1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.h Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,102 @@
1.4 +#ifndef __X509UTILS_H__
1.5 +#define __X509UTILS_H__/*
1.6 +* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies).
1.7 +* All rights reserved.
1.8 +* This component and the accompanying materials are made available
1.9 +* under the terms of the License "Eclipse Public License v1.0"
1.10 +* which accompanies this distribution, and is available
1.11 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.12 +*
1.13 +* Initial Contributors:
1.14 +* Nokia Corporation - initial contribution.
1.15 +*
1.16 +* Contributors:
1.17 +*
1.18 +* Description:
1.19 +*
1.20 +*/
1.21 +
1.22 +
1.23 +/**
1.24 + @file
1.25 + @internalComponent
1.26 +*/
1.27 +enum TCertificateFormat
1.28 + {
1.29 + EX509Certificate = 0x00,
1.30 + EWTLSCertificate = 0x01,
1.31 + EX968Certificate = 0x02,
1.32 + EUnknownCertificate = 0x0f,
1.33 + EX509CertificateUrl = 0x10,
1.34 + EWTLSCertificateUrl = 0x11,
1.35 + EX968CertificateUrl = 0x12
1.36 + };
1.37 +
1.38 +const TInt KSHA1HashLengthInBytes = 20;
1.39 +typedef TBuf8<KSHA1HashLengthInBytes> TSHA1Hash;
1.40 +typedef TSHA1Hash TKeyIdentifier;
1.41 +
1.42 +struct KeyIdentifierObject
1.43 + {
1.44 + bool iAutoKey; // iHash needs generating by us, or matched the value we would generate!
1.45 + TKeyIdentifier iHash;
1.46 + };
1.47 +
1.48 +void EncodeHuman(REncodeWriteStream& aStream,const KeyIdentifierObject &aKeyId);
1.49 +void DecodeHuman(RDecodeReadStream& aStream, KeyIdentifierObject &aKeyId);
1.50 +
1.51 +RWriteStream& operator<<(RWriteStream& aStream,const KeyIdentifierObject& aKeyId);
1.52 +RReadStream& operator>>(RReadStream& aStream, KeyIdentifierObject& aKeyId);
1.53 +
1.54 +
1.55 +enum EUseCertificateExtension
1.56 +{
1.57 + KIgnoreCertificateExtension,
1.58 + KUseCertificateExtension
1.59 +};
1.60 +
1.61 +
1.62 +/**
1.63 + Get the subject key id from the certificate extension or calculate
1.64 + it from the public key (as specified in rfc3280 4.2.1.2 method 1).
1.65 +
1.66 + The subject name and subject key id are returned.
1.67 +
1.68 + WARNING: This function is NOT valid for client certs. For client
1.69 + certs, the subject key id in the certificate store MUST match the id
1.70 + of the key in the keystore.
1.71 +
1.72 + If ok return true.
1.73 +
1.74 + If the certificate is invalid then exit the program with an error message!
1.75 + */
1.76 +bool X509SubjectKeyId(EUseCertificateExtension aUseExtension, bool aUseRfc3280Algorithm,
1.77 + bool aIsCa, const std::string &aCert,
1.78 + std::string &aSubject, TKeyIdentifier &aSubjectKeyId);
1.79 +
1.80 +/**
1.81 + Get the issuer key id from the certificate authority key id extension.
1.82 +
1.83 + The issuer name and issuer key id are returned.
1.84 +
1.85 + If ok return true.
1.86 +
1.87 + If the certificate is invalid then exit the program with an error message!
1.88 + */
1.89 +bool X509IssuerKeyId(EUseCertificateExtension aUseExtension,
1.90 + const TUint8 *aCert, TUint32 aCertLength,
1.91 + std::string &aIssuer,
1.92 + TKeyIdentifier &aIssuerKeyId);
1.93 +
1.94 +/**
1.95 + Convert the DER certificate into PEM form
1.96 +*/
1.97 +void Der2Pem(const std::string &aDerCert, std::string &aPemCert);
1.98 +
1.99 +/**
1.100 + Convert the PEM certificate into DER form
1.101 +
1.102 + Returns true if conversion succeeds
1.103 +*/
1.104 +bool Pem2Der(const std::string &aPemCert, std::string &aDerCert);
1.105 +#endif