williamr@2: /* williamr@2: * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). williamr@2: * All rights reserved. williamr@2: * This component and the accompanying materials are made available williamr@2: * under the terms of the License "Eclipse Public License v1.0" williamr@2: * which accompanies this distribution, and is available williamr@2: * at the URL "http://www.eclipse.org/legal/epl-v10.html". williamr@2: * williamr@2: * Initial Contributors: williamr@2: * Nokia Corporation - initial contribution. williamr@2: * williamr@2: * Contributors: williamr@2: * williamr@2: * Description: williamr@2: * PKIXVALIDATIONRESULT.H williamr@2: * Implementation of the class storing PKIX validation result information williamr@2: * williamr@2: */ williamr@2: williamr@2: williamr@2: /** williamr@2: @file williamr@4: @publishedAll williamr@4: @released williamr@2: */ williamr@2: williamr@2: #ifndef __PKIXVALIDATIONRESULT_H__ williamr@2: #define __PKIXVALIDATIONRESULT_H__ williamr@2: williamr@2: #include williamr@2: #include williamr@2: williamr@2: class RReadStream; williamr@2: /** williamr@2: * Base class for CPKIXValidationResult. williamr@2: */ williamr@2: class CPKIXValidationResultBase : public CBase williamr@2: { williamr@2: public: williamr@2: /** Creates a new PKIX Validation Result object. williamr@2: * williamr@2: * @return The new PKIX Validation Result object. */ williamr@2: IMPORT_C static CPKIXValidationResultBase* NewL(); williamr@2: williamr@2: /** Creates a new PKIX Validation Result object, and puts a pointer to it onto williamr@2: * the cleanup stack. williamr@2: * williamr@2: * @return The new PKIX Validation Result object. */ williamr@2: IMPORT_C static CPKIXValidationResultBase* NewLC(); williamr@2: williamr@2: /** Creates a new PKIX Validation Result object from a stream. williamr@2: * williamr@2: * @return The new PKIX Validation Result object. */ williamr@2: IMPORT_C static CPKIXValidationResultBase* NewL(RReadStream& aStream); williamr@2: williamr@2: /** Creates a new PKIX Validation Result object from a stream, and puts a pointer to it onto williamr@2: * the cleanup stack. williamr@2: * williamr@2: * @return The new PKIX Validation Result object. */ williamr@2: IMPORT_C static CPKIXValidationResultBase* NewLC(RReadStream& aStream); williamr@2: williamr@2: /** The destructor. williamr@2: * williamr@2: * Frees all resources owned by the object. */ williamr@2: IMPORT_C ~CPKIXValidationResultBase(); williamr@2: williamr@2: /** Gets the error status of the operation. williamr@2: * williamr@2: * Errors are considered fatal, i.e. validation has failed. williamr@2: * williamr@2: * @return The error status of the operation. */ williamr@2: IMPORT_C const TValidationStatus Error() const; williamr@2: williamr@2: /** Gets a list of warnings generated. williamr@2: * williamr@2: * The warnings may or may not be fatal, depending on the context, which the williamr@2: * client is expected to provide. williamr@2: * williamr@2: * @return An array of any warnings generated. */ williamr@2: IMPORT_C const CArrayFixFlat& Warnings() const; williamr@2: williamr@2: /** Gets a list of all the certificate policies which have been accepted implicitly williamr@2: * in the course of validation. williamr@2: * williamr@2: * @return An array of certificate policies. */ williamr@2: IMPORT_C const CArrayPtrFlat& Policies() const; williamr@2: williamr@4: /** Resets the validation result object to its default values. williamr@4: * @internalTechnology williamr@4: */ williamr@2: void Reset(); williamr@2: williamr@2: /** Sets the error status, and then leaves. williamr@2: * williamr@2: * The function uses SetError() to set the error status. williamr@2: * williamr@2: * @param aError The error type that occurred when validating the certificate chain. williamr@2: * @param aCert The index number identifying the certificate that gave rise to williamr@4: * the error. williamr@4: * @internalTechnology williamr@4: */ williamr@2: void SetErrorAndLeaveL(const TValidationError aError, const TInt aCert); williamr@2: williamr@2: /** Sets the error status. williamr@2: * williamr@2: * @param aError The error type that occurred when validating the certificate chain. williamr@2: * @param aCert The index number identifying the certificate that gave rise to williamr@4: * the error. williamr@4: * @internalTechnology williamr@4: */ williamr@2: void SetError(const TValidationError aError, const TInt aCert); williamr@2: williamr@2: /** Adds a warning to the validation result. williamr@2: * williamr@4: * @param aWarning The warning to be added. williamr@4: * @internalTechnology williamr@4: */ williamr@2: void AppendWarningL(TValidationStatus aWarning); williamr@2: williamr@2: /** Adds a policy to the validation result. williamr@2: * williamr@4: * @param aPolicy The policy to be added. williamr@4: * @internalTechnology williamr@4: */ williamr@2: void AppendPolicyL(CX509CertPolicyInfo& aPolicy); williamr@2: williamr@2: /** Removes all policies from the validation result. williamr@2: * williamr@2: * It is used by the validation process to remove policies it has added when williamr@2: * the computation cannot complete because of environmental conditions such as williamr@4: * out of memory, file access failures, etc.. williamr@4: * @internalTechnology williamr@4: */ williamr@2: // (not like signature validation...) williamr@2: void RemovePolicies(); williamr@2: williamr@2: // Internalization/Externalization williamr@2: // Externalize. Writes the data out to a stream williamr@2: /** Externalises an object of this class to a write stream. williamr@2: * williamr@2: * The presence of this function means that the standard templated operator<<() williamr@2: * can be used to externalise objects of this class. williamr@2: * williamr@2: * @param aStream Stream to which the object should be externalised. */ williamr@2: IMPORT_C void ExternalizeL(RWriteStream& aStream) const; williamr@2: williamr@2: // Internalize. Reads the data from a stream williamr@2: /** Internalises an object of this class from a read stream. williamr@2: * williamr@2: * The presence of this function means that the standard templated operator>>() williamr@2: * can be used to internalise objects of this class. williamr@2: * williamr@2: * Note that this function has assignment semantics: it replaces the old value williamr@2: * of the object with a new value read from the read stream. williamr@2: * williamr@2: * @param aStream Stream from which the object should be internalised. */ williamr@2: IMPORT_C void InternalizeL(RReadStream& aStream); williamr@2: williamr@2: /** Returns a list of critical extensions encountered and warnings generated by williamr@2: * certificates during chain validation. williamr@2: * williamr@2: * @return An array of certificate warnings. */ williamr@2: IMPORT_C const RPointerArray& ValidationWarnings() const; williamr@2: williamr@2: /** Adds a certificate warning to the validation result. williamr@2: * williamr@2: * @param aCertWarning The warning to be added. */ williamr@2: IMPORT_C void AppendCertificateValidationObjectL(const CCertificateValidationWarnings& aCertWarning); williamr@2: williamr@2: /** Adds a critical extension OID warning. williamr@2: * williamr@2: * @param aCriticalExt The critical extension OID to be added. */ williamr@2: IMPORT_C void AppendCriticalExtensionWarningL(TDesC& aCriticalExt); williamr@2: williamr@2: protected: williamr@2: IMPORT_C CPKIXValidationResultBase(); williamr@2: IMPORT_C void ConstructL(); williamr@2: williamr@2: private: williamr@2: TValidationStatus iError; williamr@2: CArrayFixFlat* iWarnings; williamr@2: CArrayPtrFlat* iPolicies; williamr@2: RPointerArray iCertWarnings; williamr@2: }; williamr@2: williamr@2: /** Stores the information regarding the results of a validation of a PKIX williamr@2: * certificate chain. williamr@2: * williamr@2: * @since v6.0 */ williamr@2: class CPKIXValidationResult : public CPKIXValidationResultBase williamr@2: { williamr@2: public: williamr@2: /** Creates a new PKIX Validation Result object. williamr@2: * williamr@2: * @return The new PKIX Validation Result object. */ williamr@2: IMPORT_C static CPKIXValidationResult* NewL(); williamr@2: williamr@2: /** Creates a new PKIX Validation Result object, and puts a pointer to it onto williamr@2: * the cleanup stack. williamr@2: * williamr@2: * @return The new PKIX Validation Result object. */ williamr@2: IMPORT_C static CPKIXValidationResult* NewLC(); williamr@2: williamr@2: /** The destructor. williamr@2: * williamr@2: * Frees all resources owned by the object. */ williamr@2: IMPORT_C ~CPKIXValidationResult(); williamr@2: williamr@2: /** Gets the error status of the operation. williamr@2: * williamr@2: * Errors are considered fatal, i.e. validation has failed. williamr@2: * williamr@2: * @return The error status of the operation. */ williamr@2: IMPORT_C const TValidationStatus Error() const; williamr@2: williamr@2: /** Gets a list of warnings generated. williamr@2: * williamr@2: * The warnings may or may not be fatal, depending on the context, which the williamr@2: * client is expected to provide. williamr@2: * williamr@2: * @return An array of any warnings generated. */ williamr@2: IMPORT_C const CArrayFixFlat& Warnings() const; williamr@2: williamr@2: /** Gets a list of all the certificate policies which have been accepted implicitly williamr@2: * in the course of validation. williamr@2: * williamr@2: * @return An array of certificate policies. */ williamr@2: IMPORT_C const CArrayPtrFlat& Policies() const; williamr@2: williamr@2: /** Returns a list of critical extensions encountered and warnings generated by williamr@2: * certificates during chain validation. A CCertificateWarning object is returned for williamr@2: * each certificate in the chain, even if no critical extensions or warnings were williamr@2: * encountered. The array's data is in the same order as the certificate chain. williamr@2: * williamr@2: * @return An array of certificate warnings. Ownership is not transferred williamr@2: * to the caller. */ williamr@2: IMPORT_C const RPointerArray& ValidationWarnings() const; williamr@2: williamr@2: private: williamr@2: CPKIXValidationResult(); williamr@2: }; williamr@2: williamr@2: #endif