70 |
81 |
71 //-------------------------------------------------- |
82 //-------------------------------------------------- |
72 |
83 |
73 CEapTlsPeapCertInterface::CEapTlsPeapCertInterface(abs_eap_am_tools_c* const aTools, eap_am_type_tls_peap_symbian_c* const aParent) |
84 CEapTlsPeapCertInterface::CEapTlsPeapCertInterface(abs_eap_am_tools_c* const aTools, eap_am_type_tls_peap_symbian_c* const aParent) |
74 : CActive(CActive::EPriorityStandard) |
85 : CActive(CActive::EPriorityStandard) |
75 ,iParent(aParent) |
86 , iParent(aParent) |
76 ,m_am_tools(aTools) |
87 , m_am_tools(aTools) |
77 ,iAllowedUserCerts(1) |
88 , iAllowedUserCerts(1) |
78 ,iEncodedCertificate(0) |
89 , iEncodedCertificate(0) |
79 ,iCertPtr(0,0) |
90 , iCertPtr(0,0) |
80 ,iMatchingUserCertInfos(1) |
91 , iMatchingUserCertInfos(1) |
81 ,iCAIndex(0) |
92 , iCAIndex(0) |
|
93 , iUseAutomaticCaCertificate(EFalse) |
82 { |
94 { |
|
95 EAP_TRACE_DEBUG( |
|
96 m_am_tools, |
|
97 TRACE_FLAGS_DEFAULT, |
|
98 (EAPL("CEapTlsPeapCertInterface::CEapTlsPeapCertInterface()\n"))); |
|
99 |
|
100 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::CEapTlsPeapCertInterface()"); |
|
101 |
83 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
102 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
84 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
103 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
85 } |
104 } |
86 |
105 |
87 //-------------------------------------------------- |
106 //-------------------------------------------------- |
88 |
107 |
89 void CEapTlsPeapCertInterface::ConstructL() |
108 void CEapTlsPeapCertInterface::ConstructL() |
90 { |
109 { |
91 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
110 EAP_TRACE_DEBUG( |
92 |
111 m_am_tools, |
|
112 TRACE_FLAGS_DEFAULT, |
|
113 (EAPL("CEapTlsPeapCertInterface::ConstructL()\n"))); |
|
114 |
|
115 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::ConstructL()"); |
|
116 |
93 User::LeaveIfError(iFs.Connect()); |
117 User::LeaveIfError(iFs.Connect()); |
94 |
118 |
95 CActiveScheduler::Add(this); |
119 CActiveScheduler::Add(this); |
96 |
120 |
97 iValidationResult = CPKIXValidationResult::NewL(); |
121 iValidationResult = CPKIXValidationResult::NewL(); |
104 |
128 |
105 //-------------------------------------------------- |
129 //-------------------------------------------------- |
106 |
130 |
107 CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface() |
131 CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface() |
108 { |
132 { |
109 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
133 EAP_TRACE_DEBUG( |
110 |
134 m_am_tools, |
|
135 TRACE_FLAGS_DEFAULT, |
|
136 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface()\n"))); |
|
137 |
|
138 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface()"); |
|
139 |
|
140 if(IsActive()) |
|
141 { |
|
142 Cancel(); |
|
143 } |
|
144 |
|
145 EAP_TRACE_DEBUG( |
|
146 m_am_tools, |
|
147 TRACE_FLAGS_DEFAULT, |
|
148 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iMatchingUserCerts.ResetAndDestroy()\n"))); |
|
149 |
111 iMatchingUserCerts.ResetAndDestroy(); |
150 iMatchingUserCerts.ResetAndDestroy(); |
112 |
151 |
113 iMatchingUserCertInfos.Reset(); |
152 EAP_TRACE_DEBUG( |
114 |
153 m_am_tools, |
115 iAllowedUserCerts.Reset(); |
154 TRACE_FLAGS_DEFAULT, |
|
155 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iMatchingUserCertInfos.ResetAndDestroy()\n"))); |
|
156 |
|
157 iMatchingUserCertInfos.ResetAndDestroy(); |
|
158 |
|
159 EAP_TRACE_DEBUG( |
|
160 m_am_tools, |
|
161 TRACE_FLAGS_DEFAULT, |
|
162 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iAllowedUserCerts.ResetAndDestroy()\n"))); |
|
163 |
|
164 iAllowedUserCerts.ResetAndDestroy(); |
|
165 |
|
166 EAP_TRACE_DEBUG( |
|
167 m_am_tools, |
|
168 TRACE_FLAGS_DEFAULT, |
|
169 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iAllowedCACerts.ResetAndDestroy()\n"))); |
|
170 |
|
171 iAllowedCACerts.ResetAndDestroy(); |
|
172 |
|
173 EAP_TRACE_DEBUG( |
|
174 m_am_tools, |
|
175 TRACE_FLAGS_DEFAULT, |
|
176 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iRootCerts.ResetAndDestroy()\n"))); |
116 |
177 |
117 iRootCerts.ResetAndDestroy(); |
178 iRootCerts.ResetAndDestroy(); |
|
179 |
|
180 EAP_TRACE_DEBUG( |
|
181 m_am_tools, |
|
182 TRACE_FLAGS_DEFAULT, |
|
183 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iUserCertChain.ResetAndDestroy()\n"))); |
|
184 |
118 iUserCertChain.ResetAndDestroy(); |
185 iUserCertChain.ResetAndDestroy(); |
119 |
186 |
|
187 EAP_TRACE_DEBUG( |
|
188 m_am_tools, |
|
189 TRACE_FLAGS_DEFAULT, |
|
190 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iCertAuthorities.ResetAndDestroy()\n"))); |
|
191 |
120 iCertAuthorities.ResetAndDestroy(); |
192 iCertAuthorities.ResetAndDestroy(); |
121 |
193 |
|
194 EAP_TRACE_DEBUG( |
|
195 m_am_tools, |
|
196 TRACE_FLAGS_DEFAULT, |
|
197 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iCertInfos.Reset()\n"))); |
|
198 |
122 TInt i(0); |
199 TInt i(0); |
123 for (i = 0; i < iCertInfos.Count(); i++) |
200 for (i = 0; i < iCertInfos.Count(); i++) |
124 { |
201 { |
125 iCertInfos[i]->Release(); |
202 iCertInfos[i]->Release(); |
126 } |
203 } |
127 iCertInfos.Reset(); |
204 iCertInfos.Reset(); |
128 |
205 |
|
206 EAP_TRACE_DEBUG( |
|
207 m_am_tools, |
|
208 TRACE_FLAGS_DEFAULT, |
|
209 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iKeyInfos.Reset()\n"))); |
|
210 |
129 for (i = 0; i < iKeyInfos.Count(); i++) |
211 for (i = 0; i < iKeyInfos.Count(); i++) |
130 { |
212 { |
131 iKeyInfos[i]->Release(); |
213 iKeyInfos[i]->Release(); |
132 } |
214 } |
133 iKeyInfos.Reset(); |
215 iKeyInfos.Reset(); |
|
216 |
|
217 EAP_TRACE_DEBUG( |
|
218 m_am_tools, |
|
219 TRACE_FLAGS_DEFAULT, |
|
220 (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): delete rest\n"))); |
134 |
221 |
135 delete iCertFilter; |
222 delete iCertFilter; |
136 delete iCertStore; |
223 delete iCertStore; |
137 delete iCertChain; |
224 delete iCertChain; |
138 delete iValidationResult; |
225 delete iValidationResult; |
155 } |
251 } |
156 |
252 |
157 //-------------------------------------------------- |
253 //-------------------------------------------------- |
158 |
254 |
159 void CEapTlsPeapCertInterface::GetMatchingCertificatesL( |
255 void CEapTlsPeapCertInterface::GetMatchingCertificatesL( |
160 const RArray<SCertEntry>& aAllowedUserCerts, |
256 const RPointerArray<EapCertificateEntry>& aAllowedUserCerts, |
161 const TBool aUseCertAuthoritiesFilter, |
257 const TBool aUseCertAuthoritiesFilter, |
162 EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const aCertAuthorities, |
258 EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const aCertAuthorities, |
163 const TBool aUseCertTypesFilter, |
259 const TBool aUseCertTypesFilter, |
164 EAP_TEMPLATE_CONST eap_array_c<u8_t> * const aCertTypes, |
260 EAP_TEMPLATE_CONST eap_array_c<u8_t> * const aCertTypes, |
165 const TBool aUseAllowedCipherSuitesFilter, |
261 const TBool aUseAllowedCipherSuitesFilter, |
166 const RArray<TUint>& aAllowedCipherSuites) |
262 const RArray<TUint>& aAllowedCipherSuites) |
167 { |
263 { |
168 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
169 |
|
170 iUseCertAuthoritiesFilter = aUseCertAuthoritiesFilter; |
|
171 |
|
172 iUseCertTypesFilter = aUseCertTypesFilter; |
|
173 |
|
174 iUseAllowedCipherSuitesFilter = aUseAllowedCipherSuitesFilter; |
|
175 |
|
176 iAllowedUserCerts.Reset(); |
|
177 |
|
178 EAP_TRACE_DEBUG( |
264 EAP_TRACE_DEBUG( |
179 m_am_tools, |
265 m_am_tools, |
180 TRACE_FLAGS_DEFAULT, |
266 TRACE_FLAGS_DEFAULT, |
181 (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL: Total allowed user certs=%d\n"), |
267 (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL(): Total allowed user certs=%d, aAllowedUserCerts=0x%08x, iAllowedUserCerts=0x%08x, aCertAuthorities=0x%08x, aCertTypes=0x%08x, aAllowedCipherSuites=0x%08x\n"), |
182 aAllowedUserCerts.Count())); |
268 aAllowedUserCerts.Count(), |
183 |
269 &aAllowedUserCerts, |
|
270 &iAllowedUserCerts, |
|
271 aCertAuthorities, |
|
272 aCertTypes, |
|
273 &aAllowedCipherSuites)); |
|
274 |
|
275 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::GetMatchingCertificatesL()"); |
|
276 |
|
277 iUseCertAuthoritiesFilter = aUseCertAuthoritiesFilter; |
|
278 |
|
279 iUseCertTypesFilter = aUseCertTypesFilter; |
|
280 |
|
281 iUseAllowedCipherSuitesFilter = aUseAllowedCipherSuitesFilter; |
|
282 |
184 EAP_TRACE_DEBUG( |
283 EAP_TRACE_DEBUG( |
185 m_am_tools, |
284 m_am_tools, |
186 TRACE_FLAGS_DEFAULT, |
285 TRACE_FLAGS_DEFAULT, |
187 (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL:UseCertAuthoritiesFilter=%d, UseCertTypesFilter=%d, UseAllowedCipherSuitesFilter=%d\n"), |
286 (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL(): iAllowedUserCerts.Count()=%d\n"), |
188 iUseCertAuthoritiesFilter,iUseCertTypesFilter,iUseAllowedCipherSuitesFilter)); |
287 iAllowedUserCerts.Count())); |
|
288 |
|
289 iAllowedUserCerts.ResetAndDestroy(); |
|
290 |
|
291 EAP_TRACE_DEBUG( |
|
292 m_am_tools, |
|
293 TRACE_FLAGS_DEFAULT, |
|
294 (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL(): UseCertAuthoritiesFilter=%d, UseCertTypesFilter=%d, UseAllowedCipherSuitesFilter=%d\n"), |
|
295 iUseCertAuthoritiesFilter, |
|
296 iUseCertTypesFilter, |
|
297 iUseAllowedCipherSuitesFilter)); |
189 |
298 |
190 for (TInt j = 0; j < aAllowedUserCerts.Count(); j++) |
299 for (TInt j = 0; j < aAllowedUserCerts.Count(); j++) |
191 { |
300 { |
192 iAllowedUserCerts.AppendL(aAllowedUserCerts[j]); |
301 EapCertificateEntry * const copy_cert = aAllowedUserCerts[j]->Copy(); |
193 |
302 if (copy_cert == 0) |
194 #if defined(_DEBUG) || defined(DEBUG) |
303 { |
195 |
304 User::Leave(KErrNoMemory); |
196 // This is just for the debug prints. |
305 } |
197 TCertLabel tempLabel = iAllowedUserCerts[j].iLabel; |
306 |
198 TKeyIdentifier tempSubjectKeyId = iAllowedUserCerts[j].iSubjectKeyId; |
307 iAllowedUserCerts.AppendL(copy_cert); |
199 |
308 |
200 EAP_TRACE_DEBUG( |
309 EAP_TRACE_SETTINGS(copy_cert); |
201 m_am_tools, |
|
202 TRACE_FLAGS_DEFAULT, |
|
203 (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL: details of allowed user certs,Label=%S\n"), |
|
204 &tempLabel)); |
|
205 |
|
206 EAP_TRACE_DATA_DEBUG_SYMBIAN( ( "GetMatchingCertificatesL : Subject Key Id:", |
|
207 tempSubjectKeyId.Ptr(), tempSubjectKeyId.Size() ) ); |
|
208 #endif |
|
209 } |
310 } |
210 |
311 |
211 if (iCertAuthorities.Count() > 0) |
312 if (iCertAuthorities.Count() > 0) |
212 { |
313 { |
213 iCertAuthorities.ResetAndDestroy(); |
314 iCertAuthorities.ResetAndDestroy(); |
214 } |
315 } |
215 if (aUseCertAuthoritiesFilter) |
316 |
|
317 if (aUseCertAuthoritiesFilter |
|
318 && aCertAuthorities) |
216 { |
319 { |
217 for (TUint i = 0; i < aCertAuthorities->get_object_count(); i++) |
320 for (TUint i = 0; i < aCertAuthorities->get_object_count(); i++) |
218 { |
321 { |
219 HBufC8* buf = HBufC8::NewLC((aCertAuthorities->get_object(i))->get_data_length()); |
322 HBufC8* buf = HBufC8::NewLC((aCertAuthorities->get_object(i))->get_data_length()); |
220 TPtr8 ptr = buf->Des(); |
323 TPtr8 ptr = buf->Des(); |
221 ptr.Copy((aCertAuthorities->get_object(i))->get_data((aCertAuthorities->get_object(i))->get_data_length()), |
324 ptr.Copy((aCertAuthorities->get_object(i))->get_data((aCertAuthorities->get_object(i))->get_data_length()), |
222 (aCertAuthorities->get_object(i))->get_data_length()); |
325 (aCertAuthorities->get_object(i))->get_data_length()); |
223 |
326 |
224 // Try to form distiguished name |
327 // Try to form distiguished name |
225 CX500DistinguishedName* tmp = 0; |
328 CX500DistinguishedName* tmp = 0; |
226 TRAPD(err, tmp = CX500DistinguishedName::NewL(ptr)); |
329 TRAPD(error, tmp = CX500DistinguishedName::NewL(ptr)); |
227 if (err == KErrNone) |
330 if (error == KErrNone) |
228 { |
331 { |
229 CleanupStack::PushL(tmp); |
332 CleanupStack::PushL(tmp); |
230 // Distinguished name was found -> add it to array. |
333 // Distinguished name was found -> add it to array. |
231 User::LeaveIfError(iCertAuthorities.Append(tmp)); |
334 User::LeaveIfError(iCertAuthorities.Append(tmp)); |
232 CleanupStack::Pop(tmp); |
335 CleanupStack::Pop(tmp); |
275 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
378 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
276 } |
379 } |
277 |
380 |
278 //-------------------------------------------------- |
381 //-------------------------------------------------- |
279 |
382 |
280 void CEapTlsPeapCertInterface::ReadCertificateL(SCertEntry& aCertInfo, const TBool aRetrieveChain) |
383 void CEapTlsPeapCertInterface::ReadCertificateL(EapCertificateEntry& aCertInfo, const TBool aRetrieveChain) |
281 { |
384 { |
282 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
385 EAP_TRACE_DEBUG( |
|
386 m_am_tools, |
|
387 TRACE_FLAGS_DEFAULT, |
|
388 (EAPL("CEapTlsPeapCertInterface::ReadCertificateL()\n"))); |
|
389 |
|
390 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::ReadCertificateL()"); |
|
391 |
283 iCertInfo = aCertInfo; |
392 iCertInfo = aCertInfo; |
284 iRetrieveChain = aRetrieveChain; |
393 iRetrieveChain = aRetrieveChain; |
285 iState = EReadCertInitStore; |
394 iState = EReadCertInitStore; |
286 |
395 |
287 if (iCertStore == 0) |
396 if (iCertStore == 0) |
288 { |
397 { |
289 iCertStore = CUnifiedCertStore::NewL(iFs, false); |
398 iCertStore = CUnifiedCertStore::NewL(iFs, EFalse); |
290 iCertStore->Initialize(iStatus); |
399 iCertStore->Initialize(iStatus); |
291 } |
400 } |
292 else |
401 else |
293 { |
402 { |
294 TRequestStatus* status = &iStatus; |
403 TRequestStatus* status = &iStatus; |
298 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
407 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
299 } |
408 } |
300 |
409 |
301 //-------------------------------------------------- |
410 //-------------------------------------------------- |
302 |
411 |
303 void CEapTlsPeapCertInterface::ReadCACertificateL(SCertEntry& aCertInfo) |
412 void CEapTlsPeapCertInterface::ReadCACertificateL(EapCertificateEntry& aCertInfo) |
304 { |
413 { |
305 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
414 EAP_TRACE_DEBUG( |
306 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("CEapTlsPeapCertInterface::ReadCACertificateL.\n"))); |
415 m_am_tools, |
307 |
416 TRACE_FLAGS_DEFAULT, |
|
417 (EAPL("CEapTlsPeapCertInterface::ReadCACertificateL()\n"))); |
|
418 |
|
419 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::ReadCACertificateL()"); |
|
420 |
308 iCertInfo = aCertInfo; |
421 iCertInfo = aCertInfo; |
309 iState = EReadCACertInitStore; |
422 iState = EReadCACertInitStore; |
310 |
423 |
311 if (iCertStore == 0) |
424 if (iCertStore == 0) |
312 { |
425 { |
313 iCertStore = CUnifiedCertStore::NewL(iFs, false); |
426 iCertStore = CUnifiedCertStore::NewL(iFs, EFalse); |
314 iCertStore->Initialize(iStatus); |
427 iCertStore->Initialize(iStatus); |
315 } |
428 } |
316 else |
429 else |
317 { |
430 { |
318 TRequestStatus* status = &iStatus; |
431 TRequestStatus* status = &iStatus; |
323 } |
436 } |
324 |
437 |
325 |
438 |
326 //-------------------------------------------------- |
439 //-------------------------------------------------- |
327 |
440 |
328 void CEapTlsPeapCertInterface::ValidateChainL(TDesC8& aCertChain, RArray<SCertEntry>& aAllowedCACerts) |
441 void CEapTlsPeapCertInterface::ValidateChainL( |
329 { |
442 TDesC8& aCertChain, |
330 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
443 RPointerArray<EapCertificateEntry>& aAllowedCACerts, |
|
444 const TBool aUseAutomaticCaCertificate) |
|
445 { |
|
446 EAP_TRACE_DEBUG( |
|
447 m_am_tools, |
|
448 TRACE_FLAGS_DEFAULT, |
|
449 (EAPL("CEapTlsPeapCertInterface::ValidateChainL(): aUseAutomaticCaCertificate=%d\n"), |
|
450 aUseAutomaticCaCertificate)); |
|
451 |
|
452 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::ValidateChainL()"); |
|
453 |
|
454 iUseAutomaticCaCertificate = aUseAutomaticCaCertificate; |
331 iCAIndex = 0; |
455 iCAIndex = 0; |
332 iAllowedCACerts = aAllowedCACerts; |
456 iAllowedCACerts.ResetAndDestroy(); |
|
457 |
|
458 if (!iUseAutomaticCaCertificate) |
|
459 { |
|
460 for (TInt j = 0; j < aAllowedCACerts.Count(); j++) |
|
461 { |
|
462 EapCertificateEntry * const copy_cert = aAllowedCACerts[j]->Copy(); |
|
463 if (copy_cert == 0) |
|
464 { |
|
465 User::Leave(KErrNoMemory); |
|
466 } |
|
467 |
|
468 iAllowedCACerts.AppendL(copy_cert); |
|
469 |
|
470 EAP_TRACE_SETTINGS(copy_cert); |
|
471 } |
|
472 } |
|
473 |
333 delete iInputCertChain; |
474 delete iInputCertChain; |
334 |
475 |
335 iInputCertChain = 0; |
476 iInputCertChain = 0; |
336 iInputCertChain = aCertChain.AllocL(); |
477 iInputCertChain = aCertChain.AllocL(); |
337 iState = EValidateChainInitStore; |
478 iState = EValidateChainInitStore; |
|
479 |
338 if (iCertStore == 0) |
480 if (iCertStore == 0) |
339 { |
481 { |
340 iCertStore = CUnifiedCertStore::NewL(iFs, false); |
482 iCertStore = CUnifiedCertStore::NewL(iFs, EFalse); |
341 iCertStore->Initialize(iStatus); |
483 iCertStore->Initialize(iStatus); |
342 } |
484 } |
343 else |
485 else |
344 { |
486 { |
345 TRequestStatus* status = &iStatus; |
487 TRequestStatus* status = &iStatus; |
346 User::RequestComplete(status, KErrNone); |
488 User::RequestComplete(status, KErrNone); |
347 } |
489 } |
|
490 |
348 SetActive(); |
491 SetActive(); |
|
492 |
349 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
493 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
350 } |
494 } |
351 |
495 |
352 //-------------------------------------------------- |
496 //-------------------------------------------------- |
353 |
497 |
354 void CEapTlsPeapCertInterface::DoCancel() |
498 void CEapTlsPeapCertInterface::DoCancel() |
355 { |
499 { |
356 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
357 |
|
358 EAP_TRACE_DEBUG( |
500 EAP_TRACE_DEBUG( |
359 m_am_tools, |
501 m_am_tools, |
360 TRACE_FLAGS_DEFAULT, |
502 TRACE_FLAGS_DEFAULT, |
361 (EAPL("CEapTlsPeapCertInterface::DoCancel()\n"))); |
503 (EAPL("CEapTlsPeapCertInterface::DoCancel()\n"))); |
|
504 |
|
505 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::DoCancel()"); |
362 |
506 |
363 if (iCertStore != 0 && iCertStore->IsActive()) |
507 if (iCertStore != 0 && iCertStore->IsActive()) |
364 { |
508 { |
365 EAP_TRACE_DEBUG( |
509 EAP_TRACE_DEBUG( |
366 m_am_tools, |
510 m_am_tools, |
455 } |
599 } |
456 |
600 |
457 //-------------------------------------------------- |
601 //-------------------------------------------------- |
458 |
602 |
459 void CEapTlsPeapCertInterface::SignL( |
603 void CEapTlsPeapCertInterface::SignL( |
460 TKeyIdentifier& aKeyId, |
604 const TKeyIdentifier& aKeyId, |
461 const TDesC8& aHashIn, |
605 const TDesC8& aHashIn, |
462 const TUint aSignatureLength) |
606 const TUint aSignatureLength) |
463 { |
607 { |
464 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
608 EAP_TRACE_DEBUG( |
|
609 m_am_tools, |
|
610 TRACE_FLAGS_DEFAULT, |
|
611 (EAPL("CEapTlsPeapCertInterface::SignL()\n"))); |
|
612 |
|
613 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::SignL()"); |
|
614 |
465 iKeyIdentifier = aKeyId; |
615 iKeyIdentifier = aKeyId; |
466 if (aHashIn.Size() > KMaxHashLength) |
616 if (aHashIn.Size() > KMaxHashLength) |
467 { |
617 { |
468 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Illegal hash size to SignL.\n"))); |
618 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Illegal hash size %d to SignL(), shoudbe <= %d.\n"), |
|
619 aHashIn.Size(), |
|
620 KMaxHashLength)); |
469 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
621 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
470 User::Leave(KErrGeneral); |
622 User::Leave(KErrGeneral); |
471 } |
623 } |
472 iHashIn.Copy(aHashIn); |
624 iHashIn.Copy(aHashIn); |
473 |
625 |
509 } |
664 } |
510 |
665 |
511 eap_tlv_message_data_c tlv_data(m_am_tools); |
666 eap_tlv_message_data_c tlv_data(m_am_tools); |
512 |
667 |
513 status = m_am_tools->memory_store_get_data(&key, &tlv_data); |
668 status = m_am_tools->memory_store_get_data(&key, &tlv_data); |
|
669 |
514 if (status != eap_status_ok) |
670 if (status != eap_status_ok) |
515 { |
671 { |
516 EAP_TRACE_DEBUG( |
672 |
517 m_am_tools, |
673 #endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE) |
518 TRACE_FLAGS_DEFAULT, |
674 |
519 (EAPL("EAP_type_TLSPEAP: cannot get previous keystore handle.\n"))); |
675 |
|
676 EAP_TRACE_DEBUG( |
|
677 m_am_tools, |
|
678 TRACE_FLAGS_DEFAULT, |
|
679 (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::SignL(): cannot get previous CUnifiedKeyStore handle.\n"))); |
520 |
680 |
521 |
681 |
522 // At this point we can set the passphrase timeout because it the passphrase |
682 // At this point we can set the passphrase timeout because it the passphrase |
523 // cache in the FS token server is still empty. Passphrase timeout setting clears |
683 // cache in the FS token server is still empty. Passphrase timeout setting clears |
524 // the cache. |
684 // the cache. |
525 iState = ESignInitStore; |
685 iState = ESignInitStore; |
526 |
686 |
527 iKeyStore = CUnifiedKeyStore::NewL(iFs); |
687 iKeyStore = CUnifiedKeyStore::NewL(iFs); |
528 iKeyStore->Initialize(iStatus); |
688 iKeyStore->Initialize(iStatus); |
529 |
689 |
|
690 #if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE) |
|
691 |
530 status = tlv_data.add_message_data( |
692 status = tlv_data.add_message_data( |
531 eap_type_tlspeap_stored_keystore_handle, |
693 eap_type_tlspeap_stored_keystore_handle, |
532 sizeof(iKeyStore), |
694 sizeof(iKeyStore), |
533 &iKeyStore); |
695 &iKeyStore); |
534 if (status != eap_status_ok) |
696 if (status != eap_status_ok) |
599 { |
761 { |
600 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
762 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
601 User::Leave(KErrGeneral); |
763 User::Leave(KErrGeneral); |
602 } |
764 } |
603 } |
765 } |
|
766 |
|
767 #endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE) |
|
768 |
604 } |
769 } |
605 else |
770 else |
606 { |
771 { |
|
772 EAP_TRACE_DEBUG( |
|
773 m_am_tools, |
|
774 TRACE_FLAGS_DEFAULT, |
|
775 (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::SignL(): uses previous CUnifiedKeyStore handle.\n"))); |
|
776 |
607 // Skip passphrase setting because it clears the passphrase cache |
777 // Skip passphrase setting because it clears the passphrase cache |
608 iState = ESetPassphraseTimeout; |
778 iState = ESetPassphraseTimeout; |
609 |
779 |
610 TRequestStatus* status = &iStatus; |
780 TRequestStatus* status = &iStatus; |
611 User::RequestComplete(status, KErrNone); |
781 User::RequestComplete(status, KErrNone); |
612 } |
782 } |
|
783 |
613 SetActive(); |
784 SetActive(); |
614 |
785 |
615 |
786 |
616 |
787 |
617 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
788 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
618 } |
789 } |
619 |
790 |
620 //-------------------------------------------------- |
791 //-------------------------------------------------- |
621 |
792 |
622 void CEapTlsPeapCertInterface::DecryptL( |
793 void CEapTlsPeapCertInterface::DecryptL( |
623 TKeyIdentifier& aKeyId, |
794 const TKeyIdentifier& aKeyId, |
624 const TDesC8& aDataIn) |
795 const TDesC8& aDataIn) |
625 { |
796 { |
626 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
797 EAP_TRACE_DEBUG( |
|
798 m_am_tools, |
|
799 TRACE_FLAGS_DEFAULT, |
|
800 (EAPL("CEapTlsPeapCertInterface::DecryptL()\n"))); |
|
801 |
|
802 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::DecryptL()"); |
|
803 |
627 iKeyIdentifier = aKeyId; |
804 iKeyIdentifier = aKeyId; |
628 |
805 |
629 delete iDataIn; |
806 delete iDataIn; |
630 iDataIn = 0; |
807 iDataIn = 0; |
631 delete iDataOut; |
808 delete iDataOut; |
663 } |
843 } |
664 |
844 |
665 eap_tlv_message_data_c tlv_data(m_am_tools); |
845 eap_tlv_message_data_c tlv_data(m_am_tools); |
666 |
846 |
667 status = m_am_tools->memory_store_get_data(&key, &tlv_data); |
847 status = m_am_tools->memory_store_get_data(&key, &tlv_data); |
|
848 |
668 if (status != eap_status_ok) |
849 if (status != eap_status_ok) |
669 { |
850 { |
670 EAP_TRACE_DEBUG( |
851 |
671 m_am_tools, |
852 #endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE) |
672 TRACE_FLAGS_DEFAULT, |
853 |
673 (EAPL("EAP_type_TLSPEAP: cannot get previous keystore handle.\n"))); |
854 EAP_TRACE_DEBUG( |
|
855 m_am_tools, |
|
856 TRACE_FLAGS_DEFAULT, |
|
857 (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::DecryptL(): cannot get previous CUnifiedKeyStore handle.\n"))); |
674 |
858 |
675 iKeyStore = CUnifiedKeyStore::NewL(iFs); |
859 iKeyStore = CUnifiedKeyStore::NewL(iFs); |
676 iKeyStore->Initialize(iStatus); |
860 iKeyStore->Initialize(iStatus); |
677 |
861 |
|
862 #if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE) |
|
863 |
678 status = tlv_data.add_message_data( |
864 status = tlv_data.add_message_data( |
679 eap_type_tlspeap_stored_keystore_handle, |
865 eap_type_tlspeap_stored_keystore_handle, |
680 sizeof(iKeyStore), |
866 sizeof(iKeyStore), |
681 &iKeyStore); |
867 &iKeyStore); |
682 if (status != eap_status_ok) |
868 if (status != eap_status_ok) |
741 { |
927 { |
742 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
928 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
743 User::Leave(KErrGeneral); |
929 User::Leave(KErrGeneral); |
744 } |
930 } |
745 } |
931 } |
|
932 |
|
933 #endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE) |
|
934 |
746 } |
935 } |
747 else |
936 else |
748 { |
937 { |
|
938 EAP_TRACE_DEBUG( |
|
939 m_am_tools, |
|
940 TRACE_FLAGS_DEFAULT, |
|
941 (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::DecryptL(): uses previous CUnifiedKeyStore handle.\n"))); |
|
942 |
749 TRequestStatus* status = &iStatus; |
943 TRequestStatus* status = &iStatus; |
750 User::RequestComplete(status, KErrNone); |
944 User::RequestComplete(status, KErrNone); |
751 } |
945 } |
752 |
946 |
753 SetActive(); |
947 SetActive(); |
|
948 |
754 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
949 EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); |
755 } |
950 } |
756 |
951 |
757 //-------------------------------------------------- |
952 //-------------------------------------------------- |
758 |
953 |
759 void CEapTlsPeapCertInterface::RunL() |
954 void CEapTlsPeapCertInterface::RunL() |
760 { |
955 { |
761 EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); |
|
762 |
|
763 EAP_TRACE_DEBUG_SYMBIAN( |
|
764 (_L("CEapTlsPeapCertInterface::RunL(): TEMP iStatus=%d, iState=%d"), |
|
765 iStatus.Int(), iState)); |
|
766 |
|
767 EAP_TRACE_DEBUG( |
956 EAP_TRACE_DEBUG( |
768 m_am_tools, |
957 m_am_tools, |
769 TRACE_FLAGS_DEFAULT, |
958 TRACE_FLAGS_DEFAULT, |
770 (EAPL("CEapTlsPeapCertInterface::RunL(): iStatus %d\n"), |
959 (EAPL("CEapTlsPeapCertInterface::RunL(): TEMP iStatus=%d, iState=%d\n"), |
771 iStatus.Int())); |
960 iStatus.Int(), |
|
961 iState)); |
|
962 |
|
963 EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::RunL()"); |
772 |
964 |
773 if (!(iStatus.Int() == KErrNone)) |
965 if (!(iStatus.Int() == KErrNone)) |
774 { |
966 { |
775 EAP_TRACE_ERROR( |
967 EAP_TRACE_ERROR( |
776 m_am_tools, |
968 m_am_tools, |
777 TRACE_FLAGS_DEFAULT, |
969 TRACE_FLAGS_DEFAULT, |
778 (EAPL("ERROR: EAP-TLS certificate interface failed: %d.\n"), |
970 (EAPL("ERROR: EAP-TLS certificate interface failed: error=%d.\n"), |
779 iStatus.Int())); |
971 iStatus.Int())); |
780 iParent->SendErrorNotification(eap_status_user_cancel_authentication); |
972 iParent->SendErrorNotification(eap_status_user_cancel_authentication); |
781 |
973 |
782 if(iState == ESignOpenKeyStore) |
974 if(iState == ESignOpenKeyStore) |
783 { |
975 { |
784 // User probably cancelled the keystore password query. |
976 // User probably cancelled the keystore password query. |
785 |
977 |
786 EAP_TRACE_DEBUG_SYMBIAN( |
978 EAP_TRACE_DEBUG( |
787 (_L("CEapTlsPeapCertInterface::RunL(): ESignOpenKeyStore Failed"))); |
979 m_am_tools, |
788 |
980 TRACE_FLAGS_DEFAULT, |
|
981 (EAPL("CEapTlsPeapCertInterface::RunL(): ESignOpenKeyStore Failed\n"))); |
|
982 |
789 if(iRSASigner != NULL) |
983 if(iRSASigner != NULL) |
790 { |
984 { |
791 iRSASigner->Release(); |
985 iRSASigner->Release(); |
792 |
986 |
793 EAP_TRACE_DEBUG_SYMBIAN( |
987 EAP_TRACE_DEBUG( |
794 (_L("CEapTlsPeapCertInterface::RunL(): iRSASigner->Release() OK"))); |
988 m_am_tools, |
795 |
989 TRACE_FLAGS_DEFAULT, |
|
990 (EAPL("CEapTlsPeapCertInterface::RunL(): iRSASigner->Release() OK\n"))); |
796 } |
991 } |
797 |
992 |
798 if(iDSASigner != NULL) |
993 if(iDSASigner != NULL) |
799 { |
994 { |
800 iDSASigner->Release(); |
995 iDSASigner->Release(); |
801 |
996 |
802 EAP_TRACE_DEBUG_SYMBIAN( |
997 EAP_TRACE_DEBUG( |
803 (_L("CEapTlsPeapCertInterface::RunL(): iDSASigner->Release() OK"))); |
998 m_am_tools, |
|
999 TRACE_FLAGS_DEFAULT, |
|
1000 (EAPL("CEapTlsPeapCertInterface::RunL(): iDSASigner->Release() OK\n"))); |
804 } |
1001 } |
805 } |
1002 } |
806 |
1003 |
807 return; |
1004 return; |
808 } |
1005 } |
861 m_am_tools, |
1058 m_am_tools, |
862 TRACE_FLAGS_DEFAULT, |
1059 TRACE_FLAGS_DEFAULT, |
863 (EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsInitialize, Total Certs: iCertInfos.Count()=%d\n"), |
1060 (EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsInitialize, Total Certs: iCertInfos.Count()=%d\n"), |
864 iCertInfos.Count())); |
1061 iCertInfos.Count())); |
865 |
1062 |
866 iMatchingUserCertInfos.Reset(); |
1063 iMatchingUserCertInfos.ResetAndDestroy(); |
867 |
1064 |
868 // Remove non-allowed |
1065 // Remove non-allowed |
869 TInt i(0); |
1066 TInt i(0); |
870 TInt j(0); |
1067 TInt j(0); |
871 for (i = 0; i < iCertInfos.Count(); i++) |
1068 for (i = 0; i < iCertInfos.Count(); i++) |
872 { |
1069 { |
873 for (j = 0; j < iAllowedUserCerts.Count(); j++) |
1070 for (j = 0; j < iAllowedUserCerts.Count(); j++) |
874 { |
1071 { |
875 if ( (iCertInfos[i]->Label().Compare(iAllowedUserCerts[j].iLabel) == 0 |
1072 if ( (iCertInfos[i]->Label().Compare(*(iAllowedUserCerts[j]->GetLabel())) == 0 |
876 || iCertInfos[i]->Label().Length() == 0 |
1073 || iCertInfos[i]->Label().Length() == 0 |
877 || iAllowedUserCerts[j].iLabel.Length() == 0) |
1074 || iAllowedUserCerts[j]->GetLabel()->Length() == 0) |
878 && iCertInfos[i]->SubjectKeyId() == iAllowedUserCerts[j].iSubjectKeyId) |
1075 && iCertInfos[i]->SubjectKeyId() == iAllowedUserCerts[j]->GetSubjectKeyId()) |
879 { |
1076 { |
880 |
1077 |
881 EAP_TRACE_DEBUG( |
1078 EAP_TRACE_DEBUG( |
882 m_am_tools, |
1079 m_am_tools, |
883 TRACE_FLAGS_DEFAULT, |
1080 TRACE_FLAGS_DEFAULT, |
884 (EAPL("RunL(): EGetMatchingCertsInitialize, Found a Matching USER cert\n"))); |
1081 (EAPL("RunL(): EGetMatchingCertsInitialize, Found a Matching USER cert\n"))); |
885 |
1082 |
886 EAP_TRACE_DEBUG( |
1083 EAP_TRACE_DATA_DEBUG( |
887 m_am_tools, |
1084 m_am_tools, |
888 TRACE_FLAGS_DEFAULT, |
1085 TRACE_FLAGS_DEFAULT, |
889 (EAPL("RunL(): EGetMatchingCertsInitialize,Label of matching cert=%S\n"), |
1086 (EAPL("RunL(): EGetMatchingCertsInitialize, Label of matching cert"), |
890 &(iCertInfos[i]->Label()))); |
1087 iCertInfos[i]->Label().Ptr(), |
891 |
1088 iCertInfos[i]->Label().Size())); |
892 EAP_TRACE_DATA_DEBUG_SYMBIAN(("RunL(): EGetMatchingCertsInitialize,SubjectkeyID of matching cert", |
1089 |
893 iCertInfos[i]->SubjectKeyId().Ptr(), iCertInfos[i]->SubjectKeyId().Size())); |
1090 EAP_TRACE_DATA_DEBUG( |
|
1091 m_am_tools, |
|
1092 TRACE_FLAGS_DEFAULT, |
|
1093 (EAPL("RunL(): EGetMatchingCertsInitialize, SubjectkeyID of matching cert"), |
|
1094 iCertInfos[i]->SubjectKeyId().Ptr(), |
|
1095 iCertInfos[i]->SubjectKeyId().Size())); |
894 |
1096 |
895 break; |
1097 break; |
896 } |
1098 } |
897 } |
1099 } |
898 if (j == iAllowedUserCerts.Count()) |
1100 if (j == iAllowedUserCerts.Count()) |
899 { |
1101 { |
900 // Not allowed -> remove |
1102 // Not allowed -> remove |
901 iCertInfos.Remove(i); |
1103 iCertInfos.Remove(i); |
902 i--; |
1104 i--; |
903 } |
1105 } |
904 } |
1106 } |
|
1107 |
905 if (iCertInfos.Count() == 0) |
1108 if (iCertInfos.Count() == 0) |
906 { |
1109 { |
907 EAP_TRACE_DEBUG( |
1110 EAP_TRACE_DEBUG( |
908 m_am_tools, |
1111 m_am_tools, |
909 TRACE_FLAGS_DEFAULT, |
1112 TRACE_FLAGS_DEFAULT, |
910 (EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsInitialize - No matching Certificates.\n"))); |
1113 (EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsInitialize - No matching Certificates.\n"))); |
911 |
1114 |
912 // No matching certs |
1115 // No matching certs |
913 |
1116 |
914 CArrayFixFlat<SCertEntry>* tmp = NULL; |
1117 RPointerArray<EapCertificateEntry>* tmp = NULL; |
915 |
1118 |
916 TRAPD(err, tmp = new (ELeave) CArrayFixFlat<SCertEntry>(1) ); |
1119 tmp = new (ELeave) RPointerArray<EapCertificateEntry>(1); |
917 if (tmp == 0 || err != KErrNone) |
1120 if (tmp == 0) |
918 { |
1121 { |
919 // Timeout handles error situation |
1122 // Timeout handles error situation |
920 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
1123 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
921 } |
1124 } |
922 |
1125 |
937 |
1140 |
938 iState = EGetMatchingCertsLoop; |
1141 iState = EGetMatchingCertsLoop; |
939 |
1142 |
940 iEncodedCertificate->Des().SetLength(0); |
1143 iEncodedCertificate->Des().SetLength(0); |
941 |
1144 |
942 TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(iCertInfos[iUserCertIndex]->Size())); |
1145 TRAPD(error, iEncodedCertificate = iEncodedCertificate->ReAllocL(iCertInfos[iUserCertIndex]->Size())); |
943 if (err != KErrNone) |
1146 if (error != KErrNone) |
944 { |
1147 { |
945 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
1148 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
946 |
1149 |
947 CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry)); |
1150 RPointerArray<EapCertificateEntry> tmp(sizeof(EapCertificateEntry)); |
948 |
1151 |
949 m_am_tools->enter_global_mutex(); |
1152 m_am_tools->enter_global_mutex(); |
950 |
1153 |
951 iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure |
1154 iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure |
952 |
1155 |
953 m_am_tools->leave_global_mutex(); |
1156 m_am_tools->leave_global_mutex(); |
954 |
1157 |
955 break; |
1158 break; |
956 } |
1159 } |
957 |
1160 |
958 iCertPtr.Set(iEncodedCertificate->Des()); |
1161 iCertPtr.Set(iEncodedCertificate->Des()); |
959 |
1162 |
960 iCertStore->Retrieve( |
1163 iCertStore->Retrieve( |
961 *(iCertInfos[iUserCertIndex]), |
1164 *(iCertInfos[iUserCertIndex]), |
962 iCertPtr, |
1165 iCertPtr, |
963 iStatus); |
1166 iStatus); |
964 |
1167 |
965 SetActive(); |
1168 SetActive(); |
966 } |
1169 } |
967 break; |
1170 break; |
968 |
1171 |
969 case EGetMatchingCertsLoop: |
1172 case EGetMatchingCertsLoop: |
972 m_am_tools, |
1175 m_am_tools, |
973 TRACE_FLAGS_DEFAULT, |
1176 TRACE_FLAGS_DEFAULT, |
974 (EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsLoop\n"))); |
1177 (EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsLoop\n"))); |
975 |
1178 |
976 CX509Certificate* cert = 0; |
1179 CX509Certificate* cert = 0; |
977 TRAPD(err, cert = CX509Certificate::NewL(iEncodedCertificate->Des())); |
1180 TRAPD(error, cert = CX509Certificate::NewL(iEncodedCertificate->Des())); |
978 if (err != KErrNone || cert == 0) |
1181 if (error != KErrNone || cert == 0) |
979 { |
1182 { |
980 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
1183 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
981 |
1184 |
982 CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry)); |
1185 RPointerArray<EapCertificateEntry> tmp(sizeof(EapCertificateEntry)); |
983 |
1186 |
984 m_am_tools->enter_global_mutex(); |
1187 m_am_tools->enter_global_mutex(); |
985 |
1188 |
986 iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure |
1189 iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure |
987 |
1190 |
1007 } |
1210 } |
1008 |
1211 |
1009 // No need to validate iCertInfos here as the execution doesn't come to this case if iCertInfos |
1212 // No need to validate iCertInfos here as the execution doesn't come to this case if iCertInfos |
1010 // is empty, check is done in the above case. |
1213 // is empty, check is done in the above case. |
1011 |
1214 |
1012 SCertEntry entry; |
1215 EapCertificateEntry * entry = new EapCertificateEntry; |
1013 entry.iLabel.Copy(iCertInfos[iUserCertIndex]->Label()); |
1216 entry = new (ELeave) EapCertificateEntry; |
1014 entry.iSubjectKeyId = iCertInfos[iUserCertIndex]->SubjectKeyId(); |
1217 if (entry == 0 || error != KErrNone) |
1015 |
1218 { |
1016 TRAP(err, iMatchingUserCertInfos.AppendL(entry)); |
1219 // Timeout handles error situation |
1017 if (err != KErrNone) |
1220 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
|
1221 |
|
1222 RPointerArray<EapCertificateEntry> tmp(sizeof(EapCertificateEntry)); |
|
1223 |
|
1224 m_am_tools->enter_global_mutex(); |
|
1225 |
|
1226 iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure |
|
1227 |
|
1228 m_am_tools->leave_global_mutex(); |
|
1229 |
|
1230 delete entry; |
|
1231 |
|
1232 break; |
|
1233 } |
|
1234 |
|
1235 entry->SetLabel(iCertInfos[iUserCertIndex]->Label()); |
|
1236 entry->SetSubjectKeyId(iCertInfos[iUserCertIndex]->SubjectKeyId()); |
|
1237 |
|
1238 TRAP(error, iMatchingUserCertInfos.AppendL(entry)); |
|
1239 if (error != KErrNone) |
1018 { |
1240 { |
1019 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
1241 EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
1020 |
1242 |
1021 CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry)); |
1243 RPointerArray<EapCertificateEntry> tmp(sizeof(EapCertificateEntry)); |
1022 |
1244 |
1023 m_am_tools->enter_global_mutex(); |
1245 m_am_tools->enter_global_mutex(); |
1024 |
1246 |
1025 iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure |
1247 iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure |
1026 |
1248 |
1027 m_am_tools->leave_global_mutex(); |
1249 m_am_tools->leave_global_mutex(); |
1050 if (dn.ExactMatchL(*iCertAuthorities[j])) |
1272 if (dn.ExactMatchL(*iCertAuthorities[j])) |
1051 { |
1273 { |
1052 // Matches |
1274 // Matches |
1053 break; |
1275 break; |
1054 } |
1276 } |
1055 } |
1277 } // for() |
|
1278 |
1056 if (j == iCertAuthorities.Count()) |
1279 if (j == iCertAuthorities.Count()) |
1057 { |
1280 { |
1058 // No match. Remove |
1281 // No match. Remove |
1059 delete iMatchingUserCerts[i]; |
1282 delete iMatchingUserCerts[i]; |
1060 iMatchingUserCerts.Remove(i); |
1283 iMatchingUserCerts.Remove(i); |
1061 iMatchingUserCertInfos.Delete(i); |
1284 delete iMatchingUserCertInfos[i]; |
|
1285 iMatchingUserCertInfos.Remove(i); |
1062 i--; |
1286 i--; |
1063 |
1287 |
1064 EAP_TRACE_DEBUG( |
1288 EAP_TRACE_DEBUG( |
1065 m_am_tools, |
1289 m_am_tools, |
1066 TRACE_FLAGS_DEFAULT, |
1290 TRACE_FLAGS_DEFAULT, |
1067 (EAPL("RunL(): EGetMatchingCertsLoop Using CertAuthoritiesFilter - no distinguished name matching - Matching cert removed\n"))); |
1291 (EAPL("RunL(): EGetMatchingCertsLoop Using CertAuthoritiesFilter - no distinguished name matching - Matching cert removed\n"))); |
1068 } |
1292 } |
1069 } |
1293 } |
1070 } |
1294 } |
1071 // Check Certificate types |
1295 // Check Certificate types |
1072 if (iUseCertTypesFilter) |
1296 if (iUseCertTypesFilter |
|
1297 && iCertTypes != 0) |
1073 { |
1298 { |
1074 for (i = 0; i < (TInt) iMatchingUserCerts.Count(); i++) |
1299 for (i = 0; i < (TInt) iMatchingUserCerts.Count(); i++) |
1075 { |
1300 { |
1076 // Get the public key algorithm |
1301 // Get the public key algorithm |
1077 const CSubjectPublicKeyInfo& public_key = iMatchingUserCerts[i]->PublicKey(); |
1302 const CSubjectPublicKeyInfo& public_key = iMatchingUserCerts[i]->PublicKey(); |
1079 |
1304 |
1080 TUint j(0); |
1305 TUint j(0); |
1081 for (j = 0; j < iCertTypes->get_object_count(); j++) |
1306 for (j = 0; j < iCertTypes->get_object_count(); j++) |
1082 { |
1307 { |
1083 u8_t* val = iCertTypes->get_object(j); |
1308 u8_t* val = iCertTypes->get_object(j); |
1084 if (algorithm == ERSA |
1309 |
1085 && (*val == ERSASign |
1310 if (val != 0) |
1086 || *val == ERSASignWithFixedDH |
|
1087 || *val == ERSASignWithEphemeralDH)) |
|
1088 { |
1311 { |
1089 break; |
1312 if (algorithm == ERSA |
|
1313 && (*val == ERSASign |
|
1314 || *val == ERSASignWithFixedDH |
|
1315 || *val == ERSASignWithEphemeralDH)) |
|
1316 { |
|
1317 break; |
|
1318 } |
|
1319 else if (algorithm == EDSA |
|
1320 && (*val == EDSASign |
|
1321 || *val == EDSASignWithFixedDH |
|
1322 || *val == EDSASignWithEphemeralDH)) |
|
1323 { |
|
1324 break; |
|
1325 } |
1090 } |
1326 } |
1091 if (algorithm == EDSA |
1327 } // for() |
1092 && (*val == EDSASign |
1328 |
1093 || *val == EDSASignWithFixedDH |
|
1094 || *val == EDSASignWithEphemeralDH)) |
|
1095 { |
|
1096 break; |
|
1097 } |
|
1098 } |
|
1099 if (j == iCertTypes->get_object_count()) |
1329 if (j == iCertTypes->get_object_count()) |
1100 { |
1330 { |
1101 // No match. Remove |
1331 // No match. Remove |
1102 delete iMatchingUserCerts[i]; |
1332 delete iMatchingUserCerts[i]; |
1103 iMatchingUserCerts.Remove(i); |
1333 iMatchingUserCerts.Remove(i); |
1104 iMatchingUserCertInfos.Delete(i); |
1334 delete iMatchingUserCertInfos[i]; |
|
1335 iMatchingUserCertInfos.Remove(i); |
1105 i--; |
1336 i--; |
1106 |
1337 |
1107 EAP_TRACE_DEBUG( |
1338 EAP_TRACE_DEBUG( |
1108 m_am_tools, |
1339 m_am_tools, |
1109 TRACE_FLAGS_DEFAULT, |
1340 TRACE_FLAGS_DEFAULT, |
1503 break; |
1739 break; |
1504 } |
1740 } |
1505 |
1741 |
1506 #if defined(_DEBUG) || defined(DEBUG) |
1742 #if defined(_DEBUG) || defined(DEBUG) |
1507 |
1743 |
|
1744 { |
1508 // No need to validate iCertInfos in here as it is done in case: EGetAllCerts |
1745 // No need to validate iCertInfos in here as it is done in case: EGetAllCerts |
1509 CCTCertInfo* tempInfo; |
1746 CCTCertInfo* tempInfo; |
1510 tempInfo = iCertInfos[iCAIndex]; |
1747 tempInfo = iCertInfos[iCAIndex]; |
1511 |
1748 |
1512 // These are for the trace debug. |
1749 // These are for the trace debug. |
1513 TCertLabel label = tempInfo->Label(); |
1750 TCertLabel label = tempInfo->Label(); |
1514 TKeyIdentifier KeyIdentifier = tempInfo->SubjectKeyId(); |
1751 TKeyIdentifier SubjectKeyId = tempInfo->SubjectKeyId(); |
1515 TKeyIdentifier IssuerId = tempInfo->IssuerKeyId(); |
1752 TKeyIdentifier IssuerId = tempInfo->IssuerKeyId(); |
1516 TCertificateFormat format = tempInfo->CertificateFormat(); |
1753 TCertificateFormat format = tempInfo->CertificateFormat(); |
1517 TCertificateOwnerType ownerType = tempInfo->CertificateOwnerType(); |
1754 TCertificateOwnerType ownerType = tempInfo->CertificateOwnerType(); |
1518 |
1755 |
1519 EAP_TRACE_DEBUG_SYMBIAN((_L("\n CEapTlsPeapCertInterface::RunL() : About to retrieve Cert with details, Label = %S"), &label)); |
1756 EAP_TRACE_DEBUG_SYMBIAN((_L("\n CEapTlsPeapCertInterface::RunL() : About to retrieve Cert with details, Label = %S"), |
1520 EAP_TRACE_DEBUG_SYMBIAN((_L("Other detials- Format=%d, Owner type=%d, IsDeletable=%d, Type UID=%d"), |
1757 &label)); |
1521 format, ownerType, tempInfo->IsDeletable(), tempInfo->Type())); |
1758 |
|
1759 EAP_TRACE_DEBUG( |
|
1760 m_am_tools, |
|
1761 TRACE_FLAGS_DEFAULT, |
|
1762 (EAPL("Other detials- Format=%d, Owner type=%d, IsDeletable=%d, Type UID=%d\n"), |
|
1763 format, |
|
1764 ownerType, |
|
1765 tempInfo->IsDeletable(), |
|
1766 tempInfo->Type())); |
1522 |
1767 |
1523 EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("Subject key Id is"), |
1768 EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("Subject key Id is"), |
1524 KeyIdentifier.Ptr(), |
1769 SubjectKeyId.Ptr(), |
1525 KeyIdentifier.Size())); |
1770 SubjectKeyId.Size())); |
1526 |
1771 |
1527 EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("Issuer Id is"), |
1772 EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("Issuer Id is"), |
1528 IssuerId.Ptr(), |
1773 IssuerId.Ptr(), |
1529 IssuerId.Size())); |
1774 IssuerId.Size())); |
1530 |
1775 |
1883 TRACE_FLAGS_DEFAULT, |
2132 TRACE_FLAGS_DEFAULT, |
1884 (EAPL("CEapTlsPeapCertInterface::RunL():EncodedCertificate string size=%d\n"), |
2133 (EAPL("CEapTlsPeapCertInterface::RunL():EncodedCertificate string size=%d\n"), |
1885 iEncodedCertificate->Size())); |
2134 iEncodedCertificate->Size())); |
1886 |
2135 |
1887 CX509Certificate* cert = 0; |
2136 CX509Certificate* cert = 0; |
1888 TRAPD(err, cert = CX509Certificate::NewL(iEncodedCertificate->Des())); |
2137 TRAPD(error, cert = CX509Certificate::NewL(iEncodedCertificate->Des())); |
1889 if (err != KErrNone) |
2138 if (error != KErrNone) |
1890 { |
2139 { |
1891 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
2140 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
1892 RPointerArray<CX509Certificate> tmp; |
2141 RPointerArray<CX509Certificate> tmp; |
1893 |
2142 |
1894 m_am_tools->enter_global_mutex(); |
2143 m_am_tools->enter_global_mutex(); |
1967 m_am_tools, |
2218 m_am_tools, |
1968 TRACE_FLAGS_DEFAULT, |
2219 TRACE_FLAGS_DEFAULT, |
1969 (EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainGetCACertList\n"))); |
2220 (EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainGetCACertList\n"))); |
1970 |
2221 |
1971 int index; |
2222 int index; |
1972 TIdentityRelation<SCertEntry> comparator(&EapTlsPeapUtils::CompareSCertEntries); |
2223 TIdentityRelation<EapCertificateEntry> comparator(&EapTlsPeapUtils::CompareSCertEntries); |
1973 // Remove disallowed CA certs from the array |
2224 |
1974 for (TInt i = 0; i < iCertInfos.Count(); i++) |
2225 if (iUseAutomaticCaCertificate) |
1975 { |
2226 { |
1976 SCertEntry certEntry; |
2227 // All CA certificates are allowed. |
1977 certEntry.iLabel.Copy(iCertInfos[i]->Label()); |
2228 EAP_TRACE_DEBUG( |
1978 certEntry.iSubjectKeyId.Copy(iCertInfos[i]->SubjectKeyId()); |
2229 m_am_tools, |
1979 index = iAllowedCACerts.Find(certEntry, comparator); |
2230 TRACE_FLAGS_DEFAULT, |
1980 |
2231 (EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainGetCACertList: All CA certificates are allowed.\n"))); |
1981 if (index == KErrNotFound) |
2232 } |
|
2233 else |
|
2234 { |
|
2235 // Remove disallowed CA certs from the array |
|
2236 for (TInt i = 0; i < iCertInfos.Count(); i++) |
1982 { |
2237 { |
1983 // Remove |
2238 EapCertificateEntry certEntry; |
1984 iCertInfos[i]->Release(); |
2239 certEntry.SetLabel(iCertInfos[i]->Label()); |
1985 iCertInfos.Remove(i); |
2240 certEntry.SetSubjectKeyId(iCertInfos[i]->SubjectKeyId()); |
1986 i--; |
2241 index = iAllowedCACerts.Find(&certEntry, comparator); |
|
2242 |
|
2243 if (index == KErrNotFound) |
|
2244 { |
|
2245 // Remove |
|
2246 iCertInfos[i]->Release(); |
|
2247 iCertInfos.Remove(i); |
|
2248 i--; |
|
2249 } |
1987 } |
2250 } |
1988 } |
2251 } |
|
2252 |
1989 if (iCertInfos.Count() == 0) |
2253 if (iCertInfos.Count() == 0) |
1990 { |
2254 { |
1991 // Create new validation result for this failure case. |
2255 // Create new validation result for this failure case. |
1992 // CPKIXValidationResult does include a Reset-member function |
2256 // CPKIXValidationResult does include a Reset-member function |
1993 // but it is not in x500.lib as the documentation says. |
2257 // but it is not in x500.lib as the documentation says. |
1994 CPKIXValidationResult* validationResult = 0; |
2258 CPKIXValidationResult* validationResult = 0; |
1995 TRAPD(err, validationResult = CPKIXValidationResult::NewL()); |
2259 TRAPD(error, validationResult = CPKIXValidationResult::NewL()); |
1996 if (err != KErrNone) |
2260 if (error != KErrNone) |
1997 { |
2261 { |
1998 // Do nothing. Session timeout takes care of cleanup... |
2262 // Do nothing. Session timeout takes care of cleanup... |
1999 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
2263 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
2000 } |
2264 } |
2001 m_am_tools->enter_global_mutex(); |
2265 m_am_tools->enter_global_mutex(); |
2004 |
2268 |
2005 m_am_tools->leave_global_mutex(); |
2269 m_am_tools->leave_global_mutex(); |
2006 delete validationResult; |
2270 delete validationResult; |
2007 break; |
2271 break; |
2008 } |
2272 } |
2009 |
2273 |
2010 CCTCertInfo* info; |
2274 { |
2011 info = iCertInfos[0]; |
2275 CCTCertInfo* info; |
2012 iCAIndex = 0; |
2276 info = iCertInfos[0]; |
2013 |
2277 iCAIndex = 0; |
2014 iState = EValidateChainGetCACert; |
2278 |
2015 |
2279 iState = EValidateChainGetCACert; |
2016 iEncodedCertificate->Des().SetLength(0); |
2280 |
2017 TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size())); |
2281 iEncodedCertificate->Des().SetLength(0); |
2018 if (err != KErrNone) |
2282 TRAPD(error, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size())); |
2019 { |
2283 if (error != KErrNone) |
2020 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
2284 { |
2021 |
2285 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
2022 CPKIXValidationResult* tmp = 0; |
2286 |
2023 |
2287 CPKIXValidationResult* tmp = 0; |
2024 m_am_tools->enter_global_mutex(); |
2288 |
2025 |
2289 m_am_tools->enter_global_mutex(); |
2026 iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure. |
2290 |
2027 |
2291 iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure. |
2028 m_am_tools->leave_global_mutex(); |
2292 |
2029 break; |
2293 m_am_tools->leave_global_mutex(); |
2030 } |
2294 break; |
2031 |
2295 } |
2032 iCertPtr.Set(iEncodedCertificate->Des()); |
2296 |
2033 |
2297 iCertPtr.Set(iEncodedCertificate->Des()); |
2034 iCertStore->Retrieve( |
2298 |
2035 *info, |
2299 iCertStore->Retrieve( |
2036 iCertPtr, |
2300 *info, |
2037 iStatus); |
2301 iCertPtr, |
2038 |
2302 iStatus); |
2039 SetActive(); |
2303 |
|
2304 SetActive(); |
|
2305 } |
2040 } |
2306 } |
2041 break; |
2307 break; |
2042 |
2308 |
2043 case EValidateChainGetCACert: |
2309 case EValidateChainGetCACert: |
2044 { |
2310 { |
2081 if (iCAIndex >= static_cast<TUint>(iCertInfos.Count())) |
2347 if (iCAIndex >= static_cast<TUint>(iCertInfos.Count())) |
2082 { |
2348 { |
2083 delete iCertChain; |
2349 delete iCertChain; |
2084 iCertChain = 0; |
2350 iCertChain = 0; |
2085 |
2351 |
2086 TRAPD(err, iCertChain = CPKIXCertChain::NewL(iFs, *iInputCertChain, iRootCerts)); |
2352 TRAPD(error, iCertChain = CPKIXCertChain::NewL(iFs, *iInputCertChain, iRootCerts)); |
2087 if (err != KErrNone) |
2353 if (error != KErrNone) |
2088 { |
2354 { |
2089 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: EAP-TLS error %d.\n"), err)); |
2355 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: EAP-TLS error %d.\n"), error)); |
2090 CPKIXValidationResult* tmp = 0; |
2356 CPKIXValidationResult* tmp = 0; |
2091 |
2357 |
2092 m_am_tools->enter_global_mutex(); |
2358 m_am_tools->enter_global_mutex(); |
2093 |
2359 |
2094 iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure. |
2360 iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure. |
2095 |
2361 |
2096 m_am_tools->leave_global_mutex(); |
2362 m_am_tools->leave_global_mutex(); |
2097 break; |
2363 break; |
2098 } |
2364 } |
|
2365 |
2099 // Set the current time |
2366 // Set the current time |
2100 iTime.UniversalTime(); |
2367 iTime.UniversalTime(); |
2101 iState = EValidateChainEnd; |
2368 iState = EValidateChainEnd; |
2102 TRAP(err, iCertChain->ValidateL(*iValidationResult, iTime, iStatus)); |
2369 |
2103 if (err != KErrNone) |
2370 EAP_TRACE_DEBUG( |
|
2371 m_am_tools, |
|
2372 TRACE_FLAGS_DEFAULT, |
|
2373 (EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainGetCACert, calls iCertChain->ValidateL(), count of root CA certificates = %d\n"), |
|
2374 iRootCerts.Count())); |
|
2375 |
|
2376 TRAP(error, iCertChain->ValidateL(*iValidationResult, iTime, iStatus)); |
|
2377 if (error != KErrNone) |
2104 { |
2378 { |
2105 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Error in certificate validation in EAP-TLS.\n"))); |
2379 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Error in certificate validation in EAP-TLS, error = %d.\n"), |
|
2380 error)); |
2106 CPKIXValidationResult* tmp = 0; |
2381 CPKIXValidationResult* tmp = 0; |
2107 |
2382 |
2108 m_am_tools->enter_global_mutex(); |
2383 m_am_tools->enter_global_mutex(); |
2109 |
2384 |
2110 iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure. |
2385 iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure. |
2111 |
2386 |
2112 m_am_tools->leave_global_mutex(); |
2387 m_am_tools->leave_global_mutex(); |
2113 break; |
2388 break; |
2114 } |
2389 } |
2115 SetActive(); // Validate. |
2390 SetActive(); // Validate. |
2116 } |
2391 } |
2117 else |
2392 else |
2118 { |
2393 { |
2119 CCTCertInfo* info; |
2394 CCTCertInfo* info; |
2120 info = iCertInfos[iCAIndex]; |
2395 info = iCertInfos[iCAIndex]; |
2121 |
2396 |
2122 iState = EValidateChainGetCACert; |
2397 iState = EValidateChainGetCACert; |
2123 |
2398 |
2124 iEncodedCertificate->Des().SetLength(0); |
2399 iEncodedCertificate->Des().SetLength(0); |
2125 TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size())); |
2400 TRAPD(error, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size())); |
2126 if (err != KErrNone) |
2401 if (error != KErrNone) |
2127 { |
2402 { |
2128 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
2403 EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n"))); |
2129 CPKIXValidationResult* tmp = 0; |
2404 CPKIXValidationResult* tmp = 0; |
2130 |
2405 |
2131 m_am_tools->enter_global_mutex(); |
2406 m_am_tools->enter_global_mutex(); |