Mercurial Mercurial > oss > FCL > sf > os > security / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
cryptoservices/certificateandkeymgmt/inc/wtlscert.h
changeset 0 2c201484c85f
child 8 35751d3474b7 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/cryptoservices/certificateandkeymgmt/inc/wtlscert.h	Wed Jul 08 11:25:26 2009 +0100
@@ -0,0 +1,333 @@
+/*
+* Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: 
+*
+*/
+
+
+
+
+/**
+ @file 
+ @internalAll 
+*/
+
+#ifndef __WTLSCERT_H__
+#define __WTLSCERT_H__
+
+#include <e32base.h>
+#include <e32std.h>
+#include <s32std.h>
+#include <signed.h>
+#include <unifiedcertstore.h>
+#include <wtlsnames.h>
+
+
+class CRSAPublicKey;
+class CDSAPublicKey;
+class CDSASignature;
+class CDSAParameters;
+
+const TInt KWTLSCertMaxDataElements = 6;
+
+/**
+ * @publishedAll
+ * @released
+ */
+class CWTLSRSASignatureResult : public CRSASignatureResult
+	{
+public:
+	IMPORT_C static CWTLSRSASignatureResult* NewL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
+	IMPORT_C static CWTLSRSASignatureResult* NewLC(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
+	IMPORT_C virtual TBool VerifyL(const TDesC8& aResult);
+private:
+	void ConstructL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest);
+	};
+
+/**
+ * @publishedAll
+ * @released
+ */
+class TWTLSKeyFactory : public TKeyFactory
+	{
+public:
+	virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const;
+	virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const;
+	virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const;
+	virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const;
+	virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const;
+	virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const;
+	};
+
+/**
+ * @publishedAll
+ * @released
+ */
+class CWTLSValidityPeriod : public CValidityPeriod
+	{
+public:
+	IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData);
+	IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData);
+	IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData, TInt& aPos);
+	IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+private:
+	CWTLSValidityPeriod();
+	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+	};
+
+/**
+ * @publishedAll
+ * @released
+ */
+class CWTLSAlgorithmIdentifier : public CAlgorithmIdentifier
+	{
+public:
+	IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData);
+	IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData);
+	IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos);
+	IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+private:
+	CWTLSAlgorithmIdentifier();
+	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+	};
+
+/**
+ * @publishedAll
+ * @released
+ */
+class CWTLSSigningAlgorithmIdentifier : public CSigningAlgorithmIdentifier
+	{
+public:
+	IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData);
+	IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData);
+	IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos);
+	IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+private:
+	CWTLSSigningAlgorithmIdentifier();
+	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+	};
+
+/**
+ * @publishedAll
+ * @released
+ */
+class CWTLSSubjectPublicKeyInfo : public CSubjectPublicKeyInfo
+	{
+public:
+	IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData);
+	IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData);
+	IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos);
+	IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+private:
+	CWTLSSubjectPublicKeyInfo();
+	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+	};
+
+_LIT(KWTLSTCAType, " T");
+_LIT(KWTLSTCAValue, "ca");
+
+/**
+ * @publishedAll
+ * @released
+ */
+class CWTLSCertificate : public CCertificate
+	{
+public:
+	enum	//enum values for encoded data element positions in tbsCert data structure
+		{	//these values are to be used as params to DataElementEncoding() function
+		EVersionNumber = 0,
+		EAlgorithmId = 1,
+		EIssuerName = 2,
+		EValidityPeriod = 3,
+		ESubjectName = 4,
+		ESubjectPublicKeyInfo = 5,
+		};
+		
+	/**
+	 * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation.
+	 *
+	 * @param aBinaryData	The encoded binary representation.
+	 * @return				The new CWTLSCertificate object.
+	 */	
+	IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData);
+
+	/**
+	 * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation,
+	 * and puts a pointer to it onto the cleanup stack.
+	 *
+	 * @param aBinaryData	The encoded binary representation.
+	 * @return				The new CWTLSCertificate object.
+	 */	
+	IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData);
+
+	/**
+	 * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation.
+	 *
+	 * @param aBinaryData	The encoded binary representation.
+	 * @param aPos			An offset into the descriptor, and is updated to the position at the end of the object.
+	 * @return				The new CWTLSCertificate object.
+	 */	
+	IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData, TInt& aPos);
+
+	/**
+	 * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation,
+	 * and puts a pointer to it onto the cleanup stack.
+	 *
+	 * @param aBinaryData	The encoded binary representation.
+	 * @param aPos			An offset into the descriptor, and is updated to the position at the end of the object.
+	 * @return				The new CWTLSCertificate object.
+	 */	
+	IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+
+	/**
+	 * Creates a new CWTLSCertificate object from a stream.
+	 *
+	 * The stream must have been written using the corresponding ExternalizeL() function.
+	 *
+	 * @param aStream	The stream to be used as input.
+	 * @return			The new CWTLSCertificate object.
+	 */	
+	IMPORT_C static CWTLSCertificate* NewL(RReadStream& aStream);
+
+	/**
+	 * Creates a new CWTLSCertificate object from a stream,
+	 * and puts a pointer to it onto the cleanup stack.
+	 *
+	 * The stream must have been written using the corresponding ExternalizeL() function.
+	 *
+	 * @param aStream	The stream to be used as input.
+	 * @return			The new CWTLSCertificate object.
+	 */	
+	IMPORT_C static CWTLSCertificate* NewLC(RReadStream& aStream);
+
+	/**
+	 * Creates a new CWTLSCertificate object from an existing one in the certificate store.
+	 *
+	 * @param aCert	The certificate to be copied.
+	 * @return		The new CWTLSCertificate object.
+	 */	
+	IMPORT_C static CWTLSCertificate* NewL(const CWTLSCertificate& aCert);
+
+	/**
+	 * Creates a new CWTLSCertificate object from an existing one in the certificate store,
+	 * and puts a pointer to it onto the cleanup stack.
+	 *
+	 * @param aCert	The certificate to be copied.
+	 * @return		The new CWTLSCertificate object.
+	 */	
+	IMPORT_C static CWTLSCertificate* NewLC(const CWTLSCertificate& aCert);
+
+	/**
+	 * Destructor.
+	 *
+	 * Frees all resources owned by the object, prior to its destruction.
+	 */
+	IMPORT_C ~CWTLSCertificate();
+	
+	/**
+	* Tests whether this WTLS certificate is the same as the specified WTLS certificate.
+	*
+	* This is not a simple as it sounds. For X.509 certificates equality means that the issuer name 
+	* and serial number fields are the same. This guarantees equality since a CA must ensure that every 
+	* certificate it issues has a unique serial number. But WTLS certificates do not include serial numbers, 
+	* so there seems to be no definition of equality. This function uses a byte-for-byte comparison of the 
+	* signatures on the certificates: this should not result in any false positives, but may give false 
+	* negatives if CAs do naughty things like recertifying the same key (which they have been known to do).
+	*
+	* @param aCert	A WTLS certificate
+	* @return		ETrue, if the parameter is the same certificate; EFalse, otherwise.
+	*/
+	IMPORT_C TBool IsEqualL(const CWTLSCertificate& aCert) const;
+	
+	//extra accessors
+	
+	/**
+	 * Gets the version number of the WTLS certificate.
+	 *
+	 * @return	The version number of the certificate. Always returns 1.
+	 */
+	IMPORT_C TInt Version() const;
+	
+	/**
+	 * Gets the name of the WTLS certificate's issuing authority.
+	 *
+	 * @return	A WTLS name:
+	 *			@li	If the name is an X.500 DN, then if the name contains a Common name, that will be returned. 
+	 * 				Otherwise, if the name contains an Organization name, that will be returned. Otherwise an empty 
+	 * 				string will be returned. 
+	 *			@li	If the name is of type text, then if the name is not a 'structured' name the entire string will 
+	 *				be returned, otherwise the same procedure will be followed as for X.509 certificates.
+	 * 			@li	If the name is null an empty string will be returned. 
+	 */
+	 // Unsupported -- If the name is a key hash or binary value the entire contents will be returned.
+	IMPORT_C const CWTLSName& IssuerName() const;
+	
+	/**
+	* Gets the name of the owner of the public key the WTLS certificate contains.
+	*
+	* @return A WTLS name.
+	*/
+	IMPORT_C const CWTLSName& SubjectName() const;
+	IMPORT_C virtual TBool IsSelfSignedL() const;
+	IMPORT_C virtual HBufC* SubjectL() const;
+	IMPORT_C virtual HBufC* IssuerL() const;
+	
+	/**
+	* Initialises the certificate from a stream. 
+	*
+	* This should not be called by client code; instead the static factory function above should be used. 
+	* If a client is using the certstore component for storage then it should use CCertStore::AddL() for 
+	* externalizing and CWTLSCert::NewL(CCertStore& aStore, const CCertStoreEntry& aEntry); for restoring.
+	*
+	* @param aStream 
+	*/
+	IMPORT_C void InternalizeL(RReadStream& aStream);
+	
+	/**
+	* Gets the certificate's signed data.
+	*
+	* @return	A non-modifiable pointer descriptor representing the certificate's signed data.
+	*/
+	IMPORT_C const TPtrC8 SignedDataL() const;
+	
+	/**
+	* Gets the encoding for a data element at the specified index.
+	*
+	* @param aIndex	The position of the encoded data element.
+	*/
+	IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const;
+	
+	/**
+	* Tests whether a non-selfsigned certificate can be used to sign others.
+	* 
+	* Currently this only supports structured text variety of WTLS certificates.  
+	* Other certificate types will return EFalse.
+	*
+	* @return	ETrue, if the certificate is capable of signing other certificates; otherwise, EFalse. 
+	*/
+	IMPORT_C TBool IsTCAL() const;
+private:
+	CWTLSCertificate();
+	void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+	void ConstructL(const CWTLSCertificate& aCertificate);
+	void ConstructCertL(const TDesC8& aBinaryData, TInt& aPos);
+	void InitEncodedDataElementsL();
+	//private data
+	TInt iVersion;
+	CWTLSName* iIssuerName;
+	CWTLSName* iSubjectName;
+	TFixedArray<TPtrC8*, KWTLSCertMaxDataElements>* iDataElements;
+	};
+
+#endif
FCL/sf/os/security