/*

* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).

* All rights reserved.

* This component and the accompanying materials are made available

* under the terms of the License "Eclipse Public License v1.0"

* which accompanies this distribution, and is available

* at the URL "http://www.eclipse.org/legal/epl-v10.html".

*

* Initial Contributors:

* Nokia Corporation - initial contribution.

*

* Contributors:

*

* Description: 

* PKIXVALIDATIONRESULT.H

* Implementation of the class storing PKIX validation result information 

*

*/

/**

 @file 

 @publishedAll

 @released

*/

#ifndef __PKIXVALIDATIONRESULT_H__

#define __PKIXVALIDATIONRESULT_H__

#include <x509certchain.h>

#include <x509certext.h>

class RReadStream;

/**

 * Base class for CPKIXValidationResult.

 */

class CPKIXValidationResultBase : public CBase

	{

public:

	/** Creates a new PKIX Validation Result object.

	* 

	* @return	The new PKIX Validation Result object. */

	IMPORT_C static CPKIXValidationResultBase* NewL();

	/** Creates a new PKIX Validation Result object, and puts a pointer to it onto 

	* the cleanup stack.

	* 

	* @return	The new PKIX Validation Result object. */

	IMPORT_C static CPKIXValidationResultBase* NewLC();

   /** Creates a new PKIX Validation Result object from a stream.

	* 

	* @return	The new PKIX Validation Result object. */

	IMPORT_C static CPKIXValidationResultBase* NewL(RReadStream& aStream);

	/** Creates a new PKIX Validation Result object from a stream, and puts a pointer to it onto 

	* the cleanup stack.

	* 

	* @return	The new PKIX Validation Result object. */

	IMPORT_C static CPKIXValidationResultBase* NewLC(RReadStream& aStream);

	/** The destructor.

	* 

	* Frees all resources owned by the object. */

	IMPORT_C ~CPKIXValidationResultBase();

	/** Gets the error status of the operation.

	* 

	* Errors are considered fatal, i.e. validation has failed.

	* 

	* @return	The error status of the operation. */

	IMPORT_C const TValidationStatus Error() const;

	/** Gets a list of warnings generated.

	* 

	* The warnings may or may not be fatal, depending on the context, which the 

	* client is expected to provide.

	* 

	* @return	An array of any warnings generated. */

	IMPORT_C const CArrayFixFlat<TValidationStatus>& Warnings() const;

	/** Gets a list of all the certificate policies which have been accepted implicitly 

	* in the course of validation.

	* 

	* @return	An array of certificate policies. */

	IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const;

	/** Resets the validation result object to its default values. 

	 * @internalTechnology

	 */

	void Reset();

	/** Sets the error status, and then leaves.

	* 

	* The function uses SetError() to set the error status.

	* 

	* @param aError	The error type that occurred when validating the certificate chain.

	* @param aCert	The index number identifying the certificate that gave rise to 

	* 				the error. 

    * @internalTechnology

	*/

	void SetErrorAndLeaveL(const TValidationError aError, const TInt aCert);

	/** Sets the error status.

	* 

	* @param aError	The error type that occurred when validating the certificate chain.

	* @param aCert	The index number identifying the certificate that gave rise to 

	* 				the error. 

	* @internalTechnology

	*/

	void SetError(const TValidationError aError, const TInt aCert);

	/** Adds a warning to the validation result.

	* 

	* @param aWarning	The warning to be added. 

	* @internalTechnology

	*/

	void AppendWarningL(TValidationStatus aWarning);

	/** Adds a policy to the validation result.

	* 

	* @param aPolicy	The policy to be added.

	* @internalTechnology

	*/

	void AppendPolicyL(CX509CertPolicyInfo& aPolicy);

	/** Removes all policies from the validation result.

	* 

	* It is used by the validation process to remove policies it has added when 

	* the computation cannot complete because of environmental conditions such as 

	* out of memory, file access failures, etc..

	* @internalTechnology

	*/

	// (not like signature validation...)

	void RemovePolicies();

	// Internalization/Externalization

	// Externalize. Writes the data out to a stream

	/** Externalises an object of this class to a write stream.

	* 

	* The presence of this function means that the standard templated operator<<() 

	* can be used to externalise objects of this class.

	* 

	* @param aStream	Stream to which the object should be externalised. */

	IMPORT_C void ExternalizeL(RWriteStream& aStream) const;

	// Internalize. Reads the data from a stream 

	/** Internalises an object of this class from a read stream.

	* 

	* The presence of this function means that the standard templated operator>>() 

	* can be used to internalise objects of this class.

	* 

	* Note that this function has assignment semantics: it replaces the old value 

	* of the object with a new value read from the read stream.	

	* 

	* @param aStream	Stream from which the object should be internalised. */

	IMPORT_C void InternalizeL(RReadStream& aStream);

	/** Returns a list of critical extensions encountered and warnings generated by

	* certificates during chain validation.

	* 

	* @return	An array of certificate warnings. */

	IMPORT_C const RPointerArray<CCertificateValidationWarnings>& ValidationWarnings() const;

	/** Adds a certificate warning to the validation result.

	* 

	* @param aCertWarning	The warning to be added. */

	IMPORT_C void AppendCertificateValidationObjectL(const CCertificateValidationWarnings& aCertWarning);

	/** Adds a critical extension OID warning.

	* 

	* @param aCriticalExt	The critical extension OID to be added. */

	IMPORT_C void AppendCriticalExtensionWarningL(TDesC& aCriticalExt);

protected:

	IMPORT_C CPKIXValidationResultBase();

	IMPORT_C void ConstructL();

private:

	TValidationStatus iError;

	CArrayFixFlat<TValidationStatus>* iWarnings;

	CArrayPtrFlat<CX509CertPolicyInfo>* iPolicies;

	RPointerArray<CCertificateValidationWarnings> iCertWarnings;

	};

/** Stores the information regarding the results of a validation of a PKIX 

* certificate chain. 

*

* @since v6.0 */

class CPKIXValidationResult : public CPKIXValidationResultBase

	{

public:

	/** Creates a new PKIX Validation Result object.

	* 

	* @return	The new PKIX Validation Result object. */

	IMPORT_C static CPKIXValidationResult* NewL();

	/** Creates a new PKIX Validation Result object, and puts a pointer to it onto 

	* the cleanup stack.

	* 

	* @return	The new PKIX Validation Result object. */

	IMPORT_C static CPKIXValidationResult* NewLC();

	/** The destructor.

	* 

	* Frees all resources owned by the object. */

	IMPORT_C ~CPKIXValidationResult();

	/** Gets the error status of the operation.

	* 

	* Errors are considered fatal, i.e. validation has failed.

	* 

	* @return	The error status of the operation. */

	IMPORT_C const TValidationStatus Error() const;

	/** Gets a list of warnings generated.

	* 

	* The warnings may or may not be fatal, depending on the context, which the 

	* client is expected to provide.

	* 

	* @return	An array of any warnings generated. */

	IMPORT_C const CArrayFixFlat<TValidationStatus>& Warnings() const;

	/** Gets a list of all the certificate policies which have been accepted implicitly 

	* in the course of validation.

	* 

	* @return	An array of certificate policies. */

	IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const;

	/** Returns a list of critical extensions encountered and warnings generated by

	* certificates during chain validation. A CCertificateWarning object is returned for

	* each certificate in the chain, even if no critical extensions or warnings were 

	* encountered. The array's data is in the same order as the certificate chain.

	* 

	* @return	An array of certificate warnings. Ownership is not transferred 

	* to the caller. */

	IMPORT_C const RPointerArray<CCertificateValidationWarnings>& ValidationWarnings() const;

private:

	CPKIXValidationResult();

	};

#endif