Symaptic: os/security/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/OpenedKeys.cpp@bde4ae8d615e (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	*
sl@0	16	*/
sl@0	17
sl@0	18
sl@0	19	#include "OpenedKeys.h"
sl@0	20	#include "cfskeystoreserver.h"
sl@0	21	#include "keystreamutils.h"
sl@0	22	#include "fsdatatypes.h"
sl@0	23	#include "keystorepassphrase.h"
sl@0	24
sl@0	25	#include <asymmetric.h>
sl@0	26	#include <asymmetrickeys.h>
sl@0	27	#include <bigint.h>
sl@0	28	#include <ct.h>
sl@0	29	#include <securityerr.h>
sl@0	30	#include <e32base.h>
sl@0	31	#include <mctkeystoreuids.h>
sl@0	32
sl@0	33	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	34	#include <authserver/authtypes.h>
sl@0	35	#include <authserver/auth_srv_errs.h>
sl@0	36	#include <s32mem.h>
sl@0	37	#include "keystore_errs.h"
sl@0	38	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	39
sl@0	40	// COpenedKey //////////////////////////////////////////////////////////////////
sl@0	41
sl@0	42	COpenedKey* COpenedKey::NewL(const CFileKeyData& aKeyData, TUid aType, const RMessage2& aMessage,
sl@0	43	CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan)
sl@0	44	{
sl@0	45	COpenedKey* self = NULL;
sl@0	46
sl@0	47	if (aType == KRSARepudiableSignerUID)
sl@0	48	{
sl@0	49	self = new (ELeave) CRSARepudiableSigner(aKeyData, aKeyDataMan, aPassMan);
sl@0	50	}
sl@0	51	else if (aType == KDSARepudiableSignerUID)
sl@0	52	{
sl@0	53	self = new (ELeave) CDSARepudiableSigner(aKeyData, aKeyDataMan, aPassMan);
sl@0	54	}
sl@0	55	else if (aType == KPrivateDecryptorUID)
sl@0	56	{
sl@0	57	self = new (ELeave) CFSRSADecryptor(aKeyData, aKeyDataMan, aPassMan);
sl@0	58	}
sl@0	59	else if (aType == KKeyAgreementUID)
sl@0	60	{
sl@0	61	self = new (ELeave) CDHAgreement(aKeyData, aKeyDataMan, aPassMan);
sl@0	62	}
sl@0	63	else
sl@0	64	{
sl@0	65	User::Invariant();
sl@0	66	}
sl@0	67
sl@0	68	CleanupStack::PushL(self);
sl@0	69	self->ConstructL(aMessage);
sl@0	70	CleanupStack::Pop(self);
sl@0	71	return self;
sl@0	72	}
sl@0	73
sl@0	74	COpenedKey::COpenedKey(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0	75	CActive(EPriorityStandard),
sl@0	76	iKeyData(aKeyData),
sl@0	77	iKeyDataMan(aKeyDataMan),
sl@0	78	iPassMan(aPassMan)
sl@0	79	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	80	,iUserIdentity(NULL)
sl@0	81	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	82	{
sl@0	83	}
sl@0	84
sl@0	85	void COpenedKey::ConstructL(const RMessage2& aMessage)
sl@0	86	{
sl@0	87	CKeyInfo* keyInfo = iKeyDataMan.ReadKeyInfoLC(iKeyData);
sl@0	88	CleanupStack::Pop(keyInfo);
sl@0	89	iKeyInfo = keyInfo;
sl@0	90	CheckKeyL(aMessage);
sl@0	91	iLabel = iKeyInfo->Label().AllocL();
sl@0	92	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	93	User::LeaveIfError(iAuthClient.Connect());
sl@0	94	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	95	CActiveScheduler::Add(this);
sl@0	96	}
sl@0	97
sl@0	98	COpenedKey::~COpenedKey()
sl@0	99	{
sl@0	100	Cancel();
sl@0	101	delete iLabel;
sl@0	102	delete iKeyInfo;
sl@0	103	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	104	iAuthClient.Close();
sl@0	105	delete iExpression;
sl@0	106	delete iUserIdentity;
sl@0	107	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	108
sl@0	109	}
sl@0	110
sl@0	111	const TDesC& COpenedKey::Label() const
sl@0	112	{
sl@0	113	return *iLabel;
sl@0	114	}
sl@0	115
sl@0	116	TInt COpenedKey::Handle() const
sl@0	117	{
sl@0	118	return iKeyData.Handle();
sl@0	119	}
sl@0	120
sl@0	121	void COpenedKey::CheckKeyL(const RMessage2& aMessage)
sl@0	122	{
sl@0	123	// Check the client is allowed to use the key
sl@0	124	if (!iKeyInfo->UsePolicy().CheckPolicy(aMessage))
sl@0	125	{
sl@0	126	User::Leave(KErrPermissionDenied);
sl@0	127	}
sl@0	128
sl@0	129	// Check that the operation represented by this object is supported for this
sl@0	130	// type of key
sl@0	131	if (iKeyInfo->Algorithm() != Algorithm())
sl@0	132	{
sl@0	133	User::Leave(KErrKeyAlgorithm);
sl@0	134	}
sl@0	135
sl@0	136	// Check the key usage allows the operation
sl@0	137	if ((iKeyInfo->Usage() & RequiredUsage()) == 0)
sl@0	138	{
sl@0	139	User::Leave(KErrKeyUsage);
sl@0	140	}
sl@0	141
sl@0	142	// Check current time is after start date (if set) and before end date (if
sl@0	143	// set)
sl@0	144	TTime timeNow;
sl@0	145	timeNow.UniversalTime();
sl@0	146	if (iKeyInfo->StartDate().Int64() != 0 && timeNow < iKeyInfo->StartDate())
sl@0	147	{
sl@0	148	User::Leave(KErrKeyValidity);
sl@0	149	}
sl@0	150	if (iKeyInfo->EndDate().Int64() != 0 && timeNow >= iKeyInfo->EndDate())
sl@0	151	{
sl@0	152	User::Leave(KErrKeyValidity);
sl@0	153	}
sl@0	154
sl@0	155	}
sl@0	156
sl@0	157	#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	158	void COpenedKey::GetPassphrase(TRequestStatus& aStatus)
sl@0	159	{
sl@0	160	ASSERT(iState == EIdle);
sl@0	161
sl@0	162	TInt timeout = iKeyDataMan.GetPassphraseTimeout();
sl@0	163	TStreamId passphraseId = iKeyDataMan.DefaultPassphraseId();
sl@0	164	ASSERT(passphraseId != KNullStreamId);
sl@0	165	iClientStatus = &aStatus;
sl@0	166
sl@0	167	iPassMan.GetPassphrase(passphraseId, timeout, iPassphrase, iStatus);
sl@0	168	iState = EGetPassphrase;
sl@0	169	SetActive();
sl@0	170	}
sl@0	171	#else
sl@0	172	void COpenedKey::AuthenticateL()
sl@0	173	{
sl@0	174	iExpression = iAuthClient.CreateAuthExpressionL(iKeyInfo->AuthExpression());
sl@0	175	TUid uid = TUid::Uid(0);
sl@0	176	iAuthClient.AuthenticateL(*iExpression,iKeyInfo->Freshness(), EFalse, uid, EFalse, KNullDesC, iUserIdentity, iStatus);
sl@0	177	iState = EAuthenticate;
sl@0	178	SetActive();
sl@0	179	}
sl@0	180	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	181
sl@0	182	void COpenedKey::RunL()
sl@0	183	{
sl@0	184	User::LeaveIfError(iStatus.Int());
sl@0	185
sl@0	186	switch (iState)
sl@0	187	{
sl@0	188	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	189	case EDoAuthenticate:
sl@0	190	AuthenticateL();
sl@0	191	break;
sl@0	192
sl@0	193	case EAuthenticate:
sl@0	194	if(iUserIdentity->Id() == AuthServer::KUnknownIdentity)
sl@0	195	{
sl@0	196	User::Leave(KErrAuthenticationFailure);
sl@0	197	}
sl@0	198
sl@0	199	if (!iKeyRead)
sl@0	200	{
sl@0	201	RStoreReadStream stream;
sl@0	202	iKeyDataMan.OpenPrivateDataStreamLC(iKeyData, stream);
sl@0	203	TPtrC8 key = iUserIdentity->Key().KeyData();
sl@0	204	HBufC8* plaintext = DecryptFromStreamL(stream, key);
sl@0	205	CleanupStack::PushL(plaintext);
sl@0	206	TAny* ptr = const_cast<TAny>(static_cast<const TAny>(plaintext->Des().PtrZ()));
sl@0	207
sl@0	208	RMemReadStream decryptedStream(ptr, plaintext->Length());
sl@0	209	decryptedStream.PushL();
sl@0	210	ReadPrivateKeyL(decryptedStream);
sl@0	211	CleanupStack::PopAndDestroy(3,&stream); // plaintext, decryptedStream
sl@0	212	iKeyRead = ETrue;
sl@0	213	}
sl@0	214
sl@0	215	delete iUserIdentity;
sl@0	216	iUserIdentity = NULL;
sl@0	217	delete iExpression;
sl@0	218	iExpression = NULL;
sl@0	219	PerformOperationL();
sl@0	220	Complete(KErrNone);
sl@0	221	break;
sl@0	222	#else
sl@0	223	case EGetPassphrase:
sl@0	224	ASSERT(iPassphrase);
sl@0	225	if (!iKeyRead)
sl@0	226	{
sl@0	227	RStoreReadStream stream;
sl@0	228	iKeyDataMan.OpenPrivateDataStreamLC(iKeyData, *iPassphrase, stream);
sl@0	229	ReadPrivateKeyL(stream);
sl@0	230	CleanupStack::PopAndDestroy(&stream);
sl@0	231	iKeyRead = ETrue;
sl@0	232	}
sl@0	233	PerformOperationL();
sl@0	234	Complete(KErrNone);
sl@0	235	break;
sl@0	236	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	237	default:
sl@0	238	ASSERT(EFalse);
sl@0	239	}
sl@0	240	}
sl@0	241
sl@0	242	TInt COpenedKey::RunError(TInt aError)
sl@0	243	{
sl@0	244	Complete(aError);
sl@0	245	return KErrNone;
sl@0	246	}
sl@0	247
sl@0	248	void COpenedKey::DoCancel()
sl@0	249	{
sl@0	250	Complete(KErrCancel);
sl@0	251	}
sl@0	252
sl@0	253	void COpenedKey::Complete(TInt aError)
sl@0	254	{
sl@0	255	Cleanup();
sl@0	256	iPassphrase = NULL;
sl@0	257	if (iClientStatus)
sl@0	258	{
sl@0	259	User::RequestComplete(iClientStatus, aError);
sl@0	260	}
sl@0	261	iState = EIdle;
sl@0	262	}
sl@0	263
sl@0	264	void COpenedKey::Cleanup()
sl@0	265	{
sl@0	266	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	267	delete iUserIdentity;
sl@0	268	iUserIdentity = NULL;
sl@0	269	delete iExpression;
sl@0	270	iExpression = NULL;
sl@0	271	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	272	}
sl@0	273
sl@0	274	// CRSARepudiableSigner ////////////////////////////////////////////////////////
sl@0	275
sl@0	276	CRSARepudiableSigner::CRSARepudiableSigner(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0	277	COpenedKey(aKeyData, aKeyDataMan, aPassMan)
sl@0	278	{
sl@0	279	}
sl@0	280
sl@0	281	CRSARepudiableSigner::~CRSARepudiableSigner()
sl@0	282	{
sl@0	283	delete iPrivateKey;
sl@0	284	}
sl@0	285
sl@0	286	TUid CRSARepudiableSigner::Type() const
sl@0	287	{
sl@0	288	return KRSARepudiableSignerUID;
sl@0	289	}
sl@0	290
sl@0	291	CKeyInfo::EKeyAlgorithm CRSARepudiableSigner::Algorithm() const
sl@0	292	{
sl@0	293	return CKeyInfo::ERSA;
sl@0	294	}
sl@0	295
sl@0	296	TKeyUsagePKCS15 CRSARepudiableSigner::RequiredUsage() const
sl@0	297	{
sl@0	298	return EPKCS15UsageSignSignRecover;
sl@0	299	}
sl@0	300
sl@0	301	void CRSARepudiableSigner::Sign(const TDesC8& aPlaintext,
sl@0	302	CRSASignature*& aSignature,
sl@0	303	TRequestStatus& aStatus)
sl@0	304	{
sl@0	305	ASSERT(iPlaintext.Ptr() == NULL);
sl@0	306	ASSERT(iSignaturePtr == NULL);
sl@0	307	iPlaintext.Set(aPlaintext);
sl@0	308	iSignaturePtr = &aSignature;
sl@0	309	#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	310	GetPassphrase(aStatus);
sl@0	311	#else
sl@0	312	aStatus = KRequestPending;
sl@0	313	iClientStatus = &aStatus;
sl@0	314	iState = EDoAuthenticate;
sl@0	315	SetActive();
sl@0	316	TRequestStatus* status = &iStatus;
sl@0	317	User::RequestComplete(status, KErrNone);
sl@0	318	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	319	}
sl@0	320
sl@0	321	void CRSARepudiableSigner::ReadPrivateKeyL(RReadStream& aStream)
sl@0	322	{
sl@0	323	ASSERT(iPrivateKey == NULL);
sl@0	324	CreateL(aStream, iPrivateKey);
sl@0	325	}
sl@0	326
sl@0	327	void CRSARepudiableSigner::PerformOperationL()
sl@0	328	{
sl@0	329	ASSERT(iPrivateKey);
sl@0	330
sl@0	331	CRSAPKCS1v15Signer* signer = CRSAPKCS1v15Signer::NewLC(*iPrivateKey);
sl@0	332	const CRSASignature* signature = signer->SignL(iPlaintext);
sl@0	333	CleanupStack::PopAndDestroy(signer);
sl@0	334	iSignaturePtr = const_cast<CRSASignature>(signature);
sl@0	335	}
sl@0	336
sl@0	337	void CRSARepudiableSigner::Cleanup()
sl@0	338	{
sl@0	339	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	340	COpenedKey::Cleanup();
sl@0	341	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	342	iPlaintext.Set(NULL, 0);
sl@0	343	iSignaturePtr = NULL;
sl@0	344	}
sl@0	345
sl@0	346	// CDSARepudiableSigner ////////////////////////////////////////////////////////
sl@0	347
sl@0	348	CDSARepudiableSigner::CDSARepudiableSigner(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0	349	COpenedKey(aKeyData, aKeyDataMan, aPassMan)
sl@0	350	{
sl@0	351	}
sl@0	352
sl@0	353	CDSARepudiableSigner::~CDSARepudiableSigner()
sl@0	354	{
sl@0	355	delete iPrivateKey;
sl@0	356	}
sl@0	357
sl@0	358	TUid CDSARepudiableSigner::Type() const
sl@0	359	{
sl@0	360	return KDSARepudiableSignerUID;
sl@0	361	}
sl@0	362
sl@0	363	CKeyInfo::EKeyAlgorithm CDSARepudiableSigner::Algorithm() const
sl@0	364	{
sl@0	365	return CKeyInfo::EDSA;
sl@0	366	}
sl@0	367
sl@0	368	TKeyUsagePKCS15 CDSARepudiableSigner::RequiredUsage() const
sl@0	369	{
sl@0	370	return EPKCS15UsageSignSignRecover;
sl@0	371	}
sl@0	372
sl@0	373	void CDSARepudiableSigner::Sign(const TDesC8& aPlaintext,
sl@0	374	CDSASignature*& aSignature,
sl@0	375	TRequestStatus& aStatus)
sl@0	376	{
sl@0	377	ASSERT(iPlaintext.Ptr() == NULL);
sl@0	378	ASSERT(iSignaturePtr == NULL);
sl@0	379	iPlaintext.Set(aPlaintext);
sl@0	380	iSignaturePtr = &aSignature;
sl@0	381	#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	382	GetPassphrase(aStatus);
sl@0	383	#else
sl@0	384	aStatus = KRequestPending;
sl@0	385	iClientStatus = &aStatus;
sl@0	386	iState = EDoAuthenticate;
sl@0	387	SetActive();
sl@0	388	TRequestStatus* status = &iStatus;
sl@0	389	User::RequestComplete(status, KErrNone);
sl@0	390	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	391	}
sl@0	392
sl@0	393	void CDSARepudiableSigner::ReadPrivateKeyL(RReadStream& aStream)
sl@0	394	{
sl@0	395	ASSERT(iPrivateKey == NULL);
sl@0	396	CreateL(aStream, iPrivateKey);
sl@0	397	}
sl@0	398
sl@0	399	void CDSARepudiableSigner::PerformOperationL()
sl@0	400	{
sl@0	401	ASSERT(iPrivateKey);
sl@0	402
sl@0	403	CDSASigner* signer = CDSASigner::NewLC(*iPrivateKey);
sl@0	404	const CDSASignature* signature = signer->SignL(iPlaintext);
sl@0	405	CleanupStack::PopAndDestroy(signer);
sl@0	406	iSignaturePtr = const_cast<CDSASignature>(signature);
sl@0	407	}
sl@0	408
sl@0	409	void CDSARepudiableSigner::Cleanup()
sl@0	410	{
sl@0	411	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	412	COpenedKey::Cleanup();
sl@0	413	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	414
sl@0	415	iPlaintext.Set(NULL, 0);
sl@0	416	iSignaturePtr = NULL;
sl@0	417	}
sl@0	418
sl@0	419	// CFSRSADecryptor /////////////////////////////////////////////////////////////
sl@0	420
sl@0	421	CFSRSADecryptor::CFSRSADecryptor(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0	422	COpenedKey(aKeyData, aKeyDataMan, aPassMan)
sl@0	423	{
sl@0	424	}
sl@0	425
sl@0	426	CFSRSADecryptor::~CFSRSADecryptor()
sl@0	427	{
sl@0	428	delete iPrivateKey;
sl@0	429	}
sl@0	430
sl@0	431	TUid CFSRSADecryptor::Type() const
sl@0	432	{
sl@0	433	return KPrivateDecryptorUID;
sl@0	434	}
sl@0	435
sl@0	436	CKeyInfo::EKeyAlgorithm CFSRSADecryptor::Algorithm() const
sl@0	437	{
sl@0	438	return CKeyInfo::ERSA;
sl@0	439	}
sl@0	440
sl@0	441	TKeyUsagePKCS15 CFSRSADecryptor::RequiredUsage() const
sl@0	442	{
sl@0	443	return EPKCS15UsageDecryptUnwrap;
sl@0	444	}
sl@0	445
sl@0	446	void CFSRSADecryptor::Decrypt(const TDesC8& aCiphertext,
sl@0	447	HBufC8*& aPlaintext,
sl@0	448	TRequestStatus& aStatus)
sl@0	449	{
sl@0	450	ASSERT(iCiphertext.Ptr() == NULL);
sl@0	451	ASSERT(iPlaintextPtr == NULL);
sl@0	452	iCiphertext.Set(aCiphertext);
sl@0	453	iPlaintextPtr = &aPlaintext;
sl@0	454	#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	455	GetPassphrase(aStatus);
sl@0	456	#else
sl@0	457	aStatus = KRequestPending;
sl@0	458	iClientStatus = &aStatus;
sl@0	459	iState = EDoAuthenticate;
sl@0	460	SetActive();
sl@0	461	TRequestStatus* status = &iStatus;
sl@0	462	User::RequestComplete(status, KErrNone);
sl@0	463	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	464	}
sl@0	465
sl@0	466	void CFSRSADecryptor::ReadPrivateKeyL(RReadStream& aStream)
sl@0	467	{
sl@0	468	ASSERT(iPrivateKey == NULL);
sl@0	469	CreateL(aStream, iPrivateKey);
sl@0	470	}
sl@0	471
sl@0	472	void CFSRSADecryptor::PerformOperationL()
sl@0	473	{
sl@0	474	ASSERT(iPrivateKey);
sl@0	475
sl@0	476	CRSAPKCS1v15Decryptor* decryptor = CRSAPKCS1v15Decryptor::NewLC(*iPrivateKey);
sl@0	477	HBufC8* plaintext = HBufC8::NewMaxLC(decryptor->MaxOutputLength());
sl@0	478	TPtr8 ptr = plaintext->Des();
sl@0	479	decryptor->DecryptL(iCiphertext, ptr);
sl@0	480
sl@0	481	*iPlaintextPtr = plaintext;
sl@0	482	CleanupStack::Pop(plaintext); // now owned by client
sl@0	483	CleanupStack::PopAndDestroy(decryptor);
sl@0	484	}
sl@0	485
sl@0	486	void CFSRSADecryptor::Cleanup()
sl@0	487	{
sl@0	488	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	489	COpenedKey::Cleanup();
sl@0	490	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	491
sl@0	492	iCiphertext.Set(NULL, 0);
sl@0	493	iPlaintextPtr = NULL;
sl@0	494	}
sl@0	495
sl@0	496	// CDHAgreement ////////////////////////////////////////////////////////////////
sl@0	497
sl@0	498	CDHAgreement::CDHAgreement(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0	499	COpenedKey(aKeyData, aKeyDataMan, aPassMan)
sl@0	500	{
sl@0	501	}
sl@0	502
sl@0	503	CDHAgreement::~CDHAgreement()
sl@0	504	{
sl@0	505	iKey.Close();
sl@0	506	}
sl@0	507
sl@0	508	TUid CDHAgreement::Type() const
sl@0	509	{
sl@0	510	return KKeyAgreementUID;
sl@0	511	}
sl@0	512
sl@0	513	CKeyInfo::EKeyAlgorithm CDHAgreement::Algorithm() const
sl@0	514	{
sl@0	515	return CKeyInfo::EDH;
sl@0	516	}
sl@0	517
sl@0	518	TKeyUsagePKCS15 CDHAgreement::RequiredUsage() const
sl@0	519	{
sl@0	520	return EPKCS15UsageDerive;
sl@0	521	}
sl@0	522
sl@0	523	void CDHAgreement::PublicKey(CDHParams& aParameters, RInteger& aPublicKey, TRequestStatus& aStatus)
sl@0	524	{
sl@0	525	ASSERT(iPKParams == NULL);
sl@0	526	ASSERT(iPKPublicKeyPtr == NULL);
sl@0	527	iPKParams = &aParameters;
sl@0	528	iPKPublicKeyPtr = &aPublicKey;
sl@0	529	iDHState = EPublicKey;
sl@0	530	#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	531	GetPassphrase(aStatus);
sl@0	532	#else
sl@0	533	aStatus = KRequestPending;
sl@0	534	iClientStatus = &aStatus;
sl@0	535	iState = EDoAuthenticate;
sl@0	536	SetActive();
sl@0	537	TRequestStatus* status = &iStatus;
sl@0	538	User::RequestComplete(status, KErrNone);
sl@0	539	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	540	}
sl@0	541
sl@0	542	void CDHAgreement::Agree(CDHPublicKey& aY, HBufC8*& aAgreedKey, TRequestStatus& aStatus)
sl@0	543	{
sl@0	544	ASSERT(iAKPublicKey == NULL);
sl@0	545	ASSERT(iAKAgreedKeyPtr == NULL);
sl@0	546	iAKPublicKey = &aY;
sl@0	547	iAKAgreedKeyPtr = &aAgreedKey;
sl@0	548	iDHState = EAgree;
sl@0	549	#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	550	GetPassphrase(aStatus);
sl@0	551	#else
sl@0	552	aStatus = KRequestPending;
sl@0	553	iClientStatus = &aStatus;
sl@0	554	iState = EDoAuthenticate;
sl@0	555	SetActive();
sl@0	556	TRequestStatus* status = &iStatus;
sl@0	557	User::RequestComplete(status, KErrNone);
sl@0	558	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	559	}
sl@0	560
sl@0	561	void CDHAgreement::ReadPrivateKeyL(RReadStream& aStream)
sl@0	562	{
sl@0	563	CreateLC(aStream, iKey);
sl@0	564	CleanupStack::Pop(&iKey);
sl@0	565	}
sl@0	566
sl@0	567	void CDHAgreement::PerformOperationL()
sl@0	568	{
sl@0	569	switch (iDHState)
sl@0	570	{
sl@0	571	case EPublicKey:
sl@0	572	DoPublicKeyL();
sl@0	573	break;
sl@0	574	case EAgree:
sl@0	575	DoAgreeL();
sl@0	576	break;
sl@0	577	default:
sl@0	578	ASSERT(FALSE);
sl@0	579	}
sl@0	580	}
sl@0	581
sl@0	582	void CDHAgreement::DoPublicKeyL()
sl@0	583	{
sl@0	584	ASSERT(iPKParams);
sl@0	585	ASSERT(iPKPublicKeyPtr);
sl@0	586
sl@0	587	RInteger n = iPKParams->TakeN();
sl@0	588	CleanupStack::PushL(n);
sl@0	589	RInteger g = iPKParams->TakeG();
sl@0	590	CleanupStack::PushL(g);
sl@0	591	RInteger x = RInteger::NewL(iKey);
sl@0	592	CleanupStack::PushL(x);
sl@0	593	CDHKeyPair* keyPair = CDHKeyPair::NewL(n, g, x);
sl@0	594	CleanupStack::Pop(3); // x, g, n
sl@0	595	CleanupStack::PushL(keyPair);
sl@0	596
sl@0	597	const CDHPublicKey& pubKey = keyPair->PublicKey();
sl@0	598	*iPKPublicKeyPtr = RInteger::NewL(pubKey.X());
sl@0	599	CleanupStack::PopAndDestroy(keyPair);
sl@0	600	}
sl@0	601
sl@0	602	void CDHAgreement::DoAgreeL()
sl@0	603	{
sl@0	604	ASSERT(iAKPublicKey);
sl@0	605	ASSERT(iAKAgreedKeyPtr);
sl@0	606
sl@0	607	RInteger n = RInteger::NewL(iAKPublicKey->N());
sl@0	608	CleanupStack::PushL(n);
sl@0	609	RInteger g = RInteger::NewL(iAKPublicKey->G());
sl@0	610	CleanupStack::PushL(g);
sl@0	611	RInteger x = RInteger::NewL(iKey);
sl@0	612	CleanupStack::PushL(x);
sl@0	613	CDHPrivateKey* privKey = CDHPrivateKey::NewL(n, g, x);
sl@0	614	CleanupStack::Pop(3); // x, g, n
sl@0	615	CleanupStack::PushL(privKey);
sl@0	616	CDH* dh = CDH::NewLC(*privKey);
sl@0	617	iAKAgreedKeyPtr = const_cast<HBufC8>(dh->AgreeL(*iAKPublicKey));
sl@0	618	CleanupStack::PopAndDestroy(2, privKey);
sl@0	619	}
sl@0	620
sl@0	621	void CDHAgreement::Cleanup()
sl@0	622	{
sl@0	623	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	624	COpenedKey::Cleanup();
sl@0	625	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	626
sl@0	627	iPKParams = NULL;
sl@0	628	iPKPublicKeyPtr = NULL;
sl@0	629	iAKPublicKey = NULL;
sl@0	630	iAKAgreedKeyPtr = NULL;
sl@0	631	iDHState = EIdle;
sl@0	632	}

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--