|         |      1 /* | 
|         |      2 * Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies). | 
|         |      3 * All rights reserved. | 
|         |      4 * This component and the accompanying materials are made available | 
|         |      5 * under the terms of the License "Eclipse Public License v1.0" | 
|         |      6 * which accompanies this distribution, and is available | 
|         |      7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". | 
|         |      8 * | 
|         |      9 * Initial Contributors: | 
|         |     10 * Nokia Corporation - initial contribution. | 
|         |     11 * | 
|         |     12 * Contributors: | 
|         |     13 * | 
|         |     14 * Description:  | 
|         |     15 * | 
|         |     16 */ | 
|         |     17  | 
|         |     18  | 
|         |     19 #include "symmetriccipherimpl.h" | 
|         |     20  | 
|         |     21 #include <e32def.h> | 
|         |     22 #include <cryptostrength.h> | 
|         |     23 #include <cryptospi/cryptospidef.h> | 
|         |     24 #include "keys.h" | 
|         |     25 #include <cryptopanic.h> | 
|         |     26 #include <cryptospi/plugincharacteristics.h> | 
|         |     27 #include "pluginconfig.h" | 
|         |     28 #include <securityerr.h> | 
|         |     29 #include "common/inlines.h" | 
|         |     30  | 
|         |     31 using namespace SoftwareCrypto; | 
|         |     32  | 
|         |     33 // | 
|         |     34 // Implementation of Symmetric Cipher class | 
|         |     35 // | 
|         |     36 CSymmetricCipherImpl::CSymmetricCipherImpl()  | 
|         |     37 	{ | 
|         |     38 	} | 
|         |     39  | 
|         |     40 void CSymmetricCipherImpl::ConstructL(const CKey& aKey)  | 
|         |     41 	{ | 
|         |     42 	DoSetKeyL(aKey);		 | 
|         |     43 	} | 
|         |     44 	 | 
|         |     45 void CSymmetricCipherImpl::SecureDelete(HBufC8*& aBuffer) | 
|         |     46 	{ | 
|         |     47 	if (aBuffer) | 
|         |     48 		{ | 
|         |     49 		aBuffer->Des().FillZ(); | 
|         |     50 		} | 
|         |     51 	delete aBuffer; | 
|         |     52 	aBuffer = 0;	 | 
|         |     53 	} | 
|         |     54  | 
|         |     55 CSymmetricCipherImpl::~CSymmetricCipherImpl() | 
|         |     56 	{			 | 
|         |     57 	SecureDelete(iKey);	 | 
|         |     58 	} | 
|         |     59 		 | 
|         |     60 void CSymmetricCipherImpl::Close() | 
|         |     61 	{ | 
|         |     62 	delete this; | 
|         |     63 	} | 
|         |     64 	 | 
|         |     65 TAny* CSymmetricCipherImpl::GetExtension(TUid /*aExtensionId*/)  | 
|         |     66 	{ | 
|         |     67 	return 0; | 
|         |     68 	} | 
|         |     69 	 | 
|         |     70 void CSymmetricCipherImpl::GetCharacteristicsL(const TAny*& aPluginCharacteristics) | 
|         |     71 	{ | 
|         |     72 	TInt numCiphers = sizeof(KSymmetricCipherCharacteristics)/sizeof(TSymmetricCipherCharacteristics*); | 
|         |     73 	TInt32 implUid = ImplementationUid().iUid; | 
|         |     74 	for (TInt i = 0; i < numCiphers; ++i) | 
|         |     75 		{ | 
|         |     76 		if (KSymmetricCipherCharacteristics[i]->cmn.iImplementationUID == implUid) | 
|         |     77 			{ | 
|         |     78 			aPluginCharacteristics = KSymmetricCipherCharacteristics[i]; | 
|         |     79 			break; | 
|         |     80 			} | 
|         |     81 		}	 | 
|         |     82 	} | 
|         |     83  | 
|         |     84 TInt CSymmetricCipherImpl::GetKeyStrength() const | 
|         |     85 	{ | 
|         |     86 	return BytesToBits(iKey->Length()); | 
|         |     87 	} | 
|         |     88 	 | 
|         |     89 HBufC8* CSymmetricCipherImpl::ExtractKeyDataLC(const CKey& aKey) const | 
|         |     90 	{ | 
|         |     91 	const TDesC8& keyContent = aKey.GetTDesC8L(KSymmetricKeyParameterUid); | 
|         |     92 	return keyContent.AllocLC(); | 
|         |     93 	} | 
|         |     94  | 
|         |     95 TInt CSymmetricCipherImpl::KeySize() const | 
|         |     96 	{ | 
|         |     97 	// return key size in BITS | 
|         |     98 	return BytesToBits(iKeyBytes); | 
|         |     99 	} | 
|         |    100  | 
|         |    101 void CSymmetricCipherImpl::DoSetKeyL(const CKey& aKey) | 
|         |    102 	{ | 
|         |    103 	HBufC8* key = ExtractKeyDataLC(aKey); | 
|         |    104 	TInt keyLength(key->Length()); | 
|         |    105 	 | 
|         |    106 	TCrypto::IsSymmetricWeakEnoughL(BytesToBits(keyLength)); | 
|         |    107 	if (! IsValidKeyLength(keyLength)) | 
|         |    108 		{ | 
|         |    109 		CleanupStack::PopAndDestroy(key); | 
|         |    110 		User::Leave(KErrNotSupported); | 
|         |    111 		} | 
|         |    112 	 | 
|         |    113 	SecureDelete(iKey);	 | 
|         |    114 	CleanupStack::Pop(key); | 
|         |    115 	iKey = key; | 
|         |    116 	iKeyBytes = keyLength; | 
|         |    117 	}	 | 
|         |    118  | 
|         |    119 // | 
|         |    120 // Implementation of Symmetric Stream Cipher | 
|         |    121 // | 
|         |    122 CSymmetricStreamCipherImpl::CSymmetricStreamCipherImpl() | 
|         |    123 	{ | 
|         |    124 	} | 
|         |    125  | 
|         |    126 CSymmetricStreamCipherImpl::~CSymmetricStreamCipherImpl() | 
|         |    127 	{ | 
|         |    128 	} | 
|         |    129  | 
|         |    130 void CSymmetricStreamCipherImpl::SetKeyL(const CKey& aKey) | 
|         |    131 	{ | 
|         |    132 	DoSetKeyL(aKey); | 
|         |    133 	TCrypto::IsSymmetricWeakEnoughL(GetKeyStrength()); | 
|         |    134 	Reset(); | 
|         |    135 	}	 | 
|         |    136  | 
|         |    137 void CSymmetricStreamCipherImpl::ConstructL(const CKey& aKey)  | 
|         |    138 	{ | 
|         |    139 	CSymmetricCipherImpl::ConstructL(aKey); | 
|         |    140 	} | 
|         |    141  | 
|         |    142 TInt CSymmetricStreamCipherImpl::BlockSize() const | 
|         |    143 	{ | 
|         |    144 	// return block size in BITS | 
|         |    145 	return BYTE_BITS; | 
|         |    146 	} | 
|         |    147  | 
|         |    148 void CSymmetricStreamCipherImpl::SetCryptoModeL(TUid /*aCryptoMode*/) | 
|         |    149 	{ | 
|         |    150 	// Call the reset method. | 
|         |    151 	Reset(); | 
|         |    152 	} | 
|         |    153 	 | 
|         |    154 TInt CSymmetricStreamCipherImpl::MaxOutputLength(TInt aInputLength) const | 
|         |    155 	{ | 
|         |    156 	return aInputLength;	 | 
|         |    157 	} | 
|         |    158 	 | 
|         |    159 TInt CSymmetricStreamCipherImpl::MaxFinalOutputLength(TInt aInputLength) const | 
|         |    160 	{ | 
|         |    161 	return aInputLength;	 | 
|         |    162 	} | 
|         |    163 	 | 
|         |    164 void CSymmetricStreamCipherImpl::ProcessL(const TDesC8& aInput, TDes8& aOutput) | 
|         |    165 	{ | 
|         |    166 	TInt outputIndex = aOutput.Size(); | 
|         |    167  | 
|         |    168 	// aOutput may already have outputIndex bytes of data in it | 
|         |    169 	// check there will still be enough space to process the result | 
|         |    170 	__ASSERT_DEBUG(aOutput.MaxLength() - outputIndex >= MaxOutputLength(aInput.Length()), User::Panic(KCryptoPanic, ECryptoPanicOutputDescriptorOverflow)); | 
|         |    171  | 
|         |    172 	aOutput.Append(aInput); | 
|         |    173  | 
|         |    174 	TPtr8 transformBuf((TUint8*)(aOutput.Ptr()) + outputIndex, aInput.Size(), | 
|         |    175 		aInput.Size()); | 
|         |    176 	DoProcess(transformBuf); | 
|         |    177 	} | 
|         |    178  | 
|         |    179 void CSymmetricStreamCipherImpl::ProcessFinalL(const TDesC8& aInput, TDes8& aOutput) | 
|         |    180 	{ | 
|         |    181 	ProcessL(aInput, aOutput);	 | 
|         |    182 	} | 
|         |    183  | 
|         |    184 // | 
|         |    185 // Implementation of Symmetric Block Cipher | 
|         |    186 // | 
|         |    187 CSymmetricBlockCipherImpl::CSymmetricBlockCipherImpl( | 
|         |    188 	TUint8 aBlockBytes, | 
|         |    189 	TUid aCryptoMode, | 
|         |    190 	TUid aOperationMode, | 
|         |    191 	TUid aPaddingMode) : | 
|         |    192 	iBlockBytes(aBlockBytes), | 
|         |    193 	iCryptoMode(aCryptoMode), | 
|         |    194 	iOperationMode(aOperationMode), | 
|         |    195 	iPaddingMode(aPaddingMode), | 
|         |    196 	iBufferedPlaintextPtr(0,0,0), | 
|         |    197 	iCtrUnusedKeystreamPtr(0,0,0) | 
|         |    198 	{ | 
|         |    199 	} | 
|         |    200  | 
|         |    201 CSymmetricBlockCipherImpl::~CSymmetricBlockCipherImpl() | 
|         |    202 	{			 | 
|         |    203 	delete iPadding; | 
|         |    204 	delete [] iRegister; | 
|         |    205 	delete [] iCurrentCipherText; | 
|         |    206 	delete iBufferedPlaintext; | 
|         |    207 	delete iCtrUnusedKeystream; | 
|         |    208 	iIv.Close(); | 
|         |    209 	iInputStore.Close(); | 
|         |    210 	iPaddingBlock.Close();	 | 
|         |    211 	} | 
|         |    212  | 
|         |    213  | 
|         |    214 void CSymmetricBlockCipherImpl::ConstructL(const CKey& aKey)  | 
|         |    215 	{ | 
|         |    216 	CSymmetricCipherImpl::ConstructL(aKey); | 
|         |    217 	DoSetOperationModeL(iOperationMode); | 
|         |    218 	DoSetCryptoModeL(iCryptoMode);	 | 
|         |    219 	DoSetPaddingModeL(iPaddingMode); | 
|         |    220 	 | 
|         |    221 	iInputStore.ReAllocL(iBlockBytes); | 
|         |    222 	iPaddingBlock.ReAllocL(iBlockBytes); | 
|         |    223  | 
|         |    224 	iRegister = new(ELeave) TUint32[iBlockBytes/4];	 | 
|         |    225 	iRegisterPtr = reinterpret_cast<TUint8*>(iRegister); | 
|         |    226  | 
|         |    227 	iCurrentCipherText = new(ELeave) TUint32[iBlockBytes/4];	 | 
|         |    228 	iCurrentCipherTextPtr = reinterpret_cast<TUint8*>(iCurrentCipherText); | 
|         |    229 	 | 
|         |    230 	iBufferedPlaintext = HBufC8::NewL(iBlockBytes); | 
|         |    231 	iBufferedPlaintextPtr.Set(iBufferedPlaintext->Des()); | 
|         |    232 	 | 
|         |    233 	iCtrUnusedKeystream = HBufC8::NewL(iBlockBytes); | 
|         |    234 	iCtrUnusedKeystreamPtr.Set(iCtrUnusedKeystream->Des()); | 
|         |    235 	} | 
|         |    236  | 
|         |    237 void CSymmetricBlockCipherImpl::Reset() | 
|         |    238 	{ | 
|         |    239 	iInputStore.Zero(); | 
|         |    240 	iPaddingBlock.Zero(); | 
|         |    241 	iCtrUnusedKeystreamPtr.Zero(); | 
|         |    242 	 | 
|         |    243 	if (iOperationMode.iUid == KOperationModeCBC) | 
|         |    244 		{ | 
|         |    245 		// only copy the IV if it is already set | 
|         |    246 		if (iIv.MaxLength() > 0) | 
|         |    247 			{ | 
|         |    248 			Mem::Copy(iRegisterPtr, &iIv[0], iBlockBytes); | 
|         |    249 			} | 
|         |    250 		} | 
|         |    251 	}	 | 
|         |    252  | 
|         |    253 void CSymmetricBlockCipherImpl::SetKeyL(const CKey& aKey) | 
|         |    254 	{ | 
|         |    255 	DoSetKeyL(aKey); | 
|         |    256 	TCrypto::IsSymmetricWeakEnoughL(GetKeyStrength()); | 
|         |    257 	SetKeySchedule(); | 
|         |    258 	Reset(); | 
|         |    259 	} | 
|         |    260  | 
|         |    261 void CSymmetricBlockCipherImpl::SetOperationModeL(TUid aOperationMode) | 
|         |    262 	{ | 
|         |    263 	DoSetOperationModeL(aOperationMode); | 
|         |    264 	Reset(); | 
|         |    265 	} | 
|         |    266 	 | 
|         |    267 void CSymmetricBlockCipherImpl::SetCryptoModeL(TUid aCryptoMode) | 
|         |    268 	{ | 
|         |    269 	DoSetCryptoModeL(aCryptoMode); | 
|         |    270 	SetKeySchedule(); | 
|         |    271 	Reset(); | 
|         |    272 	} | 
|         |    273 	 | 
|         |    274 void CSymmetricBlockCipherImpl::SetPaddingModeL(TUid aPaddingMode) | 
|         |    275 	{ | 
|         |    276 	DoSetPaddingModeL(aPaddingMode); | 
|         |    277 	Reset(); | 
|         |    278 	} | 
|         |    279 	 | 
|         |    280 void CSymmetricBlockCipherImpl::SetIvL(const TDesC8& aIv) | 
|         |    281 	{ | 
|         |    282 	if ((iOperationMode.iUid != KOperationModeCBC) && (iOperationMode.iUid != KOperationModeCTR)) | 
|         |    283 		{ | 
|         |    284 		User::Leave(KErrNotSupported); | 
|         |    285 		} | 
|         |    286 	DoSetIvL(aIv); | 
|         |    287 	Reset(); | 
|         |    288 	} | 
|         |    289  | 
|         |    290 void CSymmetricBlockCipherImpl::DoSetOperationModeL(TUid aOperationMode) | 
|         |    291 	{ | 
|         |    292 	switch (aOperationMode.iUid) | 
|         |    293 		{ | 
|         |    294 		case KOperationModeNone: | 
|         |    295 		case KOperationModeECB: | 
|         |    296 		case KOperationModeCBC: | 
|         |    297 			break; | 
|         |    298 		case KOperationModeCTR: | 
|         |    299 			SetCryptoModeL(KCryptoModeEncryptUid); | 
|         |    300 			break; | 
|         |    301 		default: | 
|         |    302 			User::Leave(KErrNotSupported); | 
|         |    303 		} | 
|         |    304 	iOperationMode = aOperationMode;		 | 
|         |    305 	} | 
|         |    306  | 
|         |    307 void CSymmetricBlockCipherImpl::DoSetCryptoModeL(TUid aCryptoMode) | 
|         |    308 	{ | 
|         |    309 	switch (aCryptoMode.iUid) | 
|         |    310 		{ | 
|         |    311 		case KCryptoModeEncrypt: | 
|         |    312 			break; | 
|         |    313 		case KCryptoModeDecrypt: | 
|         |    314 			if (iOperationMode.iUid == KOperationModeCTR) | 
|         |    315 				{ | 
|         |    316 				return; | 
|         |    317 				} | 
|         |    318 			break; | 
|         |    319 		default: | 
|         |    320 			User::Leave(KErrNotSupported); | 
|         |    321 		} | 
|         |    322 	iCryptoMode = aCryptoMode;		 | 
|         |    323 	} | 
|         |    324  | 
|         |    325 void CSymmetricBlockCipherImpl::DoSetPaddingModeL(TUid aPaddingMode) | 
|         |    326 	{ | 
|         |    327 	CPadding* padding(0); | 
|         |    328 	switch (aPaddingMode.iUid) | 
|         |    329 		{ | 
|         |    330 		case KPaddingModeNone: | 
|         |    331 			padding = CPaddingNone::NewL(iBlockBytes); | 
|         |    332 		break; | 
|         |    333 		case KPaddingModeSSLv3: | 
|         |    334 			padding = CPaddingSSLv3::NewL(iBlockBytes); | 
|         |    335 		break; | 
|         |    336 		case KPaddingModePKCS7: | 
|         |    337 			padding = CPaddingPKCS7::NewL(iBlockBytes); | 
|         |    338 		break; | 
|         |    339 		default: | 
|         |    340 			User::Leave(KErrNotSupported); | 
|         |    341 		} | 
|         |    342 	delete iPadding; | 
|         |    343 	iPadding = padding; | 
|         |    344 	iPaddingMode = aPaddingMode; | 
|         |    345 	}	 | 
|         |    346  | 
|         |    347 void CSymmetricBlockCipherImpl::DoSetIvL(const TDesC8& aIv) | 
|         |    348 	{ | 
|         |    349 	iIv.ReAllocL(iBlockBytes); | 
|         |    350 	iIv.SetLength(iBlockBytes); | 
|         |    351  | 
|         |    352 	iIv.Zero(); | 
|         |    353 	if (aIv.Length() != iBlockBytes)  | 
|         |    354 		{ | 
|         |    355 		User::Leave(KErrArgument); | 
|         |    356 		} | 
|         |    357 	iIv = aIv; | 
|         |    358 	Mem::Copy(iRegisterPtr, &iIv[0], iBlockBytes);	//for CTR mode | 
|         |    359  | 
|         |    360 	}	 | 
|         |    361  | 
|         |    362 TInt CSymmetricBlockCipherImpl::BlockSize() const | 
|         |    363 	{ | 
|         |    364 	// return block size in BITS | 
|         |    365 	if (iOperationMode.iUid == KOperationModeCTR) | 
|         |    366 		{ | 
|         |    367 		return 8; | 
|         |    368 		} | 
|         |    369 	else | 
|         |    370 		{ | 
|         |    371 		return BytesToBits(iBlockBytes); | 
|         |    372 		} | 
|         |    373 	} | 
|         |    374  | 
|         |    375 TInt CSymmetricBlockCipherImpl::MaxOutputLength(TInt aInputLength) const | 
|         |    376 	{	 | 
|         |    377 	if (iOperationMode.iUid == KOperationModeCTR) | 
|         |    378 		{ | 
|         |    379 		return aInputLength; | 
|         |    380 		} | 
|         |    381 	else | 
|         |    382 		{ | 
|         |    383 		// The maximum output length required for Process is equal to the | 
|         |    384 		// size of the number of whole input blocks available. | 
|         |    385 		// | 
|         |    386 		// The block bytes is a power of two so we can use this to avoid | 
|         |    387 		// doing a real mod operation | 
|         |    388 		TUint inputStoreLength(iInputStore.Length()); | 
|         |    389 		TInt rem = (aInputLength + inputStoreLength) & (iBlockBytes - 1); | 
|         |    390 		return (aInputLength + inputStoreLength - rem); | 
|         |    391 		} | 
|         |    392 	}	 | 
|         |    393  | 
|         |    394 TInt CSymmetricBlockCipherImpl::MaxFinalOutputLength(TInt aInputLength) const | 
|         |    395 	{ | 
|         |    396 	if (iOperationMode.iUid == KOperationModeCTR) | 
|         |    397 		{ | 
|         |    398 		return aInputLength; | 
|         |    399 		} | 
|         |    400 	else if (iCryptoMode.iUid == KCryptoModeEncrypt) | 
|         |    401 		{ | 
|         |    402 		return iPadding->MaxPaddedLength(iInputStore.Length() + aInputLength); | 
|         |    403 		} | 
|         |    404 	else | 
|         |    405 		{ | 
|         |    406 		return iPadding->MaxUnPaddedLength(aInputLength + iInputStore.Size()); | 
|         |    407 		} | 
|         |    408 	} | 
|         |    409  | 
|         |    410 void CSymmetricBlockCipherImpl::ProcessL(const TDesC8& aInput, TDes8& aOutput) | 
|         |    411 	{ | 
|         |    412 	// if we're running in CBC or CTR mode then we must have an IV set before we can  | 
|         |    413 	// do any processing ie call SetIvL() before this method | 
|         |    414 	if ((iOperationMode.iUid == KOperationModeCBC) || (iOperationMode.iUid == KOperationModeCTR)) | 
|         |    415 		{ | 
|         |    416 		if (iIv.MaxLength() == 0) | 
|         |    417 			{ | 
|         |    418 			User::Leave(KErrNotSupported); | 
|         |    419 			} | 
|         |    420 		} | 
|         |    421  | 
|         |    422 	TInt inputLength(aInput.Length());	 | 
|         |    423 	TInt inputStoreLength(iInputStore.Length()); | 
|         |    424 	 | 
|         |    425 	if (MaxOutputLength(inputLength) > aOutput.MaxLength()) | 
|         |    426 		{ | 
|         |    427 		User::Leave(KErrOverflow); | 
|         |    428 		}	 | 
|         |    429  | 
|         |    430 	if (iOperationMode.iUid == KOperationModeCTR) | 
|         |    431 		{ | 
|         |    432 		ProcessCtrL(aInput, aOutput); | 
|         |    433 		}	 | 
|         |    434 	else | 
|         |    435 		{ | 
|         |    436 		TUint8 blockSizeLog = CryptoLog2(iBlockBytes); | 
|         |    437 		TInt wholeBlocks = (inputLength + inputStoreLength) >> blockSizeLog;  | 
|         |    438 		TInt wholeBlocksSize = wholeBlocks << blockSizeLog; | 
|         |    439 	 | 
|         |    440 		if (wholeBlocks) | 
|         |    441 			{ | 
|         |    442 			TInt outputLength(aOutput.Length()); | 
|         |    443  | 
|         |    444 			if (inputStoreLength > 0) | 
|         |    445 				{ | 
|         |    446 				aOutput.Append(iInputStore); | 
|         |    447 				iInputStore.Zero(); | 
|         |    448 				} | 
|         |    449 			aOutput.Append(aInput.Left(wholeBlocksSize - inputStoreLength)); | 
|         |    450 			Transform(const_cast<TUint8*>(aOutput.Ptr()) + outputLength, wholeBlocks); | 
|         |    451 			} | 
|         |    452 		 | 
|         |    453 		TInt remainingBytes = inputLength + inputStoreLength - wholeBlocksSize; | 
|         |    454 		if (remainingBytes > 0) | 
|         |    455 			{		 | 
|         |    456 			iInputStore.Append(aInput.Right(remainingBytes)); | 
|         |    457 			} | 
|         |    458 		} | 
|         |    459 	} | 
|         |    460 		 | 
|         |    461 void CSymmetricBlockCipherImpl::ProcessFinalL(const TDesC8& aInput, TDes8& aOutput) | 
|         |    462 	{ | 
|         |    463 	if (iOperationMode.iUid == KOperationModeCTR) | 
|         |    464 		{ | 
|         |    465 		ProcessL(aInput, aOutput); | 
|         |    466 		} | 
|         |    467 	else | 
|         |    468 		{ | 
|         |    469 		// if we're running in CBC mode then we must have an IV set before we can  | 
|         |    470 		// do any processing ie call SetIvL() before this method | 
|         |    471 		if (iOperationMode.iUid == KOperationModeCBC) | 
|         |    472 			{ | 
|         |    473 			if (iIv.MaxLength() == 0) | 
|         |    474 				{ | 
|         |    475 				User::Leave(KErrNotSupported); | 
|         |    476 				} | 
|         |    477 			} | 
|         |    478  | 
|         |    479 		if (iCryptoMode.iUid == KCryptoModeEncrypt) | 
|         |    480 			{ | 
|         |    481 			return DoProcessFinalEncryptL(aInput, aOutput); | 
|         |    482 			} | 
|         |    483 		else | 
|         |    484 			{ | 
|         |    485 			return DoProcessFinalDecryptL(aInput, aOutput); | 
|         |    486 			} | 
|         |    487 		} | 
|         |    488 	} | 
|         |    489  | 
|         |    490 void CSymmetricBlockCipherImpl::DoProcessFinalEncryptL(const TDesC8& aInput, TDes8& aOutput) | 
|         |    491 	{	 | 
|         |    492 	if (MaxFinalOutputLength(aInput.Length()) > aOutput.MaxLength() - aOutput.Length()) | 
|         |    493 		{ | 
|         |    494 		User::Leave(KErrOverflow); | 
|         |    495 		} | 
|         |    496 		 | 
|         |    497 	// process everything up to the last (possibly empty block) | 
|         |    498 	TInt outputStartIndex = aOutput.Length(); | 
|         |    499 	ProcessL(aInput, aOutput); | 
|         |    500  | 
|         |    501 	// pad the plaintext | 
|         |    502 	iPadding->PadL(iInputStore, iPaddingBlock); | 
|         |    503 	 | 
|         |    504 	// if padding required | 
|         |    505 	if (iPaddingBlock.Length() > 0) | 
|         |    506 		{ | 
|         |    507 		iInputStore.Zero(); | 
|         |    508  | 
|         |    509 		// make sure the output is a multiple of the block size | 
|         |    510 		User::LeaveIfError(((aOutput.Length() - outputStartIndex + iPaddingBlock.Length()) % iBlockBytes) == 0 ? KErrNone : KErrInvalidPadding); | 
|         |    511  | 
|         |    512 		outputStartIndex = aOutput.Length(); | 
|         |    513 		aOutput.Append(iPaddingBlock); | 
|         |    514 		iPaddingBlock.Zero(); | 
|         |    515 		TransformEncrypt(const_cast<TUint8*>(aOutput.Ptr()) + outputStartIndex, 1);		 | 
|         |    516 		} | 
|         |    517 	} | 
|         |    518  | 
|         |    519 void CSymmetricBlockCipherImpl::DoProcessFinalDecryptL(const TDesC8& aInput, TDes8& aOutput) | 
|         |    520 	{ | 
|         |    521 	if (MaxFinalOutputLength(aInput.Length()) > aOutput.MaxLength() - aOutput.Length()) | 
|         |    522 		{ | 
|         |    523 		User::Leave(KErrOverflow); | 
|         |    524 		} | 
|         |    525  | 
|         |    526 	// Input length (including inputstore) must be a multiple of the  | 
|         |    527 	// block size in length | 
|         |    528 	if ((aInput.Length() + iInputStore.Length()) & (iBlockBytes - 1))  | 
|         |    529 		{ | 
|         |    530 		User::Leave(KErrArgument); | 
|         |    531 		} | 
|         |    532  | 
|         |    533 	if(aInput.Length() > iBlockBytes) | 
|         |    534 		{ | 
|         |    535 		HBufC8* processBuf = HBufC8::NewLC(MaxFinalOutputLength(aInput.Length())); | 
|         |    536 		TPtr8 processPtr = processBuf->Des();  | 
|         |    537 	 | 
|         |    538 		ProcessL(aInput, processPtr); | 
|         |    539  | 
|         |    540 		ASSERT(iInputStore.Length()==0); // all the blocks should have been decrypted | 
|         |    541 		 | 
|         |    542 		// Unpad processPtr into aOutput | 
|         |    543 		iPadding->UnPadL(processPtr, aOutput); | 
|         |    544  | 
|         |    545 		CleanupStack::PopAndDestroy(processBuf); | 
|         |    546 		} | 
|         |    547 	else  | 
|         |    548 		{ | 
|         |    549 		// now contains the final ciphertext block | 
|         |    550 		iInputStore.Append(aInput); | 
|         |    551  | 
|         |    552 		// Decrypt the last _padding_ blocksize into a new buffer | 
|         |    553 		TransformDecrypt(const_cast<TUint8*>(iInputStore.Ptr()), 1); | 
|         |    554 		 | 
|         |    555 		// Unpad the last block and append to output | 
|         |    556 		iPadding->UnPadL(iInputStore, aOutput); | 
|         |    557 		} | 
|         |    558 			 | 
|         |    559 	iPaddingBlock.Zero(); | 
|         |    560 	iInputStore.Zero(); | 
|         |    561 	} | 
|         |    562  | 
|         |    563 	 | 
|         |    564 /** | 
|         |    565 CTR mode behaves like a stream cipher, accepting input of any arbitrary length. This results  | 
|         |    566 in a significant body of code that behaves fundamentally differently to the ECB and CBC modes.  | 
|         |    567 ProcessCtrL() is called by ProcessL() when operating in CTR mode, wrapping up all this  | 
|         |    568 functionality into a separate method for clarity. | 
|         |    569  | 
|         |    570 Encrypting zero-filled bytes will return the keystream since the output of Transformation is simply  | 
|         |    571 the input XORed with the keystream. | 
|         |    572 	 | 
|         |    573 See: http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf | 
|         |    574 */ | 
|         |    575 void CSymmetricBlockCipherImpl::ProcessCtrL(const TDesC8& aInput, TDes8& aOutput) | 
|         |    576 	{ | 
|         |    577 	TInt inputLength(aInput.Length());	 | 
|         |    578  | 
|         |    579 	TInt outputLength(aOutput.Length()); | 
|         |    580 	TInt amountToXor = Min(iCtrUnusedKeystreamPtr.Length(), inputLength); | 
|         |    581  | 
|         |    582 	// Try applying previously unused key stream bytes. | 
|         |    583 	if (amountToXor > 0) | 
|         |    584 		{ | 
|         |    585 		aOutput.Append(aInput.Left(amountToXor)); | 
|         |    586 		for (TInt i = 0; i < amountToXor; ++i) | 
|         |    587 			{ | 
|         |    588 			aOutput[outputLength + i] ^= iCtrUnusedKeystreamPtr[i]; | 
|         |    589 			} | 
|         |    590 		iCtrUnusedKeystreamPtr = iCtrUnusedKeystreamPtr.RightTPtr((iCtrUnusedKeystreamPtr.Length() - amountToXor));	 | 
|         |    591 		} | 
|         |    592 		 | 
|         |    593 	TInt amountToEncode = inputLength - amountToXor; | 
|         |    594 	 | 
|         |    595 	if ((iCtrUnusedKeystreamPtr.Length() == 0) && (amountToEncode > 0)) | 
|         |    596 		{ | 
|         |    597 		// For each whole block's worth of input, transform it. | 
|         |    598 		TInt wholeBlocks = (amountToEncode) / iBlockBytes;  | 
|         |    599 		TInt wholeBlocksSize = wholeBlocks * iBlockBytes;		 | 
|         |    600 		outputLength = aOutput.Length(); | 
|         |    601 		 | 
|         |    602 		if (wholeBlocks) | 
|         |    603 			{ | 
|         |    604 			aOutput.Append(aInput.Mid(amountToXor, wholeBlocksSize)); | 
|         |    605 			Transform(const_cast<TUint8*>(aOutput.Ptr()) + outputLength, wholeBlocks); | 
|         |    606 			} | 
|         |    607 			 | 
|         |    608 		// CTR mode can handle arbitrary sized inputs. Here any remaining input data of less than the block size | 
|         |    609 		// is padded with zeros and then transformed. On return this padded section of the block will contain the next | 
|         |    610 		// sequence of keystream, which is copied to iCtrUnusedKeystream for use next time ProcessCtrL() is called. | 
|         |    611 		TInt remainingBytes = amountToEncode - wholeBlocksSize; | 
|         |    612 		iCtrUnusedKeystreamPtr = iCtrUnusedKeystream->Des(); | 
|         |    613 		iCtrUnusedKeystreamPtr.SetMax(); | 
|         |    614 		iCtrUnusedKeystreamPtr.FillZ(); | 
|         |    615 		iCtrUnusedKeystreamPtr.Copy(aInput.Right(remainingBytes)); | 
|         |    616 		iCtrUnusedKeystreamPtr.SetLength(iBlockBytes);	 | 
|         |    617 	 | 
|         |    618 		Transform(const_cast<TUint8*>(iCtrUnusedKeystreamPtr.Ptr()), 1); | 
|         |    619 	 | 
|         |    620 		aOutput.Append(iCtrUnusedKeystreamPtr.Left(remainingBytes)); | 
|         |    621 			 | 
|         |    622 		iCtrUnusedKeystreamPtr = iCtrUnusedKeystreamPtr.RightTPtr((iCtrUnusedKeystreamPtr.Length() - remainingBytes));	 | 
|         |    623 		} | 
|         |    624 	} | 
|         |    625  | 
|         |    626  | 
|         |    627  | 
|         |    628 // Methods implemented in subclass. No coverage here. | 
|         |    629 #ifdef _BullseyeCoverage | 
|         |    630 #pragma suppress_warnings on | 
|         |    631 #pragma BullseyeCoverage off | 
|         |    632 #pragma suppress_warnings off | 
|         |    633 #endif | 
|         |    634 void CSymmetricStreamCipherImpl::SetOperationModeL(TUid /*aOperationMode*/) | 
|         |    635 	{ | 
|         |    636 	// Override in subclass | 
|         |    637 	User::Leave(KErrNotSupported); | 
|         |    638 	} | 
|         |    639 	 | 
|         |    640 void CSymmetricStreamCipherImpl::SetPaddingModeL(TUid /*aPaddingMode*/) | 
|         |    641 	{ | 
|         |    642 	// Override in subclass | 
|         |    643 	User::Leave(KErrNotSupported); | 
|         |    644 	} | 
|         |    645 	 | 
|         |    646 void CSymmetricStreamCipherImpl::SetIvL(const TDesC8& /*aIv*/) | 
|         |    647 	{ | 
|         |    648 	// Override in subclass | 
|         |    649 	User::Leave(KErrNotSupported); | 
|         |    650 	} |