2 * Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies).
4 * This component and the accompanying materials are made available
5 * under the terms of the License "Eclipse Public License v1.0"
6 * which accompanies this distribution, and is available
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
9 * Initial Contributors:
10 * Nokia Corporation - initial contribution.
22 #include <securityerr.h>
23 #include <cryptopanic.h>
26 CPadding::CPadding(void) : iBlockBytes(-1)
30 EXPORT_C CPadding::CPadding(TInt aBlockBytes) : iBlockBytes(aBlockBytes)
32 __ASSERT_ALWAYS(aBlockBytes > 0, User::Invariant());
35 EXPORT_C void CPadding::SetBlockSize(TInt aBlockBytes)
37 __ASSERT_ALWAYS(aBlockBytes > 0, User::Invariant());
38 iBlockBytes = aBlockBytes;
41 EXPORT_C TInt CPadding::BlockSize(void) const
46 EXPORT_C TInt CPadding::MaxPaddedLength(TInt /*aInputBytes*/) const
51 EXPORT_C TInt CPadding::MaxUnPaddedLength(TInt aInputBytes) const
53 return aInputBytes - MinPaddingLength();
56 EXPORT_C void CPadding::PadL(const TDesC8& aInput, TDes8& aOutput)
58 // Check that the input is small enough to fit inside one padded block
59 __ASSERT_DEBUG(aInput.Length() <= BlockSize() - MinPaddingLength(),
60 User::Panic(KCryptoPanic, ECryptoPanicPadInputTooLarge));
62 // Check that the output descriptor supplied is large enough to store the result
63 __ASSERT_DEBUG(aOutput.MaxLength() >= MaxPaddedLength(aInput.Length()),
64 User::Panic(KCryptoPanic, ECryptoPanicOutputDescriptorOverflow));
66 // Call the virtual function, implemented by derived classes
67 DoPadL(aInput, aOutput);
71 EXPORT_C CPaddingNone* CPaddingNone::NewL(TInt aBlockBytes)
73 __ASSERT_ALWAYS(aBlockBytes > 0, User::Leave(KErrArgument));
74 return new(ELeave)CPaddingNone(aBlockBytes);
77 EXPORT_C CPaddingNone* CPaddingNone::NewLC(TInt aBlockBytes)
79 CPaddingNone* self = CPaddingNone::NewL(aBlockBytes);
80 CleanupStack::PushL(self);
84 EXPORT_C CPaddingNone::CPaddingNone(TInt aBlockBytes):CPadding(aBlockBytes)
88 void CPaddingNone::DoPadL(const TDesC8& aInput,TDes8& aOutput)
90 aOutput.Append(aInput);
93 void CPaddingNone::UnPadL(const TDesC8& aInput,TDes8& aOutput)
95 __ASSERT_DEBUG(aOutput.MaxLength() >= MaxPaddedLength(aInput.Length()), User::Panic(KCryptoPanic, ECryptoPanicOutputDescriptorOverflow));
96 aOutput.Append(aInput);
99 TInt CPaddingNone::MinPaddingLength(void) const
104 TInt CPaddingNone::MaxPaddedLength(TInt aInputSize) const
110 EXPORT_C CPaddingSSLv3* CPaddingSSLv3::NewL(TInt aBlockBytes)
112 __ASSERT_ALWAYS(aBlockBytes > 0, User::Leave(KErrArgument));
113 return new(ELeave)CPaddingSSLv3(aBlockBytes);
116 EXPORT_C CPaddingSSLv3* CPaddingSSLv3::NewLC(TInt aBlockBytes)
118 CPaddingSSLv3* self = CPaddingSSLv3::NewL(aBlockBytes);
119 CleanupStack::PushL(self);
123 EXPORT_C CPaddingSSLv3::CPaddingSSLv3(TInt aBlockBytes):CPadding(aBlockBytes)
127 void CPaddingSSLv3::DoPadL(const TDesC8& aInput,TDes8& aOutput)
129 TInt paddingBytes=BlockSize()-(aInput.Length()%BlockSize());
130 aOutput.Append(aInput);
131 aOutput.SetLength(aOutput.Length()+paddingBytes);
132 for (TInt i=1;i<=paddingBytes;i++)
134 aOutput[aOutput.Length()-i]=(TUint8)(paddingBytes-1);
138 void CPaddingSSLv3::UnPadL(const TDesC8& aInput,TDes8& aOutput)
140 TInt paddingLen = aInput[aInput.Length()-1] + 1;
142 if (paddingLen > aInput.Length())
144 User::Leave(KErrInvalidPadding);
147 TInt outlen = aInput.Length() - paddingLen;
149 __ASSERT_DEBUG(aOutput.MaxLength() >= outlen, User::Panic(KCryptoPanic, ECryptoPanicOutputDescriptorOverflow));
151 aOutput.Append(aInput.Left(outlen));
154 TInt CPaddingSSLv3::MinPaddingLength(void) const
156 //if aInputBytes is 1 less than the blocksize then we get 1 byte of padding
160 TInt CPaddingSSLv3::MaxPaddedLength(TInt aInputBytes) const
162 TUint padBytes = BlockSize() - (aInputBytes % BlockSize());
163 return padBytes + aInputBytes;
166 /* CPaddingPKCS1Signature */
167 EXPORT_C CPaddingPKCS1Signature* CPaddingPKCS1Signature::NewL(TInt aBlockBytes)
169 return new(ELeave)CPaddingPKCS1Signature(aBlockBytes);
172 EXPORT_C CPaddingPKCS1Signature* CPaddingPKCS1Signature::NewLC(TInt aBlockBytes)
174 CPaddingPKCS1Signature* self = CPaddingPKCS1Signature::NewL(aBlockBytes);
175 CleanupStack::PushL(self);
179 EXPORT_C CPaddingPKCS1Signature::CPaddingPKCS1Signature(TInt aBlockBytes)
180 : CPadding(aBlockBytes)
184 void CPaddingPKCS1Signature::DoPadL(const TDesC8& aInput,TDes8& aOutput)
186 aOutput.SetLength(BlockSize());
190 TInt startOfData=BlockSize()-aInput.Length();
191 // PKCS1 also specifies a block type 0 for private key operations but
192 // does not recommend its use. This block type (0) is compatible with
193 // unpadded data though so you can create PKCS1 type 0 blocks using
195 aOutput[1]=1; // Block type 1 (private key operation)
196 for (i=2;i<(startOfData-1);i++)
201 aOutput[startOfData-1]=0; // separator
202 for (i=startOfData;i<BlockSize();i++,j++)
204 aOutput[i]=aInput[j];
208 void CPaddingPKCS1Signature::UnPadL(const TDesC8& aInput,TDes8& aOutput)
210 // erm, oops, this is not quite as simplistic as it first looks...
211 // our integer class will strip any leading zeros so we might actually
212 // get some real data that starts out looking like padding but isn't
215 TInt inputLen = aInput.Length();
217 User::Leave(KErrInvalidPadding); // Invalid padding data
219 // Leading zero may have been stripped off by integer class
221 if (aInput[dataStart] == 0)
226 if (dataStart < inputLen && aInput[dataStart]) // might be mode one or mode zero,
229 while (dataStart < inputLen && aInput[dataStart] == 0xff)
234 if (dataStart == inputLen || aInput[dataStart]) // this would mean theres no zero between 0x01ff and data...so its not mode one
235 dataStart=0; // mode zero, start from begining of data
239 else // We've definitely got a mode zero
240 { // or broken data, assume mode zero
244 TInt len=inputLen-dataStart;
246 __ASSERT_DEBUG(aOutput.MaxLength() >= len, User::Panic(KCryptoPanic, ECryptoPanicOutputDescriptorOverflow));
248 aOutput.SetLength(len);
250 while (dataStart<inputLen)
252 aOutput[i++]=aInput[dataStart++];
256 TInt CPaddingPKCS1Signature::MinPaddingLength(void) const
258 return 11; //0x00, 0x01, <MIN of 8 0xFF octets> , 0x00
261 /* CPaddingPKCS1Encryption */
262 EXPORT_C CPaddingPKCS1Encryption* CPaddingPKCS1Encryption::NewL(
265 return new(ELeave)CPaddingPKCS1Encryption(aBlockBytes);
268 EXPORT_C CPaddingPKCS1Encryption* CPaddingPKCS1Encryption::NewLC(
271 CPaddingPKCS1Encryption* self = CPaddingPKCS1Encryption::NewL(aBlockBytes);
272 CleanupStack::PushL(self);
276 EXPORT_C CPaddingPKCS1Encryption::CPaddingPKCS1Encryption(TInt aBlockBytes)
277 : CPadding(aBlockBytes)
281 void CPaddingPKCS1Encryption::DoPadL(const TDesC8& aInput,TDes8& aOutput)
283 aOutput.SetLength(BlockSize());
286 TInt startOfData=BlockSize()-aInput.Length();
287 aOutput[1]=2; // Block type 2 (public key operation)
289 GenerateRandomBytesL(rnd);
293 for (; i<(startOfData-1);)
301 GenerateRandomBytesL(rnd);
307 aOutput[startOfData-1]=0; // separator
308 for (i=startOfData;i<BlockSize();i++,j++)
310 aOutput[i]=aInput[j];
314 void CPaddingPKCS1Encryption::UnPadL(const TDesC8& aInput,TDes8& aOutput)
316 TInt inputLen = aInput.Length();
318 User::Leave(KErrInvalidPadding); // Invalid padding data
320 // Leading zero may have been stripped off by integer class
322 if (aInput[dataStart] == 0)
327 // expecting mode 2 padding, otherwise broken
328 if (dataStart == inputLen || aInput[dataStart] != 2)
330 User::Leave(KErrInvalidPadding);
334 // skip random non zero bytes
335 while (dataStart < inputLen && aInput[dataStart])
340 // expecting zero separator
341 if (dataStart == inputLen || aInput[dataStart] != 0)
343 User::Leave(KErrInvalidPadding);
347 TInt len = inputLen - dataStart;
348 __ASSERT_DEBUG(aOutput.MaxLength() >= len, User::Panic(KCryptoPanic, ECryptoPanicOutputDescriptorOverflow));
350 aOutput.SetLength(len);
352 while (dataStart<inputLen)
354 aOutput[i++]=aInput[dataStart++];
358 TInt CPaddingPKCS1Encryption::MinPaddingLength(void) const
360 return 11; //0x00, 0x02, <min of 8 random octets>, 0x00