1 /*

     2 * Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description: 

    15 *

    16 */

    17 

    18 

    19 #include <asymmetric.h>

    20 #include <asymmetrickeys.h>

    21 #include <bigint.h>

    22 

    23 EXPORT_C CDSAVerifier* CDSAVerifier::NewL(const CDSAPublicKey& aKey)

    24 	{

    25 	CDSAVerifier* self = new(ELeave)CDSAVerifier(aKey);

    26 	return self;

    27 	}

    28 

    29 EXPORT_C CDSAVerifier* CDSAVerifier::NewLC(const CDSAPublicKey& aKey)

    30 	{

    31 	CDSAVerifier* self = NewL(aKey);

    32 	CleanupStack::PushL(self);

    33 	return self;

    34 	}

    35 

    36 TInt CDSAVerifier::MaxInputLength(void) const

    37 	{

    38 	// return CSHA1::DIGESTBYTES

    39 	return 160;

    40 	}

    41 

    42 TBool CDSAVerifier::VerifyL(const TDesC8& aInput, 

    43 	const CDSASignature& aSignature) const

    44 	{

    45 	//see HAC 11.56 or DSS section 6

    46 	//I'll follow HAC as I like the description better

    47 

    48 	// a) Obtain A's authenticate public key

    49 

    50 	// b) Verify that 0 < r < q and 0 < s < q; if not reject signature

    51 	if (aSignature.R() <= 0 || aSignature.R() >= iPublicKey.Q())

    52 		{

    53 		return EFalse;

    54 		}

    55 	if (aSignature.S() <= 0 || aSignature.S() >= iPublicKey.Q())

    56 		{

    57 		return EFalse;

    58 		}

    59 

    60 	TBool result = EFalse;

    61 

    62 	// c) Compute w = s^(-1) mod q and h(m)

    63 	RInteger w = aSignature.S().InverseModL(iPublicKey.Q());

    64 	CleanupStack::PushL(w);

    65 	// Note that in order to be interoperable, compliant with the DSS, and

    66 	// secure, aInput must be the result of a SHA-1 hash

    67 	RInteger hm = RInteger::NewL(aInput);

    68 	CleanupStack::PushL(hm);

    69 

    70 	// d) Compute u1 = w * hm mod q and u2 = r * w mod q

    71 	RInteger u1 = TInteger::ModularMultiplyL(w, hm, iPublicKey.Q());

    72 	CleanupStack::PushL(u1);

    73 

    74 	RInteger u2 = TInteger::ModularMultiplyL(aSignature.R(), w, iPublicKey.Q());

    75 	CleanupStack::PushL(u2);

    76 

    77 	// e) Compute v = ((g^u1 * y^u2) mod p) mod q

    78 	RInteger temp = TInteger::ModularExponentiateL(iPublicKey.G(), u1,

    79 		iPublicKey.P());

    80 	CleanupStack::PushL(temp);

    81 	RInteger temp1 = TInteger::ModularExponentiateL(iPublicKey.Y(), u2,

    82 		iPublicKey.P());

    83 	CleanupStack::PushL(temp1);

    84 	RInteger v = TInteger::ModularMultiplyL(temp, temp1, iPublicKey.P());

    85 	CleanupStack::PushL(v);

    86 	v %= iPublicKey.Q();

    87 

    88 	// f) Accept the signature iff v == r

    89 	if(v == aSignature.R())

    90 		{

    91 		result = ETrue;

    92 		}

    93 

    94 	CleanupStack::PopAndDestroy(&v);

    95 	CleanupStack::PopAndDestroy(&temp1);

    96 	CleanupStack::PopAndDestroy(&temp);

    97 	CleanupStack::PopAndDestroy(&u2);

    98 	CleanupStack::PopAndDestroy(&u1);

    99 	CleanupStack::PopAndDestroy(&hm);

   100 	CleanupStack::PopAndDestroy(&w); 

   101 

   102 	return result;	

   103 	}

   104 

   105 CDSAVerifier::CDSAVerifier(const CDSAPublicKey& aKey)  

   106 	: iPublicKey(aKey)

   107 	{

   108 	}

   109