epoc32/include/x509certchain.h
author William Roberts <williamr@symbian.org>
Wed, 31 Mar 2010 12:33:34 +0100
branchSymbian3
changeset 4 837f303aceeb
parent 2 2fe1408b6811
permissions -rw-r--r--
Current Symbian^3 public API header files (from PDK 3.0.h)
This is the epoc32/include tree with the "platform" subtrees removed, and
all but a selected few mbg and rsg files removed.
williamr@2
     1
/*
williamr@2
     2
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
williamr@2
     3
* All rights reserved.
williamr@2
     4
* This component and the accompanying materials are made available
williamr@2
     5
* under the terms of the License "Eclipse Public License v1.0"
williamr@2
     6
* which accompanies this distribution, and is available
williamr@2
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
williamr@2
     8
*
williamr@2
     9
* Initial Contributors:
williamr@2
    10
* Nokia Corporation - initial contribution.
williamr@2
    11
*
williamr@2
    12
* Contributors:
williamr@2
    13
*
williamr@2
    14
* Description: 
williamr@2
    15
* X509 certificate chain and the validation status implementations
williamr@2
    16
*
williamr@2
    17
*/
williamr@2
    18
williamr@2
    19
williamr@2
    20
/**
williamr@2
    21
 @file 
williamr@2
    22
 @publishedAll
williamr@2
    23
 @released
williamr@2
    24
*/
williamr@2
    25
 
williamr@2
    26
#ifndef __X509CERTCHAIN_H__
williamr@2
    27
#define __X509CERTCHAIN_H__
williamr@2
    28
williamr@2
    29
#include <e32std.h>
williamr@2
    30
#include <x509cert.h>
williamr@2
    31
#include <ct.h>
williamr@2
    32
williamr@2
    33
class TValidationStatus
williamr@2
    34
/** The validation status.
williamr@2
    35
* 
williamr@2
    36
* Some errors cannot be blamed on any single certificate, in which case the 
williamr@2
    37
* iCert value is meaningless. The same structure is used for errors and for 
williamr@2
    38
* warnings. 
williamr@2
    39
* 
williamr@2
    40
* @since v6.0 */
williamr@2
    41
	{
williamr@2
    42
public:
williamr@2
    43
	/** Creates a validation status object.	
williamr@2
    44
	* 
williamr@2
    45
	* @param aError	The error type that occurred when validating the certificate chain.
williamr@2
    46
	* @param aCert	The index number identifying the certificate that gave rise to 
williamr@2
    47
	* 				the error. */
williamr@2
    48
	IMPORT_C TValidationStatus(const TValidationError aError, const TInt aCert);
williamr@2
    49
	
williamr@2
    50
	/** The reason for the error. */
williamr@2
    51
	TValidationError iReason;
williamr@2
    52
	
williamr@2
    53
	/** The index number identifying the certificate that gave rise to the error. */
williamr@2
    54
	TInt iCert;
williamr@2
    55
	};
williamr@2
    56
williamr@2
    57
class CX509CertChain : public CBase
williamr@2
    58
/** Abstract base class for X.509 certificate chain validation; 
williamr@2
    59
* derive from this to suit your profile.
williamr@2
    60
* 
williamr@2
    61
* @since v6.0 */
williamr@2
    62
	{
williamr@2
    63
public:
williamr@2
    64
	/** Gets the number of certificates in the chain.	
williamr@2
    65
	* 
williamr@2
    66
	* @return	The number of certificates in the chain. */
williamr@2
    67
	IMPORT_C TInt Count() const;
williamr@2
    68
	
williamr@2
    69
	/** Gets the certificate identified by the specified index.
williamr@2
    70
	* Note that Cert(Count()) corresponds to the root (if any)
williamr@2
    71
	* whilst Cert(0) corresponds to the outmost certificate in the chain.
williamr@2
    72
	*
williamr@2
    73
	* @param aIndex	The ordinal number representing the position of the certificate 
williamr@2
    74
	* 				within the chain.
williamr@2
    75
	* @return		The X.509 certificate at the specified index. */
williamr@2
    76
	IMPORT_C const CX509Certificate& Cert(TInt aIndex) const;
williamr@2
    77
	
williamr@2
    78
	/** Decodes the individual elements of the signed data to construct the certificates.
williamr@2
    79
	* 
williamr@2
    80
	* @param aBinaryData	The encoded binary representation.
williamr@2
    81
	* @return				The certificate objects. */
williamr@4
    82
	IMPORT_C CArrayPtrFlat<CX509Certificate>* DecodeCertsL(const TDesC8& aBinaryData);
williamr@2
    83
	
williamr@2
    84
	/** Destructor.
williamr@2
    85
	* 
williamr@2
    86
	* Frees all resources owned by the object, prior to its destruction. */
williamr@2
    87
	IMPORT_C ~CX509CertChain();
williamr@2
    88
williamr@2
    89
	/** Tests whether the specified X.509 certificate chain is equal to this X.509 
williamr@2
    90
	* certificate chain.
williamr@2
    91
	* 
williamr@2
    92
	* @param aOther	The X.509 certificate chain to be compared.
williamr@2
    93
	* @return		ETrue, if the certificate chains are equal;EFalse, otherwise. */
williamr@2
    94
	IMPORT_C TBool IsEqualL(const CX509CertChain& aOther) const;
williamr@2
    95
protected:
williamr@2
    96
	//certificate chain
williamr@2
    97
	CArrayPtrFlat<CX509Certificate>* iChain;
williamr@2
    98
private:
williamr@2
    99
	static void CleanupCertArray(TAny* aArray);
williamr@2
   100
	};
williamr@2
   101
	
williamr@2
   102
class CCertificateValidationWarnings : public CBase
williamr@2
   103
	/** Encapsulates the critical extensions encountered and any warnings found
williamr@2
   104
	* for a particular certificate in the chain during the process of validation.
williamr@2
   105
	* 
williamr@2
   106
	* @since v9.5 */
williamr@2
   107
		{
williamr@2
   108
	public:
williamr@2
   109
		/** Creates an instance of CCertificateValidationWarnings.
williamr@2
   110
		* 
williamr@2
   111
		* @param aIndex	The index of aCert in the certificate chain.
williamr@2
   112
		* @return	A pointer to the new CCertificateWarning object. */	
williamr@2
   113
		IMPORT_C static CCertificateValidationWarnings* NewL(TInt aIndex);
williamr@2
   114
williamr@2
   115
		/** Creates an instance of CCertificateValidationWarnings.
williamr@2
   116
		* 
williamr@2
   117
		* @param aIndex	The index of aCert in the certificate chain.
williamr@2
   118
		* @return	A pointer to the new CCertificateWarning object. */	
williamr@2
   119
		IMPORT_C static CCertificateValidationWarnings* NewLC(TInt aIndex);		
williamr@2
   120
		
williamr@2
   121
		/** Gets a list of critical extension OIDs found in the certificate.
williamr@2
   122
		* 
williamr@2
   123
		* @return	An array of critical extensions found. */		
williamr@2
   124
		IMPORT_C const RPointerArray<TDesC>& CriticalExtensionsFound() const;
williamr@2
   125
		
williamr@2
   126
		/** Gets a list of warnings generated by the certificate.
williamr@2
   127
		* 
williamr@2
   128
		* @return	An array of warnings generated. */	
williamr@2
   129
		IMPORT_C const RArray<TValidationStatus>& Warnings() const;
williamr@2
   130
		
williamr@2
   131
		/** Gets the index of the certificate in the chain.
williamr@2
   132
		* 
williamr@2
   133
		* @return	The certificate index number. */		
williamr@2
   134
		IMPORT_C TInt CertIndex() const;
williamr@2
   135
		
williamr@2
   136
		/** Externalises an object of this class to a write stream.
williamr@2
   137
		* 
williamr@2
   138
		* The presence of this function means that the standard templated operator<<() 
williamr@2
   139
		* can be used to externalise objects of this class.
williamr@2
   140
		* 
williamr@2
   141
		* @param aStream    Stream to which the object should be externalised. */
williamr@2
   142
		IMPORT_C void ExternalizeL(RWriteStream& aStream) const;
williamr@2
   143
		
williamr@2
   144
		/** Internalises an object of this class from a read stream.
williamr@2
   145
		* 
williamr@2
   146
		* The presence of this function means that the standard templated operator>>() 
williamr@2
   147
		* can be used to internalise objects of this class.
williamr@2
   148
		* 
williamr@2
   149
		* Note that this function has assignment semantics: it replaces the old value 
williamr@2
   150
		* of the object with a new value read from the read stream. 
williamr@2
   151
		* 
williamr@2
   152
		* @param aStream    Stream from which the object should be internalised. 
williamr@2
   153
		* @return A pointer to the new CCertificateWarning object. */
williamr@2
   154
		IMPORT_C static CCertificateValidationWarnings* InternalizeL(RReadStream& aStream);
williamr@2
   155
		
williamr@2
   156
		/** The destructor.
williamr@2
   157
		* 
williamr@2
   158
		* Frees all resources owned by the object. */
williamr@2
   159
		IMPORT_C ~CCertificateValidationWarnings();
williamr@2
   160
		
williamr@2
   161
	public:
williamr@2
   162
		/** Adds a warning.
williamr@2
   163
		* 
williamr@4
   164
	    */
williamr@2
   165
		IMPORT_C void AppendWarningL(TValidationStatus aWarning);
williamr@2
   166
		
williamr@2
   167
		/** Adds a critical extension OID warning.
williamr@2
   168
		* 
williamr@4
   169
		*/
williamr@2
   170
		IMPORT_C void AppendCriticalExtensionWarningL(TDesC& aCriticalExt);
williamr@2
   171
		
williamr@2
   172
	private:
williamr@2
   173
		CCertificateValidationWarnings(TInt aIndex);
williamr@2
   174
	
williamr@2
   175
	private:
williamr@2
   176
		TInt iCertIndex;
williamr@2
   177
		RPointerArray<TDesC> iCriticalExtsFound;
williamr@2
   178
		RArray<TValidationStatus> iWarnings;
williamr@2
   179
		};
williamr@2
   180
williamr@2
   181
#endif
williamr@4
   182
williamr@4
   183