CPKIXCertChainAO Class Reference

class CPKIXCertChainAO : public CActive

This class handles the asynchronous part of the pkix chain validation. It is an active object which handles the asynchronous certificate store operations.

Inherits from

Public Member Functions
~CPKIXCertChainAO()
voidCancelValidate()
voidDoCancel()
CPKIXCertChainAO *NewL(MCertStore &, CPKIXCertChainBase &, const RPointerArray< CX509Certificate > &)
CPKIXCertChainAO *NewL(MCertStore &, CPKIXCertChainBase &, const TUid)
TInt RunError(TInt)
voidRunL()
voidValidateL(CPKIXValidationResultBase &, const TTime &, const CArrayPtr< HBufC > *, TRequestStatus &)
Private Member Functions
CPKIXCertChainAO(MCertStore &, CPKIXCertChainBase &)
CPKIXCertChainAO(MCertStore &, CPKIXCertChainBase &, const TUid)
voidCheckCriticalExtsL(CPKIXValidationState &, CPKIXValidationResultBase &)
voidCheckSignatureAndNameL(const CX509Certificate &, CPKIXValidationState &, CPKIXValidationResultBase &)
voidConstructL(const RPointerArray< CX509Certificate > &)
voidCriticalExtsL(CPKIXValidationState &, const CX509Certificate &)
voidDoValidateL(CPKIXValidationResultBase &, const TTime &, const CArrayPtr< HBufC > *)
voidHandleEAddCandidateIntermediateCertsEndL()
voidHandleEAddRootsL()
voidHandleEBuildChainAddCandidateEndL()
voidHandleEBuildChainCertsFromStoreBeginL()
voidHandleEBuildChainCertsFromStoreEndL()
voidHandleEBuildChainStartL()
voidHandleERootsInitializedL()
voidHandleEStoreManagerInitializationL()
voidHandleEStoreManagerInitializedL()
voidHandleEValidateEndL()
voidInitParamsL()
voidProcessCertsL(CPKIXValidationState &, CPKIXValidationResultBase &)
voidSetParamsL(CX509Certificate &, const TPtrC8 &)
Inherited Functions
CActive::CActive(TInt)
CActive::Cancel()
CActive::Deque()
CActive::Extension_(TUint,TAny *&,TAny *)
CActive::IsActive()const
CActive::IsAdded()const
CActive::Priority()const
CActive::SetActive()
CActive::SetPriority(TInt)
CActive::~CActive()
CBase::CBase()
CBase::Delete(CBase *)
CBase::operator new(TUint)
CBase::operator new(TUint,TAny *)
CBase::operator new(TUint,TLeave)
CBase::operator new(TUint,TLeave,TUint)
CBase::operator new(TUint,TUint)
CBase::~CBase()
Private Member Enumerations
enumTState {
EAddRoots, ERootsInitialized, EBuildChainStart, EBuildChainAddCandidateEnd, EBuildChainCertsFromStoreBegin, EBuildChainCertsFromStoreEnd, EAddCandidateIntermediateCertsEnd, EValidateEnd
}
Inherited Enumerations
CActive:TPriority
Private Attributes
TBool iAddIssuerResult
CPKIXChainBuilder *iBuilder
MCertStore *iCertStore
CPKIXCertsFromStore *iCertsFromStoreRoots
TUid iClient
const CArrayPtr< HBufC > *iInitialPolicies
TInt iNumberOfAddedCertificates
TRequestStatus *iOriginalRequestStatus
CPKIXCertChainBase &iPKIXCertChain
CPKIXChainBuilder *iRoots
TState iState
CPKIXValidationResultBase *iValidationResult
TTime iValidationTime
Inherited Attributes
CActive::iStatus

Constructor & Destructor Documentation

CPKIXCertChainAO(MCertStore &, CPKIXCertChainBase &)

CPKIXCertChainAO(MCertStore &aCertStore,
CPKIXCertChainBase &aPKIXCertChain
)[private]

Parameters

MCertStore & aCertStore
CPKIXCertChainBase & aPKIXCertChain

CPKIXCertChainAO(MCertStore &, CPKIXCertChainBase &, const TUid)

CPKIXCertChainAO(MCertStore &aCertStore,
CPKIXCertChainBase &aPKIXCertChain,
const TUidaClient
)[private]

Parameters

MCertStore & aCertStore
CPKIXCertChainBase & aPKIXCertChain
const TUid aClient

~CPKIXCertChainAO()

~CPKIXCertChainAO()[virtual]

Member Functions Documentation

CancelValidate()

voidCancelValidate()

CheckCriticalExtsL(CPKIXValidationState &, CPKIXValidationResultBase &)

voidCheckCriticalExtsL(CPKIXValidationState &aState,
CPKIXValidationResultBase &aResult
)const [private]

Parameters

CPKIXValidationState & aState
CPKIXValidationResultBase & aResult

CheckSignatureAndNameL(const CX509Certificate &, CPKIXValidationState &, CPKIXValidationResultBase &)

voidCheckSignatureAndNameL(const CX509Certificate &aCert,
CPKIXValidationState &aState,
CPKIXValidationResultBase &aResult
)const [private]

Parameters

const CX509Certificate & aCert
CPKIXValidationState & aState
CPKIXValidationResultBase & aResult

ConstructL(const RPointerArray< CX509Certificate > &)

voidConstructL(const RPointerArray< CX509Certificate > &aRootCerts)[private]

Parameters

const RPointerArray< CX509Certificate > & aRootCerts

CriticalExtsL(CPKIXValidationState &, const CX509Certificate &)

voidCriticalExtsL(CPKIXValidationState &aState,
const CX509Certificate &aCert
)const [private]

Parameters

CPKIXValidationState & aState
const CX509Certificate & aCert

DoCancel()

voidDoCancel()[virtual]

Implements cancellation of an outstanding request.

This function is called as part of the active object's Cancel().

It must call the appropriate cancel function offered by the active object's asynchronous service provider. The asynchronous service provider's cancel is expected to act immediately.

DoCancel() must not wait for event completion; this is handled by Cancel().

CActive::Cancel

DoValidateL(CPKIXValidationResultBase &, const TTime &, const CArrayPtr< HBufC > *)

voidDoValidateL(CPKIXValidationResultBase &aValidationResult,
const TTime &aValidationTime,
const CArrayPtr< HBufC > *aInitialPolicies
)[private]

Parameters

CPKIXValidationResultBase & aValidationResult
const TTime & aValidationTime
const CArrayPtr< HBufC > * aInitialPolicies

HandleEAddCandidateIntermediateCertsEndL()

voidHandleEAddCandidateIntermediateCertsEndL()[private]

HandleEAddRootsL()

voidHandleEAddRootsL()[private]

Creates a list of all the certificates retrieved from the store based on the filter passed.

HandleEBuildChainAddCandidateEndL()

voidHandleEBuildChainAddCandidateEndL()[private]

HandleEBuildChainCertsFromStoreBeginL()

voidHandleEBuildChainCertsFromStoreBeginL()[private]

HandleEBuildChainCertsFromStoreEndL()

voidHandleEBuildChainCertsFromStoreEndL()[private]

HandleEBuildChainStartL()

voidHandleEBuildChainStartL()[private]

HandleERootsInitializedL()

voidHandleERootsInitializedL()[private]

Adds the list of certificates retrieved from the store, iRoots (CPKIXChainBuilder) maintains a templatized list of all the certificates in MPKIXCertSource format.

HandleEStoreManagerInitializationL()

voidHandleEStoreManagerInitializationL()[private]

HandleEStoreManagerInitializedL()

voidHandleEStoreManagerInitializedL()[private]

HandleEValidateEndL()

voidHandleEValidateEndL()[private]

InitParamsL()

voidInitParamsL()[private]

NewL(MCertStore &, CPKIXCertChainBase &, const RPointerArray< CX509Certificate > &)

CPKIXCertChainAO *NewL(MCertStore &aCertStore,
CPKIXCertChainBase &aPKIXCertChain,
const RPointerArray< CX509Certificate > &aRootCerts
)[static]

Parameters

MCertStore & aCertStore
CPKIXCertChainBase & aPKIXCertChain
const RPointerArray< CX509Certificate > & aRootCerts

NewL(MCertStore &, CPKIXCertChainBase &, const TUid)

CPKIXCertChainAO *NewL(MCertStore &aCertStore,
CPKIXCertChainBase &aPKIXCertChain,
const TUidaClient
)[static]

Parameters

MCertStore & aCertStore
CPKIXCertChainBase & aPKIXCertChain
const TUid aClient

ProcessCertsL(CPKIXValidationState &, CPKIXValidationResultBase &)

voidProcessCertsL(CPKIXValidationState &aState,
CPKIXValidationResultBase &aResult
)const [private]

Parameters

CPKIXValidationState & aState
CPKIXValidationResultBase & aResult

RunError(TInt)

TInt RunError(TIntaError)[virtual]

Parameters

TInt aError

RunL()

voidRunL()[virtual]

Handles an active object's request completion event.

A derived class must provide an implementation to handle the completed request. If appropriate, it may issue another request.

The function is called by the active scheduler when a request completion event occurs, i.e. after the active scheduler's WaitForAnyRequest() function completes.

Before calling this active object's RunL() function, the active scheduler has:

1. decided that this is the highest priority active object with a completed request

2. marked this active object's request as complete (i.e. the request is no longer outstanding)

RunL() runs under a trap harness in the active scheduler. If it leaves, then the active scheduler calls RunError() to handle the leave.

Note that once the active scheduler's Start() function has been called, all user code is run under one of the program's active object's RunL() or RunError() functions.

CActiveScheduler::Start CActiveScheduler::Error CActiveScheduler::WaitForAnyRequest TRAPD

SetParamsL(CX509Certificate &, const TPtrC8 &)

voidSetParamsL(CX509Certificate &aCert,
const TPtrC8 &aEncodedParams
)[private]

Parameters

CX509Certificate & aCert
const TPtrC8 & aEncodedParams

ValidateL(CPKIXValidationResultBase &, const TTime &, const CArrayPtr< HBufC > *, TRequestStatus &)

voidValidateL(CPKIXValidationResultBase &aValidationResult,
const TTime &aValidationTime,
const CArrayPtr< HBufC > *aInitialPolicies,
TRequestStatus &aStatus
)

Parameters

CPKIXValidationResultBase & aValidationResult
const TTime & aValidationTime
const CArrayPtr< HBufC > * aInitialPolicies
TRequestStatus & aStatus

Member Enumerations Documentation

Enum TState

The states used to know what to do in the RunL function.

Enumerators

EAddRoots
ERootsInitialized
EBuildChainStart
EBuildChainAddCandidateEnd
EBuildChainCertsFromStoreBegin
EBuildChainCertsFromStoreEnd
EAddCandidateIntermediateCertsEnd
EValidateEnd

Member Data Documentation

TBool iAddIssuerResult

TBool iAddIssuerResult[private]

CPKIXChainBuilder * iBuilder

CPKIXChainBuilder *iBuilder[private]

MCertStore * iCertStore

MCertStore *iCertStore[private]

CPKIXCertsFromStore * iCertsFromStoreRoots

CPKIXCertsFromStore *iCertsFromStoreRoots[private]

Ownership of this object is peculiar.

We need this to be a member because it is created and initialized in the EAddRoots handler but is only added to iRoots in the ERootsInitialized handler. iRoots takes ownesrhip of it, so it is set to 0 afterwards.

The only case where the destructor will have to delete it, is when a leave occurs between the EAddRoots and ERootsInitialized states.

TUid iClient

TUid iClient[private]

const CArrayPtr< HBufC > * iInitialPolicies

const CArrayPtr< HBufC > *iInitialPolicies[private]

To store the parameters passed to CPKIXCertChainBase::Validate

TInt iNumberOfAddedCertificates

TInt iNumberOfAddedCertificates[private]

TRequestStatus * iOriginalRequestStatus

TRequestStatus *iOriginalRequestStatus[private]

CPKIXCertChainBase & iPKIXCertChain

CPKIXCertChainBase &iPKIXCertChain[private]

CPKIXChainBuilder * iRoots

CPKIXChainBuilder *iRoots[private]
The roots that we trust. This can be given
  • explicitly : the user gives a set of root certificates at construction time.

  • implicitly : the user gives the uid of the application and the validation code retrieves the root certificates trusted for this application from the certificate store.

TState iState

TState iState[private]

CPKIXValidationResultBase * iValidationResult

CPKIXValidationResultBase *iValidationResult[private]

To store the parameters passed to CPKIXCertChainBase::Validate

TTime iValidationTime

TTime iValidationTime[private]

To store the parameters passed to CPKIXCertChainBase::Validate