|
1 /* |
|
2 * Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include <symmetric.h> |
|
20 #include "pbesymmetricfactory.h" |
|
21 |
|
22 #ifdef SYMBIAN_ENABLE_SPLIT_HEADERS |
|
23 |
|
24 /** OpenSSL PKCS8 Effective Key Length Compatibility.*/ |
|
25 const TUint KPkcs8CompatibilityBits = 128; |
|
26 |
|
27 /** PKCS12 PBE Effective Key Length Compatibility.*/ |
|
28 const TUint KPkcs12CompatibilityBits = 40; |
|
29 |
|
30 #endif |
|
31 |
|
32 TUint PBE::GetBlockBytes(TPBECipher aCipher) |
|
33 { |
|
34 switch(aCipher) |
|
35 { |
|
36 case ECipherAES_CBC_128: |
|
37 case ECipherAES_CBC_192: |
|
38 case ECipherAES_CBC_256: |
|
39 return KAESBlockBytes; |
|
40 case ECipherDES_CBC: |
|
41 case ECipher3DES_CBC: |
|
42 |
|
43 case ECipher2Key3DES_CBC: |
|
44 |
|
45 return KDESBlockBytes; |
|
46 case ECipherRC2_CBC_128_16: |
|
47 case ECipherRC2_CBC_40_16: |
|
48 case ECipherRC2_CBC_128: |
|
49 case ECipherRC2_CBC_40: |
|
50 |
|
51 case ECipherRC2_CBC_40_5: |
|
52 |
|
53 return KRC2BlockBytes; |
|
54 |
|
55 case ECipherARC4_128: |
|
56 case ECipherARC4_40: |
|
57 return 1; // 1 byte block for stream cipher |
|
58 |
|
59 default: |
|
60 User::Panic(_L("Invalid PBE cipher"), 1); |
|
61 } |
|
62 return (KErrNone); // For the compiler |
|
63 } |
|
64 |
|
65 TUint PBE::GetKeyBytes(TPBECipher aCipher) |
|
66 { |
|
67 switch(aCipher) |
|
68 { |
|
69 case ECipherAES_CBC_128: |
|
70 return KAESKeyBytes128; |
|
71 case ECipherAES_CBC_192: |
|
72 return KAESKeyBytes192; |
|
73 case ECipherAES_CBC_256: |
|
74 return KAESKeyBytes256; |
|
75 case ECipherDES_CBC: |
|
76 return KDESKeyBytes; |
|
77 case ECipher3DES_CBC: |
|
78 return K3DESKeyBytes; |
|
79 |
|
80 case ECipher2Key3DES_CBC: |
|
81 return K2Key3DESKeyBytes; |
|
82 |
|
83 case ECipherRC2_CBC_128: |
|
84 case ECipherRC2_CBC_128_16: |
|
85 return KRC2KeyBytes128; |
|
86 case ECipherRC2_CBC_40: |
|
87 case ECipherRC2_CBC_40_16: |
|
88 |
|
89 case ECipherRC2_CBC_40_5: |
|
90 |
|
91 return KRC2KeyBytes40; |
|
92 |
|
93 case ECipherARC4_128: |
|
94 return KRC4KeyBytes128; |
|
95 case ECipherARC4_40: |
|
96 return KRC4KeyBytes40; |
|
97 |
|
98 default: |
|
99 User::Panic(_L("Invalid PBE cipher"), 1); |
|
100 } |
|
101 return (KErrNone); // For the compiler |
|
102 } |
|
103 |
|
104 CSymmetricCipher* PBE::MakeEncryptorL(TPBECipher aCipher, const TDesC8& aKey, |
|
105 const TDesC8& aIV) |
|
106 { |
|
107 CSymmetricCipher* cipher = 0; |
|
108 CBlockTransformation* block = 0; |
|
109 switch(aCipher) |
|
110 { |
|
111 |
|
112 // stream cipher |
|
113 case ECipherARC4_40: |
|
114 case ECipherARC4_128: |
|
115 cipher = CARC4::NewL(aKey, 0); |
|
116 break; |
|
117 |
|
118 // block cipher |
|
119 case ECipherAES_CBC_128: |
|
120 case ECipherAES_CBC_192: |
|
121 case ECipherAES_CBC_256: |
|
122 block = CAESEncryptor::NewLC(aKey); |
|
123 break; |
|
124 |
|
125 case ECipherDES_CBC: |
|
126 block = CDESEncryptor::NewLC(aKey); |
|
127 break; |
|
128 |
|
129 case ECipher3DES_CBC: |
|
130 block = C3DESEncryptor::NewLC(aKey); |
|
131 break; |
|
132 |
|
133 case ECipher2Key3DES_CBC: |
|
134 { |
|
135 // Construct 3key from 2 key ( copy first key to 3rd key ) each key 8 bytes |
|
136 TBuf8<K3DESKeyBytes> encryptKey(aKey); |
|
137 encryptKey.Append(aKey.Ptr(),KDESKeyBytes); |
|
138 block = C3DESEncryptor::NewLC(encryptKey); |
|
139 break; |
|
140 } |
|
141 |
|
142 case ECipherRC2_CBC_40: |
|
143 case ECipherRC2_CBC_128: |
|
144 block = CRC2Encryptor::NewLC(aKey); |
|
145 break; |
|
146 |
|
147 case ECipherRC2_CBC_40_16: |
|
148 case ECipherRC2_CBC_128_16: |
|
149 block = CRC2Encryptor::NewLC(aKey, KPkcs8CompatibilityBits); |
|
150 break; |
|
151 |
|
152 case ECipherRC2_CBC_40_5: |
|
153 block = CRC2Encryptor::NewLC(aKey, KPkcs12CompatibilityBits); |
|
154 break; |
|
155 |
|
156 default: |
|
157 User::Panic(_L("Invalid PBE encryptor"), 1); |
|
158 } |
|
159 |
|
160 // if aCipher is not stream cipher, create block cipher object |
|
161 if(aCipher != ECipherARC4_40 && aCipher != ECipherARC4_128) |
|
162 { |
|
163 block = CModeCBCEncryptor::NewL(block, aIV); |
|
164 CleanupStack::Pop(); //1st block owned by 2nd |
|
165 CleanupStack::PushL(block);//2nd block |
|
166 CPadding* padding = CPaddingSSLv3::NewLC(GetBlockBytes(aCipher)); |
|
167 cipher = CBufferedEncryptor::NewL(block, padding); |
|
168 CleanupStack::Pop(padding); //owned by cipher |
|
169 CleanupStack::Pop(block); //owned by cipher |
|
170 } |
|
171 |
|
172 return cipher; |
|
173 } |
|
174 |
|
175 |
|
176 CSymmetricCipher* PBE::MakeDecryptorL(TPBECipher aCipher, const TDesC8& aKey, |
|
177 const TDesC8& aIV) |
|
178 { |
|
179 CSymmetricCipher* cipher = 0; |
|
180 CBlockTransformation* block = 0; |
|
181 switch(aCipher) |
|
182 { |
|
183 // stream cipher |
|
184 case ECipherARC4_40: |
|
185 case ECipherARC4_128: |
|
186 cipher = CARC4::NewL(aKey, 0); |
|
187 break; |
|
188 |
|
189 // block cipher |
|
190 case ECipherAES_CBC_128: |
|
191 case ECipherAES_CBC_192: |
|
192 case ECipherAES_CBC_256: |
|
193 block = CAESDecryptor::NewLC(aKey); |
|
194 break; |
|
195 |
|
196 case ECipherDES_CBC: |
|
197 block = CDESDecryptor::NewLC(aKey); |
|
198 break; |
|
199 |
|
200 case ECipher3DES_CBC: |
|
201 block = C3DESDecryptor::NewLC(aKey); |
|
202 break; |
|
203 |
|
204 case ECipher2Key3DES_CBC: |
|
205 { |
|
206 // Construct 3key from 2 key ( copy first key to 3rd key ) each key 8 bytes |
|
207 TBuf8<K3DESKeyBytes> encryptKey(aKey); |
|
208 encryptKey.Append(aKey.Ptr(),KDESKeyBytes); |
|
209 block = C3DESDecryptor::NewLC(encryptKey); |
|
210 break; |
|
211 } |
|
212 |
|
213 case ECipherRC2_CBC_40: |
|
214 case ECipherRC2_CBC_128: |
|
215 block = CRC2Decryptor::NewLC(aKey); |
|
216 break; |
|
217 |
|
218 case ECipherRC2_CBC_40_16: |
|
219 case ECipherRC2_CBC_128_16: |
|
220 block = CRC2Decryptor::NewLC(aKey, KPkcs8CompatibilityBits); |
|
221 break; |
|
222 |
|
223 case ECipherRC2_CBC_40_5: |
|
224 block = CRC2Decryptor::NewLC(aKey, KPkcs12CompatibilityBits); |
|
225 break; |
|
226 |
|
227 default: |
|
228 User::Panic(_L("Invalid PBE decryptor"), 1); |
|
229 } |
|
230 |
|
231 // if aCipher is not stream cipher, create block cipher object |
|
232 if(aCipher != ECipherARC4_40 && aCipher != ECipherARC4_128) |
|
233 { |
|
234 block = CModeCBCDecryptor::NewL(block, aIV); |
|
235 CleanupStack::Pop(); //1st block owned by 2nd |
|
236 CleanupStack::PushL(block);//2nd block |
|
237 |
|
238 CPadding* padding = CPaddingSSLv3::NewLC(GetBlockBytes(aCipher)); |
|
239 cipher = CBufferedDecryptor::NewL(block, padding); |
|
240 CleanupStack::Pop(padding); //owned by cipher |
|
241 CleanupStack::Pop(block); //owned by cipher |
|
242 } |
|
243 |
|
244 return cipher; |
|
245 } |