|
1 /* |
|
2 * Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include "dsaverifyimpl.h" |
|
20 #include "pluginconfig.h" |
|
21 |
|
22 using namespace SoftwareCrypto; |
|
23 |
|
24 // Implementation of CDSAVerifierImpl |
|
25 CDSAVerifierImpl* CDSAVerifierImpl::NewL(const CKey& aKey) |
|
26 { |
|
27 CDSAVerifierImpl* self = CDSAVerifierImpl::NewLC(aKey); |
|
28 CleanupStack::Pop(self); |
|
29 return self; |
|
30 } |
|
31 |
|
32 CDSAVerifierImpl* CDSAVerifierImpl::NewLC(const CKey& aKey) |
|
33 { |
|
34 CDSAVerifierImpl* self = new(ELeave) CDSAVerifierImpl(); |
|
35 CleanupStack::PushL(self); |
|
36 self->ConstructL(aKey); |
|
37 return self; |
|
38 } |
|
39 |
|
40 CDSAVerifierImpl::CDSAVerifierImpl() |
|
41 { |
|
42 } |
|
43 |
|
44 CDSAVerifierImpl::~CDSAVerifierImpl() |
|
45 { |
|
46 } |
|
47 |
|
48 void CDSAVerifierImpl::ConstructL(const CKey& aKey) |
|
49 { |
|
50 CVerifierImpl::ConstructL(aKey); |
|
51 } |
|
52 |
|
53 CExtendedCharacteristics* CDSAVerifierImpl::CreateExtendedCharacteristicsL() |
|
54 { |
|
55 // All Symbian software plug-ins have unlimited concurrency, cannot be reserved |
|
56 // for exclusive use and are not CERTIFIED to be standards compliant. |
|
57 return CExtendedCharacteristics::NewL(KMaxTInt, EFalse); |
|
58 } |
|
59 |
|
60 const CExtendedCharacteristics* CDSAVerifierImpl::GetExtendedCharacteristicsL() |
|
61 { |
|
62 return CDSAVerifierImpl::CreateExtendedCharacteristicsL(); |
|
63 } |
|
64 |
|
65 TUid CDSAVerifierImpl::ImplementationUid() const |
|
66 { |
|
67 return KCryptoPluginDsaVerifierUid; |
|
68 } |
|
69 |
|
70 void CDSAVerifierImpl::SetKeyL(const CKey& aPublicKey) |
|
71 { |
|
72 DoSetKeyL(aPublicKey); |
|
73 Reset(); |
|
74 } |
|
75 |
|
76 TInt CDSAVerifierImpl::GetMaximumInputLengthL() const |
|
77 { |
|
78 return KSha1HashLength; |
|
79 } |
|
80 |
|
81 void CDSAVerifierImpl::VerifyL(const TDesC8& aInput, const CCryptoParams& aSignature, TBool& aVerificationResult) |
|
82 { |
|
83 //Retrieve the parameter Q from the key |
|
84 const TInteger& tQ=iKey->GetBigIntL(KDsaKeyParameterQUid); |
|
85 |
|
86 //see HAC 11.56 or DSS section 6 |
|
87 //I'll follow HAC as I like the description better |
|
88 |
|
89 // a) Obtain A's authenticate public key |
|
90 |
|
91 // b) Verify that 0 < r < q and 0 < s < q; if not reject signature |
|
92 |
|
93 //Retrieve the R&S in DSA signature from the array |
|
94 |
|
95 const TInteger& tR=aSignature.GetBigIntL(KDsaSignatureParameterRUid); |
|
96 const TInteger& tS=aSignature.GetBigIntL(KDsaSignatureParameterSUid); |
|
97 |
|
98 if (tR <= 0 || tR >= tQ) |
|
99 { |
|
100 aVerificationResult=EFalse; |
|
101 return; |
|
102 } |
|
103 if (tS <= 0 || tS >= tQ) |
|
104 { |
|
105 aVerificationResult=EFalse; |
|
106 return; |
|
107 } |
|
108 |
|
109 |
|
110 // c) Compute w = s^(-1) mod q and h(m) |
|
111 RInteger w = tS.InverseModL(tQ); |
|
112 CleanupStack::PushL(w); |
|
113 // Note that in order to be interoperable, compliant with the DSS, and |
|
114 // secure, aInput must be the result of a SHA-1 hash |
|
115 RInteger hm = RInteger::NewL(aInput); |
|
116 CleanupStack::PushL(hm); |
|
117 |
|
118 // d) Compute u1 = w * hm mod q and u2 = r * w mod q |
|
119 RInteger u1 = TInteger::ModularMultiplyL(w, hm, tQ); |
|
120 CleanupStack::PushL(u1); |
|
121 |
|
122 RInteger u2 = TInteger::ModularMultiplyL(tR, w, tQ); |
|
123 CleanupStack::PushL(u2); |
|
124 |
|
125 // e) Compute v = ((g^u1 * y^u2) mod p) mod q |
|
126 |
|
127 const TInteger& tG=iKey->GetBigIntL(KDsaKeyParameterGUid); |
|
128 const TInteger& tY=iKey->GetBigIntL(KDsaKeyParameterYUid); |
|
129 const TInteger& tP=iKey->GetBigIntL(KDsaKeyParameterPUid); |
|
130 |
|
131 RInteger temp = TInteger::ModularExponentiateL(tG, u1, tP); |
|
132 CleanupStack::PushL(temp); |
|
133 RInteger temp1 = TInteger::ModularExponentiateL(tY, u2, tP); |
|
134 CleanupStack::PushL(temp1); |
|
135 RInteger v = TInteger::ModularMultiplyL(temp, temp1, tP); |
|
136 CleanupStack::PushL(v); |
|
137 v %= tQ; |
|
138 |
|
139 // f) Accept the signature if v == r |
|
140 if(v == tR) |
|
141 { |
|
142 aVerificationResult = ETrue; |
|
143 } |
|
144 |
|
145 CleanupStack::PopAndDestroy(7, &w); |
|
146 } |
|
147 |
|
148 |
|
149 // Methods which are not supported can be excluded from the coverage. |
|
150 #ifdef _BullseyeCoverage |
|
151 #pragma suppress_warnings on |
|
152 #pragma BullseyeCoverage off |
|
153 #pragma suppress_warnings off |
|
154 #endif |
|
155 |
|
156 void CDSAVerifierImpl::InverseSignL(HBufC8*& /*aOutput*/, const CCryptoParams& /*aSignature*/) |
|
157 { |
|
158 // Override in subclass |
|
159 User::Leave(KErrNotSupported); |
|
160 } |