os/security/cryptoplugins/cryptospiplugins/source/softwarecrypto/symmetriccipherimpl.h
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
sl@0
     1
/*
sl@0
     2
* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0
     3
* All rights reserved.
sl@0
     4
* This component and the accompanying materials are made available
sl@0
     5
* under the terms of the License "Eclipse Public License v1.0"
sl@0
     6
* which accompanies this distribution, and is available
sl@0
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0
     8
*
sl@0
     9
* Initial Contributors:
sl@0
    10
* Nokia Corporation - initial contribution.
sl@0
    11
*
sl@0
    12
* Contributors:
sl@0
    13
*
sl@0
    14
* Description: 
sl@0
    15
*
sl@0
    16
*/
sl@0
    17
sl@0
    18
sl@0
    19
#ifndef	__SYMMETRICCIPHERIMPL_H__
sl@0
    20
#define	__SYMMETRICCIPHERIMPL_H__
sl@0
    21
sl@0
    22
/**
sl@0
    23
@file 
sl@0
    24
@internalComponent
sl@0
    25
@released
sl@0
    26
*/
sl@0
    27
sl@0
    28
#include <e32base.h>
sl@0
    29
#include <e32cmn.h>
sl@0
    30
#include <cryptospi/cryptospidef.h>
sl@0
    31
#include <padding.h>
sl@0
    32
#include "symmetriccipherplugin.h"
sl@0
    33
sl@0
    34
/** The maximum block size supported (in bytes) */
sl@0
    35
const TUint KMaxBlockSizeSupported = 32;
sl@0
    36
sl@0
    37
/**
sl@0
    38
Abstract base class for symmetric cipher plug-ins.
sl@0
    39
*/
sl@0
    40
namespace SoftwareCrypto
sl@0
    41
	{
sl@0
    42
	using namespace CryptoSpi;
sl@0
    43
		
sl@0
    44
	NONSHARABLE_CLASS(CSymmetricCipherImpl) : public CBase, public MSymmetricCipher
sl@0
    45
		{
sl@0
    46
	public:
sl@0
    47
		/**
sl@0
    48
		Implemented by each cipher subclass to determine whether the
sl@0
    49
		specified key length is valid for that cipher.
sl@0
    50
		This is called by ConstructL and SetKeyL
sl@0
    51
		@param aKeyLength The key length in bytes to verify.
sl@0
    52
		*/
sl@0
    53
		virtual TBool IsValidKeyLength(TInt aKeyBytes) const = 0;
sl@0
    54
		
sl@0
    55
		/**
sl@0
    56
		Helper function implemented by concrete cipher sub-class that 
sl@0
    57
		allows GetCharacteristicsL to return the correct characteristics object.
sl@0
    58
		@return The implemention uid
sl@0
    59
		*/
sl@0
    60
		virtual TUid ImplementationUid() const = 0;
sl@0
    61
		
sl@0
    62
		/**
sl@0
    63
		Gets the strength of the current key, needed to check whether the cipher
sl@0
    64
		may operate if strong cryptography is not enabled.
sl@0
    65
		@return The strength of the current key
sl@0
    66
		*/
sl@0
    67
		virtual TInt GetKeyStrength() const;
sl@0
    68
		
sl@0
    69
				
sl@0
    70
		// Override MPlugin virtual functions
sl@0
    71
		void Close();
sl@0
    72
		TAny* GetExtension(TUid aExtensionId);
sl@0
    73
		void GetCharacteristicsL(const TCharacteristics*& aPluginCharacteristics);
sl@0
    74
		// End of MPlugin
sl@0
    75
		
sl@0
    76
		// Override MSymmetricCipherBase virtual functions 
sl@0
    77
		TInt KeySize() const;
sl@0
    78
						
sl@0
    79
		/// Destructor
sl@0
    80
		~CSymmetricCipherImpl();
sl@0
    81
sl@0
    82
	protected:
sl@0
    83
		
sl@0
    84
		//Constructor
sl@0
    85
		CSymmetricCipherImpl();
sl@0
    86
		
sl@0
    87
		/**
sl@0
    88
		Second phase of construction. Always call ConstructL in the super-class
sl@0
    89
		if your override this method.
sl@0
    90
		
sl@0
    91
		@param aKey The key to initialise the cipher with.
sl@0
    92
		*/
sl@0
    93
		virtual void ConstructL(const CKey& aKey);		
sl@0
    94
		
sl@0
    95
		/**
sl@0
    96
		Extracts the raw symmetric key from a generic key object. The buffer
sl@0
    97
		is placed on the cleanup stack.
sl@0
    98
		
sl@0
    99
		@param aKey The key object
sl@0
   100
		@return A buffer containing the raw key value
sl@0
   101
		*/
sl@0
   102
		HBufC8* ExtractKeyDataLC(const CKey& aKey) const;	
sl@0
   103
	
sl@0
   104
		/**
sl@0
   105
		Zeros a buffer before deleting it to ensure that
sl@0
   106
		the contents will not be visible to another process if the page
sl@0
   107
		is re-used.
sl@0
   108
		@param aBuffer The pointer (possibly null) to the buffer to delete. This
sl@0
   109
		is set to null after deletion.
sl@0
   110
		*/
sl@0
   111
		void SecureDelete(HBufC8*& aBuffer);		
sl@0
   112
					
sl@0
   113
		/**
sl@0
   114
		Extracts the raw key from aKey and sets iKey and iKeyBytes
sl@0
   115
		The key length is also checked to meet export restrictions and
sl@0
   116
		to ensure that it is appropriate for the cipher.
sl@0
   117
		@param aKey The key
sl@0
   118
		*/
sl@0
   119
		virtual void DoSetKeyL(const CKey& aKey);
sl@0
   120
		
sl@0
   121
			
sl@0
   122
	protected:
sl@0
   123
		/// the key, extracted from a CKey object
sl@0
   124
		HBufC8* iKey;
sl@0
   125
		
sl@0
   126
		/// key size in bytes
sl@0
   127
		TUint iKeyBytes;
sl@0
   128
		
sl@0
   129
		};
sl@0
   130
sl@0
   131
	NONSHARABLE_CLASS(CSymmetricStreamCipherImpl) : public CSymmetricCipherImpl
sl@0
   132
		{
sl@0
   133
	public:
sl@0
   134
		// Destructor
sl@0
   135
		~CSymmetricStreamCipherImpl();
sl@0
   136
		
sl@0
   137
		// Override MSymmetricCipherBase virtual functions 
sl@0
   138
		TInt BlockSize() const;
sl@0
   139
		void SetKeyL(const CKey& aKey);		// override DoSetKeyL instead
sl@0
   140
		void SetCryptoModeL(TUid aCryptoMode);
sl@0
   141
		void SetOperationModeL(TUid aOperationMode);
sl@0
   142
		void SetPaddingModeL(TUid aPaddingMode);
sl@0
   143
		void SetIvL(const TDesC8& aIv);
sl@0
   144
		TInt MaxOutputLength(TInt aInputLength) const;
sl@0
   145
		TInt MaxFinalOutputLength(TInt aInputLength) const;
sl@0
   146
		// End of MSymmetricCipherBase
sl@0
   147
		
sl@0
   148
		// Override MSymmetricCipher virtual functions
sl@0
   149
		void ProcessL(const TDesC8& aInput, TDes8& aOutput);
sl@0
   150
		void ProcessFinalL(const TDesC8& aInput, TDes8& aOutput);						
sl@0
   151
		// End of MSymmetricCipher 
sl@0
   152
	
sl@0
   153
	protected:
sl@0
   154
		// Constructor
sl@0
   155
		CSymmetricStreamCipherImpl();
sl@0
   156
		
sl@0
   157
		// Override CSymmetricCipherImpl virtual functions
sl@0
   158
		virtual void ConstructL(const CKey& aKey);
sl@0
   159
sl@0
   160
		/**	
sl@0
   161
		Performs an encryption or decryption on supplied data.
sl@0
   162
		@param aData	On input, data to be transformed; 
sl@0
   163
						on return, transformed data.
sl@0
   164
		*/
sl@0
   165
		virtual void DoProcess(TDes8& aData) = 0;
sl@0
   166
		};
sl@0
   167
sl@0
   168
	NONSHARABLE_CLASS(CSymmetricBlockCipherImpl) : public CSymmetricCipherImpl
sl@0
   169
		{
sl@0
   170
	public:	
sl@0
   171
sl@0
   172
sl@0
   173
		/**
sl@0
   174
		This function is invoked by SetKey and SetCryptoMode
sl@0
   175
		allowing the cipher sub-class to rebuild it's key schedule. 
sl@0
   176
		N.B. It is assumed that the key schedule is NOT modified
sl@0
   177
		by TransformEncrypt or TransformDecrypt
sl@0
   178
		*/
sl@0
   179
		virtual void SetKeySchedule() = 0;
sl@0
   180
		
sl@0
   181
		// Override MPlugin virtual functions		
sl@0
   182
		void Reset(); // Always call reset in super-class if you override this
sl@0
   183
		// End of MPlugin virtual functions
sl@0
   184
sl@0
   185
		// Override MSymmetricCipherBase virtual functions 
sl@0
   186
		TInt BlockSize() const;
sl@0
   187
		void SetKeyL(const CKey& aKey);  				// override DoSetKeyL instead
sl@0
   188
		void SetCryptoModeL(TUid aCryptoMode);			// override DoSetCryptoModeL instead
sl@0
   189
		void SetOperationModeL(TUid aOperationMode);	// override DoSetOperationMode instead		
sl@0
   190
		void SetPaddingModeL(TUid aPaddingMode);		// override DoSetPaddingModeL instead
sl@0
   191
		void SetIvL(const TDesC8& aIv);
sl@0
   192
		
sl@0
   193
		TInt MaxOutputLength(TInt aInputLength) const;
sl@0
   194
		TInt MaxFinalOutputLength(TInt aInputLength) const;
sl@0
   195
		// End of MSymmetricCipherBase
sl@0
   196
sl@0
   197
		// Override MSymmetricCipher virtual functions
sl@0
   198
		void ProcessL(const TDesC8& aInput, TDes8& aOutput);
sl@0
   199
		void ProcessFinalL(const TDesC8& aInput, TDes8& aOutput);						
sl@0
   200
		// End of MSymmetricCipher
sl@0
   201
sl@0
   202
		/// Destructor
sl@0
   203
		~CSymmetricBlockCipherImpl();		
sl@0
   204
	protected:	
sl@0
   205
		/**
sl@0
   206
		Constructor
sl@0
   207
		@param aBlockBytes The block size in bytes
sl@0
   208
		@param aOperationMode The mode of operation e.g. CBC
sl@0
   209
		@param aCryptoMode Whether to encrypt or decrypt
sl@0
   210
		*/
sl@0
   211
		CSymmetricBlockCipherImpl(
sl@0
   212
			TUint8 aBlockBytes,
sl@0
   213
			TUid aOperationMode,
sl@0
   214
			TUid aCryptoMode,
sl@0
   215
			TUid aPaddingMode);
sl@0
   216
			
sl@0
   217
		// Override CSymmetricCipherImpl virtual functions
sl@0
   218
		virtual void ConstructL(const CKey& aKey);
sl@0
   219
sl@0
   220
		/**
sl@0
   221
		Validates and sets the crypto mode (iCryptoMode)
sl@0
   222
		@param aCryptoMode The crypto mode
sl@0
   223
		*/	
sl@0
   224
		virtual void DoSetCryptoModeL(TUid aCryptoMode);
sl@0
   225
		
sl@0
   226
		/**
sl@0
   227
		Validates and sets the operation mode (iOperationMode)
sl@0
   228
		@param aOperationMode The operation mode
sl@0
   229
		*/
sl@0
   230
		virtual void DoSetOperationModeL(TUid aOperationMode);
sl@0
   231
		
sl@0
   232
		/**
sl@0
   233
		Validates and sets the padding mode (iPaddingMode & iPadding)
sl@0
   234
		@param aPadding The desired padding mode
sl@0
   235
		*/
sl@0
   236
		virtual void DoSetPaddingModeL(TUid aPadding);
sl@0
   237
		
sl@0
   238
		void DoSetIvL(const TDesC8& aIv);
sl@0
   239
sl@0
   240
		inline void ModeEncryptStart(TUint8* aBuffer);
sl@0
   241
		inline void ModeEncryptEnd(TUint8* aBuffer);
sl@0
   242
		inline void ModeDecryptStart(TUint8* aBuffer);
sl@0
   243
		inline void ModeDecryptEnd(TUint8* aBuffer);
sl@0
   244
sl@0
   245
	private:
sl@0
   246
	
sl@0
   247
		/**
sl@0
   248
		Encrypts a number of blocks of data
sl@0
   249
		
sl@0
   250
		@param aBuffer The buffer containing exactly aNumBlocks of data to destructively encrypt
sl@0
   251
		@param aNumBlocks The number of blocks of data to encrypt
sl@0
   252
		*/
sl@0
   253
		virtual void TransformEncrypt(TUint8* aBuffer, TUint aNumBlocks) = 0;
sl@0
   254
		
sl@0
   255
		/**
sl@0
   256
		Decrypts a number of blocks of data
sl@0
   257
				
sl@0
   258
		@param aBuffer The buffer containing exactly aNumBlocks of data to destructively decrypt
sl@0
   259
		@param aNumBlocks The number of blocks of data to decrypt
sl@0
   260
		*/
sl@0
   261
		virtual void TransformDecrypt(TUint8* aBuffer, TUint aNumBlocks) = 0;		
sl@0
   262
			
sl@0
   263
		/// Pad the last block and encrypt
sl@0
   264
		void DoProcessFinalEncryptL(const TDesC8& aInput, TDes8& aOutput);
sl@0
   265
		
sl@0
   266
		/// Decrypt and unpad the last block
sl@0
   267
		void DoProcessFinalDecryptL(const TDesC8& aInput, TDes8& aOutput);		
sl@0
   268
		
sl@0
   269
		inline void Transform(TUint8* aBuffer, TUint aNumBlocks);
sl@0
   270
sl@0
   271
		void ProcessCtrL(const TDesC8& aInput, TDes8& aOutput);
sl@0
   272
		
sl@0
   273
	protected:
sl@0
   274
	
sl@0
   275
		/// block size in bytes, current largest block size is 16 bytes (AES)
sl@0
   276
		TUint8 iBlockBytes;	
sl@0
   277
		/// encryption or decryption
sl@0
   278
		TUid iCryptoMode;		
sl@0
   279
		/// The block cipher mode e.g. ECB, CBC
sl@0
   280
		TUid iOperationMode;
sl@0
   281
		/// the current padding scheme
sl@0
   282
		TUid iPaddingMode;
sl@0
   283
		
sl@0
   284
		/// the initialisation vector
sl@0
   285
		RBuf8 iIv;
sl@0
   286
		
sl@0
   287
		/// current padding scheme implementation
sl@0
   288
		CPadding* iPadding;
sl@0
   289
		/// buffer to store blocks
sl@0
   290
		RBuf8 iInputStore;
sl@0
   291
		/// buffer to store input / output of padding
sl@0
   292
		RBuf8 iPaddingBlock;
sl@0
   293
sl@0
   294
		/// The current block of cipher text - for CBC 
sl@0
   295
		TUint32* iCurrentCipherText;	
sl@0
   296
		/// A pointer to the current block of cipher text
sl@0
   297
		TUint8* iCurrentCipherTextPtr;		
sl@0
   298
		
sl@0
   299
		/** Used in both CBC and CTR mode. In CBC mode it stores the result of the last transform. In CTR mode 
sl@0
   300
		it stores the counter.*/
sl@0
   301
		TUint32* iRegister;	
sl@0
   302
		/** A pointer to iRegister.*/
sl@0
   303
		TUint8* iRegisterPtr;			
sl@0
   304
		
sl@0
   305
		/** Used in CTR mode to buffer plaintext during encryption.*/
sl@0
   306
		HBufC8* iBufferedPlaintext;
sl@0
   307
		/** Pointer to manipulate iBufferedPlaintext.*/
sl@0
   308
		TPtr8 iBufferedPlaintextPtr;
sl@0
   309
		
sl@0
   310
		/** CTR mode behaves like a stream cipher allowing arbitrary sized inputs to the encryption/decryption functions. 
sl@0
   311
		When handling an input whose length is not a multiple of the blocksize iCtrUnusedKeystream is used to buffer
sl@0
   312
		the unused portions of keystream for use in the next call. Cleared in Reset().*/
sl@0
   313
		HBufC8* iCtrUnusedKeystream;
sl@0
   314
		/** Pointer to manipulate iCtrUnusedKeystream.*/
sl@0
   315
		TPtr8 iCtrUnusedKeystreamPtr;
sl@0
   316
		};
sl@0
   317
sl@0
   318
sl@0
   319
	inline void CSymmetricBlockCipherImpl::Transform(TUint8* aBuffer, TUint aNumBlocks)
sl@0
   320
		{				
sl@0
   321
		if (iCryptoMode.iUid == KCryptoModeEncrypt)	//if in CTR mode always in crypto mode encrypt
sl@0
   322
			{				
sl@0
   323
			TransformEncrypt(aBuffer, aNumBlocks);
sl@0
   324
			}
sl@0
   325
		else if (iCryptoMode.iUid == KCryptoModeDecrypt)
sl@0
   326
			{				
sl@0
   327
			TransformDecrypt(aBuffer, aNumBlocks);
sl@0
   328
			}
sl@0
   329
		else 
sl@0
   330
			{
sl@0
   331
			ASSERT(EFalse);
sl@0
   332
			}
sl@0
   333
		}
sl@0
   334
			
sl@0
   335
	inline void CSymmetricBlockCipherImpl::ModeEncryptStart(TUint8* aBuffer)
sl@0
   336
		{
sl@0
   337
		if (iOperationMode.iUid == KOperationModeCBC)
sl@0
   338
			{			
sl@0
   339
			for (TInt i = 0; i < iBlockBytes; ++i)
sl@0
   340
				{
sl@0
   341
				aBuffer[i] ^= iRegisterPtr[i];
sl@0
   342
				}					
sl@0
   343
			}
sl@0
   344
		else if (iOperationMode.iUid == KOperationModeCTR)
sl@0
   345
			{
sl@0
   346
			iBufferedPlaintextPtr.Copy(aBuffer, iBlockBytes);
sl@0
   347
			Mem::Copy(aBuffer, iRegister, iBlockBytes);				
sl@0
   348
			}
sl@0
   349
		}		
sl@0
   350
	
sl@0
   351
	inline void CSymmetricBlockCipherImpl::ModeEncryptEnd(TUint8* aBuffer)
sl@0
   352
		{				
sl@0
   353
		if (iOperationMode.iUid == KOperationModeCBC)
sl@0
   354
			{
sl@0
   355
			for (TInt i = 0; i < iBlockBytes; ++i)
sl@0
   356
				{
sl@0
   357
				iRegisterPtr[i] = aBuffer[i]; 
sl@0
   358
				}													
sl@0
   359
			}
sl@0
   360
		else if (iOperationMode.iUid == KOperationModeCTR)
sl@0
   361
			{
sl@0
   362
			//XOR the plaintext with the keystream and increment counter
sl@0
   363
			for (TInt i = 0; i < iBlockBytes; ++i)
sl@0
   364
				{
sl@0
   365
				aBuffer[i] ^= iBufferedPlaintextPtr[i]; 
sl@0
   366
				}
sl@0
   367
			for (TInt i = iBlockBytes - 1; i >= 0; --i)
sl@0
   368
				{
sl@0
   369
				if (++(iRegisterPtr[i]) != 0) break;				
sl@0
   370
				}
sl@0
   371
			}										
sl@0
   372
		}		
sl@0
   373
sl@0
   374
	inline void CSymmetricBlockCipherImpl::ModeDecryptStart(TUint8* aBuffer)
sl@0
   375
		{
sl@0
   376
		__ASSERT_DEBUG((iOperationMode.iUid != KOperationModeCTR), User::Panic(_L("CSymmetricBlockCipherImpl.h"), 1));
sl@0
   377
		if (iOperationMode.iUid == KOperationModeCBC)
sl@0
   378
			{			
sl@0
   379
			for (TInt i = 0; i < iBlockBytes; ++i)
sl@0
   380
				{
sl@0
   381
				iCurrentCipherTextPtr[i] = aBuffer[i];
sl@0
   382
				}
sl@0
   383
			}
sl@0
   384
		}
sl@0
   385
sl@0
   386
	inline void CSymmetricBlockCipherImpl::ModeDecryptEnd(TUint8* aBuffer)
sl@0
   387
		{
sl@0
   388
		__ASSERT_DEBUG((iOperationMode.iUid != KOperationModeCTR), User::Panic(_L("CSymmetricBlockCipherImpl.h"), 2));		
sl@0
   389
		if (iOperationMode.iUid == KOperationModeCBC)
sl@0
   390
			{			
sl@0
   391
			// xor the output with the previous cipher text
sl@0
   392
			for (TInt i = 0; i < iBlockBytes; ++i)
sl@0
   393
				{
sl@0
   394
				aBuffer[i] ^= iRegisterPtr[i];
sl@0
   395
				iRegisterPtr[i] = iCurrentCipherTextPtr[i];
sl@0
   396
				}
sl@0
   397
			}	
sl@0
   398
		}		
sl@0
   399
	}						
sl@0
   400
sl@0
   401
#endif	//	__SYMMETRICCIPHERIMPL_H__