williamr@4: /* williamr@4: * Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies). williamr@4: * All rights reserved. williamr@4: * This component and the accompanying materials are made available williamr@4: * under the terms of the License "Eclipse Public License v1.0" williamr@4: * which accompanies this distribution, and is available williamr@4: * at the URL "http://www.eclipse.org/legal/epl-v10.html". williamr@4: * williamr@4: * Initial Contributors: williamr@4: * Nokia Corporation - initial contribution. williamr@4: * williamr@4: * Contributors: williamr@4: * williamr@4: * Description: williamr@4: * ** IMPORTANT ** API's in this file are published to 3rd party developers via the williamr@4: * Symbian website. Changes to these API's should be treated as PublishedAll API changes and the Security TA should be consulted. williamr@4: * Asymmetric crypto implementation williamr@4: * williamr@4: */ williamr@4: williamr@4: williamr@4: /** williamr@4: @file williamr@4: @publishedAll williamr@4: @released williamr@4: */ williamr@4: williamr@4: #ifndef __ASYMMETRIC_H__ williamr@4: #define __ASYMMETRIC_H__ williamr@4: williamr@4: #include williamr@4: #include williamr@4: #include williamr@4: #include williamr@4: williamr@4: // All the classes in this file have their default constructors and williamr@4: // assignment operators defined private, but not implemented, in order to williamr@4: // prevent their use. williamr@4: williamr@4: /** williamr@4: * Mixin class defining common operations for public key encryption and williamr@4: * decryption classes. williamr@4: * williamr@4: */ williamr@4: class MCryptoSystem williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Gets the maximum size of input accepted by this object. williamr@4: * williamr@4: * @return The maximum input length allowed in bytes. williamr@4: */ williamr@4: virtual TInt MaxInputLength(void) const = 0; williamr@4: williamr@4: /** williamr@4: * Gets the maximum size of output that can be generated by this object. williamr@4: * williamr@4: * @return The maximum output length in bytes. williamr@4: */ williamr@4: virtual TInt MaxOutputLength(void) const = 0; williamr@4: protected: williamr@4: /** williamr@4: * Constructor williamr@4: */ williamr@4: IMPORT_C MCryptoSystem(void); williamr@4: private: williamr@4: MCryptoSystem(const MCryptoSystem&); williamr@4: MCryptoSystem& operator=(const MCryptoSystem&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Abstract base class for all public key encryptors. williamr@4: * williamr@4: */ williamr@4: class CEncryptor : public CBase, public MCryptoSystem williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Encrypts the specified plaintext into ciphertext. williamr@4: * williamr@4: * @param aInput The plaintext williamr@4: * @param aOutput On return, the ciphertext williamr@4: * williamr@4: * @panic KCryptoPanic If the input data is too long. williamr@4: * See ECryptoPanicInputTooLarge williamr@4: * @panic KCryptoPanic If the supplied output descriptor is not large enough to store the result. williamr@4: * See ECryptoPanicOutputDescriptorOverflow williamr@4: */ williamr@4: virtual void EncryptL(const TDesC8& aInput, TDes8& aOutput) const = 0; williamr@4: protected: williamr@4: /** Default constructor */ williamr@4: IMPORT_C CEncryptor(void); williamr@4: private: williamr@4: CEncryptor(const CEncryptor&); williamr@4: CEncryptor& operator=(const CEncryptor&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Abstract base class for all public key decryptors. williamr@4: * williamr@4: */ williamr@4: class CDecryptor : public CBase, public MCryptoSystem williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Decrypts the specified ciphertext into plaintext williamr@4: * williamr@4: * @param aInput The ciphertext to be decrypted williamr@4: * @param aOutput On return, the plaintext williamr@4: * williamr@4: * @panic KCryptoPanic If the input data is too long. williamr@4: * See ECryptoPanicInputTooLarge williamr@4: * @panic KCryptoPanic If the supplied output descriptor is not large enough to store the result. williamr@4: * See ECryptoPanicOutputDescriptorOverflow williamr@4: */ williamr@4: virtual void DecryptL(const TDesC8& aInput, TDes8& aOutput) const = 0; williamr@4: protected: williamr@4: /** Default constructor */ williamr@4: IMPORT_C CDecryptor(void); williamr@4: private: williamr@4: CDecryptor(const CDecryptor&); williamr@4: CDecryptor& operator=(const CDecryptor&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Implementation of RSA encryption as described in PKCS#1 v1.5. williamr@4: * williamr@4: */ williamr@4: class CRSAPKCS1v15Encryptor : public CEncryptor williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new RSA encryptor object using PKCS#1 v1.5 padding. williamr@4: * williamr@4: * @param aKey The RSA encryption key williamr@4: * @return A pointer to a new CRSAPKCS1v15Encryptor object williamr@4: * williamr@4: * @leave KErrKeyNotWeakEnough If the key size is larger than that allowed by the williamr@4: * cipher strength restrictions of the crypto library. williamr@4: * See TCrypto::IsAsymmetricWeakEnoughL() williamr@4: * @leave KErrKeySize If the key length is too small williamr@4: */ williamr@4: IMPORT_C static CRSAPKCS1v15Encryptor* NewL(const CRSAPublicKey& aKey); williamr@4: williamr@4: /** williamr@4: * Creates a new RSA encryptor object using PKCS#1 v1.5 padding. williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aKey The RSA encryption key williamr@4: * @return A pointer to a new CRSAPKCS1v15Encryptor object williamr@4: * williamr@4: * @leave KErrKeyNotWeakEnough If the key size is larger than that allowed by the williamr@4: * cipher strength restrictions of the crypto library. williamr@4: * See TCrypto::IsAsymmetricWeakEnoughL() williamr@4: * @leave KErrKeySize If the key length is too small williamr@4: */ williamr@4: IMPORT_C static CRSAPKCS1v15Encryptor* NewLC(const CRSAPublicKey& aKey); williamr@4: void EncryptL(const TDesC8& aInput, TDes8& aOutput) const; williamr@4: TInt MaxInputLength(void) const; williamr@4: TInt MaxOutputLength(void) const; williamr@4: /** The destructor frees all resources owned by the object, prior to its destruction. */ williamr@4: virtual ~CRSAPKCS1v15Encryptor(void); williamr@4: protected: williamr@4: /** @internalAll */ williamr@4: CRSAPKCS1v15Encryptor(const CRSAPublicKey& aKey); williamr@4: /** @internalAll */ williamr@4: void ConstructL(void); williamr@4: protected: williamr@4: /** The RSA public key */ williamr@4: const CRSAPublicKey& iPublicKey; williamr@4: /** The PKCS#1 v1.5 encryption padding */ williamr@4: CPaddingPKCS1Encryption* iPadding; williamr@4: private: williamr@4: CRSAPKCS1v15Encryptor(const CRSAPKCS1v15Encryptor&); williamr@4: CRSAPKCS1v15Encryptor& operator=(const CRSAPKCS1v15Encryptor&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Implementation of RSA decryption as described in PKCS#1 v1.5. williamr@4: * williamr@4: */ williamr@4: class CRSAPKCS1v15Decryptor : public CDecryptor williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new RSA decryptor object using PKCS#1 v1.5 padding. williamr@4: * williamr@4: * @param aKey The RSA private key for decryption williamr@4: * williamr@4: * @leave KErrKeyNotWeakEnough If the key size is larger than that allowed by the williamr@4: * cipher strength restrictions of the crypto library. williamr@4: * See TCrypto::IsAsymmetricWeakEnoughL() williamr@4: * @leave KErrKeySize If the key length is too small williamr@4: */ williamr@4: IMPORT_C static CRSAPKCS1v15Decryptor* NewL(const CRSAPrivateKey& aKey); williamr@4: williamr@4: /** williamr@4: * Creates a new RSA decryptor object using PKCS#1 v1.5 padding williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aKey The RSA private key for decryption williamr@4: * williamr@4: * @leave KErrKeyNotWeakEnough If the key size is larger than that allowed by the williamr@4: * cipher strength restrictions of the crypto library. williamr@4: * See TCrypto::IsAsymmetricWeakEnoughL() williamr@4: * @leave KErrKeySize If the key length is too small williamr@4: * @leave KErrNotSupported If the RSA private key is not a supported TRSAPrivateKeyType williamr@4: */ williamr@4: IMPORT_C static CRSAPKCS1v15Decryptor* NewLC(const CRSAPrivateKey& aKey); williamr@4: void DecryptL(const TDesC8& aInput, TDes8& aOutput) const; williamr@4: TInt MaxInputLength(void) const; williamr@4: TInt MaxOutputLength(void) const; williamr@4: /** The destructor frees all resources owned by the object, prior to its destruction. */ williamr@4: virtual ~CRSAPKCS1v15Decryptor(void); williamr@4: protected: williamr@4: /** @internalAll */ williamr@4: CRSAPKCS1v15Decryptor(const CRSAPrivateKey& aKey); williamr@4: /** @internalAll */ williamr@4: void ConstructL(void); williamr@4: protected: williamr@4: /** The RSA private key */ williamr@4: const CRSAPrivateKey& iPrivateKey; williamr@4: /** The PKCS#1 v1.5 encryption padding */ williamr@4: CPaddingPKCS1Encryption* iPadding; williamr@4: private: williamr@4: CRSAPKCS1v15Decryptor(const CRSAPKCS1v15Decryptor&); williamr@4: CRSAPKCS1v15Decryptor& operator=(const CRSAPKCS1v15Decryptor&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Mixin class defining operations common to all public key signature systems. williamr@4: * williamr@4: */ williamr@4: class MSignatureSystem williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Gets the maximum size of input accepted by this object. williamr@4: * williamr@4: * @return The maximum length allowed in bytes williamr@4: */ williamr@4: virtual TInt MaxInputLength(void) const = 0; williamr@4: protected: williamr@4: /** Constructor */ williamr@4: IMPORT_C MSignatureSystem(void); williamr@4: private: williamr@4: MSignatureSystem(const MSignatureSystem&); williamr@4: MSignatureSystem& operator=(const MSignatureSystem&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Abstract base class for all public key signers. williamr@4: * williamr@4: * The template parameter, CSignature, should be a class that encapsulates the williamr@4: * concept of a digital signature. Derived signature classes must own their williamr@4: * respective signatures (and hence be CBase derived). There are no other williamr@4: * restrictions on the formation of the signature classes. williamr@4: * williamr@4: */ williamr@4: template class CSigner : public CBase, public MSignatureSystem williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Digitally signs the specified input message williamr@4: * williamr@4: * @param aInput The raw data to sign, typically a hash of the actual message williamr@4: * @return A pointer to a new CSignature object williamr@4: * williamr@4: * @panic ECryptoPanicInputTooLarge If aInput is larger than MaxInputLength(), williamr@4: * which is likely to happen if the caller williamr@4: * has passed in something that has not been williamr@4: * hashed. williamr@4: */ williamr@4: virtual CSignature* SignL(const TDesC8& aInput) const = 0; williamr@4: protected: williamr@4: /** @internalAll */ williamr@4: CSigner(void); williamr@4: private: williamr@4: CSigner(const CSigner&); williamr@4: CSigner& operator=(const CSigner&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Abstract class for all public key verifiers. williamr@4: * williamr@4: * The template parameter, CSignature, should be a class that encapsulates the williamr@4: * concept of a digital signature. Derived signature classes must own their williamr@4: * respective signatures (and hence be CBase derived). There are no other williamr@4: * restrictions on the formation of the signature classes. williamr@4: * williamr@4: */ williamr@4: template class CVerifier : public CBase, public MSignatureSystem williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Verifies the specified digital signature williamr@4: * williamr@4: * @param aInput The message digest that was originally signed williamr@4: * @param aSignature The signature to be verified williamr@4: * williamr@4: * @return Whether the signature is the result of signing williamr@4: * aInput with the supplied key williamr@4: */ williamr@4: virtual TBool VerifyL(const TDesC8& aInput, williamr@4: const CSignature& aSignature) const = 0; williamr@4: protected: williamr@4: /** @internalAll */ williamr@4: CVerifier(void); williamr@4: private: williamr@4: CVerifier(const CVerifier&); williamr@4: CVerifier& operator=(const CVerifier&); williamr@4: }; williamr@4: williamr@4: /* Template nastiness for CVerifier and CSigner in asymmetric.inl */ williamr@4: williamr@4: #include williamr@4: williamr@4: /** williamr@4: * An encapsulation of a RSA signature. williamr@4: * williamr@4: */ williamr@4: class CRSASignature : public CBase williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new CRSASignature object from the integer value williamr@4: * output of a previous RSA signing operation. williamr@4: * williamr@4: * @param aS The integer value output from a previous RSA signing operation williamr@4: * @return A pointer to the new CRSASignature object. williamr@4: */ williamr@4: IMPORT_C static CRSASignature* NewL(RInteger& aS); williamr@4: williamr@4: /** williamr@4: * Creates a new CRSASignature object from the integer value williamr@4: * output of a previous RSA signing operation. williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aS The integer value output from a previous RSA signing operation williamr@4: * @return A pointer to the new CRSASignature object. williamr@4: */ williamr@4: IMPORT_C static CRSASignature* NewLC(RInteger& aS); williamr@4: williamr@4: /** williamr@4: * Gets the integer value of the RSA signature williamr@4: * williamr@4: * @return The integer value of the RSA signature williamr@4: */ williamr@4: IMPORT_C const TInteger& S(void) const; williamr@4: williamr@4: /** williamr@4: * Whether this RSASignature is identical to a specified RSASignature williamr@4: * williamr@4: * @param aSig The RSASignature for comparison williamr@4: * @return ETrue, if the two signatures are identical; EFalse, otherwise. williamr@4: */ williamr@4: IMPORT_C TBool operator== (const CRSASignature& aSig) const; williamr@4: williamr@4: /** Destructor */ williamr@4: /** The destructor frees all resources owned by the object, prior to its destruction. */ williamr@4: IMPORT_C virtual ~CRSASignature(void); williamr@4: protected: williamr@4: /** williamr@4: * Second phase constructor williamr@4: * williamr@4: * @see CRSASignature::NewL() williamr@4: * williamr@4: * @param aS The integer value output from a previous RSA signing operation williamr@4: */ williamr@4: IMPORT_C CRSASignature(RInteger& aS); williamr@4: williamr@4: /** Default constructor */ williamr@4: IMPORT_C CRSASignature(void); williamr@4: protected: williamr@4: /** An integer value; the output from a previous RSA signing operation. */ williamr@4: RInteger iS; williamr@4: private: williamr@4: CRSASignature(const CRSASignature&); williamr@4: CRSASignature& operator=(const CRSASignature); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Abstract base class for all RSA Signers. williamr@4: * williamr@4: */ williamr@4: class CRSASigner : public CSigner williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Gets the maximum size of output that can be generated by this object. williamr@4: * williamr@4: * @return The maximum output length in bytes williamr@4: */ williamr@4: virtual TInt MaxOutputLength(void) const = 0; williamr@4: protected: williamr@4: /** Default constructor */ williamr@4: IMPORT_C CRSASigner(void); williamr@4: private: williamr@4: CRSASigner(const CRSASigner&); williamr@4: CRSASigner& operator=(const CRSASigner&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Implementation of RSA signing as described in PKCS#1 v1.5. williamr@4: * williamr@4: * This class creates RSA signatures following the RSA PKCS#1 v1.5 standard (with williamr@4: * the one caveat noted below) and using PKCS#1 v1.5 signature padding. The only williamr@4: * exception is that the SignL() function simply performs a 'raw' PKCS#1 v1.5 sign williamr@4: * operation on whatever it is given. It does not hash or in any way williamr@4: * manipulate the input data before signing. williamr@4: * williamr@4: */ williamr@4: class CRSAPKCS1v15Signer : public CRSASigner williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new CRSAPKCS1v15Signer object from a specified RSA private key. williamr@4: * williamr@4: * @param aKey The RSA private key to be used for signing williamr@4: * @return A pointer to the new CRSAPKCS1v15Signer object williamr@4: * williamr@4: * @leave KErrKeySize If the key length is too small williamr@4: */ williamr@4: IMPORT_C static CRSAPKCS1v15Signer* NewL(const CRSAPrivateKey& aKey); williamr@4: williamr@4: /** williamr@4: * Creates a new CRSAPKCS1v15Signer object from a specified RSA private key. williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aKey The RSA private key to be used for signing williamr@4: * @return A pointer to the new CRSAPKCS1v15Signer object williamr@4: * williamr@4: * @leave KErrKeySize If the key length is too small williamr@4: */ williamr@4: IMPORT_C static CRSAPKCS1v15Signer* NewLC(const CRSAPrivateKey& aKey); williamr@4: /** williamr@4: * Digitally signs the specified input message williamr@4: * williamr@4: * @param aInput The raw data to sign, typically a hash of the actual message williamr@4: * @return A pointer to a new CSignature object williamr@4: * williamr@4: * @leave KErrNotSupported If the private key is not a supported TRSAPrivateKeyType williamr@4: * @panic ECryptoPanicInputTooLarge If aInput is larger than MaxInputLength(), williamr@4: * which is likely to happen if the caller williamr@4: * has passed in something that has not been hashed. williamr@4: */ williamr@4: virtual CRSASignature* SignL(const TDesC8& aInput) const; williamr@4: virtual TInt MaxInputLength(void) const; williamr@4: virtual TInt MaxOutputLength(void) const; williamr@4: /** The destructor frees all resources owned by the object, prior to its destruction. williamr@4: * @internalAll */ williamr@4: ~CRSAPKCS1v15Signer(void); williamr@4: protected: williamr@4: /** @internalAll */ williamr@4: CRSAPKCS1v15Signer(const CRSAPrivateKey& aKey); williamr@4: /** @internalAll */ williamr@4: void ConstructL(void); williamr@4: protected: williamr@4: /** The RSA private key to be used for signing */ williamr@4: const CRSAPrivateKey& iPrivateKey; williamr@4: /** The PKCS#1 v1.5 signature padding */ williamr@4: CPaddingPKCS1Signature* iPadding; williamr@4: private: williamr@4: CRSAPKCS1v15Signer(const CRSAPKCS1v15Signer&); williamr@4: CRSAPKCS1v15Signer& operator=(const CRSAPKCS1v15Signer&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Abstract base class for all RSA Verifiers. williamr@4: * williamr@4: */ williamr@4: class CRSAVerifier : public CVerifier williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Gets the maximum size of output that can be generated by this object. williamr@4: * williamr@4: * @return The maximum output length in bytes williamr@4: */ williamr@4: virtual TInt MaxOutputLength(void) const = 0; williamr@4: williamr@4: /** williamr@4: * Performs a decryption operation on a signature using the public key. williamr@4: * williamr@4: * This is the inverse of the sign operation, which performs a encryption williamr@4: * operation on its input data using the private key. Although this can be williamr@4: * used to verify signatures, CRSAVerifier::VerifyL should be used in williamr@4: * preference. This method is however required by some security protocols. williamr@4: * williamr@4: * @param aSignature The signature to be verified williamr@4: * @return A pointer to a new buffer containing the result of the williamr@4: * operation. The pointer is left on the cleanup stack. williamr@4: */ williamr@4: virtual HBufC8* InverseSignLC(const CRSASignature& aSignature) const = 0; williamr@4: williamr@4: IMPORT_C virtual TBool VerifyL(const TDesC8& aInput, williamr@4: const CRSASignature& aSignature) const; williamr@4: protected: williamr@4: /** Default constructor */ williamr@4: IMPORT_C CRSAVerifier(void); williamr@4: private: williamr@4: CRSAVerifier(const CRSAVerifier&); williamr@4: CRSAVerifier& operator=(const CRSAVerifier&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * This class verifies RSA signatures given a message and its supposed williamr@4: * signature. It follows the RSA PKCS#1 v1.5 with PKCS#1 v1.5 padding specification williamr@4: * with the following exception: the VerifyL() function does not hash or williamr@4: * in any way manipulate the input data before checking. Thus in order to verify williamr@4: * RSA signatures in PKCS#1 v1.5 format, the input data needs to follow PKCS#1 v1.5 williamr@4: * specification, i.e. be ASN.1 encoded and prefixed by ASN.1 encoded digestId. williamr@4: * williamr@4: */ williamr@4: class CRSAPKCS1v15Verifier : public CRSAVerifier williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new CRSAPKCS1v15Verifier object from a specified RSA public key. williamr@4: * williamr@4: * @param aKey The RSA public key to be used for verifying williamr@4: * @return A pointer to the new CRSAPKCS1v15Verifier object williamr@4: * williamr@4: * @leave KErrKeySize If the key length is too small williamr@4: */ williamr@4: IMPORT_C static CRSAPKCS1v15Verifier* NewL(const CRSAPublicKey& aKey); williamr@4: williamr@4: /** williamr@4: * Creates a new CRSAPKCS1v15Verifier object from a specified RSA public key. williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aKey The RSA public key to be used for verifying williamr@4: * @return A pointer to the new CRSAPKCS1v15Verifier object williamr@4: * williamr@4: * @leave KErrKeySize If the key length is too small williamr@4: */ williamr@4: IMPORT_C static CRSAPKCS1v15Verifier* NewLC(const CRSAPublicKey& aKey); williamr@4: virtual HBufC8* InverseSignLC(const CRSASignature& aSignature) const; williamr@4: virtual TInt MaxInputLength(void) const; williamr@4: virtual TInt MaxOutputLength(void) const; williamr@4: /** The destructor frees all resources owned by the object, prior to its destruction. */ williamr@4: virtual ~CRSAPKCS1v15Verifier(void); williamr@4: protected: williamr@4: /** @internalAll */ williamr@4: CRSAPKCS1v15Verifier(const CRSAPublicKey& aKey); williamr@4: /** @internalAll */ williamr@4: void ConstructL(void); williamr@4: protected: williamr@4: /** The RSA public key to be used for verification */ williamr@4: const CRSAPublicKey& iPublicKey; williamr@4: /** The PKCS#1 v1.5 signature padding */ williamr@4: CPaddingPKCS1Signature* iPadding; williamr@4: private: williamr@4: CRSAPKCS1v15Verifier(const CRSAPKCS1v15Verifier&); williamr@4: CRSAPKCS1v15Verifier& operator=(const CRSAPKCS1v15Verifier&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * An encapsulation of a DSA signature. williamr@4: * williamr@4: */ williamr@4: class CDSASignature : public CBase williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new CDSASignature object from the specified R and S values. williamr@4: * williamr@4: * @param aR The DSA signature's R value williamr@4: * @param aS The DSA signature's S value williamr@4: * @return A pointer to the new CDSASignature object williamr@4: */ williamr@4: IMPORT_C static CDSASignature* NewL(RInteger& aR, RInteger& aS); williamr@4: williamr@4: /** williamr@4: * Creates a new CDSASignature object from the specified R and S values. williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aR The DSA signature's R value williamr@4: * @param aS The DSA signature's S value williamr@4: * @return A pointer to the new CDSASignature object williamr@4: */ williamr@4: IMPORT_C static CDSASignature* NewLC(RInteger& aR, RInteger& aS); williamr@4: williamr@4: /** williamr@4: * Gets the DSA signature's R value williamr@4: * williamr@4: * @return The R value williamr@4: */ williamr@4: IMPORT_C const TInteger& R(void) const; williamr@4: williamr@4: /** williamr@4: * Gets the DSA signature's S value williamr@4: * williamr@4: * @return The S value williamr@4: */ williamr@4: IMPORT_C const TInteger& S(void) const; williamr@4: williamr@4: /** williamr@4: * Whether this DSASignature is identical to a specified DSASignature williamr@4: * williamr@4: * @param aSig The DSASignature for comparison williamr@4: * @return ETrue, if the two signatures are identical; EFalse, otherwise. williamr@4: */ williamr@4: IMPORT_C TBool operator== (const CDSASignature& aSig) const; williamr@4: williamr@4: /** The destructor frees all resources owned by the object, prior to its destruction. */ williamr@4: IMPORT_C virtual ~CDSASignature(void); williamr@4: protected: williamr@4: /** williamr@4: * Protected constructor williamr@4: * williamr@4: * @param aR The DSA signature's R value williamr@4: * @param aS The DSA signature's S value williamr@4: */ williamr@4: IMPORT_C CDSASignature(RInteger& aR, RInteger& aS); williamr@4: williamr@4: /** Default constructor */ williamr@4: IMPORT_C CDSASignature(void); williamr@4: protected: williamr@4: /** The DSA signature's R value */ williamr@4: RInteger iR; williamr@4: /** The DSA signature's S value */ williamr@4: RInteger iS; williamr@4: private: williamr@4: CDSASignature(const CDSASignature&); williamr@4: CDSASignature& operator=(const CDSASignature&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Implementation of DSA signing as specified in FIPS 186-2 change request 1. williamr@4: * williamr@4: */ williamr@4: class CDSASigner : public CSigner williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new CDSASigner object from a specified DSA private key. williamr@4: * williamr@4: * @param aKey The DSA private key to be used for signing williamr@4: * @return A pointer to the new CDSASigner object williamr@4: */ williamr@4: IMPORT_C static CDSASigner* NewL(const CDSAPrivateKey& aKey); williamr@4: williamr@4: /** williamr@4: * Creates a new CDSASigner object from a specified DSA private key. williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aKey The DSA private key to be used for signing williamr@4: * @return A pointer to the new CDSASigner object williamr@4: */ williamr@4: IMPORT_C static CDSASigner* NewLC(const CDSAPrivateKey& aKey); williamr@4: /** williamr@4: * Digitally signs the specified input message williamr@4: * williamr@4: * Note that in order to be interoperable and compliant with the DSS, aInput williamr@4: * must be the result of a SHA-1 hash. williamr@4: * williamr@4: * @param aInput A SHA-1 hash of the message to sign williamr@4: * @return A pointer to a new CSignature object williamr@4: * williamr@4: * @panic ECryptoPanicInputTooLarge If aInput is larger than MaxInputLength(), williamr@4: * which is likely to happen if the caller williamr@4: * has passed in something that has not been hashed. williamr@4: */ williamr@4: virtual CDSASignature* SignL(const TDesC8& aInput) const; williamr@4: virtual TInt MaxInputLength(void) const; williamr@4: protected: williamr@4: /** @internalAll */ williamr@4: CDSASigner(const CDSAPrivateKey& aKey); williamr@4: protected: williamr@4: /** The DSA private key to be used for signing */ williamr@4: const CDSAPrivateKey& iPrivateKey; williamr@4: private: williamr@4: CDSASigner(const CDSASigner&); williamr@4: CDSASigner& operator=(const CDSASigner&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Implementation of DSA signature verification as specified in FIPS 186-2 change williamr@4: * request 1. williamr@4: * williamr@4: */ williamr@4: class CDSAVerifier : public CVerifier williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new CDSAVerifier object from a specified DSA public key. williamr@4: * williamr@4: * @param aKey The DSA public key to be used for verifying williamr@4: * @return A pointer to the new CDSAVerifier object williamr@4: */ williamr@4: IMPORT_C static CDSAVerifier* NewL(const CDSAPublicKey& aKey); williamr@4: williamr@4: /** williamr@4: * Creates a new CDSAVerifier object from a specified DSA public key. williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aKey The DSA public key to be used for verifying williamr@4: * @return A pointer to the new CDSAVerifier object williamr@4: */ williamr@4: IMPORT_C static CDSAVerifier* NewLC(const CDSAPublicKey& aKey); williamr@4: /** williamr@4: * Verifies the specified digital signature williamr@4: * williamr@4: * Note that in order to be interoperable and compliant with the DSS, aInput williamr@4: * must be the result of a SHA-1 hash. williamr@4: * williamr@4: * @param aInput A SHA-1 hash of the received message williamr@4: * @param aSignature The signature to be verified williamr@4: * williamr@4: * @return Whether the signature is the result of signing williamr@4: * aInput with the supplied key williamr@4: */ williamr@4: virtual TBool VerifyL(const TDesC8& aInput, const CDSASignature& aSignature) const; williamr@4: virtual TInt MaxInputLength(void) const; williamr@4: protected: williamr@4: /** @internalAll */ williamr@4: CDSAVerifier(const CDSAPublicKey& aKey); williamr@4: protected: williamr@4: /** The DSA public key to be used for verification */ williamr@4: const CDSAPublicKey& iPublicKey; williamr@4: private: williamr@4: CDSAVerifier(const CDSAVerifier&); williamr@4: CDSAVerifier& operator=(const CDSAVerifier&); williamr@4: }; williamr@4: williamr@4: /** williamr@4: * Implementation of Diffie-Hellman key agreement as specified in PKCS#3. williamr@4: * williamr@4: */ williamr@4: class CDH : public CBase williamr@4: { williamr@4: public: williamr@4: /** williamr@4: * Creates a new CDH object from a specified DH private key. williamr@4: * williamr@4: * @param aPrivateKey The private key of this party williamr@4: * @return A pointer to the new CDH object williamr@4: */ williamr@4: IMPORT_C static CDH* NewL(const CDHPrivateKey& aPrivateKey); williamr@4: williamr@4: /** williamr@4: * Creates a new CDH object from a specified DH private key. williamr@4: * williamr@4: * The returned pointer is put onto the cleanup stack. williamr@4: * williamr@4: * @param aPrivateKey The private key of this party williamr@4: * @return A pointer to the new CDH object williamr@4: */ williamr@4: IMPORT_C static CDH* NewLC(const CDHPrivateKey& aPrivateKey); williamr@4: williamr@4: /** williamr@4: * Performs the key agreement operation. williamr@4: * williamr@4: * @param aPublicKey The public key of the other party williamr@4: * @return The agreed key williamr@4: */ williamr@4: IMPORT_C HBufC8* AgreeL(const CDHPublicKey& aPublicKey) const; williamr@4: protected: williamr@4: /** williamr@4: * Constructor williamr@4: * williamr@4: * @param aPrivateKey The DH private key williamr@4: */ williamr@4: IMPORT_C CDH(const CDHPrivateKey& aPrivateKey); williamr@4: protected: williamr@4: /** The DH private key */ williamr@4: const CDHPrivateKey& iPrivateKey; williamr@4: private: williamr@4: CDH(const CDH&); williamr@4: CDH& operator=(const CDH&); williamr@4: }; williamr@4: williamr@4: #endif // __ASYMMETRIC_H__