cryptoservices/asnpkcs/source/asnpkcs5.cpp
author Mikko Sunikka <mikko.sunikka@nokia.com>
Fri, 06 Nov 2009 13:21:00 +0200
changeset 17 cd501b96611d
parent 8 35751d3474b7
permissions -rw-r--r--
Revision: 200945 Kit: 200945

/*
* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
* All rights reserved.
* This component and the accompanying materials are made available
* under the terms of the License "Eclipse Public License v1.0"
* which accompanies this distribution, and is available
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
*
* Initial Contributors:
* Nokia Corporation - initial contribution.
*
* Contributors:
*
* Description: 
*
*/


#include <asn1enc.h>
#include <asn1dec.h>
#include <pbedata.h>
#include <rc2.h>

#include "asnpkcs.h"

#ifdef SYMBIAN_ENABLE_SPLIT_HEADERS

/** OpenSSL PKCS8 Effective Key Length Compatibility.*/
const TUint KPkcs8CompatibilityBits = 128;

#endif


_LIT(Kpkcs5PBES2, "1.2.840.113549.1.5.13");
_LIT(Kpkcs5PBKDF2, "1.2.840.113549.1.5.12");
_LIT(KDESCBC, "1.3.14.3.2.7");
_LIT(K3DESCBC, "1.2.840.113549.3.7");
_LIT(KRC2CBC, "1.2.840.113549.3.2");

// pbe12Algorithm Ids
_LIT(KPbeWithSHA1And128BitRC4, "1.2.840.113549.1.12.1.1");
_LIT(KPbeWithSHA1And40BitRC4, "1.2.840.113549.1.12.1.2");
_LIT(KPbeWithSHA1And3_KeyTripleDES_CBC, "1.2.840.113549.1.12.1.3");
_LIT(KPbeWithSHA1And2_KeyTripleDES_CBC, "1.2.840.113549.1.12.1.4");
_LIT(KPbeWithSHA1And128BitRC2_CBC, "1.2.840.113549.1.12.1.5");
_LIT(KPbeWithSHA1And40BitRC2_CBC, "1.2.840.113549.1.12.1.6");
//The size of the Initialization vector
const TInt KIvSize = 8;


/*
* //For RC2
* SEQUENCE
* 	OID -- pkcs5PBES2
*	SEQUENCE
*		SEQUENCE
*		OID -- pkcs5PBKDF2
*		SEQUENCE
*			OCTET STRING -- salt
*			INTEGER -- iteration count
*			INTEGER -- effective key length in octets
* 	SEQUENCE
*		OID -- algorithm id (rc2)
*		SEQUENCE
*			INTEGER -- RC2 parameter version 58 = 128, 160 = 40
*			OCTET STRING -- iv
*
* //For DES and 3DES
* SEQUENCE
* 	OID -- pkcs5PBES2
*	SEQUENCE
*		SEQUENCE
*		OID -- pkcs5PBKDF2
*		SEQUENCE
*			OCTET STRING -- salt
*			INTEGER -- iteration count
* 	SEQUENCE
*		OID -- algorithm id (des, 3des)
*		OCTET STRING -- iv
*/

EXPORT_C CASN1EncSequence* TASN1EncPKCS5::EncodeDERL(const CPBEncryptParms& aParms)
	{
	CASN1EncSequence* seq = CASN1EncSequence::NewLC();
	CASN1EncObjectIdentifier* pbes2 = CASN1EncObjectIdentifier::NewLC(Kpkcs5PBES2);
	seq->AddChildL(pbes2);
	CleanupStack::Pop(pbes2);

	CASN1EncSequence* seq1 = CASN1EncSequence::NewLC();
	seq->AddChildL(seq1);
	CleanupStack::Pop(seq1);

	CASN1EncSequence* seq2 = CASN1EncSequence::NewLC();
	seq1->AddChildL(seq2);
	CleanupStack::Pop(seq2);

	CASN1EncObjectIdentifier* pbkdf2 = CASN1EncObjectIdentifier::NewLC(Kpkcs5PBKDF2);
	seq2->AddChildL(pbkdf2);
	CleanupStack::Pop(pbkdf2);

	CASN1EncSequence* seq3 = CASN1EncSequence::NewLC();
	seq2->AddChildL(seq3);
	CleanupStack::Pop(seq3);

	CASN1EncOctetString* salt = CASN1EncOctetString::NewLC(aParms.Salt());
	seq3->AddChildL(salt);
	CleanupStack::Pop(salt);

	CASN1EncInt* iterations = CASN1EncInt::NewLC(aParms.Iterations());
	seq3->AddChildL(iterations);
	CleanupStack::Pop(iterations);

	CASN1EncInt* keysize = 0;
	switch(aParms.Cipher())
		{
		case ECipherDES_CBC:
		case ECipher3DES_CBC: 
			break;
		case ECipherRC2_CBC_40:
 			keysize = CASN1EncInt::NewLC(KSSLCompatibilityBits/8);  // effective key length in *octets*
			seq3->AddChildL(keysize);
			CleanupStack::Pop(keysize);
			break;
		case ECipherRC2_CBC_128:
 			keysize = CASN1EncInt::NewLC(KSSLCompatibilityBits/8);  // effective key length in *octets*
			seq3->AddChildL(keysize);
			CleanupStack::Pop(keysize);
			break;
		case ECipherRC2_CBC_40_16:
 			keysize = CASN1EncInt::NewLC(KPkcs8CompatibilityBits/8);  // effective key length in *octets*
			seq3->AddChildL(keysize);
			CleanupStack::Pop(keysize);
			break;
		case ECipherRC2_CBC_128_16:
 			keysize = CASN1EncInt::NewLC(KPkcs8CompatibilityBits/8);  // effective key length in *octets*
			seq3->AddChildL(keysize);
			CleanupStack::Pop(keysize);
			break;
		default:
			User::Leave(KErrNotSupported);
			break;
		}

	CASN1EncSequence* seq4 = CASN1EncSequence::NewLC();
	seq1->AddChildL(seq4);
	CleanupStack::Pop(seq4);

	CASN1EncObjectIdentifier* algid = 0;
	switch(aParms.Cipher())
		{
		case ECipherDES_CBC:
			algid = CASN1EncObjectIdentifier::NewLC(KDESCBC);
			break;
		case ECipher3DES_CBC:
			algid = CASN1EncObjectIdentifier::NewLC(K3DESCBC);
			break;
		case ECipherRC2_CBC_40:
		case ECipherRC2_CBC_128:
		case ECipherRC2_CBC_40_16:
		case ECipherRC2_CBC_128_16:
			algid = CASN1EncObjectIdentifier::NewLC(KRC2CBC);
			break;
		default:
			User::Leave(KErrNotSupported);
			break;
		}
	seq4->AddChildL(algid);
	CleanupStack::Pop(algid);

	CASN1EncSequence* seq5 = 0;
	CASN1EncInt* keysize1 = 0;
	CASN1EncOctetString* iv = 0;
	switch(aParms.Cipher())
		{
		case ECipherDES_CBC:
		case ECipher3DES_CBC:
			iv = CASN1EncOctetString::NewLC(aParms.IV());
			seq4->AddChildL(iv);
			CleanupStack::Pop(iv);
			break;
		case ECipherRC2_CBC_40:
		case ECipherRC2_CBC_40_16:
			seq5 = CASN1EncSequence::NewLC();
			seq4->AddChildL(seq5);
			CleanupStack::Pop(seq5);

			keysize1 = CASN1EncInt::NewLC(160); //encoding for 40 bit
			seq5->AddChildL(keysize1);
			CleanupStack::Pop(keysize1);

			iv = CASN1EncOctetString::NewLC(aParms.IV());
			seq5->AddChildL(iv);
			CleanupStack::Pop(iv);
			break;
		case ECipherRC2_CBC_128:
		case ECipherRC2_CBC_128_16:
			seq5 = CASN1EncSequence::NewLC();
			seq4->AddChildL(seq5);
			CleanupStack::Pop(seq5);
			
			keysize1 = CASN1EncInt::NewLC(58); //encoding for 128 bit
			seq5->AddChildL(keysize1);
			CleanupStack::Pop(keysize1);

			iv = CASN1EncOctetString::NewLC(aParms.IV());
			seq5->AddChildL(iv);
			CleanupStack::Pop(iv);
			break;
		default:
			User::Leave(KErrNotSupported);
			break;
		}
	CleanupStack::Pop(seq);
	return seq;
	}

EXPORT_C CPBEncryptParms* TASN1DecPKCS5::DecodeDERL(const TDesC8& aBinaryData)
	{
	TASN1DecGeneric seqGen(aBinaryData);
	seqGen.InitL();
	if (seqGen.Tag() != EASN1Sequence)
		{
		User::Leave(KErrArgument);
		}
	
	//Decode the Algorithm Identifier Sequence
	TASN1DecSequence seq;
	CArrayPtrFlat<TASN1DecGeneric>* seqContents = seq.DecodeDERLC(seqGen);

	//PbeAlgorithm Id
	if (seqContents->At(0)->Tag() != EASN1ObjectIdentifier)
		{
		User::Leave(KErrArgument);
		}	
	CPBEncryptParms* params = NULL;	
	TASN1DecObjectIdentifier oid;
	HBufC* oiddes = oid.DecodeDERL(*(seqContents->At(0)));
	CleanupStack::PushL(oiddes);
	//Algorithm Id is a pkcs-12Pbe Algorithm Id.
	if(*oiddes != Kpkcs5PBES2)
		{
		// Initialise to impossible value
		TPBECipher cipher = (TPBECipher) -1; 
		// Pbe12Algorithm Ids
		if(*oiddes == KPbeWithSHA1And128BitRC4)
			{
			cipher = ECipherARC4_128;
			}
		else if(*oiddes == KPbeWithSHA1And40BitRC4)
			{
			cipher = ECipherARC4_40;
			}
		else if(*oiddes == KPbeWithSHA1And3_KeyTripleDES_CBC)
			{
			cipher = ECipher3DES_CBC;
			}
		else if(*oiddes == KPbeWithSHA1And2_KeyTripleDES_CBC)
			{
			cipher = ECipher2Key3DES_CBC;
			}
		else if(*oiddes == KPbeWithSHA1And128BitRC2_CBC)
			{
			cipher = ECipherRC2_CBC_128_16; 
			}
		else if(*oiddes == KPbeWithSHA1And40BitRC2_CBC)
			{
			cipher = ECipherRC2_CBC_40_5; 
			}
	    else
        	{
        	User::Leave(KErrNotSupported);
        	}	 
        
        TInt seqContentsCount = seqContents->Count();
		
		//All pkcs-12Pbe algorithms require the Algorithm Parameters.
		//Algorithm Parameters are not OPTIONAL for pkcs-12Pbe algorithms.
		
		//seqContentsCount should be equal to 2.That is, the Algorithm Id 
		//and associated Algorithm Parameters have to be present.
		if(seqContentsCount != 2)
			{
			User::Leave(KErrArgument);	
			}
		//This if statement checks if the pkcs-12PbeParams Sequence is present in the 
		//AlgorithmIdentifier Sequence Since pkcs-12PbeParams are OPTIONAL
		else 
			{
			//Set the Initialization vector size to 8 bytes.
			TBuf8<KIvSize> iv(KIvSize);
			// Initialized to NULL, if salt is not present.
			TPtrC8 salt;
			TInt iterations; 

			const TASN1DecGeneric* seqContentsAt1 = seqContents->At(1);
			if (seqContentsAt1->Tag() != EASN1Sequence || seqContentsAt1->Class() != EUniversal)
				{
				User::Leave(KErrArgument);
				}
				
			CArrayPtrFlat<TASN1DecGeneric>* seq1Contents = seq.DecodeDERLC(*seqContentsAt1);
			const TASN1DecGeneric* seq1ContentsAt0 = seq1Contents->At(0);
			if (seq1ContentsAt0->Tag() != EASN1OctetString || seq1ContentsAt0->Class() != EUniversal)
				{
				User::Leave(KErrArgument);
				}
			salt.Set(seq1ContentsAt0->GetContentDER());
			const TASN1DecGeneric* seq1ContentsAt1 = seq1Contents->At(1);
			if (seq1ContentsAt1->Tag() != EASN1Integer || seq1ContentsAt1->Class() != EUniversal)
				{
				User::Leave(KErrArgument);
				}
			TASN1DecInteger integer;
			iterations = integer.DecodeDERShortL(*seq1ContentsAt1);
			if (iterations <= 0)
				{
				User::Leave(KErrArgument);
				}
			params = CPBEncryptParms::NewL(cipher, salt, iv, iterations);
			params->SetKdf(CPBEncryptParms::EKdfPkcs12);
			CleanupStack::PopAndDestroy(seq1Contents);
			}
		}
	//Algorithm Id is a pkcs-5Pbe Algorithm Id.
   	 else if (*oiddes == Kpkcs5PBES2)
    	{
    	if (seqContents->At(1)->Tag() != EASN1Sequence)
			{
			User::Leave(KErrArgument);
			}
		CArrayPtrFlat<TASN1DecGeneric>* seq1Contents = seq.DecodeDERLC(*(seqContents->At(1)));

		if (seq1Contents->At(0)->Tag() != EASN1Sequence)
			{
			User::Leave(KErrArgument);
			}
		CArrayPtrFlat<TASN1DecGeneric>* seq2Contents = seq.DecodeDERLC(*(seq1Contents->At(0)));

		if (seq2Contents->At(0)->Tag() != EASN1ObjectIdentifier)
			{
			User::Leave(KErrArgument);
			}
		HBufC* oid1des = oid.DecodeDERL(*(seq2Contents->At(0)));
		CleanupStack::PushL(oid1des);
		
		if(*oid1des != Kpkcs5PBKDF2)
			{
			User::Leave(KErrNotSupported);
			}
		if (seq2Contents->At(1)->Tag() != EASN1Sequence)
			{
			User::Leave(KErrArgument);
			}
		CArrayPtrFlat<TASN1DecGeneric>* seq3Contents = seq.DecodeDERLC(*(seq2Contents->At(1)));

		if (seq3Contents->At(0)->Tag() != EASN1OctetString)
			{
			User::Leave(KErrArgument);
			}
		TASN1DecOctetString octet;
		HBufC8* salt = octet.DecodeDERL(*(seq3Contents->At(0)));
		CleanupStack::PushL(salt);
		
		if (seq3Contents->At(1)->Tag() != EASN1Integer)
			{
			User::Leave(KErrArgument);
			}
		TASN1DecInteger integer;
		TInt iterations = integer.DecodeDERShortL(*(seq3Contents->At(1)));

		if (seq1Contents->At(1)->Tag() != EASN1Sequence)
			{
			User::Leave(KErrArgument);
			}
		CArrayPtrFlat<TASN1DecGeneric>* seq4Contents = seq.DecodeDERLC(*(seq1Contents->At(1)));
	
		TPBECipher cipher = (TPBECipher) -1; // Initialise to impossible value
		if (seq4Contents->At(0)->Tag() != EASN1ObjectIdentifier)
			{
			User::Leave(KErrArgument);
			}
		HBufC* oid2des = oid.DecodeDERL(*(seq4Contents->At(0)));
		CleanupStack::PushL(oid2des);
		
		CArrayPtrFlat<TASN1DecGeneric>* seq5Contents = 0; 

		if(*oid2des == K3DESCBC)
			{
			cipher = ECipher3DES_CBC;
		CleanupStack::PushL(seq5Contents);
			}
		else if(*oid2des == KDESCBC)
			{
			cipher = ECipherDES_CBC;
		CleanupStack::PushL(seq5Contents);
			}
		else if(*oid2des == KRC2CBC)
			{
			// RC2 has an additional parameter, the effective key lenght in octets.
			if (seq3Contents->At(2)->Tag() != EASN1Integer)
				{
				User::Leave(KErrArgument);
				}		
			TInt effectiveKeyLength =  integer.DecodeDERShortL(*(seq3Contents->At(2)));

			if (seq4Contents->At(1)->Tag() != EASN1Sequence)
				{
				User::Leave(KErrArgument);
				}
			seq5Contents = seq.DecodeDERLC(*(seq4Contents->At(1)));
			if (seq5Contents->At(0)->Tag() != EASN1Integer)
				{
				User::Leave(KErrArgument);
				}
			TInt keysize = integer.DecodeDERShortL(*(seq5Contents->At(0)));
			switch(keysize)
				{
				// These values come from the PKCS#5 v2 specs
				case 160:
					if (effectiveKeyLength == 16)
						{
						cipher = ECipherRC2_CBC_40_16;					
						}
					else 
						{
						if (effectiveKeyLength == 128)
							{
							cipher = ECipherRC2_CBC_40;
							}
						else 
							{
							User::Leave(KErrNotSupported); // Unsupported effective key length!						
							}
						}
					break;
				case 58:
					if (effectiveKeyLength == 16)
						{
						cipher = ECipherRC2_CBC_128_16;					
						}
					else 
						{
						if (effectiveKeyLength == 128)
							{
							cipher = ECipherRC2_CBC_128;
							}
						else 
							{
							User::Leave(KErrNotSupported); // Unsupported effective key length!						
							}
						}			
					break;
				case 120:
					//would be RC_CBC_64 but we don't support that
				default:
					User::Leave(KErrNotSupported);
					break;
				}
			}
		else 
			{
			User::Leave(KErrNotSupported);
			}	

		HBufC8* iv = 0;
		switch(cipher)
			{
			case ECipher3DES_CBC:
			case ECipherDES_CBC:
				if (seq4Contents->At(1)->Tag() != EASN1OctetString)
					{
					User::Leave(KErrArgument);
					}
				iv = octet.DecodeDERL(*(seq4Contents->At(1)));	
			CleanupStack::PushL(iv);
				break;
			case ECipherRC2_CBC_40:
			case ECipherRC2_CBC_128:
			case ECipherRC2_CBC_40_16:
			case ECipherRC2_CBC_128_16:	
				if (seq5Contents->At(1)->Tag() != EASN1OctetString)
					{
					User::Leave(KErrArgument);
					}
				iv = octet.DecodeDERL(*(seq5Contents->At(1)));
			CleanupStack::PushL(iv);
				break;
			default:
				User::Leave(KErrNotSupported);
				break;
			}

		params = CPBEncryptParms::NewL(cipher, *salt, *iv,
		iterations);
	CleanupStack::PopAndDestroy(9); //iv, seq5contents, oid2des, seq4Contents,
	//salt, seq3Contents, oid1des, seq2Contents, seq1Contents
    	}
	else
		{
		User::Leave(KErrNotSupported);
		}
	CleanupStack::PopAndDestroy(2, seqContents);
	return params;
	}