|
1 /* |
|
2 * Copyright (c) 2002-2004 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: ?Description |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include "certid.h" |
|
20 #include "bigint.h" |
|
21 |
|
22 #include <asn1dec.h> |
|
23 #include <asn1enc.h> |
|
24 #include <x509cert.h> |
|
25 |
|
26 COCSPCertID* COCSPCertID::NewL(const CX509Certificate& aSubject, const CX509Certificate& aIssuer) |
|
27 { |
|
28 COCSPCertID* self = new (ELeave) COCSPCertID; |
|
29 CleanupStack::PushL(self); |
|
30 self->ConstructL(aSubject, aIssuer); |
|
31 CleanupStack::Pop(self); |
|
32 return self; |
|
33 } |
|
34 |
|
35 |
|
36 void COCSPCertID::ConstructL(const CX509Certificate& aSubject, const CX509Certificate& aIssuer) |
|
37 { |
|
38 CSHA1* sha1 = CSHA1::NewL(); |
|
39 CleanupStack::PushL(sha1); |
|
40 |
|
41 // Hash of DER encoding of IssuerName from subject cert (including tag and length) |
|
42 const TPtrC8* issuerNameDER = aSubject.DataElementEncoding(CX509Certificate::EIssuerName); |
|
43 if (!issuerNameDER) |
|
44 { |
|
45 User::Leave(KErrArgument); |
|
46 } |
|
47 |
|
48 iIssuerNameHash.Copy(sha1->Hash(*issuerNameDER)); |
|
49 |
|
50 // We'll ignore the 'number of unused bits' octet, since this is what everyone does, even |
|
51 // though strictly speaking the OCSP spec says to include it. This has been discussed on |
|
52 // the PKIX mailing list. |
|
53 sha1->Reset(); |
|
54 TPtrC8 subjectPublicKeyContents(aIssuer.PublicKey().KeyData()); |
|
55 iIssuerKeyHash.Copy(sha1->Hash(subjectPublicKeyContents)); |
|
56 |
|
57 CleanupStack::PopAndDestroy(sha1); |
|
58 |
|
59 // Set serial number from subject |
|
60 iSerialNumber.Set(aSubject.SerialNumber()); |
|
61 } |
|
62 |
|
63 |
|
64 COCSPCertID* COCSPCertID::NewL(const TDesC8& aBinaryData) |
|
65 { |
|
66 COCSPCertID* self = new (ELeave) COCSPCertID(); |
|
67 CleanupStack::PushL(self); |
|
68 self->ConstructL(aBinaryData); |
|
69 CleanupStack::Pop(self); |
|
70 return self; |
|
71 } |
|
72 |
|
73 |
|
74 void COCSPCertID::ConstructL(const TDesC8& aBinaryData) |
|
75 { |
|
76 // Check the tag |
|
77 TASN1DecGeneric decGen(aBinaryData); |
|
78 decGen.InitL(); |
|
79 if (decGen.Tag() != EASN1Sequence) |
|
80 { |
|
81 User::Leave(KErrArgument); |
|
82 } |
|
83 |
|
84 // Decode the sequence into 4 bits |
|
85 TASN1DecSequence decSeq; |
|
86 CArrayPtr<TASN1DecGeneric>* items = decSeq.DecodeDERLC(decGen, 4, 4); |
|
87 |
|
88 // First part - the hash algorithm - check for SHA1, no more needed |
|
89 /* |
|
90 CX509AlgorithmIdentifier* algID = CX509AlgorithmIdentifier::NewLC(items->At(0)->Encoding()); |
|
91 if (algID->Algorithm() != ESHA1) |
|
92 { |
|
93 User::Leave(KErrArgument); |
|
94 } |
|
95 CleanupStack::PopAndDestroy(algID); |
|
96 */ |
|
97 |
|
98 // Next parts - issuerNameHash and issuerKeyHash |
|
99 TASN1DecOctetString decOS; |
|
100 |
|
101 HBufC8* temp = decOS.DecodeDERL(*items->At(1)); |
|
102 iIssuerNameHash.Copy(*temp); |
|
103 delete temp; |
|
104 |
|
105 temp = decOS.DecodeDERL(*items->At(2)); |
|
106 iIssuerKeyHash.Copy(*temp); |
|
107 delete temp; |
|
108 |
|
109 // Lastly, the certificate serial number - just copy a reference to the encoded data |
|
110 iSerialNumber.Set(items->At(3)->GetContentDER()); |
|
111 |
|
112 CleanupStack::PopAndDestroy(); // items |
|
113 } |
|
114 |
|
115 |
|
116 // Construct ASN1 encoding object for the CertID data |
|
117 CASN1EncBase* COCSPCertID::EncoderLC() const |
|
118 { |
|
119 CASN1EncSequence* certID = CASN1EncSequence::NewLC(); |
|
120 |
|
121 // AlgId is a sequence, containing oid and null (both specific to SHA1) |
|
122 CASN1EncSequence* algEnc = CASN1EncSequence::NewLC(); |
|
123 CASN1EncObjectIdentifier* algOidEnc = CASN1EncObjectIdentifier::NewLC(KSHA1); |
|
124 algEnc->AddChildL(algOidEnc); |
|
125 CleanupStack::Pop(); // algOidEnc, now owned by algEnc |
|
126 CASN1EncNull* nullEnc = CASN1EncNull::NewLC(); |
|
127 algEnc->AddChildL(nullEnc); |
|
128 CleanupStack::Pop(); // nullEnc, now owned by algEnc |
|
129 certID->AddChildL(algEnc); |
|
130 CleanupStack::Pop(); // algEnc, now owned by certID |
|
131 |
|
132 // issuerNameHash |
|
133 CASN1EncOctetString* name = CASN1EncOctetString::NewLC(iIssuerNameHash); |
|
134 certID->AddChildL(name); |
|
135 CleanupStack::Pop(); // name, now owned by certID |
|
136 |
|
137 // issuerKeyHash |
|
138 CASN1EncOctetString* issuer = CASN1EncOctetString::NewLC(iIssuerKeyHash); |
|
139 certID->AddChildL(issuer); |
|
140 CleanupStack::Pop(); // issuer, now owned by certID |
|
141 |
|
142 // serialNumber |
|
143 #ifdef SYMBIAN_CRYPTO |
|
144 RInteger serialNumber = RInteger::NewL(iSerialNumber); |
|
145 CleanupStack::PushL(serialNumber); |
|
146 #else |
|
147 CInteger& serialNumber = *CInteger::NewLC(iSerialNumber); |
|
148 #endif |
|
149 CASN1EncBigInt* snEnc = CASN1EncBigInt::NewLC(serialNumber); |
|
150 certID->AddChildL(snEnc); |
|
151 CleanupStack::Pop(); // snEnc, now owned by certID; |
|
152 CleanupStack::PopAndDestroy(); // serialNumber |
|
153 |
|
154 return certID; |
|
155 } |
|
156 |
|
157 |
|
158 TBool COCSPCertID::operator==(const COCSPCertID& rhs) const |
|
159 { |
|
160 if (iIssuerNameHash == rhs.iIssuerNameHash |
|
161 && iIssuerKeyHash == rhs.iIssuerKeyHash |
|
162 && iSerialNumber == rhs.iSerialNumber) |
|
163 { |
|
164 return ETrue; |
|
165 } |
|
166 else |
|
167 { |
|
168 return EFalse; |
|
169 } |
|
170 } |
|
171 |
|
172 |
|
173 TPtrC8 COCSPCertID::SerialNumber() const |
|
174 { |
|
175 return iSerialNumber; |
|
176 } |