Symaptic: os/security/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/CCreateKey.cpp@260cb5ec6c19 (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	*
sl@0	16	*/
sl@0	17
sl@0	18
sl@0	19	#include "CCreateKey.h"
sl@0	20	#include "tokenserverdebug.h"
sl@0	21	#include <bigint.h>
sl@0	22	#include <securityerr.h>
sl@0	23
sl@0	24	// Wrapper class because we differ from crypto on what a DH key is
sl@0	25	class CSimpleDHKey : public CBase
sl@0	26	{
sl@0	27	public:
sl@0	28	static CSimpleDHKey* NewL(TInt aSize);
sl@0	29	~CSimpleDHKey();
sl@0	30	public:
sl@0	31	inline RInteger& DHKey() {return (iKey);};
sl@0	32	private:
sl@0	33	CSimpleDHKey() {};
sl@0	34	void ConstructL(TInt aSize);
sl@0	35	private:
sl@0	36	RInteger iKey;
sl@0	37	};
sl@0	38
sl@0	39	CSimpleDHKey* CSimpleDHKey::NewL(TInt aSize)
sl@0	40	{
sl@0	41	CSimpleDHKey* me = new (ELeave) CSimpleDHKey();
sl@0	42	CleanupStack::PushL(me);
sl@0	43	me->ConstructL(aSize);
sl@0	44	CleanupStack::Pop(me);
sl@0	45	return (me);
sl@0	46	}
sl@0	47
sl@0	48	void CSimpleDHKey::ConstructL(TInt aSize)
sl@0	49	{
sl@0	50	iKey = RInteger::NewRandomL(aSize - 1);
sl@0	51	}
sl@0	52
sl@0	53	CSimpleDHKey::~CSimpleDHKey()
sl@0	54	{
sl@0	55	iKey.Close();
sl@0	56	}
sl@0	57
sl@0	58	CKeyCreator::CKeyCreator()
sl@0	59	: CActive(EPriorityStandard),
sl@0	60	iAction(EIdle)
sl@0	61	{
sl@0	62	CActiveScheduler::Add(this);
sl@0	63	}
sl@0	64
sl@0	65	CKeyCreator::~CKeyCreator()
sl@0	66	{
sl@0	67	Cancel();
sl@0	68
sl@0	69	iCreatorThread.LogonCancel(iStatus);
sl@0	70	iCreatorThread.Close();
sl@0	71
sl@0	72	delete iCreateData;
sl@0	73	}
sl@0	74
sl@0	75	// Spin a thread to create an appropriate key, if successful, left on CleanupStack
sl@0	76	void CKeyCreator::DoCreateKeyAsync(CKeyInfo::EKeyAlgorithm aAlgorithm, TInt aSize, TRequestStatus& aStatus)
sl@0	77	{
sl@0	78	iClientStatus = &aStatus;
sl@0	79	*iClientStatus = KRequestPending;
sl@0	80	iStatus = KRequestPending;
sl@0	81
sl@0	82	TInt err = KErrNone;
sl@0	83
sl@0	84	if ( (aSize <= 0) \|\|
sl@0	85	(aAlgorithm==CKeyInfo::EInvalidAlgorithm) \|\|
sl@0	86	((aAlgorithm!=CKeyInfo::ERSA) && (aAlgorithm!=CKeyInfo::EDSA) && (aAlgorithm!=CKeyInfo::EDH)) )
sl@0	87	{
sl@0	88	err = KErrKeyAlgorithm;
sl@0	89	}
sl@0	90	if(err == KErrNone)
sl@0	91	{
sl@0	92	iCreateData = new CKeyCreatorData(aAlgorithm, aSize);
sl@0	93	if(iCreateData == NULL)
sl@0	94	{
sl@0	95	err = KErrNoMemory;
sl@0	96	}
sl@0	97	}
sl@0	98	else
sl@0	99	{
sl@0	100	User::RequestComplete(iClientStatus, err);
sl@0	101	return;
sl@0	102	}
sl@0	103
sl@0	104	// OK, ready to start the async operation...do it in RunL
sl@0	105	iAction = EReadyToCreateKey;
sl@0	106
sl@0	107	SetActive();
sl@0	108	TRequestStatus* stat = &iStatus;
sl@0	109	User::RequestComplete(stat, err);
sl@0	110	}
sl@0	111
sl@0	112	// HERE'S THE THREAD TO CREATE THE KEY
sl@0	113	// Code cannot leave in here, but not as many traps as it looks
sl@0	114	/static/ TInt CKeyCreator::CreatorThreadEntryPoint(TAny* aParameters)
sl@0	115	{
sl@0	116	CTrapCleanup* cleanup = CTrapCleanup::New();
sl@0	117	if (!cleanup)
sl@0	118	User::Exit(KErrNoMemory);
sl@0	119
sl@0	120	#ifdef _DEBUG
sl@0	121	TokenServerDebug::PauseOOMTest();
sl@0	122	#endif
sl@0	123
sl@0	124	ASSERT(aParameters);
sl@0	125	TInt result = KErrNone;
sl@0	126	CKeyCreatorData* createData = static_cast<CKeyCreatorData*>(aParameters);
sl@0	127	switch (createData->iKeyAlgorithm)
sl@0	128	{
sl@0	129	case(CKeyInfo::ERSA):
sl@0	130	{// Currently, CRT signing is not supported, in case the key is to be used
sl@0	131	// for such, create a standard (private) key as part of the pair
sl@0	132	TRAP(result, createData->iKey.iRSAKey = CRSAKeyPair::NewL(createData->iSize));
sl@0	133	}
sl@0	134	break;
sl@0	135	case (CKeyInfo::EDSA):
sl@0	136	{
sl@0	137	TRAP(result, createData->iKey.iDSAKey = CDSAKeyPair::NewL(createData->iSize));
sl@0	138	}
sl@0	139	break;
sl@0	140	case (CKeyInfo::EDH):
sl@0	141	{// Generate a number that's less than N. The snag is that
sl@0	142	// we don't know what N is. We do know that it'll be of a
sl@0	143	// particular size, so we can safely generate any number
sl@0	144	// with less than iSize digits
sl@0	145	TRAP(result, createData->iKey.iDHKey = CSimpleDHKey::NewL(createData->iSize));
sl@0	146	}
sl@0	147	break;
sl@0	148	default:
sl@0	149	ASSERT(EFalse);
sl@0	150	result = KErrArgument;
sl@0	151	}
sl@0	152
sl@0	153	#ifdef _DEBUG
sl@0	154	TokenServerDebug::ResumeOOMTest();
sl@0	155	#endif
sl@0	156	delete cleanup;
sl@0	157	User::Exit(result);
sl@0	158	return (KErrNone);
sl@0	159	}
sl@0	160
sl@0	161	CRSAKeyPair* CKeyCreator::GetCreatedRSAKey()
sl@0	162	{
sl@0	163	// Check algorithm is as expected, return NULL if no key or wrong type
sl@0	164	if ( (!iCreateData) \|\| (CKeyInfo::ERSA!=iCreateData->iKeyAlgorithm) )
sl@0	165	return (NULL);
sl@0	166	else
sl@0	167	return (iCreateData->iKey.iRSAKey);
sl@0	168	}
sl@0	169
sl@0	170	CDSAKeyPair* CKeyCreator::GetCreatedDSAKey()
sl@0	171	{
sl@0	172	// Check algorithm is as expected, return NULL if no key or wrong type
sl@0	173	if ( (!iCreateData) \|\| (CKeyInfo::EDSA!=iCreateData->iKeyAlgorithm) )
sl@0	174	return (NULL);
sl@0	175	else
sl@0	176	return (iCreateData->iKey.iDSAKey);
sl@0	177	}
sl@0	178
sl@0	179	void CKeyCreator::GetCreatedDHKey(RInteger& aDHKey)
sl@0	180	{
sl@0	181	ASSERT(iCreateData);
sl@0	182	ASSERT(CKeyInfo::EDH==iCreateData->iKeyAlgorithm);
sl@0	183	aDHKey = iCreateData->iKey.iDHKey->DHKey();
sl@0	184	}
sl@0	185
sl@0	186	void CKeyCreator::DoCancel()
sl@0	187	{
sl@0	188	// Only do the cancel if in the middle of creating a key. Kill the thread.
sl@0	189	if (iAction!=EIdle)
sl@0	190	{
sl@0	191	TExitType exitType = iCreatorThread.ExitType();
sl@0	192	if (EExitPending==exitType) // Still alive, so kill it
sl@0	193	{
sl@0	194	iCreatorThread.Kill(KErrCancel);
sl@0	195	}
sl@0	196	iAction = EIdle;
sl@0	197	}
sl@0	198
sl@0	199	ASSERT(iClientStatus);
sl@0	200	User::RequestComplete(iClientStatus, KErrCancel);
sl@0	201	}
sl@0	202
sl@0	203	void CKeyCreator::RunL()
sl@0	204	{
sl@0	205	ASSERT(iClientStatus);
sl@0	206	User::LeaveIfError(iStatus.Int());
sl@0	207
sl@0	208	switch (iAction)
sl@0	209	{
sl@0	210	case (EReadyToCreateKey):
sl@0	211	{
sl@0	212	// Spin off the thread and pass it the parameter data, then stand by
sl@0	213	// INC118634
sl@0	214	// To be safe, we should use anonymous threads because naming a thread means anybody could have opened a handle on the thread,
sl@0	215	// most likely system applications which want to know about panicing threads. So next thread creation will fail with KErrAlreadyExist(-11).
sl@0	216	User::LeaveIfError(iCreatorThread.Create(KNullDesC, CreatorThreadEntryPoint, KDefaultStackSize, NULL, (TAny*)iCreateData));
sl@0	217	iStatus = KRequestPending;
sl@0	218	iCreatorThread.Logon(iStatus);
sl@0	219	iAction = ECreatedKey;
sl@0	220	SetActive();
sl@0	221	iCreatorThread.Resume();
sl@0	222	}
sl@0	223	break;
sl@0	224
sl@0	225	case (ECreatedKey):
sl@0	226	{// Notify the caller
sl@0	227	ASSERT(iClientStatus);
sl@0	228	// May be OOM creating logon, in which case we should kill thread
sl@0	229	if (iStatus.Int() == KErrNoMemory)
sl@0	230	{
sl@0	231	TExitType exitType = iCreatorThread.ExitType();
sl@0	232	if (EExitPending==exitType) // Still alive, so kill it
sl@0	233	iCreatorThread.Kill(KErrNone);
sl@0	234	}
sl@0	235
sl@0	236	User::RequestComplete(iClientStatus, iStatus.Int());
sl@0	237	iAction = EIdle;
sl@0	238	}
sl@0	239	break;
sl@0	240	default:
sl@0	241	ASSERT(EFalse);
sl@0	242	}
sl@0	243	}
sl@0	244
sl@0	245	TInt CKeyCreator::RunError(TInt anError)
sl@0	246	{
sl@0	247	if (iClientStatus)
sl@0	248	User::RequestComplete(iClientStatus, anError);
sl@0	249
sl@0	250	return (KErrNone);
sl@0	251	}
sl@0	252
sl@0	253
sl@0	254
sl@0	255	CKeyCreator::CKeyCreatorData::CKeyCreatorData(CKeyInfo::EKeyAlgorithm aAlgorithm, TInt aSize)
sl@0	256	:iSize(aSize),
sl@0	257	iKeyAlgorithm(aAlgorithm)
sl@0	258	{}
sl@0	259
sl@0	260	CKeyCreator::CKeyCreatorData::~CKeyCreatorData()
sl@0	261	{
sl@0	262	if (iKeyAlgorithm==CKeyInfo::ERSA)
sl@0	263	delete iKey.iRSAKey;
sl@0	264	else if (iKeyAlgorithm==CKeyInfo::EDSA)
sl@0	265	delete iKey.iDSAKey;
sl@0	266	else if (iKeyAlgorithm==CKeyInfo::EDH)
sl@0	267	delete iKey.iDHKey;
sl@0	268	}
sl@0	269

author	sl
	Tue, 10 Jun 2014 14:32:02 +0200
changeset 1	260cb5ec6c19
permissions	-rw-r--r--