sl@0: /*
sl@0: * Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0: * All rights reserved.
sl@0: * This component and the accompanying materials are made available
sl@0: * under the terms of the License "Eclipse Public License v1.0"
sl@0: * which accompanies this distribution, and is available
sl@0: * at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0: *
sl@0: * Initial Contributors:
sl@0: * Nokia Corporation - initial contribution.
sl@0: *
sl@0: * Contributors:
sl@0: *
sl@0: * Description:
sl@0: *
sl@0: */
sl@0:
sl@0:
sl@0: /**
sl@0: @file
sl@0: @publishedAll
sl@0: @released
sl@0: */
sl@0:
sl@0: #ifndef __WTLSCERT_H__
sl@0: #define __WTLSCERT_H__
sl@0:
sl@0: #include <e32base.h>
sl@0: #include <e32std.h>
sl@0: #include <s32std.h>
sl@0: #include <signed.h>
sl@0: #include <unifiedcertstore.h>
sl@0: #include <wtlsnames.h>
sl@0:
sl@0:
sl@0: class CRSAPublicKey;
sl@0: class CDSAPublicKey;
sl@0: class CDSASignature;
sl@0: class CDSAParameters;
sl@0:
sl@0: const TInt KWTLSCertMaxDataElements = 6;
sl@0:
sl@0: class CWTLSRSASignatureResult : public CRSASignatureResult
sl@0: {
sl@0: public:
sl@0: IMPORT_C static CWTLSRSASignatureResult* NewL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
sl@0: IMPORT_C static CWTLSRSASignatureResult* NewLC(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
sl@0: IMPORT_C virtual TBool VerifyL(const TDesC8& aResult);
sl@0: private:
sl@0: void ConstructL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
sl@0: };
sl@0:
sl@0: class TWTLSKeyFactory : public TKeyFactory
sl@0: {
sl@0: public:
sl@0: virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const;
sl@0: virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const;
sl@0: virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const;
sl@0: virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const;
sl@0: virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const;
sl@0: virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const;
sl@0: };
sl@0:
sl@0: class CWTLSValidityPeriod : public CValidityPeriod
sl@0: {
sl@0: public:
sl@0: IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData);
sl@0: IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData);
sl@0: IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData, TInt& aPos);
sl@0: private:
sl@0: CWTLSValidityPeriod();
sl@0: void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: };
sl@0:
sl@0: class CWTLSAlgorithmIdentifier : public CAlgorithmIdentifier
sl@0: {
sl@0: public:
sl@0: IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData);
sl@0: IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData);
sl@0: IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos);
sl@0: private:
sl@0: CWTLSAlgorithmIdentifier();
sl@0: void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: };
sl@0:
sl@0: class CWTLSSigningAlgorithmIdentifier : public CSigningAlgorithmIdentifier
sl@0: {
sl@0: public:
sl@0: IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData);
sl@0: IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData);
sl@0: IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos);
sl@0: private:
sl@0: CWTLSSigningAlgorithmIdentifier();
sl@0: void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: };
sl@0:
sl@0: class CWTLSSubjectPublicKeyInfo : public CSubjectPublicKeyInfo
sl@0: {
sl@0: public:
sl@0: IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData);
sl@0: IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData);
sl@0: IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos);
sl@0: private:
sl@0: CWTLSSubjectPublicKeyInfo();
sl@0: void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: };
sl@0:
sl@0: _LIT(KWTLSTCAType, " T");
sl@0: _LIT(KWTLSTCAValue, "ca");
sl@0:
sl@0: class CWTLSCertificate : public CCertificate
sl@0: {
sl@0: public:
sl@0: enum //enum values for encoded data element positions in tbsCert data structure
sl@0: { //these values are to be used as params to DataElementEncoding() function
sl@0: EVersionNumber = 0,
sl@0: EAlgorithmId = 1,
sl@0: EIssuerName = 2,
sl@0: EValidityPeriod = 3,
sl@0: ESubjectName = 4,
sl@0: ESubjectPublicKeyInfo = 5,
sl@0: };
sl@0:
sl@0: /**
sl@0: * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation.
sl@0: *
sl@0: * @param aBinaryData The encoded binary representation.
sl@0: * @return The new CWTLSCertificate object.
sl@0: */
sl@0: IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData);
sl@0:
sl@0: /**
sl@0: * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation,
sl@0: * and puts a pointer to it onto the cleanup stack.
sl@0: *
sl@0: * @param aBinaryData The encoded binary representation.
sl@0: * @return The new CWTLSCertificate object.
sl@0: */
sl@0: IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData);
sl@0:
sl@0: /**
sl@0: * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation.
sl@0: *
sl@0: * @param aBinaryData The encoded binary representation.
sl@0: * @param aPos An offset into the descriptor, and is updated to the position at the end of the object.
sl@0: * @return The new CWTLSCertificate object.
sl@0: */
sl@0: IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData, TInt& aPos);
sl@0:
sl@0: /**
sl@0: * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation,
sl@0: * and puts a pointer to it onto the cleanup stack.
sl@0: *
sl@0: * @param aBinaryData The encoded binary representation.
sl@0: * @param aPos An offset into the descriptor, and is updated to the position at the end of the object.
sl@0: * @return The new CWTLSCertificate object.
sl@0: */
sl@0: IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData, TInt& aPos);
sl@0:
sl@0: /**
sl@0: * Creates a new CWTLSCertificate object from a stream.
sl@0: *
sl@0: * The stream must have been written using the corresponding ExternalizeL() function.
sl@0: *
sl@0: * @param aStream The stream to be used as input.
sl@0: * @return The new CWTLSCertificate object.
sl@0: */
sl@0: IMPORT_C static CWTLSCertificate* NewL(RReadStream& aStream);
sl@0:
sl@0: /**
sl@0: * Creates a new CWTLSCertificate object from a stream,
sl@0: * and puts a pointer to it onto the cleanup stack.
sl@0: *
sl@0: * The stream must have been written using the corresponding ExternalizeL() function.
sl@0: *
sl@0: * @param aStream The stream to be used as input.
sl@0: * @return The new CWTLSCertificate object.
sl@0: */
sl@0: IMPORT_C static CWTLSCertificate* NewLC(RReadStream& aStream);
sl@0:
sl@0: /**
sl@0: * Creates a new CWTLSCertificate object from an existing one in the certificate store.
sl@0: *
sl@0: * @param aCert The certificate to be copied.
sl@0: * @return The new CWTLSCertificate object.
sl@0: */
sl@0: IMPORT_C static CWTLSCertificate* NewL(const CWTLSCertificate& aCert);
sl@0:
sl@0: /**
sl@0: * Creates a new CWTLSCertificate object from an existing one in the certificate store,
sl@0: * and puts a pointer to it onto the cleanup stack.
sl@0: *
sl@0: * @param aCert The certificate to be copied.
sl@0: * @return The new CWTLSCertificate object.
sl@0: */
sl@0: IMPORT_C static CWTLSCertificate* NewLC(const CWTLSCertificate& aCert);
sl@0:
sl@0: /**
sl@0: * Destructor.
sl@0: *
sl@0: * Frees all resources owned by the object, prior to its destruction.
sl@0: */
sl@0: IMPORT_C ~CWTLSCertificate();
sl@0:
sl@0: /**
sl@0: * Tests whether this WTLS certificate is the same as the specified WTLS certificate.
sl@0: *
sl@0: * This is not a simple as it sounds. For X.509 certificates equality means that the issuer name
sl@0: * and serial number fields are the same. This guarantees equality since a CA must ensure that every
sl@0: * certificate it issues has a unique serial number. But WTLS certificates do not include serial numbers,
sl@0: * so there seems to be no definition of equality. This function uses a byte-for-byte comparison of the
sl@0: * signatures on the certificates: this should not result in any false positives, but may give false
sl@0: * negatives if CAs do naughty things like recertifying the same key (which they have been known to do).
sl@0: *
sl@0: * @param aCert A WTLS certificate
sl@0: * @return ETrue, if the parameter is the same certificate; EFalse, otherwise.
sl@0: */
sl@0: IMPORT_C TBool IsEqualL(const CWTLSCertificate& aCert) const;
sl@0:
sl@0: //extra accessors
sl@0:
sl@0: /**
sl@0: * Gets the version number of the WTLS certificate.
sl@0: *
sl@0: * @return The version number of the certificate. Always returns 1.
sl@0: */
sl@0: IMPORT_C TInt Version() const;
sl@0:
sl@0: /**
sl@0: * Gets the name of the WTLS certificate's issuing authority.
sl@0: *
sl@0: * @return A WTLS name:
sl@0: * @li If the name is an X.500 DN, then if the name contains a Common name, that will be returned.
sl@0: * Otherwise, if the name contains an Organization name, that will be returned. Otherwise an empty
sl@0: * string will be returned.
sl@0: * @li If the name is of type text, then if the name is not a 'structured' name the entire string will
sl@0: * be returned, otherwise the same procedure will be followed as for X.509 certificates.
sl@0: * @li If the name is null an empty string will be returned.
sl@0: */
sl@0: // Unsupported -- If the name is a key hash or binary value the entire contents will be returned.
sl@0: IMPORT_C const CWTLSName& IssuerName() const;
sl@0:
sl@0: /**
sl@0: * Gets the name of the owner of the public key the WTLS certificate contains.
sl@0: *
sl@0: * @return A WTLS name.
sl@0: */
sl@0: IMPORT_C const CWTLSName& SubjectName() const;
sl@0: IMPORT_C virtual TBool IsSelfSignedL() const;
sl@0: IMPORT_C virtual HBufC* SubjectL() const;
sl@0: IMPORT_C virtual HBufC* IssuerL() const;
sl@0:
sl@0: /**
sl@0: * Initialises the certificate from a stream.
sl@0: *
sl@0: * This should not be called by client code; instead the static factory function above should be used.
sl@0: * If a client is using the certstore component for storage then it should use CCertStore::AddL() for
sl@0: * externalizing and CWTLSCert::NewL(CCertStore& aStore, const CCertStoreEntry& aEntry); for restoring.
sl@0: *
sl@0: * @param aStream
sl@0: */
sl@0: IMPORT_C void InternalizeL(RReadStream& aStream);
sl@0:
sl@0: /**
sl@0: * Gets the certificate's signed data.
sl@0: *
sl@0: * @return A non-modifiable pointer descriptor representing the certificate's signed data.
sl@0: */
sl@0: IMPORT_C const TPtrC8 SignedDataL() const;
sl@0:
sl@0: /**
sl@0: * Gets the encoding for a data element at the specified index.
sl@0: *
sl@0: * @param aIndex The position of the encoded data element.
sl@0: */
sl@0: IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const;
sl@0:
sl@0: /**
sl@0: * Tests whether a non-selfsigned certificate can be used to sign others.
sl@0: *
sl@0: * Currently this only supports structured text variety of WTLS certificates.
sl@0: * Other certificate types will return EFalse.
sl@0: *
sl@0: * @return ETrue, if the certificate is capable of signing other certificates; otherwise, EFalse.
sl@0: */
sl@0: IMPORT_C TBool IsTCAL() const;
sl@0: private:
sl@0: CWTLSCertificate();
sl@0: void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: void ConstructL(const CWTLSCertificate& aCertificate);
sl@0: void ConstructCertL(const TDesC8& aBinaryData, TInt& aPos);
sl@0: void InitEncodedDataElementsL();
sl@0: //private data
sl@0: TInt iVersion;
sl@0: CWTLSName* iIssuerName;
sl@0: CWTLSName* iSubjectName;
sl@0: TFixedArray<TPtrC8*, KWTLSCertMaxDataElements>* iDataElements;
sl@0: };
sl@0:
sl@0: #endif