1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/crypto/weakcrypto/source/pbe/pbedata.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,479 @@
1.4 +/*
1.5 +* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +
1.23 +#include "pkcs5kdf.h"
1.24 +#include "pkcs12kdf.h"
1.25 +#include "pbedata.h"
1.26 +#include "pbesymmetricfactory.h"
1.27 +#include "cryptostrength.h"
1.28 +
1.29 +EXPORT_C CPBEncryptionData* CPBEncryptionData::NewL(const TDesC8& aPassword,
1.30 + TPBECipher aCipher, const TDesC8& aAuthSalt,
1.31 + const TDesC8& aEncryptSalt, const TDesC8& aIV, TUint aIterations)
1.32 + {
1.33 + CPBEncryptionData* self = NewLC(aPassword, aCipher, aAuthSalt, aEncryptSalt,
1.34 + aIV, aIterations);
1.35 + CleanupStack::Pop(self);
1.36 + return self;
1.37 + }
1.38 +
1.39 +EXPORT_C CPBEncryptionData* CPBEncryptionData::NewLC(const TDesC8& aPassword,
1.40 + TPBECipher aCipher, const TDesC8& aAuthSalt,
1.41 + const TDesC8& aEncryptSalt, const TDesC8& aIV, TUint aIterations)
1.42 + {
1.43 + CPBEncryptionData* self = new(ELeave)CPBEncryptionData();
1.44 + CleanupStack::PushL(self);
1.45 + self->ConstructL(aPassword, aCipher, aAuthSalt, aEncryptSalt, aIV,
1.46 + aIterations);
1.47 + return self;
1.48 + }
1.49 +
1.50 +EXPORT_C CPBEncryptionData* CPBEncryptionData::NewL(
1.51 + const CPBEncryptionData& aData)
1.52 + {
1.53 + CPBEncryptionData* self = NewLC(aData);
1.54 + CleanupStack::Pop(self);
1.55 + return self;
1.56 + }
1.57 +
1.58 +EXPORT_C CPBEncryptionData* CPBEncryptionData::NewLC(
1.59 + const CPBEncryptionData& aData)
1.60 + {
1.61 + CPBEncryptionData* self = new(ELeave)CPBEncryptionData();
1.62 + CleanupStack::PushL(self);
1.63 + self->ConstructL(aData);
1.64 + return self;
1.65 + }
1.66 +
1.67 +EXPORT_C CPBEncryptionData* CPBEncryptionData::NewL(
1.68 + const TDesC8& aPassword, const TDesC8& aAuthSalt,
1.69 + const CPBEncryptParms& aParms)
1.70 +/**
1.71 + This factory function takes the user-supplied password
1.72 + and the randomly-generated authentication salt, along
1.73 + with the encryption paramaters. It is provided so the
1.74 + encryption parameters can be extended without having to
1.75 + provide multiple factory functions.
1.76 +
1.77 + @param aPassword User-supplied password. This
1.78 + password is not transformed so
1.79 + if it needs to be in a particular
1.80 + format, e.g. for PKCS#12, the
1.81 + transformation must be applied before
1.82 + this function is called.
1.83 + @param aAuthSalt The salt is used to derive the
1.84 + authentication key; not the encryption
1.85 + key.
1.86 + @param aParms Encryption parameters describe how the
1.87 + data is encrypted.
1.88 + @return New instance of CPBEncryptionData.
1.89 + */
1.90 + {
1.91 + CPBEncryptionData* self = new(ELeave) CPBEncryptionData;
1.92 + CleanupStack::PushL(self);
1.93 + self->ConstructL(aPassword, aAuthSalt, aParms);
1.94 + CleanupStack::Pop(self);
1.95 + return self;
1.96 + }
1.97 +
1.98 +void CPBEncryptionData::ConstructL(
1.99 + const TDesC8& aPassword, const TDesC8& aAuthSalt,
1.100 + const CPBEncryptParms& aParms)
1.101 +/**
1.102 + Second-phase constructor for factory function with
1.103 + same signature.
1.104 + */
1.105 + {
1.106 + iParms = CPBEncryptParms::NewL(aParms);
1.107 + iAuth = CPBAuthData::NewL(
1.108 + aPassword,
1.109 + aAuthSalt,
1.110 + PBE::GetKeyBytes(aParms.Cipher()),
1.111 + aParms.Iterations());
1.112 + }
1.113 +
1.114 +// HPRE-5TDFK2: Remove Store/estor.dll dependency on Cryptography/pbe.dll
1.115 +// This method is DUPLICATED in common/generic/syslibs/store/ucrypt/ue_strm.cpp
1.116 +EXPORT_C CPBEncryptionData::CPBEncryptionData(void)
1.117 + {
1.118 + }
1.119 +
1.120 +// HPRE-5TDFK2: Remove Store/estor.dll dependency on Cryptography/pbe.dll
1.121 +// This method is DUPLICATED in common/generic/syslibs/store/ucrypt/ue_strm.cpp
1.122 +CPBEncryptionData::~CPBEncryptionData(void)
1.123 + {
1.124 + delete iParms;
1.125 + delete iAuth;
1.126 + }
1.127 +
1.128 +void CPBEncryptionData::ConstructL(const TDesC8& aPassword,
1.129 + TPBECipher aCipher, const TDesC8& aAuthSalt,
1.130 + const TDesC8& aEncryptSalt, const TDesC8& aIV, TUint aIterations)
1.131 + {
1.132 + iParms = CPBEncryptParms::NewL(aCipher, aEncryptSalt, aIV, aIterations);
1.133 + iAuth = CPBAuthData::NewL(aPassword, aAuthSalt,
1.134 + PBE::GetKeyBytes(aCipher), aIterations);
1.135 + }
1.136 +
1.137 +void CPBEncryptionData::ConstructL(const CPBEncryptionData& aData)
1.138 + {
1.139 + iParms = CPBEncryptParms::NewL(aData.EncryptParms());
1.140 + iAuth = CPBAuthData::NewL(aData.AuthData());
1.141 + }
1.142 +
1.143 +EXPORT_C const CPBEncryptParms& CPBEncryptionData::EncryptParms(void) const
1.144 + {
1.145 + return *iParms;
1.146 + }
1.147 +EXPORT_C const CPBAuthData& CPBEncryptionData::AuthData(void) const
1.148 + {
1.149 + return *iAuth;
1.150 + }
1.151 +
1.152 +/* CPBEncryptParms */
1.153 +EXPORT_C CPBEncryptParms* CPBEncryptParms::NewL()
1.154 +/**
1.155 + This factory function allocates an encryption
1.156 + parameters object with default settings. The
1.157 + individual settings can be retrieved and modified
1.158 + with the accessor and mutator functions after
1.159 + this object has been created.
1.160 +
1.161 + This factory function is provided so that individual
1.162 + parameters can be modified without providing many
1.163 + factory functions.
1.164 +
1.165 + @return New instance of CPBEncryptParms.
1.166 + */
1.167 + {
1.168 + CPBEncryptParms* self = NewLC();
1.169 + CleanupStack::Pop(self);
1.170 + return self;
1.171 + }
1.172 +
1.173 +EXPORT_C CPBEncryptParms* CPBEncryptParms::NewLC()
1.174 +/**
1.175 + Similar to the NewL overload which takes no
1.176 + arguments, this function additionally puts the
1.177 + allocated instance of CPBEncryptParms on the
1.178 + cleanup stack.
1.179 +
1.180 + @return New instance of CPBEncryptParms.
1.181 + */
1.182 + {
1.183 + CPBEncryptParms* self = new(ELeave) CPBEncryptParms;
1.184 + CleanupStack::PushL(self);
1.185 + self->ConstructL();
1.186 + return self;
1.187 + }
1.188 +
1.189 +void CPBEncryptParms::ConstructL()
1.190 +/**
1.191 + Initialize this object with default cipher, kdf (PKCS#5,)
1.192 + salt length, iteration count, and IV.
1.193 + */
1.194 + {
1.195 + iData = new(ELeave) TParamsData;
1.196 + iData->iKdf = EKdfPkcs5;
1.197 +
1.198 + iSalt = HBufC8::NewMaxL(KPBEDefaultSaltBytes);
1.199 + TPtr8 saltDes = iSalt->Des();
1.200 + TRandom::RandomL(saltDes);
1.201 +
1.202 + iIterations = KDefaultIterations;
1.203 +
1.204 + iIV = HBufC8::NewMaxL(KPBEMaxCipherIVBytes);
1.205 +
1.206 + SetCipher(
1.207 + (TCrypto::Strength() == TCrypto::EStrong)
1.208 + ? KPBEDefaultStrongCipher : KPBEDefaultWeakCipher );
1.209 + }
1.210 +
1.211 +EXPORT_C CPBEncryptParms* CPBEncryptParms::NewL(TPBECipher aCipher,
1.212 + const TDesC8& aSalt, const TDesC8& aIV, TUint aIterations)
1.213 + {
1.214 + CPBEncryptParms* self = NewLC(aCipher, aSalt, aIV, aIterations);
1.215 + CleanupStack::Pop(self);
1.216 + return self;
1.217 + }
1.218 +
1.219 +EXPORT_C CPBEncryptParms* CPBEncryptParms::NewLC(TPBECipher aCipher,
1.220 + const TDesC8& aSalt, const TDesC8& aIV, TUint aIterations)
1.221 + {
1.222 + CPBEncryptParms* self = new(ELeave)CPBEncryptParms();
1.223 + CleanupStack::PushL(self);
1.224 + self->ConstructL(aCipher, aSalt, aIV, aIterations);
1.225 + return self;
1.226 + }
1.227 +
1.228 +EXPORT_C CPBEncryptParms* CPBEncryptParms::NewL(const CPBEncryptParms& aParms)
1.229 + {
1.230 + CPBEncryptParms* self = NewLC(aParms);
1.231 + CleanupStack::Pop(self);
1.232 + return self;
1.233 + }
1.234 +
1.235 +EXPORT_C CPBEncryptParms* CPBEncryptParms::NewLC(const CPBEncryptParms& aParms)
1.236 + {
1.237 + CPBEncryptParms* self = new(ELeave)CPBEncryptParms();
1.238 + CleanupStack::PushL(self);
1.239 + self->ConstructL(aParms);
1.240 + return self;
1.241 + }
1.242 +
1.243 +// HPRE-5TDFK2: Remove Store/estor.dll dependency on Cryptography/pbe.dll
1.244 +// This method is DUPLICATED in common/generic/syslibs/store/ucrypt/ue_strm.cpp
1.245 +EXPORT_C CPBEncryptParms::CPBEncryptParms()
1.246 + {
1.247 + }
1.248 +
1.249 +// HPRE-5TDFK2: Remove Store/estor.dll dependency on Cryptography/pbe.dll
1.250 +// This method is DUPLICATED in common/generic/syslibs/store/ucrypt/ue_strm.cpp
1.251 +CPBEncryptParms::~CPBEncryptParms()
1.252 + {
1.253 + delete iData;
1.254 + delete iSalt;
1.255 + delete iIV;
1.256 + }
1.257 +
1.258 +void CPBEncryptParms::ConstructL(TPBECipher aCipher, const TDesC8& aSalt,
1.259 + const TDesC8& aIV, TUint aIterations)
1.260 + {
1.261 + iData = new(ELeave) TParamsData;
1.262 + iData->iCipher = aCipher;
1.263 + iData->iKdf = EKdfPkcs5;
1.264 + iSalt = aSalt.AllocL();
1.265 + iIV = aIV.AllocL();
1.266 + iIterations = aIterations;
1.267 + }
1.268 +
1.269 +void CPBEncryptParms::ConstructL(const CPBEncryptParms& aParms)
1.270 + {
1.271 + iData = new(ELeave) TParamsData;
1.272 + iData->iCipher = aParms.Cipher();
1.273 + iData->iKdf = aParms.iData->iKdf;
1.274 + iSalt = aParms.Salt().AllocL();
1.275 + iIterations = aParms.Iterations();
1.276 + iIV = aParms.IV().AllocL();
1.277 + }
1.278 +
1.279 +EXPORT_C TPBECipher CPBEncryptParms::Cipher() const
1.280 + {
1.281 + return iData->iCipher;
1.282 + }
1.283 +
1.284 +EXPORT_C void CPBEncryptParms::SetCipher(TPBECipher aCipher)
1.285 +/**
1.286 + Replace the current cipher. This function resizes the
1.287 + IV and replaces its existing contents.
1.288 +
1.289 + @param aCipher New cipher.
1.290 + */
1.291 + {
1.292 + TPtr8 ivDes = iIV->Des();
1.293 + ivDes.SetLength(PBE::GetBlockBytes(aCipher));
1.294 + TRandom::RandomL(ivDes);
1.295 +
1.296 + iData->iCipher = aCipher;
1.297 + }
1.298 +
1.299 +EXPORT_C CPBEncryptParms::TKdf CPBEncryptParms::Kdf() const
1.300 +/**
1.301 + Accessor function returns the key derivation function
1.302 + (KDF) specified by this object.
1.303 +
1.304 + @return KDF specified by this object.
1.305 + */
1.306 + {
1.307 + return iData->iKdf;
1.308 + }
1.309 +
1.310 +EXPORT_C void CPBEncryptParms::SetKdf(CPBEncryptParms::TKdf aKdf)
1.311 +/**
1.312 + Replace the current key derivation function.
1.313 +
1.314 + @param aKdf Key derivation function.
1.315 + */
1.316 + {
1.317 + iData->iKdf = aKdf;
1.318 + }
1.319 +
1.320 +EXPORT_C TPtrC8 CPBEncryptParms::Salt() const
1.321 + {
1.322 + return TPtrC8(*iSalt);
1.323 + }
1.324 +
1.325 +EXPORT_C void CPBEncryptParms::ResizeSaltL(TInt aNewLen)
1.326 +/**
1.327 + Resize the current salt and replace its contents.
1.328 +
1.329 + @param aNewLen New salt length.
1.330 + */
1.331 + {
1.332 + iSalt = iSalt->ReAllocL(aNewLen);
1.333 + TPtr8 saltDes = iSalt->Des();
1.334 + TRandom::RandomL(saltDes);
1.335 + }
1.336 +
1.337 +EXPORT_C TInt CPBEncryptParms::Iterations() const
1.338 + {
1.339 + return iIterations;
1.340 + }
1.341 +
1.342 +EXPORT_C void CPBEncryptParms::SetIterations(TInt aIterCount)
1.343 +/**
1.344 + Replace the current iteration count with the supplied value.
1.345 +
1.346 + @param aIterCount Number of iterations to apply in
1.347 + the KDF.
1.348 + */
1.349 + {
1.350 + ASSERT(aIterCount >= 0);
1.351 + iIterations = aIterCount;
1.352 + }
1.353 +
1.354 +EXPORT_C TPtrC8 CPBEncryptParms::IV() const
1.355 + {
1.356 + return TPtrC8(*iIV);
1.357 + }
1.358 +
1.359 +EXPORT_C void CPBEncryptParms::SetIV(const TDesC8& aNewIv)
1.360 +/**
1.361 + Replace the initialization vector.
1.362 +
1.363 + @param aNewIv New initialization vector length.
1.364 + This must have no more than
1.365 + KPBEMaxCipherIVBytes bytes.
1.366 + */
1.367 + {
1.368 + iIV->Des().Copy(aNewIv);
1.369 + }
1.370 +
1.371 +void CPBEncryptParms::DeriveKeyL(const TDesC8& aPassword, TDes8& aKeyBuf) const
1.372 +/**
1.373 + Derive a key from this object's kdf, salt, amd iteration count.
1.374 +
1.375 + @param aPassword User-supplied password used to generate key.
1.376 + @param aKeyBuf Buffer to populate with new key.
1.377 + On entry it must be set to the required
1.378 + key length.
1.379 + */
1.380 + {
1.381 + switch (iData->iKdf)
1.382 + {
1.383 + case CPBEncryptParms::EKdfPkcs5:
1.384 + TPKCS5KDF::DeriveKeyL(aKeyBuf, aPassword, *iSalt, iIterations);
1.385 + break;
1.386 +
1.387 + case CPBEncryptParms::EKdfPkcs12:
1.388 + PKCS12KDF::DeriveKeyL(aKeyBuf, PKCS12KDF::EIDByteEncryptKey, aPassword, *iSalt, iIterations);
1.389 + break;
1.390 +
1.391 + default:
1.392 + ASSERT(EFalse);
1.393 + break;
1.394 + }
1.395 + }
1.396 +
1.397 +/* CPBAuthData */
1.398 +
1.399 +EXPORT_C CPBAuthData* CPBAuthData::NewL(const TDesC8& aPassword,
1.400 + const TDesC8& aSalt, TUint aKeySize, TUint aIterations)
1.401 + {
1.402 + CPBAuthData* self = NewLC(aPassword, aSalt, aKeySize, aIterations);
1.403 + CleanupStack::Pop(self);
1.404 + return self;
1.405 + }
1.406 +
1.407 +EXPORT_C CPBAuthData* CPBAuthData::NewLC(const TDesC8& aPassword,
1.408 + const TDesC8& aSalt, TUint aKeySize, TUint aIterations)
1.409 + {
1.410 + CPBAuthData* self = new(ELeave)CPBAuthData();
1.411 + CleanupStack::PushL(self);
1.412 + self->ConstructL(aPassword, aSalt, aKeySize, aIterations);
1.413 + return self;
1.414 + }
1.415 +
1.416 +EXPORT_C CPBAuthData* CPBAuthData::NewL(const CPBAuthData& aData)
1.417 + {
1.418 + CPBAuthData* self = NewLC(aData);
1.419 + CleanupStack::Pop(self);
1.420 + return self;
1.421 + }
1.422 +
1.423 +EXPORT_C CPBAuthData* CPBAuthData::NewLC(const CPBAuthData& aData)
1.424 + {
1.425 + CPBAuthData* self = new(ELeave)CPBAuthData();
1.426 + CleanupStack::PushL(self);
1.427 + self->ConstructL(aData);
1.428 + return self;
1.429 + }
1.430 +
1.431 +// HPRE-5TDFK2: Remove Store/estor.dll dependency on Cryptography/pbe.dll
1.432 +// This method is DUPLICATED in common/generic/syslibs/store/ucrypt/ue_strm.cpp
1.433 +EXPORT_C CPBAuthData::CPBAuthData()
1.434 + {
1.435 + }
1.436 +
1.437 +// HPRE-5TDFK2: Remove Store/estor.dll dependency on Cryptography/pbe.dll
1.438 +// This method is DUPLICATED in common/generic/syslibs/store/ucrypt/ue_strm.cpp
1.439 +CPBAuthData::~CPBAuthData()
1.440 + {
1.441 + delete iAuthKey;
1.442 + delete iSalt;
1.443 + }
1.444 +
1.445 +void CPBAuthData::ConstructL(const TDesC8& aPassword, const TDesC8& aSalt,
1.446 + TUint aKeySize, TUint aIterations)
1.447 + {
1.448 + iSalt = aSalt.AllocL();
1.449 + iIterations = aIterations;
1.450 + iAuthKey = HBufC8::NewMaxL(aKeySize);
1.451 + TPtr8 authKeyPtr = iAuthKey->Des();
1.452 + TPKCS5KDF::DeriveKeyL(authKeyPtr, aPassword, *iSalt, iIterations);
1.453 + }
1.454 +
1.455 +void CPBAuthData::ConstructL(const CPBAuthData& aData)
1.456 + {
1.457 + iAuthKey = aData.Key().AllocL();
1.458 + iSalt = aData.Salt().AllocL();
1.459 + iIterations = aData.Iterations();
1.460 + }
1.461 +
1.462 +EXPORT_C TPtrC8 CPBAuthData::Key() const
1.463 + {
1.464 + return TPtrC8(*iAuthKey);
1.465 + }
1.466 +
1.467 +EXPORT_C TPtrC8 CPBAuthData::Salt() const
1.468 + {
1.469 + return TPtrC8(*iSalt);
1.470 + }
1.471 +
1.472 +EXPORT_C TInt CPBAuthData::Iterations() const
1.473 + {
1.474 + return iIterations;
1.475 + }
1.476 +
1.477 +EXPORT_C TBool CPBAuthData::operator==(const CPBAuthData& aAuth) const
1.478 + {
1.479 + //if the key's are equal, the its true, as the other members are used in key derivation
1.480 + return (*iAuthKey == aAuth.Key());
1.481 + }
1.482 +