wire-sysio/p11__generate__rsa_8c_source.html

/*

 * Copyright 2015-2018 Yubico AB

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 * http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */


#ifdef NDEBUG

#undef NDEBUG

#endif

#include <assert.h>

#include <dlfcn.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>


#include <pkcs11.h>


int main(int argc, char *argv[]) {

  if (argc != 2) {

    fprintf(stderr, "usage: p11 /path/to/yubihsm_pkcs11/module\n");

    exit(EXIT_FAILURE);

  }


  CK_C_GetFunctionList fn;

  void *handle = dlopen(argv[1], RTLD_NOW | RTLD_GLOBAL);

  assert(handle != NULL);


  *(void **) (&fn) = dlsym(handle, "C_GetFunctionList");

  assert(fn != NULL);


  CK_FUNCTION_LIST_PTR p11;

  CK_RV rv = fn(&p11);

  assert(rv == CKR_OK);


  rv = p11->C_Initialize(NULL_PTR);

  assert(rv == CKR_OK);


  CK_SESSION_HANDLE session;

  rv = p11->C_OpenSession(0, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL,

                          &session);

  assert(rv == CKR_OK);


  const char *password = "0001password";

  rv = p11->C_Login(session, CKU_USER, (CK_UTF8CHAR_PTR) password,

                    (CK_ULONG) strlen(password));

  assert(rv == CKR_OK);


  CK_MECHANISM mechanism = {CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0};

  CK_ULONG modulus = 2048;

  CK_BYTE exponent[] = {0x00, 0x1, 0x0, 0x1}; // 65537

  CK_BYTE id[] = {0};

  CK_BBOOL ck_true = CK_TRUE;

  CK_BBOOL ck_false = CK_FALSE;


  CK_ATTRIBUTE publicKeyTemplate[] = {

    {CKA_ENCRYPT, &ck_true, sizeof(ck_true)},

    {CKA_DECRYPT, &ck_false, sizeof(ck_false)},

    {CKA_SIGN, &ck_false, sizeof(ck_false)},

    {CKA_VERIFY, &ck_true, sizeof(ck_true)},

    {CKA_WRAP, &ck_true, sizeof(ck_true)},

    {CKA_UNWRAP, &ck_false, sizeof(ck_false)},

    {CKA_TOKEN, &ck_true, sizeof(ck_true)},

    {CKA_PRIVATE, &ck_true, sizeof(ck_true)},

    {CKA_EXTRACTABLE, &ck_true, sizeof(ck_true)},

    {CKA_MODIFIABLE, &ck_false, sizeof(ck_false)},

    {CKA_COPYABLE, &ck_false, sizeof(ck_false)},

    {CKA_DESTROYABLE, &ck_true, sizeof(ck_true)},

    {CKA_ID, id, sizeof(id)},

    {CKA_MODULUS_BITS, &modulus, sizeof(modulus)},

    {CKA_PUBLIC_EXPONENT, exponent, sizeof(exponent)},

  };

  CK_ULONG publicKeyAttributeCount =

    sizeof(publicKeyTemplate) / sizeof(publicKeyTemplate[0]);


  CK_ATTRIBUTE privateKeyTemplate[] = {

    {CKA_ENCRYPT, &ck_false, sizeof(ck_false)},

    {CKA_DECRYPT, &ck_true, sizeof(ck_true)},

    {CKA_SIGN, &ck_true, sizeof(ck_true)},

    {CKA_VERIFY, &ck_false, sizeof(ck_false)},

    {CKA_WRAP, &ck_false, sizeof(ck_false)},

    {CKA_UNWRAP, &ck_true, sizeof(ck_true)},

    {CKA_TOKEN, &ck_true, sizeof(ck_true)},

    {CKA_PRIVATE, &ck_true, sizeof(ck_true)},

    {CKA_EXTRACTABLE, &ck_true, sizeof(ck_true)},

    {CKA_MODIFIABLE, &ck_false, sizeof(ck_false)},

    {CKA_COPYABLE, &ck_false, sizeof(ck_false)},

    {CKA_DESTROYABLE, &ck_true, sizeof(ck_true)},

    {CKA_ID, id, sizeof(id)},

  };

  CK_ULONG privateKeyAttributeCount =

    sizeof(privateKeyTemplate) / sizeof(privateKeyTemplate[0]);


  CK_OBJECT_HANDLE publicKey, privateKey;

  rv =

    p11->C_GenerateKeyPair(session, &mechanism, publicKeyTemplate,

                           publicKeyAttributeCount, privateKeyTemplate,

                           privateKeyAttributeCount, &publicKey, &privateKey);

  assert(rv == CKR_OK);


  rv = p11->C_Logout(session);

  assert(rv == CKR_OK);


  rv = p11->C_Finalize(NULL);

  assert(rv == CKR_OK);


  return 0;

}


id
uint64_t id
Definition code_cache.cpp:0

session
CK_SESSION_HANDLE session
Definition ecdh_derive_test.c:45

p11
CK_FUNCTION_LIST_PTR p11
Definition ecdh_derive_test.c:44

argv
char ** argv
Definition hello_driver.cpp:52

pkcs11.h

CKA_TOKEN
#define CKA_TOKEN
Definition pkcs11.h:364

CK_FALSE
#define CK_FALSE
Definition pkcs11.h:1202

CKA_ID
#define CKA_ID
Definition pkcs11.h:385

CK_ULONG
unsigned long int CK_ULONG
Definition pkcs11.h:1194

CKA_PUBLIC_EXPONENT
#define CKA_PUBLIC_EXPONENT
Definition pkcs11.h:400

CKA_MODIFIABLE
#define CKA_MODIFIABLE
Definition pkcs11.h:420

CKM_RSA_PKCS_KEY_PAIR_GEN
#define CKM_RSA_PKCS_KEY_PAIR_GEN
Definition pkcs11.h:469

CKR_OK
#define CKR_OK
Definition pkcs11.h:1092

CKF_RW_SESSION
#define CKF_RW_SESSION
Definition pkcs11.h:293

CKU_USER
#define CKU_USER
Definition pkcs11.h:275

CK_BYTE
unsigned char CK_BYTE
Definition pkcs11.h:1190

CKA_PRIVATE
#define CKA_PRIVATE
Definition pkcs11.h:365

NULL_PTR
#define NULL_PTR
Definition pkcs11.h:1257

CKA_SIGN
#define CKA_SIGN
Definition pkcs11.h:391

CK_TRUE
#define CK_TRUE
Definition pkcs11.h:1203

CKA_VERIFY
#define CKA_VERIFY
Definition pkcs11.h:393

CKF_SERIAL_SESSION
#define CKF_SERIAL_SESSION
Definition pkcs11.h:294

CKA_COPYABLE
#define CKA_COPYABLE
Definition pkcs11.h:421

CKA_UNWRAP
#define CKA_UNWRAP
Definition pkcs11.h:390

CK_BBOOL
unsigned char CK_BBOOL
Definition pkcs11.h:1193

CKA_DECRYPT
#define CKA_DECRYPT
Definition pkcs11.h:388

CKA_DESTROYABLE
#define CKA_DESTROYABLE
Definition pkcs11.h:422

CKA_MODULUS_BITS
#define CKA_MODULUS_BITS
Definition pkcs11.h:399

CKA_EXTRACTABLE
#define CKA_EXTRACTABLE
Definition pkcs11.h:415

CKA_ENCRYPT
#define CKA_ENCRYPT
Definition pkcs11.h:387

CK_UTF8CHAR_PTR
CK_UTF8CHAR * CK_UTF8CHAR_PTR
Definition pkcs11.h:1198

CKA_WRAP
#define CKA_WRAP
Definition pkcs11.h:389

main
int main()
Definition platform_timer_posix_test.c:5

ck_attribute
Definition pkcs11.h:455

ck_function_list
Definition pkcs11.h:1003

ck_function_list::C_OpenSession
CK_C_OpenSession C_OpenSession
Definition pkcs11.h:1017

ck_function_list::C_Login
CK_C_Login C_Login
Definition pkcs11.h:1023

ck_function_list::C_GenerateKeyPair
CK_C_GenerateKeyPair C_GenerateKeyPair
Definition pkcs11.h:1064

ck_function_list::C_Initialize
CK_C_Initialize C_Initialize
Definition pkcs11.h:1005

ck_function_list::C_Logout
CK_C_Logout C_Logout
Definition pkcs11.h:1024

ck_function_list::C_Finalize
CK_C_Finalize C_Finalize
Definition pkcs11.h:1006

ck_mechanism
Definition pkcs11.h:694

mechanism
Definition yubihsm_pkcs11.h:107

rv
CK_RV rv
Definition yubihsm_pkcs11.c:569