diff -r 000000000000 -r 2c201484c85f cryptoservices/certificateandkeymgmt/inc/x509CertExt_v2.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/cryptoservices/certificateandkeymgmt/inc/x509CertExt_v2.h Wed Jul 08 11:25:26 2009 +0100 @@ -0,0 +1,1488 @@ +/* +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* X509CERTEXT.H +* X509 extensions v2 +* Common specific extensions: +* 1) basic constraints +* 2) alt name +* 3) key usage +* 4) name constraints +* 5) policy constraints +* 6) policies +* 7) policy mapping +* 8) authority key ID +* 9) subject key ID +* 10) extended key usage +* 11) authority information access +* critical extension +* 12) inhibit-any policy +* +*/ + + + + +/** + @file + @internalAll + @released +*/ + +#if !defined (__X509CERTEXT_H__) +#define __X509CERTEXT_H__ + +#include +#include +#include + + +class RReadStream; +class RWriteStream; + +/** X509 Extension OIDs +* +* @publishedAll +* @released +* @since v9.5 */ + +//OIDS for the extensions we define here... +_LIT(KBasicConstraints,"2.5.29.19"); +_LIT(KSubjectAltName,"2.5.29.17"); +_LIT(KIssuerAltName,"2.5.29.18"); +_LIT(KKeyUsage,"2.5.29.15"); +_LIT(KNameConstraints,"2.5.29.30"); +_LIT(KPolicyConstraints,"2.5.29.36"); +_LIT(KCertPolicies,"2.5.29.32"); +_LIT(KPolicyMapping,"2.5.29.33"); +_LIT(KAuthorityKeyId,"2.5.29.35"); +_LIT(KSubjectKeyId,"2.5.29.14"); +_LIT(KExtendedKeyUsage,"2.5.29.37"); +_LIT(KAuthorityInfoAccess, "1.3.6.1.5.5.7.1.1"); +_LIT(KInhibitAnyPolicy, "2.5.29.54"); + +// OIDs for access methods +_LIT(KAccessMethodOCSP, "1.3.6.1.5.5.7.48.1"); + +//deprecated OIDs we might still encounter +_LIT(KOldBasicConstraints,"2.5.29.10"); +_LIT(KOldBasicConstraints2,"2.5.29.13"); +_LIT(KOldSubjectAltName,"2.5.29.7"); +_LIT(KOldIssuerAltName,"2.5.29.8"); +_LIT(KOldNameConstraints,"2.5.29.11"); +_LIT(KOldPolicyConstraints,"2.5.29.2"); +_LIT(KOldPolicyConstraints2,"2.5.29.34"); +_LIT(KOldCertPolicies,"2.5.29.3"); +_LIT(KOldPolicyMapping,"2.5.29.5"); +_LIT(KOldAuthorityKeyId,"2.5.29.1"); + +// Define OIDs for Symbian certificate constraints. +_LIT(KDeviceIdListConstraint,"1.2.826.0.1.1796587.1.1.1.1"); +_LIT(KSidListConstraint,"1.2.826.0.1.1796587.1.1.1.4"); +_LIT(KVidListConstraint,"1.2.826.0.1.1796587.1.1.1.5"); +_LIT(KCapabilitiesConstraint,"1.2.826.0.1.1796587.1.1.1.6"); + +//1) basic constraints... + +class CX509ExtensionBase : public CBase +/** A certificate extension base class. +* +* @publishedAll +* @released +* @since v6.0 */ + { +protected: + /** Second-phase constructor. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. */ + virtual void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + + /** Implementation for second-phase construction. + * + * This is called by ConstructL(). + * + * @param aBinaryData The encoded binary representation. This is the same as + * passed to ConstructL(). + * @param aPos The position from which to start decoding. Note that the value + * passed points, in effect, to the content, by passing the header data. */ + virtual void DoConstructL(const TDesC8& aBinaryData, TInt& aPos) = 0; + }; + +class CX509BasicConstraintsExt : public CX509ExtensionBase +/** An X.509 certificate extension that defines basic constraints. +* +* It indicates whether the certificate belongs to a Certificate Authority or +* an end Entity. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509BasicConstraintsExt object from the specified + * buffer containing the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509BasicConstraintsExt object. */ + IMPORT_C static CX509BasicConstraintsExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509BasicConstraintsExt object from the specified + * buffer containing the binary coded representation, and puts a pointer to it + * onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509BasicConstraintsExt object. */ + IMPORT_C static CX509BasicConstraintsExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509BasicConstraintsExt object from the specified + * buffer containing the binary coded representation, starting at the specified + * offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509BasicConstraintsExt object. */ + IMPORT_C static CX509BasicConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509BasicConstraintsExt object from the specified + * buffer containing the binary coded representation, starting at the specified + * offset, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509BasicConstraintsExt object. */ + IMPORT_C static CX509BasicConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + virtual ~CX509BasicConstraintsExt(); + + /** Tests whether the certificate belongs to a Certificate Authority. + * + * @return ETrue, if the certificate belongs to a Certificate Authority; + * EFalse, otherwise. */ + IMPORT_C TBool IsCA() const; + + /** Gets the maximum number of certificates that can follow this one in the chain. + * + * @return The number of certificates. */ + IMPORT_C TInt MaxChainLength() const;//0 if not set +private: + CX509BasicConstraintsExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + TBool iIsCA; + TInt iMaxChainLen; + }; + +//2) alt name + +class CX509AltNameExt : public CX509ExtensionBase +/** An X.509 certificate extension that defines an alternate name. +* +* It appears as an Issuer Alt Name extension or a Subject Alt Name extension +* and is used to contain extra identifying information that will not fit into +* a Distinguished Name. +* +* It consists of an array of X.509 General Names. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509AltNameExt object from the specified + * buffer containing the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509AltNameExt object. */ + IMPORT_C static CX509AltNameExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509AltNameExt object from the specified + * buffer containing the binary coded representation, and puts a pointer to it + * onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509AltNameExt object. */ + IMPORT_C static CX509AltNameExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509AltNameExt object from the specified + * buffer containing the binary coded representation, starting at the specified + * offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509AltNameExt object. */ + IMPORT_C static CX509AltNameExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509AltNameExt object from the specified + * buffer containing the binary coded representation, starting at the specified + * offset, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509AltNameExt object. */ + IMPORT_C static CX509AltNameExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + virtual ~CX509AltNameExt(); + + /** Gets a reference to the array of general names that forms the alternate name + * extension. + * + * @return The array of general names. */ + IMPORT_C const CArrayPtrFlat& AltName() const; + + /** Checks whether the corressponding elements of two equally sized arrays of X.509 general names + * match. + * + * @param aExt An X.509 certificate extension object that defines an alternate name. + * @return TRUE if all the elements in the arrays match. + */ + IMPORT_C TBool Match(const CX509AltNameExt& aExt) const; +private: + CX509AltNameExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + CArrayPtrFlat* iAuthorityName; + }; + +//3) key usage + +class CX509BitString : public CBase +/** An X.509 bit string. +* +* @internalTechnology +* @released +* @since v6.0 */ + { +public: + /** Destructor. + * + * Frees all resources owned by the object. */ + ~CX509BitString(); + + /** Tests whether the specified bit is set. + * + * @param aBit The offset of the bit to be tested. This is a value relative to + * zero. Any value greater than or equal to the length of the bit + * string will always cause EFalse to be returned. + * @return ETrue, if the bit is set; EFalse, otherwise. */ + TBool IsSet(TInt aBit) const; + + /** Creates the X.509 bit string. + * + * @param aData A heap descriptor representing the bit string data. + * @param aEffectiveLength The number of bits in the string. */ + CX509BitString(HBufC8* aData, TInt aEffectiveLength); +private: + HBufC8* iData; + TInt iLength; + }; + +/** A list of values that defines what an X.509 key can be used for. +* These values can be ANDed together if a key has several usages. +* +* @internalTechnology +* @since v7.0 */ +enum TX509KeyUsage + { + /** A digital signature. */ + EX509DigitalSignature, + /** Non repudiation. */ + EX509NonRepudiation, + /** Key encipherment. */ + EX509KeyEncipherment, + /** Data encipherment. */ + EX509DataEncipherment, + /** Key agreement. */ + EX509KeyAgreement, + /** Key certificate sign. */ + EX509KeyCertSign, + /** CRL sign. */ + EX509CRLSign, + /** Encipher only. */ + EX509EncipherOnly, + /** Decipher only. */ + EX509DecipherOnly + }; + +class CX509KeyUsageExt : public CX509ExtensionBase +/** An X.509 certificate extension that defines the uses to which a key may be put. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509KeyUsageExt object from the specified buffer + * containing the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509KeyUsageExt object. */ + IMPORT_C static CX509KeyUsageExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509KeyUsageExt object from the specified buffer + * containing the binary coded representation, and puts a pointer to it onto + * the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509KeyUsageExt object. */ + IMPORT_C static CX509KeyUsageExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509KeyUsageExt object from the specified buffer + * containing the binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509KeyUsageExt object. */ + IMPORT_C static CX509KeyUsageExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509KeyUsageExt object from the specified buffer + * containing the binary coded representation, starting at the specified offset, + * and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509KeyUsageExt object. */ + IMPORT_C static CX509KeyUsageExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + virtual ~CX509KeyUsageExt(); + + /** Tests whether a particular usage is set in the extension. + * + * @internalTechnology + * @param aUsage The usage. + * @return ETrue, if the specific usage is set in the extension; EFalse, otherwise. */ + IMPORT_C TBool IsSet(TX509KeyUsage aUsage) const; +private: + CX509KeyUsageExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + CX509BitString* iData; + }; + +//4) name constraints + +class CX509GeneralSubtree : public CBase +/** Provides access to the general name and the min/max lengths of the subtree. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** + * @internalComponent + * + * Creates a new CX509GeneralSubtree object from the specified buffer containing + * the encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509GeneralSubtree object. + **/ + static CX509GeneralSubtree* NewL(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509GeneralSubtree object from the specified buffer containing + * the encoded binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509GeneralSubtree object. + **/ + static CX509GeneralSubtree* NewLC(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509GeneralSubtree object from the specified buffer containing + * the encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + * @return The new CX509GeneralSubtree object. + **/ + static CX509GeneralSubtree* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** + * @internalComponent + * + * Creates a new CX509GeneralSubtree object from the specified buffer containing + * the encoded binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + * @return The new CX509GeneralSubtree object. + **/ + static CX509GeneralSubtree* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object. */ + virtual ~CX509GeneralSubtree(); + + /** Gets the general name. + * + * @return The general name. */ + IMPORT_C const CX509GeneralName& Name() const; + + /** Gets the minimum distance of the CX509GeneralSubtree object. + * + * @return The minimum distance of the CX509GeneralSubtree object. */ + IMPORT_C TInt MinDistance() const; + + /** Gets the maximum distance of the CX509GeneralSubtree object. + * + * @return The maximum distance of the CX509GeneralSubtree object. */ + IMPORT_C TInt MaxDistance() const; +private: + CX509GeneralSubtree(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + CX509GeneralName* iName; + TInt iMaxDist; + TInt iMinDist; + }; + +class CX509NameConstraintsExt : public CX509ExtensionBase +/** An X.509 certificate extension that defines constraints on an entity's name. +* +* This extension allows Certification Authorities to restrict or prevent the issuing +* of certificates to entities whose names lie within a defined name space. +* +* @publishedAll +* @released */ + { +public: + /** Creates a new CX509NameConstraintsExt object from the specified + * buffer containing the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509NameConstraintsExt object. */ + IMPORT_C static CX509NameConstraintsExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509NameConstraintsExt object from the specified + * buffer containing the binary coded representation, and puts a pointer to it + * onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509NameConstraintsExt object. */ + IMPORT_C static CX509NameConstraintsExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509NameConstraintsExt object from the specified + * buffer containing the binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509NameConstraintsExt object. */ + IMPORT_C static CX509NameConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509NameConstraintsExt object from the specified + * buffer containing the binary coded representation, starting at the specified + * offset, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509NameConstraintsExt object. */ + IMPORT_C static CX509NameConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + IMPORT_C ~CX509NameConstraintsExt(); + + /** Gets a reference to the array of exclusion subtree names. + * + * No certificates after this one may contain names within the subtrees specified. + * + * @return The excluded subtrees. */ + IMPORT_C const CArrayPtrFlat& ExcludedSubtrees() const; + + /** Gets a reference to the array of permitted subtree names. + * + * All certificates after this one must contain names within the subtrees specified. + * + * @return The permitted subtrees. */ + IMPORT_C const CArrayPtrFlat& PermittedSubtrees() const; +private: + CX509NameConstraintsExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + void AddSubtreesL(CArrayPtrFlat& aSubtrees, const TDesC8& aBinaryData); + CArrayPtrFlat* iExcludedSubtrees; + CArrayPtrFlat* iPermittedSubtrees; + }; + +//5) policy constraints + +class TX509PolicyConstraint +/** Defines whether a policy constraint applies. +* +* Objects of this type are used by the X.509 certificate extension that constrains +* the use of policies. +* +* An object of this type encapsulates two pieces of information: +* @li whether a specific policy applies to subsequent certificates +* @li if a specific policy applies, the number of certificates that can follow the +* current one before the policy constraint applies. +* +* Enables a CA to constrain the use of policies in two ways: they can enforce +* the appearance of explicit certificate policies in subsequent certificates, +* and prevent policy mapping from being performed. +* +* @publishedAll +* @released +*/ + { +public: + /** + * @internalComponent + * + * Constructs a TX509PolicyConstraint definition object with the specified requirement + * and countdown values. + * + * @param aRequired The policy requirement. Set to ETrue, if the policy constraint + * applies; set to EFalse, otherwise. + * @param aCountdown The countdown value. This is the number of certificates that + * can follow the current one before the constraint applies. + * This only has meaning if the policy constraint applies. + **/ + TX509PolicyConstraint(TBool aRequired, TInt aCountdown); + + /** + * @internalComponent + * + * Default constructor. + * + * Sets policy requirement to EFalse and iRequired to EFalse and the iCountdown + * to zero. + **/ + TX509PolicyConstraint(); + + /** The policy requirement. + * + * This has the value ETrue, if the policy constraint applies; EFalse otherwise. */ + TBool iRequired; + + /** The count down value. + * + * Defines the number of certificates that can follow the current one before + * the policy constraint applies. This has no meaning if the policy constraint + * does not apply. */ + TInt iCountdown; + }; + +class CX509PolicyConstraintsExt : public CX509ExtensionBase +/** Enables a Certification Authority to constrain the use of policies in two ways: +* @li to enforce the appearance of explicit certificate policies in subsequent certificates +* @li to prevent policy mapping from being performed. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509PolicyConstraintsExt object from the specified buffer + * containing the encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509PolicyConstraintsExt object. */ + IMPORT_C static CX509PolicyConstraintsExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new Policy constraints extension object from the specified buffer + * containing the encoded binary representation, and puts a pointer to it onto + * the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509PolicyConstraintsExt object. */ + IMPORT_C static CX509PolicyConstraintsExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509PolicyConstraintsExt object from the specified buffer + * containing the encoded binary representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509PolicyConstraintsExt object. */ + IMPORT_C static CX509PolicyConstraintsExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509PolicyConstraintsExt object from the specified buffer + * containing the encoded binary representation, and puts a pointer to it onto + * the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509PolicyConstraintsExt object. */ + IMPORT_C static CX509PolicyConstraintsExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + IMPORT_C ~CX509PolicyConstraintsExt(); + + /** Gets the explicit policy constraint. + * + * @return The explicit policy constraint. */ + IMPORT_C TX509PolicyConstraint ExplicitPolicyRequired() const; + + /** Gets the inhibiting policy mapping. + * + * @return The inhibiting policy mapping. */ + IMPORT_C TX509PolicyConstraint InhibitPolicyMapping() const; +private: + CX509PolicyConstraintsExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + TX509PolicyConstraint iRequirePolicy; + TX509PolicyConstraint iInhibitPolicyMapping; + }; + +//6) policies + +class CX509PolicyQualifierInfo : public CBase +/** Gets X.509 policy qualifier information. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** + * @internalComponent + * + * Creates a new CX509PolicyQualifierInfo object from the specified + * buffer containing the encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509PolicyQualifierInfo object. + **/ + static CX509PolicyQualifierInfo* NewL(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509PolicyQualifierInfo object from the specified + * buffer containing the encoded binary representation, and puts a pointer to + * it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509PolicyQualifierInfo object. + **/ + static CX509PolicyQualifierInfo* NewLC(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509PolicyQualifierInfo object from the specified + * buffer containing the encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + * @return The new CX509PolicyQualifierInfo object. + **/ + static CX509PolicyQualifierInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** + * @internalComponent + * + * Creates a new CX509PolicyQualifierInfo object from the specified + * buffer containing the encoded binary representation, and puts a pointer to + * it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + * @return The new CX509PolicyQualifierInfo object. + **/ + static CX509PolicyQualifierInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** + * @internalComponent + * + * Creates a new CX509PolicyQualifierInfo object from an existing X.509 + * Policy Qualifier Information object. + * + * @param aQualifierInfo The CX509PolicyQualifierInfo object to be copied. + * @return The new CX509PolicyQualifierInfo object. + **/ + static CX509PolicyQualifierInfo* NewL(const CX509PolicyQualifierInfo& aQualifierInfo); + + /** + * @internalComponent + * + * Creates a new CX509PolicyQualifierInfo object from an existing X.509 + * Policy Qualifier Information object, and puts a pointer to it onto the cleanup stack. + * + * @param aQualifierInfo The CX509PolicyQualifierInfo object to be copied. + * @return The new CX509PolicyQualifierInfo object. + **/ + static CX509PolicyQualifierInfo* NewLC(const CX509PolicyQualifierInfo& aQualifierInfo); + + /** + * @internalComponent + * + * Creates a new CX509PolicyQualifierInfo object from a stream. + * + * @return The new CX509PolicyQualifierInfo object. + **/ + static CX509PolicyQualifierInfo* NewL(RReadStream& aStream); + + /** + * @internalComponent + * + * Creates a new CX509PolicyQualifierInfo object from a stream, and puts a pointer to it onto + * the cleanup stack. + * + * @return The new CX509PolicyQualifierInfo object. + **/ + static CX509PolicyQualifierInfo* NewLC(RReadStream& aStream); + + /** The destructor. + * + * Frees all resources owned by the object. */ + virtual ~CX509PolicyQualifierInfo(); + + /** Gets the policy qualifier Id. + * + * @return A non-modifiable pointer descriptor representing the policy qualifier Id. */ + IMPORT_C TPtrC Id() const; + + /** Gets the policy qualifier data. + * + * @return A non-modifiable pointer descriptor representing the policy qualifier data. */ + IMPORT_C TPtrC8 Data() const; + + // Internalization/Externalization + // Externalize. Writes the data out to a stream + /** + * @internalComponent + * + * Externalises an object of this class to a write stream. + * + * The presence of this function means that the standard templated operator<<() + * can be used to externalise objects of this class. + * + * @param aStream Stream to which the object should be externalised. + **/ + void ExternalizeL(RWriteStream& aStream) const; + + // Internalize. Reads the data from a stream + /** + * @internalComponent + * + * Internalises an object of this class from a read stream. + * + * The presence of this function means that the standard templated operator>>() + * can be used to internalise objects of this class. + * + * Note that this function has assignment semantics: it replaces the old value + * of the object with a new value read from the read stream. + * + * @param aStream Stream from which the object should be internalised. + **/ + void InternalizeL(RReadStream& aStream); + +private: + CX509PolicyQualifierInfo(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + void ConstructL(const CX509PolicyQualifierInfo& aQualifier); + void ConstructL(RReadStream& aStream); + HBufC* iPolicyQualifierId; + HBufC8* iData; //opaque (this is another any-defined-by, so could be anything) + }; + +class CX509CertPolicyInfo : public CBase +/** Defines a specific policy followed by a Certification Authority. +* +* The policy under which a certificate has been issued may contain a number +* of these specific policies. +* +* @see CX509CertPoliciesExt +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** + * @internalComponent + * + * Creates a new CX509CertPolicyInfo object from the specified buffer containing the + * binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509CertPolicyInfo object. + **/ + static CX509CertPolicyInfo* NewL(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509CertPolicyInfo object from the specified buffer containing the + * binary coded representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509CertPolicyInfo object. + **/ + static CX509CertPolicyInfo* NewLC(const TDesC8& aBinaryData); + + /** + * @internalComponent + * Creates a new CX509CertPolicyInfo object from the specified buffer containing the + * binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509CertPolicyInfo object. + **/ + static CX509CertPolicyInfo* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** + * @internalComponent + * + * Creates a new CX509CertPolicyInfo object from the specified buffer containing the + * binary coded representation, starting at the specified offset, and puts a + * pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509CertPolicyInfo object. + **/ + static CX509CertPolicyInfo* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509CertPolicyInfo object from an existing object. + * + * This is equivalent to a copy constructor. + * + * @param aPolicy The CX509CertPolicyInfo object to be copied. + * @return The new CX509CertPolicyInfo object. */ + IMPORT_C static CX509CertPolicyInfo* NewL(const CX509CertPolicyInfo& aPolicy); + + /** Creates a new CX509CertPolicyInfo object from an existing object, and puts a pointer + * to it onto the cleanup stack. + * + * This is equivalent to a copy constructor. + * + * @param aPolicy The CX509CertPolicyInfo object to be copied. + * @return The new CX509CertPolicyInfo object. */ + IMPORT_C static CX509CertPolicyInfo* NewLC(const CX509CertPolicyInfo& aPolicy); + + /** Creates a new CX509CertPolicyInfo object from a stream. + * + * @return The new CX509CertPolicyInfo object. */ + IMPORT_C static CX509CertPolicyInfo* NewL(RReadStream& aStream); + + /** Creates a new CX509CertPolicyInfo object from a stream, and puts a pointer to it onto + * the cleanup stack. + * + * @return The new CX509CertPolicyInfo object. */ + IMPORT_C static CX509CertPolicyInfo* NewLC(RReadStream& aStream); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + virtual ~CX509CertPolicyInfo(); + + /** Gets a reference to the array of policy qualifers. + * + * @return The array of policy qualifiers. */ + IMPORT_C const CArrayPtrFlat& Qualifiers() const; + + /** Gets the specific policy's Object Identifier (OID). + * + * @return A pointer descriptor representing the specific policy's OID. */ + IMPORT_C TPtrC Id() const; + + + // Internalization/Externalization + // Externalize. Writes the data out to a stream + /** Externalises an object of this class to a write stream. + * + * The presence of this function means that the standard templated operator<<() + * can be used to externalise objects of this class. + * + * @param aStream Stream to which the object should be externalised. */ + IMPORT_C void ExternalizeL(RWriteStream& aStream) const; + + // Internalize. Reads the data from a stream + /** Internalises an object of this class from a read stream. + * + * The presence of this function means that the standard templated operator>>() + * can be used to internalise objects of this class. + * + * Note that this function has assignment semantics: it replaces the old value + * of the object with a new value read from the read stream. + * + * @param aStream Stream from which the object should be internalised. */ + IMPORT_C void InternalizeL(RReadStream& aStream); + + +private: + CX509CertPolicyInfo(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + void ConstructL(const CX509CertPolicyInfo& aInfo); + void ConstructL(RReadStream& aStream); + HBufC* iCertPolicyId;//OID for this policy + CArrayPtrFlat* iQualifiers; + }; + +class CX509CertPoliciesExt : public CX509ExtensionBase +/** The policy under which this certificate has been issued. +* +* Contains further information on a client's signature. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509CertPoliciesExt object from the specified buffer + * containing the encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @return The CX509CertPoliciesExt object. */ + IMPORT_C static CX509CertPoliciesExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509CertPoliciesExt object from the specified buffer + * containing the encoded binary representation, and puts a pointer to it onto + * the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The CX509CertPoliciesExt object. */ + IMPORT_C static CX509CertPoliciesExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509CertPoliciesExt object from the specified buffer + * containing the encoded binary representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The CX509CertPoliciesExt object. */ + IMPORT_C static CX509CertPoliciesExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509CertPoliciesExt object from the specified buffer + * containing the encoded binary representation, and puts a pointer to it onto + * the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The CX509CertPoliciesExt object. */ + IMPORT_C static CX509CertPoliciesExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object. */ + virtual ~CX509CertPoliciesExt(); + + /** Gets the certificate policy extension information. + * + * @return The certificate policy extension information. */ + IMPORT_C const CArrayPtrFlat& Policies() const; +private: + CX509CertPoliciesExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + CArrayPtrFlat* iPolicies; + }; + +//7) policy mapping + +class CX509PolicyMapping : public CBase +/** A set of policy mappings. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** + * @internalComponent + * + * Creates a new CX509PolicyMapping object from the specified buffer containing + * the encoded binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + **/ + static CX509PolicyMapping* NewL(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509PolicyMapping object from the specified buffer containing + * the encoded binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + **/ + static CX509PolicyMapping* NewLC(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509PolicyMapping object from the specified buffer containing + * the encoded binary representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + **/ + static CX509PolicyMapping* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** + * @internalComponent + * + * Creates a new CX509PolicyMapping object from the specified buffer containing + * the encoded binary representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + **/ + static CX509PolicyMapping* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509PolicyMapping object copied from an existing one. + * + * @param aMapping The CX509PolicyMapping object to be copied. */ + IMPORT_C static CX509PolicyMapping* NewL(const CX509PolicyMapping& aMapping); + + /** Creates a new CX509PolicyMapping object copied from an existing one, and + * puts a pointer to the object onto the cleanup stack. + * + * @param aMapping The CX509PolicyMapping object to be copied. */ + IMPORT_C static CX509PolicyMapping* NewLC(const CX509PolicyMapping& aMapping); + + /** The destructor. + * + * Frees all resources owned by the object. */ + virtual ~CX509PolicyMapping(); + + /** Gets the issuer policy. + * + * @return The issuer policy. */ + IMPORT_C TPtrC IssuerPolicy() const; + + /** Gets the subject policy. + * + * @return The subject policy. */ + IMPORT_C TPtrC SubjectPolicy() const; +private: + CX509PolicyMapping(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + void ConstructL(const CX509PolicyMapping& aMapping); + HBufC* iIssuerPolicy; + HBufC* iSubjectPolicy; + }; + +class CX509PolicyMappingExt : public CX509ExtensionBase +/** An X.509 certificate extension that contains a set of policy mappings. +* +* A policy mapping allows a Certification Authority to declare that two certificate +* policies are equivalent. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509PolicyMappingExt object from the specified buffer containing + * the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509PolicyMappingExt object. */ + IMPORT_C static CX509PolicyMappingExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509PolicyMappingExt object from the specified buffer containing + * the binary coded representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509PolicyMappingExt object. */ + IMPORT_C static CX509PolicyMappingExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509PolicyMappingExt object from the specified buffer containing + * the binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509PolicyMappingExt object. */ + IMPORT_C static CX509PolicyMappingExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509PolicyMappingExt object from the specified buffer containing + * the binary coded representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509PolicyMappingExt object. */ + IMPORT_C static CX509PolicyMappingExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + virtual ~CX509PolicyMappingExt(); + + /** Gets a reference to the array of policy mappings. + * + * @return The array of policy mappings. */ + IMPORT_C const CArrayPtrFlat& Mappings() const; +private: + CX509PolicyMappingExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + CArrayPtrFlat* iPolicies; + }; + +//8) authority key ID + +class CX509AuthorityKeyIdExt : public CX509ExtensionBase +/** An X.509 certificate extension that provides a way to find the public key corresponding +* to the private key used to sign the certificate. +* +* This is referred to as the authority key ID extension. +* +* The key may be identified by the issuer's name and the issuing certificate's +* serial number, or by a key identifier value either derived from the public +* key or by some method of generating unique IDs. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing + * the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509AuthorityKeyIdExt object. */ + IMPORT_C static CX509AuthorityKeyIdExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing + * the binary coded representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509AuthorityKeyIdExt object. */ + IMPORT_C static CX509AuthorityKeyIdExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing + * the binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509AuthorityKeyIdExt object. */ + IMPORT_C static CX509AuthorityKeyIdExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509AuthorityKeyIdExt object from the specified buffer containing + * the binary coded representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509AuthorityKeyIdExt object. */ + IMPORT_C static CX509AuthorityKeyIdExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + virtual ~CX509AuthorityKeyIdExt(); + + /** Gets the authority name. + * + * @return The authority name. */ + IMPORT_C const CArrayPtrFlat& AuthorityName() const; + + /** Gets the authority certificate serial number. + * + * @return A pointer descriptor representing the authority certificate serial number. */ + IMPORT_C TPtrC8 AuthorityCertSerialNumber() const; + + /** Gets the key identifier value. + * + * @return A pointer descriptor representing the key identifier value. */ + IMPORT_C TPtrC8 KeyId() const; +private: + CX509AuthorityKeyIdExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + void DecodeNameL(const TDesC8& aBinaryData); + void DecodeSerialNoL(const TDesC8& aBinaryData); + void DecodeKeyIdL(const TDesC8& aBinaryData); + CArrayPtrFlat* iAuthorityName; + HBufC8* iAuthorityCertSerialNumber; + HBufC8* iKeyIdentifier; + }; + +//9) subject key ID + +class CX509SubjectKeyIdExt : public CX509ExtensionBase +/** An X.509 certificate extension that provides a way of identifying certificates +* that contain a specific public key. +* +* This is referred to as the subject key ID extension. +* +* It consists of a key identifier value either derived from the public key or +* by some method of generating unique IDs. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing + * the binary coded representation. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509SubjectKeyIdExt object. */ + IMPORT_C static CX509SubjectKeyIdExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing + * the binary coded representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509SubjectKeyIdExt object. */ + IMPORT_C static CX509SubjectKeyIdExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing + * the binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509SubjectKeyIdExt object. */ + IMPORT_C static CX509SubjectKeyIdExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509SubjectKeyIdExt object from the specified buffer containing + * the binary coded representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509SubjectKeyIdExt object. */ + IMPORT_C static CX509SubjectKeyIdExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + IMPORT_C ~CX509SubjectKeyIdExt(); + + /** Gets the key ID. + * + * @return A pointer descriptor representing the key ID. */ + IMPORT_C TPtrC8 KeyId() const; +private: + CX509SubjectKeyIdExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + HBufC8* iKeyIdentifier; + }; + +//10) extended key usage + +class CX509ExtendedKeyUsageExt : public CX509ExtensionBase +/** An X.509 certificate extension that defines the extra uses to which a key may be put. +* +* This is referred to as the extended key usage extension. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer + * containing the binary coded representation. + * + * @param aBinaryData The encoded binary data. + * @return The new CX509ExtendedKeyUsageExt object. */ + IMPORT_C static CX509ExtendedKeyUsageExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer + * containing the binary coded representation, and puts a pointer to it onto + * the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509ExtendedKeyUsageExt object. */ + IMPORT_C static CX509ExtendedKeyUsageExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer + * containing the binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509ExtendedKeyUsageExt object. */ + IMPORT_C static CX509ExtendedKeyUsageExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509ExtendedKeyUsageExt object from the specified buffer + * containing the binary coded representation, starting at the specified offset, + * and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509ExtendedKeyUsageExt object. */ + IMPORT_C static CX509ExtendedKeyUsageExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + IMPORT_C ~CX509ExtendedKeyUsageExt(); + + /** Gets the sequence of Object Ids (OID) that identify the key usages. + * + * The sequence is held in a set of heap descriptors. + * + * @return A reference to the array of pointers to the heap descriptors that + * contain the OIDs. */ + IMPORT_C const CArrayPtrFlat& KeyUsages() const; +private: + CX509ExtendedKeyUsageExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + CArrayPtrFlat* iKeyUsages; + }; + +//11) authority information access + +class CX509AccessDescription : public CBase +/** This class provides the access method OID and access location as used by X.509 private internet extensions + * (authority information access). + * + * @publishedAll + * @released + */ + { +public: + + /** + * @internalComponent + * + * Creates a new CX509AccessDescription object from the specified buffer + * containing the binary coded representation. + * + * @param aBinaryData The encoded binary data. + * @return The new CX509AccessDescription object. + **/ + static CX509AccessDescription* NewL(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509AccessDescription object from the specified buffer + * containing the binary coded representation, and puts a pointer to it onto + * the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509AccessDescription object. + **/ + static CX509AccessDescription* NewLC(const TDesC8& aBinaryData); + + /** + * @internalComponent + * + * Creates a new CX509AuthInfoAccessExt object from the specified buffer + * containing the binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509AuthInfoAccessExt object. + **/ + static CX509AccessDescription* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** + * @internalComponent + * + * Creates a new CX509AccessDescription object from the specified buffer + * containing the binary coded representation, starting at the specified offset, + * and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509AccessDescription object. + **/ + static CX509AccessDescription* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. Frees all resources owned by the object, prior to its destruction. + */ + virtual ~CX509AccessDescription(); + + /** Gets the Access Method OID. + * + * @return A non modifiable pointer descriptor to point to the access method OID. + */ + IMPORT_C TPtrC Method() const; + + /** Gets the Access Location field which specifies the location where the additional + * information of the CA can be obtained. + * + * @return A reference to access location . + */ + IMPORT_C const CX509GeneralName& Location() const; +private: + CX509AccessDescription(); + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + HBufC* iMethodId; + CX509GeneralName* iLocation; + }; + +class CX509AuthInfoAccessExt : public CX509ExtensionBase +/** An X.509 certificate extension that defines the authority information access. + * + * + * @publishedAll + * @released + */ + + { +public: + + /** Creates a new CX509AuthInfoAccessExt object from the specified buffer + * containing the binary coded representation. + * + * @param aBinaryData The encoded binary data. + * @return The new CX509AuthInfoAccessExt object. + */ + IMPORT_C static CX509AuthInfoAccessExt* NewL(const TDesC8& aBinaryData); + + /** Creates a new CX509AuthInfoAccessExt object from the specified buffer + * containing the binary coded representation, and puts a pointer to it onto + * the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return The new CX509AuthInfoAccessExt object. + */ + IMPORT_C static CX509AuthInfoAccessExt* NewLC(const TDesC8& aBinaryData); + + /** Creates a new CX509AuthInfoAccessExt object from the specified buffer + * containing the binary coded representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509AuthInfoAccessExt object. + */ + IMPORT_C static CX509AuthInfoAccessExt* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new CX509AuthInfoAccessExt object from the specified buffer + * containing the binary coded representation, starting at the specified offset, + * and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return The new CX509AuthInfoAccessExt object. + */ + IMPORT_C static CX509AuthInfoAccessExt* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Destructor. Frees all resources owned by the object, prior to its destruction. + */ + IMPORT_C ~CX509AuthInfoAccessExt(); + + /** Gets the authority access description containing the method and location of additional information of CA , + * who issued the certificate in which this extension appears. + * + * @return A reference to the array of pointers to the authority access descriptions. + */ + IMPORT_C const CArrayPtrFlat& AccessDescriptions() const; +private: + CX509AuthInfoAccessExt(); + void DoConstructL(const TDesC8& aBinaryData, TInt& aPos); + CArrayPtrFlat* iAccessDescs; + }; + +#endif