1 /*

     2 * Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description: 

    15 *

    16 */

    17 

    18 

    19 /**

    20  @file

    21  @released

    22  @internalTechnology

    23 */

    24 

    25 #ifndef __REVOCATIONHANDLER_H__

    26 #define __REVOCATIONHANDLER_H__

    27 

    28 #include <ocsp.h>

    29 #include <e32base.h>

    30 

    31 class CPKIXCertChain;

    32 class MCTCertStore;

    33 class COCSPParameters;

    34 class COCSPClient;

    35 

    36 namespace Swi

    37 {

    38 

    39 /**

    40  * Security Manager helper class to handle certificate revocation checking.

    41  * This class <b>requires TCB capabilities</b> to successfully accomplish its task,

    42  * Indeed, the OCSP support server calls are policed on TCB.

    43  *

    44  */

    45 class CRevocationHandler : public CActive

    46 	{

    47 public:

    48 

    49 	/**

    50 	 * Creates a new revocation handler with the given backend certstore

    51 	 *

    52 	 * @param aCertStore The backend certstore used by this handler

    53 	 *

    54 	 * @return A revocation handler.

    55 	 */

    56 	IMPORT_C static CRevocationHandler* NewL(MCTCertStore& aCertStore);

    57 

    58 	IMPORT_C ~CRevocationHandler();

    59 

    60 	/**

    61 	 * Set default server URI - calling this is optional

    62 	 */

    63 	IMPORT_C void SetDefaultURIL(const TDesC8& aURI);

    64 

    65 	/**

    66 	* Set the retry count - calling this is optional

    67 	*

    68 	* @param aRetryCount		The retry count. Default is 1 (no retry)

    69 	*/

    70 	IMPORT_C void SetRetryCount(const TUint aRetryCount);

    71 

    72 	/**

    73 	* Set the response timeout - calling this is optional

    74 	*

    75 	* @param aTimeout		The response timeout in milliseconds. Default is -1 (no timeout)

    76 	*/

    77 	IMPORT_C void SetTimeout(const TInt aTimeout);

    78 

    79 	/**

    80 	 * Executes the OCSP query

    81 	 *

    82 	 * @param aCertChainList A list of certificate chains to be checked

    83 	 * @param aStatus The request status to be completed upon termination

    84 	 * @param aIap The internet access point to use. May be zero, in which case the user will be asked. Set to the IAP used on completion.

    85 	 */

    86 	IMPORT_C void SendRequestL(RPointerArray<CPKIXCertChainBase>& aCertChainList, TUint32& aIap, TRequestStatus& aStatus);

    87 

    88 	// Only valid to call these methods after handler's OCSPComplete() method

    89 	// has been called

    90 

    91 	/**

    92 	 * Get OCSP error code if something went wrong

    93 	 *

    94 	 * @return An error code detailing the problem

    95 	 */

    96 	IMPORT_C TInt Error() const;

    97 

    98 	/**

    99 	 * Get summary OCSP result

   100 	 *

   101 	 * @return A summary of the OCSP results

   102 	 */

   103 	IMPORT_C OCSP::TResult SummaryResult() const;

   104 

   105 	/**

   106 	 * Get the number of transactions made

   107 	 * 

   108 	 * @return The number of transactions made

   109 	 */

   110 	IMPORT_C TInt TransactionCount(void) const;

   111 

   112 	/**

   113 	 * Get the outcome for an individual transaction

   114 	 *

   115 	 * @param aIndex The index of the transaction we are interested in

   116 	 *

   117 	 * @return The outcome of the given transaction

   118 	 */

   119 	IMPORT_C const TOCSPOutcome& Outcome(TInt aIndex) const;

   120 

   121 private: // From CActive

   122 	void RunL();

   123 	void DoCancel();

   124 	TInt RunError(TInt aError);

   125 

   126 	CRevocationHandler(MCTCertStore& aCertStore);

   127 	void ConstructL();

   128 

   129 private:

   130 

   131 	/**

   132 	 * The list of certificate chains for which OCSP checks are required.

   133 	 * The class <b> does not </b> own this.

   134 	 */

   135 	RPointerArray<CPKIXCertChainBase> iCertChainList; 

   136 

   137 	/**

   138 	 * The client request status. We shall complete this when done.

   139 	 */

   140 	TRequestStatus* iClientStatus;

   141 

   142 	/**

   143 	 * The backend certstore from where certificates are retrieved.

   144 	 */

   145 	MCTCertStore& iCertStore;

   146 

   147 	/**

   148 	 * The OCSP parameters used by this handler, it includes the OCSP transport 

   149 	 * object.

   150 	 */	

   151 	COCSPParameters* iParams;

   152 

   153 	/**

   154 	 * The client is the entity to which we delegate the OCSP check request

   155 	 */

   156 	COCSPClient* iClient;

   157 

   158 	enum TState

   159 		{

   160 		EChecking,

   161 		EFinished

   162  		} iState;

   163 	};

   164 

   165 } // namespace Swi

   166 

   167 #endif // #ifndef __REVOCATIONHANDLER_H__