2 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
19 namespace Tizen.Security.SecureRepository.Crypto
22 /// This class provides the methods creating and verifying a signature.
24 /// <since_tizen> 3 </since_tizen>
25 public class Signature
27 private SignatureParameters _parameters;
30 /// A constructor of Signature that takes the algorithm specific parameters.
32 /// <since_tizen> 3 </since_tizen>
33 /// <param name="parameters">The algorithm specific parameters.</param>
34 public Signature(SignatureParameters parameters)
36 _parameters = parameters;
40 /// The algorithm specific parameters.
42 /// <since_tizen> 3 </since_tizen>
43 public SignatureParameters Parameters
45 get { return _parameters; }
49 /// Creates a signature on a given message using a private key and returns
52 /// <since_tizen> 3 </since_tizen>
53 /// <param name="privateKeyAlias">The name of private key.</param>
54 /// <param name="password">
55 /// The password used in decrypting a private key value.
57 /// <param name="message">The message that is signed with a private key.</param>
58 /// <returns>A newly created signature.</returns>
59 /// <exception cref="ArgumentNullException">
60 /// privateKeyAlias or message is null.
62 /// <exception cref="ArgumentException">
63 /// privateKeyAlias is invalid format.
65 /// <exception cref="InvalidOperationException">
66 /// Key-protecting password isn't matched.
67 /// Key does not exist with privateKeyAlias.
70 /// The key type specified by privateKeyAlias should be compatible with the
71 /// algorithm specified in Parameters.
74 /// If password of policy is provided during storing a key, the same password
75 /// should be provided.
77 public byte[] Sign(string privateKeyAlias, string password, byte[] message)
79 if (privateKeyAlias == null || message == null)
80 throw new ArgumentNullException("alias and message should not be null");
82 int hash = (int)HashAlgorithm.None;
85 hash = (int)Parameters.Get(SignatureParameterName.HashAlgorithm);
89 int rsaPadding = (int)RsaPaddingAlgorithm.None;
92 rsaPadding = (int)Parameters.Get(SignatureParameterName.RsaPaddingAlgorithm);
96 IntPtr ptr = IntPtr.Zero;
100 Interop.CheckNThrowException(
101 Interop.CkmcManager.CreateSignature(
102 privateKeyAlias, password,
103 new Interop.CkmcRawBuffer(
104 new PinnedObject(message), message.Length),
105 hash, rsaPadding, out ptr),
106 "Failed to generate signature");
107 return new SafeRawBufferHandle(ptr).Data;
111 if (ptr != IntPtr.Zero)
112 Interop.CkmcTypes.BufferFree(ptr);
117 /// Verifies a given signature on a given message using a public key and returns
118 /// the signature status.
120 /// <since_tizen> 3 </since_tizen>
121 /// <param name="publicKeyAlias">The name of public key.</param>
122 /// <param name="password">
123 /// The password used in decrypting a public key value.
125 /// <param name="message">The input on which the signature is created.</param>
126 /// <param name="signature">The signature that is verified with public key.</param>
128 /// The signature status. True is returned when the signature is valid.
130 /// <exception cref="ArgumentNullException">
131 /// publicKeyAlias, message or signature is null.
133 /// <exception cref="ArgumentException">
134 /// publicKeyAlias is invalid format.
136 /// <exception cref="InvalidOperationException">
137 /// Key-protecting password isn't matched.
138 /// Key does not exist with publicKeyAlias.
141 /// The key type specified by publicKeyAlias should be compatible with the
142 /// algorithm specified in Parameters.
145 /// If password of policy is provided during storing a key, the same password
146 /// should be provided.
149 string publicKeyAlias, string password, byte[] message, byte[] signature)
151 if (publicKeyAlias == null || message == null || signature == null)
152 throw new ArgumentNullException("mandatory arg should not be null");
154 int hash = (int)HashAlgorithm.None;
157 hash = (int)Parameters.Get(SignatureParameterName.HashAlgorithm);
161 int rsaPadding = (int)RsaPaddingAlgorithm.None;
164 rsaPadding = (int)Parameters.Get(SignatureParameterName.RsaPaddingAlgorithm);
169 int ret = Interop.CkmcManager.VerifySignature(
172 new Interop.CkmcRawBuffer(new PinnedObject(message), message.Length),
173 new Interop.CkmcRawBuffer(new PinnedObject(signature), signature.Length),
177 if (ret == (int)Interop.KeyManagerError.VerificationFailed)
179 Interop.CheckNThrowException(ret, "Failed to verify signature");