|         |      1 /* | 
|         |      2 * Copyright (c) 2005-2006 Nokia Corporation and/or its subsidiary(-ies).  | 
|         |      3 * All rights reserved. | 
|         |      4 * This component and the accompanying materials are made available | 
|         |      5 * under the terms of "Eclipse Public License v1.0" | 
|         |      6 * which accompanies this distribution, and is available | 
|         |      7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". | 
|         |      8 * | 
|         |      9 * Initial Contributors: | 
|         |     10 * Nokia Corporation - initial contribution. | 
|         |     11 * | 
|         |     12 * Contributors: | 
|         |     13 * | 
|         |     14 * Description:  Methods that allows to sign and verify data. | 
|         |     15 * | 
|         |     16 */ | 
|         |     17  | 
|         |     18  | 
|         |     19 /** A wrapper of OpenSSL evp.c functions to Symbian **/ | 
|         |     20  | 
|         |     21 #include <stdlib.h> | 
|         |     22 #include <string.h> | 
|         |     23 #include <signed.h> | 
|         |     24 #include "xmlsecc_config.h" | 
|         |     25 #ifndef XMLSEC_NO_X509 | 
|         |     26 #include <x509cert.h> | 
|         |     27 #endif //XMLSEC_NO_X509 | 
|         |     28  | 
|         |     29 #include "xmlsecc_evpwrapper.h" | 
|         |     30 #include "xmlsecc_cryptowrapper.h" | 
|         |     31  | 
|         |     32 #include "xmlsecmsymbiankeystore.h" | 
|         |     33  | 
|         |     34 #include "xmlsec_error_flag.h" | 
|         |     35  | 
|         |     36 _LIT8(KRsaKeyName, "xmlSecRsaKey"); | 
|         |     37  | 
|         |     38 const TInt KAssertionLeave = -32380; | 
|         |     39  | 
|         |     40 // MK: Flag - is active scheduler created by xml sec or not. | 
|         |     41 static TBool desActiv = FALSE; | 
|         |     42  | 
|         |     43 struct ScKeyStore | 
|         |     44 { | 
|         |     45     // A handle to Symbian key store  | 
|         |     46 	CSymbianKeyStore				*iKeyStore; | 
|         |     47 	// A handle to the public key read from the certificate | 
|         |     48 	CSubjectPublicKeyInfo			*iSubjectPublicKeyInfo; | 
|         |     49 }; | 
|         |     50  | 
|         |     51 // ----------------------------------------------------------------------------- | 
|         |     52 // doInstallActiveSchedulerL Install ActiveScheduler | 
|         |     53 // ----------------------------------------------------------------------------- | 
|         |     54 void doInstallActiveSchedulerL() | 
|         |     55 { | 
|         |     56    // Construct active scheduler | 
|         |     57     CActiveScheduler* activeScheduler = new (ELeave) CActiveScheduler; | 
|         |     58     CleanupStack::PushL(activeScheduler) ; | 
|         |     59  | 
|         |     60     // Install active scheduler | 
|         |     61     // We don't need to check whether an active scheduler is already installed | 
|         |     62     // as this is a new thread, so there won't be one | 
|         |     63     CActiveScheduler::Install(activeScheduler);    | 
|         |     64      | 
|         |     65     CleanupStack::Pop(activeScheduler);    | 
|         |     66 		 | 
|         |     67 } | 
|         |     68  | 
|         |     69 // ----------------------------------------------------------------------------- | 
|         |     70 // sc_initialize Symbian key initialization | 
|         |     71 // ----------------------------------------------------------------------------- | 
|         |     72 int sc_pkey_init() | 
|         |     73 { | 
|         |     74 	TInt leaveValue = KErrNone; | 
|         |     75 	// Check if there is an active scheduler in current thread | 
|         |     76 	if(!CActiveScheduler::Current()) | 
|         |     77 	    { | 
|         |     78 	    TRAP(leaveValue, doInstallActiveSchedulerL()); | 
|         |     79 	    desActiv = TRUE; | 
|         |     80 	    } | 
|         |     81 	return leaveValue; | 
|         |     82 } | 
|         |     83  | 
|         |     84 // ----------------------------------------------------------------------------- | 
|         |     85 // sc_pkey_shutdown Shutdown ActiveScheduler | 
|         |     86 // ----------------------------------------------------------------------------- | 
|         |     87 void sc_pkey_shutdown() | 
|         |     88 { | 
|         |     89     if(desActiv) | 
|         |     90         { | 
|         |     91         CActiveScheduler* activeScheduler = CActiveScheduler::Current();  | 
|         |     92     	CActiveScheduler::Install(NULL);  | 
|         |     93     	if (activeScheduler) | 
|         |     94 	    	delete activeScheduler; | 
|         |     95         }	 | 
|         |     96 } | 
|         |     97  | 
|         |     98 // ----------------------------------------------------------------------------- | 
|         |     99 // doKeyStoreCreateL Create a new key store  | 
|         |    100 // Arguments: aKeyStore ScKeyStorePtr structure | 
|         |    101 // ----------------------------------------------------------------------------- | 
|         |    102 void doKeyStoreCreateL(ScKeyStorePtr aKeyStore) | 
|         |    103 { | 
|         |    104  | 
|         |    105 	aKeyStore->iKeyStore = CSymbianKeyStore::NewL(); | 
|         |    106 	aKeyStore->iKeyStore->CreateUnifiedKeyStoreL(); | 
|         |    107 	CActiveScheduler::Start(); | 
|         |    108 			 | 
|         |    109 	User::LeaveIfError( aKeyStore->iKeyStore->GetError() ); | 
|         |    110 } | 
|         |    111  | 
|         |    112 // ----------------------------------------------------------------------------- | 
|         |    113 // sc_pkey_new Create a new key store structure | 
|         |    114 // Arguments: aKeyType the type of key to be generated, enum sc_key_algos | 
|         |    115 // Returns: the pointer of the EVP_PKEY generated | 
|         |    116 // ----------------------------------------------------------------------------- | 
|         |    117 EVP_PKEY *sc_pkey_new(int aKeyType, char *keyname) | 
|         |    118 { | 
|         |    119     ScKeyStorePtr keyStore; | 
|         |    120     TInt err=KErrNone; | 
|         |    121      | 
|         |    122     EVP_PKEY *pkey = (EVP_PKEY*) malloc(sizeof(EVP_PKEY)); | 
|         |    123      | 
|         |    124     if (pkey) | 
|         |    125     { | 
|         |    126     	if (keyname) | 
|         |    127     	{ | 
|         |    128     		pkey->name = (char *)malloc(sizeof(char)*(strlen(keyname)+1)); | 
|         |    129     		if (!pkey->name) | 
|         |    130     		{ | 
|         |    131     			free(pkey); | 
|         |    132     			xmlSecSetErrorFlag( KErrNoMemory ); | 
|         |    133     			return NULL; | 
|         |    134     		} | 
|         |    135     		strcpy(pkey->name, keyname); | 
|         |    136     	} | 
|         |    137     	else | 
|         |    138     	{ | 
|         |    139     		pkey->name = NULL;    	 | 
|         |    140     	}    			 | 
|         |    141  | 
|         |    142     	keyStore = (ScKeyStorePtr) malloc(sizeof(ScKeyStore));    	 | 
|         |    143     	if (keyStore) | 
|         |    144     	{ | 
|         |    145     		keyStore->iSubjectPublicKeyInfo = NULL; | 
|         |    146     		keyStore->iKeyStore = NULL; | 
|         |    147     		 | 
|         |    148  	   		// Initialize the ScKeyStore - iKeyStore | 
|         |    149     		TRAP(err, doKeyStoreCreateL(keyStore)); | 
|         |    150  			   		 | 
|         |    151     		if (err) | 
|         |    152     		{ | 
|         |    153     		    delete keyStore->iKeyStore;  | 
|         |    154     			free(keyStore);    			 | 
|         |    155     			free(pkey->name); | 
|         |    156     			free (pkey); | 
|         |    157     			xmlSecSetErrorFlag( err ); | 
|         |    158     			return NULL; | 
|         |    159     		} | 
|         |    160     		 | 
|         |    161     		pkey->keyStore = keyStore; | 
|         |    162     		 | 
|         |    163     	} | 
|         |    164     	else  | 
|         |    165     	{ | 
|         |    166     	    free(pkey->name); | 
|         |    167     	    free(pkey); | 
|         |    168     		xmlSecSetErrorFlag( KErrNoMemory ); | 
|         |    169     	    return NULL;     | 
|         |    170     	} | 
|         |    171     	 | 
|         |    172     	pkey->type = aKeyType; | 
|         |    173     	pkey->load = NOKEY; | 
|         |    174     	pkey->bitsize = 0; | 
|         |    175     	pkey->duplicate = 0;    	   	 | 
|         |    176     } | 
|         |    177     else  | 
|         |    178         { | 
|         |    179         xmlSecSetErrorFlag( KErrNoMemory ); | 
|         |    180         } | 
|         |    181      | 
|         |    182    return pkey; | 
|         |    183 } | 
|         |    184  | 
|         |    185 // ----------------------------------------------------------------------------- | 
|         |    186 // sc_load_key Try to load usable key from the SymbianKeyStore | 
|         |    187 // Arguments: aPKey a EVP_PKEY key structure | 
|         |    188 // Returns: KErrNone if no error | 
|         |    189 //			KErrArgument if the arguments have error | 
|         |    190 //			KErrNotSupported if the key type is not supported | 
|         |    191 //			KErrNotFound if no key is found | 
|         |    192 // ----------------------------------------------------------------------------- | 
|         |    193 int sc_pkey_load(EVP_PKEY *aPKey) | 
|         |    194 { | 
|         |    195 	TInt err=KErrNone; | 
|         |    196 	 | 
|         |    197 	// Check arguments | 
|         |    198 	if (!aPKey || !aPKey->name) | 
|         |    199 	{ | 
|         |    200 		return KErrArgument; | 
|         |    201 	} | 
|         |    202  | 
|         |    203 	// Load key | 
|         |    204 	TPtrC8 keyNamePtr((const unsigned char*)aPKey->name, strlen(aPKey->name)); | 
|         |    205 	switch (aPKey->type) | 
|         |    206 	{ | 
|         |    207 		case EVP_PKEY_RSA:			 | 
|         |    208 			aPKey->keyStore->iKeyStore->FindKey(keyNamePtr, CCTKeyInfo::ERSA); | 
|         |    209 			break; | 
|         |    210 		case EVP_PKEY_UNKNOWN:	 | 
|         |    211 			aPKey->keyStore->iKeyStore->FindKey(keyNamePtr, CCTKeyInfo::EInvalidAlgorithm); | 
|         |    212 			break;			 | 
|         |    213 		default: | 
|         |    214 			return KErrNotSupported;		 | 
|         |    215 	} | 
|         |    216 	err = aPKey->keyStore->iKeyStore->GetError(); | 
|         |    217 	if ( err != KErrNone )  | 
|         |    218 	    { | 
|         |    219 	    return err; | 
|         |    220 	    } | 
|         |    221 	 | 
|         |    222 	// Run asynchronous key load until done | 
|         |    223 	CActiveScheduler::Start();		 | 
|         |    224 	err = aPKey->keyStore->iKeyStore->GetError(); | 
|         |    225 	if ( err == KErrNone ) | 
|         |    226 	    { | 
|         |    227 	    err = aPKey->keyStore->iKeyStore->hasKey();	    | 
|         |    228 	    } | 
|         |    229 	if (!err) | 
|         |    230 	{ | 
|         |    231 		aPKey->load = HASKEY; | 
|         |    232 		aPKey->bitsize = aPKey->keyStore->iKeyStore->GetKeySize(); | 
|         |    233 		if (aPKey->type == EVP_PKEY_UNKNOWN) | 
|         |    234 		{ | 
|         |    235 			switch (aPKey->keyStore->iKeyStore->GetKeyAlgorithm()) | 
|         |    236 			{ | 
|         |    237 			case CCTKeyInfo::ERSA: | 
|         |    238 				aPKey->type = EVP_PKEY_RSA; | 
|         |    239 				break; | 
|         |    240 			case CCTKeyInfo::EDSA: | 
|         |    241 				aPKey->type = EVP_PKEY_DSA; | 
|         |    242 				break; | 
|         |    243 			default: | 
|         |    244 				aPKey->type = EVP_PKEY_UNKNOWN;	 | 
|         |    245 				break;	 | 
|         |    246 			} | 
|         |    247 		} | 
|         |    248 	}	 | 
|         |    249 	else | 
|         |    250 	{ | 
|         |    251 		aPKey->load = NOKEY; | 
|         |    252 		aPKey->bitsize = 0; | 
|         |    253 	} | 
|         |    254 	 | 
|         |    255 	return err; | 
|         |    256  | 
|         |    257 } | 
|         |    258  | 
|         |    259 // ----------------------------------------------------------------------------- | 
|         |    260 // sc_generate_key Try to generate key from the SymbianKeyStore | 
|         |    261 // Arguments: aPKey a EVP_PKEY key structure | 
|         |    262 //			  aSizeBits bit size of the key generated | 
|         |    263 // Returns: KErrNone if no error | 
|         |    264 //			KErrArgument if the arguments have error | 
|         |    265 // ----------------------------------------------------------------------------- | 
|         |    266 int sc_pkey_generate(EVP_PKEY *aPKey, unsigned int aSizeBits) | 
|         |    267 { | 
|         |    268 	TInt err=KErrNone;	 | 
|         |    269 	 | 
|         |    270 	// Check arguments | 
|         |    271 	if (!aPKey || (aSizeBits <= 0)) | 
|         |    272 	{ | 
|         |    273 		err = KErrArgument; | 
|         |    274 		return err; | 
|         |    275 	} | 
|         |    276 	 | 
|         |    277 	// Use SymbianKeyStore to create RSA key | 
|         |    278 	aPKey->keyStore->iKeyStore->CreateRSAKey(aSizeBits, KRsaKeyName); | 
|         |    279 	err = aPKey->keyStore->iKeyStore->GetError(); | 
|         |    280 	if ( err != KErrNone)  | 
|         |    281 	    { | 
|         |    282 	    return err; | 
|         |    283 	    } | 
|         |    284 	 | 
|         |    285 	// Run asynchronous key creation until done | 
|         |    286 	CActiveScheduler::Start();		 | 
|         |    287     err = aPKey->keyStore->iKeyStore->GetError(); | 
|         |    288     if ( err == KErrNone ) | 
|         |    289 	    err = aPKey->keyStore->iKeyStore->hasKey();	 | 
|         |    290 	if (!err) | 
|         |    291 	{ | 
|         |    292 		aPKey->load = HASKEY; | 
|         |    293 		aPKey->bitsize = aSizeBits; | 
|         |    294 	}	 | 
|         |    295 	else | 
|         |    296 	{ | 
|         |    297 		aPKey->load = NOKEY; | 
|         |    298 		aPKey->bitsize = 0; | 
|         |    299 	} | 
|         |    300 		 | 
|         |    301 	return err; | 
|         |    302 } | 
|         |    303  | 
|         |    304 // ----------------------------------------------------------------------------- | 
|         |    305 // sc_pkey_free Free the EVP_PKEY structure | 
|         |    306 // Arguments: aPKey a EVP_PKEY structure | 
|         |    307 // Returns: None | 
|         |    308 // ----------------------------------------------------------------------------- | 
|         |    309 void sc_pkey_free(EVP_PKEY *aPKey) | 
|         |    310 { | 
|         |    311 	if (!aPKey) | 
|         |    312 	  return; | 
|         |    313 	 | 
|         |    314 	if (aPKey->keyStore && !aPKey->duplicate) | 
|         |    315 	{ | 
|         |    316 		if (aPKey->name) | 
|         |    317 		{ | 
|         |    318 			free(aPKey->name); | 
|         |    319 			aPKey->name = NULL; | 
|         |    320 		}	 | 
|         |    321 		 | 
|         |    322 		if (aPKey->keyStore->iKeyStore) | 
|         |    323 		{ | 
|         |    324 			delete aPKey->keyStore->iKeyStore; | 
|         |    325 			aPKey->keyStore->iKeyStore = NULL; | 
|         |    326 		} | 
|         |    327 		 | 
|         |    328 		if (aPKey->keyStore->iSubjectPublicKeyInfo) | 
|         |    329 		{ | 
|         |    330 			delete aPKey->keyStore->iSubjectPublicKeyInfo; | 
|         |    331 			aPKey->keyStore->iSubjectPublicKeyInfo = NULL; | 
|         |    332 		} | 
|         |    333 						 | 
|         |    334 		free(aPKey->keyStore); | 
|         |    335 		aPKey->keyStore = NULL; | 
|         |    336 	} | 
|         |    337 	    | 
|         |    338 	 | 
|         |    339 	free(aPKey); | 
|         |    340 } | 
|         |    341  | 
|         |    342 // ----------------------------------------------------------------------------- | 
|         |    343 // sc_pkey_duplicate Duplicate the EVP_PKEY structure | 
|         |    344 // Arguments: aPKey a EVP_PKEY structure to be copied | 
|         |    345 // Returns: EVP_PKEY* the new EVP_PKEY structure pointer, NULL if failed | 
|         |    346 // ----------------------------------------------------------------------------- | 
|         |    347 EVP_PKEY *sc_pkey_duplicate(EVP_PKEY *aPKey) | 
|         |    348 { | 
|         |    349  | 
|         |    350     EVP_PKEY *pKeyNew = (EVP_PKEY*) malloc(sizeof(EVP_PKEY)); | 
|         |    351      | 
|         |    352     if (pKeyNew) | 
|         |    353     { | 
|         |    354     	pKeyNew->type = aPKey->type; | 
|         |    355 		pKeyNew->bitsize = aPKey->bitsize; | 
|         |    356 		pKeyNew->load = aPKey->load; | 
|         |    357 		pKeyNew->duplicate = 1; | 
|         |    358 		pKeyNew->keyStore = aPKey->keyStore;		 | 
|         |    359 		pKeyNew->name = aPKey->name; | 
|         |    360 				 | 
|         |    361 	} | 
|         |    362 	else | 
|         |    363 	{ | 
|         |    364 	   xmlSecSetErrorFlag( KErrNoMemory ); | 
|         |    365 	} | 
|         |    366 	 | 
|         |    367 	return pKeyNew; | 
|         |    368 } | 
|         |    369  | 
|         |    370 unsigned int sc_pkey_size(EVP_PKEY */*aPKey*/) | 
|         |    371 { | 
|         |    372 	// temporary fix (max 16358 bits = 2048 bytes) | 
|         |    373 	return 2048;		 | 
|         |    374 } | 
|         |    375  | 
|         |    376 // ----------------------------------------------------------------------------- | 
|         |    377 // sc_sign_final Finalize signing | 
|         |    378 // Arguments: aCtx EVP_MD_CTX structure, aOutbuf buffer,  | 
|         |    379 //                       aOutlen size of buffer,aPKey a EVP_PKEY structure,  | 
|         |    380 // Returns: NULL if correct operation, or error code | 
|         |    381 // ----------------------------------------------------------------------------- | 
|         |    382 TInt sc_sign_final(EVP_MD_CTX aCtx, unsigned char *aOutbuf, unsigned int *aOutlen, EVP_PKEY *aPkey) | 
|         |    383 { | 
|         |    384   const byte *hash; | 
|         |    385   unsigned int hashLen; | 
|         |    386   const unsigned char *outbuf = NULL; | 
|         |    387   TInt err; | 
|         |    388    | 
|         |    389   hashLen = sc_md_get_algo_dlen(aCtx); | 
|         |    390   hash = sc_md_read(aCtx, 0);		// the algo is not used currently | 
|         |    391   if (!hash) | 
|         |    392   { | 
|         |    393     return KErrNoMemory;   | 
|         |    394   } | 
|         |    395  | 
|         |    396   switch(aPkey->type) | 
|         |    397   { | 
|         |    398   	case EVP_PKEY_RSA: | 
|         |    399 		  TRAP(err, aPkey->keyStore->iKeyStore->RSASignL(hash, hashLen)); 	   | 
|         |    400 		  if (err!=KErrNone) | 
|         |    401 		  { | 
|         |    402 		     xmlSecSetErrorFlag( err ); | 
|         |    403 		  	 return err; | 
|         |    404 		  }		   | 
|         |    405 		  // Run asynchronous RSA signing until done | 
|         |    406 		  CActiveScheduler::Start();			   | 
|         |    407 		  outbuf = aPkey->keyStore->iKeyStore->GetSignedData(aOutlen); | 
|         |    408   	break; | 
|         |    409   	default: | 
|         |    410   	return KErrNotSupported; | 
|         |    411   } | 
|         |    412    | 
|         |    413   if (outbuf)  | 
|         |    414   { | 
|         |    415   	 memcpy(aOutbuf, outbuf, *aOutlen); | 
|         |    416   	 return KErrNone; | 
|         |    417   }  	 | 
|         |    418   else  | 
|         |    419     { | 
|         |    420     	TInt error = aPkey->keyStore->iKeyStore->GetError(); | 
|         |    421 		xmlSecSetErrorFlag( error ); | 
|         |    422 		return error; | 
|         |    423     }  | 
|         |    424    | 
|         |    425 } | 
|         |    426  | 
|         |    427 // ----------------------------------------------------------------------------- | 
|         |    428 // doVerifyFinalL Finalize verification | 
|         |    429 // Arguments: aHash buffer with hash, aHashLen size of hash, aSignature buffer,  | 
|         |    430 //                       aLen size of buffer,aPKey a EVP_PKEY structure,  | 
|         |    431 // Returns: NULL if correct operation, or error code | 
|         |    432 // ----------------------------------------------------------------------------- | 
|         |    433 TInt doVerifyFinalL(const byte *aHash,  | 
|         |    434                                 unsigned int aHashLen,  | 
|         |    435                                 unsigned char *aSignature,  | 
|         |    436                                 unsigned int aLen,  | 
|         |    437                                 EVP_PKEY *aPKey) | 
|         |    438 { | 
|         |    439     TInt res = 0; | 
|         |    440 	switch(aPKey->type) | 
|         |    441 	{ | 
|         |    442 		case EVP_PKEY_RSA:		 | 
|         |    443 			if (aPKey->keyStore->iSubjectPublicKeyInfo) | 
|         |    444 			{ | 
|         |    445 				res = (TInt)aPKey->keyStore->iKeyStore->RSAVerifyWithPublicKeyL(aHash,  | 
|         |    446 				                                        aHashLen,  | 
|         |    447 				                                        aSignature,  | 
|         |    448 				                                        aLen,  | 
|         |    449 				                                        aPKey->keyStore->iSubjectPublicKeyInfo);		 | 
|         |    450 			} | 
|         |    451 			else | 
|         |    452 			{ | 
|         |    453 				aPKey->keyStore->iKeyStore->RSAVerifyL(aHash, aHashLen, aSignature, aLen); | 
|         |    454 				// Run asynchronous RSA signing until done | 
|         |    455 		  		CActiveScheduler::Start(); | 
|         |    456                 User::LeaveIfError( aPKey->keyStore->iKeyStore->GetError() ); | 
|         |    457 		  		res = (TInt)aPKey->keyStore->iKeyStore->GetVerifyResult(); | 
|         |    458 			}; | 
|         |    459 		break; | 
|         |    460 		default: | 
|         |    461 		    res = KErrNotSupported; | 
|         |    462 	} | 
|         |    463     return res; | 
|         |    464 } | 
|         |    465  | 
|         |    466 // ----------------------------------------------------------------------------- | 
|         |    467 // sc_verify_final Finalize verification | 
|         |    468 // Arguments: aCtx EVP_MD_CTX structure, aSignature buffer,  | 
|         |    469 //                       aLen size of buffer,aPKey a EVP_PKEY structure,  | 
|         |    470 // Returns: NULL if correct operation, or error code | 
|         |    471 // ----------------------------------------------------------------------------- | 
|         |    472 TInt sc_verify_final(EVP_MD_CTX aCtx,  | 
|         |    473                                 unsigned char *aSignature,  | 
|         |    474                                 unsigned int aLen,  | 
|         |    475                                 EVP_PKEY *aPKey) | 
|         |    476 { | 
|         |    477   const byte *hash; | 
|         |    478   unsigned int hashLen; | 
|         |    479   TInt err; | 
|         |    480   TInt ret=0; | 
|         |    481    | 
|         |    482   hashLen = sc_md_get_algo_dlen(aCtx); | 
|         |    483   hash = sc_md_read(aCtx, 0);		// the algo is not used currently | 
|         |    484   if (!hash) | 
|         |    485   { | 
|         |    486     return KErrNoMemory;   | 
|         |    487   } | 
|         |    488    | 
|         |    489   TRAP(err, ret = doVerifyFinalL(hash, hashLen, aSignature, aLen, aPKey));   | 
|         |    490    | 
|         |    491   if (err != KErrNone) | 
|         |    492   { | 
|         |    493      xmlSecSetErrorFlag( err ); | 
|         |    494   	 return err; | 
|         |    495   } | 
|         |    496   else  | 
|         |    497   { | 
|         |    498   	 return ret; | 
|         |    499   } | 
|         |    500    | 
|         |    501 } | 
|         |    502  | 
|         |    503 // ----------------------------------------------------------------------------- | 
|         |    504 // d2i_PUBKEY_bio Read the public key from ASN.1 DER encoded format | 
|         |    505 // Arguments: aBio BIO structure | 
|         |    506 // Returns: EVP_PKEY structure | 
|         |    507 // ----------------------------------------------------------------------------- | 
|         |    508 EVP_PKEY* d2i_PUBKEY_bio(BIO *aBio) | 
|         |    509 { | 
|         |    510 	// Import key to keystore | 
|         |    511 	TInt err; | 
|         |    512 	EVP_PKEY *pKey;	 | 
|         |    513 	 | 
|         |    514 	// Remember to get the key type later | 
|         |    515 	pKey = sc_pkey_new(EVP_PKEY_UNKNOWN, aBio->name); | 
|         |    516 	if (!pKey) | 
|         |    517 	{ | 
|         |    518 		return NULL; | 
|         |    519 	} | 
|         |    520 	 | 
|         |    521 	// Import key if key is not found | 
|         |    522 	TPtrC8 keyPtr((const unsigned char*)aBio->mem, aBio->len); | 
|         |    523 	TRAP(err, pKey->keyStore->iSubjectPublicKeyInfo = CX509SubjectPublicKeyInfo::NewL(keyPtr));	 | 
|         |    524 	if (err!=KErrNone) | 
|         |    525 	{ | 
|         |    526 		sc_pkey_free(pKey); | 
|         |    527 		xmlSecSetErrorFlag( err ); | 
|         |    528 		return NULL; | 
|         |    529 	}	 | 
|         |    530  | 
|         |    531 	pKey->load = HASKEY;	 | 
|         |    532 	switch (pKey->keyStore->iSubjectPublicKeyInfo->AlgorithmId()) | 
|         |    533 	{ | 
|         |    534 		case ERSA: | 
|         |    535 			pKey->type = EVP_PKEY_RSA; | 
|         |    536 			break; | 
|         |    537 		case EDSA: | 
|         |    538 			pKey->type = EVP_PKEY_DSA; | 
|         |    539 			break; | 
|         |    540 		default: | 
|         |    541 			pKey->type = EVP_PKEY_UNKNOWN;	 | 
|         |    542 			break;	 | 
|         |    543 	}		 | 
|         |    544 		 | 
|         |    545 	return pKey;	 | 
|         |    546 } | 
|         |    547  | 
|         |    548 // ----------------------------------------------------------------------------- | 
|         |    549 // doKeyImportL Imports key | 
|         |    550 // Arguments: EVP_PKEY structure, aBio BIO structure | 
|         |    551 // ----------------------------------------------------------------------------- | 
|         |    552 void doKeyImportL(EVP_PKEY *aPKey, BIO *aBio) | 
|         |    553 { | 
|         |    554 	__ASSERT_ALWAYS(aPKey, User::Leave(KAssertionLeave)); | 
|         |    555 	__ASSERT_ALWAYS(aPKey->name, User::Leave(KAssertionLeave)); | 
|         |    556 	 | 
|         |    557 	TPtrC8 keyPtr((const unsigned char*)aBio->mem, aBio->len);	 | 
|         |    558 	TPtrC8 keyNamePtr((const unsigned char*)aPKey->name, strlen(aPKey->name)); | 
|         |    559 	 | 
|         |    560 	aPKey->keyStore->iKeyStore->ImportKey(keyPtr, keyNamePtr); | 
|         |    561 	User::LeaveIfError( aPKey->keyStore->iKeyStore->GetError() ); | 
|         |    562 	 | 
|         |    563 	// Run asynchronous key creation until done | 
|         |    564 	CActiveScheduler::Start();	 | 
|         |    565     User::LeaveIfError( aPKey->keyStore->iKeyStore->GetError() ); | 
|         |    566 } | 
|         |    567  | 
|         |    568 // ----------------------------------------------------------------------------- | 
|         |    569 // d2i_PKCS8PrivateKey_bio Read the private key from ASN.1 DER encoded PKCS#8 format  | 
|         |    570 // Arguments: aBio BIO structure, aPwdCallback callback, aPwdCallbackCtx callback context | 
|         |    571 // Returns: EVP_PKEY structure | 
|         |    572 // ----------------------------------------------------------------------------- | 
|         |    573 EVP_PKEY* d2i_PKCS8PrivateKey_bio(BIO *aBio, void *aPwdCallback, void *aPwdCallbackCtx) | 
|         |    574 { | 
|         |    575 	// Import key to keystore | 
|         |    576 	TInt err; | 
|         |    577 	EVP_PKEY *pKey; | 
|         |    578 	 | 
|         |    579 	// Remember to get the key type later | 
|         |    580 	pKey = sc_pkey_new(EVP_PKEY_UNKNOWN, aBio->name); | 
|         |    581 	if (!pKey) | 
|         |    582 	{ | 
|         |    583 		return NULL; | 
|         |    584 	} | 
|         |    585  | 
|         |    586 	// Check if there is existing key first | 
|         |    587 	err = sc_pkey_load(pKey); | 
|         |    588 	if (err == 0 && pKey->load) | 
|         |    589 	{ | 
|         |    590 		// Return key if it is found | 
|         |    591 		return pKey; | 
|         |    592 	}	 | 
|         |    593 	else if ( err != KErrNotFound )  | 
|         |    594 	    { | 
|         |    595 	    sc_pkey_free(pKey); | 
|         |    596 	    xmlSecSetErrorFlag( err ); | 
|         |    597 	    return NULL; | 
|         |    598 	    } | 
|         |    599 	 | 
|         |    600 	// Import key if key is not found | 
|         |    601 	TRAP(err, doKeyImportL(pKey, aBio)); | 
|         |    602 	if (err!=KErrNone) | 
|         |    603 	{ | 
|         |    604 		sc_pkey_free(pKey); | 
|         |    605 		xmlSecSetErrorFlag( err ); | 
|         |    606 		return NULL; | 
|         |    607 	}	 | 
|         |    608  | 
|         |    609  | 
|         |    610 	// Check to see if the import key is successful | 
|         |    611 	err = pKey->keyStore->iKeyStore->hasKey();	 | 
|         |    612 	if (err) | 
|         |    613 	{ | 
|         |    614 		sc_pkey_free(pKey); | 
|         |    615 		xmlSecSetErrorFlag( err ); | 
|         |    616 		return NULL; | 
|         |    617 	} | 
|         |    618  | 
|         |    619 	pKey->load = HASKEY; | 
|         |    620 	pKey->bitsize = pKey->keyStore->iKeyStore->GetKeySize(); | 
|         |    621 	switch (pKey->keyStore->iKeyStore->GetKeyAlgorithm()) | 
|         |    622 	{ | 
|         |    623 		case CCTKeyInfo::ERSA: | 
|         |    624 			pKey->type = EVP_PKEY_RSA; | 
|         |    625 			break; | 
|         |    626 		case CCTKeyInfo::EDSA: | 
|         |    627 			pKey->type = EVP_PKEY_DSA; | 
|         |    628 			break; | 
|         |    629 		default: | 
|         |    630 			pKey->type = EVP_PKEY_UNKNOWN;	 | 
|         |    631 			break;	 | 
|         |    632 	} | 
|         |    633  | 
|         |    634 		 | 
|         |    635 	return pKey; | 
|         |    636 	 | 
|         |    637 } | 
|         |    638  | 
|         |    639 // ----------------------------------------------------------------------------- | 
|         |    640 // d2i_PKCS8PrivateKey Read the private key from Unified Key Store | 
|         |    641 // Arguments: keyname name of the key | 
|         |    642 // Returns: EVP_PKEY structure | 
|         |    643 // ----------------------------------------------------------------------------- | 
|         |    644 EVP_PKEY* d2i_PKCS8PrivateKey(char *keyname) | 
|         |    645 { | 
|         |    646 	TInt err; | 
|         |    647 	EVP_PKEY *pKey; | 
|         |    648 	 | 
|         |    649 	// Remember to get the key type later | 
|         |    650 	pKey = sc_pkey_new(EVP_PKEY_UNKNOWN, keyname); | 
|         |    651 	if (!pKey) | 
|         |    652 	{ | 
|         |    653 		return NULL; | 
|         |    654 	} | 
|         |    655  | 
|         |    656 	// Check if there is existing key first | 
|         |    657 	err = sc_pkey_load(pKey); | 
|         |    658 	if (err == 0 && pKey->load) | 
|         |    659 	{ | 
|         |    660 		// Return key if it is found | 
|         |    661 		return pKey; | 
|         |    662 	}	 | 
|         |    663 	else if ( err != KErrNotFound )  | 
|         |    664 	    { | 
|         |    665 	    sc_pkey_free(pKey); | 
|         |    666 	    xmlSecSetErrorFlag( err ); | 
|         |    667 	    return NULL; | 
|         |    668 	    } | 
|         |    669 	 | 
|         |    670 	// Check to see if the find key is successful | 
|         |    671 	err = pKey->keyStore->iKeyStore->hasKey();	 | 
|         |    672 	if (err) | 
|         |    673 	{ | 
|         |    674 		sc_pkey_free(pKey); | 
|         |    675 		xmlSecSetErrorFlag( err ); | 
|         |    676 		return NULL; | 
|         |    677 	} | 
|         |    678  | 
|         |    679 	pKey->load = HASKEY; | 
|         |    680 	pKey->bitsize = pKey->keyStore->iKeyStore->GetKeySize(); | 
|         |    681 	switch (pKey->keyStore->iKeyStore->GetKeyAlgorithm()) | 
|         |    682 	{ | 
|         |    683 		case CCTKeyInfo::ERSA: | 
|         |    684 			pKey->type = EVP_PKEY_RSA; | 
|         |    685 			break; | 
|         |    686 		case CCTKeyInfo::EDSA: | 
|         |    687 			pKey->type = EVP_PKEY_DSA; | 
|         |    688 			break; | 
|         |    689 		default: | 
|         |    690 			pKey->type = EVP_PKEY_UNKNOWN;	 | 
|         |    691 			break;	 | 
|         |    692 	} | 
|         |    693  | 
|         |    694 		 | 
|         |    695 	return pKey; | 
|         |    696 	 | 
|         |    697 } | 
|         |    698  | 
|         |    699 #ifndef XMLSEC_NO_X509 | 
|         |    700  | 
|         |    701 // ----------------------------------------------------------------------------- | 
|         |    702 // doGetPubKeyL Set the public key info  | 
|         |    703 // Arguments: EVP_PKEY structure, aCert X509 structure | 
|         |    704 // ----------------------------------------------------------------------------- | 
|         |    705 void doGetPubKeyL(EVP_PKEY *aPKey, X509 *aCert) | 
|         |    706 { | 
|         |    707 	// Convert X509 to CX509Certificate | 
|         |    708 	TPtrC8 certPtr((const unsigned char*)aCert->der, aCert->derlen);     | 
|         |    709 	CX509Certificate *cert = CX509Certificate::NewLC(certPtr); | 
|         |    710 	 | 
|         |    711 	// Retrieve the public key | 
|         |    712 	aPKey->keyStore->iSubjectPublicKeyInfo = CSubjectPublicKeyInfo::NewL(cert->PublicKey()); | 
|         |    713 	 | 
|         |    714 	// Cleanup	 | 
|         |    715 	CleanupStack::PopAndDestroy(cert); | 
|         |    716 	 | 
|         |    717 } | 
|         |    718  | 
|         |    719 // ----------------------------------------------------------------------------- | 
|         |    720 // sc_pkey_setPublic Set the public key info  | 
|         |    721 // Arguments: EVP_PKEY structure, aCert X509 structure | 
|         |    722 // Returns: 0 if operation correct, or error code | 
|         |    723 // ----------------------------------------------------------------------------- | 
|         |    724 TInt sc_pkey_setPublic(EVP_PKEY* aPKey, X509 *aCert) | 
|         |    725 { | 
|         |    726 	TInt err; | 
|         |    727 	 | 
|         |    728 	if (aPKey->keyStore->iSubjectPublicKeyInfo) | 
|         |    729 	{ | 
|         |    730 		delete aPKey->keyStore->iSubjectPublicKeyInfo; | 
|         |    731 		aPKey->keyStore->iSubjectPublicKeyInfo = NULL; | 
|         |    732 	} | 
|         |    733  | 
|         |    734 	TRAP(err, doGetPubKeyL(aPKey, aCert)); | 
|         |    735 	 | 
|         |    736 	if (err == KErrNone) | 
|         |    737 	{ | 
|         |    738 		aPKey->load = HASKEY; | 
|         |    739 		switch (aPKey->keyStore->iSubjectPublicKeyInfo->AlgorithmId()) | 
|         |    740 		{ | 
|         |    741 			case ERSA: | 
|         |    742 				aPKey->type = EVP_PKEY_RSA; | 
|         |    743 				break; | 
|         |    744 			case EDSA: | 
|         |    745 				aPKey->type = EVP_PKEY_DSA; | 
|         |    746 				break; | 
|         |    747 			default: | 
|         |    748 				aPKey->type = EVP_PKEY_UNKNOWN;	 | 
|         |    749 				break;	 | 
|         |    750 		}	 | 
|         |    751 		 | 
|         |    752 	} | 
|         |    753 	else  | 
|         |    754 	    { | 
|         |    755 	    xmlSecSetErrorFlag( err ); | 
|         |    756 	    } | 
|         |    757 	 | 
|         |    758 	return err; | 
|         |    759 } | 
|         |    760  | 
|         |    761 #endif // XMLSEC_NO_X509 |