31 #include <d32dbms.h> |
31 #include <d32dbms.h> |
32 #include <EapType.h> |
32 #include <EapType.h> |
33 #include <unifiedcertstore.h> |
33 #include <unifiedcertstore.h> |
34 #include <mctwritablecertstore.h> |
34 #include <mctwritablecertstore.h> |
35 #include <pkixcertchain.h> |
35 #include <pkixcertchain.h> |
36 #include "EapTlsPeapNotifierStructs.h" |
36 #include "eap_auth_notifier.h" |
|
37 |
37 #include "EapTlsPeapUtils.h" |
38 #include "EapTlsPeapUtils.h" |
38 #include <bigint.h> |
39 #include <bigint.h> |
39 |
40 |
40 #if defined(USE_FAST_EAP_TYPE) |
41 #if defined(USE_FAST_EAP_TYPE) |
41 #include "EapFastNotifierStruct.h" |
42 #include "EapFastNotifierStruct.h" |
46 |
47 |
47 class CX509Certificate; |
48 class CX509Certificate; |
48 class CEapTlsPeapCertInterface; |
49 class CEapTlsPeapCertInterface; |
49 class eap_am_tools_symbian_c; |
50 class eap_am_tools_symbian_c; |
50 class abs_tls_am_application_eap_fast_c; |
51 class abs_tls_am_application_eap_fast_c; |
51 #if defined(USE_FAST_EAP_TYPE) |
52 |
52 class CEapFastActive; |
53 |
53 #endif |
|
54 class CEapTtlsPapActive; |
|
55 |
54 |
56 #ifdef USE_PAC_STORE |
55 #ifdef USE_PAC_STORE |
57 class CPacStoreDatabase; |
56 class CPacStoreDatabase; |
58 struct SInfoEntry; |
57 class SInfoEntry; |
59 #endif |
58 #endif |
60 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
59 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
61 class eap_file_config_c; |
60 class eap_file_config_c; |
62 #endif |
61 #endif |
63 |
62 |
64 const TInt KMaxLabelLength = 64; |
63 const TInt KMaxLabelLength = 64; |
65 const TInt KMaxDatabaseTableName = 64; |
64 const TInt KMaxDatabaseTableName = 64; |
|
65 const TInt KOffsetCorrection = 1; |
66 |
66 |
67 #if defined(USE_FAST_EAP_TYPE) |
67 #if defined(USE_FAST_EAP_TYPE) |
68 const char KEapFastPacProvisResultKey[] = "eap_am_type_tls_peap_symbian_c prov. result"; |
68 const char KEapFastPacProvisResultKey[] = "eap_am_type_tls_peap_symbian_c prov. result"; |
69 const TInt KEapFastPacProvisResultType = 1; |
69 const TInt KEapFastPacProvisResultType = 1; |
70 const u32_t KEapFastPacProvisResultDefaultTimeout = 10000; // in milliseconds = 10 seconds |
70 const u32_t KEapFastPacProvisResultDefaultTimeout = 10000; // in milliseconds = 10 seconds |
71 #endif |
71 #endif |
72 |
72 |
73 /// This class is interface to adaptation module of EAP/TLS and PEAP. |
73 /// This class is interface to adaptation module of EAP/TLS and PEAP. |
74 class EAP_EXPORT eap_am_type_tls_peap_symbian_c |
74 class EAP_EXPORT eap_am_type_tls_peap_symbian_c |
75 : public CActive, public eap_am_type_tls_peap_c |
75 : public CActive |
76 ,public abs_eap_base_timer_c |
76 , public eap_am_type_tls_peap_c |
|
77 , public abs_eap_base_timer_c |
|
78 , public MNotificationCallback |
77 { |
79 { |
78 |
80 |
79 public: |
81 public: |
80 |
82 |
81 #if defined(USE_FAST_EAP_TYPE) |
83 #if defined(USE_FAST_EAP_TYPE) |
83 { |
85 { |
84 EEapFastPacProvisResultFailure, /* 0 */ |
86 EEapFastPacProvisResultFailure, /* 0 */ |
85 EEapFastPacProvisResultSuccess /* 1 */ |
87 EEapFastPacProvisResultSuccess /* 1 */ |
86 }; |
88 }; |
87 #endif |
89 #endif |
|
90 |
88 private: // data |
91 private: // data |
89 //-------------------------------------------------- |
92 |
90 |
93 //-------------------------------------------------- |
91 RDbs m_session; |
94 |
|
95 RFs m_session; |
92 |
96 |
93 RDbNamedDatabase m_database; |
97 RDbNamedDatabase m_database; |
94 |
98 |
95 enum TState |
99 enum TState |
96 { |
100 { |
97 EHandlingIdentityQuery, /* 0 */ |
101 EHandlingIdentityQuery, /* 0 */ |
98 EHandlingManualIdentityQuery, /* 1 */ |
102 EHandlingManualIdentityQuery, /* 1 */ |
99 EHandlingChainQuery, /* 2 */ |
103 EHandlingChainQuery, /* 2 */ |
100 EHandlingCipherSuiteQuery, /* 3 */ |
104 EHandlingCipherSuiteQuery, /* 3 */ |
101 #if defined(USE_FAST_EAP_TYPE) /* 4 */ |
105 EHandlingDeviceSeedQuery, /* 4 */ |
102 EHandlingNotifierQuery, /* 5 */ |
106 #if defined(USE_FAST_EAP_TYPE) /* 5 */ |
103 EPasswordQuery, /* 6 */ |
107 EHandlingNotifierQuery, /* 6 */ |
104 EWrongPassword, /* 7 */ |
108 EPasswordQuery, /* 7 */ |
105 EFilePasswordQuery, /* 8 */ |
109 EWrongPassword, /* 8 */ |
106 EMasterkeyQuery, /* 9 */ |
110 EFilePasswordQuery, /* 9 */ |
107 EPasswordCancel, /* 10 */ |
111 EMasterkeyQuery, /* 10 */ |
108 EShowProvSuccesstNote, /* 11 */ |
112 EPasswordCancel, /* 11 */ |
109 EShowProvNotSuccesstNote, /* 12 */ |
113 EShowProvSuccesstNote, /* 12 */ |
110 ENone /* 13 */ |
114 EShowProvNotSuccesstNote, /* 13 */ |
|
115 ENotifierComplete, /*14 */ |
111 #endif //#if defined(USE_FAST_EAP_TYPE) |
116 #endif //#if defined(USE_FAST_EAP_TYPE) |
|
117 EPapUserNameAndPassword, /* 15 */ |
|
118 EPapChallenge, /* 16 */ |
|
119 ENone /* 17 */ |
112 |
120 |
113 }; |
121 }; |
114 |
122 |
115 TState m_state; |
123 TState m_state; |
116 TState m_prev_state; |
124 TState m_prev_state; |
144 bool m_is_valid; |
150 bool m_is_valid; |
145 bool m_is_client; |
151 bool m_is_client; |
146 |
152 |
147 eap_type_value_e m_current_eap_type; |
153 eap_type_value_e m_current_eap_type; |
148 |
154 |
149 // These are the vendor-types for EAP type and tunneling EAP type. |
|
150 // Valid for both expanded and non-expanded EAP types. |
|
151 u32_t m_current_eap_vendor_type; |
|
152 u32_t m_tunneling_vendor_type; |
|
153 |
|
154 TBufC<KMaxDatabaseTableName> m_db_table_name; |
155 TBufC<KMaxDatabaseTableName> m_db_table_name; |
155 TBufC<KMaxDatabaseTableName> m_db_user_cert_table_name; |
156 TBufC<KMaxDatabaseTableName> m_db_user_cert_table_name; |
156 TBufC<KMaxDatabaseTableName> m_db_ca_cert_table_name; |
157 TBufC<KMaxDatabaseTableName> m_db_ca_cert_table_name; |
157 TBufC<KMaxDatabaseTableName> m_db_cipher_suite_table_name; |
158 TBufC<KMaxDatabaseTableName> m_db_cipher_suite_table_name; |
158 TBufC<KMaxDatabaseTableName> m_db_name; |
159 TBufC<KMaxDatabaseTableName> m_db_name; |
159 |
160 |
160 #if defined (USE_FAST_EAP_TYPE) |
161 #if defined (USE_FAST_EAP_TYPE) |
161 TBufC<KMaxDatabaseTableName> m_db_fast_special_table_name; |
162 TBufC<KMaxDatabaseTableName> m_db_fast_special_table_name; |
162 RArray<SInfoEntry> m_info_array; |
163 RPointerArray<SInfoEntry> m_info_array; |
163 #endif |
164 #endif |
164 |
165 |
165 u32_t m_max_count_of_session_resumes; |
166 u32_t m_max_count_of_session_resumes; |
166 |
167 |
167 tls_cipher_suites_e m_cipher_suite; |
168 tls_cipher_suites_e m_cipher_suite; |
172 |
173 |
173 CX509Certificate* m_peer_certificate; |
174 CX509Certificate* m_peer_certificate; |
174 |
175 |
175 CEapTlsPeapCertInterface* m_cert_if; |
176 CEapTlsPeapCertInterface* m_cert_if; |
176 |
177 |
177 SCertEntry m_own_certificate_info; |
178 EapCertificateEntry m_own_certificate_info; |
178 |
179 |
179 eap_am_network_id_c m_receive_network_id; |
180 eap_am_network_id_c m_receive_network_id; |
180 |
181 |
181 u8_t m_eap_identifier; |
182 u8_t m_eap_identifier; |
182 |
183 |
183 TKeyIdentifier m_subject_key_id; |
184 TKeyIdentifier m_subject_key_id; |
184 |
185 |
185 RArray<SCertEntry> m_allowed_ca_certs; |
186 RPointerArray<EapCertificateEntry> m_allowed_ca_certs; |
186 |
187 |
187 RArray<SCertEntry> m_allowed_user_certs; |
188 RPointerArray<EapCertificateEntry> m_allowed_user_certs; |
188 |
189 |
189 RArray<SCertEntry> m_allowed_server_certs; |
190 RPointerArray<EapCertificateEntry> m_allowed_server_certs; |
190 |
191 |
191 RArray<TUint> m_allowed_cipher_suites; |
192 RArray<TUint> m_allowed_cipher_suites; |
192 |
193 |
193 eap_variable_data_c m_peer_public_key; |
194 eap_variable_data_c m_peer_public_key; |
194 |
195 |
196 eap_variable_data_c m_param_q; |
197 eap_variable_data_c m_param_q; |
197 eap_variable_data_c m_param_g; |
198 eap_variable_data_c m_param_g; |
198 |
199 |
199 bool m_shutdown_was_called; |
200 bool m_shutdown_was_called; |
200 |
201 |
201 #ifdef USE_EAP_EXPANDED_TYPES |
|
202 |
|
203 /// Tunneling EAP configuration data from EAP database. |
202 /// Tunneling EAP configuration data from EAP database. |
204 RExpandedEapTypePtrArray m_enabled_tunneling_exp_eap_array; |
203 RPointerArray<TEapExpandedType> m_enabled_tunneling_exp_eap_array; |
205 RExpandedEapTypePtrArray m_disabled_tunneling_exp_eap_array; |
204 RPointerArray<TEapExpandedType> m_disabled_tunneling_exp_eap_array; |
206 |
205 |
207 #else |
206 |
208 |
|
209 /// Tunneling EAP configuration data from EAP database. |
|
210 TEapArray m_iap_eap_array; |
|
211 |
|
212 #endif // #ifdef USE_EAP_EXPANDED_TYPES |
|
213 TIdentityInfo* m_identity_info; |
|
214 |
|
215 TBuf8<4> m_selector_output; |
207 TBuf8<4> m_selector_output; |
216 |
208 |
217 eap_type_value_e m_tunneled_type; |
209 eap_type_value_e m_tunneled_type; |
218 |
210 |
219 bool m_verify_certificate_realm; |
211 bool m_verify_certificate_realm; |
227 |
219 |
228 bool m_use_manual_realm; |
220 bool m_use_manual_realm; |
229 eap_variable_data_c m_manual_realm; |
221 eap_variable_data_c m_manual_realm; |
230 |
222 |
231 bool m_tls_peap_server_authenticates_client_policy_flag; |
223 bool m_tls_peap_server_authenticates_client_policy_flag; |
|
224 |
|
225 bool m_use_automatic_ca_certificate; |
232 |
226 |
233 /// This flag prevents double configuration. This can happen when |
227 /// This flag prevents double configuration. This can happen when |
234 /// this class implements many interfaces. |
228 /// this class implements many interfaces. |
235 bool m_configured; |
229 bool m_configured; |
236 |
230 |
262 eap_array_c<eap_fast_pac_store_data_c> m_new_references_and_data_blocks; |
256 eap_array_c<eap_fast_pac_store_data_c> m_new_references_and_data_blocks; |
263 eap_array_c<eap_fast_pac_store_data_c> m_ready_references_and_data_blocks; |
257 eap_array_c<eap_fast_pac_store_data_c> m_ready_references_and_data_blocks; |
264 |
258 |
265 bool m_serv_unauth_prov_mode; |
259 bool m_serv_unauth_prov_mode; |
266 bool m_serv_auth_prov_mode; |
260 bool m_serv_auth_prov_mode; |
267 |
261 #endif |
268 // For FAST notifiers |
262 |
269 RNotifier m_notifier; |
263 |
270 bool m_is_notifier_connected; // Tells if notifier server is connected. |
264 |
271 |
265 CEapAuthNotifier::TEapDialogInfo * m_notifier_data_to_user; |
272 TEapFastNotifierStruct * m_notifier_data_to_user; |
266 |
273 TPckg<TEapFastNotifierStruct> * m_notifier_data_pckg_to_user; |
267 TPckg<CEapAuthNotifier::TEapDialogInfo> * m_notifier_data_pckg_to_user; |
274 |
|
275 TEapFastNotifierStruct * m_notifier_data_from_user; |
|
276 TPckg<TEapFastNotifierStruct> * m_notifier_data_pckg_from_user; |
|
277 |
268 |
278 /* For MMETEL */ |
269 /* For MMETEL */ |
|
270 #if defined(USE_FAST_EAP_TYPE) |
279 |
271 |
280 // ETel connection. |
272 // ETel connection. |
281 RTelServer iServer; |
273 RTelServer iServer; |
282 RMobilePhone iPhone; |
274 RMobilePhone iPhone; |
283 |
275 |
285 // revision and serial number |
277 // revision and serial number |
286 RMobilePhone::TMobilePhoneIdentityV1 iDeviceId; |
278 RMobilePhone::TMobilePhoneIdentityV1 iDeviceId; |
287 |
279 |
288 // Tells if MMETEL is connected already or not. |
280 // Tells if MMETEL is connected already or not. |
289 TBool iMMETELConnectionStatus; |
281 TBool iMMETELConnectionStatus; |
|
282 |
290 TBool m_completed_with_zero; |
283 TBool m_completed_with_zero; |
291 TBool m_verificationStatus; |
284 TBool m_verificationStatus; |
292 |
285 |
293 HBufC8* m_pacStorePWBuf8; |
286 HBufC8* m_pacStorePWBuf8; |
294 EEapFastNotifierUserAction m_userAction; |
287 EEapFastNotifierUserAction m_userAction; |
295 eap_pac_store_data_type_e m_pacStoreDataRefType; |
288 eap_pac_store_data_type_e m_pacStoreDataRefType; |
296 eap_fast_pac_store_data_c m_data_reference; |
289 eap_fast_pac_store_data_c m_data_reference; |
297 TBool m_notifier_complete; |
|
298 eap_variable_data_c m_userResponse; |
290 eap_variable_data_c m_userResponse; |
299 eap_fast_pac_store_pending_operation_e m_pending_operation; |
291 eap_fast_pac_store_pending_operation_e m_pending_operation; |
300 TInt m_both_completed; |
292 TInt m_both_completed; |
301 TInt m_both_asked; |
293 TInt m_both_asked; |
302 TUint m_ready_references_array_index; |
294 TUint m_ready_references_array_index; |
336 |
329 |
337 /** |
330 /** |
338 * Provides asynch services used by the caller such as |
331 * Provides asynch services used by the caller such as |
339 * query for TTLS-PAP user name and password. |
332 * query for TTLS-PAP user name and password. |
340 */ |
333 */ |
341 CEapTtlsPapActive* iEapTtlsPapActive; |
334 |
|
335 // eap_am_type_tls_peap_symbian_c* iCaller; |
|
336 |
|
337 eap_variable_data_c* iPacStoreDeviceSeed; |
|
338 |
|
339 #ifdef USE_PAC_STORE |
|
340 #endif |
|
341 |
|
342 CEapAuthNotifier* iEapAuthNotifier; |
|
343 |
342 |
344 |
343 |
345 |
344 //-------------------------------------------------- |
346 //-------------------------------------------------- |
345 private: // methods |
347 private: // methods |
346 //-------------------------------------------------- |
348 //-------------------------------------------------- |
416 TDesC& manual_username, |
418 TDesC& manual_username, |
417 const TBool use_manual_realm, |
419 const TBool use_manual_realm, |
418 TDesC& manual_realm); |
420 TDesC& manual_realm); |
419 |
421 |
420 void send_error_notification(const eap_status_e error); |
422 void send_error_notification(const eap_status_e error); |
421 |
|
422 eap_status_e show_certificate_selection_dialog(); |
|
423 |
|
424 eap_status_e show_manual_identity_dialog(); |
|
425 |
423 |
426 void ResetSessionIdL(); |
424 void ResetSessionIdL(); |
427 |
425 |
428 /** |
426 /** |
429 * Returns true if the full authenticated session is valid. |
427 * Returns true if the full authenticated session is valid. |
458 |
456 |
459 void WritePACStoreDataL( |
457 void WritePACStoreDataL( |
460 const eap_fast_pac_store_pending_operation_e in_pending_operation, |
458 const eap_fast_pac_store_pending_operation_e in_pending_operation, |
461 EAP_TEMPLATE_CONST eap_array_c<eap_fast_pac_store_data_c> * const in_references_and_data_blocks); |
459 EAP_TEMPLATE_CONST eap_array_c<eap_fast_pac_store_data_c> * const in_references_and_data_blocks); |
462 |
460 |
463 eap_status_e ShowNotifierItemAndGetResponse( |
461 |
464 EEapFastNotifierUiItem aNotifierUiItem, TBool aSetActive ); |
|
465 |
462 |
466 eap_status_e RemoveIAPReference(); |
463 eap_status_e RemoveIAPReference(); |
467 |
464 |
468 eap_status_e ImportFilesL(); |
465 eap_status_e ImportFilesL(); |
469 |
466 |
471 |
468 |
472 eap_status_e CompletePasswordQueryL(); |
469 eap_status_e CompletePasswordQueryL(); |
473 |
470 |
474 eap_status_e CompleteFilePasswordQueryL(); |
471 eap_status_e CompleteFilePasswordQueryL(); |
475 |
472 |
476 eap_status_e CompleteNotifierL(); |
|
477 |
|
478 eap_status_e CompleteFilePasswordQuery(); |
473 eap_status_e CompleteFilePasswordQuery(); |
479 |
474 |
480 eap_status_e FinalCompleteReadPACStoreDataL(eap_status_e status); |
475 eap_status_e FinalCompleteReadPACStoreDataL(eap_status_e status); |
481 |
476 |
482 void ConvertUnicodeToAsciiL(const TDesC16& aFromUnicode, TDes8& aToAscii); |
477 void ConvertUnicodeToAsciiL(const TDesC16& aFromUnicode, TDes8& aToAscii); |
560 */ |
555 */ |
561 TBool CheckTtlsPapSessionValidity( |
556 TBool CheckTtlsPapSessionValidity( |
562 const TInt64& aInMaxSessionTime, |
557 const TInt64& aInMaxSessionTime, |
563 const TInt64& aInLastFullAuthTime ); |
558 const TInt64& aInLastFullAuthTime ); |
564 |
559 |
565 |
560 #ifdef USE_FAST_EAP_TYPE |
|
561 TInt CreateMMETelConnectionL(); |
|
562 |
|
563 void DisconnectMMETel(); |
|
564 |
|
565 eap_status_e CreateDeviceSeedAsync(); |
|
566 |
|
567 void CompleteCreateDeviceSeedL( TInt aStatus ); |
|
568 #endif |
|
569 |
|
570 eap_status_e select_cipher_suite( |
|
571 const bool select_all_cipher_suites, |
|
572 const tls_cipher_suites_e test_cipher_suite, |
|
573 const TAlgorithmId testcertAlgorithm, |
|
574 const TAlgorithmId certAlgorithm, |
|
575 eap_array_c<u16_t> * cipher_suites); |
|
576 |
566 //-------------------------------------------------- |
577 //-------------------------------------------------- |
567 protected: // methods |
578 protected: // methods |
568 //-------------------------------------------------- |
579 //-------------------------------------------------- |
569 |
580 |
570 |
581 |
600 const bool aIsClient, |
611 const bool aIsClient, |
601 const eap_am_network_id_c * const receive_network_id); |
612 const eap_am_network_id_c * const receive_network_id); |
602 |
613 |
603 EAP_FUNC_IMPORT virtual ~eap_am_type_tls_peap_symbian_c(); |
614 EAP_FUNC_IMPORT virtual ~eap_am_type_tls_peap_symbian_c(); |
604 |
615 |
605 EAP_FUNC_EXPORT eap_status_e shutdown(); |
616 EAP_FUNC_IMPORT eap_status_e shutdown(); |
606 |
617 |
607 EAP_FUNC_IMPORT void set_is_valid(); |
618 EAP_FUNC_IMPORT void set_is_valid(); |
608 |
619 |
609 EAP_FUNC_IMPORT bool get_is_valid(); |
620 EAP_FUNC_IMPORT bool get_is_valid(); |
610 |
621 |
814 const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus); |
825 const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus); |
815 |
826 |
816 eap_status_e complete_read_ca_certificate( |
827 eap_status_e complete_read_ca_certificate( |
817 const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus); |
828 const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus); |
818 |
829 |
819 void complete_validate_chain(CPKIXValidationResult& aValidationResult, eap_status_e aStatus); |
830 void complete_validate_chain(const CPKIXValidationResult * const aValidationResult, const eap_status_e aStatus); |
820 |
831 |
821 void complete_get_matching_certificates(CArrayFixFlat<SCertEntry>& aMatchingCerts, eap_status_e aStatus); |
832 void complete_get_matching_certificates(RPointerArray<EapCertificateEntry>& aMatchingCerts, eap_status_e aStatus); |
822 |
833 |
823 void complete_sign(const RInteger& aR, const RInteger& aS, eap_status_e aStatus); |
834 void complete_sign(const RInteger& aR, const RInteger& aS, eap_status_e aStatus); |
824 |
835 |
825 void complete_decrypt(TDes8& aData, eap_status_e aStatus); |
836 void complete_decrypt(TDes8& aData, eap_status_e aStatus); |
826 |
837 |
1014 |
1025 |
1015 #if defined(USE_FAST_EAP_TYPE) |
1026 #if defined(USE_FAST_EAP_TYPE) |
1016 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
1027 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
1017 eap_status_e ReadFileConfig(); |
1028 eap_status_e ReadFileConfig(); |
1018 #endif |
1029 #endif |
1019 #endif |
1030 |
|
1031 #endif |
|
1032 |
|
1033 EAP_FUNC_IMPORT void DlgComplete( TInt aStatus ); |
|
1034 |
|
1035 |
1020 }; // class eap_am_type_tls_peap_symbian_c |
1036 }; // class eap_am_type_tls_peap_symbian_c |
1021 |
1037 |
1022 |
1038 |
1023 #endif //#if !defined(_EAP_AM_TYPE_TLS_PEAP_SYMBIAN_H_) |
1039 #endif //#if !defined(_EAP_AM_TYPE_TLS_PEAP_SYMBIAN_H_) |
1024 |
1040 |