diff -r 000000000000 -r 2c201484c85f cryptoservices/certificateandkeymgmt/inc/x509keys.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/cryptoservices/certificateandkeymgmt/inc/x509keys.h Wed Jul 08 11:25:26 2009 +0100 @@ -0,0 +1,809 @@ +/* +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* X.509 key classes and utility classes for key encoding/decoding. +* +*/ + + + + +/** + @file + @internalTechnology +*/ + +#if !defined (__X509KEYS_H__) +#define __X509KEYS_H__ + +#include +#include +#include +#include +#include +#include +#include + +// Forward declarations +class CASN1EncBase; +class CASN1EncContainer; +class CASN1EncSequence; +class CASN1EncBitString; + +class CX509RSAPublicKey : public CRSAPublicKey +/** Adds the capability to decode DER-encoded RSA public keys. +* +* Adds a commitment to a specific encoding scheme allowing X.509 RSA public key +* superclasses to remain encoding-independent. +* +* @publishedAll +* @released +* +* @since v6.0 +*/ + { +public: + /** Creates a new RSA Public key object from the specified buffer containing the + * encoded binary representation. + * + * Initialises the object from its encoded binary form into an internal representation. + * + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509RSAPublicKey object. */ + IMPORT_C static CX509RSAPublicKey* NewL(const TDesC8& aBinaryData); + + /** Creates a new RSA Public Key object from the specified buffer containing the + * encoded binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509RSAPublicKey object. */ + IMPORT_C static CX509RSAPublicKey* NewLC(const TDesC8& aBinaryData); + + /** Creates a new RSA Public key object from the specified buffer containing the + * encoded binary representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return A pointer to the new CX509RSAPublicKey object. */ + IMPORT_C static CX509RSAPublicKey* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new RSA Public key object from the specified buffer containing the + * encoded binary representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return A pointer to the new CX509RSAPublicKey object. */ + IMPORT_C static CX509RSAPublicKey* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + CX509RSAPublicKey(); + }; + +class TASN1EncRSAPublicKey +/** + * Class for encoding RSA public keys to ASN.1 encoding. + * + * @publishedAll + * @released + * @since v8.0 + */ + { +public: + /** + * Encodes the supplied public key into buffer in DER format ASN.1: + * @code + * SEQUENCE-OF + * INTEGER modulus + * INTEGER exponent + * @endcode + * + * @param aKey Key to encode. + * @return Allocated buffer containing DER encoding of + * the supplied key aKey. + */ + IMPORT_C HBufC8* EncodeDERL(const CRSAPublicKey& aKey) const; + }; + +class TASN1DecRSAPublicKey +/** + * Class for decoding RSA public keys from ASN.1 DER encoding. + * + * @publishedAll + * @released + * @since v8.0 + */ + { +public: + /** + * Decodes an RSA key from the supplied buffer starting at the + * specified position. + * + * @param aDER Buffer containing DER ASN.1 encoding of the key. + * @param aPos Starting position in the buffer (updated on exit). + * @return A pointer to the new CRSAPublicKey object. + */ + IMPORT_C CRSAPublicKey* DecodeDERL(const TDesC8& aDER, TInt& aPos) const; + }; + +class TASN1DecRSAKeyPair +/** + * Class for decoding RSA key pairs from ASN.1 DER encoding. + * + * @publishedAll + * @released + * @since v8.0 + */ + { +public: + /** + * Decodes an RSA key pair from buffer containing ASN.1 + * DER-encoded private key. The encoding of a private key + * contains public key components as well. + * + * @param aDER DER-encoded private key. + * @param aPos Position in the buffer to start decoding + * (updated on exit). + * @param aPublicKey On return, the RSA public key object + * @param aPrivateKey On return, the RSA private key object + * @param aKeyType Key type, default is @c EStandardCRT + */ + IMPORT_C void DecodeDERL(const TDesC8& aDER, TInt& aPos, + CRSAPublicKey*& aPublicKey, + CRSAPrivateKey*& aPrivateKey, + TRSAPrivateKeyType aKeyType = EStandardCRT); + }; + +class CX509DSAPublicKey : public CDSAPublicKey +/** Encapsulates the X.509 DSA public key. +* +* Adds a commitment to a specific encoding scheme allowing superclasses to remain +* encoding-independent. +* +* @publishedAll +* @released +* @since v6.0 +*/ +// DSA public key, params, signature. + { +public: + /** Creates a new X.509 DSA public key object. + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DSAPublicKey object. */ + IMPORT_C static CX509DSAPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aBinaryData); + + /** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack. + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DSAPublicKey object. */ + IMPORT_C static CX509DSAPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aBinaryData); + + /** Creates a new X.509 DSA public key object. + * + * @param aParams The DSA parameters. + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DSAPublicKey object. */ + IMPORT_C static CX509DSAPublicKey* NewL(const CDSAParameters& aParams, const TDesC8& aBinaryData); + + /** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack. + * + * @param aParams The DSA parameters. + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DSAPublicKey object. */ + IMPORT_C static CX509DSAPublicKey* NewLC(const CDSAParameters& aParams, const TDesC8& aBinaryData); + + /** Creates a new X.509 DSA public key object. + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + * @return A pointer to the new CX509DSAPublicKey object. */ + IMPORT_C static CX509DSAPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aBinaryData,TInt& aPos); + + /** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack. + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + * @return A pointer to the new CX509DSAPublicKey object. */ + IMPORT_C static CX509DSAPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new X.509 DSA public key object. + * + * @param aParams The DSA parameters. + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + * @return A pointer to the new CX509DSAPublicKey object. */ + IMPORT_C static CX509DSAPublicKey* NewL(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new X.509 DSA public key object, and puts a pointer to it onto the cleanup stack. + * + * @param aParams The DSA parameters. + * @param aBinaryData The encoded binary representation. + * @param aPos The position from which to start decoding. + * @return A pointer to the new CX509DSAPublicKey object. */ + IMPORT_C static CX509DSAPublicKey* NewLC(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos); +public: + /** Gets the DSA parameters from the encoding key. + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @return The DSA parameters. */ + IMPORT_C static CDSAParameters* DSAParametersL(const TDesC8& aParamsData); +protected: + /** @internalComponent */ + void ConstructL(const TDesC8& aParamsData, const TDesC8& aBinaryData, TInt& aPos); + /** @internalComponent */ + void ConstructL(const CDSAParameters& aParams, const TDesC8& aBinaryData, TInt& aPos); + /** @internalComponent */ + CX509DSAPublicKey(); + }; + +class TASN1DecDSAKeyPair +/** + * Class for decoding DSA key pairs from ASN.1 DER encoding. + * + * @publishedAll + * @released + * @since v8.0 + */ + { +public: + /** + * Decodes a DSA key pair from a buffer containing an ASN.1 + * DER-encoded private key. + * + * The encoding of the private key contains public key components as well. + * + * The DER encoding has the following format: + * @verbatim + * SEQUENCE-OF + * INTEGER version (==0, ignored) + * INTEGER p (public prime) + * INTEGER q (160-bit public subprime, q | p-1) + * INTEGER g (public generator of subgroup) + * INTEGER x (private key) + * INTEGER y (public key y=g^x) + * @endverbatim + * + * @param aDER DER-encoded private key. + * @param aPos Position in the buffer to start decoding + * (updated on exit). + * @param aPublicKey On return, the DSA public key object + * @param aPrivateKey On return, the DSA private key object + */ + IMPORT_C void DecodeDERL(const TDesC8& aDER, TInt& aPos, + CDSAPublicKey*& aPublicKey, CDSAPrivateKey*& aPrivateKey); + }; + +/** + * Class for encoding DSA public keys to ASN.1 encoding. + * + * @publishedAll + * @released + * @since v8.0 + */ +class TASN1EncDSAPublicKey + { +public: + /** + * Encodes the supplied public key into a buffer in DER format. + * + * Note that the encoding has the following format: + * @code + * SEQUENCE-OF + * SEQUENCE-OF + * INTEGER p + * INTEGER q + * INTEGER g + * BIT STRING (encoded INTEGER public value) + * @endcode + * + * @param aKey Key to encode. + * @return Sequence containing public key information. + */ + IMPORT_C CASN1EncSequence* EncodeDERL(const CDSAPublicKey& aKey) const; + + /** + * Encodes DSA parameters into an ASN.1 encoding structure suitable for + * inclusion into other objects, like a PKCS#10 certificate request. + * + * Note that the encoding has the following form: + * @code + * SEQUENCE-OF + * INTEGER p + * INTEGER q + * INTEGER g + * @endcode + * + * @param aKey DSA public key. + * @return ASN.1 encoding structure on the cleanup stack. + */ + IMPORT_C CASN1EncSequence* EncodeParamsLC(const CDSAPublicKey& aKey) const; + + /** + * Encodes a public key as a bit string. + * + * @param aKey DSA public key. + * @return ASN.1 bit string (public key). This is left on the cleanup stack. + */ + + IMPORT_C CASN1EncBitString* EncodePublicValueLC(const CDSAPublicKey& aKey) const; + }; + +class CX509DSASignature : public CDSASignature +/** Encapsulates the X.509 DSA signature. +* +* Adds a commitment to a specific encoding scheme allowing superclasses to remain +* encoding-independent. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new DSA Signature object from the specified buffer containing the + * encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DSASignature object. */ + IMPORT_C static CX509DSASignature* NewL(const TDesC8& aBinaryData); + + /** Creates a new DSA Signature object from the specified buffer containing the + * encoded binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DSASignature object. */ + IMPORT_C static CX509DSASignature* NewLC(const TDesC8& aBinaryData); + + /** Creates a new DSA Signature object from the specified buffer containing the + * encoded binary representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return A pointer to the new CX509DSASignature object. */ + IMPORT_C static CX509DSASignature* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new DSA Signature object from the specified buffer containing the + * encoded binary representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return A pointer to the new CX509DSASignature object. */ + IMPORT_C static CX509DSASignature* NewLC(const TDesC8& aBinaryData, TInt& aPos); +private: + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + CX509DSASignature(); + }; + +class CX509DHPublicKey : public CDHPublicKey +/** Provides clients with the information they need for Diffie-Hellman key exchange +* within a protocol. +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new CX509DHPublicKey object from the specified buffer containing the encoded + * binary representation. + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @param aKeyData + * @return A pointer to the new CX509DHPublicKey object.*/ + IMPORT_C static CX509DHPublicKey* NewL(const TDesC8& aParamsData, const TDesC8& aKeyData); + + /** Creates a new CX509DHPublicKey object from the specified buffer containing the encoded + * binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @param aKeyData + * @return A pointer to the new CX509DHPublicKey object.*/ + IMPORT_C static CX509DHPublicKey* NewLC(const TDesC8& aParamsData, const TDesC8& aKeyData); +public: + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + IMPORT_C virtual ~CX509DHPublicKey(); +protected: + /** @internalComponent */ + CX509DHPublicKey(); + /** @internalComponent */ + void ConstructL(const TDesC8& aParamsData, const TDesC8& aKeyData); + }; + +class CX509DHKeyPair : public CDHKeyPair +/** This class represents the Diffie-Hellman Key Pair. +* +* @publishedAll +* @released +* @since v8.0 */ +{ +public: + /** Creates a new DH key pair object from the specified buffer containing + * the encoded binary representation . + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @return A pointer to the new CX509DHKeyPair object. + */ + IMPORT_C static CX509DHKeyPair* NewL(const TDesC8& aParamsData); + + /** Creates a new DH Key Pair object from the specified buffer containing the encoded binary + * representation, and puts a pointer to it onto the cleanup stack. + * + * @param aParamsData A non-modifiable descriptor representing the entire encoding. + * @return A pointer to the new CX509DHKeyPair object. + */ + IMPORT_C static CX509DHKeyPair* NewLC(const TDesC8& aParamsData); +public: + + /** Virtual Destructor. + * Frees all resources owned by the object, prior to its destruction. + * + */ + IMPORT_C virtual ~CX509DHKeyPair(); +protected: + /** @internalComponent */ + CX509DHKeyPair(); + /** @internalComponent */ + void ConstructL(const TDesC8& aParamsData); +}; + +class CX509DHValidationParams : public CBase +/** Validates Diffie-Hellman (DH) Domain parameters. +* +* Provides access to the DH Validation Parameters, which are used to determine +* if the DH Public Key has been generated in conformance with the algorithm +* specified in ESDH (see RFC 2631). +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new DH Validation parameters object from the specified buffer containing + * the encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DHValidationParams object. */ + IMPORT_C static CX509DHValidationParams* NewL(const TDesC8& aBinaryData); + + /** Creates a new DH Validation parameters object from the specified buffer containing + * the encoded binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DHValidationParams object. */ + IMPORT_C static CX509DHValidationParams* NewLC(const TDesC8& aBinaryData); + + /** Creates a new DH Validation parameters object from the specified buffer containing + * the encoded binary representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return A pointer to the new CX509DHValidationParams object. */ + IMPORT_C static CX509DHValidationParams* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new DH Validation parameters object from the specified buffer containing + * the encoded binary representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return A pointer to the new CX509DHValidationParams object. */ + IMPORT_C static CX509DHValidationParams* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Gets a DSA prime generation seed. + * + * @return The bit string parameter used as the seed. */ + IMPORT_C const TPtrC8 Seed() const; + + /** Gets the output from a DSA prime generation counter. + * + * @return The integer value output. */ + IMPORT_C const TInteger& PGenCounter() const; + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + virtual ~CX509DHValidationParams(); +protected: + /** @internalComponent */ + CX509DHValidationParams(); + /** @internalComponent */ + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + HBufC8* iSeed; + RInteger iPGenCounter; + }; + +class CX509DHDomainParams : public CBase +/** Encapsulates the compulsory Diffie-Hellman domain parameter values P and G +* (See RFC 2459). +* +* @publishedAll +* @released +* @since v6.0 */ + { +public: + /** Creates a new DH Domain parameters object from the specified buffer containing + * the encoded binary representation. + * + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DHDomainParams object. */ + IMPORT_C static CX509DHDomainParams* NewL(const TDesC8& aBinaryData); + + /** Creates a new DH Domain parameters object from the specified buffer containing + * the encoded binary representation, and puts a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @return A pointer to the new CX509DHDomainParams object. */ + IMPORT_C static CX509DHDomainParams* NewLC(const TDesC8& aBinaryData); + + /** Creates a new DH Domain parameters object from the specified buffer containing + * the encoded binary representation, starting at the specified offset. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return A pointer to the new CX509DHDomainParams object. */ + IMPORT_C static CX509DHDomainParams* NewL(const TDesC8& aBinaryData, TInt& aPos); + + /** Creates a new DH Domain parameters object from the specified buffer containing + * the encoded binary representation, starting at the specified offset, and puts + * a pointer to it onto the cleanup stack. + * + * @param aBinaryData The encoded binary representation. + * @param aPos The offset position from which to start decoding. + * @return A pointer to the new CX509DHDomainParams object. */ + IMPORT_C static CX509DHDomainParams* NewLC(const TDesC8& aBinaryData, TInt& aPos); + + /** Gets the compulsory parameter value P. + * + * @return The compulsory parameter value P. */ + IMPORT_C const TInteger& P() const; + + /** Gets the compulsory parameter value G. + * + * @return The compulsory parameter value G. */ + IMPORT_C const TInteger& G() const; + +//the next 3 members are optional, in which case NULL is returned +//the returned objects remain the property of this object + +//N.B. according to RFC 2459 the Q member is *not* optional, +//however it is not essential for doing DH, and empirical studies +//suggest it doesn't get included much, so I'm relaxing the spec here +//to permit DomainParams objects which contain no Q. + + /** Gets the optional value Q. + * + * @return The optional value Q. */ + IMPORT_C const TInteger& Q() const; + + /** Gets the optional value J. + * + * @return The optional value J. */ + IMPORT_C const TInteger& J() const; + + /** Gets the optional validation parameters. + * + * @return The optional validation parameters. */ + IMPORT_C const CX509DHValidationParams* ValidationParams() const; + + /** Destructor. + * + * Frees all resources owned by the object, prior to its destruction. */ + virtual ~CX509DHDomainParams(); +protected: + /** @internalComponent */ + CX509DHDomainParams(); + /** @internalComponent */ + void ConstructL(const TDesC8& aBinaryData, TInt& aPos); + RInteger iP; + RInteger iG; + RInteger iQ; + RInteger iJ; + CX509DHValidationParams* iValidationParams; + }; + +class TX509KeyEncoder +/** + * Abstract class that is the base class for RSA and DSA key encoder classes. + * These classes are used to encode the X509 ASN.1 types AlgorithmIdentifier and + * SubjectPublicKeyInfo. + * + * This class is part of the pkcs10 API, and will be changed or removed in a + * future release. You should not use it. + * + * @internalTechnology + */ + { +public: + /** + * Constructor that takes an algorithm identifier and saves it into the + * corresponding member variable. It is then used in the + * EncodeSignatureAlgorithm() function. + * + * @param aDigestAlg Digest algorithm to use. Currently the following + * algorithms are supported: MD2, MD5, and SHA-1. + */ + IMPORT_C TX509KeyEncoder(TAlgorithmId aDigestAlg); + + /** + * Produces the SubjectPublicKeyInfo encoding. + * + * The encoding has the following ASN.1 format: + * @code + * SubjectPublicKeyInfo {ALGORITHM : IOSet} ::= SEQUENCE { + * algorithm AlgorithmIdentifier {{IOSet}}, + * subjectPublicKey BIT STRING + * } + * @endcode + */ + IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const = 0; + + /** + * Produces the AlgorithmIdentifier encoding. + * + * @return ASN.1 sequence containing signature algorithm + */ + IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const = 0; + + /** + * Produces the DigestAlgorithmIdentifier encoder. + * + * The encoding has the following ASN.1 format + * @code + * DigestAlgorithmIdentifier ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * parameters ANY DEFINED BY algorithm OPTIONAL } + * + * AlgorithmIdentifier ::= OBJECT IDENTIFIER + * @endcode + * + * @return Appropriate ASN.1 sequence of type DigestAlgorithmIdentifier + */ + IMPORT_C virtual CASN1EncSequence* EncodeDigestAlgorithmLC() const; + +protected: + /** Digest algorithm to use. */ + TAlgorithmId iDigestAlg; + }; + +class TX509RSAKeyEncoder : public TX509KeyEncoder +/** + * Subclasses TC509KeyEncoder to provides key encoding capability for RSA public keys. + * + * This class is part of the pkcs10 API, and will be changed or removed in a + * future release. You should not use it. + * + * @internalTechnology + */ + { +public: + /** + * Constructs a RSA key pair encoder, saving reference to the passed + * key pair in the member variable. + * + * @param aPublicKey RSA public key to use for encoding. + * @param aDigestAlg Digest algorithm to use. + */ + IMPORT_C TX509RSAKeyEncoder(const CRSAPublicKey& aPublicKey, TAlgorithmId aDigestAlg); + + /** + * Produces the SubjectPublicKeyInfo encoding. + * + * The resulting encoding has the following form: + * @code + * SEQUENCE-OF + * SEQUENCE-OF + * OID of the encryption algorithm (KRSA) + * NULL + * BIT STRING encoded public key. + * @endcode + * + * @return DER-encoded public key information, placed on the cleanup stack. + */ + IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const; + + /** + * Produces the AlgorithmIdentifier encoding. + * + * This has the following form: + * @code + * SEQUENCE-OF + * OID signature-algorithm + * NULL + * @endcode + * + * @return ASN.1 sequence containing signature algorithm encoding, + * placed on the cleanup stack. + */ + IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const; + +private: + /** + * Saved reference to the RSA public key to be used for encoding. + */ + const CRSAPublicKey& iPublicKey; + }; + +class TX509DSAKeyEncoder : public TX509KeyEncoder +/** + * Provides key encoding and signing capability using a DSA public key. + * + * This class is part of the pkcs10 API, and will be changed or removed in a + * future release. You should not use it. + * + * @internalTechnology + */ + { +public: + /** + * Constructs a DSA key pair encoder, saving reference to the passed + * public key in the member variable. + * + * @param aKeyPublic DSA public key to use for encoding. + * @param aDigestAlg Digest algorithm to use. + */ + IMPORT_C TX509DSAKeyEncoder(const CDSAPublicKey& aKeyPublic, + TAlgorithmId aDigestAlg); + + /** + * Produces the SubjectPublicKeyInfo encoding. + * + * The ASN.1 encoding of a DSA key has the following form: + * @code + * SEQUENCE-OF + * SEQUENCE-OF + * OID dsa (1.2.840.10040.4.1) + * SEQUENCE-OF + * INTEGER p + * INTEGER q + * INTEGER g + * BIT STRING + * INTEGER public value (y) + * @endcode + * + * @return DER-encoded public key information, placed on the cleanup stack. + */ + IMPORT_C virtual CASN1EncBase* EncodeKeyLC() const; + + /** + * Produces the AlgorithmIdentifier encoding. + * + * This has the following form: + * @code + * SEQUENCE-OF + * OID dsa-signature-oid + * SEQUENCE-OF dsa-params + * INTEGER p + * INTEGER q + * INTEGER g + * @endcode + * + * @return ASN.1 sequence containing signature algorithm encoding, + * placed on the cleanup stack. + */ + IMPORT_C virtual CASN1EncSequence* EncodeSignatureAlgorithmLC() const; + +private: + /** + * Saved reference to the DSA public key to be used for encoding. + */ + const CDSAPublicKey& iPublicKey; + }; + +#endif