diff -r 000000000000 -r bde4ae8d615e os/security/crypto/weakcrypto/source/pbe/pbeset.cpp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/os/security/crypto/weakcrypto/source/pbe/pbeset.cpp Fri Jun 15 03:10:57 2012 +0200 @@ -0,0 +1,261 @@ +/* +* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* +*/ + + +#include +#include +#include +#include "pkcs5kdf.h" +#include "pbencryptor.h" +#include "pbe.h" +#include +#include "pbesymmetricfactory.h" + +EXPORT_C CPBEncryptSet* CPBEncryptSet::NewL(const TPBPassword& aPassword) + { + CPBEncryptSet* self = NewLC(aPassword); + CleanupStack::Pop(); + return self; + } + +EXPORT_C CPBEncryptSet* CPBEncryptSet::NewLC(const TPBPassword& aPassword) + { + CPBEncryptSet* self = new(ELeave) CPBEncryptSet; + CleanupStack::PushL(self); + self->ConstructL(aPassword.Password()); + return self; + } + +EXPORT_C CPBEncryptSet* CPBEncryptSet::NewL(const TPBPassword& aPassword, + const TPBECipher aCipher) + { + CPBEncryptSet* self = NewLC(aPassword, aCipher); + CleanupStack::Pop(); + return self; + } + +EXPORT_C CPBEncryptSet* CPBEncryptSet::NewLC(const TPBPassword& aPassword, + const TPBECipher aCipher) + { + CPBEncryptSet* self = new(ELeave) CPBEncryptSet; + CleanupStack::PushL(self); + self->ConstructL(aPassword.Password(), aCipher); + return self; + } + +EXPORT_C CPBEncryptSet* CPBEncryptSet::NewL(const TPBPassword& aPassword, + const CPBEncryptParms& aParms) + { + CPBEncryptSet* self = NewLC(aPassword, aParms); + CleanupStack::Pop(); + return self; + } + +EXPORT_C CPBEncryptSet* CPBEncryptSet::NewLC(const TPBPassword& aPassword, + const CPBEncryptParms& aParms) + { + CPBEncryptSet* self = new(ELeave) CPBEncryptSet; + CleanupStack::PushL(self); + self->ConstructL(aPassword.Password(), aParms); + return self; + } + +EXPORT_C CPBEncryptSet* CPBEncryptSet::NewL(const CPBEncryptionData& aData, + const TDesC8& aEncryptedKey, const TPBPassword& aPassword) + { + CPBEncryptSet* self = NewLC(aData, aEncryptedKey, aPassword); + CleanupStack::Pop(); + return self; + } + +EXPORT_C CPBEncryptSet* CPBEncryptSet::NewLC(const CPBEncryptionData& aData, + const TDesC8& aEncryptedKey, const TPBPassword& aPassword) + { + CPBEncryptSet* self = new(ELeave) CPBEncryptSet; + CleanupStack::PushL(self); + self->ConstructL(aData, aEncryptedKey, aPassword); + return self; + } + +void CPBEncryptSet::ConstructL(const TDesC8& aPassword) + { + CPBEncryptElement::ConstructL(aPassword); + ConstructMasterKeyL(); + } + +void CPBEncryptSet::ConstructL(const TDesC8& aPassword, + const TPBECipher aCipher) + { + CPBEncryptElement::ConstructL(aPassword, aCipher); + ConstructMasterKeyL(); + } + +void CPBEncryptSet::ConstructL(const TDesC8& aPassword, + const CPBEncryptParms& aParms) + { + CPBEncryptElement::ConstructL(aPassword, aParms); + ConstructMasterKeyL(); + } + +void CPBEncryptSet::ConstructMasterKeyL(void) + { + TBuf8 masterKey(KAESKeyBytes256); + TRandom::RandomL(masterKey); + iEncryptedMasterKey = HBufC8::NewL(KAESKeyBytes256); + EncryptMasterKeyL(masterKey); + } + +void CPBEncryptSet::ConstructL(const CPBEncryptionData& aData, + const TDesC8& aEncryptedMasterKey, const TPBPassword& aPassword) + { + CPBEncryptElement::ConstructL(aData, aPassword); + iEncryptedMasterKey = aEncryptedMasterKey.AllocL(); + } + +EXPORT_C void CPBEncryptSet::ChangePasswordL(const TPBPassword& aNewPassword) + { + //1) Decrypt master key with old encrypt key + TBuf8 masterKey; + DecryptMasterKeyL(masterKey); + + //2) create new encrypt parms + + TBuf8 authSalt(KPBEMaxSaltBytes); + TRandom::RandomL(authSalt); + + //3) create a totally new CPBEncryptionData representing the new password + CPBEncryptionData* newData = CPBEncryptionData::NewL( + aNewPassword.Password(), authSalt, iData->EncryptParms()); + + delete iData; + iData = newData; + + // regenerate the password using a maximum length salt. + CPBEncryptParms& epNonConst = + const_cast(iData->EncryptParms()); + epNonConst.ResizeSaltL(KPBEMaxSaltBytes); + + TPtr8 iEncryptKeyBuf(iEncryptKey->Des()); + iEncryptKeyBuf.SetLength(PBE::GetKeyBytes(iData->EncryptParms().Cipher())); + + iData->EncryptParms().DeriveKeyL(aNewPassword.Password(), iEncryptKeyBuf); + + //4) Encrypt master key with new encrypt key + EncryptMasterKeyL(masterKey); + } + +EXPORT_C const TDesC8& CPBEncryptSet::EncryptedMasterKey(void) const + { + return *iEncryptedMasterKey; + } + +CPBEncryptor* CPBEncryptSet::NewEncryptLC(void) const + { + CPBEncryptor* encryptor = NewEncryptL(); + CleanupStack::PushL(encryptor); + return encryptor; + } + +CPBEncryptor* CPBEncryptSet::NewEncryptL(void) const + { + TBuf8 masterKey; + DecryptMasterKeyL(masterKey); + + CPBEncryptor* encryptor = 0; + //make sure the masterkey we pass is exactly the right length for the cipher + encryptor = CPBEncryptorSet::NewL(iData->EncryptParms().Cipher(), + masterKey.Left(PBE::GetKeyBytes(iData->EncryptParms().Cipher()))); + return encryptor; + } + +CPBDecryptor* CPBEncryptSet::NewDecryptLC(void) const + { + CPBDecryptor* decryptor = NewDecryptL(); + CleanupStack::PushL(decryptor); + return decryptor; + } + +CPBDecryptor* CPBEncryptSet::NewDecryptL(void) const + { + TBuf8 masterKey; + DecryptMasterKeyL(masterKey); + + CPBDecryptor* decryptor = 0; + //make sure the masterkey we pass is exactly the right length for the cipher + decryptor = CPBDecryptorSet::NewL(iData->EncryptParms().Cipher(), + masterKey.Left(PBE::GetKeyBytes(iData->EncryptParms().Cipher()))); + return decryptor; + } + +void CPBEncryptSet::DecryptMasterKeyL(TDes8& aMasterKey) const + { + CPBDecryptorElement* decryptor = CPBDecryptorElement::NewLC( + iData->EncryptParms().Cipher(), *iEncryptKey, iData->EncryptParms().IV()); + aMasterKey.SetLength(0); + decryptor->Process(*iEncryptedMasterKey, aMasterKey); + CleanupStack::PopAndDestroy(decryptor); + } + +void CPBEncryptSet::EncryptMasterKeyL(const TDesC8& aMasterKey) + { + CPBEncryptorElement* encryptor = CPBEncryptorElement::NewLC( + iData->EncryptParms().Cipher(), *iEncryptKey, iData->EncryptParms().IV()); + TPtr8 encryptedMasterKeyBuf(iEncryptedMasterKey->Des()); + encryptedMasterKeyBuf.SetLength(0); + encryptor->Process(aMasterKey, encryptedMasterKeyBuf); + CleanupStack::PopAndDestroy(encryptor); + } + +CPBEncryptSet::CPBEncryptSet() + { + } + +CPBEncryptSet::~CPBEncryptSet() + { + delete iEncryptedMasterKey; + } + +// Warning: This function is only valid BEFORE you call NewEncryptL +// After creating the cipher, ask it about itself, not me! +// This is _very_ dodgy as I assume all sorts of things about the encryptor. +// 1) That it uses SSLv3 or similar style padding +// 2) That it stores the IV for that stream at the front. +// This is here for specific application that requires this and aren't able to +// actually construct the cipher and ask it. In almost all other cases you +// should construct the cipher and ask it. +TInt CPBEncryptSet::MaxCiphertextLength(TInt aPlaintextLength) const + { + TUint blocksize = PBE::GetBlockBytes(iData->EncryptParms().Cipher()); + TUint padding = blocksize - aPlaintextLength % blocksize; + //totallength = blocksize of iv hidden at beginning + inputLength + padding + return blocksize + aPlaintextLength + padding; + } + +// Warning: This function is only valid BEFORE you call NewDecryptL +// After creating the cipher, ask it about itself, not me! +TInt CPBEncryptSet::MaxPlaintextLength(TInt aCiphertextLength) const + { + /*It's impossible to determine anything about how much padding will be + * removed. So we'll return a max length that is longer than will ever + * happen by at most a blocksize - 1. + */ + //In all cases SSLv3 padding has at least one byte of padding. + TUint blocksize = PBE::GetBlockBytes(iData->EncryptParms().Cipher()); + //totallength = inputlength - iv hidden at beginning - 1 byte of padding + return aCiphertextLength - blocksize - 1; + } +