Merge pull request #2 from ThalesGroup/branch-sch

ThalesGroup · Jan 16, 2025 · c4867c4 · c4867c4
2 parents b127cbe + 01421da
commit c4867c4
Show file tree

Hide file tree

Showing 18 changed files with 1,012 additions and 49 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1 +1,98 @@
-Sonarqube
+Sonarqube
+/.vs/kmu/FileContentIndex/047ac481-8eba-466b-b6e6-9b82db8da9e6.vsidx
+/.vs/kmu/FileContentIndex/28aff25f-2f73-4e54-bb82-4587de34b297.vsidx
+/.vs/kmu/FileContentIndex/391edc5a-72fa-4a7b-8c05-cd398714e32b.vsidx
+/.vs/kmu/FileContentIndex/65d57386-354c-4c75-aa45-951ae0f40492.vsidx
+/.vs/kmu/FileContentIndex/72f3529d-2ab1-46d5-8157-d5761cf00747.vsidx
+/.vs/kmu/v17/ipch/AutoPCH/db949c7a6d50d30f/CMDARG.ipch
+/.vs/kmu/v17/ipch/AutoPCH/e95a073eddabfb85/CMDARG.ipch
+/.vs/kmu/v17/ipch/AutoPCH/eaf79e75cbaec73f/BASE64.ipch
+/.vs/kmu/v17/ipch/AutoPCH/15e280da00150bfb/VCTMP2396_337848.CMD.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/293f61d1013080bf/VCTMP11988_312715.P11.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/2aa58dc54c99ebd6/VCTMP2396_672836.CMDARG.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/31ded961d0267599/VCTMP2396_188397.STR.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/38b2d31b15501ad9/ASN1.ipch
+/.vs/kmu/v17/ipch/AutoPCH/3ae010f0eddaed46/FILE.ipch
+/.vs/kmu/v17/ipch/AutoPCH/6d9b9d3fe68d14cf/PKCS8.ipch
+/.vs/kmu/v17/ipch/AutoPCH/6e86e3a2dc8c55e5/STR.ipch
+/.vs/kmu/v17/ipch/AutoPCH/72f9dc9bf896467f/VCTMP2588_416295.CMD.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/7befbdc42c7e21eb/CONSOLE.ipch
+/.vs/kmu/v17/ipch/AutoPCH/7d4882c3f646fb99/VCTMP2396_275500.P11.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/8189583b666e2390/VCTMP2396_109712.CMDARG.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/825f4b937b248543/VCTMP2396_307426.CONSOLE.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/85940a489627e024/KMU.ipch
+/.vs/kmu/v17/ipch/AutoPCH/92a7abeed8adafae/VCTMP2396_527924.KMU.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/c45b6c844f7fb820/PARSER.ipch
+/.vs/kmu/v17/ipch/AutoPCH/ca374fb8ff7a0f49/P11UTIL.ipch
+/.vs/kmu/v17/ipch/AutoPCH/cf96cc0669a9bacd/P11.ipch
+/.vs/kmu/v17/ipch/AutoPCH/5434b74caaf57a4b/CMD.ipch
+/.vs/kmu/v17/ipch/AutoPCH/6707e66ea6ed815a/TR31.ipch
+/.vs/kmu/v17/.suo
+/.vs/kmu/v17/Browse.VC.db
+/.vs/kmu/v17/Browse.VC.db-shm
+/.vs/kmu/v17/Browse.VC.db-wal
+/.vs/kmu/v17/Browse.VC.opendb
+/.vs/kmu/v17/DocumentLayout.json
+/.vs/kmu/v17/Solution.VC.db
+/.vs/luna-kmu/FileContentIndex/5c061a84-f27f-43ae-b92b-b77b1e8185e9.vsidx
+/.vs/luna-kmu/v17/.wsuo
+/.vs/luna-kmu/v17/Browse.VC.db
+/.vs/luna-kmu/v17/DocumentLayout.json
+/.vs/ProjectSettings.json
+/.vs/slnx.sqlite
+/.vs/VSWorkspaceState.json
+/des_clear.txt
+/des_wrap.txt
+/x64/Debug
+/x64/Release/kmu.exe.recipe
+/x64/Release/kmu.iobj
+/x64/Release/kmu.ipdb
+/x64/Release/kmu.log
+/x64/Release/kmu.obj
+/x64/Release/kmu.pdb
+/x64/Release/kmu.res
+/x64/Release/kmu.vcxproj.FileListAbsolute.txt
+/x64/Release/kmu.zip
+/x64/Release/p11.obj
+/x64/Release/p11util.obj
+/x64/Release/parser.obj
+/x64/Release/pkcs8.obj
+/x64/Release/str.obj
+/x64/Release/tr31.obj
+/x64/Release/vc143.pdb
+/x64/Release/asn1.obj
+/x64/Release/base64.obj
+/x64/Release/cmd.obj
+/x64/Release/cmdarg.obj
+/x64/Release/console.obj
+/x64/Release/file.obj
+/x64/Release/kmu.Build.CppClean.log
+/x64/Release/kmu.tlog/CL.command.1.tlog
+/x64/Release/kmu.tlog/Cl.items.tlog
+/x64/Release/kmu.tlog/CL.read.1.tlog
+/x64/Release/kmu.tlog/CL.write.1.tlog
+/x64/Release/kmu.tlog/kmu.lastbuildstate
+/x64/Release/kmu.tlog/link.command.1.tlog
+/x64/Release/kmu.tlog/link.read.1.tlog
+/x64/Release/kmu.tlog/link.secondary.1.tlog
+/x64/Release/kmu.tlog/link.write.1.tlog
+/x64/Release/kmu.tlog/rc.command.1.tlog
+/x64/Release/kmu.tlog/rc.read.1.tlog
+/x64/Release/kmu.tlog/rc.write.1.tlog
+/.vs/kmu/FileContentIndex/269bb779-28a3-45fd-b067-5f409212bcd3.vsidx
+/.vs/kmu/FileContentIndex/8001a442-d310-4384-ad9c-90905eb6d796.vsidx
+/.vs/kmu/FileContentIndex/f99e9409-ed17-405a-a2a5-2f551f2b5f8c.vsidx
+/.vs/kmu/v17/ipch/AutoPCH/26d912bdb0a0e8b5/VCTMP2588_702019.CMD.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/3cb1f5067f0b9645/CMD.ipch
+/.vs/kmu/v17/ipch/AutoPCH/40d9a6addce61aa7/VCTMP2588_432675.CMDARG.00000000.ipch
+/.vs/kmu/v17/ipch/AutoPCH/b8761312ec3ceaa5/CONSOLE.ipch
+/.vs/kmu/FileContentIndex/f3e274c3-3f9b-46f0-8da7-3ff712923bd7.vsidx
+/.vs/kmu/FileContentIndex/d8d9a7e8-0eee-4479-9547-1d84653cf85b.vsidx
+/.vs/kmu/FileContentIndex/24c12257-9cb6-4e48-8967-b6e8db7d36eb.vsidx
+/.vs/kmu/v17/ipch/AutoPCH/19f119eb89a1a6e4/TR31.ipch
+/.vs/kmu/v17/ipch/AutoPCH/50721b46094f77b7/P11.ipch
+/.vs/kmu/v17/DocumentLayout.backup.json
+*.ipch
+*.vsidx
+/x64/Release/kmu.tlog/unsuccessfulbuild
+/ressource/kmu.aps
diff --git a/README.md b/README.md
@@ -15,10 +15,13 @@ KMU allows to:
 -	List objects in partitions.
 -	Display and modify object attributes.
 -	Create keys (including DES, AES, RSA, DSA, DH, ECDSA, EdDSA, Montgomery, SM2, SM4 or generic ones).
+- 	Create AES or DES keys as multiple clear key compoments and KCV (XOR method)
 -	Export and wrap private/secret keys (currently limited to RSA OAEP, AES variant wrap algorithms) in a file.
 -	Export public keys in a binary file or a text file encoded using ASN1 DER and PKCS#8.
 -	Import wrapped private/secret keys from a file (currently limited to RSA OAEP, AES variant wrap algorithms).
--	Import public keys from a binary file or a text text file encoded using ASN1 DER, PKCS#8 and TR31 (partial support with AES key only).
+-   Import wrapped AES keys from a file encoded in TR31 format(partial support with AES key only as ZMK).
+- 	Import DES or AES keys as multiple clear key compoments and KCV (XOR method)
+-	Import public keys from a binary file or a text text file encoded using ASN1 DER, PKCS#8.
 -	Encrypt/decrypt from/to a file (currently limited to RSA OAEP and AES encryption algorithms).
 -	Derive key (currently limited to SHAxxx derivation mechanisms and proprietary Thales Luna key derivation functions such as CKM_NIST_PRF_KDF).
 -	Generate a digest for symetric keys.
@@ -106,7 +109,8 @@ Two argument formats are supported for each command:
 Typical examples:
 | Command | -argument=value or -argument value |
 | ------- | ---------------------------------- | 
-| List all objects in a PKCS#11 slot | list -slot=0 -password=00000000 |
+| List all objects in a PKCS#11 | slot list -slot=0 -password=00000000 |
+| List all objects in a PKCS#11 as crypto user | slot list -slot=0 -password=00000000 - cu=true|
 | Generate a AES key | generatekey -slot=0 -password=00000000 -keytype=aes -keysize 32 -label=key-aes-256 -extractable=1 -modifiable=true -wrap=0 -encrypt false -token=true -private=true -sensitive=true |
 | Generate a RSA key | generatekey -slot=0 -password=00000000 -keytype=rsa -keysize 4096 -labelpublic=key-rsa-public -labelprivate=key-rsa-private -publicexponent=65537 -extractable=1 -modifiable=true -mech=prime |
 | Generate a ECDSA key | generatekey -slot=0 -password=00000000 -keytype=ecdsa -labelpublic=key-ecdsa-public -labelprivate=key-ecdsa-private -curve=secp256r1  |
@@ -121,6 +125,8 @@ Typical examples:
 | Import a public key | import -slot=0 -password=00000000 -keyclass=public -keytype=ecdsa -inputfile=public_ecdsa_sect571k1.pem -format=PKCS8 -label=imported-ecdsa-sect571k1 -modifiable=true -extractable=true |
 | Derive a key from a master key using SHA derivation | derive -slot=0 -password=00000000 -key=751 -keytype=aes -keysize=32 -mech=sha256 -label=derived-key-sha256 -extractable=true |
 | Derive a key from a master key using luna KDF method with SCP03 | derive -slot=0 -password=00000000 -key=426 -keytype=aes -keysize=32 -mech=luna-nist-kdf  |-label=derived-key-kdf-scp03 -extractable=true -kdf-type=aes-cmac -kdf-scheme=scp03 -kdf-counter=9 -kdf-label=0102 -kdf-context=FFFF |
+| Generate a AES key with 3 compoments and follow prompt| generatekey -slot=0 -password=00000000 -keytype=aes -keysize=32 -clearcomponents=3 -label=zmk-key-aes-256 |
+| Import a AES key with 3 compoments and follow prompt | import -slot=0 -password=00000000 -keytype=aes -keysize=32 -clearcomponents=3 -label=zmk-key-aes-256 |
 
 ## Test
 

diff --git a/kmu.vcxproj.user b/kmu.vcxproj.user
@@ -5,4 +5,7 @@
     </LocalDebuggerCommandArguments>
     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
   </PropertyGroup>
+  <PropertyGroup>
+    <ShowAllFiles>false</ShowAllFiles>
+  </PropertyGroup>
 </Project>
diff --git a/kmu/inc/cmd.h b/kmu/inc/cmd.h
@@ -41,15 +41,17 @@ extern "C" {
    _EXT  CK_BBOOL    cmd_kmu_delete(CK_BBOOL bIsConsole);
    _EXT  CK_BBOOL    cmd_kmu_digestKey(CK_BBOOL bIsConsole);
    _EXT  CK_BBOOL    cmd_kmu_compute_KCV(CK_BBOOL bIsConsole);
-
+   _EXT  CK_BYTE     cmd_kmu_setattributeBoolean(CK_OBJECT_HANDLE hHandle, BYTE bArgType, CK_ATTRIBUTE_TYPE cAttribute);
+   _EXT  CK_BYTE     cmd_kmu_setattributeString(CK_OBJECT_HANDLE hHandle, BYTE bArgType, CK_ATTRIBUTE_TYPE cAttribute);
+   _EXT  CK_BYTE     cmd_kmu_setattributeArray(CK_OBJECT_HANDLE hHandle, BYTE bArgType, CK_ATTRIBUTE_TYPE cAttribute);
 
    _EXT  CK_BBOOL    cmd_WrapPrivateSecretkey(P11_WRAPTEMPLATE* sWrapTemplate, CK_CHAR_PTR sFilePath, CK_BYTE FileFormat);
    _EXT  CK_BBOOL    cmd_UnwrapPrivateSecretkey(P11_UNWRAPTEMPLATE* sUnwrapTemplate, CK_CHAR_PTR sFilePath, CK_BYTE FileFormat);
    _EXT  CK_BBOOL    cmd_ExportPublickey(P11_WRAPTEMPLATE* sExportTemplate, CK_CHAR_PTR sFilePath, CK_BYTE FileFormat);
    _EXT  CK_BBOOL    cmd_ImportPublickey(P11_UNWRAPTEMPLATE* sImportTemplate, CK_CHAR_PTR sFilePath, CK_BYTE FileFormat);
-   _EXT  CK_BYTE     cmd_kmu_setattributeBoolean(CK_OBJECT_HANDLE hHandle, BYTE bArgType, CK_ATTRIBUTE_TYPE cAttribute);
-   _EXT  CK_BYTE     cmd_kmu_setattributeString(CK_OBJECT_HANDLE hHandle, BYTE bArgType, CK_ATTRIBUTE_TYPE cAttribute);
-   _EXT  CK_BYTE     cmd_kmu_setattributeArray(CK_OBJECT_HANDLE hHandle, BYTE bArgType, CK_ATTRIBUTE_TYPE cAttribute);
+   _EXT  CK_BBOOL    cmd_GenerateSecretKeyWithComponent(P11_KEYGENTEMPLATE* sKeyGenTemplate, CK_LONG sCompomentNumber);
+   _EXT  CK_BBOOL    cmd_ImportSecretKeyWithComponent(P11_UNWRAPTEMPLATE* sImportTemplate, CK_LONG sCompomentNumber);
+
 #undef _EXT
 
 #endif // _CMD_H_
diff --git a/kmu/inc/cmdarg.h b/kmu/inc/cmdarg.h
@@ -84,6 +84,7 @@ extern "C" {
 #define ARG_TYPE_HANDLE_KCV         57
 #define ARG_TYPE_METHOD_KCV         58
 #define ARG_TYPE_CRYPTO_USER        59
+#define ARG_TYPE_KEY_COMP           60
 
 #define MASK_BINARY                 CK_TRUE
 #define FILE_FORMAT_BINARY          (0x10 | MASK_BINARY)
@@ -143,9 +144,10 @@ extern "C" {
    _EXT  CK_LONG_64              cmdarg_GetKdfCounter();
    _EXT  CK_LONG                 cmdarg_SearchTypeInteger(CK_BYTE bArgType);
    _EXT  CK_LONG                 cmdarg_SearchTypeUnsignedInteger(CK_BYTE bArgType);
-   _EXT  CK_LONG                 cmdarg_GetCKA_ID(CK_CHAR_PTR * sCkaId);
+   _EXT  CK_LONG                 cmdarg_GetCKA_ID(CK_CHAR_PTR sCkaId, CK_ULONG sBufferSize);
    _EXT  BYTE                    cmdarg_GetKCVMethod();
    _EXT  CK_BBOOL                cmdarg_isCryptoUserLoginRequested();
+   _EXT  CK_LONG                 cmdarg_GetCompomentsNumber();
 
 #undef _EXT