|
1 /* |
|
2 * Copyright (c) 2003 - 2007 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Pkcs10 certificate request. |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 #ifndef _PKCS10_H_ |
|
21 #define _PKCS10_H_ |
|
22 #include "pkidefs.h" |
|
23 |
|
24 //////////////////////////////////////////////////////////////////////////////////////// |
|
25 // Definitions |
|
26 //////////////////////////////////////////////////////////////////////////////////////// |
|
27 #define SHA1_HASH_LTH 20 |
|
28 #define MD5_HASH_LTH 16 |
|
29 #define ASN1_MAX_LENGTH 0xffff |
|
30 #define ASN1_MAX_INTEGER 0xffff |
|
31 #define MAX_SIGNATURE_LENGTH 512 |
|
32 #define ASN1_SHORT_TAG_HDR_LTH 2 |
|
33 #define ASN1_LONG_TAG_HDR_LTH 4 |
|
34 #define ASN1_NULL_LTH 2 |
|
35 #define ASN1_CONSTRUCTED 0x20 |
|
36 #define ASN1_CONTEXT_SPECIFIC 0x80 |
|
37 #define COMMON_NAME_OID_LTH 3 |
|
38 #define KEY_TYPE_RSA_OID_LTH 9 |
|
39 #define SUBJECTALTNAME_EMAIL_OID_LTH 9 |
|
40 #define SUBJECTALTNAME_OID_LTH 3 |
|
41 #define CHALLENGEPW_OID_LTH 9 |
|
42 #define MD5WITHRSA_OID_LTH 9 |
|
43 #define MD5SIGNATURE_OID_LTH 8 |
|
44 #define SHA1WITHRSA_OID_LTH 9 |
|
45 #define PKCS10_EXTENSION_OID_LTH 9 |
|
46 #define DC_OID_LTH 10 |
|
47 |
|
48 enum THashType {HASH_TYPE_MD5, HASH_TYPE_SHA1}; |
|
49 const TUint8 KCommonNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x03}; |
|
50 const TUint8 KEmailAddressOid[SUBJECTALTNAME_EMAIL_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01}; |
|
51 const TUint8 KSubjectAltNameOid[SUBJECTALTNAME_OID_LTH] = {0x55, 0x1D, 0x11}; |
|
52 const TUint8 KChallengePWOid[CHALLENGEPW_OID_LTH] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x07}; |
|
53 const TUint8 KKeyTypeRSAOid[KEY_TYPE_RSA_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01}; |
|
54 const TUint8 KMd5WithRSAEncryptionOid[MD5WITHRSA_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04}; |
|
55 const TUint8 KMd5SignatureOid[MD5SIGNATURE_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05}; |
|
56 const TUint8 KSha1WithRSAEncryptionOid[SHA1WITHRSA_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05}; |
|
57 const TUint8 KPkcs10ExtensionOid[PKCS10_EXTENSION_OID_LTH] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x0E}; |
|
58 |
|
59 #define HEADERLENGTH 40 |
|
60 #define TRAILERLENGTH 37 |
|
61 #define HEADER _L("-----BEGIN NEW CERTIFICATE REQUEST-----\n") |
|
62 #define TRAILER _L("\n-----END NEW CERTIFICATE REQUEST-----") |
|
63 |
|
64 #define StoreINTValue(d, s) \ |
|
65 (*(unsigned char*)((unsigned char*)(d)+3)) = (unsigned char)((s) & 0xff);\ |
|
66 (*(unsigned char*)((unsigned char*)(d)+2)) = (unsigned char)(((s) >> 8 ) & 0xff);\ |
|
67 (*(unsigned char*)((unsigned char*)(d)+1)) = (unsigned char)(((s) >> 16) & 0xff);\ |
|
68 (*(unsigned char*)(d)) = (unsigned char)(((s) >> 24) & 0xff) |
|
69 |
|
70 typedef TBool (*TSignCallback)(const TDesC8 &aHash, TDes8 &aSig, const TPKIKeyIdentifier &aPrivKey, TAny* aContext); |
|
71 |
|
72 class TIndexPair |
|
73 { |
|
74 public: |
|
75 TUint startIndex; |
|
76 TUint endIndex; |
|
77 }; |
|
78 |
|
79 const TUint8 KCountryNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x06}; |
|
80 const TUint8 KOrganizationNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x0a}; |
|
81 const TUint8 KOrganizationalUnitNameOid[COMMON_NAME_OID_LTH] = {0x55,0x04, 0x0b}; |
|
82 const TUint8 KLocalityNameOid[COMMON_NAME_OID_LTH]= {0x55, 0x04, 0x07}; |
|
83 const TUint8 KStateOrProvinceNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x08}; |
|
84 const TUint8 KTitleOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x0c}; |
|
85 const TUint8 KCommonNOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x03}; |
|
86 const TUint8 KGivenNameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x2a}; |
|
87 const TUint8 KSurnameOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x04}; |
|
88 const TUint8 KInitialsOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x2b}; |
|
89 const TUint8 KGenerationQualifierOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x2c}; |
|
90 const TUint8 KDNQualifierOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x2e}; |
|
91 const TUint8 KSerialNumberOid[COMMON_NAME_OID_LTH] = {0x55, 0x04, 0x05}; |
|
92 const TUint8 KDomainComponentOid[DC_OID_LTH] = {0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19}; |
|
93 |
|
94 const TUint KNullAttributeIndex = 0; |
|
95 const TUint KCountryNameIndex = 1; |
|
96 const TUint KOrganizationNameIndex = 2; |
|
97 const TUint KOrganizationalUnitNameIndex = 3; |
|
98 const TUint KLocalityNameIndex = 4; |
|
99 const TUint KStateOrProvinceNameIndex = 5; |
|
100 const TUint KTitleIndex = 6; |
|
101 const TUint KCommonNameIndex = 7; |
|
102 const TUint KGivenNameIndex = 8; |
|
103 const TUint KSurnameIndex = 9; |
|
104 const TUint KInitialsIndex = 10; |
|
105 const TUint KGenerationQualifierIndex = 11; |
|
106 const TUint KDNQualifierIndex = 12; |
|
107 const TUint KSerialNumberIndex = 13; |
|
108 const TUint KDomainComponentIndex = 14; |
|
109 |
|
110 _LIT8(KCountryName, "C"); |
|
111 _LIT8(KOrganizationName, "O"); |
|
112 _LIT8(KOrganizationalUnitName, "OU"); |
|
113 _LIT8(KLocalityName, "L"); |
|
114 _LIT8(KStateOrProvinceName, "ST"); |
|
115 _LIT8(KTitle, "TITLE"); |
|
116 _LIT8(KCommonName, "CN"); |
|
117 _LIT8(KGivenName, "GIVENNAME"); |
|
118 _LIT8(KSurname, "SN"); |
|
119 _LIT8(KInitials, "INITIALS"); |
|
120 _LIT8(KGenerationQualifier, "GENERATIONQUALIFIER"); |
|
121 _LIT8(KDNQualifier, "DNQUALIFIER"); |
|
122 _LIT8(KSerialNumber, "SERIALNUMBER"); |
|
123 _LIT8(KDomainComponent, "DC"); |
|
124 |
|
125 _LIT8(KDot, "."); |
|
126 |
|
127 ////////////////////////////////////////////////////////////////////////////// |
|
128 // Class CPkcs10Req |
|
129 ////////////////////////////////////////////////////////////////////////////// |
|
130 class CPkcs10Req : public CBase |
|
131 { |
|
132 public: |
|
133 #ifdef __EABI__ |
|
134 /** Cause vtable & typeinfo to be exported */ |
|
135 IMPORT_C CPkcs10Req() {}; |
|
136 #endif |
|
137 IMPORT_C ~CPkcs10Req(); |
|
138 ////////////////////////////////////////////////////////////////////// |
|
139 // Visible interface |
|
140 ////////////////////////////////////////////////////////////////////// |
|
141 // Setting parameters for PKCS#10 request |
|
142 ////////////////////////////////////////////////////////////////////// |
|
143 IMPORT_C TInt SetDistinguishedName(const TDesC8 &aDistinguishedName); |
|
144 IMPORT_C TInt SetSubjectAltNameRfc822(const TDesC8 &aSubjectAltNameRfc822); |
|
145 IMPORT_C TInt SetChallengePw(const TDesC8 &aChallengePw); |
|
146 IMPORT_C TInt SetDNSName(const TDesC8 &aDNSName); |
|
147 IMPORT_C TInt SetPublicKey(const TDesC8 &aPublicKeyBits); |
|
148 IMPORT_C TInt SetDistinguishedNameExtendedL(const TDesC8 &aDistinguishedName); |
|
149 ////////////////////////////////////////////////////////////////////// |
|
150 // Create PKCS#10 request |
|
151 ////////////////////////////////////////////////////////////////////// |
|
152 IMPORT_C HBufC8* CreateCertificateRequestLC(THashType aSignatureAlgorithmId, const TPKIKeyIdentifier& aPrivateKeyFilename, TBool aDoBase64, TBool aDoPEM, TSignCallback aSignCallBack, TAny* aSignCallBackContext); |
|
153 // Static functions |
|
154 IMPORT_C static void BuildDistinguishedNameDerFromTextL(HBufC8 *&derBuffer, const TDesC8 &aDistinguishedName, TBool aByPass, const TDesC8 &aByPassType); |
|
155 IMPORT_C static TPtrC8 AttributeTypeOidToText(const TDesC &aType); |
|
156 static TInt ASNCopy(TUint8 *dataPtr, TUint8 *valuePtr, TInt length); |
|
157 static void BuildIndexPairsLC(HBufC8 *&buffer, const TDesC8 &aDistinguishedName, CArrayFixFlat<TIndexPair> *aTypeIndexArray, CArrayFixFlat<TIndexPair> *aValueIndexArray); |
|
158 static void BuildDerL(HBufC8 *aSource, HBufC8 *&derBuffer, CArrayFixFlat<TIndexPair> *aTypeIndexArray, CArrayFixFlat<TIndexPair> *aValueIndexArray, CArrayFixFlat<TPtr8> *aTypePtrArray, CArrayFixFlat<TPtr8> *aValuePtrArray, TBool aByPass, const TDesC8 &aByPassType); |
|
159 static TBool OidExistsL(TPtr8 &aTypePtrArray, TUint &aIndex, TBuf8<32> &aDottedOidDer); |
|
160 static TInt GetOid(TUint aIndex, const TUint8 *&aValue); |
|
161 static void BuildElementDerLC(CArrayFixFlat<HBufC8 *> *aElementArray, TUint aWholeLength, TUint aSetLength, TUint aSeqLength, TUint aOidLength, TUint aStringLength, TUint aOidIndex, TBuf8<32> &aDottedOidDerPtr, TPtr8 &aValuePtr); |
|
162 static TInt DERSetLength(TUint8 *p, TInt datalen); |
|
163 static TInt DERSetInteger(TUint8 *p, TInt aValue); |
|
164 static inline TInt DERSetTag(TUint8 *p, TUint8 aTag) { *p = aTag; return 1;}; |
|
165 static inline TInt DERSetOid(TUint8 *p, const unsigned char *oid, TInt datalen) {Mem::Copy(p, oid, datalen); return datalen;}; |
|
166 private: |
|
167 //////////////////////////////////////////////////////////////////////////////////////// |
|
168 // Class variables |
|
169 //////////////////////////////////////////////////////////////////////////////////////// |
|
170 TPtrC8 iDistinguishedName; |
|
171 TPtrC8 iSubjectAltName; |
|
172 TPtrC8 iChallengePW; |
|
173 TPtrC8 iDNSName; |
|
174 TPtrC8 iPublicKey; |
|
175 THashType iSignatureAlgorithmId; |
|
176 TBool iUseExtendedDistinguishedName; |
|
177 HBufC8 *iDNDerBuf; |
|
178 //////////////////////////////////////////////////////////////////////////////////////// |
|
179 // Internal functions |
|
180 //////////////////////////////////////////////////////////////////////////////////////// |
|
181 void MD5_HashL(const TDesC8 &aInData, TDes8& aOutData); |
|
182 void SHA1_HashL(const TDesC8 &aInData, TDes8& aOutData); |
|
183 void DigestL(const TDesC8& aData, TDes8& aDigest, THashType aHashType); |
|
184 HBufC8* ASNEncodeCertificationRequestInfoLC(); |
|
185 HBufC8* ASNEncodeCertificationRequestLC(const TDes8 &CRLInfoBuffer, const TDes8 &signature); |
|
186 HBufC8* ASNEncodeCommonAttributesLC(); |
|
187 HBufC8* ASNEncodePKIinfoLC(); |
|
188 HBufC8* ASNEncodeExtendedAttributesLC(); |
|
189 }; |
|
190 |
|
191 #endif |
|
192 |