|
1 /* |
|
2 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * X509CERTEXT.H |
|
16 * X509 extensions v2 |
|
17 * Common specific extensions: |
|
18 * 1) basic constraints |
|
19 * 2) alt name |
|
20 * 3) key usage |
|
21 * 4) name constraints |
|
22 * 5) policy constraints |
|
23 * 6) policies |
|
24 * 7) policy mapping |
|
25 * 8) authority key ID |
|
26 * 9) subject key ID |
|
27 * 10) extended key usage |
|
28 * 11) authority information access |
|
29 * critical extension |
|
30 * 12) inhibit-any policy |
|
31 * |
|
32 */ |
|
33 |
|
34 |
|
35 |
|
36 |
|
37 /** |
|
38 @file |
|
39 @internalAll |
|
40 @released |
|
41 */ |
|
42 |
|
43 #if !defined (__X509CERTEXT_H__) |
|
44 #define __X509CERTEXT_H__ |
|
45 |
|
46 #include <e32base.h> |
|
47 #include <e32std.h> |
|
48 #include <x509gn.h> |
|
49 |
|
50 |
|
51 class RReadStream; |
|
52 class RWriteStream; |
|
53 |
|
54 /** X509 Extension OIDs |
|
55 * |
|
56 * @publishedAll |
|
57 * @released |
|
58 * @since v9.5 */ |
|
59 |
|
60 //OIDS for the extensions we define here... |
|
61 _LIT(KBasicConstraints,"2.5.29.19"); |
|
62 _LIT(KSubjectAltName,"2.5.29.17"); |
|
63 _LIT(KIssuerAltName,"2.5.29.18"); |
|
64 _LIT(KKeyUsage,"2.5.29.15"); |
|
65 _LIT(KNameConstraints,"2.5.29.30"); |
|
66 _LIT(KPolicyConstraints,"2.5.29.36"); |
|
67 _LIT(KCertPolicies,"2.5.29.32"); |
|
68 _LIT(KPolicyMapping,"2.5.29.33"); |
|
69 _LIT(KAuthorityKeyId,"2.5.29.35"); |
|
70 _LIT(KSubjectKeyId,"2.5.29.14"); |
|
71 _LIT(KExtendedKeyUsage,"2.5.29.37"); |
|
72 _LIT(KAuthorityInfoAccess, "1.3.6.1.5.5.7.1.1"); |
|
73 _LIT(KInhibitAnyPolicy, "2.5.29.54"); |
|
74 |
|
75 // OIDs for access methods |
|
76 _LIT(KAccessMethodOCSP, "1.3.6.1.5.5.7.48.1"); |
|
77 |
|
78 //deprecated OIDs we might still encounter |
|
79 _LIT(KOldBasicConstraints,"2.5.29.10"); |
|
80 _LIT(KOldBasicConstraints2,"2.5.29.13"); |
|
81 _LIT(KOldSubjectAltName,"2.5.29.7"); |
|
82 _LIT(KOldIssuerAltName,"2.5.29.8"); |
|
83 _LIT(KOldNameConstraints,"2.5.29.11"); |
|
84 _LIT(KOldPolicyConstraints,"2.5.29.2"); |
|
85 _LIT(KOldPolicyConstraints2,"2.5.29.34"); |
|
86 _LIT(KOldCertPolicies,"2.5.29.3"); |
|
87 _LIT(KOldPolicyMapping,"2.5.29.5"); |
|
88 _LIT(KOldAuthorityKeyId,"2.5.29.1"); |
|
89 |
|
90 // Define OIDs for Symbian certificate constraints. |
|
91 _LIT(KDeviceIdListConstraint,"1.2.826.0.1.1796587.1.1.1.1"); |
|
92 _LIT(KSidListConstraint,"1.2.826.0.1.1796587.1.1.1.4"); |
|
93 _LIT(KVidListConstraint,"1.2.826.0.1.1796587.1.1.1.5"); |
|
94 _LIT(KCapabilitiesConstraint,"1.2.826.0.1.1796587.1.1.1.6"); |
|
95 |
|
96 //1) basic constraints... |
|
97 |
|
98 class CX509ExtensionBase : public CBase |
|
99 /** A certificate extension base class. |
|
100 * |
|
101 * @publishedAll |
|
102 * @released |
|
103 * @since v6.0 */ |
|
104 { |
|
105 protected: |
|
106 /** Second-phase constructor. |
|
107 * |
|
108 * @param aBinaryData The encoded binary representation. |
|
109 * @param aPos The position from which to start decoding. */ |
|
110 virtual void ConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
111 |
|
112 /** Implementation for second-phase construction. |
|
113 * |
|
114 * This is called by ConstructL(). |
|
115 * |
|
116 * @param aBinaryData The encoded binary representation. This is the same as |
|
117 * passed to ConstructL(). |
|
118 * @param aPos The position from which to start decoding. Note that the value |
|
119 * passed points, in effect, to the content, by passing the header data. */ |
|
120 virtual void DoConstructL(const TDesC8& aBinaryData, TInt& aPos) = 0; |
|
121 }; |
|
122 |
|
123 class CX509BasicConstraintsExt : public CX509ExtensionBase |
|
124 /** An X.509 certificate extension that defines basic constraints. |
|
125 * |
|
126 * It indicates whether the certificate belongs to a Certificate Authority or |
|
127 * an end Entity. |
|
128 * |
|
129 * @publishedAll |
|
130 * @released |
|
131 * @since v6.0 */ |
|
132 { |
|
133 public: |
|
134 /** Creates a new CX509BasicConstraintsExt object from the specified |
|
135 * buffer containing the binary coded representation. |
|
136 * |
|
137 * @param aBinaryData The encoded binary representation. |
|
138 * @return The new CX509BasicConstraintsExt object. */ |
|
139 IMPORT_C static CX509BasicConstraintsExt* NewL(const TDesC8& aBinaryData); |
|
140 |
|
141 /** Creates a new CX509BasicConstraintsExt object from the specified |
|
142 * buffer containing the binary coded representation, and puts a pointer to it |
|
143 * onto the cleanup stack. |
|
144 * |
|
145 * @param aBinaryData The encoded binary representation. |
|
146 * @return The new CX509BasicConstraintsExt object. */ |
|
147 IMPORT_C static CX509BasicConstraintsExt* NewLC(const TDesC8& aBinaryData); |
|
148 |
|
149 /** Creates a new CX509BasicConstraintsExt object from the specified |
|
150 * buffer containing the binary coded representation, starting at the specified |
|
151 * offset. |
|
152 * |
|
153 * @param aBinaryData The encoded binary representation. |
|
154 * @param aPos The offset position from which to start decoding. |
|
155 * @return The new CX509BasicConstraintsExt object. */ |
|
156 IMPORT_C static CX509BasicConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
157 |
|
158 /** Creates a new CX509BasicConstraintsExt object from the specified |
|
159 * buffer containing the binary coded representation, starting at the specified |
|
160 * offset, and puts a pointer to it onto the cleanup stack. |
|
161 * |
|
162 * @param aBinaryData The encoded binary representation. |
|
163 * @param aPos The offset position from which to start decoding. |
|
164 * @return The new CX509BasicConstraintsExt object. */ |
|
165 IMPORT_C static CX509BasicConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
166 |
|
167 /** Destructor. |
|
168 * |
|
169 * Frees all resources owned by the object, prior to its destruction. */ |
|
170 virtual ~CX509BasicConstraintsExt(); |
|
171 |
|
172 /** Tests whether the certificate belongs to a Certificate Authority. |
|
173 * |
|
174 * @return ETrue, if the certificate belongs to a Certificate Authority; |
|
175 * EFalse, otherwise. */ |
|
176 IMPORT_C TBool IsCA() const; |
|
177 |
|
178 /** Gets the maximum number of certificates that can follow this one in the chain. |
|
179 * |
|
180 * @return The number of certificates. */ |
|
181 IMPORT_C TInt MaxChainLength() const;//0 if not set |
|
182 private: |
|
183 CX509BasicConstraintsExt(); |
|
184 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
185 TBool iIsCA; |
|
186 TInt iMaxChainLen; |
|
187 }; |
|
188 |
|
189 //2) alt name |
|
190 |
|
191 class CX509AltNameExt : public CX509ExtensionBase |
|
192 /** An X.509 certificate extension that defines an alternate name. |
|
193 * |
|
194 * It appears as an Issuer Alt Name extension or a Subject Alt Name extension |
|
195 * and is used to contain extra identifying information that will not fit into |
|
196 * a Distinguished Name. |
|
197 * |
|
198 * It consists of an array of X.509 General Names. |
|
199 * |
|
200 * @publishedAll |
|
201 * @released |
|
202 * @since v6.0 */ |
|
203 { |
|
204 public: |
|
205 /** Creates a new CX509AltNameExt object from the specified |
|
206 * buffer containing the binary coded representation. |
|
207 * |
|
208 * @param aBinaryData The encoded binary representation. |
|
209 * @return The new CX509AltNameExt object. */ |
|
210 IMPORT_C static CX509AltNameExt* NewL(const TDesC8& aBinaryData); |
|
211 |
|
212 /** Creates a new CX509AltNameExt object from the specified |
|
213 * buffer containing the binary coded representation, and puts a pointer to it |
|
214 * onto the cleanup stack. |
|
215 * |
|
216 * @param aBinaryData The encoded binary representation. |
|
217 * @return The new CX509AltNameExt object. */ |
|
218 IMPORT_C static CX509AltNameExt* NewLC(const TDesC8& aBinaryData); |
|
219 |
|
220 /** Creates a new CX509AltNameExt object from the specified |
|
221 * buffer containing the binary coded representation, starting at the specified |
|
222 * offset. |
|
223 * |
|
224 * @param aBinaryData The encoded binary representation. |
|
225 * @param aPos The offset position from which to start decoding. |
|
226 * @return The new CX509AltNameExt object. */ |
|
227 IMPORT_C static CX509AltNameExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
228 |
|
229 /** Creates a new CX509AltNameExt object from the specified |
|
230 * buffer containing the binary coded representation, starting at the specified |
|
231 * offset, and puts a pointer to it onto the cleanup stack. |
|
232 * |
|
233 * @param aBinaryData The encoded binary representation. |
|
234 * @param aPos The offset position from which to start decoding. |
|
235 * @return The new CX509AltNameExt object. */ |
|
236 IMPORT_C static CX509AltNameExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
237 |
|
238 /** Destructor. |
|
239 * |
|
240 * Frees all resources owned by the object, prior to its destruction. */ |
|
241 virtual ~CX509AltNameExt(); |
|
242 |
|
243 /** Gets a reference to the array of general names that forms the alternate name |
|
244 * extension. |
|
245 * |
|
246 * @return The array of general names. */ |
|
247 IMPORT_C const CArrayPtrFlat<CX509GeneralName>& AltName() const; |
|
248 |
|
249 /** Checks whether the corressponding elements of two equally sized arrays of X.509 general names |
|
250 * match. |
|
251 * |
|
252 * @param aExt An X.509 certificate extension object that defines an alternate name. |
|
253 * @return TRUE if all the elements in the arrays match. |
|
254 */ |
|
255 IMPORT_C TBool Match(const CX509AltNameExt& aExt) const; |
|
256 private: |
|
257 CX509AltNameExt(); |
|
258 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
259 CArrayPtrFlat<CX509GeneralName>* iAuthorityName; |
|
260 }; |
|
261 |
|
262 //3) key usage |
|
263 |
|
264 class CX509BitString : public CBase |
|
265 /** An X.509 bit string. |
|
266 * |
|
267 * @internalTechnology |
|
268 * @released |
|
269 * @since v6.0 */ |
|
270 { |
|
271 public: |
|
272 /** Destructor. |
|
273 * |
|
274 * Frees all resources owned by the object. */ |
|
275 ~CX509BitString(); |
|
276 |
|
277 /** Tests whether the specified bit is set. |
|
278 * |
|
279 * @param aBit The offset of the bit to be tested. This is a value relative to |
|
280 * zero. Any value greater than or equal to the length of the bit |
|
281 * string will always cause EFalse to be returned. |
|
282 * @return ETrue, if the bit is set; EFalse, otherwise. */ |
|
283 TBool IsSet(TInt aBit) const; |
|
284 |
|
285 /** Creates the X.509 bit string. |
|
286 * |
|
287 * @param aData A heap descriptor representing the bit string data. |
|
288 * @param aEffectiveLength The number of bits in the string. */ |
|
289 CX509BitString(HBufC8* aData, TInt aEffectiveLength); |
|
290 private: |
|
291 HBufC8* iData; |
|
292 TInt iLength; |
|
293 }; |
|
294 |
|
295 /** A list of values that defines what an X.509 key can be used for. |
|
296 * These values can be ANDed together if a key has several usages. |
|
297 * |
|
298 * @internalTechnology |
|
299 * @since v7.0 */ |
|
300 enum TX509KeyUsage |
|
301 { |
|
302 /** A digital signature. */ |
|
303 EX509DigitalSignature, |
|
304 /** Non repudiation. */ |
|
305 EX509NonRepudiation, |
|
306 /** Key encipherment. */ |
|
307 EX509KeyEncipherment, |
|
308 /** Data encipherment. */ |
|
309 EX509DataEncipherment, |
|
310 /** Key agreement. */ |
|
311 EX509KeyAgreement, |
|
312 /** Key certificate sign. */ |
|
313 EX509KeyCertSign, |
|
314 /** CRL sign. */ |
|
315 EX509CRLSign, |
|
316 /** Encipher only. */ |
|
317 EX509EncipherOnly, |
|
318 /** Decipher only. */ |
|
319 EX509DecipherOnly |
|
320 }; |
|
321 |
|
322 class CX509KeyUsageExt : public CX509ExtensionBase |
|
323 /** An X.509 certificate extension that defines the uses to which a key may be put. |
|
324 * |
|
325 * @publishedAll |
|
326 * @released |
|
327 * @since v6.0 */ |
|
328 { |
|
329 public: |
|
330 /** Creates a new CX509KeyUsageExt object from the specified buffer |
|
331 * containing the binary coded representation. |
|
332 * |
|
333 * @param aBinaryData The encoded binary representation. |
|
334 * @return The new CX509KeyUsageExt object. */ |
|
335 IMPORT_C static CX509KeyUsageExt* NewL(const TDesC8& aBinaryData); |
|
336 |
|
337 /** Creates a new CX509KeyUsageExt object from the specified buffer |
|
338 * containing the binary coded representation, and puts a pointer to it onto |
|
339 * the cleanup stack. |
|
340 * |
|
341 * @param aBinaryData The encoded binary representation. |
|
342 * @return The new CX509KeyUsageExt object. */ |
|
343 IMPORT_C static CX509KeyUsageExt* NewLC(const TDesC8& aBinaryData); |
|
344 |
|
345 /** Creates a new CX509KeyUsageExt object from the specified buffer |
|
346 * containing the binary coded representation, starting at the specified offset. |
|
347 * |
|
348 * @param aBinaryData The encoded binary representation. |
|
349 * @param aPos The offset position from which to start decoding. |
|
350 * @return The new CX509KeyUsageExt object. */ |
|
351 IMPORT_C static CX509KeyUsageExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
352 |
|
353 /** Creates a new CX509KeyUsageExt object from the specified buffer |
|
354 * containing the binary coded representation, starting at the specified offset, |
|
355 * and puts a pointer to it onto the cleanup stack. |
|
356 * |
|
357 * @param aBinaryData The encoded binary representation. |
|
358 * @param aPos The offset position from which to start decoding. |
|
359 * @return The new CX509KeyUsageExt object. */ |
|
360 IMPORT_C static CX509KeyUsageExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
361 |
|
362 /** Destructor. |
|
363 * |
|
364 * Frees all resources owned by the object, prior to its destruction. */ |
|
365 virtual ~CX509KeyUsageExt(); |
|
366 |
|
367 /** Tests whether a particular usage is set in the extension. |
|
368 * |
|
369 * @internalTechnology |
|
370 * @param aUsage The usage. |
|
371 * @return ETrue, if the specific usage is set in the extension; EFalse, otherwise. */ |
|
372 IMPORT_C TBool IsSet(TX509KeyUsage aUsage) const; |
|
373 private: |
|
374 CX509KeyUsageExt(); |
|
375 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
376 CX509BitString* iData; |
|
377 }; |
|
378 |
|
379 //4) name constraints |
|
380 |
|
381 class CX509GeneralSubtree : public CBase |
|
382 /** Provides access to the general name and the min/max lengths of the subtree. |
|
383 * |
|
384 * @publishedAll |
|
385 * @released |
|
386 * @since v6.0 */ |
|
387 { |
|
388 public: |
|
389 /** |
|
390 * @internalComponent |
|
391 * |
|
392 * Creates a new CX509GeneralSubtree object from the specified buffer containing |
|
393 * the encoded binary representation. |
|
394 * |
|
395 * @param aBinaryData The encoded binary representation. |
|
396 * @return The new CX509GeneralSubtree object. |
|
397 **/ |
|
398 static CX509GeneralSubtree* NewL(const TDesC8& aBinaryData); |
|
399 |
|
400 /** |
|
401 * @internalComponent |
|
402 * |
|
403 * Creates a new CX509GeneralSubtree object from the specified buffer containing |
|
404 * the encoded binary representation, and puts a pointer to it onto the cleanup stack. |
|
405 * |
|
406 * @param aBinaryData The encoded binary representation. |
|
407 * @return The new CX509GeneralSubtree object. |
|
408 **/ |
|
409 static CX509GeneralSubtree* NewLC(const TDesC8& aBinaryData); |
|
410 |
|
411 /** |
|
412 * @internalComponent |
|
413 * |
|
414 * Creates a new CX509GeneralSubtree object from the specified buffer containing |
|
415 * the encoded binary representation. |
|
416 * |
|
417 * @param aBinaryData The encoded binary representation. |
|
418 * @param aPos The position from which to start decoding. |
|
419 * @return The new CX509GeneralSubtree object. |
|
420 **/ |
|
421 static CX509GeneralSubtree* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
422 |
|
423 /** |
|
424 * @internalComponent |
|
425 * |
|
426 * Creates a new CX509GeneralSubtree object from the specified buffer containing |
|
427 * the encoded binary representation, and puts a pointer to it onto the cleanup stack. |
|
428 * |
|
429 * @param aBinaryData The encoded binary representation. |
|
430 * @param aPos The position from which to start decoding. |
|
431 * @return The new CX509GeneralSubtree object. |
|
432 **/ |
|
433 static CX509GeneralSubtree* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
434 |
|
435 /** Destructor. |
|
436 * |
|
437 * Frees all resources owned by the object. */ |
|
438 virtual ~CX509GeneralSubtree(); |
|
439 |
|
440 /** Gets the general name. |
|
441 * |
|
442 * @return The general name. */ |
|
443 IMPORT_C const CX509GeneralName& Name() const; |
|
444 |
|
445 /** Gets the minimum distance of the CX509GeneralSubtree object. |
|
446 * |
|
447 * @return The minimum distance of the CX509GeneralSubtree object. */ |
|
448 IMPORT_C TInt MinDistance() const; |
|
449 |
|
450 /** Gets the maximum distance of the CX509GeneralSubtree object. |
|
451 * |
|
452 * @return The maximum distance of the CX509GeneralSubtree object. */ |
|
453 IMPORT_C TInt MaxDistance() const; |
|
454 private: |
|
455 CX509GeneralSubtree(); |
|
456 void ConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
457 CX509GeneralName* iName; |
|
458 TInt iMaxDist; |
|
459 TInt iMinDist; |
|
460 }; |
|
461 |
|
462 class CX509NameConstraintsExt : public CX509ExtensionBase |
|
463 /** An X.509 certificate extension that defines constraints on an entity's name. |
|
464 * |
|
465 * This extension allows Certification Authorities to restrict or prevent the issuing |
|
466 * of certificates to entities whose names lie within a defined name space. |
|
467 * |
|
468 * @publishedAll |
|
469 * @released */ |
|
470 { |
|
471 public: |
|
472 /** Creates a new CX509NameConstraintsExt object from the specified |
|
473 * buffer containing the binary coded representation. |
|
474 * |
|
475 * @param aBinaryData The encoded binary representation. |
|
476 * @return The new CX509NameConstraintsExt object. */ |
|
477 IMPORT_C static CX509NameConstraintsExt* NewL(const TDesC8& aBinaryData); |
|
478 |
|
479 /** Creates a new CX509NameConstraintsExt object from the specified |
|
480 * buffer containing the binary coded representation, and puts a pointer to it |
|
481 * onto the cleanup stack. |
|
482 * |
|
483 * @param aBinaryData The encoded binary representation. |
|
484 * @return The new CX509NameConstraintsExt object. */ |
|
485 IMPORT_C static CX509NameConstraintsExt* NewLC(const TDesC8& aBinaryData); |
|
486 |
|
487 /** Creates a new CX509NameConstraintsExt object from the specified |
|
488 * buffer containing the binary coded representation, starting at the specified offset. |
|
489 * |
|
490 * @param aBinaryData The encoded binary representation. |
|
491 * @param aPos The offset position from which to start decoding. |
|
492 * @return The new CX509NameConstraintsExt object. */ |
|
493 IMPORT_C static CX509NameConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
494 |
|
495 /** Creates a new CX509NameConstraintsExt object from the specified |
|
496 * buffer containing the binary coded representation, starting at the specified |
|
497 * offset, and puts a pointer to it onto the cleanup stack. |
|
498 * |
|
499 * @param aBinaryData The encoded binary representation. |
|
500 * @param aPos The offset position from which to start decoding. |
|
501 * @return The new CX509NameConstraintsExt object. */ |
|
502 IMPORT_C static CX509NameConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
503 |
|
504 /** Destructor. |
|
505 * |
|
506 * Frees all resources owned by the object, prior to its destruction. */ |
|
507 IMPORT_C ~CX509NameConstraintsExt(); |
|
508 |
|
509 /** Gets a reference to the array of exclusion subtree names. |
|
510 * |
|
511 * No certificates after this one may contain names within the subtrees specified. |
|
512 * |
|
513 * @return The excluded subtrees. */ |
|
514 IMPORT_C const CArrayPtrFlat<CX509GeneralSubtree>& ExcludedSubtrees() const; |
|
515 |
|
516 /** Gets a reference to the array of permitted subtree names. |
|
517 * |
|
518 * All certificates after this one must contain names within the subtrees specified. |
|
519 * |
|
520 * @return The permitted subtrees. */ |
|
521 IMPORT_C const CArrayPtrFlat<CX509GeneralSubtree>& PermittedSubtrees() const; |
|
522 private: |
|
523 CX509NameConstraintsExt(); |
|
524 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
525 void AddSubtreesL(CArrayPtrFlat<CX509GeneralSubtree>& aSubtrees, const TDesC8& aBinaryData); |
|
526 CArrayPtrFlat<CX509GeneralSubtree>* iExcludedSubtrees; |
|
527 CArrayPtrFlat<CX509GeneralSubtree>* iPermittedSubtrees; |
|
528 }; |
|
529 |
|
530 //5) policy constraints |
|
531 |
|
532 class TX509PolicyConstraint |
|
533 /** Defines whether a policy constraint applies. |
|
534 * |
|
535 * Objects of this type are used by the X.509 certificate extension that constrains |
|
536 * the use of policies. |
|
537 * |
|
538 * An object of this type encapsulates two pieces of information: |
|
539 * @li whether a specific policy applies to subsequent certificates |
|
540 * @li if a specific policy applies, the number of certificates that can follow the |
|
541 * current one before the policy constraint applies. |
|
542 * |
|
543 * Enables a CA to constrain the use of policies in two ways: they can enforce |
|
544 * the appearance of explicit certificate policies in subsequent certificates, |
|
545 * and prevent policy mapping from being performed. |
|
546 * |
|
547 * @publishedAll |
|
548 * @released |
|
549 */ |
|
550 { |
|
551 public: |
|
552 /** |
|
553 * @internalComponent |
|
554 * |
|
555 * Constructs a TX509PolicyConstraint definition object with the specified requirement |
|
556 * and countdown values. |
|
557 * |
|
558 * @param aRequired The policy requirement. Set to ETrue, if the policy constraint |
|
559 * applies; set to EFalse, otherwise. |
|
560 * @param aCountdown The countdown value. This is the number of certificates that |
|
561 * can follow the current one before the constraint applies. |
|
562 * This only has meaning if the policy constraint applies. |
|
563 **/ |
|
564 TX509PolicyConstraint(TBool aRequired, TInt aCountdown); |
|
565 |
|
566 /** |
|
567 * @internalComponent |
|
568 * |
|
569 * Default constructor. |
|
570 * |
|
571 * Sets policy requirement to EFalse and iRequired to EFalse and the iCountdown |
|
572 * to zero. |
|
573 **/ |
|
574 TX509PolicyConstraint(); |
|
575 |
|
576 /** The policy requirement. |
|
577 * |
|
578 * This has the value ETrue, if the policy constraint applies; EFalse otherwise. */ |
|
579 TBool iRequired; |
|
580 |
|
581 /** The count down value. |
|
582 * |
|
583 * Defines the number of certificates that can follow the current one before |
|
584 * the policy constraint applies. This has no meaning if the policy constraint |
|
585 * does not apply. */ |
|
586 TInt iCountdown; |
|
587 }; |
|
588 |
|
589 class CX509PolicyConstraintsExt : public CX509ExtensionBase |
|
590 /** Enables a Certification Authority to constrain the use of policies in two ways: |
|
591 * @li to enforce the appearance of explicit certificate policies in subsequent certificates |
|
592 * @li to prevent policy mapping from being performed. |
|
593 * |
|
594 * @publishedAll |
|
595 * @released |
|
596 * @since v6.0 */ |
|
597 { |
|
598 public: |
|
599 /** Creates a new CX509PolicyConstraintsExt object from the specified buffer |
|
600 * containing the encoded binary representation. |
|
601 * |
|
602 * @param aBinaryData The encoded binary representation. |
|
603 * @return The new CX509PolicyConstraintsExt object. */ |
|
604 IMPORT_C static CX509PolicyConstraintsExt* NewL(const TDesC8& aBinaryData); |
|
605 |
|
606 /** Creates a new Policy constraints extension object from the specified buffer |
|
607 * containing the encoded binary representation, and puts a pointer to it onto |
|
608 * the cleanup stack. |
|
609 * |
|
610 * @param aBinaryData The encoded binary representation. |
|
611 * @return The new CX509PolicyConstraintsExt object. */ |
|
612 IMPORT_C static CX509PolicyConstraintsExt* NewLC(const TDesC8& aBinaryData); |
|
613 |
|
614 /** Creates a new CX509PolicyConstraintsExt object from the specified buffer |
|
615 * containing the encoded binary representation, starting at the specified offset. |
|
616 * |
|
617 * @param aBinaryData The encoded binary representation. |
|
618 * @param aPos The offset position from which to start decoding. |
|
619 * @return The new CX509PolicyConstraintsExt object. */ |
|
620 IMPORT_C static CX509PolicyConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
621 |
|
622 /** Creates a new CX509PolicyConstraintsExt object from the specified buffer |
|
623 * containing the encoded binary representation, and puts a pointer to it onto |
|
624 * the cleanup stack. |
|
625 * |
|
626 * @param aBinaryData The encoded binary representation. |
|
627 * @param aPos The offset position from which to start decoding. |
|
628 * @return The new CX509PolicyConstraintsExt object. */ |
|
629 IMPORT_C static CX509PolicyConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
630 |
|
631 /** Destructor. |
|
632 * |
|
633 * Frees all resources owned by the object, prior to its destruction. */ |
|
634 IMPORT_C ~CX509PolicyConstraintsExt(); |
|
635 |
|
636 /** Gets the explicit policy constraint. |
|
637 * |
|
638 * @return The explicit policy constraint. */ |
|
639 IMPORT_C TX509PolicyConstraint ExplicitPolicyRequired() const; |
|
640 |
|
641 /** Gets the inhibiting policy mapping. |
|
642 * |
|
643 * @return The inhibiting policy mapping. */ |
|
644 IMPORT_C TX509PolicyConstraint InhibitPolicyMapping() const; |
|
645 private: |
|
646 CX509PolicyConstraintsExt(); |
|
647 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
648 TX509PolicyConstraint iRequirePolicy; |
|
649 TX509PolicyConstraint iInhibitPolicyMapping; |
|
650 }; |
|
651 |
|
652 //6) policies |
|
653 |
|
654 class CX509PolicyQualifierInfo : public CBase |
|
655 /** Gets X.509 policy qualifier information. |
|
656 * |
|
657 * @publishedAll |
|
658 * @released |
|
659 * @since v6.0 */ |
|
660 { |
|
661 public: |
|
662 /** |
|
663 * @internalComponent |
|
664 * |
|
665 * Creates a new CX509PolicyQualifierInfo object from the specified |
|
666 * buffer containing the encoded binary representation. |
|
667 * |
|
668 * @param aBinaryData The encoded binary representation. |
|
669 * @return The new CX509PolicyQualifierInfo object. |
|
670 **/ |
|
671 static CX509PolicyQualifierInfo* NewL(const TDesC8& aBinaryData); |
|
672 |
|
673 /** |
|
674 * @internalComponent |
|
675 * |
|
676 * Creates a new CX509PolicyQualifierInfo object from the specified |
|
677 * buffer containing the encoded binary representation, and puts a pointer to |
|
678 * it onto the cleanup stack. |
|
679 * |
|
680 * @param aBinaryData The encoded binary representation. |
|
681 * @return The new CX509PolicyQualifierInfo object. |
|
682 **/ |
|
683 static CX509PolicyQualifierInfo* NewLC(const TDesC8& aBinaryData); |
|
684 |
|
685 /** |
|
686 * @internalComponent |
|
687 * |
|
688 * Creates a new CX509PolicyQualifierInfo object from the specified |
|
689 * buffer containing the encoded binary representation. |
|
690 * |
|
691 * @param aBinaryData The encoded binary representation. |
|
692 * @param aPos The position from which to start decoding. |
|
693 * @return The new CX509PolicyQualifierInfo object. |
|
694 **/ |
|
695 static CX509PolicyQualifierInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
696 |
|
697 /** |
|
698 * @internalComponent |
|
699 * |
|
700 * Creates a new CX509PolicyQualifierInfo object from the specified |
|
701 * buffer containing the encoded binary representation, and puts a pointer to |
|
702 * it onto the cleanup stack. |
|
703 * |
|
704 * @param aBinaryData The encoded binary representation. |
|
705 * @param aPos The position from which to start decoding. |
|
706 * @return The new CX509PolicyQualifierInfo object. |
|
707 **/ |
|
708 static CX509PolicyQualifierInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
709 |
|
710 /** |
|
711 * @internalComponent |
|
712 * |
|
713 * Creates a new CX509PolicyQualifierInfo object from an existing X.509 |
|
714 * Policy Qualifier Information object. |
|
715 * |
|
716 * @param aQualifierInfo The CX509PolicyQualifierInfo object to be copied. |
|
717 * @return The new CX509PolicyQualifierInfo object. |
|
718 **/ |
|
719 static CX509PolicyQualifierInfo* NewL(const CX509PolicyQualifierInfo& aQualifierInfo); |
|
720 |
|
721 /** |
|
722 * @internalComponent |
|
723 * |
|
724 * Creates a new CX509PolicyQualifierInfo object from an existing X.509 |
|
725 * Policy Qualifier Information object, and puts a pointer to it onto the cleanup stack. |
|
726 * |
|
727 * @param aQualifierInfo The CX509PolicyQualifierInfo object to be copied. |
|
728 * @return The new CX509PolicyQualifierInfo object. |
|
729 **/ |
|
730 static CX509PolicyQualifierInfo* NewLC(const CX509PolicyQualifierInfo& aQualifierInfo); |
|
731 |
|
732 /** |
|
733 * @internalComponent |
|
734 * |
|
735 * Creates a new CX509PolicyQualifierInfo object from a stream. |
|
736 * |
|
737 * @return The new CX509PolicyQualifierInfo object. |
|
738 **/ |
|
739 static CX509PolicyQualifierInfo* NewL(RReadStream& aStream); |
|
740 |
|
741 /** |
|
742 * @internalComponent |
|
743 * |
|
744 * Creates a new CX509PolicyQualifierInfo object from a stream, and puts a pointer to it onto |
|
745 * the cleanup stack. |
|
746 * |
|
747 * @return The new CX509PolicyQualifierInfo object. |
|
748 **/ |
|
749 static CX509PolicyQualifierInfo* NewLC(RReadStream& aStream); |
|
750 |
|
751 /** The destructor. |
|
752 * |
|
753 * Frees all resources owned by the object. */ |
|
754 virtual ~CX509PolicyQualifierInfo(); |
|
755 |
|
756 /** Gets the policy qualifier Id. |
|
757 * |
|
758 * @return A non-modifiable pointer descriptor representing the policy qualifier Id. */ |
|
759 IMPORT_C TPtrC Id() const; |
|
760 |
|
761 /** Gets the policy qualifier data. |
|
762 * |
|
763 * @return A non-modifiable pointer descriptor representing the policy qualifier data. */ |
|
764 IMPORT_C TPtrC8 Data() const; |
|
765 |
|
766 // Internalization/Externalization |
|
767 // Externalize. Writes the data out to a stream |
|
768 /** |
|
769 * @internalComponent |
|
770 * |
|
771 * Externalises an object of this class to a write stream. |
|
772 * |
|
773 * The presence of this function means that the standard templated operator<<() |
|
774 * can be used to externalise objects of this class. |
|
775 * |
|
776 * @param aStream Stream to which the object should be externalised. |
|
777 **/ |
|
778 void ExternalizeL(RWriteStream& aStream) const; |
|
779 |
|
780 // Internalize. Reads the data from a stream |
|
781 /** |
|
782 * @internalComponent |
|
783 * |
|
784 * Internalises an object of this class from a read stream. |
|
785 * |
|
786 * The presence of this function means that the standard templated operator>>() |
|
787 * can be used to internalise objects of this class. |
|
788 * |
|
789 * Note that this function has assignment semantics: it replaces the old value |
|
790 * of the object with a new value read from the read stream. |
|
791 * |
|
792 * @param aStream Stream from which the object should be internalised. |
|
793 **/ |
|
794 void InternalizeL(RReadStream& aStream); |
|
795 |
|
796 private: |
|
797 CX509PolicyQualifierInfo(); |
|
798 void ConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
799 void ConstructL(const CX509PolicyQualifierInfo& aQualifier); |
|
800 void ConstructL(RReadStream& aStream); |
|
801 HBufC* iPolicyQualifierId; |
|
802 HBufC8* iData; //opaque (this is another any-defined-by, so could be anything) |
|
803 }; |
|
804 |
|
805 class CX509CertPolicyInfo : public CBase |
|
806 /** Defines a specific policy followed by a Certification Authority. |
|
807 * |
|
808 * The policy under which a certificate has been issued may contain a number |
|
809 * of these specific policies. |
|
810 * |
|
811 * @see CX509CertPoliciesExt |
|
812 * @publishedAll |
|
813 * @released |
|
814 * @since v6.0 */ |
|
815 { |
|
816 public: |
|
817 /** |
|
818 * @internalComponent |
|
819 * |
|
820 * Creates a new CX509CertPolicyInfo object from the specified buffer containing the |
|
821 * binary coded representation. |
|
822 * |
|
823 * @param aBinaryData The encoded binary representation. |
|
824 * @return The new CX509CertPolicyInfo object. |
|
825 **/ |
|
826 static CX509CertPolicyInfo* NewL(const TDesC8& aBinaryData); |
|
827 |
|
828 /** |
|
829 * @internalComponent |
|
830 * |
|
831 * Creates a new CX509CertPolicyInfo object from the specified buffer containing the |
|
832 * binary coded representation, and puts a pointer to it onto the cleanup stack. |
|
833 * |
|
834 * @param aBinaryData The encoded binary representation. |
|
835 * @return The new CX509CertPolicyInfo object. |
|
836 **/ |
|
837 static CX509CertPolicyInfo* NewLC(const TDesC8& aBinaryData); |
|
838 |
|
839 /** |
|
840 * @internalComponent |
|
841 * Creates a new CX509CertPolicyInfo object from the specified buffer containing the |
|
842 * binary coded representation, starting at the specified offset. |
|
843 * |
|
844 * @param aBinaryData The encoded binary representation. |
|
845 * @param aPos The offset position from which to start decoding. |
|
846 * @return The new CX509CertPolicyInfo object. |
|
847 **/ |
|
848 static CX509CertPolicyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
849 |
|
850 /** |
|
851 * @internalComponent |
|
852 * |
|
853 * Creates a new CX509CertPolicyInfo object from the specified buffer containing the |
|
854 * binary coded representation, starting at the specified offset, and puts a |
|
855 * pointer to it onto the cleanup stack. |
|
856 * |
|
857 * @param aBinaryData The encoded binary representation. |
|
858 * @param aPos The offset position from which to start decoding. |
|
859 * @return The new CX509CertPolicyInfo object. |
|
860 **/ |
|
861 static CX509CertPolicyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
862 |
|
863 /** Creates a new CX509CertPolicyInfo object from an existing object. |
|
864 * |
|
865 * This is equivalent to a copy constructor. |
|
866 * |
|
867 * @param aPolicy The CX509CertPolicyInfo object to be copied. |
|
868 * @return The new CX509CertPolicyInfo object. */ |
|
869 IMPORT_C static CX509CertPolicyInfo* NewL(const CX509CertPolicyInfo& aPolicy); |
|
870 |
|
871 /** Creates a new CX509CertPolicyInfo object from an existing object, and puts a pointer |
|
872 * to it onto the cleanup stack. |
|
873 * |
|
874 * This is equivalent to a copy constructor. |
|
875 * |
|
876 * @param aPolicy The CX509CertPolicyInfo object to be copied. |
|
877 * @return The new CX509CertPolicyInfo object. */ |
|
878 IMPORT_C static CX509CertPolicyInfo* NewLC(const CX509CertPolicyInfo& aPolicy); |
|
879 |
|
880 /** Creates a new CX509CertPolicyInfo object from a stream. |
|
881 * |
|
882 * @return The new CX509CertPolicyInfo object. */ |
|
883 IMPORT_C static CX509CertPolicyInfo* NewL(RReadStream& aStream); |
|
884 |
|
885 /** Creates a new CX509CertPolicyInfo object from a stream, and puts a pointer to it onto |
|
886 * the cleanup stack. |
|
887 * |
|
888 * @return The new CX509CertPolicyInfo object. */ |
|
889 IMPORT_C static CX509CertPolicyInfo* NewLC(RReadStream& aStream); |
|
890 |
|
891 /** Destructor. |
|
892 * |
|
893 * Frees all resources owned by the object, prior to its destruction. */ |
|
894 virtual ~CX509CertPolicyInfo(); |
|
895 |
|
896 /** Gets a reference to the array of policy qualifers. |
|
897 * |
|
898 * @return The array of policy qualifiers. */ |
|
899 IMPORT_C const CArrayPtrFlat<CX509PolicyQualifierInfo>& Qualifiers() const; |
|
900 |
|
901 /** Gets the specific policy's Object Identifier (OID). |
|
902 * |
|
903 * @return A pointer descriptor representing the specific policy's OID. */ |
|
904 IMPORT_C TPtrC Id() const; |
|
905 |
|
906 |
|
907 // Internalization/Externalization |
|
908 // Externalize. Writes the data out to a stream |
|
909 /** Externalises an object of this class to a write stream. |
|
910 * |
|
911 * The presence of this function means that the standard templated operator<<() |
|
912 * can be used to externalise objects of this class. |
|
913 * |
|
914 * @param aStream Stream to which the object should be externalised. */ |
|
915 IMPORT_C void ExternalizeL(RWriteStream& aStream) const; |
|
916 |
|
917 // Internalize. Reads the data from a stream |
|
918 /** Internalises an object of this class from a read stream. |
|
919 * |
|
920 * The presence of this function means that the standard templated operator>>() |
|
921 * can be used to internalise objects of this class. |
|
922 * |
|
923 * Note that this function has assignment semantics: it replaces the old value |
|
924 * of the object with a new value read from the read stream. |
|
925 * |
|
926 * @param aStream Stream from which the object should be internalised. */ |
|
927 IMPORT_C void InternalizeL(RReadStream& aStream); |
|
928 |
|
929 |
|
930 private: |
|
931 CX509CertPolicyInfo(); |
|
932 void ConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
933 void ConstructL(const CX509CertPolicyInfo& aInfo); |
|
934 void ConstructL(RReadStream& aStream); |
|
935 HBufC* iCertPolicyId;//OID for this policy |
|
936 CArrayPtrFlat<CX509PolicyQualifierInfo>* iQualifiers; |
|
937 }; |
|
938 |
|
939 class CX509CertPoliciesExt : public CX509ExtensionBase |
|
940 /** The policy under which this certificate has been issued. |
|
941 * |
|
942 * Contains further information on a client's signature. |
|
943 * |
|
944 * @publishedAll |
|
945 * @released |
|
946 * @since v6.0 */ |
|
947 { |
|
948 public: |
|
949 /** Creates a new CX509CertPoliciesExt object from the specified buffer |
|
950 * containing the encoded binary representation. |
|
951 * |
|
952 * @param aBinaryData The encoded binary representation. |
|
953 * @return The CX509CertPoliciesExt object. */ |
|
954 IMPORT_C static CX509CertPoliciesExt* NewL(const TDesC8& aBinaryData); |
|
955 |
|
956 /** Creates a new CX509CertPoliciesExt object from the specified buffer |
|
957 * containing the encoded binary representation, and puts a pointer to it onto |
|
958 * the cleanup stack. |
|
959 * |
|
960 * @param aBinaryData The encoded binary representation. |
|
961 * @return The CX509CertPoliciesExt object. */ |
|
962 IMPORT_C static CX509CertPoliciesExt* NewLC(const TDesC8& aBinaryData); |
|
963 |
|
964 /** Creates a new CX509CertPoliciesExt object from the specified buffer |
|
965 * containing the encoded binary representation, starting at the specified offset. |
|
966 * |
|
967 * @param aBinaryData The encoded binary representation. |
|
968 * @param aPos The offset position from which to start decoding. |
|
969 * @return The CX509CertPoliciesExt object. */ |
|
970 IMPORT_C static CX509CertPoliciesExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
971 |
|
972 /** Creates a new CX509CertPoliciesExt object from the specified buffer |
|
973 * containing the encoded binary representation, and puts a pointer to it onto |
|
974 * the cleanup stack. |
|
975 * |
|
976 * @param aBinaryData The encoded binary representation. |
|
977 * @param aPos The offset position from which to start decoding. |
|
978 * @return The CX509CertPoliciesExt object. */ |
|
979 IMPORT_C static CX509CertPoliciesExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
980 |
|
981 /** Destructor. |
|
982 * |
|
983 * Frees all resources owned by the object. */ |
|
984 virtual ~CX509CertPoliciesExt(); |
|
985 |
|
986 /** Gets the certificate policy extension information. |
|
987 * |
|
988 * @return The certificate policy extension information. */ |
|
989 IMPORT_C const CArrayPtrFlat<CX509CertPolicyInfo>& Policies() const; |
|
990 private: |
|
991 CX509CertPoliciesExt(); |
|
992 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
993 CArrayPtrFlat<CX509CertPolicyInfo>* iPolicies; |
|
994 }; |
|
995 |
|
996 //7) policy mapping |
|
997 |
|
998 class CX509PolicyMapping : public CBase |
|
999 /** A set of policy mappings. |
|
1000 * |
|
1001 * @publishedAll |
|
1002 * @released |
|
1003 * @since v6.0 */ |
|
1004 { |
|
1005 public: |
|
1006 /** |
|
1007 * @internalComponent |
|
1008 * |
|
1009 * Creates a new CX509PolicyMapping object from the specified buffer containing |
|
1010 * the encoded binary representation, and puts a pointer to it onto the cleanup stack. |
|
1011 * |
|
1012 * @param aBinaryData The encoded binary representation. |
|
1013 **/ |
|
1014 static CX509PolicyMapping* NewL(const TDesC8& aBinaryData); |
|
1015 |
|
1016 /** |
|
1017 * @internalComponent |
|
1018 * |
|
1019 * Creates a new CX509PolicyMapping object from the specified buffer containing |
|
1020 * the encoded binary representation, and puts a pointer to it onto the cleanup stack. |
|
1021 * |
|
1022 * @param aBinaryData The encoded binary representation. |
|
1023 **/ |
|
1024 static CX509PolicyMapping* NewLC(const TDesC8& aBinaryData); |
|
1025 |
|
1026 /** |
|
1027 * @internalComponent |
|
1028 * |
|
1029 * Creates a new CX509PolicyMapping object from the specified buffer containing |
|
1030 * the encoded binary representation, starting at the specified offset, and puts |
|
1031 * a pointer to it onto the cleanup stack. |
|
1032 * |
|
1033 * @param aBinaryData The encoded binary representation. |
|
1034 * @param aPos The position from which to start decoding. |
|
1035 **/ |
|
1036 static CX509PolicyMapping* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
1037 |
|
1038 /** |
|
1039 * @internalComponent |
|
1040 * |
|
1041 * Creates a new CX509PolicyMapping object from the specified buffer containing |
|
1042 * the encoded binary representation, starting at the specified offset, and puts |
|
1043 * a pointer to it onto the cleanup stack. |
|
1044 * |
|
1045 * @param aBinaryData The encoded binary representation. |
|
1046 * @param aPos The position from which to start decoding. |
|
1047 **/ |
|
1048 static CX509PolicyMapping* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
1049 |
|
1050 /** Creates a new CX509PolicyMapping object copied from an existing one. |
|
1051 * |
|
1052 * @param aMapping The CX509PolicyMapping object to be copied. */ |
|
1053 IMPORT_C static CX509PolicyMapping* NewL(const CX509PolicyMapping& aMapping); |
|
1054 |
|
1055 /** Creates a new CX509PolicyMapping object copied from an existing one, and |
|
1056 * puts a pointer to the object onto the cleanup stack. |
|
1057 * |
|
1058 * @param aMapping The CX509PolicyMapping object to be copied. */ |
|
1059 IMPORT_C static CX509PolicyMapping* NewLC(const CX509PolicyMapping& aMapping); |
|
1060 |
|
1061 /** The destructor. |
|
1062 * |
|
1063 * Frees all resources owned by the object. */ |
|
1064 virtual ~CX509PolicyMapping(); |
|
1065 |
|
1066 /** Gets the issuer policy. |
|
1067 * |
|
1068 * @return The issuer policy. */ |
|
1069 IMPORT_C TPtrC IssuerPolicy() const; |
|
1070 |
|
1071 /** Gets the subject policy. |
|
1072 * |
|
1073 * @return The subject policy. */ |
|
1074 IMPORT_C TPtrC SubjectPolicy() const; |
|
1075 private: |
|
1076 CX509PolicyMapping(); |
|
1077 void ConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
1078 void ConstructL(const CX509PolicyMapping& aMapping); |
|
1079 HBufC* iIssuerPolicy; |
|
1080 HBufC* iSubjectPolicy; |
|
1081 }; |
|
1082 |
|
1083 class CX509PolicyMappingExt : public CX509ExtensionBase |
|
1084 /** An X.509 certificate extension that contains a set of policy mappings. |
|
1085 * |
|
1086 * A policy mapping allows a Certification Authority to declare that two certificate |
|
1087 * policies are equivalent. |
|
1088 * |
|
1089 * @publishedAll |
|
1090 * @released |
|
1091 * @since v6.0 */ |
|
1092 { |
|
1093 public: |
|
1094 /** Creates a new CX509PolicyMappingExt object from the specified buffer containing |
|
1095 * the binary coded representation. |
|
1096 * |
|
1097 * @param aBinaryData The encoded binary representation. |
|
1098 * @return The new CX509PolicyMappingExt object. */ |
|
1099 IMPORT_C static CX509PolicyMappingExt* NewL(const TDesC8& aBinaryData); |
|
1100 |
|
1101 /** Creates a new CX509PolicyMappingExt object from the specified buffer containing |
|
1102 * the binary coded representation, and puts a pointer to it onto the cleanup stack. |
|
1103 * |
|
1104 * @param aBinaryData The encoded binary representation. |
|
1105 * @return The new CX509PolicyMappingExt object. */ |
|
1106 IMPORT_C static CX509PolicyMappingExt* NewLC(const TDesC8& aBinaryData); |
|
1107 |
|
1108 /** Creates a new CX509PolicyMappingExt object from the specified buffer containing |
|
1109 * the binary coded representation, starting at the specified offset. |
|
1110 * |
|
1111 * @param aBinaryData The encoded binary representation. |
|
1112 * @param aPos The offset position from which to start decoding. |
|
1113 * @return The new CX509PolicyMappingExt object. */ |
|
1114 IMPORT_C static CX509PolicyMappingExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
1115 |
|
1116 /** Creates a new CX509PolicyMappingExt object from the specified buffer containing |
|
1117 * the binary coded representation, starting at the specified offset, and puts |
|
1118 * a pointer to it onto the cleanup stack. |
|
1119 * |
|
1120 * @param aBinaryData The encoded binary representation. |
|
1121 * @param aPos The offset position from which to start decoding. |
|
1122 * @return The new CX509PolicyMappingExt object. */ |
|
1123 IMPORT_C static CX509PolicyMappingExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
1124 |
|
1125 /** Destructor. |
|
1126 * |
|
1127 * Frees all resources owned by the object, prior to its destruction. */ |
|
1128 virtual ~CX509PolicyMappingExt(); |
|
1129 |
|
1130 /** Gets a reference to the array of policy mappings. |
|
1131 * |
|
1132 * @return The array of policy mappings. */ |
|
1133 IMPORT_C const CArrayPtrFlat<CX509PolicyMapping>& Mappings() const; |
|
1134 private: |
|
1135 CX509PolicyMappingExt(); |
|
1136 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
1137 CArrayPtrFlat<CX509PolicyMapping>* iPolicies; |
|
1138 }; |
|
1139 |
|
1140 //8) authority key ID |
|
1141 |
|
1142 class CX509AuthorityKeyIdExt : public CX509ExtensionBase |
|
1143 /** An X.509 certificate extension that provides a way to find the public key corresponding |
|
1144 * to the private key used to sign the certificate. |
|
1145 * |
|
1146 * This is referred to as the authority key ID extension. |
|
1147 * |
|
1148 * The key may be identified by the issuer's name and the issuing certificate's |
|
1149 * serial number, or by a key identifier value either derived from the public |
|
1150 * key or by some method of generating unique IDs. |
|
1151 * |
|
1152 * @publishedAll |
|
1153 * @released |
|
1154 * @since v6.0 */ |
|
1155 { |
|
1156 public: |
|
1157 /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing |
|
1158 * the binary coded representation. |
|
1159 * |
|
1160 * @param aBinaryData The encoded binary representation. |
|
1161 * @return The new CX509AuthorityKeyIdExt object. */ |
|
1162 IMPORT_C static CX509AuthorityKeyIdExt* NewL(const TDesC8& aBinaryData); |
|
1163 |
|
1164 /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing |
|
1165 * the binary coded representation, and puts a pointer to it onto the cleanup stack. |
|
1166 * |
|
1167 * @param aBinaryData The encoded binary representation. |
|
1168 * @return The new CX509AuthorityKeyIdExt object. */ |
|
1169 IMPORT_C static CX509AuthorityKeyIdExt* NewLC(const TDesC8& aBinaryData); |
|
1170 |
|
1171 /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing |
|
1172 * the binary coded representation, starting at the specified offset. |
|
1173 * |
|
1174 * @param aBinaryData The encoded binary representation. |
|
1175 * @param aPos The offset position from which to start decoding. |
|
1176 * @return The new CX509AuthorityKeyIdExt object. */ |
|
1177 IMPORT_C static CX509AuthorityKeyIdExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
1178 |
|
1179 /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing |
|
1180 * the binary coded representation, starting at the specified offset, and puts |
|
1181 * a pointer to it onto the cleanup stack. |
|
1182 * |
|
1183 * @param aBinaryData The encoded binary representation. |
|
1184 * @param aPos The offset position from which to start decoding. |
|
1185 * @return The new CX509AuthorityKeyIdExt object. */ |
|
1186 IMPORT_C static CX509AuthorityKeyIdExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
1187 |
|
1188 /** Destructor. |
|
1189 * |
|
1190 * Frees all resources owned by the object, prior to its destruction. */ |
|
1191 virtual ~CX509AuthorityKeyIdExt(); |
|
1192 |
|
1193 /** Gets the authority name. |
|
1194 * |
|
1195 * @return The authority name. */ |
|
1196 IMPORT_C const CArrayPtrFlat<CX509GeneralName>& AuthorityName() const; |
|
1197 |
|
1198 /** Gets the authority certificate serial number. |
|
1199 * |
|
1200 * @return A pointer descriptor representing the authority certificate serial number. */ |
|
1201 IMPORT_C TPtrC8 AuthorityCertSerialNumber() const; |
|
1202 |
|
1203 /** Gets the key identifier value. |
|
1204 * |
|
1205 * @return A pointer descriptor representing the key identifier value. */ |
|
1206 IMPORT_C TPtrC8 KeyId() const; |
|
1207 private: |
|
1208 CX509AuthorityKeyIdExt(); |
|
1209 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
1210 void DecodeNameL(const TDesC8& aBinaryData); |
|
1211 void DecodeSerialNoL(const TDesC8& aBinaryData); |
|
1212 void DecodeKeyIdL(const TDesC8& aBinaryData); |
|
1213 CArrayPtrFlat<CX509GeneralName>* iAuthorityName; |
|
1214 HBufC8* iAuthorityCertSerialNumber; |
|
1215 HBufC8* iKeyIdentifier; |
|
1216 }; |
|
1217 |
|
1218 //9) subject key ID |
|
1219 |
|
1220 class CX509SubjectKeyIdExt : public CX509ExtensionBase |
|
1221 /** An X.509 certificate extension that provides a way of identifying certificates |
|
1222 * that contain a specific public key. |
|
1223 * |
|
1224 * This is referred to as the subject key ID extension. |
|
1225 * |
|
1226 * It consists of a key identifier value either derived from the public key or |
|
1227 * by some method of generating unique IDs. |
|
1228 * |
|
1229 * @publishedAll |
|
1230 * @released |
|
1231 * @since v6.0 */ |
|
1232 { |
|
1233 public: |
|
1234 /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing |
|
1235 * the binary coded representation. |
|
1236 * |
|
1237 * @param aBinaryData The encoded binary representation. |
|
1238 * @return The new CX509SubjectKeyIdExt object. */ |
|
1239 IMPORT_C static CX509SubjectKeyIdExt* NewL(const TDesC8& aBinaryData); |
|
1240 |
|
1241 /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing |
|
1242 * the binary coded representation, and puts a pointer to it onto the cleanup stack. |
|
1243 * |
|
1244 * @param aBinaryData The encoded binary representation. |
|
1245 * @return The new CX509SubjectKeyIdExt object. */ |
|
1246 IMPORT_C static CX509SubjectKeyIdExt* NewLC(const TDesC8& aBinaryData); |
|
1247 |
|
1248 /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing |
|
1249 * the binary coded representation, starting at the specified offset. |
|
1250 * |
|
1251 * @param aBinaryData The encoded binary representation. |
|
1252 * @param aPos The offset position from which to start decoding. |
|
1253 * @return The new CX509SubjectKeyIdExt object. */ |
|
1254 IMPORT_C static CX509SubjectKeyIdExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
1255 |
|
1256 /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing |
|
1257 * the binary coded representation, starting at the specified offset, and puts |
|
1258 * a pointer to it onto the cleanup stack. |
|
1259 * |
|
1260 * @param aBinaryData The encoded binary representation. |
|
1261 * @param aPos The offset position from which to start decoding. |
|
1262 * @return The new CX509SubjectKeyIdExt object. */ |
|
1263 IMPORT_C static CX509SubjectKeyIdExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
1264 |
|
1265 /** Destructor. |
|
1266 * |
|
1267 * Frees all resources owned by the object, prior to its destruction. */ |
|
1268 IMPORT_C ~CX509SubjectKeyIdExt(); |
|
1269 |
|
1270 /** Gets the key ID. |
|
1271 * |
|
1272 * @return A pointer descriptor representing the key ID. */ |
|
1273 IMPORT_C TPtrC8 KeyId() const; |
|
1274 private: |
|
1275 CX509SubjectKeyIdExt(); |
|
1276 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
1277 HBufC8* iKeyIdentifier; |
|
1278 }; |
|
1279 |
|
1280 //10) extended key usage |
|
1281 |
|
1282 class CX509ExtendedKeyUsageExt : public CX509ExtensionBase |
|
1283 /** An X.509 certificate extension that defines the extra uses to which a key may be put. |
|
1284 * |
|
1285 * This is referred to as the extended key usage extension. |
|
1286 * |
|
1287 * @publishedAll |
|
1288 * @released |
|
1289 * @since v6.0 */ |
|
1290 { |
|
1291 public: |
|
1292 /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer |
|
1293 * containing the binary coded representation. |
|
1294 * |
|
1295 * @param aBinaryData The encoded binary data. |
|
1296 * @return The new CX509ExtendedKeyUsageExt object. */ |
|
1297 IMPORT_C static CX509ExtendedKeyUsageExt* NewL(const TDesC8& aBinaryData); |
|
1298 |
|
1299 /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer |
|
1300 * containing the binary coded representation, and puts a pointer to it onto |
|
1301 * the cleanup stack. |
|
1302 * |
|
1303 * @param aBinaryData The encoded binary representation. |
|
1304 * @return The new CX509ExtendedKeyUsageExt object. */ |
|
1305 IMPORT_C static CX509ExtendedKeyUsageExt* NewLC(const TDesC8& aBinaryData); |
|
1306 |
|
1307 /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer |
|
1308 * containing the binary coded representation, starting at the specified offset. |
|
1309 * |
|
1310 * @param aBinaryData The encoded binary representation. |
|
1311 * @param aPos The offset position from which to start decoding. |
|
1312 * @return The new CX509ExtendedKeyUsageExt object. */ |
|
1313 IMPORT_C static CX509ExtendedKeyUsageExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
1314 |
|
1315 /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer |
|
1316 * containing the binary coded representation, starting at the specified offset, |
|
1317 * and puts a pointer to it onto the cleanup stack. |
|
1318 * |
|
1319 * @param aBinaryData The encoded binary representation. |
|
1320 * @param aPos The offset position from which to start decoding. |
|
1321 * @return The new CX509ExtendedKeyUsageExt object. */ |
|
1322 IMPORT_C static CX509ExtendedKeyUsageExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
1323 |
|
1324 /** Destructor. |
|
1325 * |
|
1326 * Frees all resources owned by the object, prior to its destruction. */ |
|
1327 IMPORT_C ~CX509ExtendedKeyUsageExt(); |
|
1328 |
|
1329 /** Gets the sequence of Object Ids (OID) that identify the key usages. |
|
1330 * |
|
1331 * The sequence is held in a set of heap descriptors. |
|
1332 * |
|
1333 * @return A reference to the array of pointers to the heap descriptors that |
|
1334 * contain the OIDs. */ |
|
1335 IMPORT_C const CArrayPtrFlat<HBufC>& KeyUsages() const; |
|
1336 private: |
|
1337 CX509ExtendedKeyUsageExt(); |
|
1338 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
1339 CArrayPtrFlat<HBufC>* iKeyUsages; |
|
1340 }; |
|
1341 |
|
1342 //11) authority information access |
|
1343 |
|
1344 class CX509AccessDescription : public CBase |
|
1345 /** This class provides the access method OID and access location as used by X.509 private internet extensions |
|
1346 * (authority information access). |
|
1347 * |
|
1348 * @publishedAll |
|
1349 * @released |
|
1350 */ |
|
1351 { |
|
1352 public: |
|
1353 |
|
1354 /** |
|
1355 * @internalComponent |
|
1356 * |
|
1357 * Creates a new CX509AccessDescription object from the specified buffer |
|
1358 * containing the binary coded representation. |
|
1359 * |
|
1360 * @param aBinaryData The encoded binary data. |
|
1361 * @return The new CX509AccessDescription object. |
|
1362 **/ |
|
1363 static CX509AccessDescription* NewL(const TDesC8& aBinaryData); |
|
1364 |
|
1365 /** |
|
1366 * @internalComponent |
|
1367 * |
|
1368 * Creates a new CX509AccessDescription object from the specified buffer |
|
1369 * containing the binary coded representation, and puts a pointer to it onto |
|
1370 * the cleanup stack. |
|
1371 * |
|
1372 * @param aBinaryData The encoded binary representation. |
|
1373 * @return The new CX509AccessDescription object. |
|
1374 **/ |
|
1375 static CX509AccessDescription* NewLC(const TDesC8& aBinaryData); |
|
1376 |
|
1377 /** |
|
1378 * @internalComponent |
|
1379 * |
|
1380 * Creates a new CX509AuthInfoAccessExt object from the specified buffer |
|
1381 * containing the binary coded representation, starting at the specified offset. |
|
1382 * |
|
1383 * @param aBinaryData The encoded binary representation. |
|
1384 * @param aPos The offset position from which to start decoding. |
|
1385 * @return The new CX509AuthInfoAccessExt object. |
|
1386 **/ |
|
1387 static CX509AccessDescription* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
1388 |
|
1389 /** |
|
1390 * @internalComponent |
|
1391 * |
|
1392 * Creates a new CX509AccessDescription object from the specified buffer |
|
1393 * containing the binary coded representation, starting at the specified offset, |
|
1394 * and puts a pointer to it onto the cleanup stack. |
|
1395 * |
|
1396 * @param aBinaryData The encoded binary representation. |
|
1397 * @param aPos The offset position from which to start decoding. |
|
1398 * @return The new CX509AccessDescription object. |
|
1399 **/ |
|
1400 static CX509AccessDescription* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
1401 |
|
1402 /** Destructor. Frees all resources owned by the object, prior to its destruction. |
|
1403 */ |
|
1404 virtual ~CX509AccessDescription(); |
|
1405 |
|
1406 /** Gets the Access Method OID. |
|
1407 * |
|
1408 * @return A non modifiable pointer descriptor to point to the access method OID. |
|
1409 */ |
|
1410 IMPORT_C TPtrC Method() const; |
|
1411 |
|
1412 /** Gets the Access Location field which specifies the location where the additional |
|
1413 * information of the CA can be obtained. |
|
1414 * |
|
1415 * @return A reference to access location . |
|
1416 */ |
|
1417 IMPORT_C const CX509GeneralName& Location() const; |
|
1418 private: |
|
1419 CX509AccessDescription(); |
|
1420 void ConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
1421 HBufC* iMethodId; |
|
1422 CX509GeneralName* iLocation; |
|
1423 }; |
|
1424 |
|
1425 class CX509AuthInfoAccessExt : public CX509ExtensionBase |
|
1426 /** An X.509 certificate extension that defines the authority information access. |
|
1427 * |
|
1428 * |
|
1429 * @publishedAll |
|
1430 * @released |
|
1431 */ |
|
1432 |
|
1433 { |
|
1434 public: |
|
1435 |
|
1436 /** Creates a new CX509AuthInfoAccessExt object from the specified buffer |
|
1437 * containing the binary coded representation. |
|
1438 * |
|
1439 * @param aBinaryData The encoded binary data. |
|
1440 * @return The new CX509AuthInfoAccessExt object. |
|
1441 */ |
|
1442 IMPORT_C static CX509AuthInfoAccessExt* NewL(const TDesC8& aBinaryData); |
|
1443 |
|
1444 /** Creates a new CX509AuthInfoAccessExt object from the specified buffer |
|
1445 * containing the binary coded representation, and puts a pointer to it onto |
|
1446 * the cleanup stack. |
|
1447 * |
|
1448 * @param aBinaryData The encoded binary representation. |
|
1449 * @return The new CX509AuthInfoAccessExt object. |
|
1450 */ |
|
1451 IMPORT_C static CX509AuthInfoAccessExt* NewLC(const TDesC8& aBinaryData); |
|
1452 |
|
1453 /** Creates a new CX509AuthInfoAccessExt object from the specified buffer |
|
1454 * containing the binary coded representation, starting at the specified offset. |
|
1455 * |
|
1456 * @param aBinaryData The encoded binary representation. |
|
1457 * @param aPos The offset position from which to start decoding. |
|
1458 * @return The new CX509AuthInfoAccessExt object. |
|
1459 */ |
|
1460 IMPORT_C static CX509AuthInfoAccessExt* NewL(const TDesC8& aBinaryData, TInt& aPos); |
|
1461 |
|
1462 /** Creates a new CX509AuthInfoAccessExt object from the specified buffer |
|
1463 * containing the binary coded representation, starting at the specified offset, |
|
1464 * and puts a pointer to it onto the cleanup stack. |
|
1465 * |
|
1466 * @param aBinaryData The encoded binary representation. |
|
1467 * @param aPos The offset position from which to start decoding. |
|
1468 * @return The new CX509AuthInfoAccessExt object. |
|
1469 */ |
|
1470 IMPORT_C static CX509AuthInfoAccessExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); |
|
1471 |
|
1472 /** Destructor. Frees all resources owned by the object, prior to its destruction. |
|
1473 */ |
|
1474 IMPORT_C ~CX509AuthInfoAccessExt(); |
|
1475 |
|
1476 /** Gets the authority access description containing the method and location of additional information of CA , |
|
1477 * who issued the certificate in which this extension appears. |
|
1478 * |
|
1479 * @return A reference to the array of pointers to the authority access descriptions. |
|
1480 */ |
|
1481 IMPORT_C const CArrayPtrFlat<CX509AccessDescription>& AccessDescriptions() const; |
|
1482 private: |
|
1483 CX509AuthInfoAccessExt(); |
|
1484 void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); |
|
1485 CArrayPtrFlat<CX509AccessDescription>* iAccessDescs; |
|
1486 }; |
|
1487 |
|
1488 #endif |