diff -r 000000000000 -r bde4ae8d615e os/security/cryptoservices/certificateandkeymgmt/inc/pkcs12bags.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/os/security/cryptoservices/certificateandkeymgmt/inc/pkcs12bags.h Fri Jun 15 03:10:57 2012 +0200 @@ -0,0 +1,454 @@ +/* +* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* +*/ + + +/** + @file + @publishedPartner + @released +*/ + +#ifndef __PKCS12_BAGS_H__ +#define __PKCS12_BAGS_H__ + +#include +#include +#include +#include +#include +#include +#include +#include + +namespace PKCS12 +{ +/** Object identifier for KeyBag */ +_LIT(KPkcs12KeyBagOID, "1.2.840.113549.1.12.10.1.1"); + +/** Object identifier for ShroudedKeyBag */ +_LIT(KPkcs12ShroudedKeyBagOID, "1.2.840.113549.1.12.10.1.2"); + +/** Object identifier for CertBag */ +_LIT(KPkcs12CertBagOID, "1.2.840.113549.1.12.10.1.3"); + +/** Object identifier for CrlBag */ +_LIT(KPkcs12CrlBagOID, "1.2.840.113549.1.12.10.1.4"); + +/** Object identifier for SecretBag */ +_LIT(KPkcs12SecretBagOID, "1.2.840.113549.1.12.10.1.5"); + +/** Object identifier for SafeContentsBag */ +_LIT(KPkcs12SafeContentsBagOID, "1.2.840.113549.1.12.10.1.6"); + +/** Object identifier for x509 certificate */ +_LIT(KX509CertificateOID,"1.2.840.113549.1.9.22.1"); + +/** + This class decodes the KeyBag present in the SafeBag. + It has a method to get the PrivatKeyInfo + */ +class CDecPkcs12KeyBag : public CDecPkcs12SafeBag + { +public: + /** + Creates a new PKCS#12KeyBag object. + + @param aSafeBagData Contains a PKCS#12 SafeBag Structure. + @return A pointer to the newly allocated object. + @leave KErrAgrument if the data is not a sequence or class tag name + is not Universal and if iPrivateKeyInfo is NULL. + */ + IMPORT_C static CDecPkcs12KeyBag* NewL(const TDesC8& aSafeBagData); + + /** + The PrivateKey information present in the KeyBag. + The returned ASN1 sequence respects the following grammar: + + PrivateKeyInfo ::= SEQUENCE { + version Version, + privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, + privateKey PrivateKey, + attributes [0] IMPLICIT Attributes OPTIONAL } + + Version ::= INTEGER + PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier + PrivateKey ::= OCTET STRING + Attributes ::= SET OF Attribute + + @return A pointer to a CDecPKCS8Data object. Ownership of memory is transferred + to the caller. + @see CDecPKCS8Data + */ + IMPORT_C CDecPKCS8Data* PrivateKeyInfoL() const; + + /** + Destructor. + */ + virtual ~CDecPkcs12KeyBag(); + +private: + /** + Decodes the entire KeyBag structure. + @param aSafeBagData Contains a PKCS#12 SafeBag Structure. + @leave KErrAgrument if the data is not a sequence or class tag name + is not Universal and if iPrivateKeyInfo is NULL. + @see TASN1DecPKCS8 + */ + void ConstructL(const TDesC8& aSafeBagData); + + /** + Constructor. + */ + CDecPkcs12KeyBag(); + + /** + Copy Constructor. + @param aDecPkcs12keyBag A CDecPkcs12KeyBag object. + */ + CDecPkcs12KeyBag(const CDecPkcs12KeyBag& aDecPkcs12keyBag); + + /** + Assignment operator. + @param aDecPkcs12keyBag A CDecPkcs12KeyBag object. + @return A CDecPkcs12KeyBag class. + */ + CDecPkcs12KeyBag& operator=(const CDecPkcs12KeyBag& aDecPkcs12keyBag); +}; + + +/** + This class decodes the ShroudedKeyBag present in the SafeBag. + It has a method to get the PrivatKeyInfo + */ +class CDecPkcs12ShroudedKeyBag : public CDecPkcs12SafeBag + { +public: + /** + Creates a new PKCS#12KeyBag object. + + @param aSafeBagData Contains a PKCS#12 shroudedKeyBag structure. + @return A pointer to the newly allocated object. + @leave KErrAgrument if the data is not safeBag structure. + */ + IMPORT_C static CDecPkcs12ShroudedKeyBag* NewL(const TDesC8& aSafeBagData); + + /** + The PrivateKey Information present in the ShroudKeyBag. + Below is the ASN.1 sequence. + + ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier + + AlgorithmIdentifier: A type that identifies an algorithm (by object identifier) and associated parameters + AlgorithmIdentifier ::= SEQUENCE + { + algorithm ALGORITHM.&id({SupportedAlgorithms}), + parameters ALGORITHM.&Type({SupportedAlgorithms}{@ algorithm}) OPTIONAL + } + + @return A pointer to a CDecPKCS8Data object. Ownership is transferred to the caller. + @leave KErrAgrument if the data is not a sequence or class tag name + is not Universal. + @leave KErrNotSupported if otherthan PKCS12 pbeIds. + @leave KErrGeneral if the decryption of the final part length is less than 0. + @see TASN1DecPKCS5, CPBEncryptElement, PKCS12KDF, CPBDecryptor, CDecPKCS8Data. + */ + IMPORT_C CDecPKCS8Data* PrivateKeyInfoL(TDesC& aPassword) const; + + /** + Destructor. + */ + virtual ~CDecPkcs12ShroudedKeyBag(); + +private: + /** + This decodes the entire KeyBag structure. + @param aSafeBagData Contains a PKCS#12 shroudedKeyBag Structure. + @leave KErrAgrument if the data is not a sequence or class tag name + is not Universal. + @see TASN1DecPKCS8 + */ + void ConstructL(const TDesC8& aSafeBagData); + + /** + Constructor. + */ + CDecPkcs12ShroudedKeyBag(); + + /** + Copy Constructor. + @param aDecPkcs12ShroudedKeyBag A CDecPkcs12ShroudedKeyBag object. + @return A CDecPkcs12ShroudedKeyBag class. + */ + CDecPkcs12ShroudedKeyBag(const CDecPkcs12ShroudedKeyBag& aDecPkcs12ShroudedKeyBag); + + /** + Assignment operator. + @param aDecPkcs12ShroudedKeyBag A CDecPkcs12ShroudedKeyBag object. + */ + CDecPkcs12ShroudedKeyBag& operator=(const CDecPkcs12ShroudedKeyBag& aDecPkcs12ShroudedKeyBag); + }; + + +/** + This class decodes the CertBag + It has methods to get the CertId and the CertValue present in the CertBag + The X509Certificate() method returns the x509 certificate + in case the CertId is x509 + */ +class CDecPkcs12CertBag : public CDecPkcs12SafeBag + { +public: + /** + Creates a new PKCS#12CertBag object. + + @param aCertBagData contains a PKCS#12 CertBag Structure. + @leave KErrArgument if the data is not a sequence or class tag name + is not Universal. + @leave KErrNotSupported if otherthan X509 certificate is present. + @return A pointer to the newly allocated object. + */ + IMPORT_C static CDecPkcs12CertBag* NewL(const TDesC8& aCertBagData); + + /** + This method returns the OID present in the certId field of CertBag sequence. + @return Returns OID present in the certId feild of CertBag sequence + */ + IMPORT_C const TDesC& CertId() const; + + /** + This method returns the DER encoded certValue present in the CertBag sequence. + @return The DER encoded certValue present in the CertBag sequence. + @see X509Certificate + */ + IMPORT_C const TDesC8& CertValue() const; + + /** + This method returns the decoded x509 certificate. + @return Returns a pointer to a CX509Certificate object if the certificate of type + X509; otherwise, null is returned. Ownership of memory is transferred to the caller. + @see CertValue + */ + IMPORT_C CX509Certificate* X509CertificateL() const; + + /** + Destructor. + */ + virtual ~CDecPkcs12CertBag(); +private: + /** + This decodes the entire CertBag structure. + @param aCertBagData contains a PKCS#12 CertBag Structure. + @leave KErrArgument if the data is not a sequence or class tag name + is not Universal. + @see CDecPkcs12SafeBag, CX509Certificate. + */ + void ConstructL(const TDesC8& aCertBagData); + + /** + Constructor. + */ + CDecPkcs12CertBag(); + + /** + Copy Constructor. + @param aDecPkcs12CertBag A CDecPkcs12CertBag object. + */ + CDecPkcs12CertBag(const CDecPkcs12CertBag& aDecPkcs12CertBag); + + /** + Assignment operator. + @param aDecPkcs12CertBag A CDecPkcs12CertBag object. + @return A CDecPkcs12CertBag class. + */ + CDecPkcs12CertBag& operator=(const CDecPkcs12CertBag& aDecPkcs12CertBag); + +private: + /** Contains Object identifier indicating the certificate type*/ + HBufC* iCertId; + + /** Contains the certificate which is encoded and is an OCTET String */ + TPtrC8 iCertValue; + }; + +/** + Decodes the SafeContents bag present within a SafeBag and + returns an array of Safebags present within this SafeContents bag. + */ +class CDecPkcs12SafeContentsBag : public CDecPkcs12SafeBag + { +public: + /** + Creates a new PKCS#12SafeContentsBag object. + + @param aSafeContentsBagData Contains a PKCS#12 SafeBag structure. + @return A pointer to the newly allocated object. + @leave KErrArgument if the data is not a sequence or class tag name + is not Universal. + */ + IMPORT_C static CDecPkcs12SafeContentsBag* NewL(const TDesC8& aSafeContentsBagData); + /** + The SafeContents Bag contains one or more Safe Bags in it.This + method returns the reference to all these SafeBags. + + @return An array of SafeBags present within the SafeContentsBag + */ + IMPORT_C const RPointerArray& SafeBags() const; + + /** + Destructor. + */ + virtual ~CDecPkcs12SafeContentsBag(); + +private: + /** + This decodes the entire SafeContentsBag structure. + @param aSafeContentsBagData Contains a PKCS#12 SafeBag structure. + @leave KErrArgument if the data is not a sequence or class tag name + is not Universal. + @see CDecPkcs12SafeBag + */ + void ConstructL(const TDesC8& aSafeContentsBagData); + + /** + Constructor. + */ + CDecPkcs12SafeContentsBag(); + + /** + Copy Constructor. + @param aDecPkcs12SafeContentsBag A CDecPkcs12SafeContentsBag object. + */ + CDecPkcs12SafeContentsBag(const CDecPkcs12SafeContentsBag& aDecPkcs12SafeContentsBag); + + /** + Assignment operator. + @param aDecPkcs12SafeContentsBag A CDecPkcs12SafeContentsBag object. + @return A reference to CDecPkcs12SafeContentsBag class. + */ + CDecPkcs12SafeContentsBag& operator=(const CDecPkcs12SafeContentsBag& aDecPkcs12SafeContentsBag); + +private: + /** Contains an array of SafeBags present within the SafeContents Bag */ + RPointerArray iSafeBags; + }; + +class CDecPkcs12SafeContents : public CBase + { +public: + /** + Creates a new CDecPkcs12SafeContents object for plain Data. + + @param aSafeContentsBagData Contains a PKCS#7 ContentInfo Structure. + @return A pointer to the newly allocated object. + @leave KErrArgument if the data is not a sequence or class tag name + is not Universal. + */ + IMPORT_C static CDecPkcs12SafeContents* NewL(const CPKCS7ContentInfo& aSafeContentsBagData); + + /** + Creates a new CDecPkcs12SafeContents object for Encrypted Data. + + @param aSafeContentsBagData Contains a PKCS#7 ContentInfo Structure. + @param aPassword aPassword is the password used for decryption. + @return A pointer to the newly allocated object. + @leave KErrArgument if the data is not a sequence or class tag name + is not Universal. + */ + IMPORT_C static CDecPkcs12SafeContents* NewL(const CPKCS7ContentInfo& aSafeContentsBagData, const TDesC& aPassword); + + /** + Creates a new CDecPkcs12SafeContents object for Enveloped Data. + The class doesn't support the public key privacy mode if the + ContentInfo contains an EnvelopedData object.Client should decrypt + the Envelope Data. A recipient opens the envelope by decrypting the + one of the encrypted content-encryption keys with the recipient's + private key and decrypts the encrypted content with the recovered + content-encryption key and pass the plain data. + @param aSafeContentsBagData Contains a PKCS#7 ContentInfo Structure ContentData. + @return A pointer to the newly allocated object. + @leave KErrArgument if the data is not a sequence or class tag name + is not Universal. + */ + IMPORT_C static CDecPkcs12SafeContents* NewL(const TDesC8& aSafeContentsBagData); + + /** + The method returns the plain data. + @return A pointer to descriptor containing decrypted data. + Returns NULL pointer if the decrypted data is not present. + */ + IMPORT_C const TDesC8* DecryptedData() const; + + /** + The method returns array of safebags objects. + @return A pointer to array of safeBag objects. + */ + IMPORT_C const RPointerArray& SafeContentsBags() const; + + /** + Destructor. + */ + virtual ~CDecPkcs12SafeContents(); + +private: + /** + These objects represents the SafeBag Sequences present in the + SafeContents Bag Sequence. + + @param aSafeContent Contains data to decode the bags. + @leave KErrArgument if the aSafeContent is not a Sequence and class tag is not Universal. + @leave KErrNotSupported if any bag otherthan keyBag, shroudedKeyBag,CertBag,CRLBag,SecretBag + and SafeContentBag. + @see CDecPkcs12SafeBag + */ + void ConstructL(const TDesC8& aSafeContent); + + /** + This method decrypts the encrypted information. + @param aContentInfo Contains a PKCS#7 ContentInfo Structure. + @param aPassword is the password used for decryption. + */ + void DecodeEncryptedDataL(const CPKCS7ContentInfo& aContentInfo, const TDesC& aPassword); + + /** + Constructor. + */ + CDecPkcs12SafeContents(); + + /** + Copy Constructor. + @param aDecPkcs12SafeContents A CDecPkcs12SafeContents object. + */ + CDecPkcs12SafeContents(const CDecPkcs12SafeContents& aDecPkcs12SafeContents); + + /** + Assignment operator. + @param aDecPkcs12SafeContents A CDecPkcs12SafeContents object. + @return A reference to CDecPkcs12SafeContents class. + */ + CDecPkcs12SafeContents& operator=(const CDecPkcs12SafeContents& aDecPkcs12SafeContents); + + +private: + /** Contains an array of SafeBags objects */ + RPointerArray iSafeBags; + + /** Contains plain data */ + HBufC8* iDecryptedData; + + }; +} // namespace PKCS12 +#endif // __PKCS12BAGS_H__