2 * Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
4 * This component and the accompanying materials are made available
5 * under the terms of the License "Eclipse Public License v1.0"
6 * which accompanies this distribution, and is available
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
9 * Initial Contributors:
10 * Nokia Corporation - initial contribution.
25 #ifndef __CCERTATTRIBUTEFILTER_H__
26 #define __CCERTATTRIBUTEFILTER_H__
30 #include <securitydefs.h>
31 #include <cctcertinfo.h>
35 * A filter for specifying which certificates are required.
37 * On construction it will accept everything.
38 * The Set... functions can then be used to restrict it.
40 class CCertAttributeFilter : public CBase
44 * Returns a default filter. This filter accepts any
45 * certificate. Call the Set... functions to restrict what it accepts.
47 * @return A pointer to a new CCertAttributeFilter object.
49 IMPORT_C static CCertAttributeFilter* NewL();
51 * Returns a default filter. This filter accepts any certificate.
52 * It leaves the filter on the cleanup stack.
54 * @return A pointer to a new CCertAttributeFilter object.
56 IMPORT_C static CCertAttributeFilter* NewLC();
59 * Read a certificate attribute filter from a stream.
61 IMPORT_C static CCertAttributeFilter* NewL(RReadStream& aStream);
63 * Write a certificate attribute filter to a stream.
65 IMPORT_C void ExternalizeL(RWriteStream& aStream) const;
70 * Sets the label of the cert that the filter will accept.
72 * @param aLabel The new label
74 IMPORT_C void SetLabel(const TCertLabel& aLabel);
77 * Sets the UID of an application which the certificate must support
79 * @param aUid The new UID
81 IMPORT_C void SetUid(TUid aUid);
84 * Sets the format of the returned certificates
86 * @param aFormat The required format
88 IMPORT_C void SetFormat(TCertificateFormat aFormat);
91 * Sets the owner type of the returned certificates
93 * @param aOwnerType The owner type.
95 IMPORT_C void SetOwnerType(TCertificateOwnerType aOwnerType);
98 * Sets the usage that returned certs must be used for.
100 * Note that the usage is supplied using X509 scheme -
101 * keystore interfaces use the PKCS#15 scheme!
103 * @param aKeyUsage The key usage
105 IMPORT_C void SetKeyUsage(TKeyUsageX509 aKeyUsage);
108 * Sets the subject key ID that returned certificates must have.
110 * @param aSubjectKeyId The subject key ID
112 IMPORT_C void SetSubjectKeyId(const TKeyIdentifier& aSubjectKeyId);
115 * Sets the issuer key ID that returned certificates must have.
117 * @param aIssuerKeyId The issuer key ID
119 IMPORT_C void SetIssuerKeyId(const TKeyIdentifier& aIssuerKeyId);
122 CCertAttributeFilter();
123 void InternalizeL(RReadStream& aStream);
126 /** The filter data. Each data item is accompanied by a
127 '..IsSet' boolean which indicates if the item should be used.
128 Unset values (whose ..IsSet variable is EFalse) should be ignored.
131 /** The label that returned certificates must have. */
133 /** Indicates that iLabel should be used. */
135 /** The application UID that all returned certificates must have. */
137 /** Indicates that iUid should be used. */
139 /** The format of certificates that should be included. */
140 TCertificateFormat iFormat;
141 /** Indicates that iFormat should be used. */
143 /** The owner type of returned certificates. */
144 TCertificateOwnerType iOwnerType;
145 /** Indicates that iOwnerType should be used. */
146 TBool iOwnerTypeIsSet;
147 /** The usage of keys that should be returned. */
148 TKeyUsageX509 iKeyUsage;
149 /** The subject key that returned certs should have. */
150 TKeyIdentifier iSubjectKeyId;
151 /** Indicates that iSubjectKeyId should be used. */
152 TBool iSubjectKeyIdIsSet;
153 /** The issuer key that returned certs should have. */
154 TKeyIdentifier iIssuerKeyId;
155 /** Indicates that iIssuerKeyId should be used. */
156 TBool iIssuerKeyIdIsSet;