1.1 --- a/epoc32/include/x509certext.h Tue Nov 24 13:55:44 2009 +0000
1.2 +++ b/epoc32/include/x509certext.h Tue Mar 16 16:12:26 2010 +0000
1.3 @@ -1,1 +1,1488 @@
1.4 -x509certext.h
1.5 +/*
1.6 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
1.7 +* All rights reserved.
1.8 +* This component and the accompanying materials are made available
1.9 +* under the terms of the License "Eclipse Public License v1.0"
1.10 +* which accompanies this distribution, and is available
1.11 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.12 +*
1.13 +* Initial Contributors:
1.14 +* Nokia Corporation - initial contribution.
1.15 +*
1.16 +* Contributors:
1.17 +*
1.18 +* Description:
1.19 +* X509CERTEXT.H
1.20 +* X509 extensions v2
1.21 +* Common specific extensions:
1.22 +* 1) basic constraints
1.23 +* 2) alt name
1.24 +* 3) key usage
1.25 +* 4) name constraints
1.26 +* 5) policy constraints
1.27 +* 6) policies
1.28 +* 7) policy mapping
1.29 +* 8) authority key ID
1.30 +* 9) subject key ID
1.31 +* 10) extended key usage
1.32 +* 11) authority information access
1.33 +* critical extension
1.34 +* 12) inhibit-any policy
1.35 +*
1.36 +*/
1.37 +
1.38 +
1.39 +
1.40 +
1.41 +/**
1.42 + @file
1.43 + @internalAll
1.44 + @released
1.45 +*/
1.46 +
1.47 +#if !defined (__X509CERTEXT_H__)
1.48 +#define __X509CERTEXT_H__
1.49 +
1.50 +#include <e32base.h>
1.51 +#include <e32std.h>
1.52 +#include <x509gn.h>
1.53 +
1.54 +
1.55 +class RReadStream;
1.56 +class RWriteStream;
1.57 +
1.58 +/** X509 Extension OIDs
1.59 +*
1.60 +* @publishedAll
1.61 +* @released
1.62 +* @since v9.5 */
1.63 +
1.64 +//OIDS for the extensions we define here...
1.65 +_LIT(KBasicConstraints,"2.5.29.19");
1.66 +_LIT(KSubjectAltName,"2.5.29.17");
1.67 +_LIT(KIssuerAltName,"2.5.29.18");
1.68 +_LIT(KKeyUsage,"2.5.29.15");
1.69 +_LIT(KNameConstraints,"2.5.29.30");
1.70 +_LIT(KPolicyConstraints,"2.5.29.36");
1.71 +_LIT(KCertPolicies,"2.5.29.32");
1.72 +_LIT(KPolicyMapping,"2.5.29.33");
1.73 +_LIT(KAuthorityKeyId,"2.5.29.35");
1.74 +_LIT(KSubjectKeyId,"2.5.29.14");
1.75 +_LIT(KExtendedKeyUsage,"2.5.29.37");
1.76 +_LIT(KAuthorityInfoAccess, "1.3.6.1.5.5.7.1.1");
1.77 +_LIT(KInhibitAnyPolicy, "2.5.29.54");
1.78 +
1.79 +// OIDs for access methods
1.80 +_LIT(KAccessMethodOCSP, "1.3.6.1.5.5.7.48.1");
1.81 +
1.82 +//deprecated OIDs we might still encounter
1.83 +_LIT(KOldBasicConstraints,"2.5.29.10");
1.84 +_LIT(KOldBasicConstraints2,"2.5.29.13");
1.85 +_LIT(KOldSubjectAltName,"2.5.29.7");
1.86 +_LIT(KOldIssuerAltName,"2.5.29.8");
1.87 +_LIT(KOldNameConstraints,"2.5.29.11");
1.88 +_LIT(KOldPolicyConstraints,"2.5.29.2");
1.89 +_LIT(KOldPolicyConstraints2,"2.5.29.34");
1.90 +_LIT(KOldCertPolicies,"2.5.29.3");
1.91 +_LIT(KOldPolicyMapping,"2.5.29.5");
1.92 +_LIT(KOldAuthorityKeyId,"2.5.29.1");
1.93 +
1.94 +// Define OIDs for Symbian certificate constraints.
1.95 +_LIT(KDeviceIdListConstraint,"1.2.826.0.1.1796587.1.1.1.1");
1.96 +_LIT(KSidListConstraint,"1.2.826.0.1.1796587.1.1.1.4");
1.97 +_LIT(KVidListConstraint,"1.2.826.0.1.1796587.1.1.1.5");
1.98 +_LIT(KCapabilitiesConstraint,"1.2.826.0.1.1796587.1.1.1.6");
1.99 +
1.100 +//1) basic constraints...
1.101 +
1.102 +class CX509ExtensionBase : public CBase
1.103 +/** A certificate extension base class.
1.104 +*
1.105 +* @publishedAll
1.106 +* @released
1.107 +* @since v6.0 */
1.108 + {
1.109 +protected:
1.110 + /** Second-phase constructor.
1.111 + *
1.112 + * @param aBinaryData The encoded binary representation.
1.113 + * @param aPos The position from which to start decoding. */
1.114 + virtual void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.115 +
1.116 + /** Implementation for second-phase construction.
1.117 + *
1.118 + * This is called by ConstructL().
1.119 + *
1.120 + * @param aBinaryData The encoded binary representation. This is the same as
1.121 + * passed to ConstructL().
1.122 + * @param aPos The position from which to start decoding. Note that the value
1.123 + * passed points, in effect, to the content, by passing the header data. */
1.124 + virtual void DoConstructL(const TDesC8& aBinaryData, TInt& aPos) = 0;
1.125 + };
1.126 +
1.127 +class CX509BasicConstraintsExt : public CX509ExtensionBase
1.128 +/** An X.509 certificate extension that defines basic constraints.
1.129 +*
1.130 +* It indicates whether the certificate belongs to a Certificate Authority or
1.131 +* an end Entity.
1.132 +*
1.133 +* @publishedAll
1.134 +* @released
1.135 +* @since v6.0 */
1.136 + {
1.137 +public:
1.138 + /** Creates a new CX509BasicConstraintsExt object from the specified
1.139 + * buffer containing the binary coded representation.
1.140 + *
1.141 + * @param aBinaryData The encoded binary representation.
1.142 + * @return The new CX509BasicConstraintsExt object. */
1.143 + IMPORT_C static CX509BasicConstraintsExt* NewL(const TDesC8& aBinaryData);
1.144 +
1.145 + /** Creates a new CX509BasicConstraintsExt object from the specified
1.146 + * buffer containing the binary coded representation, and puts a pointer to it
1.147 + * onto the cleanup stack.
1.148 + *
1.149 + * @param aBinaryData The encoded binary representation.
1.150 + * @return The new CX509BasicConstraintsExt object. */
1.151 + IMPORT_C static CX509BasicConstraintsExt* NewLC(const TDesC8& aBinaryData);
1.152 +
1.153 + /** Creates a new CX509BasicConstraintsExt object from the specified
1.154 + * buffer containing the binary coded representation, starting at the specified
1.155 + * offset.
1.156 + *
1.157 + * @param aBinaryData The encoded binary representation.
1.158 + * @param aPos The offset position from which to start decoding.
1.159 + * @return The new CX509BasicConstraintsExt object. */
1.160 + IMPORT_C static CX509BasicConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.161 +
1.162 + /** Creates a new CX509BasicConstraintsExt object from the specified
1.163 + * buffer containing the binary coded representation, starting at the specified
1.164 + * offset, and puts a pointer to it onto the cleanup stack.
1.165 + *
1.166 + * @param aBinaryData The encoded binary representation.
1.167 + * @param aPos The offset position from which to start decoding.
1.168 + * @return The new CX509BasicConstraintsExt object. */
1.169 + IMPORT_C static CX509BasicConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.170 +
1.171 + /** Destructor.
1.172 + *
1.173 + * Frees all resources owned by the object, prior to its destruction. */
1.174 + virtual ~CX509BasicConstraintsExt();
1.175 +
1.176 + /** Tests whether the certificate belongs to a Certificate Authority.
1.177 + *
1.178 + * @return ETrue, if the certificate belongs to a Certificate Authority;
1.179 + * EFalse, otherwise. */
1.180 + IMPORT_C TBool IsCA() const;
1.181 +
1.182 + /** Gets the maximum number of certificates that can follow this one in the chain.
1.183 + *
1.184 + * @return The number of certificates. */
1.185 + IMPORT_C TInt MaxChainLength() const;//0 if not set
1.186 +private:
1.187 + CX509BasicConstraintsExt();
1.188 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.189 + TBool iIsCA;
1.190 + TInt iMaxChainLen;
1.191 + };
1.192 +
1.193 +//2) alt name
1.194 +
1.195 +class CX509AltNameExt : public CX509ExtensionBase
1.196 +/** An X.509 certificate extension that defines an alternate name.
1.197 +*
1.198 +* It appears as an Issuer Alt Name extension or a Subject Alt Name extension
1.199 +* and is used to contain extra identifying information that will not fit into
1.200 +* a Distinguished Name.
1.201 +*
1.202 +* It consists of an array of X.509 General Names.
1.203 +*
1.204 +* @publishedAll
1.205 +* @released
1.206 +* @since v6.0 */
1.207 + {
1.208 +public:
1.209 + /** Creates a new CX509AltNameExt object from the specified
1.210 + * buffer containing the binary coded representation.
1.211 + *
1.212 + * @param aBinaryData The encoded binary representation.
1.213 + * @return The new CX509AltNameExt object. */
1.214 + IMPORT_C static CX509AltNameExt* NewL(const TDesC8& aBinaryData);
1.215 +
1.216 + /** Creates a new CX509AltNameExt object from the specified
1.217 + * buffer containing the binary coded representation, and puts a pointer to it
1.218 + * onto the cleanup stack.
1.219 + *
1.220 + * @param aBinaryData The encoded binary representation.
1.221 + * @return The new CX509AltNameExt object. */
1.222 + IMPORT_C static CX509AltNameExt* NewLC(const TDesC8& aBinaryData);
1.223 +
1.224 + /** Creates a new CX509AltNameExt object from the specified
1.225 + * buffer containing the binary coded representation, starting at the specified
1.226 + * offset.
1.227 + *
1.228 + * @param aBinaryData The encoded binary representation.
1.229 + * @param aPos The offset position from which to start decoding.
1.230 + * @return The new CX509AltNameExt object. */
1.231 + IMPORT_C static CX509AltNameExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.232 +
1.233 + /** Creates a new CX509AltNameExt object from the specified
1.234 + * buffer containing the binary coded representation, starting at the specified
1.235 + * offset, and puts a pointer to it onto the cleanup stack.
1.236 + *
1.237 + * @param aBinaryData The encoded binary representation.
1.238 + * @param aPos The offset position from which to start decoding.
1.239 + * @return The new CX509AltNameExt object. */
1.240 + IMPORT_C static CX509AltNameExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.241 +
1.242 + /** Destructor.
1.243 + *
1.244 + * Frees all resources owned by the object, prior to its destruction. */
1.245 + virtual ~CX509AltNameExt();
1.246 +
1.247 + /** Gets a reference to the array of general names that forms the alternate name
1.248 + * extension.
1.249 + *
1.250 + * @return The array of general names. */
1.251 + IMPORT_C const CArrayPtrFlat<CX509GeneralName>& AltName() const;
1.252 +
1.253 + /** Checks whether the corressponding elements of two equally sized arrays of X.509 general names
1.254 + * match.
1.255 + *
1.256 + * @param aExt An X.509 certificate extension object that defines an alternate name.
1.257 + * @return TRUE if all the elements in the arrays match.
1.258 + */
1.259 + IMPORT_C TBool Match(const CX509AltNameExt& aExt) const;
1.260 +private:
1.261 + CX509AltNameExt();
1.262 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.263 + CArrayPtrFlat<CX509GeneralName>* iAuthorityName;
1.264 + };
1.265 +
1.266 +//3) key usage
1.267 +
1.268 +class CX509BitString : public CBase
1.269 +/** An X.509 bit string.
1.270 +*
1.271 +* @internalTechnology
1.272 +* @released
1.273 +* @since v6.0 */
1.274 + {
1.275 +public:
1.276 + /** Destructor.
1.277 + *
1.278 + * Frees all resources owned by the object. */
1.279 + ~CX509BitString();
1.280 +
1.281 + /** Tests whether the specified bit is set.
1.282 + *
1.283 + * @param aBit The offset of the bit to be tested. This is a value relative to
1.284 + * zero. Any value greater than or equal to the length of the bit
1.285 + * string will always cause EFalse to be returned.
1.286 + * @return ETrue, if the bit is set; EFalse, otherwise. */
1.287 + TBool IsSet(TInt aBit) const;
1.288 +
1.289 + /** Creates the X.509 bit string.
1.290 + *
1.291 + * @param aData A heap descriptor representing the bit string data.
1.292 + * @param aEffectiveLength The number of bits in the string. */
1.293 + CX509BitString(HBufC8* aData, TInt aEffectiveLength);
1.294 +private:
1.295 + HBufC8* iData;
1.296 + TInt iLength;
1.297 + };
1.298 +
1.299 +/** A list of values that defines what an X.509 key can be used for.
1.300 +* These values can be ANDed together if a key has several usages.
1.301 +*
1.302 +* @internalTechnology
1.303 +* @since v7.0 */
1.304 +enum TX509KeyUsage
1.305 + {
1.306 + /** A digital signature. */
1.307 + EX509DigitalSignature,
1.308 + /** Non repudiation. */
1.309 + EX509NonRepudiation,
1.310 + /** Key encipherment. */
1.311 + EX509KeyEncipherment,
1.312 + /** Data encipherment. */
1.313 + EX509DataEncipherment,
1.314 + /** Key agreement. */
1.315 + EX509KeyAgreement,
1.316 + /** Key certificate sign. */
1.317 + EX509KeyCertSign,
1.318 + /** CRL sign. */
1.319 + EX509CRLSign,
1.320 + /** Encipher only. */
1.321 + EX509EncipherOnly,
1.322 + /** Decipher only. */
1.323 + EX509DecipherOnly
1.324 + };
1.325 +
1.326 +class CX509KeyUsageExt : public CX509ExtensionBase
1.327 +/** An X.509 certificate extension that defines the uses to which a key may be put.
1.328 +*
1.329 +* @publishedAll
1.330 +* @released
1.331 +* @since v6.0 */
1.332 + {
1.333 +public:
1.334 + /** Creates a new CX509KeyUsageExt object from the specified buffer
1.335 + * containing the binary coded representation.
1.336 + *
1.337 + * @param aBinaryData The encoded binary representation.
1.338 + * @return The new CX509KeyUsageExt object. */
1.339 + IMPORT_C static CX509KeyUsageExt* NewL(const TDesC8& aBinaryData);
1.340 +
1.341 + /** Creates a new CX509KeyUsageExt object from the specified buffer
1.342 + * containing the binary coded representation, and puts a pointer to it onto
1.343 + * the cleanup stack.
1.344 + *
1.345 + * @param aBinaryData The encoded binary representation.
1.346 + * @return The new CX509KeyUsageExt object. */
1.347 + IMPORT_C static CX509KeyUsageExt* NewLC(const TDesC8& aBinaryData);
1.348 +
1.349 + /** Creates a new CX509KeyUsageExt object from the specified buffer
1.350 + * containing the binary coded representation, starting at the specified offset.
1.351 + *
1.352 + * @param aBinaryData The encoded binary representation.
1.353 + * @param aPos The offset position from which to start decoding.
1.354 + * @return The new CX509KeyUsageExt object. */
1.355 + IMPORT_C static CX509KeyUsageExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.356 +
1.357 + /** Creates a new CX509KeyUsageExt object from the specified buffer
1.358 + * containing the binary coded representation, starting at the specified offset,
1.359 + * and puts a pointer to it onto the cleanup stack.
1.360 + *
1.361 + * @param aBinaryData The encoded binary representation.
1.362 + * @param aPos The offset position from which to start decoding.
1.363 + * @return The new CX509KeyUsageExt object. */
1.364 + IMPORT_C static CX509KeyUsageExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.365 +
1.366 + /** Destructor.
1.367 + *
1.368 + * Frees all resources owned by the object, prior to its destruction. */
1.369 + virtual ~CX509KeyUsageExt();
1.370 +
1.371 + /** Tests whether a particular usage is set in the extension.
1.372 + *
1.373 + * @internalTechnology
1.374 + * @param aUsage The usage.
1.375 + * @return ETrue, if the specific usage is set in the extension; EFalse, otherwise. */
1.376 + IMPORT_C TBool IsSet(TX509KeyUsage aUsage) const;
1.377 +private:
1.378 + CX509KeyUsageExt();
1.379 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.380 + CX509BitString* iData;
1.381 + };
1.382 +
1.383 +//4) name constraints
1.384 +
1.385 +class CX509GeneralSubtree : public CBase
1.386 +/** Provides access to the general name and the min/max lengths of the subtree.
1.387 +*
1.388 +* @publishedAll
1.389 +* @released
1.390 +* @since v6.0 */
1.391 + {
1.392 +public:
1.393 + /**
1.394 + * @internalComponent
1.395 + *
1.396 + * Creates a new CX509GeneralSubtree object from the specified buffer containing
1.397 + * the encoded binary representation.
1.398 + *
1.399 + * @param aBinaryData The encoded binary representation.
1.400 + * @return The new CX509GeneralSubtree object.
1.401 + **/
1.402 + static CX509GeneralSubtree* NewL(const TDesC8& aBinaryData);
1.403 +
1.404 + /**
1.405 + * @internalComponent
1.406 + *
1.407 + * Creates a new CX509GeneralSubtree object from the specified buffer containing
1.408 + * the encoded binary representation, and puts a pointer to it onto the cleanup stack.
1.409 + *
1.410 + * @param aBinaryData The encoded binary representation.
1.411 + * @return The new CX509GeneralSubtree object.
1.412 + **/
1.413 + static CX509GeneralSubtree* NewLC(const TDesC8& aBinaryData);
1.414 +
1.415 + /**
1.416 + * @internalComponent
1.417 + *
1.418 + * Creates a new CX509GeneralSubtree object from the specified buffer containing
1.419 + * the encoded binary representation.
1.420 + *
1.421 + * @param aBinaryData The encoded binary representation.
1.422 + * @param aPos The position from which to start decoding.
1.423 + * @return The new CX509GeneralSubtree object.
1.424 + **/
1.425 + static CX509GeneralSubtree* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.426 +
1.427 + /**
1.428 + * @internalComponent
1.429 + *
1.430 + * Creates a new CX509GeneralSubtree object from the specified buffer containing
1.431 + * the encoded binary representation, and puts a pointer to it onto the cleanup stack.
1.432 + *
1.433 + * @param aBinaryData The encoded binary representation.
1.434 + * @param aPos The position from which to start decoding.
1.435 + * @return The new CX509GeneralSubtree object.
1.436 + **/
1.437 + static CX509GeneralSubtree* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.438 +
1.439 + /** Destructor.
1.440 + *
1.441 + * Frees all resources owned by the object. */
1.442 + virtual ~CX509GeneralSubtree();
1.443 +
1.444 + /** Gets the general name.
1.445 + *
1.446 + * @return The general name. */
1.447 + IMPORT_C const CX509GeneralName& Name() const;
1.448 +
1.449 + /** Gets the minimum distance of the CX509GeneralSubtree object.
1.450 + *
1.451 + * @return The minimum distance of the CX509GeneralSubtree object. */
1.452 + IMPORT_C TInt MinDistance() const;
1.453 +
1.454 + /** Gets the maximum distance of the CX509GeneralSubtree object.
1.455 + *
1.456 + * @return The maximum distance of the CX509GeneralSubtree object. */
1.457 + IMPORT_C TInt MaxDistance() const;
1.458 +private:
1.459 + CX509GeneralSubtree();
1.460 + void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.461 + CX509GeneralName* iName;
1.462 + TInt iMaxDist;
1.463 + TInt iMinDist;
1.464 + };
1.465 +
1.466 +class CX509NameConstraintsExt : public CX509ExtensionBase
1.467 +/** An X.509 certificate extension that defines constraints on an entity's name.
1.468 +*
1.469 +* This extension allows Certification Authorities to restrict or prevent the issuing
1.470 +* of certificates to entities whose names lie within a defined name space.
1.471 +*
1.472 +* @publishedAll
1.473 +* @released */
1.474 + {
1.475 +public:
1.476 + /** Creates a new CX509NameConstraintsExt object from the specified
1.477 + * buffer containing the binary coded representation.
1.478 + *
1.479 + * @param aBinaryData The encoded binary representation.
1.480 + * @return The new CX509NameConstraintsExt object. */
1.481 + IMPORT_C static CX509NameConstraintsExt* NewL(const TDesC8& aBinaryData);
1.482 +
1.483 + /** Creates a new CX509NameConstraintsExt object from the specified
1.484 + * buffer containing the binary coded representation, and puts a pointer to it
1.485 + * onto the cleanup stack.
1.486 + *
1.487 + * @param aBinaryData The encoded binary representation.
1.488 + * @return The new CX509NameConstraintsExt object. */
1.489 + IMPORT_C static CX509NameConstraintsExt* NewLC(const TDesC8& aBinaryData);
1.490 +
1.491 + /** Creates a new CX509NameConstraintsExt object from the specified
1.492 + * buffer containing the binary coded representation, starting at the specified offset.
1.493 + *
1.494 + * @param aBinaryData The encoded binary representation.
1.495 + * @param aPos The offset position from which to start decoding.
1.496 + * @return The new CX509NameConstraintsExt object. */
1.497 + IMPORT_C static CX509NameConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.498 +
1.499 + /** Creates a new CX509NameConstraintsExt object from the specified
1.500 + * buffer containing the binary coded representation, starting at the specified
1.501 + * offset, and puts a pointer to it onto the cleanup stack.
1.502 + *
1.503 + * @param aBinaryData The encoded binary representation.
1.504 + * @param aPos The offset position from which to start decoding.
1.505 + * @return The new CX509NameConstraintsExt object. */
1.506 + IMPORT_C static CX509NameConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.507 +
1.508 + /** Destructor.
1.509 + *
1.510 + * Frees all resources owned by the object, prior to its destruction. */
1.511 + IMPORT_C ~CX509NameConstraintsExt();
1.512 +
1.513 + /** Gets a reference to the array of exclusion subtree names.
1.514 + *
1.515 + * No certificates after this one may contain names within the subtrees specified.
1.516 + *
1.517 + * @return The excluded subtrees. */
1.518 + IMPORT_C const CArrayPtrFlat<CX509GeneralSubtree>& ExcludedSubtrees() const;
1.519 +
1.520 + /** Gets a reference to the array of permitted subtree names.
1.521 + *
1.522 + * All certificates after this one must contain names within the subtrees specified.
1.523 + *
1.524 + * @return The permitted subtrees. */
1.525 + IMPORT_C const CArrayPtrFlat<CX509GeneralSubtree>& PermittedSubtrees() const;
1.526 +private:
1.527 + CX509NameConstraintsExt();
1.528 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.529 + void AddSubtreesL(CArrayPtrFlat<CX509GeneralSubtree>& aSubtrees, const TDesC8& aBinaryData);
1.530 + CArrayPtrFlat<CX509GeneralSubtree>* iExcludedSubtrees;
1.531 + CArrayPtrFlat<CX509GeneralSubtree>* iPermittedSubtrees;
1.532 + };
1.533 +
1.534 +//5) policy constraints
1.535 +
1.536 +class TX509PolicyConstraint
1.537 +/** Defines whether a policy constraint applies.
1.538 +*
1.539 +* Objects of this type are used by the X.509 certificate extension that constrains
1.540 +* the use of policies.
1.541 +*
1.542 +* An object of this type encapsulates two pieces of information:
1.543 +* @li whether a specific policy applies to subsequent certificates
1.544 +* @li if a specific policy applies, the number of certificates that can follow the
1.545 +* current one before the policy constraint applies.
1.546 +*
1.547 +* Enables a CA to constrain the use of policies in two ways: they can enforce
1.548 +* the appearance of explicit certificate policies in subsequent certificates,
1.549 +* and prevent policy mapping from being performed.
1.550 +*
1.551 +* @publishedAll
1.552 +* @released
1.553 +*/
1.554 + {
1.555 +public:
1.556 + /**
1.557 + * @internalComponent
1.558 + *
1.559 + * Constructs a TX509PolicyConstraint definition object with the specified requirement
1.560 + * and countdown values.
1.561 + *
1.562 + * @param aRequired The policy requirement. Set to ETrue, if the policy constraint
1.563 + * applies; set to EFalse, otherwise.
1.564 + * @param aCountdown The countdown value. This is the number of certificates that
1.565 + * can follow the current one before the constraint applies.
1.566 + * This only has meaning if the policy constraint applies.
1.567 + **/
1.568 + TX509PolicyConstraint(TBool aRequired, TInt aCountdown);
1.569 +
1.570 + /**
1.571 + * @internalComponent
1.572 + *
1.573 + * Default constructor.
1.574 + *
1.575 + * Sets policy requirement to EFalse and iRequired to EFalse and the iCountdown
1.576 + * to zero.
1.577 + **/
1.578 + TX509PolicyConstraint();
1.579 +
1.580 + /** The policy requirement.
1.581 + *
1.582 + * This has the value ETrue, if the policy constraint applies; EFalse otherwise. */
1.583 + TBool iRequired;
1.584 +
1.585 + /** The count down value.
1.586 + *
1.587 + * Defines the number of certificates that can follow the current one before
1.588 + * the policy constraint applies. This has no meaning if the policy constraint
1.589 + * does not apply. */
1.590 + TInt iCountdown;
1.591 + };
1.592 +
1.593 +class CX509PolicyConstraintsExt : public CX509ExtensionBase
1.594 +/** Enables a Certification Authority to constrain the use of policies in two ways:
1.595 +* @li to enforce the appearance of explicit certificate policies in subsequent certificates
1.596 +* @li to prevent policy mapping from being performed.
1.597 +*
1.598 +* @publishedAll
1.599 +* @released
1.600 +* @since v6.0 */
1.601 + {
1.602 +public:
1.603 + /** Creates a new CX509PolicyConstraintsExt object from the specified buffer
1.604 + * containing the encoded binary representation.
1.605 + *
1.606 + * @param aBinaryData The encoded binary representation.
1.607 + * @return The new CX509PolicyConstraintsExt object. */
1.608 + IMPORT_C static CX509PolicyConstraintsExt* NewL(const TDesC8& aBinaryData);
1.609 +
1.610 + /** Creates a new Policy constraints extension object from the specified buffer
1.611 + * containing the encoded binary representation, and puts a pointer to it onto
1.612 + * the cleanup stack.
1.613 + *
1.614 + * @param aBinaryData The encoded binary representation.
1.615 + * @return The new CX509PolicyConstraintsExt object. */
1.616 + IMPORT_C static CX509PolicyConstraintsExt* NewLC(const TDesC8& aBinaryData);
1.617 +
1.618 + /** Creates a new CX509PolicyConstraintsExt object from the specified buffer
1.619 + * containing the encoded binary representation, starting at the specified offset.
1.620 + *
1.621 + * @param aBinaryData The encoded binary representation.
1.622 + * @param aPos The offset position from which to start decoding.
1.623 + * @return The new CX509PolicyConstraintsExt object. */
1.624 + IMPORT_C static CX509PolicyConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.625 +
1.626 + /** Creates a new CX509PolicyConstraintsExt object from the specified buffer
1.627 + * containing the encoded binary representation, and puts a pointer to it onto
1.628 + * the cleanup stack.
1.629 + *
1.630 + * @param aBinaryData The encoded binary representation.
1.631 + * @param aPos The offset position from which to start decoding.
1.632 + * @return The new CX509PolicyConstraintsExt object. */
1.633 + IMPORT_C static CX509PolicyConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.634 +
1.635 + /** Destructor.
1.636 + *
1.637 + * Frees all resources owned by the object, prior to its destruction. */
1.638 + IMPORT_C ~CX509PolicyConstraintsExt();
1.639 +
1.640 + /** Gets the explicit policy constraint.
1.641 + *
1.642 + * @return The explicit policy constraint. */
1.643 + IMPORT_C TX509PolicyConstraint ExplicitPolicyRequired() const;
1.644 +
1.645 + /** Gets the inhibiting policy mapping.
1.646 + *
1.647 + * @return The inhibiting policy mapping. */
1.648 + IMPORT_C TX509PolicyConstraint InhibitPolicyMapping() const;
1.649 +private:
1.650 + CX509PolicyConstraintsExt();
1.651 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.652 + TX509PolicyConstraint iRequirePolicy;
1.653 + TX509PolicyConstraint iInhibitPolicyMapping;
1.654 + };
1.655 +
1.656 +//6) policies
1.657 +
1.658 +class CX509PolicyQualifierInfo : public CBase
1.659 +/** Gets X.509 policy qualifier information.
1.660 +*
1.661 +* @publishedAll
1.662 +* @released
1.663 +* @since v6.0 */
1.664 + {
1.665 +public:
1.666 + /**
1.667 + * @internalComponent
1.668 + *
1.669 + * Creates a new CX509PolicyQualifierInfo object from the specified
1.670 + * buffer containing the encoded binary representation.
1.671 + *
1.672 + * @param aBinaryData The encoded binary representation.
1.673 + * @return The new CX509PolicyQualifierInfo object.
1.674 + **/
1.675 + static CX509PolicyQualifierInfo* NewL(const TDesC8& aBinaryData);
1.676 +
1.677 + /**
1.678 + * @internalComponent
1.679 + *
1.680 + * Creates a new CX509PolicyQualifierInfo object from the specified
1.681 + * buffer containing the encoded binary representation, and puts a pointer to
1.682 + * it onto the cleanup stack.
1.683 + *
1.684 + * @param aBinaryData The encoded binary representation.
1.685 + * @return The new CX509PolicyQualifierInfo object.
1.686 + **/
1.687 + static CX509PolicyQualifierInfo* NewLC(const TDesC8& aBinaryData);
1.688 +
1.689 + /**
1.690 + * @internalComponent
1.691 + *
1.692 + * Creates a new CX509PolicyQualifierInfo object from the specified
1.693 + * buffer containing the encoded binary representation.
1.694 + *
1.695 + * @param aBinaryData The encoded binary representation.
1.696 + * @param aPos The position from which to start decoding.
1.697 + * @return The new CX509PolicyQualifierInfo object.
1.698 + **/
1.699 + static CX509PolicyQualifierInfo* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.700 +
1.701 + /**
1.702 + * @internalComponent
1.703 + *
1.704 + * Creates a new CX509PolicyQualifierInfo object from the specified
1.705 + * buffer containing the encoded binary representation, and puts a pointer to
1.706 + * it onto the cleanup stack.
1.707 + *
1.708 + * @param aBinaryData The encoded binary representation.
1.709 + * @param aPos The position from which to start decoding.
1.710 + * @return The new CX509PolicyQualifierInfo object.
1.711 + **/
1.712 + static CX509PolicyQualifierInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.713 +
1.714 + /**
1.715 + * @internalComponent
1.716 + *
1.717 + * Creates a new CX509PolicyQualifierInfo object from an existing X.509
1.718 + * Policy Qualifier Information object.
1.719 + *
1.720 + * @param aQualifierInfo The CX509PolicyQualifierInfo object to be copied.
1.721 + * @return The new CX509PolicyQualifierInfo object.
1.722 + **/
1.723 + static CX509PolicyQualifierInfo* NewL(const CX509PolicyQualifierInfo& aQualifierInfo);
1.724 +
1.725 + /**
1.726 + * @internalComponent
1.727 + *
1.728 + * Creates a new CX509PolicyQualifierInfo object from an existing X.509
1.729 + * Policy Qualifier Information object, and puts a pointer to it onto the cleanup stack.
1.730 + *
1.731 + * @param aQualifierInfo The CX509PolicyQualifierInfo object to be copied.
1.732 + * @return The new CX509PolicyQualifierInfo object.
1.733 + **/
1.734 + static CX509PolicyQualifierInfo* NewLC(const CX509PolicyQualifierInfo& aQualifierInfo);
1.735 +
1.736 + /**
1.737 + * @internalComponent
1.738 + *
1.739 + * Creates a new CX509PolicyQualifierInfo object from a stream.
1.740 + *
1.741 + * @return The new CX509PolicyQualifierInfo object.
1.742 + **/
1.743 + static CX509PolicyQualifierInfo* NewL(RReadStream& aStream);
1.744 +
1.745 + /**
1.746 + * @internalComponent
1.747 + *
1.748 + * Creates a new CX509PolicyQualifierInfo object from a stream, and puts a pointer to it onto
1.749 + * the cleanup stack.
1.750 + *
1.751 + * @return The new CX509PolicyQualifierInfo object.
1.752 + **/
1.753 + static CX509PolicyQualifierInfo* NewLC(RReadStream& aStream);
1.754 +
1.755 + /** The destructor.
1.756 + *
1.757 + * Frees all resources owned by the object. */
1.758 + virtual ~CX509PolicyQualifierInfo();
1.759 +
1.760 + /** Gets the policy qualifier Id.
1.761 + *
1.762 + * @return A non-modifiable pointer descriptor representing the policy qualifier Id. */
1.763 + IMPORT_C TPtrC Id() const;
1.764 +
1.765 + /** Gets the policy qualifier data.
1.766 + *
1.767 + * @return A non-modifiable pointer descriptor representing the policy qualifier data. */
1.768 + IMPORT_C TPtrC8 Data() const;
1.769 +
1.770 + // Internalization/Externalization
1.771 + // Externalize. Writes the data out to a stream
1.772 + /**
1.773 + * @internalComponent
1.774 + *
1.775 + * Externalises an object of this class to a write stream.
1.776 + *
1.777 + * The presence of this function means that the standard templated operator<<()
1.778 + * can be used to externalise objects of this class.
1.779 + *
1.780 + * @param aStream Stream to which the object should be externalised.
1.781 + **/
1.782 + void ExternalizeL(RWriteStream& aStream) const;
1.783 +
1.784 + // Internalize. Reads the data from a stream
1.785 + /**
1.786 + * @internalComponent
1.787 + *
1.788 + * Internalises an object of this class from a read stream.
1.789 + *
1.790 + * The presence of this function means that the standard templated operator>>()
1.791 + * can be used to internalise objects of this class.
1.792 + *
1.793 + * Note that this function has assignment semantics: it replaces the old value
1.794 + * of the object with a new value read from the read stream.
1.795 + *
1.796 + * @param aStream Stream from which the object should be internalised.
1.797 + **/
1.798 + void InternalizeL(RReadStream& aStream);
1.799 +
1.800 +private:
1.801 + CX509PolicyQualifierInfo();
1.802 + void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.803 + void ConstructL(const CX509PolicyQualifierInfo& aQualifier);
1.804 + void ConstructL(RReadStream& aStream);
1.805 + HBufC* iPolicyQualifierId;
1.806 + HBufC8* iData; //opaque (this is another any-defined-by, so could be anything)
1.807 + };
1.808 +
1.809 +class CX509CertPolicyInfo : public CBase
1.810 +/** Defines a specific policy followed by a Certification Authority.
1.811 +*
1.812 +* The policy under which a certificate has been issued may contain a number
1.813 +* of these specific policies.
1.814 +*
1.815 +* @see CX509CertPoliciesExt
1.816 +* @publishedAll
1.817 +* @released
1.818 +* @since v6.0 */
1.819 + {
1.820 +public:
1.821 + /**
1.822 + * @internalComponent
1.823 + *
1.824 + * Creates a new CX509CertPolicyInfo object from the specified buffer containing the
1.825 + * binary coded representation.
1.826 + *
1.827 + * @param aBinaryData The encoded binary representation.
1.828 + * @return The new CX509CertPolicyInfo object.
1.829 + **/
1.830 + static CX509CertPolicyInfo* NewL(const TDesC8& aBinaryData);
1.831 +
1.832 + /**
1.833 + * @internalComponent
1.834 + *
1.835 + * Creates a new CX509CertPolicyInfo object from the specified buffer containing the
1.836 + * binary coded representation, and puts a pointer to it onto the cleanup stack.
1.837 + *
1.838 + * @param aBinaryData The encoded binary representation.
1.839 + * @return The new CX509CertPolicyInfo object.
1.840 + **/
1.841 + static CX509CertPolicyInfo* NewLC(const TDesC8& aBinaryData);
1.842 +
1.843 + /**
1.844 + * @internalComponent
1.845 + * Creates a new CX509CertPolicyInfo object from the specified buffer containing the
1.846 + * binary coded representation, starting at the specified offset.
1.847 + *
1.848 + * @param aBinaryData The encoded binary representation.
1.849 + * @param aPos The offset position from which to start decoding.
1.850 + * @return The new CX509CertPolicyInfo object.
1.851 + **/
1.852 + static CX509CertPolicyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.853 +
1.854 + /**
1.855 + * @internalComponent
1.856 + *
1.857 + * Creates a new CX509CertPolicyInfo object from the specified buffer containing the
1.858 + * binary coded representation, starting at the specified offset, and puts a
1.859 + * pointer to it onto the cleanup stack.
1.860 + *
1.861 + * @param aBinaryData The encoded binary representation.
1.862 + * @param aPos The offset position from which to start decoding.
1.863 + * @return The new CX509CertPolicyInfo object.
1.864 + **/
1.865 + static CX509CertPolicyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.866 +
1.867 + /** Creates a new CX509CertPolicyInfo object from an existing object.
1.868 + *
1.869 + * This is equivalent to a copy constructor.
1.870 + *
1.871 + * @param aPolicy The CX509CertPolicyInfo object to be copied.
1.872 + * @return The new CX509CertPolicyInfo object. */
1.873 + IMPORT_C static CX509CertPolicyInfo* NewL(const CX509CertPolicyInfo& aPolicy);
1.874 +
1.875 + /** Creates a new CX509CertPolicyInfo object from an existing object, and puts a pointer
1.876 + * to it onto the cleanup stack.
1.877 + *
1.878 + * This is equivalent to a copy constructor.
1.879 + *
1.880 + * @param aPolicy The CX509CertPolicyInfo object to be copied.
1.881 + * @return The new CX509CertPolicyInfo object. */
1.882 + IMPORT_C static CX509CertPolicyInfo* NewLC(const CX509CertPolicyInfo& aPolicy);
1.883 +
1.884 + /** Creates a new CX509CertPolicyInfo object from a stream.
1.885 + *
1.886 + * @return The new CX509CertPolicyInfo object. */
1.887 + IMPORT_C static CX509CertPolicyInfo* NewL(RReadStream& aStream);
1.888 +
1.889 + /** Creates a new CX509CertPolicyInfo object from a stream, and puts a pointer to it onto
1.890 + * the cleanup stack.
1.891 + *
1.892 + * @return The new CX509CertPolicyInfo object. */
1.893 + IMPORT_C static CX509CertPolicyInfo* NewLC(RReadStream& aStream);
1.894 +
1.895 + /** Destructor.
1.896 + *
1.897 + * Frees all resources owned by the object, prior to its destruction. */
1.898 + virtual ~CX509CertPolicyInfo();
1.899 +
1.900 + /** Gets a reference to the array of policy qualifers.
1.901 + *
1.902 + * @return The array of policy qualifiers. */
1.903 + IMPORT_C const CArrayPtrFlat<CX509PolicyQualifierInfo>& Qualifiers() const;
1.904 +
1.905 + /** Gets the specific policy's Object Identifier (OID).
1.906 + *
1.907 + * @return A pointer descriptor representing the specific policy's OID. */
1.908 + IMPORT_C TPtrC Id() const;
1.909 +
1.910 +
1.911 + // Internalization/Externalization
1.912 + // Externalize. Writes the data out to a stream
1.913 + /** Externalises an object of this class to a write stream.
1.914 + *
1.915 + * The presence of this function means that the standard templated operator<<()
1.916 + * can be used to externalise objects of this class.
1.917 + *
1.918 + * @param aStream Stream to which the object should be externalised. */
1.919 + IMPORT_C void ExternalizeL(RWriteStream& aStream) const;
1.920 +
1.921 + // Internalize. Reads the data from a stream
1.922 + /** Internalises an object of this class from a read stream.
1.923 + *
1.924 + * The presence of this function means that the standard templated operator>>()
1.925 + * can be used to internalise objects of this class.
1.926 + *
1.927 + * Note that this function has assignment semantics: it replaces the old value
1.928 + * of the object with a new value read from the read stream.
1.929 + *
1.930 + * @param aStream Stream from which the object should be internalised. */
1.931 + IMPORT_C void InternalizeL(RReadStream& aStream);
1.932 +
1.933 +
1.934 +private:
1.935 + CX509CertPolicyInfo();
1.936 + void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.937 + void ConstructL(const CX509CertPolicyInfo& aInfo);
1.938 + void ConstructL(RReadStream& aStream);
1.939 + HBufC* iCertPolicyId;//OID for this policy
1.940 + CArrayPtrFlat<CX509PolicyQualifierInfo>* iQualifiers;
1.941 + };
1.942 +
1.943 +class CX509CertPoliciesExt : public CX509ExtensionBase
1.944 +/** The policy under which this certificate has been issued.
1.945 +*
1.946 +* Contains further information on a client's signature.
1.947 +*
1.948 +* @publishedAll
1.949 +* @released
1.950 +* @since v6.0 */
1.951 + {
1.952 +public:
1.953 + /** Creates a new CX509CertPoliciesExt object from the specified buffer
1.954 + * containing the encoded binary representation.
1.955 + *
1.956 + * @param aBinaryData The encoded binary representation.
1.957 + * @return The CX509CertPoliciesExt object. */
1.958 + IMPORT_C static CX509CertPoliciesExt* NewL(const TDesC8& aBinaryData);
1.959 +
1.960 + /** Creates a new CX509CertPoliciesExt object from the specified buffer
1.961 + * containing the encoded binary representation, and puts a pointer to it onto
1.962 + * the cleanup stack.
1.963 + *
1.964 + * @param aBinaryData The encoded binary representation.
1.965 + * @return The CX509CertPoliciesExt object. */
1.966 + IMPORT_C static CX509CertPoliciesExt* NewLC(const TDesC8& aBinaryData);
1.967 +
1.968 + /** Creates a new CX509CertPoliciesExt object from the specified buffer
1.969 + * containing the encoded binary representation, starting at the specified offset.
1.970 + *
1.971 + * @param aBinaryData The encoded binary representation.
1.972 + * @param aPos The offset position from which to start decoding.
1.973 + * @return The CX509CertPoliciesExt object. */
1.974 + IMPORT_C static CX509CertPoliciesExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.975 +
1.976 + /** Creates a new CX509CertPoliciesExt object from the specified buffer
1.977 + * containing the encoded binary representation, and puts a pointer to it onto
1.978 + * the cleanup stack.
1.979 + *
1.980 + * @param aBinaryData The encoded binary representation.
1.981 + * @param aPos The offset position from which to start decoding.
1.982 + * @return The CX509CertPoliciesExt object. */
1.983 + IMPORT_C static CX509CertPoliciesExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.984 +
1.985 + /** Destructor.
1.986 + *
1.987 + * Frees all resources owned by the object. */
1.988 + virtual ~CX509CertPoliciesExt();
1.989 +
1.990 + /** Gets the certificate policy extension information.
1.991 + *
1.992 + * @return The certificate policy extension information. */
1.993 + IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const;
1.994 +private:
1.995 + CX509CertPoliciesExt();
1.996 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.997 + CArrayPtrFlat<CX509CertPolicyInfo>* iPolicies;
1.998 + };
1.999 +
1.1000 +//7) policy mapping
1.1001 +
1.1002 +class CX509PolicyMapping : public CBase
1.1003 +/** A set of policy mappings.
1.1004 +*
1.1005 +* @publishedAll
1.1006 +* @released
1.1007 +* @since v6.0 */
1.1008 + {
1.1009 +public:
1.1010 + /**
1.1011 + * @internalComponent
1.1012 + *
1.1013 + * Creates a new CX509PolicyMapping object from the specified buffer containing
1.1014 + * the encoded binary representation, and puts a pointer to it onto the cleanup stack.
1.1015 + *
1.1016 + * @param aBinaryData The encoded binary representation.
1.1017 + **/
1.1018 + static CX509PolicyMapping* NewL(const TDesC8& aBinaryData);
1.1019 +
1.1020 + /**
1.1021 + * @internalComponent
1.1022 + *
1.1023 + * Creates a new CX509PolicyMapping object from the specified buffer containing
1.1024 + * the encoded binary representation, and puts a pointer to it onto the cleanup stack.
1.1025 + *
1.1026 + * @param aBinaryData The encoded binary representation.
1.1027 + **/
1.1028 + static CX509PolicyMapping* NewLC(const TDesC8& aBinaryData);
1.1029 +
1.1030 + /**
1.1031 + * @internalComponent
1.1032 + *
1.1033 + * Creates a new CX509PolicyMapping object from the specified buffer containing
1.1034 + * the encoded binary representation, starting at the specified offset, and puts
1.1035 + * a pointer to it onto the cleanup stack.
1.1036 + *
1.1037 + * @param aBinaryData The encoded binary representation.
1.1038 + * @param aPos The position from which to start decoding.
1.1039 + **/
1.1040 + static CX509PolicyMapping* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.1041 +
1.1042 + /**
1.1043 + * @internalComponent
1.1044 + *
1.1045 + * Creates a new CX509PolicyMapping object from the specified buffer containing
1.1046 + * the encoded binary representation, starting at the specified offset, and puts
1.1047 + * a pointer to it onto the cleanup stack.
1.1048 + *
1.1049 + * @param aBinaryData The encoded binary representation.
1.1050 + * @param aPos The position from which to start decoding.
1.1051 + **/
1.1052 + static CX509PolicyMapping* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.1053 +
1.1054 + /** Creates a new CX509PolicyMapping object copied from an existing one.
1.1055 + *
1.1056 + * @param aMapping The CX509PolicyMapping object to be copied. */
1.1057 + IMPORT_C static CX509PolicyMapping* NewL(const CX509PolicyMapping& aMapping);
1.1058 +
1.1059 + /** Creates a new CX509PolicyMapping object copied from an existing one, and
1.1060 + * puts a pointer to the object onto the cleanup stack.
1.1061 + *
1.1062 + * @param aMapping The CX509PolicyMapping object to be copied. */
1.1063 + IMPORT_C static CX509PolicyMapping* NewLC(const CX509PolicyMapping& aMapping);
1.1064 +
1.1065 + /** The destructor.
1.1066 + *
1.1067 + * Frees all resources owned by the object. */
1.1068 + virtual ~CX509PolicyMapping();
1.1069 +
1.1070 + /** Gets the issuer policy.
1.1071 + *
1.1072 + * @return The issuer policy. */
1.1073 + IMPORT_C TPtrC IssuerPolicy() const;
1.1074 +
1.1075 + /** Gets the subject policy.
1.1076 + *
1.1077 + * @return The subject policy. */
1.1078 + IMPORT_C TPtrC SubjectPolicy() const;
1.1079 +private:
1.1080 + CX509PolicyMapping();
1.1081 + void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.1082 + void ConstructL(const CX509PolicyMapping& aMapping);
1.1083 + HBufC* iIssuerPolicy;
1.1084 + HBufC* iSubjectPolicy;
1.1085 + };
1.1086 +
1.1087 +class CX509PolicyMappingExt : public CX509ExtensionBase
1.1088 +/** An X.509 certificate extension that contains a set of policy mappings.
1.1089 +*
1.1090 +* A policy mapping allows a Certification Authority to declare that two certificate
1.1091 +* policies are equivalent.
1.1092 +*
1.1093 +* @publishedAll
1.1094 +* @released
1.1095 +* @since v6.0 */
1.1096 + {
1.1097 +public:
1.1098 + /** Creates a new CX509PolicyMappingExt object from the specified buffer containing
1.1099 + * the binary coded representation.
1.1100 + *
1.1101 + * @param aBinaryData The encoded binary representation.
1.1102 + * @return The new CX509PolicyMappingExt object. */
1.1103 + IMPORT_C static CX509PolicyMappingExt* NewL(const TDesC8& aBinaryData);
1.1104 +
1.1105 + /** Creates a new CX509PolicyMappingExt object from the specified buffer containing
1.1106 + * the binary coded representation, and puts a pointer to it onto the cleanup stack.
1.1107 + *
1.1108 + * @param aBinaryData The encoded binary representation.
1.1109 + * @return The new CX509PolicyMappingExt object. */
1.1110 + IMPORT_C static CX509PolicyMappingExt* NewLC(const TDesC8& aBinaryData);
1.1111 +
1.1112 + /** Creates a new CX509PolicyMappingExt object from the specified buffer containing
1.1113 + * the binary coded representation, starting at the specified offset.
1.1114 + *
1.1115 + * @param aBinaryData The encoded binary representation.
1.1116 + * @param aPos The offset position from which to start decoding.
1.1117 + * @return The new CX509PolicyMappingExt object. */
1.1118 + IMPORT_C static CX509PolicyMappingExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.1119 +
1.1120 + /** Creates a new CX509PolicyMappingExt object from the specified buffer containing
1.1121 + * the binary coded representation, starting at the specified offset, and puts
1.1122 + * a pointer to it onto the cleanup stack.
1.1123 + *
1.1124 + * @param aBinaryData The encoded binary representation.
1.1125 + * @param aPos The offset position from which to start decoding.
1.1126 + * @return The new CX509PolicyMappingExt object. */
1.1127 + IMPORT_C static CX509PolicyMappingExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.1128 +
1.1129 + /** Destructor.
1.1130 + *
1.1131 + * Frees all resources owned by the object, prior to its destruction. */
1.1132 + virtual ~CX509PolicyMappingExt();
1.1133 +
1.1134 + /** Gets a reference to the array of policy mappings.
1.1135 + *
1.1136 + * @return The array of policy mappings. */
1.1137 + IMPORT_C const CArrayPtrFlat<CX509PolicyMapping>& Mappings() const;
1.1138 +private:
1.1139 + CX509PolicyMappingExt();
1.1140 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.1141 + CArrayPtrFlat<CX509PolicyMapping>* iPolicies;
1.1142 + };
1.1143 +
1.1144 +//8) authority key ID
1.1145 +
1.1146 +class CX509AuthorityKeyIdExt : public CX509ExtensionBase
1.1147 +/** An X.509 certificate extension that provides a way to find the public key corresponding
1.1148 +* to the private key used to sign the certificate.
1.1149 +*
1.1150 +* This is referred to as the authority key ID extension.
1.1151 +*
1.1152 +* The key may be identified by the issuer's name and the issuing certificate's
1.1153 +* serial number, or by a key identifier value either derived from the public
1.1154 +* key or by some method of generating unique IDs.
1.1155 +*
1.1156 +* @publishedAll
1.1157 +* @released
1.1158 +* @since v6.0 */
1.1159 + {
1.1160 +public:
1.1161 + /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing
1.1162 + * the binary coded representation.
1.1163 + *
1.1164 + * @param aBinaryData The encoded binary representation.
1.1165 + * @return The new CX509AuthorityKeyIdExt object. */
1.1166 + IMPORT_C static CX509AuthorityKeyIdExt* NewL(const TDesC8& aBinaryData);
1.1167 +
1.1168 + /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing
1.1169 + * the binary coded representation, and puts a pointer to it onto the cleanup stack.
1.1170 + *
1.1171 + * @param aBinaryData The encoded binary representation.
1.1172 + * @return The new CX509AuthorityKeyIdExt object. */
1.1173 + IMPORT_C static CX509AuthorityKeyIdExt* NewLC(const TDesC8& aBinaryData);
1.1174 +
1.1175 + /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing
1.1176 + * the binary coded representation, starting at the specified offset.
1.1177 + *
1.1178 + * @param aBinaryData The encoded binary representation.
1.1179 + * @param aPos The offset position from which to start decoding.
1.1180 + * @return The new CX509AuthorityKeyIdExt object. */
1.1181 + IMPORT_C static CX509AuthorityKeyIdExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.1182 +
1.1183 + /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing
1.1184 + * the binary coded representation, starting at the specified offset, and puts
1.1185 + * a pointer to it onto the cleanup stack.
1.1186 + *
1.1187 + * @param aBinaryData The encoded binary representation.
1.1188 + * @param aPos The offset position from which to start decoding.
1.1189 + * @return The new CX509AuthorityKeyIdExt object. */
1.1190 + IMPORT_C static CX509AuthorityKeyIdExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.1191 +
1.1192 + /** Destructor.
1.1193 + *
1.1194 + * Frees all resources owned by the object, prior to its destruction. */
1.1195 + virtual ~CX509AuthorityKeyIdExt();
1.1196 +
1.1197 + /** Gets the authority name.
1.1198 + *
1.1199 + * @return The authority name. */
1.1200 + IMPORT_C const CArrayPtrFlat<CX509GeneralName>& AuthorityName() const;
1.1201 +
1.1202 + /** Gets the authority certificate serial number.
1.1203 + *
1.1204 + * @return A pointer descriptor representing the authority certificate serial number. */
1.1205 + IMPORT_C TPtrC8 AuthorityCertSerialNumber() const;
1.1206 +
1.1207 + /** Gets the key identifier value.
1.1208 + *
1.1209 + * @return A pointer descriptor representing the key identifier value. */
1.1210 + IMPORT_C TPtrC8 KeyId() const;
1.1211 +private:
1.1212 + CX509AuthorityKeyIdExt();
1.1213 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.1214 + void DecodeNameL(const TDesC8& aBinaryData);
1.1215 + void DecodeSerialNoL(const TDesC8& aBinaryData);
1.1216 + void DecodeKeyIdL(const TDesC8& aBinaryData);
1.1217 + CArrayPtrFlat<CX509GeneralName>* iAuthorityName;
1.1218 + HBufC8* iAuthorityCertSerialNumber;
1.1219 + HBufC8* iKeyIdentifier;
1.1220 + };
1.1221 +
1.1222 +//9) subject key ID
1.1223 +
1.1224 +class CX509SubjectKeyIdExt : public CX509ExtensionBase
1.1225 +/** An X.509 certificate extension that provides a way of identifying certificates
1.1226 +* that contain a specific public key.
1.1227 +*
1.1228 +* This is referred to as the subject key ID extension.
1.1229 +*
1.1230 +* It consists of a key identifier value either derived from the public key or
1.1231 +* by some method of generating unique IDs.
1.1232 +*
1.1233 +* @publishedAll
1.1234 +* @released
1.1235 +* @since v6.0 */
1.1236 + {
1.1237 +public:
1.1238 + /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing
1.1239 + * the binary coded representation.
1.1240 + *
1.1241 + * @param aBinaryData The encoded binary representation.
1.1242 + * @return The new CX509SubjectKeyIdExt object. */
1.1243 + IMPORT_C static CX509SubjectKeyIdExt* NewL(const TDesC8& aBinaryData);
1.1244 +
1.1245 + /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing
1.1246 + * the binary coded representation, and puts a pointer to it onto the cleanup stack.
1.1247 + *
1.1248 + * @param aBinaryData The encoded binary representation.
1.1249 + * @return The new CX509SubjectKeyIdExt object. */
1.1250 + IMPORT_C static CX509SubjectKeyIdExt* NewLC(const TDesC8& aBinaryData);
1.1251 +
1.1252 + /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing
1.1253 + * the binary coded representation, starting at the specified offset.
1.1254 + *
1.1255 + * @param aBinaryData The encoded binary representation.
1.1256 + * @param aPos The offset position from which to start decoding.
1.1257 + * @return The new CX509SubjectKeyIdExt object. */
1.1258 + IMPORT_C static CX509SubjectKeyIdExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.1259 +
1.1260 + /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing
1.1261 + * the binary coded representation, starting at the specified offset, and puts
1.1262 + * a pointer to it onto the cleanup stack.
1.1263 + *
1.1264 + * @param aBinaryData The encoded binary representation.
1.1265 + * @param aPos The offset position from which to start decoding.
1.1266 + * @return The new CX509SubjectKeyIdExt object. */
1.1267 + IMPORT_C static CX509SubjectKeyIdExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.1268 +
1.1269 + /** Destructor.
1.1270 + *
1.1271 + * Frees all resources owned by the object, prior to its destruction. */
1.1272 + IMPORT_C ~CX509SubjectKeyIdExt();
1.1273 +
1.1274 + /** Gets the key ID.
1.1275 + *
1.1276 + * @return A pointer descriptor representing the key ID. */
1.1277 + IMPORT_C TPtrC8 KeyId() const;
1.1278 +private:
1.1279 + CX509SubjectKeyIdExt();
1.1280 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.1281 + HBufC8* iKeyIdentifier;
1.1282 + };
1.1283 +
1.1284 +//10) extended key usage
1.1285 +
1.1286 +class CX509ExtendedKeyUsageExt : public CX509ExtensionBase
1.1287 +/** An X.509 certificate extension that defines the extra uses to which a key may be put.
1.1288 +*
1.1289 +* This is referred to as the extended key usage extension.
1.1290 +*
1.1291 +* @publishedAll
1.1292 +* @released
1.1293 +* @since v6.0 */
1.1294 + {
1.1295 +public:
1.1296 + /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer
1.1297 + * containing the binary coded representation.
1.1298 + *
1.1299 + * @param aBinaryData The encoded binary data.
1.1300 + * @return The new CX509ExtendedKeyUsageExt object. */
1.1301 + IMPORT_C static CX509ExtendedKeyUsageExt* NewL(const TDesC8& aBinaryData);
1.1302 +
1.1303 + /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer
1.1304 + * containing the binary coded representation, and puts a pointer to it onto
1.1305 + * the cleanup stack.
1.1306 + *
1.1307 + * @param aBinaryData The encoded binary representation.
1.1308 + * @return The new CX509ExtendedKeyUsageExt object. */
1.1309 + IMPORT_C static CX509ExtendedKeyUsageExt* NewLC(const TDesC8& aBinaryData);
1.1310 +
1.1311 + /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer
1.1312 + * containing the binary coded representation, starting at the specified offset.
1.1313 + *
1.1314 + * @param aBinaryData The encoded binary representation.
1.1315 + * @param aPos The offset position from which to start decoding.
1.1316 + * @return The new CX509ExtendedKeyUsageExt object. */
1.1317 + IMPORT_C static CX509ExtendedKeyUsageExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.1318 +
1.1319 + /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer
1.1320 + * containing the binary coded representation, starting at the specified offset,
1.1321 + * and puts a pointer to it onto the cleanup stack.
1.1322 + *
1.1323 + * @param aBinaryData The encoded binary representation.
1.1324 + * @param aPos The offset position from which to start decoding.
1.1325 + * @return The new CX509ExtendedKeyUsageExt object. */
1.1326 + IMPORT_C static CX509ExtendedKeyUsageExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.1327 +
1.1328 + /** Destructor.
1.1329 + *
1.1330 + * Frees all resources owned by the object, prior to its destruction. */
1.1331 + IMPORT_C ~CX509ExtendedKeyUsageExt();
1.1332 +
1.1333 + /** Gets the sequence of Object Ids (OID) that identify the key usages.
1.1334 + *
1.1335 + * The sequence is held in a set of heap descriptors.
1.1336 + *
1.1337 + * @return A reference to the array of pointers to the heap descriptors that
1.1338 + * contain the OIDs. */
1.1339 + IMPORT_C const CArrayPtrFlat<HBufC>& KeyUsages() const;
1.1340 +private:
1.1341 + CX509ExtendedKeyUsageExt();
1.1342 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.1343 + CArrayPtrFlat<HBufC>* iKeyUsages;
1.1344 + };
1.1345 +
1.1346 +//11) authority information access
1.1347 +
1.1348 +class CX509AccessDescription : public CBase
1.1349 +/** This class provides the access method OID and access location as used by X.509 private internet extensions
1.1350 + * (authority information access).
1.1351 + *
1.1352 + * @publishedAll
1.1353 + * @released
1.1354 + */
1.1355 + {
1.1356 +public:
1.1357 +
1.1358 + /**
1.1359 + * @internalComponent
1.1360 + *
1.1361 + * Creates a new CX509AccessDescription object from the specified buffer
1.1362 + * containing the binary coded representation.
1.1363 + *
1.1364 + * @param aBinaryData The encoded binary data.
1.1365 + * @return The new CX509AccessDescription object.
1.1366 + **/
1.1367 + static CX509AccessDescription* NewL(const TDesC8& aBinaryData);
1.1368 +
1.1369 + /**
1.1370 + * @internalComponent
1.1371 + *
1.1372 + * Creates a new CX509AccessDescription object from the specified buffer
1.1373 + * containing the binary coded representation, and puts a pointer to it onto
1.1374 + * the cleanup stack.
1.1375 + *
1.1376 + * @param aBinaryData The encoded binary representation.
1.1377 + * @return The new CX509AccessDescription object.
1.1378 + **/
1.1379 + static CX509AccessDescription* NewLC(const TDesC8& aBinaryData);
1.1380 +
1.1381 + /**
1.1382 + * @internalComponent
1.1383 + *
1.1384 + * Creates a new CX509AuthInfoAccessExt object from the specified buffer
1.1385 + * containing the binary coded representation, starting at the specified offset.
1.1386 + *
1.1387 + * @param aBinaryData The encoded binary representation.
1.1388 + * @param aPos The offset position from which to start decoding.
1.1389 + * @return The new CX509AuthInfoAccessExt object.
1.1390 + **/
1.1391 + static CX509AccessDescription* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.1392 +
1.1393 + /**
1.1394 + * @internalComponent
1.1395 + *
1.1396 + * Creates a new CX509AccessDescription object from the specified buffer
1.1397 + * containing the binary coded representation, starting at the specified offset,
1.1398 + * and puts a pointer to it onto the cleanup stack.
1.1399 + *
1.1400 + * @param aBinaryData The encoded binary representation.
1.1401 + * @param aPos The offset position from which to start decoding.
1.1402 + * @return The new CX509AccessDescription object.
1.1403 + **/
1.1404 + static CX509AccessDescription* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.1405 +
1.1406 + /** Destructor. Frees all resources owned by the object, prior to its destruction.
1.1407 + */
1.1408 + virtual ~CX509AccessDescription();
1.1409 +
1.1410 + /** Gets the Access Method OID.
1.1411 + *
1.1412 + * @return A non modifiable pointer descriptor to point to the access method OID.
1.1413 + */
1.1414 + IMPORT_C TPtrC Method() const;
1.1415 +
1.1416 + /** Gets the Access Location field which specifies the location where the additional
1.1417 + * information of the CA can be obtained.
1.1418 + *
1.1419 + * @return A reference to access location .
1.1420 + */
1.1421 + IMPORT_C const CX509GeneralName& Location() const;
1.1422 +private:
1.1423 + CX509AccessDescription();
1.1424 + void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.1425 + HBufC* iMethodId;
1.1426 + CX509GeneralName* iLocation;
1.1427 + };
1.1428 +
1.1429 +class CX509AuthInfoAccessExt : public CX509ExtensionBase
1.1430 +/** An X.509 certificate extension that defines the authority information access.
1.1431 + *
1.1432 + *
1.1433 + * @publishedAll
1.1434 + * @released
1.1435 + */
1.1436 +
1.1437 + {
1.1438 +public:
1.1439 +
1.1440 + /** Creates a new CX509AuthInfoAccessExt object from the specified buffer
1.1441 + * containing the binary coded representation.
1.1442 + *
1.1443 + * @param aBinaryData The encoded binary data.
1.1444 + * @return The new CX509AuthInfoAccessExt object.
1.1445 + */
1.1446 + IMPORT_C static CX509AuthInfoAccessExt* NewL(const TDesC8& aBinaryData);
1.1447 +
1.1448 + /** Creates a new CX509AuthInfoAccessExt object from the specified buffer
1.1449 + * containing the binary coded representation, and puts a pointer to it onto
1.1450 + * the cleanup stack.
1.1451 + *
1.1452 + * @param aBinaryData The encoded binary representation.
1.1453 + * @return The new CX509AuthInfoAccessExt object.
1.1454 + */
1.1455 + IMPORT_C static CX509AuthInfoAccessExt* NewLC(const TDesC8& aBinaryData);
1.1456 +
1.1457 + /** Creates a new CX509AuthInfoAccessExt object from the specified buffer
1.1458 + * containing the binary coded representation, starting at the specified offset.
1.1459 + *
1.1460 + * @param aBinaryData The encoded binary representation.
1.1461 + * @param aPos The offset position from which to start decoding.
1.1462 + * @return The new CX509AuthInfoAccessExt object.
1.1463 + */
1.1464 + IMPORT_C static CX509AuthInfoAccessExt* NewL(const TDesC8& aBinaryData, TInt& aPos);
1.1465 +
1.1466 + /** Creates a new CX509AuthInfoAccessExt object from the specified buffer
1.1467 + * containing the binary coded representation, starting at the specified offset,
1.1468 + * and puts a pointer to it onto the cleanup stack.
1.1469 + *
1.1470 + * @param aBinaryData The encoded binary representation.
1.1471 + * @param aPos The offset position from which to start decoding.
1.1472 + * @return The new CX509AuthInfoAccessExt object.
1.1473 + */
1.1474 + IMPORT_C static CX509AuthInfoAccessExt* NewLC(const TDesC8& aBinaryData, TInt& aPos);
1.1475 +
1.1476 + /** Destructor. Frees all resources owned by the object, prior to its destruction.
1.1477 + */
1.1478 + IMPORT_C ~CX509AuthInfoAccessExt();
1.1479 +
1.1480 + /** Gets the authority access description containing the method and location of additional information of CA ,
1.1481 + * who issued the certificate in which this extension appears.
1.1482 + *
1.1483 + * @return A reference to the array of pointers to the authority access descriptions.
1.1484 + */
1.1485 + IMPORT_C const CArrayPtrFlat<CX509AccessDescription>& AccessDescriptions() const;
1.1486 +private:
1.1487 + CX509AuthInfoAccessExt();
1.1488 + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos);
1.1489 + CArrayPtrFlat<CX509AccessDescription>* iAccessDescs;
1.1490 + };
1.1491 +
1.1492 +#endif