MercurialSymaptic / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw | help
os/security/crypto/weakcryptospi/test/tplugins/src/symmetriccipherimpl.cpp
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution. 
     1 /*

     2 * Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description: 

    15 *

    16 */

    17 

    18 

    19 #include "symmetriccipherimpl.h"

    20 

    21 #include <e32def.h>

    22 #include <cryptostrength.h>

    23 #include <cryptospi/cryptospidef.h>

    24 #include <cryptospi/keys.h>

    25 #include <cryptospi/plugincharacteristics.h>

    26 #include "pluginconfig.h"

    27 #include <cryptopanic.h>

    28 #include <securityerr.h>

    29 #include "../../../source/common/inlines.h"

    30 

    31 using namespace SoftwareCrypto;

    32 

    33 //

    34 // Implementation of Symmetric Cipher class

    35 //

    36 CSymmetricCipherImpl::CSymmetricCipherImpl() 

    37 	{

    38 	}

    39 

    40 void CSymmetricCipherImpl::ConstructL(const CKey& aKey) 

    41 	{

    42 	DoSetKeyL(aKey);

    43 	}

    44 

    45 void CSymmetricCipherImpl::SecureDelete(HBufC8*& aBuffer)

    46 	{

    47 	if (aBuffer)

    48 		{

    49 		aBuffer->Des().FillZ();

    50 		}

    51 	delete aBuffer;

    52 	aBuffer = 0;	

    53 	}

    54 

    55 CSymmetricCipherImpl::~CSymmetricCipherImpl()

    56 	{			

    57 	SecureDelete(iKey);

    58 	}

    59 		

    60 void CSymmetricCipherImpl::Close()

    61 	{

    62 	delete this;

    63 	}

    64 	

    65 TAny* CSymmetricCipherImpl::GetExtension(TUid /*aExtensionId*/) 

    66 	{

    67 	return 0;

    68 	}

    69 	

    70 void CSymmetricCipherImpl::GetCharacteristicsL(const TAny*& aPluginCharacteristics)

    71 	{

    72 	TInt numCiphers = sizeof(KSymmetricCipherCharacteristics)/sizeof(TSymmetricCipherCharacteristics*);

    73 	TInt32 implUid = ImplementationUid().iUid;

    74 	for (TInt i = 0; i < numCiphers; ++i)

    75 		{

    76 		if (KSymmetricCipherCharacteristics[i]->cmn.iImplementationUID == implUid)

    77 			{

    78 			aPluginCharacteristics = KSymmetricCipherCharacteristics[i];

    79 			break;

    80 			}

    81 		}	

    82 	}

    83 

    84 TInt CSymmetricCipherImpl::GetKeyStrength() const

    85 	{

    86 	return BytesToBits(iKey->Length());

    87 	}

    88 	

    89 HBufC8* CSymmetricCipherImpl::ExtractKeyDataLC(const CKey& aKey) const

    90 	{

    91 	const TDesC8& keyContent = aKey.GetTDesC8L(KSymmetricKeyParameterUid);

    92 	return keyContent.AllocLC();

    93 	}

    94 

    95 TInt CSymmetricCipherImpl::KeySize() const

    96 	{

    97 	// return key size in BITS

    98 	return BytesToBits(iKeyBytes);

    99 	}

   100 

   101 void CSymmetricCipherImpl::DoSetKeyL(const CKey& aKey)

   102 	{

   103 	HBufC8* key = ExtractKeyDataLC(aKey);

   104 	TInt keyLength(key->Length());

   105 	

   106 	TCrypto::IsSymmetricWeakEnoughL(BytesToBits(keyLength));

   107 	if (! IsValidKeyLength(keyLength))

   108 		{

   109 		CleanupStack::PopAndDestroy(key);

   110 		User::Leave(KErrNotSupported);

   111 		}

   112 	

   113 	SecureDelete(iKey);	

   114 	CleanupStack::Pop(key);

   115 	iKey = key;

   116 	iKeyBytes = keyLength;

   117 	}	

   118 

   119 //

   120 // Implementation of Symmetric Stream Cipher

   121 //

   122 CSymmetricStreamCipherImpl::CSymmetricStreamCipherImpl()

   123 	{

   124 	}

   125 

   126 CSymmetricStreamCipherImpl::~CSymmetricStreamCipherImpl()

   127 	{

   128 	}

   129 

   130 void CSymmetricStreamCipherImpl::SetKeyL(const CKey& aKey)

   131 	{

   132 	DoSetKeyL(aKey);

   133 	TCrypto::IsSymmetricWeakEnoughL(GetKeyStrength());

   134 	Reset();

   135 	}	

   136 

   137 void CSymmetricStreamCipherImpl::ConstructL(const CKey& aKey) 

   138 	{

   139 	CSymmetricCipherImpl::ConstructL(aKey);

   140 	}

   141 

   142 TInt CSymmetricStreamCipherImpl::BlockSize() const

   143 	{

   144 	// return block size in BITS

   145 	return 8;

   146 	}

   147 

   148 void CSymmetricStreamCipherImpl::SetOperationModeL(TUid /*aOperationMode*/)

   149 	{

   150 	User::Leave(KErrNotSupported);

   151 	}

   152 	

   153 void CSymmetricStreamCipherImpl::SetCryptoModeL(TUid /*aCryptoMode*/)

   154 	{

   155 	// Call the reset method.

   156 	Reset();

   157 	}

   158 	

   159 void CSymmetricStreamCipherImpl::SetPaddingModeL(TUid /*aPaddingMode*/)

   160 	{

   161 	User::Leave(KErrNotSupported);

   162 	}

   163 	

   164 void CSymmetricStreamCipherImpl::SetIvL(const TDesC8& /*aIv*/)

   165 	{

   166 	User::Leave(KErrNotSupported);

   167 	}

   168 

   169 TInt CSymmetricStreamCipherImpl::MaxOutputLength(TInt aInputLength) const

   170 	{

   171 	return aInputLength;	

   172 	}

   173 	

   174 TInt CSymmetricStreamCipherImpl::MaxFinalOutputLength(TInt aInputLength) const

   175 	{

   176 	return aInputLength;	

   177 	}

   178 	

   179 void CSymmetricStreamCipherImpl::ProcessL(const TDesC8& aInput, TDes8& aOutput)

   180 	{

   181 	TInt outputIndex = aOutput.Size();

   182 

   183 	// aOutput may already have outputIndex bytes of data in it

   184 	// check there will still be enough space to process the result

   185 	__ASSERT_DEBUG(aOutput.MaxLength() - outputIndex >= MaxOutputLength(aInput.Length()), User::Panic(KCryptoPanic, ECryptoPanicOutputDescriptorOverflow));

   186 

   187 	aOutput.Append(aInput);

   188 

   189 	TPtr8 transformBuf((TUint8*)(aOutput.Ptr()) + outputIndex, aInput.Size(),

   190 		aInput.Size());

   191 	DoProcess(transformBuf);

   192 	}

   193 

   194 void CSymmetricStreamCipherImpl::ProcessFinalL(const TDesC8& aInput, TDes8& aOutput)

   195 	{

   196 	ProcessL(aInput, aOutput);	

   197 	}

   198 

   199 //

   200 // Implementation of Symmetric Block Cipher

   201 //

   202 CSymmetricBlockCipherImpl::CSymmetricBlockCipherImpl(

   203 	TUint8 aBlockBytes,

   204 	TUid aCryptoMode,

   205 	TUid aOperationMode,

   206 	TUid aPaddingMode) :

   207 	iBlockBytes(aBlockBytes),

   208 	iCryptoMode(aCryptoMode),

   209 	iOperationMode(aOperationMode),

   210 	iPaddingMode(aPaddingMode)

   211 	{

   212 	}

   213 

   214 CSymmetricBlockCipherImpl::~CSymmetricBlockCipherImpl()

   215 	{			

   216 	delete iPadding;

   217 	delete iCbcRegister;

   218 	delete iCurrentCipherText;

   219 	iIv.Close();

   220 	iInputStore.Close();

   221 	iPaddingBlock.Close();	

   222 	}

   223 

   224 

   225 void CSymmetricBlockCipherImpl::ConstructL(const CKey& aKey) 

   226 	{

   227 	CSymmetricCipherImpl::ConstructL(aKey);

   228 	DoSetOperationModeL(iOperationMode);

   229 	DoSetCryptoModeL(iCryptoMode);	

   230 	DoSetPaddingModeL(iPaddingMode);

   231 	

   232 	iInputStore.ReAllocL(iBlockBytes);

   233 	iPaddingBlock.ReAllocL(iBlockBytes);

   234 

   235 	iCbcRegister = new(ELeave) TUint32[iBlockBytes/4];	

   236 	iCbcRegisterPtr = reinterpret_cast<TUint8*>(iCbcRegister);

   237 

   238 	iCurrentCipherText = new(ELeave) TUint32[iBlockBytes/4];	

   239 	iCurrentCipherTextPtr = reinterpret_cast<TUint8*>(iCurrentCipherText);

   240 	}

   241 

   242 void CSymmetricBlockCipherImpl::Reset()

   243 	{

   244 	iInputStore.Zero();

   245 	iPaddingBlock.Zero();

   246 	

   247 	if (iOperationMode.iUid == KOperationModeCBC)

   248 		{

   249 		// only copy the IV if it is already set

   250 		if (iIv.MaxLength() > 0)

   251 			{

   252 			Mem::Copy(iCbcRegisterPtr, &iIv[0], iBlockBytes);

   253 			}

   254 		}

   255 	}	

   256 

   257 void CSymmetricBlockCipherImpl::SetKeyL(const CKey& aKey)

   258 	{

   259 	DoSetKeyL(aKey);

   260 	TCrypto::IsSymmetricWeakEnoughL(GetKeyStrength());

   261 	SetKeySchedule();

   262 	Reset();

   263 	}

   264 

   265 void CSymmetricBlockCipherImpl::SetOperationModeL(TUid aOperationMode)

   266 	{

   267 	DoSetOperationModeL(aOperationMode);

   268 	Reset();

   269 	}

   270 	

   271 void CSymmetricBlockCipherImpl::SetCryptoModeL(TUid aCryptoMode)

   272 	{

   273 	DoSetCryptoModeL(aCryptoMode);

   274 	SetKeySchedule();

   275 	Reset();

   276 	}

   277 	

   278 void CSymmetricBlockCipherImpl::SetPaddingModeL(TUid aPaddingMode)

   279 	{

   280 	DoSetPaddingModeL(aPaddingMode);

   281 	Reset();

   282 	}

   283 	

   284 void CSymmetricBlockCipherImpl::SetIvL(const TDesC8& aIv)

   285 	{

   286 	if (iOperationMode.iUid != KOperationModeCBC)

   287 		{

   288 		User::Leave(KErrNotSupported);

   289 		}

   290 	DoSetIvL(aIv);

   291 	Reset();

   292 	}

   293 

   294 void CSymmetricBlockCipherImpl::DoSetOperationModeL(TUid aOperationMode)

   295 	{

   296 	switch (aOperationMode.iUid)

   297 		{

   298 		case KOperationModeNone:

   299 		case KOperationModeECB:

   300 		case KOperationModeCBC:

   301 			break;

   302 		default:

   303 			User::Leave(KErrNotSupported);

   304 		}

   305 	iOperationMode = aOperationMode;		

   306 	}

   307 

   308 void CSymmetricBlockCipherImpl::DoSetCryptoModeL(TUid aCryptoMode)

   309 	{

   310 	switch (aCryptoMode.iUid)

   311 		{

   312 		case KCryptoModeEncrypt:

   313 		case KCryptoModeDecrypt:

   314 			break;

   315 		default:

   316 			User::Leave(KErrNotSupported);

   317 		}

   318 	iCryptoMode = aCryptoMode;		

   319 	}

   320 

   321 void CSymmetricBlockCipherImpl::DoSetPaddingModeL(TUid aPaddingMode)

   322 	{	

   323 	CPadding* padding(0);	

   324 	switch (aPaddingMode.iUid)

   325 		{

   326 		case KPaddingModeNone:

   327 			padding = CPaddingNone::NewL(iBlockBytes);

   328 		break;

   329 		case KPaddingModeSSLv3:

   330 			padding = CPaddingSSLv3::NewL(iBlockBytes);

   331 		break;

   332 		case KPaddingModePKCS7:

   333 			padding = CPaddingPKCS7::NewL(iBlockBytes);

   334 		break;

   335 		default:

   336 			User::Leave(KErrNotSupported);

   337 		}

   338 	delete iPadding;

   339 	iPadding = padding;

   340 	iPaddingMode = aPaddingMode;	

   341 	}	

   342 

   343 void CSymmetricBlockCipherImpl::DoSetIvL(const TDesC8& aIv)

   344 	{

   345 	iIv.ReAllocL(iBlockBytes);

   346 	iIv.SetLength(iBlockBytes);

   347 

   348 	iIv.Zero();

   349 	if (aIv.Length() != iBlockBytes) 

   350 		{

   351 		User::Leave(KErrArgument);

   352 		}

   353 	iIv = aIv;	

   354 	}	

   355 

   356 TInt CSymmetricBlockCipherImpl::BlockSize() const

   357 	{

   358 	// return block size in BITS

   359 	return BytesToBits(iBlockBytes);

   360 	}

   361 

   362 TInt CSymmetricBlockCipherImpl::MaxOutputLength(TInt aInputLength) const

   363 	{	

   364 	// The maximum output length required for Process is equal to the

   365 	// size of the number of whole input blocks available.

   366 	//

   367 	// The block bytes is a power of two so we can use this to avoid

   368 	// doing a real mod operation

   369 	TUint inputStoreLength(iInputStore.Length());

   370 	TInt rem = (aInputLength + inputStoreLength) & (iBlockBytes - 1);

   371 	return (aInputLength + inputStoreLength - rem);

   372 	}	

   373 

   374 TInt CSymmetricBlockCipherImpl::MaxFinalOutputLength(TInt aInputLength) const

   375 	{

   376 	if (iCryptoMode.iUid == KCryptoModeEncrypt)

   377 		{

   378 		return iPadding->MaxPaddedLength(iInputStore.Length() + aInputLength);

   379 		}

   380 	else

   381 		{

   382 		return iPadding->MaxUnPaddedLength(aInputLength + iInputStore.Size());

   383 		}

   384 	}

   385 

   386 void CSymmetricBlockCipherImpl::ProcessL(const TDesC8& aInput, TDes8& aOutput)

   387 	{

   388 	// if we're running in CBC mode then we must have an IV set before we can 

   389 	// do any processing ie call SetIvL() before this method

   390 	if (iOperationMode.iUid == KOperationModeCBC)

   391 		{

   392 		if (iIv.MaxLength() == 0)

   393 			{

   394 			User::Leave(KErrNotSupported);

   395 			}

   396 		}

   397 

   398 	TInt inputLength(aInput.Length());	

   399 	TInt inputStoreLength(iInputStore.Length());

   400 	

   401 	if (MaxOutputLength(inputLength) > aOutput.MaxLength())

   402 		{

   403 		User::Leave(KErrOverflow);

   404 		}	

   405 

   406 	TUint8 blockSizeLog = CryptoLog2(iBlockBytes);

   407 	TInt wholeBlocks = (inputLength + inputStoreLength) >> blockSizeLog; 

   408 	TInt wholeBlocksSize = wholeBlocks << blockSizeLog;

   409 	

   410 	if (wholeBlocks)

   411 		{

   412 		TInt outputLength(aOutput.Length());

   413 

   414 		if (inputStoreLength > 0)

   415 			{

   416 			aOutput.Append(iInputStore);

   417 			iInputStore.Zero();

   418 			}

   419 		aOutput.Append(aInput.Left(wholeBlocksSize - inputStoreLength));

   420 		Transform(const_cast<TUint8*>(aOutput.Ptr()) + outputLength, wholeBlocks);

   421 		}

   422 		

   423 	TInt remainingBytes = inputLength + inputStoreLength - wholeBlocksSize;

   424 	if (remainingBytes > 0)

   425 		{		

   426 		iInputStore.Append(aInput.Right(remainingBytes));

   427 		}

   428 	}

   429 		

   430 void CSymmetricBlockCipherImpl::ProcessFinalL(const TDesC8& aInput, TDes8& aOutput)

   431 	{	

   432 	// if we're running in CBC mode then we must have an IV set before we can 

   433 	// do any processing ie call SetIvL() before this method

   434 	if (iOperationMode.iUid == KOperationModeCBC)

   435 		{

   436 		if (iIv.MaxLength() == 0)

   437 			{

   438 			User::Leave(KErrNotSupported);

   439 			}

   440 		}

   441 

   442 	if (iCryptoMode.iUid == KCryptoModeEncrypt)

   443 		{

   444 		return DoProcessFinalEncryptL(aInput, aOutput);

   445 		}

   446 	else

   447 		{

   448 		return DoProcessFinalDecryptL(aInput, aOutput);

   449 		}

   450 	}

   451 

   452 void CSymmetricBlockCipherImpl::DoProcessFinalEncryptL(const TDesC8& aInput, TDes8& aOutput)

   453 	{	

   454 	if (MaxFinalOutputLength(aInput.Length()) > aOutput.MaxLength() - aOutput.Length())

   455 		{

   456 		User::Leave(KErrOverflow);

   457 		}

   458 		

   459 	// process everything up to the last (possibly empty block)

   460 	TInt outputStartIndex = aOutput.Length();

   461 	ProcessL(aInput, aOutput);

   462 

   463 	// pad the plaintext

   464 	iPadding->PadL(iInputStore, iPaddingBlock);

   465 	

   466 	// if padding required

   467 	if (iPaddingBlock.Length() > 0)

   468 		{

   469 		iInputStore.Zero();

   470 

   471 		// make sure the output is a multiple of the block size

   472 		User::LeaveIfError(((aOutput.Length() - outputStartIndex + iPaddingBlock.Length()) % iBlockBytes) == 0 ? KErrNone : KErrInvalidPadding);

   473 

   474 		outputStartIndex = aOutput.Length();

   475 		aOutput.Append(iPaddingBlock);

   476 		iPaddingBlock.Zero();

   477 		TransformEncrypt(const_cast<TUint8*>(aOutput.Ptr()) + outputStartIndex, 1);		

   478 		}

   479 	}

   480 

   481 void CSymmetricBlockCipherImpl::DoProcessFinalDecryptL(const TDesC8& aInput, TDes8& aOutput)

   482 	{

   483 	if (MaxFinalOutputLength(aInput.Length()) > aOutput.MaxLength() - aOutput.Length())

   484 		{

   485 		User::Leave(KErrOverflow);

   486 		}

   487 

   488 	// Input length (including inputstore) must be a multiple of the 

   489 	// block size in length

   490 	if ((aInput.Length() + iInputStore.Length()) & (iBlockBytes - 1)) 

   491 		{

   492 		User::Leave(KErrArgument);

   493 		}

   494 

   495 	TInt bytesProcessed(0);

   496 	if(aInput.Length() > iBlockBytes)

   497 		{

   498 		// the last block lies entirely within aInput so decrypt everything up 

   499 		// to this point.

   500 		bytesProcessed = aInput.Length() - iBlockBytes;

   501 		ProcessL(aInput.Left(bytesProcessed), aOutput);

   502 		ASSERT(iInputStore.Length()==0); // all the blocks should have been decrypted

   503 		}

   504 	else 

   505 		{

   506 		// if the input is less than one block in length then this + input

   507 		// store should combine to give exactly one block of data

   508 		ASSERT((iInputStore.Length() + aInput.Length()) == iBlockBytes);

   509 		}

   510 		

   511 	// now contains the final ciphertext block

   512 	iInputStore.Append(aInput.Right(aInput.Length() - bytesProcessed)); 

   513 	

   514 	// Decrypt the last _padding_ blocksize into a new buffer

   515 	TransformDecrypt(const_cast<TUint8*>(iInputStore.Ptr()), 1);

   516 

   517 	// Unpad the last block and append to output

   518 	iPadding->UnPadL(iInputStore, aOutput);

   519 	

   520 	iPaddingBlock.Zero();

   521 	iInputStore.Zero();

   522 	}

   523 

   524
Symaptic