/*

* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).

* All rights reserved.

* This component and the accompanying materials are made available

* under the terms of the License "Eclipse Public License v1.0"

* which accompanies this distribution, and is available

* at the URL "http://www.eclipse.org/legal/epl-v10.html".

*

* Initial Contributors:

* Nokia Corporation - initial contribution.

*

* Contributors:

*

* Description: 

*

*/

#include <asn1enc.h>

#include <asn1dec.h>

#include <pbedata.h>

#include <rc2.h>

#include "asnpkcs.h"

#ifdef SYMBIAN_ENABLE_SPLIT_HEADERS

/** OpenSSL PKCS8 Effective Key Length Compatibility.*/

const TUint KPkcs8CompatibilityBits = 128;

#endif

_LIT(Kpkcs5PBES2, "1.2.840.113549.1.5.13");

_LIT(Kpkcs5PBKDF2, "1.2.840.113549.1.5.12");

_LIT(KDESCBC, "1.3.14.3.2.7");

_LIT(K3DESCBC, "1.2.840.113549.3.7");

_LIT(KRC2CBC, "1.2.840.113549.3.2");

// pbe12Algorithm Ids

_LIT(KPbeWithSHA1And128BitRC4, "1.2.840.113549.1.12.1.1");

_LIT(KPbeWithSHA1And40BitRC4, "1.2.840.113549.1.12.1.2");

_LIT(KPbeWithSHA1And3_KeyTripleDES_CBC, "1.2.840.113549.1.12.1.3");

_LIT(KPbeWithSHA1And2_KeyTripleDES_CBC, "1.2.840.113549.1.12.1.4");

_LIT(KPbeWithSHA1And128BitRC2_CBC, "1.2.840.113549.1.12.1.5");

_LIT(KPbeWithSHA1And40BitRC2_CBC, "1.2.840.113549.1.12.1.6");

//The size of the Initialization vector

const TInt KIvSize = 8;

/*

* //For RC2

* SEQUENCE

* 	OID -- pkcs5PBES2

*	SEQUENCE

*		SEQUENCE

*		OID -- pkcs5PBKDF2

*		SEQUENCE

*			OCTET STRING -- salt

*			INTEGER -- iteration count

*			INTEGER -- effective key length in octets

* 	SEQUENCE

*		OID -- algorithm id (rc2)

*		SEQUENCE

*			INTEGER -- RC2 parameter version 58 = 128, 160 = 40

*			OCTET STRING -- iv

*

* //For DES and 3DES

* SEQUENCE

* 	OID -- pkcs5PBES2

*	SEQUENCE

*		SEQUENCE

*		OID -- pkcs5PBKDF2

*		SEQUENCE

*			OCTET STRING -- salt

*			INTEGER -- iteration count

* 	SEQUENCE

*		OID -- algorithm id (des, 3des)

*		OCTET STRING -- iv

*/

EXPORT_C CASN1EncSequence* TASN1EncPKCS5::EncodeDERL(const CPBEncryptParms& aParms)

	{

	CASN1EncSequence* seq = CASN1EncSequence::NewLC();

	CASN1EncObjectIdentifier* pbes2 = CASN1EncObjectIdentifier::NewLC(Kpkcs5PBES2);

	seq->AddChildL(pbes2);

	CleanupStack::Pop(pbes2);

	CASN1EncSequence* seq1 = CASN1EncSequence::NewLC();

	seq->AddChildL(seq1);

	CleanupStack::Pop(seq1);

	CASN1EncSequence* seq2 = CASN1EncSequence::NewLC();

	seq1->AddChildL(seq2);

	CleanupStack::Pop(seq2);

	CASN1EncObjectIdentifier* pbkdf2 = CASN1EncObjectIdentifier::NewLC(Kpkcs5PBKDF2);

	seq2->AddChildL(pbkdf2);

	CleanupStack::Pop(pbkdf2);

	CASN1EncSequence* seq3 = CASN1EncSequence::NewLC();

	seq2->AddChildL(seq3);

	CleanupStack::Pop(seq3);

	CASN1EncOctetString* salt = CASN1EncOctetString::NewLC(aParms.Salt());

	seq3->AddChildL(salt);

	CleanupStack::Pop(salt);

	CASN1EncInt* iterations = CASN1EncInt::NewLC(aParms.Iterations());

	seq3->AddChildL(iterations);

	CleanupStack::Pop(iterations);

	CASN1EncInt* keysize = 0;

	switch(aParms.Cipher())

		{

		case ECipherDES_CBC:

		case ECipher3DES_CBC: 

			break;

		case ECipherRC2_CBC_40:

 			keysize = CASN1EncInt::NewLC(KSSLCompatibilityBits/8);  // effective key length in *octets*

			seq3->AddChildL(keysize);

			CleanupStack::Pop(keysize);

			break;

		case ECipherRC2_CBC_128:

 			keysize = CASN1EncInt::NewLC(KSSLCompatibilityBits/8);  // effective key length in *octets*

			seq3->AddChildL(keysize);

			CleanupStack::Pop(keysize);

			break;

		case ECipherRC2_CBC_40_16:

 			keysize = CASN1EncInt::NewLC(KPkcs8CompatibilityBits/8);  // effective key length in *octets*

			seq3->AddChildL(keysize);

			CleanupStack::Pop(keysize);

			break;

		case ECipherRC2_CBC_128_16:

 			keysize = CASN1EncInt::NewLC(KPkcs8CompatibilityBits/8);  // effective key length in *octets*

			seq3->AddChildL(keysize);

			CleanupStack::Pop(keysize);

			break;

		default:

			User::Leave(KErrNotSupported);

			break;

		}

	CASN1EncSequence* seq4 = CASN1EncSequence::NewLC();

	seq1->AddChildL(seq4);

	CleanupStack::Pop(seq4);

	CASN1EncObjectIdentifier* algid = 0;

	switch(aParms.Cipher())

		{

		case ECipherDES_CBC:

			algid = CASN1EncObjectIdentifier::NewLC(KDESCBC);

			break;

		case ECipher3DES_CBC:

			algid = CASN1EncObjectIdentifier::NewLC(K3DESCBC);

			break;

		case ECipherRC2_CBC_40:

		case ECipherRC2_CBC_128:

		case ECipherRC2_CBC_40_16:

		case ECipherRC2_CBC_128_16:

			algid = CASN1EncObjectIdentifier::NewLC(KRC2CBC);

			break;

		default:

			User::Leave(KErrNotSupported);

			break;

		}

	seq4->AddChildL(algid);

	CleanupStack::Pop(algid);

	CASN1EncSequence* seq5 = 0;

	CASN1EncInt* keysize1 = 0;

	CASN1EncOctetString* iv = 0;

	switch(aParms.Cipher())

		{

		case ECipherDES_CBC:

		case ECipher3DES_CBC:

			iv = CASN1EncOctetString::NewLC(aParms.IV());

			seq4->AddChildL(iv);

			CleanupStack::Pop(iv);

			break;

		case ECipherRC2_CBC_40:

		case ECipherRC2_CBC_40_16:

			seq5 = CASN1EncSequence::NewLC();

			seq4->AddChildL(seq5);

			CleanupStack::Pop(seq5);

			keysize1 = CASN1EncInt::NewLC(160); //encoding for 40 bit

			seq5->AddChildL(keysize1);

			CleanupStack::Pop(keysize1);

			iv = CASN1EncOctetString::NewLC(aParms.IV());

			seq5->AddChildL(iv);

			CleanupStack::Pop(iv);

			break;

		case ECipherRC2_CBC_128:

		case ECipherRC2_CBC_128_16:

			seq5 = CASN1EncSequence::NewLC();

			seq4->AddChildL(seq5);

			CleanupStack::Pop(seq5);

			keysize1 = CASN1EncInt::NewLC(58); //encoding for 128 bit

			seq5->AddChildL(keysize1);

			CleanupStack::Pop(keysize1);

			iv = CASN1EncOctetString::NewLC(aParms.IV());

			seq5->AddChildL(iv);

			CleanupStack::Pop(iv);

			break;

		default:

			User::Leave(KErrNotSupported);

			break;

		}

	CleanupStack::Pop(seq);

	return seq;

	}

EXPORT_C CPBEncryptParms* TASN1DecPKCS5::DecodeDERL(const TDesC8& aBinaryData)

	{

	TASN1DecGeneric seqGen(aBinaryData);

	seqGen.InitL();

	if (seqGen.Tag() != EASN1Sequence)

		{

		User::Leave(KErrArgument);

		}

	//Decode the Algorithm Identifier Sequence

	TASN1DecSequence seq;

	CArrayPtrFlat<TASN1DecGeneric>* seqContents = seq.DecodeDERLC(seqGen);

	//PbeAlgorithm Id

	if (seqContents->At(0)->Tag() != EASN1ObjectIdentifier)

		{

		User::Leave(KErrArgument);

		}	

	CPBEncryptParms* params = NULL;	

	TASN1DecObjectIdentifier oid;

	HBufC* oiddes = oid.DecodeDERL(*(seqContents->At(0)));

	CleanupStack::PushL(oiddes);

	//Algorithm Id is a pkcs-12Pbe Algorithm Id.

	if(*oiddes != Kpkcs5PBES2)

		{

		// Initialise to impossible value

		TPBECipher cipher = (TPBECipher) -1; 

		// Pbe12Algorithm Ids

		if(*oiddes == KPbeWithSHA1And128BitRC4)

			{

			cipher = ECipherARC4_128;

			}

		else if(*oiddes == KPbeWithSHA1And40BitRC4)

			{

			cipher = ECipherARC4_40;

			}

		else if(*oiddes == KPbeWithSHA1And3_KeyTripleDES_CBC)

			{

			cipher = ECipher3DES_CBC;

			}

		else if(*oiddes == KPbeWithSHA1And2_KeyTripleDES_CBC)

			{

			cipher = ECipher2Key3DES_CBC;

			}

		else if(*oiddes == KPbeWithSHA1And128BitRC2_CBC)

			{

			cipher = ECipherRC2_CBC_128_16; 

			}

		else if(*oiddes == KPbeWithSHA1And40BitRC2_CBC)

			{

			cipher = ECipherRC2_CBC_40_5; 

			}

	    else

        	{

        	User::Leave(KErrNotSupported);

        	}	 

        TInt seqContentsCount = seqContents->Count();

		//All pkcs-12Pbe algorithms require the Algorithm Parameters.

		//Algorithm Parameters are not OPTIONAL for pkcs-12Pbe algorithms.

		//seqContentsCount should be equal to 2.That is, the Algorithm Id 

		//and associated Algorithm Parameters have to be present.

		if(seqContentsCount != 2)

			{

			User::Leave(KErrArgument);	

			}

		//This if statement checks if the pkcs-12PbeParams Sequence is present in the 

		//AlgorithmIdentifier Sequence Since pkcs-12PbeParams are OPTIONAL

		else 

			{

			//Set the Initialization vector size to 8 bytes.

			TBuf8<KIvSize> iv(KIvSize);

			// Initialized to NULL, if salt is not present.

			TPtrC8 salt;

			TInt iterations; 

			const TASN1DecGeneric* seqContentsAt1 = seqContents->At(1);

			if (seqContentsAt1->Tag() != EASN1Sequence || seqContentsAt1->Class() != EUniversal)

				{

				User::Leave(KErrArgument);

				}

			CArrayPtrFlat<TASN1DecGeneric>* seq1Contents = seq.DecodeDERLC(*seqContentsAt1);

			const TASN1DecGeneric* seq1ContentsAt0 = seq1Contents->At(0);

			if (seq1ContentsAt0->Tag() != EASN1OctetString || seq1ContentsAt0->Class() != EUniversal)

				{

				User::Leave(KErrArgument);

				}

			salt.Set(seq1ContentsAt0->GetContentDER());

			const TASN1DecGeneric* seq1ContentsAt1 = seq1Contents->At(1);

			if (seq1ContentsAt1->Tag() != EASN1Integer || seq1ContentsAt1->Class() != EUniversal)

				{

				User::Leave(KErrArgument);

				}

			TASN1DecInteger integer;

			iterations = integer.DecodeDERShortL(*seq1ContentsAt1);

			if (iterations <= 0)

				{

				User::Leave(KErrArgument);

				}

			params = CPBEncryptParms::NewL(cipher, salt, iv, iterations);

			params->SetKdf(CPBEncryptParms::EKdfPkcs12);

			CleanupStack::PopAndDestroy(seq1Contents);

			}

		}

	//Algorithm Id is a pkcs-5Pbe Algorithm Id.

   	 else if (*oiddes == Kpkcs5PBES2)

    	{

    	if (seqContents->At(1)->Tag() != EASN1Sequence)

			{

			User::Leave(KErrArgument);

			}

		CArrayPtrFlat<TASN1DecGeneric>* seq1Contents = seq.DecodeDERLC(*(seqContents->At(1)));

		if (seq1Contents->At(0)->Tag() != EASN1Sequence)

			{

			User::Leave(KErrArgument);

			}

		CArrayPtrFlat<TASN1DecGeneric>* seq2Contents = seq.DecodeDERLC(*(seq1Contents->At(0)));

		if (seq2Contents->At(0)->Tag() != EASN1ObjectIdentifier)

			{

			User::Leave(KErrArgument);

			}

		HBufC* oid1des = oid.DecodeDERL(*(seq2Contents->At(0)));

		CleanupStack::PushL(oid1des);

		if(*oid1des != Kpkcs5PBKDF2)

			{

			User::Leave(KErrNotSupported);

			}

		if (seq2Contents->At(1)->Tag() != EASN1Sequence)

			{

			User::Leave(KErrArgument);

			}

		CArrayPtrFlat<TASN1DecGeneric>* seq3Contents = seq.DecodeDERLC(*(seq2Contents->At(1)));

		if (seq3Contents->At(0)->Tag() != EASN1OctetString)

			{

			User::Leave(KErrArgument);

			}

		TASN1DecOctetString octet;

		HBufC8* salt = octet.DecodeDERL(*(seq3Contents->At(0)));

		CleanupStack::PushL(salt);

		if (seq3Contents->At(1)->Tag() != EASN1Integer)

			{

			User::Leave(KErrArgument);

			}

		TASN1DecInteger integer;

		TInt iterations = integer.DecodeDERShortL(*(seq3Contents->At(1)));

		if (seq1Contents->At(1)->Tag() != EASN1Sequence)

			{

			User::Leave(KErrArgument);

			}

		CArrayPtrFlat<TASN1DecGeneric>* seq4Contents = seq.DecodeDERLC(*(seq1Contents->At(1)));

		TPBECipher cipher = (TPBECipher) -1; // Initialise to impossible value

		if (seq4Contents->At(0)->Tag() != EASN1ObjectIdentifier)

			{

			User::Leave(KErrArgument);

			}

		HBufC* oid2des = oid.DecodeDERL(*(seq4Contents->At(0)));

		CleanupStack::PushL(oid2des);

		CArrayPtrFlat<TASN1DecGeneric>* seq5Contents = 0; 

		if(*oid2des == K3DESCBC)

			{

			cipher = ECipher3DES_CBC;

		CleanupStack::PushL(seq5Contents);

			}

		else if(*oid2des == KDESCBC)

			{

			cipher = ECipherDES_CBC;

		CleanupStack::PushL(seq5Contents);

			}

		else if(*oid2des == KRC2CBC)

			{

			// RC2 has an additional parameter, the effective key lenght in octets.

			if (seq3Contents->At(2)->Tag() != EASN1Integer)

				{

				User::Leave(KErrArgument);

				}		

			TInt effectiveKeyLength =  integer.DecodeDERShortL(*(seq3Contents->At(2)));

			if (seq4Contents->At(1)->Tag() != EASN1Sequence)

				{

				User::Leave(KErrArgument);

				}

			seq5Contents = seq.DecodeDERLC(*(seq4Contents->At(1)));

			if (seq5Contents->At(0)->Tag() != EASN1Integer)

				{

				User::Leave(KErrArgument);

				}

			TInt keysize = integer.DecodeDERShortL(*(seq5Contents->At(0)));

			switch(keysize)

				{

				// These values come from the PKCS#5 v2 specs

				case 160:

					if (effectiveKeyLength == 16)

						{

						cipher = ECipherRC2_CBC_40_16;					

						}

					else 

						{

						if (effectiveKeyLength == 128)

							{

							cipher = ECipherRC2_CBC_40;

							}

						else 

							{

							User::Leave(KErrNotSupported); // Unsupported effective key length!						

							}

						}

					break;

				case 58:

					if (effectiveKeyLength == 16)

						{

						cipher = ECipherRC2_CBC_128_16;					

						}

					else 

						{

						if (effectiveKeyLength == 128)

							{

							cipher = ECipherRC2_CBC_128;

							}

						else 

							{

							User::Leave(KErrNotSupported); // Unsupported effective key length!						

							}

						}			

					break;

				case 120:

					//would be RC_CBC_64 but we don't support that

				default:

					User::Leave(KErrNotSupported);

					break;

				}

			}

		else 

			{

			User::Leave(KErrNotSupported);

			}	

		HBufC8* iv = 0;

		switch(cipher)

			{

			case ECipher3DES_CBC:

			case ECipherDES_CBC:

				if (seq4Contents->At(1)->Tag() != EASN1OctetString)

					{

					User::Leave(KErrArgument);

					}

				iv = octet.DecodeDERL(*(seq4Contents->At(1)));	

			CleanupStack::PushL(iv);

				break;

			case ECipherRC2_CBC_40:

			case ECipherRC2_CBC_128:

			case ECipherRC2_CBC_40_16:

			case ECipherRC2_CBC_128_16:	

				if (seq5Contents->At(1)->Tag() != EASN1OctetString)

					{

					User::Leave(KErrArgument);

					}

				iv = octet.DecodeDERL(*(seq5Contents->At(1)));

			CleanupStack::PushL(iv);

				break;

			default:

				User::Leave(KErrNotSupported);

				break;

			}

		params = CPBEncryptParms::NewL(cipher, *salt, *iv,

		iterations);

	CleanupStack::PopAndDestroy(9); //iv, seq5contents, oid2des, seq4Contents,

	//salt, seq3Contents, oid1des, seq2Contents, seq1Contents

    	}

	else

		{

		User::Leave(KErrNotSupported);

		}

	CleanupStack::PopAndDestroy(2, seqContents);

	return params;

	}