diff -r 666f914201fb -r 2fe1408b6811 epoc32/include/wtlscert.h --- a/epoc32/include/wtlscert.h Tue Nov 24 13:55:44 2009 +0000 +++ b/epoc32/include/wtlscert.h Tue Mar 16 16:12:26 2010 +0000 @@ -1,1 +1,333 @@ -wtlscert.h +/* +* Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* +*/ + + + + +/** + @file + @internalAll +*/ + +#ifndef __WTLSCERT_H__ +#define __WTLSCERT_H__ + +#include +#include +#include +#include +#include +#include + + +class CRSAPublicKey; +class CDSAPublicKey; +class CDSASignature; +class CDSAParameters; + +const TInt KWTLSCertMaxDataElements = 6; + +/** + * @publishedAll + * @released + */ +class CWTLSRSASignatureResult : public CRSASignatureResult + { +public: + IMPORT_C static CWTLSRSASignatureResult* NewL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); + IMPORT_C static CWTLSRSASignatureResult* NewLC(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); + IMPORT_C virtual TBool VerifyL(const TDesC8& aResult); +private: + void ConstructL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); + }; + +/** + * @publishedAll + * @released + */ +class TWTLSKeyFactory : public TKeyFactory + { +public: + virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const; + virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const; + virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const; + virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const; + virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const; + virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const; + }; + +/** + * @publishedAll + * @released + */ +class CWTLSValidityPeriod : public CValidityPeriod + { +public: + IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData); + IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData); + IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData, TInt& aPos); + IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + CWTLSValidityPeriod(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + }; + +/** + * @publishedAll + * @released + */ +class CWTLSAlgorithmIdentifier : public CAlgorithmIdentifier + { +public: + IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData); + IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData); + IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos); + IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + CWTLSAlgorithmIdentifier(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + }; + +/** + * @publishedAll + * @released + */ +class CWTLSSigningAlgorithmIdentifier : public CSigningAlgorithmIdentifier + { +public: + IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData); + IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData); + IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos); + IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + CWTLSSigningAlgorithmIdentifier(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + }; + +/** + * @publishedAll + * @released + */ +class CWTLSSubjectPublicKeyInfo : public CSubjectPublicKeyInfo + { +public: + IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData); + IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData); + IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); + IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + CWTLSSubjectPublicKeyInfo(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + }; + +_LIT(KWTLSTCAType, " T"); +_LIT(KWTLSTCAValue, "ca"); + +/** + * @publishedAll + * @released + */ +class CWTLSCertificate : public CCertificate + { +public: + enum //enum values for encoded data element positions in tbsCert data structure + { //these values are to be used as params to DataElementEncoding() function + EVersionNumber = 0, + EAlgorithmId = 1, + EIssuerName = 2, + EValidityPeriod = 3, + ESubjectName = 4, + ESubjectPublicKeyInfo = 5, + }; + + /** + * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData); + + /** + * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation, + * and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData); + + /** + * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @param aPos An offset into the descriptor, and is updated to the position at the end of the object. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** + * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation, + * and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos An offset into the descriptor, and is updated to the position at the end of the object. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** + * Creates a new CWTLSCertificate object from a stream. + * + * The stream must have been written using the corresponding ExternalizeL() function. + * + * @param aStream The stream to be used as input. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewL(RReadStream& aStream); + + /** + * Creates a new CWTLSCertificate object from a stream, + * and puts a pointer to it onto the cleanup stack. + * + * The stream must have been written using the corresponding ExternalizeL() function. + * + * @param aStream The stream to be used as input. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewLC(RReadStream& aStream); + + /** + * Creates a new CWTLSCertificate object from an existing one in the certificate store. + * + * @param aCert The certificate to be copied. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewL(const CWTLSCertificate& aCert); + + /** + * Creates a new CWTLSCertificate object from an existing one in the certificate store, + * and puts a pointer to it onto the cleanup stack. + * + * @param aCert The certificate to be copied. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewLC(const CWTLSCertificate& aCert); + + /** + * Destructor. + * + * Frees all resources owned by the object, prior to its destruction. + */ + IMPORT_C ~CWTLSCertificate(); + + /** + * Tests whether this WTLS certificate is the same as the specified WTLS certificate. + * + * This is not a simple as it sounds. For X.509 certificates equality means that the issuer name + * and serial number fields are the same. This guarantees equality since a CA must ensure that every + * certificate it issues has a unique serial number. But WTLS certificates do not include serial numbers, + * so there seems to be no definition of equality. This function uses a byte-for-byte comparison of the + * signatures on the certificates: this should not result in any false positives, but may give false + * negatives if CAs do naughty things like recertifying the same key (which they have been known to do). + * + * @param aCert A WTLS certificate + * @return ETrue, if the parameter is the same certificate; EFalse, otherwise. + */ + IMPORT_C TBool IsEqualL(const CWTLSCertificate& aCert) const; + + //extra accessors + + /** + * Gets the version number of the WTLS certificate. + * + * @return The version number of the certificate. Always returns 1. + */ + IMPORT_C TInt Version() const; + + /** + * Gets the name of the WTLS certificate's issuing authority. + * + * @return A WTLS name: + * @li If the name is an X.500 DN, then if the name contains a Common name, that will be returned. + * Otherwise, if the name contains an Organization name, that will be returned. Otherwise an empty + * string will be returned. + * @li If the name is of type text, then if the name is not a 'structured' name the entire string will + * be returned, otherwise the same procedure will be followed as for X.509 certificates. + * @li If the name is null an empty string will be returned. + */ + // Unsupported -- If the name is a key hash or binary value the entire contents will be returned. + IMPORT_C const CWTLSName& IssuerName() const; + + /** + * Gets the name of the owner of the public key the WTLS certificate contains. + * + * @return A WTLS name. + */ + IMPORT_C const CWTLSName& SubjectName() const; + IMPORT_C virtual TBool IsSelfSignedL() const; + IMPORT_C virtual HBufC* SubjectL() const; + IMPORT_C virtual HBufC* IssuerL() const; + + /** + * Initialises the certificate from a stream. + * + * This should not be called by client code; instead the static factory function above should be used. + * If a client is using the certstore component for storage then it should use CCertStore::AddL() for + * externalizing and CWTLSCert::NewL(CCertStore& aStore, const CCertStoreEntry& aEntry); for restoring. + * + * @param aStream + */ + IMPORT_C void InternalizeL(RReadStream& aStream); + + /** + * Gets the certificate's signed data. + * + * @return A non-modifiable pointer descriptor representing the certificate's signed data. + */ + IMPORT_C const TPtrC8 SignedDataL() const; + + /** + * Gets the encoding for a data element at the specified index. + * + * @param aIndex The position of the encoded data element. + */ + IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const; + + /** + * Tests whether a non-selfsigned certificate can be used to sign others. + * + * Currently this only supports structured text variety of WTLS certificates. + * Other certificate types will return EFalse. + * + * @return ETrue, if the certificate is capable of signing other certificates; otherwise, EFalse. + */ + IMPORT_C TBool IsTCAL() const; +private: + CWTLSCertificate(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + void ConstructL(const CWTLSCertificate& aCertificate); + void ConstructCertL(const TDesC8& aBinaryData, TInt& aPos); + void InitEncodedDataElementsL(); + //private data + TInt iVersion; + CWTLSName* iIssuerName; + CWTLSName* iSubjectName; + TFixedArray* iDataElements; + }; + +#endif