|
1 /* |
|
2 * Copyright (c) 2002 - 2008 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: ROAP message signer class implementation |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 // INCLUDE FILES |
|
20 #include <e32std.h> |
|
21 #include <f32file.h> |
|
22 #include <s32file.h> |
|
23 #include <hash.h> |
|
24 #include <signed.h> |
|
25 #include <asymmetric.h> |
|
26 #include <hash.h> |
|
27 #include <asn1enc.h> |
|
28 #include <x509cert.h> |
|
29 #include "base64.h" |
|
30 #include "RoapSigner.h" |
|
31 #include "RoapStorageClient.h" |
|
32 #include "RoapLog.h" |
|
33 |
|
34 using namespace Roap; |
|
35 |
|
36 // CONSTANTS |
|
37 _LIT8( KSignatureStart, "<signature>" ); |
|
38 _LIT8( KSignatureEnd, "</signature>" ); |
|
39 _LIT8( KRoEndWithPrefix, "</roap:protectedRO>" ); |
|
40 _LIT8( KRoEnd, "</protectedRO>" ); |
|
41 |
|
42 // ============================ MEMBER FUNCTIONS =============================== |
|
43 |
|
44 // ----------------------------------------------------------------------------- |
|
45 // RoapSigner::RoapSigner |
|
46 // C++ default constructor can NOT contain any code, that |
|
47 // might leave. |
|
48 // ----------------------------------------------------------------------------- |
|
49 // |
|
50 CRoapSigner::CRoapSigner(): |
|
51 iHash( NULL ), |
|
52 iStorage( NULL ) |
|
53 { |
|
54 } |
|
55 |
|
56 // ----------------------------------------------------------------------------- |
|
57 // CRIHello::ConstructL |
|
58 // Symbian 2nd phase constructor can leave. |
|
59 // ----------------------------------------------------------------------------- |
|
60 // |
|
61 void CRoapSigner::ConstructL( RRoapStorageClient& aStorageClient ) |
|
62 { |
|
63 iHash = CSHA1::NewL(); |
|
64 iStorage = &aStorageClient; |
|
65 } |
|
66 |
|
67 |
|
68 // Destructor |
|
69 CRoapSigner::~CRoapSigner() |
|
70 { |
|
71 iRequests.ResetAndDestroy(); |
|
72 iResponses.ResetAndDestroy(); |
|
73 delete iHash; |
|
74 } |
|
75 |
|
76 // ----------------------------------------------------------------------------- |
|
77 // RoapSigner:: |
|
78 // |
|
79 // ----------------------------------------------------------------------------- |
|
80 // |
|
81 CRoapSigner* CRoapSigner::NewL( RRoapStorageClient& aStorageClient ) |
|
82 { |
|
83 CRoapSigner* self = new ( ELeave ) CRoapSigner(); |
|
84 |
|
85 CleanupStack::PushL( self ); |
|
86 self->ConstructL( aStorageClient ); |
|
87 CleanupStack::Pop( self ); |
|
88 |
|
89 return self; |
|
90 } |
|
91 |
|
92 // ----------------------------------------------------------------------------- |
|
93 // CRoapSigner::ResetRequests |
|
94 // ----------------------------------------------------------------------------- |
|
95 // |
|
96 void CRoapSigner::ResetRequests( void ) |
|
97 { |
|
98 iRequests.ResetAndDestroy(); |
|
99 } |
|
100 |
|
101 |
|
102 // ----------------------------------------------------------------------------- |
|
103 // CRoapSigner::ResetResponses |
|
104 // ----------------------------------------------------------------------------- |
|
105 // |
|
106 void CRoapSigner::ResetResponses( void ) |
|
107 { |
|
108 iResponses.ResetAndDestroy(); |
|
109 } |
|
110 |
|
111 |
|
112 // ----------------------------------------------------------------------------- |
|
113 // CRoapSigner::AddResponseL |
|
114 // ----------------------------------------------------------------------------- |
|
115 // |
|
116 void CRoapSigner::AddResponseL( |
|
117 const TDesC8& aResponse ) |
|
118 { |
|
119 HBufC8* b = aResponse.AllocLC(); |
|
120 iResponses.AppendL( b ); |
|
121 CleanupStack::Pop( b ); |
|
122 } |
|
123 |
|
124 |
|
125 // ----------------------------------------------------------------------------- |
|
126 // CRoapSigner::VerifyAndAddResponseL |
|
127 // ----------------------------------------------------------------------------- |
|
128 // |
|
129 TBool CRoapSigner::VerifyAndAddResponseL( |
|
130 const TDesC8& aResponse, |
|
131 const TDesC8& aSignature, |
|
132 const RPointerArray<HBufC8>& aCertificateChain ) |
|
133 { |
|
134 TBool r = ETrue; |
|
135 TInt i( 0 ); |
|
136 TInt startPoint = 0; |
|
137 TInt endPoint = 0; |
|
138 TInt roEnd = 0; |
|
139 TPtr8 ptr( 0, 0 ); |
|
140 TPtrC8 hash( 0, 0 ); |
|
141 HBufC8* tempMessage = NULL; |
|
142 TInt lastRoEnd( 0 ); |
|
143 |
|
144 LOGLIT( "CRoapSigner::VerifyAndAddResponseL" ); |
|
145 |
|
146 // locate the last protectedRO endtag - there could be also <signature> elemet |
|
147 // inside the ro element |
|
148 while ( lastRoEnd >= 0 ) |
|
149 { |
|
150 TInt tagIncrement( KRoEndWithPrefix().Length() ); |
|
151 roEnd += lastRoEnd; |
|
152 TPtrC8 startPtr( aResponse.Mid( roEnd ) ); |
|
153 lastRoEnd = startPtr.Find( KRoEndWithPrefix ); |
|
154 if ( lastRoEnd == KErrNotFound ) |
|
155 { |
|
156 // try again without namespace prefix |
|
157 lastRoEnd = startPtr.Find( KRoEnd ); |
|
158 tagIncrement = KRoEnd().Length(); |
|
159 } |
|
160 if ( lastRoEnd > 0 ) |
|
161 { |
|
162 lastRoEnd += tagIncrement; |
|
163 } |
|
164 DETAILLOG2( _L( "lastRoEnd %08x:" ), lastRoEnd ); |
|
165 } |
|
166 DETAILLOG2( _L( "roEnd %08x:" ), roEnd ); |
|
167 if ( roEnd > 0 ) |
|
168 { |
|
169 startPoint = aResponse.Right( aResponse.Length() - roEnd ).Find( KSignatureStart ); |
|
170 startPoint += roEnd; |
|
171 endPoint = aResponse.Right( aResponse.Length() - roEnd ).Find( KSignatureEnd ) |
|
172 + KSignatureEnd().Length(); |
|
173 endPoint += roEnd; |
|
174 } |
|
175 else |
|
176 { |
|
177 startPoint = aResponse.Find( KSignatureStart ); |
|
178 endPoint = aResponse.Find( KSignatureEnd ) + KSignatureEnd().Length(); |
|
179 } |
|
180 |
|
181 tempMessage = HBufC8::NewMax( aResponse.Length() - |
|
182 2 * KSignatureStart().Length() ); |
|
183 User::LeaveIfNull( tempMessage ); |
|
184 ptr.Set( tempMessage->Des() ); |
|
185 ptr.Copy( aResponse.Left( startPoint ) ); |
|
186 ptr.Append( aResponse.Right( aResponse.Length() - endPoint ) ); |
|
187 |
|
188 iResponses.Append( tempMessage ); |
|
189 iHash->Reset(); |
|
190 for ( i = 0; i < iResponses.Count(); i++ ) |
|
191 { |
|
192 DETAILLOG2( _L( "Message %d:" ), i ); |
|
193 DETAILLOGHEX( iResponses[ i ]->Ptr(), iResponses[ i ]->Length() ); |
|
194 iHash->Update( *iResponses[ i ] ); |
|
195 } |
|
196 |
|
197 hash.Set( iHash->Final() ); |
|
198 |
|
199 LOGLIT( "Hash" ); |
|
200 LOGHEX( hash.Ptr(), hash.Length() ); |
|
201 LOGLIT( "Signature" ); |
|
202 LOGHEX( aSignature.Ptr(), aSignature.Length() ); |
|
203 |
|
204 r= iStorage->VerifyL( aSignature, hash, aCertificateChain ); |
|
205 |
|
206 #ifdef _ROAP_TESTING |
|
207 if ( r ) |
|
208 { |
|
209 LOGLIT( "Signature verification ok." ); |
|
210 } |
|
211 else |
|
212 { |
|
213 LOGLIT( "Signature verification failed." ); |
|
214 } |
|
215 #endif |
|
216 |
|
217 return r; |
|
218 } |
|
219 |
|
220 |
|
221 // ----------------------------------------------------------------------------- |
|
222 // CRoapSigner::AddRequestL |
|
223 // ----------------------------------------------------------------------------- |
|
224 // |
|
225 void CRoapSigner::AddRequestL( |
|
226 const TDesC8& aRequest ) |
|
227 { |
|
228 HBufC8* b = aRequest.AllocLC(); |
|
229 iRequests.AppendL( b ); |
|
230 CleanupStack::Pop( b ); |
|
231 } |
|
232 |
|
233 |
|
234 // ----------------------------------------------------------------------------- |
|
235 // CRoapSigner::SignAndAddRequestL |
|
236 // ----------------------------------------------------------------------------- |
|
237 // |
|
238 HBufC8* CRoapSigner::SignAndAddRequestL( |
|
239 const TDesC8& aRequest ) |
|
240 { |
|
241 TInt i; |
|
242 TInt insertPoint; |
|
243 HBufC8* s; |
|
244 HBufC8* r; |
|
245 TPtr8 ptr( 0, 0 ); |
|
246 HBufC8* signature = NULL; |
|
247 HBufC8* tempMessage = NULL; |
|
248 TPtrC8 hash( 0, 0 ); |
|
249 |
|
250 LOGLIT( "CRoapSigner::SignAndAddRequestL" ); |
|
251 |
|
252 insertPoint = aRequest.Find( KSignatureStart ) + KSignatureStart().Length(); |
|
253 tempMessage = HBufC8::NewMax( aRequest.Length() - |
|
254 2 * KSignatureStart().Length() ); |
|
255 User::LeaveIfNull( tempMessage ); |
|
256 ptr.Set( tempMessage->Des() ); |
|
257 ptr.Copy( aRequest.Left( insertPoint - KSignatureStart().Length() ) ); |
|
258 ptr.Append( aRequest.Right( aRequest.Length() - insertPoint - |
|
259 KSignatureStart().Length() - 1 ) ); |
|
260 |
|
261 iHash->Reset(); |
|
262 for ( i = 0; i < iRequests.Count(); i++ ) |
|
263 { |
|
264 DETAILLOG2( _L( "Message %d:" ), i ); |
|
265 DETAILLOGHEX( iRequests[ i ]->Ptr(), iRequests[ i ]->Length() ); |
|
266 iHash->Update( *iRequests[ i ] ); |
|
267 } |
|
268 DETAILLOG2( _L( "Message %d:" ), i ); |
|
269 DETAILLOGHEX( tempMessage->Ptr(), tempMessage->Length() ); |
|
270 iHash->Update( *tempMessage ); |
|
271 delete tempMessage; |
|
272 hash.Set( iHash->Final() ); |
|
273 LOGLIT( "Hash" ); |
|
274 LOGHEX( hash.Ptr(), hash.Length() ); |
|
275 |
|
276 iStorage->SignL( hash, signature ); |
|
277 CleanupStack::PushL( signature ); |
|
278 |
|
279 LOGLIT( "Signature" ); |
|
280 LOGHEX( signature->Ptr(), signature->Length() ); |
|
281 |
|
282 s = Base64EncodeL( *signature ); |
|
283 CleanupStack::PushL( s ); |
|
284 r = HBufC8::NewMax( s->Length() + aRequest.Length() ); |
|
285 User::LeaveIfNull( r ); |
|
286 ptr.Set( r->Des() ); |
|
287 ptr.Copy( aRequest.Left( insertPoint ) ); |
|
288 ptr.Append( *s ); |
|
289 ptr.Append( aRequest.Right( aRequest.Length() - insertPoint ) ); |
|
290 CleanupStack::PopAndDestroy( s ); |
|
291 CleanupStack::PopAndDestroy( signature ); |
|
292 |
|
293 iRequests.Append( r->Des().AllocL() ); |
|
294 return r; |
|
295 } |
|
296 |
|
297 // End of File |