--- a/cryptoservices/certificateandkeymgmt/inc/signed.h Tue Jul 21 01:04:32 2009 +0100
+++ b/cryptoservices/certificateandkeymgmt/inc/signed.h Thu Sep 10 14:01:51 2009 +0300
@@ -1,637 +1,616 @@
-/*
-* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description:
-*
-*/
-
-
-
-
-/**
- @file
- @internalAll
-*/
-
-#ifndef __SIGNED_H__
-#define __SIGNED_H__
-
-#include <e32base.h>
-#include <e32std.h>
-#include <s32std.h>
-#include <securitydefs.h>
-
-class CRSAPublicKey;
-class CDSAPublicKey;
-class CDSASignature;
-class CDSAParameters;
-
-/** Enumerates the identity of the algorithm.
- *
- * @publishedAll
- * @released
- */
-enum TAlgorithmId
- {
- /** An RSA algorithm. */
- ERSA,
- /** A DSA algorithm. */
- EDSA,
- /** A DH algorithm. */
- EDH,
- /** A MD2 algorithm. */
- EMD2,
- /** A MD5 algorithm. */
- EMD5,
- /** A SHA-1 algorithm. */
- ESHA1
- };
-
-class CValidityPeriod : public CBase
-/** The period for which the certificate is valid.
-*
-* @publishedAll
-* @released
-* @since v6.0 */
- {
-public:
- /** Tests whether the specified date and time is within the validity period.
- *
- * @param aTime The date and time to be tested.
- * @return ETrue, if the date and time is within the validity period;
- * EFalse, otherwise. */
- IMPORT_C TBool Valid(const TTime& aTime) const;
-
- /** Gets the start of the validity period.
- *
- * @return The start date and time. */
- IMPORT_C const TTime& Start() const;
-
- /** Gets the end of the validity period.
- *
- * @return The end date and time. */
- IMPORT_C const TTime& Finish() const;
-
- /** Copy constructor.
- *
- * @param aValidityPeriod The validity period object to be copied. */
- IMPORT_C CValidityPeriod(const CValidityPeriod& aValidityPeriod);
-
-protected:
- /** Default constructor. */
- IMPORT_C CValidityPeriod();
-
- /** The start time of the validity period. */
- TTime iStart;
-
- /** The end time of the validity period. */
- TTime iFinish;
- };
-
-class CAlgorithmIdentifier : public CBase
-/** Contains an algorithm ID and any encoded parameters required by that algorithm.
-*
-* An object of this type creates and owns a heap descriptor to contain the encoded
-* parameters.
-*
-* @publishedAll
-* @released
-* @since v6.0 */
- {
-public:
- /** Creates a new algorithm ID object copied from an existing object.
- *
- * @param aAlgorithmIdentifier The algorithm ID object to be copied.
- * @return A pointer to the new algorithm ID object. */
- IMPORT_C static CAlgorithmIdentifier* NewL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
-
- /** Creates a new algorithm ID object copied from an existing object, and puts
- * a pointer to the new object onto the cleanup stack.
- *
- * @param aAlgorithmIdentifier The algorithm ID object to be copied.
- * @return A pointer to the new algorithm ID object. */
- IMPORT_C static CAlgorithmIdentifier* NewLC(const CAlgorithmIdentifier& aAlgorithmIdentifier);
-
- /** Creates a new algorithm ID object.
- *
- * @param aAlgorithmId The algorithm ID.
- * @param aEncodedParams The encoded parameters.
- * @return A pointer to the new algorithm ID object. */
- IMPORT_C static CAlgorithmIdentifier* NewL(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
-
- /** Creates a new algorithm ID object, and puts a pointer to the new object onto
- * the cleanup stack.
- *
- * @param aAlgorithmId The algorithm ID.
- * @param aEncodedParams The encoded parameters.
- * @return A pointer to the new algorithm ID object. */
- IMPORT_C static CAlgorithmIdentifier* NewLC(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
-
- /** Tests whether this algorithm identifier object is equal to the specified algorithm
- * identifier object.
- *
- * @param aAlgorithmIdentifier The algorithm identifier object to be compared.
- * @return ETrue, if this algorithm identifier object is equal to the specified
- * algorithm identifier object; EFalse otherwise. */
- IMPORT_C TBool operator == (const CAlgorithmIdentifier& aAlgorithmIdentifier) const;
-
- /** Gets the algorithm identifier.
- *
- * @return The algorithm identifier. */
- IMPORT_C TAlgorithmId Algorithm() const; //ID for the algorithm
-
- /** Gets the encoded parameters for the algorithm identifier.
- *
- * Note that this object owns the heap descriptor that owns the encoded parameters.
- *
- * @return The encoded parameters. */
- IMPORT_C TPtrC8 EncodedParams() const; //the encoded parameters
-
- /** Destructor.
- *
- * Frees all resources owned by the object. */
- IMPORT_C ~CAlgorithmIdentifier();
-
-protected:
- /** Default constructor. */
- IMPORT_C CAlgorithmIdentifier();
-
- /** Constructor taking the specified parameters.
- *
- * @param aAlgorithmId The algorithm ID. */
- IMPORT_C CAlgorithmIdentifier(TAlgorithmId& aAlgorithmId);
-
- /** Second-phase constructor taking an existing algorithm identifier object.
- *
- * @param aAlgorithmIdentifier The algorithm identifier object. */
- IMPORT_C virtual void ConstructL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
-
- /** Second-phase constructor taking encoded parameters.
- *
- * @param aEncodedParams The encoded parameters. */
- IMPORT_C virtual void ConstructL(const TDesC8& aEncodedParams);
-
- /** The algorithm ID. */
- TAlgorithmId iAlgorithmId;
-
- /** The encoded parameters for the algorithm ID. */
- HBufC8* iEncodedParams;
- };
-
-class CSigningAlgorithmIdentifier : public CBase
-/** Contains two CAlgorithmIdentifier objects for comparison purposes.
-*
-* Implements an equality operator.
-*
-* @publishedAll
-* @released
-* @since v6.0 */
- {
-public:
- /** Constructs a new Signing Algorithm Identifier object, copying an existing Signing
- * Algorithm Identifier object.
- *
- * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object.
- * @return The new Signing Algorithm Identifier object. */
- IMPORT_C static CSigningAlgorithmIdentifier* NewL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
-
- /** Constructs a new Signing Algorithm Identifier object, copying an existing Signing
- * Algorithm Identifier object, and puts a pointer to it onto the cleanup stack.
- *
- * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object.
- * @return The new Signing Algorithm Identifier object. */
- IMPORT_C static CSigningAlgorithmIdentifier* NewLC(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
-
- /** Tests whether the Signing Algorithm Identifier object is equal to the specified
- * Signing Algorithm Identifier object.
- *
- * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object to be compared.
- * @return ETrue, if this object's Signing Algorithm Identifier value
- * is equal to the specified Signing Algorithm Identifier
- * object's value; EFalse, otherwise. */
- IMPORT_C TBool operator == (const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier) const;
-
- /** Gets the signature ID of the asymmetric algorithm.
- *
- * @return The signature ID of the asymmetric algorithm. */
- IMPORT_C const CAlgorithmIdentifier& AsymmetricAlgorithm() const;
-
- /** Gets the signature ID of the digest algorithm.
- *
- * @return The signature ID of the digest algorithm. */
- IMPORT_C const CAlgorithmIdentifier& DigestAlgorithm() const;
-
- /** Destructor.
- *
- * Frees all resources owned by the object, prior to its destruction. */
- IMPORT_C ~CSigningAlgorithmIdentifier();
-
-protected:
- /** Second-phase constructor.
- * @internalAll
- */
- void ConstructL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
-
- /** The signature ID of the asymmetric algorithm. */
- CAlgorithmIdentifier* iAsymmetricAlgorithm;
-
- /** The signature ID of the digest algorithm. */
- CAlgorithmIdentifier* iDigestAlgorithm;
- };
-
-class CSubjectPublicKeyInfo : public CBase
-/** A base class for a container that holds information about a subject public key.
-*
-* It contains the algorithm ID, the encoded public key and the encoded parameters.
-*
-* @publishedAll
-* @released
-* @since v6.0
-*/
-//algorithm ID + encoded public key + encoded parameters
- {
-public:
- /** Creates a new subject public key object copied from an existing object.
- *
- * @param aSubjectPublicKeyInfo The subject public key object to be copied.
- * @return A pointer to the new public key object. */
- IMPORT_C static CSubjectPublicKeyInfo* NewL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
-
- /** Creates a new subject public key object copied from an existing object and
- * puts a pointer to the new object onto the cleanup stack.
- *
- * @param aSubjectPublicKeyInfo The subject public key object to be copied.
- * @return A pointer to the new public key object. */
- IMPORT_C static CSubjectPublicKeyInfo* NewLC(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
-
- /** Gets the algorithm ID.
- *
- * @return The algorithm ID. */
- IMPORT_C TAlgorithmId AlgorithmId() const;
-
- /** Gets the encoded parameters required by the algorithm.
- *
- * @return A non-modifiable pointer descriptor representing the encoded parameters. */
- IMPORT_C const TPtrC8 EncodedParams() const;
-
- /** Gets the encoded public key data.
- *
- * @return A non-modifiable pointer descriptor representing the encoded public
- * key data. */
- IMPORT_C const TPtrC8 KeyData() const;
-
- /** Destructor.
- *
- * Frees all resources owned by the object. */
- IMPORT_C ~CSubjectPublicKeyInfo();
-protected:
- /** Second-phase constructor.
- *
- * @param aSubjectPublicKeyInfo The subject public key object to be copied. */
- IMPORT_C virtual void ConstructL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
-
- /** The algorithm ID. */
- CAlgorithmIdentifier* iAlgId;
-
- /** A heap descriptor representing the encoded key data. */
- HBufC8* iEncodedKeyData;
- };
-
-class CRSASignatureResult : public CBase
-/** The RSA public key algorithm signature result.
-*
-* Derived classes:
-* @li CWTLSRSASignatureResult
-* @li CPKCS1SignatureResult.
-*
-* @see TKeyFactory::RSASignatureResultL()
-*
-* @publishedAll
-* @released
-* @since v6.0 */
- {
-public:
- /** Tests whether the signature result is valid.
- *
- * @param aResult The signature result.
- * @return ETrue if the signature result is valid, otherwise EFalse. */
- IMPORT_C virtual TBool VerifyL(const TDesC8& aResult) = 0;
-
- /** Destructor.
- *
- * Frees all resources owned by the object. */
- IMPORT_C ~CRSASignatureResult();
-protected:
- /** Compares this RSA Signature Result object with the specified RSA Signature
- * Result object for equality.
- *
- * @param aResult The RSA Signature Result object to be compared.
- * @return ETrue, if they are the same; EFalse, otherwise. */
- IMPORT_C TBool operator == (const CRSASignatureResult& aResult) const;
-
- /** The digest algorithm ID. */
- CAlgorithmIdentifier* iDigestAlgorithm;
-
- /** A heap descriptor representing the digest algorithm. */
- HBufC8* iDigest;
- };
-
-//signed object
-class TKeyFactory
-/** Constructs the public key objects used for signature verification from their
-* encoded binary form.
-*
-* @publishedAll
-* @released
-* @since v6.0 */
- {
-public:
- /** Gets the RSA public key.
- *
- * @param aEncoding A non-modifiable descriptor representing the entire encoding.
- * @return The RSA Public key. */
- virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const = 0;
-
- /** Gets the RSA signature result.
- *
- * @param aDigestAlgorithm The algorithm ID.
- * @param aDigest A non-modifiable descriptor representing the digest algorithm.
- * @return The RSA signature result. */
- virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const = 0;
-
- /** Gets the DSA public key.
- *
- * @param aParams The DSA parameters
- * @param aEncoding A non-modifiable descriptor representing the entire encoding.
- * @return The DSA public key. */
- virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const = 0;
-
- /** Gets the digital DSA signature given an encoding key.
- *
- * @param aEncoding A non-modifiable descriptor representing the entire encoding.
- * @return The DSA signature. */
- virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const = 0;
-
- /** Gets the DSA parameters.
- *
- * @param aEncoding A non-modifiable descriptor representing the entire encoding.
- * @return The DSA parameters. */
- virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const = 0;
- // New function for TKeyFactory API
- virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const = 0;
- };
-
-class CSigningKeyParameters : public CBase
-/** Contains the parameter information required by some signing algorithms.
-*
-* The DSA signing algorithm needs parameters as well as a key. Currently, this
-* class only contains DSA parameters.
-*
-* @publishedAll
-* @released
-* @since v6.0 */
- {
-public:
- /** Creates a new signing key parameters object.
- *
- * @return A pointer to the new signing key parameters object. */
- IMPORT_C static CSigningKeyParameters* NewL();
-
- /** Creates a new signing key parameters object and puts a pointer to the new object
- * onto the cleanup stack.
- *
- * @return A pointer to the new signing key parameters object. */
- IMPORT_C static CSigningKeyParameters* NewLC();
-
- /** Creates a new signing key parameters object copied from an existing object.
- *
- * @param aParameters The signing key parameters object to be copied.
- * @return A pointer to the new parameters object. */
- IMPORT_C static CSigningKeyParameters* NewL(const CSigningKeyParameters& aParameters);
-
- /** Creates a new signing key parameters object copied from an existing object
- * and puts a pointer to the new object onto the cleanup stack.
- *
- * @param aParameters The signing key parameters object to be copied.
- * @return A pointer to the new signing key parameters object. */
- IMPORT_C static CSigningKeyParameters* NewLC(const CSigningKeyParameters& aParameters);
-
- /** Destructor.
- *
- * Frees all resources owned by the object. */
- IMPORT_C ~CSigningKeyParameters();
-
- /** Sets the DSA parameters.
- *
- * @param aParams The DSA parameters. */
- IMPORT_C void SetDSAParamsL(const CDSAParameters& aParams);
-
- /** Gets the DSA parameters.
- *
- * @return The DSA parameters.
- * @internalAll
- */
- const CDSAParameters* DSAParams() const;
-private:
- CSigningKeyParameters();
- void ConstructL(const CSigningKeyParameters& aParameters);
- CDSAParameters* iDSAParams;
- };
-
-
-class CSignedObject : public CBase
-/** Base class for certificates.
-*
-* @publishedAll
-* @released
-* @since v6.0 */
- {
-public:
- /** Verifies a signature using the specified encoded key.
- *
- * @param aEncodedKey The encoded key.
- * @return ETrue if the signature is valid, otherwise EFalse. */
- IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey) const;
-
- /** Verifies a signature using the specified encoded key and hash.
- *
- * @param aEncodedKey The encoded key.
- * @param aHash The hash of the data to be validated.
- * @return ETrue if the signature is valid, otherwise EFalse. */
- IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
-
- /** Gets the digital signature.
- *
- * @return A non-modifiable pointer descriptor representing the digital signature. */
- IMPORT_C const TPtrC8 Signature() const;
-
- /** Gets the signed data.
- *
- * @return A non-modifiable pointer descriptor representing the signed data. */
- IMPORT_C virtual const TPtrC8 SignedDataL() const = 0;
-
- /** Gets the fingerprint.
- *
- * The fingerprint returned is the SHA1 hash of the encoding of the entire object.
- *
- * @return A non-modifiable pointer descriptor representing the finger print. */
- IMPORT_C const TPtrC8 Fingerprint() const;
-
- /** Gets the entire encoding.
- *
- * @return A non-modifiable pointer descriptor representing the entire encoding. */
- IMPORT_C const TPtrC8 Encoding() const;
-
- /** Gets the signing algorithm ID used.
- *
- * @return The signing algorithm ID. */
- IMPORT_C const CSigningAlgorithmIdentifier& SigningAlgorithm() const;
-
- /** Externalises the encoding of the entire object to a write stream.
- *
- * The fingerprint and the signed data can be regenerated after restoration.
- *
- * The presence of this function means that the standard templated operator<<()
- * can be used to externalise objects of this class.
- *
- * @param aStream Stream to which the object should be externalised. */
- IMPORT_C virtual void ExternalizeL(RWriteStream& aStream) const;
-
- /** Internalises the encoded object from a read stream.
-
- * The class makes use of a specification-specific parser class for extracting
- * the various elements, that is provided by a subclass of CSignedObject. For
- * this reason this function is pure virtual.
- *
- * The presence of this function means that the standard templated operator>>()
- * can be used to internalise objects of this class.
- *
- * @param aStream Stream from which the contents of the field should be internalised. */
- IMPORT_C virtual void InternalizeL(RReadStream& aStream) = 0;
-
- /** Sets the signing key parameters.
- *
- * @param aParameters The signing key parameters. */
- IMPORT_C void SetParametersL(const CSigningKeyParameters& aParameters);
-
- /** Gets the encoded data for the specified encoded data element, in the (to be
- * signed) tbsCertificate data structure, of the signed object.
- *
- * @param aIndex The encoded data element position in the tbsCertificate data
- * structure. See the enumeration: CX509Certificate::Anonymous.
- * @return The encoded data for the specified data element of the signed object. */
- IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const = 0;
-
- /** Destructor.
- *
- * Frees all resources owned by the object. */
- IMPORT_C ~CSignedObject();
-
-protected:
- /** Verifies a RSA signature using the specified encoded key.
- *
- * @param aEncodedKey The encoded key.
- * @return ETrue if the signature is valid, otherwise EFalse.
- * @internalAll
- */
- TBool VerifyRSASignatureL(const TDesC8& aEncodedKey) const;
-
- /** @internalAll */
- TBool VerifyRSASignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
-
- /** A pointer to a key factory object. */
- TKeyFactory* iKeyFactory;
-
- /** A heap descriptor representing the entire encoding. */
- HBufC8* iEncoding;
-
- /** The digital signature. */
- HBufC8* iSignature;
-
- /** The fingerprint.
- *
- * The SHA1 hash of the encoding of the entire object. */
- HBufC8* iFingerprint;
-
- /** The signing key parameters */
- CSigningKeyParameters* iParameters;
-
- /** The signing algorithm ID. */
- CSigningAlgorithmIdentifier* iSigningAlgorithm;
- };
-
-class CCertificate : public CSignedObject
-/** A data structure that binds a public key to a given individual.
-*
-* A certificate is a signed object, and adds a serial number, a validity period
-* and a subject public key.
-*
-* This is a base class for classes that implement certificates of particular types.
-*
-* @publishedAll
-* @released
-* @since v6.0 */
- {
-public:
- /** Destructor.
- *
- * Frees all resources owned by the object. */
- IMPORT_C ~CCertificate();
-
- /** Gets the subject public key information.
- *
- * @return The subject public key information. */
- IMPORT_C const CSubjectPublicKeyInfo& PublicKey() const;
-
- /** Gets the serial number.
- *
- * @return A non-modifiable pointer descriptor representing the serial number. */
- IMPORT_C const TPtrC8 SerialNumber() const;
-
- /** Gets the validity period.
- *
- * @return The validity period. */
- IMPORT_C const CValidityPeriod& ValidityPeriod() const;
-
- /** Tests whether a certificate is self-signed.
- *
- * @return ETrue, if it is self-signed; EFalse, otherwise. */
- IMPORT_C virtual TBool IsSelfSignedL() const = 0;
-
- /** Gets the subject.
- *
- * @return A heap descriptor representing the subject. */
- IMPORT_C virtual HBufC* SubjectL() const = 0;
-
- /** Gets the issuer.
- *
- * @return A heap descriptor representing the issuer. */
- IMPORT_C virtual HBufC* IssuerL() const = 0;
-
- /** Gets the key identifier.
- *
- * @return The key identifier. */
- IMPORT_C virtual TKeyIdentifier KeyIdentifierL() const;
-
-protected:
- /** The serial number. */
- HBufC8* iSerialNumber;
-
- /** The validity period. */
- CValidityPeriod* iValidityPeriod;
-
- /** The subject public key information. */
- CSubjectPublicKeyInfo* iSubjectPublicKeyInfo;
- };
-
-#endif
+/*
+* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+
+/**
+ @file
+ @publishedAll
+ @released
+*/
+
+#ifndef __SIGNED_H__
+#define __SIGNED_H__
+
+#include <e32base.h>
+#include <e32std.h>
+#include <s32std.h>
+#include <securitydefs.h>
+
+class CRSAPublicKey;
+class CDSAPublicKey;
+class CDSASignature;
+class CDSAParameters;
+
+/** Enumerates the identity of the algorithm.
+ *
+ */
+enum TAlgorithmId
+ {
+ /** An RSA algorithm. */
+ ERSA,
+ /** A DSA algorithm. */
+ EDSA,
+ /** A DH algorithm. */
+ EDH,
+ /** A MD2 algorithm. */
+ EMD2,
+ /** A MD5 algorithm. */
+ EMD5,
+ /** A SHA-1 algorithm. */
+ ESHA1
+ };
+
+class CValidityPeriod : public CBase
+/** The period for which the certificate is valid.
+*
+* @since v6.0 */
+ {
+public:
+ /** Tests whether the specified date and time is within the validity period.
+ *
+ * @param aTime The date and time to be tested.
+ * @return ETrue, if the date and time is within the validity period;
+ * EFalse, otherwise. */
+ IMPORT_C TBool Valid(const TTime& aTime) const;
+
+ /** Gets the start of the validity period.
+ *
+ * @return The start date and time. */
+ IMPORT_C const TTime& Start() const;
+
+ /** Gets the end of the validity period.
+ *
+ * @return The end date and time. */
+ IMPORT_C const TTime& Finish() const;
+
+ /** Copy constructor.
+ *
+ * @param aValidityPeriod The validity period object to be copied. */
+ IMPORT_C CValidityPeriod(const CValidityPeriod& aValidityPeriod);
+
+protected:
+ /** Default constructor. */
+ IMPORT_C CValidityPeriod();
+
+ /** The start time of the validity period. */
+ TTime iStart;
+
+ /** The end time of the validity period. */
+ TTime iFinish;
+ };
+
+class CAlgorithmIdentifier : public CBase
+/** Contains an algorithm ID and any encoded parameters required by that algorithm.
+*
+* An object of this type creates and owns a heap descriptor to contain the encoded
+* parameters.
+*
+* @since v6.0 */
+ {
+public:
+ /** Creates a new algorithm ID object copied from an existing object.
+ *
+ * @param aAlgorithmIdentifier The algorithm ID object to be copied.
+ * @return A pointer to the new algorithm ID object. */
+ IMPORT_C static CAlgorithmIdentifier* NewL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
+
+ /** Creates a new algorithm ID object copied from an existing object, and puts
+ * a pointer to the new object onto the cleanup stack.
+ *
+ * @param aAlgorithmIdentifier The algorithm ID object to be copied.
+ * @return A pointer to the new algorithm ID object. */
+ IMPORT_C static CAlgorithmIdentifier* NewLC(const CAlgorithmIdentifier& aAlgorithmIdentifier);
+
+ /** Creates a new algorithm ID object.
+ *
+ * @param aAlgorithmId The algorithm ID.
+ * @param aEncodedParams The encoded parameters.
+ * @return A pointer to the new algorithm ID object. */
+ IMPORT_C static CAlgorithmIdentifier* NewL(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
+
+ /** Creates a new algorithm ID object, and puts a pointer to the new object onto
+ * the cleanup stack.
+ *
+ * @param aAlgorithmId The algorithm ID.
+ * @param aEncodedParams The encoded parameters.
+ * @return A pointer to the new algorithm ID object. */
+ IMPORT_C static CAlgorithmIdentifier* NewLC(TAlgorithmId& aAlgorithmId, const TDesC8& aEncodedParams);
+
+ /** Tests whether this algorithm identifier object is equal to the specified algorithm
+ * identifier object.
+ *
+ * @param aAlgorithmIdentifier The algorithm identifier object to be compared.
+ * @return ETrue, if this algorithm identifier object is equal to the specified
+ * algorithm identifier object; EFalse otherwise. */
+ IMPORT_C TBool operator == (const CAlgorithmIdentifier& aAlgorithmIdentifier) const;
+
+ /** Gets the algorithm identifier.
+ *
+ * @return The algorithm identifier. */
+ IMPORT_C TAlgorithmId Algorithm() const; //ID for the algorithm
+
+ /** Gets the encoded parameters for the algorithm identifier.
+ *
+ * Note that this object owns the heap descriptor that owns the encoded parameters.
+ *
+ * @return The encoded parameters. */
+ IMPORT_C TPtrC8 EncodedParams() const; //the encoded parameters
+
+ /** Destructor.
+ *
+ * Frees all resources owned by the object. */
+ IMPORT_C ~CAlgorithmIdentifier();
+
+protected:
+ /** Default constructor. */
+ IMPORT_C CAlgorithmIdentifier();
+
+ /** Constructor taking the specified parameters.
+ *
+ * @param aAlgorithmId The algorithm ID. */
+ IMPORT_C CAlgorithmIdentifier(TAlgorithmId& aAlgorithmId);
+
+ /** Second-phase constructor taking an existing algorithm identifier object.
+ *
+ * @param aAlgorithmIdentifier The algorithm identifier object. */
+ IMPORT_C virtual void ConstructL(const CAlgorithmIdentifier& aAlgorithmIdentifier);
+
+ /** Second-phase constructor taking encoded parameters.
+ *
+ * @param aEncodedParams The encoded parameters. */
+ IMPORT_C virtual void ConstructL(const TDesC8& aEncodedParams);
+
+ /** The algorithm ID. */
+ TAlgorithmId iAlgorithmId;
+
+ /** The encoded parameters for the algorithm ID. */
+ HBufC8* iEncodedParams;
+ };
+
+class CSigningAlgorithmIdentifier : public CBase
+/** Contains two CAlgorithmIdentifier objects for comparison purposes.
+*
+* Implements an equality operator.
+*
+* @since v6.0 */
+ {
+public:
+ /** Constructs a new Signing Algorithm Identifier object, copying an existing Signing
+ * Algorithm Identifier object.
+ *
+ * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object.
+ * @return The new Signing Algorithm Identifier object. */
+ IMPORT_C static CSigningAlgorithmIdentifier* NewL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
+
+ /** Constructs a new Signing Algorithm Identifier object, copying an existing Signing
+ * Algorithm Identifier object, and puts a pointer to it onto the cleanup stack.
+ *
+ * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object.
+ * @return The new Signing Algorithm Identifier object. */
+ IMPORT_C static CSigningAlgorithmIdentifier* NewLC(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
+
+ /** Tests whether the Signing Algorithm Identifier object is equal to the specified
+ * Signing Algorithm Identifier object.
+ *
+ * @param aSigningAlgorithmIdentifier The Signing Algorithm Identifier object to be compared.
+ * @return ETrue, if this object's Signing Algorithm Identifier value
+ * is equal to the specified Signing Algorithm Identifier
+ * object's value; EFalse, otherwise. */
+ IMPORT_C TBool operator == (const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier) const;
+
+ /** Gets the signature ID of the asymmetric algorithm.
+ *
+ * @return The signature ID of the asymmetric algorithm. */
+ IMPORT_C const CAlgorithmIdentifier& AsymmetricAlgorithm() const;
+
+ /** Gets the signature ID of the digest algorithm.
+ *
+ * @return The signature ID of the digest algorithm. */
+ IMPORT_C const CAlgorithmIdentifier& DigestAlgorithm() const;
+
+ /** Destructor.
+ *
+ * Frees all resources owned by the object, prior to its destruction. */
+ IMPORT_C ~CSigningAlgorithmIdentifier();
+
+protected:
+ /** Second-phase constructor.
+ * @internalAll
+ */
+ void ConstructL(const CSigningAlgorithmIdentifier& aSigningAlgorithmIdentifier);
+
+ /** The signature ID of the asymmetric algorithm. */
+ CAlgorithmIdentifier* iAsymmetricAlgorithm;
+
+ /** The signature ID of the digest algorithm. */
+ CAlgorithmIdentifier* iDigestAlgorithm;
+ };
+
+class CSubjectPublicKeyInfo : public CBase
+/** A base class for a container that holds information about a subject public key.
+*
+* It contains the algorithm ID, the encoded public key and the encoded parameters.
+*
+* @since v6.0
+*/
+//algorithm ID + encoded public key + encoded parameters
+ {
+public:
+ /** Creates a new subject public key object copied from an existing object.
+ *
+ * @param aSubjectPublicKeyInfo The subject public key object to be copied.
+ * @return A pointer to the new public key object. */
+ IMPORT_C static CSubjectPublicKeyInfo* NewL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
+
+ /** Creates a new subject public key object copied from an existing object and
+ * puts a pointer to the new object onto the cleanup stack.
+ *
+ * @param aSubjectPublicKeyInfo The subject public key object to be copied.
+ * @return A pointer to the new public key object. */
+ IMPORT_C static CSubjectPublicKeyInfo* NewLC(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
+
+ /** Gets the algorithm ID.
+ *
+ * @return The algorithm ID. */
+ IMPORT_C TAlgorithmId AlgorithmId() const;
+
+ /** Gets the encoded parameters required by the algorithm.
+ *
+ * @return A non-modifiable pointer descriptor representing the encoded parameters. */
+ IMPORT_C const TPtrC8 EncodedParams() const;
+
+ /** Gets the encoded public key data.
+ *
+ * @return A non-modifiable pointer descriptor representing the encoded public
+ * key data. */
+ IMPORT_C const TPtrC8 KeyData() const;
+
+ /** Destructor.
+ *
+ * Frees all resources owned by the object. */
+ IMPORT_C ~CSubjectPublicKeyInfo();
+protected:
+ /** Second-phase constructor.
+ *
+ * @param aSubjectPublicKeyInfo The subject public key object to be copied. */
+ IMPORT_C virtual void ConstructL(const CSubjectPublicKeyInfo& aSubjectPublicKeyInfo);
+
+ /** The algorithm ID. */
+ CAlgorithmIdentifier* iAlgId;
+
+ /** A heap descriptor representing the encoded key data. */
+ HBufC8* iEncodedKeyData;
+ };
+
+class CRSASignatureResult : public CBase
+/** The RSA public key algorithm signature result.
+*
+* Derived classes:
+* @li CWTLSRSASignatureResult
+* @li CPKCS1SignatureResult.
+*
+* @see TKeyFactory::RSASignatureResultL()
+*
+* @since v6.0 */
+ {
+public:
+ /** Tests whether the signature result is valid.
+ *
+ * @param aResult The signature result.
+ * @return ETrue if the signature result is valid, otherwise EFalse. */
+ IMPORT_C virtual TBool VerifyL(const TDesC8& aResult) = 0;
+
+ /** Destructor.
+ *
+ * Frees all resources owned by the object. */
+ IMPORT_C ~CRSASignatureResult();
+protected:
+ /** Compares this RSA Signature Result object with the specified RSA Signature
+ * Result object for equality.
+ *
+ * @param aResult The RSA Signature Result object to be compared.
+ * @return ETrue, if they are the same; EFalse, otherwise. */
+ IMPORT_C TBool operator == (const CRSASignatureResult& aResult) const;
+
+ /** The digest algorithm ID. */
+ CAlgorithmIdentifier* iDigestAlgorithm;
+
+ /** A heap descriptor representing the digest algorithm. */
+ HBufC8* iDigest;
+ };
+
+//signed object
+class TKeyFactory
+/** Constructs the public key objects used for signature verification from their
+* encoded binary form.
+*
+* @since v6.0 */
+ {
+public:
+ /** Gets the RSA public key.
+ *
+ * @param aEncoding A non-modifiable descriptor representing the entire encoding.
+ * @return The RSA Public key. */
+ virtual CRSAPublicKey* RSAPublicKeyL(const TDesC8& aEncoding) const = 0;
+
+ /** Gets the RSA signature result.
+ *
+ * @param aDigestAlgorithm The algorithm ID.
+ * @param aDigest A non-modifiable descriptor representing the digest algorithm.
+ * @return The RSA signature result. */
+ virtual CRSASignatureResult* RSASignatureResultL(const CAlgorithmIdentifier& aDigestAlgorithm, TDesC8& aDigest) const = 0;
+
+ /** Gets the DSA public key.
+ *
+ * @param aParams The DSA parameters
+ * @param aEncoding A non-modifiable descriptor representing the entire encoding.
+ * @return The DSA public key. */
+ virtual CDSAPublicKey* DSAPublicKeyL(const CDSAParameters& aParams, const TDesC8& aEncoding) const = 0;
+
+ /** Gets the digital DSA signature given an encoding key.
+ *
+ * @param aEncoding A non-modifiable descriptor representing the entire encoding.
+ * @return The DSA signature. */
+ virtual CDSASignature* DSASignatureL(const TDesC8& aEncoding) const = 0;
+
+ /** Gets the DSA parameters.
+ *
+ * @param aEncoding A non-modifiable descriptor representing the entire encoding.
+ * @return The DSA parameters. */
+ virtual CDSAParameters* DSAParametersL(const TDesC8& aEncoding) const = 0;
+ // New function for TKeyFactory API
+ virtual CDSAPublicKey* DSAPublicKeyL(const TDesC8& aParamsEncoding, const TDesC8& aEncoding) const = 0;
+ };
+
+class CSigningKeyParameters : public CBase
+/** Contains the parameter information required by some signing algorithms.
+*
+* The DSA signing algorithm needs parameters as well as a key. Currently, this
+* class only contains DSA parameters.
+*
+* @since v6.0 */
+ {
+public:
+ /** Creates a new signing key parameters object.
+ *
+ * @return A pointer to the new signing key parameters object. */
+ IMPORT_C static CSigningKeyParameters* NewL();
+
+ /** Creates a new signing key parameters object and puts a pointer to the new object
+ * onto the cleanup stack.
+ *
+ * @return A pointer to the new signing key parameters object. */
+ IMPORT_C static CSigningKeyParameters* NewLC();
+
+ /** Creates a new signing key parameters object copied from an existing object.
+ *
+ * @param aParameters The signing key parameters object to be copied.
+ * @return A pointer to the new parameters object. */
+ IMPORT_C static CSigningKeyParameters* NewL(const CSigningKeyParameters& aParameters);
+
+ /** Creates a new signing key parameters object copied from an existing object
+ * and puts a pointer to the new object onto the cleanup stack.
+ *
+ * @param aParameters The signing key parameters object to be copied.
+ * @return A pointer to the new signing key parameters object. */
+ IMPORT_C static CSigningKeyParameters* NewLC(const CSigningKeyParameters& aParameters);
+
+ /** Destructor.
+ *
+ * Frees all resources owned by the object. */
+ IMPORT_C ~CSigningKeyParameters();
+
+ /** Sets the DSA parameters.
+ *
+ * @param aParams The DSA parameters. */
+ IMPORT_C void SetDSAParamsL(const CDSAParameters& aParams);
+
+ /** Gets the DSA parameters.
+ *
+ * @return The DSA parameters.
+ * @internalAll
+ */
+ const CDSAParameters* DSAParams() const;
+private:
+ CSigningKeyParameters();
+ void ConstructL(const CSigningKeyParameters& aParameters);
+ CDSAParameters* iDSAParams;
+ };
+
+
+class CSignedObject : public CBase
+/** Base class for certificates.
+*
+* @since v6.0 */
+ {
+public:
+ /** Verifies a signature using the specified encoded key.
+ *
+ * @param aEncodedKey The encoded key.
+ * @return ETrue if the signature is valid, otherwise EFalse. */
+ IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey) const;
+
+ /** Verifies a signature using the specified encoded key and hash.
+ *
+ * @param aEncodedKey The encoded key.
+ * @param aHash The hash of the data to be validated.
+ * @return ETrue if the signature is valid, otherwise EFalse. */
+ IMPORT_C TBool VerifySignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
+
+ /** Gets the digital signature.
+ *
+ * @return A non-modifiable pointer descriptor representing the digital signature. */
+ IMPORT_C const TPtrC8 Signature() const;
+
+ /** Gets the signed data.
+ *
+ * @return A non-modifiable pointer descriptor representing the signed data. */
+ IMPORT_C virtual const TPtrC8 SignedDataL() const = 0;
+
+ /** Gets the fingerprint.
+ *
+ * The fingerprint returned is the SHA1 hash of the encoding of the entire object.
+ *
+ * @return A non-modifiable pointer descriptor representing the finger print. */
+ IMPORT_C const TPtrC8 Fingerprint() const;
+
+ /** Gets the entire encoding.
+ *
+ * @return A non-modifiable pointer descriptor representing the entire encoding. */
+ IMPORT_C const TPtrC8 Encoding() const;
+
+ /** Gets the signing algorithm ID used.
+ *
+ * @return The signing algorithm ID. */
+ IMPORT_C const CSigningAlgorithmIdentifier& SigningAlgorithm() const;
+
+ /** Externalises the encoding of the entire object to a write stream.
+ *
+ * The fingerprint and the signed data can be regenerated after restoration.
+ *
+ * The presence of this function means that the standard templated operator<<()
+ * can be used to externalise objects of this class.
+ *
+ * @param aStream Stream to which the object should be externalised. */
+ IMPORT_C virtual void ExternalizeL(RWriteStream& aStream) const;
+
+ /** Internalises the encoded object from a read stream.
+
+ * The class makes use of a specification-specific parser class for extracting
+ * the various elements, that is provided by a subclass of CSignedObject. For
+ * this reason this function is pure virtual.
+ *
+ * The presence of this function means that the standard templated operator>>()
+ * can be used to internalise objects of this class.
+ *
+ * @param aStream Stream from which the contents of the field should be internalised. */
+ IMPORT_C virtual void InternalizeL(RReadStream& aStream) = 0;
+
+ /** Sets the signing key parameters.
+ *
+ * @param aParameters The signing key parameters. */
+ IMPORT_C void SetParametersL(const CSigningKeyParameters& aParameters);
+
+ /** Gets the encoded data for the specified encoded data element, in the (to be
+ * signed) tbsCertificate data structure, of the signed object.
+ *
+ * @param aIndex The encoded data element position in the tbsCertificate data
+ * structure. See the enumeration: CX509Certificate::Anonymous.
+ * @return The encoded data for the specified data element of the signed object. */
+ IMPORT_C virtual const TPtrC8* DataElementEncoding(const TUint aIndex) const = 0;
+
+ /** Destructor.
+ *
+ * Frees all resources owned by the object. */
+ IMPORT_C ~CSignedObject();
+
+protected:
+ /** Verifies a RSA signature using the specified encoded key.
+ *
+ * @param aEncodedKey The encoded key.
+ * @return ETrue if the signature is valid, otherwise EFalse.
+ * @internalAll
+ */
+ TBool VerifyRSASignatureL(const TDesC8& aEncodedKey) const;
+
+ /** @internalAll */
+ TBool VerifyRSASignatureL(const TDesC8& aEncodedKey, const TDesC8& aHash) const;
+
+ /** A pointer to a key factory object. */
+ TKeyFactory* iKeyFactory;
+
+ /** A heap descriptor representing the entire encoding. */
+ HBufC8* iEncoding;
+
+ /** The digital signature. */
+ HBufC8* iSignature;
+
+ /** The fingerprint.
+ *
+ * The SHA1 hash of the encoding of the entire object. */
+ HBufC8* iFingerprint;
+
+ /** The signing key parameters */
+ CSigningKeyParameters* iParameters;
+
+ /** The signing algorithm ID. */
+ CSigningAlgorithmIdentifier* iSigningAlgorithm;
+ };
+
+class CCertificate : public CSignedObject
+/** A data structure that binds a public key to a given individual.
+*
+* A certificate is a signed object, and adds a serial number, a validity period
+* and a subject public key.
+*
+* This is a base class for classes that implement certificates of particular types.
+*
+* @since v6.0 */
+ {
+public:
+ /** Destructor.
+ *
+ * Frees all resources owned by the object. */
+ IMPORT_C ~CCertificate();
+
+ /** Gets the subject public key information.
+ *
+ * @return The subject public key information. */
+ IMPORT_C const CSubjectPublicKeyInfo& PublicKey() const;
+
+ /** Gets the serial number.
+ *
+ * @return A non-modifiable pointer descriptor representing the serial number. */
+ IMPORT_C const TPtrC8 SerialNumber() const;
+
+ /** Gets the validity period.
+ *
+ * @return The validity period. */
+ IMPORT_C const CValidityPeriod& ValidityPeriod() const;
+
+ /** Tests whether a certificate is self-signed.
+ *
+ * @return ETrue, if it is self-signed; EFalse, otherwise. */
+ IMPORT_C virtual TBool IsSelfSignedL() const = 0;
+
+ /** Gets the subject.
+ *
+ * @return A heap descriptor representing the subject. */
+ IMPORT_C virtual HBufC* SubjectL() const = 0;
+
+ /** Gets the issuer.
+ *
+ * @return A heap descriptor representing the issuer. */
+ IMPORT_C virtual HBufC* IssuerL() const = 0;
+
+ /** Gets the key identifier.
+ *
+ * @return The key identifier. */
+ IMPORT_C virtual TKeyIdentifier KeyIdentifierL() const;
+
+protected:
+ /** The serial number. */
+ HBufC8* iSerialNumber;
+
+ /** The validity period. */
+ CValidityPeriod* iValidityPeriod;
+
+ /** The subject public key information. */
+ CSubjectPublicKeyInfo* iSubjectPublicKeyInfo;
+ };
+
+#endif