|
1 /* |
|
2 * Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 // INCLUDE FILES |
|
20 #include "CCMSX509CertificateList.h" |
|
21 #include "TCMSTimeUtil.h" |
|
22 #include "CCMSX509AlgorithmIdentifier.h" |
|
23 #include <x509cert.h> |
|
24 #include <asn1dec.h> |
|
25 #include <asn1enc.h> |
|
26 |
|
27 // CONSTANTS |
|
28 const TInt KDefaultGranularity = 1; |
|
29 const TInt KCertificateListParams = 3; |
|
30 const TInt KMinTBSCertListParams = 3; |
|
31 const TInt KMaxTBSCertListParams = 7; |
|
32 const TInt KDefaultVersion = 1; |
|
33 const TInt KMinRevokedCertParams = 2; |
|
34 const TInt KMaxRevokedCertParams = 3; |
|
35 |
|
36 // ============================ MEMBER FUNCTIONS =============================== |
|
37 |
|
38 // ----------------------------------------------------------------------------- |
|
39 // CCMSX509RevokedCertificate::CCMSX509RevokedCertificate |
|
40 // C++ default constructor can NOT contain any code, that |
|
41 // might leave. |
|
42 // ----------------------------------------------------------------------------- |
|
43 |
|
44 EXPORT_C CCMSX509RevokedCertificate::CCMSX509RevokedCertificate() |
|
45 { |
|
46 } |
|
47 |
|
48 // Destructor |
|
49 CCMSX509RevokedCertificate::~CCMSX509RevokedCertificate() |
|
50 { |
|
51 if( iExtensions ) |
|
52 { |
|
53 iExtensions->ResetAndDestroy(); |
|
54 delete iExtensions; |
|
55 } |
|
56 } |
|
57 |
|
58 // ----------------------------------------------------------------------------- |
|
59 // CCMSX509RevokedCertificate::CCMSX509RevokedCertificate |
|
60 // C++ default constructor can NOT contain any code, that |
|
61 // might leave. |
|
62 // ----------------------------------------------------------------------------- |
|
63 EXPORT_C CCMSX509CertificateListParameters::CCMSX509CertificateListParameters() |
|
64 { |
|
65 } |
|
66 |
|
67 // Destructor |
|
68 CCMSX509CertificateListParameters::~CCMSX509CertificateListParameters() |
|
69 { |
|
70 delete iIssuer; |
|
71 delete iSignatureAlgorithm; |
|
72 delete iSignature; |
|
73 if( iRevokedCertificates ) |
|
74 { |
|
75 iRevokedCertificates->ResetAndDestroy(); |
|
76 delete iRevokedCertificates; |
|
77 } |
|
78 |
|
79 if( iExtensions ) |
|
80 { |
|
81 iExtensions->ResetAndDestroy(); |
|
82 delete iExtensions; |
|
83 } |
|
84 } |
|
85 |
|
86 // ----------------------------------------------------------------------------- |
|
87 // CCMSX509CertificateList::CCMSX509CertificateList |
|
88 // C++ default constructor can NOT contain any code, that |
|
89 // might leave. |
|
90 // ----------------------------------------------------------------------------- |
|
91 // |
|
92 EXPORT_C CCMSX509CertificateList::CCMSX509CertificateList() |
|
93 { |
|
94 } |
|
95 |
|
96 // ----------------------------------------------------------------------------- |
|
97 // CCMSX509CertificateList::ConstructL |
|
98 // Symbian 2nd phase constructor can leave. |
|
99 // ----------------------------------------------------------------------------- |
|
100 // |
|
101 EXPORT_C void CCMSX509CertificateList::ConstructL() |
|
102 { |
|
103 iParams = new(ELeave) CCMSX509CertificateListParameters(); |
|
104 // version is always v2(1) |
|
105 iParams->iVersion = KDefaultVersion; |
|
106 } |
|
107 |
|
108 // ----------------------------------------------------------------------------- |
|
109 // CCMSX509CertificateList::ConstructL |
|
110 // Symbian 2nd phase constructor can leave. |
|
111 // ----------------------------------------------------------------------------- |
|
112 // |
|
113 EXPORT_C void CCMSX509CertificateList::ConstructL( |
|
114 const CX509Certificate& aSigningCertificate, |
|
115 const CArrayPtrFlat<CX509Certificate>& aRevokedCertificates ) |
|
116 { |
|
117 ConstructL(); |
|
118 |
|
119 // setting signature |
|
120 const CSigningAlgorithmIdentifier& signAlgorithm = |
|
121 aSigningCertificate.SigningAlgorithm(); |
|
122 iParams->iSignatureAlgorithm = |
|
123 CCMSX509AlgorithmIdentifier::NewL( signAlgorithm.AsymmetricAlgorithm(), |
|
124 signAlgorithm.DigestAlgorithm() ); |
|
125 |
|
126 // setting issuer |
|
127 iParams->iIssuer = |
|
128 CX500DistinguishedName::NewL( aSigningCertificate.IssuerName() ); |
|
129 |
|
130 // setting validity |
|
131 const CValidityPeriod& validity = aSigningCertificate.ValidityPeriod(); |
|
132 iParams->iThisUpdate = validity.Start(); |
|
133 iParams->iNextUpdate = validity.Finish(); |
|
134 |
|
135 |
|
136 // copying revoked certificates |
|
137 TInt revCerts = aRevokedCertificates.Count(); |
|
138 if( revCerts > 0 ) |
|
139 { |
|
140 iParams->iRevokedCertificates = |
|
141 new( ELeave )CArrayPtrFlat< CCMSX509RevokedCertificate > |
|
142 ( KDefaultGranularity ); |
|
143 for( TInt i = 0; i < revCerts; i++ ) |
|
144 { |
|
145 CX509Certificate* cert = aRevokedCertificates[ i ]; |
|
146 CCMSX509RevokedCertificate* tmpRevCer = |
|
147 new(ELeave) CCMSX509RevokedCertificate(); |
|
148 CleanupStack::PushL( tmpRevCer ); |
|
149 // convert serial from des to int |
|
150 TPtrC8 serialDes = cert->SerialNumber(); |
|
151 TInt length = serialDes.Size(); |
|
152 const TUint8* ptr = serialDes.Ptr(); |
|
153 TInt serial = ( ptr[ 0 ] & 0x80 ) ? -1 : 0; |
|
154 for( TInt j = 0; j < length; j++ ) |
|
155 { |
|
156 serial <<= 8; |
|
157 serial += *ptr++; |
|
158 } |
|
159 tmpRevCer->iUserCertificateSerialNumber = serial; |
|
160 |
|
161 const CValidityPeriod& reValidity = cert->ValidityPeriod(); |
|
162 tmpRevCer->iRevokationDate = reValidity.Start(); |
|
163 |
|
164 // copying extensions |
|
165 const CArrayPtrFlat<CX509CertExtension>& extensions = |
|
166 cert->Extensions(); |
|
167 TInt extensionCount = extensions.Count(); |
|
168 if( extensionCount > 0 ) |
|
169 { |
|
170 tmpRevCer->iExtensions = |
|
171 new(ELeave) CArrayPtrFlat<CX509CertExtension> |
|
172 ( KDefaultGranularity ); |
|
173 for( TInt j = 0; j < extensionCount; j++ ) |
|
174 { |
|
175 CX509CertExtension* ext = extensions[ j ]; |
|
176 CX509CertExtension* tmpExt = |
|
177 CX509CertExtension::NewLC( *ext ); |
|
178 tmpRevCer->iExtensions->AppendL( tmpExt ); |
|
179 CleanupStack::Pop( tmpExt ); |
|
180 } |
|
181 } |
|
182 iParams->iRevokedCertificates->AppendL( tmpRevCer ); |
|
183 CleanupStack::Pop( tmpRevCer ); |
|
184 } |
|
185 } |
|
186 // copying possible extensions |
|
187 TInt extensionCount = aSigningCertificate.Extensions().Count(); |
|
188 if( extensionCount > 0 ) |
|
189 { |
|
190 iParams->iExtensions = |
|
191 new( ELeave )CArrayPtrFlat< CX509CertExtension > |
|
192 ( KDefaultGranularity ); |
|
193 const CArrayPtrFlat< CX509CertExtension >& extensions = |
|
194 aSigningCertificate.Extensions(); |
|
195 |
|
196 for( TInt i = 0; i < extensionCount; i++ ) |
|
197 { |
|
198 CX509CertExtension* copy = CX509CertExtension::NewL( *extensions[ i ] ); |
|
199 CleanupStack::PushL( copy ); |
|
200 iParams->iExtensions->AppendL( copy ); |
|
201 CleanupStack::Pop( copy ); |
|
202 } |
|
203 } |
|
204 |
|
205 // copying signature |
|
206 iParams->iSignature = aSigningCertificate.Signature().AllocL(); |
|
207 } |
|
208 |
|
209 // ----------------------------------------------------------------------------- |
|
210 // CCMSX509CertificateList::NewLC |
|
211 // Two-phased constructor. |
|
212 // ----------------------------------------------------------------------------- |
|
213 // |
|
214 EXPORT_C CCMSX509CertificateList* CCMSX509CertificateList::NewLC() |
|
215 { |
|
216 CCMSX509CertificateList* self = new( ELeave ) CCMSX509CertificateList(); |
|
217 CleanupStack::PushL( self ); |
|
218 self->ConstructL(); |
|
219 return self; |
|
220 } |
|
221 |
|
222 // ----------------------------------------------------------------------------- |
|
223 // CCMSX509CertificateList::NewLC |
|
224 // Two-phased constructor. |
|
225 // ----------------------------------------------------------------------------- |
|
226 // |
|
227 EXPORT_C CCMSX509CertificateList* CCMSX509CertificateList::NewLC( |
|
228 const CX509Certificate& aSigningCertificate, |
|
229 const CArrayPtrFlat<CX509Certificate>& aRevokedCertificates ) |
|
230 { |
|
231 CCMSX509CertificateList* self = new( ELeave ) CCMSX509CertificateList(); |
|
232 CleanupStack::PushL( self ); |
|
233 self->ConstructL( aSigningCertificate, |
|
234 aRevokedCertificates ); |
|
235 return self; |
|
236 } |
|
237 |
|
238 // ----------------------------------------------------------------------------- |
|
239 // CCMSX509CertificateList::NewLC |
|
240 // Two-phased constructor. |
|
241 // ----------------------------------------------------------------------------- |
|
242 // |
|
243 EXPORT_C CCMSX509CertificateList* CCMSX509CertificateList::NewLC( |
|
244 CCMSX509CertificateListParameters& aParameters ) |
|
245 { |
|
246 CCMSX509CertificateList* self = new( ELeave ) CCMSX509CertificateList(); |
|
247 CleanupStack::PushL( self ); |
|
248 self->SetParametersL( aParameters ); |
|
249 return self; |
|
250 } |
|
251 |
|
252 // Destructor |
|
253 CCMSX509CertificateList::~CCMSX509CertificateList() |
|
254 { |
|
255 delete iParams; |
|
256 } |
|
257 |
|
258 // ----------------------------------------------------------------------------- |
|
259 // CCMSX509CertificateList::DecodeL |
|
260 // Decrypts raw data to this instance |
|
261 // ----------------------------------------------------------------------------- |
|
262 void CCMSX509CertificateList::DecodeL( const TDesC8& aRawData ) |
|
263 { |
|
264 CCMSX509CertificateListParameters* params = |
|
265 new(ELeave) CCMSX509CertificateListParameters(); |
|
266 CleanupStack::PushL( params ); |
|
267 |
|
268 CArrayPtr<TASN1DecGeneric>* certificateList = DecodeSequenceLC( aRawData, |
|
269 KCertificateListParams, // 3 |
|
270 KCertificateListParams ); |
|
271 |
|
272 |
|
273 // decode tbsCertList |
|
274 CArrayPtr<TASN1DecGeneric>* tbsCertList = |
|
275 DecodeSequenceLC( certificateList->At( 0 )->Encoding(), |
|
276 KMinTBSCertListParams, // 3 |
|
277 KMaxTBSCertListParams ); // 7 |
|
278 |
|
279 TInt pos = 0; |
|
280 // decode Version (optional) |
|
281 TASN1DecGeneric ver( *tbsCertList->At( pos ) ); |
|
282 if( ver.Tag() == EASN1Integer ) |
|
283 { |
|
284 TASN1DecInteger version; |
|
285 params->iVersion = version.DecodeDERShortL( ver ); |
|
286 pos++; |
|
287 } |
|
288 else |
|
289 { |
|
290 // always ver v2( 1 ) |
|
291 params->iVersion = KDefaultVersion; |
|
292 } |
|
293 |
|
294 // decode Signature algorithm |
|
295 CCMSX509AlgorithmIdentifier* signAlg = CCMSX509AlgorithmIdentifier::NewL(); |
|
296 CleanupStack::PushL( signAlg ); |
|
297 signAlg->DecodeL( tbsCertList->At( pos++ )->Encoding() ); |
|
298 params->iSignatureAlgorithm = signAlg; |
|
299 CleanupStack::Pop( signAlg ); |
|
300 |
|
301 // decode Issuer |
|
302 params->iIssuer = |
|
303 CX500DistinguishedName::NewL( tbsCertList->At( pos++ )->Encoding() ); |
|
304 |
|
305 // check that we have enough parameters for mandatory thisUpdate |
|
306 if( tbsCertList->Count() <= pos ) |
|
307 { |
|
308 User::Leave( KErrArgument ); |
|
309 } |
|
310 |
|
311 // decode thisUpdate |
|
312 params->iThisUpdate = TCMSTimeUtil::ConvertToTimeL( |
|
313 tbsCertList->At( pos++ )->Encoding() ); |
|
314 |
|
315 // decode nextUpdate (optional) |
|
316 if( ( tbsCertList->Count() > pos ) && |
|
317 ( ( tbsCertList->At( pos )->Tag() == EASN1UTCTime ) || |
|
318 ( tbsCertList->At( pos )->Tag() == EASN1GeneralizedTime ) ) ) |
|
319 { |
|
320 params->iNextUpdate = TCMSTimeUtil::ConvertToTimeL( |
|
321 tbsCertList->At( pos++ )->Encoding() ); |
|
322 } |
|
323 |
|
324 // decode revokedCerts (optional) |
|
325 if( ( tbsCertList->Count() > pos ) && |
|
326 ( tbsCertList->At( pos )->Tag() == EASN1Sequence ) ) |
|
327 { |
|
328 // if it is sequence then it must be set of revoked certificates |
|
329 CArrayPtr<TASN1DecGeneric>* revokedCerts = |
|
330 DecodeSequenceLC( tbsCertList->At( pos++ )->Encoding() ); |
|
331 TInt rCertCount = revokedCerts->Count(); |
|
332 params->iRevokedCertificates = |
|
333 new(ELeave)CArrayPtrFlat< CCMSX509RevokedCertificate > |
|
334 ( KDefaultGranularity ); |
|
335 for( TInt i = 0; i < rCertCount; i++ ) |
|
336 { |
|
337 // decode certificate |
|
338 CArrayPtr<TASN1DecGeneric>* rCert = |
|
339 DecodeSequenceLC( revokedCerts->At( i )->Encoding(), |
|
340 KMinRevokedCertParams, // 2 |
|
341 KMaxRevokedCertParams ); // 3 |
|
342 CCMSX509RevokedCertificate* tmpCert = |
|
343 new( ELeave )CCMSX509RevokedCertificate; |
|
344 CleanupStack::PushL( tmpCert ); |
|
345 |
|
346 // decode serial number |
|
347 TASN1DecInteger serial; |
|
348 tmpCert->iUserCertificateSerialNumber = |
|
349 serial.DecodeDERShortL( *rCert->At( 0 ) ); |
|
350 |
|
351 // decode revocationDate |
|
352 tmpCert->iRevokationDate = TCMSTimeUtil::ConvertToTimeL( |
|
353 rCert->At( 1 )->Encoding() ); |
|
354 |
|
355 // decode possible extensions |
|
356 if( rCert->Count() == KMaxRevokedCertParams ) |
|
357 { |
|
358 tmpCert->iExtensions = DecodeExtensionsL( rCert->At( 2 ) ); |
|
359 } |
|
360 params->iRevokedCertificates->AppendL( tmpCert ); |
|
361 |
|
362 CleanupStack::Pop( tmpCert ); |
|
363 CleanupStack::PopAndDestroy( rCert ); |
|
364 } |
|
365 CleanupStack::PopAndDestroy( revokedCerts ); |
|
366 } |
|
367 // decode extensions (optional), tagged with 0 |
|
368 if( ( tbsCertList->Count() > pos ) && |
|
369 ( tbsCertList->At( pos )->Tag() == 0 ) ) |
|
370 { |
|
371 TASN1DecGeneric extens( tbsCertList->At( pos )->GetContentDER() ); |
|
372 extens.InitL(); |
|
373 params->iExtensions = DecodeExtensionsL( &extens ); |
|
374 } |
|
375 |
|
376 CleanupStack::PopAndDestroy( tbsCertList ); |
|
377 |
|
378 // decode signature algorithm, |
|
379 // just check that it is same as |
|
380 // already set one |
|
381 signAlg = CCMSX509AlgorithmIdentifier::NewL(); |
|
382 CleanupStack::PushL( signAlg ); |
|
383 signAlg->DecodeL( certificateList->At( 1 )->Encoding() ); |
|
384 if( !( signAlg->AlgorithmIdentifier() == |
|
385 params->iSignatureAlgorithm->AlgorithmIdentifier() ) ) |
|
386 { |
|
387 User::Leave( KErrArgument ); |
|
388 } |
|
389 CleanupStack::PopAndDestroy( signAlg ); |
|
390 |
|
391 // decode signature |
|
392 TASN1DecBitString signature; |
|
393 params->iSignature = signature.ExtractOctetStringL( *certificateList->At( 2 ) ); |
|
394 CleanupStack::PopAndDestroy( certificateList ); |
|
395 |
|
396 delete iParams; |
|
397 iParams = params; |
|
398 CleanupStack::Pop( params ); |
|
399 } |
|
400 // ----------------------------------------------------------------------------- |
|
401 // CCMSX509CertificateList::DecodeExtensionsL |
|
402 // Decodes Extensions |
|
403 // ----------------------------------------------------------------------------- |
|
404 CArrayPtrFlat<CX509CertExtension>* CCMSX509CertificateList::DecodeExtensionsL( |
|
405 const TASN1DecGeneric* aExtensions ) |
|
406 { |
|
407 CArrayPtr<TASN1DecGeneric>* extens = |
|
408 DecodeSequenceLC( aExtensions->Encoding() ); |
|
409 TInt extensionCount = extens->Count(); |
|
410 CArrayPtrFlat< CX509CertExtension >* tmpExtensions = |
|
411 new(ELeave)CArrayPtrFlat< CX509CertExtension >( KDefaultGranularity ); |
|
412 CleanupStack::PushL( tmpExtensions ); |
|
413 CleanupResetAndDestroyPushL( *tmpExtensions ); |
|
414 for( TInt j = 0; j < extensionCount; j++ ) |
|
415 { |
|
416 CX509CertExtension* extension = |
|
417 CX509CertExtension::NewLC( extens->At( j )->Encoding() ); |
|
418 tmpExtensions->AppendL( extension ); |
|
419 CleanupStack::Pop( extension ); |
|
420 } |
|
421 CleanupStack::Pop( tmpExtensions ); // ResetAndDestroy |
|
422 CleanupStack::Pop( tmpExtensions ); // normal cleanup |
|
423 CleanupStack::PopAndDestroy( extens ); |
|
424 return tmpExtensions; |
|
425 } |
|
426 |
|
427 // ----------------------------------------------------------------------------- |
|
428 // CCMSX509CertificateList::EncoderLC |
|
429 // Returns ASN1 encoder for this instance |
|
430 // ----------------------------------------------------------------------------- |
|
431 |
|
432 CASN1EncBase* CCMSX509CertificateList::EncoderLC() const |
|
433 { |
|
434 CASN1EncSequence* root = CASN1EncSequence::NewLC(); |
|
435 |
|
436 // encoding tbsCertList |
|
437 CASN1EncSequence* tbsCertList = CASN1EncSequence::NewLC(); |
|
438 |
|
439 // encoding version |
|
440 CASN1EncInt* version = CASN1EncInt::NewLC( KDefaultVersion ); |
|
441 tbsCertList->AddAndPopChildL( version ); |
|
442 |
|
443 // encoding signature |
|
444 HBufC8* signDes; |
|
445 iParams->iSignatureAlgorithm->EncodeL( signDes ); |
|
446 CleanupStack::PushL( signDes ); |
|
447 CASN1EncEncoding* signatureEnc = |
|
448 CASN1EncEncoding::NewLC( *signDes ); |
|
449 tbsCertList->AddAndPopChildL( signatureEnc ); |
|
450 CleanupStack::PopAndDestroy( signDes ); |
|
451 |
|
452 // encoding issuer |
|
453 CASN1EncSequence* issuer = iParams->iIssuer->EncodeASN1LC(); |
|
454 tbsCertList->AddAndPopChildL( issuer ); |
|
455 |
|
456 // encoding thisUpdate |
|
457 CASN1EncBase* thisUpdate = |
|
458 TCMSTimeUtil::ConvertToEncoderLC( iParams->iThisUpdate ); |
|
459 tbsCertList->AddAndPopChildL( thisUpdate ); |
|
460 |
|
461 // encoding nextUpdate |
|
462 CASN1EncBase* nextUpdate = |
|
463 TCMSTimeUtil::ConvertToEncoderLC( iParams->iNextUpdate ); |
|
464 tbsCertList->AddAndPopChildL( nextUpdate ); |
|
465 |
|
466 // encoding possible revokedCerts |
|
467 if( iParams->iRevokedCertificates && |
|
468 iParams->iRevokedCertificates->Count() ) |
|
469 { |
|
470 CASN1EncSequence* revokedCerts = CASN1EncSequence::NewLC(); |
|
471 TInt numOfRevokedCerts = iParams->iRevokedCertificates->Count(); |
|
472 |
|
473 for( TInt i = 0; i < numOfRevokedCerts; i++ ) |
|
474 { |
|
475 // encoding certificate |
|
476 CASN1EncSequence* revokedCertificate = CASN1EncSequence::NewLC(); |
|
477 |
|
478 CCMSX509RevokedCertificate* cert = iParams->iRevokedCertificates->At( i ); |
|
479 // encoding serial number |
|
480 CASN1EncInt* serialEnc = |
|
481 CASN1EncInt::NewLC( cert->iUserCertificateSerialNumber ); |
|
482 revokedCertificate->AddAndPopChildL( serialEnc ); |
|
483 |
|
484 // encoding revocationDate |
|
485 CASN1EncBase* revocationDate = |
|
486 TCMSTimeUtil::ConvertToEncoderLC( cert->iRevokationDate ); |
|
487 revokedCertificate->AddAndPopChildL( revocationDate ); |
|
488 |
|
489 // encoding possible extensions |
|
490 CASN1EncSequence* extensions = EncodeExtensionsLC( cert->iExtensions ); |
|
491 if( extensions ) |
|
492 { |
|
493 revokedCertificate->AddAndPopChildL( extensions ); |
|
494 } |
|
495 revokedCerts->AddAndPopChildL( revokedCertificate ); |
|
496 } |
|
497 tbsCertList->AddAndPopChildL( revokedCerts ); |
|
498 } |
|
499 |
|
500 // encoding possible extensions |
|
501 CASN1EncSequence* ext = EncodeExtensionsLC( iParams->iExtensions ); |
|
502 if( ext ) |
|
503 { |
|
504 CleanupStack::Pop( ext ); |
|
505 // this will take ownership of the extensions |
|
506 // tagging extensions with value 0 |
|
507 CASN1EncExplicitTag* explExt = |
|
508 CASN1EncExplicitTag::NewLC( ext, 0 ); |
|
509 tbsCertList->AddAndPopChildL( explExt ); |
|
510 } |
|
511 |
|
512 root->AddAndPopChildL( tbsCertList ); |
|
513 |
|
514 // encoding signatureValue |
|
515 iParams->iSignatureAlgorithm->EncodeL( signDes ); |
|
516 CleanupStack::PushL( signDes ); |
|
517 signatureEnc = |
|
518 CASN1EncEncoding::NewLC( *signDes ); |
|
519 root->AddAndPopChildL( signatureEnc ); |
|
520 CleanupStack::PopAndDestroy( signDes ); |
|
521 |
|
522 // encoding signature |
|
523 CASN1EncBitString* signatureBitString = |
|
524 CASN1EncBitString::NewLC( *iParams->iSignature ); |
|
525 root->AddAndPopChildL( signatureBitString ); |
|
526 |
|
527 return root; |
|
528 } |
|
529 |
|
530 // ----------------------------------------------------------------------------- |
|
531 // CCMSX509CertificateList::EncodeExtensionsLC |
|
532 // Encodes Extensions |
|
533 // ----------------------------------------------------------------------------- |
|
534 CASN1EncSequence* CCMSX509CertificateList::EncodeExtensionsLC( |
|
535 const CArrayPtrFlat<CX509CertExtension>* aExtensions ) const |
|
536 { |
|
537 CASN1EncSequence* extensionsEnc = NULL; |
|
538 if( aExtensions && |
|
539 ( aExtensions->Count() > 0 ) ) |
|
540 { |
|
541 TInt extensionCount = aExtensions->Count(); |
|
542 extensionsEnc = CASN1EncSequence::NewLC(); |
|
543 for( TInt i = 0; i < extensionCount; i++ ) |
|
544 { |
|
545 CASN1EncSequence* extEnc = CASN1EncSequence::NewLC(); |
|
546 CX509CertExtension* extension = aExtensions->At( i ); |
|
547 // encoding id |
|
548 CASN1EncObjectIdentifier* id = |
|
549 CASN1EncObjectIdentifier::NewLC( extension->Id() ); |
|
550 extEnc->AddAndPopChildL( id ); |
|
551 |
|
552 // encoding possible critical flag |
|
553 if( extension->Critical() ) |
|
554 { |
|
555 CASN1EncBoolean* critical = |
|
556 CASN1EncBoolean::NewLC( ETrue ); |
|
557 extEnc->AddAndPopChildL( critical ); |
|
558 } |
|
559 // encoding data, have to decode it before encoding it again |
|
560 // because CASN1EncEncoding changes TagType to Constructed |
|
561 TASN1DecOctetString dataDec; |
|
562 TInt pos = 0; |
|
563 HBufC8* data = dataDec.DecodeDERL( extension->Data(), pos ); |
|
564 CleanupStack::PushL( data ); |
|
565 CASN1EncOctetString* dataEnc = |
|
566 CASN1EncOctetString::NewLC( *data ); |
|
567 extEnc->AddAndPopChildL( dataEnc ); |
|
568 CleanupStack::PopAndDestroy( data ); |
|
569 |
|
570 extensionsEnc->AddAndPopChildL( extEnc ); |
|
571 } |
|
572 } |
|
573 return extensionsEnc; |
|
574 } |
|
575 |
|
576 // ----------------------------------------------------------------------------- |
|
577 // CCMSX509CertificateList::Parameters |
|
578 // Getter for Signing Certificate |
|
579 // ----------------------------------------------------------------------------- |
|
580 EXPORT_C const CCMSX509CertificateListParameters& |
|
581 CCMSX509CertificateList::Parameters() const |
|
582 { |
|
583 return *iParams; |
|
584 } |
|
585 |
|
586 // ----------------------------------------------------------------------------- |
|
587 // CCMSX509CertificateList::SetParametersL |
|
588 // Setter for signing certificate, takes ownership |
|
589 // ----------------------------------------------------------------------------- |
|
590 EXPORT_C void CCMSX509CertificateList::SetParametersL( |
|
591 CCMSX509CertificateListParameters& aParameters ) |
|
592 { |
|
593 // some sanity checks |
|
594 if( !aParameters.iIssuer || |
|
595 !aParameters.iSignature || |
|
596 !aParameters.iSignatureAlgorithm || |
|
597 ( aParameters.iVersion != KDefaultVersion ) ) |
|
598 { |
|
599 User::Leave( KErrArgument ); |
|
600 } |
|
601 delete iParams; |
|
602 iParams = &aParameters; |
|
603 } |
|
604 |
|
605 // End of File |