epoc32/include/x509cert.h
author William Roberts <williamr@symbian.org>
Tue, 16 Mar 2010 16:12:26 +0000
branchSymbian2
changeset 2 2fe1408b6811
parent 0 061f57f2323e
child 4 837f303aceeb
permissions -rw-r--r--
Final list of Symbian^2 public API header files
williamr@2
     1
/*
williamr@2
     2
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
williamr@2
     3
* All rights reserved.
williamr@2
     4
* This component and the accompanying materials are made available
williamr@2
     5
* under the terms of the License "Eclipse Public License v1.0"
williamr@2
     6
* which accompanies this distribution, and is available
williamr@2
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
williamr@2
     8
*
williamr@2
     9
* Initial Contributors:
williamr@2
    10
* Nokia Corporation - initial contribution.
williamr@2
    11
*
williamr@2
    12
* Contributors:
williamr@2
    13
*
williamr@2
    14
* Description: 
williamr@2
    15
* X509 certificate implementation
williamr@2
    16
*
williamr@2
    17
*/
williamr@2
    18
williamr@2
    19
williamr@2
    20
williamr@2
    21
williamr@2
    22
/**
williamr@2
    23
 @file 
williamr@2
    24
 @internalAll
williamr@2
    25
*/
williamr@2
    26
 
williamr@2
    27
#ifndef __X509CERT_H__
williamr@2
    28
#define __X509CERT_H__
williamr@2
    29
williamr@2
    30
#include <e32base.h>
williamr@2
    31
#include <e32std.h>
williamr@2
    32
#include <s32std.h>
williamr@2
    33
#include <signed.h>
williamr@2
    34
#include <x500dn.h>
williamr@2
    35
#include <asn1enc.h>
williamr@2
    36
williamr@2
    37
_LIT(KMD2WithRSA,"1.2.840.113549.1.1.2");
williamr@2
    38
_LIT(KMD5WithRSA,"1.2.840.113549.1.1.4");
williamr@2
    39
_LIT(KSHA1WithRSA,"1.2.840.113549.1.1.5");
williamr@2
    40
_LIT(KDSAWithSHA1,"1.2.840.10040.4.3");
williamr@2
    41
williamr@2
    42
_LIT(KRSA,"1.2.840.113549.1.1.1");
williamr@2
    43
_LIT(KDH,"1.2.840.10046.2.1");
williamr@2
    44
_LIT(KDSA,"1.2.840.10040.4.1");
williamr@2
    45
_LIT(KMD5,"1.2.840.113549.2.5");
williamr@2
    46
_LIT(KMD2,"1.2.840.113549.2.2");
williamr@2
    47
_LIT(KSHA1,"1.3.14.3.2.26");
williamr@2
    48
williamr@2
    49
/** The maximum number of allowed data elements.
williamr@2
    50
* 
williamr@2
    51
* @since v7.0 */
williamr@2
    52
const TInt KX509MaxDataElements = 10;
williamr@2
    53
williamr@2
    54
class CRSAPublicKey;
williamr@2
    55
class CDSAPublicKey;
williamr@2
    56
class CDSASignature;
williamr@2
    57
class CDSAParameters;
williamr@2
    58
williamr@2
    59
class CPKCS1SignatureResult : public CRSASignatureResult
williamr@2
    60
/** The signature result in PKCS#1 format.
williamr@2
    61
* 
williamr@2
    62
* @publishedAll
williamr@2
    63
* @released
williamr@2
    64
* @since v6.0 */
williamr@2
    65
	{
williamr@2
    66
public:
williamr@2
    67
	/** Creates a new algorithm ID object copied from an existing object.
williamr@2
    68
	* 
williamr@2
    69
	* @param aDigestAlgorithm	The algorithm ID object to be copied.
williamr@2
    70
	* @param aDigest			A non-modifiable descriptor representing the digest algorithm.
williamr@2
    71
	* @return					A pointer to the new algorithm ID object. */
williamr@2
    72
	IMPORT_C static CPKCS1SignatureResult* NewL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
williamr@2
    73
	
williamr@2
    74
	/** Creates a new algorithm ID object copied from an existing
williamr@2
    75
	* object, and puts a pointer to the new object onto the cleanup stack.
williamr@2
    76
	* 
williamr@2
    77
	* @param aDigestAlgorithm	The algorithm ID object to be copied.
williamr@2
    78
	* @param aDigest			A non-modifiable descriptor representing the digest algorithm.
williamr@2
    79
	* @return					A pointer to the new algorithm ID object. */
williamr@2
    80
	IMPORT_C static CPKCS1SignatureResult* NewLC(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
williamr@2
    81
	
williamr@2
    82
	/** Tests whether the signature result is valid.
williamr@2
    83
	* 
williamr@2
    84
	* @param aResult	The signature result to be verified.
williamr@2
    85
	* @return			ETrue, if the signature result is verified; EFalse, otherwise. */
williamr@2
    86
	IMPORT_C virtual TBool VerifyL(const TDesC8& aResult);
williamr@2
    87
private:
williamr@2
    88
	void ConstructL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
williamr@2
    89
	TBool DoVerifyL(const TDesC8& aResult);
williamr@2
    90
	};
williamr@2
    91
williamr@2
    92
class TX509KeyFactory : public TKeyFactory
williamr@2
    93
/** Constructs the public key objects used for signature verification, from their 
williamr@2
    94
* encoded binary form, for X.509 certificates.
williamr@2
    95
* 
williamr@2
    96
* @publishedAll
williamr@2
    97
* @released
williamr@2
    98
* @since v6.0 */
williamr@2
    99
	{
williamr@2
   100
public:
williamr@2
   101
	/** Gets the RSA public key from the encoding key.
williamr@2
   102
	* 
williamr@2
   103
	* @param aEncoding	A non-modifiable descriptor representing the entire encoding.
williamr@2
   104
	* @return			The RSA Public key. */
williamr@2
   105
	IMPORT_C CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const;
williamr@2
   106
	
williamr@2
   107
	/** Gets the RSA signature result.
williamr@2
   108
	* 
williamr@2
   109
	* @param aDigestAlgorithm	The digest algorithm ID.
williamr@2
   110
	* @param aDigest			A non-modifiable descriptor representing the digest algorithm.
williamr@2
   111
	* @return					The RSA signature result. */
williamr@2
   112
	IMPORT_C CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const;
williamr@2
   113
	
williamr@2
   114
	/** Gets the DSA public key from the encoding key.
williamr@2
   115
	* 
williamr@2
   116
	* @param aParamsEncoding	A non-modifiable descriptor representing 
williamr@2
   117
	*							the encoded binary representation of the DSA parameters
williamr@2
   118
	* @param aEncoding			A non-modifiable descriptor representing the entire encoding.
williamr@2
   119
	* @return					The DSA public key. 
williamr@2
   120
	* @since 					v8.0 */
williamr@2
   121
	IMPORT_C CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const;
williamr@2
   122
	
williamr@2
   123
	/** Gets the digital DSA signature from the encoding key.
williamr@2
   124
	* 
williamr@2
   125
	* @param aEncoding	A non-modifiable descriptor representing the entire encoding.
williamr@2
   126
	* @return			The DSA signature. */
williamr@2
   127
	IMPORT_C CDSASignature* DSASignatureL(const TDesC8& aEncoding) const;
williamr@2
   128
	
williamr@2
   129
	/** Gets the DSA parameters from the encoding key.
williamr@2
   130
	* 
williamr@2
   131
	* @param aEncoding	A non-modifiable descriptor representing the entire encoding.
williamr@2
   132
	* @return			The DSA parameters. */
williamr@2
   133
	IMPORT_C CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const;
williamr@2
   134
	
williamr@2
   135
	/** Gets the DSA public key from the encoding key.
williamr@2
   136
	* 
williamr@2
   137
	* @param aParams	The DSA parameters
williamr@2
   138
	* @param aEncoding	A non-modifiable descriptor representing the entire encoding.
williamr@2
   139
	* @return			The DSA public key. */
williamr@2
   140
	IMPORT_C CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const;
williamr@2
   141
	};
williamr@2
   142
williamr@2
   143
class CX509ValidityPeriod : public CValidityPeriod
williamr@2
   144
/** The period for which an X.509 certificate is valid.
williamr@2
   145
* 
williamr@2
   146
* @publishedAll
williamr@2
   147
* @released
williamr@2
   148
* @since v6.0 */
williamr@2
   149
	{
williamr@2
   150
public:
williamr@2
   151
	/** Creates a new X.509 validity period object from the specified buffer containing 
williamr@2
   152
	* the binary coded representation.
williamr@2
   153
	* 
williamr@2
   154
	* Initialises the object from its encoded binary form into an internal representation.
williamr@2
   155
	* 
williamr@2
   156
	* @param aBinaryData	The encoded binary representation.
williamr@2
   157
	* @return				The new validity period object. */
williamr@2
   158
	IMPORT_C static CX509ValidityPeriod* NewL(const TDesC8& aBinaryData);
williamr@2
   159
	
williamr@2
   160
	/** Creates a new X.509 validity period object from the specified buffer containing 
williamr@2
   161
	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
williamr@2
   162
	* 
williamr@2
   163
	* Initialises the object from its encoded binary form into an internal representation.
williamr@2
   164
	* 
williamr@2
   165
	* @param aBinaryData	The encoded binary representation.
williamr@2
   166
	* @return				The new validity period object. */
williamr@2
   167
	IMPORT_C static CX509ValidityPeriod* NewLC(const TDesC8& aBinaryData);
williamr@2
   168
	
williamr@2
   169
	/** Creates a new X.509 validity period object from the specified buffer containing 
williamr@2
   170
	* the binary coded representation, starting at the specified offset.
williamr@2
   171
	* 
williamr@2
   172
	* Initialises the object from its encoded binary form into an internal representation.
williamr@2
   173
	* 
williamr@2
   174
	* @param aBinaryData	The encoded binary representation.
williamr@2
   175
	* @param aPos			The offset position from which to start decoding.
williamr@2
   176
	* @return				The new validity period object. */
williamr@2
   177
	IMPORT_C static CX509ValidityPeriod* NewL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   178
	
williamr@2
   179
	/** Creates a new X.509 validity period object from the specified buffer containing 
williamr@2
   180
	* the binary coded representation, starting at the specified offset, and puts 
williamr@2
   181
	* a pointer to it onto the cleanup stack.
williamr@2
   182
	* 
williamr@2
   183
	* Initialises the object from its encoded binary form into an internal representation.
williamr@2
   184
	* 
williamr@2
   185
	* @param aBinaryData	The encoded binary representation.
williamr@2
   186
	* @param aPos			The offset position from which to start decoding.
williamr@2
   187
	* @return				The new validity period object. */
williamr@2
   188
	IMPORT_C static CX509ValidityPeriod* NewLC(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   189
private:
williamr@2
   190
	CX509ValidityPeriod();
williamr@2
   191
	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   192
	};
williamr@2
   193
williamr@2
   194
class CX509AlgorithmIdentifier : public CAlgorithmIdentifier
williamr@2
   195
/** Algorithm identifier for an X.509 certificate.
williamr@2
   196
*
williamr@2
   197
* @publishedAll
williamr@2
   198
* @released
williamr@2
   199
* @since v6.0 */
williamr@2
   200
	{
williamr@2
   201
public:
williamr@2
   202
	/** Creates a new X.509 algorithm identifier object from the specified buffer containing 
williamr@2
   203
	* the binary coded representation.
williamr@2
   204
	* 
williamr@2
   205
	* The function initialises the object from its encoded binary form into an internal 
williamr@2
   206
	* representation.
williamr@2
   207
	* 
williamr@2
   208
	* @param aBinaryData	The encoded binary representation.
williamr@2
   209
	* @return				The new algorithm identifier object. */
williamr@2
   210
	IMPORT_C static CX509AlgorithmIdentifier* NewL(const TDesC8& aBinaryData);
williamr@2
   211
	
williamr@2
   212
	/** Creates a new X.509 algorithm identifier object from the specified buffer containing 
williamr@2
   213
	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
williamr@2
   214
	* 
williamr@2
   215
	* @param aBinaryData	The encoded binary representation.
williamr@2
   216
	* @return				The new algorithm identifier object. */
williamr@2
   217
	IMPORT_C static CX509AlgorithmIdentifier* NewLC(const TDesC8& aBinaryData);
williamr@2
   218
	
williamr@2
   219
	/** Creates a new X.509 algorithm identifier object from the specified buffer containing 
williamr@2
   220
	* the binary coded representation, starting at the specified offset.
williamr@2
   221
	* 
williamr@2
   222
	* @param aBinaryData	The encoded binary representation.
williamr@2
   223
	* @param aPos			The offset position from which to start decoding.
williamr@2
   224
	* @return				The new algorithm identifier object. */
williamr@2
   225
	IMPORT_C static CX509AlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   226
	
williamr@2
   227
	/** Creates a new X.509 algorithm identifier object from the specified buffer containing 
williamr@2
   228
	* the binary coded representation, starting at the specified offset, and puts 
williamr@2
   229
	* a pointer to it onto the cleanup stack.
williamr@2
   230
	* 
williamr@2
   231
	* @param aBinaryData	The encoded binary representation.
williamr@2
   232
	* @param aPos			The offset position from which to start decoding.
williamr@2
   233
	* @return				The new algorithm identifier object. */
williamr@2
   234
	IMPORT_C static CX509AlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   235
williamr@2
   236
	/**
williamr@2
   237
	Creates a X509 Algorithm Identifier object from the given algorithm ID and the encoded parameter.
williamr@2
   238
	@param aAlgorithmId The algorithm Id used to build the object.
williamr@2
   239
	@param aEncodedParams The encoded parameter for the algorithm ID.	
williamr@2
   240
	@return The fully constructed object.
williamr@2
   241
	*/
williamr@2
   242
	IMPORT_C static CX509AlgorithmIdentifier* NewL(TAlgorithmId aAlgorithmId, const TDesC8& aEncodedParams);
williamr@2
   243
williamr@2
   244
	/**
williamr@2
   245
	Creates a X509 Algorithm Identifier object from the given algorithm ID and the encoded parameter
williamr@2
   246
	and leaves the object on the cleanup stack.
williamr@2
   247
	@param aAlgorithmId The algorithm Id used to build the object.
williamr@2
   248
	@param aEncodedParams The encoded parameter for the algorithm ID.	
williamr@2
   249
	@return The fully constructed object.
williamr@2
   250
	*/
williamr@2
   251
	IMPORT_C static CX509AlgorithmIdentifier* NewLC(TAlgorithmId aAlgorithmId, const TDesC8& aEncodedParams);
williamr@2
   252
williamr@2
   253
	/**
williamr@2
   254
	Creates the ASN1 DER sequence of the X509 algorithm identifier object
williamr@2
   255
	and leaves it on the cleanup stack.
williamr@2
   256
	@return  ASN1 DER sequence of this object.
williamr@2
   257
	*/
williamr@2
   258
	IMPORT_C CASN1EncSequence* EncodeASN1DERLC() const;
williamr@2
   259
williamr@2
   260
private:
williamr@2
   261
	CX509AlgorithmIdentifier();
williamr@2
   262
	CX509AlgorithmIdentifier(TAlgorithmId& aAlgorithmId);
williamr@2
   263
	void InitializeL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   264
	};
williamr@2
   265
williamr@2
   266
class CX509SigningAlgorithmIdentifier : public CSigningAlgorithmIdentifier
williamr@2
   267
/** Encapsulates the IDs of the algorithms used for signing an X.509 certificate.
williamr@2
   268
*
williamr@2
   269
* @publishedAll
williamr@2
   270
* @released
williamr@2
   271
* @since v6.0 */
williamr@2
   272
	{
williamr@2
   273
public:
williamr@2
   274
	/** Creates a new X.509 signing algorithm Id object from the specified buffer containing 
williamr@2
   275
	* the binary coded representation.
williamr@2
   276
	* 
williamr@2
   277
	* @param aBinaryData	The encoded binary representation.
williamr@2
   278
	* @return				The new signing algorithm Id object. */
williamr@2
   279
	IMPORT_C static CX509SigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData);
williamr@2
   280
	
williamr@2
   281
	/** Creates a new X.509 signing algorithm Id object from the specified buffer containing 
williamr@2
   282
	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
williamr@2
   283
	* 
williamr@2
   284
	* @param aBinaryData	The encoded binary representation.
williamr@2
   285
	* @return				The new signing algorithm Id object. */
williamr@2
   286
	IMPORT_C static CX509SigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData);
williamr@2
   287
	
williamr@2
   288
	/** Creates a new X.509 signing algorithm Id object from the specified buffer containing 
williamr@2
   289
	* the binary coded representation, starting at the specified offset.
williamr@2
   290
	* 
williamr@2
   291
	* @param aBinaryData	The encoded binary representation.
williamr@2
   292
	* @param aPos			The offset position from which to start decoding.
williamr@2
   293
	* @return				The new signing algorithm Id object. */
williamr@2
   294
	IMPORT_C static CX509SigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   295
	
williamr@2
   296
	/** Creates a new X.509 signing algorithm Id object from the specified buffer containing 
williamr@2
   297
	* the binary coded representation,starting at the specified offset, and puts 
williamr@2
   298
	* a pointer to it onto the cleanup stack.
williamr@2
   299
	* 
williamr@2
   300
	* @param aBinaryData	The encoded binary representation.
williamr@2
   301
	* @param aPos			The offset position from which to start decoding.
williamr@2
   302
	* @return				The new signing algorithm Id object. */
williamr@2
   303
	IMPORT_C static CX509SigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   304
	/** Creates a new X.509 signing algorithm Id object from the specified algorithm pair
williamr@2
   305
	* 
williamr@2
   306
	* @param aAsymmetricAlgorithm	The asymmetric algorithm
williamr@2
   307
	* @param aDigestAlgorithm		The digest algorithm
williamr@2
   308
	* @return						The new signing algorithm Id object. */
williamr@2
   309
 	IMPORT_C static CX509SigningAlgorithmIdentifier* NewL(const CAlgorithmIdentifier& aAsymmetricAlgorithm, const CAlgorithmIdentifier& aDigestAlgorithm);
williamr@2
   310
	/** Creates a new X.509 signing algorithm Id object from the specified algorithm pair
williamr@2
   311
	* 
williamr@2
   312
	* @param aAsymmetricAlgorithm	The asymmetric algorithm
williamr@2
   313
	* @param aDigestAlgorithm		The digest algorithm
williamr@2
   314
	* @return						The new signing algorithm Id object. */
williamr@2
   315
 	IMPORT_C static CX509SigningAlgorithmIdentifier* NewLC(const CAlgorithmIdentifier& aAsymmetricAlgorithm, const CAlgorithmIdentifier& aDigestAlgorithm);
williamr@2
   316
private:
williamr@2
   317
	CX509SigningAlgorithmIdentifier();
williamr@2
   318
	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   319
	void ConstructL(const CAlgorithmIdentifier& aAsymmetricAlgorithm, const CAlgorithmIdentifier& aDigestAlgorithm);
williamr@2
   320
	};
williamr@2
   321
williamr@2
   322
class CX509SubjectPublicKeyInfo : public CSubjectPublicKeyInfo
williamr@2
   323
/** X.509 subject public key information.
williamr@2
   324
* 
williamr@2
   325
* @publishedAll
williamr@2
   326
* @released
williamr@2
   327
* @since v6.0 */
williamr@2
   328
	{
williamr@2
   329
public:
williamr@2
   330
	/** Creates a new X.509 subject public key object from the specified buffer containing 
williamr@2
   331
	* the binary coded representation.
williamr@2
   332
	* 
williamr@2
   333
	* @param aBinaryData	The encoded binary representation.
williamr@2
   334
	* @return				The new subject public key object. */
williamr@2
   335
	IMPORT_C static CX509SubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData);
williamr@2
   336
	
williamr@2
   337
	/** Creates a new X.509 subject public key object from the specified buffer containing 
williamr@2
   338
	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
williamr@2
   339
	* 
williamr@2
   340
	* @param aBinaryData	The encoded binary representation.
williamr@2
   341
	* @return				The new subject public key object. */
williamr@2
   342
	IMPORT_C static CX509SubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData);
williamr@2
   343
	
williamr@2
   344
	/** Creates a new X.509 subject public key object from the specified buffer containing 
williamr@2
   345
	* the binary coded representation, starting at the specified offset.
williamr@2
   346
	* 
williamr@2
   347
	* @param aBinaryData	The encoded binary representation.
williamr@2
   348
	* @param aPos			The offset position from which to start decoding.
williamr@2
   349
	* @return				The subject public key object. */
williamr@2
   350
	IMPORT_C static CX509SubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   351
	
williamr@2
   352
	/** Creates a new X.509 subject public key object from the specified buffer containing 
williamr@2
   353
	* the binary coded representation, starting at the specified offset, and puts 
williamr@2
   354
	* a pointer to it onto the cleanup stack.
williamr@2
   355
	* 
williamr@2
   356
	* @param aBinaryData	The encoded binary representation.
williamr@2
   357
	* @param aPos			The offset position from which to start decoding.
williamr@2
   358
	* @return				The new subject public key object. */
williamr@2
   359
	IMPORT_C static CX509SubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   360
private:
williamr@2
   361
	CX509SubjectPublicKeyInfo();
williamr@2
   362
	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   363
	};
williamr@2
   364
williamr@2
   365
class CX509CertExtension : public CBase
williamr@2
   366
/** A generic X.509 certificate extension.
williamr@2
   367
* 
williamr@2
   368
* The creation of a generic extension is the first step in the creation of a 
williamr@2
   369
* specific extension. Client code gets the decoded Object Identifier (OID) encapsulated 
williamr@2
   370
* by an instance of this class and uses it to create the specific extension.
williamr@2
   371
* 
williamr@2
   372
* Consists of an any-defined-by structure along with a boolean flag saying whether 
williamr@2
   373
* the extension is critical or not.
williamr@2
   374
* 
williamr@2
   375
* @publishedAll
williamr@2
   376
* @released
williamr@2
   377
* @since v6.0 */
williamr@2
   378
	{
williamr@2
   379
public:
williamr@2
   380
	/** Creates a new generic X.509 certificate extension object from an existing object.
williamr@2
   381
	* 
williamr@2
   382
	* This is equivalent to a copy constructor.
williamr@2
   383
	* 
williamr@2
   384
	* @param aExtension	The generic certificate extension to be copied.
williamr@2
   385
	* @return			The new generic certificate extension object. */
williamr@2
   386
	IMPORT_C static CX509CertExtension* NewL(const CX509CertExtension& aExtension);
williamr@2
   387
	
williamr@2
   388
	/** Creates a new generic X.509 certificate extension object from an existing object, 
williamr@2
   389
	* and puts a pointer to it onto the cleanup stack.
williamr@2
   390
	* 
williamr@2
   391
	* This is equivalent to a copy constructor.
williamr@2
   392
	* 
williamr@2
   393
	* @param aExtension	The generic certificate extension to be copied.
williamr@2
   394
	* @return			The new generic X.509 certificate extension object. */
williamr@2
   395
	IMPORT_C static CX509CertExtension* NewLC(const CX509CertExtension& aExtension);
williamr@2
   396
	
williamr@2
   397
	/** Creates a new generic X.509 certificate extension object from the specified 
williamr@2
   398
	* buffer containing the binary coded representation.
williamr@2
   399
	* 
williamr@2
   400
	* @param aBinaryData	The encoded binary representation.
williamr@2
   401
	* @return				The new generic X.509 certificate extension object. */
williamr@2
   402
	IMPORT_C static CX509CertExtension* NewL(const TDesC8& aBinaryData);
williamr@2
   403
	
williamr@2
   404
	/** Creates a new generic X.509 certificate extension object from the specified 
williamr@2
   405
	* buffer containing the binary coded representation, and puts a pointer to it 
williamr@2
   406
	* onto the cleanup stack .
williamr@2
   407
	* 
williamr@2
   408
	* @param aBinaryData	The encoded binary representation.
williamr@2
   409
	* @return				The new generic X.509 certificate extension object. */
williamr@2
   410
	IMPORT_C static CX509CertExtension* NewLC(const TDesC8& aBinaryData);
williamr@2
   411
	
williamr@2
   412
	/** Creates a new generic X.509 certificate extension object from the specified 
williamr@2
   413
	* buffer containing the binary coded representation, starting at the specified offset.
williamr@2
   414
	* 
williamr@2
   415
	* @param aBinaryData	The encoded binary representation.
williamr@2
   416
	* @param aPos			The offset position from which to start decoding.
williamr@2
   417
	* @return				The new generic X.509 certificate extension object. */
williamr@2
   418
	IMPORT_C static CX509CertExtension* NewL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   419
	
williamr@2
   420
	/** Creates a new generic X.509 certificate extension object from the specified 
williamr@2
   421
	* buffer containing the binary coded representation, starting at the specified 
williamr@2
   422
	* offset, and puts a pointer to it onto the cleanup stack.
williamr@2
   423
	* 
williamr@2
   424
	* @param aBinaryData	The encoded binary representation.
williamr@2
   425
	* @param aPos			The offset position from which to start decoding.
williamr@2
   426
	* @return				The new generic X.509 certificate extension object. */
williamr@2
   427
	IMPORT_C static CX509CertExtension* NewLC(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   428
	
williamr@2
   429
	/** Creates a new generic X.509 certificate extension object from the specified 
williamr@2
   430
	* extension object id, the critcal flag and the extension data.
williamr@2
   431
	* 
williamr@2
   432
	* @param aCertExtOID	The OID of the certficate extension.
williamr@2
   433
	* @param aCritical		Flag to convey criticality of the extension.
williamr@2
   434
	* @param aCertExtValue	The data of the specific extension.
williamr@2
   435
	* @return				The new generic X.509 certificate extension object. */
williamr@2
   436
	IMPORT_C static CX509CertExtension* NewL(const TDesC& aCertExtOID, 
williamr@2
   437
							const TBool aCritical,
williamr@2
   438
							const TDesC8& aCertExtValue);
williamr@2
   439
williamr@2
   440
	/** Creates a new generic X.509 certificate extension object from the specified 
williamr@2
   441
	* extension object id, the critcal flag and the extension data, and puts a 
williamr@2
   442
	* pointer to it onto the cleanup stack.
williamr@2
   443
	* 
williamr@2
   444
	* @param aCertExtOID	The OID of the certficate extension.
williamr@2
   445
	* @param aCritical		Flag to convey criticality of the extension.
williamr@2
   446
	* @param aCertExtValue	The data of the specific extension.
williamr@2
   447
	* @return				The new generic X.509 certificate extension object. */
williamr@2
   448
	IMPORT_C static CX509CertExtension* NewLC(const TDesC& aCertExtOID, 
williamr@2
   449
							const TBool aCritical,
williamr@2
   450
							const TDesC8& aCertExtValue);
williamr@2
   451
williamr@2
   452
	/** Destructor.
williamr@2
   453
	* 
williamr@2
   454
	* Frees all resources owned by the object, prior to its destruction. */
williamr@2
   455
	IMPORT_C ~CX509CertExtension();
williamr@2
   456
	
williamr@2
   457
	/** Tests whether certificate processing code must process this extension for certificate 
williamr@2
   458
	* validation to succeed.
williamr@2
   459
	* 
williamr@2
   460
	* @return	ETrue, if this extension must be processed for validation to succeed; 
williamr@2
   461
	* 			EFalse, otherwise. */
williamr@2
   462
	IMPORT_C TBool Critical() const;
williamr@2
   463
	
williamr@2
   464
	/** Gets the Object Identifier (OID) of the certficate extension.
williamr@2
   465
	* 
williamr@2
   466
	* @return	The OID of the certficate extension. */
williamr@2
   467
	IMPORT_C TPtrC Id() const;	//OID for the extension
williamr@2
   468
	
williamr@2
   469
	/** Gets the encoded binary representation of the specific extension.
williamr@2
   470
	* 
williamr@2
   471
	* @return	A pointer descriptor representing the specific extension. */
williamr@2
   472
	IMPORT_C TPtrC8 Data() const;	//the extension itself 
williamr@2
   473
williamr@2
   474
	/** Creates and returns a DER encoded X.509 certificate extension object in the form 
williamr@2
   475
	* of a ASN.1 Sequence and puts it onto the cleanup stack. This method can be called
williamr@2
   476
	* repeatedly to get copies of the sequence.
williamr@2
   477
	* 
williamr@2
   478
	* @return	A pointer to a DER encoded ASN.1 sequence */
williamr@2
   479
	IMPORT_C CASN1EncSequence * EncodeASN1DERLC() const;
williamr@2
   480
williamr@2
   481
private:
williamr@2
   482
	CX509CertExtension();
williamr@2
   483
	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   484
	void ConstructL(const CX509CertExtension& aExtension);
williamr@2
   485
	void ConstructL(const TDesC& aCertExtOID, 
williamr@2
   486
					const TBool aCritical,
williamr@2
   487
					const TDesC8& aCertExtValue);
williamr@2
   488
	HBufC* iId;
williamr@2
   489
	TBool iCritical;
williamr@2
   490
	HBufC8* iData;
williamr@2
   491
	};
williamr@2
   492
williamr@2
   493
class CX509Certificate : public CCertificate
williamr@2
   494
/** An X.509 certificate.
williamr@2
   495
* 
williamr@2
   496
* @publishedAll
williamr@2
   497
* @released
williamr@2
   498
* @since v6.0 */
williamr@2
   499
	{
williamr@2
   500
public:
williamr@2
   501
/** Enumerates values for encoded data element positions in the TBSCertificate data structure.
williamr@2
   502
* 
williamr@2
   503
* These values are to be used as parameters to the DataElementEncoding() function. */
williamr@2
   504
	enum
williamr@2
   505
		{
williamr@2
   506
		EVersionNumber = 0,	//optional - may be NULL
williamr@2
   507
		ESerialNumber = 1,
williamr@2
   508
		EAlgorithmId = 2,
williamr@2
   509
		EIssuerName = 3,
williamr@2
   510
		EValidityPeriod = 4,
williamr@2
   511
		ESubjectName = 5,
williamr@2
   512
		ESubjectPublicKeyInfo = 6,
williamr@2
   513
		EIssuerUID = 7,		//optional - may be NULL
williamr@2
   514
		ESubjectUID = 8,	//optional - may be NULL
williamr@2
   515
		EExtensionList = 9	//optional - may be NULL
williamr@2
   516
		};
williamr@2
   517
	
williamr@2
   518
	/** Creates a new X.509 certificate object from the specified buffer containing 
williamr@2
   519
	* the binary coded representation.
williamr@2
   520
	* 
williamr@2
   521
	* @param aBinaryData	The encoded binary representation.
williamr@2
   522
	* @return				The new X.509 certificate object. */
williamr@2
   523
	IMPORT_C static CX509Certificate* NewL(const TDesC8& aBinaryData);
williamr@2
   524
	
williamr@2
   525
	/** Creates a new X.509 certificate object from the specified buffer containing 
williamr@2
   526
	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
williamr@2
   527
	* 
williamr@2
   528
	* Initialises the object from its encoded binary form into an internal representation.
williamr@2
   529
	* 
williamr@2
   530
	* @param aBinaryData	The encoded binary representation.
williamr@2
   531
	* @return				The new X.509 certificate object. */
williamr@2
   532
	IMPORT_C static CX509Certificate* NewLC(const TDesC8& aBinaryData);
williamr@2
   533
williamr@2
   534
	/** Creates a new X.509 certificate object from the specified buffer containing 
williamr@2
   535
	* the binary coded representation, starting at the specified offset.
williamr@2
   536
	* 
williamr@2
   537
	* @param aBinaryData	The encoded binary representation.
williamr@2
   538
	* @param aPos			The offset position from which to start decoding.
williamr@2
   539
	* @return				The new X.509 certificate object. */
williamr@2
   540
	IMPORT_C static CX509Certificate* NewL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   541
	
williamr@2
   542
	/** Creates a new X.509 certificate object from the specified buffer containing 
williamr@2
   543
	* the binary coded representation, starting at the specified offset, and puts 
williamr@2
   544
	* a pointer to it onto the cleanup stack.
williamr@2
   545
	* 
williamr@2
   546
	* @param aBinaryData	The encoded binary representation.
williamr@2
   547
	* @param aPos			The offset position from which to start decoding.
williamr@2
   548
	* @return				The new X.509 certificate object. */
williamr@2
   549
	IMPORT_C static CX509Certificate* NewLC(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   550
williamr@2
   551
	/** Creates a new X.509 certificate object from the specified read stream.
williamr@2
   552
	* 
williamr@2
   553
	* @param aStream	Stream from which the contents should be internalised. 
williamr@2
   554
	* @return			The new X.509 certificate object. */
williamr@2
   555
	IMPORT_C static CX509Certificate* NewL(RReadStream& aStream);
williamr@2
   556
	
williamr@2
   557
	/** Creates a new X.509 certificate object from the specified read stream, and 
williamr@2
   558
	* puts a pointer to it onto the cleanup stack.
williamr@2
   559
	* 
williamr@2
   560
	* Construction is from the stream.
williamr@2
   561
	* 
williamr@2
   562
	* @param aStream	Stream from which the contents should be internalised. 
williamr@2
   563
	* @return			The new X.509 certificate object. */
williamr@2
   564
	IMPORT_C static CX509Certificate* NewLC(RReadStream& aStream);
williamr@2
   565
williamr@2
   566
	/** Creates a new X.509 certificate object from an existing object.
williamr@2
   567
	* 
williamr@2
   568
	* This is equivalent to a copy constructor.
williamr@2
   569
	* 
williamr@2
   570
	* @param aCert	The X.509 certificate to be copied.
williamr@2
   571
	* @return		The new X.509 certificate object. */
williamr@2
   572
	IMPORT_C static CX509Certificate* NewL(const CX509Certificate& aCert);
williamr@2
   573
	
williamr@2
   574
	/** Creates a new X.509 certificate object from an existing object.
williamr@2
   575
	* 
williamr@2
   576
	* This is equivalent to a copy constructor.
williamr@2
   577
	* 
williamr@2
   578
	* @param aCert	The X.509 certificate to be copied.
williamr@2
   579
	* @return		The new X.509 certificate object. */
williamr@2
   580
	IMPORT_C static CX509Certificate* NewLC(const CX509Certificate& aCert);
williamr@2
   581
williamr@2
   582
	/** Destructor.
williamr@2
   583
	* 
williamr@2
   584
	* Frees all resources owned by the object, prior to its destruction. */
williamr@2
   585
	IMPORT_C ~CX509Certificate();
williamr@2
   586
	
williamr@2
   587
	/** Tests whether the specified X.509 certificate is equal to this X.509 certificate.
williamr@2
   588
	* 
williamr@2
   589
	* X.509 certificates are equal if both the serial number and the issuer name 
williamr@2
   590
	* are the same.
williamr@2
   591
	* 
williamr@2
   592
	* @param aCert	The X.509 certificate to be compared.
williamr@2
   593
	* @return		ETrue, if the certificates are equal;EFalse, otherwise. */
williamr@2
   594
	IMPORT_C TBool IsEqualL(const CX509Certificate& aCert) const;
williamr@2
   595
	
williamr@2
   596
	//extra accessors
williamr@2
   597
	/** Gets the certificate's signed data.
williamr@2
   598
	* 
williamr@2
   599
	* @return	A non-modifiable pointer descriptor representing the certificate's 
williamr@2
   600
	* 			signed data. */
williamr@2
   601
	IMPORT_C const TPtrC8 SignedDataL() const;
williamr@2
   602
	
williamr@2
   603
	/** Gets the version number of the certificate.
williamr@2
   604
	* 
williamr@2
   605
	* @return	The version number of the certificate. */
williamr@2
   606
	IMPORT_C TInt Version() const;
williamr@2
   607
	
williamr@2
   608
	/** Gets the X.500 Distinguished Name that identifies the issuer.
williamr@2
   609
	* 
williamr@2
   610
	* @return	The X.500 Distinguished Name that identifies the issuer. */
williamr@2
   611
	IMPORT_C const CX500DistinguishedName& IssuerName() const;
williamr@2
   612
	
williamr@2
   613
	/** Gets the X.500 Distinguished Name that identifies the subject.
williamr@2
   614
	* 
williamr@2
   615
	* @return	The X.500 Distinguished Name that identifies the subject. */
williamr@2
   616
	IMPORT_C const CX500DistinguishedName& SubjectName() const;
williamr@2
   617
	
williamr@2
   618
			//return all your generic extensions
williamr@2
   619
	/** Gets all generic certificate extensions.
williamr@2
   620
	* 
williamr@2
   621
	* @return	The certificate extensions. */
williamr@2
   622
	IMPORT_C const CArrayPtrFlat<CX509CertExtension>& Extensions() const;
williamr@2
   623
		
williamr@2
   624
		//return a particular extension: this is NOT OWNED by the client
williamr@2
   625
		//returns NULL if the ext is not found
williamr@2
   626
	/** Gets the certificate extension identified by the specified object identifier (OID).
williamr@2
   627
	* 
williamr@2
   628
	* @param aExtensionName	The OID identifying the extension.
williamr@2
   629
	* @return				The certificate extension: Note that ownership is not transferred to 
williamr@2
   630
	* 						the caller. */
williamr@2
   631
	IMPORT_C const CX509CertExtension* Extension(const TDesC& aExtensionName) const;
williamr@2
   632
	
williamr@2
   633
	/** Internalises an object of this class from a read stream.
williamr@2
   634
	* 
williamr@2
   635
	* The presence of this function means that the standard templated operator>>() 
williamr@2
   636
	* can be used to internalise objects of this class.
williamr@2
   637
	* 
williamr@2
   638
	* Note that the function has assignment semantics. It replaces the old value 
williamr@2
   639
	* of the object with a new value read from the read stream.
williamr@2
   640
	* 
williamr@2
   641
	* @param aStream	Stream from which the object is to be internalised. */
williamr@2
   642
	IMPORT_C void InternalizeL(RReadStream& aStream);
williamr@2
   643
		
williamr@2
   644
		//return the encoding for a data element at the index specified
williamr@2
   645
	/** Gets the encoded data for the specified encoded data element (in the To Be 
williamr@2
   646
	* Signed (TBS) certificate data structure) of the signed object.
williamr@2
   647
	* 
williamr@2
   648
	* @param aIndex	The encoded data element position in the TBSCertificate data 
williamr@2
   649
	* 				structure. (See the CX509Certificate enumeration.)
williamr@2
   650
	* @return 		The encoded data for the specified data element of the signed object. 
williamr@2
   651
	* @since 		v7.0 */
williamr@2
   652
	IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const;
williamr@2
   653
williamr@2
   654
public:	// from CCertificate
williamr@2
   655
	/** Gets the issuer of the certificate.
williamr@2
   656
	* 
williamr@2
   657
	* @return 	A heap descriptor representing the issuer of the certificate. */
williamr@2
   658
	IMPORT_C HBufC* IssuerL() const;
williamr@2
   659
	
williamr@2
   660
	/** Gets the subject of the certificate.
williamr@2
   661
	* 
williamr@2
   662
	* @return	A heap descriptor representing the issuer of the certificate. */
williamr@2
   663
	IMPORT_C HBufC* SubjectL() const;
williamr@2
   664
	
williamr@2
   665
	/** Tests whether the certificate is self-signed.
williamr@2
   666
	* 
williamr@2
   667
	* @return	ETrue, if it is self-signed; EFalse, otherwise. */
williamr@2
   668
	IMPORT_C TBool IsSelfSignedL() const;
williamr@2
   669
	
williamr@2
   670
	/** Gets a key identifier for the certificate. This is a unique identifier, calculated according 
williamr@2
   671
	* to the recommended method of computing it from RFC3280, section 4.2.1.2. Please note that this
williamr@2
   672
	* method does NOT return the value of the Subject Key Id extension, if it is present.
williamr@2
   673
	* 
williamr@2
   674
	* @return	A unique key identifier for the certificate. */
williamr@2
   675
	IMPORT_C TKeyIdentifier KeyIdentifierL() const;
williamr@2
   676
	
williamr@2
   677
	/** Gets the subject key identifier for the certificate. This identifier is extracted from the
williamr@2
   678
	* certificate (if the corresponding extension exists), or calculated (if the extension doesn't exist). If calculated, the recommendation from
williamr@2
   679
	* section 4.2.1.2, RFC3280 is used (hash of the public key). Please note, that for subject key ids
williamr@2
   680
	* extracted from the certificate there is a length limit - if the extension is longer than 160 bits,
williamr@2
   681
	* it is ignored and the value is calculated instead.
williamr@2
   682
	* 
williamr@2
   683
	* @return	The subject key identifier for the certificate. */
williamr@2
   684
	IMPORT_C TKeyIdentifier SubjectKeyIdentifierL() const;
williamr@2
   685
williamr@2
   686
private:
williamr@2
   687
	CX509Certificate();
williamr@2
   688
	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
williamr@2
   689
	void ConstructL(const CX509Certificate& aCertificate);
williamr@2
   690
	void ConstructCertL();
williamr@2
   691
	void InitDataElementsL(const CX509Certificate& aCertificate);
williamr@2
   692
	HBufC8* DecodeUidL(const TDesC8& aBinaryData, TBool& aHasElementAlready);
williamr@2
   693
	void DecodeExtsL(const TDesC8& aBinaryData, TBool& aHasElementAlready);
williamr@2
   694
	//private data
williamr@2
   695
	TInt iVersion;
williamr@2
   696
	CX500DistinguishedName* iIssuerName;
williamr@2
   697
	CX500DistinguishedName* iSubjectName;
williamr@2
   698
	HBufC8* iIssuerUid;
williamr@2
   699
	HBufC8* iSubjectUid;
williamr@2
   700
	CArrayPtrFlat<CX509CertExtension>* iExtensions;
williamr@2
   701
	TFixedArray<TPtrC8*, KX509MaxDataElements>* iDataElements;
williamr@2
   702
	};
williamr@2
   703
williamr@2
   704
#endif