- Timestamp:
- Jun 5, 2017, 1:22:15 PM (7 years ago)
- Branches:
- master
- Children:
- ce57b45
- Parents:
- 0f7c727
- Location:
- signHash
- Files:
-
- 2 added
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
signHash/Makefile
r0f7c727 rf626f58 15 15 DEFINES = -DQT_CORE_LIB 16 16 CFLAGS = -pipe -g -Wall -W -D_REENTRANT -fPIC $(DEFINES) 17 CXXFLAGS = -pipe -g - Wall -W -D_REENTRANT -fPIC $(DEFINES)17 CXXFLAGS = -pipe -g -std=c++0x -Wall -W -D_REENTRANT -fPIC $(DEFINES) 18 18 INCPATH = -I. -I/usr/include -Iinclude -I/home/aaraujo/Qt/5.5/gcc_64/include -I/home/aaraujo/Qt/5.5/gcc_64/include/QtCore -I. -I/home/aaraujo/Qt/5.5/gcc_64/mkspecs/linux-g++ 19 19 QMAKE = /home/aaraujo/Qt/5.5/gcc_64/bin/qmake … … 50 50 51 51 SOURCES = main.cpp \ 52 cryptotoken.cpp 52 cryptotoken.cpp \ 53 binaryutils.cpp 53 54 OBJECTS = main.o \ 54 cryptotoken.o 55 cryptotoken.o \ 56 binaryutils.o 55 57 DIST = /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/spec_pre.prf \ 56 58 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/common/unix.conf \ … … 176 178 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/resolve_config.prf \ 177 179 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/default_post.prf \ 180 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/c++11.prf \ 178 181 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/warn_on.prf \ 179 182 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/qt.prf \ … … 185 188 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/yacc.prf \ 186 189 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/lex.prf \ 187 signHash.pro cryptotoken.h main.cpp \ 188 cryptotoken.cpp 190 signHash.pro cryptotoken.h \ 191 binaryutils.h main.cpp \ 192 cryptotoken.cpp \ 193 binaryutils.cpp 189 194 QMAKE_TARGET = signHash 190 195 DESTDIR = #avoid trailing-slash linebreak … … 340 345 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/resolve_config.prf \ 341 346 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/default_post.prf \ 347 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/c++11.prf \ 342 348 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/warn_on.prf \ 343 349 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/qt.prf \ … … 475 481 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/resolve_config.prf: 476 482 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/default_post.prf: 483 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/c++11.prf: 477 484 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/warn_on.prf: 478 485 /home/aaraujo/Qt/5.5/gcc_64/mkspecs/features/qt.prf: … … 500 507 @test -d $(DISTDIR) || mkdir -p $(DISTDIR) 501 508 $(COPY_FILE) --parents $(DIST) $(DISTDIR)/ 502 $(COPY_FILE) --parents cryptotoken.h $(DISTDIR)/503 $(COPY_FILE) --parents main.cpp cryptotoken.cpp $(DISTDIR)/509 $(COPY_FILE) --parents cryptotoken.h binaryutils.h $(DISTDIR)/ 510 $(COPY_FILE) --parents main.cpp cryptotoken.cpp binaryutils.cpp $(DISTDIR)/ 504 511 505 512 … … 610 617 /usr/include/getopt.h \ 611 618 /usr/include/ctype.h \ 619 /home/aaraujo/Qt/5.5/gcc_64/include/QtCore/QByteArray \ 612 620 include/pkcs11.h \ 613 621 cryptotoken.h \ … … 680 688 $(CXX) -c $(CXXFLAGS) $(INCPATH) -o cryptotoken.o cryptotoken.cpp 681 689 690 binaryutils.o: binaryutils.cpp binaryutils.h \ 691 /usr/include/stdio.h \ 692 /usr/include/features.h \ 693 /usr/include/stdc-predef.h \ 694 /usr/include/libio.h \ 695 /usr/include/_G_config.h \ 696 /usr/include/wchar.h \ 697 /usr/include/wctype.h \ 698 /usr/include/endian.h \ 699 /usr/include/xlocale.h \ 700 /usr/include/gconv.h \ 701 /usr/include/getopt.h \ 702 /usr/include/ctype.h 703 $(CXX) -c $(CXXFLAGS) $(INCPATH) -o binaryutils.o binaryutils.cpp 704 682 705 ####### Install 683 706 -
signHash/cryptotoken.cpp
r0f7c727 rf626f58 3 3 #include <assert.h> 4 4 #include <iostream> 5 #include <stdexcept> 6 7 #define BINARY_SHA1_LENGTH 20 8 #define BINARY_SHA224_LENGTH 28 9 #define BINARY_SHA256_LENGTH 32 10 #define BINARY_SHA384_LENGTH 48 11 #define BINARY_SHA512_LENGTH 64 12 5 13 6 14 CryptoToken::CryptoToken() … … 257 265 258 266 // definicion del algoritmo de firma 259 CK_MECHANISM signMechanism = { CKM_ SHA1_RSA_PKCS, NULL_PTR, 0};267 CK_MECHANISM signMechanism = { CKM_RSA_PKCS /*CKM_SHA1_RSA_PKCS*/, 0 /*NULL_PTR*/, 0}; 260 268 261 269 rv = C_SignInit(hSession, &signMechanism, privateKey); … … 305 313 306 314 } 315 316 317 std::vector<unsigned char> CryptoToken::signHash(QString hashToSign, QString pin, QString label) 318 { 319 320 std::vector<unsigned char> hash = fromHex(hashToSign); 321 322 QString error(""); 323 CK_RV rv; 324 325 CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE; 326 CK_SLOT_ID slotID; 327 328 // initialize criptoki 329 rv = C_Initialize(NULL_PTR); 330 if (rv != CKR_OK) 331 { 332 if (rv == CKR_DEVICE_ERROR) 333 { 334 error = returnErrorToQString(rv); 335 qDebug(qPrintable(error)); 336 throw std::runtime_error(qPrintable(error)); 337 } 338 error = returnErrorToQString(rv); 339 qDebug(qPrintable(error)); 340 throw std::runtime_error(qPrintable(error)); 341 } 342 343 hSession = openSession((char *) qPrintable(pin), slotID); 344 if (hSession == CK_INVALID_HANDLE) 345 { 346 qDebug("Fallo ptr_SC->openSession"); 347 rv = C_Finalize(NULL_PTR); 348 qDebug("C_Finalize: rv = %x",rv); 349 assert(rv == CKR_OK); 350 throw std::runtime_error("Error openning a session"); 351 } 352 353 // obtencion de la clave privada para firmar los datos 354 CK_OBJECT_HANDLE privateKey = CK_INVALID_HANDLE; 355 356 //QString label = "New Key aaraujo"; 357 privateKey = getPrivateKey(hSession, slotID, label); 358 359 // https://github.com/open-eid/chrome-token-signing/blob/master/host-shared/PKCS11CardManager.h 360 361 if (privateKey == CK_INVALID_HANDLE) 362 { 363 qDebug("Fallo ptr_SC->getPrivateKey"); 364 rv = C_CloseSession(hSession); 365 qDebug("C_CloseSession: rv = %x",rv); 366 assert(rv == CKR_OK); 367 rv = C_Finalize(NULL_PTR); 368 qDebug("C_Finalize: rv = %x",rv); 369 assert(rv == CKR_OK); 370 throw std::runtime_error("Error finding private key"); 371 } 372 373 CK_MECHANISM mechanism = {CKM_RSA_PKCS, 0, 0}; 374 375 376 rv = C_SignInit(hSession, &mechanism, privateKey); 377 378 if (rv != CKR_OK) { 379 qDebug("C_SignInit: rv = 0x%.8X\n", rv); 380 rv = C_CloseSession(hSession); 381 qDebug ("C_CloseSession: rv = %x",rv); 382 qDebug ("\n"); 383 assert(rv == CKR_OK); 384 rv = C_Finalize(NULL_PTR); 385 qDebug ("C_Finalize: rv = %x",rv); 386 qDebug ("\n"); 387 assert(rv == CKR_OK); 388 throw std::runtime_error("Error C_SignInit"); 389 } 390 391 qDebug("C_SignInit: rv = 0x%.8X\n", rv); 392 qDebug ("\n"); 393 assert(rv==CKR_OK); 394 395 std::vector<unsigned char> hashWithPadding; 396 switch (hash.size()) { 397 case BINARY_SHA1_LENGTH: 398 hashWithPadding = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}; 399 break; 400 case BINARY_SHA224_LENGTH: 401 hashWithPadding = {0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c}; 402 break; 403 case BINARY_SHA256_LENGTH: 404 hashWithPadding = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}; 405 break; 406 case BINARY_SHA384_LENGTH: 407 hashWithPadding = {0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}; 408 break; 409 case BINARY_SHA512_LENGTH: 410 hashWithPadding = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}; 411 break; 412 default: 413 throw std::runtime_error("incorrect digest length, dropping padding"); 414 } 415 hashWithPadding.insert(hashWithPadding.end(), hash.begin(), hash.end()); 416 417 CK_ULONG signatureLength = 0; 418 419 420 rv = C_Sign(hSession, hashWithPadding.data(), hashWithPadding.size(), nullptr, &signatureLength); 421 422 if (rv != CKR_OK) { 423 qDebug("C_Sign: rv = 0x%.8X\n", rv); 424 rv = C_CloseSession(hSession); 425 qDebug ("C_CloseSession: rv = %x",rv); 426 qDebug ("\n"); 427 assert(rv == CKR_OK); 428 rv = C_Finalize(NULL_PTR); 429 qDebug ("C_Finalize: rv = %x",rv); 430 qDebug ("\n"); 431 assert(rv == CKR_OK); 432 throw std::runtime_error("Error C_Sign1"); 433 } 434 435 std::vector<unsigned char> signature(signatureLength, 0); 436 437 rv = C_Sign(hSession, hashWithPadding.data(), hashWithPadding.size(), signature.data(), &signatureLength); 438 439 if (rv != CKR_OK) { 440 qDebug("C_Sign: rv = 0x%.8X\n", rv); 441 rv = C_CloseSession(hSession); 442 qDebug ("C_CloseSession: rv = %x",rv); 443 qDebug ("\n"); 444 assert(rv == CKR_OK); 445 rv = C_Finalize(NULL_PTR); 446 qDebug ("C_Finalize: rv = %x",rv); 447 qDebug ("\n"); 448 assert(rv == CKR_OK); 449 throw std::runtime_error("Error C_Sign2"); 450 } 451 452 453 qDebug("C_Sign: rv = 0x%.8X\n", rv); 454 qDebug ("\n"); 455 assert(rv==CKR_OK); 456 457 closeSession(hSession); 458 459 return signature; 460 461 } 462 307 463 308 464 // slot para obtener informacion del modulo PKCS11 … … 695 851 return x; 696 852 } 853 854 855 QByteArray CryptoToken::toHex(const std::vector<unsigned char> &data) 856 { 857 return QByteArray((const char*)data.data(), data.size()).toHex(); 858 } 859 860 std::vector<unsigned char> CryptoToken::fromHex(const QString &data) 861 { 862 QByteArray bin = QByteArray::fromHex(data.toLatin1()); 863 return std::vector<unsigned char>(bin.constData(), bin.constData() + bin.size()); 864 } -
signHash/cryptotoken.h
r0f7c727 rf626f58 65 65 CK_ULONG someDataLen, CK_BYTE_PTR sign, CK_ULONG_PTR signLen ); 66 66 67 68 /** 69 * @brief Sign a hash. 70 * 71 * @param hashToSign hash to be signed 72 * @param pin pin of cryptographic device 73 * @param label label of the private key stored in the cryptographic device 74 * @return signed hash 75 */ 76 std::vector<unsigned char> signHash(QString hashToSign, QString pin, QString label); 77 67 78 /** 68 79 * @brief Retorna información del modulo PKCS11 … … 78 89 QString returnErrorToQString(CK_RV rv); 79 90 91 92 QByteArray toHex(const std::vector<unsigned char> &data); 93 94 std::vector<unsigned char> fromHex(const QString &data); 80 95 }; 81 96 -
signHash/main.cpp
r0f7c727 rf626f58 4 4 #include <iostream> 5 5 #include <stdio.h> 6 #include <QByteArray> 6 7 7 8 #include "pkcs11.h" … … 40 41 41 42 43 int main(int argc, char *argv[]) 44 { 45 QCoreApplication a(argc, argv); 46 47 qDebug("hola mundo"); 48 49 CryptoToken* ct = new CryptoToken(); 50 51 // pin 52 QString pin("123456"); 53 54 // label of the private key 55 QString label = "New Key aaraujo"; 56 57 // hash 58 QString hash("cdbc23b0c23e164225acd0dbf8afecc420ca61ded483a0a43d88d4a76916cc04"); 59 60 // result 61 std::vector<unsigned char> result = ct->signHash(hash, pin, label); 62 63 qDebug(ct->toHex(result)); 64 65 // check the signature 66 assert(ct->toHex(result) == "6cea780ecd21141bfe460d4fd2172f52366c8e357303e9914310f1553951876f2b3d6127571f645b52b8148dfc9f6016e851641ff2c6f785dd84186fe82d802982afd2f88951e22f03dc6982600277a1c18faeda0da89a60d2afb4a51a865bbd4fc3871b8516e8a02afe309b626f8aadb53b6543d99e9c4ab5b334634edcd0898171cb6753b2abe00f64303a1398795e25d64f960ea73041b7178ba539f6bc0cedd16b87f366b4e752fbb7ca4e33fddee8b5adf3bc70f5406a3c69ac8ff62d99ff77a7e340ad6e1d18a7b25e8652653dec5b653a07a8bb289dd6ad9fa876094008864bf475e8589a9cefd2240f2f1f537593e3a94ce01fbea90e9f18bbf3783d"); 67 68 69 //return a.exec(); 70 return 0; 71 } 72 73 74 75 /* 42 76 int main(int argc, char *argv[]) 43 77 { … … 99 133 CK_BYTE_PTR sign = new CK_BYTE[slen]; 100 134 101 CK_BYTE hash[64 /*100*/];135 CK_BYTE hash[64]; 102 136 CK_ULONG hashLen = (CK_ULONG) sizeof(hash); 103 137 104 138 // un has recibido del servidor 64 bytes 105 139 // aaf363de5f571c7ae7976ca52891af440d2934a146860c82f0f5672ddc4ee078 140 // cdbc23b0c23e164225acd0dbf8afecc420ca61ded483a0a43d88d4a76916cc04 106 141 107 QString hashInHex(" aaf363de5f571c7ae7976ca52891af440d2934a146860c82f0f5672ddc4ee078");142 QString hashInHex("cdbc23b0c23e164225acd0dbf8afecc420ca61ded483a0a43d88d4a76916cc04"); 108 143 qDebug("longitud de hashInHex: %d", hashInHex.size()); 109 144 … … 138 173 qDebug("valor de la firma en hexadecimal: %s", signatureInHex); 139 174 175 assert(signatureInHex == "6cea780ecd21141bfe460d4fd2172f52366c8e357303e9914310f1553951876f2b3d6127571f645b52b8148dfc9f6016e851641ff2c6f785dd84186fe82d802982afd2f88951e22f03dc6982600277a1c18faeda0da89a60d2afb4a51a865bbd4fc3871b8516e8a02afe309b626f8aadb53b6543d99e9c4ab5b334634edcd0898171cb6753b2abe00f64303a1398795e25d64f960ea73041b7178ba539f6bc0cedd16b87f366b4e752fbb7ca4e33fddee8b5adf3bc70f5406a3c69ac8ff62d99ff77a7e340ad6e1d18a7b25e8652653dec5b653a07a8bb289dd6ad9fa876094008864bf475e8589a9cefd2240f2f1f537593e3a94ce01fbea90e9f18bbf3783d"); 176 177 140 178 qDebug("closeSession..."); 141 179 … … 147 185 } 148 186 187 */ -
signHash/signHash.pro
r0f7c727 rf626f58 10 10 11 11 TARGET = signHash 12 CONFIG += console 12 CONFIG += console\ 13 c++11 13 14 CONFIG -= app_bundle 14 15 … … 16 17 17 18 HEADERS += \ 18 cryptotoken.h 19 cryptotoken.h \ 20 binaryutils.h 19 21 20 22 SOURCES += main.cpp \ 21 cryptotoken.cpp 23 cryptotoken.cpp \ 24 binaryutils.cpp 22 25 23 26 -
signHash/signHash.pro.user
r0f7c727 rf626f58 1 1 <?xml version="1.0" encoding="UTF-8"?> 2 2 <!DOCTYPE QtCreatorProject> 3 <!-- Written by QtCreator 3.2.1, 2017-0 5-08T10:38:52. -->3 <!-- Written by QtCreator 3.2.1, 2017-06-05T13:12:55. --> 4 4 <qtcreator> 5 5 <data> … … 66 66 <value type="int" key="ProjectExplorer.Target.ActiveRunConfiguration">0</value> 67 67 <valuemap type="QVariantMap" key="ProjectExplorer.Target.BuildConfiguration.0"> 68 <value type="QString" key="ProjectExplorer.BuildConfiguration.BuildDirectory">/home/aaraujo/desarrollo/2017/terepaima/s ignHash</value>68 <value type="QString" key="ProjectExplorer.BuildConfiguration.BuildDirectory">/home/aaraujo/desarrollo/2017/terepaima/sources/terepaima/signHash</value> 69 69 <valuemap type="QVariantMap" key="ProjectExplorer.BuildConfiguration.BuildStepList.0"> 70 70 <valuemap type="QVariantMap" key="ProjectExplorer.BuildStepList.Step.0"> … … 236 236 <valuelist type="QVariantList" key="PE.EnvironmentAspect.Changes"/> 237 237 <value type="QString" key="ProjectExplorer.ProjectConfiguration.DefaultDisplayName">signHash</value> 238 <value type="QString" key="ProjectExplorer.ProjectConfiguration.DisplayName"> </value>239 <value type="QString" key="ProjectExplorer.ProjectConfiguration.Id">Qt4ProjectManager.Qt4RunConfiguration:/home/aaraujo/desarrollo/2017/terepaima/s ignHash/signHash.pro</value>238 <value type="QString" key="ProjectExplorer.ProjectConfiguration.DisplayName">signHash2</value> 239 <value type="QString" key="ProjectExplorer.ProjectConfiguration.Id">Qt4ProjectManager.Qt4RunConfiguration:/home/aaraujo/desarrollo/2017/terepaima/sources/terepaima/signHash/signHash.pro</value> 240 240 <value type="QString" key="Qt4ProjectManager.Qt4RunConfiguration.CommandLineArguments"></value> 241 241 <value type="QString" key="Qt4ProjectManager.Qt4RunConfiguration.ProFile">signHash.pro</value>
Note: See TracChangeset
for help on using the changeset viewer.