|
1 /* |
|
2 * Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: An XmlSec interface to the Symbian Unified Key Store. |
|
15 * |
|
16 */ |
|
17 |
|
18 #include <mctkeystore.h> |
|
19 #include <asymmetric.h> |
|
20 #include <asn1dec.h> |
|
21 #include <asn1enc.h> |
|
22 #include <x509cert.h> |
|
23 #include <charconv.h> |
|
24 #include <utf.h> |
|
25 |
|
26 #include "xmlsecmsymbiankeystore.h" |
|
27 |
|
28 // ----------------------------------------------------------------------------- |
|
29 // FindMatchedKey Find the key that matched iKeyLabelToFind from iKeys. |
|
30 // The key found will be stored in iKey |
|
31 // ----------------------------------------------------------------------------- |
|
32 // |
|
33 void CSymbianKeyStore::FindMatchedKey() |
|
34 { |
|
35 |
|
36 TInt numKey = iKeys.Count(); |
|
37 |
|
38 // Reset iKey |
|
39 if (iKey) |
|
40 { |
|
41 iKey->Release(); |
|
42 iKey = NULL; |
|
43 } |
|
44 |
|
45 // No label to be found |
|
46 if (!iKeyLabelToFind) |
|
47 return; |
|
48 |
|
49 for (int i=0;i<numKey;i++) |
|
50 { |
|
51 CCTKeyInfo* key = (CCTKeyInfo *)iKeys[i]; |
|
52 if (iKeyLabelToFind->Compare(key->Label()) == 0) |
|
53 { |
|
54 iKey = key; |
|
55 } |
|
56 } |
|
57 |
|
58 ResetAndDestroyKeysArray(); //iKeys |
|
59 } |
|
60 |
|
61 // ----------------------------------------------------------------------------- |
|
62 // GetRSASignatureL |
|
63 // Sets iSignature buffer |
|
64 // ----------------------------------------------------------------------------- |
|
65 // |
|
66 void CSymbianKeyStore::GetRSASignatureL() |
|
67 { |
|
68 if (iSignature) |
|
69 { |
|
70 delete iSignature; |
|
71 iSignature = NULL; |
|
72 } |
|
73 iSignature = iRSASignature->S().BufferLC(); |
|
74 CleanupStack::Pop(iSignature); // BufferLC |
|
75 } |
|
76 |
|
77 // --------------------------------------------------------------------------- |
|
78 // Constructor |
|
79 // --------------------------------------------------------------------------- |
|
80 // |
|
81 CSymbianKeyStore::CSymbianKeyStore() |
|
82 : CActive( EPriorityStandard ), |
|
83 iState( EUnitialized ), |
|
84 iVerifyResult( EFalse ) |
|
85 { |
|
86 } |
|
87 |
|
88 // --------------------------------------------------------------------------- |
|
89 // Second phase constructor |
|
90 // --------------------------------------------------------------------------- |
|
91 // |
|
92 void CSymbianKeyStore::ConstructL() |
|
93 { |
|
94 User::LeaveIfError(iFs.Connect()); |
|
95 CActiveScheduler::Add(this); |
|
96 } |
|
97 |
|
98 // --------------------------------------------------------------------------- |
|
99 // Two phase constructor |
|
100 // --------------------------------------------------------------------------- |
|
101 // |
|
102 EXPORT_C CSymbianKeyStore* CSymbianKeyStore::NewL() |
|
103 { |
|
104 CSymbianKeyStore* self = NewLC(); |
|
105 CleanupStack::Pop(self); |
|
106 |
|
107 return self; |
|
108 } |
|
109 |
|
110 // --------------------------------------------------------------------------- |
|
111 // Two phase constructor |
|
112 // --------------------------------------------------------------------------- |
|
113 // |
|
114 EXPORT_C CSymbianKeyStore* CSymbianKeyStore::NewLC() |
|
115 { |
|
116 CSymbianKeyStore* self = new( ELeave ) CSymbianKeyStore; |
|
117 |
|
118 CleanupStack::PushL( self ); |
|
119 self->ConstructL(); |
|
120 |
|
121 return self; |
|
122 } |
|
123 |
|
124 // --------------------------------------------------------------------------- |
|
125 // Destructor |
|
126 // --------------------------------------------------------------------------- |
|
127 // |
|
128 CSymbianKeyStore::~CSymbianKeyStore() |
|
129 { |
|
130 Cancel(); |
|
131 |
|
132 ResetAndDestroyKeysArray(); //iKeys |
|
133 |
|
134 // Free memory |
|
135 delete iDataToSign; |
|
136 delete iDataToVerify; |
|
137 delete iSignature; |
|
138 delete iPublicKeyData; |
|
139 delete iKeyLabelToFind; |
|
140 delete iRSASignature; |
|
141 if (iKey) |
|
142 { |
|
143 iKey->Release(); |
|
144 } |
|
145 |
|
146 if (iRSASigner) |
|
147 { |
|
148 iRSASigner->Release(); |
|
149 } |
|
150 |
|
151 delete iKeyStore; |
|
152 |
|
153 iFs.Close(); |
|
154 } |
|
155 |
|
156 // ----------------------------------------------------------------------------- |
|
157 // Release all resources kept in iKeys array (exept for iKey which is released |
|
158 // separetly) and empty iKeys array |
|
159 // ----------------------------------------------------------------------------- |
|
160 // |
|
161 void CSymbianKeyStore::ResetAndDestroyKeysArray() |
|
162 { |
|
163 TInt count = iKeys.Count(); |
|
164 |
|
165 for ( int i=0; i<count; ++i ) |
|
166 { |
|
167 CCTKeyInfo* key = iKeys[i]; |
|
168 if ( key != iKey ) |
|
169 { |
|
170 key->Release(); |
|
171 } |
|
172 } |
|
173 iKeys.Reset(); |
|
174 } |
|
175 |
|
176 // ----------------------------------------------------------------------------- |
|
177 // PerformRSASignOperation |
|
178 // Sign data |
|
179 // ----------------------------------------------------------------------------- |
|
180 // |
|
181 void CSymbianKeyStore::PerformRSASignOperation() |
|
182 { |
|
183 if (!iKey || !iKeyStore) |
|
184 { |
|
185 return; |
|
186 } |
|
187 |
|
188 iRSASigner->Sign(*iDataToSign, iRSASignature, iStatus); |
|
189 iState = EPerformRSASignOperation; |
|
190 SetActive(); |
|
191 |
|
192 // RunL called again when this completes |
|
193 } |
|
194 |
|
195 // ----------------------------------------------------------------------------- |
|
196 // ExportRSAPublicKeyL |
|
197 // Export public key if none present |
|
198 // ----------------------------------------------------------------------------- |
|
199 // |
|
200 void CSymbianKeyStore::ExportRSAPublicKeyL() |
|
201 { |
|
202 // iKey is a CCTKeyInfo* |
|
203 // iPublicKeyData is an HBufC8* |
|
204 __ASSERT_ALWAYS(iKey, User::Leave(KErrGeneral)); |
|
205 |
|
206 if (iPublicKeyData) |
|
207 { |
|
208 delete iPublicKeyData; |
|
209 iPublicKeyData = NULL; |
|
210 } |
|
211 |
|
212 iKeyStore->ExportPublic(*iKey, iPublicKeyData, iStatus); |
|
213 iState = EExportPublic; |
|
214 SetActive(); |
|
215 |
|
216 } |
|
217 |
|
218 // ----------------------------------------------------------------------------- |
|
219 // PerformRSAVerifyOperationL |
|
220 // Verify an RSA signed data |
|
221 // ----------------------------------------------------------------------------- |
|
222 // |
|
223 void CSymbianKeyStore::PerformRSAVerifyOperationL() |
|
224 { |
|
225 // iRSAPublicKey is a CRSAPublicKey* |
|
226 if (!iPublicKeyData) |
|
227 { |
|
228 return; |
|
229 } |
|
230 |
|
231 CX509SubjectPublicKeyInfo* ki = |
|
232 CX509SubjectPublicKeyInfo::NewLC(*iPublicKeyData); |
|
233 |
|
234 TAlgorithmId algorithmId = ESHA1; |
|
235 CAlgorithmIdentifier* digestId=CAlgorithmIdentifier::NewLC(algorithmId,KNullDesC8()); |
|
236 |
|
237 TX509KeyFactory factory; |
|
238 CRSAPublicKey *publicKey = factory.RSAPublicKeyL(ki->KeyData()); |
|
239 CleanupStack::PushL(publicKey); |
|
240 |
|
241 CRSAPKCS1v15Verifier* verifier = CRSAPKCS1v15Verifier::NewLC(*publicKey); |
|
242 |
|
243 HBufC8* publicDecryptOutput = verifier->InverseSignLC(*iRSASignature); |
|
244 CRSASignatureResult* decoder = factory.RSASignatureResultL(*digestId, *iDataToVerify); |
|
245 CleanupStack::PushL(decoder); |
|
246 |
|
247 TPtr8 outputPtr(publicDecryptOutput->Des()); |
|
248 iVerifyResult = decoder->VerifyL(outputPtr); |
|
249 |
|
250 CleanupStack::PopAndDestroy(decoder); |
|
251 CleanupStack::PopAndDestroy(publicDecryptOutput); |
|
252 CleanupStack::PopAndDestroy(verifier); |
|
253 CleanupStack::PopAndDestroy(publicKey); |
|
254 CleanupStack::PopAndDestroy(digestId); |
|
255 CleanupStack::PopAndDestroy(ki); |
|
256 } |
|
257 |
|
258 // ----------------------------------------------------------------------------- |
|
259 // CSymbianKeyStore::RunL |
|
260 // Handles an active object's request completion event. |
|
261 // (other items were commented in a header). |
|
262 // ----------------------------------------------------------------------------- |
|
263 // |
|
264 void CSymbianKeyStore::RunL() |
|
265 { |
|
266 if (iStatus!=KErrNone) |
|
267 { |
|
268 User::Leave(iStatus.Int()); |
|
269 } |
|
270 |
|
271 switch(iState) |
|
272 { |
|
273 case EInitializingKeystore: |
|
274 CActiveScheduler::Stop(); |
|
275 break; |
|
276 case EFindingKeys: |
|
277 FindMatchedKey(); |
|
278 CActiveScheduler::Stop(); |
|
279 break; |
|
280 case EImportKey: |
|
281 case ECreateKey: |
|
282 CActiveScheduler::Stop(); |
|
283 break; |
|
284 case EOpenRSAKeyForSigning: |
|
285 PerformRSASignOperation(); |
|
286 break; |
|
287 case EPerformRSASignOperation: |
|
288 CActiveScheduler::Stop(); |
|
289 break; |
|
290 case EExportPublic: |
|
291 PerformRSAVerifyOperationL(); |
|
292 CActiveScheduler::Stop(); |
|
293 break; |
|
294 |
|
295 } |
|
296 |
|
297 } |
|
298 |
|
299 // ----------------------------------------------------------------------------- |
|
300 // CSymbianKeyStore::DoCancel |
|
301 // This function is called as part of the active object's Cancel(). |
|
302 // (other items were commented in a header). |
|
303 // ----------------------------------------------------------------------------- |
|
304 // |
|
305 void CSymbianKeyStore::DoCancel() |
|
306 { |
|
307 } |
|
308 |
|
309 // ----------------------------------------------------------------------------- |
|
310 // CSymbianKeyStore::RunError |
|
311 // Handles Leaves from RunL function. |
|
312 // (other items were commented in a header). |
|
313 // ----------------------------------------------------------------------------- |
|
314 // |
|
315 TInt CSymbianKeyStore::RunError(TInt aError) |
|
316 { |
|
317 iError=aError; |
|
318 CActiveScheduler::Stop(); |
|
319 return KErrNone; |
|
320 } |
|
321 |
|
322 // ----------------------------------------------------------------------------- |
|
323 // CSymbianKeyStore::CreateUnifiedKeyStoreL |
|
324 // Create the Unified Key Store structure iKeyStore |
|
325 // ----------------------------------------------------------------------------- |
|
326 // |
|
327 EXPORT_C void CSymbianKeyStore::CreateUnifiedKeyStoreL() |
|
328 { |
|
329 |
|
330 if (iKeyStore) |
|
331 { |
|
332 delete iKeyStore; |
|
333 iKeyStore = NULL; |
|
334 } |
|
335 iKeyStore = CUnifiedKeyStore::NewL(iFs); |
|
336 iKeyStore->Initialize(iStatus); |
|
337 iState = EInitializingKeystore; |
|
338 SetActive(); |
|
339 |
|
340 // RunL() called when this completes |
|
341 |
|
342 } |
|
343 |
|
344 // ----------------------------------------------------------------------------- |
|
345 // FindKey |
|
346 // Lists keys from Unified Key Store |
|
347 // ----------------------------------------------------------------------------- |
|
348 // |
|
349 EXPORT_C void CSymbianKeyStore::FindKey( |
|
350 const TDesC8 &aLabel, CKeyInfoBase::EKeyAlgorithm aAlgo) |
|
351 { |
|
352 // KApplicationUID is the UID of the key owner application |
|
353 // iKeys is an RMPointerArray<CCTKeyInfo> that is filled with the keys found |
|
354 |
|
355 TCTKeyAttributeFilter filter; |
|
356 filter.iUsage = EPKCS15UsageSign; |
|
357 if (aAlgo!=CCTKeyInfo::EInvalidAlgorithm) |
|
358 filter.iKeyAlgorithm = aAlgo; |
|
359 |
|
360 // Store aLabel |
|
361 if (iKeyLabelToFind) |
|
362 { |
|
363 delete iKeyLabelToFind; |
|
364 iKeyLabelToFind = NULL; |
|
365 } |
|
366 TRAPD(err,iKeyLabelToFind = CnvUtfConverter::ConvertToUnicodeFromUtf8L(aLabel)); |
|
367 if (err != KErrNone) |
|
368 { |
|
369 iError=err; |
|
370 return; |
|
371 } |
|
372 |
|
373 iKeyStore->List(iKeys, filter, iStatus); |
|
374 iState = EFindingKeys; |
|
375 SetActive(); |
|
376 // RunL() called when this completes |
|
377 } |
|
378 |
|
379 // ----------------------------------------------------------------------------- |
|
380 // hasKey |
|
381 // Check if a key is found in the Unified Key Store |
|
382 // Returns: KErrNone if the key is found |
|
383 // KErrNotFound if the key is not found |
|
384 // ----------------------------------------------------------------------------- |
|
385 // |
|
386 EXPORT_C TInt CSymbianKeyStore::hasKey() |
|
387 { |
|
388 if (iKey) |
|
389 return KErrNone; |
|
390 else |
|
391 return KErrNotFound; |
|
392 } |
|
393 |
|
394 // ----------------------------------------------------------------------------- |
|
395 // GetKeySize |
|
396 // Get the size of the key stored |
|
397 // Returns: Size of the key |
|
398 // ----------------------------------------------------------------------------- |
|
399 // |
|
400 EXPORT_C TUint CSymbianKeyStore::GetKeySize() |
|
401 { |
|
402 // assert iKey |
|
403 return iKey->Size(); |
|
404 } |
|
405 |
|
406 // ----------------------------------------------------------------------------- |
|
407 // GetKeyAlgorithm |
|
408 // Get the algorithm of the key stored |
|
409 // Returns: CCTKeyInfo::EKeyAlgorithm |
|
410 // ----------------------------------------------------------------------------- |
|
411 // |
|
412 EXPORT_C CCTKeyInfo::EKeyAlgorithm CSymbianKeyStore::GetKeyAlgorithm() |
|
413 { |
|
414 // assert iKey |
|
415 return iKey->Algorithm(); |
|
416 } |
|
417 |
|
418 // ----------------------------------------------------------------------------- |
|
419 // CreateRSAKey |
|
420 // Creates RSA key and adds it to Unified Key Store |
|
421 // ----------------------------------------------------------------------------- |
|
422 // |
|
423 EXPORT_C void CSymbianKeyStore::CreateRSAKey( |
|
424 const TUint aSize, const TDesC8 &aKeyName) |
|
425 { |
|
426 HBufC16* unicodeKeyName=NULL; |
|
427 // iKey is a CCTKeyInfo* that will be set if the function succeeds |
|
428 if (iKey) |
|
429 { |
|
430 //delete iKey; |
|
431 iKey->Release(); |
|
432 iKey = NULL; |
|
433 } |
|
434 // Convert key name from TDesC8 to TDesC16 |
|
435 TRAPD(err,unicodeKeyName=CnvUtfConverter::ConvertToUnicodeFromUtf8L(aKeyName)); |
|
436 if (err != KErrNone) |
|
437 { |
|
438 iError=err; |
|
439 return; |
|
440 } |
|
441 |
|
442 // Find the number of file key stores present |
|
443 TInt num = iKeyStore->KeyStoreManagerCount(); |
|
444 TBool found = EFalse; |
|
445 TInt keyStoreIndex = 0; |
|
446 TInt index; |
|
447 |
|
448 // Find the Symbian file key store index |
|
449 for (index = 0;index < num;index++) |
|
450 { |
|
451 MCTKeyStoreManager& manager = iKeyStore->KeyStoreManager(index); |
|
452 MCTToken& token = manager.Token(); |
|
453 TUid tokenuid = token.Handle().iTokenTypeUid; |
|
454 |
|
455 if ( tokenuid == TUid::Uid(KTokenTypeFileKeystore) ) // Symbian's file key store, defined in mctkeystore.h |
|
456 { |
|
457 found = ETrue; |
|
458 break; |
|
459 } |
|
460 } |
|
461 |
|
462 if ( found ) |
|
463 { |
|
464 // If found, then store in the place pointed by the index else it shall take the first key store |
|
465 keyStoreIndex = index; |
|
466 } |
|
467 |
|
468 TTime startDate, endDate; |
|
469 startDate.UniversalTime(); |
|
470 endDate.UniversalTime(); |
|
471 endDate += TTimeIntervalYears(1); // key valid for a year |
|
472 |
|
473 iKeyStore->CreateKey( |
|
474 keyStoreIndex, |
|
475 EPKCS15UsageSign, |
|
476 aSize, |
|
477 *unicodeKeyName, |
|
478 CCTKeyInfo::ERSA, |
|
479 CCTKeyInfo::EExtractable, |
|
480 startDate, |
|
481 endDate, |
|
482 iKey, |
|
483 iStatus); |
|
484 delete unicodeKeyName; |
|
485 iState = ECreateKey; |
|
486 SetActive(); |
|
487 |
|
488 // RunL() called when this completes |
|
489 } |
|
490 |
|
491 // ----------------------------------------------------------------------------- |
|
492 // ImportKey |
|
493 // Import Key from Unified Key Store |
|
494 // ----------------------------------------------------------------------------- |
|
495 // |
|
496 EXPORT_C void CSymbianKeyStore::ImportKey( |
|
497 const TDesC8 &aKeyData, |
|
498 const TDesC8 &aKeyName) |
|
499 { |
|
500 HBufC16* unicodeKeyName=NULL; |
|
501 // iKey is a CCTKeyInfo* that will be set if the function succeeds |
|
502 if (iKey) |
|
503 { |
|
504 //delete iKey; |
|
505 iKey->Release(); |
|
506 iKey = NULL; |
|
507 } |
|
508 |
|
509 // Convert key name from TDesC8 to TDesC16 |
|
510 TRAPD(err,unicodeKeyName=CnvUtfConverter::ConvertToUnicodeFromUtf8L(aKeyName)); |
|
511 if (err != KErrNone) |
|
512 { |
|
513 iError=err; |
|
514 return; |
|
515 } |
|
516 |
|
517 // Find the number of file key stores present |
|
518 TInt num = iKeyStore->KeyStoreManagerCount(); |
|
519 TBool found = EFalse; |
|
520 TInt keyStoreIndex = 0; |
|
521 TInt index; |
|
522 |
|
523 // Find the Symbian file key store index |
|
524 for (index = 0;index < num;index++) |
|
525 { |
|
526 MCTKeyStoreManager& manager = iKeyStore->KeyStoreManager(index); |
|
527 MCTToken& token = manager.Token(); |
|
528 TUid tokenuid = token.Handle().iTokenTypeUid; |
|
529 |
|
530 if ( tokenuid == TUid::Uid(KTokenTypeFileKeystore) ) // Symbian's file key store, defined in mctkeystore.h |
|
531 { |
|
532 found = ETrue; |
|
533 break; |
|
534 } |
|
535 } |
|
536 |
|
537 if ( found ) |
|
538 { |
|
539 // If found, then store in the place pointed by the index else it shall take the first key store |
|
540 keyStoreIndex = index; |
|
541 } |
|
542 |
|
543 |
|
544 TTime startDate, endDate; |
|
545 startDate.UniversalTime(); |
|
546 endDate.UniversalTime(); |
|
547 endDate += TTimeIntervalYears(1); // key valid for a year |
|
548 |
|
549 iKeyStore->ImportKey( |
|
550 keyStoreIndex, |
|
551 aKeyData, |
|
552 EPKCS15UsageSign, |
|
553 *unicodeKeyName, |
|
554 CCTKeyInfo::EExtractable, |
|
555 startDate, |
|
556 endDate, |
|
557 iKey, |
|
558 iStatus); |
|
559 iState = EImportKey; |
|
560 delete unicodeKeyName; |
|
561 SetActive(); |
|
562 |
|
563 // RunL() called when this completes |
|
564 } |
|
565 |
|
566 // ----------------------------------------------------------------------------- |
|
567 // RSASignL |
|
568 // Opens RSA key for signing the data |
|
569 // ----------------------------------------------------------------------------- |
|
570 // |
|
571 EXPORT_C void CSymbianKeyStore::RSASignL( |
|
572 const TUint8* aDataToSign, TUint aLen) |
|
573 { |
|
574 // iRSASigner is an MRSASigner* object returned from Open() |
|
575 // iDataToSign is a HBufC8* containing data to be signed |
|
576 // iRSASignature is a CRSASignature* which will contain the result |
|
577 __ASSERT_ALWAYS(iKey, User::Leave(KErrGeneral)); |
|
578 |
|
579 if (iDataToSign) |
|
580 { |
|
581 delete iDataToSign; |
|
582 iDataToSign = NULL; |
|
583 } |
|
584 |
|
585 if (iRSASigner) |
|
586 { |
|
587 iRSASigner->Release(); |
|
588 iRSASigner = NULL; |
|
589 } |
|
590 |
|
591 if (iRSASignature) |
|
592 { |
|
593 delete iRSASignature; |
|
594 iRSASignature = NULL; |
|
595 } |
|
596 |
|
597 TPtrC8 dataPtr(aDataToSign, aLen); |
|
598 // Build ASN1 encoding of digestAlgId and digest.. |
|
599 CASN1EncSequence* encAll = CASN1EncSequence::NewLC(); |
|
600 |
|
601 // Build AlgID encoder (for SHA1) |
|
602 CASN1EncSequence* encAlgId = CASN1EncSequence::NewLC(); |
|
603 |
|
604 CASN1EncObjectIdentifier* encObjId = CASN1EncObjectIdentifier::NewLC(KSHA1); |
|
605 encAlgId->AddChildL(encObjId); |
|
606 CleanupStack::Pop(encObjId); // encObjId, now owned by endAlgId |
|
607 |
|
608 CASN1EncNull* encNull = CASN1EncNull::NewLC(); |
|
609 encAlgId->AddChildL(encNull); |
|
610 CleanupStack::Pop(encNull); // encNull, now owned by endAlgId |
|
611 |
|
612 encAll->AddChildL(encAlgId); |
|
613 CleanupStack::Pop(encAlgId); // encAlgId, now owned by encAll |
|
614 |
|
615 CASN1EncOctetString* encDigest = CASN1EncOctetString::NewLC(dataPtr); |
|
616 encAll->AddChildL(encDigest); |
|
617 CleanupStack::Pop(encDigest); // encDigest, now owned by encAll |
|
618 |
|
619 iDataToSign = HBufC8::NewMaxL(encAll->LengthDER()); |
|
620 TUint pos = 0; |
|
621 TPtr8 digestInfoPtr = iDataToSign->Des(); |
|
622 encAll->WriteDERL(digestInfoPtr, pos); |
|
623 CleanupStack::PopAndDestroy(encAll); |
|
624 |
|
625 iKeyStore->Open(*iKey, iRSASigner, iStatus); |
|
626 iState = EOpenRSAKeyForSigning; |
|
627 SetActive(); |
|
628 |
|
629 } |
|
630 |
|
631 // ----------------------------------------------------------------------------- |
|
632 // RSAVerifyL |
|
633 // Verify an RSA signature with a self-created private key in Unified Key Store |
|
634 // ----------------------------------------------------------------------------- |
|
635 // |
|
636 |
|
637 EXPORT_C void CSymbianKeyStore::RSAVerifyL( |
|
638 const TUint8* aDataToVerify, // Data to be verified with the signature |
|
639 TUint aDataLen, // Length of the data to be verified |
|
640 const TUint8* aSig, // A reference to the signature that signed the data |
|
641 TUint aSigLen) // Length of the signature |
|
642 { |
|
643 iOutOfMemoryFlag = EFalse; |
|
644 if (iDataToVerify) |
|
645 { |
|
646 delete iDataToVerify; |
|
647 iDataToVerify = NULL; |
|
648 } |
|
649 |
|
650 // Store the data |
|
651 |
|
652 TPtrC8 ptr(aDataToVerify, aDataLen); |
|
653 iDataToVerify = ptr.AllocL(); |
|
654 // Store the signature |
|
655 ptr.Set(aSig, aSigLen); |
|
656 RInteger sigInt = RInteger::NewL(ptr); |
|
657 CleanupClosePushL(sigInt); |
|
658 if (iRSASignature) |
|
659 { |
|
660 delete iRSASignature; |
|
661 iRSASignature = NULL; |
|
662 } |
|
663 iRSASignature = CRSASignature::NewL(sigInt); |
|
664 CleanupStack::Pop(&sigInt); |
|
665 |
|
666 // Export public key if none present |
|
667 // iPublicKeyData is an HBufC8* |
|
668 ExportRSAPublicKeyL(); |
|
669 |
|
670 } |
|
671 |
|
672 // ----------------------------------------------------------------------------- |
|
673 // RSAVerifyWithPublicKeyL |
|
674 // Verify an RSA signed data with a public key passed from a certificate |
|
675 // Returns: ETrue The verification is succeeded |
|
676 // EFalse The verification is failed |
|
677 // ----------------------------------------------------------------------------- |
|
678 // |
|
679 |
|
680 EXPORT_C TBool CSymbianKeyStore::RSAVerifyWithPublicKeyL( |
|
681 const TUint8* aDataToVerify, // Signed data to be verified |
|
682 TUint aDataLen, // Length of the signed data |
|
683 const TUint8* aSig, // A reference to the signature that signed the data |
|
684 TUint aSigLen, // Length of the signature |
|
685 CSubjectPublicKeyInfo *aSubPubKeyInfo) // A handle to the public key passed from a certificate |
|
686 { |
|
687 iOutOfMemoryFlag = EFalse; |
|
688 if (iDataToVerify) |
|
689 { |
|
690 delete iDataToVerify; |
|
691 iDataToVerify = NULL; |
|
692 } |
|
693 |
|
694 // Store the data |
|
695 TPtrC8 ptr(aDataToVerify, aDataLen); |
|
696 iDataToVerify = ptr.AllocL(); |
|
697 |
|
698 // Store the signature |
|
699 ptr.Set(aSig, aSigLen); |
|
700 RInteger sigInt = RInteger::NewL(ptr); |
|
701 CleanupClosePushL(sigInt); |
|
702 if (iRSASignature) |
|
703 { |
|
704 delete iRSASignature; |
|
705 iRSASignature = NULL; |
|
706 } |
|
707 iRSASignature = CRSASignature::NewL(sigInt); |
|
708 CleanupStack::Pop(&sigInt); |
|
709 |
|
710 TAlgorithmId algorithmId = ESHA1; |
|
711 CAlgorithmIdentifier* digestId=CAlgorithmIdentifier::NewLC(algorithmId,KNullDesC8()); |
|
712 TX509KeyFactory factory; |
|
713 CRSAPublicKey *publicKey = factory.RSAPublicKeyL(aSubPubKeyInfo->KeyData()); |
|
714 CleanupStack::PushL(publicKey); |
|
715 |
|
716 CRSAPKCS1v15Verifier* verifier = CRSAPKCS1v15Verifier::NewLC(*publicKey); |
|
717 HBufC8* publicDecryptOutput = verifier->InverseSignLC(*iRSASignature); |
|
718 CRSASignatureResult* decoder = factory.RSASignatureResultL(*digestId, *iDataToVerify); |
|
719 CleanupStack::PushL(decoder); |
|
720 TPtr8 outputPtr(publicDecryptOutput->Des()); |
|
721 iVerifyResult = decoder->VerifyL(outputPtr); |
|
722 |
|
723 CleanupStack::PopAndDestroy(decoder); |
|
724 CleanupStack::PopAndDestroy(publicDecryptOutput); |
|
725 CleanupStack::PopAndDestroy(verifier); |
|
726 CleanupStack::PopAndDestroy(publicKey); |
|
727 CleanupStack::PopAndDestroy(digestId); |
|
728 |
|
729 return iVerifyResult; |
|
730 } |
|
731 |
|
732 // ----------------------------------------------------------------------------- |
|
733 // GetSignedData |
|
734 // Get signed data |
|
735 // Returns: length of signed data |
|
736 // ----------------------------------------------------------------------------- |
|
737 // |
|
738 EXPORT_C const TUint8* CSymbianKeyStore::GetSignedData(TUint *aLen) |
|
739 { |
|
740 TInt leaveValue; |
|
741 |
|
742 if (iRSASignature) |
|
743 { |
|
744 if (iSignature) |
|
745 { |
|
746 delete iSignature; |
|
747 iSignature = NULL; |
|
748 } |
|
749 |
|
750 TRAP(leaveValue, GetRSASignatureL()) ; |
|
751 if ( leaveValue != KErrNone ) |
|
752 { |
|
753 iError = leaveValue; |
|
754 } |
|
755 if (iSignature) |
|
756 { |
|
757 *aLen = iSignature->Length(); |
|
758 return (iSignature->Ptr()); |
|
759 } |
|
760 } |
|
761 |
|
762 // in case of errors |
|
763 *aLen = 0; |
|
764 return NULL; |
|
765 } |
|
766 |
|
767 // ----------------------------------------------------------------------------- |
|
768 // GetVerifyResult |
|
769 // Returns verification result |
|
770 // Returns: ETrue The verification is succeeded |
|
771 // EFalse The verification is failed |
|
772 // ----------------------------------------------------------------------------- |
|
773 // |
|
774 EXPORT_C TBool CSymbianKeyStore::GetVerifyResult() |
|
775 { |
|
776 return iVerifyResult; |
|
777 } |
|
778 |
|
779 // ----------------------------------------------------------------------------- |
|
780 // GetError |
|
781 // Get the error flag |
|
782 // Returns: error code |
|
783 // ----------------------------------------------------------------------------- |
|
784 // |
|
785 EXPORT_C TInt CSymbianKeyStore::GetError() |
|
786 { |
|
787 return iError; |
|
788 } |