|
1 /** |
|
2 |
|
3 <hr> |
|
4 |
|
5 @page crypto_DLL_overview Crypto.dll overview |
|
6 |
|
7 The Crypto component (\c crypto.dll) is provided for general use in certificate management: any certificate specification |
|
8 will use some or all of its functionality. |
|
9 |
|
10 Elements of a @ref certificate which are common across different certificate formats are implemented in this DLL as a set |
|
11 of abstract base classes. Thus DLLs implementing a particular certificate specification such as @ref X509 "X.509" or @ref WTLS |
|
12 (i.e. \c X509.dll, \c WTLSCert.dll) are expected to link to this DLL and derive its own specific classes from these, as |
|
13 well as adding any classes that only exist in that specification (X.509 extensions for example). |
|
14 |
|
15 Classes defined here are agnostic about the particular encoding scheme used for objects so do not include any constructors |
|
16 for initialisation from binary data. So derived classes for a given specification will add constructors to initialise the |
|
17 objects from encoded binary data. |
|
18 |
|
19 This DLL also helps localise the interface between certificate management and the cryptographic algorithms supporting |
|
20 it. It is called \c crypto.dll rather than \c cert.dll because its role expands beyond certificates. |
|
21 |
|
22 Public classes are defined in the header file \c signed.h. Of the classes defined there, the following are intended for direct |
|
23 use by client code: |
|
24 |
|
25 @li \c TAlgorithmId -- an enumeration of the @ref asymmetric and digest algorithms supported. |
|
26 |
|
27 @li \c CValidityPeriod -- consists of a start time and an end time, with accessors for each. |
|
28 |
|
29 @li \c CAlgorithmIdentifier -- includes the \c TAlgorithmId for the algorithm and the parameters in their encoded form. Also |
|
30 implements an equality operator. |
|
31 |
|
32 @li \c CSigningAlgorithmIdentifier -- consists of two \c CAlgorithmIdentifier classes, one for the digest algorithm and one for |
|
33 the @ref asymmetric algorithm. Also implements an equality operator. |
|
34 |
|
35 @li \c CSubjectPublicKeyInfo -- consists of an algorithm identifier and the encoded key. |
|
36 |
|
37 @li \c CSignedObject -- this class implements a function to verify its signature given an encoded key. It also implements an |
|
38 \c ExternalizeL() function which simply streams out the encoding of the entire object which enables the fingerprint (and |
|
39 the signed data) to be regenerated on restoring. Accessors are provided to return pointer descriptors to the encoding |
|
40 of the signed data, the encoding of the signature, the fingerprint and the signing algorithm used. The fingerprint |
|
41 returned is the @ref MD5 @ref hash of the encoding of the entire object. |
|
42 |
|
43 @li \c CCertificate -- this is a subclass of \c CSignedObject. It adds a serial number, validity period and subject public key |
|
44 along with corresponding accessors. |
|
45 |
|
46 |
|
47 |
|
48 */ |