|
1 /* |
|
2 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * PKIXVALIDATIONRESULT.H |
|
16 * Implementation of the class storing PKIX validation result information |
|
17 * |
|
18 */ |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 /** |
|
24 @file |
|
25 @internalTechnology |
|
26 */ |
|
27 |
|
28 #ifndef __PKIXVALIDATIONRESULT_H__ |
|
29 #define __PKIXVALIDATIONRESULT_H__ |
|
30 |
|
31 #include <x509certchain.h> |
|
32 #include <x509certext.h> |
|
33 |
|
34 class RReadStream; |
|
35 /** |
|
36 * Base class for CPKIXValidationResult. |
|
37 * @internalTechnology |
|
38 */ |
|
39 class CPKIXValidationResultBase : public CBase |
|
40 { |
|
41 public: |
|
42 /** Creates a new PKIX Validation Result object. |
|
43 * |
|
44 * @return The new PKIX Validation Result object. */ |
|
45 IMPORT_C static CPKIXValidationResultBase* NewL(); |
|
46 |
|
47 /** Creates a new PKIX Validation Result object, and puts a pointer to it onto |
|
48 * the cleanup stack. |
|
49 * |
|
50 * @return The new PKIX Validation Result object. */ |
|
51 IMPORT_C static CPKIXValidationResultBase* NewLC(); |
|
52 |
|
53 /** Creates a new PKIX Validation Result object from a stream. |
|
54 * |
|
55 * @return The new PKIX Validation Result object. */ |
|
56 IMPORT_C static CPKIXValidationResultBase* NewL(RReadStream& aStream); |
|
57 |
|
58 /** Creates a new PKIX Validation Result object from a stream, and puts a pointer to it onto |
|
59 * the cleanup stack. |
|
60 * |
|
61 * @return The new PKIX Validation Result object. */ |
|
62 IMPORT_C static CPKIXValidationResultBase* NewLC(RReadStream& aStream); |
|
63 |
|
64 /** The destructor. |
|
65 * |
|
66 * Frees all resources owned by the object. */ |
|
67 IMPORT_C ~CPKIXValidationResultBase(); |
|
68 |
|
69 /** Gets the error status of the operation. |
|
70 * |
|
71 * Errors are considered fatal, i.e. validation has failed. |
|
72 * |
|
73 * @return The error status of the operation. */ |
|
74 IMPORT_C const TValidationStatus Error() const; |
|
75 |
|
76 /** Gets a list of warnings generated. |
|
77 * |
|
78 * The warnings may or may not be fatal, depending on the context, which the |
|
79 * client is expected to provide. |
|
80 * |
|
81 * @return An array of any warnings generated. */ |
|
82 IMPORT_C const CArrayFixFlat<TValidationStatus>& Warnings() const; |
|
83 |
|
84 /** Gets a list of all the certificate policies which have been accepted implicitly |
|
85 * in the course of validation. |
|
86 * |
|
87 * @return An array of certificate policies. */ |
|
88 IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const; |
|
89 |
|
90 /** Resets the validation result object to its default values. */ |
|
91 void Reset(); |
|
92 |
|
93 /** Sets the error status, and then leaves. |
|
94 * |
|
95 * The function uses SetError() to set the error status. |
|
96 * |
|
97 * @param aError The error type that occurred when validating the certificate chain. |
|
98 * @param aCert The index number identifying the certificate that gave rise to |
|
99 * the error. */ |
|
100 void SetErrorAndLeaveL(const TValidationError aError, const TInt aCert); |
|
101 |
|
102 /** Sets the error status. |
|
103 * |
|
104 * @param aError The error type that occurred when validating the certificate chain. |
|
105 * @param aCert The index number identifying the certificate that gave rise to |
|
106 * the error. */ |
|
107 void SetError(const TValidationError aError, const TInt aCert); |
|
108 |
|
109 /** Adds a warning to the validation result. |
|
110 * |
|
111 * @param aWarning The warning to be added. */ |
|
112 void AppendWarningL(TValidationStatus aWarning); |
|
113 |
|
114 /** Adds a policy to the validation result. |
|
115 * |
|
116 * @param aPolicy The policy to be added. */ |
|
117 void AppendPolicyL(CX509CertPolicyInfo& aPolicy); |
|
118 |
|
119 /** Removes all policies from the validation result. |
|
120 * |
|
121 * It is used by the validation process to remove policies it has added when |
|
122 * the computation cannot complete because of environmental conditions such as |
|
123 * out of memory, file access failures, etc.. */ |
|
124 // (not like signature validation...) |
|
125 void RemovePolicies(); |
|
126 |
|
127 // Internalization/Externalization |
|
128 // Externalize. Writes the data out to a stream |
|
129 /** Externalises an object of this class to a write stream. |
|
130 * |
|
131 * The presence of this function means that the standard templated operator<<() |
|
132 * can be used to externalise objects of this class. |
|
133 * |
|
134 * @param aStream Stream to which the object should be externalised. */ |
|
135 IMPORT_C void ExternalizeL(RWriteStream& aStream) const; |
|
136 |
|
137 // Internalize. Reads the data from a stream |
|
138 /** Internalises an object of this class from a read stream. |
|
139 * |
|
140 * The presence of this function means that the standard templated operator>>() |
|
141 * can be used to internalise objects of this class. |
|
142 * |
|
143 * Note that this function has assignment semantics: it replaces the old value |
|
144 * of the object with a new value read from the read stream. |
|
145 * |
|
146 * @param aStream Stream from which the object should be internalised. */ |
|
147 IMPORT_C void InternalizeL(RReadStream& aStream); |
|
148 |
|
149 /** Returns a list of critical extensions encountered and warnings generated by |
|
150 * certificates during chain validation. |
|
151 * |
|
152 * @return An array of certificate warnings. */ |
|
153 IMPORT_C const RPointerArray<CCertificateValidationWarnings>& ValidationWarnings() const; |
|
154 |
|
155 /** Adds a certificate warning to the validation result. |
|
156 * |
|
157 * @param aCertWarning The warning to be added. */ |
|
158 IMPORT_C void AppendCertificateValidationObjectL(const CCertificateValidationWarnings& aCertWarning); |
|
159 |
|
160 /** Adds a critical extension OID warning. |
|
161 * |
|
162 * @param aCriticalExt The critical extension OID to be added. */ |
|
163 IMPORT_C void AppendCriticalExtensionWarningL(TDesC& aCriticalExt); |
|
164 |
|
165 protected: |
|
166 IMPORT_C CPKIXValidationResultBase(); |
|
167 IMPORT_C void ConstructL(); |
|
168 |
|
169 private: |
|
170 TValidationStatus iError; |
|
171 CArrayFixFlat<TValidationStatus>* iWarnings; |
|
172 CArrayPtrFlat<CX509CertPolicyInfo>* iPolicies; |
|
173 RPointerArray<CCertificateValidationWarnings> iCertWarnings; |
|
174 }; |
|
175 |
|
176 /** Stores the information regarding the results of a validation of a PKIX |
|
177 * certificate chain. |
|
178 * |
|
179 * @publishedAll |
|
180 * @released |
|
181 * @since v6.0 */ |
|
182 class CPKIXValidationResult : public CPKIXValidationResultBase |
|
183 { |
|
184 public: |
|
185 /** Creates a new PKIX Validation Result object. |
|
186 * |
|
187 * @return The new PKIX Validation Result object. */ |
|
188 IMPORT_C static CPKIXValidationResult* NewL(); |
|
189 |
|
190 /** Creates a new PKIX Validation Result object, and puts a pointer to it onto |
|
191 * the cleanup stack. |
|
192 * |
|
193 * @return The new PKIX Validation Result object. */ |
|
194 IMPORT_C static CPKIXValidationResult* NewLC(); |
|
195 |
|
196 /** The destructor. |
|
197 * |
|
198 * Frees all resources owned by the object. */ |
|
199 IMPORT_C ~CPKIXValidationResult(); |
|
200 |
|
201 /** Gets the error status of the operation. |
|
202 * |
|
203 * Errors are considered fatal, i.e. validation has failed. |
|
204 * |
|
205 * @return The error status of the operation. */ |
|
206 IMPORT_C const TValidationStatus Error() const; |
|
207 |
|
208 /** Gets a list of warnings generated. |
|
209 * |
|
210 * The warnings may or may not be fatal, depending on the context, which the |
|
211 * client is expected to provide. |
|
212 * |
|
213 * @return An array of any warnings generated. */ |
|
214 IMPORT_C const CArrayFixFlat<TValidationStatus>& Warnings() const; |
|
215 |
|
216 /** Gets a list of all the certificate policies which have been accepted implicitly |
|
217 * in the course of validation. |
|
218 * |
|
219 * @return An array of certificate policies. */ |
|
220 IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const; |
|
221 |
|
222 /** Returns a list of critical extensions encountered and warnings generated by |
|
223 * certificates during chain validation. A CCertificateWarning object is returned for |
|
224 * each certificate in the chain, even if no critical extensions or warnings were |
|
225 * encountered. The array's data is in the same order as the certificate chain. |
|
226 * |
|
227 * @return An array of certificate warnings. Ownership is not transferred |
|
228 * to the caller. */ |
|
229 IMPORT_C const RPointerArray<CCertificateValidationWarnings>& ValidationWarnings() const; |
|
230 |
|
231 private: |
|
232 CPKIXValidationResult(); |
|
233 }; |
|
234 |
|
235 #endif |