COCSPDirectAuthorisationScheme Class Reference

class COCSPDirectAuthorisationScheme : public CActive

Implement part of S2.2 of RFC 2560.

"The key used to sign the response MUST belong to one of the following...

-- a Trusted Responder whose public key is trusted by the requester"

Inherits from

Public Member Functions
~COCSPDirectAuthorisationScheme ()
void CancelValidate ()
IMPORT_C COCSPDirectAuthorisationScheme * NewLC (const TUid &, MCertStore &)
const CX509Certificate * ResponderCert ()
void ValidateL ( OCSP::TStatus &, COCSPResponse &, const TTime , TRequestStatus &, const COCSPRequest &)
Protected Member Functions
void DoCancel ()
TInt RunError ( TInt )
void RunL ()
Private Member Functions
COCSPDirectAuthorisationScheme (const TUid &, MCertStore &)
void ConstructL ()
void OnListCertEntries ()
void OnRetrieveNextL ()
void OnRetrievingEntryL ()
void OnValidateCertChainL ()
void StartValidateL ()
void ValidateCertChainL ()
void ValidateFromRoots ()
TBool ValidateSignatureL ()
Inherited Functions
CActive::CActive(TInt)
CActive::Cancel()
CActive::Deque()
CActive::Extension_(TUint,TAny *&,TAny *)
CActive::IsActive()const
CActive::IsAdded()const
CActive::Priority()const
CActive::SetActive()
CActive::SetPriority(TInt)
CActive::~CActive()
CBase::CBase()
CBase::Delete(CBase *)
CBase::operator new(TUint)
CBase::operator new(TUint,TAny *)
CBase::operator new(TUint,TLeave)
CBase::operator new(TUint,TLeave,TUint)
CBase::operator new(TUint,TUint)
CBase::~CBase()
Private Member Enumerations
enum TStatus { EValidateCertChain , EListCertEntries , ERetrieveNext , ERetrievingEntry }
Inherited Enumerations
CActive:TPriority
Private Attributes
CPKIXCertChainBase * iCertChain
CCertAttributeFilter * iCertFilter
MCertStore & iCertStore
RMPointerArray < CCTCertInfo > iCertStoreEntries
TUid iCertStoreUid
TRequestStatus * iClientStatus
TInt iCurEntry
HBufC8 * iEncodedCertBuf
TPtr8 * iEncodedCertPtr
RFs iFs
OCSP::TStatus * iOCSPStatus
CPKIXValidationResultBase * iPKIXResult
const COCSPRequest * iRequest
COCSPResponse * iResponse
const CX509Certificate * iResponseCert
TStatus iState
TTime iValidationTime
Inherited Attributes
CActive::iStatus

Constructor & Destructor Documentation

COCSPDirectAuthorisationScheme(const TUid &, MCertStore &)

COCSPDirectAuthorisationScheme ( const TUid & aCertStoreUid,
MCertStore & aCertStore
) [private]

Parameters

const TUid & aCertStoreUid
MCertStore & aCertStore

~COCSPDirectAuthorisationScheme()

~COCSPDirectAuthorisationScheme ( )

Member Functions Documentation

CancelValidate()

void CancelValidate ( )

ConstructL()

void ConstructL ( ) [private]

DoCancel()

void DoCancel ( ) [protected, virtual]

Implements cancellation of an outstanding request.

This function is called as part of the active object's Cancel() .

It must call the appropriate cancel function offered by the active object's asynchronous service provider. The asynchronous service provider's cancel is expected to act immediately.

DoCancel() must not wait for event completion; this is handled by Cancel() .

CActive::Cancel

NewLC(const TUid &, MCertStore &)

IMPORT_C COCSPDirectAuthorisationScheme * NewLC ( const TUid & aCertStoreUid,
MCertStore & aCertStore
) [static]

Parameters

const TUid & aCertStoreUid
MCertStore & aCertStore

OnListCertEntries()

void OnListCertEntries ( ) [private]

OnRetrieveNextL()

void OnRetrieveNextL ( ) [private]

OnRetrievingEntryL()

void OnRetrievingEntryL ( ) [private]

OnValidateCertChainL()

void OnValidateCertChainL ( ) [private]

ResponderCert()

const CX509Certificate * ResponderCert ( ) const

RunError(TInt)

TInt RunError ( TInt aError ) [protected, virtual]

Parameters

TInt aError

RunL()

void RunL ( ) [protected, virtual]

Handles an active object's request completion event.

A derived class must provide an implementation to handle the completed request. If appropriate, it may issue another request.

The function is called by the active scheduler when a request completion event occurs, i.e. after the active scheduler's WaitForAnyRequest() function completes.

Before calling this active object's RunL() function, the active scheduler has:

1. decided that this is the highest priority active object with a completed request

2. marked this active object's request as complete (i.e. the request is no longer outstanding)

RunL() runs under a trap harness in the active scheduler. If it leaves, then the active scheduler calls RunError() to handle the leave.

Note that once the active scheduler's Start() function has been called, all user code is run under one of the program's active object's RunL() or RunError() functions.

CActiveScheduler::Start CActiveScheduler::Error CActiveScheduler::WaitForAnyRequest TRAPD

StartValidateL()

void StartValidateL ( ) [private]

If the response contains the certificate which signed the response, create the certificate chain till the responder certificate. Otherwise validate directly from root certificates contained in the store initialized by the client.

ValidateCertChainL()

void ValidateCertChainL ( ) [private]

If response contains responder's certificate, chain validation would be done till the CA certificate which should be located in the store.

ValidateFromRoots()

void ValidateFromRoots ( ) [private]

ValidateL(OCSP::TStatus &, COCSPResponse &, const TTime, TRequestStatus &, const COCSPRequest &)

void ValidateL ( OCSP::TStatus & aOCSPStatus,
COCSPResponse & aResponse,
const TTime aValidationTime,
TRequestStatus & aStatus,
const COCSPRequest & aRequest
)

Starts the process of validating the response. The initial value of the OCSP Status is set to signature validation failure.

Parameters

OCSP::TStatus & aOCSPStatus
COCSPResponse & aResponse
const TTime aValidationTime
TRequestStatus & aStatus
const COCSPRequest & aRequest

ValidateSignatureL()

TBool ValidateSignatureL ( ) [private]

Member Enumerations Documentation

Enum TStatus

Enumerators

EValidateCertChain
EListCertEntries
ERetrieveNext
ERetrievingEntry

Member Data Documentation

CPKIXCertChainBase * iCertChain

CPKIXCertChainBase * iCertChain [private]

CCertAttributeFilter * iCertFilter

CCertAttributeFilter * iCertFilter [private]

MCertStore & iCertStore

MCertStore & iCertStore [private]

RMPointerArray< CCTCertInfo > iCertStoreEntries

RMPointerArray < CCTCertInfo > iCertStoreEntries [private]

TUid iCertStoreUid

TUid iCertStoreUid [private]

TRequestStatus * iClientStatus

TRequestStatus * iClientStatus [private]

TInt iCurEntry

TInt iCurEntry [private]

HBufC8 * iEncodedCertBuf

HBufC8 * iEncodedCertBuf [private]

TPtr8 * iEncodedCertPtr

TPtr8 * iEncodedCertPtr [private]

RFs iFs

RFs iFs [private]

OCSP::TStatus * iOCSPStatus

OCSP::TStatus * iOCSPStatus [private]

CPKIXValidationResultBase * iPKIXResult

CPKIXValidationResultBase * iPKIXResult [private]

const COCSPRequest * iRequest

const COCSPRequest * iRequest [private]

COCSPResponse * iResponse

COCSPResponse * iResponse [private]

const CX509Certificate * iResponseCert

const CX509Certificate * iResponseCert [private]

TStatus iState

TStatus iState [private]

TTime iValidationTime

TTime iValidationTime [private]