|
1 /* |
|
2 * Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include "desimpl.h" |
|
20 |
|
21 #include "destables.h" |
|
22 #include "common/inlines.h" |
|
23 #include "des.inl" |
|
24 #include "pluginconfig.h" |
|
25 #include "symmetriccipherimpl.h" |
|
26 #include <cryptostrength.h> |
|
27 |
|
28 |
|
29 // bit 0 is left-most in byte |
|
30 static const TInt bytebit[] = {0200,0100,040,020,010,04,02,01}; |
|
31 |
|
32 using namespace SoftwareCrypto; |
|
33 |
|
34 /* CDesImpl */ |
|
35 CDesImpl::CDesImpl( |
|
36 TUint8 aBlockBytes, |
|
37 TUid aCryptoMode, |
|
38 TUid aOperationMode, |
|
39 TUid aPadding) : |
|
40 CSymmetricBlockCipherImpl(aBlockBytes, aCryptoMode, aOperationMode, aPadding) |
|
41 { |
|
42 } |
|
43 |
|
44 CDesImpl* CDesImpl::NewL(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode, TUid aPadding) |
|
45 { |
|
46 CDesImpl* self = CDesImpl::NewLC(aKey, aCryptoMode, aOperationMode, aPadding); |
|
47 CleanupStack::Pop(self); |
|
48 return self; |
|
49 } |
|
50 |
|
51 CDesImpl* CDesImpl::NewLC(const CKey& aKey, TUid aCryptoMode, TUid aOperationMode, TUid aPadding) |
|
52 { |
|
53 CDesImpl* self = new(ELeave) CDesImpl(KDesBlockBytes, aCryptoMode, aOperationMode, aPadding); |
|
54 CleanupStack::PushL(self); |
|
55 self->ConstructL(aKey); |
|
56 |
|
57 const TDesC8& keyContent = aKey.GetTDesC8L(KSymmetricKeyParameterUid); |
|
58 TCrypto::IsSymmetricWeakEnoughL(BytesToBits(keyContent.Size()) - keyContent.Size()); |
|
59 return self; |
|
60 } |
|
61 |
|
62 CDesImpl::~CDesImpl() |
|
63 { |
|
64 // make sure key information isn't visible to other processes if the |
|
65 // page is reused. |
|
66 Mem::FillZ(&iK, sizeof(iK)); |
|
67 } |
|
68 |
|
69 void CDesImpl::ConstructL(const CKey& aKey) |
|
70 { |
|
71 CSymmetricBlockCipherImpl::ConstructL(aKey); |
|
72 SetKeySchedule(); |
|
73 } |
|
74 |
|
75 CExtendedCharacteristics* CDesImpl::CreateExtendedCharacteristicsL() |
|
76 { |
|
77 // All Symbian software plug-ins have unlimited concurrency, cannot be reserved |
|
78 // for exclusive use and are not CERTIFIED to be standards compliant. |
|
79 return CExtendedCharacteristics::NewL(KMaxTInt, EFalse); |
|
80 } |
|
81 |
|
82 const CExtendedCharacteristics* CDesImpl::GetExtendedCharacteristicsL() |
|
83 { |
|
84 return CDesImpl::CreateExtendedCharacteristicsL(); |
|
85 } |
|
86 |
|
87 TUid CDesImpl::ImplementationUid() const |
|
88 { |
|
89 return KCryptoPluginDesUid; |
|
90 } |
|
91 |
|
92 TBool CDesImpl::IsValidKeyLength(TInt aKeyBytes) const |
|
93 { |
|
94 return (aKeyBytes == KDesKeyBytes); |
|
95 } |
|
96 |
|
97 TInt CDesImpl::GetKeyStrength() const |
|
98 { |
|
99 // parity bits are excluded |
|
100 return BytesToBits(KDesKeyBytes - 8); |
|
101 } |
|
102 |
|
103 void CDesImpl::TransformEncrypt( |
|
104 TUint8* aBuffer, |
|
105 TUint aNumBlocks) |
|
106 { |
|
107 for (TInt i = 0; i < aNumBlocks; ++i) |
|
108 { |
|
109 ModeEncryptStart(aBuffer); |
|
110 TUint32 l, r; |
|
111 // Split the block into 2 word-sized big endian portions |
|
112 GetBlockBigEndian(aBuffer, l, r); |
|
113 IPerm(l,r); |
|
114 DoTransform(l, r, iK); |
|
115 FPerm(l,r); |
|
116 |
|
117 // Put the portions back into the block as little endian |
|
118 PutBlockBigEndian(aBuffer, r, l); |
|
119 |
|
120 ModeEncryptEnd(aBuffer); |
|
121 aBuffer += KDesBlockBytes; |
|
122 } |
|
123 } |
|
124 |
|
125 void CDesImpl::TransformDecrypt( |
|
126 TUint8* aBuffer, |
|
127 TUint aNumBlocks) |
|
128 { |
|
129 for (TInt i = 0; i < aNumBlocks; ++i) |
|
130 { |
|
131 ModeDecryptStart(aBuffer); |
|
132 |
|
133 TUint32 l, r; |
|
134 // Split the block into 2 word-sized big endian portions |
|
135 GetBlockBigEndian(aBuffer, l, r); |
|
136 |
|
137 IPerm(l,r); |
|
138 DoTransform(l, r, iK); |
|
139 FPerm(l,r); |
|
140 |
|
141 // Put the portions back into the block as little endian |
|
142 PutBlockBigEndian(aBuffer, r, l); |
|
143 |
|
144 ModeDecryptEnd(aBuffer); |
|
145 aBuffer += KDesBlockBytes; |
|
146 } |
|
147 } |
|
148 |
|
149 void CDesImpl::SetKeySchedule() |
|
150 { |
|
151 if (iCryptoMode.iUid == KCryptoModeEncrypt) |
|
152 { |
|
153 SetEncryptKeySchedule(*iKey, iK); |
|
154 } |
|
155 else |
|
156 { |
|
157 ASSERT(iCryptoMode.iUid == KCryptoModeDecrypt); |
|
158 SetDecryptKeySchedule(*iKey, iK); |
|
159 } |
|
160 } |
|
161 |
|
162 void CDesImpl::DoTransform(TUint32& l, TUint32& r, const TUint32* aKeySchedule) |
|
163 { |
|
164 TInt i = 0; |
|
165 for (; i<8; i++) |
|
166 { |
|
167 TUint32 work = rotrFixed(r, 4U) ^ aKeySchedule[4*i+0]; |
|
168 l ^= DES_TABLE::sbox[6][(work) & 0x3f] |
|
169 ^ DES_TABLE::sbox[4][(work >> 8) & 0x3f] |
|
170 ^ DES_TABLE::sbox[2][(work >> 16) & 0x3f] |
|
171 ^ DES_TABLE::sbox[0][(work >> 24) & 0x3f]; |
|
172 work = r ^ aKeySchedule[4*i+1]; |
|
173 l ^= DES_TABLE::sbox[7][(work) & 0x3f] |
|
174 ^ DES_TABLE::sbox[5][(work >> 8) & 0x3f] |
|
175 ^ DES_TABLE::sbox[3][(work >> 16) & 0x3f] |
|
176 ^ DES_TABLE::sbox[1][(work >> 24) & 0x3f]; |
|
177 |
|
178 work = rotrFixed(l, 4U) ^ aKeySchedule[4*i+2]; |
|
179 r ^= DES_TABLE::sbox[6][(work) & 0x3f] |
|
180 ^ DES_TABLE::sbox[4][(work >> 8) & 0x3f] |
|
181 ^ DES_TABLE::sbox[2][(work >> 16) & 0x3f] |
|
182 ^ DES_TABLE::sbox[0][(work >> 24) & 0x3f]; |
|
183 work = l ^ aKeySchedule[4*i+3]; |
|
184 r ^= DES_TABLE::sbox[7][(work) & 0x3f] |
|
185 ^ DES_TABLE::sbox[5][(work >> 8) & 0x3f] |
|
186 ^ DES_TABLE::sbox[3][(work >> 16) & 0x3f] |
|
187 ^ DES_TABLE::sbox[1][(work >> 24) & 0x3f]; |
|
188 } |
|
189 } |
|
190 |
|
191 void CDesImpl::SetEncryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule) |
|
192 { |
|
193 TInt i=0, j=0, l=0, m=0; |
|
194 |
|
195 // Form a byte array from aKey, taking endianess into account (little->big) |
|
196 TUint8 key[8]; // For big endian byte array |
|
197 Mem::Copy(&key, &aKey[0], 8); |
|
198 |
|
199 TUint8 buffer[56+56+8]; |
|
200 TUint8* const pc1m = &buffer[0]; /* place to modify pc1 into */ |
|
201 TUint8* const pcr = pc1m + 56; /* place to rotate pc1 into */ |
|
202 TUint8* const ks = pcr + 56; |
|
203 |
|
204 for (j=0; j<56; j++) |
|
205 {/* convert pc1 to bits of key */ |
|
206 l = DES_TABLE::pc1[j]-1; /* integer bit location */ |
|
207 m = l & 07; /* find bit */ |
|
208 pc1m[j]=(key[l>>3] & /* find which key byte l is in */ |
|
209 bytebit[m]) /* and which bit of that byte */ |
|
210 ? (TUint8)1 : (TUint8)0; /* and store 1-bit result */ |
|
211 } |
|
212 |
|
213 for (i=0; i<16; i++) |
|
214 {/* key chunk for each iteration */ |
|
215 Mem::FillZ(ks,8); /* Clear key schedule */ |
|
216 for (j=0; j<56; j++) |
|
217 /* rotate pc1 the right amount */ |
|
218 pcr[j] = pc1m[(l=j+DES_TABLE::totrot[i])<(j<28? 28 : 56) ? l: l-28]; |
|
219 |
|
220 /* rotate left and right halves independently */ |
|
221 |
|
222 for (j=0; j<48; j++) |
|
223 {/* select bits individually */ |
|
224 /* check bit that goes to ks[j] */ |
|
225 if (pcr[DES_TABLE::pc2[j]-1]) |
|
226 {/* mask it in if it's there */ |
|
227 l= j % 6; |
|
228 ks[j/6] |= bytebit[l] >> 2; |
|
229 } |
|
230 } |
|
231 |
|
232 /* Now convert to odd/even interleaved form for use in F */ |
|
233 (*(aKeySchedule+(2*i))) = ((TUint32)ks[0] << 24) |
|
234 | ((TUint32)ks[2] << 16) |
|
235 | ((TUint32)ks[4] << 8) |
|
236 | ((TUint32)ks[6]); |
|
237 |
|
238 (*(aKeySchedule+(2*i+1))) = ((TUint32)ks[1] << 24) |
|
239 | ((TUint32)ks[3] << 16) |
|
240 | ((TUint32)ks[5] << 8) |
|
241 | ((TUint32)ks[7]); |
|
242 } |
|
243 } |
|
244 |
|
245 void CDesImpl::SetDecryptKeySchedule(const TDesC8& aKey, TUint32* aKeySchedule) |
|
246 { |
|
247 SetEncryptKeySchedule(aKey, aKeySchedule); |
|
248 ReverseKeySchedule(aKeySchedule); |
|
249 } |