1 /*

     2 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description: 

    15 * CPKIXValidationState class implementation

    16 *

    17 */

    18 

    19 

    20 

    21 

    22 /**

    23  @file 

    24  @internalTechnology

    25 */

    26  

    27 #if !defined (__PKIXCERTSTATE_H__)

    28 #define __PKIXCERTSTATE_H__

    29 

    30 #include <e32std.h>

    31 #include <x509cert.h>

    32 #include <x509certchain.h>

    33 #include <x509certext.h>

    34 #include <x509gn.h>

    35 

    36 /*this class has no brains at all. all it does it act as a container for

    37 state information needed when processing a certificate chain according to 

    38 the PKIX algorithm. it gets passed around among the classes which use it. 

    39 the classes which use it are all friends 'cos that seems neater than making 

    40 all its data public or including 500 accessors*/

    41 

    42 class CPKIXCertChainAO;

    43 

    44 class CPKIXValidationState : public CBase

    45 	{

    46 	friend class CPKIXCertChainAO;

    47 	friend class TPKIXPolicyConstraint;

    48 	friend class TPKIXNameConstraint;

    49 	friend class TPKIXBasicConstraint;

    50 	friend class TPKIXKeyUsageConstraint;

    51 public:

    52 	static CPKIXValidationState* NewL(	const TTime aValidationTime, TInt aChainLength,

    53 										const CArrayPtr<HBufC>* aInitialPolicies);

    54 	static CPKIXValidationState* NewLC(	const TTime aValidationTime, TInt aChainLength,

    55 										const CArrayPtr<HBufC>* aInitialPolicies);

    56 	~CPKIXValidationState();

    57 private:

    58 	CPKIXValidationState(	const TTime aValidationTime, TInt aChainLength,

    59 							const CArrayPtr<HBufC>* aInitialPolicies);

    60 	void ConstructL();

    61 private:

    62 	const TTime iValidationTime;

    63 	TInt iPolicyMapping;

    64 	TInt iPolicyRequired;

    65 	TInt iMaxPathLength;

    66 	TInt iPos;

    67 

    68 //	TBool iAnyUserPolicy;

    69 	TBool iAnyAuthorityPolicy;

    70 	

    71 	const CArrayPtr<HBufC>* iUserConstrainedPolicies;

    72 	CArrayPtrFlat<CX509CertPolicyInfo>* iAuthorityConstrainedPolicies;

    73 	

    74 	CArrayPtrFlat<HBufC>* iUserPolicies;	

    75 	CArrayPtrFlat<CX509PolicyMapping>* iMappedPolicies;

    76 	CArrayPtrFlat<CX500DistinguishedName>* iExcludedDNSubtrees;

    77 	CArrayPtrFlat<CX500DistinguishedName>* iPermittedDNSubtrees;

    78 	//these are all just to deal with name constraints on alt names

    79 	//can you believe it?

    80 	CArrayPtrFlat<CX509DomainName>* iExcludedRFC822Subtrees;

    81 	CArrayPtrFlat<CX509DomainName>* iPermittedRFC822Subtrees;

    82 	CArrayPtrFlat<CX509DomainName>* iExcludedDNSNameSubtrees;

    83 	CArrayPtrFlat<CX509DomainName>* iPermittedDNSNameSubtrees;

    84 	CArrayPtrFlat<CX509IPSubnetMask>* iExcludedIPAddressSubtrees;

    85 	CArrayPtrFlat<CX509IPSubnetMask>* iPermittedIPAddressSubtrees;

    86 	CArrayPtrFlat<CX509CertExtension>* iCriticalExts;

    87 	};

    88 

    89 #endif