|
1 /* |
|
2 * Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Implementation of STSRSASIgnature |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 #include <x509cert.h> |
|
21 #include <hash.h> |
|
22 #include <asymmetrickeys.h> |
|
23 #include <asymmetric.h> |
|
24 #include "stsconstants.h" |
|
25 #include "stsrsasignature.h" |
|
26 |
|
27 #include "javajniutils.h" |
|
28 #include "logger.h" |
|
29 |
|
30 namespace java |
|
31 { |
|
32 namespace satsa |
|
33 { |
|
34 |
|
35 STSRSASignature::STSRSASignature() |
|
36 { |
|
37 mRSAKey = NULL; |
|
38 mHashID = NULL; |
|
39 mRSA = NULL; |
|
40 mpkey = NULL; |
|
41 } |
|
42 |
|
43 |
|
44 |
|
45 int STSRSASignature::Construct(const std::wstring aPadding) |
|
46 { |
|
47 LOG(ESATSA, EInfo, "STSRSASignature::Construct+"); |
|
48 |
|
49 if (aPadding == STSDigestSHA1) |
|
50 { |
|
51 md = EVP_sha1(); |
|
52 } |
|
53 else if (aPadding == STSDigestMD2) |
|
54 { |
|
55 md = EVP_md2(); |
|
56 } |
|
57 else if (aPadding == STSDigestMD5) |
|
58 { |
|
59 md = EVP_md5(); |
|
60 } |
|
61 else |
|
62 { |
|
63 return KSTSErrArgument; |
|
64 } |
|
65 |
|
66 if (md == NULL) |
|
67 { |
|
68 // Algorithm was not found |
|
69 return KSTSErrDigest; |
|
70 } |
|
71 else |
|
72 { |
|
73 |
|
74 mdctx = new EVP_MD_CTX; |
|
75 if (mdctx != NULL) |
|
76 { |
|
77 EVP_MD_CTX_init(mdctx); |
|
78 return 0; |
|
79 } |
|
80 else |
|
81 { |
|
82 return KSTSErrDigest; |
|
83 } |
|
84 } |
|
85 |
|
86 } |
|
87 |
|
88 |
|
89 |
|
90 STSRSASignature* STSRSASignature::Create(const std::wstring aPadding, |
|
91 int* errCode) |
|
92 { |
|
93 LOG(ESATSA, EInfo, "STSRSASignature::Create+"); |
|
94 STSRSASignature* self = new STSRSASignature; |
|
95 if (self == NULL) |
|
96 { |
|
97 // object was not created successfully |
|
98 *errCode = KSTSErrNoMemory; |
|
99 return NULL; |
|
100 } |
|
101 else |
|
102 { |
|
103 // Object created, call the second level constructor |
|
104 *errCode = self->Construct(aPadding); |
|
105 if (*errCode == 0) |
|
106 { |
|
107 return self; |
|
108 } |
|
109 else |
|
110 { |
|
111 delete self; |
|
112 return NULL; |
|
113 } |
|
114 } |
|
115 } |
|
116 |
|
117 |
|
118 STSRSASignature::~STSRSASignature() |
|
119 { |
|
120 if (mHashID != NULL) |
|
121 delete mHashID; |
|
122 |
|
123 if (mRSAKey != NULL) |
|
124 delete mRSAKey; |
|
125 |
|
126 if (mpkey != NULL) |
|
127 EVP_PKEY_free(mpkey); |
|
128 |
|
129 if (mRSA != NULL) |
|
130 mRSA = NULL; |
|
131 |
|
132 } |
|
133 |
|
134 int STSRSASignature::InitVerify(JNIEnv* aJni, jstring aKeyAlgorithm, |
|
135 jstring aKeyFormat, jbyteArray aKeyEncoded) |
|
136 { |
|
137 LOG(ESATSA, EInfo, "STSRSASignature::InitVerify+"); |
|
138 int retVal = 0; |
|
139 |
|
140 // Check key validity |
|
141 |
|
142 // Key must be created for used algorithm |
|
143 std::wstring key_algorithm; |
|
144 try |
|
145 { |
|
146 key_algorithm = java::util::JniUtils::jstringToWstring(aJni, |
|
147 aKeyAlgorithm); |
|
148 } |
|
149 catch (...) |
|
150 { |
|
151 ELOG(ESATSA, "InitVerify: caught exception. Return error code"); |
|
152 return (KSTSErrInvalidKey); |
|
153 } |
|
154 ELOG(ESATSA, "STSRSASignature::InitVerify: Check Algorithm"); |
|
155 if (key_algorithm != STSAlgorithmRSA) |
|
156 { |
|
157 return (KSTSErrInvalidKey); |
|
158 } |
|
159 // Format: Only X509 keys are supported |
|
160 std::wstring key_format; |
|
161 try |
|
162 { |
|
163 key_format = java::util::JniUtils::jstringToWstring(aJni, aKeyFormat); |
|
164 } |
|
165 catch (...) |
|
166 { |
|
167 ELOG(ESATSA, "InitVerify: caught exception. Return error code"); |
|
168 return (KSTSErrInvalidKey); |
|
169 } |
|
170 |
|
171 LOG(ESATSA, EInfo, "STSRSASignature::InitVerify: Check key format"); |
|
172 if (key_format != STSKeyFormatX509) |
|
173 { |
|
174 return (KSTSErrInvalidKey); |
|
175 } |
|
176 |
|
177 // Read the encoded key from the jbytearray |
|
178 LOG(ESATSA, EInfo, "STSRSASignature::InitVerify:read the encoded key"); |
|
179 int key_length = aJni->GetArrayLength(aKeyEncoded); |
|
180 const unsigned char *key = new unsigned char[key_length]; |
|
181 aJni->GetByteArrayRegion(aKeyEncoded, 0, key_length, (signed char*) key); |
|
182 |
|
183 // decode the encoded key data into a RSA data structure. |
|
184 LOG(ESATSA, EInfo,"decode the encoded key data into a RSA data"); |
|
185 mRSA = d2i_RSA_PUBKEY(&mRSA, &key, (long) key_length); |
|
186 if (mRSA == NULL) |
|
187 { |
|
188 return KSTSErrInvalidKey; |
|
189 } |
|
190 |
|
191 LOG(ESATSA, EInfo, "STSRSASignature::InitVerify: get mpkey"); |
|
192 mpkey = EVP_PKEY_new(); |
|
193 EVP_PKEY_set1_RSA(mpkey, mRSA); |
|
194 |
|
195 LOG(ESATSA, EInfo, "STSRSASignature::InitVerify: verify init call"); |
|
196 retVal = EVP_VerifyInit_ex(mdctx, md, NULL); |
|
197 |
|
198 LOG(ESATSA, EInfo, "STSRSASignature::InitVerify---"); |
|
199 return retVal; |
|
200 |
|
201 } |
|
202 |
|
203 int STSRSASignature::Verify(JNIEnv* aJni, jbyteArray aSignature) |
|
204 { |
|
205 LOG(ESATSA, EInfo, "STSRSASignature::Verify++"); |
|
206 int result; |
|
207 |
|
208 if (mpkey == NULL) |
|
209 { |
|
210 ELOG(ESATSA, "STSRSASignature::Verify: mpkey is null"); |
|
211 // Not initialized |
|
212 return (KSTSErrSignature); |
|
213 } |
|
214 else if (!mIsUpdated) |
|
215 { |
|
216 LOG(ESATSA, EInfo, "STSRSASignature::Verify: Not updated"); |
|
217 return false; |
|
218 } |
|
219 else if (mdctx == NULL) |
|
220 { |
|
221 // If data is not updated TCK requires that exception is not thrown and |
|
222 // false is returned. |
|
223 ELOG(ESATSA, "STSRSASignature::Verify: mdctx is null"); |
|
224 return false; |
|
225 } |
|
226 |
|
227 // Read the signature data from the jbytearray |
|
228 int siglen = aJni->GetArrayLength(aSignature); |
|
229 const unsigned char *sigbuf = new unsigned char[siglen]; |
|
230 aJni->GetByteArrayRegion(aSignature, 0, siglen, (signed char*) sigbuf); |
|
231 |
|
232 result = EVP_VerifyFinal(mdctx, sigbuf, siglen, mpkey); |
|
233 mIsUpdated = false; |
|
234 |
|
235 // reset the digest |
|
236 LOG(ESATSA, EInfo, "STSRSASignature::Verify: reset the digest"); |
|
237 const EVP_MD* md = NULL; |
|
238 md = EVP_MD_CTX_md(mdctx); |
|
239 EVP_MD_CTX_init(mdctx); |
|
240 EVP_DigestInit_ex(mdctx, md, NULL); |
|
241 |
|
242 LOG(ESATSA, EInfo, "Verify: check result and return proper value"); |
|
243 if (0 == result) |
|
244 { |
|
245 return false; |
|
246 } |
|
247 else if (1 == result) |
|
248 { |
|
249 return true; |
|
250 } |
|
251 else |
|
252 { |
|
253 return KSTSErrSignature; |
|
254 } |
|
255 } |
|
256 |
|
257 int STSRSASignature::Update(JNIEnv* aJni, jbyteArray aData, jint aOffset, |
|
258 jint aLength) |
|
259 { |
|
260 LOG(ESATSA, EInfo, "STSRSASignature::Update++"); |
|
261 if (mpkey == NULL) |
|
262 { |
|
263 ELOG(ESATSA, "STSRSASignature::Update: mpkey is null"); |
|
264 // Not initialized |
|
265 return KSTSErrSignature; |
|
266 } |
|
267 |
|
268 // Read the signature data from the jbytearray |
|
269 const unsigned char *data = new unsigned char[aLength]; |
|
270 aJni->GetByteArrayRegion(aData, aOffset, aLength, (signed char*) data); |
|
271 |
|
272 int result = EVP_VerifyUpdate(mdctx, (const void *) data, |
|
273 (unsigned int) aLength); |
|
274 |
|
275 if (!mIsUpdated) |
|
276 { |
|
277 mIsUpdated = true; |
|
278 } |
|
279 LOG(ESATSA, EInfo, "STSRSASignature::Update: return result"); |
|
280 return result; |
|
281 } |
|
282 |
|
283 } // namespace satsa |
|
284 } // namespace java |
|
285 |