cryptoservices/certificateandkeymgmt/inc/signed.h
changeset 0 2c201484c85f
child 8 35751d3474b7
equal deleted inserted replaced
-1:000000000000 0:2c201484c85f
       
     1 /*
       
     2 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
       
     3 * All rights reserved.
       
     4 * This component and the accompanying materials are made available
       
     5 * under the terms of the License "Eclipse Public License v1.0"
       
     6 * which accompanies this distribution, and is available
       
     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
       
     8 *
       
     9 * Initial Contributors:
       
    10 * Nokia Corporation - initial contribution.
       
    11 *
       
    12 * Contributors:
       
    13 *
       
    14 * Description: 
       
    15 *
       
    16 */
       
    17 
       
    18 
       
    19 
       
    20 
       
    21 /**
       
    22  @file 
       
    23  @internalAll
       
    24 */
       
    25  
       
    26 #ifndef __SIGNED_H__
       
    27 #define __SIGNED_H__
       
    28 
       
    29 #include <e32base.h>
       
    30 #include <e32std.h>
       
    31 #include <s32std.h>
       
    32 #include <securitydefs.h>
       
    33 
       
    34 class CRSAPublicKey;
       
    35 class CDSAPublicKey;
       
    36 class CDSASignature;
       
    37 class CDSAParameters;
       
    38 
       
    39 /**  Enumerates the identity of the algorithm.
       
    40  *
       
    41  * @publishedAll
       
    42  * @released
       
    43  */
       
    44 enum TAlgorithmId
       
    45 	{
       
    46 	/** An RSA algorithm. */
       
    47 	ERSA,
       
    48 	/** A DSA algorithm. */
       
    49 	EDSA,
       
    50 	/** A DH algorithm. */
       
    51 	EDH,
       
    52 	/** A MD2 algorithm. */
       
    53 	EMD2,
       
    54 	/** A MD5 algorithm. */
       
    55 	EMD5,
       
    56 	/** A SHA-1 algorithm. */
       
    57 	ESHA1
       
    58 	};
       
    59 
       
    60 class CValidityPeriod : public CBase
       
    61 /** The period for which the certificate is valid. 
       
    62 * 
       
    63 * @publishedAll
       
    64 * @released
       
    65 * @since v6.0 */
       
    66 	{
       
    67 public:
       
    68 	/** Tests whether the specified date and time is within the validity period.
       
    69 	* 
       
    70 	* @param aTime	The date and time to be tested.
       
    71 	* @return 		ETrue, if the date and time is within the validity period;
       
    72 	* 				EFalse, otherwise. */
       
    73 	IMPORT_C TBool Valid(const TTime& aTime) const;
       
    74 
       
    75 	/** Gets the start of the validity period.
       
    76 	* 
       
    77 	* @return	The start date and time. */
       
    78 	IMPORT_C const TTime& Start() const;
       
    79 
       
    80 	/** Gets the end of the validity period.
       
    81 	* 
       
    82 	* @return	The end date and time. */
       
    83 	IMPORT_C const TTime& Finish() const;
       
    84 
       
    85 	/** Copy constructor.
       
    86 	* 
       
    87 	* @param aValidityPeriod	The validity period object to be copied. */
       
    88 	IMPORT_C CValidityPeriod(const CValidityPeriod& aValidityPeriod);
       
    89 
       
    90 protected:
       
    91 	/** Default constructor. */
       
    92 	IMPORT_C CValidityPeriod();
       
    93 
       
    94 	/** The start time of the validity period. */
       
    95 	TTime iStart;
       
    96 
       
    97 	/** The end time of the validity period. */
       
    98 	TTime iFinish;
       
    99 	};
       
   100 
       
   101 class CAlgorithmIdentifier : public CBase
       
   102 /** Contains an algorithm ID and any encoded parameters required by that algorithm.
       
   103 * 
       
   104 * An object of this type creates and owns a heap descriptor to contain the encoded 
       
   105 * parameters. 
       
   106 * 
       
   107 * @publishedAll
       
   108 * @released
       
   109 * @since v6.0 */
       
   110 	{
       
   111 public:
       
   112 	/** Creates a new algorithm ID object copied from an existing object.	
       
   113 	* 
       
   114 	* @param aAlgorithmIdentifier	The algorithm ID object to be copied. 
       
   115 	* @return 						A pointer to the new algorithm ID object. */
       
   116 	IMPORT_C static CAlgorithmIdentifier* NewL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
       
   117 
       
   118 	/** Creates a new algorithm ID object copied from an existing object, and puts 
       
   119 	* a pointer to the new object onto the cleanup stack.
       
   120 	* 
       
   121 	* @param aAlgorithmIdentifier	The algorithm ID object to be copied. 
       
   122 	* @return 						A pointer to the new algorithm ID object. */
       
   123 	IMPORT_C static CAlgorithmIdentifier* NewLC(const CAlgorithmIdentifier& aAlgorithmIdentifier);
       
   124 
       
   125 	/** Creates a new algorithm ID object.
       
   126 	* 
       
   127 	* @param aAlgorithmId	The algorithm ID.
       
   128 	* @param aEncodedParams	The encoded parameters.
       
   129 	* @return 				A pointer to the new algorithm ID object. */
       
   130 	IMPORT_C static CAlgorithmIdentifier* NewL(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
       
   131 
       
   132 	/** Creates a new algorithm ID object, and puts a pointer to the new object onto 
       
   133 	* the cleanup stack.
       
   134 	* 
       
   135 	* @param aAlgorithmId	The algorithm ID.
       
   136 	* @param aEncodedParams	The encoded parameters.
       
   137 	* @return 				A pointer to the new algorithm ID object. */
       
   138 	IMPORT_C static CAlgorithmIdentifier* NewLC(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
       
   139 	
       
   140 	/** Tests whether this algorithm identifier object is equal to the specified algorithm 
       
   141 	* identifier object. 
       
   142 	* 
       
   143 	* @param aAlgorithmIdentifier	The algorithm identifier object to be compared.
       
   144 	* @return 						ETrue, if this algorithm identifier object is equal to the specified 
       
   145 	* 								algorithm identifier object; EFalse otherwise. */
       
   146 	IMPORT_C TBool operator == (const CAlgorithmIdentifier& aAlgorithmIdentifier) const;
       
   147 	
       
   148 	/** Gets the algorithm identifier.
       
   149 	* 
       
   150 	* @return	The algorithm identifier. */
       
   151 	IMPORT_C TAlgorithmId Algorithm() const;	//ID for the algorithm
       
   152 	
       
   153 	/** Gets the encoded parameters for the algorithm identifier.
       
   154 	* 
       
   155 	* Note that this object owns the heap descriptor that owns the encoded parameters.
       
   156 	* 
       
   157 	* @return 	The encoded parameters. */
       
   158 	IMPORT_C TPtrC8 EncodedParams() const;				//the encoded parameters
       
   159 	
       
   160 	/** Destructor.
       
   161 	*
       
   162 	* Frees all resources owned by the object. */
       
   163 	IMPORT_C ~CAlgorithmIdentifier();
       
   164 
       
   165 protected:
       
   166 	/** Default constructor. */
       
   167 	IMPORT_C CAlgorithmIdentifier();
       
   168 
       
   169 	/** Constructor taking the specified parameters.
       
   170 	* 
       
   171 	* @param aAlgorithmId	The algorithm ID. */
       
   172 	IMPORT_C CAlgorithmIdentifier(TAlgorithmId& aAlgorithmId);
       
   173 	
       
   174 	/** Second-phase constructor taking an existing algorithm identifier object.
       
   175 	* 
       
   176 	* @param aAlgorithmIdentifier	The algorithm identifier object. */
       
   177 	IMPORT_C virtual void ConstructL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
       
   178 	
       
   179 	/** Second-phase constructor taking encoded parameters.
       
   180 	* 
       
   181 	* @param aEncodedParams	The encoded parameters. */
       
   182 	IMPORT_C virtual void ConstructL(const TDesC8& aEncodedParams);
       
   183 	
       
   184 	/** The algorithm ID. */
       
   185 	TAlgorithmId iAlgorithmId;
       
   186 	
       
   187 	/** The encoded parameters for the algorithm ID. */
       
   188 	HBufC8* iEncodedParams;
       
   189 	};
       
   190 
       
   191 class CSigningAlgorithmIdentifier : public CBase
       
   192 /** Contains two CAlgorithmIdentifier objects for comparison purposes.
       
   193 * 
       
   194 * Implements an equality operator. 
       
   195 * 
       
   196 * @publishedAll
       
   197 * @released
       
   198 * @since v6.0 */
       
   199 	{
       
   200 public:
       
   201 	/** Constructs a new Signing Algorithm Identifier object, copying an existing Signing 
       
   202 	* Algorithm Identifier object.
       
   203 	* 
       
   204 	* @param aSigningAlgorithmIdentifier	The Signing Algorithm Identifier object.
       
   205 	* @return								The new Signing Algorithm Identifier object. */
       
   206 	IMPORT_C static CSigningAlgorithmIdentifier* NewL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
       
   207 	
       
   208 	/** Constructs a new Signing Algorithm Identifier object, copying an existing Signing 
       
   209 	* Algorithm Identifier object, and puts a pointer to it onto the cleanup stack.
       
   210 	* 
       
   211 	* @param aSigningAlgorithmIdentifier	The Signing Algorithm Identifier object.
       
   212 	* @return 								The new Signing Algorithm Identifier object. */
       
   213 	IMPORT_C static CSigningAlgorithmIdentifier* NewLC(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
       
   214 	
       
   215 	/** Tests whether the Signing Algorithm Identifier object is equal to the specified 
       
   216 	* Signing Algorithm Identifier object.
       
   217 	* 
       
   218 	* @param aSigningAlgorithmIdentifier  The Signing Algorithm Identifier object to be compared.
       
   219 	* @return 							  ETrue, if this object's Signing Algorithm Identifier value 
       
   220 	* 									  is equal to the specified Signing Algorithm Identifier 
       
   221 	*									  object's value; EFalse, otherwise. */
       
   222 	IMPORT_C TBool operator == (const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier) const;
       
   223 	
       
   224 	/** Gets the signature ID of the asymmetric algorithm.
       
   225 	* 
       
   226 	* @return	The signature ID of the asymmetric algorithm. */
       
   227 	IMPORT_C const CAlgorithmIdentifier& AsymmetricAlgorithm() const;
       
   228 	
       
   229 	/** Gets the signature ID of the digest algorithm.
       
   230 	* 
       
   231 	* @return	The signature ID of the digest algorithm. */
       
   232 	IMPORT_C const CAlgorithmIdentifier& DigestAlgorithm() const;
       
   233 	
       
   234 	/** Destructor.
       
   235 	* 
       
   236 	* Frees all resources owned by the object, prior to its destruction. */
       
   237 	IMPORT_C ~CSigningAlgorithmIdentifier();
       
   238 
       
   239 protected:
       
   240 	/** Second-phase constructor.
       
   241 	 * @internalAll
       
   242 	 */
       
   243 	void ConstructL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
       
   244 	
       
   245 	/** The signature ID of the asymmetric algorithm. */
       
   246 	CAlgorithmIdentifier* iAsymmetricAlgorithm;
       
   247 
       
   248 	/** The signature ID of the digest algorithm. */
       
   249 	CAlgorithmIdentifier* iDigestAlgorithm;
       
   250 	};
       
   251 
       
   252 class CSubjectPublicKeyInfo : public CBase
       
   253 /** A base class for a container that holds information about a subject public key.
       
   254 * 
       
   255 * It contains the algorithm ID, the encoded public key and the encoded parameters. 
       
   256 * 
       
   257 * @publishedAll
       
   258 * @released
       
   259 * @since v6.0 
       
   260 */
       
   261 //algorithm ID + encoded public key + encoded parameters
       
   262 	{
       
   263 public:
       
   264 	/** Creates a new subject public key object copied from an existing object.	
       
   265 	* 
       
   266 	* @param aSubjectPublicKeyInfo 	The subject public key object to be copied.
       
   267 	* @return 						A pointer to the new public key object. */
       
   268 	IMPORT_C static CSubjectPublicKeyInfo* NewL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
       
   269 	
       
   270 	/** Creates a new subject public key object copied from an existing object and 
       
   271 	* puts a pointer to the new object onto the cleanup stack.	
       
   272 	* 
       
   273 	* @param aSubjectPublicKeyInfo 	The subject public key object to be copied.
       
   274 	* @return 						A pointer to the new public key object. */
       
   275 	IMPORT_C static CSubjectPublicKeyInfo* NewLC(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
       
   276 	
       
   277 	/** Gets the algorithm ID.
       
   278 	* 
       
   279 	* @return	The algorithm ID. */
       
   280 	IMPORT_C TAlgorithmId AlgorithmId() const;
       
   281 	
       
   282 	/** Gets the encoded parameters required by the algorithm.	
       
   283 	* 
       
   284 	* @return	A non-modifiable pointer descriptor representing the encoded parameters. */
       
   285 	IMPORT_C const TPtrC8 EncodedParams() const;
       
   286 	
       
   287 	/** Gets the encoded public key data.
       
   288 	* 
       
   289 	* @return 	A non-modifiable pointer descriptor representing the encoded public 
       
   290 	* 			key data. */
       
   291 	IMPORT_C const TPtrC8 KeyData() const;
       
   292 	
       
   293 	/** Destructor.
       
   294 	*
       
   295 	* Frees all resources owned by the object. */
       
   296 	IMPORT_C ~CSubjectPublicKeyInfo();
       
   297 protected:
       
   298 	/** Second-phase constructor.
       
   299 	* 
       
   300 	* @param aSubjectPublicKeyInfo	The subject public key object to be copied. */
       
   301 	IMPORT_C virtual void ConstructL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
       
   302 	
       
   303 	/** The algorithm ID. */
       
   304 	CAlgorithmIdentifier* iAlgId;
       
   305 	
       
   306 	/** A heap descriptor representing the encoded key data. */
       
   307 	HBufC8* iEncodedKeyData;
       
   308 	};
       
   309 
       
   310 class CRSASignatureResult : public CBase
       
   311 /** The RSA public key algorithm signature result.
       
   312 * 
       
   313 * Derived classes:
       
   314 * @li CWTLSRSASignatureResult
       
   315 * @li CPKCS1SignatureResult.
       
   316 *
       
   317 * @see TKeyFactory::RSASignatureResultL()
       
   318 *
       
   319 * @publishedAll
       
   320 * @released
       
   321 * @since v6.0 */
       
   322 	{
       
   323 public:
       
   324 	/** Tests whether the signature result is valid.
       
   325 	* 
       
   326 	* @param aResult	The signature result.
       
   327 	* @return			ETrue if the signature result is valid, otherwise EFalse. */
       
   328 	IMPORT_C virtual TBool VerifyL(const TDesC8& aResult) = 0;
       
   329 	
       
   330 	/** Destructor.
       
   331 	*
       
   332 	* Frees all resources owned by the object. */
       
   333 	IMPORT_C ~CRSASignatureResult();
       
   334 protected:
       
   335 	/** Compares this RSA Signature Result object with the specified RSA Signature 
       
   336 	* Result object for equality.
       
   337 	*
       
   338 	* @param aResult 	The RSA Signature Result object to be compared.
       
   339 	* @return 			ETrue, if they are the same; EFalse, otherwise. */
       
   340 	IMPORT_C TBool operator == (const CRSASignatureResult& aResult) const;
       
   341 	
       
   342 	/** The digest algorithm ID. */
       
   343 	CAlgorithmIdentifier* iDigestAlgorithm;
       
   344 	
       
   345 	/** A heap descriptor representing the digest algorithm. */
       
   346 	HBufC8* iDigest;
       
   347 	};
       
   348 
       
   349 //signed object
       
   350 class TKeyFactory
       
   351 /** Constructs the public key objects used for signature verification from their 
       
   352 * encoded binary form. 
       
   353 * 
       
   354 * @publishedAll
       
   355 * @released
       
   356 * @since v6.0 */
       
   357 	{
       
   358 public:
       
   359 	/** Gets the RSA public key.
       
   360 	* 
       
   361 	* @param aEncoding 	A non-modifiable descriptor representing the entire encoding.
       
   362 	* @return 			The RSA Public key. */
       
   363 	virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const = 0;
       
   364 	
       
   365 	/** Gets the RSA signature result.
       
   366 	* 
       
   367 	* @param aDigestAlgorithm 	The algorithm ID.
       
   368 	* @param aDigest 			A non-modifiable descriptor representing the digest algorithm.
       
   369 	* @return 					The RSA signature result. */
       
   370 	virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const = 0;
       
   371 	
       
   372 	/** Gets the DSA public key.
       
   373 	* 
       
   374 	* @param aParams 	The DSA parameters
       
   375 	* @param aEncoding 	A non-modifiable descriptor representing the entire encoding.
       
   376 	* @return 			The DSA public key. */
       
   377 	virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const = 0;
       
   378 	
       
   379 	/** Gets the digital DSA signature given an encoding key.
       
   380 	* 
       
   381 	* @param aEncoding 	A non-modifiable descriptor representing the entire encoding.
       
   382 	* @return 			The DSA signature. */
       
   383 	virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const = 0;
       
   384 	
       
   385 	/** Gets the DSA parameters.
       
   386 	* 
       
   387 	* @param aEncoding 	A non-modifiable descriptor representing the entire encoding.
       
   388 	* @return 			The DSA parameters. */
       
   389 	virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const = 0;
       
   390 	//	New function for TKeyFactory API
       
   391 	virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const = 0;
       
   392 	};
       
   393 
       
   394 class CSigningKeyParameters : public CBase
       
   395 /** Contains the parameter information required by some signing algorithms.
       
   396 * 
       
   397 * The DSA signing algorithm needs parameters as well as a key. Currently, this 
       
   398 * class only contains DSA parameters. 
       
   399 * 
       
   400 * @publishedAll
       
   401 * @released
       
   402 * @since v6.0 */
       
   403 	{
       
   404 public:
       
   405 	/** Creates a new signing key parameters object.
       
   406 	* 
       
   407 	* @return	A pointer to the new signing key parameters object. */
       
   408 	IMPORT_C static CSigningKeyParameters* NewL();
       
   409 	
       
   410 	/** Creates a new signing key parameters object and puts a pointer to the new object 
       
   411 	* onto the cleanup stack.
       
   412 	* 
       
   413 	* @return	A pointer to the new signing key parameters object. */
       
   414 	IMPORT_C static CSigningKeyParameters* NewLC();
       
   415 	
       
   416 	/** Creates a new signing key parameters object copied from an existing object.
       
   417 	* 
       
   418 	* @param aParameters 	The signing key parameters object to be copied.
       
   419 	* @return 				A pointer to the new parameters object. */
       
   420 	IMPORT_C static CSigningKeyParameters* NewL(const CSigningKeyParameters& aParameters);
       
   421 	
       
   422 	/** Creates a new signing key parameters object copied from an existing object 
       
   423 	* and puts a pointer to the new object onto the cleanup stack.
       
   424 	* 
       
   425 	* @param aParameters  The signing key parameters object to be copied.
       
   426 	* @return 			  A pointer to the new signing key parameters object. */
       
   427 	IMPORT_C static CSigningKeyParameters* NewLC(const CSigningKeyParameters& aParameters);
       
   428 	
       
   429 	/** Destructor.
       
   430 	* 
       
   431 	* Frees all resources owned by the object. */
       
   432 	IMPORT_C ~CSigningKeyParameters();
       
   433 	
       
   434 	/** Sets the DSA parameters.
       
   435 	* 
       
   436 	* @param aParams	The DSA parameters. */
       
   437 	IMPORT_C void SetDSAParamsL(const CDSAParameters& aParams);
       
   438 	
       
   439 	/** Gets the DSA parameters.
       
   440 	* 
       
   441 	* @return	The DSA parameters. 
       
   442 	* @internalAll
       
   443 	*/
       
   444 	const CDSAParameters* DSAParams() const;
       
   445 private:
       
   446 	CSigningKeyParameters();
       
   447 	void ConstructL(const CSigningKeyParameters& aParameters);
       
   448 	CDSAParameters* iDSAParams;
       
   449 	};
       
   450 
       
   451 
       
   452 class CSignedObject : public CBase
       
   453 /** Base class for certificates. 
       
   454 * 
       
   455 * @publishedAll
       
   456 * @released
       
   457 * @since v6.0 */
       
   458 	{
       
   459 public:	
       
   460 	/** Verifies a signature using the specified encoded key.
       
   461 	* 
       
   462 	* @param aEncodedKey 	The encoded key. 
       
   463 	* @return 				ETrue if the signature is valid, otherwise EFalse. */
       
   464 	IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey) const;
       
   465 	
       
   466 	/** Verifies a signature using the specified encoded key and hash.
       
   467 	* 
       
   468 	* @param aEncodedKey 	The encoded key. 
       
   469 	* @param aHash			The hash of the data to be validated.
       
   470 	* @return 				ETrue if the signature is valid, otherwise EFalse. */
       
   471 	IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;	
       
   472 	
       
   473 	/** Gets the digital signature.
       
   474 	* 
       
   475 	* @return	A non-modifiable pointer descriptor representing the digital signature. */
       
   476 	IMPORT_C const TPtrC8 Signature() const;
       
   477 	
       
   478 	/** Gets the signed data.
       
   479 	* 
       
   480 	* @return	A non-modifiable pointer descriptor representing the signed data. */
       
   481 	IMPORT_C virtual const TPtrC8 SignedDataL() const = 0;
       
   482 	
       
   483 	/** Gets the fingerprint.
       
   484 	* 
       
   485 	* The fingerprint returned is the SHA1 hash of the encoding of the entire object.
       
   486 	* 
       
   487 	* @return	A non-modifiable pointer descriptor representing the finger print. */
       
   488 	IMPORT_C const TPtrC8 Fingerprint() const;
       
   489 	
       
   490 	/** Gets the entire encoding.
       
   491 	* 
       
   492 	* @return	A non-modifiable pointer descriptor representing the entire encoding. */
       
   493 	IMPORT_C const TPtrC8 Encoding() const;
       
   494 	
       
   495 	/** Gets the signing algorithm ID used.
       
   496 	* 
       
   497 	* @return	The signing algorithm ID. */
       
   498 	IMPORT_C const CSigningAlgorithmIdentifier& SigningAlgorithm() const;
       
   499 	
       
   500 	/** Externalises the encoding of the entire object to a write stream.
       
   501 	* 
       
   502 	* The fingerprint and the signed data can be regenerated after restoration.
       
   503 	* 
       
   504 	* The presence of this function means that the standard templated operator<<() 
       
   505 	* can be used to externalise objects of this class.
       
   506 	* 
       
   507 	* @param aStream	Stream to which the object should be externalised. */
       
   508 	IMPORT_C virtual void ExternalizeL(RWriteStream& aStream) const;
       
   509 	
       
   510 	/** Internalises the encoded object from a read stream.
       
   511 	
       
   512 	* The class makes use of a specification-specific parser class for extracting 
       
   513 	* the various elements, that is provided by a subclass of CSignedObject. For 
       
   514 	* this reason this function is pure virtual.
       
   515 	* 
       
   516 	* The presence of this function means that the standard templated operator>>() 
       
   517 	* can be used to internalise objects of this class.
       
   518 	* 
       
   519 	* @param aStream	Stream from which the contents of the field should be internalised. */
       
   520 	IMPORT_C virtual void InternalizeL(RReadStream& aStream) = 0;
       
   521 	
       
   522 	/** Sets the signing key parameters.
       
   523 	* 
       
   524 	* @param aParameters	The signing key parameters. */
       
   525 	IMPORT_C void SetParametersL(const CSigningKeyParameters& aParameters);
       
   526 	
       
   527 	/** Gets the encoded data for the specified encoded data element, in the (to be 
       
   528 	* signed) tbsCertificate data structure, of the signed object.
       
   529 	* 
       
   530 	* @param aIndex	The encoded data element position in the tbsCertificate data 
       
   531 	* 				structure. See the enumeration: CX509Certificate::Anonymous.
       
   532 	* @return 		The encoded data for the specified data element of the signed object. */
       
   533 	IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const = 0;
       
   534 	
       
   535 	/** Destructor.
       
   536 	* 
       
   537 	* Frees all resources owned by the object. */
       
   538 	IMPORT_C ~CSignedObject();
       
   539 
       
   540 protected:
       
   541 	/** Verifies a RSA signature using the specified encoded key.
       
   542 	* 
       
   543 	* @param aEncodedKey 	The encoded key. 
       
   544 	* @return 				ETrue if the signature is valid, otherwise EFalse. 
       
   545 	* @internalAll
       
   546 	*/
       
   547 	TBool VerifyRSASignatureL(const TDesC8& aEncodedKey) const;
       
   548 	
       
   549 	/** @internalAll */	
       
   550 	TBool VerifyRSASignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
       
   551 	
       
   552 	/** A pointer to a key factory object. */
       
   553 	TKeyFactory* iKeyFactory;
       
   554 	
       
   555 	/** A heap descriptor representing the entire encoding. */
       
   556 	HBufC8* iEncoding;
       
   557 	
       
   558 	/** The digital signature. */
       
   559 	HBufC8* iSignature;
       
   560 	
       
   561 	/** The fingerprint.
       
   562 	* 
       
   563 	* The SHA1 hash of the encoding of the entire object. */
       
   564 	HBufC8* iFingerprint;
       
   565 	
       
   566 	/** The signing key parameters */
       
   567 	CSigningKeyParameters* iParameters;
       
   568 	
       
   569 	/** The signing algorithm ID. */
       
   570 	CSigningAlgorithmIdentifier* iSigningAlgorithm;
       
   571 	};
       
   572 
       
   573 class CCertificate : public CSignedObject
       
   574 /** A data structure that binds a public key to a given individual.
       
   575 * 
       
   576 * A certificate is a signed object, and adds a serial number, a validity period 
       
   577 * and a subject public key.
       
   578 * 
       
   579 * This is a base class for classes that implement certificates of particular types. 
       
   580 * 
       
   581 * @publishedAll
       
   582 * @released
       
   583 * @since v6.0 */
       
   584 	{
       
   585 public:
       
   586 	/** Destructor.
       
   587 	* 
       
   588 	* Frees all resources owned by the object. */
       
   589 	IMPORT_C ~CCertificate();
       
   590 	
       
   591 	/** Gets the subject public key information.
       
   592 	* 
       
   593 	* @return	The subject public key information. */
       
   594 	IMPORT_C const CSubjectPublicKeyInfo& PublicKey() const;
       
   595 	
       
   596 	/** Gets the serial number.
       
   597 	* 
       
   598 	* @return	A non-modifiable pointer descriptor representing the serial number. */
       
   599 	IMPORT_C const TPtrC8 SerialNumber() const;
       
   600 	
       
   601 	/** Gets the validity period.
       
   602 	* 
       
   603 	* @return	The validity period. */
       
   604 	IMPORT_C const CValidityPeriod& ValidityPeriod() const;
       
   605 	
       
   606 	/** Tests whether a certificate is self-signed.
       
   607 	* 
       
   608 	* @return	ETrue, if it is self-signed; EFalse, otherwise. */
       
   609 	IMPORT_C virtual TBool IsSelfSignedL() const = 0;
       
   610 	
       
   611 	/** Gets the subject.
       
   612 	* 
       
   613 	* @return	A heap descriptor representing the subject. */
       
   614 	IMPORT_C virtual HBufC* SubjectL() const = 0;
       
   615 	
       
   616 	/** Gets the issuer.
       
   617 	* 
       
   618 	* @return	A heap descriptor representing the issuer. */
       
   619 	IMPORT_C virtual HBufC* IssuerL() const = 0;
       
   620 	
       
   621 	/** Gets the key identifier.
       
   622 	* 
       
   623 	* @return	The key identifier. */
       
   624 	IMPORT_C virtual TKeyIdentifier KeyIdentifierL() const;
       
   625 
       
   626 protected:
       
   627 	/** The serial number. */
       
   628 	HBufC8* iSerialNumber;
       
   629 
       
   630 	/** The validity period. */
       
   631 	CValidityPeriod* iValidityPeriod;
       
   632 
       
   633 	/** The subject public key information. */
       
   634 	CSubjectPublicKeyInfo* iSubjectPublicKeyInfo;
       
   635 	};
       
   636 
       
   637 #endif