epoc32/include/x509cert.h
branchSymbian2
changeset 2 2fe1408b6811
parent 0 061f57f2323e
child 4 837f303aceeb
     1.1 --- a/epoc32/include/x509cert.h	Tue Nov 24 13:55:44 2009 +0000
     1.2 +++ b/epoc32/include/x509cert.h	Tue Mar 16 16:12:26 2010 +0000
     1.3 @@ -1,1 +1,704 @@
     1.4 -x509cert.h
     1.5 +/*
     1.6 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
     1.7 +* All rights reserved.
     1.8 +* This component and the accompanying materials are made available
     1.9 +* under the terms of the License "Eclipse Public License v1.0"
    1.10 +* which accompanies this distribution, and is available
    1.11 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
    1.12 +*
    1.13 +* Initial Contributors:
    1.14 +* Nokia Corporation - initial contribution.
    1.15 +*
    1.16 +* Contributors:
    1.17 +*
    1.18 +* Description: 
    1.19 +* X509 certificate implementation
    1.20 +*
    1.21 +*/
    1.22 +
    1.23 +
    1.24 +
    1.25 +
    1.26 +/**
    1.27 + @file 
    1.28 + @internalAll
    1.29 +*/
    1.30 + 
    1.31 +#ifndef __X509CERT_H__
    1.32 +#define __X509CERT_H__
    1.33 +
    1.34 +#include <e32base.h>
    1.35 +#include <e32std.h>
    1.36 +#include <s32std.h>
    1.37 +#include <signed.h>
    1.38 +#include <x500dn.h>
    1.39 +#include <asn1enc.h>
    1.40 +
    1.41 +_LIT(KMD2WithRSA,"1.2.840.113549.1.1.2");
    1.42 +_LIT(KMD5WithRSA,"1.2.840.113549.1.1.4");
    1.43 +_LIT(KSHA1WithRSA,"1.2.840.113549.1.1.5");
    1.44 +_LIT(KDSAWithSHA1,"1.2.840.10040.4.3");
    1.45 +
    1.46 +_LIT(KRSA,"1.2.840.113549.1.1.1");
    1.47 +_LIT(KDH,"1.2.840.10046.2.1");
    1.48 +_LIT(KDSA,"1.2.840.10040.4.1");
    1.49 +_LIT(KMD5,"1.2.840.113549.2.5");
    1.50 +_LIT(KMD2,"1.2.840.113549.2.2");
    1.51 +_LIT(KSHA1,"1.3.14.3.2.26");
    1.52 +
    1.53 +/** The maximum number of allowed data elements.
    1.54 +* 
    1.55 +* @since v7.0 */
    1.56 +const TInt KX509MaxDataElements = 10;
    1.57 +
    1.58 +class CRSAPublicKey;
    1.59 +class CDSAPublicKey;
    1.60 +class CDSASignature;
    1.61 +class CDSAParameters;
    1.62 +
    1.63 +class CPKCS1SignatureResult : public CRSASignatureResult
    1.64 +/** The signature result in PKCS#1 format.
    1.65 +* 
    1.66 +* @publishedAll
    1.67 +* @released
    1.68 +* @since v6.0 */
    1.69 +	{
    1.70 +public:
    1.71 +	/** Creates a new algorithm ID object copied from an existing object.
    1.72 +	* 
    1.73 +	* @param aDigestAlgorithm	The algorithm ID object to be copied.
    1.74 +	* @param aDigest			A non-modifiable descriptor representing the digest algorithm.
    1.75 +	* @return					A pointer to the new algorithm ID object. */
    1.76 +	IMPORT_C static CPKCS1SignatureResult* NewL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
    1.77 +	
    1.78 +	/** Creates a new algorithm ID object copied from an existing
    1.79 +	* object, and puts a pointer to the new object onto the cleanup stack.
    1.80 +	* 
    1.81 +	* @param aDigestAlgorithm	The algorithm ID object to be copied.
    1.82 +	* @param aDigest			A non-modifiable descriptor representing the digest algorithm.
    1.83 +	* @return					A pointer to the new algorithm ID object. */
    1.84 +	IMPORT_C static CPKCS1SignatureResult* NewLC(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
    1.85 +	
    1.86 +	/** Tests whether the signature result is valid.
    1.87 +	* 
    1.88 +	* @param aResult	The signature result to be verified.
    1.89 +	* @return			ETrue, if the signature result is verified; EFalse, otherwise. */
    1.90 +	IMPORT_C virtual TBool VerifyL(const TDesC8& aResult);
    1.91 +private:
    1.92 +	void ConstructL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
    1.93 +	TBool DoVerifyL(const TDesC8& aResult);
    1.94 +	};
    1.95 +
    1.96 +class TX509KeyFactory : public TKeyFactory
    1.97 +/** Constructs the public key objects used for signature verification, from their 
    1.98 +* encoded binary form, for X.509 certificates.
    1.99 +* 
   1.100 +* @publishedAll
   1.101 +* @released
   1.102 +* @since v6.0 */
   1.103 +	{
   1.104 +public:
   1.105 +	/** Gets the RSA public key from the encoding key.
   1.106 +	* 
   1.107 +	* @param aEncoding	A non-modifiable descriptor representing the entire encoding.
   1.108 +	* @return			The RSA Public key. */
   1.109 +	IMPORT_C CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const;
   1.110 +	
   1.111 +	/** Gets the RSA signature result.
   1.112 +	* 
   1.113 +	* @param aDigestAlgorithm	The digest algorithm ID.
   1.114 +	* @param aDigest			A non-modifiable descriptor representing the digest algorithm.
   1.115 +	* @return					The RSA signature result. */
   1.116 +	IMPORT_C CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const;
   1.117 +	
   1.118 +	/** Gets the DSA public key from the encoding key.
   1.119 +	* 
   1.120 +	* @param aParamsEncoding	A non-modifiable descriptor representing 
   1.121 +	*							the encoded binary representation of the DSA parameters
   1.122 +	* @param aEncoding			A non-modifiable descriptor representing the entire encoding.
   1.123 +	* @return					The DSA public key. 
   1.124 +	* @since 					v8.0 */
   1.125 +	IMPORT_C CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const;
   1.126 +	
   1.127 +	/** Gets the digital DSA signature from the encoding key.
   1.128 +	* 
   1.129 +	* @param aEncoding	A non-modifiable descriptor representing the entire encoding.
   1.130 +	* @return			The DSA signature. */
   1.131 +	IMPORT_C CDSASignature* DSASignatureL(const TDesC8& aEncoding) const;
   1.132 +	
   1.133 +	/** Gets the DSA parameters from the encoding key.
   1.134 +	* 
   1.135 +	* @param aEncoding	A non-modifiable descriptor representing the entire encoding.
   1.136 +	* @return			The DSA parameters. */
   1.137 +	IMPORT_C CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const;
   1.138 +	
   1.139 +	/** Gets the DSA public key from the encoding key.
   1.140 +	* 
   1.141 +	* @param aParams	The DSA parameters
   1.142 +	* @param aEncoding	A non-modifiable descriptor representing the entire encoding.
   1.143 +	* @return			The DSA public key. */
   1.144 +	IMPORT_C CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const;
   1.145 +	};
   1.146 +
   1.147 +class CX509ValidityPeriod : public CValidityPeriod
   1.148 +/** The period for which an X.509 certificate is valid.
   1.149 +* 
   1.150 +* @publishedAll
   1.151 +* @released
   1.152 +* @since v6.0 */
   1.153 +	{
   1.154 +public:
   1.155 +	/** Creates a new X.509 validity period object from the specified buffer containing 
   1.156 +	* the binary coded representation.
   1.157 +	* 
   1.158 +	* Initialises the object from its encoded binary form into an internal representation.
   1.159 +	* 
   1.160 +	* @param aBinaryData	The encoded binary representation.
   1.161 +	* @return				The new validity period object. */
   1.162 +	IMPORT_C static CX509ValidityPeriod* NewL(const TDesC8& aBinaryData);
   1.163 +	
   1.164 +	/** Creates a new X.509 validity period object from the specified buffer containing 
   1.165 +	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
   1.166 +	* 
   1.167 +	* Initialises the object from its encoded binary form into an internal representation.
   1.168 +	* 
   1.169 +	* @param aBinaryData	The encoded binary representation.
   1.170 +	* @return				The new validity period object. */
   1.171 +	IMPORT_C static CX509ValidityPeriod* NewLC(const TDesC8& aBinaryData);
   1.172 +	
   1.173 +	/** Creates a new X.509 validity period object from the specified buffer containing 
   1.174 +	* the binary coded representation, starting at the specified offset.
   1.175 +	* 
   1.176 +	* Initialises the object from its encoded binary form into an internal representation.
   1.177 +	* 
   1.178 +	* @param aBinaryData	The encoded binary representation.
   1.179 +	* @param aPos			The offset position from which to start decoding.
   1.180 +	* @return				The new validity period object. */
   1.181 +	IMPORT_C static CX509ValidityPeriod* NewL(const TDesC8& aBinaryData, TInt& aPos);
   1.182 +	
   1.183 +	/** Creates a new X.509 validity period object from the specified buffer containing 
   1.184 +	* the binary coded representation, starting at the specified offset, and puts 
   1.185 +	* a pointer to it onto the cleanup stack.
   1.186 +	* 
   1.187 +	* Initialises the object from its encoded binary form into an internal representation.
   1.188 +	* 
   1.189 +	* @param aBinaryData	The encoded binary representation.
   1.190 +	* @param aPos			The offset position from which to start decoding.
   1.191 +	* @return				The new validity period object. */
   1.192 +	IMPORT_C static CX509ValidityPeriod* NewLC(const TDesC8& aBinaryData, TInt& aPos);
   1.193 +private:
   1.194 +	CX509ValidityPeriod();
   1.195 +	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
   1.196 +	};
   1.197 +
   1.198 +class CX509AlgorithmIdentifier : public CAlgorithmIdentifier
   1.199 +/** Algorithm identifier for an X.509 certificate.
   1.200 +*
   1.201 +* @publishedAll
   1.202 +* @released
   1.203 +* @since v6.0 */
   1.204 +	{
   1.205 +public:
   1.206 +	/** Creates a new X.509 algorithm identifier object from the specified buffer containing 
   1.207 +	* the binary coded representation.
   1.208 +	* 
   1.209 +	* The function initialises the object from its encoded binary form into an internal 
   1.210 +	* representation.
   1.211 +	* 
   1.212 +	* @param aBinaryData	The encoded binary representation.
   1.213 +	* @return				The new algorithm identifier object. */
   1.214 +	IMPORT_C static CX509AlgorithmIdentifier* NewL(const TDesC8& aBinaryData);
   1.215 +	
   1.216 +	/** Creates a new X.509 algorithm identifier object from the specified buffer containing 
   1.217 +	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
   1.218 +	* 
   1.219 +	* @param aBinaryData	The encoded binary representation.
   1.220 +	* @return				The new algorithm identifier object. */
   1.221 +	IMPORT_C static CX509AlgorithmIdentifier* NewLC(const TDesC8& aBinaryData);
   1.222 +	
   1.223 +	/** Creates a new X.509 algorithm identifier object from the specified buffer containing 
   1.224 +	* the binary coded representation, starting at the specified offset.
   1.225 +	* 
   1.226 +	* @param aBinaryData	The encoded binary representation.
   1.227 +	* @param aPos			The offset position from which to start decoding.
   1.228 +	* @return				The new algorithm identifier object. */
   1.229 +	IMPORT_C static CX509AlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos);
   1.230 +	
   1.231 +	/** Creates a new X.509 algorithm identifier object from the specified buffer containing 
   1.232 +	* the binary coded representation, starting at the specified offset, and puts 
   1.233 +	* a pointer to it onto the cleanup stack.
   1.234 +	* 
   1.235 +	* @param aBinaryData	The encoded binary representation.
   1.236 +	* @param aPos			The offset position from which to start decoding.
   1.237 +	* @return				The new algorithm identifier object. */
   1.238 +	IMPORT_C static CX509AlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos);
   1.239 +
   1.240 +	/**
   1.241 +	Creates a X509 Algorithm Identifier object from the given algorithm ID and the encoded parameter.
   1.242 +	@param aAlgorithmId The algorithm Id used to build the object.
   1.243 +	@param aEncodedParams The encoded parameter for the algorithm ID.	
   1.244 +	@return The fully constructed object.
   1.245 +	*/
   1.246 +	IMPORT_C static CX509AlgorithmIdentifier* NewL(TAlgorithmId aAlgorithmId, const TDesC8& aEncodedParams);
   1.247 +
   1.248 +	/**
   1.249 +	Creates a X509 Algorithm Identifier object from the given algorithm ID and the encoded parameter
   1.250 +	and leaves the object on the cleanup stack.
   1.251 +	@param aAlgorithmId The algorithm Id used to build the object.
   1.252 +	@param aEncodedParams The encoded parameter for the algorithm ID.	
   1.253 +	@return The fully constructed object.
   1.254 +	*/
   1.255 +	IMPORT_C static CX509AlgorithmIdentifier* NewLC(TAlgorithmId aAlgorithmId, const TDesC8& aEncodedParams);
   1.256 +
   1.257 +	/**
   1.258 +	Creates the ASN1 DER sequence of the X509 algorithm identifier object
   1.259 +	and leaves it on the cleanup stack.
   1.260 +	@return  ASN1 DER sequence of this object.
   1.261 +	*/
   1.262 +	IMPORT_C CASN1EncSequence* EncodeASN1DERLC() const;
   1.263 +
   1.264 +private:
   1.265 +	CX509AlgorithmIdentifier();
   1.266 +	CX509AlgorithmIdentifier(TAlgorithmId& aAlgorithmId);
   1.267 +	void InitializeL(const TDesC8& aBinaryData, TInt& aPos);
   1.268 +	};
   1.269 +
   1.270 +class CX509SigningAlgorithmIdentifier : public CSigningAlgorithmIdentifier
   1.271 +/** Encapsulates the IDs of the algorithms used for signing an X.509 certificate.
   1.272 +*
   1.273 +* @publishedAll
   1.274 +* @released
   1.275 +* @since v6.0 */
   1.276 +	{
   1.277 +public:
   1.278 +	/** Creates a new X.509 signing algorithm Id object from the specified buffer containing 
   1.279 +	* the binary coded representation.
   1.280 +	* 
   1.281 +	* @param aBinaryData	The encoded binary representation.
   1.282 +	* @return				The new signing algorithm Id object. */
   1.283 +	IMPORT_C static CX509SigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData);
   1.284 +	
   1.285 +	/** Creates a new X.509 signing algorithm Id object from the specified buffer containing 
   1.286 +	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
   1.287 +	* 
   1.288 +	* @param aBinaryData	The encoded binary representation.
   1.289 +	* @return				The new signing algorithm Id object. */
   1.290 +	IMPORT_C static CX509SigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData);
   1.291 +	
   1.292 +	/** Creates a new X.509 signing algorithm Id object from the specified buffer containing 
   1.293 +	* the binary coded representation, starting at the specified offset.
   1.294 +	* 
   1.295 +	* @param aBinaryData	The encoded binary representation.
   1.296 +	* @param aPos			The offset position from which to start decoding.
   1.297 +	* @return				The new signing algorithm Id object. */
   1.298 +	IMPORT_C static CX509SigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos);
   1.299 +	
   1.300 +	/** Creates a new X.509 signing algorithm Id object from the specified buffer containing 
   1.301 +	* the binary coded representation,starting at the specified offset, and puts 
   1.302 +	* a pointer to it onto the cleanup stack.
   1.303 +	* 
   1.304 +	* @param aBinaryData	The encoded binary representation.
   1.305 +	* @param aPos			The offset position from which to start decoding.
   1.306 +	* @return				The new signing algorithm Id object. */
   1.307 +	IMPORT_C static CX509SigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos);
   1.308 +	/** Creates a new X.509 signing algorithm Id object from the specified algorithm pair
   1.309 +	* 
   1.310 +	* @param aAsymmetricAlgorithm	The asymmetric algorithm
   1.311 +	* @param aDigestAlgorithm		The digest algorithm
   1.312 +	* @return						The new signing algorithm Id object. */
   1.313 + 	IMPORT_C static CX509SigningAlgorithmIdentifier* NewL(const CAlgorithmIdentifier& aAsymmetricAlgorithm, const CAlgorithmIdentifier& aDigestAlgorithm);
   1.314 +	/** Creates a new X.509 signing algorithm Id object from the specified algorithm pair
   1.315 +	* 
   1.316 +	* @param aAsymmetricAlgorithm	The asymmetric algorithm
   1.317 +	* @param aDigestAlgorithm		The digest algorithm
   1.318 +	* @return						The new signing algorithm Id object. */
   1.319 + 	IMPORT_C static CX509SigningAlgorithmIdentifier* NewLC(const CAlgorithmIdentifier& aAsymmetricAlgorithm, const CAlgorithmIdentifier& aDigestAlgorithm);
   1.320 +private:
   1.321 +	CX509SigningAlgorithmIdentifier();
   1.322 +	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
   1.323 +	void ConstructL(const CAlgorithmIdentifier& aAsymmetricAlgorithm, const CAlgorithmIdentifier& aDigestAlgorithm);
   1.324 +	};
   1.325 +
   1.326 +class CX509SubjectPublicKeyInfo : public CSubjectPublicKeyInfo
   1.327 +/** X.509 subject public key information.
   1.328 +* 
   1.329 +* @publishedAll
   1.330 +* @released
   1.331 +* @since v6.0 */
   1.332 +	{
   1.333 +public:
   1.334 +	/** Creates a new X.509 subject public key object from the specified buffer containing 
   1.335 +	* the binary coded representation.
   1.336 +	* 
   1.337 +	* @param aBinaryData	The encoded binary representation.
   1.338 +	* @return				The new subject public key object. */
   1.339 +	IMPORT_C static CX509SubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData);
   1.340 +	
   1.341 +	/** Creates a new X.509 subject public key object from the specified buffer containing 
   1.342 +	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
   1.343 +	* 
   1.344 +	* @param aBinaryData	The encoded binary representation.
   1.345 +	* @return				The new subject public key object. */
   1.346 +	IMPORT_C static CX509SubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData);
   1.347 +	
   1.348 +	/** Creates a new X.509 subject public key object from the specified buffer containing 
   1.349 +	* the binary coded representation, starting at the specified offset.
   1.350 +	* 
   1.351 +	* @param aBinaryData	The encoded binary representation.
   1.352 +	* @param aPos			The offset position from which to start decoding.
   1.353 +	* @return				The subject public key object. */
   1.354 +	IMPORT_C static CX509SubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos);
   1.355 +	
   1.356 +	/** Creates a new X.509 subject public key object from the specified buffer containing 
   1.357 +	* the binary coded representation, starting at the specified offset, and puts 
   1.358 +	* a pointer to it onto the cleanup stack.
   1.359 +	* 
   1.360 +	* @param aBinaryData	The encoded binary representation.
   1.361 +	* @param aPos			The offset position from which to start decoding.
   1.362 +	* @return				The new subject public key object. */
   1.363 +	IMPORT_C static CX509SubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos);
   1.364 +private:
   1.365 +	CX509SubjectPublicKeyInfo();
   1.366 +	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
   1.367 +	};
   1.368 +
   1.369 +class CX509CertExtension : public CBase
   1.370 +/** A generic X.509 certificate extension.
   1.371 +* 
   1.372 +* The creation of a generic extension is the first step in the creation of a 
   1.373 +* specific extension. Client code gets the decoded Object Identifier (OID) encapsulated 
   1.374 +* by an instance of this class and uses it to create the specific extension.
   1.375 +* 
   1.376 +* Consists of an any-defined-by structure along with a boolean flag saying whether 
   1.377 +* the extension is critical or not.
   1.378 +* 
   1.379 +* @publishedAll
   1.380 +* @released
   1.381 +* @since v6.0 */
   1.382 +	{
   1.383 +public:
   1.384 +	/** Creates a new generic X.509 certificate extension object from an existing object.
   1.385 +	* 
   1.386 +	* This is equivalent to a copy constructor.
   1.387 +	* 
   1.388 +	* @param aExtension	The generic certificate extension to be copied.
   1.389 +	* @return			The new generic certificate extension object. */
   1.390 +	IMPORT_C static CX509CertExtension* NewL(const CX509CertExtension& aExtension);
   1.391 +	
   1.392 +	/** Creates a new generic X.509 certificate extension object from an existing object, 
   1.393 +	* and puts a pointer to it onto the cleanup stack.
   1.394 +	* 
   1.395 +	* This is equivalent to a copy constructor.
   1.396 +	* 
   1.397 +	* @param aExtension	The generic certificate extension to be copied.
   1.398 +	* @return			The new generic X.509 certificate extension object. */
   1.399 +	IMPORT_C static CX509CertExtension* NewLC(const CX509CertExtension& aExtension);
   1.400 +	
   1.401 +	/** Creates a new generic X.509 certificate extension object from the specified 
   1.402 +	* buffer containing the binary coded representation.
   1.403 +	* 
   1.404 +	* @param aBinaryData	The encoded binary representation.
   1.405 +	* @return				The new generic X.509 certificate extension object. */
   1.406 +	IMPORT_C static CX509CertExtension* NewL(const TDesC8& aBinaryData);
   1.407 +	
   1.408 +	/** Creates a new generic X.509 certificate extension object from the specified 
   1.409 +	* buffer containing the binary coded representation, and puts a pointer to it 
   1.410 +	* onto the cleanup stack .
   1.411 +	* 
   1.412 +	* @param aBinaryData	The encoded binary representation.
   1.413 +	* @return				The new generic X.509 certificate extension object. */
   1.414 +	IMPORT_C static CX509CertExtension* NewLC(const TDesC8& aBinaryData);
   1.415 +	
   1.416 +	/** Creates a new generic X.509 certificate extension object from the specified 
   1.417 +	* buffer containing the binary coded representation, starting at the specified offset.
   1.418 +	* 
   1.419 +	* @param aBinaryData	The encoded binary representation.
   1.420 +	* @param aPos			The offset position from which to start decoding.
   1.421 +	* @return				The new generic X.509 certificate extension object. */
   1.422 +	IMPORT_C static CX509CertExtension* NewL(const TDesC8& aBinaryData, TInt& aPos);
   1.423 +	
   1.424 +	/** Creates a new generic X.509 certificate extension object from the specified 
   1.425 +	* buffer containing the binary coded representation, starting at the specified 
   1.426 +	* offset, and puts a pointer to it onto the cleanup stack.
   1.427 +	* 
   1.428 +	* @param aBinaryData	The encoded binary representation.
   1.429 +	* @param aPos			The offset position from which to start decoding.
   1.430 +	* @return				The new generic X.509 certificate extension object. */
   1.431 +	IMPORT_C static CX509CertExtension* NewLC(const TDesC8& aBinaryData, TInt& aPos);
   1.432 +	
   1.433 +	/** Creates a new generic X.509 certificate extension object from the specified 
   1.434 +	* extension object id, the critcal flag and the extension data.
   1.435 +	* 
   1.436 +	* @param aCertExtOID	The OID of the certficate extension.
   1.437 +	* @param aCritical		Flag to convey criticality of the extension.
   1.438 +	* @param aCertExtValue	The data of the specific extension.
   1.439 +	* @return				The new generic X.509 certificate extension object. */
   1.440 +	IMPORT_C static CX509CertExtension* NewL(const TDesC& aCertExtOID, 
   1.441 +							const TBool aCritical,
   1.442 +							const TDesC8& aCertExtValue);
   1.443 +
   1.444 +	/** Creates a new generic X.509 certificate extension object from the specified 
   1.445 +	* extension object id, the critcal flag and the extension data, and puts a 
   1.446 +	* pointer to it onto the cleanup stack.
   1.447 +	* 
   1.448 +	* @param aCertExtOID	The OID of the certficate extension.
   1.449 +	* @param aCritical		Flag to convey criticality of the extension.
   1.450 +	* @param aCertExtValue	The data of the specific extension.
   1.451 +	* @return				The new generic X.509 certificate extension object. */
   1.452 +	IMPORT_C static CX509CertExtension* NewLC(const TDesC& aCertExtOID, 
   1.453 +							const TBool aCritical,
   1.454 +							const TDesC8& aCertExtValue);
   1.455 +
   1.456 +	/** Destructor.
   1.457 +	* 
   1.458 +	* Frees all resources owned by the object, prior to its destruction. */
   1.459 +	IMPORT_C ~CX509CertExtension();
   1.460 +	
   1.461 +	/** Tests whether certificate processing code must process this extension for certificate 
   1.462 +	* validation to succeed.
   1.463 +	* 
   1.464 +	* @return	ETrue, if this extension must be processed for validation to succeed; 
   1.465 +	* 			EFalse, otherwise. */
   1.466 +	IMPORT_C TBool Critical() const;
   1.467 +	
   1.468 +	/** Gets the Object Identifier (OID) of the certficate extension.
   1.469 +	* 
   1.470 +	* @return	The OID of the certficate extension. */
   1.471 +	IMPORT_C TPtrC Id() const;	//OID for the extension
   1.472 +	
   1.473 +	/** Gets the encoded binary representation of the specific extension.
   1.474 +	* 
   1.475 +	* @return	A pointer descriptor representing the specific extension. */
   1.476 +	IMPORT_C TPtrC8 Data() const;	//the extension itself 
   1.477 +
   1.478 +	/** Creates and returns a DER encoded X.509 certificate extension object in the form 
   1.479 +	* of a ASN.1 Sequence and puts it onto the cleanup stack. This method can be called
   1.480 +	* repeatedly to get copies of the sequence.
   1.481 +	* 
   1.482 +	* @return	A pointer to a DER encoded ASN.1 sequence */
   1.483 +	IMPORT_C CASN1EncSequence * EncodeASN1DERLC() const;
   1.484 +
   1.485 +private:
   1.486 +	CX509CertExtension();
   1.487 +	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
   1.488 +	void ConstructL(const CX509CertExtension& aExtension);
   1.489 +	void ConstructL(const TDesC& aCertExtOID, 
   1.490 +					const TBool aCritical,
   1.491 +					const TDesC8& aCertExtValue);
   1.492 +	HBufC* iId;
   1.493 +	TBool iCritical;
   1.494 +	HBufC8* iData;
   1.495 +	};
   1.496 +
   1.497 +class CX509Certificate : public CCertificate
   1.498 +/** An X.509 certificate.
   1.499 +* 
   1.500 +* @publishedAll
   1.501 +* @released
   1.502 +* @since v6.0 */
   1.503 +	{
   1.504 +public:
   1.505 +/** Enumerates values for encoded data element positions in the TBSCertificate data structure.
   1.506 +* 
   1.507 +* These values are to be used as parameters to the DataElementEncoding() function. */
   1.508 +	enum
   1.509 +		{
   1.510 +		EVersionNumber = 0,	//optional - may be NULL
   1.511 +		ESerialNumber = 1,
   1.512 +		EAlgorithmId = 2,
   1.513 +		EIssuerName = 3,
   1.514 +		EValidityPeriod = 4,
   1.515 +		ESubjectName = 5,
   1.516 +		ESubjectPublicKeyInfo = 6,
   1.517 +		EIssuerUID = 7,		//optional - may be NULL
   1.518 +		ESubjectUID = 8,	//optional - may be NULL
   1.519 +		EExtensionList = 9	//optional - may be NULL
   1.520 +		};
   1.521 +	
   1.522 +	/** Creates a new X.509 certificate object from the specified buffer containing 
   1.523 +	* the binary coded representation.
   1.524 +	* 
   1.525 +	* @param aBinaryData	The encoded binary representation.
   1.526 +	* @return				The new X.509 certificate object. */
   1.527 +	IMPORT_C static CX509Certificate* NewL(const TDesC8& aBinaryData);
   1.528 +	
   1.529 +	/** Creates a new X.509 certificate object from the specified buffer containing 
   1.530 +	* the binary coded representation, and puts a pointer to it onto the cleanup stack.
   1.531 +	* 
   1.532 +	* Initialises the object from its encoded binary form into an internal representation.
   1.533 +	* 
   1.534 +	* @param aBinaryData	The encoded binary representation.
   1.535 +	* @return				The new X.509 certificate object. */
   1.536 +	IMPORT_C static CX509Certificate* NewLC(const TDesC8& aBinaryData);
   1.537 +
   1.538 +	/** Creates a new X.509 certificate object from the specified buffer containing 
   1.539 +	* the binary coded representation, starting at the specified offset.
   1.540 +	* 
   1.541 +	* @param aBinaryData	The encoded binary representation.
   1.542 +	* @param aPos			The offset position from which to start decoding.
   1.543 +	* @return				The new X.509 certificate object. */
   1.544 +	IMPORT_C static CX509Certificate* NewL(const TDesC8& aBinaryData, TInt& aPos);
   1.545 +	
   1.546 +	/** Creates a new X.509 certificate object from the specified buffer containing 
   1.547 +	* the binary coded representation, starting at the specified offset, and puts 
   1.548 +	* a pointer to it onto the cleanup stack.
   1.549 +	* 
   1.550 +	* @param aBinaryData	The encoded binary representation.
   1.551 +	* @param aPos			The offset position from which to start decoding.
   1.552 +	* @return				The new X.509 certificate object. */
   1.553 +	IMPORT_C static CX509Certificate* NewLC(const TDesC8& aBinaryData, TInt& aPos);
   1.554 +
   1.555 +	/** Creates a new X.509 certificate object from the specified read stream.
   1.556 +	* 
   1.557 +	* @param aStream	Stream from which the contents should be internalised. 
   1.558 +	* @return			The new X.509 certificate object. */
   1.559 +	IMPORT_C static CX509Certificate* NewL(RReadStream& aStream);
   1.560 +	
   1.561 +	/** Creates a new X.509 certificate object from the specified read stream, and 
   1.562 +	* puts a pointer to it onto the cleanup stack.
   1.563 +	* 
   1.564 +	* Construction is from the stream.
   1.565 +	* 
   1.566 +	* @param aStream	Stream from which the contents should be internalised. 
   1.567 +	* @return			The new X.509 certificate object. */
   1.568 +	IMPORT_C static CX509Certificate* NewLC(RReadStream& aStream);
   1.569 +
   1.570 +	/** Creates a new X.509 certificate object from an existing object.
   1.571 +	* 
   1.572 +	* This is equivalent to a copy constructor.
   1.573 +	* 
   1.574 +	* @param aCert	The X.509 certificate to be copied.
   1.575 +	* @return		The new X.509 certificate object. */
   1.576 +	IMPORT_C static CX509Certificate* NewL(const CX509Certificate& aCert);
   1.577 +	
   1.578 +	/** Creates a new X.509 certificate object from an existing object.
   1.579 +	* 
   1.580 +	* This is equivalent to a copy constructor.
   1.581 +	* 
   1.582 +	* @param aCert	The X.509 certificate to be copied.
   1.583 +	* @return		The new X.509 certificate object. */
   1.584 +	IMPORT_C static CX509Certificate* NewLC(const CX509Certificate& aCert);
   1.585 +
   1.586 +	/** Destructor.
   1.587 +	* 
   1.588 +	* Frees all resources owned by the object, prior to its destruction. */
   1.589 +	IMPORT_C ~CX509Certificate();
   1.590 +	
   1.591 +	/** Tests whether the specified X.509 certificate is equal to this X.509 certificate.
   1.592 +	* 
   1.593 +	* X.509 certificates are equal if both the serial number and the issuer name 
   1.594 +	* are the same.
   1.595 +	* 
   1.596 +	* @param aCert	The X.509 certificate to be compared.
   1.597 +	* @return		ETrue, if the certificates are equal;EFalse, otherwise. */
   1.598 +	IMPORT_C TBool IsEqualL(const CX509Certificate& aCert) const;
   1.599 +	
   1.600 +	//extra accessors
   1.601 +	/** Gets the certificate's signed data.
   1.602 +	* 
   1.603 +	* @return	A non-modifiable pointer descriptor representing the certificate's 
   1.604 +	* 			signed data. */
   1.605 +	IMPORT_C const TPtrC8 SignedDataL() const;
   1.606 +	
   1.607 +	/** Gets the version number of the certificate.
   1.608 +	* 
   1.609 +	* @return	The version number of the certificate. */
   1.610 +	IMPORT_C TInt Version() const;
   1.611 +	
   1.612 +	/** Gets the X.500 Distinguished Name that identifies the issuer.
   1.613 +	* 
   1.614 +	* @return	The X.500 Distinguished Name that identifies the issuer. */
   1.615 +	IMPORT_C const CX500DistinguishedName& IssuerName() const;
   1.616 +	
   1.617 +	/** Gets the X.500 Distinguished Name that identifies the subject.
   1.618 +	* 
   1.619 +	* @return	The X.500 Distinguished Name that identifies the subject. */
   1.620 +	IMPORT_C const CX500DistinguishedName& SubjectName() const;
   1.621 +	
   1.622 +			//return all your generic extensions
   1.623 +	/** Gets all generic certificate extensions.
   1.624 +	* 
   1.625 +	* @return	The certificate extensions. */
   1.626 +	IMPORT_C const CArrayPtrFlat<CX509CertExtension>& Extensions() const;
   1.627 +		
   1.628 +		//return a particular extension: this is NOT OWNED by the client
   1.629 +		//returns NULL if the ext is not found
   1.630 +	/** Gets the certificate extension identified by the specified object identifier (OID).
   1.631 +	* 
   1.632 +	* @param aExtensionName	The OID identifying the extension.
   1.633 +	* @return				The certificate extension: Note that ownership is not transferred to 
   1.634 +	* 						the caller. */
   1.635 +	IMPORT_C const CX509CertExtension* Extension(const TDesC& aExtensionName) const;
   1.636 +	
   1.637 +	/** Internalises an object of this class from a read stream.
   1.638 +	* 
   1.639 +	* The presence of this function means that the standard templated operator>>() 
   1.640 +	* can be used to internalise objects of this class.
   1.641 +	* 
   1.642 +	* Note that the function has assignment semantics. It replaces the old value 
   1.643 +	* of the object with a new value read from the read stream.
   1.644 +	* 
   1.645 +	* @param aStream	Stream from which the object is to be internalised. */
   1.646 +	IMPORT_C void InternalizeL(RReadStream& aStream);
   1.647 +		
   1.648 +		//return the encoding for a data element at the index specified
   1.649 +	/** Gets the encoded data for the specified encoded data element (in the To Be 
   1.650 +	* Signed (TBS) certificate data structure) of the signed object.
   1.651 +	* 
   1.652 +	* @param aIndex	The encoded data element position in the TBSCertificate data 
   1.653 +	* 				structure. (See the CX509Certificate enumeration.)
   1.654 +	* @return 		The encoded data for the specified data element of the signed object. 
   1.655 +	* @since 		v7.0 */
   1.656 +	IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const;
   1.657 +
   1.658 +public:	// from CCertificate
   1.659 +	/** Gets the issuer of the certificate.
   1.660 +	* 
   1.661 +	* @return 	A heap descriptor representing the issuer of the certificate. */
   1.662 +	IMPORT_C HBufC* IssuerL() const;
   1.663 +	
   1.664 +	/** Gets the subject of the certificate.
   1.665 +	* 
   1.666 +	* @return	A heap descriptor representing the issuer of the certificate. */
   1.667 +	IMPORT_C HBufC* SubjectL() const;
   1.668 +	
   1.669 +	/** Tests whether the certificate is self-signed.
   1.670 +	* 
   1.671 +	* @return	ETrue, if it is self-signed; EFalse, otherwise. */
   1.672 +	IMPORT_C TBool IsSelfSignedL() const;
   1.673 +	
   1.674 +	/** Gets a key identifier for the certificate. This is a unique identifier, calculated according 
   1.675 +	* to the recommended method of computing it from RFC3280, section 4.2.1.2. Please note that this
   1.676 +	* method does NOT return the value of the Subject Key Id extension, if it is present.
   1.677 +	* 
   1.678 +	* @return	A unique key identifier for the certificate. */
   1.679 +	IMPORT_C TKeyIdentifier KeyIdentifierL() const;
   1.680 +	
   1.681 +	/** Gets the subject key identifier for the certificate. This identifier is extracted from the
   1.682 +	* certificate (if the corresponding extension exists), or calculated (if the extension doesn't exist). If calculated, the recommendation from
   1.683 +	* section 4.2.1.2, RFC3280 is used (hash of the public key). Please note, that for subject key ids
   1.684 +	* extracted from the certificate there is a length limit - if the extension is longer than 160 bits,
   1.685 +	* it is ignored and the value is calculated instead.
   1.686 +	* 
   1.687 +	* @return	The subject key identifier for the certificate. */
   1.688 +	IMPORT_C TKeyIdentifier SubjectKeyIdentifierL() const;
   1.689 +
   1.690 +private:
   1.691 +	CX509Certificate();
   1.692 +	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
   1.693 +	void ConstructL(const CX509Certificate& aCertificate);
   1.694 +	void ConstructCertL();
   1.695 +	void InitDataElementsL(const CX509Certificate& aCertificate);
   1.696 +	HBufC8* DecodeUidL(const TDesC8& aBinaryData, TBool& aHasElementAlready);
   1.697 +	void DecodeExtsL(const TDesC8& aBinaryData, TBool& aHasElementAlready);
   1.698 +	//private data
   1.699 +	TInt iVersion;
   1.700 +	CX500DistinguishedName* iIssuerName;
   1.701 +	CX500DistinguishedName* iSubjectName;
   1.702 +	HBufC8* iIssuerUid;
   1.703 +	HBufC8* iSubjectUid;
   1.704 +	CArrayPtrFlat<CX509CertExtension>* iExtensions;
   1.705 +	TFixedArray<TPtrC8*, KX509MaxDataElements>* iDataElements;
   1.706 +	};
   1.707 +
   1.708 +#endif