encryp/decryp with sca6000

Thu Jul 3 03:37:36 PDT 2008

Dear All,

I'd like to make fucntion to encrypt and decrypt with triple des use key local in sca6000.
I tried to code , please see below.

#include <stdio.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/types.h>
#include <security/cryptoki.h>
#include <security/pkcs11.h>

#define BUFFERSIZ    8192

CK_RV rv;
CK_MECHANISM mechanism;
CK_OBJECT_HANDLE hKey;
CK_SESSION_HANDLE hSession;

 mechanism.mechanism = CKM_DES3_CBC_PAD;
 mechanism.pParameter = NULL_PTR;
 mechanism.ulParameterLen = 0;

/* Initialize the CRYPTOKI library */
rv = C_Initialize(NULL_PTR);

if (rv != CKR_OK) {
fprintf(stderr, "C_Initialize: Error = 0x%.8Xn", rv);
exit(1);
}

/* Open a session on the slot found */
rv = C_OpenSession(0, CKF_RW_SESSION+CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR,
    &hSession);

if (rv != CKR_OK) {
fprintf(stderr, "C_OpenSession: rv = 0x%.8Xn", rv);
error = 1;
goto exit_program;
}

/* Login to the Keystore */
strcpy (pin, "userKT:passKT");
rv = C_Login(hSession, CKU_USER, pin, sizeof (pin) );
if (rv != CKR_OK) {
fprintf(stderr, "C_Login: rv = 0x%.8Xn", rv);
                error = 1;
                goto exit_program;
        }

/* I don't know how to use in this section*/
CK_ATTRIBUTE search[] = {
 { CKA_LABEL, label, strlen ((char *) label) },
 { CKA_CLASS, &class, sizeof (class) }
 };

C_FindObjectsInit (handle, search, 2);
C_FindObjects (handle, &key, 1, &count);

hKey = C_FindObjectsFinal (handle);

/* Initialize the encryption operation in the session */
rv = C_EncryptInit(hSession, &mechanism, hKey);

if (rv != CKR_OK) {
fprintf(stderr, "C_EncryptInit: rv = 0x%.8X\n", rv);
error = 1;
goto exit_session;
}

/* Read in the data and encrypt this portion */
pciphertext = &ciphertext[0];
while (!feof(fs) && (ciphertext_space > 0) &&
    (ulDatalen = fread(inbuf, 1, ciphertext_space, fs)) > 0) {
ciphertext_len = ciphertext_space;

/* C_EncryptUpdate is only being sent one byte at a
* time, so we are not checking for CKR_BUFFER_TOO_SMALL.
* Also, we are checking to make sure we do not go
* over the alloted buffer size.  A more robust program
* could incorporate realloc to enlarge the buffer
* dynamically. */
rv = C_EncryptUpdate(hSession, (CK_BYTE_PTR)inbuf, ulDatalen,
    pciphertext, &ciphertext_len);
if (rv != CKR_OK) {
fprintf(stderr, "C_EncryptUpdate: rv = 0x%.8X\n", rv);
error = 1;
goto exit_encrypt;
}
pciphertext += ciphertext_len;
total_encrypted += ciphertext_len;
ciphertext_space -= ciphertext_len;
bytes_read += ulDatalen;
}

if (!feof(fs) || (ciphertext_space < 0)) {
fprintf(stderr, "Insufficient space for encrypting the file\n");
error = 1;
goto exit_encrypt;
}

/* Get the last portion of the encrypted data */
lastpart_len = ciphertext_space;
rv = C_EncryptFinal(hSession, pciphertext, &lastpart_len);
if (rv != CKR_OK) {
fprintf(stderr, "C_EncryptFinal: rv = 0x%.8X\n", rv);
error = 1;
goto exit_encrypt;
}
total_encrypted += lastpart_len;

fprintf(stdout, "%d bytes read and encrypted. Size of the "
    "ciphertext: %d!\n\n", bytes_read, total_encrypted);

/* Print the encryption results */
fprintf(stdout, "The value of the encryption is:\n");
for (i = 0; i < ciphertext_len; i++) {
if (ciphertext[i] < 16)
fprintf(stdout, "0%x", ciphertext[i]);
else
fprintf(stdout, "%2x", ciphertext[i]);
}

Please help me for success code.

Thank you,
Redharing.

--
This message posted from opensolaris.org