1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/crypto/Signed.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,571 @@
1.4 +/*
1.5 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +#include <bigint.h>
1.23 +#include <asymmetric.h>
1.24 +#include <hash.h>
1.25 +#include <padding.h>
1.26 +#include <keyidentifierutil.h>
1.27 +#include <signed.h>
1.28 +
1.29 +//RSA signature result
1.30 +EXPORT_C TBool CRSASignatureResult::operator== (const CRSASignatureResult& aResult) const
1.31 + {
1.32 + return ((*(iDigestAlgorithm) == *(aResult.iDigestAlgorithm)) &&
1.33 + (*(iDigest)==*(aResult.iDigest)));
1.34 + }
1.35 +
1.36 +EXPORT_C CRSASignatureResult::~CRSASignatureResult()
1.37 + {
1.38 + delete iDigestAlgorithm;
1.39 + delete iDigest;
1.40 + }
1.41 +
1.42 +//validity period
1.43 +EXPORT_C CValidityPeriod::CValidityPeriod(const CValidityPeriod& aValidityPeriod)
1.44 + :iStart(aValidityPeriod.iStart), iFinish(aValidityPeriod.iFinish)
1.45 + {
1.46 + }
1.47 +
1.48 +EXPORT_C CValidityPeriod::CValidityPeriod()
1.49 + {
1.50 + }
1.51 +
1.52 +EXPORT_C TBool CValidityPeriod::Valid(const TTime& aTime) const
1.53 + {
1.54 + return ((iStart < aTime) && (iFinish > aTime));
1.55 + }
1.56 +
1.57 +EXPORT_C const TTime& CValidityPeriod::Start() const
1.58 + {
1.59 + return iStart;
1.60 + }
1.61 +
1.62 +EXPORT_C const TTime& CValidityPeriod::Finish() const
1.63 + {
1.64 + return iFinish;
1.65 + }
1.66 +
1.67 +//******************************************************************************//
1.68 +//algorithm id
1.69 +EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewL(const CAlgorithmIdentifier& aAlgorithmIdentifier)
1.70 + {
1.71 + CAlgorithmIdentifier* self = CAlgorithmIdentifier::NewLC(aAlgorithmIdentifier);
1.72 + CleanupStack::Pop();//self
1.73 + return self;
1.74 + }
1.75 +
1.76 +EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewLC(const CAlgorithmIdentifier& aAlgorithmIdentifier)
1.77 + {
1.78 + CAlgorithmIdentifier* self = new(ELeave) CAlgorithmIdentifier;
1.79 + CleanupStack::PushL(self);
1.80 + self->ConstructL(aAlgorithmIdentifier);
1.81 + return self;
1.82 + }
1.83 +
1.84 +EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewL(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams)
1.85 + {
1.86 + CAlgorithmIdentifier* self = CAlgorithmIdentifier::NewLC(aAlgorithmId, aEncodedParams);
1.87 + CleanupStack::Pop();//self
1.88 + return self;
1.89 + }
1.90 +
1.91 +EXPORT_C CAlgorithmIdentifier* CAlgorithmIdentifier::NewLC(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams)
1.92 + {
1.93 + CAlgorithmIdentifier* self = new(ELeave) CAlgorithmIdentifier(aAlgorithmId);
1.94 + CleanupStack::PushL(self);
1.95 + self->ConstructL(aEncodedParams);
1.96 + return self;
1.97 + }
1.98 +
1.99 +EXPORT_C CAlgorithmIdentifier::CAlgorithmIdentifier(TAlgorithmId& aAlgorithmId)
1.100 + :iAlgorithmId(aAlgorithmId)
1.101 + {
1.102 + }
1.103 +
1.104 +EXPORT_C CAlgorithmIdentifier::CAlgorithmIdentifier()
1.105 + {
1.106 + }
1.107 +
1.108 +EXPORT_C void CAlgorithmIdentifier::ConstructL(const TDesC8& aEncodedParams)
1.109 + {
1.110 + iEncodedParams = aEncodedParams.AllocL();
1.111 + }
1.112 +
1.113 +
1.114 +EXPORT_C TBool CAlgorithmIdentifier::operator==(const CAlgorithmIdentifier& aAlgorithmIdentifier) const
1.115 + {
1.116 + return ((iAlgorithmId == aAlgorithmIdentifier.iAlgorithmId) &&
1.117 + (*(iEncodedParams) == *(aAlgorithmIdentifier.iEncodedParams)));
1.118 + }
1.119 +
1.120 +EXPORT_C TAlgorithmId CAlgorithmIdentifier::Algorithm() const
1.121 + {
1.122 + return iAlgorithmId;
1.123 + }
1.124 +
1.125 +EXPORT_C TPtrC8 CAlgorithmIdentifier::EncodedParams() const
1.126 + {
1.127 + return iEncodedParams->Des();
1.128 + }
1.129 +
1.130 +EXPORT_C CAlgorithmIdentifier::~CAlgorithmIdentifier()
1.131 + {
1.132 + delete iEncodedParams;
1.133 + }
1.134 +
1.135 +EXPORT_C void CAlgorithmIdentifier::ConstructL(const CAlgorithmIdentifier& aAlgorithmIdentifier)
1.136 + {
1.137 + iAlgorithmId = aAlgorithmIdentifier.iAlgorithmId;
1.138 + iEncodedParams = aAlgorithmIdentifier.iEncodedParams->AllocL();
1.139 + }
1.140 +
1.141 +//***********************************************************************//
1.142 +//signing algorithm id
1.143 +EXPORT_C CSigningAlgorithmIdentifier* CSigningAlgorithmIdentifier::NewL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier)
1.144 + {
1.145 + CSigningAlgorithmIdentifier* self = CSigningAlgorithmIdentifier::NewLC(aSigningAlgorithmIdentifier);
1.146 + CleanupStack::Pop();//self
1.147 + return self;
1.148 + }
1.149 +
1.150 +EXPORT_C CSigningAlgorithmIdentifier* CSigningAlgorithmIdentifier::NewLC(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier)
1.151 + {
1.152 + CSigningAlgorithmIdentifier* self = new(ELeave) CSigningAlgorithmIdentifier;
1.153 + CleanupStack::PushL(self);
1.154 + self->ConstructL(aSigningAlgorithmIdentifier);
1.155 + return self;
1.156 + }
1.157 +
1.158 +EXPORT_C TBool CSigningAlgorithmIdentifier::operator == (const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier) const
1.159 + {
1.160 + return ((*(iAsymmetricAlgorithm) == *(aSigningAlgorithmIdentifier.iAsymmetricAlgorithm)) &&
1.161 + (*(iDigestAlgorithm) == *(aSigningAlgorithmIdentifier.iDigestAlgorithm)));
1.162 + }
1.163 +
1.164 +void CSigningAlgorithmIdentifier::ConstructL(const CSigningAlgorithmIdentifier& aAlgorithmIdentifier)
1.165 + {
1.166 + iAsymmetricAlgorithm = CAlgorithmIdentifier::NewL(*(aAlgorithmIdentifier.iAsymmetricAlgorithm));
1.167 + iDigestAlgorithm = CAlgorithmIdentifier::NewL(*(aAlgorithmIdentifier.iDigestAlgorithm));
1.168 + }
1.169 +
1.170 +EXPORT_C const CAlgorithmIdentifier& CSigningAlgorithmIdentifier::AsymmetricAlgorithm() const
1.171 + {
1.172 + return *iAsymmetricAlgorithm;
1.173 + }
1.174 +
1.175 +EXPORT_C const CAlgorithmIdentifier& CSigningAlgorithmIdentifier::DigestAlgorithm() const
1.176 + {
1.177 + return *iDigestAlgorithm;
1.178 + }
1.179 +
1.180 +EXPORT_C CSigningAlgorithmIdentifier::~CSigningAlgorithmIdentifier()
1.181 + {
1.182 + delete iAsymmetricAlgorithm;
1.183 + delete iDigestAlgorithm;
1.184 + }
1.185 +
1.186 +//************************************************************************//
1.187 +//subject public key info
1.188 +EXPORT_C CSubjectPublicKeyInfo* CSubjectPublicKeyInfo::NewL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
1.189 + {
1.190 + CSubjectPublicKeyInfo* self = CSubjectPublicKeyInfo::NewLC(aSubjectPublicKeyInfo);
1.191 + CleanupStack::Pop();//self
1.192 + return self;
1.193 + }
1.194 +
1.195 +EXPORT_C CSubjectPublicKeyInfo* CSubjectPublicKeyInfo::NewLC(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
1.196 + {
1.197 + CSubjectPublicKeyInfo* self = new(ELeave) CSubjectPublicKeyInfo;
1.198 + CleanupStack::PushL(self);
1.199 + self->ConstructL(aSubjectPublicKeyInfo);
1.200 + return self;
1.201 + }
1.202 +
1.203 +EXPORT_C TAlgorithmId CSubjectPublicKeyInfo::AlgorithmId() const
1.204 + {
1.205 + return iAlgId->Algorithm();
1.206 + }
1.207 +
1.208 +EXPORT_C const TPtrC8 CSubjectPublicKeyInfo::EncodedParams() const
1.209 + {
1.210 + return iAlgId->EncodedParams();
1.211 + }
1.212 +
1.213 +EXPORT_C const TPtrC8 CSubjectPublicKeyInfo::KeyData() const
1.214 + {
1.215 + return iEncodedKeyData->Des();
1.216 + }
1.217 +
1.218 +EXPORT_C CSubjectPublicKeyInfo::~CSubjectPublicKeyInfo()
1.219 + {
1.220 + delete iAlgId;
1.221 + delete iEncodedKeyData;
1.222 + }
1.223 +
1.224 +EXPORT_C void CSubjectPublicKeyInfo::ConstructL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo)
1.225 + {
1.226 + iAlgId = CAlgorithmIdentifier::NewL(*(aSubjectPublicKeyInfo.iAlgId));
1.227 + iEncodedKeyData = aSubjectPublicKeyInfo.iEncodedKeyData->AllocL();
1.228 + }
1.229 +
1.230 +//******************************************************************//
1.231 +//signed object parameters
1.232 +
1.233 + //ctors
1.234 +
1.235 +EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewL()
1.236 + {
1.237 + CSigningKeyParameters* self = new(ELeave) CSigningKeyParameters;
1.238 + return self;
1.239 + }
1.240 +
1.241 +EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewLC()
1.242 + {
1.243 + CSigningKeyParameters* self = CSigningKeyParameters::NewL();
1.244 + CleanupStack::PushL(self);
1.245 + return self;
1.246 + }
1.247 +
1.248 + //copy ctors
1.249 +EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewL(const CSigningKeyParameters& aParameters)
1.250 + {
1.251 + CSigningKeyParameters* self = CSigningKeyParameters::NewLC(aParameters);
1.252 + CleanupStack::Pop();
1.253 + return self;
1.254 + }
1.255 +
1.256 +EXPORT_C CSigningKeyParameters* CSigningKeyParameters::NewLC(const CSigningKeyParameters& aParameters)
1.257 + {
1.258 + CSigningKeyParameters* self = new(ELeave) CSigningKeyParameters;
1.259 + CleanupStack::PushL(self);
1.260 + self->ConstructL(aParameters);
1.261 + return self;
1.262 + }
1.263 +
1.264 +void CSigningKeyParameters::ConstructL(const CSigningKeyParameters& aParameters)
1.265 + {
1.266 + SetDSAParamsL(*(aParameters.iDSAParams));
1.267 + }
1.268 +
1.269 + //dtor
1.270 +EXPORT_C CSigningKeyParameters::~CSigningKeyParameters()
1.271 + {
1.272 + delete iDSAParams;
1.273 + }
1.274 +
1.275 +EXPORT_C void CSigningKeyParameters::SetDSAParamsL(const CDSAParameters& aParams)
1.276 + {
1.277 + delete iDSAParams;
1.278 + iDSAParams = NULL; // In case the next fails
1.279 +
1.280 +// Copy the TIntegers
1.281 + RInteger p = RInteger::NewL(aParams.P());
1.282 + CleanupStack::PushL(p);
1.283 +
1.284 + RInteger q = RInteger::NewL(aParams.Q());
1.285 + CleanupStack::PushL(q);
1.286 +
1.287 + RInteger g = RInteger::NewL(aParams.G());
1.288 + CleanupStack::PushL(g);
1.289 +
1.290 + iDSAParams = CDSAParameters::NewL(p, q, g);
1.291 + CleanupStack::Pop(3, &p);
1.292 + }
1.293 +
1.294 +const CDSAParameters* CSigningKeyParameters::DSAParams() const
1.295 + {
1.296 + return iDSAParams;
1.297 + }
1.298 +
1.299 +CSigningKeyParameters::CSigningKeyParameters()
1.300 + {
1.301 + }
1.302 +
1.303 +//******************************************************************//
1.304 +//signed object
1.305 +EXPORT_C TBool CSignedObject::VerifySignatureL(const TDesC8& aEncodedKey) const
1.306 + {
1.307 + const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
1.308 + const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
1.309 +
1.310 + TBool verifyResult = EFalse;
1.311 + if (algId.Algorithm() == EDSA)
1.312 + {
1.313 + if (digestId.Algorithm() != ESHA1)
1.314 + {
1.315 + User::Leave(KErrArgument);
1.316 + }
1.317 +
1.318 + CSHA1* sha1 = CSHA1::NewL();
1.319 + CleanupStack::PushL(sha1);
1.320 + TPtrC8 signedData = SignedDataL();
1.321 + TPtrC8 hash = sha1->Final(signedData);
1.322 + verifyResult=VerifySignatureL(aEncodedKey, hash);
1.323 + CleanupStack::PopAndDestroy(sha1);//hash
1.324 + }
1.325 + else
1.326 + {
1.327 + TRAPD(result, verifyResult = VerifyRSASignatureL(aEncodedKey));
1.328 + if (result==KErrNoMemory) // Leave if OOM, anything else is a verify
1.329 + User::Leave(result); // error => verifyResult = EFalse
1.330 +
1.331 + }
1.332 +
1.333 + return verifyResult;
1.334 + }
1.335 +
1.336 +EXPORT_C TBool CSignedObject::VerifySignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const
1.337 + {
1.338 + const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
1.339 + const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
1.340 +
1.341 + TBool verifyResult = EFalse;
1.342 + if (algId.Algorithm() == EDSA)
1.343 + {
1.344 + if (digestId.Algorithm() != ESHA1)
1.345 + {
1.346 + User::Leave(KErrArgument);
1.347 + }
1.348 +
1.349 + CDSAPublicKey* key = NULL;
1.350 + if (algId.EncodedParams().Length() != 0)
1.351 + {
1.352 + key = iKeyFactory->DSAPublicKeyL(algId.EncodedParams(), aEncodedKey);
1.353 + }
1.354 + else
1.355 + {
1.356 + if (iParameters != NULL)
1.357 + {
1.358 + const CDSAParameters* params = iParameters->DSAParams();
1.359 + if (!params)
1.360 + {
1.361 + User::Leave(KErrArgument);//no params
1.362 + }
1.363 + else
1.364 + {
1.365 + key = iKeyFactory->DSAPublicKeyL(*params, aEncodedKey);
1.366 + }
1.367 + }
1.368 + }
1.369 + if (key == NULL)
1.370 + {
1.371 + User::Leave(KErrArgument);
1.372 + }
1.373 + CleanupStack::PushL(key);
1.374 + CDSAVerifier* verifier = CDSAVerifier::NewLC(*key);
1.375 + CDSASignature* sig = iKeyFactory->DSASignatureL(Signature());
1.376 + CleanupStack::PushL(sig);
1.377 + verifyResult = verifier->VerifyL(aHash, *sig);
1.378 + CleanupStack::PopAndDestroy(3);// key, verifier, sig
1.379 + }
1.380 + else
1.381 + {
1.382 + TRAPD(result, verifyResult = VerifyRSASignatureL(aEncodedKey, aHash));
1.383 + if (result==KErrNoMemory) // Leave if OOM, anything else is a verify
1.384 + User::Leave(result); // error => verifyResult = EFalse
1.385 +
1.386 + }
1.387 + return verifyResult;
1.388 +
1.389 + }
1.390 +
1.391 +TBool CSignedObject::VerifyRSASignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const
1.392 + {
1.393 + __UHEAP_MARK;
1.394 + const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
1.395 + const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
1.396 + if (algId.Algorithm() != ERSA)
1.397 + {
1.398 + User::Leave(KErrArgument);
1.399 + }
1.400 +
1.401 + //Get the public key
1.402 + CRSAPublicKey* key = iKeyFactory->RSAPublicKeyL(aEncodedKey);
1.403 + CleanupStack::PushL(key);
1.404 +
1.405 + CRSAPKCS1v15Verifier* verifier = CRSAPKCS1v15Verifier::NewLC(*key);
1.406 +
1.407 + RInteger sig = RInteger::NewL(Signature());
1.408 + CleanupStack::PushL(sig);
1.409 + CRSASignature* theSignature = CRSASignature::NewL(sig);
1.410 + CleanupStack::Pop(&sig);
1.411 + CleanupStack::PushL(theSignature);
1.412 +
1.413 + HBufC8* publicDecryptOutput = verifier->InverseSignLC(*theSignature);
1.414 +
1.415 + //Now verify it
1.416 + TPtrC8 hash(aHash);
1.417 + CRSASignatureResult* decoder = iKeyFactory->RSASignatureResultL(digestId, hash);
1.418 + CleanupStack::PushL(decoder);
1.419 +
1.420 + TPtr8 outputPtr(publicDecryptOutput->Des());
1.421 + TBool verified = decoder->VerifyL(outputPtr);
1.422 + CleanupStack::PopAndDestroy(5, key); // decoder, publicDecryptOutput, theSignature
1.423 + // verifier, key,
1.424 + __UHEAP_MARKEND;
1.425 + return (verified);
1.426 + }
1.427 +
1.428 +// x509 signature comprises of an AlgID and the signed data itself, so a simple
1.429 +// verify is not possible (the data returned from public decrypt will not match
1.430 +// the original data signed because of the extra algID appendage).
1.431 +//
1.432 +TBool CSignedObject::VerifyRSASignatureL(const TDesC8& aEncodedKey) const
1.433 + {
1.434 + __UHEAP_MARK;
1.435 + const CAlgorithmIdentifier& algId = iSigningAlgorithm->AsymmetricAlgorithm();
1.436 + const CAlgorithmIdentifier& digestId = iSigningAlgorithm->DigestAlgorithm();
1.437 + if (algId.Algorithm() != ERSA)
1.438 + {
1.439 + User::Leave(KErrArgument);
1.440 + }
1.441 + CMessageDigest* digest = NULL;
1.442 + switch(digestId.Algorithm())
1.443 + {
1.444 + case EMD2:
1.445 + {
1.446 + digest = CMD2::NewL();
1.447 + break;
1.448 + }
1.449 + case EMD5:
1.450 + {
1.451 + digest = CMD5::NewL();
1.452 + break;
1.453 + }
1.454 + case ESHA1:
1.455 + {
1.456 + digest = CSHA1::NewL();
1.457 + break;
1.458 + }
1.459 + case ESHA224:
1.460 + {
1.461 + digest = CSHA2::NewL(E224Bit);
1.462 + break;
1.463 + }
1.464 + case ESHA256:
1.465 + {
1.466 + digest = CSHA2::NewL(E256Bit);
1.467 + break;
1.468 + }
1.469 + case ESHA384:
1.470 + {
1.471 + digest = CSHA2::NewL(E384Bit);
1.472 + break;
1.473 + }
1.474 + case ESHA512:
1.475 + {
1.476 + digest = CSHA2::NewL(E512Bit);
1.477 + break;
1.478 + }
1.479 +
1.480 + default:
1.481 + User::Leave(KErrArgument);
1.482 + }
1.483 +
1.484 + //Hash the data
1.485 + CleanupStack::PushL(digest);
1.486 + TPtrC8 hash = digest->Final(SignedDataL());
1.487 + TBool verifyResult=VerifyRSASignatureL(aEncodedKey, hash);
1.488 + CleanupStack::PopAndDestroy(digest);
1.489 + __UHEAP_MARKEND;
1.490 + return verifyResult;
1.491 + }
1.492 +
1.493 +EXPORT_C void CSignedObject::SetParametersL(const CSigningKeyParameters& aParameters)
1.494 + {
1.495 + delete iParameters;
1.496 + iParameters = NULL; // In case next fails
1.497 + iParameters = CSigningKeyParameters::NewL(aParameters);
1.498 + }
1.499 +
1.500 +EXPORT_C const TPtrC8 CSignedObject::Signature() const
1.501 + {
1.502 + return iSignature->Des();
1.503 + }
1.504 +
1.505 +EXPORT_C const TPtrC8 CSignedObject::Encoding() const
1.506 + {
1.507 + return iEncoding->Des();
1.508 + }
1.509 +
1.510 +EXPORT_C const CSigningAlgorithmIdentifier& CSignedObject::SigningAlgorithm() const
1.511 + {
1.512 + return *iSigningAlgorithm;
1.513 + }
1.514 +
1.515 +EXPORT_C const TPtrC8 CSignedObject::Fingerprint() const
1.516 + {
1.517 + return iFingerprint->Des();
1.518 + }
1.519 +
1.520 +EXPORT_C CSignedObject::~CSignedObject()
1.521 + {
1.522 + delete iParameters;
1.523 + delete iKeyFactory;
1.524 + delete iFingerprint;
1.525 + delete iEncoding;
1.526 + delete iSignature;
1.527 + delete iSigningAlgorithm;
1.528 + }
1.529 +
1.530 +EXPORT_C void CSignedObject::ExternalizeL(RWriteStream& aStream) const
1.531 + {
1.532 + aStream.WriteInt32L(iEncoding->Length());
1.533 + aStream.WriteL(*iEncoding);
1.534 + }
1.535 +
1.536 +
1.537 +//****************************************************************************************//
1.538 +//certificate base
1.539 +EXPORT_C CCertificate::~CCertificate()
1.540 + {
1.541 + delete iSerialNumber;
1.542 + delete iValidityPeriod;
1.543 + delete iSubjectPublicKeyInfo;
1.544 + }
1.545 +
1.546 +EXPORT_C const TPtrC8 CCertificate::SerialNumber() const
1.547 + {
1.548 + return iSerialNumber->Des();
1.549 + }
1.550 +
1.551 +EXPORT_C const CValidityPeriod& CCertificate::ValidityPeriod() const
1.552 + {
1.553 + return *iValidityPeriod;
1.554 + }
1.555 +
1.556 +EXPORT_C const CSubjectPublicKeyInfo& CCertificate::PublicKey() const
1.557 + {
1.558 + return *iSubjectPublicKeyInfo;
1.559 + }
1.560 +
1.561 +EXPORT_C TKeyIdentifier CCertificate::KeyIdentifierL() const
1.562 + {
1.563 + if (iSubjectPublicKeyInfo->AlgorithmId() != ERSA)
1.564 + {
1.565 + User::Leave(KErrNotSupported);
1.566 + }
1.567 +
1.568 + CRSAPublicKey* rsaKey = iKeyFactory->RSAPublicKeyL(iSubjectPublicKeyInfo->KeyData());
1.569 + CleanupStack::PushL(rsaKey);
1.570 + TKeyIdentifier retVal;
1.571 + KeyIdentifierUtil::RSAKeyIdentifierL(*rsaKey, retVal);
1.572 + CleanupStack::PopAndDestroy(rsaKey);
1.573 + return retVal;
1.574 + }