Symaptic: os/security/cryptoservices/certificateandkeymgmt/inc/pkcs7signedobject.h@bde4ae8d615e (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	*
sl@0	16	*/
sl@0	17
sl@0	18
sl@0	19	/**
sl@0	20	@file
sl@0	21	@internalTechnology
sl@0	22	@released
sl@0	23	*/
sl@0	24
sl@0	25	#ifndef __PKCS7_SIGNED_OBJECT_H__
sl@0	26	#define __PKCS7_SIGNED_OBJECT_H__
sl@0	27
sl@0	28	#include <signed.h>
sl@0	29	#include <e32base.h>
sl@0	30
sl@0	31	const TInt KPKCS7MaxDataElements = 6;
sl@0	32
sl@0	33	class CPKCS7ContentInfo;
sl@0	34	class CPKCS7ExtendedCertificateOrCertificate;
sl@0	35	class CPKCS7SignerInfo;
sl@0	36	class TASN1DecGeneric;
sl@0	37	class CX509AlgorithmIdentifier;
sl@0	38	class CX509Certificate;
sl@0	39
sl@0	40	/**
sl@0	41	A representation of a PKCS7 (signed data) entity
sl@0	42	This class is only used for update notifications and so does not provide
sl@0	43	full functionality. In particular, there is no means for creating a new
sl@0	44	PKCS7 object (other than from binary data),there is no means to modify it
sl@0	45	and revokation lists are not supported. The optional fields in signerinfo
sl@0	46	are not supported and are ignored.
sl@0	47	@internalTechnology
sl@0	48	*/
sl@0	49	class CPKCS7SignedObject : public CSignedObject
sl@0	50	{
sl@0	51	public:
sl@0	52	/**
sl@0	53	Values for encoded data element positions in tbsCert data structure.
sl@0	54	These values are passed as the index to the DataElementEncoding() function
sl@0	55	Objects containing revokation lists are not supported
sl@0	56	*/
sl@0	57	enum
sl@0	58	{
sl@0	59	EVersionNumber = 0,
sl@0	60	EDigestAlgorithms = 1,
sl@0	61	EContentInfo = 2,
sl@0	62	ECertificates = 3,
sl@0	63	ERevocationLists = 4,
sl@0	64	ESignedInfo = 5
sl@0	65	};
sl@0	66	/**
sl@0	67	Creates a PKCS7 object from the RFC2315 representation
sl@0	68	@param aRawData The binary ASN1 encoded entity
sl@0	69	@return The fully constructed object
sl@0	70	*/
sl@0	71	IMPORT_C static CPKCS7SignedObject* NewL(const CPKCS7ContentInfo& aContentInfo);
sl@0	72
sl@0	73	/**
sl@0	74	Creates a PKCS7-2 object from the RFC2315 representation
sl@0	75	@param aRawData The binary ASN1 encoded entity
sl@0	76	@return The fully constructed object
sl@0	77	*/
sl@0	78	IMPORT_C static CPKCS7SignedObject* NewLC(const CPKCS7ContentInfo& aContentInfo);
sl@0	79
sl@0	80	/** (From CSignedObject)
sl@0	81	Accesses one of the encoded fields
sl@0	82	@param aIndex One of the data element positions listed in the preceding enum
sl@0	83	@return The encoded field
sl@0	84	*/
sl@0	85	IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const;
sl@0	86	/** (From CSignedObject)
sl@0	87	Not supported
sl@0	88	*/
sl@0	89	IMPORT_C virtual void InternalizeL(RReadStream& aStream) ;
sl@0	90	/** (From CSignedObject)
sl@0	91	Provides access to the signed data (PKCS7-2) part of the PKCS7 object
sl@0	92	@return The signed data
sl@0	93	*/
sl@0	94	IMPORT_C virtual const TPtrC8 SignedDataL() const;
sl@0	95	/**
sl@0	96	Provides access to the digest algorithms
sl@0	97	@return The digest algorithms
sl@0	98	*/
sl@0	99	IMPORT_C const RPointerArray<CX509AlgorithmIdentifier>& DigestAlgorithms() const;
sl@0	100	/**
sl@0	101	Provides access to the PKCS7 version number
sl@0	102	@return The version number
sl@0	103	*/
sl@0	104	IMPORT_C TInt Version() const;
sl@0	105	/**
sl@0	106	Provides access to the PKCS7 version number
sl@0	107	@return The version number
sl@0	108	*/
sl@0	109	IMPORT_C const CPKCS7ContentInfo& ContentInfo() const;
sl@0	110	/**
sl@0	111	Provides access to the certificates
sl@0	112	@return The certificates
sl@0	113	*/
sl@0	114	IMPORT_C const RPointerArray<CPKCS7ExtendedCertificateOrCertificate>& Certificates() const;
sl@0	115	/**
sl@0	116	Provides access to the signer information
sl@0	117	@return The signer information
sl@0	118	*/
sl@0	119	IMPORT_C const RPointerArray<CPKCS7SignerInfo>& SignerInfo() const;
sl@0	120	/**
sl@0	121	Validates the signer and creates the certificate chain for that signer
sl@0	122	@param aSignerInfo The signer to be validated
sl@0	123	@param aCertChainEncoding The certificate chain. This is created and pushed onto the
sl@0	124	cleanup stack by the function.
sl@0	125	*/
sl@0	126	IMPORT_C TBool ValidateSignerL(const CPKCS7SignerInfo& aSignerInfo, HBufC8*& aCertChainEncoding);
sl@0	127	/** The destructor */
sl@0	128	IMPORT_C ~CPKCS7SignedObject();
sl@0	129	protected:
sl@0	130	IMPORT_C CPKCS7SignedObject(void);
sl@0	131	IMPORT_C void ConstructL(const CPKCS7ContentInfo& aContentInfo);
sl@0	132
sl@0	133
sl@0	134	private:
sl@0	135	CPKCS7SignedObject(const CPKCS7SignedObject&);
sl@0	136	void InitSignedObjectL(const TDesC8& aRawData);
sl@0	137	void DecodeSignedDataL(const TDesC8& aRawData);
sl@0	138	void DecodeDigestAlgorithmsL(const TDesC8& aRawData);
sl@0	139	void DecodeCertificatesL(const TDesC8& aRawData);
sl@0	140	void DecodeRevocationListsL(const TDesC8& aRawData);
sl@0	141	void DecodeSignerInfoL(const TDesC8& aRawData);
sl@0	142
sl@0	143	TBool ValidateSignatureL(const CPKCS7SignerInfo& aSignerInfo, const CX509Certificate& aEndEntityCert);
sl@0	144	protected:
sl@0	145	RPointerArray<CX509AlgorithmIdentifier> iDigestAlgorithms;
sl@0	146	TInt iVersion;
sl@0	147	CPKCS7ContentInfo* iContentInfo;
sl@0	148	RPointerArray<CPKCS7ExtendedCertificateOrCertificate> iCertificates;
sl@0	149	RPointerArray<CPKCS7SignerInfo> iSignerInfo;
sl@0	150	TFixedArray<TPtrC8*, KPKCS7MaxDataElements> iDataElements;
sl@0	151	};
sl@0	152
sl@0	153	#endif //__PKCS7_SIGNED_OBJECT_H__

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--