diff -r f5050f1da672 -r 04becd199f91 javaextensions/satsa/pki/src.s60/cstscredentialmanager.cpp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/javaextensions/satsa/pki/src.s60/cstscredentialmanager.cpp Tue Apr 27 16:30:29 2010 +0300 @@ -0,0 +1,1031 @@ +/* +* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: + * +*/ + + + +// INCLUDE FILES +#include "cstscredentialmanager.h" +#include "tstsdistinguishednameconverter.h" +#include "CCMSIssuerAndSerialNumber.h" +#include "cstsseprompt.h" +#include "stspkiconstants.h" +#include "fs_methodcall.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + + + +// CONSTANTS +_LIT(KSTSSymbianKeyStoreLabel, "Software key store"); +_LIT(KSTSSymbianCertificateStoreLabel, "Software certificate store"); + +// ============================ MEMBER FUNCTIONS =============================== + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::NewLC +// Two-phased constructor. +// ----------------------------------------------------------------------------- +// +CSTSCredentialManager* CSTSCredentialManager::NewLC() +{ + CSTSCredentialManager* self = new(ELeave) CSTSCredentialManager; + CallMethod(self,&CSTSCredentialManager::AddToScheduler,self); + CleanupStack::PushL(self); + CallMethodL(self,&CSTSCredentialManager::ConstructL,self); + return self; +} + +void CSTSCredentialManager::AddToScheduler() +{ + CActiveScheduler::Add(this); +} + +// Destructor +CSTSCredentialManager::~CSTSCredentialManager() +{ + delete iEncodedCert; + delete iIssuerAndSerialNumber; + if (iPKIDialog) + { + iPKIDialog->Release(); + } + delete iDistinguishedName; + delete iDisplayName; + delete iRequestEncoded; + delete iRequest; + if (iCertInfoArray) + { + iCertInfoArray->Close(); + delete iCertInfoArray; + } + if (iKeyInfoArray) + { + iKeyInfoArray->Close(); + delete iKeyInfoArray; + } + if (iKeyInfo) + { + iKeyInfo->Release(); + } + delete iKeyStore; + delete iStore; + delete iWait; + iFileServer.Close(); +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::AddCredentialL +// Adds a certificate or certificate URI to certificate store +// ----------------------------------------------------------------------------- +// +TBool CSTSCredentialManager::AddCredentialL( + TInt/*const TDesC&*/ aCertDisplayName, + TInt/*const TDesC&*/ aPkiPath) +{ + + if (iState != EReady) + { + User::Leave(KErrNotReady); + } + + iWritableCertStoreIndex = CheckWriteCertStoreSEIDL(NULL, NULL); + + const TDesC8* path = reinterpret_cast< const TDesC8* >(aPkiPath); + + TASN1DecGeneric genericDecoder(*path); + + genericDecoder.InitL(); + + TPtrC8 certificates = genericDecoder.GetContentDER(); + + TInt certificatesLength = certificates.Length(); + TInt pos = 0; + + iSubject.Set(certificates.Right(certificatesLength)); + + TPtrC8 issuer(iSubject); + + // go through the certificate chain, leaving the last certificate as subject + // and second last as issuer + while (pos < certificatesLength) + { + issuer.Set(iSubject); + TASN1DecGeneric + certDecoder(certificates.Right(certificatesLength - pos)); + certDecoder.InitL(); + TInt certLength = certDecoder.LengthDER(); + + TPtrC8 singleCert(certificates.Mid(pos, certLength)); + iSubject.Set(singleCert); + pos+=certLength; + } + + CX509Certificate* cert = + CX509Certificate::NewLC(iSubject); + + CX509Certificate* issuerCert = + CX509Certificate::NewLC(issuer); + + iSubjectKeyId = cert->KeyIdentifierL(); + iIssuerKeyId = issuerCert->KeyIdentifierL(); + + iCertDisplayName = reinterpret_cast(aCertDisplayName); + + // now we have to check that this certificate does not exist in the + // database yet + CCertAttributeFilter* filter = CCertAttributeFilter::NewLC(); + filter->SetFormat(EX509Certificate); + filter->SetSubjectKeyId(iSubjectKeyId); + filter->SetIssuerKeyId(iIssuerKeyId); + + RMPointerArray< CCTCertInfo >* certInfoArray = + new(ELeave) RMPointerArray< CCTCertInfo >(); + if (iCertInfoArray) + { + iCertInfoArray->Close(); + delete iCertInfoArray; + } + iCertInfoArray = certInfoArray; + + iState = EAddListing; + iStore->WritableCertStore(iWritableCertStoreIndex) + .List(*iCertInfoArray, *filter, + iStatus); + WaitForCompletionL(); + + CleanupStack::PopAndDestroy(3); // filter, cert, issuerCert + + iCertInfoArray->Close(); + delete iCertInfoArray; + iCertInfoArray = NULL; + + + return ETrue; +} + +void CSTSCredentialManager::StaticAddCredentialL( + TInt /*aManager*/, + TInt /*aCertDisplayName*/, + TInt /*aPkiPath*/, + TInt /*aRetVal*/) +{ + +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::GenerateCSRL +// Creates a DER encoded PKCS#10 certificate enrollment request. +// ----------------------------------------------------------------------------- +// +TDesC8& CSTSCredentialManager::GenerateCSRL( + const TDesC& aNameInfo, + const TDesC& aAlgorithm, + TInt aKeyLen, + TInt aKeyUsage, + const TDesC* aSecurityElementID, + const TDesC* aSecurityElementPrompt) +{ + TInt storeIndex = CheckKeyStoreSEIDL(aSecurityElementID, + aSecurityElementPrompt); + + CKeyInfoBase::EKeyAlgorithm algorithm(CKeyInfoBase::EInvalidAlgorithm); + if (aAlgorithm.Compare(KSTSAlgorithmRsa()) == 0) + { + algorithm = CKeyInfoBase::ERSA; + } + else + { + CheckOIDL(aAlgorithm); + User::Leave(KSTSErrSeNoKeys); + } + + TSTSDistinguishedNameConverter dnConverter; + + CX500DistinguishedName* dName = dnConverter.CreateDNL(aNameInfo); + delete iDistinguishedName; + iDistinguishedName = dName; + + HBufC* dispName = dName->DisplayNameL(); + delete iDisplayName; + iDisplayName = dispName; + + TKeyUsagePKCS15 keyUsage(EPKCS15UsageNone); + switch (aKeyUsage) + { + case KSTSKeyUsageAuthentication: + { + keyUsage = EPKCS15UsageSign; + break; + } + case KSTSKeyUsageNonRepudiation: + { + keyUsage = EPKCS15UsageNonRepudiation; + break; + } + default: + { + User::Leave(KErrKeyUsage); + } + } + + // have to search for the key + TCTKeyAttributeFilter filter; + filter.iKeyAlgorithm = algorithm; + filter.iUsage = keyUsage; + RMPointerArray< CCTKeyInfo >* keyInfoArray = + new(ELeave) RMPointerArray< CCTKeyInfo >(); + if (iKeyInfoArray) + { + iKeyInfoArray->Close(); + delete iKeyInfoArray; + } + iKeyInfoArray = keyInfoArray; + + iKeyLen = aKeyLen; + + iState = ESearchingKey; + iKeyStore->KeyStore(storeIndex).List( + *iKeyInfoArray, filter, iStatus); + + WaitForCompletionL(); + + return *iRequestEncoded; +} + +void CSTSCredentialManager::StaticGenerateCSRL( + TInt aParams, + TInt aRetVal) +{ + TGenerateCSRParams* params = reinterpret_cast(aParams); + TDesC8** ret = reinterpret_cast(aRetVal); + + TDesC8& retVal = GenerateCSRL( + *(params->iNameInfo), *(params->iAlgorithm), + params->iKeyLen, params->iKeyUsage, + params->iSecurityElementID, + params->iSecurityElementPrompt); + *ret = &retVal; +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::RemoveCredentialL +// Removes a certificate or certificate URI from a certificate store. +// ----------------------------------------------------------------------------- +// +TBool CSTSCredentialManager::RemoveCredentialL( + const TDesC& aCertDisplayName, + const TDesC8& aIssuerAndSerialNumber, + const TDesC* aSecurityElementID, + const TDesC* aSecurityElementPrompt) + +{ + TInt storeIndex = CheckWriteCertStoreSEIDL(aSecurityElementID, + aSecurityElementPrompt); + + // currently the certificates are stored in the symbian store, always + storeIndex = CheckWriteCertStoreSEIDL(NULL, NULL); + + if (iState != EReady) + { + User::Leave(KErrNotReady); + } + // Create filter + CCertAttributeFilter* filter = CCertAttributeFilter::NewLC(); + TCertLabel label(aCertDisplayName); + filter->SetLabel(label); + + RMPointerArray< CCTCertInfo >* certInfoArray = + new(ELeave) RMPointerArray< CCTCertInfo >(); + if (iCertInfoArray) + { + iCertInfoArray->Close(); + delete iCertInfoArray; + } + iCertInfoArray = certInfoArray; + + // Decode Issuer and SerialNumber + CCMSIssuerAndSerialNumber* issuerAndSerialNumber = + CCMSIssuerAndSerialNumber::NewL(); + delete iIssuerAndSerialNumber; + iIssuerAndSerialNumber = issuerAndSerialNumber; + + iIssuerAndSerialNumber->DecodeL(aIssuerAndSerialNumber); + + iState = ERemoveListing; + iStore->WritableCertStore(storeIndex). + List(*iCertInfoArray, *filter, iStatus); + WaitForCompletionL(); + + CleanupStack::PopAndDestroy(); // filter + + iCertInfoArray->Close(); + delete iCertInfoArray; + iCertInfoArray = NULL; + + delete iIssuerAndSerialNumber; + iIssuerAndSerialNumber = NULL; + + delete iEncodedCert; + iEncodedCert = NULL; + + return ETrue; +} + +void CSTSCredentialManager::StaticRemoveCredentialL( + TInt aCertDisplayName, + TInt aIssuerAndSerialNumber, + TInt aSecurityElementID, + TInt aSecurityElementPrompt, + TInt aRetVal) +{ + *(reinterpret_cast(aRetVal)) = RemoveCredentialL(*(reinterpret_cast(aCertDisplayName)), + *(reinterpret_cast(aIssuerAndSerialNumber)), + reinterpret_cast(aSecurityElementID), + reinterpret_cast(aSecurityElementPrompt)); + +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::RunL +// CActive callback +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::RunL() +{ + if (iStatus != KErrNone) + { + // Error has occured; inform java + Complete(iStatus.Int()); + } + else + { + switch (iState) + { + case EInitialising: + { + iState = EKeyStoreInit; + iKeyStore->Initialize(iStatus); + SetActive(); + break; + } + case ERemoveListing: + { + RemoveRetrieveL(); + break; + } + case ERemoveRetrieve: + { + RemoveVerifyL(); + break; + } + case ERemoveDialog: + { + Remove(); + break; + } + case EAddListing: + { + AddRetrieveL(); + break; + } + case EAddRetrieve: + { + AddVerifyL(); + break; + } + case EAddDialog: + { + AddL(); + break; + } + case EAdding: + case EDeleting: + case ECreatingCSR: + case EKeyStoreInit: + { + Complete(KErrNone); + break; + } + case ECSRDialog: + { + CreateCSRL(); + break; + } + case ESearchingKey: + { + CheckSearchResultsL(); + break; + } + default: + { + Complete(KErrGeneral); + } + } + } +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::RunError +// CActive error callback +// ----------------------------------------------------------------------------- +// +TInt CSTSCredentialManager::RunError(TInt aError) +{ + Complete(aError); + return KErrNone; +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::DoCancel +// CActive cancellation callback - cancel whatever doing +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::DoCancel() +{ + switch (iState) + { + case EInitialising: + { + iStore->CancelInitialize(); + break; + } + case EKeyStoreInit: + { + iKeyStore->CancelInitialize(); + break; + } + case EAdding: + { + MCTWritableCertStore& writableStore = + iStore->WritableCertStore(iWritableCertStoreIndex); + writableStore.CancelAdd(); + break; + } + case EAddListing: + case ERemoveListing: + { + iStore->CancelList(); + break; + } + case EAddRetrieve: + case ERemoveRetrieve: + { + iStore->CancelRetrieve(); + break; + } + case EDeleting: + { + iStore->CancelRemove(); + break; + } + case EAddDialog: // AddDialog has nothing to cancel + case ERemoveDialog: // RemoveDialog has nothing to cancel + default: + { + // nothing to cancel + } + } + iState = EError; +} + + + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::CSTSCredentialManager +// C++ default constructor can NOT contain any code, that +// might leave. +// ----------------------------------------------------------------------------- +// +CSTSCredentialManager::CSTSCredentialManager() + : CActive(EPriorityStandard),java::util::FunctionServer("MyPKIServer"), + iState(EInitialising), + iEncodedCertDes(NULL, 0) +{ + createServerToNewThread(); +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::ConstructL +// Symbian 2nd phase constructor can leave. +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::ConstructL() +{ + iPKIDialog = PKIDialogFactory::CreateNoteL(); + + User::LeaveIfError(iFileServer.Connect()); + iWait = new(ELeave) CActiveSchedulerWait; + iStore = CUnifiedCertStore::NewL(iFileServer, ETrue); + iKeyStore = CUnifiedKeyStore::NewL(iFileServer); + iStore->Initialize(iStatus); + WaitForCompletionL(); + +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::Complete +// Completes the operation +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::Complete(TInt aError) +{ + if (KErrNone == aError) + { + iState = EReady; + } + else + { + iState = EError; + iError = aError; + } + iWait->AsyncStop(); + +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::WaitForCompletionL() +// Wait for completion, leave on error +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::WaitForCompletionL() +{ + SetActive(); + iWait->Start(); + if (iState != EReady) + { + // we need to be ready for the next request + iState = EReady; + User::Leave(iError); + } +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::RemoveRetrieveL +// Retrieves the certificate to be removed +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::RemoveRetrieveL() +{ + if (iCertInfoArray->Count() == 0) + { + Complete(KErrNotFound); + return; + } + + CCTCertInfo* certInfo = (*iCertInfoArray)[ 0 ]; + + HBufC8* encodedCert = HBufC8::NewMaxL(certInfo->Size()); + delete iEncodedCert; + iEncodedCert = encodedCert; + + iEncodedCertDes.Set(iEncodedCert->Des()); + + iState = ERemoveRetrieve; + iStore->Retrieve(*certInfo, iEncodedCertDes, iStatus); + SetActive(); +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::AddRetrieveL +// Retrieves possible conflicting certificate +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::AddRetrieveL() +{ + + if (iCertInfoArray->Count() == 0) + { + // not found, ok to add + iState = EAddDialog; + iPKIDialog->SaveCertificate(EX509Certificate, EUserCertificate, + iSubject, iStatus); + SetActive(); + return; + } + + + CCTCertInfo* certInfo = (*iCertInfoArray)[ 0 ]; + + HBufC8* encodedCert = HBufC8::NewMaxL(certInfo->Size()); + delete iEncodedCert; + iEncodedCert = encodedCert; + + iEncodedCertDes.Set(iEncodedCert->Des()); + + iState = EAddRetrieve; + iStore->Retrieve(*certInfo, iEncodedCertDes, iStatus); + SetActive(); + +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::RemoveVerify +// Verifies that the certificate to be removed has correct issuer and serial +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::RemoveVerifyL() +{ + + TPtr8 certPtr(iEncodedCert->Des()); + CX509Certificate* cert = CX509Certificate::NewLC(certPtr); + + // Check issuer + const CX500DistinguishedName& certIssuer = cert->IssuerName(); + if (!certIssuer.ExactMatchL(iIssuerAndSerialNumber->IssuerName())) + { + // remove current certificate from array, fetch next + (*iCertInfoArray)[ 0 ]->Release(); + iCertInfoArray->Remove(0); + RemoveRetrieveL(); + } + // check serialNumber + else if (cert->SerialNumber() != iIssuerAndSerialNumber->SerialNumber()) + { + // remove current certificate from array, fetch next + (*iCertInfoArray)[ 0 ]->Release(); + iCertInfoArray->Remove(0); + RemoveRetrieveL(); + } + else + { + // We have a match, show dialog + RemoveDialog(); + } + CleanupStack::PopAndDestroy(cert); + +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::AddVerify +// Verifies that the certificate does not have correct serial +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::AddVerifyL() +{ + + TPtr8 certPtr(iEncodedCert->Des()); + CX509Certificate* cert = CX509Certificate::NewLC(certPtr); + + CX509Certificate* certToAdd = CX509Certificate::NewLC(iSubject); + + // check serialNumber + if (cert->SerialNumber() != certToAdd->SerialNumber()) + { + // remove current certificate from array, fetch next + (*iCertInfoArray)[ 0 ]->Release(); + iCertInfoArray->Remove(0); + AddRetrieveL(); + } + else + { + // We have a match, bail out + Complete(KSTSErrAlreadyRegistered); + } + CleanupStack::PopAndDestroy(2); // certToAdd, cert + +} + + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::RemoveDialog +// Displays a dialog asing user permission to remove a certificate +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::RemoveDialog() +{ + + + CCTCertInfo* certInfo = (*iCertInfoArray)[ 0 ]; + iState = ERemoveDialog; + iHandle = certInfo->Handle(); + iPKIDialog->DeleteCertificate(iHandle, iStatus); + SetActive(); +} + + + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::Remove +// Remove the found certificate +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::Remove() +{ + if (iCertInfoArray->Count() == 0) + { + Complete(KErrNotFound); + return; + } + + CCTCertInfo* certInfo = (*iCertInfoArray)[ 0 ]; + iState = EDeleting; + iStore->Remove(*certInfo, iStatus); + SetActive(); +} + + + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::AddL +// Adds a certificate +// ----------------------------------------------------------------------------- +// +void CSTSCredentialManager::AddL() +{ + MCTWritableCertStore& writableStore = + iStore->WritableCertStore(iWritableCertStoreIndex); + + iState = EAdding; + writableStore.Add( + *iCertDisplayName, + EX509Certificate, + EUserCertificate, + &iSubjectKeyId, + &iIssuerKeyId, + iSubject, + iStatus); + SetActive(); +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::CSRDialog +// Displays a CSR creation dialog +// ----------------------------------------------------------------------------- +void CSTSCredentialManager::CSRDialog() +{ + if (!iDisplayName || !iKeyInfo) + { + Complete(KErrGeneral); + return; + } + iState = ECSRDialog; + iHandle = iKeyInfo->Handle(); + + iPKIDialog->CreateCSR(*iDisplayName, iHandle, iStatus); + SetActive(); + +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::CreateCSRL +// Creates a CSR +// ----------------------------------------------------------------------------- +void CSTSCredentialManager::CreateCSRL() +{ + + if ((!iKeyInfo) || (!iDistinguishedName)) + { + Complete(KErrGeneral); + return; + } + + iRequest = CPKCS10Request::NewL(*iDistinguishedName, *iKeyInfo); + + delete iRequestEncoded; + iRequestEncoded = NULL; + + iState = ECreatingCSR; + iRequest->CreateEncoding(iRequestEncoded, iStatus); + SetActive(); +} + + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::CheckSearchResultsL +// Check key search results, generate CSR +// ----------------------------------------------------------------------------- +void CSTSCredentialManager::CheckSearchResultsL() +{ + // we take the first key with valid dates + TInt keyCount = iKeyInfoArray->Count(); + CCTKeyInfo* keyInfo = NULL; + TTime timeNow; + timeNow.UniversalTime(); + + TBool found = EFalse; + TInt keyIndex = 0; + + for (TInt i = 0; (i < keyCount) && (!found); i++) + { + keyInfo = iKeyInfoArray->operator[](i); + TTime startDate = keyInfo->StartDate(); + if ((startDate.Int64() == 0) || (timeNow >= startDate)) + { + // startDate was not set or is before current time + // exactly same time is valid as well + TTime endDate = keyInfo->EndDate(); + if ((endDate.Int64() == 0) || (timeNow < endDate)) + { + // endDate was not set or is after current time + // exactly same time is not valid + // (the key expires immediatelly) + if (keyInfo->Size() == iKeyLen) + { + // key must have same size + found = ETrue; + keyIndex = i; + } + } + } + } + if (!found) + { + Complete(KSTSErrSeNoKeys); + return; + } + + if (iKeyInfo) + { + iKeyInfo->Release(); + } + iKeyInfo = keyInfo; + // iKeyInfo is no longer owned by iKeyInfoArray + iKeyInfoArray->Remove(keyIndex); + + CSRDialog(); +} + + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::CheckKeyStoreSEIDL +// Check if given SecurityElementID is available, prompts user if needed +// ----------------------------------------------------------------------------- +TInt CSTSCredentialManager::CheckKeyStoreSEIDL( + const TDesC* aSecurityElementID, + const TDesC* aSecurityElementPrompt) +{ + + // Symbian store can't be used + if (aSecurityElementID && + (KSTSSymbianKeyStoreLabel() == *aSecurityElementID)) + { + User::Leave(KSTSErrSeNotFound); + } + + + TInt retVal = 0; + TInt keyStoreCount = iKeyStore->KeyStoreCount(); + TBool found = EFalse; + TInt i = 0; + for (i = 0; (i < keyStoreCount) && (!found); i++) + { + // if aSecurityElementID is NULL, use the first one, otherwise first + // with the same label + const TDesC& storeLabel = iKeyStore->KeyStore(i).Token().Label(); + if (!aSecurityElementID || + (*aSecurityElementID == KNullDesC()) || + storeLabel == *aSecurityElementID) + { + if (storeLabel != KSTSSymbianKeyStoreLabel()) + { + found = ETrue; + retVal = i; + } + } + } + + // if not found, display prompt( if not NULL ) and search again + if (!found && aSecurityElementPrompt) + { + CSTSSEPrompt* prompt = CSTSSEPrompt::NewLC(); + prompt->DisplayPromptL(*aSecurityElementPrompt); + keyStoreCount = iKeyStore->KeyStoreCount(); + for (i = 0; (i < keyStoreCount) && (!found); i++) + { + if (iKeyStore->KeyStore(i).Token().Label() == + *aSecurityElementID) + { + found = ETrue; + retVal = i; + } + } + } + + if (!found) + { + User::Leave(KSTSErrSeNotFound); + } + + return retVal; +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::CheckWriteCertStoreSEIDL +// Check if given SecurityElementID is available, prompts user if needed +// ----------------------------------------------------------------------------- +TInt CSTSCredentialManager::CheckWriteCertStoreSEIDL( + const TDesC* aSecurityElementID, + const TDesC* aSecurityElementPrompt) +{ + // If aSecurityElementID is NULL, use the default Symbian cert store. + TPtrC securityElementID(KSTSSymbianCertificateStoreLabel()); + if (aSecurityElementID && + *aSecurityElementID != KNullDesC()) + { + securityElementID.Set(*aSecurityElementID); + } + + TInt retVal = 0; + TInt certStoreCount = iStore->WritableCertStoreCount(); + TBool found = EFalse; + TInt i = 0; + for (i = 0; (i < certStoreCount) && (!found); i++) + { + // Select the first store with the specified label. + const TDesC& storeLabel = + iStore->WritableCertStore(i).Token().Label(); + + if (storeLabel == securityElementID) + { + found = ETrue; + retVal = i; + } + } + + // if not found, display prompt( if not NULL ) and search again + if (!found && aSecurityElementPrompt) + { + CSTSSEPrompt* prompt = CSTSSEPrompt::NewLC(); + prompt->DisplayPromptL(*aSecurityElementPrompt); + CleanupStack::PopAndDestroy(prompt); + certStoreCount = iStore->CertStoreCount(); + for (i = 0; (i < certStoreCount) && (!found); i++) + { + if (iStore->CertStore(i).Token().Label() == + securityElementID) + { + found = ETrue; + retVal = i; + } + } + } + + if (!found) + { + User::Leave(KSTSErrSeNotFound); + } + + return retVal; +} + +// ----------------------------------------------------------------------------- +// CSTSCredentialManager::CheckOIDL +// Checks if given OID is formatted correctly +// ----------------------------------------------------------------------------- +void CSTSCredentialManager::CheckOIDL(const TDesC& aOID) +{ + TInt oidLength = aOID.Length(); + if (oidLength == 0) + { + // empty oid is illegal + User::Leave(KErrArgument); + } + for (TInt i = 0; i < oidLength; i++) + { + TChar oidChar = aOID[ i ]; + if (!oidChar.IsAlphaDigit()) + { + if ((oidChar != KSTSDot) && (oidChar != KSTSLine)) + { + User::Leave(KErrArgument); + } + } + } +} + +// End of File +void CSTSCredentialManager::vmAttached() +{ + +} + +void CSTSCredentialManager::doServerSideInit() +{ + + FunctionServer::doServerSideInit(); + +} + +