--- a/eapol/eapol_framework/eapol_symbian/am/type/tls_peap/symbian/EapTlsPeapCertInterface.cpp Thu Aug 19 09:58:27 2010 +0300
+++ b/eapol/eapol_framework/eapol_symbian/am/type/tls_peap/symbian/EapTlsPeapCertInterface.cpp Tue Aug 31 15:16:37 2010 +0300
@@ -16,7 +16,7 @@
*/
/*
-* %version: 43 %
+* %version: 38.1.26 %
*/
// This is enumeration of EAPOL source code.
@@ -34,10 +34,13 @@
#include <x509keys.h>
#include <x509cert.h>
#include "eap_tlv_message_data.h"
-#include "eap_am_trace_symbian.h"
+#include "EapTraceSymbian.h"
+#include "eap_automatic_variable.h"
-const TText8 KKeyStoreHandlePrefix[] = "EapTlsPeapKeyStoreHandler";
-const TText8 KKeyStoreHandleKey[] = "CEapTlsPeapCertInterface KeyStore handle";
+#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+ const TText8 KKeyStoreHandlePrefix[] = "EapTlsPeapKeyStoreHandler";
+ const TText8 KKeyStoreHandleKey[] = "CEapTlsPeapCertInterface KeyStore handle";
+#endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
enum TAlgorithmAndSignedType
{
@@ -61,6 +64,14 @@
CEapTlsPeapCertInterface* CEapTlsPeapCertInterface::NewL(abs_eap_am_tools_c* const aTools,
eap_am_type_tls_peap_symbian_c* const aParent)
{
+ EAP_TRACE_DEBUG(
+ aTools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::NewL()\n")));
+
+ EAP_TRACE_RETURN_STRING(aTools, "returns: CEapTlsPeapCertInterface::NewL()");
+
+
CEapTlsPeapCertInterface* self = new(ELeave) CEapTlsPeapCertInterface(aTools, aParent);
CleanupStack::PushL(self);
self->ConstructL();
@@ -72,14 +83,22 @@
CEapTlsPeapCertInterface::CEapTlsPeapCertInterface(abs_eap_am_tools_c* const aTools, eap_am_type_tls_peap_symbian_c* const aParent)
: CActive(CActive::EPriorityStandard)
-,iParent(aParent)
-,m_am_tools(aTools)
-,iAllowedUserCerts(1)
-,iEncodedCertificate(0)
-,iCertPtr(0,0)
-,iMatchingUserCertInfos(1)
-,iCAIndex(0)
+, iParent(aParent)
+, m_am_tools(aTools)
+, iAllowedUserCerts(1)
+, iEncodedCertificate(0)
+, iCertPtr(0,0)
+, iMatchingUserCertInfos(1)
+, iCAIndex(0)
+, iUseAutomaticCaCertificate(EFalse)
{
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::CEapTlsPeapCertInterface()\n")));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::CEapTlsPeapCertInterface()");
+
EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
}
@@ -88,8 +107,13 @@
void CEapTlsPeapCertInterface::ConstructL()
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
-
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::ConstructL()\n")));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::ConstructL()");
+
User::LeaveIfError(iFs.Connect());
CActiveScheduler::Add(this);
@@ -106,19 +130,80 @@
CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface()
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
-
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface()\n")));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface()");
+
+ if(IsActive())
+ {
+ Cancel();
+ }
+
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iMatchingUserCerts.ResetAndDestroy(): count=%d\n"),
+ iMatchingUserCerts.Count()));
+
iMatchingUserCerts.ResetAndDestroy();
- iMatchingUserCertInfos.Reset();
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iMatchingUserCertInfos.ResetAndDestroy(): count=%d\n"),
+ iMatchingUserCertInfos.Count()));
+
+ iMatchingUserCertInfos.ResetAndDestroy();
- iAllowedUserCerts.Reset();
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iAllowedUserCerts.ResetAndDestroy(): count=%d\n"),
+ iAllowedUserCerts.Count()));
+
+ iAllowedUserCerts.ResetAndDestroy();
+
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iAllowedCACerts.ResetAndDestroy(): count=%d\n"),
+ iAllowedCACerts.Count()));
+
+ iAllowedCACerts.ResetAndDestroy();
+
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iRootCerts.ResetAndDestroy(): count=%d\n"),
+ iRootCerts.Count()));
iRootCerts.ResetAndDestroy();
+
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iUserCertChain.ResetAndDestroy(): count=%d\n"),
+ iUserCertChain.Count()));
+
iUserCertChain.ResetAndDestroy();
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iCertAuthorities.ResetAndDestroy(): count=%d\n"),
+ iCertAuthorities.Count()));
+
iCertAuthorities.ResetAndDestroy();
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iCertInfos.Reset(): count=%d\n"),
+ iCertInfos.Count()));
+
TInt i(0);
for (i = 0; i < iCertInfos.Count(); i++)
{
@@ -126,12 +211,23 @@
}
iCertInfos.Reset();
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): iKeyInfos.Reset(): count=%d\n"),
+ iKeyInfos.Count()));
+
for (i = 0; i < iKeyInfos.Count(); i++)
{
iKeyInfos[i]->Release();
}
iKeyInfos.Reset();
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::~CEapTlsPeapCertInterface(): delete rest\n")));
+
delete iCertFilter;
delete iCertStore;
delete iCertChain;
@@ -146,9 +242,15 @@
delete iRSASignature;
delete iDSASignature;
delete iKeyFilter;
-
- iFs.Close();
+
+#if !defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
+ delete iKeyStore;
+
+#endif //#if !defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+ iFs.Close();
+
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
@@ -160,7 +262,7 @@
//--------------------------------------------------
void CEapTlsPeapCertInterface::GetMatchingCertificatesL(
- const RArray<SCertEntry>& aAllowedUserCerts,
+ const RPointerArray<EapCertificateEntry>& aAllowedUserCerts,
const TBool aUseCertAuthoritiesFilter,
EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const aCertAuthorities,
const TBool aUseCertTypesFilter,
@@ -168,54 +270,61 @@
const TBool aUseAllowedCipherSuitesFilter,
const RArray<TUint>& aAllowedCipherSuites)
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
-
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL(): Total allowed user certs=%d, aAllowedUserCerts=0x%08x, iAllowedUserCerts=0x%08x, aCertAuthorities=0x%08x, aCertTypes=0x%08x, aAllowedCipherSuites=0x%08x\n"),
+ aAllowedUserCerts.Count(),
+ &aAllowedUserCerts,
+ &iAllowedUserCerts,
+ aCertAuthorities,
+ aCertTypes,
+ &aAllowedCipherSuites));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::GetMatchingCertificatesL()");
+
iUseCertAuthoritiesFilter = aUseCertAuthoritiesFilter;
iUseCertTypesFilter = aUseCertTypesFilter;
iUseAllowedCipherSuitesFilter = aUseAllowedCipherSuitesFilter;
- iAllowedUserCerts.Reset();
-
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL: Total allowed user certs=%d\n"),
- aAllowedUserCerts.Count()));
+ (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL(): iAllowedUserCerts.Count()=%d\n"),
+ iAllowedUserCerts.Count()));
+
+ iAllowedUserCerts.ResetAndDestroy();
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL:UseCertAuthoritiesFilter=%d, UseCertTypesFilter=%d, UseAllowedCipherSuitesFilter=%d\n"),
- iUseCertAuthoritiesFilter,iUseCertTypesFilter,iUseAllowedCipherSuitesFilter));
+ (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL(): UseCertAuthoritiesFilter=%d, UseCertTypesFilter=%d, UseAllowedCipherSuitesFilter=%d\n"),
+ iUseCertAuthoritiesFilter,
+ iUseCertTypesFilter,
+ iUseAllowedCipherSuitesFilter));
for (TInt j = 0; j < aAllowedUserCerts.Count(); j++)
{
- iAllowedUserCerts.AppendL(aAllowedUserCerts[j]);
-
-#if defined(_DEBUG) || defined(DEBUG)
+ EapCertificateEntry * const copy_cert = aAllowedUserCerts[j]->Copy();
+ if (copy_cert == 0)
+ {
+ User::Leave(KErrNoMemory);
+ }
- // This is just for the debug prints.
- TCertLabel tempLabel = iAllowedUserCerts[j].iLabel;
- TKeyIdentifier tempSubjectKeyId = iAllowedUserCerts[j].iSubjectKeyId;
-
- EAP_TRACE_DEBUG(
- m_am_tools,
- TRACE_FLAGS_DEFAULT,
- (EAPL("CEapTlsPeapCertInterface::GetMatchingCertificatesL: details of allowed user certs,Label=%S\n"),
- &tempLabel));
-
- EAP_TRACE_DATA_DEBUG_SYMBIAN( ( "GetMatchingCertificatesL : Subject Key Id:",
- tempSubjectKeyId.Ptr(), tempSubjectKeyId.Size() ) );
-#endif
+ iAllowedUserCerts.AppendL(copy_cert);
+
+ EAP_TRACE_SETTINGS(copy_cert);
}
if (iCertAuthorities.Count() > 0)
{
iCertAuthorities.ResetAndDestroy();
}
- if (aUseCertAuthoritiesFilter)
+
+ if (aUseCertAuthoritiesFilter
+ && aCertAuthorities)
{
for (TUint i = 0; i < aCertAuthorities->get_object_count(); i++)
{
@@ -226,8 +335,8 @@
// Try to form distiguished name
CX500DistinguishedName* tmp = 0;
- TRAPD(err, tmp = CX500DistinguishedName::NewL(ptr));
- if (err == KErrNone)
+ TRAPD(error, tmp = CX500DistinguishedName::NewL(ptr));
+ if (error == KErrNone)
{
CleanupStack::PushL(tmp);
// Distinguished name was found -> add it to array.
@@ -265,7 +374,7 @@
if (iCertStore == 0)
{
- iCertStore = CUnifiedCertStore::NewL(iFs, false);
+ iCertStore = CUnifiedCertStore::NewL(iFs, EFalse);
iCertStore->Initialize(iStatus);
}
else
@@ -280,16 +389,22 @@
//--------------------------------------------------
-void CEapTlsPeapCertInterface::ReadCertificateL(SCertEntry& aCertInfo, const TBool aRetrieveChain)
+void CEapTlsPeapCertInterface::ReadCertificateL(EapCertificateEntry& aCertInfo, const TBool aRetrieveChain)
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::ReadCertificateL()\n")));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::ReadCertificateL()");
+
iCertInfo = aCertInfo;
iRetrieveChain = aRetrieveChain;
iState = EReadCertInitStore;
if (iCertStore == 0)
{
- iCertStore = CUnifiedCertStore::NewL(iFs, false);
+ iCertStore = CUnifiedCertStore::NewL(iFs, EFalse);
iCertStore->Initialize(iStatus);
}
else
@@ -303,17 +418,21 @@
//--------------------------------------------------
-void CEapTlsPeapCertInterface::ReadCACertificateL(SCertEntry& aCertInfo)
+void CEapTlsPeapCertInterface::ReadCACertificateL(EapCertificateEntry& aCertInfo)
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
- EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("CEapTlsPeapCertInterface::ReadCACertificateL.\n")));
-
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::ReadCACertificateL()\n")));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::ReadCACertificateL()");
+
iCertInfo = aCertInfo;
iState = EReadCACertInitStore;
if (iCertStore == 0)
{
- iCertStore = CUnifiedCertStore::NewL(iFs, false);
+ iCertStore = CUnifiedCertStore::NewL(iFs, EFalse);
iCertStore->Initialize(iStatus);
}
else
@@ -328,19 +447,48 @@
//--------------------------------------------------
-void CEapTlsPeapCertInterface::ValidateChainL(TDesC8& aCertChain, RArray<SCertEntry>& aAllowedCACerts)
-{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
+void CEapTlsPeapCertInterface::ValidateChainL(
+ TDesC8& aCertChain,
+ RPointerArray<EapCertificateEntry>& aAllowedCACerts,
+ const TBool aUseAutomaticCaCertificate)
+{
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::ValidateChainL(): aUseAutomaticCaCertificate=%d\n"),
+ aUseAutomaticCaCertificate));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::ValidateChainL()");
+
+ iUseAutomaticCaCertificate = aUseAutomaticCaCertificate;
iCAIndex = 0;
- iAllowedCACerts = aAllowedCACerts;
+ iAllowedCACerts.ResetAndDestroy();
+
+ if (!iUseAutomaticCaCertificate)
+ {
+ for (TInt j = 0; j < aAllowedCACerts.Count(); j++)
+ {
+ EapCertificateEntry * const copy_cert = aAllowedCACerts[j]->Copy();
+ if (copy_cert == 0)
+ {
+ User::Leave(KErrNoMemory);
+ }
+
+ iAllowedCACerts.AppendL(copy_cert);
+
+ EAP_TRACE_SETTINGS(copy_cert);
+ }
+ }
+
delete iInputCertChain;
iInputCertChain = 0;
iInputCertChain = aCertChain.AllocL();
iState = EValidateChainInitStore;
+
if (iCertStore == 0)
{
- iCertStore = CUnifiedCertStore::NewL(iFs, false);
+ iCertStore = CUnifiedCertStore::NewL(iFs, EFalse);
iCertStore->Initialize(iStatus);
}
else
@@ -348,7 +496,9 @@
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
+
SetActive();
+
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
}
@@ -356,13 +506,13 @@
void CEapTlsPeapCertInterface::DoCancel()
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
-
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
(EAPL("CEapTlsPeapCertInterface::DoCancel()\n")));
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::DoCancel()");
+
if (iCertStore != 0 && iCertStore->IsActive())
{
EAP_TRACE_DEBUG(
@@ -460,15 +610,23 @@
//--------------------------------------------------
void CEapTlsPeapCertInterface::SignL(
- TKeyIdentifier& aKeyId,
+ const TKeyIdentifier& aKeyId,
const TDesC8& aHashIn,
const TUint aSignatureLength)
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::SignL()\n")));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::SignL()");
+
iKeyIdentifier = aKeyId;
if (aHashIn.Size() > KMaxHashLength)
{
- EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Illegal hash size to SignL.\n")));
+ EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Illegal hash size %d to SignL(), shoudbe <= %d.\n"),
+ aHashIn.Size(),
+ KMaxHashLength));
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
User::Leave(KErrGeneral);
}
@@ -496,6 +654,9 @@
if (iKeyStore == 0)
{
+
+#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
// Try to get the keystore class pointer from memory store
eap_variable_data_c key(m_am_tools);
eap_status_e status = key.set_copy_of_buffer(KKeyStoreHandlePrefix, sizeof(KKeyStoreHandlePrefix));
@@ -514,12 +675,17 @@
eap_tlv_message_data_c tlv_data(m_am_tools);
status = m_am_tools->memory_store_get_data(&key, &tlv_data);
+
if (status != eap_status_ok)
{
+
+#endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
+
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("EAP_type_TLSPEAP: cannot get previous keystore handle.\n")));
+ (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::SignL(): cannot get previous CUnifiedKeyStore handle.\n")));
// At this point we can set the passphrase timeout because it the passphrase
@@ -530,6 +696,8 @@
iKeyStore = CUnifiedKeyStore::NewL(iFs);
iKeyStore->Initialize(iStatus);
+#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
status = tlv_data.add_message_data(
eap_type_tlspeap_stored_keystore_handle,
sizeof(iKeyStore),
@@ -604,15 +772,24 @@
User::Leave(KErrGeneral);
}
}
+
+#endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
}
else
{
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::SignL(): uses previous CUnifiedKeyStore handle.\n")));
+
// Skip passphrase setting because it clears the passphrase cache
iState = ESetPassphraseTimeout;
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
+
SetActive();
@@ -623,10 +800,16 @@
//--------------------------------------------------
void CEapTlsPeapCertInterface::DecryptL(
- TKeyIdentifier& aKeyId,
+ const TKeyIdentifier& aKeyId,
const TDesC8& aDataIn)
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::DecryptL()\n")));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::DecryptL()");
+
iKeyIdentifier = aKeyId;
delete iDataIn;
@@ -650,6 +833,9 @@
// Try to get the keystore handler class from memory store
if (iKeyStore == 0)
{
+
+#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
// Try to get the keystore class pointer from memory store
eap_variable_data_c key(m_am_tools);
eap_status_e status = key.set_copy_of_buffer(KKeyStoreHandlePrefix, sizeof(KKeyStoreHandlePrefix));
@@ -668,16 +854,22 @@
eap_tlv_message_data_c tlv_data(m_am_tools);
status = m_am_tools->memory_store_get_data(&key, &tlv_data);
+
if (status != eap_status_ok)
{
+
+#endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("EAP_type_TLSPEAP: cannot get previous keystore handle.\n")));
+ (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::DecryptL(): cannot get previous CUnifiedKeyStore handle.\n")));
iKeyStore = CUnifiedKeyStore::NewL(iFs);
iKeyStore->Initialize(iStatus);
+#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
status = tlv_data.add_message_data(
eap_type_tlspeap_stored_keystore_handle,
sizeof(iKeyStore),
@@ -703,7 +895,7 @@
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("EAP_type_TLSPEAP: Found previous keystore handle.\n")));
+ (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::DecryptL(): Found previous keystore handle.\n")));
// Parse read data.
eap_array_c<eap_tlv_header_c> tlv_blocks(m_am_tools);
@@ -746,14 +938,23 @@
User::Leave(KErrGeneral);
}
}
+
+#endif //#if defined(USE_EAP_TLS_PEAP_UNIFIED_KEY_STORE_CACHE)
+
}
else
{
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("EAP_type_TLSPEAP: CEapTlsPeapCertInterface::DecryptL(): uses previous CUnifiedKeyStore handle.\n")));
+
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
- SetActive();
+ SetActive();
+
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
}
@@ -761,49 +962,51 @@
void CEapTlsPeapCertInterface::RunL()
{
- EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
-
- EAP_TRACE_DEBUG_SYMBIAN(
- (_L("CEapTlsPeapCertInterface::RunL(): TEMP iStatus=%d, iState=%d"),
- iStatus.Int(), iState));
-
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("CEapTlsPeapCertInterface::RunL(): iStatus %d\n"),
- iStatus.Int()));
+ (EAPL("CEapTlsPeapCertInterface::RunL(): TEMP iStatus=%d, iState=%d\n"),
+ iStatus.Int(),
+ iState));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::RunL()");
if (!(iStatus.Int() == KErrNone))
{
EAP_TRACE_ERROR(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("ERROR: EAP-TLS certificate interface failed: %d.\n"),
+ (EAPL("ERROR: EAP-TLS certificate interface failed: error=%d.\n"),
iStatus.Int()));
iParent->SendErrorNotification(eap_status_user_cancel_authentication);
if(iState == ESignOpenKeyStore)
{
// User probably cancelled the keystore password query.
-
- EAP_TRACE_DEBUG_SYMBIAN(
- (_L("CEapTlsPeapCertInterface::RunL(): ESignOpenKeyStore Failed")));
-
+
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::RunL(): ESignOpenKeyStore Failed\n")));
+
if(iRSASigner != NULL)
{
iRSASigner->Release();
- EAP_TRACE_DEBUG_SYMBIAN(
- (_L("CEapTlsPeapCertInterface::RunL(): iRSASigner->Release() OK")));
-
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::RunL(): iRSASigner->Release() OK\n")));
}
if(iDSASigner != NULL)
{
iDSASigner->Release();
- EAP_TRACE_DEBUG_SYMBIAN(
- (_L("CEapTlsPeapCertInterface::RunL(): iDSASigner->Release() OK")));
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::RunL(): iDSASigner->Release() OK\n")));
}
}
@@ -830,12 +1033,12 @@
}
iCertInfos.Reset();
- TRAPD(err, iCertFilter = CCertAttributeFilter::NewL());
- if (err != KErrNone)
+ TRAPD(error, iCertFilter = CCertAttributeFilter::NewL());
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry));
+ RPointerArray<EapCertificateEntry> tmp(sizeof(EapCertificateEntry));
m_am_tools->enter_global_mutex();
@@ -866,7 +1069,7 @@
(EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsInitialize, Total Certs: iCertInfos.Count()=%d\n"),
iCertInfos.Count()));
- iMatchingUserCertInfos.Reset();
+ iMatchingUserCertInfos.ResetAndDestroy();
// Remove non-allowed
TInt i(0);
@@ -875,10 +1078,10 @@
{
for (j = 0; j < iAllowedUserCerts.Count(); j++)
{
- if ( (iCertInfos[i]->Label().Compare(iAllowedUserCerts[j].iLabel) == 0
+ if ( (iCertInfos[i]->Label().Compare(*(iAllowedUserCerts[j]->GetLabel())) == 0
|| iCertInfos[i]->Label().Length() == 0
- || iAllowedUserCerts[j].iLabel.Length() == 0)
- && iCertInfos[i]->SubjectKeyId() == iAllowedUserCerts[j].iSubjectKeyId)
+ || iAllowedUserCerts[j]->GetLabel()->Length() == 0)
+ && iCertInfos[i]->SubjectKeyId() == iAllowedUserCerts[j]->GetSubjectKeyId())
{
EAP_TRACE_DEBUG(
@@ -886,14 +1089,19 @@
TRACE_FLAGS_DEFAULT,
(EAPL("RunL(): EGetMatchingCertsInitialize, Found a Matching USER cert\n")));
- EAP_TRACE_DEBUG(
+ EAP_TRACE_DATA_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("RunL(): EGetMatchingCertsInitialize,Label of matching cert=%S\n"),
- &(iCertInfos[i]->Label())));
-
- EAP_TRACE_DATA_DEBUG_SYMBIAN(("RunL(): EGetMatchingCertsInitialize,SubjectkeyID of matching cert",
- iCertInfos[i]->SubjectKeyId().Ptr(), iCertInfos[i]->SubjectKeyId().Size()));
+ (EAPL("RunL(): EGetMatchingCertsInitialize, Label of matching cert"),
+ iCertInfos[i]->Label().Ptr(),
+ iCertInfos[i]->Label().Size()));
+
+ EAP_TRACE_DATA_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("RunL(): EGetMatchingCertsInitialize, SubjectkeyID of matching cert"),
+ iCertInfos[i]->SubjectKeyId().Ptr(),
+ iCertInfos[i]->SubjectKeyId().Size()));
break;
}
@@ -904,7 +1112,8 @@
iCertInfos.Remove(i);
i--;
}
- }
+ }
+
if (iCertInfos.Count() == 0)
{
EAP_TRACE_DEBUG(
@@ -913,23 +1122,16 @@
(EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsInitialize - No matching Certificates.\n")));
// No matching certs
-
- CArrayFixFlat<SCertEntry>* tmp = NULL;
-
- TRAPD(err, tmp = new (ELeave) CArrayFixFlat<SCertEntry>(1) );
- if (tmp == 0 || err != KErrNone)
- {
- // Timeout handles error situation
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- }
-
+
+ // Timeout handles error situation
+ RPointerArray<EapCertificateEntry> empty(sizeof(EapCertificateEntry));
+
m_am_tools->enter_global_mutex();
-
- iParent->complete_get_matching_certificates(*tmp, eap_status_illegal_certificate); //Failure
-
+
+ iParent->complete_get_matching_certificates(empty, eap_status_illegal_certificate); //Failure
+
m_am_tools->leave_global_mutex();
- delete tmp;
break;
}
@@ -942,29 +1144,32 @@
iEncodedCertificate->Des().SetLength(0);
- TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(iCertInfos[iUserCertIndex]->Size()));
- if (err != KErrNone)
+ HBufC8 * tmpCert = 0;
+ TRAPD(error, tmpCert = iEncodedCertificate->ReAllocL(iCertInfos[iUserCertIndex]->Size()));
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
-
- CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry));
-
+
+ RPointerArray<EapCertificateEntry> empty(sizeof(EapCertificateEntry));
+
m_am_tools->enter_global_mutex();
-
- iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure
-
+
+ iParent->complete_get_matching_certificates(empty, eap_status_allocation_error); //Failure
+
m_am_tools->leave_global_mutex();
break;
}
-
+
+ iEncodedCertificate = tmpCert;
+
iCertPtr.Set(iEncodedCertificate->Des());
iCertStore->Retrieve(
*(iCertInfos[iUserCertIndex]),
iCertPtr,
iStatus);
-
+
SetActive();
}
break;
@@ -977,16 +1182,16 @@
(EAPL("CEapTlsPeapCertInterface::RunL(): EGetMatchingCertsLoop\n")));
CX509Certificate* cert = 0;
- TRAPD(err, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
- if (err != KErrNone || cert == 0)
+ TRAPD(error, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
+ if (error != KErrNone || cert == 0)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry));
+ RPointerArray<EapCertificateEntry> empty(sizeof(EapCertificateEntry));
m_am_tools->enter_global_mutex();
- iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_get_matching_certificates(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -998,37 +1203,57 @@
delete cert;
EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry));
+ RPointerArray<EapCertificateEntry> empty(sizeof(EapCertificateEntry));
m_am_tools->enter_global_mutex();
- iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_get_matching_certificates(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
}
-
+
// No need to validate iCertInfos here as the execution doesn't come to this case if iCertInfos
// is empty, check is done in the above case.
-
- SCertEntry entry;
- entry.iLabel.Copy(iCertInfos[iUserCertIndex]->Label());
- entry.iSubjectKeyId = iCertInfos[iUserCertIndex]->SubjectKeyId();
+
+ EapCertificateEntry * entry = new EapCertificateEntry;
+ if (entry == 0)
+ {
+ // Timeout handles error situation
+ EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
+
+ RPointerArray<EapCertificateEntry> empty(sizeof(EapCertificateEntry));
+
+ m_am_tools->enter_global_mutex();
+
+ iParent->complete_get_matching_certificates(empty, eap_status_allocation_error); //Failure
+
+ m_am_tools->leave_global_mutex();
+
+ delete entry;
+
+ break;
+ }
+
+ entry->SetLabel(iCertInfos[iUserCertIndex]->Label());
+ entry->SetSubjectKeyId(iCertInfos[iUserCertIndex]->SubjectKeyId());
- TRAP(err, iMatchingUserCertInfos.AppendL(entry));
- if (err != KErrNone)
+ TRAP(error, iMatchingUserCertInfos.AppendL(entry));
+ if (error != KErrNone)
{
EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry));
-
+ RPointerArray<EapCertificateEntry> empty(sizeof(EapCertificateEntry));
+
m_am_tools->enter_global_mutex();
- iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_get_matching_certificates(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
+ delete entry;
+
break;
}
@@ -1055,13 +1280,15 @@
// Matches
break;
}
- }
+ } // for()
+
if (j == iCertAuthorities.Count())
{
// No match. Remove
delete iMatchingUserCerts[i];
iMatchingUserCerts.Remove(i);
- iMatchingUserCertInfos.Delete(i);
+ delete iMatchingUserCertInfos[i];
+ iMatchingUserCertInfos.Remove(i);
i--;
EAP_TRACE_DEBUG(
@@ -1072,7 +1299,8 @@
}
}
// Check Certificate types
- if (iUseCertTypesFilter)
+ if (iUseCertTypesFilter
+ && iCertTypes != 0)
{
for (i = 0; i < (TInt) iMatchingUserCerts.Count(); i++)
{
@@ -1084,27 +1312,33 @@
for (j = 0; j < iCertTypes->get_object_count(); j++)
{
u8_t* val = iCertTypes->get_object(j);
- if (algorithm == ERSA
- && (*val == ERSASign
- || *val == ERSASignWithFixedDH
- || *val == ERSASignWithEphemeralDH))
+
+ if (val != 0)
{
- break;
+ if (algorithm == ERSA
+ && (*val == ERSASign
+ || *val == ERSASignWithFixedDH
+ || *val == ERSASignWithEphemeralDH))
+ {
+ break;
+ }
+ else if (algorithm == EDSA
+ && (*val == EDSASign
+ || *val == EDSASignWithFixedDH
+ || *val == EDSASignWithEphemeralDH))
+ {
+ break;
+ }
}
- if (algorithm == EDSA
- && (*val == EDSASign
- || *val == EDSASignWithFixedDH
- || *val == EDSASignWithEphemeralDH))
- {
- break;
- }
- }
+ } // for()
+
if (j == iCertTypes->get_object_count())
{
// No match. Remove
delete iMatchingUserCerts[i];
iMatchingUserCerts.Remove(i);
- iMatchingUserCertInfos.Delete(i);
+ delete iMatchingUserCertInfos[i];
+ iMatchingUserCertInfos.Remove(i);
i--;
EAP_TRACE_DEBUG(
@@ -1116,6 +1350,7 @@
}
}
+
// Check cipher suites
if (iUseAllowedCipherSuitesFilter)
{
@@ -1135,7 +1370,8 @@
// No match. Remove
delete iMatchingUserCerts[i];
iMatchingUserCerts.Remove(i);
- iMatchingUserCertInfos.Delete(i);
+ delete iMatchingUserCertInfos[i];
+ iMatchingUserCertInfos.Remove(i);
i--;
EAP_TRACE_DEBUG(
@@ -1160,21 +1396,24 @@
iEncodedCertificate->Des().SetLength(0);
- TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(iCertInfos[iUserCertIndex]->Size()));
- if (err != KErrNone)
+ HBufC8 * tmpCert = 0;
+ TRAPD(error, tmpCert = iEncodedCertificate->ReAllocL(iCertInfos[iUserCertIndex]->Size()));
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CArrayFixFlat<SCertEntry> tmp(sizeof(SCertEntry));
+ RPointerArray<EapCertificateEntry> empty(sizeof(EapCertificateEntry));
m_am_tools->enter_global_mutex();
- iParent->complete_get_matching_certificates(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_get_matching_certificates(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
}
+
+ iEncodedCertificate = tmpCert;
iCertPtr.Set(iEncodedCertificate->Des());
@@ -1205,16 +1444,16 @@
}
iCertInfos.Reset();
- TRAPD(err, iCertFilter = CCertAttributeFilter::NewL());
- if (err != KErrNone || iCertFilter == 0)
+ TRAPD(error, iCertFilter = CCertAttributeFilter::NewL());
+ if (error != KErrNone || iCertFilter == 0)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1223,10 +1462,13 @@
iCertFilter->SetFormat(EX509Certificate);
iCertFilter->SetOwnerType(EUserCertificate);
- iCertFilter->SetSubjectKeyId(iCertInfo.iSubjectKeyId);
- if (iCertInfo.iLabel.Size()>0)
- iCertFilter->SetLabel(iCertInfo.iLabel); // We can not use Label in the filter as certificates saved
+ iCertFilter->SetSubjectKeyId(iCertInfo.GetSubjectKeyId());
+
+ if (iCertInfo.GetLabel()->Size() > 0)
+ {
+ iCertFilter->SetLabel(*(iCertInfo.GetLabel())); // We can not use Label in the filter as certificates saved
// by using SetConfigurationL (OMA DM etc uses it) will not have Label.
+ }
iState = EReadCertList;
iCertStore->List(
@@ -1250,11 +1492,11 @@
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: EReadCertList iCertInfos.Count = 0.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_illegal_certificate); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_illegal_certificate); //Failure
m_am_tools->leave_global_mutex();
@@ -1269,21 +1511,24 @@
iEncodedCertificate->Des().SetLength(0);
- TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size()));
- if (err != KErrNone)
+ HBufC8 * tmpCert = 0;
+ TRAPD(error, tmpCert = iEncodedCertificate->ReAllocL(info->Size()));
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
}
+
+ iEncodedCertificate = tmpCert;
iCertPtr.Set(iEncodedCertificate->Des());
@@ -1303,16 +1548,16 @@
(EAPL("CEapTlsPeapCertInterface::RunL(): EReadCert\n")));
CX509Certificate* cert = 0;
- TRAPD(err, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
- if (err != KErrNone)
+ TRAPD(error, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1325,11 +1570,11 @@
delete cert;
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1347,7 +1592,7 @@
iState = ERetrieveChainInitStore;
if (iCertStore == 0)
{
- iCertStore = CUnifiedCertStore::NewL(iFs, false);
+ iCertStore = CUnifiedCertStore::NewL(iFs, EFalse);
iCertStore->Initialize(iStatus);
}
else
@@ -1381,16 +1626,16 @@
}
iCertInfos.Reset();
- TRAPD(err, iCertFilter = CCertAttributeFilter::NewL());
- if (err != KErrNone)
+ TRAPD(error, iCertFilter = CCertAttributeFilter::NewL());
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1455,21 +1700,25 @@
iState = ECreateCertChain;
iEncodedCertificate->Des().SetLength(0);
- TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size()));
- if (err != KErrNone)
+
+ HBufC8 * tmpCert = 0;
+ TRAPD(error, tmpCert = iEncodedCertificate->ReAllocL(info->Size()));
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
}
+
+ iEncodedCertificate = tmpCert;
iCertPtr.Set(iEncodedCertificate->Des());
@@ -1490,16 +1739,16 @@
(EAPL("CEapTlsPeapCertInterface::RunL(): ECreateCertChain\n")));
CX509Certificate* cert = 0;
- TRAPD(err, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
- if (err != KErrNone || cert == 0)
+ TRAPD(error, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
+ if (error != KErrNone || cert == 0)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1508,24 +1757,33 @@
#if defined(_DEBUG) || defined(DEBUG)
+ {
// No need to validate iCertInfos in here as it is done in case: EGetAllCerts
CCTCertInfo* tempInfo;
tempInfo = iCertInfos[iCAIndex];
// These are for the trace debug.
TCertLabel label = tempInfo->Label();
- TKeyIdentifier KeyIdentifier = tempInfo->SubjectKeyId();
+ TKeyIdentifier SubjectKeyId = tempInfo->SubjectKeyId();
TKeyIdentifier IssuerId = tempInfo->IssuerKeyId();
TCertificateFormat format = tempInfo->CertificateFormat();
TCertificateOwnerType ownerType = tempInfo->CertificateOwnerType();
- EAP_TRACE_DEBUG_SYMBIAN((_L("\n CEapTlsPeapCertInterface::RunL() : About to retrieve Cert with details, Label = %S"), &label));
- EAP_TRACE_DEBUG_SYMBIAN((_L("Other detials- Format=%d, Owner type=%d, IsDeletable=%d, Type UID=%d"),
- format, ownerType, tempInfo->IsDeletable(), tempInfo->Type()));
+ EAP_TRACE_DEBUG_SYMBIAN((_L("\n CEapTlsPeapCertInterface::RunL() : About to retrieve Cert with details, Label = %S"),
+ &label));
+
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("Other detials- Format=%d, Owner type=%d, IsDeletable=%d, Type UID=%d\n"),
+ format,
+ ownerType,
+ tempInfo->IsDeletable(),
+ tempInfo->Type()));
EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("Subject key Id is"),
- KeyIdentifier.Ptr(),
- KeyIdentifier.Size()));
+ SubjectKeyId.Ptr(),
+ SubjectKeyId.Size()));
EAP_TRACE_DATA_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("Issuer Id is"),
IssuerId.Ptr(),
@@ -1553,14 +1811,15 @@
}
else
{
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("WARNING: No extension for this certificate\n")));
+ EAP_TRACE_DEBUG(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("WARNING: No extension for this certificate\n")));
}
}
else
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: No Certs here!\n")));
}
-
+ }
+
#endif
@@ -1570,11 +1829,11 @@
delete cert;
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1628,42 +1887,42 @@
const CSubjectPublicKeyInfo& key = iRootCerts[i]->PublicKey();
const TPtrC8 params = key.EncodedParams();
- TRAPD(err, dsaParams = CX509DSAPublicKey::DSAParametersL(params));
- if (err != KErrNone)
+ TRAPD(error, dsaParams = CX509DSAPublicKey::DSAParametersL(params));
+ if (error != KErrNone)
{
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
return;
}
- TRAP(err, signParams = CSigningKeyParameters::NewL());
- if (err != KErrNone)
+ TRAP(error, signParams = CSigningKeyParameters::NewL());
+ if (error != KErrNone)
{
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
delete dsaParams;
return;
}
- TRAP(err, signParams->SetDSAParamsL(*dsaParams));
- if (err != KErrNone)
+ TRAP(error, signParams->SetDSAParamsL(*dsaParams));
+ if (error != KErrNone)
{
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1672,13 +1931,13 @@
return;
}
- TRAP(err, iUserCertChain[iUserCertChain.Count()-1]->SetParametersL(*signParams));
- if (err != KErrNone)
+ TRAP(error, iUserCertChain[iUserCertChain.Count()-1]->SetParametersL(*signParams));
+ if (error != KErrNone)
{
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1696,11 +1955,12 @@
delete dsaParams;
delete signParams;
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_own_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_own_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
@@ -1741,24 +2001,26 @@
(EAPL("CEapTlsPeapCertInterface::RunL()- ECreateCertChain - Before Retrieve(): iCAIndex=%d, size=%d\n"),
iCAIndex, info->Size()));
-
-
iEncodedCertificate->Des().SetLength(0);
- TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size()));
- if (err != KErrNone)
+
+ HBufC8 * tmpCert = 0;
+ TRAPD(error, tmpCert = iEncodedCertificate->ReAllocL(info->Size()));
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_ca_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_ca_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
}
+
+ iEncodedCertificate = tmpCert;
iCertPtr.Set(iEncodedCertificate->Des());
@@ -1789,15 +2051,16 @@
}
iCertInfos.Reset();
- TRAPD(err, iCertFilter = CCertAttributeFilter::NewL());
- if (err != KErrNone)
+ TRAPD(error, iCertFilter = CCertAttributeFilter::NewL());
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_ca_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_ca_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
@@ -1805,10 +2068,13 @@
iCertFilter->SetFormat(EX509Certificate);
iCertFilter->SetOwnerType(ECACertificate);
- iCertFilter->SetSubjectKeyId(iCertInfo.iSubjectKeyId);
- if (iCertInfo.iLabel.Size()>0)
- iCertFilter->SetLabel(iCertInfo.iLabel);// We can not use Label in the filter as certificates saved
+ iCertFilter->SetSubjectKeyId(iCertInfo.GetSubjectKeyId());
+
+ if (iCertInfo.GetLabel()->Size() > 0)
+ {
+ iCertFilter->SetLabel(*(iCertInfo.GetLabel()));// We can not use Label in the filter as certificates saved
// by using SetConfigurationL (OMA DM etc uses it) will not have Label.
+ }
iState = EReadCACertList;
iCertStore->List(
@@ -1831,11 +2097,12 @@
if (iCertInfos.Count() == 0)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: EReadCACertList iCertInfos.Count = 0.\n")));
- RPointerArray<CX509Certificate> tmp;
+
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_ca_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_ca_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
@@ -1849,19 +2116,23 @@
iEncodedCertificate->Des().SetLength(0);
- TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size()));
- if (err != KErrNone)
+ HBufC8 * tmpCert = 0;
+ TRAPD(error, tmpCert = iEncodedCertificate->ReAllocL(info->Size()));
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_ca_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_ca_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
}
+
+ iEncodedCertificate = tmpCert;
iCertPtr.Set(iEncodedCertificate->Des());
@@ -1888,15 +2159,16 @@
iEncodedCertificate->Size()));
CX509Certificate* cert = 0;
- TRAPD(err, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
- if (err != KErrNone)
+ TRAPD(error, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_ca_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_ca_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
@@ -1908,11 +2180,12 @@
{
delete cert;
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- RPointerArray<CX509Certificate> tmp;
+
+ RPointerArray<CX509Certificate> empty;
m_am_tools->enter_global_mutex();
- iParent->complete_read_ca_certificate(tmp, eap_status_allocation_error); //Failure
+ iParent->complete_read_ca_certificate(empty, eap_status_allocation_error); //Failure
m_am_tools->leave_global_mutex();
break;
@@ -1939,23 +2212,26 @@
}
iCertInfos.Reset();
- TRAPD(err, iCertFilter = CCertAttributeFilter::NewL());
- if (err != KErrNone)
+ TRAPD(error, iCertFilter = CCertAttributeFilter::NewL());
+ if (error != KErrNone)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CPKIXValidationResult* tmp = 0;
+
+ const CPKIXValidationResult * const empty = 0;
m_am_tools->enter_global_mutex();
- iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure.
+ iParent->complete_validate_chain(empty, eap_status_ca_certificate_unknown); //Failure.
m_am_tools->leave_global_mutex();
break;
}
+
iCertFilter->SetOwnerType(ECACertificate);
iCertFilter->SetFormat(EX509Certificate);
iState = EValidateChainGetCACertList;
+
iCertStore->List(
iCertInfos,
*iCertFilter,
@@ -1972,74 +2248,89 @@
(EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainGetCACertList\n")));
int index;
- TIdentityRelation<SCertEntry> comparator(&EapTlsPeapUtils::CompareSCertEntries);
- // Remove disallowed CA certs from the array
- for (TInt i = 0; i < iCertInfos.Count(); i++)
+ TIdentityRelation<EapCertificateEntry> comparator(&EapTlsPeapUtils::CompareSCertEntries);
+
+ if (iUseAutomaticCaCertificate)
+ {
+ // All CA certificates are allowed.
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainGetCACertList: All CA certificates are allowed.\n")));
+ }
+ else
{
- SCertEntry certEntry;
- certEntry.iLabel.Copy(iCertInfos[i]->Label());
- certEntry.iSubjectKeyId.Copy(iCertInfos[i]->SubjectKeyId());
- index = iAllowedCACerts.Find(certEntry, comparator);
-
- if (index == KErrNotFound)
+ // Remove disallowed CA certs from the array
+ for (TInt i = 0; i < iCertInfos.Count(); i++)
{
- // Remove
- iCertInfos[i]->Release();
- iCertInfos.Remove(i);
- i--;
+ EapCertificateEntry certEntry;
+ certEntry.SetLabel(iCertInfos[i]->Label());
+ certEntry.SetSubjectKeyId(iCertInfos[i]->SubjectKeyId());
+ index = iAllowedCACerts.Find(&certEntry, comparator);
+
+ if (index == KErrNotFound)
+ {
+ // Remove
+ iCertInfos[i]->Release();
+ iCertInfos.Remove(i);
+ i--;
+ }
}
}
+
if (iCertInfos.Count() == 0)
{
// Create new validation result for this failure case.
// CPKIXValidationResult does include a Reset-member function
// but it is not in x500.lib as the documentation says.
- CPKIXValidationResult* validationResult = 0;
- TRAPD(err, validationResult = CPKIXValidationResult::NewL());
- if (err != KErrNone)
- {
- // Do nothing. Session timeout takes care of cleanup...
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- }
+ const CPKIXValidationResult * const empty = 0;
+
+ EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: No cert infos\n")));
+
m_am_tools->enter_global_mutex();
- iParent->complete_validate_chain(*validationResult, eap_status_ca_certificate_unknown); //Failure.
-
- m_am_tools->leave_global_mutex();
- delete validationResult;
- break;
- }
-
- CCTCertInfo* info;
- info = iCertInfos[0];
- iCAIndex = 0;
-
- iState = EValidateChainGetCACert;
-
- iEncodedCertificate->Des().SetLength(0);
- TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size()));
- if (err != KErrNone)
- {
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
-
- CPKIXValidationResult* tmp = 0;
-
- m_am_tools->enter_global_mutex();
-
- iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure.
+ iParent->complete_validate_chain(empty, eap_status_ca_certificate_unknown); //Failure.
m_am_tools->leave_global_mutex();
break;
}
-
- iCertPtr.Set(iEncodedCertificate->Des());
+
+ {
+ CCTCertInfo* info;
+ info = iCertInfos[0];
+ iCAIndex = 0;
+
+ iState = EValidateChainGetCACert;
+
+ iEncodedCertificate->Des().SetLength(0);
- iCertStore->Retrieve(
- *info,
- iCertPtr,
- iStatus);
-
- SetActive();
+ HBufC8 * tmpCert = 0;
+ TRAPD(error, tmpCert = iEncodedCertificate->ReAllocL(info->Size()));
+ if (error != KErrNone)
+ {
+ EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
+
+ const CPKIXValidationResult * const empty = 0;
+
+ m_am_tools->enter_global_mutex();
+
+ iParent->complete_validate_chain(empty, eap_status_ca_certificate_unknown); //Failure.
+
+ m_am_tools->leave_global_mutex();
+ break;
+ }
+
+ iEncodedCertificate = tmpCert;
+
+ iCertPtr.Set(iEncodedCertificate->Des());
+
+ iCertStore->Retrieve(
+ *info,
+ iCertPtr,
+ iStatus);
+
+ SetActive();
+ }
}
break;
@@ -2051,15 +2342,16 @@
(EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainGetCACert\n")));
CX509Certificate* cert = 0;
- TRAPD(err, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
- if (err != KErrNone)
+ TRAPD(error, cert = CX509Certificate::NewL(iEncodedCertificate->Des()));
+ if (error != KErrNone)
{
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CPKIXValidationResult* tmp = 0;
+ EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
+
+ const CPKIXValidationResult * const empty = 0;
m_am_tools->enter_global_mutex();
- iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure.
+ iParent->complete_validate_chain(empty, eap_status_ca_certificate_unknown); //Failure.
m_am_tools->leave_global_mutex();
break;
@@ -2069,12 +2361,13 @@
if (iRootCerts.Append(cert) != KErrNone)
{
delete cert;
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CPKIXValidationResult* tmp = 0;
+ EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
+
+ const CPKIXValidationResult * const empty = 0;
m_am_tools->enter_global_mutex();
- iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure.
+ iParent->complete_validate_chain(empty, eap_status_ca_certificate_unknown); //Failure.
m_am_tools->leave_global_mutex();
break;
@@ -2086,35 +2379,46 @@
delete iCertChain;
iCertChain = 0;
- TRAPD(err, iCertChain = CPKIXCertChain::NewL(iFs, *iInputCertChain, iRootCerts));
- if (err != KErrNone)
+ TRAPD(error, iCertChain = CPKIXCertChain::NewL(iFs, *iInputCertChain, iRootCerts));
+ if (error != KErrNone)
{
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: EAP-TLS error %d.\n"), err));
- CPKIXValidationResult* tmp = 0;
+ EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: EAP-TLS error %d.\n"), error));
+
+ const CPKIXValidationResult * const empty = 0;
m_am_tools->enter_global_mutex();
- iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure.
+ iParent->complete_validate_chain(empty, eap_status_ca_certificate_unknown); //Failure.
m_am_tools->leave_global_mutex();
break;
}
+
// Set the current time
iTime.UniversalTime();
iState = EValidateChainEnd;
- TRAP(err, iCertChain->ValidateL(*iValidationResult, iTime, iStatus));
- if (err != KErrNone)
+
+ EAP_TRACE_DEBUG(
+ m_am_tools,
+ TRACE_FLAGS_DEFAULT,
+ (EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainGetCACert, calls iCertChain->ValidateL(), count of root CA certificates = %d\n"),
+ iRootCerts.Count()));
+
+ TRAP(error, iCertChain->ValidateL(*iValidationResult, iTime, iStatus));
+ if (error != KErrNone)
{
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Error in certificate validation in EAP-TLS.\n")));
- CPKIXValidationResult* tmp = 0;
+ EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Error in certificate validation in EAP-TLS, error = %d.\n"),
+ error));
+
+ const CPKIXValidationResult * const empty = 0;
m_am_tools->enter_global_mutex();
- iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure.
+ iParent->complete_validate_chain(empty, eap_status_ca_certificate_unknown); //Failure.
m_am_tools->leave_global_mutex();
break;
- }
+ }
SetActive(); // Validate.
}
else
@@ -2125,19 +2429,24 @@
iState = EValidateChainGetCACert;
iEncodedCertificate->Des().SetLength(0);
- TRAPD(err, iEncodedCertificate = iEncodedCertificate->ReAllocL(info->Size()));
- if (err != KErrNone)
+
+ HBufC8 * tmpCert = 0;
+ TRAPD(error, tmpCert = iEncodedCertificate->ReAllocL(info->Size()));
+ if (error != KErrNone)
{
- EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
- CPKIXValidationResult* tmp = 0;
+ EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
+
+ const CPKIXValidationResult * const empty = 0;
m_am_tools->enter_global_mutex();
- iParent->complete_validate_chain(*tmp, eap_status_ca_certificate_unknown); //Failure.
+ iParent->complete_validate_chain(empty, eap_status_ca_certificate_unknown); //Failure.
m_am_tools->leave_global_mutex();
break;
}
+
+ iEncodedCertificate = tmpCert;
iCertPtr.Set(iEncodedCertificate->Des());
@@ -2156,11 +2465,12 @@
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainEnd\n")));
+ (EAPL("CEapTlsPeapCertInterface::RunL(): EValidateChainEnd, iValidationResult->Error().iReason=%d\n"),
+ iValidationResult->Error().iReason));
m_am_tools->enter_global_mutex();
-
- iParent->complete_validate_chain(*iValidationResult, eap_status_ok);
+
+ iParent->complete_validate_chain(iValidationResult, eap_status_ok);
m_am_tools->leave_global_mutex();
// Ignore error because there is nothing that can be done.
@@ -2190,8 +2500,8 @@
delete iKeyFilter;
iKeyFilter = 0;
- TRAPD(err, iKeyFilter = new (ELeave) TCTKeyAttributeFilter);
- if (err != KErrNone)
+ iKeyFilter = new (ELeave) TCTKeyAttributeFilter;
+ if (!iKeyFilter)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
RInteger tmp;
@@ -2313,12 +2623,12 @@
CleanupStack::PushL(R);
iParent->complete_sign(R, reinterpret_cast<const RInteger&>(iRSASignature->S()), eap_status_ok);
-
- CleanupStack::PopAndDestroy();
delete iRSASignature;
iRSASignature = 0;
+ CleanupStack::PopAndDestroy();
+
iRSASigner->Release(); // This seems to be needed.
}
else
@@ -2345,8 +2655,8 @@
delete iKeyFilter;
iKeyFilter = 0;
- TRAPD(err, iKeyFilter = new (ELeave) TCTKeyAttributeFilter);
- if (err != KErrNone)
+ iKeyFilter = new (ELeave) TCTKeyAttributeFilter;
+ if (!iKeyFilter)
{
EAP_TRACE_ERROR(m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("ERROR: Out of memory in EAP-TLS.\n")));
TBuf8<1> tmp;
@@ -2434,13 +2744,17 @@
return;
}
+//--------------------------------------------------
+
void CEapTlsPeapCertInterface::CancelSignWithPrivateKey()
{
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
- (EAPL("CEapTlsPeapCertInterface::CancelSignWithPrivateKey():Cancelling Signing - iState=%d (13=ESign)\n"),
- iState));
+ (EAPL("CEapTlsPeapCertInterface::CancelSignWithPrivateKey(): iState=%d (13=ESign)\n"),
+ iState));
+
+ EAP_TRACE_RETURN_STRING(m_am_tools, "returns: CEapTlsPeapCertInterface::CancelSignWithPrivateKey()");
if(IsActive())
{
@@ -2468,4 +2782,6 @@
}
}
+
+//--------------------------------------------------
// End of file