/** Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).* All rights reserved.* This component and the accompanying materials are made available* under the terms of the License "Eclipse Public License v1.0"* which accompanies this distribution, and is available* at the URL "http://www.eclipse.org/legal/epl-v10.html".** Initial Contributors:* Nokia Corporation - initial contribution.** Contributors:** Description: * X509CERTEXT.H* X509 extensions v2* Common specific extensions:* 1) basic constraints* 2) alt name* 3) key usage* 4) name constraints* 5) policy constraints* 6) policies* 7) policy mapping* 8) authority key ID* 9) subject key ID* 10) extended key usage* 11) authority information access* critical extension* 12) inhibit-any policy **//** @file @publishedAll @released*/#if !defined (__X509CERTEXT_H__)#define __X509CERTEXT_H__#include <e32base.h>#include <e32std.h>#include <x509gn.h>#ifndef SYMBIAN_ENABLE_SPLIT_HEADERS#include <x509bitstring.h>#endifclass RReadStream;class RWriteStream;class CX509BitString;/** A list of values that defines what an X.509 key can be used for.* These values can be ANDed together if a key has several usages. * * @since v7.0 */enum TX509KeyUsage { /** A digital signature. */ EX509DigitalSignature, /** Non repudiation. */ EX509NonRepudiation, /** Key encipherment. */ EX509KeyEncipherment, /** Data encipherment. */ EX509DataEncipherment, /** Key agreement. */ EX509KeyAgreement, /** Key certificate sign. */ EX509KeyCertSign, /** CRL sign. */ EX509CRLSign, /** Encipher only. */ EX509EncipherOnly, /** Decipher only. */ EX509DecipherOnly };/** X509 Extension OIDs* * @since v9.5 *///OIDS for the extensions we define here..._LIT(KBasicConstraints,"2.5.29.19");_LIT(KSubjectAltName,"2.5.29.17");_LIT(KIssuerAltName,"2.5.29.18");_LIT(KKeyUsage,"2.5.29.15");_LIT(KNameConstraints,"2.5.29.30");_LIT(KPolicyConstraints,"2.5.29.36");_LIT(KCertPolicies,"2.5.29.32");_LIT(KPolicyMapping,"2.5.29.33");_LIT(KAuthorityKeyId,"2.5.29.35");_LIT(KSubjectKeyId,"2.5.29.14");_LIT(KExtendedKeyUsage,"2.5.29.37");_LIT(KAuthorityInfoAccess, "1.3.6.1.5.5.7.1.1");_LIT(KInhibitAnyPolicy, "2.5.29.54");// OIDs for access methods_LIT(KAccessMethodOCSP, "1.3.6.1.5.5.7.48.1");//deprecated OIDs we might still encounter_LIT(KOldBasicConstraints,"2.5.29.10");_LIT(KOldBasicConstraints2,"2.5.29.13");_LIT(KOldSubjectAltName,"2.5.29.7");_LIT(KOldIssuerAltName,"2.5.29.8");_LIT(KOldNameConstraints,"2.5.29.11");_LIT(KOldPolicyConstraints,"2.5.29.2");_LIT(KOldPolicyConstraints2,"2.5.29.34");_LIT(KOldCertPolicies,"2.5.29.3");_LIT(KOldPolicyMapping,"2.5.29.5");_LIT(KOldAuthorityKeyId,"2.5.29.1");// Define OIDs for Symbian certificate constraints._LIT(KDeviceIdListConstraint,"1.2.826.0.1.1796587.1.1.1.1");_LIT(KSidListConstraint,"1.2.826.0.1.1796587.1.1.1.4");_LIT(KVidListConstraint,"1.2.826.0.1.1796587.1.1.1.5");_LIT(KCapabilitiesConstraint,"1.2.826.0.1.1796587.1.1.1.6");//1) basic constraints...class CX509ExtensionBase : public CBase/** A certificate extension base class. * * @since v6.0 */ {protected: /** Second-phase constructor. * * @param aBinaryData The encoded binary representation. * @param aPos The position from which to start decoding. */ virtual void ConstructL(const TDesC8& aBinaryData, TInt& aPos); /** Implementation for second-phase construction. * * This is called by ConstructL(). * * @param aBinaryData The encoded binary representation. This is the same as * passed to ConstructL(). * @param aPos The position from which to start decoding. Note that the value * passed points, in effect, to the content, by passing the header data. */ virtual void DoConstructL(const TDesC8& aBinaryData, TInt& aPos) = 0; };class CX509BasicConstraintsExt : public CX509ExtensionBase/** An X.509 certificate extension that defines basic constraints.* * It indicates whether the certificate belongs to a Certificate Authority or * an end Entity. * * @since v6.0 */ {public: /** Creates a new CX509BasicConstraintsExt object from the specified * buffer containing the binary coded representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509BasicConstraintsExt object. */ IMPORT_C static CX509BasicConstraintsExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509BasicConstraintsExt object from the specified * buffer containing the binary coded representation, and puts a pointer to it * onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509BasicConstraintsExt object. */ IMPORT_C static CX509BasicConstraintsExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509BasicConstraintsExt object from the specified * buffer containing the binary coded representation, starting at the specified * offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509BasicConstraintsExt object. */ IMPORT_C static CX509BasicConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509BasicConstraintsExt object from the specified * buffer containing the binary coded representation, starting at the specified * offset, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509BasicConstraintsExt object. */ IMPORT_C static CX509BasicConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ virtual ~CX509BasicConstraintsExt(); /** Tests whether the certificate belongs to a Certificate Authority. * * @return ETrue, if the certificate belongs to a Certificate Authority; * EFalse, otherwise. */ IMPORT_C TBool IsCA() const; /** Gets the maximum number of certificates that can follow this one in the chain. * * @return The number of certificates. */ IMPORT_C TInt MaxChainLength() const;//0 if not setprivate: CX509BasicConstraintsExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); TBool iIsCA; TInt iMaxChainLen; };//2) alt nameclass CX509AltNameExt : public CX509ExtensionBase/** An X.509 certificate extension that defines an alternate name.* * It appears as an Issuer Alt Name extension or a Subject Alt Name extension * and is used to contain extra identifying information that will not fit into * a Distinguished Name.* * It consists of an array of X.509 General Names.** @since v6.0 */ {public: /** Creates a new CX509AltNameExt object from the specified * buffer containing the binary coded representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509AltNameExt object. */ IMPORT_C static CX509AltNameExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509AltNameExt object from the specified * buffer containing the binary coded representation, and puts a pointer to it * onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509AltNameExt object. */ IMPORT_C static CX509AltNameExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509AltNameExt object from the specified * buffer containing the binary coded representation, starting at the specified * offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509AltNameExt object. */ IMPORT_C static CX509AltNameExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509AltNameExt object from the specified * buffer containing the binary coded representation, starting at the specified * offset, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509AltNameExt object. */ IMPORT_C static CX509AltNameExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ virtual ~CX509AltNameExt(); /** Gets a reference to the array of general names that forms the alternate name * extension. * * @return The array of general names. */ IMPORT_C const CArrayPtrFlat<CX509GeneralName>& AltName() const; /** Checks whether the corressponding elements of two equally sized arrays of X.509 general names * match. * * @param aExt An X.509 certificate extension object that defines an alternate name. * @return TRUE if all the elements in the arrays match. */ IMPORT_C TBool Match(const CX509AltNameExt& aExt) const;private: CX509AltNameExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); CArrayPtrFlat<CX509GeneralName>* iAuthorityName; };class CX509KeyUsageExt : public CX509ExtensionBase/** An X.509 certificate extension that defines the uses to which a key may be put.* * @since v6.0 */ {public: /** Creates a new CX509KeyUsageExt object from the specified buffer * containing the binary coded representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509KeyUsageExt object. */ IMPORT_C static CX509KeyUsageExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509KeyUsageExt object from the specified buffer * containing the binary coded representation, and puts a pointer to it onto * the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509KeyUsageExt object. */ IMPORT_C static CX509KeyUsageExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509KeyUsageExt object from the specified buffer * containing the binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509KeyUsageExt object. */ IMPORT_C static CX509KeyUsageExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509KeyUsageExt object from the specified buffer * containing the binary coded representation, starting at the specified offset, * and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509KeyUsageExt object. */ IMPORT_C static CX509KeyUsageExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ virtual ~CX509KeyUsageExt(); /** Tests whether a particular usage is set in the extension. * * * @param aUsage The usage. * @return ETrue, if the specific usage is set in the extension; EFalse, otherwise. */ IMPORT_C TBool IsSet(TX509KeyUsage aUsage) const;private: CX509KeyUsageExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); CX509BitString* iData; };//4) name constraintsclass CX509GeneralSubtree : public CBase/** Provides access to the general name and the min/max lengths of the subtree. * * @since v6.0 */ {public: /** * @internalComponent * * Creates a new CX509GeneralSubtree object from the specified buffer containing * the encoded binary representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509GeneralSubtree object. **/ static CX509GeneralSubtree* NewL(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509GeneralSubtree object from the specified buffer containing * the encoded binary representation, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509GeneralSubtree object. **/ static CX509GeneralSubtree* NewLC(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509GeneralSubtree object from the specified buffer containing * the encoded binary representation. * * @param aBinaryData The encoded binary representation. * @param aPos The position from which to start decoding. * @return The new CX509GeneralSubtree object. **/ static CX509GeneralSubtree* NewL(const TDesC8& aBinaryData, TInt& aPos); /** * @internalComponent * * Creates a new CX509GeneralSubtree object from the specified buffer containing * the encoded binary representation, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The position from which to start decoding. * @return The new CX509GeneralSubtree object. **/ static CX509GeneralSubtree* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object. */ virtual ~CX509GeneralSubtree(); /** Gets the general name. * * @return The general name. */ IMPORT_C const CX509GeneralName& Name() const; /** Gets the minimum distance of the CX509GeneralSubtree object. * * @return The minimum distance of the CX509GeneralSubtree object. */ IMPORT_C TInt MinDistance() const; /** Gets the maximum distance of the CX509GeneralSubtree object. * * @return The maximum distance of the CX509GeneralSubtree object. */ IMPORT_C TInt MaxDistance() const;private: CX509GeneralSubtree(); void ConstructL(const TDesC8& aBinaryData, TInt& aPos); CX509GeneralName* iName; TInt iMaxDist; TInt iMinDist; };class CX509NameConstraintsExt : public CX509ExtensionBase/** An X.509 certificate extension that defines constraints on an entity's name.* * This extension allows Certification Authorities to restrict or prevent the issuing * of certificates to entities whose names lie within a defined name space. **/ {public: /** Creates a new CX509NameConstraintsExt object from the specified * buffer containing the binary coded representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509NameConstraintsExt object. */ IMPORT_C static CX509NameConstraintsExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509NameConstraintsExt object from the specified * buffer containing the binary coded representation, and puts a pointer to it * onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509NameConstraintsExt object. */ IMPORT_C static CX509NameConstraintsExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509NameConstraintsExt object from the specified * buffer containing the binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509NameConstraintsExt object. */ IMPORT_C static CX509NameConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509NameConstraintsExt object from the specified * buffer containing the binary coded representation, starting at the specified * offset, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509NameConstraintsExt object. */ IMPORT_C static CX509NameConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ IMPORT_C ~CX509NameConstraintsExt(); /** Gets a reference to the array of exclusion subtree names. * * No certificates after this one may contain names within the subtrees specified. * * @return The excluded subtrees. */ IMPORT_C const CArrayPtrFlat<CX509GeneralSubtree>& ExcludedSubtrees() const; /** Gets a reference to the array of permitted subtree names. * * All certificates after this one must contain names within the subtrees specified. * * @return The permitted subtrees. */ IMPORT_C const CArrayPtrFlat<CX509GeneralSubtree>& PermittedSubtrees() const;private: CX509NameConstraintsExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); void AddSubtreesL(CArrayPtrFlat<CX509GeneralSubtree>& aSubtrees, const TDesC8& aBinaryData); CArrayPtrFlat<CX509GeneralSubtree>* iExcludedSubtrees; CArrayPtrFlat<CX509GeneralSubtree>* iPermittedSubtrees; };//5) policy constraintsclass TX509PolicyConstraint/** Defines whether a policy constraint applies.* * Objects of this type are used by the X.509 certificate extension that constrains * the use of policies.* * An object of this type encapsulates two pieces of information:* @li whether a specific policy applies to subsequent certificates* @li if a specific policy applies, the number of certificates that can follow the * current one before the policy constraint applies.* * Enables a CA to constrain the use of policies in two ways: they can enforce * the appearance of explicit certificate policies in subsequent certificates, * and prevent policy mapping from being performed. **/ {public: /** * @internalComponent * * Constructs a TX509PolicyConstraint definition object with the specified requirement * and countdown values. * * @param aRequired The policy requirement. Set to ETrue, if the policy constraint * applies; set to EFalse, otherwise. * @param aCountdown The countdown value. This is the number of certificates that * can follow the current one before the constraint applies. * This only has meaning if the policy constraint applies. **/ TX509PolicyConstraint(TBool aRequired, TInt aCountdown); /** * @internalComponent * * Default constructor. * * Sets policy requirement to EFalse and iRequired to EFalse and the iCountdown * to zero. **/ TX509PolicyConstraint(); /** The policy requirement. * * This has the value ETrue, if the policy constraint applies; EFalse otherwise. */ TBool iRequired; /** The count down value. * * Defines the number of certificates that can follow the current one before * the policy constraint applies. This has no meaning if the policy constraint * does not apply. */ TInt iCountdown; };class CX509PolicyConstraintsExt : public CX509ExtensionBase/** Enables a Certification Authority to constrain the use of policies in two ways:* @li to enforce the appearance of explicit certificate policies in subsequent certificates* @li to prevent policy mapping from being performed.* * @since v6.0 */ {public: /** Creates a new CX509PolicyConstraintsExt object from the specified buffer * containing the encoded binary representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509PolicyConstraintsExt object. */ IMPORT_C static CX509PolicyConstraintsExt* NewL(const TDesC8& aBinaryData); /** Creates a new Policy constraints extension object from the specified buffer * containing the encoded binary representation, and puts a pointer to it onto * the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509PolicyConstraintsExt object. */ IMPORT_C static CX509PolicyConstraintsExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509PolicyConstraintsExt object from the specified buffer * containing the encoded binary representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509PolicyConstraintsExt object. */ IMPORT_C static CX509PolicyConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509PolicyConstraintsExt object from the specified buffer * containing the encoded binary representation, and puts a pointer to it onto * the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509PolicyConstraintsExt object. */ IMPORT_C static CX509PolicyConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ IMPORT_C ~CX509PolicyConstraintsExt(); /** Gets the explicit policy constraint. * * @return The explicit policy constraint. */ IMPORT_C TX509PolicyConstraint ExplicitPolicyRequired() const; /** Gets the inhibiting policy mapping. * * @return The inhibiting policy mapping. */ IMPORT_C TX509PolicyConstraint InhibitPolicyMapping() const;private: CX509PolicyConstraintsExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); TX509PolicyConstraint iRequirePolicy; TX509PolicyConstraint iInhibitPolicyMapping; };//6) policiesclass CX509PolicyQualifierInfo : public CBase/** Gets X.509 policy qualifier information. * * @since v6.0 */ {public: /** * @internalComponent * * Creates a new CX509PolicyQualifierInfo object from the specified * buffer containing the encoded binary representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509PolicyQualifierInfo object. **/ static CX509PolicyQualifierInfo* NewL(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509PolicyQualifierInfo object from the specified * buffer containing the encoded binary representation, and puts a pointer to * it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509PolicyQualifierInfo object. **/ static CX509PolicyQualifierInfo* NewLC(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509PolicyQualifierInfo object from the specified * buffer containing the encoded binary representation. * * @param aBinaryData The encoded binary representation. * @param aPos The position from which to start decoding. * @return The new CX509PolicyQualifierInfo object. **/ static CX509PolicyQualifierInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); /** * @internalComponent * * Creates a new CX509PolicyQualifierInfo object from the specified * buffer containing the encoded binary representation, and puts a pointer to * it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The position from which to start decoding. * @return The new CX509PolicyQualifierInfo object. **/ static CX509PolicyQualifierInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** * @internalComponent * * Creates a new CX509PolicyQualifierInfo object from an existing X.509 * Policy Qualifier Information object. * * @param aQualifierInfo The CX509PolicyQualifierInfo object to be copied. * @return The new CX509PolicyQualifierInfo object. **/ static CX509PolicyQualifierInfo* NewL(const CX509PolicyQualifierInfo& aQualifierInfo); /** * @internalComponent * * Creates a new CX509PolicyQualifierInfo object from an existing X.509 * Policy Qualifier Information object, and puts a pointer to it onto the cleanup stack. * * @param aQualifierInfo The CX509PolicyQualifierInfo object to be copied. * @return The new CX509PolicyQualifierInfo object. **/ static CX509PolicyQualifierInfo* NewLC(const CX509PolicyQualifierInfo& aQualifierInfo); /** * @internalComponent * * Creates a new CX509PolicyQualifierInfo object from a stream. * * @return The new CX509PolicyQualifierInfo object. **/ static CX509PolicyQualifierInfo* NewL(RReadStream& aStream); /** * @internalComponent * * Creates a new CX509PolicyQualifierInfo object from a stream, and puts a pointer to it onto * the cleanup stack. * * @return The new CX509PolicyQualifierInfo object. **/ static CX509PolicyQualifierInfo* NewLC(RReadStream& aStream); /** The destructor. * * Frees all resources owned by the object. */ virtual ~CX509PolicyQualifierInfo(); /** Gets the policy qualifier Id. * * @return A non-modifiable pointer descriptor representing the policy qualifier Id. */ IMPORT_C TPtrC Id() const; /** Gets the policy qualifier data. * * @return A non-modifiable pointer descriptor representing the policy qualifier data. */ IMPORT_C TPtrC8 Data() const; // Internalization/Externalization // Externalize. Writes the data out to a stream /** * @internalComponent * * Externalises an object of this class to a write stream. * * The presence of this function means that the standard templated operator<<() * can be used to externalise objects of this class. * * @param aStream Stream to which the object should be externalised. **/ void ExternalizeL(RWriteStream& aStream) const; // Internalize. Reads the data from a stream /** * @internalComponent * * Internalises an object of this class from a read stream. * * The presence of this function means that the standard templated operator>>() * can be used to internalise objects of this class. * * Note that this function has assignment semantics: it replaces the old value * of the object with a new value read from the read stream. * * @param aStream Stream from which the object should be internalised. **/ void InternalizeL(RReadStream& aStream);private: CX509PolicyQualifierInfo(); void ConstructL(const TDesC8& aBinaryData, TInt& aPos); void ConstructL(const CX509PolicyQualifierInfo& aQualifier); void ConstructL(RReadStream& aStream); HBufC* iPolicyQualifierId; HBufC8* iData; //opaque (this is another any-defined-by, so could be anything) };class CX509CertPolicyInfo : public CBase/** Defines a specific policy followed by a Certification Authority.* * The policy under which a certificate has been issued may contain a number * of these specific policies.* * @see CX509CertPoliciesExt * @since v6.0 */ {public: /** * @internalComponent * * Creates a new CX509CertPolicyInfo object from the specified buffer containing the * binary coded representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509CertPolicyInfo object. **/ static CX509CertPolicyInfo* NewL(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509CertPolicyInfo object from the specified buffer containing the * binary coded representation, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509CertPolicyInfo object. **/ static CX509CertPolicyInfo* NewLC(const TDesC8& aBinaryData); /** * @internalComponent * Creates a new CX509CertPolicyInfo object from the specified buffer containing the * binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509CertPolicyInfo object. **/ static CX509CertPolicyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); /** * @internalComponent * * Creates a new CX509CertPolicyInfo object from the specified buffer containing the * binary coded representation, starting at the specified offset, and puts a * pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509CertPolicyInfo object. **/ static CX509CertPolicyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509CertPolicyInfo object from an existing object. * * This is equivalent to a copy constructor. * * @param aPolicy The CX509CertPolicyInfo object to be copied. * @return The new CX509CertPolicyInfo object. */ IMPORT_C static CX509CertPolicyInfo* NewL(const CX509CertPolicyInfo& aPolicy); /** Creates a new CX509CertPolicyInfo object from an existing object, and puts a pointer * to it onto the cleanup stack. * * This is equivalent to a copy constructor. * * @param aPolicy The CX509CertPolicyInfo object to be copied. * @return The new CX509CertPolicyInfo object. */ IMPORT_C static CX509CertPolicyInfo* NewLC(const CX509CertPolicyInfo& aPolicy); /** Creates a new CX509CertPolicyInfo object from a stream. * * @return The new CX509CertPolicyInfo object. */ IMPORT_C static CX509CertPolicyInfo* NewL(RReadStream& aStream); /** Creates a new CX509CertPolicyInfo object from a stream, and puts a pointer to it onto * the cleanup stack. * * @return The new CX509CertPolicyInfo object. */ IMPORT_C static CX509CertPolicyInfo* NewLC(RReadStream& aStream); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ virtual ~CX509CertPolicyInfo(); /** Gets a reference to the array of policy qualifers. * * @return The array of policy qualifiers. */ IMPORT_C const CArrayPtrFlat<CX509PolicyQualifierInfo>& Qualifiers() const; /** Gets the specific policy's Object Identifier (OID). * * @return A pointer descriptor representing the specific policy's OID. */ IMPORT_C TPtrC Id() const; // Internalization/Externalization // Externalize. Writes the data out to a stream /** Externalises an object of this class to a write stream. * * The presence of this function means that the standard templated operator<<() * can be used to externalise objects of this class. * * @param aStream Stream to which the object should be externalised. */ IMPORT_C void ExternalizeL(RWriteStream& aStream) const; // Internalize. Reads the data from a stream /** Internalises an object of this class from a read stream. * * The presence of this function means that the standard templated operator>>() * can be used to internalise objects of this class. * * Note that this function has assignment semantics: it replaces the old value * of the object with a new value read from the read stream. * * @param aStream Stream from which the object should be internalised. */ IMPORT_C void InternalizeL(RReadStream& aStream);private: CX509CertPolicyInfo(); void ConstructL(const TDesC8& aBinaryData, TInt& aPos); void ConstructL(const CX509CertPolicyInfo& aInfo); void ConstructL(RReadStream& aStream); HBufC* iCertPolicyId;//OID for this policy CArrayPtrFlat<CX509PolicyQualifierInfo>* iQualifiers; };class CX509CertPoliciesExt : public CX509ExtensionBase/** The policy under which this certificate has been issued.** Contains further information on a client's signature.** @since v6.0 */ {public: /** Creates a new CX509CertPoliciesExt object from the specified buffer * containing the encoded binary representation. * * @param aBinaryData The encoded binary representation. * @return The CX509CertPoliciesExt object. */ IMPORT_C static CX509CertPoliciesExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509CertPoliciesExt object from the specified buffer * containing the encoded binary representation, and puts a pointer to it onto * the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The CX509CertPoliciesExt object. */ IMPORT_C static CX509CertPoliciesExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509CertPoliciesExt object from the specified buffer * containing the encoded binary representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The CX509CertPoliciesExt object. */ IMPORT_C static CX509CertPoliciesExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509CertPoliciesExt object from the specified buffer * containing the encoded binary representation, and puts a pointer to it onto * the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The CX509CertPoliciesExt object. */ IMPORT_C static CX509CertPoliciesExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object. */ virtual ~CX509CertPoliciesExt(); /** Gets the certificate policy extension information. * * @return The certificate policy extension information. */ IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const;private: CX509CertPoliciesExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); CArrayPtrFlat<CX509CertPolicyInfo>* iPolicies; };//7) policy mappingclass CX509PolicyMapping : public CBase/** A set of policy mappings. * * @since v6.0 */ {public: /** * @internalComponent * * Creates a new CX509PolicyMapping object from the specified buffer containing * the encoded binary representation, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. **/ static CX509PolicyMapping* NewL(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509PolicyMapping object from the specified buffer containing * the encoded binary representation, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. **/ static CX509PolicyMapping* NewLC(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509PolicyMapping object from the specified buffer containing * the encoded binary representation, starting at the specified offset, and puts * a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The position from which to start decoding. **/ static CX509PolicyMapping* NewL(const TDesC8& aBinaryData, TInt& aPos); /** * @internalComponent * * Creates a new CX509PolicyMapping object from the specified buffer containing * the encoded binary representation, starting at the specified offset, and puts * a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The position from which to start decoding. **/ static CX509PolicyMapping* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509PolicyMapping object copied from an existing one. * * @param aMapping The CX509PolicyMapping object to be copied. */ IMPORT_C static CX509PolicyMapping* NewL(const CX509PolicyMapping& aMapping); /** Creates a new CX509PolicyMapping object copied from an existing one, and * puts a pointer to the object onto the cleanup stack. * * @param aMapping The CX509PolicyMapping object to be copied. */ IMPORT_C static CX509PolicyMapping* NewLC(const CX509PolicyMapping& aMapping); /** The destructor. * * Frees all resources owned by the object. */ virtual ~CX509PolicyMapping(); /** Gets the issuer policy. * * @return The issuer policy. */ IMPORT_C TPtrC IssuerPolicy() const; /** Gets the subject policy. * * @return The subject policy. */ IMPORT_C TPtrC SubjectPolicy() const;private: CX509PolicyMapping(); void ConstructL(const TDesC8& aBinaryData, TInt& aPos); void ConstructL(const CX509PolicyMapping& aMapping); HBufC* iIssuerPolicy; HBufC* iSubjectPolicy; };class CX509PolicyMappingExt : public CX509ExtensionBase/** An X.509 certificate extension that contains a set of policy mappings.** A policy mapping allows a Certification Authority to declare that two certificate * policies are equivalent.** @since v6.0 */ {public: /** Creates a new CX509PolicyMappingExt object from the specified buffer containing * the binary coded representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509PolicyMappingExt object. */ IMPORT_C static CX509PolicyMappingExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509PolicyMappingExt object from the specified buffer containing * the binary coded representation, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509PolicyMappingExt object. */ IMPORT_C static CX509PolicyMappingExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509PolicyMappingExt object from the specified buffer containing * the binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509PolicyMappingExt object. */ IMPORT_C static CX509PolicyMappingExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509PolicyMappingExt object from the specified buffer containing * the binary coded representation, starting at the specified offset, and puts * a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509PolicyMappingExt object. */ IMPORT_C static CX509PolicyMappingExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ virtual ~CX509PolicyMappingExt(); /** Gets a reference to the array of policy mappings. * * @return The array of policy mappings. */ IMPORT_C const CArrayPtrFlat<CX509PolicyMapping>& Mappings() const;private: CX509PolicyMappingExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); CArrayPtrFlat<CX509PolicyMapping>* iPolicies; };//8) authority key IDclass CX509AuthorityKeyIdExt : public CX509ExtensionBase/** An X.509 certificate extension that provides a way to find the public key corresponding * to the private key used to sign the certificate.* * This is referred to as the authority key ID extension.* * The key may be identified by the issuer's name and the issuing certificate's * serial number, or by a key identifier value either derived from the public * key or by some method of generating unique IDs. * * @since v6.0 */ {public: /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing * the binary coded representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509AuthorityKeyIdExt object. */ IMPORT_C static CX509AuthorityKeyIdExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing * the binary coded representation, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509AuthorityKeyIdExt object. */ IMPORT_C static CX509AuthorityKeyIdExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing * the binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509AuthorityKeyIdExt object. */ IMPORT_C static CX509AuthorityKeyIdExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing * the binary coded representation, starting at the specified offset, and puts * a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509AuthorityKeyIdExt object. */ IMPORT_C static CX509AuthorityKeyIdExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ virtual ~CX509AuthorityKeyIdExt(); /** Gets the authority name. * * @return The authority name. */ IMPORT_C const CArrayPtrFlat<CX509GeneralName>& AuthorityName() const; /** Gets the authority certificate serial number. * * @return A pointer descriptor representing the authority certificate serial number. */ IMPORT_C TPtrC8 AuthorityCertSerialNumber() const; /** Gets the key identifier value. * * @return A pointer descriptor representing the key identifier value. */ IMPORT_C TPtrC8 KeyId() const;private: CX509AuthorityKeyIdExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); void DecodeNameL(const TDesC8& aBinaryData); void DecodeSerialNoL(const TDesC8& aBinaryData); void DecodeKeyIdL(const TDesC8& aBinaryData); CArrayPtrFlat<CX509GeneralName>* iAuthorityName; HBufC8* iAuthorityCertSerialNumber; HBufC8* iKeyIdentifier; };//9) subject key IDclass CX509SubjectKeyIdExt : public CX509ExtensionBase/** An X.509 certificate extension that provides a way of identifying certificates* that contain a specific public key.* * This is referred to as the subject key ID extension.* * It consists of a key identifier value either derived from the public key or* by some method of generating unique IDs.* * @since v6.0 */ {public: /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing * the binary coded representation. * * @param aBinaryData The encoded binary representation. * @return The new CX509SubjectKeyIdExt object. */ IMPORT_C static CX509SubjectKeyIdExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing * the binary coded representation, and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509SubjectKeyIdExt object. */ IMPORT_C static CX509SubjectKeyIdExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing * the binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509SubjectKeyIdExt object. */ IMPORT_C static CX509SubjectKeyIdExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing * the binary coded representation, starting at the specified offset, and puts * a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509SubjectKeyIdExt object. */ IMPORT_C static CX509SubjectKeyIdExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ IMPORT_C ~CX509SubjectKeyIdExt(); /** Gets the key ID. * * @return A pointer descriptor representing the key ID. */ IMPORT_C TPtrC8 KeyId() const;private: CX509SubjectKeyIdExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); HBufC8* iKeyIdentifier; };//10) extended key usageclass CX509ExtendedKeyUsageExt : public CX509ExtensionBase/** An X.509 certificate extension that defines the extra uses to which a key may be put.* * This is referred to as the extended key usage extension. * * @since v6.0 */ {public: /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer * containing the binary coded representation. * * @param aBinaryData The encoded binary data. * @return The new CX509ExtendedKeyUsageExt object. */ IMPORT_C static CX509ExtendedKeyUsageExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer * containing the binary coded representation, and puts a pointer to it onto * the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509ExtendedKeyUsageExt object. */ IMPORT_C static CX509ExtendedKeyUsageExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer * containing the binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509ExtendedKeyUsageExt object. */ IMPORT_C static CX509ExtendedKeyUsageExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer * containing the binary coded representation, starting at the specified offset, * and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509ExtendedKeyUsageExt object. */ IMPORT_C static CX509ExtendedKeyUsageExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. * * Frees all resources owned by the object, prior to its destruction. */ IMPORT_C ~CX509ExtendedKeyUsageExt(); /** Gets the sequence of Object Ids (OID) that identify the key usages. * * The sequence is held in a set of heap descriptors. * * @return A reference to the array of pointers to the heap descriptors that * contain the OIDs. */ IMPORT_C const CArrayPtrFlat<HBufC>& KeyUsages() const;private: CX509ExtendedKeyUsageExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); CArrayPtrFlat<HBufC>* iKeyUsages; };//11) authority information accessclass CX509AccessDescription : public CBase/** This class provides the access method OID and access location as used by X.509 private internet extensions * (authority information access). * */ {public: /** * @internalComponent * * Creates a new CX509AccessDescription object from the specified buffer * containing the binary coded representation. * * @param aBinaryData The encoded binary data. * @return The new CX509AccessDescription object. **/ static CX509AccessDescription* NewL(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509AccessDescription object from the specified buffer * containing the binary coded representation, and puts a pointer to it onto * the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509AccessDescription object. **/ static CX509AccessDescription* NewLC(const TDesC8& aBinaryData); /** * @internalComponent * * Creates a new CX509AuthInfoAccessExt object from the specified buffer * containing the binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509AuthInfoAccessExt object. **/ static CX509AccessDescription* NewL(const TDesC8& aBinaryData, TInt& aPos); /** * @internalComponent * * Creates a new CX509AccessDescription object from the specified buffer * containing the binary coded representation, starting at the specified offset, * and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509AccessDescription object. **/ static CX509AccessDescription* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. Frees all resources owned by the object, prior to its destruction. */ virtual ~CX509AccessDescription(); /** Gets the Access Method OID. * * @return A non modifiable pointer descriptor to point to the access method OID. */ IMPORT_C TPtrC Method() const; /** Gets the Access Location field which specifies the location where the additional * information of the CA can be obtained. * * @return A reference to access location . */ IMPORT_C const CX509GeneralName& Location() const;private: CX509AccessDescription(); void ConstructL(const TDesC8& aBinaryData, TInt& aPos); HBufC* iMethodId; CX509GeneralName* iLocation; };class CX509AuthInfoAccessExt : public CX509ExtensionBase/** An X.509 certificate extension that defines the authority information access. * * */ {public: /** Creates a new CX509AuthInfoAccessExt object from the specified buffer * containing the binary coded representation. * * @param aBinaryData The encoded binary data. * @return The new CX509AuthInfoAccessExt object. */ IMPORT_C static CX509AuthInfoAccessExt* NewL(const TDesC8& aBinaryData); /** Creates a new CX509AuthInfoAccessExt object from the specified buffer * containing the binary coded representation, and puts a pointer to it onto * the cleanup stack. * * @param aBinaryData The encoded binary representation. * @return The new CX509AuthInfoAccessExt object. */ IMPORT_C static CX509AuthInfoAccessExt* NewLC(const TDesC8& aBinaryData); /** Creates a new CX509AuthInfoAccessExt object from the specified buffer * containing the binary coded representation, starting at the specified offset. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509AuthInfoAccessExt object. */ IMPORT_C static CX509AuthInfoAccessExt* NewL(const TDesC8& aBinaryData, TInt& aPos); /** Creates a new CX509AuthInfoAccessExt object from the specified buffer * containing the binary coded representation, starting at the specified offset, * and puts a pointer to it onto the cleanup stack. * * @param aBinaryData The encoded binary representation. * @param aPos The offset position from which to start decoding. * @return The new CX509AuthInfoAccessExt object. */ IMPORT_C static CX509AuthInfoAccessExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); /** Destructor. Frees all resources owned by the object, prior to its destruction. */ IMPORT_C ~CX509AuthInfoAccessExt(); /** Gets the authority access description containing the method and location of additional information of CA , * who issued the certificate in which this extension appears. * * @return A reference to the array of pointers to the authority access descriptions. */ IMPORT_C const CArrayPtrFlat<CX509AccessDescription>& AccessDescriptions() const;private: CX509AuthInfoAccessExt(); void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); CArrayPtrFlat<CX509AccessDescription>* iAccessDescs; };#endif