1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/inc/pkixvalidationresult_v2.h Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,243 @@
1.4 +/*
1.5 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +* PKIXVALIDATIONRESULT.H
1.19 +* Implementation of the class storing PKIX validation result information
1.20 +*
1.21 +*/
1.22 +
1.23 +
1.24 +/**
1.25 + @file
1.26 + @publishedAll
1.27 + @released
1.28 +*/
1.29 +
1.30 +#ifndef __PKIXVALIDATIONRESULT_H__
1.31 +#define __PKIXVALIDATIONRESULT_H__
1.32 +
1.33 +#include <x509certchain.h>
1.34 +#include <x509certext.h>
1.35 +
1.36 +class RReadStream;
1.37 +/**
1.38 + * Base class for CPKIXValidationResult.
1.39 + */
1.40 +class CPKIXValidationResultBase : public CBase
1.41 + {
1.42 +public:
1.43 + /** Creates a new PKIX Validation Result object.
1.44 + *
1.45 + * @return The new PKIX Validation Result object. */
1.46 + IMPORT_C static CPKIXValidationResultBase* NewL();
1.47 +
1.48 + /** Creates a new PKIX Validation Result object, and puts a pointer to it onto
1.49 + * the cleanup stack.
1.50 + *
1.51 + * @return The new PKIX Validation Result object. */
1.52 + IMPORT_C static CPKIXValidationResultBase* NewLC();
1.53 +
1.54 + /** Creates a new PKIX Validation Result object from a stream.
1.55 + *
1.56 + * @return The new PKIX Validation Result object. */
1.57 + IMPORT_C static CPKIXValidationResultBase* NewL(RReadStream& aStream);
1.58 +
1.59 + /** Creates a new PKIX Validation Result object from a stream, and puts a pointer to it onto
1.60 + * the cleanup stack.
1.61 + *
1.62 + * @return The new PKIX Validation Result object. */
1.63 + IMPORT_C static CPKIXValidationResultBase* NewLC(RReadStream& aStream);
1.64 +
1.65 + /** The destructor.
1.66 + *
1.67 + * Frees all resources owned by the object. */
1.68 + IMPORT_C ~CPKIXValidationResultBase();
1.69 +
1.70 + /** Gets the error status of the operation.
1.71 + *
1.72 + * Errors are considered fatal, i.e. validation has failed.
1.73 + *
1.74 + * @return The error status of the operation. */
1.75 + IMPORT_C const TValidationStatus Error() const;
1.76 +
1.77 + /** Gets a list of warnings generated.
1.78 + *
1.79 + * The warnings may or may not be fatal, depending on the context, which the
1.80 + * client is expected to provide.
1.81 + *
1.82 + * @return An array of any warnings generated. */
1.83 + IMPORT_C const CArrayFixFlat<TValidationStatus>& Warnings() const;
1.84 +
1.85 + /** Gets a list of all the certificate policies which have been accepted implicitly
1.86 + * in the course of validation.
1.87 + *
1.88 + * @return An array of certificate policies. */
1.89 + IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const;
1.90 +
1.91 + /** Resets the validation result object to its default values.
1.92 + * @internalTechnology
1.93 + */
1.94 + void Reset();
1.95 +
1.96 + /** Sets the error status, and then leaves.
1.97 + *
1.98 + * The function uses SetError() to set the error status.
1.99 + *
1.100 + * @param aError The error type that occurred when validating the certificate chain.
1.101 + * @param aCert The index number identifying the certificate that gave rise to
1.102 + * the error.
1.103 + * @internalTechnology
1.104 + */
1.105 + void SetErrorAndLeaveL(const TValidationError aError, const TInt aCert);
1.106 +
1.107 + /** Sets the error status.
1.108 + *
1.109 + * @param aError The error type that occurred when validating the certificate chain.
1.110 + * @param aCert The index number identifying the certificate that gave rise to
1.111 + * the error.
1.112 + * @internalTechnology
1.113 + */
1.114 + void SetError(const TValidationError aError, const TInt aCert);
1.115 +
1.116 + /** Adds a warning to the validation result.
1.117 + *
1.118 + * @param aWarning The warning to be added.
1.119 + * @internalTechnology
1.120 + */
1.121 + void AppendWarningL(TValidationStatus aWarning);
1.122 +
1.123 + /** Adds a policy to the validation result.
1.124 + *
1.125 + * @param aPolicy The policy to be added.
1.126 + * @internalTechnology
1.127 + */
1.128 + void AppendPolicyL(CX509CertPolicyInfo& aPolicy);
1.129 +
1.130 + /** Removes all policies from the validation result.
1.131 + *
1.132 + * It is used by the validation process to remove policies it has added when
1.133 + * the computation cannot complete because of environmental conditions such as
1.134 + * out of memory, file access failures, etc..
1.135 + * @internalTechnology
1.136 + */
1.137 + // (not like signature validation...)
1.138 + void RemovePolicies();
1.139 +
1.140 + // Internalization/Externalization
1.141 + // Externalize. Writes the data out to a stream
1.142 + /** Externalises an object of this class to a write stream.
1.143 + *
1.144 + * The presence of this function means that the standard templated operator<<()
1.145 + * can be used to externalise objects of this class.
1.146 + *
1.147 + * @param aStream Stream to which the object should be externalised. */
1.148 + IMPORT_C void ExternalizeL(RWriteStream& aStream) const;
1.149 +
1.150 + // Internalize. Reads the data from a stream
1.151 + /** Internalises an object of this class from a read stream.
1.152 + *
1.153 + * The presence of this function means that the standard templated operator>>()
1.154 + * can be used to internalise objects of this class.
1.155 + *
1.156 + * Note that this function has assignment semantics: it replaces the old value
1.157 + * of the object with a new value read from the read stream.
1.158 + *
1.159 + * @param aStream Stream from which the object should be internalised. */
1.160 + IMPORT_C void InternalizeL(RReadStream& aStream);
1.161 +
1.162 + /** Returns a list of critical extensions encountered and warnings generated by
1.163 + * certificates during chain validation.
1.164 + *
1.165 + * @return An array of certificate warnings. */
1.166 + IMPORT_C const RPointerArray<CCertificateValidationWarnings>& ValidationWarnings() const;
1.167 +
1.168 + /** Adds a certificate warning to the validation result.
1.169 + *
1.170 + * @param aCertWarning The warning to be added. */
1.171 + IMPORT_C void AppendCertificateValidationObjectL(const CCertificateValidationWarnings& aCertWarning);
1.172 +
1.173 + /** Adds a critical extension OID warning.
1.174 + *
1.175 + * @param aCriticalExt The critical extension OID to be added. */
1.176 + IMPORT_C void AppendCriticalExtensionWarningL(TDesC& aCriticalExt);
1.177 +
1.178 +protected:
1.179 + IMPORT_C CPKIXValidationResultBase();
1.180 + IMPORT_C void ConstructL();
1.181 +
1.182 +private:
1.183 + TValidationStatus iError;
1.184 + CArrayFixFlat<TValidationStatus>* iWarnings;
1.185 + CArrayPtrFlat<CX509CertPolicyInfo>* iPolicies;
1.186 + RPointerArray<CCertificateValidationWarnings> iCertWarnings;
1.187 + };
1.188 +
1.189 +/** Stores the information regarding the results of a validation of a PKIX
1.190 +* certificate chain.
1.191 +*
1.192 +* @since v6.0 */
1.193 +class CPKIXValidationResult : public CPKIXValidationResultBase
1.194 + {
1.195 +public:
1.196 + /** Creates a new PKIX Validation Result object.
1.197 + *
1.198 + * @return The new PKIX Validation Result object. */
1.199 + IMPORT_C static CPKIXValidationResult* NewL();
1.200 +
1.201 + /** Creates a new PKIX Validation Result object, and puts a pointer to it onto
1.202 + * the cleanup stack.
1.203 + *
1.204 + * @return The new PKIX Validation Result object. */
1.205 + IMPORT_C static CPKIXValidationResult* NewLC();
1.206 +
1.207 + /** The destructor.
1.208 + *
1.209 + * Frees all resources owned by the object. */
1.210 + IMPORT_C ~CPKIXValidationResult();
1.211 +
1.212 + /** Gets the error status of the operation.
1.213 + *
1.214 + * Errors are considered fatal, i.e. validation has failed.
1.215 + *
1.216 + * @return The error status of the operation. */
1.217 + IMPORT_C const TValidationStatus Error() const;
1.218 +
1.219 + /** Gets a list of warnings generated.
1.220 + *
1.221 + * The warnings may or may not be fatal, depending on the context, which the
1.222 + * client is expected to provide.
1.223 + *
1.224 + * @return An array of any warnings generated. */
1.225 + IMPORT_C const CArrayFixFlat<TValidationStatus>& Warnings() const;
1.226 +
1.227 + /** Gets a list of all the certificate policies which have been accepted implicitly
1.228 + * in the course of validation.
1.229 + *
1.230 + * @return An array of certificate policies. */
1.231 + IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const;
1.232 +
1.233 + /** Returns a list of critical extensions encountered and warnings generated by
1.234 + * certificates during chain validation. A CCertificateWarning object is returned for
1.235 + * each certificate in the chain, even if no critical extensions or warnings were
1.236 + * encountered. The array's data is in the same order as the certificate chain.
1.237 + *
1.238 + * @return An array of certificate warnings. Ownership is not transferred
1.239 + * to the caller. */
1.240 + IMPORT_C const RPointerArray<CCertificateValidationWarnings>& ValidationWarnings() const;
1.241 +
1.242 +private:
1.243 + CPKIXValidationResult();
1.244 + };
1.245 +
1.246 +#endif