2 * Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
4 * This component and the accompanying materials are made available
5 * under the terms of the License "Eclipse Public License v1.0"
6 * which accompanies this distribution, and is available
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
9 * Initial Contributors:
10 * Nokia Corporation - initial contribution.
19 #include <cmssignedobject.h>
21 #include <x509certext.h>
22 #include <asymmetrickeys.h>
26 #include <pkcs7excert.h>
27 #include <cmssigneridentifier.h>
28 #include <cmscontentinfo.h>
29 #include <cmssignerinfo.h>
31 #include "pkcs7asn1.h"
33 const TInt KSignedDataCertificates = 0;
34 const TInt KSignedDataRevocationLists = 1;
36 const TInt KCmsMinSignedDataElements = 4;
38 // Implementation of CMS Signed object
40 EXPORT_C CCmsSignedObject* CCmsSignedObject::NewLC(TCmsContentInfoType aType, TBool aIsDetached, const TDesC8& aContentData)
42 CCmsSignedObject* self = new (ELeave) CCmsSignedObject();
43 CleanupStack::PushL(self);
44 self->ConstructL(aType, aIsDetached, aContentData);
48 EXPORT_C CCmsSignedObject* CCmsSignedObject::NewL(TCmsContentInfoType aType, TBool aIsDetached, const TDesC8& aContentData)
50 CCmsSignedObject* self = NewLC(aType, aIsDetached, aContentData);
51 CleanupStack::Pop(self);
55 EXPORT_C CCmsSignedObject* CCmsSignedObject::NewLC(TCmsContentInfoType aType,
56 const TDesC8& aHashValue,
57 TAlgorithmId aDigestAlgorithm,
58 const CDSAPrivateKey& aKey,
59 const CX509Certificate& aCert,
60 TBool aAddCertificate)
62 CCmsSignedObject* self = new (ELeave) CCmsSignedObject();
63 CleanupStack::PushL(self);
64 self->ConstructL(aType, aHashValue, aDigestAlgorithm, aKey, aCert, aAddCertificate);
68 EXPORT_C CCmsSignedObject* CCmsSignedObject::NewL(TCmsContentInfoType aType,
69 const TDesC8& aHashValue,
70 TAlgorithmId aDigestAlgorithm,
71 const CDSAPrivateKey& aKey,
72 const CX509Certificate& aCert,
73 TBool aAddCertificate)
75 CCmsSignedObject* self = NewLC(aType, aHashValue, aDigestAlgorithm, aKey, aCert, aAddCertificate);
76 CleanupStack::Pop(self);
81 EXPORT_C CCmsSignedObject* CCmsSignedObject::NewLC(TCmsContentInfoType aType,
82 const TDesC8& aHashValue,
83 TAlgorithmId aDigestAlgorithm,
84 const CRSAPrivateKey& aKey,
85 const CX509Certificate& aCert,
86 TBool aAddCertificate)
88 CCmsSignedObject* self = new (ELeave) CCmsSignedObject();
89 CleanupStack::PushL(self);
90 self->ConstructL(aType, aHashValue, aDigestAlgorithm, aKey, aCert, aAddCertificate);
94 EXPORT_C CCmsSignedObject* CCmsSignedObject::NewL(TCmsContentInfoType aType,
95 const TDesC8& aHashValue,
96 TAlgorithmId aDigestAlgorithm,
97 const CRSAPrivateKey& aKey,
98 const CX509Certificate& aCert,
99 TBool aAddCertificate)
101 CCmsSignedObject* self = NewLC(aType, aHashValue, aDigestAlgorithm, aKey, aCert, aAddCertificate);
102 CleanupStack::Pop(self);
107 EXPORT_C CCmsSignedObject* CCmsSignedObject::NewL(const CCmsContentInfo& aContentInfo)
109 CCmsSignedObject* self = NewLC(aContentInfo);
110 CleanupStack::Pop(self);
114 EXPORT_C CCmsSignedObject* CCmsSignedObject::NewLC(const CCmsContentInfo& aContentInfo)
116 CCmsSignedObject* self = new (ELeave) CCmsSignedObject();
117 CleanupStack::PushL(self);
118 self->ConstructL(aContentInfo);
122 CCmsSignedObject::CCmsSignedObject() : iVersion(EVersion_1)
126 EXPORT_C CCmsSignedObject::~CCmsSignedObject()
129 iDigestAlgorithms.ResetAndDestroy();
130 iCertificates.ResetAndDestroy();
131 iSignerInfo.ResetAndDestroy();
132 for(TInt i = 0; i < KCmsMaxSignedDataElements; i++)
134 delete iDataElements.At(i);
139 EXPORT_C TBool CCmsSignedObject::IsCertificateSetPresent() const
141 return iIsCertificateSetPresent;
144 EXPORT_C TBool CCmsSignedObject::IsCertificateRevocationListsPresent() const
146 return iIsCertificateRevocationListsPresent;
149 EXPORT_C TInt CCmsSignedObject::Version() const
154 EXPORT_C const RPointerArray<CCmsCertificateChoice>& CCmsSignedObject::Certificates() const
156 return iCertificates;
159 EXPORT_C const RPointerArray<CX509AlgorithmIdentifier>& CCmsSignedObject::DigestAlgorithms() const
161 return iDigestAlgorithms;
164 EXPORT_C const CEncapsulatedContentInfo& CCmsSignedObject::ContentInfo() const
166 return *iContentInfo;
169 EXPORT_C const RPointerArray<CCmsSignerInfo>& CCmsSignedObject::SignerInfo() const
174 EXPORT_C void CCmsSignedObject::AddCertificateL(const CX509Certificate& aCert)
176 CmsUtils::AddCertificateL(iCertificates, aCert);
179 void CCmsSignedObject::AddDigestAlgorithmL(TAlgorithmId aDigestAlgorithm)
181 CmsUtils::AddAlgorithmIdentifierL(iDigestAlgorithms, aDigestAlgorithm);
184 EXPORT_C void CCmsSignedObject::AddCertificateL(const TDesC8& aCert, CCmsCertificateChoice::TCertificateType aType)
186 if (aType==CCmsCertificateChoice::ECertificateAttribute)
190 CmsUtils::AddCertificateL(iCertificates, aCert, aType);
193 void CCmsSignedObject::DecodeSignerInfoL(const TDesC8& aRawData)
195 CArrayPtr<TASN1DecGeneric>* signerInfo = PKCS7ASN1::DecodeSequenceLC(aRawData);
196 TInt total = signerInfo->Count();
197 CCmsSignerInfo* signer(NULL);
199 for(TInt item = 0; item < total; item ++)
201 signer = CCmsSignerInfo::NewL(signerInfo->At(item)->Encoding());
202 CleanupStack::PushL(signer);
203 User::LeaveIfError(iSignerInfo.Append(signer));
204 CleanupStack::Pop(signer);
206 CleanupStack::PopAndDestroy(signerInfo);
209 void CCmsSignedObject::DecodeEncapsulatedContentInfoL(const TDesC8& aRawData)
211 iContentInfo = CEncapsulatedContentInfo::NewL(aRawData);
214 void CCmsSignedObject::ConstructL(const CCmsContentInfo& aContentInfo)
216 if(aContentInfo.ContentType() != EContentTypeSignedData)
218 User::Leave(KErrArgument);
221 TASN1DecGeneric decGen(aContentInfo.ContentData());
224 if(decGen.Tag() == EASN1Sequence && decGen.Class()==EUniversal)
226 InitSignedObjectL(decGen.Encoding());
227 DecodeSignedDataL(*iEncoding);
231 User::Leave(KErrArgument);
235 void CCmsSignedObject::ConstructL(TCmsContentInfoType aType, TBool aIsDetached, const TDesC8& aContentData)
237 if (aContentData==KNullDesC8() && !aIsDetached)
239 User::Leave(KErrArgument);
241 iContentInfo=CEncapsulatedContentInfo::NewL(aType, !aIsDetached, aContentData);
242 //For later use to create hash if detached and hash not provided
243 iContentData.Set(aContentData);
246 CCmsSignerIdentifier* CCmsSignedObject::BuildSignerIdentifierLC(const CX509Certificate& aCert)
248 CCmsSignerIdentifier* sid(NULL);
249 const CX509CertExtension* certExt = aCert.Extension(KSubjectKeyId);
252 CX509SubjectKeyIdExt* ext=CX509SubjectKeyIdExt::NewLC(certExt->Data());
253 HBufC8* subKeyId=ext->KeyId().AllocL();
254 CleanupStack::PopAndDestroy(ext);
255 CleanupStack::PushL(subKeyId);
256 sid=CCmsSignerIdentifier::NewL(subKeyId);
257 CleanupStack::Pop(subKeyId);
258 CleanupStack::PushL(sid);
263 CX500DistinguishedName* distinguishedName=CX500DistinguishedName::NewLC(aCert.IssuerName());
264 CPKCS7IssuerAndSerialNumber* issuerAndSN=CPKCS7IssuerAndSerialNumber::NewL(distinguishedName, aCert.SerialNumber());
265 CleanupStack::Pop(distinguishedName);
266 CleanupStack::PushL(issuerAndSN);
267 sid=CCmsSignerIdentifier::NewL(issuerAndSN);
268 CleanupStack::Pop(issuerAndSN);
269 CleanupStack::PushL(sid);
275 void CCmsSignedObject::BuildSignerInfoCertListAndAlgoritmListL(TAlgorithmId aDigestAlgorithm,
277 const TDesC8& aValue,
278 const CDSAPrivateKey& aKey,
279 const CX509Certificate& aCert,
280 TBool aAddCertificate)
282 //build Signer Identifier
283 CCmsSignerIdentifier* sid=BuildSignerIdentifierLC(aCert);
285 //build digest algorithm and signing algorithm
286 CX509AlgorithmIdentifier* digAlg=CX509AlgorithmIdentifier::NewLC(aDigestAlgorithm, KNullDesC8());
287 const CSubjectPublicKeyInfo& publicKeyInfo=aCert.PublicKey();
288 CX509AlgorithmIdentifier* signingAlg=CX509AlgorithmIdentifier::NewLC(publicKeyInfo.AlgorithmId(), KNullDesC8());
291 CCmsSignerInfo* signerInfo=CCmsSignerInfo::NewL(aValue,
297 CleanupStack::Pop(3, sid);
298 CleanupStack::PushL(signerInfo);
299 //add to the signer info list
300 iSignerInfo.AppendL(signerInfo);
303 //Add the certificate to the list if needed
306 AddCertificateL(aCert);
309 //Add the digest algorithm the list if needed
310 AddDigestAlgorithmL(aDigestAlgorithm);
315 void CCmsSignedObject::BuildSignerInfoCertListAndAlgoritmListL(TAlgorithmId aDigestAlgorithm,
317 const TDesC8& aValue,
318 const CRSAPrivateKey& aKey,
319 const CX509Certificate& aCert,
320 TBool aAddCertificate)
323 //build Signer Identifier
324 CCmsSignerIdentifier* sid=BuildSignerIdentifierLC(aCert);
326 //build digest algorithm and signing algorithm
327 CX509AlgorithmIdentifier* digAlg=CX509AlgorithmIdentifier::NewLC(aDigestAlgorithm, KNullDesC8());
328 const CSubjectPublicKeyInfo& publicKeyInfo=aCert.PublicKey();
329 CX509AlgorithmIdentifier* signingAlg=CX509AlgorithmIdentifier::NewLC(publicKeyInfo.AlgorithmId(), publicKeyInfo.EncodedParams());
332 CCmsSignerInfo* signerInfo=CCmsSignerInfo::NewL(aValue,
338 CleanupStack::Pop(3, sid);
339 CleanupStack::PushL(signerInfo);
340 //add to the signer info list
341 iSignerInfo.AppendL(signerInfo);
344 //Add the certificate to the list if needed
347 AddCertificateL(aCert);
350 //Add the digest algorithm the list if needed
351 AddDigestAlgorithmL(aDigestAlgorithm);
354 void CCmsSignedObject::ConstructL(TCmsContentInfoType aType,
355 const TDesC8& aHashValue,
356 TAlgorithmId aDigestAlgorithm,
357 const CDSAPrivateKey& aKey,
358 const CX509Certificate& aCert,
359 TBool aAddCertificate)
361 //Set the CMS object version to version 3 if the encapsulatedconetent data type is not data
362 if (aType != EContentTypeData)
367 //build EncapsulatedContentInfo
368 iContentInfo=CEncapsulatedContentInfo::NewL(aType, EFalse, KNullDesC8());
370 BuildSignerInfoCertListAndAlgoritmListL(aDigestAlgorithm,
378 void CCmsSignedObject::ConstructL(TCmsContentInfoType aType,
379 const TDesC8& aHashValue,
380 TAlgorithmId aDigestAlgorithm,
381 const CRSAPrivateKey& aKey,
382 const CX509Certificate& aCert,
383 TBool aAddCertificate)
385 //Set the CMS object version to version 3 if the encapsulatedconetent data type is not data
386 if (aType != EContentTypeData)
391 //build EncapsulatedContentInfo
392 iContentInfo=CEncapsulatedContentInfo::NewL(aType, EFalse, KNullDesC8());
394 BuildSignerInfoCertListAndAlgoritmListL(aDigestAlgorithm,
403 EXPORT_C void CCmsSignedObject::SignL(const TDesC8& aHashValue,
404 TAlgorithmId aDigestAlgorithm,
405 const CDSAPrivateKey& aKey,
406 const CX509Certificate& aCert,
407 TBool aAddCertificate)
410 TBool isHash=(aHashValue!=KNullDesC8())? ETrue:EFalse;
413 BuildSignerInfoCertListAndAlgoritmListL(aDigestAlgorithm,
422 if (iContentData!=KNullDesC8())
424 BuildSignerInfoCertListAndAlgoritmListL(aDigestAlgorithm,
433 //No way to sign if no data content nor its hash.
434 User::Leave(KErrArgument);
439 EXPORT_C void CCmsSignedObject::SignL(const TDesC8& aHashValue,
440 TAlgorithmId aDigestAlgorithm,
441 const CRSAPrivateKey& aKey,
442 const CX509Certificate& aCert,
443 TBool aAddCertificate)
445 TBool isHash=(aHashValue!=KNullDesC8())? ETrue:EFalse;
448 BuildSignerInfoCertListAndAlgoritmListL(aDigestAlgorithm,
457 if (iContentData!=KNullDesC8())
459 BuildSignerInfoCertListAndAlgoritmListL(aDigestAlgorithm,
468 //No way to sign if no data content nor its hash.
469 User::Leave(KErrArgument);
475 EXPORT_C CASN1EncSequence* CCmsSignedObject::EncodeASN1DERLC() const
477 // the root sequence contains the signed object
478 CASN1EncSequence* root = CASN1EncSequence::NewLC();
481 CASN1EncInt* version=CASN1EncInt::NewLC(iVersion);
482 root->AddAndPopChildL(version);
485 CASN1EncBase* algorithm=EncodeAlgorithmsLC();
486 root->AddAndPopChildL(algorithm);
489 // Encode EncapsulatedContentInfo
490 CASN1EncSequence* contentInfo=iContentInfo->EncodeASN1DERLC();
491 root->AddAndPopChildL(contentInfo);
493 // Encode option fields certificates SET
494 CASN1EncBase* cert=EncodeCertificatesLC();
497 root->AddAndPopChildL(cert);
501 CASN1EncBase* signerInfo=EncodeSignerInfoLC();
502 root->AddAndPopChildL(signerInfo);
508 CASN1EncBase* CCmsSignedObject::EncodeCertificatesLC() const
510 return CmsUtils::EncodeCertificatesLC(iCertificates);
513 CASN1EncBase* CCmsSignedObject::EncodeAlgorithmsLC() const
515 return CmsUtils::EncodeDigestAlgorithmsLC(iDigestAlgorithms);
518 CASN1EncBase* CCmsSignedObject::EncodeSignerInfoLC() const
520 CASN1EncSet* signerInfoSet = CASN1EncSet::NewLC();
521 TInt count=iSignerInfo.Count();
523 for (TInt i=0;i<count;i++)
525 CASN1EncSequence* signerInfo=iSignerInfo[i]->EncodeASN1DERLC();
526 signerInfoSet->AddAndPopChildL(signerInfo);
528 return signerInfoSet;
531 EXPORT_C TBool CCmsSignedObject::ValidateSignerLC(const CCmsSignerInfo& aSignerInfo, HBufC8*& aCertChainEncoding)
533 TInt certCount = iCertificates.Count();
534 TInt endEntityPos = -1;
535 TInt endEncodingSize = 0;
536 TPtrC8 endEntityEncoding;
538 TBool valid = EFalse;
540 const CCmsSignerIdentifier& signerId = aSignerInfo.SignerIdentifier();
542 // looks for end entity certificate
543 for(cert = 0; cert < certCount; cert++)
545 if (iCertificates[cert]->CertificateType()==CCmsCertificateChoice::ECertificateX509)
547 const CX509Certificate& certificate = iCertificates[cert]->Certificate();
549 endEncodingSize+= certificate.Encoding().Length();
551 if(endEntityPos == -1)
553 if (signerId.SignerIdentifierType()==CCmsSignerIdentifier::EIssuerAndSerialNumber)
555 if (certificate.IssuerName().ExactMatchL(signerId.IssuerAndSerialNumber()->IssuerName()))
557 RInteger sn1=RInteger::NewL(certificate.SerialNumber());
558 CleanupClosePushL(sn1);
559 RInteger sn2=RInteger::NewL(signerId.IssuerAndSerialNumber()->SerialNumber());
560 CleanupClosePushL(sn2);
564 endEntityEncoding.Set(certificate.Encoding());
565 valid = ValidateSignatureL(aSignerInfo, certificate);
567 CleanupStack::PopAndDestroy(2, &sn1);//sn2, sn1
572 const CX509CertExtension* certExt = certificate.Extension(KSubjectKeyId);
575 CX509SubjectKeyIdExt* ext=CX509SubjectKeyIdExt::NewLC(certExt->Data());
576 if (signerId.SubjectKeyIdentifier().Compare(ext->KeyId())==0)
579 endEntityEncoding.Set(certificate.Encoding());
580 valid = ValidateSignatureL(aSignerInfo, certificate);
582 CleanupStack::PopAndDestroy(ext);
589 // checks if end entity was found
590 if(endEntityPos != -1)
592 // builds the cert chain encoding by putting the end entity first then all remaining
594 aCertChainEncoding = HBufC8::NewLC(endEncodingSize);
595 TPtr8 encodingPtr(aCertChainEncoding->Des());
596 encodingPtr.Copy(endEntityEncoding);
597 for(cert = 0; cert < certCount; cert++)
599 if (iCertificates[cert]->CertificateType()==CCmsCertificateChoice::ECertificateX509)
601 const CX509Certificate& certificate = iCertificates[cert]->Certificate();
602 if(cert != endEntityPos)
604 encodingPtr.Append(certificate.Encoding());
611 User::Leave(KErrNotFound);
617 EXPORT_C TBool CCmsSignedObject::ValidateSignerLC(const CCmsSignerInfo& aSignerInfo, const RPointerArray<CX509Certificate>& aCertificates, HBufC8*& aCertChainEncoding)
619 TInt certCount = aCertificates.Count();
620 TInt endEntityPos = -1;
621 TInt endEncodingSize = 0;
622 TPtrC8 endEntityEncoding;
624 TBool valid = EFalse;
625 const CCmsSignerIdentifier& signerId = aSignerInfo.SignerIdentifier();
627 // looks for end entity certificate
628 for(cert = 0; cert < certCount; cert++)
630 const CX509Certificate& certificate = *aCertificates[cert];
631 endEncodingSize+= certificate.Encoding().Length();
632 if(endEntityPos == -1)
634 if (signerId.SignerIdentifierType()==CCmsSignerIdentifier::EIssuerAndSerialNumber)
636 if (certificate.IssuerName().ExactMatchL(signerId.IssuerAndSerialNumber()->IssuerName()))
638 RInteger sn1=RInteger::NewL(certificate.SerialNumber());
639 CleanupClosePushL(sn1);
640 RInteger sn2=RInteger::NewL(signerId.IssuerAndSerialNumber()->SerialNumber());
641 CleanupClosePushL(sn2);
645 endEntityEncoding.Set(certificate.Encoding());
646 valid = ValidateSignatureL(aSignerInfo, certificate);
648 CleanupStack::PopAndDestroy(2, &sn1);//sn2, sn1
653 const CX509CertExtension* certExt = certificate.Extension(KSubjectKeyId);
656 CX509SubjectKeyIdExt* ext=CX509SubjectKeyIdExt::NewLC(certExt->Data());
657 if (signerId.SubjectKeyIdentifier().Compare(ext->KeyId())==0)
660 endEntityEncoding.Set(certificate.Encoding());
661 valid = ValidateSignatureL(aSignerInfo, certificate);
663 CleanupStack::PopAndDestroy(ext);
669 // checks if end entity was found
670 if(endEntityPos != -1)
672 // builds the cert chain encoding by putting the end entity first then all remaining
674 aCertChainEncoding = HBufC8::NewLC(endEncodingSize);
675 TPtr8 encodingPtr(aCertChainEncoding->Des());
676 encodingPtr.Copy(endEntityEncoding);
677 for(cert = 0; cert < certCount; cert++)
679 const CX509Certificate& certificate = *aCertificates[cert];
681 if(cert != endEntityPos)
683 encodingPtr.Append(certificate.Encoding());
689 User::Leave(KErrNotFound);
696 EXPORT_C TBool CCmsSignedObject::ValidateSignerLC(const CCmsSignerInfo& aSignerInfo, HBufC8*& aCertChainEncoding, TBool aIsHash, const TDesC8& aContentDataOrHash)
700 SetHash(aContentDataOrHash);
704 SetContentData(aContentDataOrHash);
706 return ValidateSignerLC(aSignerInfo, aCertChainEncoding);
709 EXPORT_C TBool CCmsSignedObject::ValidateSignerLC(const CCmsSignerInfo& aSignerInfo, const RPointerArray<CX509Certificate>& aCertificates, HBufC8*& aCertChainEncoding, TBool aIsHash, const TDesC8& aContentDataOrHash)
713 SetHash(aContentDataOrHash);
717 SetContentData(aContentDataOrHash);
719 return ValidateSignerLC(aSignerInfo, aCertificates, aCertChainEncoding);
722 TBool CCmsSignedObject::ValidateSignatureL(const CCmsSignerInfo& aSignerInfo, const CX509Certificate& aEndEntityCert)
724 delete iSigningAlgorithm;
725 iSigningAlgorithm = NULL;
726 iSigningAlgorithm = CX509SigningAlgorithmIdentifier::NewL(aSignerInfo.SignatureAlgorithm(), aSignerInfo.DigestAlgorithm());
730 iSignature = aSignerInfo.SignatureValue().AllocL();
732 if (aSignerInfo.SignatureAlgorithm().Algorithm()==EDSA)
736 CDSAParameters* theDSAParams = iKeyFactory->DSAParametersL(aEndEntityCert.PublicKey().EncodedParams());
737 CleanupStack::PushL(theDSAParams);
738 CSigningKeyParameters* params = CSigningKeyParameters::NewLC();
739 params->SetDSAParamsL(*theDSAParams);
740 SetParametersL(*params);
741 CleanupStack::PopAndDestroy(2, theDSAParams);
744 if (iContentInfo->IsContentDataPresent() || iContentData != KNullDesC8)
746 return VerifySignatureL(aEndEntityCert.PublicKey().KeyData());
748 else if (iHash!=KNullDesC8)
750 return VerifySignatureL(aEndEntityCert.PublicKey().KeyData(), iHash);
754 User::Leave(KErrArgument);
760 void CCmsSignedObject::InitSignedObjectL(const TDesC8& aRawData)
762 // Populate CSignedObject data members
763 iKeyFactory = new (ELeave) TX509KeyFactory;
764 iEncoding = aRawData.AllocL();
766 CSHA1* hash = CSHA1::NewL();
767 CleanupStack::PushL(hash);
768 iFingerprint = hash->Hash(Encoding()).AllocL();
769 CleanupStack::PopAndDestroy(hash);
772 void CCmsSignedObject::DecodeSignedDataL(const TDesC8& aRawData)
774 CArrayPtr<TASN1DecGeneric>* signedData = PKCS7ASN1::DecodeSequenceLC(aRawData, KCmsMinSignedDataElements, KCmsMaxSignedDataElements);
775 TInt totalItems = signedData->Count();
776 TASN1DecInteger decInt;
779 iDataElements.At(EVersionNumber) = new(ELeave) TPtrC8(signedData->At(0)->GetContentDER());
780 iVersion = decInt.DecodeDERShortL(*signedData->At(0));
781 if (iVersion>4 || iVersion<0)
783 User::Leave(KErrArgument);
785 // decodes algorithms
786 iDataElements.At(EDigestAlgorithms) = new(ELeave) TPtrC8(signedData->At(1)->GetContentDER());
787 DecodeDigestAlgorithmsL(signedData->At(1)->Encoding());
788 // decodes contentinfo
789 iDataElements.At(EEncapsulatedContentInfo) = new(ELeave) TPtrC8(signedData->At(2)->GetContentDER());
790 DecodeEncapsulatedContentInfoL(signedData->At(2)->Encoding());
792 // Checks for optional fields
793 TInt pos = 3; // Skip first non-optional fields
796 const TASN1DecGeneric& currentItem = *signedData->At(pos);
797 switch(currentItem.Tag())
799 case KSignedDataCertificates:
801 if (currentItem.Class()!=EContextSpecific)
803 User::Leave(KErrArgument);
805 iIsCertificateSetPresent=ETrue;
806 iDataElements.At(ECertificates) = new(ELeave) TPtrC8(currentItem.GetContentDER());
807 DecodeCertificatesL(currentItem.Encoding());
810 case KSignedDataRevocationLists:
812 if (currentItem.Class()!=EContextSpecific)
814 User::Leave(KErrArgument);
816 iIsCertificateRevocationListsPresent=ETrue;
817 iDataElements.At(ERevocationLists) = new(ELeave) TPtrC8(currentItem.GetContentDER());
818 DecodeRevocationListsL(currentItem.Encoding());
823 //Optional field with wrong tag and class
824 if (pos<totalItems-1)
826 User::Leave(KErrArgument);
828 // else Non-optional field
833 while(pos < totalItems);
835 iDataElements.At(ESignedInfo) = new(ELeave) TPtrC8(signedData->At(totalItems-1)->GetContentDER());
836 DecodeSignerInfoL(signedData->At(totalItems-1)->Encoding());
838 CleanupStack::PopAndDestroy(signedData);
841 void CCmsSignedObject::DecodeDigestAlgorithmsL(const TDesC8& aRawData)
843 CmsUtils::DecodeDigestAlgorithmsL(iDigestAlgorithms, aRawData);
846 void CCmsSignedObject::DecodeCertificatesL(const TDesC8& aRawData)
848 CmsUtils::DecodeCertificatesL(iCertificates, aRawData);
851 void CCmsSignedObject::DecodeRevocationListsL(const TDesC8& /*aRawData*/)
855 EXPORT_C const TPtrC8 CCmsSignedObject::SignedDataL() const
857 if (iContentInfo->IsContentDataPresent())
859 return iContentInfo->ContentData();
863 if (iContentData!=KNullDesC8)
869 User::Leave(KErrArgument);
875 EXPORT_C void CCmsSignedObject::InternalizeL(RReadStream& /*aStream*/)
877 User::Leave(KErrNotSupported);
880 EXPORT_C const TPtrC8* CCmsSignedObject::DataElementEncoding(const TUint aIndex) const
882 return iDataElements.At(aIndex);
885 void CCmsSignedObject::SetContentData(const TDesC8& aContentData)
887 iContentData.Set(aContentData);
890 void CCmsSignedObject::SetHash(const TDesC8& aHash)