os/security/cryptoplugins/cryptospiplugins/source/softwarecrypto/dsasignerimpl.cpp
First public contribution.
2 * Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
4 * This component and the accompanying materials are made available
5 * under the terms of the License "Eclipse Public License v1.0"
6 * which accompanies this distribution, and is available
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
9 * Initial Contributors:
10 * Nokia Corporation - initial contribution.
19 #include "dsasignerimpl.h"
20 #include "pluginconfig.h"
22 using namespace SoftwareCrypto;
24 // Implementation of CDSASignerImpl
25 CDSASignerImpl* CDSASignerImpl::NewL(const CKey& aKey)
27 CDSASignerImpl* self = CDSASignerImpl::NewLC(aKey);
28 CleanupStack::Pop(self);
32 CDSASignerImpl* CDSASignerImpl::NewLC(const CKey& aKey)
34 CDSASignerImpl* self = new(ELeave) CDSASignerImpl();
35 CleanupStack::PushL(self);
36 self->ConstructL(aKey);
40 CDSASignerImpl::CDSASignerImpl()
44 CDSASignerImpl::~CDSASignerImpl()
48 void CDSASignerImpl::ConstructL(const CKey& aKey)
50 CSignerImpl::ConstructL(aKey);
53 CExtendedCharacteristics* CDSASignerImpl::CreateExtendedCharacteristicsL()
55 // All Symbian software plug-ins have unlimited concurrency, cannot be reserved
56 // for exclusive use and are not CERTIFIED to be standards compliant.
57 return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
60 const CExtendedCharacteristics* CDSASignerImpl::GetExtendedCharacteristicsL()
62 return CDSASignerImpl::CreateExtendedCharacteristicsL();
65 TUid CDSASignerImpl::ImplementationUid() const
67 return KCryptoPluginDsaSignerUid;
70 void CDSASignerImpl::SetKeyL(const CKey& aPrivateKey)
72 DoSetKeyL(aPrivateKey);
76 TInt CDSASignerImpl::GetMaximumInputLengthL() const
78 return KSha1HashLength;
81 void CDSASignerImpl::SignL(const TDesC8& aInput, CCryptoParams& aSignature)
84 //see HAC 11.56 or DSS section 5
85 //I'll follow HAC as I like its description better
86 //We don't check that r and s are non both non-null like the DSS
87 //states you _optionally_ can. The chances of this are _incredibly_ small.
88 //You've got a much better chance of a bit failure ocurring in the hardware
91 const TInteger& tQ=iKey->GetBigIntL(KDsaKeyParameterQUid);
93 // a) Select a random secret integer (k | 0 < k < q)
94 RInteger qminus1 = RInteger::NewL(tQ);
95 CleanupStack::PushL(qminus1);
97 RInteger k = RInteger::NewRandomL(TInteger::One(), qminus1);
98 CleanupStack::PopAndDestroy(&qminus1);
99 CleanupStack::PushL(k);
102 // b) compute r = (g^k mod p) mod q
104 const TInteger& tG=iKey->GetBigIntL(KDsaKeyParameterGUid);
105 const TInteger& tP=iKey->GetBigIntL(KDsaKeyParameterPUid);
106 RInteger r = TInteger::ModularExponentiateL(tG, k, tP);
107 CleanupStack::PushL(r);
111 // c) compute k^(-1) mod q
113 RInteger kinv = k.InverseModL(tQ);
114 CleanupStack::PushL(kinv);
117 // d) compute s = k^(-1) * {h(m) + xr} mod q
118 // Note that in order to be interoperable, compliant with the DSS, and
119 // secure, aInput must be the result of a SHA-1 hash
121 RInteger hm = RInteger::NewL(aInput);
122 CleanupStack::PushL(hm);
124 const TInteger& tX=iKey->GetBigIntL(KDsaKeyParameterXUid);
125 RInteger s = tX.TimesL(r);
126 CleanupStack::PushL(s);
132 // e) signature for m is the pair (r,s)
133 aSignature.AddL(r, KDsaSignatureParameterRUid);
134 aSignature.AddL(s, KDsaSignatureParameterSUid);
136 CleanupStack::PopAndDestroy(5, &k);