--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/javaextensions/satsa/pki/src.s60/cstscredentialmanager.cpp Mon May 03 12:27:20 2010 +0300
@@ -0,0 +1,1031 @@
+/*
+* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+ *
+*/
+
+
+
+// INCLUDE FILES
+#include "cstscredentialmanager.h"
+#include "tstsdistinguishednameconverter.h"
+#include "CCMSIssuerAndSerialNumber.h"
+#include "cstsseprompt.h"
+#include "stspkiconstants.h"
+#include "fs_methodcall.h"
+#include <asn1dec.h>
+#include <x509cert.h>
+#include <unifiedcertstore.h>
+#include <unifiedkeystore.h>
+#include <mctwritablecertstore.h>
+#include <charconv.h>
+#include <pkcs10.h>
+#include <secdlg.h>
+#include <PKIDlg.h>
+#include <securityerr.h>
+
+
+
+// CONSTANTS
+_LIT(KSTSSymbianKeyStoreLabel, "Software key store");
+_LIT(KSTSSymbianCertificateStoreLabel, "Software certificate store");
+
+// ============================ MEMBER FUNCTIONS ===============================
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::NewLC
+// Two-phased constructor.
+// -----------------------------------------------------------------------------
+//
+CSTSCredentialManager* CSTSCredentialManager::NewLC()
+{
+ CSTSCredentialManager* self = new(ELeave) CSTSCredentialManager;
+ CallMethod(self,&CSTSCredentialManager::AddToScheduler,self);
+ CleanupStack::PushL(self);
+ CallMethodL(self,&CSTSCredentialManager::ConstructL,self);
+ return self;
+}
+
+void CSTSCredentialManager::AddToScheduler()
+{
+ CActiveScheduler::Add(this);
+}
+
+// Destructor
+CSTSCredentialManager::~CSTSCredentialManager()
+{
+ delete iEncodedCert;
+ delete iIssuerAndSerialNumber;
+ if (iPKIDialog)
+ {
+ iPKIDialog->Release();
+ }
+ delete iDistinguishedName;
+ delete iDisplayName;
+ delete iRequestEncoded;
+ delete iRequest;
+ if (iCertInfoArray)
+ {
+ iCertInfoArray->Close();
+ delete iCertInfoArray;
+ }
+ if (iKeyInfoArray)
+ {
+ iKeyInfoArray->Close();
+ delete iKeyInfoArray;
+ }
+ if (iKeyInfo)
+ {
+ iKeyInfo->Release();
+ }
+ delete iKeyStore;
+ delete iStore;
+ delete iWait;
+ iFileServer.Close();
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::AddCredentialL
+// Adds a certificate or certificate URI to certificate store
+// -----------------------------------------------------------------------------
+//
+TBool CSTSCredentialManager::AddCredentialL(
+ TInt/*const TDesC&*/ aCertDisplayName,
+ TInt/*const TDesC&*/ aPkiPath)
+{
+
+ if (iState != EReady)
+ {
+ User::Leave(KErrNotReady);
+ }
+
+ iWritableCertStoreIndex = CheckWriteCertStoreSEIDL(NULL, NULL);
+
+ const TDesC8* path = reinterpret_cast< const TDesC8* >(aPkiPath);
+
+ TASN1DecGeneric genericDecoder(*path);
+
+ genericDecoder.InitL();
+
+ TPtrC8 certificates = genericDecoder.GetContentDER();
+
+ TInt certificatesLength = certificates.Length();
+ TInt pos = 0;
+
+ iSubject.Set(certificates.Right(certificatesLength));
+
+ TPtrC8 issuer(iSubject);
+
+ // go through the certificate chain, leaving the last certificate as subject
+ // and second last as issuer
+ while (pos < certificatesLength)
+ {
+ issuer.Set(iSubject);
+ TASN1DecGeneric
+ certDecoder(certificates.Right(certificatesLength - pos));
+ certDecoder.InitL();
+ TInt certLength = certDecoder.LengthDER();
+
+ TPtrC8 singleCert(certificates.Mid(pos, certLength));
+ iSubject.Set(singleCert);
+ pos+=certLength;
+ }
+
+ CX509Certificate* cert =
+ CX509Certificate::NewLC(iSubject);
+
+ CX509Certificate* issuerCert =
+ CX509Certificate::NewLC(issuer);
+
+ iSubjectKeyId = cert->KeyIdentifierL();
+ iIssuerKeyId = issuerCert->KeyIdentifierL();
+
+ iCertDisplayName = reinterpret_cast<TDesC*>(aCertDisplayName);
+
+ // now we have to check that this certificate does not exist in the
+ // database yet
+ CCertAttributeFilter* filter = CCertAttributeFilter::NewLC();
+ filter->SetFormat(EX509Certificate);
+ filter->SetSubjectKeyId(iSubjectKeyId);
+ filter->SetIssuerKeyId(iIssuerKeyId);
+
+ RMPointerArray< CCTCertInfo >* certInfoArray =
+ new(ELeave) RMPointerArray< CCTCertInfo >();
+ if (iCertInfoArray)
+ {
+ iCertInfoArray->Close();
+ delete iCertInfoArray;
+ }
+ iCertInfoArray = certInfoArray;
+
+ iState = EAddListing;
+ iStore->WritableCertStore(iWritableCertStoreIndex)
+ .List(*iCertInfoArray, *filter,
+ iStatus);
+ WaitForCompletionL();
+
+ CleanupStack::PopAndDestroy(3); // filter, cert, issuerCert
+
+ iCertInfoArray->Close();
+ delete iCertInfoArray;
+ iCertInfoArray = NULL;
+
+
+ return ETrue;
+}
+
+void CSTSCredentialManager::StaticAddCredentialL(
+ TInt /*aManager*/,
+ TInt /*aCertDisplayName*/,
+ TInt /*aPkiPath*/,
+ TInt /*aRetVal*/)
+{
+
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::GenerateCSRL
+// Creates a DER encoded PKCS#10 certificate enrollment request.
+// -----------------------------------------------------------------------------
+//
+TDesC8& CSTSCredentialManager::GenerateCSRL(
+ const TDesC& aNameInfo,
+ const TDesC& aAlgorithm,
+ TInt aKeyLen,
+ TInt aKeyUsage,
+ const TDesC* aSecurityElementID,
+ const TDesC* aSecurityElementPrompt)
+{
+ TInt storeIndex = CheckKeyStoreSEIDL(aSecurityElementID,
+ aSecurityElementPrompt);
+
+ CKeyInfoBase::EKeyAlgorithm algorithm(CKeyInfoBase::EInvalidAlgorithm);
+ if (aAlgorithm.Compare(KSTSAlgorithmRsa()) == 0)
+ {
+ algorithm = CKeyInfoBase::ERSA;
+ }
+ else
+ {
+ CheckOIDL(aAlgorithm);
+ User::Leave(KSTSErrSeNoKeys);
+ }
+
+ TSTSDistinguishedNameConverter dnConverter;
+
+ CX500DistinguishedName* dName = dnConverter.CreateDNL(aNameInfo);
+ delete iDistinguishedName;
+ iDistinguishedName = dName;
+
+ HBufC* dispName = dName->DisplayNameL();
+ delete iDisplayName;
+ iDisplayName = dispName;
+
+ TKeyUsagePKCS15 keyUsage(EPKCS15UsageNone);
+ switch (aKeyUsage)
+ {
+ case KSTSKeyUsageAuthentication:
+ {
+ keyUsage = EPKCS15UsageSign;
+ break;
+ }
+ case KSTSKeyUsageNonRepudiation:
+ {
+ keyUsage = EPKCS15UsageNonRepudiation;
+ break;
+ }
+ default:
+ {
+ User::Leave(KErrKeyUsage);
+ }
+ }
+
+ // have to search for the key
+ TCTKeyAttributeFilter filter;
+ filter.iKeyAlgorithm = algorithm;
+ filter.iUsage = keyUsage;
+ RMPointerArray< CCTKeyInfo >* keyInfoArray =
+ new(ELeave) RMPointerArray< CCTKeyInfo >();
+ if (iKeyInfoArray)
+ {
+ iKeyInfoArray->Close();
+ delete iKeyInfoArray;
+ }
+ iKeyInfoArray = keyInfoArray;
+
+ iKeyLen = aKeyLen;
+
+ iState = ESearchingKey;
+ iKeyStore->KeyStore(storeIndex).List(
+ *iKeyInfoArray, filter, iStatus);
+
+ WaitForCompletionL();
+
+ return *iRequestEncoded;
+}
+
+void CSTSCredentialManager::StaticGenerateCSRL(
+ TInt aParams,
+ TInt aRetVal)
+{
+ TGenerateCSRParams* params = reinterpret_cast<TGenerateCSRParams*>(aParams);
+ TDesC8** ret = reinterpret_cast<TDesC8**>(aRetVal);
+
+ TDesC8& retVal = GenerateCSRL(
+ *(params->iNameInfo), *(params->iAlgorithm),
+ params->iKeyLen, params->iKeyUsage,
+ params->iSecurityElementID,
+ params->iSecurityElementPrompt);
+ *ret = &retVal;
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::RemoveCredentialL
+// Removes a certificate or certificate URI from a certificate store.
+// -----------------------------------------------------------------------------
+//
+TBool CSTSCredentialManager::RemoveCredentialL(
+ const TDesC& aCertDisplayName,
+ const TDesC8& aIssuerAndSerialNumber,
+ const TDesC* aSecurityElementID,
+ const TDesC* aSecurityElementPrompt)
+
+{
+ TInt storeIndex = CheckWriteCertStoreSEIDL(aSecurityElementID,
+ aSecurityElementPrompt);
+
+ // currently the certificates are stored in the symbian store, always
+ storeIndex = CheckWriteCertStoreSEIDL(NULL, NULL);
+
+ if (iState != EReady)
+ {
+ User::Leave(KErrNotReady);
+ }
+ // Create filter
+ CCertAttributeFilter* filter = CCertAttributeFilter::NewLC();
+ TCertLabel label(aCertDisplayName);
+ filter->SetLabel(label);
+
+ RMPointerArray< CCTCertInfo >* certInfoArray =
+ new(ELeave) RMPointerArray< CCTCertInfo >();
+ if (iCertInfoArray)
+ {
+ iCertInfoArray->Close();
+ delete iCertInfoArray;
+ }
+ iCertInfoArray = certInfoArray;
+
+ // Decode Issuer and SerialNumber
+ CCMSIssuerAndSerialNumber* issuerAndSerialNumber =
+ CCMSIssuerAndSerialNumber::NewL();
+ delete iIssuerAndSerialNumber;
+ iIssuerAndSerialNumber = issuerAndSerialNumber;
+
+ iIssuerAndSerialNumber->DecodeL(aIssuerAndSerialNumber);
+
+ iState = ERemoveListing;
+ iStore->WritableCertStore(storeIndex).
+ List(*iCertInfoArray, *filter, iStatus);
+ WaitForCompletionL();
+
+ CleanupStack::PopAndDestroy(); // filter
+
+ iCertInfoArray->Close();
+ delete iCertInfoArray;
+ iCertInfoArray = NULL;
+
+ delete iIssuerAndSerialNumber;
+ iIssuerAndSerialNumber = NULL;
+
+ delete iEncodedCert;
+ iEncodedCert = NULL;
+
+ return ETrue;
+}
+
+void CSTSCredentialManager::StaticRemoveCredentialL(
+ TInt aCertDisplayName,
+ TInt aIssuerAndSerialNumber,
+ TInt aSecurityElementID,
+ TInt aSecurityElementPrompt,
+ TInt aRetVal)
+{
+ *(reinterpret_cast<TBool*>(aRetVal)) = RemoveCredentialL(*(reinterpret_cast<TDesC*>(aCertDisplayName)),
+ *(reinterpret_cast<TDesC8*>(aIssuerAndSerialNumber)),
+ reinterpret_cast<TDesC*>(aSecurityElementID),
+ reinterpret_cast<TDesC*>(aSecurityElementPrompt));
+
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::RunL
+// CActive callback
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::RunL()
+{
+ if (iStatus != KErrNone)
+ {
+ // Error has occured; inform java
+ Complete(iStatus.Int());
+ }
+ else
+ {
+ switch (iState)
+ {
+ case EInitialising:
+ {
+ iState = EKeyStoreInit;
+ iKeyStore->Initialize(iStatus);
+ SetActive();
+ break;
+ }
+ case ERemoveListing:
+ {
+ RemoveRetrieveL();
+ break;
+ }
+ case ERemoveRetrieve:
+ {
+ RemoveVerifyL();
+ break;
+ }
+ case ERemoveDialog:
+ {
+ Remove();
+ break;
+ }
+ case EAddListing:
+ {
+ AddRetrieveL();
+ break;
+ }
+ case EAddRetrieve:
+ {
+ AddVerifyL();
+ break;
+ }
+ case EAddDialog:
+ {
+ AddL();
+ break;
+ }
+ case EAdding:
+ case EDeleting:
+ case ECreatingCSR:
+ case EKeyStoreInit:
+ {
+ Complete(KErrNone);
+ break;
+ }
+ case ECSRDialog:
+ {
+ CreateCSRL();
+ break;
+ }
+ case ESearchingKey:
+ {
+ CheckSearchResultsL();
+ break;
+ }
+ default:
+ {
+ Complete(KErrGeneral);
+ }
+ }
+ }
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::RunError
+// CActive error callback
+// -----------------------------------------------------------------------------
+//
+TInt CSTSCredentialManager::RunError(TInt aError)
+{
+ Complete(aError);
+ return KErrNone;
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::DoCancel
+// CActive cancellation callback - cancel whatever doing
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::DoCancel()
+{
+ switch (iState)
+ {
+ case EInitialising:
+ {
+ iStore->CancelInitialize();
+ break;
+ }
+ case EKeyStoreInit:
+ {
+ iKeyStore->CancelInitialize();
+ break;
+ }
+ case EAdding:
+ {
+ MCTWritableCertStore& writableStore =
+ iStore->WritableCertStore(iWritableCertStoreIndex);
+ writableStore.CancelAdd();
+ break;
+ }
+ case EAddListing:
+ case ERemoveListing:
+ {
+ iStore->CancelList();
+ break;
+ }
+ case EAddRetrieve:
+ case ERemoveRetrieve:
+ {
+ iStore->CancelRetrieve();
+ break;
+ }
+ case EDeleting:
+ {
+ iStore->CancelRemove();
+ break;
+ }
+ case EAddDialog: // AddDialog has nothing to cancel
+ case ERemoveDialog: // RemoveDialog has nothing to cancel
+ default:
+ {
+ // nothing to cancel
+ }
+ }
+ iState = EError;
+}
+
+
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::CSTSCredentialManager
+// C++ default constructor can NOT contain any code, that
+// might leave.
+// -----------------------------------------------------------------------------
+//
+CSTSCredentialManager::CSTSCredentialManager()
+ : CActive(EPriorityStandard),java::util::FunctionServer("MyPKIServer"),
+ iState(EInitialising),
+ iEncodedCertDes(NULL, 0)
+{
+ createServerToNewThread();
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::ConstructL
+// Symbian 2nd phase constructor can leave.
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::ConstructL()
+{
+ iPKIDialog = PKIDialogFactory::CreateNoteL();
+
+ User::LeaveIfError(iFileServer.Connect());
+ iWait = new(ELeave) CActiveSchedulerWait;
+ iStore = CUnifiedCertStore::NewL(iFileServer, ETrue);
+ iKeyStore = CUnifiedKeyStore::NewL(iFileServer);
+ iStore->Initialize(iStatus);
+ WaitForCompletionL();
+
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::Complete
+// Completes the operation
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::Complete(TInt aError)
+{
+ if (KErrNone == aError)
+ {
+ iState = EReady;
+ }
+ else
+ {
+ iState = EError;
+ iError = aError;
+ }
+ iWait->AsyncStop();
+
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::WaitForCompletionL()
+// Wait for completion, leave on error
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::WaitForCompletionL()
+{
+ SetActive();
+ iWait->Start();
+ if (iState != EReady)
+ {
+ // we need to be ready for the next request
+ iState = EReady;
+ User::Leave(iError);
+ }
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::RemoveRetrieveL
+// Retrieves the certificate to be removed
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::RemoveRetrieveL()
+{
+ if (iCertInfoArray->Count() == 0)
+ {
+ Complete(KErrNotFound);
+ return;
+ }
+
+ CCTCertInfo* certInfo = (*iCertInfoArray)[ 0 ];
+
+ HBufC8* encodedCert = HBufC8::NewMaxL(certInfo->Size());
+ delete iEncodedCert;
+ iEncodedCert = encodedCert;
+
+ iEncodedCertDes.Set(iEncodedCert->Des());
+
+ iState = ERemoveRetrieve;
+ iStore->Retrieve(*certInfo, iEncodedCertDes, iStatus);
+ SetActive();
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::AddRetrieveL
+// Retrieves possible conflicting certificate
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::AddRetrieveL()
+{
+
+ if (iCertInfoArray->Count() == 0)
+ {
+ // not found, ok to add
+ iState = EAddDialog;
+ iPKIDialog->SaveCertificate(EX509Certificate, EUserCertificate,
+ iSubject, iStatus);
+ SetActive();
+ return;
+ }
+
+
+ CCTCertInfo* certInfo = (*iCertInfoArray)[ 0 ];
+
+ HBufC8* encodedCert = HBufC8::NewMaxL(certInfo->Size());
+ delete iEncodedCert;
+ iEncodedCert = encodedCert;
+
+ iEncodedCertDes.Set(iEncodedCert->Des());
+
+ iState = EAddRetrieve;
+ iStore->Retrieve(*certInfo, iEncodedCertDes, iStatus);
+ SetActive();
+
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::RemoveVerify
+// Verifies that the certificate to be removed has correct issuer and serial
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::RemoveVerifyL()
+{
+
+ TPtr8 certPtr(iEncodedCert->Des());
+ CX509Certificate* cert = CX509Certificate::NewLC(certPtr);
+
+ // Check issuer
+ const CX500DistinguishedName& certIssuer = cert->IssuerName();
+ if (!certIssuer.ExactMatchL(iIssuerAndSerialNumber->IssuerName()))
+ {
+ // remove current certificate from array, fetch next
+ (*iCertInfoArray)[ 0 ]->Release();
+ iCertInfoArray->Remove(0);
+ RemoveRetrieveL();
+ }
+ // check serialNumber
+ else if (cert->SerialNumber() != iIssuerAndSerialNumber->SerialNumber())
+ {
+ // remove current certificate from array, fetch next
+ (*iCertInfoArray)[ 0 ]->Release();
+ iCertInfoArray->Remove(0);
+ RemoveRetrieveL();
+ }
+ else
+ {
+ // We have a match, show dialog
+ RemoveDialog();
+ }
+ CleanupStack::PopAndDestroy(cert);
+
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::AddVerify
+// Verifies that the certificate does not have correct serial
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::AddVerifyL()
+{
+
+ TPtr8 certPtr(iEncodedCert->Des());
+ CX509Certificate* cert = CX509Certificate::NewLC(certPtr);
+
+ CX509Certificate* certToAdd = CX509Certificate::NewLC(iSubject);
+
+ // check serialNumber
+ if (cert->SerialNumber() != certToAdd->SerialNumber())
+ {
+ // remove current certificate from array, fetch next
+ (*iCertInfoArray)[ 0 ]->Release();
+ iCertInfoArray->Remove(0);
+ AddRetrieveL();
+ }
+ else
+ {
+ // We have a match, bail out
+ Complete(KSTSErrAlreadyRegistered);
+ }
+ CleanupStack::PopAndDestroy(2); // certToAdd, cert
+
+}
+
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::RemoveDialog
+// Displays a dialog asing user permission to remove a certificate
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::RemoveDialog()
+{
+
+
+ CCTCertInfo* certInfo = (*iCertInfoArray)[ 0 ];
+ iState = ERemoveDialog;
+ iHandle = certInfo->Handle();
+ iPKIDialog->DeleteCertificate(iHandle, iStatus);
+ SetActive();
+}
+
+
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::Remove
+// Remove the found certificate
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::Remove()
+{
+ if (iCertInfoArray->Count() == 0)
+ {
+ Complete(KErrNotFound);
+ return;
+ }
+
+ CCTCertInfo* certInfo = (*iCertInfoArray)[ 0 ];
+ iState = EDeleting;
+ iStore->Remove(*certInfo, iStatus);
+ SetActive();
+}
+
+
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::AddL
+// Adds a certificate
+// -----------------------------------------------------------------------------
+//
+void CSTSCredentialManager::AddL()
+{
+ MCTWritableCertStore& writableStore =
+ iStore->WritableCertStore(iWritableCertStoreIndex);
+
+ iState = EAdding;
+ writableStore.Add(
+ *iCertDisplayName,
+ EX509Certificate,
+ EUserCertificate,
+ &iSubjectKeyId,
+ &iIssuerKeyId,
+ iSubject,
+ iStatus);
+ SetActive();
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::CSRDialog
+// Displays a CSR creation dialog
+// -----------------------------------------------------------------------------
+void CSTSCredentialManager::CSRDialog()
+{
+ if (!iDisplayName || !iKeyInfo)
+ {
+ Complete(KErrGeneral);
+ return;
+ }
+ iState = ECSRDialog;
+ iHandle = iKeyInfo->Handle();
+
+ iPKIDialog->CreateCSR(*iDisplayName, iHandle, iStatus);
+ SetActive();
+
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::CreateCSRL
+// Creates a CSR
+// -----------------------------------------------------------------------------
+void CSTSCredentialManager::CreateCSRL()
+{
+
+ if ((!iKeyInfo) || (!iDistinguishedName))
+ {
+ Complete(KErrGeneral);
+ return;
+ }
+
+ iRequest = CPKCS10Request::NewL(*iDistinguishedName, *iKeyInfo);
+
+ delete iRequestEncoded;
+ iRequestEncoded = NULL;
+
+ iState = ECreatingCSR;
+ iRequest->CreateEncoding(iRequestEncoded, iStatus);
+ SetActive();
+}
+
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::CheckSearchResultsL
+// Check key search results, generate CSR
+// -----------------------------------------------------------------------------
+void CSTSCredentialManager::CheckSearchResultsL()
+{
+ // we take the first key with valid dates
+ TInt keyCount = iKeyInfoArray->Count();
+ CCTKeyInfo* keyInfo = NULL;
+ TTime timeNow;
+ timeNow.UniversalTime();
+
+ TBool found = EFalse;
+ TInt keyIndex = 0;
+
+ for (TInt i = 0; (i < keyCount) && (!found); i++)
+ {
+ keyInfo = iKeyInfoArray->operator[](i);
+ TTime startDate = keyInfo->StartDate();
+ if ((startDate.Int64() == 0) || (timeNow >= startDate))
+ {
+ // startDate was not set or is before current time
+ // exactly same time is valid as well
+ TTime endDate = keyInfo->EndDate();
+ if ((endDate.Int64() == 0) || (timeNow < endDate))
+ {
+ // endDate was not set or is after current time
+ // exactly same time is not valid
+ // (the key expires immediatelly)
+ if (keyInfo->Size() == iKeyLen)
+ {
+ // key must have same size
+ found = ETrue;
+ keyIndex = i;
+ }
+ }
+ }
+ }
+ if (!found)
+ {
+ Complete(KSTSErrSeNoKeys);
+ return;
+ }
+
+ if (iKeyInfo)
+ {
+ iKeyInfo->Release();
+ }
+ iKeyInfo = keyInfo;
+ // iKeyInfo is no longer owned by iKeyInfoArray
+ iKeyInfoArray->Remove(keyIndex);
+
+ CSRDialog();
+}
+
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::CheckKeyStoreSEIDL
+// Check if given SecurityElementID is available, prompts user if needed
+// -----------------------------------------------------------------------------
+TInt CSTSCredentialManager::CheckKeyStoreSEIDL(
+ const TDesC* aSecurityElementID,
+ const TDesC* aSecurityElementPrompt)
+{
+
+ // Symbian store can't be used
+ if (aSecurityElementID &&
+ (KSTSSymbianKeyStoreLabel() == *aSecurityElementID))
+ {
+ User::Leave(KSTSErrSeNotFound);
+ }
+
+
+ TInt retVal = 0;
+ TInt keyStoreCount = iKeyStore->KeyStoreCount();
+ TBool found = EFalse;
+ TInt i = 0;
+ for (i = 0; (i < keyStoreCount) && (!found); i++)
+ {
+ // if aSecurityElementID is NULL, use the first one, otherwise first
+ // with the same label
+ const TDesC& storeLabel = iKeyStore->KeyStore(i).Token().Label();
+ if (!aSecurityElementID ||
+ (*aSecurityElementID == KNullDesC()) ||
+ storeLabel == *aSecurityElementID)
+ {
+ if (storeLabel != KSTSSymbianKeyStoreLabel())
+ {
+ found = ETrue;
+ retVal = i;
+ }
+ }
+ }
+
+ // if not found, display prompt( if not NULL ) and search again
+ if (!found && aSecurityElementPrompt)
+ {
+ CSTSSEPrompt* prompt = CSTSSEPrompt::NewLC();
+ prompt->DisplayPromptL(*aSecurityElementPrompt);
+ keyStoreCount = iKeyStore->KeyStoreCount();
+ for (i = 0; (i < keyStoreCount) && (!found); i++)
+ {
+ if (iKeyStore->KeyStore(i).Token().Label() ==
+ *aSecurityElementID)
+ {
+ found = ETrue;
+ retVal = i;
+ }
+ }
+ }
+
+ if (!found)
+ {
+ User::Leave(KSTSErrSeNotFound);
+ }
+
+ return retVal;
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::CheckWriteCertStoreSEIDL
+// Check if given SecurityElementID is available, prompts user if needed
+// -----------------------------------------------------------------------------
+TInt CSTSCredentialManager::CheckWriteCertStoreSEIDL(
+ const TDesC* aSecurityElementID,
+ const TDesC* aSecurityElementPrompt)
+{
+ // If aSecurityElementID is NULL, use the default Symbian cert store.
+ TPtrC securityElementID(KSTSSymbianCertificateStoreLabel());
+ if (aSecurityElementID &&
+ *aSecurityElementID != KNullDesC())
+ {
+ securityElementID.Set(*aSecurityElementID);
+ }
+
+ TInt retVal = 0;
+ TInt certStoreCount = iStore->WritableCertStoreCount();
+ TBool found = EFalse;
+ TInt i = 0;
+ for (i = 0; (i < certStoreCount) && (!found); i++)
+ {
+ // Select the first store with the specified label.
+ const TDesC& storeLabel =
+ iStore->WritableCertStore(i).Token().Label();
+
+ if (storeLabel == securityElementID)
+ {
+ found = ETrue;
+ retVal = i;
+ }
+ }
+
+ // if not found, display prompt( if not NULL ) and search again
+ if (!found && aSecurityElementPrompt)
+ {
+ CSTSSEPrompt* prompt = CSTSSEPrompt::NewLC();
+ prompt->DisplayPromptL(*aSecurityElementPrompt);
+ CleanupStack::PopAndDestroy(prompt);
+ certStoreCount = iStore->CertStoreCount();
+ for (i = 0; (i < certStoreCount) && (!found); i++)
+ {
+ if (iStore->CertStore(i).Token().Label() ==
+ securityElementID)
+ {
+ found = ETrue;
+ retVal = i;
+ }
+ }
+ }
+
+ if (!found)
+ {
+ User::Leave(KSTSErrSeNotFound);
+ }
+
+ return retVal;
+}
+
+// -----------------------------------------------------------------------------
+// CSTSCredentialManager::CheckOIDL
+// Checks if given OID is formatted correctly
+// -----------------------------------------------------------------------------
+void CSTSCredentialManager::CheckOIDL(const TDesC& aOID)
+{
+ TInt oidLength = aOID.Length();
+ if (oidLength == 0)
+ {
+ // empty oid is illegal
+ User::Leave(KErrArgument);
+ }
+ for (TInt i = 0; i < oidLength; i++)
+ {
+ TChar oidChar = aOID[ i ];
+ if (!oidChar.IsAlphaDigit())
+ {
+ if ((oidChar != KSTSDot) && (oidChar != KSTSLine))
+ {
+ User::Leave(KErrArgument);
+ }
+ }
+ }
+}
+
+// End of File
+void CSTSCredentialManager::vmAttached()
+{
+
+}
+
+void CSTSCredentialManager::doServerSideInit()
+{
+
+ FunctionServer::doServerSideInit();
+
+}
+
+