1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/crypto/weakcrypto/source/asymmetric/dsaverifier.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,109 @@
1.4 +/*
1.5 +* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +#include <asymmetric.h>
1.23 +#include <asymmetrickeys.h>
1.24 +#include <bigint.h>
1.25 +
1.26 +EXPORT_C CDSAVerifier* CDSAVerifier::NewL(const CDSAPublicKey& aKey)
1.27 + {
1.28 + CDSAVerifier* self = new(ELeave)CDSAVerifier(aKey);
1.29 + return self;
1.30 + }
1.31 +
1.32 +EXPORT_C CDSAVerifier* CDSAVerifier::NewLC(const CDSAPublicKey& aKey)
1.33 + {
1.34 + CDSAVerifier* self = NewL(aKey);
1.35 + CleanupStack::PushL(self);
1.36 + return self;
1.37 + }
1.38 +
1.39 +TInt CDSAVerifier::MaxInputLength(void) const
1.40 + {
1.41 + // return CSHA1::DIGESTBYTES
1.42 + return 160;
1.43 + }
1.44 +
1.45 +TBool CDSAVerifier::VerifyL(const TDesC8& aInput,
1.46 + const CDSASignature& aSignature) const
1.47 + {
1.48 + //see HAC 11.56 or DSS section 6
1.49 + //I'll follow HAC as I like the description better
1.50 +
1.51 + // a) Obtain A's authenticate public key
1.52 +
1.53 + // b) Verify that 0 < r < q and 0 < s < q; if not reject signature
1.54 + if (aSignature.R() <= 0 || aSignature.R() >= iPublicKey.Q())
1.55 + {
1.56 + return EFalse;
1.57 + }
1.58 + if (aSignature.S() <= 0 || aSignature.S() >= iPublicKey.Q())
1.59 + {
1.60 + return EFalse;
1.61 + }
1.62 +
1.63 + TBool result = EFalse;
1.64 +
1.65 + // c) Compute w = s^(-1) mod q and h(m)
1.66 + RInteger w = aSignature.S().InverseModL(iPublicKey.Q());
1.67 + CleanupStack::PushL(w);
1.68 + // Note that in order to be interoperable, compliant with the DSS, and
1.69 + // secure, aInput must be the result of a SHA-1 hash
1.70 + RInteger hm = RInteger::NewL(aInput);
1.71 + CleanupStack::PushL(hm);
1.72 +
1.73 + // d) Compute u1 = w * hm mod q and u2 = r * w mod q
1.74 + RInteger u1 = TInteger::ModularMultiplyL(w, hm, iPublicKey.Q());
1.75 + CleanupStack::PushL(u1);
1.76 +
1.77 + RInteger u2 = TInteger::ModularMultiplyL(aSignature.R(), w, iPublicKey.Q());
1.78 + CleanupStack::PushL(u2);
1.79 +
1.80 + // e) Compute v = ((g^u1 * y^u2) mod p) mod q
1.81 + RInteger temp = TInteger::ModularExponentiateL(iPublicKey.G(), u1,
1.82 + iPublicKey.P());
1.83 + CleanupStack::PushL(temp);
1.84 + RInteger temp1 = TInteger::ModularExponentiateL(iPublicKey.Y(), u2,
1.85 + iPublicKey.P());
1.86 + CleanupStack::PushL(temp1);
1.87 + RInteger v = TInteger::ModularMultiplyL(temp, temp1, iPublicKey.P());
1.88 + CleanupStack::PushL(v);
1.89 + v %= iPublicKey.Q();
1.90 +
1.91 + // f) Accept the signature iff v == r
1.92 + if(v == aSignature.R())
1.93 + {
1.94 + result = ETrue;
1.95 + }
1.96 +
1.97 + CleanupStack::PopAndDestroy(&v);
1.98 + CleanupStack::PopAndDestroy(&temp1);
1.99 + CleanupStack::PopAndDestroy(&temp);
1.100 + CleanupStack::PopAndDestroy(&u2);
1.101 + CleanupStack::PopAndDestroy(&u1);
1.102 + CleanupStack::PopAndDestroy(&hm);
1.103 + CleanupStack::PopAndDestroy(&w);
1.104 +
1.105 + return result;
1.106 + }
1.107 +
1.108 +CDSAVerifier::CDSAVerifier(const CDSAPublicKey& aKey)
1.109 + : iPublicKey(aKey)
1.110 + {
1.111 + }
1.112 +