sl@0: /* sl@0: * Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies). sl@0: * All rights reserved. sl@0: * This component and the accompanying materials are made available sl@0: * under the terms of the License "Eclipse Public License v1.0" sl@0: * which accompanies this distribution, and is available sl@0: * at the URL "http://www.eclipse.org/legal/epl-v10.html". sl@0: * sl@0: * Initial Contributors: sl@0: * Nokia Corporation - initial contribution. sl@0: * sl@0: * Contributors: sl@0: * sl@0: * Description: sl@0: * sl@0: */ sl@0: sl@0: sl@0: #include "dsaverifyimpl.h" sl@0: #include "pluginconfig.h" sl@0: sl@0: using namespace SoftwareCrypto; sl@0: sl@0: // Implementation of CDSAVerifierImpl sl@0: CDSAVerifierImpl* CDSAVerifierImpl::NewL(const CKey& aKey) sl@0: { sl@0: CDSAVerifierImpl* self = CDSAVerifierImpl::NewLC(aKey); sl@0: CleanupStack::Pop(self); sl@0: return self; sl@0: } sl@0: sl@0: CDSAVerifierImpl* CDSAVerifierImpl::NewLC(const CKey& aKey) sl@0: { sl@0: CDSAVerifierImpl* self = new(ELeave) CDSAVerifierImpl(); sl@0: CleanupStack::PushL(self); sl@0: self->ConstructL(aKey); sl@0: return self; sl@0: } sl@0: sl@0: CDSAVerifierImpl::CDSAVerifierImpl() sl@0: { sl@0: } sl@0: sl@0: CDSAVerifierImpl::~CDSAVerifierImpl() sl@0: { sl@0: } sl@0: sl@0: void CDSAVerifierImpl::ConstructL(const CKey& aKey) sl@0: { sl@0: CVerifierImpl::ConstructL(aKey); sl@0: } sl@0: sl@0: CExtendedCharacteristics* CDSAVerifierImpl::CreateExtendedCharacteristicsL() sl@0: { sl@0: // All Symbian software plug-ins have unlimited concurrency, cannot be reserved sl@0: // for exclusive use and are not CERTIFIED to be standards compliant. sl@0: return CExtendedCharacteristics::NewL(KMaxTInt, EFalse); sl@0: } sl@0: sl@0: const CExtendedCharacteristics* CDSAVerifierImpl::GetExtendedCharacteristicsL() sl@0: { sl@0: return CDSAVerifierImpl::CreateExtendedCharacteristicsL(); sl@0: } sl@0: sl@0: TUid CDSAVerifierImpl::ImplementationUid() const sl@0: { sl@0: return KCryptoPluginDsaVerifierUid; sl@0: } sl@0: sl@0: void CDSAVerifierImpl::SetKeyL(const CKey& aPublicKey) sl@0: { sl@0: DoSetKeyL(aPublicKey); sl@0: Reset(); sl@0: } sl@0: sl@0: TInt CDSAVerifierImpl::GetMaximumInputLengthL() const sl@0: { sl@0: return KSha1HashLength; sl@0: } sl@0: sl@0: void CDSAVerifierImpl::VerifyL(const TDesC8& aInput, const CCryptoParams& aSignature, TBool& aVerificationResult) sl@0: { sl@0: //Retrieve the parameter Q from the key sl@0: const TInteger& tQ=iKey->GetBigIntL(KDsaKeyParameterQUid); sl@0: sl@0: //see HAC 11.56 or DSS section 6 sl@0: //I'll follow HAC as I like the description better sl@0: sl@0: // a) Obtain A's authenticate public key sl@0: sl@0: // b) Verify that 0 < r < q and 0 < s < q; if not reject signature sl@0: sl@0: //Retrieve the R&S in DSA signature from the array sl@0: sl@0: const TInteger& tR=aSignature.GetBigIntL(KDsaSignatureParameterRUid); sl@0: const TInteger& tS=aSignature.GetBigIntL(KDsaSignatureParameterSUid); sl@0: sl@0: if (tR <= 0 || tR >= tQ) sl@0: { sl@0: aVerificationResult=EFalse; sl@0: return; sl@0: } sl@0: if (tS <= 0 || tS >= tQ) sl@0: { sl@0: aVerificationResult=EFalse; sl@0: return; sl@0: } sl@0: sl@0: sl@0: // c) Compute w = s^(-1) mod q and h(m) sl@0: RInteger w = tS.InverseModL(tQ); sl@0: CleanupStack::PushL(w); sl@0: // Note that in order to be interoperable, compliant with the DSS, and sl@0: // secure, aInput must be the result of a SHA-1 hash sl@0: RInteger hm = RInteger::NewL(aInput); sl@0: CleanupStack::PushL(hm); sl@0: sl@0: // d) Compute u1 = w * hm mod q and u2 = r * w mod q sl@0: RInteger u1 = TInteger::ModularMultiplyL(w, hm, tQ); sl@0: CleanupStack::PushL(u1); sl@0: sl@0: RInteger u2 = TInteger::ModularMultiplyL(tR, w, tQ); sl@0: CleanupStack::PushL(u2); sl@0: sl@0: // e) Compute v = ((g^u1 * y^u2) mod p) mod q sl@0: sl@0: const TInteger& tG=iKey->GetBigIntL(KDsaKeyParameterGUid); sl@0: const TInteger& tY=iKey->GetBigIntL(KDsaKeyParameterYUid); sl@0: const TInteger& tP=iKey->GetBigIntL(KDsaKeyParameterPUid); sl@0: sl@0: RInteger temp = TInteger::ModularExponentiateL(tG, u1, tP); sl@0: CleanupStack::PushL(temp); sl@0: RInteger temp1 = TInteger::ModularExponentiateL(tY, u2, tP); sl@0: CleanupStack::PushL(temp1); sl@0: RInteger v = TInteger::ModularMultiplyL(temp, temp1, tP); sl@0: CleanupStack::PushL(v); sl@0: v %= tQ; sl@0: sl@0: // f) Accept the signature if v == r sl@0: if(v == tR) sl@0: { sl@0: aVerificationResult = ETrue; sl@0: } sl@0: sl@0: CleanupStack::PopAndDestroy(7, &w); sl@0: } sl@0: sl@0: sl@0: // Methods which are not supported can be excluded from the coverage. sl@0: #ifdef _BullseyeCoverage sl@0: #pragma suppress_warnings on sl@0: #pragma BullseyeCoverage off sl@0: #pragma suppress_warnings off sl@0: #endif sl@0: sl@0: void CDSAVerifierImpl::InverseSignL(HBufC8*& /*aOutput*/, const CCryptoParams& /*aSignature*/) sl@0: { sl@0: // Override in subclass sl@0: User::Leave(KErrNotSupported); sl@0: }