sl@0: /* sl@0: * Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies). sl@0: * All rights reserved. sl@0: * This component and the accompanying materials are made available sl@0: * under the terms of the License "Eclipse Public License v1.0" sl@0: * which accompanies this distribution, and is available sl@0: * at the URL "http://www.eclipse.org/legal/epl-v10.html". sl@0: * sl@0: * Initial Contributors: sl@0: * Nokia Corporation - initial contribution. sl@0: * sl@0: * Contributors: sl@0: * sl@0: * Description: sl@0: * ** IMPORTANT ** API's in this file are published to 3rd party developers via the sl@0: * Symbian website. Changes to these API's should be treated as PublishedAll API changes and the Security TA should be consulted. sl@0: * Asymmetric crypto implementation sl@0: * sl@0: */ sl@0: sl@0: sl@0: /** sl@0: @file sl@0: @publishedAll sl@0: @released sl@0: */ sl@0: sl@0: #ifndef __ASYMMETRIC_H__ sl@0: #define __ASYMMETRIC_H__ sl@0: sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: sl@0: // All the classes in this file have their default constructors and sl@0: // assignment operators defined private, but not implemented, in order to sl@0: // prevent their use. sl@0: sl@0: /** sl@0: * Mixin class defining common operations for public key encryption and sl@0: * decryption classes. sl@0: * sl@0: */ sl@0: class MCryptoSystem sl@0: { sl@0: public: sl@0: /** sl@0: * Gets the maximum size of input accepted by this object. sl@0: * sl@0: * @return The maximum input length allowed in bytes. sl@0: */ sl@0: virtual TInt MaxInputLength(void) const = 0; sl@0: sl@0: /** sl@0: * Gets the maximum size of output that can be generated by this object. sl@0: * sl@0: * @return The maximum output length in bytes. sl@0: */ sl@0: virtual TInt MaxOutputLength(void) const = 0; sl@0: protected: sl@0: /** sl@0: * Constructor sl@0: */ sl@0: IMPORT_C MCryptoSystem(void); sl@0: private: sl@0: MCryptoSystem(const MCryptoSystem&); sl@0: MCryptoSystem& operator=(const MCryptoSystem&); sl@0: }; sl@0: sl@0: /** sl@0: * Abstract base class for all public key encryptors. sl@0: * sl@0: */ sl@0: class CEncryptor : public CBase, public MCryptoSystem sl@0: { sl@0: public: sl@0: /** sl@0: * Encrypts the specified plaintext into ciphertext. sl@0: * sl@0: * @param aInput The plaintext sl@0: * @param aOutput On return, the ciphertext sl@0: * sl@0: * @panic KCryptoPanic If the input data is too long. sl@0: * See ECryptoPanicInputTooLarge sl@0: * @panic KCryptoPanic If the supplied output descriptor is not large enough to store the result. sl@0: * See ECryptoPanicOutputDescriptorOverflow sl@0: */ sl@0: virtual void EncryptL(const TDesC8& aInput, TDes8& aOutput) const = 0; sl@0: protected: sl@0: /** Default constructor */ sl@0: IMPORT_C CEncryptor(void); sl@0: private: sl@0: CEncryptor(const CEncryptor&); sl@0: CEncryptor& operator=(const CEncryptor&); sl@0: }; sl@0: sl@0: /** sl@0: * Abstract base class for all public key decryptors. sl@0: * sl@0: */ sl@0: class CDecryptor : public CBase, public MCryptoSystem sl@0: { sl@0: public: sl@0: /** sl@0: * Decrypts the specified ciphertext into plaintext sl@0: * sl@0: * @param aInput The ciphertext to be decrypted sl@0: * @param aOutput On return, the plaintext sl@0: * sl@0: * @panic KCryptoPanic If the input data is too long. sl@0: * See ECryptoPanicInputTooLarge sl@0: * @panic KCryptoPanic If the supplied output descriptor is not large enough to store the result. sl@0: * See ECryptoPanicOutputDescriptorOverflow sl@0: */ sl@0: virtual void DecryptL(const TDesC8& aInput, TDes8& aOutput) const = 0; sl@0: protected: sl@0: /** Default constructor */ sl@0: IMPORT_C CDecryptor(void); sl@0: private: sl@0: CDecryptor(const CDecryptor&); sl@0: CDecryptor& operator=(const CDecryptor&); sl@0: }; sl@0: sl@0: /** sl@0: * Implementation of RSA encryption as described in PKCS#1 v1.5. sl@0: * sl@0: */ sl@0: class CRSAPKCS1v15Encryptor : public CEncryptor sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new RSA encryptor object using PKCS#1 v1.5 padding. sl@0: * sl@0: * @param aKey The RSA encryption key sl@0: * @return A pointer to a new CRSAPKCS1v15Encryptor object sl@0: * sl@0: * @leave KErrKeyNotWeakEnough If the key size is larger than that allowed by the sl@0: * cipher strength restrictions of the crypto library. sl@0: * See TCrypto::IsAsymmetricWeakEnoughL() sl@0: * @leave KErrKeySize If the key length is too small sl@0: */ sl@0: IMPORT_C static CRSAPKCS1v15Encryptor* NewL(const CRSAPublicKey& aKey); sl@0: sl@0: /** sl@0: * Creates a new RSA encryptor object using PKCS#1 v1.5 padding. sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aKey The RSA encryption key sl@0: * @return A pointer to a new CRSAPKCS1v15Encryptor object sl@0: * sl@0: * @leave KErrKeyNotWeakEnough If the key size is larger than that allowed by the sl@0: * cipher strength restrictions of the crypto library. sl@0: * See TCrypto::IsAsymmetricWeakEnoughL() sl@0: * @leave KErrKeySize If the key length is too small sl@0: */ sl@0: IMPORT_C static CRSAPKCS1v15Encryptor* NewLC(const CRSAPublicKey& aKey); sl@0: void EncryptL(const TDesC8& aInput, TDes8& aOutput) const; sl@0: TInt MaxInputLength(void) const; sl@0: TInt MaxOutputLength(void) const; sl@0: /** The destructor frees all resources owned by the object, prior to its destruction. */ sl@0: virtual ~CRSAPKCS1v15Encryptor(void); sl@0: protected: sl@0: /** @internalAll */ sl@0: CRSAPKCS1v15Encryptor(const CRSAPublicKey& aKey); sl@0: /** @internalAll */ sl@0: void ConstructL(void); sl@0: protected: sl@0: /** The RSA public key */ sl@0: const CRSAPublicKey& iPublicKey; sl@0: /** The PKCS#1 v1.5 encryption padding */ sl@0: CPaddingPKCS1Encryption* iPadding; sl@0: private: sl@0: CRSAPKCS1v15Encryptor(const CRSAPKCS1v15Encryptor&); sl@0: CRSAPKCS1v15Encryptor& operator=(const CRSAPKCS1v15Encryptor&); sl@0: }; sl@0: sl@0: /** sl@0: * Implementation of RSA decryption as described in PKCS#1 v1.5. sl@0: * sl@0: */ sl@0: class CRSAPKCS1v15Decryptor : public CDecryptor sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new RSA decryptor object using PKCS#1 v1.5 padding. sl@0: * sl@0: * @param aKey The RSA private key for decryption sl@0: * sl@0: * @leave KErrKeyNotWeakEnough If the key size is larger than that allowed by the sl@0: * cipher strength restrictions of the crypto library. sl@0: * See TCrypto::IsAsymmetricWeakEnoughL() sl@0: * @leave KErrKeySize If the key length is too small sl@0: */ sl@0: IMPORT_C static CRSAPKCS1v15Decryptor* NewL(const CRSAPrivateKey& aKey); sl@0: sl@0: /** sl@0: * Creates a new RSA decryptor object using PKCS#1 v1.5 padding sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aKey The RSA private key for decryption sl@0: * sl@0: * @leave KErrKeyNotWeakEnough If the key size is larger than that allowed by the sl@0: * cipher strength restrictions of the crypto library. sl@0: * See TCrypto::IsAsymmetricWeakEnoughL() sl@0: * @leave KErrKeySize If the key length is too small sl@0: * @leave KErrNotSupported If the RSA private key is not a supported TRSAPrivateKeyType sl@0: */ sl@0: IMPORT_C static CRSAPKCS1v15Decryptor* NewLC(const CRSAPrivateKey& aKey); sl@0: void DecryptL(const TDesC8& aInput, TDes8& aOutput) const; sl@0: TInt MaxInputLength(void) const; sl@0: TInt MaxOutputLength(void) const; sl@0: /** The destructor frees all resources owned by the object, prior to its destruction. */ sl@0: virtual ~CRSAPKCS1v15Decryptor(void); sl@0: protected: sl@0: /** @internalAll */ sl@0: CRSAPKCS1v15Decryptor(const CRSAPrivateKey& aKey); sl@0: /** @internalAll */ sl@0: void ConstructL(void); sl@0: protected: sl@0: /** The RSA private key */ sl@0: const CRSAPrivateKey& iPrivateKey; sl@0: /** The PKCS#1 v1.5 encryption padding */ sl@0: CPaddingPKCS1Encryption* iPadding; sl@0: private: sl@0: CRSAPKCS1v15Decryptor(const CRSAPKCS1v15Decryptor&); sl@0: CRSAPKCS1v15Decryptor& operator=(const CRSAPKCS1v15Decryptor&); sl@0: }; sl@0: sl@0: /** sl@0: * Mixin class defining operations common to all public key signature systems. sl@0: * sl@0: */ sl@0: class MSignatureSystem sl@0: { sl@0: public: sl@0: /** sl@0: * Gets the maximum size of input accepted by this object. sl@0: * sl@0: * @return The maximum length allowed in bytes sl@0: */ sl@0: virtual TInt MaxInputLength(void) const = 0; sl@0: protected: sl@0: /** Constructor */ sl@0: IMPORT_C MSignatureSystem(void); sl@0: private: sl@0: MSignatureSystem(const MSignatureSystem&); sl@0: MSignatureSystem& operator=(const MSignatureSystem&); sl@0: }; sl@0: sl@0: /** sl@0: * Abstract base class for all public key signers. sl@0: * sl@0: * The template parameter, CSignature, should be a class that encapsulates the sl@0: * concept of a digital signature. Derived signature classes must own their sl@0: * respective signatures (and hence be CBase derived). There are no other sl@0: * restrictions on the formation of the signature classes. sl@0: * sl@0: */ sl@0: template class CSigner : public CBase, public MSignatureSystem sl@0: { sl@0: public: sl@0: /** sl@0: * Digitally signs the specified input message sl@0: * sl@0: * @param aInput The raw data to sign, typically a hash of the actual message sl@0: * @return A pointer to a new CSignature object sl@0: * sl@0: * @panic ECryptoPanicInputTooLarge If aInput is larger than MaxInputLength(), sl@0: * which is likely to happen if the caller sl@0: * has passed in something that has not been sl@0: * hashed. sl@0: */ sl@0: virtual CSignature* SignL(const TDesC8& aInput) const = 0; sl@0: protected: sl@0: /** @internalAll */ sl@0: CSigner(void); sl@0: private: sl@0: CSigner(const CSigner&); sl@0: CSigner& operator=(const CSigner&); sl@0: }; sl@0: sl@0: /** sl@0: * Abstract class for all public key verifiers. sl@0: * sl@0: * The template parameter, CSignature, should be a class that encapsulates the sl@0: * concept of a digital signature. Derived signature classes must own their sl@0: * respective signatures (and hence be CBase derived). There are no other sl@0: * restrictions on the formation of the signature classes. sl@0: * sl@0: */ sl@0: template class CVerifier : public CBase, public MSignatureSystem sl@0: { sl@0: public: sl@0: /** sl@0: * Verifies the specified digital signature sl@0: * sl@0: * @param aInput The message digest that was originally signed sl@0: * @param aSignature The signature to be verified sl@0: * sl@0: * @return Whether the signature is the result of signing sl@0: * aInput with the supplied key sl@0: */ sl@0: virtual TBool VerifyL(const TDesC8& aInput, sl@0: const CSignature& aSignature) const = 0; sl@0: protected: sl@0: /** @internalAll */ sl@0: CVerifier(void); sl@0: private: sl@0: CVerifier(const CVerifier&); sl@0: CVerifier& operator=(const CVerifier&); sl@0: }; sl@0: sl@0: /* Template nastiness for CVerifier and CSigner in asymmetric.inl */ sl@0: sl@0: #include sl@0: sl@0: /** sl@0: * An encapsulation of a RSA signature. sl@0: * sl@0: */ sl@0: class CRSASignature : public CBase sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new CRSASignature object from the integer value sl@0: * output of a previous RSA signing operation. sl@0: * sl@0: * @param aS The integer value output from a previous RSA signing operation sl@0: * @return A pointer to the new CRSASignature object. sl@0: */ sl@0: IMPORT_C static CRSASignature* NewL(RInteger& aS); sl@0: sl@0: /** sl@0: * Creates a new CRSASignature object from the integer value sl@0: * output of a previous RSA signing operation. sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aS The integer value output from a previous RSA signing operation sl@0: * @return A pointer to the new CRSASignature object. sl@0: */ sl@0: IMPORT_C static CRSASignature* NewLC(RInteger& aS); sl@0: sl@0: /** sl@0: * Gets the integer value of the RSA signature sl@0: * sl@0: * @return The integer value of the RSA signature sl@0: */ sl@0: IMPORT_C const TInteger& S(void) const; sl@0: sl@0: /** sl@0: * Whether this RSASignature is identical to a specified RSASignature sl@0: * sl@0: * @param aSig The RSASignature for comparison sl@0: * @return ETrue, if the two signatures are identical; EFalse, otherwise. sl@0: */ sl@0: IMPORT_C TBool operator== (const CRSASignature& aSig) const; sl@0: sl@0: /** Destructor */ sl@0: /** The destructor frees all resources owned by the object, prior to its destruction. */ sl@0: IMPORT_C virtual ~CRSASignature(void); sl@0: protected: sl@0: /** sl@0: * Second phase constructor sl@0: * sl@0: * @see CRSASignature::NewL() sl@0: * sl@0: * @param aS The integer value output from a previous RSA signing operation sl@0: */ sl@0: IMPORT_C CRSASignature(RInteger& aS); sl@0: sl@0: /** Default constructor */ sl@0: IMPORT_C CRSASignature(void); sl@0: protected: sl@0: /** An integer value; the output from a previous RSA signing operation. */ sl@0: RInteger iS; sl@0: private: sl@0: CRSASignature(const CRSASignature&); sl@0: CRSASignature& operator=(const CRSASignature); sl@0: }; sl@0: sl@0: /** sl@0: * Abstract base class for all RSA Signers. sl@0: * sl@0: */ sl@0: class CRSASigner : public CSigner sl@0: { sl@0: public: sl@0: /** sl@0: * Gets the maximum size of output that can be generated by this object. sl@0: * sl@0: * @return The maximum output length in bytes sl@0: */ sl@0: virtual TInt MaxOutputLength(void) const = 0; sl@0: protected: sl@0: /** Default constructor */ sl@0: IMPORT_C CRSASigner(void); sl@0: private: sl@0: CRSASigner(const CRSASigner&); sl@0: CRSASigner& operator=(const CRSASigner&); sl@0: }; sl@0: sl@0: /** sl@0: * Implementation of RSA signing as described in PKCS#1 v1.5. sl@0: * sl@0: * This class creates RSA signatures following the RSA PKCS#1 v1.5 standard (with sl@0: * the one caveat noted below) and using PKCS#1 v1.5 signature padding. The only sl@0: * exception is that the SignL() function simply performs a 'raw' PKCS#1 v1.5 sign sl@0: * operation on whatever it is given. It does not hash or in any way sl@0: * manipulate the input data before signing. sl@0: * sl@0: */ sl@0: class CRSAPKCS1v15Signer : public CRSASigner sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new CRSAPKCS1v15Signer object from a specified RSA private key. sl@0: * sl@0: * @param aKey The RSA private key to be used for signing sl@0: * @return A pointer to the new CRSAPKCS1v15Signer object sl@0: * sl@0: * @leave KErrKeySize If the key length is too small sl@0: */ sl@0: IMPORT_C static CRSAPKCS1v15Signer* NewL(const CRSAPrivateKey& aKey); sl@0: sl@0: /** sl@0: * Creates a new CRSAPKCS1v15Signer object from a specified RSA private key. sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aKey The RSA private key to be used for signing sl@0: * @return A pointer to the new CRSAPKCS1v15Signer object sl@0: * sl@0: * @leave KErrKeySize If the key length is too small sl@0: */ sl@0: IMPORT_C static CRSAPKCS1v15Signer* NewLC(const CRSAPrivateKey& aKey); sl@0: /** sl@0: * Digitally signs the specified input message sl@0: * sl@0: * @param aInput The raw data to sign, typically a hash of the actual message sl@0: * @return A pointer to a new CSignature object sl@0: * sl@0: * @leave KErrNotSupported If the private key is not a supported TRSAPrivateKeyType sl@0: * @panic ECryptoPanicInputTooLarge If aInput is larger than MaxInputLength(), sl@0: * which is likely to happen if the caller sl@0: * has passed in something that has not been hashed. sl@0: */ sl@0: virtual CRSASignature* SignL(const TDesC8& aInput) const; sl@0: virtual TInt MaxInputLength(void) const; sl@0: virtual TInt MaxOutputLength(void) const; sl@0: /** The destructor frees all resources owned by the object, prior to its destruction. sl@0: * @internalAll */ sl@0: ~CRSAPKCS1v15Signer(void); sl@0: protected: sl@0: /** @internalAll */ sl@0: CRSAPKCS1v15Signer(const CRSAPrivateKey& aKey); sl@0: /** @internalAll */ sl@0: void ConstructL(void); sl@0: protected: sl@0: /** The RSA private key to be used for signing */ sl@0: const CRSAPrivateKey& iPrivateKey; sl@0: /** The PKCS#1 v1.5 signature padding */ sl@0: CPaddingPKCS1Signature* iPadding; sl@0: private: sl@0: CRSAPKCS1v15Signer(const CRSAPKCS1v15Signer&); sl@0: CRSAPKCS1v15Signer& operator=(const CRSAPKCS1v15Signer&); sl@0: }; sl@0: sl@0: /** sl@0: * Abstract base class for all RSA Verifiers. sl@0: * sl@0: */ sl@0: class CRSAVerifier : public CVerifier sl@0: { sl@0: public: sl@0: /** sl@0: * Gets the maximum size of output that can be generated by this object. sl@0: * sl@0: * @return The maximum output length in bytes sl@0: */ sl@0: virtual TInt MaxOutputLength(void) const = 0; sl@0: sl@0: /** sl@0: * Performs a decryption operation on a signature using the public key. sl@0: * sl@0: * This is the inverse of the sign operation, which performs a encryption sl@0: * operation on its input data using the private key. Although this can be sl@0: * used to verify signatures, CRSAVerifier::VerifyL should be used in sl@0: * preference. This method is however required by some security protocols. sl@0: * sl@0: * @param aSignature The signature to be verified sl@0: * @return A pointer to a new buffer containing the result of the sl@0: * operation. The pointer is left on the cleanup stack. sl@0: */ sl@0: virtual HBufC8* InverseSignLC(const CRSASignature& aSignature) const = 0; sl@0: sl@0: IMPORT_C virtual TBool VerifyL(const TDesC8& aInput, sl@0: const CRSASignature& aSignature) const; sl@0: protected: sl@0: /** Default constructor */ sl@0: IMPORT_C CRSAVerifier(void); sl@0: private: sl@0: CRSAVerifier(const CRSAVerifier&); sl@0: CRSAVerifier& operator=(const CRSAVerifier&); sl@0: }; sl@0: sl@0: /** sl@0: * This class verifies RSA signatures given a message and its supposed sl@0: * signature. It follows the RSA PKCS#1 v1.5 with PKCS#1 v1.5 padding specification sl@0: * with the following exception: the VerifyL() function does not hash or sl@0: * in any way manipulate the input data before checking. Thus in order to verify sl@0: * RSA signatures in PKCS#1 v1.5 format, the input data needs to follow PKCS#1 v1.5 sl@0: * specification, i.e. be ASN.1 encoded and prefixed by ASN.1 encoded digestId. sl@0: * sl@0: */ sl@0: class CRSAPKCS1v15Verifier : public CRSAVerifier sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new CRSAPKCS1v15Verifier object from a specified RSA public key. sl@0: * sl@0: * @param aKey The RSA public key to be used for verifying sl@0: * @return A pointer to the new CRSAPKCS1v15Verifier object sl@0: * sl@0: * @leave KErrKeySize If the key length is too small sl@0: */ sl@0: IMPORT_C static CRSAPKCS1v15Verifier* NewL(const CRSAPublicKey& aKey); sl@0: sl@0: /** sl@0: * Creates a new CRSAPKCS1v15Verifier object from a specified RSA public key. sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aKey The RSA public key to be used for verifying sl@0: * @return A pointer to the new CRSAPKCS1v15Verifier object sl@0: * sl@0: * @leave KErrKeySize If the key length is too small sl@0: */ sl@0: IMPORT_C static CRSAPKCS1v15Verifier* NewLC(const CRSAPublicKey& aKey); sl@0: virtual HBufC8* InverseSignLC(const CRSASignature& aSignature) const; sl@0: virtual TInt MaxInputLength(void) const; sl@0: virtual TInt MaxOutputLength(void) const; sl@0: /** The destructor frees all resources owned by the object, prior to its destruction. */ sl@0: virtual ~CRSAPKCS1v15Verifier(void); sl@0: protected: sl@0: /** @internalAll */ sl@0: CRSAPKCS1v15Verifier(const CRSAPublicKey& aKey); sl@0: /** @internalAll */ sl@0: void ConstructL(void); sl@0: protected: sl@0: /** The RSA public key to be used for verification */ sl@0: const CRSAPublicKey& iPublicKey; sl@0: /** The PKCS#1 v1.5 signature padding */ sl@0: CPaddingPKCS1Signature* iPadding; sl@0: private: sl@0: CRSAPKCS1v15Verifier(const CRSAPKCS1v15Verifier&); sl@0: CRSAPKCS1v15Verifier& operator=(const CRSAPKCS1v15Verifier&); sl@0: }; sl@0: sl@0: /** sl@0: * An encapsulation of a DSA signature. sl@0: * sl@0: */ sl@0: class CDSASignature : public CBase sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new CDSASignature object from the specified R and S values. sl@0: * sl@0: * @param aR The DSA signature's R value sl@0: * @param aS The DSA signature's S value sl@0: * @return A pointer to the new CDSASignature object sl@0: */ sl@0: IMPORT_C static CDSASignature* NewL(RInteger& aR, RInteger& aS); sl@0: sl@0: /** sl@0: * Creates a new CDSASignature object from the specified R and S values. sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aR The DSA signature's R value sl@0: * @param aS The DSA signature's S value sl@0: * @return A pointer to the new CDSASignature object sl@0: */ sl@0: IMPORT_C static CDSASignature* NewLC(RInteger& aR, RInteger& aS); sl@0: sl@0: /** sl@0: * Gets the DSA signature's R value sl@0: * sl@0: * @return The R value sl@0: */ sl@0: IMPORT_C const TInteger& R(void) const; sl@0: sl@0: /** sl@0: * Gets the DSA signature's S value sl@0: * sl@0: * @return The S value sl@0: */ sl@0: IMPORT_C const TInteger& S(void) const; sl@0: sl@0: /** sl@0: * Whether this DSASignature is identical to a specified DSASignature sl@0: * sl@0: * @param aSig The DSASignature for comparison sl@0: * @return ETrue, if the two signatures are identical; EFalse, otherwise. sl@0: */ sl@0: IMPORT_C TBool operator== (const CDSASignature& aSig) const; sl@0: sl@0: /** The destructor frees all resources owned by the object, prior to its destruction. */ sl@0: IMPORT_C virtual ~CDSASignature(void); sl@0: protected: sl@0: /** sl@0: * Protected constructor sl@0: * sl@0: * @param aR The DSA signature's R value sl@0: * @param aS The DSA signature's S value sl@0: */ sl@0: IMPORT_C CDSASignature(RInteger& aR, RInteger& aS); sl@0: sl@0: /** Default constructor */ sl@0: IMPORT_C CDSASignature(void); sl@0: protected: sl@0: /** The DSA signature's R value */ sl@0: RInteger iR; sl@0: /** The DSA signature's S value */ sl@0: RInteger iS; sl@0: private: sl@0: CDSASignature(const CDSASignature&); sl@0: CDSASignature& operator=(const CDSASignature&); sl@0: }; sl@0: sl@0: /** sl@0: * Implementation of DSA signing as specified in FIPS 186-2 change request 1. sl@0: * sl@0: */ sl@0: class CDSASigner : public CSigner sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new CDSASigner object from a specified DSA private key. sl@0: * sl@0: * @param aKey The DSA private key to be used for signing sl@0: * @return A pointer to the new CDSASigner object sl@0: */ sl@0: IMPORT_C static CDSASigner* NewL(const CDSAPrivateKey& aKey); sl@0: sl@0: /** sl@0: * Creates a new CDSASigner object from a specified DSA private key. sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aKey The DSA private key to be used for signing sl@0: * @return A pointer to the new CDSASigner object sl@0: */ sl@0: IMPORT_C static CDSASigner* NewLC(const CDSAPrivateKey& aKey); sl@0: /** sl@0: * Digitally signs the specified input message sl@0: * sl@0: * Note that in order to be interoperable and compliant with the DSS, aInput sl@0: * must be the result of a SHA-1 hash. sl@0: * sl@0: * @param aInput A SHA-1 hash of the message to sign sl@0: * @return A pointer to a new CSignature object sl@0: * sl@0: * @panic ECryptoPanicInputTooLarge If aInput is larger than MaxInputLength(), sl@0: * which is likely to happen if the caller sl@0: * has passed in something that has not been hashed. sl@0: */ sl@0: virtual CDSASignature* SignL(const TDesC8& aInput) const; sl@0: virtual TInt MaxInputLength(void) const; sl@0: protected: sl@0: /** @internalAll */ sl@0: CDSASigner(const CDSAPrivateKey& aKey); sl@0: protected: sl@0: /** The DSA private key to be used for signing */ sl@0: const CDSAPrivateKey& iPrivateKey; sl@0: private: sl@0: CDSASigner(const CDSASigner&); sl@0: CDSASigner& operator=(const CDSASigner&); sl@0: }; sl@0: sl@0: /** sl@0: * Implementation of DSA signature verification as specified in FIPS 186-2 change sl@0: * request 1. sl@0: * sl@0: */ sl@0: class CDSAVerifier : public CVerifier sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new CDSAVerifier object from a specified DSA public key. sl@0: * sl@0: * @param aKey The DSA public key to be used for verifying sl@0: * @return A pointer to the new CDSAVerifier object sl@0: */ sl@0: IMPORT_C static CDSAVerifier* NewL(const CDSAPublicKey& aKey); sl@0: sl@0: /** sl@0: * Creates a new CDSAVerifier object from a specified DSA public key. sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aKey The DSA public key to be used for verifying sl@0: * @return A pointer to the new CDSAVerifier object sl@0: */ sl@0: IMPORT_C static CDSAVerifier* NewLC(const CDSAPublicKey& aKey); sl@0: /** sl@0: * Verifies the specified digital signature sl@0: * sl@0: * Note that in order to be interoperable and compliant with the DSS, aInput sl@0: * must be the result of a SHA-1 hash. sl@0: * sl@0: * @param aInput A SHA-1 hash of the received message sl@0: * @param aSignature The signature to be verified sl@0: * sl@0: * @return Whether the signature is the result of signing sl@0: * aInput with the supplied key sl@0: */ sl@0: virtual TBool VerifyL(const TDesC8& aInput, const CDSASignature& aSignature) const; sl@0: virtual TInt MaxInputLength(void) const; sl@0: protected: sl@0: /** @internalAll */ sl@0: CDSAVerifier(const CDSAPublicKey& aKey); sl@0: protected: sl@0: /** The DSA public key to be used for verification */ sl@0: const CDSAPublicKey& iPublicKey; sl@0: private: sl@0: CDSAVerifier(const CDSAVerifier&); sl@0: CDSAVerifier& operator=(const CDSAVerifier&); sl@0: }; sl@0: sl@0: /** sl@0: * Implementation of Diffie-Hellman key agreement as specified in PKCS#3. sl@0: * sl@0: */ sl@0: class CDH : public CBase sl@0: { sl@0: public: sl@0: /** sl@0: * Creates a new CDH object from a specified DH private key. sl@0: * sl@0: * @param aPrivateKey The private key of this party sl@0: * @return A pointer to the new CDH object sl@0: */ sl@0: IMPORT_C static CDH* NewL(const CDHPrivateKey& aPrivateKey); sl@0: sl@0: /** sl@0: * Creates a new CDH object from a specified DH private key. sl@0: * sl@0: * The returned pointer is put onto the cleanup stack. sl@0: * sl@0: * @param aPrivateKey The private key of this party sl@0: * @return A pointer to the new CDH object sl@0: */ sl@0: IMPORT_C static CDH* NewLC(const CDHPrivateKey& aPrivateKey); sl@0: sl@0: /** sl@0: * Performs the key agreement operation. sl@0: * sl@0: * @param aPublicKey The public key of the other party sl@0: * @return The agreed key sl@0: */ sl@0: IMPORT_C HBufC8* AgreeL(const CDHPublicKey& aPublicKey) const; sl@0: protected: sl@0: /** sl@0: * Constructor sl@0: * sl@0: * @param aPrivateKey The DH private key sl@0: */ sl@0: IMPORT_C CDH(const CDHPrivateKey& aPrivateKey); sl@0: protected: sl@0: /** The DH private key */ sl@0: const CDHPrivateKey& iPrivateKey; sl@0: private: sl@0: CDH(const CDH&); sl@0: CDH& operator=(const CDH&); sl@0: }; sl@0: sl@0: #endif // __ASYMMETRIC_H__