diff -r 675a964f4eb5 -r 35751d3474b7 cryptoservices/certificateandkeymgmt/inc/wtlscert.h --- a/cryptoservices/certificateandkeymgmt/inc/wtlscert.h Tue Jul 21 01:04:32 2009 +0100 +++ b/cryptoservices/certificateandkeymgmt/inc/wtlscert.h Thu Sep 10 14:01:51 2009 +0300 @@ -1,333 +1,304 @@ -/* -* Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies). -* All rights reserved. -* This component and the accompanying materials are made available -* under the terms of the License "Eclipse Public License v1.0" -* which accompanies this distribution, and is available -* at the URL "http://www.eclipse.org/legal/epl-v10.html". -* -* Initial Contributors: -* Nokia Corporation - initial contribution. -* -* Contributors: -* -* Description: -* -*/ - - - - -/** - @file - @internalAll -*/ - -#ifndef __WTLSCERT_H__ -#define __WTLSCERT_H__ - -#include -#include -#include -#include -#include -#include - - -class CRSAPublicKey; -class CDSAPublicKey; -class CDSASignature; -class CDSAParameters; - -const TInt KWTLSCertMaxDataElements = 6; - -/** - * @publishedAll - * @released - */ -class CWTLSRSASignatureResult : public CRSASignatureResult - { -public: - IMPORT_C static CWTLSRSASignatureResult* NewL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); - IMPORT_C static CWTLSRSASignatureResult* NewLC(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); - IMPORT_C virtual TBool VerifyL(const TDesC8& aResult); -private: - void ConstructL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); - }; - -/** - * @publishedAll - * @released - */ -class TWTLSKeyFactory : public TKeyFactory - { -public: - virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const; - virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const; - virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const; - virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const; - virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const; - virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const; - }; - -/** - * @publishedAll - * @released - */ -class CWTLSValidityPeriod : public CValidityPeriod - { -public: - IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData); - IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData); - IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData, TInt& aPos); - IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData, TInt& aPos); -private: - CWTLSValidityPeriod(); - void ConstructL(const TDesC8& aBinaryData, TInt& aPos); - }; - -/** - * @publishedAll - * @released - */ -class CWTLSAlgorithmIdentifier : public CAlgorithmIdentifier - { -public: - IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData); - IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData); - IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos); - IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos); -private: - CWTLSAlgorithmIdentifier(); - void ConstructL(const TDesC8& aBinaryData, TInt& aPos); - }; - -/** - * @publishedAll - * @released - */ -class CWTLSSigningAlgorithmIdentifier : public CSigningAlgorithmIdentifier - { -public: - IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData); - IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData); - IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos); - IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos); -private: - CWTLSSigningAlgorithmIdentifier(); - void ConstructL(const TDesC8& aBinaryData, TInt& aPos); - }; - -/** - * @publishedAll - * @released - */ -class CWTLSSubjectPublicKeyInfo : public CSubjectPublicKeyInfo - { -public: - IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData); - IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData); - IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); - IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); -private: - CWTLSSubjectPublicKeyInfo(); - void ConstructL(const TDesC8& aBinaryData, TInt& aPos); - }; - -_LIT(KWTLSTCAType, " T"); -_LIT(KWTLSTCAValue, "ca"); - -/** - * @publishedAll - * @released - */ -class CWTLSCertificate : public CCertificate - { -public: - enum //enum values for encoded data element positions in tbsCert data structure - { //these values are to be used as params to DataElementEncoding() function - EVersionNumber = 0, - EAlgorithmId = 1, - EIssuerName = 2, - EValidityPeriod = 3, - ESubjectName = 4, - ESubjectPublicKeyInfo = 5, - }; - - /** - * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation. - * - * @param aBinaryData The encoded binary representation. - * @return The new CWTLSCertificate object. - */ - IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData); - - /** - * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation, - * and puts a pointer to it onto the cleanup stack. - * - * @param aBinaryData The encoded binary representation. - * @return The new CWTLSCertificate object. - */ - IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData); - - /** - * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation. - * - * @param aBinaryData The encoded binary representation. - * @param aPos An offset into the descriptor, and is updated to the position at the end of the object. - * @return The new CWTLSCertificate object. - */ - IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData, TInt& aPos); - - /** - * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation, - * and puts a pointer to it onto the cleanup stack. - * - * @param aBinaryData The encoded binary representation. - * @param aPos An offset into the descriptor, and is updated to the position at the end of the object. - * @return The new CWTLSCertificate object. - */ - IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData, TInt& aPos); - - /** - * Creates a new CWTLSCertificate object from a stream. - * - * The stream must have been written using the corresponding ExternalizeL() function. - * - * @param aStream The stream to be used as input. - * @return The new CWTLSCertificate object. - */ - IMPORT_C static CWTLSCertificate* NewL(RReadStream& aStream); - - /** - * Creates a new CWTLSCertificate object from a stream, - * and puts a pointer to it onto the cleanup stack. - * - * The stream must have been written using the corresponding ExternalizeL() function. - * - * @param aStream The stream to be used as input. - * @return The new CWTLSCertificate object. - */ - IMPORT_C static CWTLSCertificate* NewLC(RReadStream& aStream); - - /** - * Creates a new CWTLSCertificate object from an existing one in the certificate store. - * - * @param aCert The certificate to be copied. - * @return The new CWTLSCertificate object. - */ - IMPORT_C static CWTLSCertificate* NewL(const CWTLSCertificate& aCert); - - /** - * Creates a new CWTLSCertificate object from an existing one in the certificate store, - * and puts a pointer to it onto the cleanup stack. - * - * @param aCert The certificate to be copied. - * @return The new CWTLSCertificate object. - */ - IMPORT_C static CWTLSCertificate* NewLC(const CWTLSCertificate& aCert); - - /** - * Destructor. - * - * Frees all resources owned by the object, prior to its destruction. - */ - IMPORT_C ~CWTLSCertificate(); - - /** - * Tests whether this WTLS certificate is the same as the specified WTLS certificate. - * - * This is not a simple as it sounds. For X.509 certificates equality means that the issuer name - * and serial number fields are the same. This guarantees equality since a CA must ensure that every - * certificate it issues has a unique serial number. But WTLS certificates do not include serial numbers, - * so there seems to be no definition of equality. This function uses a byte-for-byte comparison of the - * signatures on the certificates: this should not result in any false positives, but may give false - * negatives if CAs do naughty things like recertifying the same key (which they have been known to do). - * - * @param aCert A WTLS certificate - * @return ETrue, if the parameter is the same certificate; EFalse, otherwise. - */ - IMPORT_C TBool IsEqualL(const CWTLSCertificate& aCert) const; - - //extra accessors - - /** - * Gets the version number of the WTLS certificate. - * - * @return The version number of the certificate. Always returns 1. - */ - IMPORT_C TInt Version() const; - - /** - * Gets the name of the WTLS certificate's issuing authority. - * - * @return A WTLS name: - * @li If the name is an X.500 DN, then if the name contains a Common name, that will be returned. - * Otherwise, if the name contains an Organization name, that will be returned. Otherwise an empty - * string will be returned. - * @li If the name is of type text, then if the name is not a 'structured' name the entire string will - * be returned, otherwise the same procedure will be followed as for X.509 certificates. - * @li If the name is null an empty string will be returned. - */ - // Unsupported -- If the name is a key hash or binary value the entire contents will be returned. - IMPORT_C const CWTLSName& IssuerName() const; - - /** - * Gets the name of the owner of the public key the WTLS certificate contains. - * - * @return A WTLS name. - */ - IMPORT_C const CWTLSName& SubjectName() const; - IMPORT_C virtual TBool IsSelfSignedL() const; - IMPORT_C virtual HBufC* SubjectL() const; - IMPORT_C virtual HBufC* IssuerL() const; - - /** - * Initialises the certificate from a stream. - * - * This should not be called by client code; instead the static factory function above should be used. - * If a client is using the certstore component for storage then it should use CCertStore::AddL() for - * externalizing and CWTLSCert::NewL(CCertStore& aStore, const CCertStoreEntry& aEntry); for restoring. - * - * @param aStream - */ - IMPORT_C void InternalizeL(RReadStream& aStream); - - /** - * Gets the certificate's signed data. - * - * @return A non-modifiable pointer descriptor representing the certificate's signed data. - */ - IMPORT_C const TPtrC8 SignedDataL() const; - - /** - * Gets the encoding for a data element at the specified index. - * - * @param aIndex The position of the encoded data element. - */ - IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const; - - /** - * Tests whether a non-selfsigned certificate can be used to sign others. - * - * Currently this only supports structured text variety of WTLS certificates. - * Other certificate types will return EFalse. - * - * @return ETrue, if the certificate is capable of signing other certificates; otherwise, EFalse. - */ - IMPORT_C TBool IsTCAL() const; -private: - CWTLSCertificate(); - void ConstructL(const TDesC8& aBinaryData, TInt& aPos); - void ConstructL(const CWTLSCertificate& aCertificate); - void ConstructCertL(const TDesC8& aBinaryData, TInt& aPos); - void InitEncodedDataElementsL(); - //private data - TInt iVersion; - CWTLSName* iIssuerName; - CWTLSName* iSubjectName; - TFixedArray* iDataElements; - }; - -#endif +/* +* Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* +*/ + + +/** + @file + @publishedAll + @released +*/ + +#ifndef __WTLSCERT_H__ +#define __WTLSCERT_H__ + +#include +#include +#include +#include +#include +#include + + +class CRSAPublicKey; +class CDSAPublicKey; +class CDSASignature; +class CDSAParameters; + +const TInt KWTLSCertMaxDataElements = 6; + +class CWTLSRSASignatureResult : public CRSASignatureResult + { +public: + IMPORT_C static CWTLSRSASignatureResult* NewL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); + IMPORT_C static CWTLSRSASignatureResult* NewLC(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); + IMPORT_C virtual TBool VerifyL(const TDesC8& aResult); +private: + void ConstructL(const CAlgorithmIdentifier& aDigestAlgorithm, const TDesC8& aDigest); + }; + +class TWTLSKeyFactory : public TKeyFactory + { +public: + virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const; + virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const; + virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const; + virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const; + virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const; + virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const; + }; + +class CWTLSValidityPeriod : public CValidityPeriod + { +public: + IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData); + IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData); + IMPORT_C static CWTLSValidityPeriod* NewL(const TDesC8& aBinaryData, TInt& aPos); + IMPORT_C static CWTLSValidityPeriod* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + CWTLSValidityPeriod(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + }; + +class CWTLSAlgorithmIdentifier : public CAlgorithmIdentifier + { +public: + IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData); + IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData); + IMPORT_C static CWTLSAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos); + IMPORT_C static CWTLSAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + CWTLSAlgorithmIdentifier(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + }; + +class CWTLSSigningAlgorithmIdentifier : public CSigningAlgorithmIdentifier + { +public: + IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData); + IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData); + IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewL(const TDesC8& aBinaryData, TInt& aPos); + IMPORT_C static CWTLSSigningAlgorithmIdentifier* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + CWTLSSigningAlgorithmIdentifier(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + }; + +class CWTLSSubjectPublicKeyInfo : public CSubjectPublicKeyInfo + { +public: + IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData); + IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData); + IMPORT_C static CWTLSSubjectPublicKeyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); + IMPORT_C static CWTLSSubjectPublicKeyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + CWTLSSubjectPublicKeyInfo(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + }; + +_LIT(KWTLSTCAType, " T"); +_LIT(KWTLSTCAValue, "ca"); + +class CWTLSCertificate : public CCertificate + { +public: + enum //enum values for encoded data element positions in tbsCert data structure + { //these values are to be used as params to DataElementEncoding() function + EVersionNumber = 0, + EAlgorithmId = 1, + EIssuerName = 2, + EValidityPeriod = 3, + ESubjectName = 4, + ESubjectPublicKeyInfo = 5, + }; + + /** + * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData); + + /** + * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation, + * and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData); + + /** + * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @param aPos An offset into the descriptor, and is updated to the position at the end of the object. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** + * Creates a new CWTLSCertificate object from the specified buffer containing the binary coded representation, + * and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos An offset into the descriptor, and is updated to the position at the end of the object. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** + * Creates a new CWTLSCertificate object from a stream. + * + * The stream must have been written using the corresponding ExternalizeL() function. + * + * @param aStream The stream to be used as input. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewL(RReadStream& aStream); + + /** + * Creates a new CWTLSCertificate object from a stream, + * and puts a pointer to it onto the cleanup stack. + * + * The stream must have been written using the corresponding ExternalizeL() function. + * + * @param aStream The stream to be used as input. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewLC(RReadStream& aStream); + + /** + * Creates a new CWTLSCertificate object from an existing one in the certificate store. + * + * @param aCert The certificate to be copied. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewL(const CWTLSCertificate& aCert); + + /** + * Creates a new CWTLSCertificate object from an existing one in the certificate store, + * and puts a pointer to it onto the cleanup stack. + * + * @param aCert The certificate to be copied. + * @return The new CWTLSCertificate object. + */ + IMPORT_C static CWTLSCertificate* NewLC(const CWTLSCertificate& aCert); + + /** + * Destructor. + * + * Frees all resources owned by the object, prior to its destruction. + */ + IMPORT_C ~CWTLSCertificate(); + + /** + * Tests whether this WTLS certificate is the same as the specified WTLS certificate. + * + * This is not a simple as it sounds. For X.509 certificates equality means that the issuer name + * and serial number fields are the same. This guarantees equality since a CA must ensure that every + * certificate it issues has a unique serial number. But WTLS certificates do not include serial numbers, + * so there seems to be no definition of equality. This function uses a byte-for-byte comparison of the + * signatures on the certificates: this should not result in any false positives, but may give false + * negatives if CAs do naughty things like recertifying the same key (which they have been known to do). + * + * @param aCert A WTLS certificate + * @return ETrue, if the parameter is the same certificate; EFalse, otherwise. + */ + IMPORT_C TBool IsEqualL(const CWTLSCertificate& aCert) const; + + //extra accessors + + /** + * Gets the version number of the WTLS certificate. + * + * @return The version number of the certificate. Always returns 1. + */ + IMPORT_C TInt Version() const; + + /** + * Gets the name of the WTLS certificate's issuing authority. + * + * @return A WTLS name: + * @li If the name is an X.500 DN, then if the name contains a Common name, that will be returned. + * Otherwise, if the name contains an Organization name, that will be returned. Otherwise an empty + * string will be returned. + * @li If the name is of type text, then if the name is not a 'structured' name the entire string will + * be returned, otherwise the same procedure will be followed as for X.509 certificates. + * @li If the name is null an empty string will be returned. + */ + // Unsupported -- If the name is a key hash or binary value the entire contents will be returned. + IMPORT_C const CWTLSName& IssuerName() const; + + /** + * Gets the name of the owner of the public key the WTLS certificate contains. + * + * @return A WTLS name. + */ + IMPORT_C const CWTLSName& SubjectName() const; + IMPORT_C virtual TBool IsSelfSignedL() const; + IMPORT_C virtual HBufC* SubjectL() const; + IMPORT_C virtual HBufC* IssuerL() const; + + /** + * Initialises the certificate from a stream. + * + * This should not be called by client code; instead the static factory function above should be used. + * If a client is using the certstore component for storage then it should use CCertStore::AddL() for + * externalizing and CWTLSCert::NewL(CCertStore& aStore, const CCertStoreEntry& aEntry); for restoring. + * + * @param aStream + */ + IMPORT_C void InternalizeL(RReadStream& aStream); + + /** + * Gets the certificate's signed data. + * + * @return A non-modifiable pointer descriptor representing the certificate's signed data. + */ + IMPORT_C const TPtrC8 SignedDataL() const; + + /** + * Gets the encoding for a data element at the specified index. + * + * @param aIndex The position of the encoded data element. + */ + IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const; + + /** + * Tests whether a non-selfsigned certificate can be used to sign others. + * + * Currently this only supports structured text variety of WTLS certificates. + * Other certificate types will return EFalse. + * + * @return ETrue, if the certificate is capable of signing other certificates; otherwise, EFalse. + */ + IMPORT_C TBool IsTCAL() const; +private: + CWTLSCertificate(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + void ConstructL(const CWTLSCertificate& aCertificate); + void ConstructCertL(const TDesC8& aBinaryData, TInt& aPos); + void InitEncodedDataElementsL(); + //private data + TInt iVersion; + CWTLSName* iIssuerName; + CWTLSName* iSubjectName; + TFixedArray* iDataElements; + }; + +#endif