|
1 /* |
|
2 * Copyright (c) 2003-2008 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: PKI definitions module |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 #ifndef __PKIDEFS_H__ |
|
21 #define __PKIDEFS_H__ |
|
22 |
|
23 #include <x509certext.h> |
|
24 |
|
25 const TInt MAX_FILENAME_LENGTH = 64; |
|
26 const TInt SHORT_FILENAME_LENGTH = 64; |
|
27 |
|
28 const TUint32 KMaxX500DN = 256; |
|
29 const TUint32 KMaxRfc822 = 64; |
|
30 const TUint32 KMaxUsageDer = 16; |
|
31 const TUint32 KMaxSerial = 128; |
|
32 |
|
33 |
|
34 // Certificate / Key Store type identifiers |
|
35 enum TPkiServiceStoreType |
|
36 { |
|
37 EPkiStoreTypeAny = 0, |
|
38 EPkiStoreTypeUser = 0x01, |
|
39 EPkiStoreTypeDevice = 0x10 |
|
40 }; |
|
41 |
|
42 // Certificate / Key Store identifiers |
|
43 const TInt STORE_KEYSTORE = 1; |
|
44 const TInt STORE_CERTSTORE = 2; |
|
45 |
|
46 |
|
47 |
|
48 /** |
|
49 * Definitions used by PKI Service API |
|
50 */ |
|
51 const TInt KPKISHA1HashLengthBytes = 20; |
|
52 typedef TBuf8<KPKISHA1HashLengthBytes> TPKISHA1Hash; |
|
53 |
|
54 typedef TPKISHA1Hash TPKIKeyIdentifier; |
|
55 |
|
56 // PKI Service API error codes |
|
57 // NOTE! The error code values below MUST be kept in sync with |
|
58 // the corresponding error code values defined together by |
|
59 // vpnapi/data/vpnerr.rss and vpnapi/data/vpnerr.ra |
|
60 const TInt KPKIErrWrongObjectType = -5240; |
|
61 const TInt KPKIErrObjectUninitialized = -5241; |
|
62 const TInt KPKIErrPassword = -5242; |
|
63 const TInt KPKIErrServiceBusy = -5243; |
|
64 const TInt KPKIErrCancel = -5244; |
|
65 const TInt KPKIErrBufferTooShort = -5245; |
|
66 const TInt KPKIErrCertRequestParam = -5246; |
|
67 const TInt KPKIErrCertRequest = -5247; |
|
68 const TInt KPKIErrNotFound = -5248; |
|
69 const TInt KPKIErrAmbiguous = -5249; |
|
70 const TInt KPKIErrNotSupported = -5250; |
|
71 const TInt KPKIErrUnexpectedState = -5251; |
|
72 const TInt KPKIErrKeyStoreEmpty = -5252; |
|
73 |
|
74 |
|
75 enum TPKICertificateOwnerType |
|
76 { |
|
77 EPKICACertificate, |
|
78 EPKIUserCertificate, |
|
79 EPKIPeerCertificate |
|
80 }; |
|
81 |
|
82 |
|
83 enum TPKIKeyAlgorithm |
|
84 { |
|
85 EPKIInvalidAlgorithm = 0, |
|
86 EPKIRSA = 1, |
|
87 EPKIDSA = 2, |
|
88 EPKIDH = 3 |
|
89 }; |
|
90 |
|
91 |
|
92 typedef TX509KeyUsage TPKIKeyUsage; |
|
93 |
|
94 |
|
95 |
|
96 class TCertificateRequestListEntry |
|
97 { |
|
98 public: |
|
99 TBuf<SHORT_FILENAME_LENGTH> iObjectName; |
|
100 }; |
|
101 |
|
102 |
|
103 class TCertificateListEntry |
|
104 { |
|
105 public: |
|
106 TPKICertificateOwnerType iOwnerType; // User, CA or peer. If user certificate, at least key usage must be set |
|
107 TBuf8<KMaxX500DN> iTrustedAuthority; // Cert TrustedAuthority |
|
108 TBuf8<KMaxX500DN> iIdentitySubjectName; // Identity subject name |
|
109 TBuf8<KMaxSerial> iSerialNumber; // Serialnumber |
|
110 TPKIKeyIdentifier iSubjectKeyId; // SHA1 hash of the corresponding private key |
|
111 TPkiServiceStoreType iStoreType; |
|
112 TBuf<SHORT_FILENAME_LENGTH> iObjectName; |
|
113 TUint iKeySize; // Key size |
|
114 TPKIKeyAlgorithm iKeyAlgorithm; // RSA, DSA |
|
115 TBool iIsDeletable; // |
|
116 }; |
|
117 |
|
118 class TKeyListEntry |
|
119 { |
|
120 public: |
|
121 TBuf<SHORT_FILENAME_LENGTH> iObjectName; |
|
122 TPKIKeyIdentifier iSubjectKeyId; // SHA1 hash of the corresponding private key |
|
123 TUint iKeySize; // Key size |
|
124 TPKIKeyAlgorithm iKeyAlgorithm; // RSA, DSA |
|
125 }; |
|
126 |
|
127 #endif |