+	    !ENGINE_set_name(e, SKF_ENGINE_NAME) ||
+	    !ENGINE_set_init_function(e, skf_init) ||
+	    !ENGINE_set_ciphers(e, skf_ciphers) ||
+	    !ENGINE_set_RSA(e, SKF_get_rsa_method()) ||
+	    !ENGINE_set_SM2(e, SKF_get_sm2_method()) ||
+	    !ENGINE_set_RAND(e, skf_rand)) {
+		return 0;
+	}
+
+	return 1;
+}
+
+
+static int skf_cipher_nids[] = {
+	NID_ssf33_ecb,
+	NID_ssf33_cbc,
+	NID_ssf33_cfb,
+	NID_ssf33_ofb,
+	NID_sm1_ecb,
+	NID_sm1_cbc,
+	NID_sm1_cfb,
+	NID_sm1_ofb,
+	NID_sm4_ecb,
+	NID_sm4_cbc,
+	NID_sm4_cfb,
+	NID_sm4_ofb,
+};
+
+static int skf_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+	const int **nids, int nid)
+{
+	if (!cipher) {
+		*nid = skf_cipher_nids;
+		return skf_num_cipher_nids;	
+	}
+
+	switch (nid) {
+	case NID_ssf33_ecb:
+		*cipher = &skf_ssf33_ecb;
+		break;
+	default:
+		*cipher = NULL;
+		return 0;
+	}
+
+	return 1;
+}
+
+
+static RAND_METHOD skf_rand = {
+	NULL,		/* seed */
+	skf_rand_bytes,	/* bytes */
+	NULL,		/* cleanup */
+	NULL,		/* add */
+	skf_rand_bytes,	/* pseudorand */
+	NULL,		/* rand status */
+};
+
+
+
+static int bind_fn(ENGINE *e, const char *id)
+{
+	if (id && (strcmp(id, SKF_ENGINE_ID) != 0)) {
+		fprintf(stderr, "bad engine id\n");
+		return 0;
+	}
+	if (!bind_helper(e)) {
+		return 0;
+	}
+
+	return 1;
+}
+
+
+
+IMPLEMENT_DYNAMIC_CHECK_FN();
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn);
+

engines/skf/skf.h

@@ -0,0 +1,556 @@
+#ifndef HEADER_SKF_H
+#define HEADER_SKF_H
+
+#include "smapi_err.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/* Algorithms */
+#define SGD_SM1_ECB		0x00000101
+#define SGD_SM1_CBC		0x00000102
+#define SGD_SM1_CFB		0x00000104
+#define SGD_SM1_OFB		0x00000108
+#define SGD_SM1_MAC		0x00000110
+#define SGD_SSF33_ECB		0x00000201
+#define SGD_SSF33_CBC		0x00000202
+#define SGD_SSF33_CFB		0x00000204
+#define SGD_SSF33_OFB		0x00000208
+#define SGD_SSF33_MAC		0x00000210
+#define SGD_SM4_ECB		0x00000401
+#define SGD_SM4_CBC		0x00000402
+#define SGD_SM4_CFB		0x00000404
+#define SGD_SM4_OFB		0x00000408
+#define SGD_SM4_MAC		0x00000410
+#define SGD_RSA			0x00010000
+#define SGD_SM2_1		0x00020100
+#define SGD_SM2_2		0x00020200
+#define SGD_SM2_3		0x00020400
+#define SGD_SM3			0x00000001
+#define SGD_SHA1		0x00000002
+#define SGD_SHA256		0x00000004
+
+
+#ifndef WIN32
+typedef signed char		INT8;
+typedef signed short		INT16;
+typedef signed int		INT32;
+typedef unsigned char		UINT8;
+typedef unsigned short		UINT16;
+typedef unsigned int		UINT32;
+typedef long			BOOL;
+typedef UINT8			BYTE;
+typedef UINT8			CHAR;
+typedef INT16			SHORT;
+typedef UINT16			USHORT;
+typedef INT32			LONG;
+typedef UINT32			ULONG;
+typedef UINT32			UINT;
+typedef UINT16			WORD;
+typedef UINT32			DWORD;
+typedef UINT32			FLAGS;
+typedef CHAR *			LPSTR;
+typedef void *			HANDLE;
+#endif
+
+typedef HANDLE DEVHANDLE;
+typedef HANDLE HAPPLICATION;
+typedef HANDLE HSESSION;
+typedef HANDLE HCONTAINER;
+
+
+#ifndef FALSE
+#define FALSE			0x00000000
+#endif
+
+#ifndef TRUE
+#define TRUE			0x00000001
+#endif
+
+#ifdef WIN32
+  #define DEVAPI __stdcall
+#else
+  #define DEVAPI
+#endif
+
+#ifndef ADMIN_TYPE 
+	#define ADMIN_TYPE		0
+#endif
+
+#ifndef USER_TYPE
+#define USER_TYPE						1
+#endif
+
+#define MAX_RSA_MODULUS_LEN		256
+#define MAX_RSA_EXPONENT_LEN		4
+#define ECC_MAX_XCOORDINATE_BITS_LEN	512
+#define ECC_MAX_YCOORDINATE_BITS_LEN	512
+#define ECC_MAX_MODULUS_BITS_LEN	512
+
+#define MAX_IV_LEN			32
+
+#define MAX_FILE_NAME_SIZE		32
+#define MAX_FILE_CONTAINER_NAME_SIZE	64
+
+#define SECURE_NEVER_ACCOUNT		0x00000000
+#define SECURE_ADM_ACCOUNT		0x00000001
+#define SECURE_USER_ACCOUNT		0x00000010
+#define SECURE_ANYONE_ACCOUNT		0x000000FF
+
+#define DEV_ABSENT_STATE		0x00000000
+#define DEV_PRESENT_STATE		0x00000001
+#define DEV_UNKNOW_STATE		0x00000010
+
+	
+typedef struct Struct_Version{
+	BYTE major;
+	BYTE minor;
+}VERSION;
+
+typedef struct Struct_DEVINFO {
+	VERSION	Version;
+	CHAR	Manufacturer[64];
+	CHAR	Issuer[64];
+	CHAR	Label[32];
+	CHAR	SerialNumber[32];
+	VERSION	HWVersion;
+	VERSION	FirmwareVersion;
+	ULONG	AlgSymCap;
+	ULONG	AlgAsymCap;
+	ULONG	AlgHashCap;
+	ULONG	DevAuthAlgId;
+	ULONG	TotalSpace;
+	ULONG	FreeSpace;
+	ULONG	MaxECCBufferSize;
+	ULONG	MaxBufferSize;
+	BYTE  	Reserved[64];
+} DEVINFO, *PDEVINFO;
+
+typedef struct Struct_RSAPUBLICKEYBLOB {
+	ULONG	AlgID;
+	ULONG	BitLen;
+	BYTE	Modulus[MAX_RSA_MODULUS_LEN];
+	BYTE	PublicExponent[MAX_RSA_EXPONENT_LEN];
+} RSAPUBLICKEYBLOB, *PRSAPUBLICKEYBLOB;
+
+typedef struct Struct_RSAPRIVATEKEYBLOB{
+	ULONG	AlgID;
+	ULONG	BitLen;
+	BYTE	Modulus[MAX_RSA_MODULUS_LEN];
+	BYTE	PublicExponent[MAX_RSA_EXPONENT_LEN];
+	BYTE	PrivateExponent[MAX_RSA_MODULUS_LEN];
+	BYTE	Prime1[MAX_RSA_MODULUS_LEN/2];
+	BYTE	Prime2[MAX_RSA_MODULUS_LEN/2];
+	BYTE	Prime1Exponent[MAX_RSA_MODULUS_LEN/2];
+	BYTE	Prime2Exponent[MAX_RSA_MODULUS_LEN/2];
+	BYTE	Coefficient[MAX_RSA_MODULUS_LEN/2];
+}RSAPRIVATEKEYBLOB, *PRSAPRIVATEKEYBLOB;
+
+typedef struct Struct_ECCPUBLICKEYBLOB{
+	ULONG	BitLen;
+	BYTE	XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8];
+	BYTE	YCoordinate[ECC_MAX_YCOORDINATE_BITS_LEN/8];
+}ECCPUBLICKEYBLOB, *PECCPUBLICKEYBLOB;
+
+typedef struct Struct_ECCPRIVATEKEYBLOB{
+	ULONG	BitLen;
+	BYTE	PrivateKey[ECC_MAX_MODULUS_BITS_LEN/8];
+}ECCPRIVATEKEYBLOB, *PECCPRIVATEKEYBLOB;
+
+typedef struct Struct_ECCCIPHERBLOB{
+	BYTE	XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8];
+	BYTE	YCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8];
+	BYTE	HASH[32];
+	ULONG	CipherLen;
+	BYTE	Cipher[1];
+} ECCCIPHERBLOB, *PECCCIPHERBLOB;
+
+typedef struct Struct_ECCSIGNATUREBLOB{
+	BYTE	r[ECC_MAX_XCOORDINATE_BITS_LEN/8];
+	BYTE	s[ECC_MAX_XCOORDINATE_BITS_LEN/8];
+} ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB;
+
+typedef struct Struct_BLOCKCIPHERPARAM{
+	BYTE	IV[MAX_IV_LEN];
+	ULONG	IVLen;
+	ULONG	PaddingType;
+	ULONG	FeedBitLen;
+} BLOCKCIPHERPARAM, *PBLOCKCIPHERPARAM;
+
+typedef struct SKF_ENVELOPEDKEYBLOB{
+	ULONG	Version;
+	ULONG	ulSymmAlgID;
+	ULONG	ulBits;
+	BYTE	cbEncryptedPriKey[64];
+	ECCPUBLICKEYBLOB	PubKey;
+	ECCCIPHERBLOB		ECCCipherBlob;
+}ENVELOPEDKEYBLOB, *PENVELOPEDKEYBLOB;
+
+typedef struct Struct_FILEATTRIBUTE{
+	CHAR	FileName[MAX_FILE_NAME_SIZE];
+	ULONG	FileSize;
+	ULONG	ReadRights;
+	ULONG	WriteRights;
+} FILEATTRIBUTE, *PFILEATTRIBUTE;
+
+	
+ULONG DEVAPI SKF_WaitForDevEvent(LPSTR szDevName,
+	ULONG *pulDevNameLen,
+	ULONG *pulEvent);
+ULONG DEVAPI SKF_CancelWaitForDevEvent();
+ULONG DEVAPI SKF_EnumDev(BOOL bPresent,
+	LPSTR szNameList,
+	ULONG *pulSize);
+ULONG DEVAPI SKF_ConnectDev(LPSTR szName,
+	DEVHANDLE *phDev);
+ULONG DEVAPI SKF_DisConnectDev(DEVHANDLE hDev);
+ULONG DEVAPI SKF_GetDevState(LPSTR szDevName,
+	ULONG *pulDevState);
+ULONG DEVAPI SKF_SetLabel(DEVHANDLE hDev,
+	LPSTR szLabel);
+ULONG DEVAPI SKF_GetDevInfo(DEVHANDLE hDev,
+	DEVINFO *pDevInfo);
+ULONG DEVAPI SKF_LockDev(DEVHANDLE hDev,
+	ULONG ulTimeOut);
+ULONG DEVAPI SKF_UnlockDev(DEVHANDLE hDev);
+ULONG DEVAPI SKF_Transmit(DEVHANDLE hDev,
+	BYTE* pbCommand,
+	ULONG ulCommandLen,
+	BYTE* pbData,
+	ULONG* pulDataLen);
+ULONG DEVAPI SKF_ChangeDevAuthKey(DEVHANDLE hDev,
+	BYTE *pbKeyValue,
+	ULONG ulKeyLen);
+ULONG DEVAPI SKF_DevAuth(DEVHANDLE hDev,
+	BYTE *pbAuthData,
+	ULONG ulLen);
+ULONG DEVAPI SKF_ChangePIN(HAPPLICATION hApplication,
+	ULONG ulPINType,
+	LPSTR szOldPin, 
+	LPSTR szNewPin, 
+	ULONG *pulRetryCount);
+LONG DEVAPI SKF_GetPINInfo(HAPPLICATION hApplication,
+	ULONG ulPINType,
+	ULONG *pulMaxRetryCount, 
+	ULONG *pulRemainRetryCount, 
+	BOOL *pbDefaultPin);
+ULONG DEVAPI SKF_VerifyPIN(HAPPLICATION hApplication,
+	ULONG ulPINType,
+	LPSTR szPIN, 
+	ULONG *pulRetryCount);
+ULONG DEVAPI SKF_UnblockPIN(HAPPLICATION hApplication,
+	LPSTR szAdminPIN,
+	LPSTR szNewUserPIN,  
+	ULONG *pulRetryCount);
+ULONG DEVAPI SKF_ClearSecureState(HAPPLICATION hApplication);
+
+ULONG DEVAPI SKF_CreateApplication(DEVHANDLE hDev,
+	LPSTR szAppName,
+	LPSTR szAdminPin, 
+	DWORD dwAdminPinRetryCount,
+	LPSTR szUserPin, 
+	DWORD dwUserPinRetryCount,
+	DWORD dwCreateFileRights, 
+	HAPPLICATION *phApplication);
+ULONG DEVAPI SKF_EnumApplication(DEVHANDLE hDev,
+	LPSTR szAppName,
+	ULONG *pulSize);
+ULONG DEVAPI SKF_DeleteApplication(DEVHANDLE hDev, 
+	LPSTR szAppName);
+ULONG DEVAPI SKF_OpenApplication(DEVHANDLE hDev, 
+	LPSTR szAppName,
+	HAPPLICATION *phApplication);
+ULONG DEVAPI SKF_CloseApplication(HAPPLICATION hApplication);
+
+ULONG DEVAPI SKF_CreateFile(HAPPLICATION hApplication,
+	LPSTR szFileName,
+	ULONG ulFileSize, 
+	ULONG ulReadRights,
+	ULONG ulWriteRights);
+ULONG DEVAPI SKF_DeleteFile(HAPPLICATION hApplication,
+	LPSTR szFileName);
+ULONG DEVAPI SKF_EnumFiles(HAPPLICATION hApplication, 
+	LPSTR szFileList,
+	ULONG *pulSize);
+ULONG DEVAPI SKF_GetFileInfo(HAPPLICATION hApplication,
+	LPSTR szFileName,
+	FILEATTRIBUTE *pFileInfo);
+ULONG DEVAPI SKF_ReadFile(HAPPLICATION hApplication,
+	LPSTR szFileName,
+	ULONG ulOffset, 
+	ULONG ulSize, 
+	BYTE * pbOutData, 
+	ULONG *pulOutLen);
+ULONG DEVAPI SKF_WriteFile(HAPPLICATION hApplication, 
+	LPSTR szFileName,
+	ULONG  ulOffset, 
+	BYTE *pbData,
+	ULONG ulSize);
+
+ULONG DEVAPI SKF_CreateContainer(HAPPLICATION hApplication,
+	LPSTR szContainerName,
+	HCONTAINER *phContainer);
+ULONG DEVAPI SKF_DeleteContainer(HAPPLICATION hApplication, 
+	LPSTR szContainerName);
+ULONG DEVAPI SKF_EnumContainer(HAPPLICATION hApplication,
+	LPSTR szContainerName,
+	ULONG *pulSize);
+ULONG DEVAPI SKF_OpenContainer(HAPPLICATION hApplication,
+	LPSTR szContainerName,
+	HCONTAINER *phContainer);
+ULONG DEVAPI SKF_CloseContainer(HCONTAINER hContainer);
+ULONG DEVAPI SKF_GetContainerType(HCONTAINER hContainer,
+	ULONG *pulContainerType);
+ULONG DEVAPI SKF_ImportCertificate(HCONTAINER hContainer, 
+	BOOL bSignFlag,
+	BYTE* pbCert,
+	ULONG ulCertLen);
+ULONG DEVAPI SKF_ExportCertificate(HCONTAINER hContainer,
+	BOOL bSignFlag,
+	BYTE* pbCert,
+	ULONG *pulCertLen);
+
+ULONG DEVAPI SKF_GenRandom(DEVHANDLE hDev,
+	BYTE *pbRandom,
+	ULONG ulRandomLen);
+ULONG DEVAPI SKF_GenExtRSAKey(DEVHANDLE hDev, 
+	ULONG ulBitsLen,
+	RSAPRIVATEKEYBLOB *pBlob);
+ULONG DEVAPI SKF_GenRSAKeyPair(HCONTAINER hContainer, 
+	ULONG ulBitsLen,
+	RSAPUBLICKEYBLOB *pBlob);
+ULONG DEVAPI SKF_ImportRSAKeyPair(HCONTAINER hContainer, 
+	ULONG ulSymAlgId,
+	BYTE *pbWrappedKey, 
+	ULONG ulWrappedKeyLen,
+	BYTE *pbEncryptedData, 
+	ULONG ulEncryptedDataLen);
+ULONG DEVAPI SKF_RSASignData(HCONTAINER hContainer, 
+	BYTE *pbData,
+	ULONG  ulDataLen, 
+	BYTE *pbSignature, 
+	ULONG *pulSignLen);
+ULONG DEVAPI SKF_RSAVerify(DEVHANDLE hDev, 
+	RSAPUBLICKEYBLOB* pRSAPubKeyBlob,
+	BYTE *pbData, 
+	ULONG  ulDataLen, 
+	BYTE *pbSignature, 
+	ULONG ulSignLen);
+ULONG DEVAPI SKF_RSAExportSessionKey(HCONTAINER hContainer, 
+	ULONG ulAlgId,
+	RSAPUBLICKEYBLOB *pPubKey, 
+	BYTE *pbData, 
+	ULONG  *pulDataLen, 
+	HANDLE *phSessionKey);
+ULONG DEVAPI SKF_ExtRSAPubKeyOperation(DEVHANDLE hDev, 
+	RSAPUBLICKEYBLOB* pRSAPubKeyBlob,
+	BYTE* pbInput, 
+	ULONG ulInputLen, 
+	BYTE* pbOutput, 
+	ULONG* pulOutputLen);
+ULONG DEVAPI SKF_ExtRSAPriKeyOperation(DEVHANDLE hDev,
+	RSAPRIVATEKEYBLOB* pRSAPriKeyBlob,
+	BYTE* pbInput,
+	ULONG ulInputLen,
+	BYTE* pbOutput,
+	ULONG* pulOutputLen);
+ULONG DEVAPI SKF_GenECCKeyPair(HCONTAINER hContainer,
+	ULONG ulAlgId,
+	ECCPUBLICKEYBLOB *pBlob);
+ULONG DEVAPI SKF_ImportECCKeyPair(HCONTAINER hContainer,
+	PENVELOPEDKEYBLOB pEnvelopedKeyBlob);
+ULONG DEVAPI SKF_ECCSignData(HCONTAINER hContainer,
+	BYTE *pbData,
+	ULONG  ulDataLen, 
+	PECCSIGNATUREBLOB pSignature);
+
+ULONG DEVAPI SKF_ECCVerify(DEVHANDLE hDev,
+	ECCPUBLICKEYBLOB* pECCPubKeyBlob,
+	BYTE *pbData, 
+	ULONG  ulDataLen, 
+	PECCSIGNATUREBLOB pSignature);
+ULONG DEVAPI SKF_ECCExportSessionKey(HCONTAINER hContainer, 
+	ULONG ulAlgId,
+	ECCPUBLICKEYBLOB *pPubKey, 
+	PECCCIPHERBLOB pData, 
+	HANDLE *phSessionKey);
+ULONG DEVAPI SKF_ExtECCEncrypt(DEVHANDLE hDev, 
+	ECCPUBLICKEYBLOB*  pECCPubKeyBlob,
+	BYTE* pbPlainText, 
+	ULONG ulPlainTextLen, 
+	PECCCIPHERBLOB pCipherText);
+ULONG DEVAPI SKF_ExtECCDecrypt(DEVHANDLE hDev,
+	ECCPRIVATEKEYBLOB*  pECCPriKeyBlob,
+	PECCCIPHERBLOB pCipherText, 
+	BYTE* pbPlainText, 
+	ULONG* pulPlainTextLen);
+ULONG DEVAPI SKF_ExtECCSign(DEVHANDLE hDev, 
+	ECCPRIVATEKEYBLOB* pECCPriKeyBlob,
+	BYTE* pbData, 
+	ULONG ulDataLen, 
+	PECCSIGNATUREBLOB pSignature);
+ULONG DEVAPI SKF_ExtECCVerify(DEVHANDLE hDev, 
+	ECCPUBLICKEYBLOB* pECCPubKeyBlob,
+	BYTE* pbData, 
+	ULONG ulDataLen, 
+	PECCSIGNATUREBLOB pSignature);
+ULONG DEVAPI SKF_GenerateAgreementDataWithECC(HCONTAINER hContainer,
+	ULONG ulAlgId,
+	ECCPUBLICKEYBLOB* pTempECCPubKeyBlob,
+	BYTE* pbID, 
+	ULONG ulIDLen,
+	HANDLE *phAgreementHandle);
+ULONG DEVAPI SKF_GenerateAgreementDataAndKeyWithECC(HANDLE hContainer, 
+	ULONG ulAlgId,
+	ECCPUBLICKEYBLOB* pSponsorECCPubKeyBlob,
+	ECCPUBLICKEYBLOB* pSponsorTempECCPubKeyBlob,
+	ECCPUBLICKEYBLOB* pTempECCPubKeyBlob,
+	BYTE* pbID, 
+	ULONG ulIDLen, 
+	BYTE *pbSponsorID, 
+	ULONG ulSponsorIDLen,
+	HANDLE *phKeyHandle);
+ULONG DEVAPI SKF_GenerateKeyWithECC(HANDLE hAgreementHandle,
+	ECCPUBLICKEYBLOB* pECCPubKeyBlob,
+	ECCPUBLICKEYBLOB* pTempECCPubKeyBlob,
+	BYTE* pbID, 
+	ULONG ulIDLen, 
+	HANDLE *phKeyHandle);
+ULONG DEVAPI SKF_ExportPublicKey(HCONTAINER hContainer, 
+	BOOL bSignFlag,
+	BYTE* pbBlob, 
+	ULONG* pulBlobLen);
+ULONG DEVAPI SKF_ImportSessionKey(HCONTAINER hContainer, 
+	ULONG ulAlgId,
+	BYTE *pbWrapedData,
+	ULONG ulWrapedLen,
+	HANDLE *phKey);
+ULONG DEVAPI SKF_SetSymmKey(DEVHANDLE hDev, 
+	BYTE* pbKey,
+	ULONG ulAlgID, 
+	HANDLE* phKey);
+ULONG DEVAPI SKF_EncryptInit(HANDLE hKey, 
+	BLOCKCIPHERPARAM EncryptParam);
+ULONG DEVAPI SKF_Encrypt(HANDLE hKey,
+	BYTE *pbData,
+	ULONG ulDataLen,
+	BYTE *pbEncryptedData,
+	ULONG *pulEncryptedLen);
+ULONG DEVAPI SKF_EncryptUpdate(HANDLE hKey,
+	BYTE * pbData,
+	ULONG ulDataLen, 
+	BYTE *pbEncryptedData, 
+	ULONG *pulEncryptedLen);
+ULONG DEVAPI SKF_EncryptFinal(HANDLE hKey,
+	BYTE *pbEncryptedData,
+	ULONG *pulEncryptedDataLen);
+ULONG DEVAPI SKF_DecryptInit(HANDLE hKey, 
+	BLOCKCIPHERPARAM DecryptParam);
+ULONG DEVAPI SKF_Decrypt(HANDLE hKey, 
+	BYTE * pbEncryptedData,
+	ULONG ulEncryptedLen, 
+	BYTE * pbData, 
+	ULONG * pulDataLen);
+ULONG DEVAPI SKF_DecryptUpdate(HANDLE hKey, 
+	BYTE * pbEncryptedData,
+	ULONG ulEncryptedLen, 
+	BYTE * pbData, 
+	ULONG * pulDataLen);
+ULONG DEVAPI SKF_DecryptFinal(HANDLE hKey, 
+	BYTE *pbDecryptedData,
+	ULONG *pulDecryptedDataLen);
+ULONG DEVAPI SKF_DigestInit(DEVHANDLE hDev, 
+	ULONG ulAlgID,
+	ECCPUBLICKEYBLOB *pPubKey, 
+	unsigned char *pucID, 
+	ULONG ulIDLen, 
+	HANDLE *phHash);
+ULONG DEVAPI SKF_Digest(HANDLE hHash, 
+	BYTE *pbData,
+	ULONG ulDataLen, 
+	BYTE *pbHashData, 
+	ULONG *pulHashLen);
+ULONG DEVAPI SKF_DigestUpdate(HANDLE hHash, 
+	BYTE *pbData,
+	ULONG  ulDataLen);
+ULONG DEVAPI SKF_DigestFinal(HANDLE hHash,
+	BYTE *pHashData,
+	ULONG  *pulHashLen);
+ULONG DEVAPI SKF_MacInit(HANDLE hKey, 
+	BLOCKCIPHERPARAM* pMacParam,
+	HANDLE *phMac);
+ULONG DEVAPI SKF_Mac(HANDLE hMac,
+	BYTE* pbData,
+	ULONG ulDataLen, 
+	BYTE *pbMacData, 
+	ULONG *pulMacLen);
+ULONG DEVAPI SKF_MacUpdate(HANDLE hMac, 
+	BYTE * pbData,
+	ULONG ulDataLen);
+ULONG DEVAPI SKF_MacFinal(HANDLE hMac, 
+	BYTE *pbMacData,
+	ULONG *pulMacDataLen);
+
+ULONG DEVAPI SKF_CloseHandle(HANDLE hHandle);
+
+
+
+#define SAR_OK				0x00000000
+#define SAR_FAIL			0x0A000001
+#define SAR_UNKNOWNERR			0x0A000002
+#define SAR_NOTSUPPORTYETERR		0x0A000003
+#define SAR_FILEERR			0x0A000004
+#define SAR_INVALIDHANDLEERR		0x0A000005
+#define SAR_INVALIDPARAMERR		0x0A000006
+#define SAR_READFILEERR			0x0A000007
+#define SAR_WRITEFILEERR		0x0A000008
+#define SAR_NAMELENERR			0x0A000009
+#define SAR_KEYUSAGEERR			0x0A00000A
+#define SAR_MODULUSLENERR		0x0A00000B
+#define SAR_NOTINITIALIZEERR		0x0A00000C
+#define SAR_OBJERR			0x0A00000D
+#define SAR_MEMORYERR			0x0A00000E
+#define SAR_TIMEOUTERR			0x0A00000F
+#define SAR_INDATALENERR		0x0A000010
+#define SAR_INDATAERR			0x0A000011
+#define SAR_GENRANDERR			0x0A000012
+#define SAR_HASHOBJERR			0x0A000013
+#define SAR_HASHERR			0x0A000014
+#define SAR_GENRSAKEYERR		0x0A000015
+#define SAR_RSAMODULUSLENERR		0x0A000016
+#define SAR_CSPIMPRTPUBKEYERR		0x0A000017
+#define SAR_RSAENCERR			0x0A000018
+#define SAR_RSADECERR			0x0A000019
+#define SAR_HASHNOTEQUALERR		0x0A00001A
+#define SAR_KEYNOTFOUNTERR		0x0A00001B  /* NOT FOUNT? */
+#define SAR_CERTNOTFOUNTERR		0x0A00001C
+#define SAR_NOTEXPORTERR		0x0A00001D
+#define SAR_DECRYPTPADERR		0x0A00001E
+#define SAR_MACLENERR			0x0A00001F
+#define SAR_BUFFER_TOO_SMALL		0x0A000020
+#define SAR_KEYINFOTYPEERR		0x0A000021
+#define SAR_NOT_EVENTERR		0x0A000022
+#define SAR_DEVICE_REMOVED		0x0A000023
+#define SAR_PIN_INCORRECT		0x0A000024
+#define SAR_PIN_LOCKED			0x0A000025
+#define SAR_PIN_INVALID			0x0A000026
+#define SAR_PIN_LEN_RANGE		0x0A000027
+#define SAR_USER_ALREADY_LOGGED_IN	0x0A000028
+#define SAR_USER_PIN_NOT_INITIALIZED	0x0A000029
+#define SAR_USER_TYPE_INVALID		0x0A00002A
+#define SAR_APPLICATION_NAME_INVALID	0x0A00002B
+#define SAR_APPLICATION_EXISTS		0x0A00002C
+#define SAR_USER_NOT_LOGGED_IN		0x0A00002D
+#define SAR_APPLICATION_NOT_EXISTS	0x0A00002E
+#define SAR_FILE_ALREADY_EXIST		0x0A00002F
+#define SAR_NO_ROOM			0x0A000030
+#define SAR_FILE_NOT_EXIST		0x0A000031
+
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+