os/security/cryptoplugins/cryptospiplugins/source/softwarecrypto/dsaverifyimpl.cpp
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
sl@0
     1
/*
sl@0
     2
* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0
     3
* All rights reserved.
sl@0
     4
* This component and the accompanying materials are made available
sl@0
     5
* under the terms of the License "Eclipse Public License v1.0"
sl@0
     6
* which accompanies this distribution, and is available
sl@0
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0
     8
*
sl@0
     9
* Initial Contributors:
sl@0
    10
* Nokia Corporation - initial contribution.
sl@0
    11
*
sl@0
    12
* Contributors:
sl@0
    13
*
sl@0
    14
* Description: 
sl@0
    15
*
sl@0
    16
*/
sl@0
    17
sl@0
    18
sl@0
    19
#include "dsaverifyimpl.h"
sl@0
    20
#include "pluginconfig.h"
sl@0
    21
sl@0
    22
using namespace SoftwareCrypto;
sl@0
    23
sl@0
    24
// Implementation of CDSAVerifierImpl
sl@0
    25
CDSAVerifierImpl* CDSAVerifierImpl::NewL(const CKey& aKey)
sl@0
    26
	{
sl@0
    27
	CDSAVerifierImpl* self = CDSAVerifierImpl::NewLC(aKey);
sl@0
    28
	CleanupStack::Pop(self);
sl@0
    29
	return self;
sl@0
    30
	}
sl@0
    31
	
sl@0
    32
CDSAVerifierImpl* CDSAVerifierImpl::NewLC(const CKey& aKey)
sl@0
    33
	{
sl@0
    34
	CDSAVerifierImpl* self = new(ELeave) CDSAVerifierImpl();
sl@0
    35
	CleanupStack::PushL(self);
sl@0
    36
	self->ConstructL(aKey);
sl@0
    37
	return self;
sl@0
    38
	}
sl@0
    39
	
sl@0
    40
CDSAVerifierImpl::CDSAVerifierImpl() 
sl@0
    41
	{
sl@0
    42
	}
sl@0
    43
sl@0
    44
CDSAVerifierImpl::~CDSAVerifierImpl()
sl@0
    45
	{
sl@0
    46
	}
sl@0
    47
	
sl@0
    48
void CDSAVerifierImpl::ConstructL(const CKey& aKey)
sl@0
    49
	{
sl@0
    50
	CVerifierImpl::ConstructL(aKey);
sl@0
    51
	}
sl@0
    52
	
sl@0
    53
CExtendedCharacteristics* CDSAVerifierImpl::CreateExtendedCharacteristicsL()
sl@0
    54
	{
sl@0
    55
	// All Symbian software plug-ins have unlimited concurrency, cannot be reserved
sl@0
    56
	// for exclusive use and are not CERTIFIED to be standards compliant.
sl@0
    57
	return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
sl@0
    58
	}
sl@0
    59
	
sl@0
    60
const CExtendedCharacteristics* CDSAVerifierImpl::GetExtendedCharacteristicsL()
sl@0
    61
	{
sl@0
    62
	return CDSAVerifierImpl::CreateExtendedCharacteristicsL();
sl@0
    63
	}
sl@0
    64
	
sl@0
    65
TUid CDSAVerifierImpl::ImplementationUid() const
sl@0
    66
	{
sl@0
    67
	return KCryptoPluginDsaVerifierUid;
sl@0
    68
	}
sl@0
    69
	
sl@0
    70
void CDSAVerifierImpl::SetKeyL(const CKey& aPublicKey)
sl@0
    71
	{
sl@0
    72
	DoSetKeyL(aPublicKey);
sl@0
    73
	Reset();	
sl@0
    74
	}
sl@0
    75
sl@0
    76
TInt CDSAVerifierImpl::GetMaximumInputLengthL() const
sl@0
    77
	{
sl@0
    78
	return KSha1HashLength;
sl@0
    79
	}
sl@0
    80
sl@0
    81
void CDSAVerifierImpl::VerifyL(const TDesC8& aInput, const CCryptoParams& aSignature, TBool& aVerificationResult)
sl@0
    82
	{
sl@0
    83
	//Retrieve the parameter Q from the key	
sl@0
    84
	const TInteger& tQ=iKey->GetBigIntL(KDsaKeyParameterQUid);
sl@0
    85
sl@0
    86
	//see HAC 11.56 or DSS section 6
sl@0
    87
	//I'll follow HAC as I like the description better
sl@0
    88
sl@0
    89
	// a) Obtain A's authenticate public key
sl@0
    90
sl@0
    91
	// b) Verify that 0 < r < q and 0 < s < q; if not reject signature
sl@0
    92
sl@0
    93
	//Retrieve the R&S in DSA signature from the array
sl@0
    94
sl@0
    95
	const TInteger& tR=aSignature.GetBigIntL(KDsaSignatureParameterRUid);
sl@0
    96
	const TInteger& tS=aSignature.GetBigIntL(KDsaSignatureParameterSUid);
sl@0
    97
sl@0
    98
	if (tR <= 0 || tR >= tQ)
sl@0
    99
		{
sl@0
   100
		aVerificationResult=EFalse;
sl@0
   101
		return;
sl@0
   102
		}
sl@0
   103
	if (tS <= 0 || tS >= tQ)
sl@0
   104
		{
sl@0
   105
		aVerificationResult=EFalse;
sl@0
   106
		return;
sl@0
   107
		}
sl@0
   108
		
sl@0
   109
		
sl@0
   110
	// c) Compute w = s^(-1) mod q and h(m)
sl@0
   111
	RInteger w = tS.InverseModL(tQ);
sl@0
   112
	CleanupStack::PushL(w);
sl@0
   113
	// Note that in order to be interoperable, compliant with the DSS, and
sl@0
   114
	// secure, aInput must be the result of a SHA-1 hash
sl@0
   115
	RInteger hm = RInteger::NewL(aInput);
sl@0
   116
	CleanupStack::PushL(hm);
sl@0
   117
sl@0
   118
	// d) Compute u1 = w * hm mod q and u2 = r * w mod q
sl@0
   119
	RInteger u1 = TInteger::ModularMultiplyL(w, hm, tQ);
sl@0
   120
	CleanupStack::PushL(u1);
sl@0
   121
sl@0
   122
	RInteger u2 = TInteger::ModularMultiplyL(tR, w, tQ);
sl@0
   123
	CleanupStack::PushL(u2);
sl@0
   124
sl@0
   125
	// e) Compute v = ((g^u1 * y^u2) mod p) mod q
sl@0
   126
	
sl@0
   127
	const TInteger& tG=iKey->GetBigIntL(KDsaKeyParameterGUid);
sl@0
   128
	const TInteger& tY=iKey->GetBigIntL(KDsaKeyParameterYUid);
sl@0
   129
	const TInteger& tP=iKey->GetBigIntL(KDsaKeyParameterPUid);
sl@0
   130
sl@0
   131
	RInteger temp = TInteger::ModularExponentiateL(tG, u1, tP);
sl@0
   132
	CleanupStack::PushL(temp);
sl@0
   133
	RInteger temp1 = TInteger::ModularExponentiateL(tY, u2, tP);
sl@0
   134
	CleanupStack::PushL(temp1);
sl@0
   135
	RInteger v = TInteger::ModularMultiplyL(temp, temp1, tP);
sl@0
   136
	CleanupStack::PushL(v);
sl@0
   137
	v %= tQ;
sl@0
   138
sl@0
   139
	// f) Accept the signature if v == r
sl@0
   140
	if(v == tR)
sl@0
   141
		{
sl@0
   142
		aVerificationResult = ETrue;
sl@0
   143
		}
sl@0
   144
sl@0
   145
	CleanupStack::PopAndDestroy(7, &w);
sl@0
   146
	}
sl@0
   147
sl@0
   148
sl@0
   149
// Methods which are not supported can be excluded from the coverage.
sl@0
   150
#ifdef _BullseyeCoverage
sl@0
   151
#pragma suppress_warnings on
sl@0
   152
#pragma BullseyeCoverage off
sl@0
   153
#pragma suppress_warnings off
sl@0
   154
#endif
sl@0
   155
sl@0
   156
void CDSAVerifierImpl::InverseSignL(HBufC8*& /*aOutput*/, const CCryptoParams& /*aSignature*/)
sl@0
   157
	{
sl@0
   158
	// Override in subclass
sl@0
   159
	User::Leave(KErrNotSupported);
sl@0
   160
	}