Symaptic: os/security/cryptoservices/certificateandkeymgmt/pkcs12/pkcs12macdata.cpp@bde4ae8d615e (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	*
sl@0	16	*/
sl@0	17
sl@0	18
sl@0	19	#include "pkcs12macdata.h"
sl@0	20
sl@0	21	using namespace PKCS12;
sl@0	22
sl@0	23	CDecPkcs12MacData::CDecPkcs12MacData()
sl@0	24	{
sl@0	25	}
sl@0	26
sl@0	27	EXPORT_C CDecPkcs12MacData* CDecPkcs12MacData::NewL(const TDesC8& aMacData, const TDesC8& aAuthSafeData)
sl@0	28	{
sl@0	29	CDecPkcs12MacData* self = new(ELeave) CDecPkcs12MacData();
sl@0	30	CleanupStack::PushL(self);
sl@0	31	self->ConstructL(aMacData, aAuthSafeData);
sl@0	32	CleanupStack::Pop(self);
sl@0	33	return self;
sl@0	34	}
sl@0	35
sl@0	36	CDecPkcs12MacData::~CDecPkcs12MacData()
sl@0	37	{
sl@0	38	delete iDigestInfo;
sl@0	39	}
sl@0	40
sl@0	41	void CDecPkcs12MacData::ConstructL(const TDesC8& aMacData, const TDesC8& aAuthSafeData)
sl@0	42	{
sl@0	43	iAuthSafeDataPtr.Set(aAuthSafeData);
sl@0	44
sl@0	45	// MacData is a Sequence
sl@0	46	TASN1DecGeneric seqGen(aMacData);
sl@0	47	seqGen.InitL();
sl@0	48	if (seqGen.Tag() != EASN1Sequence \|\| seqGen.Class() != EUniversal)
sl@0	49	{
sl@0	50	User::Leave(KErrArgument);
sl@0	51	}
sl@0	52
sl@0	53	// Decode the MacData Sequence
sl@0	54	TASN1DecSequence seq;
sl@0	55	CArrayPtr<TASN1DecGeneric>* macDataSequence = seq.DecodeDERLC(seqGen);
sl@0	56	TInt macDataCount = macDataSequence->Count();
sl@0	57	// Check if Mac, MacSalt and Iteration Count are present
sl@0	58	// Iteration Count is 1 by default
sl@0	59	if (macDataCount < 2 \|\| macDataCount > 3)
sl@0	60	{
sl@0	61	User::Leave(KErrArgument);
sl@0	62	}
sl@0	63
sl@0	64	// DigestInfo
sl@0	65	const TASN1DecGeneric* macDataSequenceAt0 = macDataSequence->At(0);
sl@0	66	// DigestInfo is a Sequence
sl@0	67	if (macDataSequenceAt0->Tag() != EASN1Sequence \|\| macDataSequenceAt0->Class() != EUniversal)
sl@0	68	{
sl@0	69	User::Leave(KErrArgument);
sl@0	70	}
sl@0	71	iDigestInfo = CPKCS7DigestInfo::NewL(macDataSequenceAt0->Encoding());
sl@0	72
sl@0	73	// MacSalt
sl@0	74	const TASN1DecGeneric* macDataSequenceAt1 = macDataSequence->At(1);
sl@0	75	// MacSalt is an OctetString
sl@0	76	if (macDataSequenceAt1->Tag() != EASN1OctetString \|\| macDataSequenceAt1->Class() != EUniversal)
sl@0	77	{
sl@0	78	User::Leave(KErrArgument);
sl@0	79	}
sl@0	80	iMacSalt.Set(macDataSequenceAt1->GetContentDER());
sl@0	81
sl@0	82	// Iteration Count
sl@0	83	if(macDataSequence->Count() == 3)
sl@0	84	{
sl@0	85	// Check for IterationCount
sl@0	86	const TASN1DecGeneric* macDataSequenceAt2 = macDataSequence->At(2);
sl@0	87	if (macDataSequenceAt2->Tag() != EASN1Integer \|\| macDataSequenceAt2->Class() != EUniversal)
sl@0	88	{
sl@0	89	User::Leave(KErrArgument);
sl@0	90	}
sl@0	91
sl@0	92	TASN1DecInteger intDecoder;
sl@0	93	iIterationCount = intDecoder.DecodeDERShortL(*macDataSequenceAt2);
sl@0	94	if(iIterationCount <= 0)
sl@0	95	{
sl@0	96	User::Leave(KErrArgument);
sl@0	97	}
sl@0	98	}
sl@0	99	// Assign the Default value as 1 if Iteration Count is not present.
sl@0	100	else
sl@0	101	{
sl@0	102	iIterationCount = KDefaultIterationCount;
sl@0	103	}
sl@0	104	CleanupStack::PopAndDestroy(macDataSequence);
sl@0	105	}
sl@0	106
sl@0	107	EXPORT_C const CPKCS7DigestInfo& CDecPkcs12MacData::DigestInfo() const
sl@0	108	{
sl@0	109	return *iDigestInfo;
sl@0	110	}
sl@0	111
sl@0	112	EXPORT_C const TDesC8& CDecPkcs12MacData::MacSalt() const
sl@0	113	{
sl@0	114	return iMacSalt;
sl@0	115	}
sl@0	116
sl@0	117	EXPORT_C TInt CDecPkcs12MacData::IterationCount() const
sl@0	118	{
sl@0	119	return iIterationCount;
sl@0	120	}
sl@0	121
sl@0	122	EXPORT_C TBool CDecPkcs12MacData::VerifyIntegrityL(const TDesC& aPassword) const
sl@0	123	{
sl@0	124	__UHEAP_MARK;
sl@0	125	HBufC8* encryptKey = HBufC8::NewMaxLC(KSha1HmacKeyLength);
sl@0	126	TPtr8 encryptedKey(encryptKey->Des());
sl@0	127
sl@0	128	// Convert the supplied string to a byte string. Each character is converted to a big
sl@0	129	// endian two-byte value, and a terminating NULL character is appended to the end.
sl@0	130	HBufC8* password = PKCS12KDF::GeneratePasswordLC(aPassword);
sl@0	131
sl@0	132	PKCS12KDF::DeriveKeyL(encryptedKey, PKCS12KDF::EIDByteMACKey, *password ,MacSalt(), IterationCount());
sl@0	133
sl@0	134	CMessageDigest* digest1 = NULL;
sl@0	135	TAlgorithmId algorithmId = DigestInfo().Algorithm();
sl@0	136	if (algorithmId != ESHA1)
sl@0	137	{
sl@0	138	User::Leave(KErrNotSupported);
sl@0	139	}
sl@0	140	digest1 = CSHA1::NewL();
sl@0	141	CleanupStack::PushL( digest1 );
sl@0	142
sl@0	143	CHMAC* hmac1 = CHMAC::NewL( encryptedKey, digest1);
sl@0	144	CleanupStack::PushL( hmac1 );
sl@0	145
sl@0	146	TPtrC8 tmpHash = hmac1->Final(iAuthSafeDataPtr);
sl@0	147	TInt ret = tmpHash.Compare(DigestInfo().Digest());
sl@0	148	TBool result;
sl@0	149	if(ret)
sl@0	150	{
sl@0	151	result = EFalse;
sl@0	152	}
sl@0	153	else
sl@0	154	{
sl@0	155	result = ETrue;
sl@0	156	}
sl@0	157
sl@0	158	CleanupStack::PopAndDestroy(hmac1);
sl@0	159	CleanupStack::Pop(digest1);
sl@0	160	CleanupStack::PopAndDestroy(2,encryptKey); // encryptKey, password
sl@0	161
sl@0	162	__UHEAP_MARKEND;
sl@0	163
sl@0	164	return result;
sl@0	165	}
sl@0	166
sl@0	167
sl@0	168

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--