MCL/sf/os/security: comparison cryptoplugins/cryptospiplugins/source/softwarecrypto/dsasignerimpl.cpp

equal deleted inserted replaced

-:da2ae96f639b
+:cd501b96611d
+/*
+* Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+#include "dsasignerimpl.h"
+#include "pluginconfig.h"
+using namespace SoftwareCrypto;
+// Implementation of CDSASignerImpl
+CDSASignerImpl* CDSASignerImpl::NewL(const CKey& aKey)
+	{
+	CDSASignerImpl* self = CDSASignerImpl::NewLC(aKey);
+	CleanupStack::Pop(self);
+	return self;
+	}
+CDSASignerImpl* CDSASignerImpl::NewLC(const CKey& aKey)
+	{
+	CDSASignerImpl* self = new(ELeave) CDSASignerImpl();
+	CleanupStack::PushL(self);
+	self->ConstructL(aKey);
+	return self;
+	}
+CDSASignerImpl::CDSASignerImpl()
+	{
+	}
+CDSASignerImpl::~CDSASignerImpl()
+	{
+	}
+void CDSASignerImpl::ConstructL(const CKey& aKey)
+	{
+	CSignerImpl::ConstructL(aKey);
+	}
+CExtendedCharacteristics* CDSASignerImpl::CreateExtendedCharacteristicsL()
+	{
+	// All Symbian software plug-ins have unlimited concurrency, cannot be reserved
+	// for exclusive use and are not CERTIFIED to be standards compliant.
+	return CExtendedCharacteristics::NewL(KMaxTInt, EFalse);
+	}
+const CExtendedCharacteristics* CDSASignerImpl::GetExtendedCharacteristicsL()
+	{
+	return CDSASignerImpl::CreateExtendedCharacteristicsL();
+	}
+TUid CDSASignerImpl::ImplementationUid() const
+	{
+	return KCryptoPluginDsaSignerUid;
+	}
+void CDSASignerImpl::SetKeyL(const CKey& aPrivateKey)
+	{
+	DoSetKeyL(aPrivateKey);
+	Reset();
+	}
+TInt CDSASignerImpl::GetMaximumInputLengthL() const
+	{
+	return KSha1HashLength;
+	}
+void CDSASignerImpl::SignL(const TDesC8& aInput, CCryptoParams& aSignature)
+	{
+	//see HAC 11.56 or DSS section 5
+	//I'll follow HAC as I like its description better
+	//We don't check that r and s are non both non-null like the DSS
+	//states you _optionally_ can.  The chances of this are _incredibly_ small.
+	//You've got a much better chance of a bit failure ocurring in the hardware
+	//than this.
+	const TInteger& tQ=iKey->GetBigIntL(KDsaKeyParameterQUid);
+	// a) Select a random secret integer (k | 0 < k < q)
+	RInteger qminus1 = RInteger::NewL(tQ);
+	CleanupStack::PushL(qminus1);
+	--qminus1;
+	RInteger k = RInteger::NewRandomL(TInteger::One(), qminus1);
+	CleanupStack::PopAndDestroy(&qminus1);
+	CleanupStack::PushL(k);
+	// b) compute r = (g^k mod p) mod q
+	const TInteger& tG=iKey->GetBigIntL(KDsaKeyParameterGUid);
+	const TInteger& tP=iKey->GetBigIntL(KDsaKeyParameterPUid);
+	RInteger r = TInteger::ModularExponentiateL(tG, k, tP);
+	CleanupStack::PushL(r);
+	r %=tQ;
+	// c) compute k^(-1) mod q
+	RInteger kinv = k.InverseModL(tQ);
+	CleanupStack::PushL(kinv);
+	// d) compute s = k^(-1) * {h(m) + xr} mod q
+	// Note that in order to be interoperable, compliant with the DSS, and
+	// secure, aInput must be the result of a SHA-1 hash
+	RInteger hm = RInteger::NewL(aInput);
+	CleanupStack::PushL(hm);
+	const TInteger& tX=iKey->GetBigIntL(KDsaKeyParameterXUid);
+	RInteger s = tX.TimesL(r);
+	CleanupStack::PushL(s);
+	s += hm;
+	s *= kinv;
+	s %= tQ;
+	// e) signature for m is the pair (r,s)
+	aSignature.AddL(r, KDsaSignatureParameterRUid);
+	aSignature.AddL(s, KDsaSignatureParameterSUid);
+	CleanupStack::PopAndDestroy(5, &k);
+	}