Week 28 contribution of SDK documentation content. See release notes for details. Fixes bugs Bug 1897 and Bug 1522.
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept xml:lang="en" id="GUID-116AB921-B063-5CC2-962F-A74562F20EAE"><title>Crypto (crypto.dll)</title><prolog><metadata><keywords/></metadata></prolog><conbody><p>Crypto (<filepath>crypto.dll</filepath>) is provided for general use in certificate management: any certificate specification will use some or all of its functionality. </p> <p>Elements of a certificate which are common across different certificate formats are implemented in this DLL as a set of abstract base classes. Thus DLLs implementing a particular certificate specification such as X.509 or WTLS (i.e. <filepath>X509.dll</filepath>, <filepath>WTLSCert.dll</filepath>) are expected to link to this DLL and derive its own specific classes from these, as well as adding any classes which only exist in that specification (X.509 extensions for example). </p> <p>Classes defined here are agnostic about the particular encoding scheme used for objects so do not include any constructors for initialisation from binary data. So derived classes for a given specification will add constructors to initialise the objects from encoded binary data. </p> <p>This DLL also helps localise the interface between certificate management and the cryptographic algorithms supporting it. It is called <filepath>crypto.dll</filepath> rather than <filepath>cert.dll</filepath> because its role expands beyond certificates. </p> <p>Of the public classes defined, the following are intended for direct use by client code: </p> <ul><li id="GUID-8AFFCCD5-2135-5CEC-B4D8-EB50C5E35944"><p> <codeph>TAlgorithmId</codeph> — an enumeration of the asymmetric and digest algorithms supported. </p> </li> <li id="GUID-3FAF1E36-3060-541E-AFDA-834F68935B20"><p> <codeph>CValidityPeriod</codeph> — consists of a start time and an end time, with accessors for each. </p> </li> <li id="GUID-304C96BD-CE42-5288-A9E6-A460CAC657FB"><p> <codeph>CAlgorithmIdentifier</codeph> — includes the <codeph>TAlgorithmId</codeph> for the algorithm and the parameters in their encoded form. Also implements an equality operator. </p> </li> <li id="GUID-EE602B91-C887-5CFD-B4A9-11534E4630BD"><p> <codeph>CSigningAlgorithmIdentifier</codeph> — consists of two <codeph>CAlgorithmIdentifier</codeph> classes, one for the digest algorithm and one for the asymmetric algorithm. Also implements an equality operator. </p> </li> <li id="GUID-62E1D06D-937B-5E18-A79B-0274E0B7CEBA"><p> <codeph>CSubjectPublicKeyInfo</codeph> — consists of an algorithm identifier and the encoded key. </p> </li> <li id="GUID-7453FBB5-C4ED-5E50-AC18-6B721C092C97"><p> <codeph>CSignedObject</codeph> — this class implements a function to verify its signature given an encoded key. It also implements an <codeph>ExternalizeL</codeph> function which simply streams out the encoding of the entire object which enables the fingerprint (and the signed data) to be regenerated on restoring. Accessors are provided to return pointer descriptors to the encoding of the signed data, the encoding of the signature, the fingerprint and the signing algorithm used. The fingerprint returned is the MD5 hash of the encoding of the entire object. </p> </li> <li id="GUID-B7F751C6-3A06-5E64-AB9E-D0E01B0E61AB"><p> <codeph>CCertificate</codeph> — this is a subclass of <codeph>CSignedObject</codeph>. It adds a serial number, validity period and subject public key along with corresponding accessors. </p> </li> </ul> </conbody></concept>