Mercurial Mercurial > oss > MCL > sf > os > security / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertstate.h
changeset 0 2c201484c85f
child 8 35751d3474b7 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertstate.h	Wed Jul 08 11:25:26 2009 +0100
@@ -0,0 +1,89 @@
+/*
+* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: 
+* CPKIXValidationState class implementation
+*
+*/
+
+
+
+
+/**
+ @file 
+ @internalTechnology
+*/
+ 
+#if !defined (__PKIXCERTSTATE_H__)
+#define __PKIXCERTSTATE_H__
+
+#include <e32std.h>
+#include <x509cert.h>
+#include <x509certchain.h>
+#include <x509certext.h>
+#include <x509gn.h>
+
+/*this class has no brains at all. all it does it act as a container for
+state information needed when processing a certificate chain according to 
+the PKIX algorithm. it gets passed around among the classes which use it. 
+the classes which use it are all friends 'cos that seems neater than making 
+all its data public or including 500 accessors*/
+
+class CPKIXCertChainAO;
+
+class CPKIXValidationState : public CBase
+	{
+	friend class CPKIXCertChainAO;
+	friend class TPKIXPolicyConstraint;
+	friend class TPKIXNameConstraint;
+	friend class TPKIXBasicConstraint;
+	friend class TPKIXKeyUsageConstraint;
+public:
+	static CPKIXValidationState* NewL(	const TTime aValidationTime, TInt aChainLength,
+										const CArrayPtr<HBufC>* aInitialPolicies);
+	static CPKIXValidationState* NewLC(	const TTime aValidationTime, TInt aChainLength,
+										const CArrayPtr<HBufC>* aInitialPolicies);
+	~CPKIXValidationState();
+private:
+	CPKIXValidationState(	const TTime aValidationTime, TInt aChainLength,
+							const CArrayPtr<HBufC>* aInitialPolicies);
+	void ConstructL();
+private:
+	const TTime iValidationTime;
+	TInt iPolicyMapping;
+	TInt iPolicyRequired;
+	TInt iMaxPathLength;
+	TInt iPos;
+
+//	TBool iAnyUserPolicy;
+	TBool iAnyAuthorityPolicy;
+	
+	const CArrayPtr<HBufC>* iUserConstrainedPolicies;
+	CArrayPtrFlat<CX509CertPolicyInfo>* iAuthorityConstrainedPolicies;
+	
+	CArrayPtrFlat<HBufC>* iUserPolicies;	
+	CArrayPtrFlat<CX509PolicyMapping>* iMappedPolicies;
+	CArrayPtrFlat<CX500DistinguishedName>* iExcludedDNSubtrees;
+	CArrayPtrFlat<CX500DistinguishedName>* iPermittedDNSubtrees;
+	//these are all just to deal with name constraints on alt names
+	//can you believe it?
+	CArrayPtrFlat<CX509DomainName>* iExcludedRFC822Subtrees;
+	CArrayPtrFlat<CX509DomainName>* iPermittedRFC822Subtrees;
+	CArrayPtrFlat<CX509DomainName>* iExcludedDNSNameSubtrees;
+	CArrayPtrFlat<CX509DomainName>* iPermittedDNSNameSubtrees;
+	CArrayPtrFlat<CX509IPSubnetMask>* iExcludedIPAddressSubtrees;
+	CArrayPtrFlat<CX509IPSubnetMask>* iPermittedIPAddressSubtrees;
+	CArrayPtrFlat<CX509CertExtension>* iCriticalExts;
+	};
+
+#endif
MCL/sf/os/security