|
1 /* |
|
2 * Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: EAP and WLAN authentication protocols. |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #ifndef _EAPTLSPEAPCERTINTERFACE_H_ |
|
20 #define _EAPTLSPEAPCERTINTERFACE_H_ |
|
21 |
|
22 // INCLUDES |
|
23 #include <e32base.h> |
|
24 #include "eap_tools.h" |
|
25 #include "eap_am_type_tls_peap_symbian.h" |
|
26 #include <unifiedcertstore.h> |
|
27 #include <mctwritablecertstore.h> |
|
28 #include <unifiedkeystore.h> |
|
29 #include <pkixcertchain.h> |
|
30 #include <x509cert.h> |
|
31 #include "EapTlsPeapUtils.h" |
|
32 |
|
33 const TInt KMaxHashLength = 128; |
|
34 // FORWARD DECLARATIONS |
|
35 |
|
36 |
|
37 // CLASS DECLARATION |
|
38 class CEapTlsPeapCertInterface |
|
39 : public CActive |
|
40 { |
|
41 public: |
|
42 |
|
43 static CEapTlsPeapCertInterface* NewL(abs_eap_am_tools_c* const aTools, |
|
44 eap_am_type_tls_peap_symbian_c* const aParent); |
|
45 |
|
46 virtual ~CEapTlsPeapCertInterface(); |
|
47 |
|
48 void ReadCertificateL(SCertEntry& aCertInfo, const TBool aRetrieveChain); |
|
49 |
|
50 void ReadCACertificateL(SCertEntry& aCertInfo); |
|
51 |
|
52 void ReadPrivateKeyL(TKeyIdentifier& aHash); |
|
53 |
|
54 void ValidateChainL(TDesC8& aCertChain, RArray<SCertEntry>& aCACerts); |
|
55 |
|
56 |
|
57 void GetMatchingCertificatesL( |
|
58 const RArray<SCertEntry>& aAllowedUserCerts, |
|
59 const TBool aUseCertAuthoritiesFilter, |
|
60 EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const aCertAuthorities, |
|
61 const TBool aUseCertTypesFilter, |
|
62 EAP_TEMPLATE_CONST eap_array_c<u8_t> * const aCertTypes, |
|
63 const TBool aUseAllowedCipherSuitesFilter, |
|
64 const RArray<TUint>& aAllowedCipherSuites); |
|
65 |
|
66 void SignL( |
|
67 TKeyIdentifier& aKeyId, |
|
68 const TDesC8& aHashIn, |
|
69 const TUint aSignatureLength); |
|
70 |
|
71 void DecryptL( |
|
72 TKeyIdentifier& aKeyId, |
|
73 const TDesC8& aData); |
|
74 |
|
75 void CancelSignWithPrivateKey(); |
|
76 |
|
77 protected: |
|
78 |
|
79 CEapTlsPeapCertInterface(abs_eap_am_tools_c* const aTools, eap_am_type_tls_peap_symbian_c* const aParent); |
|
80 |
|
81 void ConstructL(); |
|
82 |
|
83 void RunL(); |
|
84 |
|
85 void DoCancel(); |
|
86 |
|
87 private: |
|
88 |
|
89 enum TState |
|
90 { |
|
91 EReadCertInitStore, |
|
92 EReadCertList, |
|
93 EReadCert, |
|
94 EValidateChainInitStore, |
|
95 EValidateChainGetCACertList, |
|
96 EValidateChainGetCACert, |
|
97 EValidateChainEnd, |
|
98 EGetMatchingCertsInitStore, |
|
99 EGetMatchingCertsInitialize, |
|
100 EGetMatchingCertsLoop, |
|
101 ESignInitStore, |
|
102 ESignList, |
|
103 ESignOpenKeyStore, |
|
104 ESign, |
|
105 EDecryptInitStore, |
|
106 EDecryptList, |
|
107 EDecryptOpenKeyStore, |
|
108 EDecrypt, |
|
109 EGetAllCerts, |
|
110 ECreateCertChain, |
|
111 ERetrieveChainInitStore, |
|
112 ESetPassphraseTimeout, |
|
113 EReadCACertInitStore, |
|
114 EReadCACertList, |
|
115 EReadCACert |
|
116 }; |
|
117 |
|
118 TState iState; |
|
119 |
|
120 eap_am_type_tls_peap_symbian_c * const iParent; |
|
121 |
|
122 abs_eap_am_tools_c * const m_am_tools; |
|
123 |
|
124 CUnifiedCertStore* iCertStore; |
|
125 |
|
126 MRSASigner* iRSASigner; |
|
127 |
|
128 MDSASigner* iDSASigner; |
|
129 |
|
130 MCTDecryptor* iDecryptor; |
|
131 |
|
132 RFs iFs; |
|
133 |
|
134 RArray<SCertEntry> iAllowedUserCerts; |
|
135 |
|
136 TBool iUseCertAuthoritiesFilter; |
|
137 |
|
138 TBool iUseCertTypesFilter; |
|
139 |
|
140 TBool iUseAllowedCipherSuitesFilter; |
|
141 |
|
142 TBool iRSACertsAllowed; |
|
143 |
|
144 TBool iDSACertsAllowed; |
|
145 |
|
146 RPointerArray<CX500DistinguishedName> iCertAuthorities; |
|
147 |
|
148 const eap_array_c<u8_t>* iCertTypes; |
|
149 |
|
150 RMPointerArray<CCTCertInfo> iCertInfos; |
|
151 |
|
152 RMPointerArray<CCTKeyInfo> iKeyInfos; |
|
153 |
|
154 HBufC8* iEncodedCertificate; |
|
155 TPtr8 iCertPtr; |
|
156 |
|
157 CCertAttributeFilter* iCertFilter; |
|
158 |
|
159 TCTKeyAttributeFilter* iKeyFilter; |
|
160 |
|
161 CPKIXCertChain* iCertChain; |
|
162 |
|
163 CPKIXValidationResult* iValidationResult; |
|
164 |
|
165 TTime iTime; |
|
166 |
|
167 RPointerArray<CX509Certificate> iRootCerts; |
|
168 |
|
169 RPointerArray<CX509Certificate> iMatchingUserCerts; |
|
170 |
|
171 RPointerArray<CX509Certificate> iUserCertChain; |
|
172 |
|
173 CArrayFixFlat<SCertEntry> iMatchingUserCertInfos; |
|
174 |
|
175 TUint iCAIndex; |
|
176 |
|
177 TUint iUserCertIndex; |
|
178 |
|
179 RArray<SCertEntry> iAllowedCACerts; |
|
180 |
|
181 HBufC8* iInputCertChain; |
|
182 |
|
183 SCertEntry iCertInfo; |
|
184 |
|
185 TAny *iResArray; |
|
186 |
|
187 // SignL |
|
188 TKeyIdentifier iKeyIdentifier; |
|
189 |
|
190 TBuf8<KMaxHashLength> iHashIn; |
|
191 |
|
192 HBufC8* iDataIn; |
|
193 |
|
194 HBufC8* iDataOut; |
|
195 |
|
196 HBufC8* iSignature; |
|
197 |
|
198 CRSASignature* iRSASignature; |
|
199 |
|
200 CDSASignature* iDSASignature; |
|
201 |
|
202 TPtr8* iSignaturePtr; |
|
203 |
|
204 TPtr8* iPtrOut; |
|
205 |
|
206 CUnifiedKeyStore* iKeyStore; |
|
207 |
|
208 TBool iRetrieveChain; |
|
209 }; |
|
210 |
|
211 #endif // _EAPTLSPEAPCERTINTERFACE_H_ |
|
212 |
|
213 // End of file |