CCmsSignedObject Class Reference
| class CCmsSignedObject : public CSignedObject |
A representation of a RFC2630 (signed data) entity.
| Public Member Functions |
|---|
| ~CCmsSignedObject() |
| IMPORT_C void | AddCertificateL(const CX509Certificate &) |
| IMPORT_C void | AddCertificateL(const TDesC8 &, CCmsCertificateChoice::TCertificateType) |
| IMPORT_C const RPointerArray< CCmsCertificateChoice > & | Certificates() |
| IMPORT_C const CEncapsulatedContentInfo & | ContentInfo() |
| IMPORT_C const TPtrC8 * | DataElementEncoding(const TUint) |
| IMPORT_C const RPointerArray< CX509AlgorithmIdentifier > & | DigestAlgorithms() |
| IMPORT_C CASN1EncSequence * | EncodeASN1DERLC() |
| IMPORT_C void | InternalizeL(RReadStream &) |
| IMPORT_C TBool | IsCertificateRevocationListsPresent() |
| IMPORT_C TBool | IsCertificateSetPresent() |
| IMPORT_C CCmsSignedObject * | NewL(TCmsContentInfoType, TBool, const TDesC8 &) |
| IMPORT_C CCmsSignedObject * | NewL(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CDSAPrivateKey &, const CX509Certificate &, TBool) |
| IMPORT_C CCmsSignedObject * | NewL(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CRSAPrivateKey &, const CX509Certificate &, TBool) |
| IMPORT_C CCmsSignedObject * | NewL(const CCmsContentInfo &) |
| IMPORT_C CCmsSignedObject * | NewLC(TCmsContentInfoType, TBool, const TDesC8 &) |
| IMPORT_C CCmsSignedObject * | NewLC(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CDSAPrivateKey &, const CX509Certificate &, TBool) |
| IMPORT_C CCmsSignedObject * | NewLC(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CRSAPrivateKey &, const CX509Certificate &, TBool) |
| IMPORT_C CCmsSignedObject * | NewLC(const CCmsContentInfo &) |
| IMPORT_C void | SignL(const TDesC8 &, TAlgorithmId, const CDSAPrivateKey &, const CX509Certificate &, TBool) |
| IMPORT_C void | SignL(const TDesC8 &, TAlgorithmId, const CRSAPrivateKey &, const CX509Certificate &, TBool) |
| IMPORT_C const TPtrC8 | SignedDataL() |
| IMPORT_C const RPointerArray< CCmsSignerInfo > & | SignerInfo() |
| IMPORT_C TBool | ValidateSignerLC(const CCmsSignerInfo &, HBufC8 *&) |
| IMPORT_C TBool | ValidateSignerLC(const CCmsSignerInfo &, const RPointerArray< CX509Certificate > &, HBufC8 *&) |
| IMPORT_C TBool | ValidateSignerLC(const CCmsSignerInfo &, HBufC8 *&, TBool, const TDesC8 &) |
| IMPORT_C TBool | ValidateSignerLC(const CCmsSignerInfo &, const RPointerArray< CX509Certificate > &, HBufC8 *&, TBool, const TDesC8 &) |
| IMPORT_C TInt | Version() |
| Private Member Functions |
|---|
| CCmsSignedObject() |
| void | AddDigestAlgorithmL(TAlgorithmId) |
|
CCmsSignerIdentifier * | BuildSignerIdentifierLC(const CX509Certificate &) |
| void | BuildSignerInfoCertListAndAlgoritmListL(TAlgorithmId, TBool, const TDesC8 &, const CDSAPrivateKey &, const CX509Certificate &, TBool) |
| void | BuildSignerInfoCertListAndAlgoritmListL(TAlgorithmId, TBool, const TDesC8 &, const CRSAPrivateKey &, const CX509Certificate &, TBool) |
| void | ConstructL(const CCmsContentInfo &) |
| void | ConstructL(TCmsContentInfoType, TBool, const TDesC8 &) |
| void | ConstructL(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CDSAPrivateKey &, const CX509Certificate &, TBool) |
| void | ConstructL(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CRSAPrivateKey &, const CX509Certificate &, TBool) |
| void | DecodeCertificatesL(const TDesC8 &) |
| void | DecodeDigestAlgorithmsL(const TDesC8 &) |
| void | DecodeEncapsulatedContentInfoL(const TDesC8 &) |
| void | DecodeRevocationListsL(const TDesC8 &) |
| void | DecodeSignedDataL(const TDesC8 &) |
| void | DecodeSignerInfoL(const TDesC8 &) |
|
CASN1EncBase * | EncodeAlgorithmsLC() |
|
CASN1EncBase * | EncodeCertificatesLC() |
|
CASN1EncBase * | EncodeSignerInfoLC() |
| void | InitSignedObjectL(const TDesC8 &) |
| void | SetContentData(const TDesC8 &) |
| void | SetHash(const TDesC8 &) |
|
TBool
| ValidateSignatureL(const CCmsSignerInfo &, const CX509Certificate &) |
Constructor & Destructor Documentation
CCmsSignedObject()
| CCmsSignedObject | ( | ) | [private] |
~CCmsSignedObject()
| IMPORT_C | ~CCmsSignedObject | ( | ) | |
Member Functions Documentation
AddCertificateL(const CX509Certificate &)
Appends the X509 certificate to the certificate list.
AddCertificateL(const TDesC8 &, CCmsCertificateChoice::TCertificateType)
Appends an encoded attribute certificate to the certificate list.
AddDigestAlgorithmL(TAlgorithmId)
| void | AddDigestAlgorithmL | ( | TAlgorithmId | aDigestAlgorithm | ) | [private] |
Append the algorithm to the algoritm list
BuildSignerIdentifierLC(const CX509Certificate &)
Build the signer's identifier from the signer's certificate. If the signer's certificate contains the subject identifier extension, the signer identifier is subject id extension. otherwise, the signer identifier is isuuer name and serial number.
BuildSignerInfoCertListAndAlgoritmListL(TAlgorithmId, TBool, const TDesC8 &, const CDSAPrivateKey &, const CX509Certificate &, TBool)
Build the signer list, algorithm list and certificate list in the CMS signer data.
Parameters
| TAlgorithmId aDigestAlgorithm | the digest algorithm identifier. |
| TBool aIsHash | A flag the represent if the next descriptor is the hash value rather that original data |
| const TDesC8 & aValue | the data content or its hash. |
| const CDSAPrivateKey & aKey | the DSA private used to sign. |
| const CX509Certificate & aCert | the signer's certificate |
| TBool aAddCertificate | the flag to represent if the certificate is added to the certificate set |
BuildSignerInfoCertListAndAlgoritmListL(TAlgorithmId, TBool, const TDesC8 &, const CRSAPrivateKey &, const CX509Certificate &, TBool)
Build the signer list, algorithm list and certificate list in the CMS signer data.
Parameters
| TAlgorithmId aDigestAlgorithm | the digest algorithm identifier. |
| TBool aIsHash | A flag the represent if the next descriptor is the hash value rather that original data |
| const TDesC8 & aValue | the data content or its hash. |
| const CRSAPrivateKey & aKey | the RSA private used to sign. |
| const CX509Certificate & aCert | the signer's certificate |
| TBool aAddCertificate | the flag to represent if the certificate is added to the certificate set |
Certificates()
Returns the certificates list.
ConstructL(const CCmsContentInfo &)
Second phase constructor for decoding a CMS signed data object
Parameters
| const CCmsContentInfo & aContentInfo | the content info which contains the CMS signed data. |
ConstructL(TCmsContentInfoType, TBool, const TDesC8 &)
Second phase constructor for constructing a CMS signed data object from data content.
Parameters
| TCmsContentInfoType aType | the encapsulated content info type. |
| TBool aIsDetached | if the CMS signed data does not contains the data content being signed. |
| const TDesC8 & aContentData | the content data descriptor. |
ConstructL(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CDSAPrivateKey &, const CX509Certificate &, TBool)
Second phase constructor for constructing a CMS signed data object from data content hash
Parameters
| TCmsContentInfoType aType | the encapsulated content info type. |
| const TDesC8 & aHashValue | the hash of the data content to create the signature. |
| TAlgorithmId aDigestAlgorithm | the digest algorithm. |
| const CDSAPrivateKey & aKey | the DSA private to create signature. |
| const CX509Certificate & aCert | the signer's certficate |
| TBool aAddCertificate | a flag to represent if the signer's certificate is added to certificate set. |
ConstructL(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CRSAPrivateKey &, const CX509Certificate &, TBool)
Second phase constructor for constructing a CMS signed data object from data content hash
Parameters
| TCmsContentInfoType aType | the encapsulated content info type. |
| const TDesC8 & aHashValue | the hash of the data content to create the signature. |
| TAlgorithmId aDigestAlgorithm | the digest algorithm. |
| const CRSAPrivateKey & aKey | the RSA private to create signature. |
| const CX509Certificate & aCert | the signer's certficate |
| TBool aAddCertificate | a flag to represent if the signer's certificate is added to certificate set. |
ContentInfo()
Returns the encapsulated content info of this signed object.
DataElementEncoding(const TUint)
| IMPORT_C const TPtrC8 * | DataElementEncoding | ( | const TUint | aIndex | ) | const [virtual] |
Gets the encoded data for the specified encoded data element, in the (to be signed) tbsCertificate data structure, of the signed object.
Parameters
| const TUint aIndex | The encoded data element position in the tbsCertificate data structure. See the enumeration: CX509Certificate::Anonymous. |
DecodeCertificatesL(const TDesC8 &)
| void | DecodeCertificatesL | ( | const TDesC8 & | aRawData | ) | [private] |
Decode the certificate set.
DecodeDigestAlgorithmsL(const TDesC8 &)
| void | DecodeDigestAlgorithmsL | ( | const TDesC8 & | aRawData | ) | [private] |
Decode the digest algorithm set.
DecodeEncapsulatedContentInfoL(const TDesC8 &)
| void | DecodeEncapsulatedContentInfoL | ( | const TDesC8 & | aRawData | ) | [private] |
Decode the encapsulated content info
DecodeRevocationListsL(const TDesC8 &)
| void | DecodeRevocationListsL | ( | const TDesC8 & | aRawData | ) | [private] |
Decode the certificate revocation set. Not implemented now!
DecodeSignedDataL(const TDesC8 &)
| void | DecodeSignedDataL | ( | const TDesC8 & | aRawData | ) | [private] |
Decode the CMS Signer data.
Parameters
| const TDesC8 & aRawData | the raw data of the CMS signed data. |
DecodeSignerInfoL(const TDesC8 &)
| void | DecodeSignerInfoL | ( | const TDesC8 & | aRawData | ) | [private] |
Decode the signer info set.
DigestAlgorithms()
Returns the employed algorithm list.
EncodeASN1DERLC()
Creates the ASN1 sequence of this CMS signed object and leaves it on the cleanup stack.
EncodeCertificatesLC()
Encode the certificate set
EncodeSignerInfoLC()
Encode the signer info set
InitSignedObjectL(const TDesC8 &)
| void | InitSignedObjectL | ( | const TDesC8 & | aRawData | ) | [private] |
Initialise the signed data base class members for the validation process.
Parameters
| const TDesC8 & aRawData | the raw data of the CMS signed data. |
InternalizeL(RReadStream &)
| IMPORT_C void | InternalizeL | ( | RReadStream & | aStream | ) | [virtual] |
Internalises the encoded object from a read stream.
The class makes use of a specification-specific parser class for extracting the various elements, that is provided by a subclass of CSignedObject. For this reason this function is pure virtual.
The presence of this function means that the standard templated operator>>() can be used to internalise objects of this class.
Parameters
| RReadStream & aStream | Stream from which the contents of the field should be internalised. |
IsCertificateRevocationListsPresent()
| IMPORT_C TBool | IsCertificateRevocationListsPresent | ( | ) | const |
Returns whether the certificate revocation list exists.
IsCertificateSetPresent()
| IMPORT_C TBool | IsCertificateSetPresent | ( | ) | const |
Returns whether the certificate list exists.
NewL(TCmsContentInfoType, TBool, const TDesC8 &)
Creates a CMS signed data object as defined in RFC2630. The CMS signed data created by this API contains no signer info. SignL() method can be called to add more signer info.
Parameters
| TCmsContentInfoType aType | The type of the encapsulated content. |
| TBool aIsDetached | A boolean indicating whether the encapsulated data is detached. |
| const TDesC8 & aContentData | The encapsulated data. If aIsDetached is EFalse, aContentData must not be KNullDesC8. Otherwise this API leave with KErrArgument. If aIsDetached is ETrue, aContentData can be KNullDesC8. But user must provide hash value when later calling SignL(). Otherwise SignL() leaves with KErrArguement. |
NewL(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CDSAPrivateKey &, const CX509Certificate &, TBool)
Creates a CMS signed data object as defined in RFC2630. This API only creates detached signed data as no data content is provided. The CMS signed data created by this API contains one signer info. SignL() method can be called to add more signer info.
Parameters
| TCmsContentInfoType aType | Encapsulated Content data type. |
| const TDesC8 & aHashValue | The hash value of the data content to be signed. |
| TAlgorithmId aDigestAlgorithm | The digest algorithm used to create the hash. |
| const CDSAPrivateKey & aKey | The DSA private key used to sign. |
| const CX509Certificate & aCert | The signer's certificate. |
| TBool aAddCertificate | A boolean indicating whether the signer's certificate is added to the signed data object. |
NewL(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CRSAPrivateKey &, const CX509Certificate &, TBool)
Creates a CMS signed data object as defined in RFC2630. This API only creates detached signed data as no data content is provided. The CMS signed data created by this API contains one signer info. SignL() method can be called to add more signer info.
Parameters
| TCmsContentInfoType aType | Encapsulated Content data type. |
| const TDesC8 & aHashValue | The hash value of the data content to be signed. |
| TAlgorithmId aDigestAlgorithm | The digest algorithm used to create the hash. |
| const CRSAPrivateKey & aKey | The RSA private key used to sign. |
| const CX509Certificate & aCert | aCert The signer's certificate. |
| TBool aAddCertificate | A boolean indicating whether the signer's certificate is added to the signed data object. |
NewL(const CCmsContentInfo &)
Creates a CMS signed data object as defined in RFC2630.
Parameters
| const CCmsContentInfo & aContentInfo | The CMS content info that contains the encoded signed object. |
NewLC(TCmsContentInfoType, TBool, const TDesC8 &)
Creates a CMS signed data object as defined in RFC2630, and leaves the object on the cleanup stack. this API contains no signer info. SignL() method can be called to add more signer info.
Parameters
| TCmsContentInfoType aType | The type of the encapsulated content. |
| TBool aIsDetached | A boolean indicating whether the encapsulated data is detached. |
| const TDesC8 & aContentData | The encapsulated data. If aIsDetached is EFalse, aContentData must not be KNullDesC8. Otherwise this API leave with KErrArgument. If aIsDetached is ETrue, aContentData can be KNullDesC8. But user must provide hash value when later calling SignL(). Otherwise SignL() leaves with KErrArguement. |
NewLC(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CDSAPrivateKey &, const CX509Certificate &, TBool)
Creates a CMS signed data object as defined in RFC2630 and leaves the object on the cleanup stack. This API only creates detached signed data as no data content is provided. The CMS signed data created by this API contains one signer info. SignL() method can be called to add more signer info.
Parameters
| TCmsContentInfoType aType | Encapsulated Content data type. |
| const TDesC8 & aHashValue | The hash value of the data content to be signed. |
| TAlgorithmId aDigestAlgorithm | The digest algorithm used to create the hash. |
| const CDSAPrivateKey & aKey | The DSA private key used to sign. |
| const CX509Certificate & aCert | The signer's certificate. |
| TBool aAddCertificate | A boolean indicating whether the signer's certificate is added to the signed data object. |
NewLC(TCmsContentInfoType, const TDesC8 &, TAlgorithmId, const CRSAPrivateKey &, const CX509Certificate &, TBool)
Creates a CMS signed data object as defined in RFC2630 and leaves the object on the cleanup stack. This API only creates detached signed data as no data content is provided. The CMS signed data created by this API contains one signer info. SignL() method can be called to add more signer info.
Parameters
| TCmsContentInfoType aType | Encapsulated Content data type. |
| const TDesC8 & aHashValue | The hash value of the data content to be signed. |
| TAlgorithmId aDigestAlgorithm | The digest algorithm used to create the hash. |
| const CRSAPrivateKey & aKey | The RSA private key used to sign. |
| const CX509Certificate & aCert | The signer's certificate. |
| TBool aAddCertificate | A boolean indicating whether the signer's certificate is added to the signed data object. |
NewLC(const CCmsContentInfo &)
Creates a CMS signed data object as defined in RFC2630 and leaves it on the cleanup stack.
Parameters
| const CCmsContentInfo & aContentInfo | The CMS content info that contains the encoded signed object. |
SetContentData(const TDesC8 &)
| void | SetContentData | ( | const TDesC8 & | aContentData | ) | [private] |
This function is called when validating a detached CMS signed object. It sets the data content being signed so that the signed data can be validated.
Parameters
| const TDesC8 & aContentData | The data content being signed. |
SetHash(const TDesC8 &)
| void | SetHash | ( | const TDesC8 & | aHash | ) | [private] |
This function is called when validating a detached CMS signed object. It sets the hash being signed so that the signed data can be validated.
Parameters
| const TDesC8 & aHash | The hash being signed. |
SignL(const TDesC8 &, TAlgorithmId, const CDSAPrivateKey &, const CX509Certificate &, TBool)
Creates one signature and adds it to the Signer info list. The signing certificate is added to the certificate list if the last boolean parameter aAddCertificate is true and it does not exist in the list. The digest algorithm is added to the digest algorithm list if it does not exist in the list. Calling this API multiple times will create multiple signatures.
- leave
- KErrArgument if no hash nor data content is provided.
Parameters
| const TDesC8 & aHashValue | The hash value to be signed. If this is an empty string, the content data to be signed must have been passed in via NewL method and hash value will be calculated by the implementation of this method. |
| TAlgorithmId aDigestAlgorithm | The digest algorithm used to create the hash. |
| const CDSAPrivateKey & aKey | the DSA private key used to sign. |
| const CX509Certificate & aCert | the signer's certificate. |
| TBool aAddCertificate | A boolean indicating whether the signer's certificate is added to the signed data object. |
SignL(const TDesC8 &, TAlgorithmId, const CRSAPrivateKey &, const CX509Certificate &, TBool)
Creates one signature and adds it to the Signer info list. The signing certificate is added to the certificate list if the last boolean parameter aAddCertificate is true and it does not exist in the list. The digest algorithm is added to the digest algorithm list if it does not exist in the list. Calling this API multiple times will create multiple signatures.
- leave
- KErrArgument if no hash nor data content is provided.
Parameters
| const TDesC8 & aHashValue | The hash value to be signed. If this is an empty string, the content data to be signed must have been passed in via NewL method and hash value will be calculated by the implementation of this method. |
| TAlgorithmId aDigestAlgorithm | The digest algorithm used to create the hash. |
| const CRSAPrivateKey & aKey | the RSA private key used to sign. |
| const CX509Certificate & aCert | the signer's certificate. |
| TBool aAddCertificate | A boolean indicating whether the signer's certificate is added to the signed data object. |
SignedDataL()
| IMPORT_C const TPtrC8 | SignedDataL | ( | ) | const [virtual] |
SignerInfo()
Retrieves the list of SignerInfo objects.
ValidateSignatureL(const CCmsSignerInfo &, const CX509Certificate &)
Validate the signature by the given certificate.
Parameters
| const CCmsSignerInfo & aSignerInfo | the signer info reference contains the signature |
| const CX509Certificate & aEndEntityCert | the certificate used to create the signature. |
ValidateSignerLC(const CCmsSignerInfo &, HBufC8 *&)
Validates the signer and creates the certificate chain for that signer. This API is used to validate attached signature.
- leave
- KErrNotFound There is no matching certificate.
Parameters
| const CCmsSignerInfo & aSignerInfo | The signer to be validated. |
| HBufC8 *& aCertChainEncoding | The certificate chain. This is created and pushed onto the cleanup stack by the function. |
ValidateSignerLC(const CCmsSignerInfo &, const RPointerArray< CX509Certificate > &, HBufC8 *&)
Validates the signer and creates the certificate chain for that signer. This API is used to validate attached signature.
- leave
- KErrNotFound There is no matching certificate.
Parameters
| const CCmsSignerInfo & aSignerInfo | The signer to be validated. |
| const RPointerArray< CX509Certificate > & aCertificates | The certificate list provided by the user to validate the signature. |
| HBufC8 *& aCertChainEncoding | The certificate chain. This is created and pushed onto the cleanup stack by the function. |
ValidateSignerLC(const CCmsSignerInfo &, HBufC8 *&, TBool, const TDesC8 &)
Validates the signer and creates the certificate chain for that signer. This API is used to validate detached signature.
- leave
- KErrNotFound There is no matching certificate.
Parameters
| const CCmsSignerInfo & aSignerInfo | The signer to be validated. |
| HBufC8 *& aCertChainEncoding | The certificate chain. This is created and pushed onto the cleanup stack by the function. |
| TBool aIsHash | The flag represent if the next parameter is the hash of the data content. |
| const TDesC8 & aContentDataOrHash | the descriptor that contains the data content or its hash |
ValidateSignerLC(const CCmsSignerInfo &, const RPointerArray< CX509Certificate > &, HBufC8 *&, TBool, const TDesC8 &)
Validates the signer and creates the certificate chain for that signer. This API is used to validate detached signature.
- leave
- KErrNotFound There is no matching certificate.
Parameters
| const CCmsSignerInfo & aSignerInfo | The signer to be validated. |
| const RPointerArray< CX509Certificate > & aCertificates | The certificate list provided by the user to validate the signature. |
| HBufC8 *& aCertChainEncoding | The certificate chain. This is created and pushed onto the cleanup stack by the function. |
| TBool aIsHash | The flag represent if the next parameter is the hash of the data content. |
| const TDesC8 & aContentDataOrHash | the descriptor that contains the data content or its hash |
Version()
| IMPORT_C TInt | Version | ( | ) | const |
Returns the version of this CMS signed object.
Member Enumerations Documentation
Enum anonymous
Index of CMS object fields.
Enumerators
| EVersionNumber = 0 |
Index of version field
|
| EDigestAlgorithms = 1 |
Index of digest algorithm set field
|
| EEncapsulatedContentInfo = 2 |
Index of encapsulated content info field
|
| ECertificates = 3 |
Index of certificate set field
|
| ERevocationLists = 4 |
Index of revocation list field
|
| ESignedInfo = 5 |
Index of signer info set field
|
Member Data Documentation
RPointerArray< CCmsCertificateChoice > iCertificates
TPtrC8
iContentData
The data content being signed
CEncapsulatedContentInfo * iContentInfo
Encapsulated Content List
TFixedArray< TPtrC8 *, KCmsMaxSignedDataElements > iDataElements
RPointerArray< CX509AlgorithmIdentifier > iDigestAlgorithms
TBool
iIsCertificateRevocationListsPresent
|
TBool
| iIsCertificateRevocationListsPresent | [private] |
Reprents if the certificate revocationlisy is present
TBool
iIsCertificateSetPresent
|
TBool
| iIsCertificateSetPresent | [private] |
Reprents if the certificate set is present
RPointerArray< CCmsSignerInfo > iSignerInfo
TInt
iVersion
Version of the Signed object
Copyright ©2010 Nokia Corporation and/or its subsidiary(-ies).
All rights
reserved. Unless otherwise stated, these materials are provided under the terms of the Eclipse Public License
v1.0.