sl@0
|
1 |
/*
|
sl@0
|
2 |
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
|
sl@0
|
3 |
* All rights reserved.
|
sl@0
|
4 |
* This component and the accompanying materials are made available
|
sl@0
|
5 |
* under the terms of the License "Eclipse Public License v1.0"
|
sl@0
|
6 |
* which accompanies this distribution, and is available
|
sl@0
|
7 |
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
|
sl@0
|
8 |
*
|
sl@0
|
9 |
* Initial Contributors:
|
sl@0
|
10 |
* Nokia Corporation - initial contribution.
|
sl@0
|
11 |
*
|
sl@0
|
12 |
* Contributors:
|
sl@0
|
13 |
*
|
sl@0
|
14 |
* Description:
|
sl@0
|
15 |
*
|
sl@0
|
16 |
*/
|
sl@0
|
17 |
|
sl@0
|
18 |
|
sl@0
|
19 |
#include <bigint.h>
|
sl@0
|
20 |
#include <asymmetric.h>
|
sl@0
|
21 |
#include <hash.h>
|
sl@0
|
22 |
#include <padding.h>
|
sl@0
|
23 |
#include <keyidentifierutil.h>
|
sl@0
|
24 |
#include <signed.h>
|
sl@0
|
25 |
|
sl@0
|
26 |
//RSA signature result
|
sl@0
|
27 |
EXPORT_C TBool CRSASignatureResult::operator== (const CRSASignatureResult& aResult) const
|
sl@0
|
28 |
{
|
sl@0
|
29 |
return ((*(iDigestAlgorithm) == *(aResult.iDigestAlgorithm)) &&
|
sl@0
|
30 |
(*(iDigest)==*(aResult.iDigest)));
|
sl@0
|
31 |
}
|
sl@0
|
32 |
|
sl@0
|
33 |
EXPORT_C CRSASignatureResult::~CRSASignatureResult()
|
sl@0
|
34 |
{
|
sl@0
|
35 |
delete iDigestAlgorithm;
|
sl@0
|
36 |
delete iDigest;
|
sl@0
|
37 |
}
|
sl@0
|
38 |
|
sl@0
|
39 |
//validity period
|
sl@0
|
40 |
EXPORT_C CValidityPeriod::CValidityPeriod(const CValidityPeriod& aValidityPeriod)
|
sl@0
|
41 |
:iStart(aValidityPeriod.iStart), iFinish(aValidityPeriod.iFinish)
|
sl@0
|
42 |
{
|
sl@0
|
43 |
}
|
sl@0
|
44 |
|
sl@0
|
45 |
EXPORT_C CValidityPeriod::CValidityPeriod()
|
sl@0
|
46 |
{
|
sl@0
|
47 |
}
|
sl@0
|
48 |
|
sl@0
|
49 |
EXPORT_C TBool CValidityPeriod::Valid(const TTime& aTime) const
|
sl@0
|
50 |
{
|
sl@0
|
51 |
return ((iStart < aTime) && (iFinish > aTime));
|
sl@0
|
52 |
}
|
sl@0
|
53 |
|
sl@0
|
54 |
EXPORT_C const TTime& CValidityPeriod::Start() const
|
sl@0
|
55 |
{
|
sl@0
|
56 |
return iStart;
|
sl@0
|
57 |
}
|
sl@0
|
58 |
|
sl@0
|
59 |
EXPORT_C const TTime& CValidityPeriod::Finish() const
|
sl@0
|
60 |
{
|
sl@0
|
61 |
return iFinish;
|
sl@0
|
62 |
}
|
sl@0
|
63 |
|
sl@0
|
64 |
//******************************************************************************//
|
sl@0
|
65 |
//algorithm id
|
sl@0
|
66 |
EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewL(const CAlgorithmIdentifier& aAlgorithmIdentifier)
|
sl@0
|
67 |
{
|
sl@0
|
68 |
CAlgorithmIdentifier* self = CAlgorithmIdentifier::NewLC(aAlgorithmIdentifier);
|
sl@0
|
69 |
CleanupStack::Pop();//self
|
sl@0
|
70 |
return self;
|
sl@0
|
71 |
}
|
sl@0
|
72 |
|
sl@0
|
73 |
EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewLC(const CAlgorithmIdentifier& aAlgorithmIdentifier)
|
sl@0
|
74 |
{
|
sl@0
|
75 |
CAlgorithmIdentifier* self = new(ELeave) CAlgorithmIdentifier;
|
sl@0
|
76 |
CleanupStack::PushL(self);
|
sl@0
|
77 |
self->ConstructL(aAlgorithmIdentifier);
|
sl@0
|
78 |
return self;
|
sl@0
|
79 |
}
|
sl@0
|
80 |
|
sl@0
|
81 |
EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewL(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams)
|
sl@0
|
82 |
{
|
sl@0
|
83 |
CAlgorithmIdentifier* self = CAlgorithmIdentifier::NewLC(aAlgorithmId, aEncodedParams);
|
sl@0
|
84 |
CleanupStack::Pop();//self
|
sl@0
|
85 |
return self;
|
sl@0
|
86 |
}
|
sl@0
|
87 |
|
sl@0
|
88 |
EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewLC(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams)
|
sl@0
|
89 |
{
|
sl@0
|
90 |
CAlgorithmIdentifier* self = new(ELeave) CAlgorithmIdentifier(aAlgorithmId);
|
sl@0
|
91 |
CleanupStack::PushL(self);
|
sl@0
|
92 |
self->ConstructL(aEncodedParams);
|
sl@0
|
93 |
return self;
|
sl@0
|
94 |
}
|
sl@0
|
95 |
|
sl@0
|
96 |
EXPORT_C CAlgorithmIdentifier::CAlgorithmIdentifier(TAlgorithmId& aAlgorithmId)
|
sl@0
|
97 |
:iAlgorithmId(aAlgorithmId)
|
sl@0
|
98 |
{
|
sl@0
|
99 |
}
|
sl@0
|
100 |
|
sl@0
|
101 |
EXPORT_C CAlgorithmIdentifier::CAlgorithmIdentifier()
|
sl@0
|
102 |
{
|
sl@0
|
103 |
}
|
sl@0
|
104 |
|
sl@0
|
105 |
EXPORT_C void CAlgorithmIdentifier::ConstructL(const TDesC8& aEncodedParams)
|
sl@0
|
106 |
{
|
sl@0
|
107 |
iEncodedParams = aEncodedParams.AllocL();
|
sl@0
|
108 |
}
|
sl@0
|
109 |
|
sl@0
|
110 |
|
sl@0
|
111 |
EXPORT_C TBool CAlgorithmIdentifier::operator==(const CAlgorithmIdentifier& aAlgorithmIdentifier) const
|
sl@0
|
112 |
{
|
sl@0
|
113 |
return ((iAlgorithmId == aAlgorithmIdentifier.iAlgorithmId) &&
|
sl@0
|
114 |
(*(iEncodedParams) == *(aAlgorithmIdentifier.iEncodedParams)));
|
sl@0
|
115 |
}
|
sl@0
|
116 |
|
sl@0
|
117 |
EXPORT_C TAlgorithmId CAlgorithmIdentifier::Algorithm() const
|
sl@0
|
118 |
{
|
sl@0
|
119 |
return iAlgorithmId;
|
sl@0
|
120 |
}
|
sl@0
|
121 |
|
sl@0
|
122 |
EXPORT_C TPtrC8 CAlgorithmIdentifier::EncodedParams() const
|
sl@0
|
123 |
{
|
sl@0
|
124 |
return iEncodedParams->Des();
|
sl@0
|
125 |
}
|
sl@0
|
126 |
|
sl@0
|
127 |
EXPORT_C CAlgorithmIdentifier::~CAlgorithmIdentifier()
|
sl@0
|
128 |
{
|
sl@0
|
129 |
delete iEncodedParams;
|
sl@0
|
130 |
}
|
sl@0
|
131 |
|
sl@0
|
132 |
EXPORT_C void CAlgorithmIdentifier::ConstructL(const CAlgorithmIdentifier& aAlgorithmIdentifier)
|
sl@0
|
133 |
{
|
sl@0
|
134 |
iAlgorithmId = aAlgorithmIdentifier.iAlgorithmId;
|
sl@0
|
135 |
iEncodedParams = aAlgorithmIdentifier.iEncodedParams->AllocL();
|
sl@0
|
136 |
}
|
sl@0
|
137 |
|
sl@0
|
138 |
//***********************************************************************//
|
sl@0
|
139 |
//signing algorithm id
|
sl@0
|
140 |
EXPORT_C CSigningAlgorithmIdentifier* CSigningAlgorithmIdentifier::NewL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier)
|
sl@0
|
141 |
{
|
sl@0
|
142 |
CSigningAlgorithmIdentifier* self = CSigningAlgorithmIdentifier::NewLC(aSigningAlgorithmIdentifier);
|
sl@0
|
143 |
CleanupStack::Pop();//self
|
sl@0
|
144 |
return self;
|
sl@0
|
145 |
}
|
sl@0
|
146 |
|
sl@0
|
147 |
EXPORT_C CSigningAlgorithmIdentifier* CSigningAlgorithmIdentifier::NewLC(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier)
|
sl@0
|
148 |
{
|
sl@0
|
149 |
CSigningAlgorithmIdentifier* self = new(ELeave) CSigningAlgorithmIdentifier;
|
sl@0
|
150 |
CleanupStack::PushL(self);
|
sl@0
|
151 |
self->ConstructL(aSigningAlgorithmIdentifier);
|
sl@0
|
152 |
return self;
|
sl@0
|
153 |
}
|
sl@0
|
154 |
|
sl@0
|
155 |
EXPORT_C TBool CSigningAlgorithmIdentifier::operator == (const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier) const
|
sl@0
|
156 |
{
|
sl@0
|
157 |
return ((*(iAsymmetricAlgorithm) == *(aSigningAlgorithmIdentifier.iAsymmetricAlgorithm)) &&
|
sl@0
|
158 |
(*(iDigestAlgorithm) == *(aSigningAlgorithmIdentifier.iDigestAlgorithm)));
|
sl@0
|
159 |
}
|
sl@0
|
160 |
|
sl@0
|
161 |
void CSigningAlgorithmIdentifier::ConstructL(const CSigningAlgorithmIdentifier& aAlgorithmIdentifier)
|
sl@0
|
162 |
{
|
sl@0
|
163 |
iAsymmetricAlgorithm = CAlgorithmIdentifier::NewL(*(aAlgorithmIdentifier.iAsymmetricAlgorithm));
|
sl@0
|
164 |
iDigestAlgorithm = CAlgorithmIdentifier::NewL(*(aAlgorithmIdentifier.iDigestAlgorithm));
|
sl@0
|
165 |
}
|
sl@0
|
166 |
|
sl@0
|
167 |
EXPORT_C const CAlgorithmIdentifier& CSigningAlgorithmIdentifier::AsymmetricAlgorithm() const
|
sl@0
|
168 |
{
|
sl@0
|
169 |
return *iAsymmetricAlgorithm;
|
sl@0
|
170 |
}
|
sl@0
|
171 |
|
sl@0
|
172 |
EXPORT_C const CAlgorithmIdentifier& CSigningAlgorithmIdentifier::DigestAlgorithm() const
|
sl@0
|
173 |
{
|
sl@0
|
174 |
return *iDigestAlgorithm;
|
sl@0
|
175 |
}
|
sl@0
|
176 |
|
sl@0
|
177 |
EXPORT_C CSigningAlgorithmIdentifier::~CSigningAlgorithmIdentifier()
|
sl@0
|
178 |
{
|
sl@0
|
179 |
delete iAsymmetricAlgorithm;
|
sl@0
|
180 |
delete iDigestAlgorithm;
|
sl@0
|
181 |
}
|
sl@0
|
182 |
|
sl@0
|
183 |
//************************************************************************//
|
sl@0
|
184 |
//subject public key info
|
sl@0
|
185 |
EXPORT_C CSubjectPublicKeyInfo* CSubjectPublicKeyInfo::NewL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
|
sl@0
|
186 |
{
|
sl@0
|
187 |
CSubjectPublicKeyInfo* self = CSubjectPublicKeyInfo::NewLC(aSubjectPublicKeyInfo);
|
sl@0
|
188 |
CleanupStack::Pop();//self
|
sl@0
|
189 |
return self;
|
sl@0
|
190 |
}
|
sl@0
|
191 |
|
sl@0
|
192 |
EXPORT_C CSubjectPublicKeyInfo* CSubjectPublicKeyInfo::NewLC(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
|
sl@0
|
193 |
{
|
sl@0
|
194 |
CSubjectPublicKeyInfo* self = new(ELeave) CSubjectPublicKeyInfo;
|
sl@0
|
195 |
CleanupStack::PushL(self);
|
sl@0
|
196 |
self->ConstructL(aSubjectPublicKeyInfo);
|
sl@0
|
197 |
return self;
|
sl@0
|
198 |
}
|
sl@0
|
199 |
|
sl@0
|
200 |
EXPORT_C TAlgorithmId CSubjectPublicKeyInfo::AlgorithmId() const
|
sl@0
|
201 |
{
|
sl@0
|
202 |
return iAlgId->Algorithm();
|
sl@0
|
203 |
}
|
sl@0
|
204 |
|
sl@0
|
205 |
EXPORT_C const TPtrC8 CSubjectPublicKeyInfo::EncodedParams() const
|
sl@0
|
206 |
{
|
sl@0
|
207 |
return iAlgId->EncodedParams();
|
sl@0
|
208 |
}
|
sl@0
|
209 |
|
sl@0
|
210 |
EXPORT_C const TPtrC8 CSubjectPublicKeyInfo::KeyData() const
|
sl@0
|
211 |
{
|
sl@0
|
212 |
return iEncodedKeyData->Des();
|
sl@0
|
213 |
}
|
sl@0
|
214 |
|
sl@0
|
215 |
EXPORT_C CSubjectPublicKeyInfo::~CSubjectPublicKeyInfo()
|
sl@0
|
216 |
{
|
sl@0
|
217 |
delete iAlgId;
|
sl@0
|
218 |
delete iEncodedKeyData;
|
sl@0
|
219 |
}
|
sl@0
|
220 |
|
sl@0
|
221 |
EXPORT_C void CSubjectPublicKeyInfo::ConstructL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
|
sl@0
|
222 |
{
|
sl@0
|
223 |
iAlgId = CAlgorithmIdentifier::NewL(*(aSubjectPublicKeyInfo.iAlgId));
|
sl@0
|
224 |
iEncodedKeyData = aSubjectPublicKeyInfo.iEncodedKeyData->AllocL();
|
sl@0
|
225 |
}
|
sl@0
|
226 |
|
sl@0
|
227 |
//******************************************************************//
|
sl@0
|
228 |
//signed object parameters
|
sl@0
|
229 |
|
sl@0
|
230 |
//ctors
|
sl@0
|
231 |
|
sl@0
|
232 |
EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewL()
|
sl@0
|
233 |
{
|
sl@0
|
234 |
CSigningKeyParameters* self = new(ELeave) CSigningKeyParameters;
|
sl@0
|
235 |
return self;
|
sl@0
|
236 |
}
|
sl@0
|
237 |
|
sl@0
|
238 |
EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewLC()
|
sl@0
|
239 |
{
|
sl@0
|
240 |
CSigningKeyParameters* self = CSigningKeyParameters::NewL();
|
sl@0
|
241 |
CleanupStack::PushL(self);
|
sl@0
|
242 |
return self;
|
sl@0
|
243 |
}
|
sl@0
|
244 |
|
sl@0
|
245 |
//copy ctors
|
sl@0
|
246 |
EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewL(const CSigningKeyParameters& aParameters)
|
sl@0
|
247 |
{
|
sl@0
|
248 |
CSigningKeyParameters* self = CSigningKeyParameters::NewLC(aParameters);
|
sl@0
|
249 |
CleanupStack::Pop();
|
sl@0
|
250 |
return self;
|
sl@0
|
251 |
}
|
sl@0
|
252 |
|
sl@0
|
253 |
EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewLC(const CSigningKeyParameters& aParameters)
|
sl@0
|
254 |
{
|
sl@0
|
255 |
CSigningKeyParameters* self = new(ELeave) CSigningKeyParameters;
|
sl@0
|
256 |
CleanupStack::PushL(self);
|
sl@0
|
257 |
self->ConstructL(aParameters);
|
sl@0
|
258 |
return self;
|
sl@0
|
259 |
}
|
sl@0
|
260 |
|
sl@0
|
261 |
void CSigningKeyParameters::ConstructL(const CSigningKeyParameters& aParameters)
|
sl@0
|
262 |
{
|
sl@0
|
263 |
SetDSAParamsL(*(aParameters.iDSAParams));
|
sl@0
|
264 |
}
|
sl@0
|
265 |
|
sl@0
|
266 |
//dtor
|
sl@0
|
267 |
EXPORT_C CSigningKeyParameters::~CSigningKeyParameters()
|
sl@0
|
268 |
{
|
sl@0
|
269 |
delete iDSAParams;
|
sl@0
|
270 |
}
|
sl@0
|
271 |
|
sl@0
|
272 |
EXPORT_C void CSigningKeyParameters::SetDSAParamsL(const CDSAParameters& aParams)
|
sl@0
|
273 |
{
|
sl@0
|
274 |
delete iDSAParams;
|
sl@0
|
275 |
iDSAParams = NULL; // In case the next fails
|
sl@0
|
276 |
|
sl@0
|
277 |
// Copy the TIntegers
|
sl@0
|
278 |
RInteger p = RInteger::NewL(aParams.P());
|
sl@0
|
279 |
CleanupStack::PushL(p);
|
sl@0
|
280 |
|
sl@0
|
281 |
RInteger q = RInteger::NewL(aParams.Q());
|
sl@0
|
282 |
CleanupStack::PushL(q);
|
sl@0
|
283 |
|
sl@0
|
284 |
RInteger g = RInteger::NewL(aParams.G());
|
sl@0
|
285 |
CleanupStack::PushL(g);
|
sl@0
|
286 |
|
sl@0
|
287 |
iDSAParams = CDSAParameters::NewL(p, q, g);
|
sl@0
|
288 |
CleanupStack::Pop(3, &p);
|
sl@0
|
289 |
}
|
sl@0
|
290 |
|
sl@0
|
291 |
const CDSAParameters* CSigningKeyParameters::DSAParams() const
|
sl@0
|
292 |
{
|
sl@0
|
293 |
return iDSAParams;
|
sl@0
|
294 |
}
|
sl@0
|
295 |
|
sl@0
|
296 |
CSigningKeyParameters::CSigningKeyParameters()
|
sl@0
|
297 |
{
|
sl@0
|
298 |
}
|
sl@0
|
299 |
|
sl@0
|
300 |
//******************************************************************//
|
sl@0
|
301 |
//signed object
|
sl@0
|
302 |
EXPORT_C TBool CSignedObject::VerifySignatureL(const TDesC8& aEncodedKey) const
|
sl@0
|
303 |
{
|
sl@0
|
304 |
const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
|
sl@0
|
305 |
const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
|
sl@0
|
306 |
|
sl@0
|
307 |
TBool verifyResult = EFalse;
|
sl@0
|
308 |
if (algId.Algorithm() == EDSA)
|
sl@0
|
309 |
{
|
sl@0
|
310 |
if (digestId.Algorithm() != ESHA1)
|
sl@0
|
311 |
{
|
sl@0
|
312 |
User::Leave(KErrArgument);
|
sl@0
|
313 |
}
|
sl@0
|
314 |
|
sl@0
|
315 |
CSHA1* sha1 = CSHA1::NewL();
|
sl@0
|
316 |
CleanupStack::PushL(sha1);
|
sl@0
|
317 |
TPtrC8 signedData = SignedDataL();
|
sl@0
|
318 |
TPtrC8 hash = sha1->Final(signedData);
|
sl@0
|
319 |
verifyResult=VerifySignatureL(aEncodedKey, hash);
|
sl@0
|
320 |
CleanupStack::PopAndDestroy(sha1);//hash
|
sl@0
|
321 |
}
|
sl@0
|
322 |
else
|
sl@0
|
323 |
{
|
sl@0
|
324 |
TRAPD(result, verifyResult = VerifyRSASignatureL(aEncodedKey));
|
sl@0
|
325 |
if (result==KErrNoMemory) // Leave if OOM, anything else is a verify
|
sl@0
|
326 |
User::Leave(result); // error => verifyResult = EFalse
|
sl@0
|
327 |
|
sl@0
|
328 |
}
|
sl@0
|
329 |
|
sl@0
|
330 |
return verifyResult;
|
sl@0
|
331 |
}
|
sl@0
|
332 |
|
sl@0
|
333 |
EXPORT_C TBool CSignedObject::VerifySignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const
|
sl@0
|
334 |
{
|
sl@0
|
335 |
const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
|
sl@0
|
336 |
const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
|
sl@0
|
337 |
|
sl@0
|
338 |
TBool verifyResult = EFalse;
|
sl@0
|
339 |
if (algId.Algorithm() == EDSA)
|
sl@0
|
340 |
{
|
sl@0
|
341 |
if (digestId.Algorithm() != ESHA1)
|
sl@0
|
342 |
{
|
sl@0
|
343 |
User::Leave(KErrArgument);
|
sl@0
|
344 |
}
|
sl@0
|
345 |
|
sl@0
|
346 |
CDSAPublicKey* key = NULL;
|
sl@0
|
347 |
if (algId.EncodedParams().Length() != 0)
|
sl@0
|
348 |
{
|
sl@0
|
349 |
key = iKeyFactory->DSAPublicKeyL(algId.EncodedParams(), aEncodedKey);
|
sl@0
|
350 |
}
|
sl@0
|
351 |
else
|
sl@0
|
352 |
{
|
sl@0
|
353 |
if (iParameters != NULL)
|
sl@0
|
354 |
{
|
sl@0
|
355 |
const CDSAParameters* params = iParameters->DSAParams();
|
sl@0
|
356 |
if (!params)
|
sl@0
|
357 |
{
|
sl@0
|
358 |
User::Leave(KErrArgument);//no params
|
sl@0
|
359 |
}
|
sl@0
|
360 |
else
|
sl@0
|
361 |
{
|
sl@0
|
362 |
key = iKeyFactory->DSAPublicKeyL(*params, aEncodedKey);
|
sl@0
|
363 |
}
|
sl@0
|
364 |
}
|
sl@0
|
365 |
}
|
sl@0
|
366 |
if (key == NULL)
|
sl@0
|
367 |
{
|
sl@0
|
368 |
User::Leave(KErrArgument);
|
sl@0
|
369 |
}
|
sl@0
|
370 |
CleanupStack::PushL(key);
|
sl@0
|
371 |
CDSAVerifier* verifier = CDSAVerifier::NewLC(*key);
|
sl@0
|
372 |
CDSASignature* sig = iKeyFactory->DSASignatureL(Signature());
|
sl@0
|
373 |
CleanupStack::PushL(sig);
|
sl@0
|
374 |
verifyResult = verifier->VerifyL(aHash, *sig);
|
sl@0
|
375 |
CleanupStack::PopAndDestroy(3);// key, verifier, sig
|
sl@0
|
376 |
}
|
sl@0
|
377 |
else
|
sl@0
|
378 |
{
|
sl@0
|
379 |
TRAPD(result, verifyResult = VerifyRSASignatureL(aEncodedKey, aHash));
|
sl@0
|
380 |
if (result==KErrNoMemory) // Leave if OOM, anything else is a verify
|
sl@0
|
381 |
User::Leave(result); // error => verifyResult = EFalse
|
sl@0
|
382 |
|
sl@0
|
383 |
}
|
sl@0
|
384 |
return verifyResult;
|
sl@0
|
385 |
|
sl@0
|
386 |
}
|
sl@0
|
387 |
|
sl@0
|
388 |
TBool CSignedObject::VerifyRSASignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const
|
sl@0
|
389 |
{
|
sl@0
|
390 |
__UHEAP_MARK;
|
sl@0
|
391 |
const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
|
sl@0
|
392 |
const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
|
sl@0
|
393 |
if (algId.Algorithm() != ERSA)
|
sl@0
|
394 |
{
|
sl@0
|
395 |
User::Leave(KErrArgument);
|
sl@0
|
396 |
}
|
sl@0
|
397 |
|
sl@0
|
398 |
//Get the public key
|
sl@0
|
399 |
CRSAPublicKey* key = iKeyFactory->RSAPublicKeyL(aEncodedKey);
|
sl@0
|
400 |
CleanupStack::PushL(key);
|
sl@0
|
401 |
|
sl@0
|
402 |
CRSAPKCS1v15Verifier* verifier = CRSAPKCS1v15Verifier::NewLC(*key);
|
sl@0
|
403 |
|
sl@0
|
404 |
RInteger sig = RInteger::NewL(Signature());
|
sl@0
|
405 |
CleanupStack::PushL(sig);
|
sl@0
|
406 |
CRSASignature* theSignature = CRSASignature::NewL(sig);
|
sl@0
|
407 |
CleanupStack::Pop(&sig);
|
sl@0
|
408 |
CleanupStack::PushL(theSignature);
|
sl@0
|
409 |
|
sl@0
|
410 |
HBufC8* publicDecryptOutput = verifier->InverseSignLC(*theSignature);
|
sl@0
|
411 |
|
sl@0
|
412 |
//Now verify it
|
sl@0
|
413 |
TPtrC8 hash(aHash);
|
sl@0
|
414 |
CRSASignatureResult* decoder = iKeyFactory->RSASignatureResultL(digestId, hash);
|
sl@0
|
415 |
CleanupStack::PushL(decoder);
|
sl@0
|
416 |
|
sl@0
|
417 |
TPtr8 outputPtr(publicDecryptOutput->Des());
|
sl@0
|
418 |
TBool verified = decoder->VerifyL(outputPtr);
|
sl@0
|
419 |
CleanupStack::PopAndDestroy(5, key); // decoder, publicDecryptOutput, theSignature
|
sl@0
|
420 |
// verifier, key,
|
sl@0
|
421 |
__UHEAP_MARKEND;
|
sl@0
|
422 |
return (verified);
|
sl@0
|
423 |
}
|
sl@0
|
424 |
|
sl@0
|
425 |
// x509 signature comprises of an AlgID and the signed data itself, so a simple
|
sl@0
|
426 |
// verify is not possible (the data returned from public decrypt will not match
|
sl@0
|
427 |
// the original data signed because of the extra algID appendage).
|
sl@0
|
428 |
//
|
sl@0
|
429 |
TBool CSignedObject::VerifyRSASignatureL(const TDesC8& aEncodedKey) const
|
sl@0
|
430 |
{
|
sl@0
|
431 |
__UHEAP_MARK;
|
sl@0
|
432 |
const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
|
sl@0
|
433 |
const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
|
sl@0
|
434 |
if (algId.Algorithm() != ERSA)
|
sl@0
|
435 |
{
|
sl@0
|
436 |
User::Leave(KErrArgument);
|
sl@0
|
437 |
}
|
sl@0
|
438 |
CMessageDigest* digest = NULL;
|
sl@0
|
439 |
switch(digestId.Algorithm())
|
sl@0
|
440 |
{
|
sl@0
|
441 |
case EMD2:
|
sl@0
|
442 |
{
|
sl@0
|
443 |
digest = CMD2::NewL();
|
sl@0
|
444 |
break;
|
sl@0
|
445 |
}
|
sl@0
|
446 |
case EMD5:
|
sl@0
|
447 |
{
|
sl@0
|
448 |
digest = CMD5::NewL();
|
sl@0
|
449 |
break;
|
sl@0
|
450 |
}
|
sl@0
|
451 |
case ESHA1:
|
sl@0
|
452 |
{
|
sl@0
|
453 |
digest = CSHA1::NewL();
|
sl@0
|
454 |
break;
|
sl@0
|
455 |
}
|
sl@0
|
456 |
case ESHA224:
|
sl@0
|
457 |
{
|
sl@0
|
458 |
digest = CSHA2::NewL(E224Bit);
|
sl@0
|
459 |
break;
|
sl@0
|
460 |
}
|
sl@0
|
461 |
case ESHA256:
|
sl@0
|
462 |
{
|
sl@0
|
463 |
digest = CSHA2::NewL(E256Bit);
|
sl@0
|
464 |
break;
|
sl@0
|
465 |
}
|
sl@0
|
466 |
case ESHA384:
|
sl@0
|
467 |
{
|
sl@0
|
468 |
digest = CSHA2::NewL(E384Bit);
|
sl@0
|
469 |
break;
|
sl@0
|
470 |
}
|
sl@0
|
471 |
case ESHA512:
|
sl@0
|
472 |
{
|
sl@0
|
473 |
digest = CSHA2::NewL(E512Bit);
|
sl@0
|
474 |
break;
|
sl@0
|
475 |
}
|
sl@0
|
476 |
|
sl@0
|
477 |
default:
|
sl@0
|
478 |
User::Leave(KErrArgument);
|
sl@0
|
479 |
}
|
sl@0
|
480 |
|
sl@0
|
481 |
//Hash the data
|
sl@0
|
482 |
CleanupStack::PushL(digest);
|
sl@0
|
483 |
TPtrC8 hash = digest->Final(SignedDataL());
|
sl@0
|
484 |
TBool verifyResult=VerifyRSASignatureL(aEncodedKey, hash);
|
sl@0
|
485 |
CleanupStack::PopAndDestroy(digest);
|
sl@0
|
486 |
__UHEAP_MARKEND;
|
sl@0
|
487 |
return verifyResult;
|
sl@0
|
488 |
}
|
sl@0
|
489 |
|
sl@0
|
490 |
EXPORT_C void CSignedObject::SetParametersL(const CSigningKeyParameters& aParameters)
|
sl@0
|
491 |
{
|
sl@0
|
492 |
delete iParameters;
|
sl@0
|
493 |
iParameters = NULL; // In case next fails
|
sl@0
|
494 |
iParameters = CSigningKeyParameters::NewL(aParameters);
|
sl@0
|
495 |
}
|
sl@0
|
496 |
|
sl@0
|
497 |
EXPORT_C const TPtrC8 CSignedObject::Signature() const
|
sl@0
|
498 |
{
|
sl@0
|
499 |
return iSignature->Des();
|
sl@0
|
500 |
}
|
sl@0
|
501 |
|
sl@0
|
502 |
EXPORT_C const TPtrC8 CSignedObject::Encoding() const
|
sl@0
|
503 |
{
|
sl@0
|
504 |
return iEncoding->Des();
|
sl@0
|
505 |
}
|
sl@0
|
506 |
|
sl@0
|
507 |
EXPORT_C const CSigningAlgorithmIdentifier& CSignedObject::SigningAlgorithm() const
|
sl@0
|
508 |
{
|
sl@0
|
509 |
return *iSigningAlgorithm;
|
sl@0
|
510 |
}
|
sl@0
|
511 |
|
sl@0
|
512 |
EXPORT_C const TPtrC8 CSignedObject::Fingerprint() const
|
sl@0
|
513 |
{
|
sl@0
|
514 |
return iFingerprint->Des();
|
sl@0
|
515 |
}
|
sl@0
|
516 |
|
sl@0
|
517 |
EXPORT_C CSignedObject::~CSignedObject()
|
sl@0
|
518 |
{
|
sl@0
|
519 |
delete iParameters;
|
sl@0
|
520 |
delete iKeyFactory;
|
sl@0
|
521 |
delete iFingerprint;
|
sl@0
|
522 |
delete iEncoding;
|
sl@0
|
523 |
delete iSignature;
|
sl@0
|
524 |
delete iSigningAlgorithm;
|
sl@0
|
525 |
}
|
sl@0
|
526 |
|
sl@0
|
527 |
EXPORT_C void CSignedObject::ExternalizeL(RWriteStream& aStream) const
|
sl@0
|
528 |
{
|
sl@0
|
529 |
aStream.WriteInt32L(iEncoding->Length());
|
sl@0
|
530 |
aStream.WriteL(*iEncoding);
|
sl@0
|
531 |
}
|
sl@0
|
532 |
|
sl@0
|
533 |
|
sl@0
|
534 |
//****************************************************************************************//
|
sl@0
|
535 |
//certificate base
|
sl@0
|
536 |
EXPORT_C CCertificate::~CCertificate()
|
sl@0
|
537 |
{
|
sl@0
|
538 |
delete iSerialNumber;
|
sl@0
|
539 |
delete iValidityPeriod;
|
sl@0
|
540 |
delete iSubjectPublicKeyInfo;
|
sl@0
|
541 |
}
|
sl@0
|
542 |
|
sl@0
|
543 |
EXPORT_C const TPtrC8 CCertificate::SerialNumber() const
|
sl@0
|
544 |
{
|
sl@0
|
545 |
return iSerialNumber->Des();
|
sl@0
|
546 |
}
|
sl@0
|
547 |
|
sl@0
|
548 |
EXPORT_C const CValidityPeriod& CCertificate::ValidityPeriod() const
|
sl@0
|
549 |
{
|
sl@0
|
550 |
return *iValidityPeriod;
|
sl@0
|
551 |
}
|
sl@0
|
552 |
|
sl@0
|
553 |
EXPORT_C const CSubjectPublicKeyInfo& CCertificate::PublicKey() const
|
sl@0
|
554 |
{
|
sl@0
|
555 |
return *iSubjectPublicKeyInfo;
|
sl@0
|
556 |
}
|
sl@0
|
557 |
|
sl@0
|
558 |
EXPORT_C TKeyIdentifier CCertificate::KeyIdentifierL() const
|
sl@0
|
559 |
{
|
sl@0
|
560 |
if (iSubjectPublicKeyInfo->AlgorithmId() != ERSA)
|
sl@0
|
561 |
{
|
sl@0
|
562 |
User::Leave(KErrNotSupported);
|
sl@0
|
563 |
}
|
sl@0
|
564 |
|
sl@0
|
565 |
CRSAPublicKey* rsaKey = iKeyFactory->RSAPublicKeyL(iSubjectPublicKeyInfo->KeyData());
|
sl@0
|
566 |
CleanupStack::PushL(rsaKey);
|
sl@0
|
567 |
TKeyIdentifier retVal;
|
sl@0
|
568 |
KeyIdentifierUtil::RSAKeyIdentifierL(*rsaKey, retVal);
|
sl@0
|
569 |
CleanupStack::PopAndDestroy(rsaKey);
|
sl@0
|
570 |
return retVal;
|
sl@0
|
571 |
}
|