os/security/cryptoplugins/cryptospiplugins/source/softwarecrypto/dsasignerimpl.cpp
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoplugins/cryptospiplugins/source/softwarecrypto/dsasignerimpl.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,137 @@
1.4 +/*
1.5 +* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +#include "dsasignerimpl.h"
1.23 +#include "pluginconfig.h"
1.24 +
1.25 +using namespace SoftwareCrypto;
1.26 +
1.27 +// Implementation of CDSASignerImpl
1.28 +CDSASignerImpl* CDSASignerImpl::NewL(const CKey& aKey)
1.29 + {
1.30 + CDSASignerImpl* self = CDSASignerImpl::NewLC(aKey);
1.31 + CleanupStack::Pop(self);
1.32 + return self;
1.33 + }
1.34 +
1.35 +CDSASignerImpl* CDSASignerImpl::NewLC(const CKey& aKey)
1.36 + {
1.37 + CDSASignerImpl* self = new(ELeave) CDSASignerImpl();
1.38 + CleanupStack::PushL(self);
1.39 + self->ConstructL(aKey);
1.40 + return self;
1.41 + }
1.42 +
1.43 +CDSASignerImpl::CDSASignerImpl()
1.44 + {
1.45 + }
1.46 +
1.47 +CDSASignerImpl::~CDSASignerImpl()
1.48 + {
1.49 + }
1.50 +
1.51 +void CDSASignerImpl::ConstructL(const CKey& aKey)
1.52 + {
1.53 + CSignerImpl::ConstructL(aKey);
1.54 + }
1.55 +
1.56 +CExtendedCharacteristics* CDSASignerImpl::CreateExtendedCharacteristicsL()
1.57 + {
1.58 + // All Symbian software plug-ins have unlimited concurrency, cannot be reserved
1.59 + // for exclusive use and are not CERTIFIED to be standards compliant.
1.60 + return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
1.61 + }
1.62 +
1.63 +const CExtendedCharacteristics* CDSASignerImpl::GetExtendedCharacteristicsL()
1.64 + {
1.65 + return CDSASignerImpl::CreateExtendedCharacteristicsL();
1.66 + }
1.67 +
1.68 +TUid CDSASignerImpl::ImplementationUid() const
1.69 + {
1.70 + return KCryptoPluginDsaSignerUid;
1.71 + }
1.72 +
1.73 +void CDSASignerImpl::SetKeyL(const CKey& aPrivateKey)
1.74 + {
1.75 + DoSetKeyL(aPrivateKey);
1.76 + Reset();
1.77 + }
1.78 +
1.79 +TInt CDSASignerImpl::GetMaximumInputLengthL() const
1.80 + {
1.81 + return KSha1HashLength;
1.82 + }
1.83 +
1.84 +void CDSASignerImpl::SignL(const TDesC8& aInput, CCryptoParams& aSignature)
1.85 + {
1.86 +
1.87 + //see HAC 11.56 or DSS section 5
1.88 + //I'll follow HAC as I like its description better
1.89 + //We don't check that r and s are non both non-null like the DSS
1.90 + //states you _optionally_ can. The chances of this are _incredibly_ small.
1.91 + //You've got a much better chance of a bit failure ocurring in the hardware
1.92 + //than this.
1.93 +
1.94 + const TInteger& tQ=iKey->GetBigIntL(KDsaKeyParameterQUid);
1.95 +
1.96 + // a) Select a random secret integer (k | 0 < k < q)
1.97 + RInteger qminus1 = RInteger::NewL(tQ);
1.98 + CleanupStack::PushL(qminus1);
1.99 + --qminus1;
1.100 + RInteger k = RInteger::NewRandomL(TInteger::One(), qminus1);
1.101 + CleanupStack::PopAndDestroy(&qminus1);
1.102 + CleanupStack::PushL(k);
1.103 +
1.104 +
1.105 + // b) compute r = (g^k mod p) mod q
1.106 +
1.107 + const TInteger& tG=iKey->GetBigIntL(KDsaKeyParameterGUid);
1.108 + const TInteger& tP=iKey->GetBigIntL(KDsaKeyParameterPUid);
1.109 + RInteger r = TInteger::ModularExponentiateL(tG, k, tP);
1.110 + CleanupStack::PushL(r);
1.111 + r %=tQ;
1.112 +
1.113 +
1.114 + // c) compute k^(-1) mod q
1.115 +
1.116 + RInteger kinv = k.InverseModL(tQ);
1.117 + CleanupStack::PushL(kinv);
1.118 +
1.119 +
1.120 + // d) compute s = k^(-1) * {h(m) + xr} mod q
1.121 + // Note that in order to be interoperable, compliant with the DSS, and
1.122 + // secure, aInput must be the result of a SHA-1 hash
1.123 +
1.124 + RInteger hm = RInteger::NewL(aInput);
1.125 + CleanupStack::PushL(hm);
1.126 +
1.127 + const TInteger& tX=iKey->GetBigIntL(KDsaKeyParameterXUid);
1.128 + RInteger s = tX.TimesL(r);
1.129 + CleanupStack::PushL(s);
1.130 + s += hm;
1.131 + s *= kinv;
1.132 + s %= tQ;
1.133 +
1.134 +
1.135 + // e) signature for m is the pair (r,s)
1.136 + aSignature.AddL(r, KDsaSignatureParameterRUid);
1.137 + aSignature.AddL(s, KDsaSignatureParameterSUid);
1.138 +
1.139 + CleanupStack::PopAndDestroy(5, &k);
1.140 + }