os/security/cryptoplugins/cryptospiplugins/source/softwarecrypto/dsasignerimpl.cpp
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
sl@0
     1
/*
sl@0
     2
* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0
     3
* All rights reserved.
sl@0
     4
* This component and the accompanying materials are made available
sl@0
     5
* under the terms of the License "Eclipse Public License v1.0"
sl@0
     6
* which accompanies this distribution, and is available
sl@0
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0
     8
*
sl@0
     9
* Initial Contributors:
sl@0
    10
* Nokia Corporation - initial contribution.
sl@0
    11
*
sl@0
    12
* Contributors:
sl@0
    13
*
sl@0
    14
* Description: 
sl@0
    15
*
sl@0
    16
*/
sl@0
    17
sl@0
    18
sl@0
    19
#include "dsasignerimpl.h"
sl@0
    20
#include "pluginconfig.h"
sl@0
    21
sl@0
    22
using namespace SoftwareCrypto;
sl@0
    23
sl@0
    24
// Implementation of CDSASignerImpl 
sl@0
    25
CDSASignerImpl* CDSASignerImpl::NewL(const CKey& aKey)
sl@0
    26
	{
sl@0
    27
	CDSASignerImpl* self = CDSASignerImpl::NewLC(aKey);
sl@0
    28
	CleanupStack::Pop(self);
sl@0
    29
	return self;
sl@0
    30
	}
sl@0
    31
	
sl@0
    32
CDSASignerImpl* CDSASignerImpl::NewLC(const CKey& aKey)
sl@0
    33
	{
sl@0
    34
	CDSASignerImpl* self = new(ELeave) CDSASignerImpl();
sl@0
    35
	CleanupStack::PushL(self);
sl@0
    36
	self->ConstructL(aKey);
sl@0
    37
	return self;
sl@0
    38
	}
sl@0
    39
sl@0
    40
CDSASignerImpl::CDSASignerImpl() 
sl@0
    41
	{
sl@0
    42
	}
sl@0
    43
	
sl@0
    44
CDSASignerImpl::~CDSASignerImpl()
sl@0
    45
	{
sl@0
    46
	}
sl@0
    47
	
sl@0
    48
void CDSASignerImpl::ConstructL(const CKey& aKey)
sl@0
    49
	{
sl@0
    50
	CSignerImpl::ConstructL(aKey);
sl@0
    51
	}
sl@0
    52
sl@0
    53
CExtendedCharacteristics* CDSASignerImpl::CreateExtendedCharacteristicsL()
sl@0
    54
	{
sl@0
    55
	// All Symbian software plug-ins have unlimited concurrency, cannot be reserved
sl@0
    56
	// for exclusive use and are not CERTIFIED to be standards compliant.
sl@0
    57
	return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
sl@0
    58
	}
sl@0
    59
sl@0
    60
const CExtendedCharacteristics* CDSASignerImpl::GetExtendedCharacteristicsL()
sl@0
    61
	{
sl@0
    62
	return CDSASignerImpl::CreateExtendedCharacteristicsL();
sl@0
    63
	}
sl@0
    64
sl@0
    65
TUid CDSASignerImpl::ImplementationUid() const
sl@0
    66
	{
sl@0
    67
	return KCryptoPluginDsaSignerUid;
sl@0
    68
	}
sl@0
    69
	
sl@0
    70
void CDSASignerImpl::SetKeyL(const CKey& aPrivateKey) 
sl@0
    71
	{
sl@0
    72
	DoSetKeyL(aPrivateKey);
sl@0
    73
	Reset();
sl@0
    74
	}
sl@0
    75
sl@0
    76
TInt CDSASignerImpl::GetMaximumInputLengthL() const 
sl@0
    77
	{
sl@0
    78
	return KSha1HashLength;
sl@0
    79
	}
sl@0
    80
sl@0
    81
void CDSASignerImpl::SignL(const TDesC8& aInput, CCryptoParams& aSignature) 
sl@0
    82
	{
sl@0
    83
	
sl@0
    84
	//see HAC 11.56 or DSS section 5
sl@0
    85
	//I'll follow HAC as I like its description better
sl@0
    86
	//We don't check that r and s are non both non-null like the DSS
sl@0
    87
	//states you _optionally_ can.  The chances of this are _incredibly_ small.
sl@0
    88
	//You've got a much better chance of a bit failure ocurring in the hardware
sl@0
    89
	//than this.
sl@0
    90
sl@0
    91
	const TInteger& tQ=iKey->GetBigIntL(KDsaKeyParameterQUid);
sl@0
    92
		
sl@0
    93
	// a) Select a random secret integer (k | 0 < k < q)
sl@0
    94
	RInteger qminus1 = RInteger::NewL(tQ);
sl@0
    95
	CleanupStack::PushL(qminus1);
sl@0
    96
	--qminus1;
sl@0
    97
	RInteger k = RInteger::NewRandomL(TInteger::One(), qminus1);
sl@0
    98
	CleanupStack::PopAndDestroy(&qminus1);
sl@0
    99
	CleanupStack::PushL(k);
sl@0
   100
	
sl@0
   101
	
sl@0
   102
	// b) compute r = (g^k mod p) mod q
sl@0
   103
	
sl@0
   104
	const TInteger& tG=iKey->GetBigIntL(KDsaKeyParameterGUid);
sl@0
   105
	const TInteger& tP=iKey->GetBigIntL(KDsaKeyParameterPUid);
sl@0
   106
	RInteger r = TInteger::ModularExponentiateL(tG, k, tP);
sl@0
   107
	CleanupStack::PushL(r);
sl@0
   108
	r %=tQ;
sl@0
   109
	
sl@0
   110
	
sl@0
   111
	// c) compute k^(-1) mod q
sl@0
   112
sl@0
   113
	RInteger kinv = k.InverseModL(tQ);
sl@0
   114
	CleanupStack::PushL(kinv);
sl@0
   115
sl@0
   116
sl@0
   117
	// d) compute s = k^(-1) * {h(m) + xr} mod q
sl@0
   118
	// Note that in order to be interoperable, compliant with the DSS, and
sl@0
   119
	// secure, aInput must be the result of a SHA-1 hash
sl@0
   120
sl@0
   121
	RInteger hm = RInteger::NewL(aInput);
sl@0
   122
	CleanupStack::PushL(hm);
sl@0
   123
	
sl@0
   124
	const TInteger& tX=iKey->GetBigIntL(KDsaKeyParameterXUid);	
sl@0
   125
	RInteger s = tX.TimesL(r);
sl@0
   126
	CleanupStack::PushL(s);
sl@0
   127
	s += hm;
sl@0
   128
	s *= kinv;
sl@0
   129
	s %= tQ;
sl@0
   130
sl@0
   131
sl@0
   132
	// e) signature for m is the pair (r,s)
sl@0
   133
	aSignature.AddL(r, KDsaSignatureParameterRUid);
sl@0
   134
	aSignature.AddL(s, KDsaSignatureParameterSUid);
sl@0
   135
	
sl@0
   136
	CleanupStack::PopAndDestroy(5, &k);
sl@0
   137
	}