sl@0: #ifndef __X509UTILS_H__ sl@0: #define __X509UTILS_H__/* sl@0: * Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies). sl@0: * All rights reserved. sl@0: * This component and the accompanying materials are made available sl@0: * under the terms of the License "Eclipse Public License v1.0" sl@0: * which accompanies this distribution, and is available sl@0: * at the URL "http://www.eclipse.org/legal/epl-v10.html". sl@0: * sl@0: * Initial Contributors: sl@0: * Nokia Corporation - initial contribution. sl@0: * sl@0: * Contributors: sl@0: * sl@0: * Description: sl@0: * sl@0: */ sl@0: sl@0: sl@0: /** sl@0: @file sl@0: @internalComponent sl@0: */ sl@0: enum TCertificateFormat sl@0: { sl@0: EX509Certificate = 0x00, sl@0: EWTLSCertificate = 0x01, sl@0: EX968Certificate = 0x02, sl@0: EUnknownCertificate = 0x0f, sl@0: EX509CertificateUrl = 0x10, sl@0: EWTLSCertificateUrl = 0x11, sl@0: EX968CertificateUrl = 0x12 sl@0: }; sl@0: sl@0: const TInt KSHA1HashLengthInBytes = 20; sl@0: typedef TBuf8 TSHA1Hash; sl@0: typedef TSHA1Hash TKeyIdentifier; sl@0: sl@0: struct KeyIdentifierObject sl@0: { sl@0: bool iAutoKey; // iHash needs generating by us, or matched the value we would generate! sl@0: TKeyIdentifier iHash; sl@0: }; sl@0: sl@0: void EncodeHuman(REncodeWriteStream& aStream,const KeyIdentifierObject &aKeyId); sl@0: void DecodeHuman(RDecodeReadStream& aStream, KeyIdentifierObject &aKeyId); sl@0: sl@0: RWriteStream& operator<<(RWriteStream& aStream,const KeyIdentifierObject& aKeyId); sl@0: RReadStream& operator>>(RReadStream& aStream, KeyIdentifierObject& aKeyId); sl@0: sl@0: sl@0: enum EUseCertificateExtension sl@0: { sl@0: KIgnoreCertificateExtension, sl@0: KUseCertificateExtension sl@0: }; sl@0: sl@0: sl@0: /** sl@0: Get the subject key id from the certificate extension or calculate sl@0: it from the public key (as specified in rfc3280 4.2.1.2 method 1). sl@0: sl@0: The subject name and subject key id are returned. sl@0: sl@0: WARNING: This function is NOT valid for client certs. For client sl@0: certs, the subject key id in the certificate store MUST match the id sl@0: of the key in the keystore. sl@0: sl@0: If ok return true. sl@0: sl@0: If the certificate is invalid then exit the program with an error message! sl@0: */ sl@0: bool X509SubjectKeyId(EUseCertificateExtension aUseExtension, bool aUseRfc3280Algorithm, sl@0: bool aIsCa, const std::string &aCert, sl@0: std::string &aSubject, TKeyIdentifier &aSubjectKeyId); sl@0: sl@0: /** sl@0: Get the issuer key id from the certificate authority key id extension. sl@0: sl@0: The issuer name and issuer key id are returned. sl@0: sl@0: If ok return true. sl@0: sl@0: If the certificate is invalid then exit the program with an error message! sl@0: */ sl@0: bool X509IssuerKeyId(EUseCertificateExtension aUseExtension, sl@0: const TUint8 *aCert, TUint32 aCertLength, sl@0: std::string &aIssuer, sl@0: TKeyIdentifier &aIssuerKeyId); sl@0: sl@0: /** sl@0: Convert the DER certificate into PEM form sl@0: */ sl@0: void Der2Pem(const std::string &aDerCert, std::string &aPemCert); sl@0: sl@0: /** sl@0: Convert the PEM certificate into DER form sl@0: sl@0: Returns true if conversion succeeds sl@0: */ sl@0: bool Pem2Der(const std::string &aPemCert, std::string &aDerCert); sl@0: #endif