diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index b6239808..5797da32 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -499,6 +499,9 @@ static int pkey_ec_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen { EC_KEY *ec_key = ctx->pkey->pkey.ec; ECIES_PARAMS *param = ECIES_get_parameters(ec_key); + + fprintf(stderr, "%s %s %d\n", __FUNCTION__, __FILE__, __LINE__); + return ECIES_encrypt(out, outlen, param, in, inlen, ec_key); } @@ -507,6 +510,7 @@ static int pkey_ec_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen { EC_KEY *ec_key = ctx->pkey->pkey.ec; ECIES_PARAMS *param = ECIES_get_parameters(ec_key); + fprintf(stderr, "%s %s %d\n", __FUNCTION__, __FILE__, __LINE__); return ECIES_decrypt(out, outlen, param, in, inlen, ec_key); } #endif diff --git a/crypto/ecies/a.out b/crypto/ecies/a.out deleted file mode 100755 index 884167af..00000000 Binary files a/crypto/ecies/a.out and /dev/null differ diff --git a/crypto/ecies/ecies_lib.c b/crypto/ecies/ecies_lib.c index 81ce91f9..239f02c8 100644 --- a/crypto/ecies/ecies_lib.c +++ b/crypto/ecies/ecies_lib.c @@ -62,17 +62,41 @@ static void *ecies_data_dup(void *data) { - return data; + ECIES_PARAMS *ret = NULL; + ECIES_PARAMS *param = (ECIES_PARAMS *)data; + + OPENSSL_assert(data); + + if (!(ret = OPENSSL_malloc(sizeof(ECIES_PARAMS)))) { + return NULL; + } + + ret->kdf_md = param->kdf_md; + ret->sym_cipher = param->sym_cipher; + ret->mac_md = param->mac_md; + + return ret; } static void ecies_data_free(void *data) { + OPENSSL_free(data); return; } int ECIES_set_parameters(EC_KEY *ec_key, const ECIES_PARAMS *param) { - if (!EC_KEY_insert_key_method_data(ec_key, param, + ECIES_PARAMS *data = NULL; + OPENSSL_assert(ec_key); + OPENSSL_assert(param); + + data = ecies_data_dup(param); + + + if (!EC_KEY_insert_key_method_data(ec_key, data, ecies_data_dup, ecies_data_free, ecies_data_free)) { + + printf("EC_KEY_insert_key_method_data() error\n"); + return 0; } return 1; diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index e7f8c2ed..08ccd045 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -89,7 +89,7 @@ static const EVP_PKEY_METHOD *standard_methods[] = { #endif #ifndef OPENSSL_NO_EC &ec_pkey_meth, - &sm2_pkey_meth, + //&sm2_pkey_meth, #endif &hmac_pkey_meth, &cmac_pkey_meth, diff --git a/crypto/sm2/.sm2test.c.swp b/crypto/sm2/.sm2test.c.swp new file mode 100644 index 00000000..a94fbeeb Binary files /dev/null and b/crypto/sm2/.sm2test.c.swp differ diff --git a/crypto/sm2/a.out b/crypto/sm2/a.out deleted file mode 100755 index 428ff258..00000000 Binary files a/crypto/sm2/a.out and /dev/null differ diff --git a/crypto/sm2/sm2.h b/crypto/sm2/sm2.h index d138c61c..8f29d096 100644 --- a/crypto/sm2/sm2.h +++ b/crypto/sm2/sm2.h @@ -103,11 +103,13 @@ int SM2_do_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md, const SM2_CIPHERTEXT_VALUE *cv, unsigned char *out, size_t *outlen, EC_KEY *ec_key); int SM2_encrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md, - point_conversion_form_t point_form, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen, EC_KEY *ec_key); + point_conversion_form_t point_form, + const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, EC_KEY *ec_key); int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md, - point_conversion_form_t point_form, const unsigned char *in, - size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key); + point_conversion_form_t point_form, + const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, EC_KEY *ec_key); #define SM2_signature_size(ec_key) ECDSA_size(ec_key) diff --git a/crypto/sm2/sm2_enc.c b/crypto/sm2/sm2_enc.c index b7b9913d..5fa206ed 100644 --- a/crypto/sm2/sm2_enc.c +++ b/crypto/sm2/sm2_enc.c @@ -73,11 +73,15 @@ int SM2_CIPHERTEXT_VALUE_size(const EC_GROUP *ec_group, if (!point || !bn_ctx) { goto end; } - + +#if 0 + //FIXME: len will be 1 !!! if (!(len = EC_POINT_point2oct(ec_group, point, point_form, NULL, 0, bn_ctx))) { goto end; } +#endif + len = 1 + 2 * ((EC_GROUP_get_degree(ec_group) + 7)/8); len += mlen + EVP_MD_size(mac_md); ret = len; @@ -144,33 +148,44 @@ SM2_CIPHERTEXT_VALUE *SM2_CIPHERTEXT_VALUE_decode(const EC_GROUP *ec_group, { int ok = 0; SM2_CIPHERTEXT_VALUE *ret = NULL; - BN_CTX *bn_ctx = NULL; - int len = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md); - int ptlen = len - EVP_MD_size(mac_md); + BN_CTX *bn_ctx = BN_CTX_new(); + int ptlen; + int fixlen; - if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md))) { + if (!bn_ctx) { + return NULL; + } + + if (!(fixlen = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md))) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } - if (buflen <= len) { + + if (buflen <= fixlen) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } if (!(ret = OPENSSL_malloc(sizeof(SM2_CIPHERTEXT_VALUE)))) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } ret->ephem_point = EC_POINT_new(ec_group); - ret->ciphertext_size = buflen - len; + ret->ciphertext_size = buflen - fixlen; ret->ciphertext = OPENSSL_malloc(ret->ciphertext_size); if (!ret->ephem_point || !ret->ciphertext) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } - if (!(bn_ctx = BN_CTX_new())) { - goto end; - } - if (!EC_POINT_oct2point(ec_group, ret->ephem_point, buf, len, bn_ctx)) { + + ptlen = fixlen - EVP_MD_size(mac_md); + if (!EC_POINT_oct2point(ec_group, ret->ephem_point, buf, ptlen, bn_ctx)) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); + ERR_print_errors_fp(stdout); goto end; } + memcpy(ret->ciphertext, buf + ptlen, ret->ciphertext_size); ret->mactag_size = EVP_MD_size(mac_md); memcpy(ret->mactag, buf + buflen - ret->mactag_size, ret->mactag_size); @@ -225,8 +240,9 @@ end: } int SM2_encrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md, - point_conversion_form_t point_form, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen, EC_KEY *ec_key) + point_conversion_form_t point_form, + const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, EC_KEY *ec_key) { int ret = 0; const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key); @@ -411,8 +427,9 @@ end: } int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md, - point_conversion_form_t point_form, const unsigned char *in, - size_t inlen, unsigned char *out, size_t *outlen, EC_KEY *ec_key) + point_conversion_form_t point_form, + const unsigned char *in, size_t inlen, + unsigned char *out, size_t *outlen, EC_KEY *ec_key) { int ret = 0; const EC_GROUP *ec_group = EC_KEY_get0_group(ec_key); @@ -420,9 +437,11 @@ int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md, int len; if (!(len = SM2_CIPHERTEXT_VALUE_size(ec_group, point_form, 0, mac_md))) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } if (inlen <= len) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } @@ -430,13 +449,16 @@ int SM2_decrypt(const EVP_MD *kdf_md, const EVP_MD *mac_md, *outlen = inlen - len; return 1; } else if (*outlen < inlen - len) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); return 0; } if (!(cv = SM2_CIPHERTEXT_VALUE_decode(ec_group, point_form, mac_md, in, inlen))) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } if (!SM2_do_decrypt(kdf_md, mac_md, cv, out, outlen, ec_key)) { + fprintf(stderr, "%s %d\n", __FILE__, __LINE__); goto end; } diff --git a/crypto/sm2/sm2test.c b/crypto/sm2/sm2test.c index e8fa4510..a06b62cf 100644 --- a/crypto/sm2/sm2test.c +++ b/crypto/sm2/sm2test.c @@ -1,5 +1,10 @@ +/* + * cc -Wall -I ../../include/ sm2test.c ../../libcrypto.a + */ + #include #include +#include #include #include #include @@ -45,30 +50,45 @@ static int test_sm2_enc(void) SM2_CIPHERTEXT_VALUE *cv = NULL; unsigned char ctbuf[512]; unsigned char ptbuf[512]; - size_t len; - + size_t len, len2; + BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE); ec_key = EC_KEY_new_by_curve_name(NID_sm2p256v1); OPENSSL_assert(ec_key); rv = EC_KEY_generate_key(ec_key); OPENSSL_assert(rv == 1); - cv = SM2_do_encrypt(EVP_sm3(), EVP_sm3(), msg, (size_t)strlen(msg), ec_key); + cv = SM2_do_encrypt(EVP_sm3(), EVP_sm3(), (unsigned char *)msg, (size_t)strlen(msg), ec_key); OPENSSL_assert(cv); + SM2_CIPHERTEXT_VALUE_print(bio, EC_KEY_get0_group(ec_key), cv, 0, 0); - { - BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE); - SM2_CIPHERTEXT_VALUE_print(bio, EC_KEY_get0_group(ec_key), cv, 0, 0); - } - + bzero(ptbuf, sizeof(ptbuf)); len = sizeof(ptbuf); rv = SM2_do_decrypt(EVP_sm3(), EVP_sm3(), cv, ptbuf, &len, ec_key); OPENSSL_assert(rv == 1); + len = sizeof(ctbuf); + rv = SM2_encrypt(EVP_sm3(), EVP_sm3(), + SM2_DEFAULT_POINT_CONVERSION_FORM, + (unsigned char *)msg, (size_t)strlen(msg), ctbuf, &len, ec_key); + OPENSSL_assert(rv == 1); + + bzero(ptbuf, sizeof(ptbuf)); + len2 = sizeof(ptbuf); + rv = SM2_decrypt(EVP_sm3(), EVP_sm3(), + SM2_DEFAULT_POINT_CONVERSION_FORM, + ctbuf, len, ptbuf, &len2, ec_key); + OPENSSL_assert(rv == 1); + + /* + printf("original plaintext: %s\n", msg); + printf("decrypted plaintext: %s\n", ptbuf); + */ printf("%s() success\n", __FUNCTION__); return 0; } + int main(int argc, char **argv) { test_sm2_sign(); diff --git a/engines/skf/e_skf.c b/engines/skf/e_skf.c new file mode 100644 index 00000000..774f5c9a --- /dev/null +++ b/engines/skf/e_skf.c @@ -0,0 +1,132 @@ +#include + + + +#define SKF_ENGINE_ID "skf" +#define SKF_ENGINE_NAME "skf engine" + + + +static int skf_init(ENGINE *e) +{ + ULONG rv; + + rv = SKF_EnumDev(TRUE, szNameList, &ulSize); + rv = SKF_ConnectDev(szName, &hDev); + rv = SKF_DevAuth(hDev, pbAuthData, ulLen); + rv = SKF_EnumApplication(hDev, szAppName, &ulSize); + rv = SKF_OpenApplication(hDev, szAppName, &hApp); + + rv = SKF_SetSymmKey(hDev, pbKey, ulAlgID, &hKey); + + rv = SKF_EncryptInit(hKey, encParam); +} + + + +static int skf_finish(ENGINE *e) +{ + +} + +void ENGINE_load_skf(void) +{ +} + +static ENGINE *ENGINE_skf(void) +{ + ENGINE *eng = ENGINE_new(); + + if (!eng) { + return NULL; + } + + if (!skf_bind_helper(eng)) { + ENGINE_free(eng); + return NULL; + } + + return eng; +} + +static int skf_bind_helper(ENGINE *e) +{ + if (!ENGINE_set_id(e, SKF_ENGINE_ID) || + !ENGINE_set_name(e, SKF_ENGINE_NAME) || + !ENGINE_set_init_function(e, skf_init) || + !ENGINE_set_ciphers(e, skf_ciphers) || + !ENGINE_set_RSA(e, SKF_get_rsa_method()) || + !ENGINE_set_SM2(e, SKF_get_sm2_method()) || + !ENGINE_set_RAND(e, skf_rand)) { + return 0; + } + + return 1; +} + + +static int skf_cipher_nids[] = { + NID_ssf33_ecb, + NID_ssf33_cbc, + NID_ssf33_cfb, + NID_ssf33_ofb, + NID_sm1_ecb, + NID_sm1_cbc, + NID_sm1_cfb, + NID_sm1_ofb, + NID_sm4_ecb, + NID_sm4_cbc, + NID_sm4_cfb, + NID_sm4_ofb, +}; + +static int skf_ciphers(ENGINE *e, const EVP_CIPHER **cipher, + const int **nids, int nid) +{ + if (!cipher) { + *nid = skf_cipher_nids; + return skf_num_cipher_nids; + } + + switch (nid) { + case NID_ssf33_ecb: + *cipher = &skf_ssf33_ecb; + break; + default: + *cipher = NULL; + return 0; + } + + return 1; +} + + +static RAND_METHOD skf_rand = { + NULL, /* seed */ + skf_rand_bytes, /* bytes */ + NULL, /* cleanup */ + NULL, /* add */ + skf_rand_bytes, /* pseudorand */ + NULL, /* rand status */ +}; + + + +static int bind_fn(ENGINE *e, const char *id) +{ + if (id && (strcmp(id, SKF_ENGINE_ID) != 0)) { + fprintf(stderr, "bad engine id\n"); + return 0; + } + if (!bind_helper(e)) { + return 0; + } + + return 1; +} + + + +IMPLEMENT_DYNAMIC_CHECK_FN(); +IMPLEMENT_DYNAMIC_BIND_FN(bind_fn); + diff --git a/engines/skf/e_skf.ec b/engines/skf/e_skf.ec new file mode 100644 index 00000000..e69de29b diff --git a/engines/skf/e_skf_err.c b/engines/skf/e_skf_err.c new file mode 100644 index 00000000..e69de29b diff --git a/engines/skf/skf.h b/engines/skf/skf.h new file mode 100644 index 00000000..db096292 --- /dev/null +++ b/engines/skf/skf.h @@ -0,0 +1,556 @@ +#ifndef HEADER_SKF_H +#define HEADER_SKF_H + +#include "smapi_err.h" + +#ifdef __cplusplus +extern "C" { +#endif + + +/* Algorithms */ +#define SGD_SM1_ECB 0x00000101 +#define SGD_SM1_CBC 0x00000102 +#define SGD_SM1_CFB 0x00000104 +#define SGD_SM1_OFB 0x00000108 +#define SGD_SM1_MAC 0x00000110 +#define SGD_SSF33_ECB 0x00000201 +#define SGD_SSF33_CBC 0x00000202 +#define SGD_SSF33_CFB 0x00000204 +#define SGD_SSF33_OFB 0x00000208 +#define SGD_SSF33_MAC 0x00000210 +#define SGD_SM4_ECB 0x00000401 +#define SGD_SM4_CBC 0x00000402 +#define SGD_SM4_CFB 0x00000404 +#define SGD_SM4_OFB 0x00000408 +#define SGD_SM4_MAC 0x00000410 +#define SGD_RSA 0x00010000 +#define SGD_SM2_1 0x00020100 +#define SGD_SM2_2 0x00020200 +#define SGD_SM2_3 0x00020400 +#define SGD_SM3 0x00000001 +#define SGD_SHA1 0x00000002 +#define SGD_SHA256 0x00000004 + + +#ifndef WIN32 +typedef signed char INT8; +typedef signed short INT16; +typedef signed int INT32; +typedef unsigned char UINT8; +typedef unsigned short UINT16; +typedef unsigned int UINT32; +typedef long BOOL; +typedef UINT8 BYTE; +typedef UINT8 CHAR; +typedef INT16 SHORT; +typedef UINT16 USHORT; +typedef INT32 LONG; +typedef UINT32 ULONG; +typedef UINT32 UINT; +typedef UINT16 WORD; +typedef UINT32 DWORD; +typedef UINT32 FLAGS; +typedef CHAR * LPSTR; +typedef void * HANDLE; +#endif + +typedef HANDLE DEVHANDLE; +typedef HANDLE HAPPLICATION; +typedef HANDLE HSESSION; +typedef HANDLE HCONTAINER; + + +#ifndef FALSE +#define FALSE 0x00000000 +#endif + +#ifndef TRUE +#define TRUE 0x00000001 +#endif + +#ifdef WIN32 + #define DEVAPI __stdcall +#else + #define DEVAPI +#endif + +#ifndef ADMIN_TYPE + #define ADMIN_TYPE 0 +#endif + +#ifndef USER_TYPE +#define USER_TYPE 1 +#endif + +#define MAX_RSA_MODULUS_LEN 256 +#define MAX_RSA_EXPONENT_LEN 4 +#define ECC_MAX_XCOORDINATE_BITS_LEN 512 +#define ECC_MAX_YCOORDINATE_BITS_LEN 512 +#define ECC_MAX_MODULUS_BITS_LEN 512 + +#define MAX_IV_LEN 32 + +#define MAX_FILE_NAME_SIZE 32 +#define MAX_FILE_CONTAINER_NAME_SIZE 64 + +#define SECURE_NEVER_ACCOUNT 0x00000000 +#define SECURE_ADM_ACCOUNT 0x00000001 +#define SECURE_USER_ACCOUNT 0x00000010 +#define SECURE_ANYONE_ACCOUNT 0x000000FF + +#define DEV_ABSENT_STATE 0x00000000 +#define DEV_PRESENT_STATE 0x00000001 +#define DEV_UNKNOW_STATE 0x00000010 + + +typedef struct Struct_Version{ + BYTE major; + BYTE minor; +}VERSION; + +typedef struct Struct_DEVINFO { + VERSION Version; + CHAR Manufacturer[64]; + CHAR Issuer[64]; + CHAR Label[32]; + CHAR SerialNumber[32]; + VERSION HWVersion; + VERSION FirmwareVersion; + ULONG AlgSymCap; + ULONG AlgAsymCap; + ULONG AlgHashCap; + ULONG DevAuthAlgId; + ULONG TotalSpace; + ULONG FreeSpace; + ULONG MaxECCBufferSize; + ULONG MaxBufferSize; + BYTE Reserved[64]; +} DEVINFO, *PDEVINFO; + +typedef struct Struct_RSAPUBLICKEYBLOB { + ULONG AlgID; + ULONG BitLen; + BYTE Modulus[MAX_RSA_MODULUS_LEN]; + BYTE PublicExponent[MAX_RSA_EXPONENT_LEN]; +} RSAPUBLICKEYBLOB, *PRSAPUBLICKEYBLOB; + +typedef struct Struct_RSAPRIVATEKEYBLOB{ + ULONG AlgID; + ULONG BitLen; + BYTE Modulus[MAX_RSA_MODULUS_LEN]; + BYTE PublicExponent[MAX_RSA_EXPONENT_LEN]; + BYTE PrivateExponent[MAX_RSA_MODULUS_LEN]; + BYTE Prime1[MAX_RSA_MODULUS_LEN/2]; + BYTE Prime2[MAX_RSA_MODULUS_LEN/2]; + BYTE Prime1Exponent[MAX_RSA_MODULUS_LEN/2]; + BYTE Prime2Exponent[MAX_RSA_MODULUS_LEN/2]; + BYTE Coefficient[MAX_RSA_MODULUS_LEN/2]; +}RSAPRIVATEKEYBLOB, *PRSAPRIVATEKEYBLOB; + +typedef struct Struct_ECCPUBLICKEYBLOB{ + ULONG BitLen; + BYTE XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8]; + BYTE YCoordinate[ECC_MAX_YCOORDINATE_BITS_LEN/8]; +}ECCPUBLICKEYBLOB, *PECCPUBLICKEYBLOB; + +typedef struct Struct_ECCPRIVATEKEYBLOB{ + ULONG BitLen; + BYTE PrivateKey[ECC_MAX_MODULUS_BITS_LEN/8]; +}ECCPRIVATEKEYBLOB, *PECCPRIVATEKEYBLOB; + +typedef struct Struct_ECCCIPHERBLOB{ + BYTE XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8]; + BYTE YCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8]; + BYTE HASH[32]; + ULONG CipherLen; + BYTE Cipher[1]; +} ECCCIPHERBLOB, *PECCCIPHERBLOB; + +typedef struct Struct_ECCSIGNATUREBLOB{ + BYTE r[ECC_MAX_XCOORDINATE_BITS_LEN/8]; + BYTE s[ECC_MAX_XCOORDINATE_BITS_LEN/8]; +} ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB; + +typedef struct Struct_BLOCKCIPHERPARAM{ + BYTE IV[MAX_IV_LEN]; + ULONG IVLen; + ULONG PaddingType; + ULONG FeedBitLen; +} BLOCKCIPHERPARAM, *PBLOCKCIPHERPARAM; + +typedef struct SKF_ENVELOPEDKEYBLOB{ + ULONG Version; + ULONG ulSymmAlgID; + ULONG ulBits; + BYTE cbEncryptedPriKey[64]; + ECCPUBLICKEYBLOB PubKey; + ECCCIPHERBLOB ECCCipherBlob; +}ENVELOPEDKEYBLOB, *PENVELOPEDKEYBLOB; + +typedef struct Struct_FILEATTRIBUTE{ + CHAR FileName[MAX_FILE_NAME_SIZE]; + ULONG FileSize; + ULONG ReadRights; + ULONG WriteRights; +} FILEATTRIBUTE, *PFILEATTRIBUTE; + + +ULONG DEVAPI SKF_WaitForDevEvent(LPSTR szDevName, + ULONG *pulDevNameLen, + ULONG *pulEvent); +ULONG DEVAPI SKF_CancelWaitForDevEvent(); +ULONG DEVAPI SKF_EnumDev(BOOL bPresent, + LPSTR szNameList, + ULONG *pulSize); +ULONG DEVAPI SKF_ConnectDev(LPSTR szName, + DEVHANDLE *phDev); +ULONG DEVAPI SKF_DisConnectDev(DEVHANDLE hDev); +ULONG DEVAPI SKF_GetDevState(LPSTR szDevName, + ULONG *pulDevState); +ULONG DEVAPI SKF_SetLabel(DEVHANDLE hDev, + LPSTR szLabel); +ULONG DEVAPI SKF_GetDevInfo(DEVHANDLE hDev, + DEVINFO *pDevInfo); +ULONG DEVAPI SKF_LockDev(DEVHANDLE hDev, + ULONG ulTimeOut); +ULONG DEVAPI SKF_UnlockDev(DEVHANDLE hDev); +ULONG DEVAPI SKF_Transmit(DEVHANDLE hDev, + BYTE* pbCommand, + ULONG ulCommandLen, + BYTE* pbData, + ULONG* pulDataLen); +ULONG DEVAPI SKF_ChangeDevAuthKey(DEVHANDLE hDev, + BYTE *pbKeyValue, + ULONG ulKeyLen); +ULONG DEVAPI SKF_DevAuth(DEVHANDLE hDev, + BYTE *pbAuthData, + ULONG ulLen); +ULONG DEVAPI SKF_ChangePIN(HAPPLICATION hApplication, + ULONG ulPINType, + LPSTR szOldPin, + LPSTR szNewPin, + ULONG *pulRetryCount); +LONG DEVAPI SKF_GetPINInfo(HAPPLICATION hApplication, + ULONG ulPINType, + ULONG *pulMaxRetryCount, + ULONG *pulRemainRetryCount, + BOOL *pbDefaultPin); +ULONG DEVAPI SKF_VerifyPIN(HAPPLICATION hApplication, + ULONG ulPINType, + LPSTR szPIN, + ULONG *pulRetryCount); +ULONG DEVAPI SKF_UnblockPIN(HAPPLICATION hApplication, + LPSTR szAdminPIN, + LPSTR szNewUserPIN, + ULONG *pulRetryCount); +ULONG DEVAPI SKF_ClearSecureState(HAPPLICATION hApplication); + +ULONG DEVAPI SKF_CreateApplication(DEVHANDLE hDev, + LPSTR szAppName, + LPSTR szAdminPin, + DWORD dwAdminPinRetryCount, + LPSTR szUserPin, + DWORD dwUserPinRetryCount, + DWORD dwCreateFileRights, + HAPPLICATION *phApplication); +ULONG DEVAPI SKF_EnumApplication(DEVHANDLE hDev, + LPSTR szAppName, + ULONG *pulSize); +ULONG DEVAPI SKF_DeleteApplication(DEVHANDLE hDev, + LPSTR szAppName); +ULONG DEVAPI SKF_OpenApplication(DEVHANDLE hDev, + LPSTR szAppName, + HAPPLICATION *phApplication); +ULONG DEVAPI SKF_CloseApplication(HAPPLICATION hApplication); + +ULONG DEVAPI SKF_CreateFile(HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulFileSize, + ULONG ulReadRights, + ULONG ulWriteRights); +ULONG DEVAPI SKF_DeleteFile(HAPPLICATION hApplication, + LPSTR szFileName); +ULONG DEVAPI SKF_EnumFiles(HAPPLICATION hApplication, + LPSTR szFileList, + ULONG *pulSize); +ULONG DEVAPI SKF_GetFileInfo(HAPPLICATION hApplication, + LPSTR szFileName, + FILEATTRIBUTE *pFileInfo); +ULONG DEVAPI SKF_ReadFile(HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulOffset, + ULONG ulSize, + BYTE * pbOutData, + ULONG *pulOutLen); +ULONG DEVAPI SKF_WriteFile(HAPPLICATION hApplication, + LPSTR szFileName, + ULONG ulOffset, + BYTE *pbData, + ULONG ulSize); + +ULONG DEVAPI SKF_CreateContainer(HAPPLICATION hApplication, + LPSTR szContainerName, + HCONTAINER *phContainer); +ULONG DEVAPI SKF_DeleteContainer(HAPPLICATION hApplication, + LPSTR szContainerName); +ULONG DEVAPI SKF_EnumContainer(HAPPLICATION hApplication, + LPSTR szContainerName, + ULONG *pulSize); +ULONG DEVAPI SKF_OpenContainer(HAPPLICATION hApplication, + LPSTR szContainerName, + HCONTAINER *phContainer); +ULONG DEVAPI SKF_CloseContainer(HCONTAINER hContainer); +ULONG DEVAPI SKF_GetContainerType(HCONTAINER hContainer, + ULONG *pulContainerType); +ULONG DEVAPI SKF_ImportCertificate(HCONTAINER hContainer, + BOOL bSignFlag, + BYTE* pbCert, + ULONG ulCertLen); +ULONG DEVAPI SKF_ExportCertificate(HCONTAINER hContainer, + BOOL bSignFlag, + BYTE* pbCert, + ULONG *pulCertLen); + +ULONG DEVAPI SKF_GenRandom(DEVHANDLE hDev, + BYTE *pbRandom, + ULONG ulRandomLen); +ULONG DEVAPI SKF_GenExtRSAKey(DEVHANDLE hDev, + ULONG ulBitsLen, + RSAPRIVATEKEYBLOB *pBlob); +ULONG DEVAPI SKF_GenRSAKeyPair(HCONTAINER hContainer, + ULONG ulBitsLen, + RSAPUBLICKEYBLOB *pBlob); +ULONG DEVAPI SKF_ImportRSAKeyPair(HCONTAINER hContainer, + ULONG ulSymAlgId, + BYTE *pbWrappedKey, + ULONG ulWrappedKeyLen, + BYTE *pbEncryptedData, + ULONG ulEncryptedDataLen); +ULONG DEVAPI SKF_RSASignData(HCONTAINER hContainer, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbSignature, + ULONG *pulSignLen); +ULONG DEVAPI SKF_RSAVerify(DEVHANDLE hDev, + RSAPUBLICKEYBLOB* pRSAPubKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbSignature, + ULONG ulSignLen); +ULONG DEVAPI SKF_RSAExportSessionKey(HCONTAINER hContainer, + ULONG ulAlgId, + RSAPUBLICKEYBLOB *pPubKey, + BYTE *pbData, + ULONG *pulDataLen, + HANDLE *phSessionKey); +ULONG DEVAPI SKF_ExtRSAPubKeyOperation(DEVHANDLE hDev, + RSAPUBLICKEYBLOB* pRSAPubKeyBlob, + BYTE* pbInput, + ULONG ulInputLen, + BYTE* pbOutput, + ULONG* pulOutputLen); +ULONG DEVAPI SKF_ExtRSAPriKeyOperation(DEVHANDLE hDev, + RSAPRIVATEKEYBLOB* pRSAPriKeyBlob, + BYTE* pbInput, + ULONG ulInputLen, + BYTE* pbOutput, + ULONG* pulOutputLen); +ULONG DEVAPI SKF_GenECCKeyPair(HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pBlob); +ULONG DEVAPI SKF_ImportECCKeyPair(HCONTAINER hContainer, + PENVELOPEDKEYBLOB pEnvelopedKeyBlob); +ULONG DEVAPI SKF_ECCSignData(HCONTAINER hContainer, + BYTE *pbData, + ULONG ulDataLen, + PECCSIGNATUREBLOB pSignature); + +ULONG DEVAPI SKF_ECCVerify(DEVHANDLE hDev, + ECCPUBLICKEYBLOB* pECCPubKeyBlob, + BYTE *pbData, + ULONG ulDataLen, + PECCSIGNATUREBLOB pSignature); +ULONG DEVAPI SKF_ECCExportSessionKey(HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB *pPubKey, + PECCCIPHERBLOB pData, + HANDLE *phSessionKey); +ULONG DEVAPI SKF_ExtECCEncrypt(DEVHANDLE hDev, + ECCPUBLICKEYBLOB* pECCPubKeyBlob, + BYTE* pbPlainText, + ULONG ulPlainTextLen, + PECCCIPHERBLOB pCipherText); +ULONG DEVAPI SKF_ExtECCDecrypt(DEVHANDLE hDev, + ECCPRIVATEKEYBLOB* pECCPriKeyBlob, + PECCCIPHERBLOB pCipherText, + BYTE* pbPlainText, + ULONG* pulPlainTextLen); +ULONG DEVAPI SKF_ExtECCSign(DEVHANDLE hDev, + ECCPRIVATEKEYBLOB* pECCPriKeyBlob, + BYTE* pbData, + ULONG ulDataLen, + PECCSIGNATUREBLOB pSignature); +ULONG DEVAPI SKF_ExtECCVerify(DEVHANDLE hDev, + ECCPUBLICKEYBLOB* pECCPubKeyBlob, + BYTE* pbData, + ULONG ulDataLen, + PECCSIGNATUREBLOB pSignature); +ULONG DEVAPI SKF_GenerateAgreementDataWithECC(HCONTAINER hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB* pTempECCPubKeyBlob, + BYTE* pbID, + ULONG ulIDLen, + HANDLE *phAgreementHandle); +ULONG DEVAPI SKF_GenerateAgreementDataAndKeyWithECC(HANDLE hContainer, + ULONG ulAlgId, + ECCPUBLICKEYBLOB* pSponsorECCPubKeyBlob, + ECCPUBLICKEYBLOB* pSponsorTempECCPubKeyBlob, + ECCPUBLICKEYBLOB* pTempECCPubKeyBlob, + BYTE* pbID, + ULONG ulIDLen, + BYTE *pbSponsorID, + ULONG ulSponsorIDLen, + HANDLE *phKeyHandle); +ULONG DEVAPI SKF_GenerateKeyWithECC(HANDLE hAgreementHandle, + ECCPUBLICKEYBLOB* pECCPubKeyBlob, + ECCPUBLICKEYBLOB* pTempECCPubKeyBlob, + BYTE* pbID, + ULONG ulIDLen, + HANDLE *phKeyHandle); +ULONG DEVAPI SKF_ExportPublicKey(HCONTAINER hContainer, + BOOL bSignFlag, + BYTE* pbBlob, + ULONG* pulBlobLen); +ULONG DEVAPI SKF_ImportSessionKey(HCONTAINER hContainer, + ULONG ulAlgId, + BYTE *pbWrapedData, + ULONG ulWrapedLen, + HANDLE *phKey); +ULONG DEVAPI SKF_SetSymmKey(DEVHANDLE hDev, + BYTE* pbKey, + ULONG ulAlgID, + HANDLE* phKey); +ULONG DEVAPI SKF_EncryptInit(HANDLE hKey, + BLOCKCIPHERPARAM EncryptParam); +ULONG DEVAPI SKF_Encrypt(HANDLE hKey, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbEncryptedData, + ULONG *pulEncryptedLen); +ULONG DEVAPI SKF_EncryptUpdate(HANDLE hKey, + BYTE * pbData, + ULONG ulDataLen, + BYTE *pbEncryptedData, + ULONG *pulEncryptedLen); +ULONG DEVAPI SKF_EncryptFinal(HANDLE hKey, + BYTE *pbEncryptedData, + ULONG *pulEncryptedDataLen); +ULONG DEVAPI SKF_DecryptInit(HANDLE hKey, + BLOCKCIPHERPARAM DecryptParam); +ULONG DEVAPI SKF_Decrypt(HANDLE hKey, + BYTE * pbEncryptedData, + ULONG ulEncryptedLen, + BYTE * pbData, + ULONG * pulDataLen); +ULONG DEVAPI SKF_DecryptUpdate(HANDLE hKey, + BYTE * pbEncryptedData, + ULONG ulEncryptedLen, + BYTE * pbData, + ULONG * pulDataLen); +ULONG DEVAPI SKF_DecryptFinal(HANDLE hKey, + BYTE *pbDecryptedData, + ULONG *pulDecryptedDataLen); +ULONG DEVAPI SKF_DigestInit(DEVHANDLE hDev, + ULONG ulAlgID, + ECCPUBLICKEYBLOB *pPubKey, + unsigned char *pucID, + ULONG ulIDLen, + HANDLE *phHash); +ULONG DEVAPI SKF_Digest(HANDLE hHash, + BYTE *pbData, + ULONG ulDataLen, + BYTE *pbHashData, + ULONG *pulHashLen); +ULONG DEVAPI SKF_DigestUpdate(HANDLE hHash, + BYTE *pbData, + ULONG ulDataLen); +ULONG DEVAPI SKF_DigestFinal(HANDLE hHash, + BYTE *pHashData, + ULONG *pulHashLen); +ULONG DEVAPI SKF_MacInit(HANDLE hKey, + BLOCKCIPHERPARAM* pMacParam, + HANDLE *phMac); +ULONG DEVAPI SKF_Mac(HANDLE hMac, + BYTE* pbData, + ULONG ulDataLen, + BYTE *pbMacData, + ULONG *pulMacLen); +ULONG DEVAPI SKF_MacUpdate(HANDLE hMac, + BYTE * pbData, + ULONG ulDataLen); +ULONG DEVAPI SKF_MacFinal(HANDLE hMac, + BYTE *pbMacData, + ULONG *pulMacDataLen); + +ULONG DEVAPI SKF_CloseHandle(HANDLE hHandle); + + + +#define SAR_OK 0x00000000 +#define SAR_FAIL 0x0A000001 +#define SAR_UNKNOWNERR 0x0A000002 +#define SAR_NOTSUPPORTYETERR 0x0A000003 +#define SAR_FILEERR 0x0A000004 +#define SAR_INVALIDHANDLEERR 0x0A000005 +#define SAR_INVALIDPARAMERR 0x0A000006 +#define SAR_READFILEERR 0x0A000007 +#define SAR_WRITEFILEERR 0x0A000008 +#define SAR_NAMELENERR 0x0A000009 +#define SAR_KEYUSAGEERR 0x0A00000A +#define SAR_MODULUSLENERR 0x0A00000B +#define SAR_NOTINITIALIZEERR 0x0A00000C +#define SAR_OBJERR 0x0A00000D +#define SAR_MEMORYERR 0x0A00000E +#define SAR_TIMEOUTERR 0x0A00000F +#define SAR_INDATALENERR 0x0A000010 +#define SAR_INDATAERR 0x0A000011 +#define SAR_GENRANDERR 0x0A000012 +#define SAR_HASHOBJERR 0x0A000013 +#define SAR_HASHERR 0x0A000014 +#define SAR_GENRSAKEYERR 0x0A000015 +#define SAR_RSAMODULUSLENERR 0x0A000016 +#define SAR_CSPIMPRTPUBKEYERR 0x0A000017 +#define SAR_RSAENCERR 0x0A000018 +#define SAR_RSADECERR 0x0A000019 +#define SAR_HASHNOTEQUALERR 0x0A00001A +#define SAR_KEYNOTFOUNTERR 0x0A00001B /* NOT FOUNT? */ +#define SAR_CERTNOTFOUNTERR 0x0A00001C +#define SAR_NOTEXPORTERR 0x0A00001D +#define SAR_DECRYPTPADERR 0x0A00001E +#define SAR_MACLENERR 0x0A00001F +#define SAR_BUFFER_TOO_SMALL 0x0A000020 +#define SAR_KEYINFOTYPEERR 0x0A000021 +#define SAR_NOT_EVENTERR 0x0A000022 +#define SAR_DEVICE_REMOVED 0x0A000023 +#define SAR_PIN_INCORRECT 0x0A000024 +#define SAR_PIN_LOCKED 0x0A000025 +#define SAR_PIN_INVALID 0x0A000026 +#define SAR_PIN_LEN_RANGE 0x0A000027 +#define SAR_USER_ALREADY_LOGGED_IN 0x0A000028 +#define SAR_USER_PIN_NOT_INITIALIZED 0x0A000029 +#define SAR_USER_TYPE_INVALID 0x0A00002A +#define SAR_APPLICATION_NAME_INVALID 0x0A00002B +#define SAR_APPLICATION_EXISTS 0x0A00002C +#define SAR_USER_NOT_LOGGED_IN 0x0A00002D +#define SAR_APPLICATION_NOT_EXISTS 0x0A00002E +#define SAR_FILE_ALREADY_EXIST 0x0A00002F +#define SAR_NO_ROOM 0x0A000030 +#define SAR_FILE_NOT_EXIST 0x0A000031 + + +#ifdef __cplusplus +} +#endif +#endif +