CPKCS10Request Class Reference

class CPKCS10Request : public CActive

Class for making PKCS#10 Certificate Request objects.

Keys are specified by a cryptotokens key info object - this means that this API can only be used to generate cert requests for keys that are held in a keystore on the device.

Inherits from

Public Member Functions
~CPKCS10Request ()
IMPORT_C void CreateEncoding ( HBufC8 *&, TRequestStatus &)
IMPORT_C CPKCS10Request * NewL (const CX500DistinguishedName &, const CCTKeyInfo &, CPKCS10Attributes *)
IMPORT_C CPKCS10Request * NewLC (const CX500DistinguishedName &, const CCTKeyInfo &, CPKCS10Attributes *)
IMPORT_C void SetAttributes ( CPKCS10Attributes *)
IMPORT_C void SetDigestAlgL ( TAlgorithmId )
IMPORT_C void SetDistinguishedNameL (const CX500DistinguishedName &)
IMPORT_C void SetKeyInfoL (const CCTKeyInfo &)
Private Member Functions
CPKCS10Request (const CX500DistinguishedName *, const CCTKeyInfo *, CPKCS10Attributes *)
void CreateFinalEncodingL ()
void DoCancel ()
void EncodeTBSDataL ()
CASN1EncBase * MakeAttrEncLC ()
CASN1EncSequence * MakeCertRequestInfoEncLC ()
void Reset ()
TInt RunError ( TInt )
void RunL ()
Inherited Functions
CActive::CActive(TInt)
CActive::Cancel()
CActive::Deque()
CActive::Extension_(TUint,TAny *&,TAny *)
CActive::IsActive()const
CActive::IsAdded()const
CActive::Priority()const
CActive::SetActive()
CActive::SetPriority(TInt)
CActive::~CActive()
CBase::CBase()
CBase::Delete(CBase *)
CBase::operator new(TUint)
CBase::operator new(TUint,TAny *)
CBase::operator new(TUint,TLeave)
CBase::operator new(TUint,TLeave,TUint)
CBase::operator new(TUint,TUint)
CBase::~CBase()
Private Member Enumerations
enum TState {
EIdle , EInitialize , EGetKeyStore , EGetPublicKey , EOpenSigner , ESign
}
Inherited Enumerations
CActive:TPriority
Private Attributes
CPKCS10Attributes * iAttributes
TRequestStatus * iClientStatus
const CX500DistinguishedName * iDN
TAlgorithmId iDigestId
HBufC8 * iExportedKey
CPKCS10KeyHelper * iKeyHelper
const CCTKeyInfo * iKeyInfo
MCTKeyStore * iKeyStore
HBufC8 ** iResult
TState iState
HBufC8 * iTBSData
Inherited Attributes
CActive::iStatus

Constructor & Destructor Documentation

CPKCS10Request(const CX500DistinguishedName *, const CCTKeyInfo *, CPKCS10Attributes *)

CPKCS10Request ( const CX500DistinguishedName * aDN,
const CCTKeyInfo * aKeyInfo,
CPKCS10Attributes * aAttr
) [private]

Private constructor that initializes essential member variables.

Parameters

const CX500DistinguishedName * aDN
const CCTKeyInfo * aKeyInfo
CPKCS10Attributes * aAttr

~CPKCS10Request()

IMPORT_C ~CPKCS10Request ( ) [virtual]

Destructs PKCS#10 object, deletes encoding buffer and attributes.

Member Functions Documentation

CreateEncoding(HBufC8 *&, TRequestStatus &)

IMPORT_C void CreateEncoding ( HBufC8 *& aResult,
TRequestStatus & aStatus
)

Create the ASN.1 DER encoding of the certificate request. This is an asynchronous method. The Cancel() method can be called to cancel an outstanding request. This method can be called repeatedly to create certificate requests after setting the various parameters. However an outstanding request must complete or be cancelled before calling this method again.

Parameters

HBufC8 *& aResult On successful completion, this points to a newly allocated buffer containing the encoded certificate request.
TRequestStatus & aStatus Asynchronous status notification

CreateFinalEncodingL()

void CreateFinalEncodingL ( ) [private]

DoCancel()

void DoCancel ( ) [private, virtual]

Implements cancellation of an outstanding request.

This function is called as part of the active object's Cancel() .

It must call the appropriate cancel function offered by the active object's asynchronous service provider. The asynchronous service provider's cancel is expected to act immediately.

DoCancel() must not wait for event completion; this is handled by Cancel() .

CActive::Cancel

EncodeTBSDataL()

void EncodeTBSDataL ( ) [private]

Generates data to be signed.

MakeAttrEncLC()

CASN1EncBase * MakeAttrEncLC ( ) [private]

Encodes desired certificate attributes into ASN1. Takes whatever attributes are in the iAttributes and adds them below a sequence. If there are no attributes stored, leaves the set empty.

The structure of the attribute node is as follows:
         Context-specific[0]
    SEQUENCE-OF
      OID of the organization
      SET-OF
        SEQUENCE-OF (stored in iAttributes)
          SEQUENCE-OF
            OID of attribute
            OCTET STRING value
          SEQUENCE-OF
            OID of attribute
            OCTET STRING value
          ...
        

MakeCertRequestInfoEncLC()

CASN1EncSequence * MakeCertRequestInfoEncLC ( ) [private]

Performs the actual ASN.1 encoding of the request without signing it. certRequestInfo is what gets signed with private key.

NewL(const CX500DistinguishedName &, const CCTKeyInfo &, CPKCS10Attributes *)

IMPORT_C CPKCS10Request * NewL ( const CX500DistinguishedName & aDN,
const CCTKeyInfo & aKeyInfo,
CPKCS10Attributes * aAttr = NULL
) [static]

Creates a new PKCS#10 request object.

Parameters

const CX500DistinguishedName & aDN X500 distinguished name of the entity provided by caller. Stored in iDN member variable. Ownership is not transferred.
const CCTKeyInfo & aKeyInfo The key info object of the key to sign the request with. Does not take ownership.
CPKCS10Attributes * aAttr = NULL (Optional) The PKCS10 attributes to include in the request. Takes ownership.

NewLC(const CX500DistinguishedName &, const CCTKeyInfo &, CPKCS10Attributes *)

IMPORT_C CPKCS10Request * NewLC ( const CX500DistinguishedName & aDN,
const CCTKeyInfo & aKeyInfo,
CPKCS10Attributes * aAttr = NULL
) [static]

Creates a new PKCS#10 request object.

Parameters

const CX500DistinguishedName & aDN X500 distinguished name of the entity provided by caller. Stored in iDN member variable. Ownership is not transferred.
const CCTKeyInfo & aKeyInfo The key info object of the key to sign the request with. Does not take ownership.
CPKCS10Attributes * aAttr = NULL (Optional) The PKCS10 attributes to include in the request. Takes ownership.

Reset()

void Reset ( ) [private]

RunError(TInt)

TInt RunError ( TInt aErr ) [private, virtual]

Parameters

TInt aErr

RunL()

void RunL ( ) [private, virtual]

Handles an active object's request completion event.

A derived class must provide an implementation to handle the completed request. If appropriate, it may issue another request.

The function is called by the active scheduler when a request completion event occurs, i.e. after the active scheduler's WaitForAnyRequest() function completes.

Before calling this active object's RunL() function, the active scheduler has:

1. decided that this is the highest priority active object with a completed request

2. marked this active object's request as complete (i.e. the request is no longer outstanding)

RunL() runs under a trap harness in the active scheduler. If it leaves, then the active scheduler calls RunError() to handle the leave.

Note that once the active scheduler's Start() function has been called, all user code is run under one of the program's active object's RunL() or RunError() functions.

CActiveScheduler::Start CActiveScheduler::Error CActiveScheduler::WaitForAnyRequest TRAPD

SetAttributes(CPKCS10Attributes *)

IMPORT_C void SetAttributes ( CPKCS10Attributes * aAttr )

Set the attributes to be encoded in the request. It replaces existing attributes, if any.

Parameters

CPKCS10Attributes * aAttr The attributes - this object takes ownership.

SetDigestAlgL(TAlgorithmId)

IMPORT_C void SetDigestAlgL ( TAlgorithmId aDigest )

Set the digest algorithm to use when signing the request. If this method is not called, the default SHA-1 is used.

leave
KErrArgument if the specified algorithm is not supported.

Parameters

TAlgorithmId aDigest For RSA keys, one of EMD2, EMD5 or ESHA1. For DSA keys, ESHA1 is the only permitted value.

SetDistinguishedNameL(const CX500DistinguishedName &)

IMPORT_C void SetDistinguishedNameL ( const CX500DistinguishedName & aDN )

Set the distinguished name of the entity. It replaces existing name, if any.

Parameters

const CX500DistinguishedName & aDN X500 distinguished name of the entity provided by caller. Stored in iDN member variable. Ownership is not transferred.

SetKeyInfoL(const CCTKeyInfo &)

IMPORT_C void SetKeyInfoL ( const CCTKeyInfo & aKeyInfo )

Set the information of the key to sign with. It replaces existing key info, if any.

Parameters

const CCTKeyInfo & aKeyInfo The key info object of the key to sign the request with. Does not take ownership.

Member Enumerations Documentation

Enum TState

Enumerators

EIdle
EInitialize
EGetKeyStore
EGetPublicKey
EOpenSigner
ESign

Member Data Documentation

CPKCS10Attributes * iAttributes

CPKCS10Attributes * iAttributes [private]

TRequestStatus * iClientStatus

TRequestStatus * iClientStatus [private]

const CX500DistinguishedName * iDN

const CX500DistinguishedName * iDN [private]

TAlgorithmId iDigestId

TAlgorithmId iDigestId [private]

HBufC8 * iExportedKey

HBufC8 * iExportedKey [private]

CPKCS10KeyHelper * iKeyHelper

CPKCS10KeyHelper * iKeyHelper [private]

const CCTKeyInfo * iKeyInfo

const CCTKeyInfo * iKeyInfo [private]

MCTKeyStore * iKeyStore

MCTKeyStore * iKeyStore [private]

HBufC8 ** iResult

HBufC8 ** iResult [private]

TState iState

TState iState [private]

HBufC8 * iTBSData

HBufC8 * iTBSData [private]