1 /*

     2 * Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description: 

    15 *

    16 */

    17 

    18 

    19 

    20 

    21 /**

    22  @file

    23  @publishedPartner

    24  @released

    25 */

    26 #ifndef __PKCS12_MACDATA_H__

    27 #define __PKCS12_MACDATA_H__

    28 

    29 #include <e32base.h>

    30 #include <asn1dec.h>

    31 #include <hash.h>

    32 #include <pkcs12kdf.h>

    33 #include <pkcs7digestinfo.h>

    34 

    35 namespace PKCS12

    36 {

    37 /** Default Iteration Count */

    38 const TInt KDefaultIterationCount = 1;

    39 

    40 /** SHA-1 HMAC 160 bit Key length for key derivation. */

    41 const TInt KSha1HmacKeyLength = 20;

    42 

    43 /**

    44  This class decodes the MacData

    45  It has methods to return the PKCS#12 MACDATA structure.

    46  */

    47 class CDecPkcs12MacData : public CBase

    48 	{

    49 public:

    50     /**

    51 	 Creates a new PKCS#12MacData object.

    52 	  

    53 	 @param aMacData contains a PKCS#12 MacData Structure.

    54 	 @param aAuthSafeData is the ContentData present in the authSafe Sequence

    55 			of PKCS#12 PFX Structure.

    56 	 @return A pointer to the newly allocated object.

    57 	 @leave  KErrArgument if the data is not Pkcs12 macData structure.

    58 	 */

    59 	IMPORT_C static CDecPkcs12MacData* NewL(const TDesC8& aMacData, const TDesC8& aAuthSafeData);

    60 	

    61 	/**

    62 	 The DigestInfo present in the MacData.

    63 	 It has the DigestAlgorithmIdentifier, and the Digest.

    64 	 @return A reference to the CPKCS7DigestInfo object containing 

    65 			 the decoded DigestInfo

    66 	 */

    67 	IMPORT_C const CPKCS7DigestInfo& DigestInfo() const; 

    68 	

    69 	/**

    70 	 This method returns the MacSalt. 

    71 	 MacSalt is used as input to the key generation mechanism.

    72 	 @return A value indicating the MacSalt

    73 	 */

    74 	IMPORT_C const TDesC8& MacSalt() const;

    75 	

    76 	/**

    77 	 This method returns the Iteration Count. It is used in creating the key.

    78 	 @return An integer value indicating the IterationCount.

    79 	 */

    80 	IMPORT_C TInt IterationCount() const;

    81 	

    82 	/**

    83 	 This method does the Integrity Check for Password Integrity Mode 

    84      by comparing the Digest present in the MacData of the PKCS#12 Structure

    85      with the hash generated from the content field of the authenticated Safe,

    86      password, the Iteration Count and the Salt present in the MacData.

    87 	 @param aPassword contains the password to derive the key.

    88      @return Returns ETrue, if the Integrity verification passes.

    89              Returns EFalse, if the Integrity verification fails.

    90      @leave KErrNotSupported if the Pkcs7 digest algorithm is otherthan MD2, 

    91      						 MD5 and SHA-1

    92      @see   PKCS12KDF, CMessageDigest, 

    93      */

    94 	IMPORT_C TBool VerifyIntegrityL(const TDesC& aPassword) const;

    95 	

    96 	/**

    97 	 Destructor.

    98 	 */

    99 	virtual ~CDecPkcs12MacData();

   100 	

   101 private:

   102 	/**

   103      This decodes the entire MacData structure.

   104      @param aMacData contains a PKCS#12 MacData Structure.

   105      @param aAuthSafeData is the ContentData present in the authSafe Sequence

   106 			of PKCS#12 PFX Structure.

   107      @leave  KErrArgument if the data is not Pkcs12 macData structure.

   108      @see CPKCS7DigestInfo

   109      */

   110 	void ConstructL(const TDesC8& aMacData, const TDesC8& aAuthSafeData);

   111 		

   112 	/**

   113 	 Constructor.

   114 	 */

   115 	CDecPkcs12MacData();

   116 	

   117 	/**

   118 	 Copy Constructor.

   119 	 @param aDecPkcs12MacData A CDecPkcs12MacData object.

   120 	 */

   121 	CDecPkcs12MacData(const CDecPkcs12MacData& aDecPkcs12MacData);

   122 	

   123 	/**

   124 	 Assignment operator.

   125 	 @param aDecPkcs12MacData A CDecPkcs12MacData object.

   126 	 @return A reference to CDecPkcs12MacData class.

   127 	 */

   128 	CDecPkcs12MacData& operator=(const CDecPkcs12MacData& aDecPkcs12MacData);

   129 	

   130 private:

   131 	/** DigestInfo(PKCS#7 structure) present in the PKCS#12 MacData structure */

   132 	CPKCS7DigestInfo* iDigestInfo;

   133 	

   134    	/** MacSalt present in the PKCS#12 MacData structure */

   135 	TPtrC8 iMacSalt;

   136 	

   137 	/** Iteration Count present in the PKCS#12 MacData structure */

   138 	TInt   iIterationCount;

   139 	

   140 	/** authSafe sequence present in PKCS#12 PFX structure.*/

   141 	TPtrC8 iAuthSafeDataPtr;

   142 

   143 	};

   144 } // namespace PKCS12

   145 #endif // __PKCS12_MACDATA_H__