1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/inc/signed.h Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,624 @@
1.4 +/*
1.5 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +/**
1.23 + @file
1.24 + @publishedAll
1.25 + @released
1.26 +*/
1.27 +
1.28 +#ifndef __SIGNED_H__
1.29 +#define __SIGNED_H__
1.30 +
1.31 +#include <e32base.h>
1.32 +#include <e32std.h>
1.33 +#include <s32std.h>
1.34 +#include <securitydefs.h>
1.35 +
1.36 +class CRSAPublicKey;
1.37 +class CDSAPublicKey;
1.38 +class CDSASignature;
1.39 +class CDSAParameters;
1.40 +
1.41 +/** Enumerates the identity of the algorithm.
1.42 + *
1.43 + */
1.44 +enum TAlgorithmId
1.45 + {
1.46 + /** An RSA algorithm. */
1.47 + ERSA,
1.48 + /** A DSA algorithm. */
1.49 + EDSA,
1.50 + /** A DH algorithm. */
1.51 + EDH,
1.52 + /** A MD2 algorithm. */
1.53 + EMD2,
1.54 + /** A MD5 algorithm. */
1.55 + EMD5,
1.56 + /** A SHA-1 algorithm. */
1.57 + ESHA1,
1.58 + /** A SHA-224 algorithm. */
1.59 + ESHA224,
1.60 + /** A SHA-256 algorithm. */
1.61 + ESHA256,
1.62 + /** A SHA-384 algorithm. */
1.63 + ESHA384,
1.64 + /** A SHA-512 algorithm. */
1.65 + ESHA512
1.66 + };
1.67 +
1.68 +class CValidityPeriod : public CBase
1.69 +/** The period for which the certificate is valid.
1.70 +*
1.71 +* @since v6.0 */
1.72 + {
1.73 +public:
1.74 + /** Tests whether the specified date and time is within the validity period.
1.75 + *
1.76 + * @param aTime The date and time to be tested.
1.77 + * @return ETrue, if the date and time is within the validity period;
1.78 + * EFalse, otherwise. */
1.79 + IMPORT_C TBool Valid(const TTime& aTime) const;
1.80 +
1.81 + /** Gets the start of the validity period.
1.82 + *
1.83 + * @return The start date and time. */
1.84 + IMPORT_C const TTime& Start() const;
1.85 +
1.86 + /** Gets the end of the validity period.
1.87 + *
1.88 + * @return The end date and time. */
1.89 + IMPORT_C const TTime& Finish() const;
1.90 +
1.91 + /** Copy constructor.
1.92 + *
1.93 + * @param aValidityPeriod The validity period object to be copied. */
1.94 + IMPORT_C CValidityPeriod(const CValidityPeriod& aValidityPeriod);
1.95 +
1.96 +protected:
1.97 + /** Default constructor. */
1.98 + IMPORT_C CValidityPeriod();
1.99 +
1.100 + /** The start time of the validity period. */
1.101 + TTime iStart;
1.102 +
1.103 + /** The end time of the validity period. */
1.104 + TTime iFinish;
1.105 + };
1.106 +
1.107 +class CAlgorithmIdentifier : public CBase
1.108 +/** Contains an algorithm ID and any encoded parameters required by that algorithm.
1.109 +*
1.110 +* An object of this type creates and owns a heap descriptor to contain the encoded
1.111 +* parameters.
1.112 +*
1.113 +* @since v6.0 */
1.114 + {
1.115 +public:
1.116 + /** Creates a new algorithm ID object copied from an existing object.
1.117 + *
1.118 + * @param aAlgorithmIdentifier The algorithm ID object to be copied.
1.119 + * @return A pointer to the new algorithm ID object. */
1.120 + IMPORT_C static CAlgorithmIdentifier* NewL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
1.121 +
1.122 + /** Creates a new algorithm ID object copied from an existing object, and puts
1.123 + * a pointer to the new object onto the cleanup stack.
1.124 + *
1.125 + * @param aAlgorithmIdentifier The algorithm ID object to be copied.
1.126 + * @return A pointer to the new algorithm ID object. */
1.127 + IMPORT_C static CAlgorithmIdentifier* NewLC(const CAlgorithmIdentifier& aAlgorithmIdentifier);
1.128 +
1.129 + /** Creates a new algorithm ID object.
1.130 + *
1.131 + * @param aAlgorithmId The algorithm ID.
1.132 + * @param aEncodedParams The encoded parameters.
1.133 + * @return A pointer to the new algorithm ID object. */
1.134 + IMPORT_C static CAlgorithmIdentifier* NewL(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
1.135 +
1.136 + /** Creates a new algorithm ID object, and puts a pointer to the new object onto
1.137 + * the cleanup stack.
1.138 + *
1.139 + * @param aAlgorithmId The algorithm ID.
1.140 + * @param aEncodedParams The encoded parameters.
1.141 + * @return A pointer to the new algorithm ID object. */
1.142 + IMPORT_C static CAlgorithmIdentifier* NewLC(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
1.143 +
1.144 + /** Tests whether this algorithm identifier object is equal to the specified algorithm
1.145 + * identifier object.
1.146 + *
1.147 + * @param aAlgorithmIdentifier The algorithm identifier object to be compared.
1.148 + * @return ETrue, if this algorithm identifier object is equal to the specified
1.149 + * algorithm identifier object; EFalse otherwise. */
1.150 + IMPORT_C TBool operator == (const CAlgorithmIdentifier& aAlgorithmIdentifier) const;
1.151 +
1.152 + /** Gets the algorithm identifier.
1.153 + *
1.154 + * @return The algorithm identifier. */
1.155 + IMPORT_C TAlgorithmId Algorithm() const; //ID for the algorithm
1.156 +
1.157 + /** Gets the encoded parameters for the algorithm identifier.
1.158 + *
1.159 + * Note that this object owns the heap descriptor that owns the encoded parameters.
1.160 + *
1.161 + * @return The encoded parameters. */
1.162 + IMPORT_C TPtrC8 EncodedParams() const; //the encoded parameters
1.163 +
1.164 + /** Destructor.
1.165 + *
1.166 + * Frees all resources owned by the object. */
1.167 + IMPORT_C ~CAlgorithmIdentifier();
1.168 +
1.169 +protected:
1.170 + /** Default constructor. */
1.171 + IMPORT_C CAlgorithmIdentifier();
1.172 +
1.173 + /** Constructor taking the specified parameters.
1.174 + *
1.175 + * @param aAlgorithmId The algorithm ID. */
1.176 + IMPORT_C CAlgorithmIdentifier(TAlgorithmId& aAlgorithmId);
1.177 +
1.178 + /** Second-phase constructor taking an existing algorithm identifier object.
1.179 + *
1.180 + * @param aAlgorithmIdentifier The algorithm identifier object. */
1.181 + IMPORT_C virtual void ConstructL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
1.182 +
1.183 + /** Second-phase constructor taking encoded parameters.
1.184 + *
1.185 + * @param aEncodedParams The encoded parameters. */
1.186 + IMPORT_C virtual void ConstructL(const TDesC8& aEncodedParams);
1.187 +
1.188 + /** The algorithm ID. */
1.189 + TAlgorithmId iAlgorithmId;
1.190 +
1.191 + /** The encoded parameters for the algorithm ID. */
1.192 + HBufC8* iEncodedParams;
1.193 + };
1.194 +
1.195 +class CSigningAlgorithmIdentifier : public CBase
1.196 +/** Contains two CAlgorithmIdentifier objects for comparison purposes.
1.197 +*
1.198 +* Implements an equality operator.
1.199 +*
1.200 +* @since v6.0 */
1.201 + {
1.202 +public:
1.203 + /** Constructs a new Signing Algorithm Identifier object, copying an existing Signing
1.204 + * Algorithm Identifier object.
1.205 + *
1.206 + * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object.
1.207 + * @return The new Signing Algorithm Identifier object. */
1.208 + IMPORT_C static CSigningAlgorithmIdentifier* NewL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
1.209 +
1.210 + /** Constructs a new Signing Algorithm Identifier object, copying an existing Signing
1.211 + * Algorithm Identifier object, and puts a pointer to it onto the cleanup stack.
1.212 + *
1.213 + * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object.
1.214 + * @return The new Signing Algorithm Identifier object. */
1.215 + IMPORT_C static CSigningAlgorithmIdentifier* NewLC(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
1.216 +
1.217 + /** Tests whether the Signing Algorithm Identifier object is equal to the specified
1.218 + * Signing Algorithm Identifier object.
1.219 + *
1.220 + * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object to be compared.
1.221 + * @return ETrue, if this object's Signing Algorithm Identifier value
1.222 + * is equal to the specified Signing Algorithm Identifier
1.223 + * object's value; EFalse, otherwise. */
1.224 + IMPORT_C TBool operator == (const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier) const;
1.225 +
1.226 + /** Gets the signature ID of the asymmetric algorithm.
1.227 + *
1.228 + * @return The signature ID of the asymmetric algorithm. */
1.229 + IMPORT_C const CAlgorithmIdentifier& AsymmetricAlgorithm() const;
1.230 +
1.231 + /** Gets the signature ID of the digest algorithm.
1.232 + *
1.233 + * @return The signature ID of the digest algorithm. */
1.234 + IMPORT_C const CAlgorithmIdentifier& DigestAlgorithm() const;
1.235 +
1.236 + /** Destructor.
1.237 + *
1.238 + * Frees all resources owned by the object, prior to its destruction. */
1.239 + IMPORT_C ~CSigningAlgorithmIdentifier();
1.240 +
1.241 +protected:
1.242 + /** Second-phase constructor.
1.243 + * @internalAll
1.244 + */
1.245 + void ConstructL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
1.246 +
1.247 + /** The signature ID of the asymmetric algorithm. */
1.248 + CAlgorithmIdentifier* iAsymmetricAlgorithm;
1.249 +
1.250 + /** The signature ID of the digest algorithm. */
1.251 + CAlgorithmIdentifier* iDigestAlgorithm;
1.252 + };
1.253 +
1.254 +class CSubjectPublicKeyInfo : public CBase
1.255 +/** A base class for a container that holds information about a subject public key.
1.256 +*
1.257 +* It contains the algorithm ID, the encoded public key and the encoded parameters.
1.258 +*
1.259 +* @since v6.0
1.260 +*/
1.261 +//algorithm ID + encoded public key + encoded parameters
1.262 + {
1.263 +public:
1.264 + /** Creates a new subject public key object copied from an existing object.
1.265 + *
1.266 + * @param aSubjectPublicKeyInfo The subject public key object to be copied.
1.267 + * @return A pointer to the new public key object. */
1.268 + IMPORT_C static CSubjectPublicKeyInfo* NewL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
1.269 +
1.270 + /** Creates a new subject public key object copied from an existing object and
1.271 + * puts a pointer to the new object onto the cleanup stack.
1.272 + *
1.273 + * @param aSubjectPublicKeyInfo The subject public key object to be copied.
1.274 + * @return A pointer to the new public key object. */
1.275 + IMPORT_C static CSubjectPublicKeyInfo* NewLC(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
1.276 +
1.277 + /** Gets the algorithm ID.
1.278 + *
1.279 + * @return The algorithm ID. */
1.280 + IMPORT_C TAlgorithmId AlgorithmId() const;
1.281 +
1.282 + /** Gets the encoded parameters required by the algorithm.
1.283 + *
1.284 + * @return A non-modifiable pointer descriptor representing the encoded parameters. */
1.285 + IMPORT_C const TPtrC8 EncodedParams() const;
1.286 +
1.287 + /** Gets the encoded public key data.
1.288 + *
1.289 + * @return A non-modifiable pointer descriptor representing the encoded public
1.290 + * key data. */
1.291 + IMPORT_C const TPtrC8 KeyData() const;
1.292 +
1.293 + /** Destructor.
1.294 + *
1.295 + * Frees all resources owned by the object. */
1.296 + IMPORT_C ~CSubjectPublicKeyInfo();
1.297 +protected:
1.298 + /** Second-phase constructor.
1.299 + *
1.300 + * @param aSubjectPublicKeyInfo The subject public key object to be copied. */
1.301 + IMPORT_C virtual void ConstructL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
1.302 +
1.303 + /** The algorithm ID. */
1.304 + CAlgorithmIdentifier* iAlgId;
1.305 +
1.306 + /** A heap descriptor representing the encoded key data. */
1.307 + HBufC8* iEncodedKeyData;
1.308 + };
1.309 +
1.310 +class CRSASignatureResult : public CBase
1.311 +/** The RSA public key algorithm signature result.
1.312 +*
1.313 +* Derived classes:
1.314 +* @li CWTLSRSASignatureResult
1.315 +* @li CPKCS1SignatureResult.
1.316 +*
1.317 +* @see TKeyFactory::RSASignatureResultL()
1.318 +*
1.319 +* @since v6.0 */
1.320 + {
1.321 +public:
1.322 + /** Tests whether the signature result is valid.
1.323 + *
1.324 + * @param aResult The signature result.
1.325 + * @return ETrue if the signature result is valid, otherwise EFalse. */
1.326 + IMPORT_C virtual TBool VerifyL(const TDesC8& aResult) = 0;
1.327 +
1.328 + /** Destructor.
1.329 + *
1.330 + * Frees all resources owned by the object. */
1.331 + IMPORT_C ~CRSASignatureResult();
1.332 +protected:
1.333 + /** Compares this RSA Signature Result object with the specified RSA Signature
1.334 + * Result object for equality.
1.335 + *
1.336 + * @param aResult The RSA Signature Result object to be compared.
1.337 + * @return ETrue, if they are the same; EFalse, otherwise. */
1.338 + IMPORT_C TBool operator == (const CRSASignatureResult& aResult) const;
1.339 +
1.340 + /** The digest algorithm ID. */
1.341 + CAlgorithmIdentifier* iDigestAlgorithm;
1.342 +
1.343 + /** A heap descriptor representing the digest algorithm. */
1.344 + HBufC8* iDigest;
1.345 + };
1.346 +
1.347 +//signed object
1.348 +class TKeyFactory
1.349 +/** Constructs the public key objects used for signature verification from their
1.350 +* encoded binary form.
1.351 +*
1.352 +* @since v6.0 */
1.353 + {
1.354 +public:
1.355 + /** Gets the RSA public key.
1.356 + *
1.357 + * @param aEncoding A non-modifiable descriptor representing the entire encoding.
1.358 + * @return The RSA Public key. */
1.359 + virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const = 0;
1.360 +
1.361 + /** Gets the RSA signature result.
1.362 + *
1.363 + * @param aDigestAlgorithm The algorithm ID.
1.364 + * @param aDigest A non-modifiable descriptor representing the digest algorithm.
1.365 + * @return The RSA signature result. */
1.366 + virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const = 0;
1.367 +
1.368 + /** Gets the DSA public key.
1.369 + *
1.370 + * @param aParams The DSA parameters
1.371 + * @param aEncoding A non-modifiable descriptor representing the entire encoding.
1.372 + * @return The DSA public key. */
1.373 + virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const = 0;
1.374 +
1.375 + /** Gets the digital DSA signature given an encoding key.
1.376 + *
1.377 + * @param aEncoding A non-modifiable descriptor representing the entire encoding.
1.378 + * @return The DSA signature. */
1.379 + virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const = 0;
1.380 +
1.381 + /** Gets the DSA parameters.
1.382 + *
1.383 + * @param aEncoding A non-modifiable descriptor representing the entire encoding.
1.384 + * @return The DSA parameters. */
1.385 + virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const = 0;
1.386 + // New function for TKeyFactory API
1.387 + virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const = 0;
1.388 + };
1.389 +
1.390 +class CSigningKeyParameters : public CBase
1.391 +/** Contains the parameter information required by some signing algorithms.
1.392 +*
1.393 +* The DSA signing algorithm needs parameters as well as a key. Currently, this
1.394 +* class only contains DSA parameters.
1.395 +*
1.396 +* @since v6.0 */
1.397 + {
1.398 +public:
1.399 + /** Creates a new signing key parameters object.
1.400 + *
1.401 + * @return A pointer to the new signing key parameters object. */
1.402 + IMPORT_C static CSigningKeyParameters* NewL();
1.403 +
1.404 + /** Creates a new signing key parameters object and puts a pointer to the new object
1.405 + * onto the cleanup stack.
1.406 + *
1.407 + * @return A pointer to the new signing key parameters object. */
1.408 + IMPORT_C static CSigningKeyParameters* NewLC();
1.409 +
1.410 + /** Creates a new signing key parameters object copied from an existing object.
1.411 + *
1.412 + * @param aParameters The signing key parameters object to be copied.
1.413 + * @return A pointer to the new parameters object. */
1.414 + IMPORT_C static CSigningKeyParameters* NewL(const CSigningKeyParameters& aParameters);
1.415 +
1.416 + /** Creates a new signing key parameters object copied from an existing object
1.417 + * and puts a pointer to the new object onto the cleanup stack.
1.418 + *
1.419 + * @param aParameters The signing key parameters object to be copied.
1.420 + * @return A pointer to the new signing key parameters object. */
1.421 + IMPORT_C static CSigningKeyParameters* NewLC(const CSigningKeyParameters& aParameters);
1.422 +
1.423 + /** Destructor.
1.424 + *
1.425 + * Frees all resources owned by the object. */
1.426 + IMPORT_C ~CSigningKeyParameters();
1.427 +
1.428 + /** Sets the DSA parameters.
1.429 + *
1.430 + * @param aParams The DSA parameters. */
1.431 + IMPORT_C void SetDSAParamsL(const CDSAParameters& aParams);
1.432 +
1.433 + /** Gets the DSA parameters.
1.434 + *
1.435 + * @return The DSA parameters.
1.436 + * @internalAll
1.437 + */
1.438 + const CDSAParameters* DSAParams() const;
1.439 +private:
1.440 + CSigningKeyParameters();
1.441 + void ConstructL(const CSigningKeyParameters& aParameters);
1.442 + CDSAParameters* iDSAParams;
1.443 + };
1.444 +
1.445 +
1.446 +class CSignedObject : public CBase
1.447 +/** Base class for certificates.
1.448 +*
1.449 +* @since v6.0 */
1.450 + {
1.451 +public:
1.452 + /** Verifies a signature using the specified encoded key.
1.453 + *
1.454 + * @param aEncodedKey The encoded key.
1.455 + * @return ETrue if the signature is valid, otherwise EFalse. */
1.456 + IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey) const;
1.457 +
1.458 + /** Verifies a signature using the specified encoded key and hash.
1.459 + *
1.460 + * @param aEncodedKey The encoded key.
1.461 + * @param aHash The hash of the data to be validated.
1.462 + * @return ETrue if the signature is valid, otherwise EFalse. */
1.463 + IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
1.464 +
1.465 + /** Gets the digital signature.
1.466 + *
1.467 + * @return A non-modifiable pointer descriptor representing the digital signature. */
1.468 + IMPORT_C const TPtrC8 Signature() const;
1.469 +
1.470 + /** Gets the signed data.
1.471 + *
1.472 + * @return A non-modifiable pointer descriptor representing the signed data. */
1.473 + IMPORT_C virtual const TPtrC8 SignedDataL() const = 0;
1.474 +
1.475 + /** Gets the fingerprint.
1.476 + *
1.477 + * The fingerprint returned is the SHA1 hash of the encoding of the entire object.
1.478 + *
1.479 + * @return A non-modifiable pointer descriptor representing the finger print. */
1.480 + IMPORT_C const TPtrC8 Fingerprint() const;
1.481 +
1.482 + /** Gets the entire encoding.
1.483 + *
1.484 + * @return A non-modifiable pointer descriptor representing the entire encoding. */
1.485 + IMPORT_C const TPtrC8 Encoding() const;
1.486 +
1.487 + /** Gets the signing algorithm ID used.
1.488 + *
1.489 + * @return The signing algorithm ID. */
1.490 + IMPORT_C const CSigningAlgorithmIdentifier& SigningAlgorithm() const;
1.491 +
1.492 + /** Externalises the encoding of the entire object to a write stream.
1.493 + *
1.494 + * The fingerprint and the signed data can be regenerated after restoration.
1.495 + *
1.496 + * The presence of this function means that the standard templated operator<<()
1.497 + * can be used to externalise objects of this class.
1.498 + *
1.499 + * @param aStream Stream to which the object should be externalised. */
1.500 + IMPORT_C virtual void ExternalizeL(RWriteStream& aStream) const;
1.501 +
1.502 + /** Internalises the encoded object from a read stream.
1.503 +
1.504 + * The class makes use of a specification-specific parser class for extracting
1.505 + * the various elements, that is provided by a subclass of CSignedObject. For
1.506 + * this reason this function is pure virtual.
1.507 + *
1.508 + * The presence of this function means that the standard templated operator>>()
1.509 + * can be used to internalise objects of this class.
1.510 + *
1.511 + * @param aStream Stream from which the contents of the field should be internalised. */
1.512 + IMPORT_C virtual void InternalizeL(RReadStream& aStream) = 0;
1.513 +
1.514 + /** Sets the signing key parameters.
1.515 + *
1.516 + * @param aParameters The signing key parameters. */
1.517 + IMPORT_C void SetParametersL(const CSigningKeyParameters& aParameters);
1.518 +
1.519 + /** Gets the encoded data for the specified encoded data element, in the (to be
1.520 + * signed) tbsCertificate data structure, of the signed object.
1.521 + *
1.522 + * @param aIndex The encoded data element position in the tbsCertificate data
1.523 + * structure. See the enumeration: CX509Certificate::Anonymous.
1.524 + * @return The encoded data for the specified data element of the signed object. */
1.525 + IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const = 0;
1.526 +
1.527 + /** Destructor.
1.528 + *
1.529 + * Frees all resources owned by the object. */
1.530 + IMPORT_C ~CSignedObject();
1.531 +
1.532 +protected:
1.533 + /** Verifies a RSA signature using the specified encoded key.
1.534 + *
1.535 + * @param aEncodedKey The encoded key.
1.536 + * @return ETrue if the signature is valid, otherwise EFalse.
1.537 + * @internalAll
1.538 + */
1.539 + TBool VerifyRSASignatureL(const TDesC8& aEncodedKey) const;
1.540 +
1.541 + /** @internalAll */
1.542 + TBool VerifyRSASignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
1.543 +
1.544 + /** A pointer to a key factory object. */
1.545 + TKeyFactory* iKeyFactory;
1.546 +
1.547 + /** A heap descriptor representing the entire encoding. */
1.548 + HBufC8* iEncoding;
1.549 +
1.550 + /** The digital signature. */
1.551 + HBufC8* iSignature;
1.552 +
1.553 + /** The fingerprint.
1.554 + *
1.555 + * The SHA1 hash of the encoding of the entire object. */
1.556 + HBufC8* iFingerprint;
1.557 +
1.558 + /** The signing key parameters */
1.559 + CSigningKeyParameters* iParameters;
1.560 +
1.561 + /** The signing algorithm ID. */
1.562 + CSigningAlgorithmIdentifier* iSigningAlgorithm;
1.563 + };
1.564 +
1.565 +class CCertificate : public CSignedObject
1.566 +/** A data structure that binds a public key to a given individual.
1.567 +*
1.568 +* A certificate is a signed object, and adds a serial number, a validity period
1.569 +* and a subject public key.
1.570 +*
1.571 +* This is a base class for classes that implement certificates of particular types.
1.572 +*
1.573 +* @since v6.0 */
1.574 + {
1.575 +public:
1.576 + /** Destructor.
1.577 + *
1.578 + * Frees all resources owned by the object. */
1.579 + IMPORT_C ~CCertificate();
1.580 +
1.581 + /** Gets the subject public key information.
1.582 + *
1.583 + * @return The subject public key information. */
1.584 + IMPORT_C const CSubjectPublicKeyInfo& PublicKey() const;
1.585 +
1.586 + /** Gets the serial number.
1.587 + *
1.588 + * @return A non-modifiable pointer descriptor representing the serial number. */
1.589 + IMPORT_C const TPtrC8 SerialNumber() const;
1.590 +
1.591 + /** Gets the validity period.
1.592 + *
1.593 + * @return The validity period. */
1.594 + IMPORT_C const CValidityPeriod& ValidityPeriod() const;
1.595 +
1.596 + /** Tests whether a certificate is self-signed.
1.597 + *
1.598 + * @return ETrue, if it is self-signed; EFalse, otherwise. */
1.599 + IMPORT_C virtual TBool IsSelfSignedL() const = 0;
1.600 +
1.601 + /** Gets the subject.
1.602 + *
1.603 + * @return A heap descriptor representing the subject. */
1.604 + IMPORT_C virtual HBufC* SubjectL() const = 0;
1.605 +
1.606 + /** Gets the issuer.
1.607 + *
1.608 + * @return A heap descriptor representing the issuer. */
1.609 + IMPORT_C virtual HBufC* IssuerL() const = 0;
1.610 +
1.611 + /** Gets the key identifier.
1.612 + *
1.613 + * @return The key identifier. */
1.614 + IMPORT_C virtual TKeyIdentifier KeyIdentifierL() const;
1.615 +
1.616 +protected:
1.617 + /** The serial number. */
1.618 + HBufC8* iSerialNumber;
1.619 +
1.620 + /** The validity period. */
1.621 + CValidityPeriod* iValidityPeriod;
1.622 +
1.623 + /** The subject public key information. */
1.624 + CSubjectPublicKeyInfo* iSubjectPublicKeyInfo;
1.625 + };
1.626 +
1.627 +#endif