--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/cryptoservices/certificateandkeymgmt/inc/x509keys.h Wed Jul 08 11:25:26 2009 +0100
@@ -0,0 +1,809 @@
+/*
+* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* X.509 key classes and utility classes for key encoding/decoding.
+*
+*/
+
+
+
+
+/**
+ @file
+ @internalTechnology
+*/
+
+#if !defined (__X509KEYS_H__)
+#define __X509KEYS_H__
+
+#include <e32base.h>
+#include <e32std.h>
+#include <asymmetrickeys.h>
+#include <asymmetric.h>
+#include <hash.h>
+#include <bigint.h>
+#include <signed.h>
+
+// Forward declarations
+class CASN1EncBase;
+class CASN1EncContainer;
+class CASN1EncSequence;
+class CASN1EncBitString;
+
+class CX509RSAPublicKey : public CRSAPublicKey
+/** Adds the capability to decode DER-encoded RSA public keys.
+*
+* Adds a commitment to a specific encoding scheme allowing X.509 RSA public key
+* superclasses to remain encoding-independent.
+*
+* @publishedAll
+* @released
+*
+* @since v6.0
+*/
+ {
+public:
+ /** Creates a new RSA Public key object from the specified buffer containing the
+ * encoded binary representation.
+ *
+ * Initialises the object from its encoded binary form into an internal representation.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509RSAPublicKey object. */
+ IMPORT_C static CX509RSAPublicKey* NewL(const TDesC8& aBinaryData);
+
+ /** Creates a new RSA Public Key object from the specified buffer containing the
+ * encoded binary representation, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509RSAPublicKey object. */
+ IMPORT_C static CX509RSAPublicKey* NewLC(const TDesC8& aBinaryData);
+
+ /** Creates a new RSA Public key object from the specified buffer containing the
+ * encoded binary representation, starting at the specified offset.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The offset position from which to start decoding.
+ * @return A pointer to the new CX509RSAPublicKey object. */
+ IMPORT_C static CX509RSAPublicKey* NewL(const TDesC8& aBinaryData, TInt& aPos);
+
+ /** Creates a new RSA Public key object from the specified buffer containing the
+ * encoded binary representation, starting at the specified offset, and puts
+ * a pointer to it onto the cleanup stack.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The offset position from which to start decoding.
+ * @return A pointer to the new CX509RSAPublicKey object. */
+ IMPORT_C static CX509RSAPublicKey* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+private:
+ void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+ CX509RSAPublicKey();
+ };
+
+class TASN1EncRSAPublicKey
+/**
+ * Class for encoding RSA public keys to ASN.1 encoding.
+ *
+ * @publishedAll
+ * @released
+ * @since v8.0
+ */
+ {
+public:
+ /**
+ * Encodes the supplied public key into buffer in DER format ASN.1:
+ * @code
+ * SEQUENCE-OF
+ * INTEGER modulus
+ * INTEGER exponent
+ * @endcode
+ *
+ * @param aKey Key to encode.
+ * @return Allocated buffer containing DER encoding of
+ * the supplied key aKey.
+ */
+ IMPORT_C HBufC8* EncodeDERL(const CRSAPublicKey& aKey) const;
+ };
+
+class TASN1DecRSAPublicKey
+/**
+ * Class for decoding RSA public keys from ASN.1 DER encoding.
+ *
+ * @publishedAll
+ * @released
+ * @since v8.0
+ */
+ {
+public:
+ /**
+ * Decodes an RSA key from the supplied buffer starting at the
+ * specified position.
+ *
+ * @param aDER Buffer containing DER ASN.1 encoding of the key.
+ * @param aPos Starting position in the buffer (updated on exit).
+ * @return A pointer to the new CRSAPublicKey object.
+ */
+ IMPORT_C CRSAPublicKey* DecodeDERL(const TDesC8& aDER, TInt& aPos) const;
+ };
+
+class TASN1DecRSAKeyPair
+/**
+ * Class for decoding RSA key pairs from ASN.1 DER encoding.
+ *
+ * @publishedAll
+ * @released
+ * @since v8.0
+ */
+ {
+public:
+ /**
+ * Decodes an RSA key pair from buffer containing ASN.1
+ * DER-encoded private key. The encoding of a private key
+ * contains public key components as well.
+ *
+ * @param aDER DER-encoded private key.
+ * @param aPos Position in the buffer to start decoding
+ * (updated on exit).
+ * @param aPublicKey On return, the RSA public key object
+ * @param aPrivateKey On return, the RSA private key object
+ * @param aKeyType Key type, default is @c EStandardCRT
+ */
+ IMPORT_C void DecodeDERL(const TDesC8& aDER, TInt& aPos,
+ CRSAPublicKey*& aPublicKey,
+ CRSAPrivateKey*& aPrivateKey,
+ TRSAPrivateKeyType aKeyType = EStandardCRT);
+ };
+
+class CX509DSAPublicKey : public CDSAPublicKey
+/** Encapsulates the X.509 DSA public key.
+*
+* Adds a commitment to a specific encoding scheme allowing superclasses to remain
+* encoding-independent.
+*
+* @publishedAll
+* @released
+* @since v6.0
+*/
+// DSA public key, params, signature.
+ {
+public:
+ /** Creates a new X.509 DSA public key object.
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DSAPublicKey object. */
+ IMPORT_C static CX509DSAPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aBinaryData);
+
+ /** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DSAPublicKey object. */
+ IMPORT_C static CX509DSAPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aBinaryData);
+
+ /** Creates a new X.509 DSA public key object.
+ *
+ * @param aParams The DSA parameters.
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DSAPublicKey object. */
+ IMPORT_C static CX509DSAPublicKey* NewL(const CDSAParameters& aParams, const TDesC8& aBinaryData);
+
+ /** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aParams The DSA parameters.
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DSAPublicKey object. */
+ IMPORT_C static CX509DSAPublicKey* NewLC(const CDSAParameters& aParams, const TDesC8& aBinaryData);
+
+ /** Creates a new X.509 DSA public key object.
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The position from which to start decoding.
+ * @return A pointer to the new CX509DSAPublicKey object. */
+ IMPORT_C static CX509DSAPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aBinaryData,TInt& aPos);
+
+ /** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The position from which to start decoding.
+ * @return A pointer to the new CX509DSAPublicKey object. */
+ IMPORT_C static CX509DSAPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aBinaryData, TInt& aPos);
+
+ /** Creates a new X.509 DSA public key object.
+ *
+ * @param aParams The DSA parameters.
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The position from which to start decoding.
+ * @return A pointer to the new CX509DSAPublicKey object. */
+ IMPORT_C static CX509DSAPublicKey* NewL(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos);
+
+ /** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aParams The DSA parameters.
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The position from which to start decoding.
+ * @return A pointer to the new CX509DSAPublicKey object. */
+ IMPORT_C static CX509DSAPublicKey* NewLC(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos);
+public:
+ /** Gets the DSA parameters from the encoding key.
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @return The DSA parameters. */
+ IMPORT_C static CDSAParameters* DSAParametersL(const TDesC8& aParamsData);
+protected:
+ /** @internalComponent */
+ void ConstructL(const TDesC8& aParamsData, const TDesC8& aBinaryData, TInt& aPos);
+ /** @internalComponent */
+ void ConstructL(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos);
+ /** @internalComponent */
+ CX509DSAPublicKey();
+ };
+
+class TASN1DecDSAKeyPair
+/**
+ * Class for decoding DSA key pairs from ASN.1 DER encoding.
+ *
+ * @publishedAll
+ * @released
+ * @since v8.0
+ */
+ {
+public:
+ /**
+ * Decodes a DSA key pair from a buffer containing an ASN.1
+ * DER-encoded private key.
+ *
+ * The encoding of the private key contains public key components as well.
+ *
+ * The DER encoding has the following format:
+ * @verbatim
+ * SEQUENCE-OF
+ * INTEGER version (==0, ignored)
+ * INTEGER p (public prime)
+ * INTEGER q (160-bit public subprime, q | p-1)
+ * INTEGER g (public generator of subgroup)
+ * INTEGER x (private key)
+ * INTEGER y (public key y=g^x)
+ * @endverbatim
+ *
+ * @param aDER DER-encoded private key.
+ * @param aPos Position in the buffer to start decoding
+ * (updated on exit).
+ * @param aPublicKey On return, the DSA public key object
+ * @param aPrivateKey On return, the DSA private key object
+ */
+ IMPORT_C void DecodeDERL(const TDesC8& aDER, TInt& aPos,
+ CDSAPublicKey*& aPublicKey, CDSAPrivateKey*& aPrivateKey);
+ };
+
+/**
+ * Class for encoding DSA public keys to ASN.1 encoding.
+ *
+ * @publishedAll
+ * @released
+ * @since v8.0
+ */
+class TASN1EncDSAPublicKey
+ {
+public:
+ /**
+ * Encodes the supplied public key into a buffer in DER format.
+ *
+ * Note that the encoding has the following format:
+ * @code
+ * SEQUENCE-OF
+ * SEQUENCE-OF
+ * INTEGER p
+ * INTEGER q
+ * INTEGER g
+ * BIT STRING (encoded INTEGER public value)
+ * @endcode
+ *
+ * @param aKey Key to encode.
+ * @return Sequence containing public key information.
+ */
+ IMPORT_C CASN1EncSequence* EncodeDERL(const CDSAPublicKey& aKey) const;
+
+ /**
+ * Encodes DSA parameters into an ASN.1 encoding structure suitable for
+ * inclusion into other objects, like a PKCS#10 certificate request.
+ *
+ * Note that the encoding has the following form:
+ * @code
+ * SEQUENCE-OF
+ * INTEGER p
+ * INTEGER q
+ * INTEGER g
+ * @endcode
+ *
+ * @param aKey DSA public key.
+ * @return ASN.1 encoding structure on the cleanup stack.
+ */
+ IMPORT_C CASN1EncSequence* EncodeParamsLC(const CDSAPublicKey& aKey) const;
+
+ /**
+ * Encodes a public key as a bit string.
+ *
+ * @param aKey DSA public key.
+ * @return ASN.1 bit string (public key). This is left on the cleanup stack.
+ */
+
+ IMPORT_C CASN1EncBitString* EncodePublicValueLC(const CDSAPublicKey& aKey) const;
+ };
+
+class CX509DSASignature : public CDSASignature
+/** Encapsulates the X.509 DSA signature.
+*
+* Adds a commitment to a specific encoding scheme allowing superclasses to remain
+* encoding-independent.
+*
+* @publishedAll
+* @released
+* @since v6.0 */
+ {
+public:
+ /** Creates a new DSA Signature object from the specified buffer containing the
+ * encoded binary representation.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DSASignature object. */
+ IMPORT_C static CX509DSASignature* NewL(const TDesC8& aBinaryData);
+
+ /** Creates a new DSA Signature object from the specified buffer containing the
+ * encoded binary representation, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DSASignature object. */
+ IMPORT_C static CX509DSASignature* NewLC(const TDesC8& aBinaryData);
+
+ /** Creates a new DSA Signature object from the specified buffer containing the
+ * encoded binary representation, starting at the specified offset.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The offset position from which to start decoding.
+ * @return A pointer to the new CX509DSASignature object. */
+ IMPORT_C static CX509DSASignature* NewL(const TDesC8& aBinaryData, TInt& aPos);
+
+ /** Creates a new DSA Signature object from the specified buffer containing the
+ * encoded binary representation, starting at the specified offset, and puts
+ * a pointer to it onto the cleanup stack.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The offset position from which to start decoding.
+ * @return A pointer to the new CX509DSASignature object. */
+ IMPORT_C static CX509DSASignature* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+private:
+ void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+ CX509DSASignature();
+ };
+
+class CX509DHPublicKey : public CDHPublicKey
+/** Provides clients with the information they need for Diffie-Hellman key exchange
+* within a protocol.
+*
+* @publishedAll
+* @released
+* @since v6.0 */
+ {
+public:
+ /** Creates a new CX509DHPublicKey object from the specified buffer containing the encoded
+ * binary representation.
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @param aKeyData
+ * @return A pointer to the new CX509DHPublicKey object.*/
+ IMPORT_C static CX509DHPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aKeyData);
+
+ /** Creates a new CX509DHPublicKey object from the specified buffer containing the encoded
+ * binary representation, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @param aKeyData
+ * @return A pointer to the new CX509DHPublicKey object.*/
+ IMPORT_C static CX509DHPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aKeyData);
+public:
+ /** Destructor.
+ *
+ * Frees all resources owned by the object, prior to its destruction. */
+ IMPORT_C virtual ~CX509DHPublicKey();
+protected:
+ /** @internalComponent */
+ CX509DHPublicKey();
+ /** @internalComponent */
+ void ConstructL(const TDesC8& aParamsData, const TDesC8& aKeyData);
+ };
+
+class CX509DHKeyPair : public CDHKeyPair
+/** This class represents the Diffie-Hellman Key Pair.
+*
+* @publishedAll
+* @released
+* @since v8.0 */
+{
+public:
+ /** Creates a new DH key pair object from the specified buffer containing
+ * the encoded binary representation .
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @return A pointer to the new CX509DHKeyPair object.
+ */
+ IMPORT_C static CX509DHKeyPair* NewL(const TDesC8& aParamsData);
+
+ /** Creates a new DH Key Pair object from the specified buffer containing the encoded binary
+ * representation, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aParamsData A non-modifiable descriptor representing the entire encoding.
+ * @return A pointer to the new CX509DHKeyPair object.
+ */
+ IMPORT_C static CX509DHKeyPair* NewLC(const TDesC8& aParamsData);
+public:
+
+ /** Virtual Destructor.
+ * Frees all resources owned by the object, prior to its destruction.
+ *
+ */
+ IMPORT_C virtual ~CX509DHKeyPair();
+protected:
+ /** @internalComponent */
+ CX509DHKeyPair();
+ /** @internalComponent */
+ void ConstructL(const TDesC8& aParamsData);
+};
+
+class CX509DHValidationParams : public CBase
+/** Validates Diffie-Hellman (DH) Domain parameters.
+*
+* Provides access to the DH Validation Parameters, which are used to determine
+* if the DH Public Key has been generated in conformance with the algorithm
+* specified in ESDH (see RFC 2631).
+*
+* @publishedAll
+* @released
+* @since v6.0 */
+ {
+public:
+ /** Creates a new DH Validation parameters object from the specified buffer containing
+ * the encoded binary representation.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DHValidationParams object. */
+ IMPORT_C static CX509DHValidationParams* NewL(const TDesC8& aBinaryData);
+
+ /** Creates a new DH Validation parameters object from the specified buffer containing
+ * the encoded binary representation, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DHValidationParams object. */
+ IMPORT_C static CX509DHValidationParams* NewLC(const TDesC8& aBinaryData);
+
+ /** Creates a new DH Validation parameters object from the specified buffer containing
+ * the encoded binary representation, starting at the specified offset.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The offset position from which to start decoding.
+ * @return A pointer to the new CX509DHValidationParams object. */
+ IMPORT_C static CX509DHValidationParams* NewL(const TDesC8& aBinaryData, TInt& aPos);
+
+ /** Creates a new DH Validation parameters object from the specified buffer containing
+ * the encoded binary representation, starting at the specified offset, and puts
+ * a pointer to it onto the cleanup stack.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The offset position from which to start decoding.
+ * @return A pointer to the new CX509DHValidationParams object. */
+ IMPORT_C static CX509DHValidationParams* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+
+ /** Gets a DSA prime generation seed.
+ *
+ * @return The bit string parameter used as the seed. */
+ IMPORT_C const TPtrC8 Seed() const;
+
+ /** Gets the output from a DSA prime generation counter.
+ *
+ * @return The integer value output. */
+ IMPORT_C const TInteger& PGenCounter() const;
+
+ /** Destructor.
+ *
+ * Frees all resources owned by the object, prior to its destruction. */
+ virtual ~CX509DHValidationParams();
+protected:
+ /** @internalComponent */
+ CX509DHValidationParams();
+ /** @internalComponent */
+ void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+ HBufC8* iSeed;
+ RInteger iPGenCounter;
+ };
+
+class CX509DHDomainParams : public CBase
+/** Encapsulates the compulsory Diffie-Hellman domain parameter values P and G
+* (See RFC 2459).
+*
+* @publishedAll
+* @released
+* @since v6.0 */
+ {
+public:
+ /** Creates a new DH Domain parameters object from the specified buffer containing
+ * the encoded binary representation.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DHDomainParams object. */
+ IMPORT_C static CX509DHDomainParams* NewL(const TDesC8& aBinaryData);
+
+ /** Creates a new DH Domain parameters object from the specified buffer containing
+ * the encoded binary representation, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @return A pointer to the new CX509DHDomainParams object. */
+ IMPORT_C static CX509DHDomainParams* NewLC(const TDesC8& aBinaryData);
+
+ /** Creates a new DH Domain parameters object from the specified buffer containing
+ * the encoded binary representation, starting at the specified offset.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The offset position from which to start decoding.
+ * @return A pointer to the new CX509DHDomainParams object. */
+ IMPORT_C static CX509DHDomainParams* NewL(const TDesC8& aBinaryData, TInt& aPos);
+
+ /** Creates a new DH Domain parameters object from the specified buffer containing
+ * the encoded binary representation, starting at the specified offset, and puts
+ * a pointer to it onto the cleanup stack.
+ *
+ * @param aBinaryData The encoded binary representation.
+ * @param aPos The offset position from which to start decoding.
+ * @return A pointer to the new CX509DHDomainParams object. */
+ IMPORT_C static CX509DHDomainParams* NewLC(const TDesC8& aBinaryData, TInt& aPos);
+
+ /** Gets the compulsory parameter value P.
+ *
+ * @return The compulsory parameter value P. */
+ IMPORT_C const TInteger& P() const;
+
+ /** Gets the compulsory parameter value G.
+ *
+ * @return The compulsory parameter value G. */
+ IMPORT_C const TInteger& G() const;
+
+//the next 3 members are optional, in which case NULL is returned
+//the returned objects remain the property of this object
+
+//N.B. according to RFC 2459 the Q member is *not* optional,
+//however it is not essential for doing DH, and empirical studies
+//suggest it doesn't get included much, so I'm relaxing the spec here
+//to permit DomainParams objects which contain no Q.
+
+ /** Gets the optional value Q.
+ *
+ * @return The optional value Q. */
+ IMPORT_C const TInteger& Q() const;
+
+ /** Gets the optional value J.
+ *
+ * @return The optional value J. */
+ IMPORT_C const TInteger& J() const;
+
+ /** Gets the optional validation parameters.
+ *
+ * @return The optional validation parameters. */
+ IMPORT_C const CX509DHValidationParams* ValidationParams() const;
+
+ /** Destructor.
+ *
+ * Frees all resources owned by the object, prior to its destruction. */
+ virtual ~CX509DHDomainParams();
+protected:
+ /** @internalComponent */
+ CX509DHDomainParams();
+ /** @internalComponent */
+ void ConstructL(const TDesC8& aBinaryData, TInt& aPos);
+ RInteger iP;
+ RInteger iG;
+ RInteger iQ;
+ RInteger iJ;
+ CX509DHValidationParams* iValidationParams;
+ };
+
+class TX509KeyEncoder
+/**
+ * Abstract class that is the base class for RSA and DSA key encoder classes.
+ * These classes are used to encode the X509 ASN.1 types AlgorithmIdentifier and
+ * SubjectPublicKeyInfo.
+ *
+ * This class is part of the pkcs10 API, and will be changed or removed in a
+ * future release. You should not use it.
+ *
+ * @internalTechnology
+ */
+ {
+public:
+ /**
+ * Constructor that takes an algorithm identifier and saves it into the
+ * corresponding member variable. It is then used in the
+ * EncodeSignatureAlgorithm() function.
+ *
+ * @param aDigestAlg Digest algorithm to use. Currently the following
+ * algorithms are supported: MD2, MD5, and SHA-1.
+ */
+ IMPORT_C TX509KeyEncoder(TAlgorithmId aDigestAlg);
+
+ /**
+ * Produces the SubjectPublicKeyInfo encoding.
+ *
+ * The encoding has the following ASN.1 format:
+ * @code
+ * SubjectPublicKeyInfo {ALGORITHM : IOSet} ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier {{IOSet}},
+ * subjectPublicKey BIT STRING
+ * }
+ * @endcode
+ */
+ IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const = 0;
+
+ /**
+ * Produces the AlgorithmIdentifier encoding.
+ *
+ * @return ASN.1 sequence containing signature algorithm
+ */
+ IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const = 0;
+
+ /**
+ * Produces the DigestAlgorithmIdentifier encoder.
+ *
+ * The encoding has the following ASN.1 format
+ * @code
+ * DigestAlgorithmIdentifier ::= SEQUENCE {
+ * algorithm AlgorithmIdentifier,
+ * parameters ANY DEFINED BY algorithm OPTIONAL }
+ *
+ * AlgorithmIdentifier ::= OBJECT IDENTIFIER
+ * @endcode
+ *
+ * @return Appropriate ASN.1 sequence of type <code>DigestAlgorithmIdentifier</code>
+ */
+ IMPORT_C virtual CASN1EncSequence* EncodeDigestAlgorithmLC() const;
+
+protected:
+ /** Digest algorithm to use. */
+ TAlgorithmId iDigestAlg;
+ };
+
+class TX509RSAKeyEncoder : public TX509KeyEncoder
+/**
+ * Subclasses TC509KeyEncoder to provides key encoding capability for RSA public keys.
+ *
+ * This class is part of the pkcs10 API, and will be changed or removed in a
+ * future release. You should not use it.
+ *
+ * @internalTechnology
+ */
+ {
+public:
+ /**
+ * Constructs a RSA key pair encoder, saving reference to the passed
+ * key pair in the member variable.
+ *
+ * @param aPublicKey RSA public key to use for encoding.
+ * @param aDigestAlg Digest algorithm to use.
+ */
+ IMPORT_C TX509RSAKeyEncoder(const CRSAPublicKey& aPublicKey, TAlgorithmId aDigestAlg);
+
+ /**
+ * Produces the SubjectPublicKeyInfo encoding.
+ *
+ * The resulting encoding has the following form:
+ * @code
+ * SEQUENCE-OF
+ * SEQUENCE-OF
+ * OID of the encryption algorithm (KRSA)
+ * NULL
+ * BIT STRING encoded public key.
+ * @endcode
+ *
+ * @return DER-encoded public key information, placed on the cleanup stack.
+ */
+ IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const;
+
+ /**
+ * Produces the AlgorithmIdentifier encoding.
+ *
+ * This has the following form:
+ * @code
+ * SEQUENCE-OF
+ * OID signature-algorithm
+ * NULL
+ * @endcode
+ *
+ * @return ASN.1 sequence containing signature algorithm encoding,
+ * placed on the cleanup stack.
+ */
+ IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const;
+
+private:
+ /**
+ * Saved reference to the RSA public key to be used for encoding.
+ */
+ const CRSAPublicKey& iPublicKey;
+ };
+
+class TX509DSAKeyEncoder : public TX509KeyEncoder
+/**
+ * Provides key encoding and signing capability using a DSA public key.
+ *
+ * This class is part of the pkcs10 API, and will be changed or removed in a
+ * future release. You should not use it.
+ *
+ * @internalTechnology
+ */
+ {
+public:
+ /**
+ * Constructs a DSA key pair encoder, saving reference to the passed
+ * public key in the member variable.
+ *
+ * @param aKeyPublic DSA public key to use for encoding.
+ * @param aDigestAlg Digest algorithm to use.
+ */
+ IMPORT_C TX509DSAKeyEncoder(const CDSAPublicKey& aKeyPublic,
+ TAlgorithmId aDigestAlg);
+
+ /**
+ * Produces the SubjectPublicKeyInfo encoding.
+ *
+ * The ASN.1 encoding of a DSA key has the following form:
+ * @code
+ * SEQUENCE-OF
+ * SEQUENCE-OF
+ * OID dsa (1.2.840.10040.4.1)
+ * SEQUENCE-OF
+ * INTEGER p
+ * INTEGER q
+ * INTEGER g
+ * BIT STRING
+ * INTEGER public value (y)
+ * @endcode
+ *
+ * @return DER-encoded public key information, placed on the cleanup stack.
+ */
+ IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const;
+
+ /**
+ * Produces the AlgorithmIdentifier encoding.
+ *
+ * This has the following form:
+ * @code
+ * SEQUENCE-OF
+ * OID dsa-signature-oid
+ * SEQUENCE-OF dsa-params
+ * INTEGER p
+ * INTEGER q
+ * INTEGER g
+ * @endcode
+ *
+ * @return ASN.1 sequence containing signature algorithm encoding,
+ * placed on the cleanup stack.
+ */
+ IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const;
+
+private:
+ /**
+ * Saved reference to the DSA public key to be used for encoding.
+ */
+ const CDSAPublicKey& iPublicKey;
+ };
+
+#endif