2 * Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
4 * This component and the accompanying materials are made available
5 * under the terms of the License "Eclipse Public License v1.0"
6 * which accompanies this distribution, and is available
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
9 * Initial Contributors:
10 * Nokia Corporation - initial contribution.
21 #include <test/testexecutelog.h>
23 #include "pkcs7signedobject.h"
25 #include <cmssignedobject.h>
28 #include <asymmetric.h>
29 #include <cmssigneridentifier.h>
30 #include <x509certext.h>
31 #include <pkixcertchain.h>
32 #include <cmscontentinfo.h>
36 CTCmsBaseStep::CTCmsBaseStep()
40 CTCmsBaseStep::~CTCmsBaseStep()
44 delete iExpectedEncoding;
48 TVerdict CTCmsBaseStep::doTestStepPreambleL()
51 User::LeaveIfError (iFs.Connect());
53 //Read the data to be signed
54 iDataContent = readFileL(_L("Data"));
56 if (iDataContent == NULL)
58 iDataContent=KNullDesC8().AllocL();
61 //Read the expected data type
62 TPtrC contentDataType;
63 if (GetStringFromConfig(ConfigSection(), _L("ExpectedDataType"), contentDataType))
65 iExpectedDataType=CovertContentDataTypeNameToDataType(contentDataType);
68 //Read the expected result
69 iExpectedEncoding = readFileL(_L("Result"));
70 if (!iExpectedEncoding)
72 INFO_PRINTF1(_L("Failed to read 'Result' section of script"));
73 SetTestStepResult(ETestSuiteError);
76 GetIntFromConfig(ConfigSection(), _L("ExpectedResult"), iExpectedResult);
77 GetBoolFromConfig(ConfigSection(), _L("IsOOMTest"), iIsOOMTest);
78 return TestStepResult();
81 TInt CTCmsBaseStep::CovertContentDataTypeNameToDataType(const TDesC& aDataTypeName)
83 if (aDataTypeName.Compare(_L("DATA"))==0)
85 return EContentTypeData;
87 else if (aDataTypeName.Compare(_L("SIGNEDDATA"))==0)
89 return EContentTypeSignedData;
91 else if (aDataTypeName.Compare(_L("ENVELOPEDDATA"))==0)
93 return EContentTypeEnvelopedData;
95 else if (aDataTypeName.Compare(_L("DIGESTEDDATA"))==0)
97 return EContentTypeDigestedData;
99 else if (aDataTypeName.Compare(_L("ENCRYPTEDDATA"))==0)
101 return EContentTypeEncryptedData;
103 else if (aDataTypeName.Compare(_L("SIGNEDANDENVELOPEDDATA"))==0)
105 return CPKCS7ContentInfo::EContentTypeSignedAndEnvelopedData;
107 else if (aDataTypeName.Compare(_L("AUTHDATA"))==0)
109 return EContentTypeAuthenticatedData;
113 User::Leave(KErrArgument);
114 return EContentTypeData;
118 HBufC8* CTCmsBaseStep::readFileL (TPtrC tag)
121 if (GetStringFromConfig(ConfigSection(), tag, fileName) == EFalse)
127 if (file.Open(iFs, fileName, EFileRead) != KErrNone)
129 INFO_PRINTF2(_L("Cannot open file %S for reading"), &fileName);
132 CleanupClosePushL(file);
134 User::LeaveIfError(file.Size(fileSize));
135 HBufC8* result = HBufC8::NewMaxL(fileSize);
136 TPtr8 rawDataPtr(result->Des());
137 file.Read (rawDataPtr);
138 CleanupStack::PopAndDestroy (&file);
139 INFO_PRINTF3(_L("Read %d octets from %S"), result->Size(), &fileName);
143 void CTCmsBaseStep::OutputResultToFileL(const TDesC8& aSignature)
145 TDriveUnit sysDrive (RFs::GetSystemDrive());
146 TBuf<128> rName (sysDrive.Name());;
147 rName.Append(_L("\\tpkcs7\\myresults\\"));
149 TInt err=iFs.MkDir(rName);
150 if (err!=KErrNone && err!=KErrAlreadyExists)
156 CleanupClosePushL(file);
158 _LIT(KExtension, ".der");
159 rName.Append(ConfigSection());
160 rName.Append(KExtension);
162 User::LeaveIfError(file.Replace(iFs, rName, EFileWrite | EFileStream));
163 User::LeaveIfError(file.Write(aSignature));
164 CleanupStack::PopAndDestroy(&file);
168 HBufC8* CTCmsBaseStep::CreateDEREncodingLC(const CASN1EncBase& aEncoding)
170 TUint len = aEncoding.LengthDER();
171 HBufC8* buf = HBufC8::NewMaxLC(len);
173 TPtr8 bufptr(buf->Des());
174 aEncoding.WriteDERL(bufptr, pos);
178 TVerdict CTCmsBaseStep::doTestStepL()
182 TRAPD(err, doTestL();)
183 if (err!=iExpectedResult)
185 SetTestStepResult(EFail);
188 return TestStepResult();
196 TVerdict CTCmsBaseStep::doOOMTestL()
198 TVerdict verdict = EFail;
200 TInt countBefore = 0;
201 for (TInt oomCount = 0; ; oomCount++)
204 __UHEAP_SETFAIL(RHeap::EDeterministic, oomCount);
205 countBefore = User::CountAllocCells();
206 TRAPD(error, doTestL());
207 countAfter = User::CountAllocCells();
209 if (error != KErrNoMemory)
212 INFO_PRINTF2(_L("OOM Status %d"),error);
213 INFO_PRINTF1(_L("Test outcome : Passed"));
218 if (countBefore != countAfter)
220 INFO_PRINTF2(_L("OOM Status %d"),error);
221 INFO_PRINTF2(_L("OOM Failed at %d"), oomCount);
222 SetTestStepResult(EFail);
226 INFO_PRINTF2(_L("OOM Failed Point status %d"), error);
228 INFO_PRINTF3(_L("Heap alloc count ok: %d final vs %d initial"), countAfter,countBefore);
229 SetTestStepResult(verdict);
232 User::Leave(KErrGeneral);
239 // Implementation of CMS Data Test Step
241 CTCmsDataStep::CTCmsDataStep()
245 CTCmsDataStep::~CTCmsDataStep()
250 void CTCmsDataStep::doTestL()
253 CCmsContentInfo* content=CCmsContentInfo::NewL(EContentTypeData, *iDataContent);
254 CleanupStack::PushL(content);
255 CASN1EncSequence* contentSeq=content->EncodeASN1DERLC();
256 HBufC8* signature=CreateDEREncodingLC(*contentSeq);
257 CleanupStack::Pop(signature);
258 CleanupStack::PopAndDestroy(2, content);
259 CleanupStack::PushL(signature);
260 //OutputResultToFileL(signature->Des());
262 TBool r=signature->Compare(*iExpectedEncoding);
263 if (r!=0 && !iIsOOMTest)
265 INFO_PRINTF1(_L("CMS Data Type Encoding Error"));
266 User::Leave(KErrGeneral);
270 DecodingAndCheckL(*iExpectedEncoding);
273 CleanupStack::PopAndDestroy(signature);
275 void CTCmsDataStep::DecodingAndCheckL(TDesC8& aRawData)
277 INFO_PRINTF1(_L("Start CMS Data Type Decoding"));
278 CCmsContentInfo* content=CCmsContentInfo::NewL(aRawData);
279 CleanupStack::PushL(content);
280 if (content->ContentType()!=EContentTypeData)
282 INFO_PRINTF1(_L("CMS Data Type is not as expected"));
283 User::Leave(KErrGeneral);
287 if (content->ContentData()!=iDataContent->Des())
289 INFO_PRINTF1(_L("CMS Data Content is not as expected"));
290 User::Leave(KErrGeneral);
293 CleanupStack::PopAndDestroy(content);
296 // Implementation of CMS Data Test Step
298 CTCmsDataDecodingStep::CTCmsDataDecodingStep()
302 CTCmsDataDecodingStep::~CTCmsDataDecodingStep()
306 void CTCmsDataDecodingStep::doTestL()
308 DecodingAndCheckL(*iExpectedEncoding);
313 // Implementation of Signed Data Test Base Step
315 CTSignedDataBaseStep::CTSignedDataBaseStep() : iContentType(EContentTypeData), iRsaAlgorithm(ETrue)
319 CTSignedDataBaseStep::~CTSignedDataBaseStep()
321 iDecPKCS8Data.ResetAndDestroy();
322 iCertificates.ResetAndDestroy();
323 iSignerInfoVersion.Close();
325 iValidateResults.Close();
326 iSignedAttributePresent.Close();
327 iUnSignedAttributePresent.Close();
328 delete iRootCertificate;
329 delete iAdditionalCertificate;
330 delete iAdditionalEncodedCertificate;
334 TInt CTSignedDataBaseStep::CovertHashNameToAlgorithmId(const TDesC& aHashName)
336 if (aHashName.Compare(_L("SHA1"))==0)
340 else if (aHashName.Compare(_L("MD5"))==0)
350 TInt CTSignedDataBaseStep::CovertCertificateNameToCertificateType(const TDesC& aCertificateName)
352 if (aCertificateName.Compare(_L("X509"))==0)
354 return CCmsCertificateChoice::ECertificateX509;
356 else if (aCertificateName.Compare(_L("Attribute"))==0)
358 return CCmsCertificateChoice::ECertificateAttribute;
362 return CCmsCertificateChoice::ECertificateExtendedCerificate;
367 TVerdict CTSignedDataBaseStep::doTestStepPreambleL()
369 if (CTCmsBaseStep::doTestStepPreambleL()==EFail)
371 SetTestStepResult(EFail);
375 //Read the configurations
376 GetBoolFromConfig(ConfigSection(), _L("HashAvailable"), iIsHashAvailable);
377 GetBoolFromConfig(ConfigSection(), _L("DataDetached"), iIsDetached);
378 GetBoolFromConfig(ConfigSection(), _L("CertificateSetPresent"), iCertificateSetPresent);
379 GetBoolFromConfig(ConfigSection(), _L("CRLsSetPresent"), iCRLsSetPresent);
380 GetIntFromConfig(ConfigSection(), _L("SignedDataVersion"), iSignedDataVersion);
381 GetIntFromConfig(ConfigSection(), _L("AlgorithmCount"), iAlgorithmCount);
382 GetIntFromConfig(ConfigSection(), _L("CertsCount"), iCertsCount);
383 GetIntFromConfig(ConfigSection(), _L("SignerCount"), iSignerCount);
384 GetBoolFromConfig(ConfigSection(), _L("NoCertSet"), iNoCertSet);
385 GetBoolFromConfig(ConfigSection(), _L("ValidateUsingUserCerts"), iValidateUsingUserCerts);
386 GetBoolFromConfig(ConfigSection(), _L("NoSigning"), iNoSigning);
387 GetBoolFromConfig(ConfigSection(), _L("NoValidationTest"), iNoValidationTest);
388 GetBoolFromConfig(ConfigSection(), _L("TwoStepCreation"), iTwoStepCreation);
389 GetBoolFromConfig(ConfigSection(), _L("ValidationDetachedWithoutInput"), iValidationDetachedWithoutInput);
392 HBufC8* certificate = readFileL(_L("RootCertificate"));
395 CleanupStack::PushL(certificate);
396 iRootCertificate = CX509Certificate::NewL(*certificate);
397 CleanupStack::PopAndDestroy (certificate);
400 certificate = readFileL(_L("AddtionalCertificate"));
403 CleanupStack::PushL(certificate);
404 iAdditionalCertificate = CX509Certificate::NewL(*certificate);
405 CleanupStack::PopAndDestroy (certificate);
408 if (GetStringFromConfig(ConfigSection(), _L("AdditionalEncodedCertificateType"), certTypeName))
410 iAdditionalEncodedCertificateType=CovertCertificateNameToCertificateType(certTypeName);
411 iAdditionalEncodedCertificate=readFileL (_L("AdditionalEncodedCertificate"));
414 //Read the certificates, private keys and hash algorithm
418 fKeyName.Format(_L("PrivateKey_%d"), index);
421 fCertName.Format(_L("Certificate_%d"), index);
423 TName fHashAlgorithmName;
424 fHashAlgorithmName.Format(_L("HashAlgorithm_%d"), index);
426 TName fValidationResult;
427 fValidationResult.Format(_L("ValidationResult_%d"), index);
429 TName fSignedAttributePresent;
430 fSignedAttributePresent.Format(_L("SignedAttributePresent_%d"), index);
432 TName fUnSignedAttributePresent;
433 fUnSignedAttributePresent.Format(_L("UnSignedAttributePresent_%d"), index);
435 TName fSignerInfoVersion;
436 fSignerInfoVersion.Format(_L("SignerInfoVersion_%d"), index);
439 TBool vResult(EFalse);
442 TInt signerInfoVersion;
446 while ( GetStringFromConfig(ConfigSection(), fKeyName, keyName)
447 && GetStringFromConfig(ConfigSection(), fCertName, certName)
448 && GetStringFromConfig(ConfigSection(), fHashAlgorithmName, hashName)
449 && GetBoolFromConfig(ConfigSection(), fValidationResult, vResult)
450 && GetBoolFromConfig(ConfigSection(), fSignedAttributePresent, sAP)
451 && GetBoolFromConfig(ConfigSection(), fUnSignedAttributePresent, uSAP)
452 && GetIntFromConfig(ConfigSection(), fSignerInfoVersion, signerInfoVersion) )
454 //Construct private keys
455 HBufC8* privateKey(NULL);
456 if ((privateKey=readFileL(fKeyName))!=NULL)
458 CleanupStack::PushL (privateKey);
459 CDecPKCS8Data* pkcs8Data=TASN1DecPKCS8::DecodeDERL(privateKey->Des());
460 CleanupStack::PushL (pkcs8Data);
461 iDecPKCS8Data.AppendL(pkcs8Data);
462 CleanupStack::Pop(pkcs8Data);
463 CleanupStack::PopAndDestroy(privateKey);
466 //Construct X509 certificate
468 if ((cert=readFileL(fCertName))!=NULL)
470 CleanupStack::PushL (cert);
471 CX509Certificate* x509cert=CX509Certificate::NewLC(cert->Des());
472 iCertificates.AppendL(x509cert);
473 CleanupStack::Pop(x509cert);
474 CleanupStack::PopAndDestroy(cert);
477 TInt hashId=CovertHashNameToAlgorithmId(hashName);
478 iHashName.AppendL(hashId);
480 iValidateResults.AppendL(vResult);
481 iSignedAttributePresent.AppendL(sAP);
482 iUnSignedAttributePresent.AppendL(uSAP);
483 iSignerInfoVersion.AppendL(signerInfoVersion);
487 fKeyName.Format(_L("PrivateKey_%d"), index);
488 fCertName.Format(_L("Certificate_%d"), index);
489 fHashAlgorithmName.Format(_L("HashAlgorithm_%d"), index);
490 fValidationResult.Format(_L("ValidationResult_%d"), index);
491 fSignedAttributePresent.Format(_L("SignedAttributePresent_%d"), index);
492 fUnSignedAttributePresent.Format(_L("UnSignedAttributePresent_%d"), index);
493 fSignerInfoVersion.Format(_L("SignerInfoVersion_%d"), index);
496 return TestStepResult();
499 CMessageDigest* CTSignedDataBaseStep::CreateHashLC(TAlgorithmId aAlgorithmId)
501 CMessageDigest* hash(NULL);
502 switch (aAlgorithmId)
517 User::Leave(KErrNotSupported);
519 CleanupStack::PushL(hash);
525 // Implementation of CMS Signed Data Test Step
527 CTCmsSignedDataStep::CTCmsSignedDataStep()
531 CTCmsSignedDataStep::~CTCmsSignedDataStep()
536 void CTCmsSignedDataStep::CheckAndValidateSignedDataL(TDesC8& aRawData)
538 //Decode the content info encoding read from predefined file
539 CCmsContentInfo* content=CCmsContentInfo::NewL(aRawData);
540 CleanupStack::PushL(content);
541 if (content->ContentType()!=EContentTypeSignedData)
543 INFO_PRINTF1(_L("Content Type is not Signed Data"));
544 User::Leave(KErrGeneral);
548 //Decode the signed data and check the fields
549 CCmsSignedObject* signedData=CCmsSignedObject::NewL(*content);
550 CleanupStack::PushL(signedData);
551 CheckSignedDataFieldsL(*signedData);
553 //Validate the signatures
554 const RPointerArray<CCmsSignerInfo>& signerInfos=signedData->SignerInfo();
555 CheckSignerInfoFieldsL(signerInfos);
557 if (!iNoValidationTest)
559 TInt count=signerInfos.Count();
560 for (TInt i=0;i<count;i++)
562 HBufC8* certificateEncoding = NULL;
564 CMessageDigest* hash(NULL);
565 if (iIsHashAvailable)
567 hash=CreateHashLC((TAlgorithmId)iHashName[i]);
570 TBool isValid(EFalse);
571 if (iValidateUsingUserCerts)
573 INFO_PRINTF1(_L("Test validation by using given certificates"));
574 if (iIsHashAvailable)
576 isValid = signedData->ValidateSignerLC(*signerInfos[i], iCertificates, certificateEncoding, ETrue, hash->Hash(iDataContent->Des()));
582 if (!iValidationDetachedWithoutInput)
584 isValid = signedData->ValidateSignerLC(*signerInfos[i], iCertificates, certificateEncoding, EFalse, iDataContent->Des());
588 isValid = signedData->ValidateSignerLC(*signerInfos[i], iCertificates, certificateEncoding);
593 isValid = signedData->ValidateSignerLC(*signerInfos[i], iCertificates, certificateEncoding);
599 INFO_PRINTF1(_L("Test validation by using the embedded certificates"));
601 if (iIsHashAvailable)
603 isValid = signedData->ValidateSignerLC(*signerInfos[i], certificateEncoding, ETrue, hash->Hash(iDataContent->Des()));
609 if (!iValidationDetachedWithoutInput)
611 isValid = signedData->ValidateSignerLC(*signerInfos[i], certificateEncoding, EFalse, iDataContent->Des());
615 isValid = signedData->ValidateSignerLC(*signerInfos[i], certificateEncoding);
620 isValid = signedData->ValidateSignerLC(*signerInfos[i], certificateEncoding);
627 INFO_PRINTF1(_L("Couldn't validate signer"));
631 CActiveScheduler* sched = NULL;
632 if (CActiveScheduler::Current() == NULL)
634 INFO_PRINTF1(_L("Installing scheduler"));
635 sched = new (ELeave) CActiveScheduler();
636 CleanupStack::PushL (sched);
637 CActiveScheduler::Install (sched);
639 RPointerArray<CX509Certificate> roots (&iRootCertificate, 1);
640 CPKIXCertChain * chain = CPKIXCertChain::NewLC(iFs, *certificateEncoding, roots);
643 _LIT(KDateCorrect1,"20061128:");
644 TBuf <24> theDate(KDateCorrect1);
645 TInt err=tm.Set(theDate);
651 CPKIXValidationResult* result = CPKIXValidationResult::NewLC();
652 CTPKCS7Validator* validator = new (ELeave) CTPKCS7Validator (chain, result, &tm);
653 validator->doValidate ();
655 if (result->Error().iReason == EValidatedOK)
658 INFO_PRINTF1(_L("Validation success"));
663 INFO_PRINTF2(_L("Validation failed: %d"), result->Error().iReason);
666 CleanupStack::PopAndDestroy(result);
667 CleanupStack::PopAndDestroy(chain);
670 CActiveScheduler::Install (NULL);
671 CleanupStack::PopAndDestroy (sched);
675 CleanupStack::PopAndDestroy(certificateEncoding);
678 CleanupStack::PopAndDestroy(hash);
681 if (isValid!=iValidateResults[i])
683 INFO_PRINTF1(_L("validate result not as expected"));
684 User::Leave(KErrGeneral);
688 CleanupStack::PopAndDestroy(signedData);
690 CleanupStack::PopAndDestroy(content);
693 void CTCmsSignedDataStep::CheckEncapsulatedContentFieldsL(const CEncapsulatedContentInfo& aEncapContentInfo)
695 if (aEncapContentInfo.ContentType()!=EContentTypeData)
697 INFO_PRINTF1(_L("Encapsulated data Content is not data content type"));
698 User::Leave(KErrGeneral);
702 if (aEncapContentInfo.IsContentDataPresent() == iIsDetached)
704 INFO_PRINTF1(_L("Encapsulated data Content attachment not as expected"));
705 User::Leave(KErrGeneral);
709 if (aEncapContentInfo.IsContentDataPresent() && aEncapContentInfo.ContentData()!=*iDataContent)
711 INFO_PRINTF1(_L("Encapsulated data Content not as expected"));
712 User::Leave(KErrGeneral);
718 void CTCmsSignedDataStep::CheckAlgorithmSetFieldsL(const RPointerArray<CX509AlgorithmIdentifier>& aAlgorithms)
720 if (iAlgorithmCount!=aAlgorithms.Count())
722 INFO_PRINTF1(_L("Number of Algorithm ID is not as expected"));
723 User::Leave(KErrGeneral);
727 void CTCmsSignedDataStep::CheckCertificateSetFieldsL(const CCmsSignedObject& aSignedData)
729 if (aSignedData.IsCertificateSetPresent())
731 const RPointerArray<CCmsCertificateChoice>& certSet=aSignedData.Certificates();
732 if (iCertsCount!=certSet.Count())
734 INFO_PRINTF1(_L("Number of Certificates is not as expected"));
735 User::Leave(KErrGeneral);
739 //Signer Certificate is in the Signed data
742 TInt count = iCertificates.Count();
743 for (TInt i=0;i<count;i++)
745 if (certSet[i]->CertificateType()==CCmsCertificateChoice::ECertificateX509 && !iCertificates[i]->IsEqualL(certSet[i]->Certificate()))
747 INFO_PRINTF2(_L("X509 Certificates %d is not as expected"), i);
748 User::Leave(KErrGeneral);
753 if (iAdditionalCertificate || iAdditionalEncodedCertificate)
755 if (certSet[iCertsCount-1]->CertificateType()==CCmsCertificateChoice::ECertificateAttribute &&
756 certSet[iCertsCount-1]->AttributeCertificate()->Compare(*iAdditionalEncodedCertificate)!=0)
758 INFO_PRINTF1(_L("Additional Attribute Certificates is not as expected"));
759 User::Leave(KErrGeneral);
761 else if (certSet[iCertsCount-1]->CertificateType()==CCmsCertificateChoice::ECertificateX509)
763 if (iAdditionalCertificate && !certSet[iCertsCount-1]->Certificate().IsEqualL(*iAdditionalCertificate))
765 INFO_PRINTF1(_L("Additional X509 Certificates is not as expected"));
766 User::Leave(KErrGeneral);
770 if (iAdditionalEncodedCertificate)
772 CX509Certificate* addX509Cert=CX509Certificate::NewLC(*iAdditionalEncodedCertificate);
773 if (!certSet[iCertsCount-1]->Certificate().IsEqualL(*addX509Cert))
775 INFO_PRINTF1(_L("Additional X509 Certificates is not as expected"));
776 User::Leave(KErrGeneral);
778 CleanupStack::PopAndDestroy(addX509Cert);
787 void CTCmsSignedDataStep::CheckSignerInfoFieldsL(const RPointerArray<CCmsSignerInfo>& signerInfos)
789 TInt count=signerInfos.Count();
790 if (iDecPKCS8Data.Count()!=count && iSignerCount!=count)
792 INFO_PRINTF1(_L("Number of Signer Info is not as expected"));
793 User::Leave(KErrGeneral);
795 for (TInt i=0;i<count;i++)
797 if (signerInfos[i]->IsSignedAttributesPresent()!=iSignedAttributePresent[i]
798 || signerInfos[i]->IsUnsignedAttributesPresent()!=iUnSignedAttributePresent[i]
799 || signerInfos[i]->Version()!=iSignerInfoVersion[i])
801 INFO_PRINTF1(_L("Signed or Unsigned Attribute presence or Signer Version is not as expected"));
802 User::Leave(KErrGeneral);
805 const CX509AlgorithmIdentifier& digestId=signerInfos[i]->DigestAlgorithm();
806 if (digestId.Algorithm()!=(TAlgorithmId)iHashName[i])
808 INFO_PRINTF1(_L("Digest Algorithm ID is not as expected"));
809 User::Leave(KErrGeneral);
812 const CX509AlgorithmIdentifier& sigId=signerInfos[i]->SignatureAlgorithm();
813 if (iDecPKCS8Data[i]->Algorithm()!=sigId.Algorithm())
815 INFO_PRINTF1(_L("Signature Algorithm ID is not as expected"));
816 User::Leave(KErrGeneral);
819 const CCmsSignerIdentifier& signerId=signerInfos[i]->SignerIdentifier();
820 if (signerId.SignerIdentifierType()==CCmsSignerIdentifier::EIssuerAndSerialNumber)
822 if (!iCertificates[i]->IssuerName().ExactMatchL(signerId.IssuerAndSerialNumber()->IssuerName()))
824 INFO_PRINTF1(_L("Issuer name is not as expected"));
825 User::Leave(KErrGeneral);
829 RInteger sn1=RInteger::NewL(iCertificates[i]->SerialNumber());
830 CleanupClosePushL(sn1);
831 RInteger sn2=RInteger::NewL(signerId.IssuerAndSerialNumber()->SerialNumber());
832 CleanupClosePushL(sn2);
835 INFO_PRINTF1(_L("Serial number is not as expected"));
836 User::Leave(KErrGeneral);
838 CleanupStack::PopAndDestroy(2, &sn1);//sn2, sn1
842 else if (signerId.SignerIdentifierType()==CCmsSignerIdentifier::ESubjectKeyIdentifier)
844 const CX509CertExtension* certExt = iCertificates[i]->Extension(KSubjectKeyId);
847 CX509SubjectKeyIdExt* ext=CX509SubjectKeyIdExt::NewLC(certExt->Data());
848 if (signerId.SubjectKeyIdentifier().Compare(ext->KeyId())!=0)
850 INFO_PRINTF1(_L("Subject Key Id is not as expected"));
851 User::Leave(KErrGeneral);
853 CleanupStack::PopAndDestroy(ext);
859 void CTCmsSignedDataStep::CheckSignedDataFieldsL(const CCmsSignedObject& aSignedData)
861 if (aSignedData.IsCertificateSetPresent()!=iCertificateSetPresent ||
862 aSignedData.IsCertificateRevocationListsPresent()!=iCRLsSetPresent ||
863 aSignedData.Version()!=iSignedDataVersion)
865 INFO_PRINTF1(_L("cert present or CRL present or version not as expected"));
866 User::Leave(KErrGeneral);
870 const CEncapsulatedContentInfo& encapContentInfo=aSignedData.ContentInfo();
871 CheckEncapsulatedContentFieldsL(encapContentInfo);
872 const RPointerArray<CX509AlgorithmIdentifier>& algorithms=aSignedData.DigestAlgorithms();
873 CheckAlgorithmSetFieldsL(algorithms);
874 CheckCertificateSetFieldsL(aSignedData);
878 void CTCmsSignedDataStep::doTestL()
882 CCmsSignedObject* signedData(NULL);
883 TInt count=iDecPKCS8Data.Count();
885 //Create Signed Object
886 for (TInt i=0;i<count;i++)
889 CDecPKCS8Data* decPKCS8Data=iDecPKCS8Data[i];
890 MPKCS8DecodedKeyPairData* keyPair = decPKCS8Data->KeyPairData();
892 CMessageDigest* hash(NULL);
894 if (iIsHashAvailable)
896 hash=CreateHashLC((TAlgorithmId)iHashName[i]);
897 hashValue.Set(hash->Hash(iDataContent->Des()));
900 //If it is the first time, a signed object needs to be created
903 if (iIsHashAvailable)
905 if (decPKCS8Data->Algorithm()==ERSA)
907 const CRSAPrivateKey& RSAPrivateKey=static_cast<CPKCS8KeyPairRSA*>(keyPair)->PrivateKey();
908 if (!iTwoStepCreation)
910 signedData=CCmsSignedObject::NewL((TCmsContentInfoType)iContentType,
912 (TAlgorithmId)iHashName[i],
916 CleanupStack::PushL(signedData);
920 signedData=CCmsSignedObject::NewL((TCmsContentInfoType)iContentType, iIsDetached, iDataContent->Des());
921 CleanupStack::PushL(signedData);
922 signedData->SignL(hashValue, (TAlgorithmId)iHashName[i], RSAPrivateKey, *iCertificates[i], !iNoCertSet);
927 const CDSAPrivateKey& DSAPrivateKey=static_cast<CPKCS8KeyPairDSA*>(keyPair)->PrivateKey();
928 if (!iTwoStepCreation)
930 signedData=CCmsSignedObject::NewL((TCmsContentInfoType)iContentType,
932 (TAlgorithmId)iHashName[i],
936 CleanupStack::PushL(signedData);
940 signedData=CCmsSignedObject::NewL((TCmsContentInfoType)iContentType, iIsDetached, iDataContent->Des());
941 CleanupStack::PushL(signedData);
942 signedData->SignL(hashValue, (TAlgorithmId)iHashName[i], DSAPrivateKey, *iCertificates[i], !iNoCertSet);
944 iRsaAlgorithm=EFalse;
946 CleanupStack::Pop(signedData);
947 CleanupStack::PopAndDestroy(hash);
948 CleanupStack::PushL(signedData);
952 signedData=CCmsSignedObject::NewL((TCmsContentInfoType)iContentType, iIsDetached, iDataContent->Des());
953 CleanupStack::PushL(signedData);
956 if (decPKCS8Data->Algorithm()==ERSA)
958 const CRSAPrivateKey& RSAPrivateKey=static_cast<CPKCS8KeyPairRSA*>(keyPair)->PrivateKey();
959 signedData->SignL(KNullDesC8, (TAlgorithmId)iHashName[i], RSAPrivateKey, *iCertificates[i], !iNoCertSet);
963 const CDSAPrivateKey& DSAPrivateKey=static_cast<CPKCS8KeyPairDSA*>(keyPair)->PrivateKey();
964 signedData->SignL(KNullDesC8, (TAlgorithmId)iHashName[i], DSAPrivateKey, *iCertificates[i], !iNoCertSet);
965 iRsaAlgorithm=EFalse;
972 //multiple signatures
973 if (iIsHashAvailable)
975 if (decPKCS8Data->Algorithm()==ERSA)
977 const CRSAPrivateKey& RSAPrivateKey=static_cast<CPKCS8KeyPairRSA*>(keyPair)->PrivateKey();
978 signedData->SignL(hashValue, (TAlgorithmId)iHashName[i], RSAPrivateKey, *iCertificates[i], !iNoCertSet);
982 const CDSAPrivateKey& DSAPrivateKey=static_cast<CPKCS8KeyPairDSA*>(keyPair)->PrivateKey();
983 signedData->SignL(hashValue, (TAlgorithmId)iHashName[i], DSAPrivateKey, *iCertificates[i], !iNoCertSet);
984 iRsaAlgorithm=EFalse;
986 CleanupStack::PopAndDestroy(hash);
990 if (decPKCS8Data->Algorithm()==ERSA)
992 const CRSAPrivateKey& RSAPrivateKey=static_cast<CPKCS8KeyPairRSA*>(keyPair)->PrivateKey();
993 signedData->SignL(KNullDesC8, (TAlgorithmId)iHashName[i], RSAPrivateKey, *iCertificates[i], !iNoCertSet);
997 const CDSAPrivateKey& DSAPrivateKey=static_cast<CPKCS8KeyPairDSA*>(keyPair)->PrivateKey();
998 signedData->SignL(KNullDesC8, (TAlgorithmId)iHashName[i], DSAPrivateKey, *iCertificates[i], !iNoCertSet);
999 iRsaAlgorithm=EFalse;
1005 if (iAdditionalCertificate)
1007 signedData->AddCertificateL(*iAdditionalCertificate);
1010 if (iAdditionalEncodedCertificate)
1012 signedData->AddCertificateL(*iAdditionalEncodedCertificate, (CCmsCertificateChoice::TCertificateType)iAdditionalEncodedCertificateType);
1015 //Encoding the Signed object
1016 CASN1EncSequence* signedObjectSeq=signedData->EncodeASN1DERLC();
1017 HBufC8* buf=CreateDEREncodingLC(*signedObjectSeq);
1019 //Encoding the wrapper Content Info
1020 CCmsContentInfo* content=CCmsContentInfo::NewL(EContentTypeSignedData, *buf);
1021 CleanupStack::PushL(content);
1022 CASN1EncSequence* contentSeq=content->EncodeASN1DERLC();
1023 HBufC8* signature=CreateDEREncodingLC(*contentSeq);
1024 CleanupStack::Pop(signature);
1025 CleanupStack::PopAndDestroy(5, signedData); //contentSeq,content,buf,signedObjectSeq,signedData
1026 CleanupStack::PushL(signature);
1029 //write the result to a file, for initial debuging
1030 //OutputResultToFileL(signature->Des());
1032 //Compare the result with the expected result, if the signature algorithms are RSA
1037 //Check if the signature is the same as expected
1038 TBool r=signature->Compare(*iExpectedEncoding);
1039 if (r!=0 && !iIsOOMTest)
1041 INFO_PRINTF1(_L("RSA Signature Encoding Error"));
1042 User::Leave(KErrGeneral);
1046 CheckAndValidateSignedDataL(*iExpectedEncoding);
1051 CheckAndValidateSignedDataL(*iExpectedEncoding);
1052 CheckAndValidateSignedDataL(*signature);
1055 CleanupStack::PopAndDestroy(signature);
1060 // Implementation of CMS Signed Data Decoding Test Step
1063 CTCmsSignedDataDecodingStep::CTCmsSignedDataDecodingStep()
1067 CTCmsSignedDataDecodingStep::~CTCmsSignedDataDecodingStep()
1071 void CTCmsSignedDataDecodingStep::doTestL()
1074 CheckAndValidateSignedDataL(*iExpectedEncoding);
1079 // Implementation of CMS Content Info Test step
1081 CTCmsContentInfoDecodingStep::CTCmsContentInfoDecodingStep()
1085 CTCmsContentInfoDecodingStep::~CTCmsContentInfoDecodingStep()
1089 void CTCmsContentInfoDecodingStep::doTestL()
1091 INFO_PRINTF1(_L("Start CMS Data Type Decoding"));
1092 CCmsContentInfo* content=CCmsContentInfo::NewL(*iExpectedEncoding);
1093 CleanupStack::PushL(content);
1094 if (content->ContentType()!=iExpectedDataType)
1096 INFO_PRINTF1(_L("CMS Data Type is not as expected"));
1097 User::Leave(KErrGeneral);
1099 CleanupStack::PopAndDestroy(content);