1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/crypto/weakcrypto/inc/pbe.h Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,611 @@
1.4 +/*
1.5 +* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +* ** IMPORTANT ** PublishedPartner API's in this file are published to 3rd party developers via the
1.19 +* Symbian website. Changes to these API's should be treated as PublishedAll API changes and the Security TA should be consulted.
1.20 +*
1.21 +*/
1.22 +
1.23 +
1.24 +/**
1.25 + @file
1.26 + @publishedPartner
1.27 + @released
1.28 +*/
1.29 +
1.30 +#ifndef __PBE_H__
1.31 +#define __PBE_H__
1.32 +
1.33 +#include <e32std.h>
1.34 +#include "pbebase.h"
1.35 +
1.36 +class CPBEncryptionData;
1.37 +class CPBEncryptor;
1.38 +class CPBDecryptor;
1.39 +
1.40 +/**
1.41 + * Password Based Encryption ciphers.
1.42 + *
1.43 + * Note that RC2 has an additional key parameter, the "effective key length".
1.44 + *
1.45 + * Used in the construction of CPBEncryptElement, CPBEncryptSet, CPBEncryptParms,
1.46 + * and CPBEncryptionData objects and in the CPBEncryptParms::Cipher() function.
1.47 + */
1.48 +enum TPBECipher
1.49 + {
1.50 + /** AES cipher in CBC mode with a supplied key size of 128 bits. */
1.51 + ECipherAES_CBC_128,
1.52 + /** AES cipher in CBC mode with a supplied key size of 192 bits. */
1.53 + ECipherAES_CBC_192,
1.54 + /** AES cipher in CBC mode with a supplied key size of 256 bits. */
1.55 + ECipherAES_CBC_256,
1.56 + /** DES cipher in CBC mode (with a supplied key size of 56 bits). */
1.57 + ECipherDES_CBC,
1.58 + /** Triple-DES cipher in CBC mode. */
1.59 + ECipher3DES_CBC,
1.60 + /**
1.61 + * RC2 cipher in CBC mode with a supplied key length of 40 bits.
1.62 + *
1.63 + * It has an effective key length of 1024 bits (128 bytes), which is compatible
1.64 + * with OpenSSL RC2 encryption.
1.65 + */
1.66 + ECipherRC2_CBC_40,
1.67 + /**
1.68 + * RC2 cipher in CBC mode with a supplied key length of 128 bits.
1.69 + *
1.70 + * It has an effective key length of 1024 bits (128 bytes), which is compatible
1.71 + * with OpenSSL RC2 encryption.
1.72 + */
1.73 + ECipherRC2_CBC_128,
1.74 + /**
1.75 + * RC2 cipher in CBC mode with a supplied key length of 40 bits.
1.76 + *
1.77 + * It has an effective key length of 128 bits (16 bytes), which is compatible
1.78 + * with the RC2 encryption used in PKCS#8 encryption keys generated by OpenSSL
1.79 + */
1.80 + ECipherRC2_CBC_40_16,
1.81 + /**
1.82 + * RC2 cipher in CBC mode with a supplied key length of 128 bits.
1.83 + *
1.84 + * It has an effective key length of 128 bits (16 bytes), which is compatible
1.85 + * with the RC2 encryption used in PKCS#8 encryption keys generated by OpenSSL
1.86 + */
1.87 + ECipherRC2_CBC_128_16,
1.88 + /**
1.89 + * ARC4 cipher with a supplied key length of 128 bits.
1.90 + * PKCS#12 PBE encryption algorithm
1.91 + */
1.92 + ECipherARC4_128,
1.93 + /**
1.94 + * ARC4 cipher with a supplied key length of 40 bits.
1.95 + * PKCS#12 PBE encryption algorithm
1.96 + */
1.97 + ECipherARC4_40,
1.98 + /**
1.99 + * 2_KeyTriple-DES cipher in CBC mode.
1.100 + * PKCS#12 PBE encryption algorithm
1.101 + */
1.102 + ECipher2Key3DES_CBC,
1.103 + /**
1.104 + * RC2 Cipher in CBC mode with a supplied & effective key length of 40 bits.
1.105 + * PKCS#12 PBE encryption algorithm
1.106 + */
1.107 + ECipherRC2_CBC_40_5,
1.108 + };
1.109 +
1.110 +/**
1.111 + * Allows the password based encryption and decryption of elements.
1.112 + * Contains the encryption key and its associated encryption data.
1.113 + * See the Cryptography api-guide documentation for more information
1.114 + * and sample code.
1.115 + */
1.116 +class CPBEncryptElement : public CPBEncryptionBase
1.117 + {
1.118 +public:
1.119 + /**
1.120 + * Creates a new CPBEncryptElement object for encryption of new data.
1.121 + *
1.122 + * If strong cryptography is present, a 128 bit AES cipher is used;
1.123 + * otherwise, for weak cryptography, a 56 bit DES cipher is used.
1.124 + *
1.125 + * The symmetric key is derived from the password and a random salt using TPKCS5KDF::DeriveKeyL().
1.126 + *
1.127 + * @param aPassword The user supplied password
1.128 + * @return The new CPBEncryptElement object
1.129 + */
1.130 + IMPORT_C static CPBEncryptElement* NewL(const TPBPassword& aPassword);
1.131 +
1.132 + /**
1.133 + * Creates a new CPBEncryptElement object for encryption of new data.
1.134 + *
1.135 + * If strong cryptography is present, a 128 bit AES cipher is used;
1.136 + * otherwise, for weak cryptography, a 56 bit DES cipher is used.
1.137 + *
1.138 + * The symmetric key is derived from the password and a random salt using TPKCS5KDF::DeriveKeyL().
1.139 + *
1.140 + * A pointer to the returned object is put onto the cleanup stack.
1.141 + *
1.142 + * @param aPassword The user supplied password
1.143 + * @return The new CPBEncryptElement object
1.144 + */
1.145 + IMPORT_C static CPBEncryptElement* NewLC(const TPBPassword& aPassword);
1.146 +
1.147 + /**
1.148 + * Creates a new CPBEncryptElement object for encryption of new data.
1.149 + *
1.150 + * The symmetric key is derived from the password and a random salt using TPKCS5KDF::DeriveKeyL().
1.151 + *
1.152 + * @param aPassword The user supplied password
1.153 + * @param aCipher The cipher to use
1.154 + * @return The new CPBEncryptElement object
1.155 + */
1.156 + IMPORT_C static CPBEncryptElement* NewL(const TPBPassword& aPassword,
1.157 + TPBECipher aCipher);
1.158 +
1.159 + /**
1.160 + * Creates a new CPBEncryptElement object for encryption of new data.
1.161 + *
1.162 + * The symmetric key is derived from the password and a random salt using TPKCS5KDF::DeriveKeyL().
1.163 + *
1.164 + * A pointer to the returned object is put onto the cleanup stack.
1.165 + *
1.166 + * @param aPassword The user supplied password
1.167 + * @param aCipher The cipher to use
1.168 + * @return The new CPBEncryptElement object
1.169 + */
1.170 + IMPORT_C static CPBEncryptElement* NewLC(const TPBPassword& aPassword,
1.171 + TPBECipher aCipher);
1.172 +
1.173 + /**
1.174 + * Creates a new CPBEncryptElement object for encryption of new data.
1.175 + *
1.176 + * The symmetric key is derived from the password using TPKCS5KDF::DeriveKeyL().
1.177 + *
1.178 + * @param aPassword The user supplied password
1.179 + * @param aParms An encryption parameter object comprising the cipher,
1.180 + * salt, IV, and iteration count value.
1.181 + * @return The new CPBEncryptElement object
1.182 + */
1.183 + IMPORT_C static CPBEncryptElement* NewL(const TPBPassword& aPassword,
1.184 + const CPBEncryptParms& aParms);
1.185 +
1.186 + /**
1.187 + * Creates a new CPBEncryptElement object for encryption of new data.
1.188 + *
1.189 + * The symmetric key is derived from the password using TPKCS5KDF::DeriveKeyL().
1.190 + *
1.191 + * A pointer to the returned object is put onto the cleanup stack.
1.192 + *
1.193 + * @param aPassword The user supplied password
1.194 + * @param aParms An encryption parameter object comprising the cipher,
1.195 + * salt, IV, and iteration count value.
1.196 + * @return The new CPBEncryptElement object
1.197 + */
1.198 + IMPORT_C static CPBEncryptElement* NewLC(const TPBPassword& aPassword,
1.199 + const CPBEncryptParms& aParms);
1.200 +
1.201 + /**
1.202 + * Creates a new CPBEncryptElement object for decryption of existing data.
1.203 + *
1.204 + * If the specified password is valid, the function regenerates the encryption key;
1.205 + * otherwise, it leaves with KErrBadPassphrase.
1.206 + *
1.207 + * @param aData The encryption data object
1.208 + * @param aPassword The user supplied password
1.209 + * @return The new CPBEncryptElement object
1.210 + * @leave KErrBadPassphrase If the specified password is incorrect
1.211 + */
1.212 + IMPORT_C static CPBEncryptElement* NewL(const CPBEncryptionData& aData,
1.213 + const TPBPassword& aPassword);
1.214 +
1.215 + /**
1.216 + * Creates a new CPBEncryptElement object for decryption of existing data.
1.217 + *
1.218 + * If the specified password is valid, the function regenerates the encryption key;
1.219 + * otherwise, it leaves with KErrBadPassphrase.
1.220 + *
1.221 + * A pointer to the returned object is put onto the cleanup stack.
1.222 + *
1.223 + * @param aData The encryption data object
1.224 + * @param aPassword The user supplied password
1.225 + * @return The new CPBEncryptElement object
1.226 + * @leave KErrBadPassphrase If the specified password is incorrect
1.227 + */
1.228 + IMPORT_C static CPBEncryptElement* NewLC(const CPBEncryptionData& aData,
1.229 + const TPBPassword& aPassword);
1.230 +
1.231 + /**
1.232 + * Gets the parameters allowing one to re-create the object with the
1.233 + * same state at another point in the future.
1.234 + *
1.235 + * In order to decrypt any information previously encrypted with this object,
1.236 + * you <B><I>must</I></B> store this encryption data along with it. Failure
1.237 + * to do this will result in the permanent loss of the encrypted information.
1.238 + *
1.239 + * @return The data allowing one to re-create this object at a later time.
1.240 + */
1.241 + const CPBEncryptionData& EncryptionData(void) const;
1.242 +
1.243 + /**
1.244 + * Constructs a CPBEncryptor object allowing the encryption of data.
1.245 + *
1.246 + * @return A pointer to a CPBEncryptor object.
1.247 + * The caller assumes ownership of the returned object.
1.248 + */
1.249 + CPBEncryptor* NewEncryptL(void) const;
1.250 +
1.251 + /**
1.252 + * Constructs a CPBEncryptor object allowing the encryption of data.
1.253 + *
1.254 + * @return A pointer to a CPBEncryptor object.
1.255 + * The caller assumes ownership of the returned object.
1.256 + * The returned pointer is left on the cleanup stack.
1.257 + */
1.258 + CPBEncryptor* NewEncryptLC(void) const;
1.259 +
1.260 + /**
1.261 + * Constructs a CPBDecryptor object allowing the decryption of data.
1.262 + *
1.263 + * @return A pointer to a CPBDecryptor object.
1.264 + * The caller assumes ownership of the returned object.
1.265 + */
1.266 + CPBDecryptor* NewDecryptL(void) const;
1.267 +
1.268 + /**
1.269 + * Constructs a CPBDecryptor object allowing the decryption of data.
1.270 + *
1.271 + * @return A pointer to a CPBDecryptor object.
1.272 + * The caller assumes ownership of the returned object.
1.273 + * The returned pointer is left on the cleanup stack.
1.274 + */
1.275 + CPBDecryptor* NewDecryptLC(void) const;
1.276 +
1.277 + /**
1.278 + * Gets the maximum output ciphertext length given a specified input plaintext length.
1.279 + *
1.280 + * @param aPlaintextLength The plaintext length
1.281 + * @return The maximum ciphertext length given a plaintext length.
1.282 + */
1.283 + TInt MaxCiphertextLength(TInt aPlaintextLength) const;
1.284 +
1.285 + /**
1.286 + * Gets the maximum output plaintext length given a specified input ciphertext length.
1.287 + *
1.288 + * @param aCiphertextLength The ciphertext length
1.289 + * @return The maximum plaintext length given a ciphertext length.
1.290 + */
1.291 + TInt MaxPlaintextLength(TInt aCiphertextLength) const;
1.292 +
1.293 + /** Destructor */
1.294 + virtual ~CPBEncryptElement(void);
1.295 +protected:
1.296 + /** @internalAll */
1.297 + void ConstructL(const TDesC8& aPassword);
1.298 + /** @internalAll */
1.299 + void ConstructL(const TDesC8& aPassword, const TPBECipher aCipher);
1.300 + /** @internalAll */
1.301 + void ConstructL(const TDesC8& aPassword, const CPBEncryptParms& aParms);
1.302 + /** @internalAll */
1.303 + void ConstructL(const CPBEncryptionData& aData, const TPBPassword& aPassword);
1.304 + /** @internalAll */
1.305 + TBool AuthenticateL(const TPBPassword& aPassword);
1.306 + /** @internalAll */
1.307 + void MakeEncryptKeyL(TUint aKeySize, const TDesC8& aPassword);
1.308 + /** @internalAll */
1.309 + CPBEncryptElement(void);
1.310 +protected:
1.311 + /** The encryption data */
1.312 + CPBEncryptionData* iData;
1.313 + /** The derived encryption key */
1.314 + HBufC8* iEncryptKey;
1.315 +private:
1.316 + CPBEncryptElement(const CPBEncryptElement&);
1.317 + CPBEncryptElement& operator= (const CPBEncryptElement&);
1.318 + };
1.319 +
1.320 +/**
1.321 + * Derived class to allow the efficient password based encryption and
1.322 + * decryption of multiple elements.
1.323 + *
1.324 + * This is useful if one wants random access to an encrypted source consisting
1.325 + * of multiple independent elements, for example, a database or a store.
1.326 + *
1.327 + * Since it is unreasonable to force the decryption of an entire set to allow
1.328 + * access to just a tiny portion of it, and since it is too costly to derive separate
1.329 + * keys for each element within the set, a single randomly generated <I>master</I>
1.330 + * key is used. This master key is encrypted with the password provided by the
1.331 + * user of the class. Known plaintext attacks against the ciphertext are prevented
1.332 + * by using a randomly chosen Initialisation Vector (IV) for each element.
1.333 + *
1.334 + * Contains the master encryption key.
1.335 + *
1.336 + * See the Cryptography api-guide documentation for more information and sample code.
1.337 + *
1.338 + * @see CPBEncryptElement
1.339 + *
1.340 + * @since v8.0
1.341 + */
1.342 +class CPBEncryptSet : public CPBEncryptElement
1.343 + {
1.344 +public:
1.345 + /**
1.346 + * Creates a new CPBEncryptSet object for encryption of new data
1.347 + * (and generates an encrypted master key).
1.348 + *
1.349 + * If strong cryptography is present, a 128 bit AES cipher is used;
1.350 + * otherwise, for weak cryptography, a 56 bit DES cipher is used.
1.351 + *
1.352 + * The symmetric key is derived from the password and a random salt using TPKCS5KDF::DeriveKeyL().
1.353 + *
1.354 + * @param aPassword The users password.
1.355 + * @return A new CPBEncryptSet object
1.356 + */
1.357 + IMPORT_C static CPBEncryptSet* NewL(const TPBPassword& aPassword);
1.358 +
1.359 + /**
1.360 + * Creates a new CPBEncryptSet object for encryption of new data
1.361 + * (and generates an encrypted master key).
1.362 + *
1.363 + * The returned pointer is put onto the cleanup stack.
1.364 + *
1.365 + * If strong cryptography is present, a 128 bit AES cipher is used;
1.366 + * otherwise, for weak cryptography, a 56 bit DES cipher is used.
1.367 + *
1.368 + * The symmetric key is derived from the password and a random salt using TPKCS5KDF::DeriveKeyL().
1.369 + *
1.370 + * @param aPassword The user supplied password
1.371 + * @return The new CPBEncryptSet object
1.372 + */
1.373 + IMPORT_C static CPBEncryptSet* NewLC(const TPBPassword& aPassword);
1.374 +
1.375 + /**
1.376 + * Creates a new CPBEncryptSet object for encryption of new data
1.377 + * (and generates an encrypted master key).
1.378 + *
1.379 + * The symmetric key is derived from the password and a random salt using TPKCS5KDF::DeriveKeyL().
1.380 + *
1.381 + * @param aPassword The user supplied password
1.382 + * @param aCipher The cipher to use
1.383 + * @return The new CPBEncryptSet object
1.384 + */
1.385 + IMPORT_C static CPBEncryptSet* NewL(const TPBPassword& aPassword,
1.386 + TPBECipher aCipher);
1.387 +
1.388 + /**
1.389 + * Creates a new CPBEncryptSet object for encryption of new data
1.390 + * (and generates an encrypted master key).
1.391 + *
1.392 + * The returned pointer is put onto the cleanup stack.
1.393 + *
1.394 + * The symmetric key is derived from the password and a random salt using TPKCS5KDF::DeriveKeyL().
1.395 + *
1.396 + * @param aPassword The user supplied password
1.397 + * @param aCipher The cipher to use
1.398 + * @return The new CPBEncryptSet object
1.399 + */
1.400 + IMPORT_C static CPBEncryptSet* NewLC(const TPBPassword& aPassword,
1.401 + TPBECipher aCipher);
1.402 +
1.403 + /**
1.404 + * Creates a new CPBEncryptSet object for encryption of new data
1.405 + * (and generates an encrypted master key).
1.406 + *
1.407 + * The symmetric key is derived from the password using TPKCS5KDF::DeriveKeyL().
1.408 + *
1.409 + * @param aPassword The user supplied password
1.410 + * @param aParms An encryption parameter object comprising the cipher,
1.411 + * salt, IV, and iteration count value.
1.412 + * @return The new CPBEncryptSet object
1.413 + */
1.414 + IMPORT_C static CPBEncryptSet* NewL(const TPBPassword& aPassword,
1.415 + const CPBEncryptParms& aParms);
1.416 +
1.417 + /**
1.418 + * Creates a new CPBEncryptSet object for encryption of new data
1.419 + * (and generates an encrypted master key).
1.420 + *
1.421 + * The returned pointer is put onto the cleanup stack.
1.422 + *
1.423 + * The symmetric key is derived from the password using TPKCS5KDF::DeriveKeyL().
1.424 + *
1.425 + * @param aPassword The user supplied password
1.426 + * @param aParms An encryption parameter object comprising the cipher,
1.427 + * salt, IV, and iteration count value.
1.428 + * @return The new CPBEncryptSet object
1.429 + */
1.430 + IMPORT_C static CPBEncryptSet* NewLC(const TPBPassword& aPassword,
1.431 + const CPBEncryptParms& aParms);
1.432 +
1.433 + /**
1.434 + * Creates a new CPBEncryptSet object for encryption of new data
1.435 + * (and generates an encrypted master key).
1.436 + *
1.437 + * If the specified password is valid, the function regenerates the encryption key;
1.438 + * otherwise, it leaves with KErrBadPassphrase.
1.439 + *
1.440 + * @param aData The encryption data object to copy
1.441 + * @param aEncryptedMasterKey On return, the encrypted master key
1.442 + * @param aPassword The user supplied password
1.443 + * @return The new CPBEncryptSet object
1.444 + * @leave KErrBadPassphrase If the specified password is incorrect
1.445 + */
1.446 + IMPORT_C static CPBEncryptSet* NewL(const CPBEncryptionData& aData,
1.447 + const TDesC8& aEncryptedMasterKey, const TPBPassword& aPassword);
1.448 +
1.449 + /**
1.450 + * Creates a new CPBEncryptSet object for encryption of new data
1.451 + * (and generates an encrypted master key).
1.452 + *
1.453 + * The returned pointer is put onto the cleanup stack.
1.454 + *
1.455 + * If the specified password is valid, the function regenerates the encryption key;
1.456 + * otherwise, it leaves with KErrBadPassphrase.
1.457 + *
1.458 + * @param aData The encryption data object to copy
1.459 + * @param aEncryptedMasterKey On return, the encrypted master key
1.460 + * @param aPassword The user supplied password
1.461 + * @return The new CPBEncryptSet object
1.462 + * @leave KErrBadPassphrase If the specified password is incorrect
1.463 + */
1.464 + IMPORT_C static CPBEncryptSet* NewLC(const CPBEncryptionData& aData,
1.465 + const TDesC8& aEncryptedMasterKey, const TPBPassword& aPassword);
1.466 +
1.467 + /**
1.468 + * Gets the encrypted form of the master key.
1.469 + *
1.470 + * This must be stored along with the object returned by CPBEncryptElement::EncryptionData()
1.471 + * in order for the object to be reconstructed with the same state at
1.472 + * some time in the future. Failure to do so will result in the permanent
1.473 + * loss of any information encrypted with this object.
1.474 + *
1.475 + * @return The encrypted master key.
1.476 + */
1.477 + IMPORT_C const TDesC8& EncryptedMasterKey(void) const;
1.478 +
1.479 + /**
1.480 + * Constructs a CPBEncryptor object based on the state of this object
1.481 + * (i.e., the cipher and master key) allowing the encryption of data.
1.482 + *
1.483 + * @return A pointer to a CPBEncryptor object.
1.484 + * The caller assumes ownership of the returned object.
1.485 + */
1.486 + CPBEncryptor* NewEncryptL(void) const;
1.487 +
1.488 + /**
1.489 + * Constructs a CPBEncryptor object based on the state of this object
1.490 + * (i.e., the cipher and master key) allowing the encryption of data.
1.491 + *
1.492 + * @return A pointer to a CPBEncryptor object.
1.493 + * The caller assumes ownership of the returned object.
1.494 + * The returned pointer is left on the cleanup stack.
1.495 + */
1.496 + CPBEncryptor* NewEncryptLC(void) const;
1.497 +
1.498 + /**
1.499 + * Constructs a CPBDecryptor object based on the state of this object
1.500 + * (i.e., the cipher and master key) allowing the decryption of data.
1.501 + *
1.502 + * @return A pointer to a CPBDecryptor object.
1.503 + * The caller assumes ownership of the returned object.
1.504 + */
1.505 + CPBDecryptor* NewDecryptL(void) const;
1.506 +
1.507 + /**
1.508 + * Constructs a CPBDecryptor object based on the state of this object
1.509 + * (i.e., the cipher and master key) allowing the decryption of data.
1.510 + *
1.511 + * @return A pointer to a CPBDecryptor object.
1.512 + * The caller assumes ownership of the returned object.
1.513 + * The returned pointer is left on the cleanup stack.
1.514 + */
1.515 + CPBDecryptor* NewDecryptLC(void) const;
1.516 +
1.517 + /**
1.518 + * Re-encrypts the master key with the specified new password.
1.519 + *
1.520 + * @param aNewPassword The new password
1.521 + */
1.522 + IMPORT_C void ChangePasswordL(const TPBPassword& aNewPassword);
1.523 +
1.524 + /**
1.525 + * Gets the maximum output ciphertext length given a specified input plaintext length.
1.526 + *
1.527 + * @param aPlaintextLength The plaintext length
1.528 + * @return The maximum ciphertext length given a plaintext length.
1.529 + */
1.530 + TInt MaxCiphertextLength(TInt aPlaintextLength) const;
1.531 +
1.532 + /**
1.533 + * Gets the maximum output plaintext length given a specified input ciphertext length.
1.534 + *
1.535 + * @param aCiphertextLength The ciphertext length
1.536 + * @return The maximum plaintext length given a ciphertext length.
1.537 + */
1.538 + TInt MaxPlaintextLength(TInt aCiphertextLength) const;
1.539 +
1.540 + /** Destructor */
1.541 + virtual ~CPBEncryptSet(void);
1.542 +protected:
1.543 + /** @internalAll */
1.544 + void ConstructL(const TDesC8& aPassword);
1.545 + /** @internalAll */
1.546 + void ConstructL(const TDesC8& aPassword, TPBECipher aCipher);
1.547 + /** @internalAll */
1.548 + void ConstructL(const TDesC8& aPassword, const CPBEncryptParms& aParms);
1.549 + /** @internalAll */
1.550 + void ConstructMasterKeyL(void);
1.551 + /** @internalAll */
1.552 + void ConstructL(const CPBEncryptionData& aData,
1.553 + const TDesC8& aEncryptedMasterKey, const TPBPassword& aPassword);
1.554 + /** @internalAll */
1.555 + void DecryptMasterKeyL(TDes8& aMasterKey) const;
1.556 + /** @internalAll */
1.557 + void EncryptMasterKeyL(const TDesC8& aMasterKey);
1.558 +protected:
1.559 + /** @internalAll */
1.560 + CPBEncryptSet(void);
1.561 + /** The derived encrypted master key*/
1.562 + HBufC8* iEncryptedMasterKey;
1.563 +private:
1.564 + CPBEncryptSet(const CPBEncryptSet&);
1.565 + CPBEncryptSet& operator= (const CPBEncryptSet&);
1.566 + };
1.567 +
1.568 +/**
1.569 + * Class representing both 8 and 16 bit descriptor passwords.
1.570 + * Internally these are stored as 8 bit passwords.
1.571 + */
1.572 +class TPBPassword
1.573 + {
1.574 +public:
1.575 + /**
1.576 + * Sets the password.
1.577 + *
1.578 + * Constructs a TPBPassword object with an 8 bit descriptor.
1.579 + *
1.580 + * Internally this is represented as an octet byte sequence
1.581 + * (aka 8 bit TPtrC8 descriptor).
1.582 + *
1.583 + * @param aPassword A const reference to an 8 bit descriptor.
1.584 + * representing the users initial password.
1.585 + */
1.586 + IMPORT_C TPBPassword(const TDesC8& aPassword);
1.587 +
1.588 + /**
1.589 + * Sets the password.
1.590 + *
1.591 + * Constructs a TPBPassword object with a 16 bit descriptor.
1.592 + *
1.593 + * Internally this is represented as an octet byte sequence
1.594 + * (aka 8 bit TPtrC8 descriptor).
1.595 + *
1.596 + * @param aPassword A const reference to a 16 bit descriptor
1.597 + * representing the users initial password.
1.598 + */
1.599 + IMPORT_C TPBPassword(const TDesC16& aPassword);
1.600 +
1.601 + /**
1.602 + * Gets the password.
1.603 + *
1.604 + * Gets a const reference to an 8 bit descriptor representing the users
1.605 + * initial password (which could have been either 8 or 16 bit).
1.606 + *
1.607 + * @return A const reference to an 8 bit descriptor.
1.608 + */
1.609 + IMPORT_C const TDesC8& Password(void) const;
1.610 +private:
1.611 + TPtrC8 iPassword;
1.612 + };
1.613 +
1.614 +#endif