trunk/OpenPGPminidriverTest/CryptoOperations.cpp

/*      OpenPGP Smart Card Mini Driver
    Copyright (C) 2009 Vincent Le Toux

    This library is Free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
    License version 2.1 as published by the Free Software Foundation.

    This library is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    Lesser General Public License for more details.

    You should have received a copy of the GNU Lesser General Public
    License along with this library; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

#include <windows.h>
#include <tchar.h>
#include <cardmod.h>
#include "global.h"

DWORD GenerateNewKey(DWORD dwIndex)
{
        DWORD dwReturn, dwKeySpec;
        PIN_ID  PinId;
        __try
        {
                 if (!pCardData)
                {
                        dwReturn = SCARD_E_COMM_DATA_LOST;
                        __leave;
                }
                switch(dwIndex)
                {
                case 0: //Signature,
                        dwKeySpec = AT_SIGNATURE;
                        PinId = ROLE_USER;
                        break;
                case 1: //Authentication,
                        dwKeySpec = AT_SIGNATURE;
                        PinId = 3;
                        break;
                case 2: // Confidentiality,
                        dwKeySpec = AT_KEYEXCHANGE;
                        PinId = 4;
                        break;
                default:
                        dwReturn = SCARD_E_UNEXPECTED;
                        __leave;
                }
                dwReturn = pCardData->pfnCardCreateContainerEx(pCardData, (BYTE) dwIndex, 
                                                                                        CARD_CREATE_CONTAINER_KEY_GEN, 
                                                                                        dwKeySpec, 1024, NULL, PinId);
        }
        __finally
        {
        }
        return dwReturn;
}

#pragma pack(push,1)
typedef struct _RSAPUBLICKEYBLOB
{
        BLOBHEADER blobheader;
        RSAPUBKEY rsapubkey;
        BYTE modulus[sizeof(DWORD)];
} RSAPUBLICKEYBLOB, *PRSAPUBLICKEYBLOB;
#pragma pack(pop)

DWORD ImportKey(DWORD dwIndex)
{
        DWORD dwReturn, dwKeySpec;
        PIN_ID  PinId;
        HCRYPTPROV hProv = NULL;
        HCRYPTKEY hKey = NULL;
        TCHAR szContainerName[] = OPENPGP_TEST_CONTAINER;
        BYTE pbData[4096];
        BYTE pbDataControl[4096];
        BYTE pbBlobRef[4096];
        DWORD dwDataSize = ARRAYSIZE(pbData);
        DWORD dwBlobRefSize = ARRAYSIZE(pbBlobRef);
        BOOL bStatus;
        CONTAINER_INFO  ContainerInfo;
        PRSAPUBLICKEYBLOB pBlob, pBlobRef;
        DWORD dwAglLen, dwSize;
        __try
        {
                 if (!pCardData)
                {
                        dwReturn = SCARD_E_COMM_DATA_LOST;
                        __leave;
                }
                switch(dwIndex)
                {
                case 0: //Signature,
                        dwKeySpec = AT_SIGNATURE;
                        PinId = ROLE_USER;
                        break;
                case 1: //Authentication,
                        dwKeySpec = AT_SIGNATURE;
                        PinId = 3;
                        break;
                case 2: // Confidentiality,
                        dwKeySpec = AT_KEYEXCHANGE;
                        PinId = 4;
                        break;
                default:
                        dwReturn = SCARD_E_UNEXPECTED;
                        __leave;
                }
                bStatus = CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, 0);
                if (!bStatus) 
                {
                        dwReturn = GetLastError();
                        if (dwReturn == NTE_BAD_KEYSET)
                        {
                                bStatus = CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET);
                        }
                        if (!bStatus) 
                        {
                                dwReturn = GetLastError();
                                __leave;
                        }
                }
                bStatus = CryptGenKey(hProv, dwKeySpec, CRYPT_EXPORTABLE, &hKey);
                if (!bStatus) 
                {
                        dwReturn = GetLastError();
                        __leave;
                }
                bStatus = CryptExportKey(hKey,  NULL, PRIVATEKEYBLOB, 0, pbData, &dwDataSize);
                if (!bStatus) 
                {
                        dwReturn = GetLastError();
                        __leave;
                }
                memcpy(pbDataControl, pbData, ARRAYSIZE(pbData));
                dwSize = sizeof(DWORD);
                bStatus = CryptGetKeyParam(hKey, KP_KEYLEN, (PBYTE) &dwAglLen,&dwSize , 0);
                dwReturn = pCardData->pfnCardCreateContainerEx(pCardData, (BYTE) dwIndex, 
                                                                                        CARD_CREATE_CONTAINER_KEY_IMPORT, 
                                                                                        dwKeySpec, dwAglLen, pbData, PinId);
                if (dwReturn)
                {
                        __leave;
                }
                // check if the buffer has been altered
                if (memcmp(pbDataControl,pbData, ARRAYSIZE(pbData)) != 0)
                {
                        dwReturn = SCARD_E_UNEXPECTED;
                        __leave;
                }

                memset(&ContainerInfo,0,sizeof(CONTAINER_INFO));
                ContainerInfo.dwVersion = 0;
                dwReturn = pCardData->pfnCardGetContainerInfo(pCardData, (BYTE) dwIndex, 0, &ContainerInfo);
                if (dwReturn)
                {
                        __leave;
                }
                bStatus = CryptExportKey(hKey,  NULL, PUBLICKEYBLOB, 0, pbBlobRef, &dwBlobRefSize);
                if (!bStatus) 
                {
                        dwReturn = GetLastError();
                        __leave;
                }
                pBlobRef = (PRSAPUBLICKEYBLOB) pbBlobRef;
                pBlob = (PRSAPUBLICKEYBLOB) (dwKeySpec==AT_SIGNATURE ? ContainerInfo.pbSigPublicKey : ContainerInfo.pbKeyExPublicKey);
                //if (memcmp(pBlobRef, pBlob, ContainerInfo.cbSigPublicKey) != 0)
                for (DWORD dwI = 0; dwI < pBlobRef->rsapubkey.bitlen / 8; dwI++)
                {
                        if ( pBlobRef->modulus[dwI] != pBlob->modulus[dwI])
                        {
                                dwReturn = SCARD_E_UNEXPECTED;
                                __leave;
                        }
                }
                dwReturn = 0;

        }
        __finally
        {
                if (hKey)
                        CryptDestroyKey(hKey);
                //CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_DELETEKEYSET);
                if (hProv)
                        CryptReleaseContext(hProv,0);
        }
        return dwReturn;
}

DWORD SetTheSameKeyForAllContainers()
{
        DWORD dwReturn, dwKeySpec;
        PIN_ID  PinId;
        HCRYPTPROV hProv = NULL;
        HCRYPTKEY hKey = NULL;
        TCHAR szContainerName[] = OPENPGP_TEST_CONTAINER;
        BYTE pbData[4096];
        BYTE pbDataControl[4096];
        BYTE pbBlobRef[4096];
        DWORD dwDataSize = ARRAYSIZE(pbData);
        DWORD dwBlobRefSize = ARRAYSIZE(pbBlobRef);
        BOOL bStatus;
        CONTAINER_INFO  ContainerInfo;
        PRSAPUBLICKEYBLOB pBlob, pBlobRef;
        DWORD dwAglLen, dwSize, dwIndex;
        __try
        {
                 if (!pCardData)
                {
                        dwReturn = SCARD_E_COMM_DATA_LOST;
                        __leave;
                }
                bStatus = CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, 0);
                if (!bStatus) 
                {
                        dwReturn = GetLastError();
                        if (dwReturn == NTE_BAD_KEYSET)
                        {
                                bStatus = CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET);
                        }
                        if (!bStatus) 
                        {
                                dwReturn = GetLastError();
                                __leave;
                        }
                }
                bStatus = CryptGenKey(hProv, AT_SIGNATURE, CRYPT_EXPORTABLE, &hKey);
                if (!bStatus) 
                {
                        dwReturn = GetLastError();
                        __leave;
                }
                bStatus = CryptExportKey(hKey,  NULL, PRIVATEKEYBLOB, 0, pbData, &dwDataSize);
                if (!bStatus) 
                {
                        dwReturn = GetLastError();
                        __leave;
                }
                memcpy(pbDataControl, pbData, ARRAYSIZE(pbData));
                dwSize = sizeof(DWORD);
                bStatus = CryptGetKeyParam(hKey, KP_KEYLEN, (PBYTE) &dwAglLen,&dwSize , 0);

                for(dwIndex = 0; dwIndex < 3; dwIndex++)
                {
                        switch(dwIndex)
                        {
                        case 0: //Signature,
                                dwKeySpec = AT_SIGNATURE;
                                PinId = ROLE_USER;
                                break;
                        case 1: //Authentication,
                                dwKeySpec = AT_SIGNATURE;
                                PinId = 3;
                                break;
                        case 2: // Confidentiality,
                                dwKeySpec = AT_KEYEXCHANGE;
                                PinId = 4;
                                break;
                        default:
                                dwReturn = SCARD_E_UNEXPECTED;
                                __leave;
                        }

                        dwReturn = pCardData->pfnCardCreateContainerEx(pCardData, (BYTE) dwIndex, 
                                                                                                CARD_CREATE_CONTAINER_KEY_IMPORT, 
                                                                                                dwKeySpec, dwAglLen, pbData, PinId);
                        if (dwReturn)
                        {
                                __leave;
                        }
                        // check if the buffer has been altered
                        if (memcmp(pbDataControl,pbData, ARRAYSIZE(pbData)) != 0)
                        {
                                dwReturn = SCARD_E_UNEXPECTED;
                                __leave;
                        }

                        memset(&ContainerInfo,0,sizeof(CONTAINER_INFO));
                        ContainerInfo.dwVersion = 0;
                        dwReturn = pCardData->pfnCardGetContainerInfo(pCardData, (BYTE) dwIndex, 0, &ContainerInfo);
                        if (dwReturn)
                        {
                                __leave;
                        }
                        bStatus = CryptExportKey(hKey,  NULL, PUBLICKEYBLOB, 0, pbBlobRef, &dwBlobRefSize);
                        if (!bStatus) 
                        {
                                dwReturn = GetLastError();
                                __leave;
                        }
                        pBlobRef = (PRSAPUBLICKEYBLOB) pbBlobRef;
                        pBlob = (PRSAPUBLICKEYBLOB) (dwKeySpec==AT_SIGNATURE ? ContainerInfo.pbSigPublicKey : ContainerInfo.pbKeyExPublicKey);
                        //if (memcmp(pBlobRef, pBlob, ContainerInfo.cbSigPublicKey) != 0)
                        for (DWORD dwI = 0; dwI < pBlobRef->rsapubkey.bitlen / 8; dwI++)
                        {
                                if ( pBlobRef->modulus[dwI] != pBlob->modulus[dwI])
                                {
                                        dwReturn = SCARD_E_UNEXPECTED;
                                        __leave;
                                }
                        }
                }
                dwReturn = 0;

        }
        __finally
        {
                if (hKey)
                        CryptDestroyKey(hKey);
                //CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_DELETEKEYSET);
                if (hProv)
                        CryptReleaseContext(hProv,0);
        }
        return dwReturn;
}
1	/* OpenPGP Smart Card Mini Driver
2	Copyright (C) 2009 Vincent Le Toux
3
4	This library is Free software; you can redistribute it and/or
5	modify it under the terms of the GNU Lesser General Public
6	License version 2.1 as published by the Free Software Foundation.
7
8	This library is distributed in the hope that it will be useful,
9	but WITHOUT ANY WARRANTY; without even the implied warranty of
10	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11	Lesser General Public License for more details.
12
13	You should have received a copy of the GNU Lesser General Public
14	License along with this library; if not, write to the Free Software
15	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16	*/
17
18	#include <windows.h>
19	#include <tchar.h>
20	#include <cardmod.h>
21	#include "global.h"
22
23	DWORD GenerateNewKey(DWORD dwIndex)
24	{
25	DWORD dwReturn, dwKeySpec;
26	PIN_ID PinId;
27	__try
28	{
29	if (!pCardData)
30	{
31	dwReturn = SCARD_E_COMM_DATA_LOST;
32	__leave;
33	}
34	switch(dwIndex)
35	{
36	case 0: //Signature,
37	dwKeySpec = AT_SIGNATURE;
38	PinId = ROLE_USER;
39	break;
40	case 1: //Authentication,
41	dwKeySpec = AT_SIGNATURE;
42	PinId = 3;
43	break;
44	case 2: // Confidentiality,
45	dwKeySpec = AT_KEYEXCHANGE;
46	PinId = 4;
47	break;
48	default:
49	dwReturn = SCARD_E_UNEXPECTED;
50	__leave;
51	}
52	dwReturn = pCardData->pfnCardCreateContainerEx(pCardData, (BYTE) dwIndex,
53	CARD_CREATE_CONTAINER_KEY_GEN,
54	dwKeySpec, 1024, NULL, PinId);
55	}
56	__finally
57	{
58	}
59	return dwReturn;
60	}
61
62	#pragma pack(push,1)
63	typedef struct _RSAPUBLICKEYBLOB
64	{
65	BLOBHEADER blobheader;
66	RSAPUBKEY rsapubkey;
67	BYTE modulus[sizeof(DWORD)];
68	} RSAPUBLICKEYBLOB, *PRSAPUBLICKEYBLOB;
69	#pragma pack(pop)
70
71	DWORD ImportKey(DWORD dwIndex)
72	{
73	DWORD dwReturn, dwKeySpec;
74	PIN_ID PinId;
75	HCRYPTPROV hProv = NULL;
76	HCRYPTKEY hKey = NULL;
77	TCHAR szContainerName[] = OPENPGP_TEST_CONTAINER;
78	BYTE pbData[4096];
79	BYTE pbDataControl[4096];
80	BYTE pbBlobRef[4096];
81	DWORD dwDataSize = ARRAYSIZE(pbData);
82	DWORD dwBlobRefSize = ARRAYSIZE(pbBlobRef);
83	BOOL bStatus;
84	CONTAINER_INFO ContainerInfo;
85	PRSAPUBLICKEYBLOB pBlob, pBlobRef;
86	DWORD dwAglLen, dwSize;
87	__try
88	{
89	if (!pCardData)
90	{
91	dwReturn = SCARD_E_COMM_DATA_LOST;
92	__leave;
93	}
94	switch(dwIndex)
95	{
96	case 0: //Signature,
97	dwKeySpec = AT_SIGNATURE;
98	PinId = ROLE_USER;
99	break;
100	case 1: //Authentication,
101	dwKeySpec = AT_SIGNATURE;
102	PinId = 3;
103	break;
104	case 2: // Confidentiality,
105	dwKeySpec = AT_KEYEXCHANGE;
106	PinId = 4;
107	break;
108	default:
109	dwReturn = SCARD_E_UNEXPECTED;
110	__leave;
111	}
112	bStatus = CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, 0);
113	if (!bStatus)
114	{
115	dwReturn = GetLastError();
116	if (dwReturn == NTE_BAD_KEYSET)
117	{
118	bStatus = CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET);
119	}
120	if (!bStatus)
121	{
122	dwReturn = GetLastError();
123	__leave;
124	}
125	}
126	bStatus = CryptGenKey(hProv, dwKeySpec, CRYPT_EXPORTABLE, &hKey);
127	if (!bStatus)
128	{
129	dwReturn = GetLastError();
130	__leave;
131	}
132	bStatus = CryptExportKey(hKey, NULL, PRIVATEKEYBLOB, 0, pbData, &dwDataSize);
133	if (!bStatus)
134	{
135	dwReturn = GetLastError();
136	__leave;
137	}
138	memcpy(pbDataControl, pbData, ARRAYSIZE(pbData));
139	dwSize = sizeof(DWORD);
140	bStatus = CryptGetKeyParam(hKey, KP_KEYLEN, (PBYTE) &dwAglLen,&dwSize , 0);
141	dwReturn = pCardData->pfnCardCreateContainerEx(pCardData, (BYTE) dwIndex,
142	CARD_CREATE_CONTAINER_KEY_IMPORT,
143	dwKeySpec, dwAglLen, pbData, PinId);
144	if (dwReturn)
145	{
146	__leave;
147	}
148	// check if the buffer has been altered
149	if (memcmp(pbDataControl,pbData, ARRAYSIZE(pbData)) != 0)
150	{
151	dwReturn = SCARD_E_UNEXPECTED;
152	__leave;
153	}
154
155	memset(&ContainerInfo,0,sizeof(CONTAINER_INFO));
156	ContainerInfo.dwVersion = 0;
157	dwReturn = pCardData->pfnCardGetContainerInfo(pCardData, (BYTE) dwIndex, 0, &ContainerInfo);
158	if (dwReturn)
159	{
160	__leave;
161	}
162	bStatus = CryptExportKey(hKey, NULL, PUBLICKEYBLOB, 0, pbBlobRef, &dwBlobRefSize);
163	if (!bStatus)
164	{
165	dwReturn = GetLastError();
166	__leave;
167	}
168	pBlobRef = (PRSAPUBLICKEYBLOB) pbBlobRef;
169	pBlob = (PRSAPUBLICKEYBLOB) (dwKeySpec==AT_SIGNATURE ? ContainerInfo.pbSigPublicKey : ContainerInfo.pbKeyExPublicKey);
170	//if (memcmp(pBlobRef, pBlob, ContainerInfo.cbSigPublicKey) != 0)
171	for (DWORD dwI = 0; dwI < pBlobRef->rsapubkey.bitlen / 8; dwI++)
172	{
173	if ( pBlobRef->modulus[dwI] != pBlob->modulus[dwI])
174	{
175	dwReturn = SCARD_E_UNEXPECTED;
176	__leave;
177	}
178	}
179	dwReturn = 0;
180
181	}
182	__finally
183	{
184	if (hKey)
185	CryptDestroyKey(hKey);
186	//CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_DELETEKEYSET);
187	if (hProv)
188	CryptReleaseContext(hProv,0);
189	}
190	return dwReturn;
191	}
192
193	DWORD SetTheSameKeyForAllContainers()
194	{
195	DWORD dwReturn, dwKeySpec;
196	PIN_ID PinId;
197	HCRYPTPROV hProv = NULL;
198	HCRYPTKEY hKey = NULL;
199	TCHAR szContainerName[] = OPENPGP_TEST_CONTAINER;
200	BYTE pbData[4096];
201	BYTE pbDataControl[4096];
202	BYTE pbBlobRef[4096];
203	DWORD dwDataSize = ARRAYSIZE(pbData);
204	DWORD dwBlobRefSize = ARRAYSIZE(pbBlobRef);
205	BOOL bStatus;
206	CONTAINER_INFO ContainerInfo;
207	PRSAPUBLICKEYBLOB pBlob, pBlobRef;
208	DWORD dwAglLen, dwSize, dwIndex;
209	__try
210	{
211	if (!pCardData)
212	{
213	dwReturn = SCARD_E_COMM_DATA_LOST;
214	__leave;
215	}
216	bStatus = CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, 0);
217	if (!bStatus)
218	{
219	dwReturn = GetLastError();
220	if (dwReturn == NTE_BAD_KEYSET)
221	{
222	bStatus = CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET);
223	}
224	if (!bStatus)
225	{
226	dwReturn = GetLastError();
227	__leave;
228	}
229	}
230	bStatus = CryptGenKey(hProv, AT_SIGNATURE, CRYPT_EXPORTABLE, &hKey);
231	if (!bStatus)
232	{
233	dwReturn = GetLastError();
234	__leave;
235	}
236	bStatus = CryptExportKey(hKey, NULL, PRIVATEKEYBLOB, 0, pbData, &dwDataSize);
237	if (!bStatus)
238	{
239	dwReturn = GetLastError();
240	__leave;
241	}
242	memcpy(pbDataControl, pbData, ARRAYSIZE(pbData));
243	dwSize = sizeof(DWORD);
244	bStatus = CryptGetKeyParam(hKey, KP_KEYLEN, (PBYTE) &dwAglLen,&dwSize , 0);
245
246	for(dwIndex = 0; dwIndex < 3; dwIndex++)
247	{
248	switch(dwIndex)
249	{
250	case 0: //Signature,
251	dwKeySpec = AT_SIGNATURE;
252	PinId = ROLE_USER;
253	break;
254	case 1: //Authentication,
255	dwKeySpec = AT_SIGNATURE;
256	PinId = 3;
257	break;
258	case 2: // Confidentiality,
259	dwKeySpec = AT_KEYEXCHANGE;
260	PinId = 4;
261	break;
262	default:
263	dwReturn = SCARD_E_UNEXPECTED;
264	__leave;
265	}
266
267	dwReturn = pCardData->pfnCardCreateContainerEx(pCardData, (BYTE) dwIndex,
268	CARD_CREATE_CONTAINER_KEY_IMPORT,
269	dwKeySpec, dwAglLen, pbData, PinId);
270	if (dwReturn)
271	{
272	__leave;
273	}
274	// check if the buffer has been altered
275	if (memcmp(pbDataControl,pbData, ARRAYSIZE(pbData)) != 0)
276	{
277	dwReturn = SCARD_E_UNEXPECTED;
278	__leave;
279	}
280
281	memset(&ContainerInfo,0,sizeof(CONTAINER_INFO));
282	ContainerInfo.dwVersion = 0;
283	dwReturn = pCardData->pfnCardGetContainerInfo(pCardData, (BYTE) dwIndex, 0, &ContainerInfo);
284	if (dwReturn)
285	{
286	__leave;
287	}
288	bStatus = CryptExportKey(hKey, NULL, PUBLICKEYBLOB, 0, pbBlobRef, &dwBlobRefSize);
289	if (!bStatus)
290	{
291	dwReturn = GetLastError();
292	__leave;
293	}
294	pBlobRef = (PRSAPUBLICKEYBLOB) pbBlobRef;
295	pBlob = (PRSAPUBLICKEYBLOB) (dwKeySpec==AT_SIGNATURE ? ContainerInfo.pbSigPublicKey : ContainerInfo.pbKeyExPublicKey);
296	//if (memcmp(pBlobRef, pBlob, ContainerInfo.cbSigPublicKey) != 0)
297	for (DWORD dwI = 0; dwI < pBlobRef->rsapubkey.bitlen / 8; dwI++)
298	{
299	if ( pBlobRef->modulus[dwI] != pBlob->modulus[dwI])
300	{
301	dwReturn = SCARD_E_UNEXPECTED;
302	__leave;
303	}
304	}
305	}
306	dwReturn = 0;
307
308	}
309	__finally
310	{
311	if (hKey)
312	CryptDestroyKey(hKey);
313	//CryptAcquireContext(&hProv, szContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_DELETEKEYSET);
314	if (hProv)
315	CryptReleaseContext(hProv,0);
316	}
317	return dwReturn;
318	}