|
1 /* |
|
2 * Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include <asymmetric.h> |
|
20 #include <asymmetrickeys.h> |
|
21 #include <bigint.h> |
|
22 |
|
23 EXPORT_C CDSAVerifier* CDSAVerifier::NewL(const CDSAPublicKey& aKey) |
|
24 { |
|
25 CDSAVerifier* self = new(ELeave)CDSAVerifier(aKey); |
|
26 return self; |
|
27 } |
|
28 |
|
29 EXPORT_C CDSAVerifier* CDSAVerifier::NewLC(const CDSAPublicKey& aKey) |
|
30 { |
|
31 CDSAVerifier* self = NewL(aKey); |
|
32 CleanupStack::PushL(self); |
|
33 return self; |
|
34 } |
|
35 |
|
36 TInt CDSAVerifier::MaxInputLength(void) const |
|
37 { |
|
38 // return CSHA1::DIGESTBYTES |
|
39 return 160; |
|
40 } |
|
41 |
|
42 TBool CDSAVerifier::VerifyL(const TDesC8& aInput, |
|
43 const CDSASignature& aSignature) const |
|
44 { |
|
45 //see HAC 11.56 or DSS section 6 |
|
46 //I'll follow HAC as I like the description better |
|
47 |
|
48 // a) Obtain A's authenticate public key |
|
49 |
|
50 // b) Verify that 0 < r < q and 0 < s < q; if not reject signature |
|
51 if (aSignature.R() <= 0 || aSignature.R() >= iPublicKey.Q()) |
|
52 { |
|
53 return EFalse; |
|
54 } |
|
55 if (aSignature.S() <= 0 || aSignature.S() >= iPublicKey.Q()) |
|
56 { |
|
57 return EFalse; |
|
58 } |
|
59 |
|
60 TBool result = EFalse; |
|
61 |
|
62 // c) Compute w = s^(-1) mod q and h(m) |
|
63 RInteger w = aSignature.S().InverseModL(iPublicKey.Q()); |
|
64 CleanupStack::PushL(w); |
|
65 // Note that in order to be interoperable, compliant with the DSS, and |
|
66 // secure, aInput must be the result of a SHA-1 hash |
|
67 RInteger hm = RInteger::NewL(aInput); |
|
68 CleanupStack::PushL(hm); |
|
69 |
|
70 // d) Compute u1 = w * hm mod q and u2 = r * w mod q |
|
71 RInteger u1 = TInteger::ModularMultiplyL(w, hm, iPublicKey.Q()); |
|
72 CleanupStack::PushL(u1); |
|
73 |
|
74 RInteger u2 = TInteger::ModularMultiplyL(aSignature.R(), w, iPublicKey.Q()); |
|
75 CleanupStack::PushL(u2); |
|
76 |
|
77 // e) Compute v = ((g^u1 * y^u2) mod p) mod q |
|
78 RInteger temp = TInteger::ModularExponentiateL(iPublicKey.G(), u1, |
|
79 iPublicKey.P()); |
|
80 CleanupStack::PushL(temp); |
|
81 RInteger temp1 = TInteger::ModularExponentiateL(iPublicKey.Y(), u2, |
|
82 iPublicKey.P()); |
|
83 CleanupStack::PushL(temp1); |
|
84 RInteger v = TInteger::ModularMultiplyL(temp, temp1, iPublicKey.P()); |
|
85 CleanupStack::PushL(v); |
|
86 v %= iPublicKey.Q(); |
|
87 |
|
88 // f) Accept the signature iff v == r |
|
89 if(v == aSignature.R()) |
|
90 { |
|
91 result = ETrue; |
|
92 } |
|
93 |
|
94 CleanupStack::PopAndDestroy(&v); |
|
95 CleanupStack::PopAndDestroy(&temp1); |
|
96 CleanupStack::PopAndDestroy(&temp); |
|
97 CleanupStack::PopAndDestroy(&u2); |
|
98 CleanupStack::PopAndDestroy(&u1); |
|
99 CleanupStack::PopAndDestroy(&hm); |
|
100 CleanupStack::PopAndDestroy(&w); |
|
101 |
|
102 return result; |
|
103 } |
|
104 |
|
105 CDSAVerifier::CDSAVerifier(const CDSAPublicKey& aKey) |
|
106 : iPublicKey(aKey) |
|
107 { |
|
108 } |
|
109 |