1 /*

     2 * Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description: 

    15 *

    16 */

    17 

    18 

    19 #include <symmetric.h>

    20 #include "pbesymmetricfactory.h"

    21 

    22 #ifdef SYMBIAN_ENABLE_SPLIT_HEADERS

    23 

    24 /** OpenSSL PKCS8 Effective Key Length Compatibility.*/

    25 const TUint KPkcs8CompatibilityBits = 128;

    26 

    27 /** PKCS12 PBE Effective Key Length Compatibility.*/

    28 const TUint KPkcs12CompatibilityBits = 40;

    29 

    30 #endif

    31 

    32 TUint PBE::GetBlockBytes(TPBECipher aCipher)

    33 	{

    34 	switch(aCipher)

    35 		{

    36 		case ECipherAES_CBC_128:

    37 		case ECipherAES_CBC_192:

    38 		case ECipherAES_CBC_256:

    39 			return KAESBlockBytes;

    40 		case ECipherDES_CBC:

    41 		case ECipher3DES_CBC:

    42 

    43 		case ECipher2Key3DES_CBC: 

    44 

    45 			return KDESBlockBytes;

    46 		case ECipherRC2_CBC_128_16:

    47 		case ECipherRC2_CBC_40_16:

    48 		case ECipherRC2_CBC_128:

    49 		case ECipherRC2_CBC_40:

    50 

    51 		case ECipherRC2_CBC_40_5:

    52 

    53 			return KRC2BlockBytes;

    54 

    55 		case ECipherARC4_128:

    56 		case ECipherARC4_40:

    57 			return 1; // 1 byte block for stream cipher

    58 

    59 		default:

    60 			User::Panic(_L("Invalid PBE cipher"), 1);

    61 		}

    62 	return (KErrNone); //	For the compiler

    63 	}

    64 

    65 TUint PBE::GetKeyBytes(TPBECipher aCipher)

    66 	{

    67 	switch(aCipher)

    68 		{

    69 		case ECipherAES_CBC_128:

    70 			return KAESKeyBytes128;

    71 		case ECipherAES_CBC_192:

    72 			return KAESKeyBytes192;

    73 		case ECipherAES_CBC_256:

    74 			return KAESKeyBytes256;

    75 		case ECipherDES_CBC:

    76 			return KDESKeyBytes;

    77 		case ECipher3DES_CBC:

    78 			return K3DESKeyBytes;

    79 

    80 		case ECipher2Key3DES_CBC:

    81 			return K2Key3DESKeyBytes;

    82 

    83  		case ECipherRC2_CBC_128:

    84  		case ECipherRC2_CBC_128_16:

    85 			return KRC2KeyBytes128;

    86 		case ECipherRC2_CBC_40:

    87 		case ECipherRC2_CBC_40_16:

    88 

    89 		case ECipherRC2_CBC_40_5:

    90 

    91 			return KRC2KeyBytes40;

    92 

    93 		case ECipherARC4_128:

    94 			return KRC4KeyBytes128;

    95 		case ECipherARC4_40:	

    96 			return KRC4KeyBytes40;

    97 

    98 		default:

    99 			User::Panic(_L("Invalid PBE cipher"), 1);

   100 		}

   101 	return (KErrNone);	//	For the compiler

   102 	}

   103 

   104 CSymmetricCipher* PBE::MakeEncryptorL(TPBECipher aCipher, const TDesC8& aKey, 

   105 	const TDesC8& aIV)

   106 	{

   107 	CSymmetricCipher* cipher = 0;	

   108 	CBlockTransformation* block = 0;

   109 	switch(aCipher)

   110 		{

   111 

   112 		// stream cipher

   113 		case ECipherARC4_40:

   114 		case ECipherARC4_128:

   115 			cipher = CARC4::NewL(aKey, 0);

   116 			break;	

   117 

   118 		// block cipher	

   119 		case ECipherAES_CBC_128:

   120 		case ECipherAES_CBC_192:

   121 		case ECipherAES_CBC_256:

   122 			block = CAESEncryptor::NewLC(aKey);

   123 			break;

   124 

   125 		case ECipherDES_CBC:

   126 			block = CDESEncryptor::NewLC(aKey);

   127 			break;

   128 			

   129 		case ECipher3DES_CBC:		

   130 			block = C3DESEncryptor::NewLC(aKey);

   131 			break;

   132 	

   133 		case ECipher2Key3DES_CBC:

   134 			{

   135 			// Construct 3key from 2 key ( copy first key to 3rd key ) each key 8 bytes

   136 			TBuf8<K3DESKeyBytes>  encryptKey(aKey);			

   137 			encryptKey.Append(aKey.Ptr(),KDESKeyBytes);

   138 			block = C3DESEncryptor::NewLC(encryptKey);			

   139 			break;

   140 			}

   141 

   142 		case ECipherRC2_CBC_40:

   143 		case ECipherRC2_CBC_128:		

   144 			block = CRC2Encryptor::NewLC(aKey);

   145 			break;

   146 

   147 		case ECipherRC2_CBC_40_16:

   148 		case ECipherRC2_CBC_128_16:

   149 			block = CRC2Encryptor::NewLC(aKey, KPkcs8CompatibilityBits);

   150 			break;

   151 

   152 		case ECipherRC2_CBC_40_5:

   153 			block = CRC2Encryptor::NewLC(aKey, KPkcs12CompatibilityBits);

   154 			break;	

   155 

   156 		default:

   157 			User::Panic(_L("Invalid PBE encryptor"), 1);

   158 		}

   159 

   160 	// if aCipher is not stream cipher, create block cipher object

   161 	if(aCipher != ECipherARC4_40 && aCipher != ECipherARC4_128)

   162 		{			

   163 		block = CModeCBCEncryptor::NewL(block, aIV);

   164 		CleanupStack::Pop(); //1st block owned by 2nd

   165 		CleanupStack::PushL(block);//2nd block

   166 		CPadding* padding = CPaddingSSLv3::NewLC(GetBlockBytes(aCipher));

   167 		cipher = CBufferedEncryptor::NewL(block, padding);

   168 		CleanupStack::Pop(padding); //owned by cipher

   169 		CleanupStack::Pop(block); //owned by cipher

   170 		}

   171 

   172 	return cipher;

   173 	}

   174 

   175 

   176 CSymmetricCipher* PBE::MakeDecryptorL(TPBECipher aCipher, const TDesC8& aKey, 

   177 	const TDesC8& aIV)

   178 	{

   179 	CSymmetricCipher* cipher = 0;

   180 	CBlockTransformation* block = 0;

   181 	switch(aCipher)

   182 		{

   183 		// stream cipher

   184 		case ECipherARC4_40:

   185 		case ECipherARC4_128:

   186 			cipher = CARC4::NewL(aKey, 0);

   187 			break;	

   188 

   189 		// block cipher	

   190 		case ECipherAES_CBC_128:

   191 		case ECipherAES_CBC_192:

   192 		case ECipherAES_CBC_256:

   193 			block = CAESDecryptor::NewLC(aKey);

   194 			break;

   195 

   196 		case ECipherDES_CBC:

   197 			block = CDESDecryptor::NewLC(aKey);

   198 			break;

   199 			

   200 		case ECipher3DES_CBC:		

   201 			block = C3DESDecryptor::NewLC(aKey);

   202 			break;

   203 

   204 		case ECipher2Key3DES_CBC:

   205 			{

   206 			// Construct 3key from 2 key ( copy first key to 3rd key ) each key 8 bytes

   207 			TBuf8<K3DESKeyBytes>  encryptKey(aKey);			

   208 			encryptKey.Append(aKey.Ptr(),KDESKeyBytes);

   209 			block = C3DESDecryptor::NewLC(encryptKey);			

   210 			break;

   211 			}

   212 

   213 		case ECipherRC2_CBC_40:

   214 		case ECipherRC2_CBC_128:

   215 		  	block = CRC2Decryptor::NewLC(aKey);

   216 			break;

   217 			

   218 		case ECipherRC2_CBC_40_16:

   219 		case ECipherRC2_CBC_128_16:

   220 		  	block = CRC2Decryptor::NewLC(aKey, KPkcs8CompatibilityBits);

   221 			break;

   222 

   223 		case ECipherRC2_CBC_40_5:

   224 			block = CRC2Decryptor::NewLC(aKey, KPkcs12CompatibilityBits);

   225 			break;	

   226 

   227 		default:

   228 			User::Panic(_L("Invalid PBE decryptor"), 1);

   229 		}

   230 

   231 	// if aCipher is not stream cipher, create block cipher object

   232 	if(aCipher != ECipherARC4_40 && aCipher != ECipherARC4_128)

   233 		{	

   234 		block = CModeCBCDecryptor::NewL(block, aIV);

   235 		CleanupStack::Pop(); //1st block owned by 2nd

   236 		CleanupStack::PushL(block);//2nd block

   237 

   238 		CPadding* padding = CPaddingSSLv3::NewLC(GetBlockBytes(aCipher));

   239 		cipher = CBufferedDecryptor::NewL(block, padding);

   240 		CleanupStack::Pop(padding); //owned by cipher

   241 		CleanupStack::Pop(block); //owned by cipher

   242 		}

   243 

   244 	return cipher;

   245 	}