Move the Security package to EPL, and add the implementations of the cryptographic algorithms
/*
* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
* All rights reserved.
* This component and the accompanying materials are made available
* under the terms of the License "Eclipse Public License v1.0"
* which accompanies this distribution, and is available
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
*
* Initial Contributors:
* Nokia Corporation - initial contribution.
*
* Contributors:
*
* Description:
*
*/
/**
@file
@publishedPartner
@released
*/
#ifndef __PKCS12_BAGS_H__
#define __PKCS12_BAGS_H__
#include <asn1dec.h>
#include <signed.h>
#include <asnpkcs.h>
#include <pkcs12kdf.h>
#include <pkcs12safebag.h>
#include <pkcs12attribute.h>
#include <pkcs7contentinfo_v2.h>
#include <pkcs7encrypteddataobject.h>
namespace PKCS12
{
/** Object identifier for KeyBag */
_LIT(KPkcs12KeyBagOID, "1.2.840.113549.1.12.10.1.1");
/** Object identifier for ShroudedKeyBag */
_LIT(KPkcs12ShroudedKeyBagOID, "1.2.840.113549.1.12.10.1.2");
/** Object identifier for CertBag */
_LIT(KPkcs12CertBagOID, "1.2.840.113549.1.12.10.1.3");
/** Object identifier for CrlBag */
_LIT(KPkcs12CrlBagOID, "1.2.840.113549.1.12.10.1.4");
/** Object identifier for SecretBag */
_LIT(KPkcs12SecretBagOID, "1.2.840.113549.1.12.10.1.5");
/** Object identifier for SafeContentsBag */
_LIT(KPkcs12SafeContentsBagOID, "1.2.840.113549.1.12.10.1.6");
/** Object identifier for x509 certificate */
_LIT(KX509CertificateOID,"1.2.840.113549.1.9.22.1");
/**
This class decodes the KeyBag present in the SafeBag.
It has a method to get the PrivatKeyInfo
*/
class CDecPkcs12KeyBag : public CDecPkcs12SafeBag
{
public:
/**
Creates a new PKCS#12KeyBag object.
@param aSafeBagData Contains a PKCS#12 SafeBag Structure.
@return A pointer to the newly allocated object.
@leave KErrAgrument if the data is not a sequence or class tag name
is not Universal and if iPrivateKeyInfo is NULL.
*/
IMPORT_C static CDecPkcs12KeyBag* NewL(const TDesC8& aSafeBagData);
/**
The PrivateKey information present in the KeyBag.
The returned ASN1 sequence respects the following grammar:
PrivateKeyInfo ::= SEQUENCE {
version Version,
privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
privateKey PrivateKey,
attributes [0] IMPLICIT Attributes OPTIONAL }
Version ::= INTEGER
PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
PrivateKey ::= OCTET STRING
Attributes ::= SET OF Attribute
@return A pointer to a CDecPKCS8Data object. Ownership of memory is transferred
to the caller.
@see CDecPKCS8Data
*/
IMPORT_C CDecPKCS8Data* PrivateKeyInfoL() const;
/**
Destructor.
*/
virtual ~CDecPkcs12KeyBag();
private:
/**
Decodes the entire KeyBag structure.
@param aSafeBagData Contains a PKCS#12 SafeBag Structure.
@leave KErrAgrument if the data is not a sequence or class tag name
is not Universal and if iPrivateKeyInfo is NULL.
@see TASN1DecPKCS8
*/
void ConstructL(const TDesC8& aSafeBagData);
/**
Constructor.
*/
CDecPkcs12KeyBag();
/**
Copy Constructor.
@param aDecPkcs12keyBag A CDecPkcs12KeyBag object.
*/
CDecPkcs12KeyBag(const CDecPkcs12KeyBag& aDecPkcs12keyBag);
/**
Assignment operator.
@param aDecPkcs12keyBag A CDecPkcs12KeyBag object.
@return A CDecPkcs12KeyBag class.
*/
CDecPkcs12KeyBag& operator=(const CDecPkcs12KeyBag& aDecPkcs12keyBag);
};
/**
This class decodes the ShroudedKeyBag present in the SafeBag.
It has a method to get the PrivatKeyInfo
*/
class CDecPkcs12ShroudedKeyBag : public CDecPkcs12SafeBag
{
public:
/**
Creates a new PKCS#12KeyBag object.
@param aSafeBagData Contains a PKCS#12 shroudedKeyBag structure.
@return A pointer to the newly allocated object.
@leave KErrAgrument if the data is not safeBag structure.
*/
IMPORT_C static CDecPkcs12ShroudedKeyBag* NewL(const TDesC8& aSafeBagData);
/**
The PrivateKey Information present in the ShroudKeyBag.
Below is the ASN.1 sequence.
ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
AlgorithmIdentifier: A type that identifies an algorithm (by object identifier) and associated parameters
AlgorithmIdentifier ::= SEQUENCE
{
algorithm ALGORITHM.&id({SupportedAlgorithms}),
parameters ALGORITHM.&Type({SupportedAlgorithms}{@ algorithm}) OPTIONAL
}
@return A pointer to a CDecPKCS8Data object. Ownership is transferred to the caller.
@leave KErrAgrument if the data is not a sequence or class tag name
is not Universal.
@leave KErrNotSupported if otherthan PKCS12 pbeIds.
@leave KErrGeneral if the decryption of the final part length is less than 0.
@see TASN1DecPKCS5, CPBEncryptElement, PKCS12KDF, CPBDecryptor, CDecPKCS8Data.
*/
IMPORT_C CDecPKCS8Data* PrivateKeyInfoL(TDesC& aPassword) const;
/**
Destructor.
*/
virtual ~CDecPkcs12ShroudedKeyBag();
private:
/**
This decodes the entire KeyBag structure.
@param aSafeBagData Contains a PKCS#12 shroudedKeyBag Structure.
@leave KErrAgrument if the data is not a sequence or class tag name
is not Universal.
@see TASN1DecPKCS8
*/
void ConstructL(const TDesC8& aSafeBagData);
/**
Constructor.
*/
CDecPkcs12ShroudedKeyBag();
/**
Copy Constructor.
@param aDecPkcs12ShroudedKeyBag A CDecPkcs12ShroudedKeyBag object.
@return A CDecPkcs12ShroudedKeyBag class.
*/
CDecPkcs12ShroudedKeyBag(const CDecPkcs12ShroudedKeyBag& aDecPkcs12ShroudedKeyBag);
/**
Assignment operator.
@param aDecPkcs12ShroudedKeyBag A CDecPkcs12ShroudedKeyBag object.
*/
CDecPkcs12ShroudedKeyBag& operator=(const CDecPkcs12ShroudedKeyBag& aDecPkcs12ShroudedKeyBag);
};
/**
This class decodes the CertBag
It has methods to get the CertId and the CertValue present in the CertBag
The X509Certificate() method returns the x509 certificate
in case the CertId is x509
*/
class CDecPkcs12CertBag : public CDecPkcs12SafeBag
{
public:
/**
Creates a new PKCS#12CertBag object.
@param aCertBagData contains a PKCS#12 CertBag Structure.
@leave KErrArgument if the data is not a sequence or class tag name
is not Universal.
@leave KErrNotSupported if otherthan X509 certificate is present.
@return A pointer to the newly allocated object.
*/
IMPORT_C static CDecPkcs12CertBag* NewL(const TDesC8& aCertBagData);
/**
This method returns the OID present in the certId field of CertBag sequence.
@return Returns OID present in the certId feild of CertBag sequence
*/
IMPORT_C const TDesC& CertId() const;
/**
This method returns the DER encoded certValue present in the CertBag sequence.
@return The DER encoded certValue present in the CertBag sequence.
@see X509Certificate
*/
IMPORT_C const TDesC8& CertValue() const;
/**
This method returns the decoded x509 certificate.
@return Returns a pointer to a CX509Certificate object if the certificate of type
X509; otherwise, null is returned. Ownership of memory is transferred to the caller.
@see CertValue
*/
IMPORT_C CX509Certificate* X509CertificateL() const;
/**
Destructor.
*/
virtual ~CDecPkcs12CertBag();
private:
/**
This decodes the entire CertBag structure.
@param aCertBagData contains a PKCS#12 CertBag Structure.
@leave KErrArgument if the data is not a sequence or class tag name
is not Universal.
@see CDecPkcs12SafeBag, CX509Certificate.
*/
void ConstructL(const TDesC8& aCertBagData);
/**
Constructor.
*/
CDecPkcs12CertBag();
/**
Copy Constructor.
@param aDecPkcs12CertBag A CDecPkcs12CertBag object.
*/
CDecPkcs12CertBag(const CDecPkcs12CertBag& aDecPkcs12CertBag);
/**
Assignment operator.
@param aDecPkcs12CertBag A CDecPkcs12CertBag object.
@return A CDecPkcs12CertBag class.
*/
CDecPkcs12CertBag& operator=(const CDecPkcs12CertBag& aDecPkcs12CertBag);
private:
/** Contains Object identifier indicating the certificate type*/
HBufC* iCertId;
/** Contains the certificate which is encoded and is an OCTET String */
TPtrC8 iCertValue;
};
/**
Decodes the SafeContents bag present within a SafeBag and
returns an array of Safebags present within this SafeContents bag.
*/
class CDecPkcs12SafeContentsBag : public CDecPkcs12SafeBag
{
public:
/**
Creates a new PKCS#12SafeContentsBag object.
@param aSafeContentsBagData Contains a PKCS#12 SafeBag structure.
@return A pointer to the newly allocated object.
@leave KErrArgument if the data is not a sequence or class tag name
is not Universal.
*/
IMPORT_C static CDecPkcs12SafeContentsBag* NewL(const TDesC8& aSafeContentsBagData);
/**
The SafeContents Bag contains one or more Safe Bags in it.This
method returns the reference to all these SafeBags.
@return An array of SafeBags present within the SafeContentsBag
*/
IMPORT_C const RPointerArray<CDecPkcs12SafeBag>& SafeBags() const;
/**
Destructor.
*/
virtual ~CDecPkcs12SafeContentsBag();
private:
/**
This decodes the entire SafeContentsBag structure.
@param aSafeContentsBagData Contains a PKCS#12 SafeBag structure.
@leave KErrArgument if the data is not a sequence or class tag name
is not Universal.
@see CDecPkcs12SafeBag
*/
void ConstructL(const TDesC8& aSafeContentsBagData);
/**
Constructor.
*/
CDecPkcs12SafeContentsBag();
/**
Copy Constructor.
@param aDecPkcs12SafeContentsBag A CDecPkcs12SafeContentsBag object.
*/
CDecPkcs12SafeContentsBag(const CDecPkcs12SafeContentsBag& aDecPkcs12SafeContentsBag);
/**
Assignment operator.
@param aDecPkcs12SafeContentsBag A CDecPkcs12SafeContentsBag object.
@return A reference to CDecPkcs12SafeContentsBag class.
*/
CDecPkcs12SafeContentsBag& operator=(const CDecPkcs12SafeContentsBag& aDecPkcs12SafeContentsBag);
private:
/** Contains an array of SafeBags present within the SafeContents Bag */
RPointerArray<CDecPkcs12SafeBag> iSafeBags;
};
class CDecPkcs12SafeContents : public CBase
{
public:
/**
Creates a new CDecPkcs12SafeContents object for plain Data.
@param aSafeContentsBagData Contains a PKCS#7 ContentInfo Structure.
@return A pointer to the newly allocated object.
@leave KErrArgument if the data is not a sequence or class tag name
is not Universal.
*/
IMPORT_C static CDecPkcs12SafeContents* NewL(const CPKCS7ContentInfo& aSafeContentsBagData);
/**
Creates a new CDecPkcs12SafeContents object for Encrypted Data.
@param aSafeContentsBagData Contains a PKCS#7 ContentInfo Structure.
@param aPassword aPassword is the password used for decryption.
@return A pointer to the newly allocated object.
@leave KErrArgument if the data is not a sequence or class tag name
is not Universal.
*/
IMPORT_C static CDecPkcs12SafeContents* NewL(const CPKCS7ContentInfo& aSafeContentsBagData, const TDesC& aPassword);
/**
Creates a new CDecPkcs12SafeContents object for Enveloped Data.
The class doesn't support the public key privacy mode if the
ContentInfo contains an EnvelopedData object.Client should decrypt
the Envelope Data. A recipient opens the envelope by decrypting the
one of the encrypted content-encryption keys with the recipient's
private key and decrypts the encrypted content with the recovered
content-encryption key and pass the plain data.
@param aSafeContentsBagData Contains a PKCS#7 ContentInfo Structure ContentData.
@return A pointer to the newly allocated object.
@leave KErrArgument if the data is not a sequence or class tag name
is not Universal.
*/
IMPORT_C static CDecPkcs12SafeContents* NewL(const TDesC8& aSafeContentsBagData);
/**
The method returns the plain data.
@return A pointer to descriptor containing decrypted data.
Returns NULL pointer if the decrypted data is not present.
*/
IMPORT_C const TDesC8* DecryptedData() const;
/**
The method returns array of safebags objects.
@return A pointer to array of safeBag objects.
*/
IMPORT_C const RPointerArray<CDecPkcs12SafeBag>& SafeContentsBags() const;
/**
Destructor.
*/
virtual ~CDecPkcs12SafeContents();
private:
/**
These objects represents the SafeBag Sequences present in the
SafeContents Bag Sequence.
@param aSafeContent Contains data to decode the bags.
@leave KErrArgument if the aSafeContent is not a Sequence and class tag is not Universal.
@leave KErrNotSupported if any bag otherthan keyBag, shroudedKeyBag,CertBag,CRLBag,SecretBag
and SafeContentBag.
@see CDecPkcs12SafeBag
*/
void ConstructL(const TDesC8& aSafeContent);
/**
This method decrypts the encrypted information.
@param aContentInfo Contains a PKCS#7 ContentInfo Structure.
@param aPassword is the password used for decryption.
*/
void DecodeEncryptedDataL(const CPKCS7ContentInfo& aContentInfo, const TDesC& aPassword);
/**
Constructor.
*/
CDecPkcs12SafeContents();
/**
Copy Constructor.
@param aDecPkcs12SafeContents A CDecPkcs12SafeContents object.
*/
CDecPkcs12SafeContents(const CDecPkcs12SafeContents& aDecPkcs12SafeContents);
/**
Assignment operator.
@param aDecPkcs12SafeContents A CDecPkcs12SafeContents object.
@return A reference to CDecPkcs12SafeContents class.
*/
CDecPkcs12SafeContents& operator=(const CDecPkcs12SafeContents& aDecPkcs12SafeContents);
private:
/** Contains an array of SafeBags objects */
RPointerArray<CDecPkcs12SafeBag> iSafeBags;
/** Contains plain data */
HBufC8* iDecryptedData;
};
} // namespace PKCS12
#endif // __PKCS12BAGS_H__