os/security/cryptoservices/certificateandkeymgmt/crypto/Signed.cpp
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
sl@0
     1
/*
sl@0
     2
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0
     3
* All rights reserved.
sl@0
     4
* This component and the accompanying materials are made available
sl@0
     5
* under the terms of the License "Eclipse Public License v1.0"
sl@0
     6
* which accompanies this distribution, and is available
sl@0
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0
     8
*
sl@0
     9
* Initial Contributors:
sl@0
    10
* Nokia Corporation - initial contribution.
sl@0
    11
*
sl@0
    12
* Contributors:
sl@0
    13
*
sl@0
    14
* Description: 
sl@0
    15
*
sl@0
    16
*/
sl@0
    17
sl@0
    18
sl@0
    19
#include <bigint.h>
sl@0
    20
#include <asymmetric.h>
sl@0
    21
#include <hash.h>
sl@0
    22
#include <padding.h>
sl@0
    23
#include <keyidentifierutil.h>
sl@0
    24
#include <signed.h>
sl@0
    25
sl@0
    26
//RSA signature result
sl@0
    27
EXPORT_C TBool CRSASignatureResult::operator== (const CRSASignatureResult& aResult) const 
sl@0
    28
	{
sl@0
    29
	return ((*(iDigestAlgorithm) == *(aResult.iDigestAlgorithm)) &&
sl@0
    30
			(*(iDigest)==*(aResult.iDigest)));
sl@0
    31
	}
sl@0
    32
sl@0
    33
EXPORT_C CRSASignatureResult::~CRSASignatureResult()
sl@0
    34
	{
sl@0
    35
	delete iDigestAlgorithm;
sl@0
    36
	delete iDigest;
sl@0
    37
	}
sl@0
    38
sl@0
    39
//validity period
sl@0
    40
EXPORT_C CValidityPeriod::CValidityPeriod(const CValidityPeriod& aValidityPeriod)
sl@0
    41
	:iStart(aValidityPeriod.iStart), iFinish(aValidityPeriod.iFinish)
sl@0
    42
	{
sl@0
    43
	}
sl@0
    44
sl@0
    45
EXPORT_C CValidityPeriod::CValidityPeriod()
sl@0
    46
	{
sl@0
    47
	}
sl@0
    48
sl@0
    49
EXPORT_C TBool CValidityPeriod::Valid(const TTime& aTime) const
sl@0
    50
	{
sl@0
    51
	return ((iStart < aTime) && (iFinish > aTime));
sl@0
    52
	}
sl@0
    53
sl@0
    54
EXPORT_C const TTime& CValidityPeriod::Start() const
sl@0
    55
	{
sl@0
    56
	return iStart;
sl@0
    57
	}
sl@0
    58
sl@0
    59
EXPORT_C const TTime& CValidityPeriod::Finish() const
sl@0
    60
	{
sl@0
    61
	return iFinish;
sl@0
    62
	}
sl@0
    63
sl@0
    64
//******************************************************************************//
sl@0
    65
//algorithm id
sl@0
    66
EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewL(const CAlgorithmIdentifier& aAlgorithmIdentifier)
sl@0
    67
	{
sl@0
    68
	CAlgorithmIdentifier* self = CAlgorithmIdentifier::NewLC(aAlgorithmIdentifier);
sl@0
    69
	CleanupStack::Pop();//self
sl@0
    70
	return self;
sl@0
    71
	}
sl@0
    72
sl@0
    73
EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewLC(const CAlgorithmIdentifier& aAlgorithmIdentifier)
sl@0
    74
	{
sl@0
    75
	CAlgorithmIdentifier* self = new(ELeave) CAlgorithmIdentifier;
sl@0
    76
	CleanupStack::PushL(self);
sl@0
    77
	self->ConstructL(aAlgorithmIdentifier);
sl@0
    78
	return self;
sl@0
    79
	}
sl@0
    80
sl@0
    81
EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewL(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams)
sl@0
    82
	{
sl@0
    83
	CAlgorithmIdentifier* self = CAlgorithmIdentifier::NewLC(aAlgorithmId, aEncodedParams);
sl@0
    84
	CleanupStack::Pop();//self
sl@0
    85
	return self;
sl@0
    86
	}
sl@0
    87
sl@0
    88
EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewLC(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams)
sl@0
    89
	{
sl@0
    90
	CAlgorithmIdentifier* self = new(ELeave) CAlgorithmIdentifier(aAlgorithmId);
sl@0
    91
	CleanupStack::PushL(self);
sl@0
    92
	self->ConstructL(aEncodedParams);
sl@0
    93
	return self;
sl@0
    94
	}
sl@0
    95
sl@0
    96
EXPORT_C CAlgorithmIdentifier::CAlgorithmIdentifier(TAlgorithmId& aAlgorithmId)
sl@0
    97
	:iAlgorithmId(aAlgorithmId)
sl@0
    98
	{
sl@0
    99
	}
sl@0
   100
sl@0
   101
EXPORT_C CAlgorithmIdentifier::CAlgorithmIdentifier()
sl@0
   102
	{
sl@0
   103
	}
sl@0
   104
sl@0
   105
EXPORT_C void CAlgorithmIdentifier::ConstructL(const TDesC8& aEncodedParams)
sl@0
   106
	{
sl@0
   107
	iEncodedParams = aEncodedParams.AllocL();
sl@0
   108
	}
sl@0
   109
sl@0
   110
sl@0
   111
EXPORT_C TBool CAlgorithmIdentifier::operator==(const CAlgorithmIdentifier& aAlgorithmIdentifier) const 
sl@0
   112
	{
sl@0
   113
	return ((iAlgorithmId == aAlgorithmIdentifier.iAlgorithmId) &&
sl@0
   114
			(*(iEncodedParams) == *(aAlgorithmIdentifier.iEncodedParams)));
sl@0
   115
	}
sl@0
   116
sl@0
   117
EXPORT_C TAlgorithmId CAlgorithmIdentifier::Algorithm() const
sl@0
   118
	{
sl@0
   119
	return iAlgorithmId;
sl@0
   120
	}
sl@0
   121
sl@0
   122
EXPORT_C TPtrC8 CAlgorithmIdentifier::EncodedParams() const
sl@0
   123
	{
sl@0
   124
	return iEncodedParams->Des();
sl@0
   125
	}
sl@0
   126
sl@0
   127
EXPORT_C CAlgorithmIdentifier::~CAlgorithmIdentifier()
sl@0
   128
	{
sl@0
   129
	delete iEncodedParams;
sl@0
   130
	}
sl@0
   131
sl@0
   132
EXPORT_C void CAlgorithmIdentifier::ConstructL(const CAlgorithmIdentifier& aAlgorithmIdentifier)
sl@0
   133
	{
sl@0
   134
	iAlgorithmId = aAlgorithmIdentifier.iAlgorithmId;
sl@0
   135
	iEncodedParams = aAlgorithmIdentifier.iEncodedParams->AllocL();
sl@0
   136
	}
sl@0
   137
sl@0
   138
//***********************************************************************//
sl@0
   139
//signing algorithm id
sl@0
   140
EXPORT_C CSigningAlgorithmIdentifier* CSigningAlgorithmIdentifier::NewL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier)
sl@0
   141
	{
sl@0
   142
	CSigningAlgorithmIdentifier* self = CSigningAlgorithmIdentifier::NewLC(aSigningAlgorithmIdentifier);
sl@0
   143
	CleanupStack::Pop();//self
sl@0
   144
	return self;
sl@0
   145
	}
sl@0
   146
sl@0
   147
EXPORT_C CSigningAlgorithmIdentifier* CSigningAlgorithmIdentifier::NewLC(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier)
sl@0
   148
	{
sl@0
   149
	CSigningAlgorithmIdentifier* self = new(ELeave) CSigningAlgorithmIdentifier;
sl@0
   150
	CleanupStack::PushL(self);
sl@0
   151
	self->ConstructL(aSigningAlgorithmIdentifier);
sl@0
   152
	return self;
sl@0
   153
	}
sl@0
   154
sl@0
   155
EXPORT_C TBool CSigningAlgorithmIdentifier::operator == (const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier) const
sl@0
   156
	{
sl@0
   157
	return ((*(iAsymmetricAlgorithm) == *(aSigningAlgorithmIdentifier.iAsymmetricAlgorithm)) &&
sl@0
   158
			(*(iDigestAlgorithm) == *(aSigningAlgorithmIdentifier.iDigestAlgorithm)));
sl@0
   159
	}
sl@0
   160
sl@0
   161
void CSigningAlgorithmIdentifier::ConstructL(const CSigningAlgorithmIdentifier& aAlgorithmIdentifier)
sl@0
   162
	{
sl@0
   163
	iAsymmetricAlgorithm = CAlgorithmIdentifier::NewL(*(aAlgorithmIdentifier.iAsymmetricAlgorithm));
sl@0
   164
	iDigestAlgorithm = CAlgorithmIdentifier::NewL(*(aAlgorithmIdentifier.iDigestAlgorithm));
sl@0
   165
	}
sl@0
   166
sl@0
   167
EXPORT_C const CAlgorithmIdentifier& CSigningAlgorithmIdentifier::AsymmetricAlgorithm() const
sl@0
   168
	{
sl@0
   169
	return *iAsymmetricAlgorithm;
sl@0
   170
	}
sl@0
   171
sl@0
   172
EXPORT_C const CAlgorithmIdentifier& CSigningAlgorithmIdentifier::DigestAlgorithm() const
sl@0
   173
	{
sl@0
   174
	return *iDigestAlgorithm;
sl@0
   175
	}
sl@0
   176
sl@0
   177
EXPORT_C CSigningAlgorithmIdentifier::~CSigningAlgorithmIdentifier()
sl@0
   178
	{
sl@0
   179
	delete iAsymmetricAlgorithm;
sl@0
   180
	delete iDigestAlgorithm;
sl@0
   181
	}
sl@0
   182
sl@0
   183
//************************************************************************//
sl@0
   184
//subject public key info
sl@0
   185
EXPORT_C CSubjectPublicKeyInfo* CSubjectPublicKeyInfo::NewL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
sl@0
   186
	{
sl@0
   187
	CSubjectPublicKeyInfo* self = CSubjectPublicKeyInfo::NewLC(aSubjectPublicKeyInfo);
sl@0
   188
	CleanupStack::Pop();//self
sl@0
   189
	return self;
sl@0
   190
	}
sl@0
   191
sl@0
   192
EXPORT_C CSubjectPublicKeyInfo* CSubjectPublicKeyInfo::NewLC(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
sl@0
   193
	{
sl@0
   194
	CSubjectPublicKeyInfo* self = new(ELeave) CSubjectPublicKeyInfo;
sl@0
   195
	CleanupStack::PushL(self);
sl@0
   196
	self->ConstructL(aSubjectPublicKeyInfo);
sl@0
   197
	return self;
sl@0
   198
	}
sl@0
   199
sl@0
   200
EXPORT_C TAlgorithmId CSubjectPublicKeyInfo::AlgorithmId() const
sl@0
   201
	{
sl@0
   202
	return iAlgId->Algorithm();
sl@0
   203
	}
sl@0
   204
sl@0
   205
EXPORT_C const TPtrC8 CSubjectPublicKeyInfo::EncodedParams() const
sl@0
   206
	{
sl@0
   207
	return iAlgId->EncodedParams();
sl@0
   208
	}
sl@0
   209
sl@0
   210
EXPORT_C const TPtrC8 CSubjectPublicKeyInfo::KeyData() const
sl@0
   211
	{
sl@0
   212
	return iEncodedKeyData->Des();
sl@0
   213
	}
sl@0
   214
sl@0
   215
EXPORT_C CSubjectPublicKeyInfo::~CSubjectPublicKeyInfo()
sl@0
   216
	{
sl@0
   217
	delete iAlgId;
sl@0
   218
	delete iEncodedKeyData;
sl@0
   219
	}
sl@0
   220
sl@0
   221
EXPORT_C void CSubjectPublicKeyInfo::ConstructL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
sl@0
   222
	{
sl@0
   223
	iAlgId = CAlgorithmIdentifier::NewL(*(aSubjectPublicKeyInfo.iAlgId));
sl@0
   224
	iEncodedKeyData = aSubjectPublicKeyInfo.iEncodedKeyData->AllocL();
sl@0
   225
	}
sl@0
   226
sl@0
   227
//******************************************************************//
sl@0
   228
//signed object parameters
sl@0
   229
sl@0
   230
	//ctors
sl@0
   231
sl@0
   232
EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewL()
sl@0
   233
	{
sl@0
   234
	CSigningKeyParameters* self = new(ELeave) CSigningKeyParameters;
sl@0
   235
	return self;
sl@0
   236
	}
sl@0
   237
sl@0
   238
EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewLC()
sl@0
   239
	{
sl@0
   240
	CSigningKeyParameters* self = CSigningKeyParameters::NewL();
sl@0
   241
	CleanupStack::PushL(self);
sl@0
   242
	return self;
sl@0
   243
	}
sl@0
   244
sl@0
   245
	//copy ctors
sl@0
   246
EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewL(const CSigningKeyParameters& aParameters)
sl@0
   247
	{
sl@0
   248
	CSigningKeyParameters* self = CSigningKeyParameters::NewLC(aParameters);
sl@0
   249
	CleanupStack::Pop();
sl@0
   250
	return self;
sl@0
   251
	}
sl@0
   252
sl@0
   253
EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewLC(const CSigningKeyParameters& aParameters)
sl@0
   254
	{
sl@0
   255
	CSigningKeyParameters* self = new(ELeave) CSigningKeyParameters;
sl@0
   256
	CleanupStack::PushL(self);
sl@0
   257
	self->ConstructL(aParameters);
sl@0
   258
	return self;
sl@0
   259
	}
sl@0
   260
sl@0
   261
void CSigningKeyParameters::ConstructL(const CSigningKeyParameters& aParameters)
sl@0
   262
	{
sl@0
   263
	SetDSAParamsL(*(aParameters.iDSAParams));
sl@0
   264
	}
sl@0
   265
sl@0
   266
	//dtor
sl@0
   267
EXPORT_C CSigningKeyParameters::~CSigningKeyParameters()
sl@0
   268
	{
sl@0
   269
	delete iDSAParams;
sl@0
   270
	}
sl@0
   271
sl@0
   272
EXPORT_C void CSigningKeyParameters::SetDSAParamsL(const CDSAParameters& aParams)
sl@0
   273
	{
sl@0
   274
	delete iDSAParams;
sl@0
   275
	iDSAParams = NULL;	//	In case the next fails
sl@0
   276
	
sl@0
   277
//	Copy the TIntegers
sl@0
   278
	RInteger p = RInteger::NewL(aParams.P());
sl@0
   279
	CleanupStack::PushL(p);
sl@0
   280
	
sl@0
   281
	RInteger q = RInteger::NewL(aParams.Q());
sl@0
   282
	CleanupStack::PushL(q);
sl@0
   283
sl@0
   284
	RInteger g = RInteger::NewL(aParams.G());
sl@0
   285
	CleanupStack::PushL(g);
sl@0
   286
sl@0
   287
	iDSAParams = CDSAParameters::NewL(p, q, g);
sl@0
   288
	CleanupStack::Pop(3, &p);
sl@0
   289
	}
sl@0
   290
sl@0
   291
const CDSAParameters* CSigningKeyParameters::DSAParams() const
sl@0
   292
	{
sl@0
   293
	return iDSAParams;
sl@0
   294
	}
sl@0
   295
sl@0
   296
CSigningKeyParameters::CSigningKeyParameters()
sl@0
   297
	{
sl@0
   298
	}
sl@0
   299
sl@0
   300
//******************************************************************//
sl@0
   301
//signed object
sl@0
   302
EXPORT_C TBool CSignedObject::VerifySignatureL(const TDesC8& aEncodedKey) const
sl@0
   303
	{
sl@0
   304
	const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
sl@0
   305
	const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
sl@0
   306
	
sl@0
   307
	TBool verifyResult = EFalse;
sl@0
   308
	if (algId.Algorithm() == EDSA)
sl@0
   309
		{
sl@0
   310
		if (digestId.Algorithm() != ESHA1)
sl@0
   311
			{
sl@0
   312
			User::Leave(KErrArgument);
sl@0
   313
			}
sl@0
   314
			
sl@0
   315
		CSHA1* sha1 = CSHA1::NewL();
sl@0
   316
		CleanupStack::PushL(sha1);
sl@0
   317
		TPtrC8 signedData = SignedDataL();
sl@0
   318
		TPtrC8 hash = sha1->Final(signedData);
sl@0
   319
		verifyResult=VerifySignatureL(aEncodedKey, hash);
sl@0
   320
		CleanupStack::PopAndDestroy(sha1);//hash
sl@0
   321
		}
sl@0
   322
	else
sl@0
   323
		{
sl@0
   324
		TRAPD(result, verifyResult = VerifyRSASignatureL(aEncodedKey));
sl@0
   325
		if (result==KErrNoMemory)	//	Leave if OOM, anything else is a verify
sl@0
   326
			User::Leave(result);	//	error => verifyResult = EFalse
sl@0
   327
sl@0
   328
		}
sl@0
   329
sl@0
   330
	return verifyResult;
sl@0
   331
	}
sl@0
   332
sl@0
   333
EXPORT_C TBool CSignedObject::VerifySignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const
sl@0
   334
	{
sl@0
   335
	const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
sl@0
   336
	const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
sl@0
   337
	
sl@0
   338
	TBool verifyResult = EFalse;
sl@0
   339
	if (algId.Algorithm() == EDSA)
sl@0
   340
		{
sl@0
   341
		if (digestId.Algorithm() != ESHA1)
sl@0
   342
			{
sl@0
   343
			User::Leave(KErrArgument);
sl@0
   344
			}
sl@0
   345
sl@0
   346
		CDSAPublicKey* key = NULL;
sl@0
   347
		if (algId.EncodedParams().Length() != 0)
sl@0
   348
			{
sl@0
   349
			key = iKeyFactory->DSAPublicKeyL(algId.EncodedParams(), aEncodedKey);
sl@0
   350
			}
sl@0
   351
		else
sl@0
   352
			{
sl@0
   353
			if (iParameters != NULL)
sl@0
   354
				{
sl@0
   355
				const CDSAParameters* params = iParameters->DSAParams();
sl@0
   356
				if (!params)
sl@0
   357
					{					
sl@0
   358
					User::Leave(KErrArgument);//no params
sl@0
   359
					}
sl@0
   360
				else
sl@0
   361
					{
sl@0
   362
					key = iKeyFactory->DSAPublicKeyL(*params, aEncodedKey);
sl@0
   363
					}
sl@0
   364
				}
sl@0
   365
			}
sl@0
   366
		if (key == NULL)
sl@0
   367
			{
sl@0
   368
			User::Leave(KErrArgument);
sl@0
   369
			}
sl@0
   370
		CleanupStack::PushL(key);
sl@0
   371
		CDSAVerifier* verifier = CDSAVerifier::NewLC(*key);
sl@0
   372
		CDSASignature* sig = iKeyFactory->DSASignatureL(Signature());
sl@0
   373
		CleanupStack::PushL(sig);
sl@0
   374
		verifyResult = verifier->VerifyL(aHash, *sig);
sl@0
   375
		CleanupStack::PopAndDestroy(3);//	key, verifier, sig
sl@0
   376
		}
sl@0
   377
	else
sl@0
   378
		{
sl@0
   379
		TRAPD(result, verifyResult = VerifyRSASignatureL(aEncodedKey, aHash));
sl@0
   380
		if (result==KErrNoMemory)	//	Leave if OOM, anything else is a verify
sl@0
   381
			User::Leave(result);	//	error => verifyResult = EFalse
sl@0
   382
sl@0
   383
		}
sl@0
   384
	return verifyResult;
sl@0
   385
		
sl@0
   386
	}
sl@0
   387
sl@0
   388
TBool CSignedObject::VerifyRSASignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const
sl@0
   389
	{
sl@0
   390
	__UHEAP_MARK;
sl@0
   391
	const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
sl@0
   392
	const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
sl@0
   393
	if (algId.Algorithm() != ERSA)
sl@0
   394
		{
sl@0
   395
		User::Leave(KErrArgument);
sl@0
   396
		}
sl@0
   397
	
sl@0
   398
	//Get the public key	
sl@0
   399
	CRSAPublicKey* key = iKeyFactory->RSAPublicKeyL(aEncodedKey);
sl@0
   400
	CleanupStack::PushL(key);
sl@0
   401
sl@0
   402
	CRSAPKCS1v15Verifier* verifier = CRSAPKCS1v15Verifier::NewLC(*key);
sl@0
   403
sl@0
   404
	RInteger sig = RInteger::NewL(Signature());
sl@0
   405
	CleanupStack::PushL(sig);
sl@0
   406
	CRSASignature* theSignature = CRSASignature::NewL(sig);
sl@0
   407
	CleanupStack::Pop(&sig);
sl@0
   408
	CleanupStack::PushL(theSignature);
sl@0
   409
sl@0
   410
	HBufC8* publicDecryptOutput = verifier->InverseSignLC(*theSignature);
sl@0
   411
	
sl@0
   412
	//Now verify it
sl@0
   413
	TPtrC8 hash(aHash);
sl@0
   414
	CRSASignatureResult* decoder = iKeyFactory->RSASignatureResultL(digestId, hash);
sl@0
   415
	CleanupStack::PushL(decoder);
sl@0
   416
	
sl@0
   417
	TPtr8 outputPtr(publicDecryptOutput->Des());
sl@0
   418
	TBool verified = decoder->VerifyL(outputPtr);
sl@0
   419
	CleanupStack::PopAndDestroy(5, key);	//	decoder, publicDecryptOutput, theSignature
sl@0
   420
											//	verifier, key,
sl@0
   421
	__UHEAP_MARKEND;
sl@0
   422
	return (verified);		
sl@0
   423
	}
sl@0
   424
sl@0
   425
//	x509 signature comprises of an AlgID and the signed data itself, so a simple
sl@0
   426
//	verify is not possible (the data returned from public decrypt will not match
sl@0
   427
//	the original data signed because of the extra algID appendage).
sl@0
   428
//
sl@0
   429
TBool CSignedObject::VerifyRSASignatureL(const TDesC8& aEncodedKey) const
sl@0
   430
	{
sl@0
   431
	__UHEAP_MARK;
sl@0
   432
	const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
sl@0
   433
	const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
sl@0
   434
	if (algId.Algorithm() != ERSA)
sl@0
   435
		{
sl@0
   436
		User::Leave(KErrArgument);
sl@0
   437
		}	
sl@0
   438
	CMessageDigest* digest = NULL;
sl@0
   439
	switch(digestId.Algorithm())
sl@0
   440
		{
sl@0
   441
	case EMD2:
sl@0
   442
		{
sl@0
   443
		digest = CMD2::NewL();
sl@0
   444
		break;			
sl@0
   445
		}
sl@0
   446
	case EMD5:
sl@0
   447
		{
sl@0
   448
		digest = CMD5::NewL();
sl@0
   449
		break;
sl@0
   450
		}
sl@0
   451
	case ESHA1:
sl@0
   452
		{
sl@0
   453
		digest = CSHA1::NewL();
sl@0
   454
		break;
sl@0
   455
		}
sl@0
   456
	case ESHA224:
sl@0
   457
	    {
sl@0
   458
	    digest = CSHA2::NewL(E224Bit);
sl@0
   459
	    break;
sl@0
   460
	    }
sl@0
   461
	case ESHA256:
sl@0
   462
	    {
sl@0
   463
	    digest = CSHA2::NewL(E256Bit);
sl@0
   464
	    break;
sl@0
   465
	    }
sl@0
   466
	case ESHA384:
sl@0
   467
	    {
sl@0
   468
	    digest = CSHA2::NewL(E384Bit);
sl@0
   469
	    break;
sl@0
   470
	    }
sl@0
   471
	case ESHA512:
sl@0
   472
	    {
sl@0
   473
	    digest = CSHA2::NewL(E512Bit);
sl@0
   474
	    break;
sl@0
   475
	    }
sl@0
   476
sl@0
   477
	default:
sl@0
   478
		User::Leave(KErrArgument);
sl@0
   479
		}
sl@0
   480
sl@0
   481
	//Hash the data	
sl@0
   482
	CleanupStack::PushL(digest);
sl@0
   483
	TPtrC8 hash = digest->Final(SignedDataL());
sl@0
   484
	TBool verifyResult=VerifyRSASignatureL(aEncodedKey, hash);
sl@0
   485
	CleanupStack::PopAndDestroy(digest);
sl@0
   486
	__UHEAP_MARKEND;
sl@0
   487
	return verifyResult;
sl@0
   488
	}
sl@0
   489
sl@0
   490
EXPORT_C void CSignedObject::SetParametersL(const CSigningKeyParameters& aParameters)
sl@0
   491
	{
sl@0
   492
		delete iParameters;
sl@0
   493
		iParameters = NULL;	//	In case next fails
sl@0
   494
		iParameters = CSigningKeyParameters::NewL(aParameters);
sl@0
   495
	}
sl@0
   496
sl@0
   497
EXPORT_C const TPtrC8 CSignedObject::Signature() const
sl@0
   498
	{
sl@0
   499
	return iSignature->Des();
sl@0
   500
	}
sl@0
   501
sl@0
   502
EXPORT_C const TPtrC8 CSignedObject::Encoding() const
sl@0
   503
	{
sl@0
   504
	return iEncoding->Des();
sl@0
   505
	}
sl@0
   506
sl@0
   507
EXPORT_C const CSigningAlgorithmIdentifier& CSignedObject::SigningAlgorithm() const
sl@0
   508
	{
sl@0
   509
	return *iSigningAlgorithm;
sl@0
   510
	}
sl@0
   511
sl@0
   512
EXPORT_C const TPtrC8 CSignedObject::Fingerprint() const
sl@0
   513
	{
sl@0
   514
	return iFingerprint->Des();
sl@0
   515
	}
sl@0
   516
sl@0
   517
EXPORT_C CSignedObject::~CSignedObject()
sl@0
   518
	{
sl@0
   519
	delete iParameters;
sl@0
   520
	delete iKeyFactory;
sl@0
   521
	delete iFingerprint;
sl@0
   522
	delete iEncoding;
sl@0
   523
	delete iSignature;
sl@0
   524
	delete iSigningAlgorithm;
sl@0
   525
	}
sl@0
   526
sl@0
   527
EXPORT_C void CSignedObject::ExternalizeL(RWriteStream& aStream) const 
sl@0
   528
	{
sl@0
   529
	aStream.WriteInt32L(iEncoding->Length());
sl@0
   530
	aStream.WriteL(*iEncoding);
sl@0
   531
	}
sl@0
   532
sl@0
   533
sl@0
   534
//****************************************************************************************//
sl@0
   535
//certificate base
sl@0
   536
EXPORT_C CCertificate::~CCertificate()
sl@0
   537
	{
sl@0
   538
	delete iSerialNumber;
sl@0
   539
	delete iValidityPeriod;
sl@0
   540
	delete iSubjectPublicKeyInfo;
sl@0
   541
	}
sl@0
   542
sl@0
   543
EXPORT_C const TPtrC8 CCertificate::SerialNumber() const
sl@0
   544
	{
sl@0
   545
	return iSerialNumber->Des();
sl@0
   546
	}
sl@0
   547
sl@0
   548
EXPORT_C const CValidityPeriod& CCertificate::ValidityPeriod() const
sl@0
   549
	{
sl@0
   550
	return *iValidityPeriod;
sl@0
   551
	}
sl@0
   552
sl@0
   553
EXPORT_C const CSubjectPublicKeyInfo& CCertificate::PublicKey() const
sl@0
   554
	{
sl@0
   555
	return *iSubjectPublicKeyInfo;
sl@0
   556
	}
sl@0
   557
sl@0
   558
EXPORT_C TKeyIdentifier CCertificate::KeyIdentifierL() const	
sl@0
   559
	{
sl@0
   560
	if (iSubjectPublicKeyInfo->AlgorithmId() != ERSA)
sl@0
   561
		{
sl@0
   562
		User::Leave(KErrNotSupported);
sl@0
   563
		}
sl@0
   564
sl@0
   565
	CRSAPublicKey* rsaKey = iKeyFactory->RSAPublicKeyL(iSubjectPublicKeyInfo->KeyData());
sl@0
   566
	CleanupStack::PushL(rsaKey);
sl@0
   567
	TKeyIdentifier retVal;
sl@0
   568
	KeyIdentifierUtil::RSAKeyIdentifierL(*rsaKey, retVal);
sl@0
   569
	CleanupStack::PopAndDestroy(rsaKey);
sl@0
   570
	return retVal;
sl@0
   571
	}