»
Symbian OS v9.3 »
Symbian OS reference »
C++ component reference »
Security CERTMAN »
CPKIXCertChain
Location:
pkixcertchain.h
Link against: pkixcert.lib
class CPKIXCertChain : public CPKIXCertChainBase;
Description
This class implements a PKIX certificate chain.
Derivation
CPKIXCertChainBase - No description.
CPKIXCertChain - This class implements a PKIX certificate chain
Members
Defined in CPKIXCertChain:
AddCertL(), CancelValidate(), ChainHasRoot(), NewL(), NewL(), NewLC(), NewLC(), ValidateL(), ValidateL(), ~CPKIXCertChain()
Construction and destruction
static IMPORT_C CPKIXCertChain *NewL(RFs &aFs, const TPtrC8 &aEncodedCerts, const TUid aClient);
Description
Creates a certificate chain using the binary data in aEncodedCerts.
Parameters
RFs &aFs |
An open file server session.
|
const TPtrC8 &aEncodedCerts |
One or more concatenated DER encoded X.509 certificates. The first certificate will be interpreted as the end entity certificate
to be validated; subsequent certificates may be in any order and may be used by the chain as intermediate certificates, but
not root certificates. The individual certificates can be retrieved since each one contains its own length.
|
const TUid aClient |
The Uid identifying the purpose for which the chain will be used. This value will be used to select a subset of stored certificates,
by way of their trust settings, to be used as candidate root certificates.
|
|
Return value
static IMPORT_C CPKIXCertChain *NewLC(RFs &aFs, const TPtrC8 &aEncodedCerts, const TUid aClient);
Description
Creates a certificate chain using the binary data in aEncodedCerts, and puts a pointer to the new object onto the cleanup
stack.
Parameters
RFs &aFs |
An open file server session
|
const TPtrC8 &aEncodedCerts |
One or more concatenated DER encoded X.509 certificates. The first certificate will be interpreted as the end entity certificate
to be validated; subsequent certificates may be in any order and may be used by the chain as intermediate certificates, but
not root certificates. The individual certificates can be retrieved since each one contains its own length.
|
const TUid aClient |
The Uid identifying the purpose for which the chain will be used. This value will be used to select a subset of stored certificates,
by way of their trust settings, to be used as candidate root certificates.
|
|
Return value
static IMPORT_C CPKIXCertChain *NewL(RFs &aFs, const TPtrC8 &aEncodedCerts, const RPointerArray< CX509Certificate > &aRootCerts);
Description
Creates a certificate chain using the binary data in aEncodedCerts.
Parameters
RFs &aFs |
An open file server session.
|
const TPtrC8 &aEncodedCerts |
One or more concatenated DER encoded X.509 certificates. The first certificate will be interpreted as the end entity certificate
to be validated; subsequent certificates may be in any order and may be used by the chain as intermediate certificates, but
not root certificates. Any self signed certificates supplied here after the first one will be discarded, as self signed certificates
cannot by definition be intermediate certificates. The individual certificates can be retrieved since each one contains its
own length.
|
const RPointerArray< CX509Certificate > &aRootCerts |
An array of certificates which the chain will treat as candidate root certificates. If one of these overloads is used, the
chain will not look in stores for root certificates, but will only use the certificates supplied here.
|
|
Return value
static IMPORT_C CPKIXCertChain *NewLC(RFs &aFs, const TPtrC8 &aEncodedCerts, const RPointerArray< CX509Certificate > &aRootCerts);
Description
Creates a certificate chain using the binary data in aEncodedCerts and puts a pointer to the new object onto the cleanup stack.
Parameters
RFs &aFs |
An open file server session.
|
const TPtrC8 &aEncodedCerts |
One or more concatenated DER encoded X.509 certificates. The first certificate will be interpreted as the end entity certificate
to be validated; subsequent certificates may be in any order and may be used by the chain as intermediate certificates, but
not root certificates. Any self signed certificates supplied here after the first one will be discarded as self signed certificates
cannot by definition be intermediate certificates. The individual certificates can be retrieved since each one contains its
own length.
|
const RPointerArray< CX509Certificate > &aRootCerts |
An array of certificates which the chain will treat as candidate root certificates. If one of these overloads is used, the
chain will not look in stores for root certificates, but will only use the certificates supplied here.
|
|
Return value
IMPORT_C ~CPKIXCertChain();
Description
Destructor.
Frees all resources owned by the object.
IMPORT_C void ValidateL(CPKIXValidationResult &aValidationResult, const TTime &aValidationTime, TRequestStatus &aStatus);
Description
Validates the chain.
Parameters
CPKIXValidationResult &aValidationResult |
On completion, this contains the result of the validation.
|
const TTime &aValidationTime |
The time that should be presumed to be the current time when checking timestamps.
|
TRequestStatus &aStatus |
An asynchronous request status object.
|
|
IMPORT_C void ValidateL(CPKIXValidationResult &aValidationResult, const TTime &aValidationTime, const CArrayPtr< HBufC > &aInitialPolicies,
TRequestStatus &aStatus);
Description
Validates the chain.
Parameters
CPKIXValidationResult &aValidationResult |
On completion, this contains the result of the validation.
|
const TTime &aValidationTime |
The time that should be presumed to be the current time when checking timestamps.
|
const CArrayPtr< HBufC > &aInitialPolicies |
The policies we want to be present in the certificate chain.
|
TRequestStatus &aStatus |
An asynchronous request status object.
|
|
IMPORT_C void CancelValidate();
Description
Cancels an asynchronous ValidateL() operation.
IMPORT_C void AddCertL(const TPtrC8 &aEncodedCerts);
Description
Adds a certificate (if it is not self-signed) to the chain .
Parameters
const TPtrC8 &aEncodedCerts |
A DER encoded X.509 certificate.
|
|
IMPORT_C TBool ChainHasRoot() const;
Description
Tests whether the root certificate of the chain is locatable.
Note that the value is only significant after a successfull call to ValidateL().
Return value
TBool
|
ETrue if the chain has a root; EFalse, otherwise.
|
|
![[Index]](../../../../a_stock/btn_index_wt.gif){kind=small}
![[Spacer]](../../../../a_stock/btn_spacer.gif){kind=small}
![[Previous]](../../../../a_stock/btn_prev_wt.gif){kind=small}
![[Next]](../../../../a_stock/btn_next_wt.gif){kind=small}
![[Top]](../../../../a_stock/arrow_up_2.gif){kind=icon}
![[Previous]](../../../../a_stock/btn_prev.gif){kind=small}
![[Top]](../../../../a_stock/btn_top.gif)
![[Next]](../../../../a_stock/btn_next.gif){kind=small}