1.1 --- a/epoc32/include/signed.h Tue Nov 24 13:55:44 2009 +0000
1.2 +++ b/epoc32/include/signed.h Tue Mar 16 16:12:26 2010 +0000
1.3 @@ -1,1 +1,637 @@
1.4 -signed.h
1.5 +/*
1.6 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
1.7 +* All rights reserved.
1.8 +* This component and the accompanying materials are made available
1.9 +* under the terms of the License "Eclipse Public License v1.0"
1.10 +* which accompanies this distribution, and is available
1.11 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.12 +*
1.13 +* Initial Contributors:
1.14 +* Nokia Corporation - initial contribution.
1.15 +*
1.16 +* Contributors:
1.17 +*
1.18 +* Description:
1.19 +*
1.20 +*/
1.21 +
1.22 +
1.23 +
1.24 +
1.25 +/**
1.26 + @file
1.27 + @internalAll
1.28 +*/
1.29 +
1.30 +#ifndef __SIGNED_H__
1.31 +#define __SIGNED_H__
1.32 +
1.33 +#include <e32base.h>
1.34 +#include <e32std.h>
1.35 +#include <s32std.h>
1.36 +#include <securitydefs.h>
1.37 +
1.38 +class CRSAPublicKey;
1.39 +class CDSAPublicKey;
1.40 +class CDSASignature;
1.41 +class CDSAParameters;
1.42 +
1.43 +/** Enumerates the identity of the algorithm.
1.44 + *
1.45 + * @publishedAll
1.46 + * @released
1.47 + */
1.48 +enum TAlgorithmId
1.49 + {
1.50 + /** An RSA algorithm. */
1.51 + ERSA,
1.52 + /** A DSA algorithm. */
1.53 + EDSA,
1.54 + /** A DH algorithm. */
1.55 + EDH,
1.56 + /** A MD2 algorithm. */
1.57 + EMD2,
1.58 + /** A MD5 algorithm. */
1.59 + EMD5,
1.60 + /** A SHA-1 algorithm. */
1.61 + ESHA1
1.62 + };
1.63 +
1.64 +class CValidityPeriod : public CBase
1.65 +/** The period for which the certificate is valid.
1.66 +*
1.67 +* @publishedAll
1.68 +* @released
1.69 +* @since v6.0 */
1.70 + {
1.71 +public:
1.72 + /** Tests whether the specified date and time is within the validity period.
1.73 + *
1.74 + * @param aTime The date and time to be tested.
1.75 + * @return ETrue, if the date and time is within the validity period;
1.76 + * EFalse, otherwise. */
1.77 + IMPORT_C TBool Valid(const TTime& aTime) const;
1.78 +
1.79 + /** Gets the start of the validity period.
1.80 + *
1.81 + * @return The start date and time. */
1.82 + IMPORT_C const TTime& Start() const;
1.83 +
1.84 + /** Gets the end of the validity period.
1.85 + *
1.86 + * @return The end date and time. */
1.87 + IMPORT_C const TTime& Finish() const;
1.88 +
1.89 + /** Copy constructor.
1.90 + *
1.91 + * @param aValidityPeriod The validity period object to be copied. */
1.92 + IMPORT_C CValidityPeriod(const CValidityPeriod& aValidityPeriod);
1.93 +
1.94 +protected:
1.95 + /** Default constructor. */
1.96 + IMPORT_C CValidityPeriod();
1.97 +
1.98 + /** The start time of the validity period. */
1.99 + TTime iStart;
1.100 +
1.101 + /** The end time of the validity period. */
1.102 + TTime iFinish;
1.103 + };
1.104 +
1.105 +class CAlgorithmIdentifier : public CBase
1.106 +/** Contains an algorithm ID and any encoded parameters required by that algorithm.
1.107 +*
1.108 +* An object of this type creates and owns a heap descriptor to contain the encoded
1.109 +* parameters.
1.110 +*
1.111 +* @publishedAll
1.112 +* @released
1.113 +* @since v6.0 */
1.114 + {
1.115 +public:
1.116 + /** Creates a new algorithm ID object copied from an existing object.
1.117 + *
1.118 + * @param aAlgorithmIdentifier The algorithm ID object to be copied.
1.119 + * @return A pointer to the new algorithm ID object. */
1.120 + IMPORT_C static CAlgorithmIdentifier* NewL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
1.121 +
1.122 + /** Creates a new algorithm ID object copied from an existing object, and puts
1.123 + * a pointer to the new object onto the cleanup stack.
1.124 + *
1.125 + * @param aAlgorithmIdentifier The algorithm ID object to be copied.
1.126 + * @return A pointer to the new algorithm ID object. */
1.127 + IMPORT_C static CAlgorithmIdentifier* NewLC(const CAlgorithmIdentifier& aAlgorithmIdentifier);
1.128 +
1.129 + /** Creates a new algorithm ID object.
1.130 + *
1.131 + * @param aAlgorithmId The algorithm ID.
1.132 + * @param aEncodedParams The encoded parameters.
1.133 + * @return A pointer to the new algorithm ID object. */
1.134 + IMPORT_C static CAlgorithmIdentifier* NewL(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
1.135 +
1.136 + /** Creates a new algorithm ID object, and puts a pointer to the new object onto
1.137 + * the cleanup stack.
1.138 + *
1.139 + * @param aAlgorithmId The algorithm ID.
1.140 + * @param aEncodedParams The encoded parameters.
1.141 + * @return A pointer to the new algorithm ID object. */
1.142 + IMPORT_C static CAlgorithmIdentifier* NewLC(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
1.143 +
1.144 + /** Tests whether this algorithm identifier object is equal to the specified algorithm
1.145 + * identifier object.
1.146 + *
1.147 + * @param aAlgorithmIdentifier The algorithm identifier object to be compared.
1.148 + * @return ETrue, if this algorithm identifier object is equal to the specified
1.149 + * algorithm identifier object; EFalse otherwise. */
1.150 + IMPORT_C TBool operator == (const CAlgorithmIdentifier& aAlgorithmIdentifier) const;
1.151 +
1.152 + /** Gets the algorithm identifier.
1.153 + *
1.154 + * @return The algorithm identifier. */
1.155 + IMPORT_C TAlgorithmId Algorithm() const; //ID for the algorithm
1.156 +
1.157 + /** Gets the encoded parameters for the algorithm identifier.
1.158 + *
1.159 + * Note that this object owns the heap descriptor that owns the encoded parameters.
1.160 + *
1.161 + * @return The encoded parameters. */
1.162 + IMPORT_C TPtrC8 EncodedParams() const; //the encoded parameters
1.163 +
1.164 + /** Destructor.
1.165 + *
1.166 + * Frees all resources owned by the object. */
1.167 + IMPORT_C ~CAlgorithmIdentifier();
1.168 +
1.169 +protected:
1.170 + /** Default constructor. */
1.171 + IMPORT_C CAlgorithmIdentifier();
1.172 +
1.173 + /** Constructor taking the specified parameters.
1.174 + *
1.175 + * @param aAlgorithmId The algorithm ID. */
1.176 + IMPORT_C CAlgorithmIdentifier(TAlgorithmId& aAlgorithmId);
1.177 +
1.178 + /** Second-phase constructor taking an existing algorithm identifier object.
1.179 + *
1.180 + * @param aAlgorithmIdentifier The algorithm identifier object. */
1.181 + IMPORT_C virtual void ConstructL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
1.182 +
1.183 + /** Second-phase constructor taking encoded parameters.
1.184 + *
1.185 + * @param aEncodedParams The encoded parameters. */
1.186 + IMPORT_C virtual void ConstructL(const TDesC8& aEncodedParams);
1.187 +
1.188 + /** The algorithm ID. */
1.189 + TAlgorithmId iAlgorithmId;
1.190 +
1.191 + /** The encoded parameters for the algorithm ID. */
1.192 + HBufC8* iEncodedParams;
1.193 + };
1.194 +
1.195 +class CSigningAlgorithmIdentifier : public CBase
1.196 +/** Contains two CAlgorithmIdentifier objects for comparison purposes.
1.197 +*
1.198 +* Implements an equality operator.
1.199 +*
1.200 +* @publishedAll
1.201 +* @released
1.202 +* @since v6.0 */
1.203 + {
1.204 +public:
1.205 + /** Constructs a new Signing Algorithm Identifier object, copying an existing Signing
1.206 + * Algorithm Identifier object.
1.207 + *
1.208 + * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object.
1.209 + * @return The new Signing Algorithm Identifier object. */
1.210 + IMPORT_C static CSigningAlgorithmIdentifier* NewL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
1.211 +
1.212 + /** Constructs a new Signing Algorithm Identifier object, copying an existing Signing
1.213 + * Algorithm Identifier object, and puts a pointer to it onto the cleanup stack.
1.214 + *
1.215 + * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object.
1.216 + * @return The new Signing Algorithm Identifier object. */
1.217 + IMPORT_C static CSigningAlgorithmIdentifier* NewLC(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
1.218 +
1.219 + /** Tests whether the Signing Algorithm Identifier object is equal to the specified
1.220 + * Signing Algorithm Identifier object.
1.221 + *
1.222 + * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object to be compared.
1.223 + * @return ETrue, if this object's Signing Algorithm Identifier value
1.224 + * is equal to the specified Signing Algorithm Identifier
1.225 + * object's value; EFalse, otherwise. */
1.226 + IMPORT_C TBool operator == (const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier) const;
1.227 +
1.228 + /** Gets the signature ID of the asymmetric algorithm.
1.229 + *
1.230 + * @return The signature ID of the asymmetric algorithm. */
1.231 + IMPORT_C const CAlgorithmIdentifier& AsymmetricAlgorithm() const;
1.232 +
1.233 + /** Gets the signature ID of the digest algorithm.
1.234 + *
1.235 + * @return The signature ID of the digest algorithm. */
1.236 + IMPORT_C const CAlgorithmIdentifier& DigestAlgorithm() const;
1.237 +
1.238 + /** Destructor.
1.239 + *
1.240 + * Frees all resources owned by the object, prior to its destruction. */
1.241 + IMPORT_C ~CSigningAlgorithmIdentifier();
1.242 +
1.243 +protected:
1.244 + /** Second-phase constructor.
1.245 + * @internalAll
1.246 + */
1.247 + void ConstructL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
1.248 +
1.249 + /** The signature ID of the asymmetric algorithm. */
1.250 + CAlgorithmIdentifier* iAsymmetricAlgorithm;
1.251 +
1.252 + /** The signature ID of the digest algorithm. */
1.253 + CAlgorithmIdentifier* iDigestAlgorithm;
1.254 + };
1.255 +
1.256 +class CSubjectPublicKeyInfo : public CBase
1.257 +/** A base class for a container that holds information about a subject public key.
1.258 +*
1.259 +* It contains the algorithm ID, the encoded public key and the encoded parameters.
1.260 +*
1.261 +* @publishedAll
1.262 +* @released
1.263 +* @since v6.0
1.264 +*/
1.265 +//algorithm ID + encoded public key + encoded parameters
1.266 + {
1.267 +public:
1.268 + /** Creates a new subject public key object copied from an existing object.
1.269 + *
1.270 + * @param aSubjectPublicKeyInfo The subject public key object to be copied.
1.271 + * @return A pointer to the new public key object. */
1.272 + IMPORT_C static CSubjectPublicKeyInfo* NewL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
1.273 +
1.274 + /** Creates a new subject public key object copied from an existing object and
1.275 + * puts a pointer to the new object onto the cleanup stack.
1.276 + *
1.277 + * @param aSubjectPublicKeyInfo The subject public key object to be copied.
1.278 + * @return A pointer to the new public key object. */
1.279 + IMPORT_C static CSubjectPublicKeyInfo* NewLC(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
1.280 +
1.281 + /** Gets the algorithm ID.
1.282 + *
1.283 + * @return The algorithm ID. */
1.284 + IMPORT_C TAlgorithmId AlgorithmId() const;
1.285 +
1.286 + /** Gets the encoded parameters required by the algorithm.
1.287 + *
1.288 + * @return A non-modifiable pointer descriptor representing the encoded parameters. */
1.289 + IMPORT_C const TPtrC8 EncodedParams() const;
1.290 +
1.291 + /** Gets the encoded public key data.
1.292 + *
1.293 + * @return A non-modifiable pointer descriptor representing the encoded public
1.294 + * key data. */
1.295 + IMPORT_C const TPtrC8 KeyData() const;
1.296 +
1.297 + /** Destructor.
1.298 + *
1.299 + * Frees all resources owned by the object. */
1.300 + IMPORT_C ~CSubjectPublicKeyInfo();
1.301 +protected:
1.302 + /** Second-phase constructor.
1.303 + *
1.304 + * @param aSubjectPublicKeyInfo The subject public key object to be copied. */
1.305 + IMPORT_C virtual void ConstructL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
1.306 +
1.307 + /** The algorithm ID. */
1.308 + CAlgorithmIdentifier* iAlgId;
1.309 +
1.310 + /** A heap descriptor representing the encoded key data. */
1.311 + HBufC8* iEncodedKeyData;
1.312 + };
1.313 +
1.314 +class CRSASignatureResult : public CBase
1.315 +/** The RSA public key algorithm signature result.
1.316 +*
1.317 +* Derived classes:
1.318 +* @li CWTLSRSASignatureResult
1.319 +* @li CPKCS1SignatureResult.
1.320 +*
1.321 +* @see TKeyFactory::RSASignatureResultL()
1.322 +*
1.323 +* @publishedAll
1.324 +* @released
1.325 +* @since v6.0 */
1.326 + {
1.327 +public:
1.328 + /** Tests whether the signature result is valid.
1.329 + *
1.330 + * @param aResult The signature result.
1.331 + * @return ETrue if the signature result is valid, otherwise EFalse. */
1.332 + IMPORT_C virtual TBool VerifyL(const TDesC8& aResult) = 0;
1.333 +
1.334 + /** Destructor.
1.335 + *
1.336 + * Frees all resources owned by the object. */
1.337 + IMPORT_C ~CRSASignatureResult();
1.338 +protected:
1.339 + /** Compares this RSA Signature Result object with the specified RSA Signature
1.340 + * Result object for equality.
1.341 + *
1.342 + * @param aResult The RSA Signature Result object to be compared.
1.343 + * @return ETrue, if they are the same; EFalse, otherwise. */
1.344 + IMPORT_C TBool operator == (const CRSASignatureResult& aResult) const;
1.345 +
1.346 + /** The digest algorithm ID. */
1.347 + CAlgorithmIdentifier* iDigestAlgorithm;
1.348 +
1.349 + /** A heap descriptor representing the digest algorithm. */
1.350 + HBufC8* iDigest;
1.351 + };
1.352 +
1.353 +//signed object
1.354 +class TKeyFactory
1.355 +/** Constructs the public key objects used for signature verification from their
1.356 +* encoded binary form.
1.357 +*
1.358 +* @publishedAll
1.359 +* @released
1.360 +* @since v6.0 */
1.361 + {
1.362 +public:
1.363 + /** Gets the RSA public key.
1.364 + *
1.365 + * @param aEncoding A non-modifiable descriptor representing the entire encoding.
1.366 + * @return The RSA Public key. */
1.367 + virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const = 0;
1.368 +
1.369 + /** Gets the RSA signature result.
1.370 + *
1.371 + * @param aDigestAlgorithm The algorithm ID.
1.372 + * @param aDigest A non-modifiable descriptor representing the digest algorithm.
1.373 + * @return The RSA signature result. */
1.374 + virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const = 0;
1.375 +
1.376 + /** Gets the DSA public key.
1.377 + *
1.378 + * @param aParams The DSA parameters
1.379 + * @param aEncoding A non-modifiable descriptor representing the entire encoding.
1.380 + * @return The DSA public key. */
1.381 + virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const = 0;
1.382 +
1.383 + /** Gets the digital DSA signature given an encoding key.
1.384 + *
1.385 + * @param aEncoding A non-modifiable descriptor representing the entire encoding.
1.386 + * @return The DSA signature. */
1.387 + virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const = 0;
1.388 +
1.389 + /** Gets the DSA parameters.
1.390 + *
1.391 + * @param aEncoding A non-modifiable descriptor representing the entire encoding.
1.392 + * @return The DSA parameters. */
1.393 + virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const = 0;
1.394 + // New function for TKeyFactory API
1.395 + virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const = 0;
1.396 + };
1.397 +
1.398 +class CSigningKeyParameters : public CBase
1.399 +/** Contains the parameter information required by some signing algorithms.
1.400 +*
1.401 +* The DSA signing algorithm needs parameters as well as a key. Currently, this
1.402 +* class only contains DSA parameters.
1.403 +*
1.404 +* @publishedAll
1.405 +* @released
1.406 +* @since v6.0 */
1.407 + {
1.408 +public:
1.409 + /** Creates a new signing key parameters object.
1.410 + *
1.411 + * @return A pointer to the new signing key parameters object. */
1.412 + IMPORT_C static CSigningKeyParameters* NewL();
1.413 +
1.414 + /** Creates a new signing key parameters object and puts a pointer to the new object
1.415 + * onto the cleanup stack.
1.416 + *
1.417 + * @return A pointer to the new signing key parameters object. */
1.418 + IMPORT_C static CSigningKeyParameters* NewLC();
1.419 +
1.420 + /** Creates a new signing key parameters object copied from an existing object.
1.421 + *
1.422 + * @param aParameters The signing key parameters object to be copied.
1.423 + * @return A pointer to the new parameters object. */
1.424 + IMPORT_C static CSigningKeyParameters* NewL(const CSigningKeyParameters& aParameters);
1.425 +
1.426 + /** Creates a new signing key parameters object copied from an existing object
1.427 + * and puts a pointer to the new object onto the cleanup stack.
1.428 + *
1.429 + * @param aParameters The signing key parameters object to be copied.
1.430 + * @return A pointer to the new signing key parameters object. */
1.431 + IMPORT_C static CSigningKeyParameters* NewLC(const CSigningKeyParameters& aParameters);
1.432 +
1.433 + /** Destructor.
1.434 + *
1.435 + * Frees all resources owned by the object. */
1.436 + IMPORT_C ~CSigningKeyParameters();
1.437 +
1.438 + /** Sets the DSA parameters.
1.439 + *
1.440 + * @param aParams The DSA parameters. */
1.441 + IMPORT_C void SetDSAParamsL(const CDSAParameters& aParams);
1.442 +
1.443 + /** Gets the DSA parameters.
1.444 + *
1.445 + * @return The DSA parameters.
1.446 + * @internalAll
1.447 + */
1.448 + const CDSAParameters* DSAParams() const;
1.449 +private:
1.450 + CSigningKeyParameters();
1.451 + void ConstructL(const CSigningKeyParameters& aParameters);
1.452 + CDSAParameters* iDSAParams;
1.453 + };
1.454 +
1.455 +
1.456 +class CSignedObject : public CBase
1.457 +/** Base class for certificates.
1.458 +*
1.459 +* @publishedAll
1.460 +* @released
1.461 +* @since v6.0 */
1.462 + {
1.463 +public:
1.464 + /** Verifies a signature using the specified encoded key.
1.465 + *
1.466 + * @param aEncodedKey The encoded key.
1.467 + * @return ETrue if the signature is valid, otherwise EFalse. */
1.468 + IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey) const;
1.469 +
1.470 + /** Verifies a signature using the specified encoded key and hash.
1.471 + *
1.472 + * @param aEncodedKey The encoded key.
1.473 + * @param aHash The hash of the data to be validated.
1.474 + * @return ETrue if the signature is valid, otherwise EFalse. */
1.475 + IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
1.476 +
1.477 + /** Gets the digital signature.
1.478 + *
1.479 + * @return A non-modifiable pointer descriptor representing the digital signature. */
1.480 + IMPORT_C const TPtrC8 Signature() const;
1.481 +
1.482 + /** Gets the signed data.
1.483 + *
1.484 + * @return A non-modifiable pointer descriptor representing the signed data. */
1.485 + IMPORT_C virtual const TPtrC8 SignedDataL() const = 0;
1.486 +
1.487 + /** Gets the fingerprint.
1.488 + *
1.489 + * The fingerprint returned is the SHA1 hash of the encoding of the entire object.
1.490 + *
1.491 + * @return A non-modifiable pointer descriptor representing the finger print. */
1.492 + IMPORT_C const TPtrC8 Fingerprint() const;
1.493 +
1.494 + /** Gets the entire encoding.
1.495 + *
1.496 + * @return A non-modifiable pointer descriptor representing the entire encoding. */
1.497 + IMPORT_C const TPtrC8 Encoding() const;
1.498 +
1.499 + /** Gets the signing algorithm ID used.
1.500 + *
1.501 + * @return The signing algorithm ID. */
1.502 + IMPORT_C const CSigningAlgorithmIdentifier& SigningAlgorithm() const;
1.503 +
1.504 + /** Externalises the encoding of the entire object to a write stream.
1.505 + *
1.506 + * The fingerprint and the signed data can be regenerated after restoration.
1.507 + *
1.508 + * The presence of this function means that the standard templated operator<<()
1.509 + * can be used to externalise objects of this class.
1.510 + *
1.511 + * @param aStream Stream to which the object should be externalised. */
1.512 + IMPORT_C virtual void ExternalizeL(RWriteStream& aStream) const;
1.513 +
1.514 + /** Internalises the encoded object from a read stream.
1.515 +
1.516 + * The class makes use of a specification-specific parser class for extracting
1.517 + * the various elements, that is provided by a subclass of CSignedObject. For
1.518 + * this reason this function is pure virtual.
1.519 + *
1.520 + * The presence of this function means that the standard templated operator>>()
1.521 + * can be used to internalise objects of this class.
1.522 + *
1.523 + * @param aStream Stream from which the contents of the field should be internalised. */
1.524 + IMPORT_C virtual void InternalizeL(RReadStream& aStream) = 0;
1.525 +
1.526 + /** Sets the signing key parameters.
1.527 + *
1.528 + * @param aParameters The signing key parameters. */
1.529 + IMPORT_C void SetParametersL(const CSigningKeyParameters& aParameters);
1.530 +
1.531 + /** Gets the encoded data for the specified encoded data element, in the (to be
1.532 + * signed) tbsCertificate data structure, of the signed object.
1.533 + *
1.534 + * @param aIndex The encoded data element position in the tbsCertificate data
1.535 + * structure. See the enumeration: CX509Certificate::Anonymous.
1.536 + * @return The encoded data for the specified data element of the signed object. */
1.537 + IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const = 0;
1.538 +
1.539 + /** Destructor.
1.540 + *
1.541 + * Frees all resources owned by the object. */
1.542 + IMPORT_C ~CSignedObject();
1.543 +
1.544 +protected:
1.545 + /** Verifies a RSA signature using the specified encoded key.
1.546 + *
1.547 + * @param aEncodedKey The encoded key.
1.548 + * @return ETrue if the signature is valid, otherwise EFalse.
1.549 + * @internalAll
1.550 + */
1.551 + TBool VerifyRSASignatureL(const TDesC8& aEncodedKey) const;
1.552 +
1.553 + /** @internalAll */
1.554 + TBool VerifyRSASignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
1.555 +
1.556 + /** A pointer to a key factory object. */
1.557 + TKeyFactory* iKeyFactory;
1.558 +
1.559 + /** A heap descriptor representing the entire encoding. */
1.560 + HBufC8* iEncoding;
1.561 +
1.562 + /** The digital signature. */
1.563 + HBufC8* iSignature;
1.564 +
1.565 + /** The fingerprint.
1.566 + *
1.567 + * The SHA1 hash of the encoding of the entire object. */
1.568 + HBufC8* iFingerprint;
1.569 +
1.570 + /** The signing key parameters */
1.571 + CSigningKeyParameters* iParameters;
1.572 +
1.573 + /** The signing algorithm ID. */
1.574 + CSigningAlgorithmIdentifier* iSigningAlgorithm;
1.575 + };
1.576 +
1.577 +class CCertificate : public CSignedObject
1.578 +/** A data structure that binds a public key to a given individual.
1.579 +*
1.580 +* A certificate is a signed object, and adds a serial number, a validity period
1.581 +* and a subject public key.
1.582 +*
1.583 +* This is a base class for classes that implement certificates of particular types.
1.584 +*
1.585 +* @publishedAll
1.586 +* @released
1.587 +* @since v6.0 */
1.588 + {
1.589 +public:
1.590 + /** Destructor.
1.591 + *
1.592 + * Frees all resources owned by the object. */
1.593 + IMPORT_C ~CCertificate();
1.594 +
1.595 + /** Gets the subject public key information.
1.596 + *
1.597 + * @return The subject public key information. */
1.598 + IMPORT_C const CSubjectPublicKeyInfo& PublicKey() const;
1.599 +
1.600 + /** Gets the serial number.
1.601 + *
1.602 + * @return A non-modifiable pointer descriptor representing the serial number. */
1.603 + IMPORT_C const TPtrC8 SerialNumber() const;
1.604 +
1.605 + /** Gets the validity period.
1.606 + *
1.607 + * @return The validity period. */
1.608 + IMPORT_C const CValidityPeriod& ValidityPeriod() const;
1.609 +
1.610 + /** Tests whether a certificate is self-signed.
1.611 + *
1.612 + * @return ETrue, if it is self-signed; EFalse, otherwise. */
1.613 + IMPORT_C virtual TBool IsSelfSignedL() const = 0;
1.614 +
1.615 + /** Gets the subject.
1.616 + *
1.617 + * @return A heap descriptor representing the subject. */
1.618 + IMPORT_C virtual HBufC* SubjectL() const = 0;
1.619 +
1.620 + /** Gets the issuer.
1.621 + *
1.622 + * @return A heap descriptor representing the issuer. */
1.623 + IMPORT_C virtual HBufC* IssuerL() const = 0;
1.624 +
1.625 + /** Gets the key identifier.
1.626 + *
1.627 + * @return The key identifier. */
1.628 + IMPORT_C virtual TKeyIdentifier KeyIdentifierL() const;
1.629 +
1.630 +protected:
1.631 + /** The serial number. */
1.632 + HBufC8* iSerialNumber;
1.633 +
1.634 + /** The validity period. */
1.635 + CValidityPeriod* iValidityPeriod;
1.636 +
1.637 + /** The subject public key information. */
1.638 + CSubjectPublicKeyInfo* iSubjectPublicKeyInfo;
1.639 + };
1.640 +
1.641 +#endif