cryptoservices/asnpkcs/source/asnpkcs8.cpp
author Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
Thu, 17 Dec 2009 09:28:34 +0200
changeset 33 cf642210ecb7
parent 8 35751d3474b7
permissions -rw-r--r--
Revision: 200951 Kit: 200951

/*
* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
* All rights reserved.
* This component and the accompanying materials are made available
* under the terms of the License "Eclipse Public License v1.0"
* which accompanies this distribution, and is available
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
*
* Initial Contributors:
* Nokia Corporation - initial contribution.
*
* Contributors:
*
* Description: 
*
*/


#include <asn1dec.h>
#include <x509keys.h>
#include <x509cert.h>
#include "asnpkcs.h"
#include <pbe.h>
#include <pbedata.h>
#include <keyidentifierutil.h>

/*static*/ EXPORT_C CDecPKCS8Data* TASN1DecPKCS8::DecodeDERL(const TDesC8& aBinaryData)
{
	return (CDecPKCS8Data::NewL(aBinaryData));
}

/*
EncryptedPrivateKeyInfo ::= SEQUENCE {
  encryptionAlgorithm EncryptionAlgorithmIdentifier,
  encryptedData EncryptedData }
EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
EncryptedData ::= OCTET STRING
*/

/*static*/ EXPORT_C CDecPKCS8Data* TASN1DecPKCS8::DecodeEncryptedDERL(const TDesC8& aBinaryData, const TDesC8& aPassword)
{
	TASN1DecGeneric seqGen(aBinaryData);
	seqGen.InitL();
	if (seqGen.Tag() != EASN1Sequence)
		{
		User::Leave(KErrArgument);
		}
	
	TASN1DecSequence dec;
	CArrayPtrFlat<TASN1DecGeneric>* theData = dec.DecodeDERLC(seqGen);
	TInt seqIndex = 0;
	TInt count = theData->Count();
	if (seqIndex >= count)
		{
		User::Leave(KErrArgument);		
		}

//	Get the first part of the sequence -> PKCS5 data
	TASN1DecGeneric* pkcs5 = theData->operator[](seqIndex);
	TPtrC8 theContent(pkcs5->Encoding());	//	expect this to be a sequence
	CPBEncryptParms* encryptParams = TASN1DecPKCS5::DecodeDERL(theContent);
	CleanupStack::PushL(encryptParams);

//	Create the decryptor	
	CPBEncryptElement* encryptElement = CPBEncryptElement::NewLC(aPassword, *encryptParams);
	CPBDecryptor* decryptor = encryptElement->NewDecryptLC();
//	Decrypt the final part of the sequence -> encrypted PKCS8 object
	TASN1DecGeneric* pkcs8 = theData->operator[](count-1);
	if (pkcs8->Tag() != EASN1OctetString)
		{
		User::Leave(KErrArgument);
		}
	TPtrC8 encryptedKey(pkcs8->GetContentDER());
	TUint encryptLength = encryptedKey.Length();
	TUint maxDecryptLength = decryptor->MaxOutputLength(encryptLength);
	if (maxDecryptLength<=0)
		{
		User::Leave(KErrGeneral);		
		}
	
	HBufC8* decryptOutput = HBufC8::NewLC(encryptLength);
	TPtr8 decryptOutputPtr(decryptOutput->Des());
	decryptOutputPtr.FillZ();
	decryptor->Process(encryptedKey, decryptOutputPtr);
			
	CDecPKCS8Data* pkcs8Data = CDecPKCS8Data::NewL(decryptOutputPtr);

	//	decryptOutput decryptor encryptElement 
	//	encryptParams theData
	CleanupStack::PopAndDestroy(5, theData);
	
	return (pkcs8Data);
}

/*
Sample cleartext pkcs8 data from pkcs8dsa.001:

          SEQUENCE
30          Tag: Constructed sequence
81 c8       Length (may be one or more bytes)

            INTEGER
02            Tag: Integer
01            Length: 1 byte
00            Value: 0

            SEQUENCE    
30            Tag: Constructed sequence
81 a9         Length (may be one or more bytes)

              OID
06              Tag: OID
07              Length: 7 bytes
2a 86 48 ce 38 04 01
                Value: dsa (1 2 840 10040 4 1)
*/

_LIT8(KPKCS8DataVersion0, "\x02\x01\x00");
_LIT8(KPKCS8DataOIDDSA, "\x06\x07\x2a\x86\x48\xce\x38\x04\x01");
_LIT8(KPKCS8DataOIDRSA, "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01");

/*static*/ EXPORT_C TBool TASN1DecPKCS8::IsPKCS8Data(const TDesC8& aBinaryData)
	{
	// We don't decode the data because we may only have the first few bytes -
	// instead we check the ASN1 by hand.

	ASSERT(aBinaryData.Length() >= KIsPKCS8DataMinLength);
	TInt pos = 0;

	return
		IsASN1Sequence(aBinaryData, pos) &&
		IsExpectedData(aBinaryData, pos, KPKCS8DataVersion0) &&
		IsASN1Sequence(aBinaryData, pos) &&
		(IsExpectedData(aBinaryData, pos, KPKCS8DataOIDDSA) ||
		 IsExpectedData(aBinaryData, pos, KPKCS8DataOIDRSA));
	}

/*
Sample encrypted pkcs8 data from encryptPK8rsa1.txt

          SEQUENCE
30          Tag: Constructed sequence
82 01 a3    Length (may be one or more bytes)

            SEQUENCE
30            Tag: Constructed sequence
3d            Length (may be one or more bytes)

              OID
06              Tag: OID
09              Length: 9 bytes
2a 86 48 86 f7 0d 01 05 0d
                Value: pkcs5PBES2 (1 2 840 113549 1 5 13)

              SEQUENCE
30              Tag: Constructed sequence
30              Length (may be one or more bytes)

                SEQUENCE
30                Tag: Constructed sequence
1b                Length (may be one or more bytes)

                  OID
06                  Tag: OID
09                  Length: 9 bytes
2a 86 48 86 f7 0d 01 05 0c
                    Value: pkcs5PBKDF2 (1 2 840 113549 1 5 12)
*/

_LIT8(KEncryptedPKCS8DataOIDpkcs5PBES2, "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0d");
_LIT8(KEncryptedPKCS8DataOIDpkcs5PBKDF2, "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0c");

EXPORT_C TBool TASN1DecPKCS8::IsEncryptedPKCS8Data(const TDesC8& aBinaryData)
	{
	// We don't decode the data because we may only have the first few bytes -
	// instead we check the ASN1 by hand.

	ASSERT(aBinaryData.Length() >= KIsEncryptedPKCS8DataMinLength);
	TInt pos = 0;

	return
		IsASN1Sequence(aBinaryData, pos) &&
		IsASN1Sequence(aBinaryData, pos) &&
		IsExpectedData(aBinaryData, pos, KEncryptedPKCS8DataOIDpkcs5PBES2) &&
		IsASN1Sequence(aBinaryData, pos) &&
		IsASN1Sequence(aBinaryData, pos) &&
		IsExpectedData(aBinaryData, pos, KEncryptedPKCS8DataOIDpkcs5PBKDF2);
	}

/**
 * Determine if the some data represents the start of an ASN1 sequence.  The
 * data is specified by a descriptor and an offset.  If the data matches, the
 * offset is advanced to point to the contents of the sequence.
 */
TBool TASN1DecPKCS8::IsASN1Sequence(const TDesC8& aBinaryData, TInt& aPos)
	{
	// Check we have enough data
	if ((aPos + 2) >= aBinaryData.Length())
		{
		return EFalse;
		}
	// Check the outermost sequence is valid
	if (aBinaryData[aPos++] != 0x30 /* constructed sequence */)
		{
		return EFalse;
		}
	// Skip sequence length
	TInt length0 = aBinaryData[aPos++];
	if (length0 & 0x80)
		{
		aPos += length0 & 0x7f;
		}
	return ETrue;
	}

/**
 * Determine if some data starts with an expected string.  The data is specified
 * by a descriptor and an offset.  If the data matches, the offset is advanced
 * to point after the match.
 */
TBool TASN1DecPKCS8::IsExpectedData(const TDesC8& aBinaryData, TInt& aPos, const TDesC8& aExpectedData)
	{
	TInt length = aExpectedData.Length();
	// Check we have enough data
	if (aPos + length >= aBinaryData.Length())
		{
		return EFalse;
		}
	// Check data matches	
	if (aBinaryData.Mid(aPos, length) != aExpectedData)
		{
		return EFalse;
		}
	aPos += length;
	return ETrue;
	}

//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	
//	PKCS#8 object data representation
//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	

/*static*/ CDecPKCS8Data* CDecPKCS8Data::NewL(const TDesC8& aData)
{
	CDecPKCS8Data* me = new (ELeave) CDecPKCS8Data();
	CleanupStack::PushL(me);
	me->ConstructL(aData);
	CleanupStack::Pop(me);
	return (me);
}

CDecPKCS8Data::CDecPKCS8Data()
{}

CDecPKCS8Data::~CDecPKCS8Data()
{
	if (iKeyPairData)
	{
		iKeyPairData->Release();
		iKeyPairData = NULL;
	}

	if (iAttributes)
	{
		delete iAttributes;
		iAttributes = NULL;
	}
}

//	Because this is part of construction, don't rely on
//	cleanup of partially constructed items...
void CDecPKCS8Data::ConstructL(const TDesC8& aData)
	{
	TASN1DecGeneric seqGen(aData);
	seqGen.InitL();
	if (seqGen.Tag() != EASN1Sequence)
		{
		User::Leave(KErrArgument);
		}

	TASN1DecSequence seq;
	CArrayPtrFlat<TASN1DecGeneric>* seqContents = seq.DecodeDERLC(seqGen);
	if (seqContents->Count() < 3 || seqContents->Count() > 4)
		{
		User::Leave(KErrArgument);
		}
				
//	VERSION
	if (seqContents->At(0)->Tag() != EASN1Integer)
		{
		User::Leave(KErrArgument);
		}
	TASN1DecInteger intDecoder;
	iVersion = intDecoder.DecodeDERShortL(*(seqContents->At(0)));
	if (iVersion!=0)
		{
		User::Leave(KErrArgument);
		}
	
//	ALGORITHM
	CX509AlgorithmIdentifier* algorithm = CX509AlgorithmIdentifier::NewLC(seqContents->At(1)->Encoding());
	iAlgorithmID = algorithm->Algorithm();
		
//	KEY DATA
	switch (iAlgorithmID)
		{//	Only support RSA, DSA, DH
		case ERSA:
			iKeyPairData = CPKCS8KeyPairRSA::NewL(*(seqContents->At(2)));
			break;
			
		case EDSA:
			{
			TPtrC8 params(algorithm->EncodedParams());		
			iKeyPairData = CPKCS8KeyPairDSA::NewL(params, *(seqContents->At(2)));
			break;
			}
			
		case EDH: // Currently not supported because no test data is available
		default:
			User::Leave(KErrNotSupported);
			break;
		}

	CleanupStack::PopAndDestroy(algorithm);

	if (seqContents->Count() == 4)
		{
		// I think we should check the tag is zero here, but we're going to be
		// lenient due to lack of real test data
		
		//if (seqContents->At(3)->Tag() != 0) // Implicitly tagged
		//	{
		//	User::Leave(KErrArgument);
		//	}
		
		iAttributes = seqContents->At(3)->Encoding().AllocL();
		}

	CleanupStack::PopAndDestroy(seqContents);
	}

//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	
//	RSA decoding
//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	

/*static*/ MPKCS8DecodedKeyPairData* CPKCS8KeyPairRSA::NewL(const TASN1DecGeneric& aSource)
{
	CPKCS8KeyPairRSA* me = new (ELeave) CPKCS8KeyPairRSA();
	CleanupStack::PushL(me);
	me->ConstructL(aSource);
	CleanupStack::Pop(me);

	return (me);
}

MPKCS8DecodedKeyPairData::~MPKCS8DecodedKeyPairData()
	{	
	}

CPKCS8KeyPairRSA::~CPKCS8KeyPairRSA()
{
	delete iPublicKey;
	delete iPrivateKey;
}

void CPKCS8KeyPairRSA::Release()
{
	delete this;
}

void CPKCS8KeyPairRSA::GetKeyIdentifierL(TKeyIdentifier& aKeyIdentifier) const
{
	if (iPublicKey)
		KeyIdentifierUtil::RSAKeyIdentifierL(*iPublicKey, aKeyIdentifier);	
	else
		User::Leave(KErrNotReady);
}

TUint CPKCS8KeyPairRSA::KeySize() const
{
	if (!iPublicKey)
	{
		ASSERT(EFalse);
		return (0xffffffff);
	}
	
	const TInteger& modulus = iPublicKey->N();

	TUint size = modulus.BitCount();
	return (size);
}

void CPKCS8KeyPairRSA::ConstructL(const TASN1DecGeneric& aSource)
{
	TPtrC8 theContent(aSource.GetContentDER());
	TASN1DecRSAKeyPair keyPairDecoder;
	TInt tempPos = 0;
	keyPairDecoder.DecodeDERL(theContent, tempPos, iPublicKey, iPrivateKey);
}


//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	
//	DSA decoding
//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	//	\\	

/*static*/ MPKCS8DecodedKeyPairData* CPKCS8KeyPairDSA::NewL(const TDesC8& aParamsData, const TASN1DecGeneric& aSource)
{
	CPKCS8KeyPairDSA* me = new (ELeave) CPKCS8KeyPairDSA();
	CleanupStack::PushL(me);
	me->ConstructL(aParamsData, aSource);
	CleanupStack::Pop(me);

	return (me);
}

CPKCS8KeyPairDSA::~CPKCS8KeyPairDSA()
{
	delete iPublicKey;
	delete iPrivateKey;
}

void CPKCS8KeyPairDSA::Release()
{
	delete this;
}

void CPKCS8KeyPairDSA::GetKeyIdentifierL(TKeyIdentifier& aKeyIdentifier) const
{
	if (iPublicKey)
		KeyIdentifierUtil::DSAKeyIdentifierL(*iPublicKey, aKeyIdentifier);	
	else
		User::Leave(KErrNotReady);
}

TUint CPKCS8KeyPairDSA::KeySize() const
{
	if (!iPublicKey)
	{
		ASSERT(EFalse);
		return (0xffffffff);
	}
	
	const TInteger& P = iPublicKey->P();

	TUint size = P.BitCount();
	return (size);
}

void CPKCS8KeyPairDSA::ConstructL(const TDesC8& aParamsData, const TASN1DecGeneric& aSource)
{
	TX509KeyFactory keyFactory;
	CDSAParameters* params = keyFactory.DSAParametersL(aParamsData);
	CleanupStack::PushL(params);

	RInteger P = RInteger::NewL(params->P());
	CleanupStack::PushL(P);

	RInteger Q = RInteger::NewL(params->Q());
	CleanupStack::PushL(Q);

	RInteger G = RInteger::NewL(params->G());
	CleanupStack::PushL(G);

	if (aSource.Tag() != EASN1OctetString)
		{
		User::Leave(KErrArgument);
		}
	TASN1DecOctetString  octetDecoder;
	HBufC8* wrapped = octetDecoder.DecodeDERL(aSource);
	CleanupStack::PushL(wrapped);	

	TASN1DecGeneric integer(*wrapped);
	integer.InitL();
	if (integer.Tag() != EASN1Integer)
		{
		User::Leave(KErrArgument);
		}		
	TASN1DecInteger decInt;
	RInteger X = decInt.DecodeDERLongL(integer);
	CleanupStack::PopAndDestroy(wrapped);
	CleanupStack::PushL(X);
			
	RInteger P1 = RInteger::NewL(params->P());
	CleanupStack::PushL(P1);
	
	RInteger Q1 = RInteger::NewL(params->Q());
	CleanupStack::PushL(Q1);
	
	RInteger G1 = RInteger::NewL(params->G());
	CleanupStack::PushL(G1);

	RInteger Y = TInteger::ModularExponentiateL(G, X, P);
	CleanupStack::PushL(Y);

	iPublicKey = CDSAPublicKey::NewL(P1, Q1, G1, Y);

	// Now have to pop everything owned by iPublicKey otherwise it will be
	// deleted twice if the CDSAPrivateKey::NewL leaves

	CleanupStack::Pop(4, &P1);	// now owned by iPublicKey
	
	iPrivateKey = CDSAPrivateKey::NewL(P, Q, G, X);

	CleanupStack::Pop(4, &P);	// now owned by iPrivateKey
		
	CleanupStack::PopAndDestroy(params);
}