os/security/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/OpenedKeys.cpp
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/OpenedKeys.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,632 @@
1.4 +/*
1.5 +* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +#include "OpenedKeys.h"
1.23 +#include "cfskeystoreserver.h"
1.24 +#include "keystreamutils.h"
1.25 +#include "fsdatatypes.h"
1.26 +#include "keystorepassphrase.h"
1.27 +
1.28 +#include <asymmetric.h>
1.29 +#include <asymmetrickeys.h>
1.30 +#include <bigint.h>
1.31 +#include <ct.h>
1.32 +#include <securityerr.h>
1.33 +#include <e32base.h>
1.34 +#include <mctkeystoreuids.h>
1.35 +
1.36 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.37 +#include <authserver/authtypes.h>
1.38 +#include <authserver/auth_srv_errs.h>
1.39 +#include <s32mem.h>
1.40 +#include "keystore_errs.h"
1.41 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.42 +
1.43 +// COpenedKey //////////////////////////////////////////////////////////////////
1.44 +
1.45 +COpenedKey* COpenedKey::NewL(const CFileKeyData& aKeyData, TUid aType, const RMessage2& aMessage,
1.46 + CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan)
1.47 + {
1.48 + COpenedKey* self = NULL;
1.49 +
1.50 + if (aType == KRSARepudiableSignerUID)
1.51 + {
1.52 + self = new (ELeave) CRSARepudiableSigner(aKeyData, aKeyDataMan, aPassMan);
1.53 + }
1.54 + else if (aType == KDSARepudiableSignerUID)
1.55 + {
1.56 + self = new (ELeave) CDSARepudiableSigner(aKeyData, aKeyDataMan, aPassMan);
1.57 + }
1.58 + else if (aType == KPrivateDecryptorUID)
1.59 + {
1.60 + self = new (ELeave) CFSRSADecryptor(aKeyData, aKeyDataMan, aPassMan);
1.61 + }
1.62 + else if (aType == KKeyAgreementUID)
1.63 + {
1.64 + self = new (ELeave) CDHAgreement(aKeyData, aKeyDataMan, aPassMan);
1.65 + }
1.66 + else
1.67 + {
1.68 + User::Invariant();
1.69 + }
1.70 +
1.71 + CleanupStack::PushL(self);
1.72 + self->ConstructL(aMessage);
1.73 + CleanupStack::Pop(self);
1.74 + return self;
1.75 + }
1.76 +
1.77 +COpenedKey::COpenedKey(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
1.78 + CActive(EPriorityStandard),
1.79 + iKeyData(aKeyData),
1.80 + iKeyDataMan(aKeyDataMan),
1.81 + iPassMan(aPassMan)
1.82 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.83 + ,iUserIdentity(NULL)
1.84 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.85 + {
1.86 + }
1.87 +
1.88 +void COpenedKey::ConstructL(const RMessage2& aMessage)
1.89 + {
1.90 + CKeyInfo* keyInfo = iKeyDataMan.ReadKeyInfoLC(iKeyData);
1.91 + CleanupStack::Pop(keyInfo);
1.92 + iKeyInfo = keyInfo;
1.93 + CheckKeyL(aMessage);
1.94 + iLabel = iKeyInfo->Label().AllocL();
1.95 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.96 + User::LeaveIfError(iAuthClient.Connect());
1.97 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.98 + CActiveScheduler::Add(this);
1.99 + }
1.100 +
1.101 +COpenedKey::~COpenedKey()
1.102 + {
1.103 + Cancel();
1.104 + delete iLabel;
1.105 + delete iKeyInfo;
1.106 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.107 + iAuthClient.Close();
1.108 + delete iExpression;
1.109 + delete iUserIdentity;
1.110 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.111 +
1.112 + }
1.113 +
1.114 +const TDesC& COpenedKey::Label() const
1.115 + {
1.116 + return *iLabel;
1.117 + }
1.118 +
1.119 +TInt COpenedKey::Handle() const
1.120 + {
1.121 + return iKeyData.Handle();
1.122 + }
1.123 +
1.124 +void COpenedKey::CheckKeyL(const RMessage2& aMessage)
1.125 + {
1.126 + // Check the client is allowed to use the key
1.127 + if (!iKeyInfo->UsePolicy().CheckPolicy(aMessage))
1.128 + {
1.129 + User::Leave(KErrPermissionDenied);
1.130 + }
1.131 +
1.132 + // Check that the operation represented by this object is supported for this
1.133 + // type of key
1.134 + if (iKeyInfo->Algorithm() != Algorithm())
1.135 + {
1.136 + User::Leave(KErrKeyAlgorithm);
1.137 + }
1.138 +
1.139 + // Check the key usage allows the operation
1.140 + if ((iKeyInfo->Usage() & RequiredUsage()) == 0)
1.141 + {
1.142 + User::Leave(KErrKeyUsage);
1.143 + }
1.144 +
1.145 + // Check current time is after start date (if set) and before end date (if
1.146 + // set)
1.147 + TTime timeNow;
1.148 + timeNow.UniversalTime();
1.149 + if (iKeyInfo->StartDate().Int64() != 0 && timeNow < iKeyInfo->StartDate())
1.150 + {
1.151 + User::Leave(KErrKeyValidity);
1.152 + }
1.153 + if (iKeyInfo->EndDate().Int64() != 0 && timeNow >= iKeyInfo->EndDate())
1.154 + {
1.155 + User::Leave(KErrKeyValidity);
1.156 + }
1.157 +
1.158 + }
1.159 +
1.160 +#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.161 +void COpenedKey::GetPassphrase(TRequestStatus& aStatus)
1.162 + {
1.163 + ASSERT(iState == EIdle);
1.164 +
1.165 + TInt timeout = iKeyDataMan.GetPassphraseTimeout();
1.166 + TStreamId passphraseId = iKeyDataMan.DefaultPassphraseId();
1.167 + ASSERT(passphraseId != KNullStreamId);
1.168 + iClientStatus = &aStatus;
1.169 +
1.170 + iPassMan.GetPassphrase(passphraseId, timeout, iPassphrase, iStatus);
1.171 + iState = EGetPassphrase;
1.172 + SetActive();
1.173 + }
1.174 +#else
1.175 +void COpenedKey::AuthenticateL()
1.176 + {
1.177 + iExpression = iAuthClient.CreateAuthExpressionL(iKeyInfo->AuthExpression());
1.178 + TUid uid = TUid::Uid(0);
1.179 + iAuthClient.AuthenticateL(*iExpression,iKeyInfo->Freshness(), EFalse, uid, EFalse, KNullDesC, iUserIdentity, iStatus);
1.180 + iState = EAuthenticate;
1.181 + SetActive();
1.182 + }
1.183 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.184 +
1.185 +void COpenedKey::RunL()
1.186 + {
1.187 + User::LeaveIfError(iStatus.Int());
1.188 +
1.189 + switch (iState)
1.190 + {
1.191 + #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.192 + case EDoAuthenticate:
1.193 + AuthenticateL();
1.194 + break;
1.195 +
1.196 + case EAuthenticate:
1.197 + if(iUserIdentity->Id() == AuthServer::KUnknownIdentity)
1.198 + {
1.199 + User::Leave(KErrAuthenticationFailure);
1.200 + }
1.201 +
1.202 + if (!iKeyRead)
1.203 + {
1.204 + RStoreReadStream stream;
1.205 + iKeyDataMan.OpenPrivateDataStreamLC(iKeyData, stream);
1.206 + TPtrC8 key = iUserIdentity->Key().KeyData();
1.207 + HBufC8* plaintext = DecryptFromStreamL(stream, key);
1.208 + CleanupStack::PushL(plaintext);
1.209 + TAny* ptr = const_cast<TAny*>(static_cast<const TAny*>(plaintext->Des().PtrZ()));
1.210 +
1.211 + RMemReadStream decryptedStream(ptr, plaintext->Length());
1.212 + decryptedStream.PushL();
1.213 + ReadPrivateKeyL(decryptedStream);
1.214 + CleanupStack::PopAndDestroy(3,&stream); // plaintext, decryptedStream
1.215 + iKeyRead = ETrue;
1.216 + }
1.217 +
1.218 + delete iUserIdentity;
1.219 + iUserIdentity = NULL;
1.220 + delete iExpression;
1.221 + iExpression = NULL;
1.222 + PerformOperationL();
1.223 + Complete(KErrNone);
1.224 + break;
1.225 + #else
1.226 + case EGetPassphrase:
1.227 + ASSERT(iPassphrase);
1.228 + if (!iKeyRead)
1.229 + {
1.230 + RStoreReadStream stream;
1.231 + iKeyDataMan.OpenPrivateDataStreamLC(iKeyData, *iPassphrase, stream);
1.232 + ReadPrivateKeyL(stream);
1.233 + CleanupStack::PopAndDestroy(&stream);
1.234 + iKeyRead = ETrue;
1.235 + }
1.236 + PerformOperationL();
1.237 + Complete(KErrNone);
1.238 + break;
1.239 + #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.240 + default:
1.241 + ASSERT(EFalse);
1.242 + }
1.243 + }
1.244 +
1.245 +TInt COpenedKey::RunError(TInt aError)
1.246 + {
1.247 + Complete(aError);
1.248 + return KErrNone;
1.249 + }
1.250 +
1.251 +void COpenedKey::DoCancel()
1.252 + {
1.253 + Complete(KErrCancel);
1.254 + }
1.255 +
1.256 +void COpenedKey::Complete(TInt aError)
1.257 + {
1.258 + Cleanup();
1.259 + iPassphrase = NULL;
1.260 + if (iClientStatus)
1.261 + {
1.262 + User::RequestComplete(iClientStatus, aError);
1.263 + }
1.264 + iState = EIdle;
1.265 + }
1.266 +
1.267 +void COpenedKey::Cleanup()
1.268 + {
1.269 + #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.270 + delete iUserIdentity;
1.271 + iUserIdentity = NULL;
1.272 + delete iExpression;
1.273 + iExpression = NULL;
1.274 + #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.275 + }
1.276 +
1.277 +// CRSARepudiableSigner ////////////////////////////////////////////////////////
1.278 +
1.279 +CRSARepudiableSigner::CRSARepudiableSigner(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
1.280 + COpenedKey(aKeyData, aKeyDataMan, aPassMan)
1.281 + {
1.282 + }
1.283 +
1.284 +CRSARepudiableSigner::~CRSARepudiableSigner()
1.285 + {
1.286 + delete iPrivateKey;
1.287 + }
1.288 +
1.289 +TUid CRSARepudiableSigner::Type() const
1.290 + {
1.291 + return KRSARepudiableSignerUID;
1.292 + }
1.293 +
1.294 +CKeyInfo::EKeyAlgorithm CRSARepudiableSigner::Algorithm() const
1.295 + {
1.296 + return CKeyInfo::ERSA;
1.297 + }
1.298 +
1.299 +TKeyUsagePKCS15 CRSARepudiableSigner::RequiredUsage() const
1.300 + {
1.301 + return EPKCS15UsageSignSignRecover;
1.302 + }
1.303 +
1.304 +void CRSARepudiableSigner::Sign(const TDesC8& aPlaintext,
1.305 + CRSASignature*& aSignature,
1.306 + TRequestStatus& aStatus)
1.307 + {
1.308 + ASSERT(iPlaintext.Ptr() == NULL);
1.309 + ASSERT(iSignaturePtr == NULL);
1.310 + iPlaintext.Set(aPlaintext);
1.311 + iSignaturePtr = &aSignature;
1.312 +#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.313 + GetPassphrase(aStatus);
1.314 +#else
1.315 + aStatus = KRequestPending;
1.316 + iClientStatus = &aStatus;
1.317 + iState = EDoAuthenticate;
1.318 + SetActive();
1.319 + TRequestStatus* status = &iStatus;
1.320 + User::RequestComplete(status, KErrNone);
1.321 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.322 + }
1.323 +
1.324 +void CRSARepudiableSigner::ReadPrivateKeyL(RReadStream& aStream)
1.325 + {
1.326 + ASSERT(iPrivateKey == NULL);
1.327 + CreateL(aStream, iPrivateKey);
1.328 + }
1.329 +
1.330 +void CRSARepudiableSigner::PerformOperationL()
1.331 + {
1.332 + ASSERT(iPrivateKey);
1.333 +
1.334 + CRSAPKCS1v15Signer* signer = CRSAPKCS1v15Signer::NewLC(*iPrivateKey);
1.335 + const CRSASignature* signature = signer->SignL(iPlaintext);
1.336 + CleanupStack::PopAndDestroy(signer);
1.337 + *iSignaturePtr = const_cast<CRSASignature*>(signature);
1.338 + }
1.339 +
1.340 +void CRSARepudiableSigner::Cleanup()
1.341 + {
1.342 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.343 + COpenedKey::Cleanup();
1.344 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.345 + iPlaintext.Set(NULL, 0);
1.346 + iSignaturePtr = NULL;
1.347 + }
1.348 +
1.349 +// CDSARepudiableSigner ////////////////////////////////////////////////////////
1.350 +
1.351 +CDSARepudiableSigner::CDSARepudiableSigner(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
1.352 + COpenedKey(aKeyData, aKeyDataMan, aPassMan)
1.353 + {
1.354 + }
1.355 +
1.356 +CDSARepudiableSigner::~CDSARepudiableSigner()
1.357 + {
1.358 + delete iPrivateKey;
1.359 + }
1.360 +
1.361 +TUid CDSARepudiableSigner::Type() const
1.362 + {
1.363 + return KDSARepudiableSignerUID;
1.364 + }
1.365 +
1.366 +CKeyInfo::EKeyAlgorithm CDSARepudiableSigner::Algorithm() const
1.367 + {
1.368 + return CKeyInfo::EDSA;
1.369 + }
1.370 +
1.371 +TKeyUsagePKCS15 CDSARepudiableSigner::RequiredUsage() const
1.372 + {
1.373 + return EPKCS15UsageSignSignRecover;
1.374 + }
1.375 +
1.376 +void CDSARepudiableSigner::Sign(const TDesC8& aPlaintext,
1.377 + CDSASignature*& aSignature,
1.378 + TRequestStatus& aStatus)
1.379 + {
1.380 + ASSERT(iPlaintext.Ptr() == NULL);
1.381 + ASSERT(iSignaturePtr == NULL);
1.382 + iPlaintext.Set(aPlaintext);
1.383 + iSignaturePtr = &aSignature;
1.384 +#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.385 + GetPassphrase(aStatus);
1.386 +#else
1.387 + aStatus = KRequestPending;
1.388 + iClientStatus = &aStatus;
1.389 + iState = EDoAuthenticate;
1.390 + SetActive();
1.391 + TRequestStatus* status = &iStatus;
1.392 + User::RequestComplete(status, KErrNone);
1.393 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.394 + }
1.395 +
1.396 +void CDSARepudiableSigner::ReadPrivateKeyL(RReadStream& aStream)
1.397 + {
1.398 + ASSERT(iPrivateKey == NULL);
1.399 + CreateL(aStream, iPrivateKey);
1.400 + }
1.401 +
1.402 +void CDSARepudiableSigner::PerformOperationL()
1.403 + {
1.404 + ASSERT(iPrivateKey);
1.405 +
1.406 + CDSASigner* signer = CDSASigner::NewLC(*iPrivateKey);
1.407 + const CDSASignature* signature = signer->SignL(iPlaintext);
1.408 + CleanupStack::PopAndDestroy(signer);
1.409 + *iSignaturePtr = const_cast<CDSASignature*>(signature);
1.410 + }
1.411 +
1.412 +void CDSARepudiableSigner::Cleanup()
1.413 + {
1.414 + #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.415 + COpenedKey::Cleanup();
1.416 + #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.417 +
1.418 + iPlaintext.Set(NULL, 0);
1.419 + iSignaturePtr = NULL;
1.420 + }
1.421 +
1.422 +// CFSRSADecryptor /////////////////////////////////////////////////////////////
1.423 +
1.424 +CFSRSADecryptor::CFSRSADecryptor(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
1.425 + COpenedKey(aKeyData, aKeyDataMan, aPassMan)
1.426 + {
1.427 + }
1.428 +
1.429 +CFSRSADecryptor::~CFSRSADecryptor()
1.430 + {
1.431 + delete iPrivateKey;
1.432 + }
1.433 +
1.434 +TUid CFSRSADecryptor::Type() const
1.435 + {
1.436 + return KPrivateDecryptorUID;
1.437 + }
1.438 +
1.439 +CKeyInfo::EKeyAlgorithm CFSRSADecryptor::Algorithm() const
1.440 + {
1.441 + return CKeyInfo::ERSA;
1.442 + }
1.443 +
1.444 +TKeyUsagePKCS15 CFSRSADecryptor::RequiredUsage() const
1.445 + {
1.446 + return EPKCS15UsageDecryptUnwrap;
1.447 + }
1.448 +
1.449 +void CFSRSADecryptor::Decrypt(const TDesC8& aCiphertext,
1.450 + HBufC8*& aPlaintext,
1.451 + TRequestStatus& aStatus)
1.452 + {
1.453 + ASSERT(iCiphertext.Ptr() == NULL);
1.454 + ASSERT(iPlaintextPtr == NULL);
1.455 + iCiphertext.Set(aCiphertext);
1.456 + iPlaintextPtr = &aPlaintext;
1.457 +#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.458 + GetPassphrase(aStatus);
1.459 +#else
1.460 + aStatus = KRequestPending;
1.461 + iClientStatus = &aStatus;
1.462 + iState = EDoAuthenticate;
1.463 + SetActive();
1.464 + TRequestStatus* status = &iStatus;
1.465 + User::RequestComplete(status, KErrNone);
1.466 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.467 + }
1.468 +
1.469 +void CFSRSADecryptor::ReadPrivateKeyL(RReadStream& aStream)
1.470 + {
1.471 + ASSERT(iPrivateKey == NULL);
1.472 + CreateL(aStream, iPrivateKey);
1.473 + }
1.474 +
1.475 +void CFSRSADecryptor::PerformOperationL()
1.476 + {
1.477 + ASSERT(iPrivateKey);
1.478 +
1.479 + CRSAPKCS1v15Decryptor* decryptor = CRSAPKCS1v15Decryptor::NewLC(*iPrivateKey);
1.480 + HBufC8* plaintext = HBufC8::NewMaxLC(decryptor->MaxOutputLength());
1.481 + TPtr8 ptr = plaintext->Des();
1.482 + decryptor->DecryptL(iCiphertext, ptr);
1.483 +
1.484 + *iPlaintextPtr = plaintext;
1.485 + CleanupStack::Pop(plaintext); // now owned by client
1.486 + CleanupStack::PopAndDestroy(decryptor);
1.487 + }
1.488 +
1.489 +void CFSRSADecryptor::Cleanup()
1.490 + {
1.491 + #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.492 + COpenedKey::Cleanup();
1.493 + #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.494 +
1.495 + iCiphertext.Set(NULL, 0);
1.496 + iPlaintextPtr = NULL;
1.497 + }
1.498 +
1.499 +// CDHAgreement ////////////////////////////////////////////////////////////////
1.500 +
1.501 +CDHAgreement::CDHAgreement(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
1.502 + COpenedKey(aKeyData, aKeyDataMan, aPassMan)
1.503 + {
1.504 + }
1.505 +
1.506 +CDHAgreement::~CDHAgreement()
1.507 + {
1.508 + iKey.Close();
1.509 + }
1.510 +
1.511 +TUid CDHAgreement::Type() const
1.512 + {
1.513 + return KKeyAgreementUID;
1.514 + }
1.515 +
1.516 +CKeyInfo::EKeyAlgorithm CDHAgreement::Algorithm() const
1.517 + {
1.518 + return CKeyInfo::EDH;
1.519 + }
1.520 +
1.521 +TKeyUsagePKCS15 CDHAgreement::RequiredUsage() const
1.522 + {
1.523 + return EPKCS15UsageDerive;
1.524 + }
1.525 +
1.526 +void CDHAgreement::PublicKey(CDHParams& aParameters, RInteger& aPublicKey, TRequestStatus& aStatus)
1.527 + {
1.528 + ASSERT(iPKParams == NULL);
1.529 + ASSERT(iPKPublicKeyPtr == NULL);
1.530 + iPKParams = &aParameters;
1.531 + iPKPublicKeyPtr = &aPublicKey;
1.532 + iDHState = EPublicKey;
1.533 +#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.534 + GetPassphrase(aStatus);
1.535 +#else
1.536 + aStatus = KRequestPending;
1.537 + iClientStatus = &aStatus;
1.538 + iState = EDoAuthenticate;
1.539 + SetActive();
1.540 + TRequestStatus* status = &iStatus;
1.541 + User::RequestComplete(status, KErrNone);
1.542 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.543 + }
1.544 +
1.545 +void CDHAgreement::Agree(CDHPublicKey& aY, HBufC8*& aAgreedKey, TRequestStatus& aStatus)
1.546 + {
1.547 + ASSERT(iAKPublicKey == NULL);
1.548 + ASSERT(iAKAgreedKeyPtr == NULL);
1.549 + iAKPublicKey = &aY;
1.550 + iAKAgreedKeyPtr = &aAgreedKey;
1.551 + iDHState = EAgree;
1.552 +#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.553 + GetPassphrase(aStatus);
1.554 +#else
1.555 + aStatus = KRequestPending;
1.556 + iClientStatus = &aStatus;
1.557 + iState = EDoAuthenticate;
1.558 + SetActive();
1.559 + TRequestStatus* status = &iStatus;
1.560 + User::RequestComplete(status, KErrNone);
1.561 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.562 + }
1.563 +
1.564 +void CDHAgreement::ReadPrivateKeyL(RReadStream& aStream)
1.565 + {
1.566 + CreateLC(aStream, iKey);
1.567 + CleanupStack::Pop(&iKey);
1.568 + }
1.569 +
1.570 +void CDHAgreement::PerformOperationL()
1.571 + {
1.572 + switch (iDHState)
1.573 + {
1.574 + case EPublicKey:
1.575 + DoPublicKeyL();
1.576 + break;
1.577 + case EAgree:
1.578 + DoAgreeL();
1.579 + break;
1.580 + default:
1.581 + ASSERT(FALSE);
1.582 + }
1.583 + }
1.584 +
1.585 +void CDHAgreement::DoPublicKeyL()
1.586 + {
1.587 + ASSERT(iPKParams);
1.588 + ASSERT(iPKPublicKeyPtr);
1.589 +
1.590 + RInteger n = iPKParams->TakeN();
1.591 + CleanupStack::PushL(n);
1.592 + RInteger g = iPKParams->TakeG();
1.593 + CleanupStack::PushL(g);
1.594 + RInteger x = RInteger::NewL(iKey);
1.595 + CleanupStack::PushL(x);
1.596 + CDHKeyPair* keyPair = CDHKeyPair::NewL(n, g, x);
1.597 + CleanupStack::Pop(3); // x, g, n
1.598 + CleanupStack::PushL(keyPair);
1.599 +
1.600 + const CDHPublicKey& pubKey = keyPair->PublicKey();
1.601 + *iPKPublicKeyPtr = RInteger::NewL(pubKey.X());
1.602 + CleanupStack::PopAndDestroy(keyPair);
1.603 + }
1.604 +
1.605 +void CDHAgreement::DoAgreeL()
1.606 + {
1.607 + ASSERT(iAKPublicKey);
1.608 + ASSERT(iAKAgreedKeyPtr);
1.609 +
1.610 + RInteger n = RInteger::NewL(iAKPublicKey->N());
1.611 + CleanupStack::PushL(n);
1.612 + RInteger g = RInteger::NewL(iAKPublicKey->G());
1.613 + CleanupStack::PushL(g);
1.614 + RInteger x = RInteger::NewL(iKey);
1.615 + CleanupStack::PushL(x);
1.616 + CDHPrivateKey* privKey = CDHPrivateKey::NewL(n, g, x);
1.617 + CleanupStack::Pop(3); // x, g, n
1.618 + CleanupStack::PushL(privKey);
1.619 + CDH* dh = CDH::NewLC(*privKey);
1.620 + *iAKAgreedKeyPtr = const_cast<HBufC8*>(dh->AgreeL(*iAKPublicKey));
1.621 + CleanupStack::PopAndDestroy(2, privKey);
1.622 + }
1.623 +
1.624 +void CDHAgreement::Cleanup()
1.625 + {
1.626 + #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.627 + COpenedKey::Cleanup();
1.628 + #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.629 +
1.630 + iPKParams = NULL;
1.631 + iPKPublicKeyPtr = NULL;
1.632 + iAKPublicKey = NULL;
1.633 + iAKAgreedKeyPtr = NULL;
1.634 + iDHState = EIdle;
1.635 + }