--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/secureswitools/swisistools/source/signsislib/sissignaturecertificatechain.cpp	Thu Dec 17 08:51:10 2009 +0200
@@ -0,0 +1,128 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: 
+*
+*/
+
+
+/**
+ @file 
+ @internalComponent
+ @released
+*/
+
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+
+#include "sissignaturecertificatechain.h"
+#include "signaturecertchaindata.h"
+#include "siscertificatechain.h"
+
+#include "exception.h"
+#include "utility.h"
+#include "sissignature.h"
+#include "siscontroller.h" 
+
+
+CSisSignatureCertificateChain::CSisSignatureCertificateChain (CSignatureCertChainData& aSisSignatureCertChain)
+						: iSisSignatureCertChain(aSisSignatureCertChain)
+	{
+	CSISArray <CSignatureData, CSISFieldRoot::ESISSignature>	&signatures = iSisSignatureCertChain.Signatures();
+	int count = signatures.size();
+	
+	iCertificateChain = new CSisCertificateChain(const_cast<CCertChainData&>(iSisSignatureCertChain.CertificateChain()));
+	}
+
+
+CSisSignatureCertificateChain::~CSisSignatureCertificateChain()
+	{
+	for(int i = 0; i < iSignatures.size(); ++i)
+		{
+		delete iSignatures[i];
+		}
+	iSignatures.clear();
+	delete iCertificateChain;
+	}
+
+void CSisSignatureCertificateChain::Sign (
+		const CSISSignatureAlgorithm::TAlgorithm aAlgorithm, const std::wstring& aCertificate,
+		const std::wstring& aPrivateKey, const std::wstring& aPassPhrase,  const TUint8* aBuffer, const TUint32 aBufferSize)
+	{
+	iCertificateChain->Load (aCertificate);
+	CSignatureData signatureContent;
+	CSignature* signature = new CSignature(signatureContent);
+	if (aAlgorithm != CSISSignatureAlgorithm::EAlgNone)
+		{
+		signatureContent.SetAlgorithm (aAlgorithm);
+		}
+	signature->Sign (aPrivateKey, aPassPhrase, aBuffer, aBufferSize);
+	iSisSignatureCertChain.AddSignature(signatureContent);
+	iSignatures.push_back (signature);
+	}
+
+
+void CSisSignatureCertificateChain::VerifySignature (const CSISController* aController, const TSISStream::pos_type aParentHeaderSize) const
+	{
+	int signatureCount = iSignatures.size ();
+	if (signatureCount != 0)
+		{
+		X509* x509 = iCertificateChain->GetBottomX509 ();
+		if (x509)
+			{
+			int index;
+			try
+				{
+				for (index = 0; index < signatureCount; index++)
+					{
+					int size = 0;
+
+					if (iSisSignatureCertChain.PreHeaderPos() <= 0)
+						{
+						size = aController->BufferSize ();
+						}
+					else
+						{
+						size = iSisSignatureCertChain.PreHeaderPos() - aParentHeaderSize;
+						assert (size <= aController->BufferSize ());
+						}
+	
+					iSignatures [index]->VerifySignature (x509, aController->RawBuffer(), size);
+					}
+				}
+			catch (...)
+				{
+
+				CSignature* signature = iSignatures[index];
+
+				if (!signature->SignatureAlgorithm().IsAlgorithmKnown())
+					{
+					SISLogger::Log(L"Could not verify signature with unknown algorithm, continuing.\n");
+					}
+				else
+					{
+					X509_free (x509);
+					SISLogger::Log(L"Could not verify signature with known algorithm, exiting.\n");
+					throw;
+					}
+				}
+			X509_free (x509);
+			}
+		}
+	}
+