/*

* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).

* All rights reserved.

* This component and the accompanying materials are made available

* under the terms of the License "Eclipse Public License v1.0"

* which accompanies this distribution, and is available

* at the URL "http://www.eclipse.org/legal/epl-v10.html".

*

* Initial Contributors:

* Nokia Corporation - initial contribution.

*

* Contributors:

*

* Description: 

*

*/

#include "dsasignerimpl.h"

#include "pluginconfig.h"

using namespace SoftwareCrypto;

// Implementation of CDSASignerImpl 

CDSASignerImpl* CDSASignerImpl::NewL(const CKey& aKey)

	{

	CDSASignerImpl* self = CDSASignerImpl::NewLC(aKey);

	CleanupStack::Pop(self);

	return self;

	}

CDSASignerImpl* CDSASignerImpl::NewLC(const CKey& aKey)

	{

	CDSASignerImpl* self = new(ELeave) CDSASignerImpl();

	CleanupStack::PushL(self);

	self->ConstructL(aKey);

	return self;

	}

CDSASignerImpl::CDSASignerImpl() 

	{

	}

CDSASignerImpl::~CDSASignerImpl()

	{

	}

void CDSASignerImpl::ConstructL(const CKey& aKey)

	{

	CSignerImpl::ConstructL(aKey);

	}

CExtendedCharacteristics* CDSASignerImpl::CreateExtendedCharacteristicsL()

	{

	// All Symbian software plug-ins have unlimited concurrency, cannot be reserved

	// for exclusive use and are not CERTIFIED to be standards compliant.

	return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);

	}

const CExtendedCharacteristics* CDSASignerImpl::GetExtendedCharacteristicsL()

	{

	return CDSASignerImpl::CreateExtendedCharacteristicsL();

	}

TUid CDSASignerImpl::ImplementationUid() const

	{

	return KCryptoPluginDsaSignerUid;

	}

void CDSASignerImpl::SetKeyL(const CKey& aPrivateKey) 

	{

	DoSetKeyL(aPrivateKey);

	Reset();

	}

TInt CDSASignerImpl::GetMaximumInputLengthL() const 

	{

	return KSha1HashLength;

	}

void CDSASignerImpl::SignL(const TDesC8& aInput, CCryptoParams& aSignature) 

	{

	//see HAC 11.56 or DSS section 5

	//I'll follow HAC as I like its description better

	//We don't check that r and s are non both non-null like the DSS

	//states you _optionally_ can.  The chances of this are _incredibly_ small.

	//You've got a much better chance of a bit failure ocurring in the hardware

	//than this.

	const TInteger& tQ=iKey->GetBigIntL(KDsaKeyParameterQUid);

	// a) Select a random secret integer (k | 0 < k < q)

	RInteger qminus1 = RInteger::NewL(tQ);

	CleanupStack::PushL(qminus1);

	--qminus1;

	RInteger k = RInteger::NewRandomL(TInteger::One(), qminus1);

	CleanupStack::PopAndDestroy(&qminus1);

	CleanupStack::PushL(k);

	// b) compute r = (g^k mod p) mod q

	const TInteger& tG=iKey->GetBigIntL(KDsaKeyParameterGUid);

	const TInteger& tP=iKey->GetBigIntL(KDsaKeyParameterPUid);

	RInteger r = TInteger::ModularExponentiateL(tG, k, tP);

	CleanupStack::PushL(r);

	r %=tQ;

	// c) compute k^(-1) mod q

	RInteger kinv = k.InverseModL(tQ);

	CleanupStack::PushL(kinv);

	// d) compute s = k^(-1) * {h(m) + xr} mod q

	// Note that in order to be interoperable, compliant with the DSS, and

	// secure, aInput must be the result of a SHA-1 hash

	RInteger hm = RInteger::NewL(aInput);

	CleanupStack::PushL(hm);

	const TInteger& tX=iKey->GetBigIntL(KDsaKeyParameterXUid);	

	RInteger s = tX.TimesL(r);

	CleanupStack::PushL(s);

	s += hm;

	s *= kinv;

	s %= tQ;

	// e) signature for m is the pair (r,s)

	aSignature.AddL(r, KDsaSignatureParameterRUid);

	aSignature.AddL(s, KDsaSignatureParameterSUid);

	CleanupStack::PopAndDestroy(5, &k);

	}