/*

 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).

 * All rights reserved.

 * This component and the accompanying materials are made available

 * under the terms of the License "Eclipse Public License v1.0"

 * which accompanies this distribution, and is available

 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

 *

 * Initial Contributors:

 * Nokia Corporation - initial contribution.

 *

 * Contributors:

 *

 * Description: 

 * X.509 key classes and utility classes for key encoding/decoding.

 *

 */

 /**

  @file

  @internalTechnology 

 */

 #if !defined (__X509KEYS_H__)

 #define __X509KEYS_H__

 #include <e32base.h>

 #include <e32std.h>

 #include <asymmetrickeys.h>

 #include <asymmetric.h>

 #include <hash.h>

 #include <bigint.h>

 #include <signed.h>

 // Forward declarations

 class CASN1EncBase;

 class CASN1EncContainer;

 class CASN1EncSequence;

 class CASN1EncBitString;

 class CX509RSAPublicKey : public CRSAPublicKey

 /** Adds the capability to decode DER-encoded RSA public keys.

 *

 * Adds a commitment to a specific encoding scheme allowing X.509 RSA public key 

 * superclasses to remain encoding-independent.

 *

 * @publishedAll

 * @released

 *

 * @since v6.0 

 */

 	{

 public:

 	/** Creates a new RSA Public key object from the specified buffer containing the 

 	* encoded binary representation.

 	* 

 	* Initialises the object from its encoded binary form into an internal representation.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509RSAPublicKey object. */

 	IMPORT_C static CX509RSAPublicKey* NewL(const TDesC8& aBinaryData);

 	/** Creates a new RSA Public Key object from the specified buffer containing the

 	* encoded binary representation, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509RSAPublicKey object. */

 	IMPORT_C static CX509RSAPublicKey* NewLC(const TDesC8& aBinaryData);

 	/** Creates a new RSA Public key object from the specified buffer containing the 

 	* encoded binary representation, starting at the specified offset.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The offset position from which to start decoding.

 	* @return				A pointer to the new CX509RSAPublicKey object. */

 	IMPORT_C static CX509RSAPublicKey* NewL(const TDesC8& aBinaryData, TInt& aPos);

 	/** Creates a new RSA Public key object from the specified buffer containing the 

 	* encoded binary representation, starting at the specified offset, and puts 

 	* a pointer to it onto the cleanup stack.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The offset position from which to start decoding.

 	* @return				A pointer to the new CX509RSAPublicKey object. */

 	IMPORT_C static CX509RSAPublicKey* NewLC(const TDesC8& aBinaryData, TInt& aPos);

 private:

 	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);

 	CX509RSAPublicKey();

 	};

 class TASN1EncRSAPublicKey

 /**

  * Class for encoding RSA public keys to ASN.1 encoding.

  * 

  * @publishedAll

  * @released

  * @since v8.0 

  */

 	{

 public:

 	/** 

 	 * Encodes the supplied public key into buffer in DER format ASN.1:

 	 * @code

 	 * 		SEQUENCE-OF

 	 * 			INTEGER modulus

 	 * 			INTEGER exponent

 	 * @endcode

 	 * 

 	 * @param aKey	Key to encode.

 	 * @return		Allocated buffer containing DER encoding of

 	 *     			the supplied key aKey.

 	 */

 	IMPORT_C HBufC8* EncodeDERL(const CRSAPublicKey& aKey) const;

 	};

 class TASN1DecRSAPublicKey

 /** 

  * Class for decoding RSA public keys from ASN.1 DER encoding.

  * 

  * @publishedAll

  * @released

  * @since v8.0

  */

 	{

 public:

 	/** 

 	 * Decodes an RSA key from the supplied buffer starting at the 

 	 * specified position.

 	 * 

 	 * @param aDER	Buffer containing DER ASN.1 encoding of the key.

 	 * @param aPos	Starting position in the buffer (updated on exit).

 	 * @return		A pointer to the new CRSAPublicKey object.

 	 */

 	IMPORT_C CRSAPublicKey* DecodeDERL(const TDesC8& aDER, TInt& aPos) const;

 	};

 class TASN1DecRSAKeyPair

 /** 

  * Class for decoding RSA key pairs from ASN.1 DER encoding.

  * 

  * @publishedAll

  * @released

  * @since v8.0

  */

 	{

 public:

 	/**

 	 * Decodes an RSA key pair from buffer containing ASN.1 

 	 * DER-encoded private key. The encoding of a private key 

 	 * contains public key components as well.

 	 * 

 	 * @param aDER			DER-encoded private key.

 	 * @param aPos			Position in the buffer to start decoding 

 	 *     					(updated on exit).

 	 * @param aPublicKey	On return, the RSA public key object

 	 * @param aPrivateKey	On return, the RSA private key object

 	 * @param aKeyType		Key type, default is @c EStandardCRT

 	 */

 	IMPORT_C void DecodeDERL(const TDesC8& aDER, TInt& aPos, 

 								CRSAPublicKey*& aPublicKey,

 								CRSAPrivateKey*& aPrivateKey, 

 								TRSAPrivateKeyType aKeyType = EStandardCRT);

 	};

 class CX509DSAPublicKey : public CDSAPublicKey

 /** Encapsulates the X.509 DSA public key.

 * 

 * Adds a commitment to a specific encoding scheme allowing superclasses to remain 

 * encoding-independent. 

 * 

 * @publishedAll

 * @released

 * @since v6.0 

 */

 // DSA public key, params, signature.

 	{

 public:

 	/** Creates a new X.509 DSA public key object.

 	* 

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509DSAPublicKey object. */

 	IMPORT_C static CX509DSAPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aBinaryData);

 	/** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509DSAPublicKey object. */

 	IMPORT_C static CX509DSAPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aBinaryData);

 	/** Creates a new X.509 DSA public key object.

 	* 

 	* @param aParams		The DSA parameters.

 	* @param aBinaryData	The encoded binary representation. 

 	* @return 				A pointer to the new CX509DSAPublicKey object. */

 	IMPORT_C static CX509DSAPublicKey* NewL(const CDSAParameters& aParams, const TDesC8& aBinaryData);

 	/** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aParams		The DSA parameters.

 	* @param aBinaryData	The encoded binary representation. 

 	* @return 				A pointer to the new CX509DSAPublicKey object. */

 	IMPORT_C static CX509DSAPublicKey* NewLC(const CDSAParameters& aParams, const TDesC8& aBinaryData);

 	/** Creates a new X.509 DSA public key object.

 	* 

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The position from which to start decoding.

 	* @return 				A pointer to the new CX509DSAPublicKey object. */

 	IMPORT_C static CX509DSAPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aBinaryData,TInt& aPos);

 	/** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.	

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The position from which to start decoding.

 	* @return 				A pointer to the new CX509DSAPublicKey object. */

 	IMPORT_C static CX509DSAPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aBinaryData, TInt& aPos);

 	/** Creates a new X.509 DSA public key object.

 	* 

 	* @param aParams		The DSA parameters.

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The position from which to start decoding. 

 	* @return 				A pointer to the new CX509DSAPublicKey object. */

 	IMPORT_C static CX509DSAPublicKey* NewL(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos);

 	/** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aParams 		The DSA parameters.

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The position from which to start decoding. 

 	* @return				A pointer to the new CX509DSAPublicKey object. */

 	IMPORT_C static CX509DSAPublicKey* NewLC(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos);

 public:

 	/** Gets the DSA parameters from the encoding key.

 	* 

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.

 	* @return 				The DSA parameters. */

 	IMPORT_C static CDSAParameters* DSAParametersL(const TDesC8& aParamsData);

 protected:

 	/** @internalComponent */

 	void ConstructL(const TDesC8& aParamsData, const TDesC8& aBinaryData, TInt& aPos);

 	/** @internalComponent */

 	void ConstructL(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos);

 	/** @internalComponent */

 	CX509DSAPublicKey();

 	};

 class TASN1DecDSAKeyPair

 /** 

  * Class for decoding DSA key pairs from ASN.1 DER encoding.

  * 

  * @publishedAll

  * @released

  * @since v8.0

  */

 	{

 public:

 	/**

 	 * Decodes a DSA key pair from a buffer containing an ASN.1 

 	 * DER-encoded private key. 

 	 * 

 	 * The encoding of the private key contains public key components as well. 

 	 * 

 	 * The DER encoding has the following format:

 	 * @verbatim

 	 *     SEQUENCE-OF

      *         INTEGER version (==0, ignored)

 	 *         INTEGER p (public prime)

 	 *         INTEGER q (160-bit public subprime, q | p-1)

 	 *         INTEGER g (public generator of subgroup)

 	 *         INTEGER x (private key)

 	 *         INTEGER y (public key y=g^x)

 	 * @endverbatim

 	 * 

 	 * @param aDER			DER-encoded private key.

 	 * @param aPos			Position in the buffer to start decoding 

 	 *		     			(updated on exit).

 	 * @param aPublicKey	On return, the DSA public key object

 	 * @param aPrivateKey	On return, the DSA private key object

 	 */

 	IMPORT_C void DecodeDERL(const TDesC8& aDER, TInt& aPos, 

 								CDSAPublicKey*& aPublicKey, CDSAPrivateKey*& aPrivateKey);

 	};

 /**

  * Class for encoding DSA public keys to ASN.1 encoding.

  * 

  * @publishedAll

  * @released

  * @since v8.0

  */

 class TASN1EncDSAPublicKey

 	{

 public:

 	/** 

 	 * Encodes the supplied public key into a buffer in DER format.

 	 * 

 	 * Note that the encoding has the following format:

 	 * @code

 	 *     SEQUENCE-OF

 	 *         SEQUENCE-OF

 	 *             INTEGER p

 	 *             INTEGER q

 	 *             INTEGER g

 	 *         BIT STRING (encoded INTEGER public value)

 	 * @endcode

 	 * 

 	 * @param aKey	Key to encode.

 	 * @return		Sequence containing public key information.

 	 */

 	IMPORT_C CASN1EncSequence* EncodeDERL(const CDSAPublicKey& aKey) const;

 	/**

 	 * Encodes DSA parameters into an ASN.1 encoding structure suitable for 

 	 * inclusion into other objects, like a PKCS#10 certificate request.

 	 *

 	 * Note that the encoding has the following form:

 	 * @code

 	 *     SEQUENCE-OF

 	 *         INTEGER p

 	 *         INTEGER q

 	 *         INTEGER g

 	 * @endcode

 	 *

 	 * @param aKey	DSA public key.

 	 * @return		ASN.1 encoding structure on the cleanup stack.

 	 */

 	IMPORT_C CASN1EncSequence* EncodeParamsLC(const CDSAPublicKey& aKey) const;

 	/** 

 	 * Encodes a public key as a bit string.

 	 *

 	 * @param aKey 	DSA public key.

 	 * @return	ASN.1 bit string (public key). This is left on the cleanup stack.

 	 */

 	IMPORT_C CASN1EncBitString* EncodePublicValueLC(const CDSAPublicKey& aKey) const;

 	};

 class CX509DSASignature : public CDSASignature

 /** Encapsulates the X.509 DSA signature.

 * 

 * Adds a commitment to a specific encoding scheme allowing superclasses to remain 

 * encoding-independent. 

 * 

 * @publishedAll

 * @released

 * @since v6.0 */

 	{

 public:

 	/** Creates a new DSA Signature object from the specified buffer containing the 

 	* encoded binary representation.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509DSASignature object. */

 	IMPORT_C static CX509DSASignature* NewL(const TDesC8& aBinaryData);

 	/** Creates a new DSA Signature object from the specified buffer containing the 

 	* encoded binary representation, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509DSASignature object. */

 	IMPORT_C static CX509DSASignature* NewLC(const TDesC8& aBinaryData);

 	/** Creates a new DSA Signature object from the specified buffer containing the 

 	* encoded binary representation, starting at the specified offset.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The offset position from which to start decoding.

 	* @return				A pointer to the new CX509DSASignature object. */

 	IMPORT_C static CX509DSASignature* NewL(const TDesC8& aBinaryData, TInt& aPos);

 	/** Creates a new DSA Signature object from the specified buffer containing the 

 	* encoded binary representation, starting at the specified offset, and puts 

 	* a pointer to it onto the cleanup stack.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The offset position from which to start decoding.

 	* @return				A pointer to the new CX509DSASignature object. */

 	IMPORT_C static CX509DSASignature* NewLC(const TDesC8& aBinaryData, TInt& aPos);

 private:

 	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);

 	CX509DSASignature();

 	};

 class CX509DHPublicKey : public CDHPublicKey

 /** Provides clients with the information they need for Diffie-Hellman key exchange 

 * within a protocol. 

 * 

 * @publishedAll

 * @released

 * @since v6.0 */

 	{

 public:

 	/** Creates a new CX509DHPublicKey object from the specified buffer containing the encoded 

 	* binary representation.

 	* 

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.

 	* @param aKeyData 		

 	* @return 				A pointer to the new CX509DHPublicKey object.*/

 	IMPORT_C static CX509DHPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aKeyData);

 	/** Creates a new CX509DHPublicKey object from the specified buffer containing the encoded 

 	* binary representation, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.

 	* @param aKeyData 		

 	* @return 				A pointer to the new CX509DHPublicKey object.*/

 	IMPORT_C static CX509DHPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aKeyData);

 public:

 	/** Destructor.

 	* 

 	* Frees all resources owned by the object, prior to its destruction. */

 	IMPORT_C virtual ~CX509DHPublicKey();

 protected:

 	/** @internalComponent */

 	CX509DHPublicKey();

 	/** @internalComponent */

 	void ConstructL(const TDesC8& aParamsData, const TDesC8& aKeyData);

 	};

 class CX509DHKeyPair : public CDHKeyPair

 /** This class represents the Diffie-Hellman Key Pair.

 *

 * @publishedAll

 * @released

 * @since v8.0 */

 {

 public:

 	/** Creates a new DH key pair object from the specified buffer containing 

 	* the encoded binary representation .

 	*  

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.

 	* @return				A pointer to the new CX509DHKeyPair object.

 	*/

 	IMPORT_C static CX509DHKeyPair* NewL(const TDesC8& aParamsData);

 	/** Creates a new DH Key Pair object from the specified buffer containing the encoded binary  

 	* representation, and puts a pointer to it onto the cleanup stack.

 	*

 	* @param aParamsData	A non-modifiable descriptor representing the entire encoding.

 	* @return				A pointer to the new CX509DHKeyPair object.

 	*/

 	IMPORT_C static CX509DHKeyPair* NewLC(const TDesC8& aParamsData);

 public:

 	/** Virtual Destructor.

 	* Frees all resources owned by the object, prior to its destruction. 

 	*

 	*/

 	IMPORT_C virtual ~CX509DHKeyPair();

 protected:

 	/** @internalComponent */

 	CX509DHKeyPair();

 	/** @internalComponent */

 	void ConstructL(const TDesC8& aParamsData);

 };

 class CX509DHValidationParams : public CBase

 /** Validates Diffie-Hellman (DH) Domain parameters.

 * 

 * Provides access to the DH Validation Parameters, which are used to determine 

 * if the DH Public Key has been generated in conformance with the algorithm 

 * specified in ESDH (see RFC 2631). 

 * 

 * @publishedAll

 * @released

 * @since v6.0 */

 	{

 public:

 	/** Creates a new DH Validation parameters object from the specified buffer containing 

 	* the encoded binary representation.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509DHValidationParams object. */

 	IMPORT_C static CX509DHValidationParams* NewL(const TDesC8& aBinaryData);

 	/** Creates a new DH Validation parameters object from the specified buffer containing 

 	* the encoded binary representation, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509DHValidationParams object. */

 	IMPORT_C static CX509DHValidationParams* NewLC(const TDesC8& aBinaryData);

 	/** Creates a new DH Validation parameters object from the specified buffer containing 

 	* the encoded binary representation, starting at the specified offset.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The offset position from which to start decoding.

 	* @return				A pointer to the new CX509DHValidationParams object. */

 	IMPORT_C static CX509DHValidationParams* NewL(const TDesC8& aBinaryData, TInt& aPos);

 	/** Creates a new DH Validation parameters object from the specified buffer containing 

 	* the encoded binary representation, starting at the specified offset, and puts 

 	* a pointer to it onto the cleanup stack.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The offset position from which to start decoding.

 	* @return				A pointer to the new CX509DHValidationParams object. */

 	IMPORT_C static CX509DHValidationParams* NewLC(const TDesC8& aBinaryData, TInt& aPos);

 	/** Gets a DSA prime generation seed.

 	* 

 	* @return	The bit string parameter used as the seed. */

 	IMPORT_C const TPtrC8 Seed() const;

 	/** Gets the output from a DSA prime generation counter.

 	* 

 	* @return	The integer value output. */

 	IMPORT_C const TInteger& PGenCounter() const;

 	/** Destructor.

 	* 

 	* Frees all resources owned by the object, prior to its destruction. */

 	virtual ~CX509DHValidationParams();

 protected:

 	/** @internalComponent */

 	CX509DHValidationParams();

 	/** @internalComponent */

 	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);

 	HBufC8* iSeed;

 	RInteger iPGenCounter;

 	};

 class CX509DHDomainParams : public CBase

 /** Encapsulates the compulsory Diffie-Hellman domain parameter values P and G 

 * (See RFC 2459). 

 * 

 * @publishedAll

 * @released

 * @since v6.0 */

 	{

 public:

 	/** Creates a new DH Domain parameters object from the specified buffer containing 

 	* the encoded binary representation.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509DHDomainParams object. */

 	IMPORT_C static CX509DHDomainParams* NewL(const TDesC8& aBinaryData);

 	/** Creates a new DH Domain parameters object from the specified buffer containing 

 	* the encoded binary representation, and puts a pointer to it onto the cleanup stack.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @return				A pointer to the new CX509DHDomainParams object. */

 	IMPORT_C static CX509DHDomainParams* NewLC(const TDesC8& aBinaryData);

 	/** Creates a new DH Domain parameters object from the specified buffer containing 

 	* the encoded binary representation, starting at the specified offset.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The offset position from which to start decoding.

 	* @return				A pointer to the new CX509DHDomainParams object. */

 	IMPORT_C static CX509DHDomainParams* NewL(const TDesC8& aBinaryData, TInt& aPos);

 	/** Creates a new DH Domain parameters object from the specified buffer containing 

 	* the encoded binary representation, starting at the specified offset, and puts 

 	* a pointer to it onto the cleanup stack.

 	* 

 	* @param aBinaryData	The encoded binary representation.

 	* @param aPos			The offset position from which to start decoding.

 	* @return				A pointer to the new CX509DHDomainParams object. */

 	IMPORT_C static CX509DHDomainParams* NewLC(const TDesC8& aBinaryData, TInt& aPos);

 	/** Gets the compulsory parameter value P.

 	* 

 	* @return	The compulsory parameter value P. */

 	IMPORT_C const TInteger& P() const;	

 	/** Gets the compulsory parameter value G.

 	* 

 	* @return	The compulsory parameter value G. */

 	IMPORT_C const TInteger& G() const;	

 //the next 3 members are optional, in which case NULL is returned

 //the returned objects remain the property of this object

 //N.B. according to RFC 2459 the Q member is *not* optional, 

 //however it is not essential for doing DH, and empirical studies

 //suggest it doesn't get included much, so I'm relaxing the spec here

 //to permit DomainParams objects which contain no Q.

 	/** Gets the optional value Q.

 	* 

 	* @return	The optional value Q. */

 	IMPORT_C const TInteger& Q() const;	

 	/** Gets the optional value J.

 	* 

 	* @return	The optional value J. */

 	IMPORT_C const TInteger& J() const;									

 	/** Gets the optional validation parameters.

 	* 

 	* @return	The optional validation parameters. */

 	IMPORT_C const CX509DHValidationParams* ValidationParams() const;

 	/** Destructor.

 	* 

 	* Frees all resources owned by the object, prior to its destruction. */

 	virtual ~CX509DHDomainParams();

 protected:

 	/** @internalComponent */

 	CX509DHDomainParams();

 	/** @internalComponent */

 	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);

 	RInteger iP;

 	RInteger iG;

 	RInteger iQ;

 	RInteger iJ;

 	CX509DHValidationParams* iValidationParams;

 	};

 class TX509KeyEncoder

 /**

  * Abstract class that is the base class for RSA and DSA key encoder classes.

  * These classes are used to encode the X509 ASN.1 types AlgorithmIdentifier and

  * SubjectPublicKeyInfo.

  *

  * This class is part of the pkcs10 API, and will be changed or removed in a

  * future release.  You should not use it.

  * 

  * @internalTechnology 

  */

 	{

 public:

 	/**

 	 * Constructor that takes an algorithm identifier and saves it into the 

 	 * corresponding member variable. It is then used in the

 	 * EncodeSignatureAlgorithm() function.

 	 * 

 	 * @param aDigestAlg	Digest algorithm to use. Currently the following 

 	 * 						algorithms are supported: MD2, MD5, and SHA-1.

 	 */

 	IMPORT_C TX509KeyEncoder(TAlgorithmId aDigestAlg);

 	/**

 	 * Produces the SubjectPublicKeyInfo encoding. 

 	 * 

 	 * The encoding has the following ASN.1 format:

 	 * @code

 	 * SubjectPublicKeyInfo {ALGORITHM : IOSet} ::= SEQUENCE {

 	 *     algorithm        AlgorithmIdentifier {{IOSet}},

 	 *     subjectPublicKey BIT STRING

 	 *     }

 	 * @endcode

 	 */

 	IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const = 0;

 	/**

 	 * Produces the AlgorithmIdentifier encoding.

 	 * 

 	 * @return	ASN.1 sequence containing signature algorithm

 	 */

 	IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const = 0;

 	/**

 	 * Produces the DigestAlgorithmIdentifier encoder.

 	 *

 	 * The encoding has the following ASN.1 format

 	 * @code

      *   DigestAlgorithmIdentifier ::= SEQUENCE {

      *     algorithm AlgorithmIdentifier,

      *     parameters ANY DEFINED BY algorithm OPTIONAL }

      *

      *   AlgorithmIdentifier ::= OBJECT IDENTIFIER

 	 * @endcode

  	 *

 	 * @return Appropriate ASN.1 sequence of type <code>DigestAlgorithmIdentifier</code>

 	 */

 	IMPORT_C virtual CASN1EncSequence* EncodeDigestAlgorithmLC() const;

 protected:

 	/** Digest algorithm to use. */

 	TAlgorithmId iDigestAlg;

 	};

 class TX509RSAKeyEncoder : public TX509KeyEncoder

 /**

  * Subclasses TC509KeyEncoder to provides key encoding capability for RSA public keys.

  * 

  * This class is part of the pkcs10 API, and will be changed or removed in a

  * future release.  You should not use it.

  * 

  * @internalTechnology 

  */

 	{

 public:

 	/**

 	 * Constructs a RSA key pair encoder, saving reference to the passed 

 	 * key pair in the member variable.

 	 * 

 	 * @param aPublicKey	RSA public key to use for encoding.

 	 * @param aDigestAlg	Digest algorithm to use.

 	 */

 	IMPORT_C TX509RSAKeyEncoder(const CRSAPublicKey& aPublicKey, TAlgorithmId aDigestAlg);

 	/**

 	 * Produces the SubjectPublicKeyInfo encoding. 

 	 * 

 	 * The resulting encoding has the following form:

 	 * @code

 	 *     SEQUENCE-OF

 	 *         SEQUENCE-OF

 	 *             OID of the encryption algorithm (KRSA)

 	 *             NULL

 	 *         BIT STRING encoded public key.

 	 * @endcode

 	 * 

 	 * @return	DER-encoded public key information, placed on the cleanup stack.

 	 */

 	IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const;

 	/**

 	 * Produces the AlgorithmIdentifier encoding.

   	 * 

 	 * This has the following form:

 	 * @code

 	 *     SEQUENCE-OF

 	 *         OID signature-algorithm

 	 *         NULL

 	 * @endcode

 	 * 

 	 * @return	ASN.1 sequence containing signature algorithm encoding, 

 	 * 			placed on the cleanup stack.

 	 */

 	IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const;

 private:

 	/**

 	 * Saved reference to the RSA public key to be used for encoding.

 	 */

 	const CRSAPublicKey& iPublicKey;

 	};

 class TX509DSAKeyEncoder : public TX509KeyEncoder

 /**

  * Provides key encoding and signing capability using a DSA public key.

  * 

  * This class is part of the pkcs10 API, and will be changed or removed in a

  * future release.  You should not use it.

  * 

  * @internalTechnology 

  */

 	{

 public:

 	/**

 	 * Constructs a DSA key pair encoder, saving reference to the passed 

 	 * public key in the member variable.

 	 * 

 	 * @param aKeyPublic	DSA public key to use for encoding.

 	 * @param aDigestAlg	Digest algorithm to use.

 	 */

 	IMPORT_C TX509DSAKeyEncoder(const CDSAPublicKey& aKeyPublic, 

 								TAlgorithmId aDigestAlg);

 	/**

 	 * Produces the SubjectPublicKeyInfo encoding. 

   	 * 

 	 * The ASN.1 encoding of a DSA key has the following form:

 	 * @code

 	 * SEQUENCE-OF

 	 *     SEQUENCE-OF

 	 *         OID dsa (1.2.840.10040.4.1)

 	 *         SEQUENCE-OF

 	 *             INTEGER p

 	 *             INTEGER q

 	 *             INTEGER g

 	 *     BIT STRING

 	 *         INTEGER public value (y)

 	 * @endcode

 	 * 

 	 * @return DER-encoded public key information, placed on the cleanup stack.

 	 */

 	IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const;

 	/**

 	 * Produces the AlgorithmIdentifier encoding.

    	 * 

 	 * This has the following form:

 	 * @code

 	 * SEQUENCE-OF

 	 *     OID dsa-signature-oid

 	 *     SEQUENCE-OF dsa-params

 	 *         INTEGER p

 	 *         INTEGER q

 	 *         INTEGER g

 	 * @endcode

 	 * 

 	 * @return	ASN.1 sequence containing signature algorithm encoding, 

 	 *     		placed on the cleanup stack.

 	 */

 	IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const;

 private:

 	/**

 	 * Saved reference to the DSA public key to be used for encoding.

 	 */

 	const CDSAPublicKey& iPublicKey;

 	};

 #endif