Файловый архив студентов. Файловый архив студентов.
1313 вуза, 5303 предмета.
/ Регистрация
FAQ Обратная связь Вопросы и предложения
Добавил:
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз:
Томский Государственный Университет Систем Управления и Радиоэлектроники
Предмет:
Программно-аппаратные средства защиты информации
Файл:
ПАСЗИ 5.docx
Скачиваний:
5
Добавлен:
22.03.2025
Размер:
1.13 Mб
Скачать
►Содержание►

Заключение

В ходе выполнения лабораторной работы было произведено ознакомление с типами объектов, которые позволяет хранить и использовать eToken, и получены навыки осуществлять операции, связанные с чтением, записью, удалением и поиском объектов на eToken.

Приложение 1

#include "stdlib.h"

#include "stdio.h"

#include "include\eTPkcs11.h"

#include <windows.h>

#include "base64.h"

using namespace std;

void init();

void leave(const char*);

//Глобальные переменные

CK_FUNCTION_LIST_PTR pFunctionList=NULL;

CK_C_GetFunctionList pGFL = 0;

bool wasInit = false;

void init()

{

// Загружаем dll

HINSTANCE hLib = LoadLibraryA("etpkcs11.DLL");

if (hLib == NULL)

{

leave ("Cannot load DLL.");

}

// Ищем точку входа для C_GetFunctionList

(FARPROC&)pGFL= GetProcAddress(hLib, "C_GetFunctionList");

if (pGFL == NULL)

{

leave ("Cannot find GetFunctionList().");

}

//Берем список функций

if (CKR_OK != pGFL(&pFunctionList))

{

leave ("Can't get function list. \n");

}

// Инициализируем библиотеку PKCS#11

//

if (CKR_OK != pFunctionList->C_Initialize (0))

{

leave ("C_Initialize failed...\n");

}

wasInit = true;

}

static void leave(const char * message)

{

if (message) printf("%s ", message);

if(wasInit)

{

// Закрываем библиотеку PKCS#11

if (CKR_OK != pFunctionList->C_Finalize(0))

{

printf ("C_Finalize failed...\n");

}

wasInit = false;

}

exit(message ? -1 : 0 );

}

static CK_ULONG GetFirstSlotId()

{

CK_ULONG slotID = -1;

CK_ULONG ulCount = 0;

CK_SLOT_ID_PTR pSlotIDs = NULL_PTR;

CK_ULONG i;

if (pFunctionList->C_GetSlotList(TRUE,NULL_PTR,&ulCount) == CKR_OK)

{

if (ulCount > 0)

{

pSlotIDs = new CK_SLOT_ID[ulCount];

if ((pFunctionList->C_GetSlotList(TRUE,pSlotIDs,&ulCount)) == CKR_OK)

{

for (i=0;i < ulCount;i++)

{

CK_SLOT_INFO info;

if ((pFunctionList->C_GetSlotInfo(pSlotIDs[i],&info)) == CKR_OK)

{

if (info.flags & (CKF_HW_SLOT | CKF_TOKEN_PRESENT))

{

slotID = pSlotIDs[i];

break;

}

}

}

}

}

}

if (pSlotIDs)

{

delete[] pSlotIDs;

pSlotIDs = NULL_PTR;

}

return slotID;

}

static void GetPKBlob(CK_BYTE_PTR pk, int pkSize, CK_BYTE_PTR* subject, int* subjectSize)

{

unsigned int i,size=0,count=0;

unsigned char* current = pk;

unsigned char* start;

unsigned char* end;

*subject = NULL;

*subjectSize = 0;

//находим начало base64 данных

while (current[0] !='-') *current++;

while (current[0] =='-') *current++;

while (current[0] !='-') *current++;

while (current[0] =='-') *current++;

start = ++current;

while (current[0] !='-')

{

if ((current[0] =='\n') || (current[0] =='-')) count++;

*current++;

}

end = current;

size = (int)(end-start)-count;

//создаем новый массив, без мешуры

BYTE *newbyte = new BYTE[size];

current=start;

for (i=0;i<size;i++)

{

if (current[0] =='\n') *current++;

newbyte[i]=(BYTE)current[0];

*current++;

}

*subject = base64_decode((char*)newbyte,size, (unsigned int*)subjectSize);

}

static bool ParseRSAPrivateKey(BYTE* key) {

if (key[0] != 0x30) return false; //неверный формат‚

BYTE *modulus, *pubE, *privE, *p1, *p2, *e1, *e2, *coeff; ; //Компоненты закр. ключа

int modulusL, pubEL, privEL, p1L, p2L, e1L, e2L, coeffL; // длины компонентов

int cur = 0;

while ((key[cur] != 0x02) || ((key[cur + 1] != 0x81) && (key[cur + 1] != 0x82))) {

cur++;

}

cur++;

if (key[cur] ==0x81) {modulusL = key[cur+1]; modulus=key+cur+2; if (key[cur+2]==0)

{modulusL--; modulus++; cur++;} cur = cur+2+modulusL;}

if (key[cur] ==0x82) {modulusL = key[cur+1]<<8|key[cur+2]; modulus=key+cur+3;

if (key[cur+3]==0) {modulusL--; modulus++; cur++;} cur = cur+3+modulusL;}

if (key[cur] !=0x02) return false; cur++;

pubEL = key[cur]; pubE=key+cur+1; cur = cur+1+pubEL;

if (key[cur] !=0x02) return false; cur++;

if (key[cur] ==0x81) {privEL = key[cur+1]; privE=key+cur+2;

if (key[cur+2]==0) {privEL--; privE++; cur++;} cur = cur+2+privEL;}

if (key[cur] ==0x82) {privEL = key[cur+1]<<8|key[cur+2]; privE=key+cur+3;

if (key[cur+3]==0) {privEL--; privE++; cur++;} cur = cur+3+privEL;}

if (key[cur] !=0x02) return false; cur++;

if ((key[cur] ==0x81)||(key[cur] ==0x80)) cur++;

p1L = key[cur]; p1=key+cur+1; if (key[cur+1]==0) {p1L--; p1++; cur++;} cur = cur+1+p1L;

if (key[cur] !=0x02) return false; cur++;

if ((key[cur] ==0x81)||(key[cur] ==0x80)) cur++;

p2L = key[cur]; p2=key+cur+1; if (key[cur+1]==0) {p2L--; p2++; cur++;} cur = cur+1+p2L;

if (key[cur] !=0x02) return false; cur++;

if ((key[cur] ==0x81)||(key[cur] ==0x80)) cur++;

e1L = key[cur]; e1=key+cur+1; if (key[cur+1]==0) {e1L--; e1++; cur++;} cur = cur+1+e1L;

if (key[cur] !=0x02) return false; cur++;

if ((key[cur] ==0x81)||(key[cur] ==0x80)) cur++;

e2L = key[cur]; e2=key+cur+1; if (key[cur+1]==0) {e2L--; e2++; cur++;} cur = cur+1+e2L;

if (key[cur] !=0x02) return false; cur++;

if ((key[cur] ==0x81)||(key[cur] ==0x80)) cur++;

coeffL = key[cur]; coeff=key+cur+1; if (key[cur+1]==0) {coeffL--; coeff++;}

}

static bool ReadPKFromFile(const char* fileName, CK_BYTE_PTR* pkfile, DWORD* pkfileSize)

{

HANDLE hFile;

hFile = CreateFileA(fileName, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);

*pkfileSize = GetFileSize(hFile, NULL);

*pkfile = new byte[*pkfileSize];

DWORD n;

bool nFile;

nFile = ReadFile(hFile, *pkfile, *pkfileSize, &n, NULL);

return nFile;

}

static bool CreatePKFromBlob(CK_SESSION_HANDLE hSession, CK_BYTE_PTR key, int keySize)

{

CK_OBJECT_CLASS privateKeyClass = CKO_PRIVATE_KEY;

CK_BBOOL isToken = CK_TRUE;

CK_KEY_TYPE keyType = CKK_RSA;

CK_BYTE_PTR modulus = NULL;

CK_BYTE_PTR publicExponent = NULL;

CK_BYTE_PTR privateExponent = NULL;

CK_BYTE_PTR prime1 = NULL;

CK_BYTE_PTR prime2 = NULL;

CK_BYTE_PTR exponent1 = NULL;

CK_BYTE_PTR exponent2 = NULL;

CK_BYTE_PTR coefficient = NULL;

modulus = key;

publicExponent = key + sizeof(CK_BYTE) * 256;

privateExponent = key + sizeof(CK_BYTE) * 512;

prime1 = key + sizeof(CK_BYTE) * 768;

prime2 = key + sizeof(CK_BYTE) * 1024;

exponent1 = key + sizeof(CK_BYTE) * 1280;

exponent2 = key + sizeof(CK_BYTE) * 1536;

coefficient = key + sizeof(CK_BYTE) * 1792;

// Атрибуты ключа

CK_ATTRIBUTE privateKeyTemplate[] = {

{CKA_CLASS, &privateKeyClass, sizeof(privateKeyClass)},

{CKA_TOKEN, &isToken, sizeof(isToken)},

{CKA_KEY_TYPE, &keyType, sizeof(keyType)},

{CKA_MODULUS, modulus, 256}, //

{CKA_PUBLIC_EXPONENT, publicExponent, 3}, //

{CKA_PRIVATE_EXPONENT, privateExponent, 256},

{CKA_PRIME_1, prime1, 128}, //

{CKA_PRIME_2, prime2, 128}, //

{CKA_EXPONENT_1, exponent1, 128}, //

{CKA_EXPONENT_2, exponent2, 128}, //

{CKA_COEFFICIENT, coefficient, 128} //

};

CK_OBJECT_HANDLE hKey;

CK_RV rv;

// Создание на токене ключ

rv = pFunctionList->C_CreateObject(hSession, privateKeyTemplate, sizeof(privateKeyTemplate) / sizeof(CK_ATTRIBUTE), &hKey);

if (rv != CKR_OK) {

return false;

}

return true;

}

static void ImportPrivateKey(const char* fileName, const char* password)

{

CK_BYTE_PTR pkfile = NULL;

DWORD pkfileSize;

CK_BYTE_PTR subject = NULL;

int subjSize;

CK_SESSION_HANDLE hSession;

pFunctionList -> C_OpenSession(GetFirstSlotId(), CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL, NULL, &hSession);

// login to token

pFunctionList -> C_Login(hSession, CKU_USER, (LPBYTE)password, strlen(password));

// Read the pem file

if (ReadPKFromFile(fileName, &pkfile, &pkfileSize)) printf("Success\n"); else printf("error Cant read\n");

// decode base64 and extract the private key blob

GetPKBlob((unsigned char*)pkfile, pkfileSize, &subject, &subjSize);

// Find connected token

ParseRSAPrivateKey(pkfile);

// Import the private key to the token

if(CreatePKFromBlob(hSession, pkfile, pkfileSize)) printf("Success\n"); else printf("error Not imported\n");

// Close session

pFunctionList -> C_Logout(hSession);

pFunctionList -> C_CloseSession(hSession);

if (pkfile)

{

delete[] pkfile;

}

}

static bool CreateFileFromBlob(CK_SESSION_HANDLE hSession, CK_BYTE_PTR file, int fileSize, const char* label)

{

CK_OBJECT_CLASS classAttr = CKO_DATA;

CK_BBOOL trueVal = CK_TRUE;

CK_OBJECT_HANDLE hObject;

CK_ATTRIBUTE templateArray[] =

{

{CKA_CLASS, &classAttr, sizeof(classAttr)},

{CKA_TOKEN, &trueVal, sizeof(trueVal)},

{CKA_VALUE, file, fileSize},

{CKA_LABEL, (void*)label, sizeof(label)},

{CKA_APPLICATION, NULL, NULL},

};

int sizeOfTemplate = sizeof(templateArray) / sizeof(CK_ATTRIBUTE);

CK_RV rv = pFunctionList->C_CreateObject(hSession, templateArray, sizeOfTemplate, &hObject);

if (rv)

{

return false;

}

return true;

}

static void ImportFile(const char* fileName,const char* label, const char* password)

{

CK_BYTE_PTR file = NULL;

DWORD fileSize;

// Read the file

ReadPKFromFile(fileName, &file, &fileSize);

// Find connected token

CK_SESSION_HANDLE hSession;

pFunctionList -> C_OpenSession(GetFirstSlotId(), CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL, NULL, &hSession);

// login to token

pFunctionList -> C_Login(hSession, CKU_USER, (LPBYTE)password, strlen(password));

// Import file to the token

if(CreateFileFromBlob(hSession, file, fileSize, label)) printf("Successful imropd\n"); else printf("error File not imported\n");

// Close session

pFunctionList -> C_Logout(hSession);

pFunctionList -> C_CloseSession(hSession);

if (file) {

delete[] file;

}

}

static void ReadLabel(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hLabel, CK_BYTE_PTR* label, DWORD* labelSize)

{

CK_ATTRIBUTE ValueTemplate = {CKA_LABEL, NULL, 0};

int rv = pFunctionList->C_GetAttributeValue(hSession, hLabel, &ValueTemplate, 1);

if (rv) leave( "Cannot read data from the eToken");

*labelSize = ValueTemplate.ulValueLen;

*label = new BYTE[*labelSize];

ValueTemplate.pValue = *label;

rv = pFunctionList->C_GetAttributeValue(hSession, hLabel, &ValueTemplate, 1);

if (rv) leave( "Cannot read data from the eToken");

}

static bool ExportFileFromBlob(CK_SESSION_HANDLE hSession, CK_BYTE_PTR* file, DWORD* fileSize)

{

CK_OBJECT_CLASS classAttr = CKO_DATA;

CK_BBOOL trueVal = CK_TRUE;

CK_ATTRIBUTE Template[] =

{

{CKA_CLASS, &classAttr, sizeof(classAttr)},

{CKA_TOKEN, &trueVal, sizeof(trueVal)},

};

int sizeOfTemplate = sizeof(Template) / sizeof(CK_ATTRIBUTE);

int rv = pFunctionList->C_FindObjectsInit(hSession, Template, sizeOfTemplate);

if (rv) leave("Cannot find data");

CK_OBJECT_HANDLE ObjList[10];

CK_ULONG nObjCount;

HANDLE hFile;

pFunctionList->C_FindObjects(hSession, ObjList, sizeof(ObjList), &nObjCount);

char path[124] = "";

for (int i = 0; i < nObjCount; i++)

{

CK_BYTE_PTR label = NULL;

DWORD labelsize;

char choice[124];

ReadLabel(hSession, ObjList[i], &label, &labelsize);

printf("Choose object %s %s", label, " y/n ?");

gets(choice);

if (choice[0] == 'y')

{

ReadLabel(hSession, ObjList[i], file, fileSize);

printf("\nChoose path: \n");

char path4 [100]="D:\\gdfjghlkdf.txt";

//gets(path);

hFile = CreateFileA(path4, GENERIC_WRITE, 0, NULL, OPEN_ALWAYS, 0, NULL);

WriteFile(hFile, *file, *fileSize, 0, NULL);

}

}

return true;

}

static void ExportFile(const char* fileName,const char* password)

{

CK_BYTE_PTR file = NULL;

DWORD fileSize;

// Find connected token

CK_SESSION_HANDLE hSession;

pFunctionList -> C_OpenSession(GetFirstSlotId(), CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL, NULL, &hSession);

// login to token

pFunctionList -> C_Login(hSession, CKU_USER, (LPBYTE)password, strlen(password));

// Read file from the token

if (ExportFileFromBlob(hSession, &file, &fileSize)) printf("Successful export\n"); else printf("error File not exported\n");

// Save the file

// Close session

pFunctionList -> C_Logout(hSession);

pFunctionList -> C_CloseSession(hSession);

if (file) {

delete[] file;

}

}

static void DeleteData(const char* password)

{

// Find connected token

CK_SESSION_HANDLE hSession;

pFunctionList -> C_OpenSession(GetFirstSlotId(), CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL, NULL, &hSession);

// login to token

pFunctionList -> C_Login(hSession, CKU_USER, (LPBYTE)password, strlen(password));

// read data and delete selected

CK_OBJECT_CLASS classAttr = CKO_DATA;

CK_BBOOL trueVal = CK_TRUE;

CK_ATTRIBUTE Template[] =

{

{CKA_CLASS, &classAttr, sizeof(classAttr)},

{CKA_TOKEN, &trueVal, sizeof(trueVal)},

};

int sizeOfTemplate = sizeof(Template) / sizeof(CK_ATTRIBUTE);

int rv = pFunctionList->C_FindObjectsInit(hSession, Template, sizeOfTemplate);

if (rv) leave("Cannot find data");

CK_OBJECT_HANDLE ObjList[10];

CK_ULONG nObjCount;

HANDLE hFile;

pFunctionList->C_FindObjects(hSession, ObjList, sizeof(ObjList), &nObjCount);

for (int i = 0; i < nObjCount; i++)

{

CK_BYTE_PTR label = NULL;

DWORD labelsize;

char choice[124];

ReadLabel(hSession, ObjList[i], &label, &labelsize);

printf("Choose object %s %s", label, " y/n ?");

gets(choice);

if (choice[0] == 'y')

{

pFunctionList -> C_DestroyObject(hSession, ObjList[i]);

}

}

// Close session

pFunctionList -> C_Logout(hSession);

pFunctionList -> C_CloseSession(hSession);

}

int main()

{

init();

char path[100];

char pass[20];

const char* PIN = "12345";

printf("Load private key(1) or load file to eToken(2) or read file from eToken(3) or delete file from eToken(4)\n");

gets(path);

switch (path[0]) {

case '1':

{

printf("Enter path to pem file\n");

gets(path);

ImportPrivateKey(path, PIN);

printf("Private Key importd\n");

break;

}

case '2':

{

printf("Enter path to file\n");

gets(path);

char label[20];

printf("Enter label\n");

gets(label);

ImportFile(path, label, PIN);

printf("File imported\n");

break;

}

case '3':

{

printf("Enter path to new file\n");

gets(path);

ExportFile(path,PIN);

printf("File readed\n");

break;

}

case '4':

{

DeleteData(PIN);

printf("File deleted\n");

break;

}

}

getchar();

leave(NULL);

return 0;

}

Томск 2025

Соседние файлы в предмете Программно-аппаратные средства защиты информации
Помощь Обратная связь Вопросы и предложения Пользовательское соглашение Политика конфиденциальности