os/security/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertstate.h
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
sl@0
     1
/*
sl@0
     2
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0
     3
* All rights reserved.
sl@0
     4
* This component and the accompanying materials are made available
sl@0
     5
* under the terms of the License "Eclipse Public License v1.0"
sl@0
     6
* which accompanies this distribution, and is available
sl@0
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0
     8
*
sl@0
     9
* Initial Contributors:
sl@0
    10
* Nokia Corporation - initial contribution.
sl@0
    11
*
sl@0
    12
* Contributors:
sl@0
    13
*
sl@0
    14
* Description: 
sl@0
    15
* CPKIXValidationState class implementation
sl@0
    16
*
sl@0
    17
*/
sl@0
    18
sl@0
    19
sl@0
    20
/**
sl@0
    21
 @file 
sl@0
    22
 @internalTechnology
sl@0
    23
*/
sl@0
    24
 
sl@0
    25
#if !defined (__PKIXCERTSTATE_H__)
sl@0
    26
#define __PKIXCERTSTATE_H__
sl@0
    27
sl@0
    28
#include <e32std.h>
sl@0
    29
#include <x509cert.h>
sl@0
    30
#include <x509certchain.h>
sl@0
    31
#include <x509certext.h>
sl@0
    32
#include <x509gn.h>
sl@0
    33
sl@0
    34
/*this class has no brains at all. all it does it act as a container for
sl@0
    35
state information needed when processing a certificate chain according to 
sl@0
    36
the PKIX algorithm. it gets passed around among the classes which use it. 
sl@0
    37
the classes which use it are all friends 'cos that seems neater than making 
sl@0
    38
all its data public or including 500 accessors*/
sl@0
    39
sl@0
    40
class CPKIXCertChainAO;
sl@0
    41
sl@0
    42
class CPKIXValidationState : public CBase
sl@0
    43
	{
sl@0
    44
	friend class CPKIXCertChainAO;
sl@0
    45
	friend class TPKIXPolicyConstraint;
sl@0
    46
	friend class TPKIXNameConstraint;
sl@0
    47
	friend class TPKIXBasicConstraint;
sl@0
    48
	friend class TPKIXKeyUsageConstraint;
sl@0
    49
public:
sl@0
    50
	static CPKIXValidationState* NewL(	const TTime aValidationTime, TInt aChainLength,
sl@0
    51
										const CArrayPtr<HBufC>* aInitialPolicies);
sl@0
    52
	static CPKIXValidationState* NewLC(	const TTime aValidationTime, TInt aChainLength,
sl@0
    53
										const CArrayPtr<HBufC>* aInitialPolicies);
sl@0
    54
	~CPKIXValidationState();
sl@0
    55
private:
sl@0
    56
	CPKIXValidationState(	const TTime aValidationTime, TInt aChainLength,
sl@0
    57
							const CArrayPtr<HBufC>* aInitialPolicies);
sl@0
    58
	void ConstructL();
sl@0
    59
private:
sl@0
    60
	const TTime iValidationTime;
sl@0
    61
	TInt iPolicyMapping;
sl@0
    62
	TInt iPolicyRequired;
sl@0
    63
	TInt iMaxPathLength;
sl@0
    64
	TInt iPos;
sl@0
    65
sl@0
    66
//	TBool iAnyUserPolicy;
sl@0
    67
	TBool iAnyAuthorityPolicy;
sl@0
    68
	
sl@0
    69
	const CArrayPtr<HBufC>* iUserConstrainedPolicies;
sl@0
    70
	CArrayPtrFlat<CX509CertPolicyInfo>* iAuthorityConstrainedPolicies;
sl@0
    71
	
sl@0
    72
	CArrayPtrFlat<HBufC>* iUserPolicies;	
sl@0
    73
	CArrayPtrFlat<CX509PolicyMapping>* iMappedPolicies;
sl@0
    74
	CArrayPtrFlat<CX500DistinguishedName>* iExcludedDNSubtrees;
sl@0
    75
	CArrayPtrFlat<CX500DistinguishedName>* iPermittedDNSubtrees;
sl@0
    76
	//these are all just to deal with name constraints on alt names
sl@0
    77
	//can you believe it?
sl@0
    78
	CArrayPtrFlat<CX509DomainName>* iExcludedRFC822Subtrees;
sl@0
    79
	CArrayPtrFlat<CX509DomainName>* iPermittedRFC822Subtrees;
sl@0
    80
	CArrayPtrFlat<CX509DomainName>* iExcludedDNSNameSubtrees;
sl@0
    81
	CArrayPtrFlat<CX509DomainName>* iPermittedDNSNameSubtrees;
sl@0
    82
	CArrayPtrFlat<CX509IPSubnetMask>* iExcludedIPAddressSubtrees;
sl@0
    83
	CArrayPtrFlat<CX509IPSubnetMask>* iPermittedIPAddressSubtrees;
sl@0
    84
	CArrayPtrFlat<CX509CertExtension>* iCriticalExts;
sl@0
    85
	};
sl@0
    86
sl@0
    87
#endif