1 /*

     2 * Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description:  Implementation of STSSignatureFactory

    15  *

    16 */

    17 

    18 

    19 

    20 #include <x509cert.h>

    21 #include <openssl/evp.h>

    22 #include "javajniutils.h"

    23 #include "stssignaturefactory.h"

    24 #include "stsrsasignature.h"

    25 #include "stsdsasignature.h"

    26 #include "stsconstants.h"

    27 #include "logger.h"

    28 

    29 namespace java

    30 {

    31 namespace satsa

    32 {

    33 

    34 STSSignature* STSSignatureFactory::CreateSignature(JNIEnv* aJni,

    35         const jstring aAlgorithm, int* errCode)

    36 {

    37     LOG(ESATSA, EInfo, "STSSignatureFactory::CreateSignature+");

    38     std::wstring padding;

    39     std::wstring algorithm;

    40 

    41     //convert the jstring to native string

    42     std::wstring sigstr;

    43     try

    44     {

    45         sigstr = java::util::JniUtils::jstringToWstring(aJni, aAlgorithm);

    46     }

    47     catch (...)

    48     {

    49         ELOG(ESATSA, "CreateSignature: caught exception. Return error code");

    50         *errCode = KSTSErrNoSuchAlgorithm;

    51         return NULL;

    52     }

    53 

    54     // Algorithm is a form of <padding>with<algorithm>

    55     int index = sigstr.find(STSSignatureSeparator);

    56 

    57     // String must contain 'with'

    58     if (index == wstring::npos)

    59     {

    60         ELOG(ESATSA, "CreateSignature: No Such Algorithm");

    61         *errCode = KSTSErrNoSuchAlgorithm;

    62         return NULL;

    63     }

    64 

    65     // Get padding part

    66     padding.assign(sigstr, 0, index);

    67 

    68     // Skip 'with'

    69     index += STSSignatureSeparatorLength;

    70 

    71     // Get algorithm part

    72     algorithm.assign(sigstr, index, wstring::npos);

    73 

    74     // return null if there isn't padding or algorithm

    75     if (padding.length() <= 0 || algorithm.length() <= 0)

    76     {

    77         ELOG(ESATSA, "CreateSignature:there isn't padding or algorithm ");

    78         *errCode = KSTSErrNoSuchAlgorithm;

    79         return NULL;

    80     }

    81 

    82     // With signatures padding name "SHA1" must be used and Message digest

    83     // algorithm name is "SHA-1".

    84     if (padding == STSDigestSHA1Signature)

    85     {

    86         padding.assign(STSDigestSHA1);

    87     }

    88 

    89     STSSignature* signature = NULL;

    90 

    91     OpenSSL_add_all_digests();

    92 

    93     if (algorithm == STSAlgorithmDSA)

    94     {

    95         signature = STSDSASignature::Create(padding, errCode);

    96     }

    97     else if (algorithm == STSAlgorithmRSA)

    98     {

    99         signature = STSRSASignature::Create(padding, errCode);

   100     }

   101     else

   102     {

   103         // Algorithm is not supported

   104         ELOG(ESATSA, "CreateSignature:algorithm is not supported ");

   105         *errCode = KSTSErrNoSuchAlgorithm;

   106         return NULL;

   107     }

   108 

   109     if (*errCode == 0)

   110     {

   111         //no errors, return the signature object

   112         return signature;

   113     }

   114     else

   115     {

   116         ELOG(ESATSA, "STSSignatureFactory::CreateSignature:Error, return NULL");

   117         return NULL;

   118     }

   119 }

   120 

   121 jboolean STSSignatureFactory::IsSupportedAlgorithm(JNIEnv* aJni,

   122         const jstring aAlgorithm)

   123 {

   124     LOG(ESATSA, EInfo, "STSSignatureFactory::IsSupportedAlgorithm+");

   125     //convert the jstring to native string

   126     std::wstring algorithm;

   127     try

   128     {

   129         algorithm = java::util::JniUtils::jstringToWstring(aJni, aAlgorithm);

   130     }

   131     catch (...)

   132     {

   133         ELOG(ESATSA, "IsSupportedAlgorithm:caught exception. Return error code");

   134         return false;

   135     }

   136     // RSA and DSA algorithms are supported.

   137     if (algorithm == STSAlgorithmRSA || algorithm == STSAlgorithmDSA)

   138     {

   139         return true;

   140     }

   141     else

   142     {

   143         ELOG(ESATSA, "IsSupportedAlgorithm:Algorithm is not supported");

   144         return false;

   145     }

   146 }

   147 

   148 jint STSSignatureFactory::IsValidKey(JNIEnv* aJni, const jstring aAlgorithm,

   149                                      const jstring aKeyFormat, const jbyteArray aKeyEncoded)

   150 {

   151     LOG(ESATSA, EInfo, "STSSignatureFactory::IsValidKey+");

   152     std::wstring algorithm;

   153     try

   154     {

   155         algorithm = java::util::JniUtils::jstringToWstring(aJni, aAlgorithm);

   156     }

   157     catch (...)

   158     {

   159         ELOG(ESATSA, "IsValidKey: caught exception. Return error code");

   160         return KSTSErrNotSupported;

   161     }

   162     // only X.509 keyformat is supported

   163     std::wstring format;

   164     try

   165     {

   166         format = java::util::JniUtils::jstringToWstring(aJni, aKeyFormat);

   167     }

   168     catch (...)

   169     {

   170         ELOG(ESATSA, "IsValidKey: caught exception. Return error code");

   171         return KSTSErrNotSupported;

   172     }

   173     if (format != STSKeyFormatX509)

   174     {

   175         ELOG(ESATSA, "IsValidKey:Key Format Not Supported");

   176         return KSTSErrNotSupported;

   177     }

   178 

   179     // check the algorithm from the subject public info.

   180 

   181     //Read the encoded key from the jbytearray

   182     int key_length = aJni->GetArrayLength(aKeyEncoded);

   183     const unsigned char *key = new unsigned char[key_length];

   184     aJni->GetByteArrayRegion(aKeyEncoded, 0, key_length, (signed char*) key);

   185 

   186     //check if RSA

   187     RSA* iRSA = NULL;

   188     iRSA = d2i_RSA_PUBKEY(&iRSA, &key, (long) key_length);

   189     if (iRSA == NULL)

   190     {

   191         //check for DSA

   192         DSA* iDSA = NULL;

   193         iDSA = d2i_DSA_PUBKEY(&iDSA, &key, (long) key_length);

   194 

   195         if (iDSA == NULL)

   196         {

   197             //Not RSA or DSA

   198             ELOG(ESATSA, "STSSignatureFactory::IsValidKey: Neither RSA nor DSA");

   199             return KSTSErrNotSupported;

   200         }

   201         else

   202         {

   203             //Check if algorithm is DSA as Key is for DSA

   204             if (algorithm == STSAlgorithmDSA)

   205             {

   206                 return 0;

   207             }

   208             else

   209             {

   210                 ELOG(ESATSA, "IsValidKey: DSA not supported");

   211                 return KSTSErrNotSupported;

   212             }

   213         }

   214     }

   215     else

   216     {

   217         //Key is for RSA check the algorithm whether its RSA

   218         if (algorithm == STSAlgorithmRSA)

   219         {

   220             return 0;

   221         }

   222         else

   223         {

   224             ELOG(ESATSA, "IsValidKey: RSA not supported");

   225             return KSTSErrNotSupported;

   226         }

   227     }

   228 

   229 }

   230 } // namespace satsa

   231 } // namespace java

   232