1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertstate.h	Fri Jun 15 03:10:57 2012 +0200
     1.3 @@ -0,0 +1,87 @@
     1.4 +/*
     1.5 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
     1.6 +* All rights reserved.
     1.7 +* This component and the accompanying materials are made available
     1.8 +* under the terms of the License "Eclipse Public License v1.0"
     1.9 +* which accompanies this distribution, and is available
    1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
    1.11 +*
    1.12 +* Initial Contributors:
    1.13 +* Nokia Corporation - initial contribution.
    1.14 +*
    1.15 +* Contributors:
    1.16 +*
    1.17 +* Description: 
    1.18 +* CPKIXValidationState class implementation
    1.19 +*
    1.20 +*/
    1.21 +
    1.22 +
    1.23 +/**
    1.24 + @file 
    1.25 + @internalTechnology
    1.26 +*/
    1.27 + 
    1.28 +#if !defined (__PKIXCERTSTATE_H__)
    1.29 +#define __PKIXCERTSTATE_H__
    1.30 +
    1.31 +#include <e32std.h>
    1.32 +#include <x509cert.h>
    1.33 +#include <x509certchain.h>
    1.34 +#include <x509certext.h>
    1.35 +#include <x509gn.h>
    1.36 +
    1.37 +/*this class has no brains at all. all it does it act as a container for
    1.38 +state information needed when processing a certificate chain according to 
    1.39 +the PKIX algorithm. it gets passed around among the classes which use it. 
    1.40 +the classes which use it are all friends 'cos that seems neater than making 
    1.41 +all its data public or including 500 accessors*/
    1.42 +
    1.43 +class CPKIXCertChainAO;
    1.44 +
    1.45 +class CPKIXValidationState : public CBase
    1.46 +	{
    1.47 +	friend class CPKIXCertChainAO;
    1.48 +	friend class TPKIXPolicyConstraint;
    1.49 +	friend class TPKIXNameConstraint;
    1.50 +	friend class TPKIXBasicConstraint;
    1.51 +	friend class TPKIXKeyUsageConstraint;
    1.52 +public:
    1.53 +	static CPKIXValidationState* NewL(	const TTime aValidationTime, TInt aChainLength,
    1.54 +										const CArrayPtr<HBufC>* aInitialPolicies);
    1.55 +	static CPKIXValidationState* NewLC(	const TTime aValidationTime, TInt aChainLength,
    1.56 +										const CArrayPtr<HBufC>* aInitialPolicies);
    1.57 +	~CPKIXValidationState();
    1.58 +private:
    1.59 +	CPKIXValidationState(	const TTime aValidationTime, TInt aChainLength,
    1.60 +							const CArrayPtr<HBufC>* aInitialPolicies);
    1.61 +	void ConstructL();
    1.62 +private:
    1.63 +	const TTime iValidationTime;
    1.64 +	TInt iPolicyMapping;
    1.65 +	TInt iPolicyRequired;
    1.66 +	TInt iMaxPathLength;
    1.67 +	TInt iPos;
    1.68 +
    1.69 +//	TBool iAnyUserPolicy;
    1.70 +	TBool iAnyAuthorityPolicy;
    1.71 +	
    1.72 +	const CArrayPtr<HBufC>* iUserConstrainedPolicies;
    1.73 +	CArrayPtrFlat<CX509CertPolicyInfo>* iAuthorityConstrainedPolicies;
    1.74 +	
    1.75 +	CArrayPtrFlat<HBufC>* iUserPolicies;	
    1.76 +	CArrayPtrFlat<CX509PolicyMapping>* iMappedPolicies;
    1.77 +	CArrayPtrFlat<CX500DistinguishedName>* iExcludedDNSubtrees;
    1.78 +	CArrayPtrFlat<CX500DistinguishedName>* iPermittedDNSubtrees;
    1.79 +	//these are all just to deal with name constraints on alt names
    1.80 +	//can you believe it?
    1.81 +	CArrayPtrFlat<CX509DomainName>* iExcludedRFC822Subtrees;
    1.82 +	CArrayPtrFlat<CX509DomainName>* iPermittedRFC822Subtrees;
    1.83 +	CArrayPtrFlat<CX509DomainName>* iExcludedDNSNameSubtrees;
    1.84 +	CArrayPtrFlat<CX509DomainName>* iPermittedDNSNameSubtrees;
    1.85 +	CArrayPtrFlat<CX509IPSubnetMask>* iExcludedIPAddressSubtrees;
    1.86 +	CArrayPtrFlat<CX509IPSubnetMask>* iPermittedIPAddressSubtrees;
    1.87 +	CArrayPtrFlat<CX509CertExtension>* iCriticalExts;
    1.88 +	};
    1.89 +
    1.90 +#endif