sl@0: /*
sl@0: * Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0: * All rights reserved.
sl@0: * This component and the accompanying materials are made available
sl@0: * under the terms of the License "Eclipse Public License v1.0"
sl@0: * which accompanies this distribution, and is available
sl@0: * at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0: *
sl@0: * Initial Contributors:
sl@0: * Nokia Corporation - initial contribution.
sl@0: *
sl@0: * Contributors:
sl@0: *
sl@0: * Description: 
sl@0: *
sl@0: */
sl@0: 
sl@0: 
sl@0: #include "OpenedKeys.h"
sl@0: #include "cfskeystoreserver.h"
sl@0: #include "keystreamutils.h"
sl@0: #include "fsdatatypes.h"
sl@0: #include "keystorepassphrase.h"
sl@0: 
sl@0: #include <asymmetric.h>
sl@0: #include <asymmetrickeys.h>
sl@0: #include <bigint.h>
sl@0: #include <ct.h>
sl@0: #include <securityerr.h>
sl@0: #include <e32base.h>
sl@0: #include <mctkeystoreuids.h>
sl@0: 
sl@0: #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: #include <authserver/authtypes.h>
sl@0: #include <authserver/auth_srv_errs.h>
sl@0: #include <s32mem.h>
sl@0: #include "keystore_errs.h"
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 
sl@0: // COpenedKey //////////////////////////////////////////////////////////////////
sl@0: 
sl@0: COpenedKey* COpenedKey::NewL(const CFileKeyData& aKeyData, TUid aType, const RMessage2& aMessage,
sl@0: 							 CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan)
sl@0: 	{
sl@0: 	COpenedKey* self = NULL;
sl@0: 
sl@0: 	if (aType == KRSARepudiableSignerUID)
sl@0: 		{
sl@0: 		self = new (ELeave) CRSARepudiableSigner(aKeyData, aKeyDataMan, aPassMan);
sl@0: 		}
sl@0: 	else if (aType == KDSARepudiableSignerUID)
sl@0: 		{
sl@0: 		self = new (ELeave) CDSARepudiableSigner(aKeyData, aKeyDataMan, aPassMan);
sl@0: 		}
sl@0: 	else if (aType == KPrivateDecryptorUID)
sl@0: 		{
sl@0: 		self = new (ELeave) CFSRSADecryptor(aKeyData, aKeyDataMan, aPassMan);
sl@0: 		}
sl@0: 	else if (aType == KKeyAgreementUID)
sl@0: 		{
sl@0: 		self = new (ELeave) CDHAgreement(aKeyData, aKeyDataMan, aPassMan);
sl@0: 		}
sl@0: 	else
sl@0: 		{
sl@0: 		User::Invariant();
sl@0: 		}
sl@0: 
sl@0: 	CleanupStack::PushL(self);
sl@0: 	self->ConstructL(aMessage);
sl@0: 	CleanupStack::Pop(self);
sl@0: 	return self;
sl@0: 	}
sl@0: 
sl@0: COpenedKey::COpenedKey(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0: 	CActive(EPriorityStandard),
sl@0: 	iKeyData(aKeyData),
sl@0: 	iKeyDataMan(aKeyDataMan),
sl@0: 	iPassMan(aPassMan)
sl@0: #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	,iUserIdentity(NULL)
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	{
sl@0: 	}
sl@0: 
sl@0: void COpenedKey::ConstructL(const RMessage2& aMessage)
sl@0: 	{
sl@0: 	CKeyInfo* keyInfo = iKeyDataMan.ReadKeyInfoLC(iKeyData);
sl@0: 	CleanupStack::Pop(keyInfo);
sl@0: 	iKeyInfo = keyInfo;
sl@0: 	CheckKeyL(aMessage);
sl@0: 	iLabel = iKeyInfo->Label().AllocL();
sl@0: #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	User::LeaveIfError(iAuthClient.Connect());
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	CActiveScheduler::Add(this);
sl@0: 	}
sl@0: 
sl@0: COpenedKey::~COpenedKey()
sl@0: 	{
sl@0: 	Cancel();
sl@0: 	delete iLabel;
sl@0: 	delete iKeyInfo;
sl@0: #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	iAuthClient.Close();
sl@0: 	delete iExpression;
sl@0: 	delete iUserIdentity;
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 
sl@0: 	}
sl@0: 
sl@0: const TDesC& COpenedKey::Label() const
sl@0: 	{
sl@0: 	return *iLabel;
sl@0: 	}
sl@0: 
sl@0: TInt COpenedKey::Handle() const
sl@0: 	{
sl@0: 	return iKeyData.Handle();
sl@0: 	}
sl@0: 
sl@0: void COpenedKey::CheckKeyL(const RMessage2& aMessage)
sl@0: 	{
sl@0: 	// Check the client is allowed to use the key
sl@0: 	if (!iKeyInfo->UsePolicy().CheckPolicy(aMessage))
sl@0: 		{
sl@0: 		User::Leave(KErrPermissionDenied);
sl@0: 		}
sl@0: 
sl@0: 	// Check that the operation represented by this object is supported for this
sl@0: 	// type of key
sl@0: 	if (iKeyInfo->Algorithm() != Algorithm())
sl@0: 		{
sl@0: 		User::Leave(KErrKeyAlgorithm);
sl@0: 		}
sl@0: 
sl@0: 	// Check the key usage allows the operation
sl@0: 	if ((iKeyInfo->Usage() & RequiredUsage()) == 0)
sl@0: 		{
sl@0: 		User::Leave(KErrKeyUsage);
sl@0: 		}
sl@0: 
sl@0: 	// Check current time is after start date (if set) and before end date (if
sl@0: 	// set)
sl@0: 	TTime timeNow;
sl@0: 	timeNow.UniversalTime();
sl@0: 	if (iKeyInfo->StartDate().Int64() != 0 && timeNow < iKeyInfo->StartDate())
sl@0: 		{
sl@0: 		User::Leave(KErrKeyValidity);
sl@0: 		}
sl@0: 	if (iKeyInfo->EndDate().Int64() != 0 && timeNow >= iKeyInfo->EndDate())
sl@0: 		{
sl@0: 		User::Leave(KErrKeyValidity);
sl@0: 		}
sl@0: 		
sl@0: 	}
sl@0: 
sl@0: #ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: void COpenedKey::GetPassphrase(TRequestStatus& aStatus)
sl@0: 	{
sl@0: 	ASSERT(iState == EIdle);
sl@0: 
sl@0: 	TInt timeout = iKeyDataMan.GetPassphraseTimeout();
sl@0: 	TStreamId passphraseId = iKeyDataMan.DefaultPassphraseId();
sl@0: 	ASSERT(passphraseId != KNullStreamId);
sl@0: 	iClientStatus = &aStatus;
sl@0: 	
sl@0: 	iPassMan.GetPassphrase(passphraseId, timeout, iPassphrase, iStatus);
sl@0: 	iState = EGetPassphrase;
sl@0: 	SetActive();
sl@0: 	}
sl@0: #else
sl@0: void COpenedKey::AuthenticateL()
sl@0: 	{	
sl@0: 	iExpression = iAuthClient.CreateAuthExpressionL(iKeyInfo->AuthExpression());
sl@0: 	TUid uid = TUid::Uid(0);
sl@0: 	iAuthClient.AuthenticateL(*iExpression,iKeyInfo->Freshness(), EFalse, uid, EFalse, KNullDesC, iUserIdentity, iStatus);
sl@0: 	iState = EAuthenticate;
sl@0: 	SetActive();
sl@0: 	}
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 
sl@0: void COpenedKey::RunL()
sl@0: 	{
sl@0: 	User::LeaveIfError(iStatus.Int());
sl@0: 
sl@0: 	switch (iState)
sl@0: 		{
sl@0: 		#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 		case EDoAuthenticate:
sl@0: 			AuthenticateL();
sl@0: 			break;
sl@0: 			
sl@0: 		case EAuthenticate:
sl@0: 			if(iUserIdentity->Id() == AuthServer::KUnknownIdentity)
sl@0: 				{
sl@0: 				User::Leave(KErrAuthenticationFailure);
sl@0: 				}
sl@0: 					
sl@0: 			if (!iKeyRead)
sl@0: 				{
sl@0: 				RStoreReadStream stream;
sl@0: 				iKeyDataMan.OpenPrivateDataStreamLC(iKeyData, stream);
sl@0: 				TPtrC8 key = iUserIdentity->Key().KeyData();
sl@0: 				HBufC8* plaintext = DecryptFromStreamL(stream, key);
sl@0: 				CleanupStack::PushL(plaintext);
sl@0: 				TAny* ptr = const_cast<TAny*>(static_cast<const TAny*>(plaintext->Des().PtrZ()));
sl@0: 							
sl@0: 				RMemReadStream decryptedStream(ptr, plaintext->Length());
sl@0: 				decryptedStream.PushL();
sl@0: 				ReadPrivateKeyL(decryptedStream);
sl@0: 				CleanupStack::PopAndDestroy(3,&stream); // plaintext, decryptedStream
sl@0: 				iKeyRead = ETrue;
sl@0: 				}
sl@0: 			
sl@0: 			delete iUserIdentity;
sl@0: 			iUserIdentity = NULL;
sl@0: 			delete iExpression;
sl@0: 			iExpression = NULL;
sl@0: 			PerformOperationL();
sl@0: 			Complete(KErrNone);
sl@0: 			break;
sl@0: 		#else
sl@0: 		case EGetPassphrase:
sl@0: 			ASSERT(iPassphrase);
sl@0: 			if (!iKeyRead)
sl@0: 				{
sl@0: 				RStoreReadStream stream;
sl@0: 				iKeyDataMan.OpenPrivateDataStreamLC(iKeyData, *iPassphrase, stream);
sl@0: 				ReadPrivateKeyL(stream);
sl@0: 				CleanupStack::PopAndDestroy(&stream);
sl@0: 				iKeyRead = ETrue;
sl@0: 				}
sl@0: 			PerformOperationL();
sl@0: 			Complete(KErrNone);
sl@0: 			break;	
sl@0: 		#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 		default:
sl@0: 			ASSERT(EFalse);
sl@0: 		}
sl@0: 	}
sl@0: 
sl@0: TInt COpenedKey::RunError(TInt aError)
sl@0: 	{
sl@0: 	Complete(aError);
sl@0: 	return KErrNone;
sl@0: 	}
sl@0: 
sl@0: void COpenedKey::DoCancel()
sl@0: 	{
sl@0: 	Complete(KErrCancel);
sl@0: 	}
sl@0: 
sl@0: void COpenedKey::Complete(TInt aError)
sl@0: 	{
sl@0: 	Cleanup();
sl@0: 	iPassphrase = NULL;
sl@0: 	if (iClientStatus)
sl@0: 		{
sl@0: 		User::RequestComplete(iClientStatus, aError);
sl@0: 		}
sl@0: 	iState = EIdle;
sl@0: 	}
sl@0: 
sl@0: void COpenedKey::Cleanup()
sl@0: 	{
sl@0: 	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 		delete iUserIdentity;
sl@0: 		iUserIdentity = NULL;
sl@0: 		delete iExpression;
sl@0: 		iExpression = NULL;
sl@0: 	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	}
sl@0: 
sl@0: // CRSARepudiableSigner ////////////////////////////////////////////////////////
sl@0: 
sl@0: CRSARepudiableSigner::CRSARepudiableSigner(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0: 	COpenedKey(aKeyData, aKeyDataMan, aPassMan)
sl@0: 	{
sl@0: 	}
sl@0: 
sl@0: CRSARepudiableSigner::~CRSARepudiableSigner()
sl@0: 	{
sl@0: 	delete iPrivateKey;
sl@0: 	}
sl@0: 
sl@0: TUid CRSARepudiableSigner::Type() const
sl@0: 	{
sl@0: 	return KRSARepudiableSignerUID;
sl@0: 	}
sl@0: 
sl@0: CKeyInfo::EKeyAlgorithm CRSARepudiableSigner::Algorithm() const
sl@0: 	{
sl@0: 	return CKeyInfo::ERSA;
sl@0: 	}
sl@0:  
sl@0: TKeyUsagePKCS15 CRSARepudiableSigner::RequiredUsage() const
sl@0: 	{
sl@0: 	return EPKCS15UsageSignSignRecover;
sl@0: 	}
sl@0: 
sl@0: void CRSARepudiableSigner::Sign(const TDesC8& aPlaintext,
sl@0: 								CRSASignature*& aSignature,
sl@0: 								TRequestStatus& aStatus)
sl@0: 	{
sl@0: 	ASSERT(iPlaintext.Ptr() == NULL);
sl@0: 	ASSERT(iSignaturePtr == NULL);
sl@0: 	iPlaintext.Set(aPlaintext);
sl@0: 	iSignaturePtr = &aSignature;
sl@0: #ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	GetPassphrase(aStatus);
sl@0: #else
sl@0: 	aStatus = KRequestPending;
sl@0: 	iClientStatus = &aStatus;
sl@0: 	iState = EDoAuthenticate;
sl@0: 	SetActive();
sl@0: 	TRequestStatus* status = &iStatus;
sl@0: 	User::RequestComplete(status, KErrNone);
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	}
sl@0: 
sl@0: void CRSARepudiableSigner::ReadPrivateKeyL(RReadStream& aStream)
sl@0: 	{
sl@0: 	ASSERT(iPrivateKey == NULL);
sl@0: 	CreateL(aStream, iPrivateKey);
sl@0: 	}
sl@0: 
sl@0: void CRSARepudiableSigner::PerformOperationL()
sl@0: 	{
sl@0: 	ASSERT(iPrivateKey);
sl@0: 	
sl@0: 	CRSAPKCS1v15Signer* signer = CRSAPKCS1v15Signer::NewLC(*iPrivateKey);
sl@0: 	const CRSASignature* signature = signer->SignL(iPlaintext);
sl@0: 	CleanupStack::PopAndDestroy(signer);
sl@0: 	*iSignaturePtr = const_cast<CRSASignature*>(signature);
sl@0: 	}
sl@0: 
sl@0: void CRSARepudiableSigner::Cleanup()
sl@0: 	{
sl@0: #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	COpenedKey::Cleanup();
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	iPlaintext.Set(NULL, 0);
sl@0: 	iSignaturePtr = NULL;
sl@0: 	}
sl@0: 
sl@0: // CDSARepudiableSigner ////////////////////////////////////////////////////////
sl@0: 
sl@0: CDSARepudiableSigner::CDSARepudiableSigner(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0: 	COpenedKey(aKeyData, aKeyDataMan, aPassMan)
sl@0: 	{
sl@0: 	}
sl@0: 
sl@0: CDSARepudiableSigner::~CDSARepudiableSigner()
sl@0: 	{
sl@0: 	delete iPrivateKey;
sl@0: 	}
sl@0: 
sl@0: TUid CDSARepudiableSigner::Type() const
sl@0: 	{
sl@0: 	return KDSARepudiableSignerUID;
sl@0: 	}
sl@0: 
sl@0: CKeyInfo::EKeyAlgorithm CDSARepudiableSigner::Algorithm() const
sl@0: 	{
sl@0: 	return CKeyInfo::EDSA;
sl@0: 	}
sl@0:  
sl@0: TKeyUsagePKCS15 CDSARepudiableSigner::RequiredUsage() const
sl@0: 	{
sl@0: 	return EPKCS15UsageSignSignRecover;
sl@0: 	}
sl@0: 
sl@0: void CDSARepudiableSigner::Sign(const TDesC8& aPlaintext,
sl@0: 								CDSASignature*& aSignature,
sl@0: 								TRequestStatus& aStatus)
sl@0: 	{
sl@0: 	ASSERT(iPlaintext.Ptr() == NULL);
sl@0: 	ASSERT(iSignaturePtr == NULL);
sl@0: 	iPlaintext.Set(aPlaintext);
sl@0: 	iSignaturePtr = &aSignature;
sl@0: #ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	GetPassphrase(aStatus);
sl@0: #else
sl@0: 	aStatus = KRequestPending;
sl@0: 	iClientStatus = &aStatus;
sl@0: 	iState = EDoAuthenticate;
sl@0: 	SetActive();
sl@0: 	TRequestStatus* status = &iStatus;
sl@0: 	User::RequestComplete(status, KErrNone);
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	}
sl@0: 
sl@0: void CDSARepudiableSigner::ReadPrivateKeyL(RReadStream& aStream)
sl@0: 	{
sl@0: 	ASSERT(iPrivateKey == NULL);
sl@0: 	CreateL(aStream, iPrivateKey);
sl@0: 	}
sl@0: 
sl@0: void CDSARepudiableSigner::PerformOperationL()
sl@0: 	{
sl@0: 	ASSERT(iPrivateKey);
sl@0: 	
sl@0: 	CDSASigner* signer = CDSASigner::NewLC(*iPrivateKey);
sl@0: 	const CDSASignature* signature = signer->SignL(iPlaintext);
sl@0: 	CleanupStack::PopAndDestroy(signer);
sl@0: 	*iSignaturePtr = const_cast<CDSASignature*>(signature);
sl@0: 	}
sl@0: 
sl@0: void CDSARepudiableSigner::Cleanup()
sl@0: 	{
sl@0: 	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	COpenedKey::Cleanup();
sl@0: 	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 
sl@0: 	iPlaintext.Set(NULL, 0);
sl@0: 	iSignaturePtr = NULL;
sl@0: 	}
sl@0: 
sl@0: // CFSRSADecryptor /////////////////////////////////////////////////////////////
sl@0: 
sl@0: CFSRSADecryptor::CFSRSADecryptor(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0: 	COpenedKey(aKeyData, aKeyDataMan, aPassMan)
sl@0: 	{
sl@0: 	}
sl@0: 
sl@0: CFSRSADecryptor::~CFSRSADecryptor()
sl@0: 	{
sl@0: 	delete iPrivateKey;
sl@0: 	}
sl@0: 
sl@0: TUid CFSRSADecryptor::Type() const
sl@0: 	{
sl@0: 	return KPrivateDecryptorUID;
sl@0: 	}
sl@0: 
sl@0: CKeyInfo::EKeyAlgorithm CFSRSADecryptor::Algorithm() const
sl@0: 	{
sl@0: 	return CKeyInfo::ERSA;
sl@0: 	}
sl@0:  
sl@0: TKeyUsagePKCS15 CFSRSADecryptor::RequiredUsage() const
sl@0: 	{
sl@0: 	return EPKCS15UsageDecryptUnwrap;
sl@0: 	}
sl@0: 
sl@0: void CFSRSADecryptor::Decrypt(const TDesC8& aCiphertext,
sl@0: 							  HBufC8*& aPlaintext,
sl@0: 							  TRequestStatus& aStatus)
sl@0: 	{
sl@0: 	ASSERT(iCiphertext.Ptr() == NULL);
sl@0: 	ASSERT(iPlaintextPtr == NULL);
sl@0: 	iCiphertext.Set(aCiphertext);
sl@0: 	iPlaintextPtr = &aPlaintext;
sl@0: #ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	GetPassphrase(aStatus);
sl@0: #else
sl@0: 	aStatus = KRequestPending;
sl@0: 	iClientStatus = &aStatus;
sl@0: 	iState = EDoAuthenticate;
sl@0: 	SetActive();
sl@0: 	TRequestStatus* status = &iStatus;
sl@0: 	User::RequestComplete(status, KErrNone);
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	}
sl@0: 
sl@0: void CFSRSADecryptor::ReadPrivateKeyL(RReadStream& aStream)
sl@0: 	{
sl@0: 	ASSERT(iPrivateKey == NULL);
sl@0: 	CreateL(aStream, iPrivateKey);
sl@0: 	}
sl@0: 
sl@0: void CFSRSADecryptor::PerformOperationL()
sl@0: 	{
sl@0: 	ASSERT(iPrivateKey);
sl@0: 	
sl@0: 	CRSAPKCS1v15Decryptor* decryptor = CRSAPKCS1v15Decryptor::NewLC(*iPrivateKey);
sl@0: 	HBufC8* plaintext = HBufC8::NewMaxLC(decryptor->MaxOutputLength());
sl@0: 	TPtr8 ptr = plaintext->Des();
sl@0: 	decryptor->DecryptL(iCiphertext, ptr);
sl@0: 
sl@0: 	*iPlaintextPtr = plaintext;
sl@0: 	CleanupStack::Pop(plaintext); // now owned by client
sl@0: 	CleanupStack::PopAndDestroy(decryptor);
sl@0: 	}
sl@0: 
sl@0: void CFSRSADecryptor::Cleanup()
sl@0: 	{
sl@0: 	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	COpenedKey::Cleanup();
sl@0: 	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 
sl@0: 	iCiphertext.Set(NULL, 0);
sl@0: 	iPlaintextPtr = NULL;
sl@0: 	}
sl@0: 
sl@0: // CDHAgreement ////////////////////////////////////////////////////////////////
sl@0: 
sl@0: CDHAgreement::CDHAgreement(const CFileKeyData& aKeyData, CFileKeyDataManager& aKeyDataMan, CPassphraseManager& aPassMan) :
sl@0: 	COpenedKey(aKeyData, aKeyDataMan, aPassMan)
sl@0: 	{
sl@0: 	}
sl@0: 
sl@0: CDHAgreement::~CDHAgreement()
sl@0: 	{
sl@0: 	iKey.Close();
sl@0: 	}
sl@0: 
sl@0: TUid CDHAgreement::Type() const
sl@0: 	{
sl@0: 	return KKeyAgreementUID;
sl@0: 	}
sl@0: 
sl@0: CKeyInfo::EKeyAlgorithm CDHAgreement::Algorithm() const
sl@0: 	{
sl@0: 	return CKeyInfo::EDH;
sl@0: 	}
sl@0:  
sl@0: TKeyUsagePKCS15 CDHAgreement::RequiredUsage() const
sl@0: 	{
sl@0: 	return EPKCS15UsageDerive;
sl@0: 	}
sl@0: 
sl@0: void CDHAgreement::PublicKey(CDHParams& aParameters, RInteger& aPublicKey, TRequestStatus& aStatus)
sl@0: 	{
sl@0: 	ASSERT(iPKParams == NULL);
sl@0: 	ASSERT(iPKPublicKeyPtr == NULL);
sl@0: 	iPKParams = &aParameters;
sl@0: 	iPKPublicKeyPtr = &aPublicKey;
sl@0: 	iDHState = EPublicKey;
sl@0: #ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	GetPassphrase(aStatus);
sl@0: #else
sl@0: 	aStatus = KRequestPending;
sl@0: 	iClientStatus = &aStatus;
sl@0: 	iState = EDoAuthenticate;
sl@0: 	SetActive();
sl@0: 	TRequestStatus* status = &iStatus;
sl@0: 	User::RequestComplete(status, KErrNone);
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	}
sl@0: 
sl@0: void CDHAgreement::Agree(CDHPublicKey& aY, HBufC8*& aAgreedKey, TRequestStatus& aStatus)
sl@0: 	{
sl@0: 	ASSERT(iAKPublicKey == NULL);
sl@0: 	ASSERT(iAKAgreedKeyPtr == NULL);
sl@0: 	iAKPublicKey = &aY;
sl@0: 	iAKAgreedKeyPtr = &aAgreedKey;
sl@0: 	iDHState = EAgree;
sl@0: #ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	GetPassphrase(aStatus);
sl@0: #else
sl@0: 	aStatus = KRequestPending;
sl@0: 	iClientStatus = &aStatus;
sl@0: 	iState = EDoAuthenticate;
sl@0: 	SetActive();
sl@0: 	TRequestStatus* status = &iStatus;
sl@0: 	User::RequestComplete(status, KErrNone);
sl@0: #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	}
sl@0: 
sl@0: void CDHAgreement::ReadPrivateKeyL(RReadStream& aStream)
sl@0: 	{
sl@0: 	CreateLC(aStream, iKey);
sl@0: 	CleanupStack::Pop(&iKey);
sl@0: 	}
sl@0: 
sl@0: void CDHAgreement::PerformOperationL()
sl@0: 	{
sl@0: 	switch (iDHState)
sl@0: 		{
sl@0: 		case EPublicKey:
sl@0: 			DoPublicKeyL();
sl@0: 			break;
sl@0: 		case EAgree:
sl@0: 			DoAgreeL();
sl@0: 			break;
sl@0: 		default:
sl@0: 			ASSERT(FALSE);
sl@0: 		}
sl@0: 	}
sl@0: 
sl@0: void CDHAgreement::DoPublicKeyL()
sl@0: 	{
sl@0: 	ASSERT(iPKParams);
sl@0: 	ASSERT(iPKPublicKeyPtr);
sl@0: 	
sl@0: 	RInteger n = iPKParams->TakeN();
sl@0: 	CleanupStack::PushL(n);
sl@0: 	RInteger g = iPKParams->TakeG();
sl@0: 	CleanupStack::PushL(g);
sl@0: 	RInteger x = RInteger::NewL(iKey);
sl@0: 	CleanupStack::PushL(x);
sl@0: 	CDHKeyPair* keyPair = CDHKeyPair::NewL(n, g, x);
sl@0: 	CleanupStack::Pop(3); // x, g, n
sl@0: 	CleanupStack::PushL(keyPair);
sl@0: 	
sl@0: 	const CDHPublicKey& pubKey = keyPair->PublicKey();
sl@0: 	*iPKPublicKeyPtr = RInteger::NewL(pubKey.X());
sl@0: 	CleanupStack::PopAndDestroy(keyPair);
sl@0: 	}
sl@0: 
sl@0: void CDHAgreement::DoAgreeL()
sl@0: 	{
sl@0: 	ASSERT(iAKPublicKey);
sl@0: 	ASSERT(iAKAgreedKeyPtr);
sl@0: 	
sl@0: 	RInteger n = RInteger::NewL(iAKPublicKey->N());
sl@0: 	CleanupStack::PushL(n);
sl@0: 	RInteger g = RInteger::NewL(iAKPublicKey->G());
sl@0: 	CleanupStack::PushL(g);
sl@0: 	RInteger x = RInteger::NewL(iKey);
sl@0: 	CleanupStack::PushL(x);
sl@0: 	CDHPrivateKey* privKey = CDHPrivateKey::NewL(n, g, x);
sl@0: 	CleanupStack::Pop(3); // x, g, n
sl@0: 	CleanupStack::PushL(privKey);
sl@0: 	CDH* dh = CDH::NewLC(*privKey);
sl@0: 	*iAKAgreedKeyPtr = const_cast<HBufC8*>(dh->AgreeL(*iAKPublicKey));
sl@0: 	CleanupStack::PopAndDestroy(2, privKey);
sl@0: 	}
sl@0: 
sl@0: void CDHAgreement::Cleanup()
sl@0: 	{
sl@0: 	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 	COpenedKey::Cleanup();
sl@0: 	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0: 
sl@0: 	iPKParams = NULL;
sl@0: 	iPKPublicKeyPtr = NULL;
sl@0: 	iAKPublicKey = NULL;
sl@0: 	iAKAgreedKeyPtr = NULL;
sl@0: 	iDHState = EIdle;
sl@0: 	}