1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/pkcs10/keyhelper.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,250 @@
1.4 +/*
1.5 +* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +#include "keyhelper.h"
1.23 +#include <asn1enc.h>
1.24 +#include <asymmetric.h>
1.25 +#include <x509cert.h>
1.26 +
1.27 +// CPKCS10KeyHelper ////////////////////////////////////////////////////////////
1.28 +
1.29 +CPKCS10KeyHelper* CPKCS10KeyHelper::CreateKeyHelperL(MCTKeyStore& aKeyStore,
1.30 + const CCTKeyInfo& aKeyInfo,
1.31 + const TDesC8& aExportedKey,
1.32 + const TAlgorithmId aDigestId)
1.33 + {
1.34 + CPKCS10KeyHelper* result = NULL;
1.35 +
1.36 + switch (aKeyInfo.Algorithm())
1.37 + {
1.38 + case CCTKeyInfo::ERSA:
1.39 + result = new (ELeave) CPKCS10RSAKeyHelper(aKeyStore, aKeyInfo);
1.40 + break;
1.41 +
1.42 + case CCTKeyInfo::EDSA:
1.43 + result = new (ELeave) CPKCS10DSAKeyHelper(aKeyStore, aKeyInfo);
1.44 + break;
1.45 +
1.46 + default:
1.47 + User::Leave(KErrArgument);
1.48 + }
1.49 +
1.50 + CleanupStack::PushL(result);
1.51 + result->CreateKeyEncoderL(aExportedKey, aDigestId);
1.52 + CleanupStack::Pop(result);
1.53 +
1.54 + return result;
1.55 + }
1.56 +
1.57 +CPKCS10KeyHelper::CPKCS10KeyHelper(MCTKeyStore& aKeyStore, const CCTKeyInfo& aKeyInfo) :
1.58 + iKeyStore(aKeyStore),
1.59 + iKeyInfo(aKeyInfo)
1.60 + {
1.61 + }
1.62 +
1.63 +CPKCS10KeyHelper::~CPKCS10KeyHelper()
1.64 + {
1.65 + delete iKeyEncoder;
1.66 + }
1.67 +
1.68 +CASN1EncBase* CPKCS10KeyHelper::EncodeKeyLC()
1.69 + {
1.70 + return iKeyEncoder->EncodeKeyLC();
1.71 + }
1.72 +
1.73 +CASN1EncBase* CPKCS10KeyHelper::DigestInfoLC(const TDesC8& digest)
1.74 + {
1.75 + CASN1EncSequence* seq = CASN1EncSequence::NewLC();
1.76 +
1.77 + // DigestAlgorithmIdentifier
1.78 + CASN1EncSequence* digestAlgID =iKeyEncoder-> EncodeDigestAlgorithmLC();
1.79 +
1.80 + seq->AddAndPopChildL(digestAlgID);
1.81 +
1.82 + // Actual message digest
1.83 + CASN1EncOctetString* octet = CASN1EncOctetString::NewLC(digest);
1.84 + seq->AddAndPopChildL(octet);
1.85 +
1.86 + return seq;
1.87 + }
1.88 +
1.89 +
1.90 +CASN1EncSequence* CPKCS10KeyHelper::EncodeSignatureAlgorithmLC()
1.91 + {
1.92 + return iKeyEncoder->EncodeSignatureAlgorithmLC();
1.93 + }
1.94 +
1.95 +// CPKCS10RSAKeyHelper /////////////////////////////////////////////////////////
1.96 +
1.97 +CPKCS10RSAKeyHelper::CPKCS10RSAKeyHelper(MCTKeyStore& aKeyStore, const CCTKeyInfo& aKeyInfo) :
1.98 + CPKCS10KeyHelper(aKeyStore, aKeyInfo)
1.99 + {
1.100 + }
1.101 +
1.102 +CPKCS10RSAKeyHelper::~CPKCS10RSAKeyHelper()
1.103 + {
1.104 + if (iRSASigner)
1.105 + {
1.106 + iRSASigner->Release();
1.107 + }
1.108 + if (iDigestBuf)
1.109 + {
1.110 + delete iDigestBuf;
1.111 + }
1.112 + delete iRSASignature;
1.113 + delete iPublicKey;
1.114 + }
1.115 +
1.116 +void CPKCS10RSAKeyHelper::OpenSigner(TRequestStatus& aStatus)
1.117 + {
1.118 + iKeyStore.Open(iKeyInfo, iRSASigner, aStatus);
1.119 + }
1.120 +
1.121 +void CPKCS10RSAKeyHelper::CancelOpenSigner()
1.122 + {
1.123 + iKeyStore.CancelOpen();
1.124 + }
1.125 +
1.126 +void CPKCS10RSAKeyHelper::SignDigestL(const TDesC8& aDigest, TRequestStatus& aStatus)
1.127 + {
1.128 + CASN1EncBase* digestInfo = DigestInfoLC(aDigest);
1.129 +
1.130 + // DER encode it!
1.131 + iDigestBuf = HBufC8::NewMaxL(digestInfo->LengthDER());
1.132 + TPtr8 oct(iDigestBuf->Des());
1.133 + oct.FillZ();
1.134 +
1.135 + TUint writePos = 0;
1.136 + digestInfo->WriteDERL(oct, writePos);
1.137 +
1.138 + // Sign the DER encoded digest info
1.139 + iRSASigner->Sign(*iDigestBuf, iRSASignature, aStatus);
1.140 +
1.141 + //CleanupStack::PopAndDestroy(octetData);
1.142 + CleanupStack::PopAndDestroy(digestInfo);
1.143 + }
1.144 +
1.145 +void CPKCS10RSAKeyHelper::CancelSignDigest()
1.146 + {
1.147 + iRSASigner->CancelSign();
1.148 + }
1.149 +
1.150 +void CPKCS10RSAKeyHelper::CreateKeyEncoderL(const TDesC8& aExportedKey, TAlgorithmId aDigestId)
1.151 + {
1.152 + CX509SubjectPublicKeyInfo* ki = CX509SubjectPublicKeyInfo::NewLC(aExportedKey);
1.153 + TX509KeyFactory factory;
1.154 + iPublicKey = factory.RSAPublicKeyL(ki->KeyData());
1.155 + CleanupStack::PopAndDestroy(ki);
1.156 + iKeyEncoder = new (ELeave) TX509RSAKeyEncoder(*iPublicKey, aDigestId);
1.157 + }
1.158 +
1.159 +
1.160 +CASN1EncBitString* CPKCS10RSAKeyHelper::EncodeSignatureLC()
1.161 + {
1.162 + // Get raw signature data
1.163 + HBufC8* sigData = iRSASignature->S().BufferLC();
1.164 +
1.165 + // Create ASN.1 bit string from the signature and return it.
1.166 + CASN1EncBitString* encSig = CASN1EncBitString::NewL(*sigData);
1.167 + CleanupStack::PopAndDestroy(sigData);
1.168 + CleanupStack::PushL(encSig);
1.169 +
1.170 + return encSig;
1.171 + }
1.172 +
1.173 +// CPKCS10DSAKeyHelper /////////////////////////////////////////////////////////
1.174 +
1.175 +CPKCS10DSAKeyHelper::CPKCS10DSAKeyHelper(MCTKeyStore& aKeyStore, const CCTKeyInfo& aKeyInfo) :
1.176 + CPKCS10KeyHelper(aKeyStore, aKeyInfo)
1.177 + {
1.178 + }
1.179 +
1.180 +CPKCS10DSAKeyHelper::~CPKCS10DSAKeyHelper()
1.181 + {
1.182 + if (iDSASigner)
1.183 + iDSASigner->Release();
1.184 + delete iDSASignature;
1.185 + delete iPublicKey;
1.186 + }
1.187 +
1.188 +void CPKCS10DSAKeyHelper::OpenSigner(TRequestStatus& aStatus)
1.189 + {
1.190 + iKeyStore.Open(iKeyInfo, iDSASigner, aStatus);
1.191 + }
1.192 +
1.193 +void CPKCS10DSAKeyHelper::CancelOpenSigner()
1.194 + {
1.195 + iKeyStore.CancelOpen();
1.196 + }
1.197 +
1.198 +void CPKCS10DSAKeyHelper::SignDigestL(const TDesC8& aDigest, TRequestStatus& aStatus)
1.199 + {
1.200 + iDSASigner->Sign(aDigest, iDSASignature, aStatus);
1.201 + }
1.202 +
1.203 +void CPKCS10DSAKeyHelper::CancelSignDigest()
1.204 + {
1.205 + iDSASigner->CancelSign();
1.206 + }
1.207 +
1.208 +void CPKCS10DSAKeyHelper::CreateKeyEncoderL(const TDesC8& aExportedKey, TAlgorithmId aDigestId)
1.209 + {
1.210 + CX509SubjectPublicKeyInfo* ki = CX509SubjectPublicKeyInfo::NewLC(aExportedKey);
1.211 + TX509KeyFactory factory;
1.212 + iPublicKey = factory.DSAPublicKeyL(ki->EncodedParams(), ki->KeyData());
1.213 + CleanupStack::PopAndDestroy(ki);
1.214 + iKeyEncoder = new (ELeave) TX509DSAKeyEncoder(*iPublicKey, aDigestId);
1.215 + }
1.216 +
1.217 +/**
1.218 + * Override default implementation - leave DSA parameters out of the
1.219 + * AlgorithmIdentifier when it appears outside of SubjectPublicKeyInfo.
1.220 + */
1.221 +CASN1EncSequence* CPKCS10DSAKeyHelper::EncodeSignatureAlgorithmLC()
1.222 + {
1.223 + CASN1EncSequence* seq = CASN1EncSequence::NewLC();
1.224 + // Assume only SHA1 with DSA
1.225 + CASN1EncObjectIdentifier* oid = CASN1EncObjectIdentifier::NewLC(KDSAWithSHA1);
1.226 + seq->AddAndPopChildL(oid);
1.227 +
1.228 + // Don't add parameters!
1.229 +
1.230 + return seq;
1.231 + }
1.232 +
1.233 +CASN1EncBitString* CPKCS10DSAKeyHelper::EncodeSignatureLC()
1.234 + {
1.235 + // Create sequence that will hold the two bit integers.
1.236 + CASN1EncSequence* sigSeq = CASN1EncSequence::NewLC();
1.237 + // Stuff two signature integers into the sequence.
1.238 +
1.239 + CASN1EncBigInt* r = CASN1EncBigInt::NewLC(iDSASignature->R());
1.240 + sigSeq->AddAndPopChildL(r);
1.241 + CASN1EncBigInt* s = CASN1EncBigInt::NewLC(iDSASignature->S());
1.242 + sigSeq->AddAndPopChildL(s);
1.243 +
1.244 + // Wrap the sequence into a bit string
1.245 + // Create ASN.1 encoding from the signature and return it.
1.246 + CASN1EncBitString* sigDer = CASN1EncBitString::NewL(*sigSeq);
1.247 +
1.248 + CleanupStack::PopAndDestroy(sigSeq);
1.249 + CleanupStack::PushL(sigDer);
1.250 +
1.251 + return sigDer;
1.252 + }
1.253 +