|
1 // Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // |
|
15 |
|
16 // User includes |
|
17 #include "csecuresocketcontroller.h" |
|
18 #include "thttptrlayerpanic.h" |
|
19 #include <x509certext.h> |
|
20 #include <securesocket.h> |
|
21 #include <ssl_internal.h> |
|
22 |
|
23 |
|
24 CSecureSocketController* CSecureSocketController::NewL(TAny* aInitParams) |
|
25 /** |
|
26 Factory constructor. |
|
27 @param aSocket The socket that requires a secure connection, |
|
28 takes ownership. |
|
29 @param aCommsInfoProvider The Comms info provider for accessing client |
|
30 security preferences. |
|
31 @return Pointer to the newly constructed class. |
|
32 */ |
|
33 { |
|
34 THttpSecureSocketParams* initParams = REINTERPRET_CAST(THttpSecureSocketParams*, aInitParams); |
|
35 CSecureSocketController* self = new (ELeave) CSecureSocketController(*(initParams->iSocket), *(initParams->iCommsInfoProvider)); |
|
36 return self; |
|
37 } |
|
38 |
|
39 CSecureSocketController::~CSecureSocketController() |
|
40 /** |
|
41 Destructor. |
|
42 */ |
|
43 { |
|
44 if( iTlsSocket ) |
|
45 { |
|
46 iTlsSocket->Close(); |
|
47 delete iTlsSocket; |
|
48 } |
|
49 else |
|
50 iSocket.Close(); // Has ownership of socket if secure layer was not created |
|
51 } |
|
52 |
|
53 CSecureSocketController::CSecureSocketController(RSocket& aSocket, MCommsInfoProvider& aCommsInfoProvider) |
|
54 : iSocket(aSocket), iCommsInfoProvider(aCommsInfoProvider) |
|
55 /** |
|
56 Constructor. |
|
57 @param aSocket The socket that requires a secure connection, |
|
58 takes ownership. |
|
59 @param aCommsInfoProvider The Comms info provider for accessing client |
|
60 security preferences. |
|
61 */ |
|
62 { |
|
63 } |
|
64 |
|
65 void CSecureSocketController::StartSecureHandshakeL(TRequestStatus& aStatus, const TDesC8& aHostName) |
|
66 /** |
|
67 Start a secure handshake to upgrade the socket to a secure connection. |
|
68 @param aStatus The request status, this will complete with KErrNone |
|
69 if the secure handshake completed succesfully. |
|
70 @param aHostName The server host name, used for domain name checking |
|
71 against certificates. |
|
72 */ |
|
73 { |
|
74 // Create the secure layer |
|
75 _LIT(KTxtTls, "tls1.0"); |
|
76 if( iTlsSocket == NULL ) |
|
77 iTlsSocket = CSecureSocket::NewL(iSocket, KTxtTls()); |
|
78 |
|
79 // Get the security preferences, dialog prompt and security policy |
|
80 TBool dialogPref = ETrue; |
|
81 MSecurityPolicy* securityPolicy = NULL; |
|
82 iCommsInfoProvider.SecurityPreferences(dialogPref, securityPolicy); |
|
83 |
|
84 // Dialog preferences |
|
85 if( !dialogPref ) |
|
86 User::LeaveIfError(iTlsSocket->SetDialogMode(EDialogModeUnattended)); |
|
87 |
|
88 // Security policy preferences |
|
89 if( securityPolicy ) |
|
90 { |
|
91 TPtrC8 ciphers = securityPolicy->GetTlsCipherSuites(); |
|
92 if (ciphers.Length() >0) |
|
93 User::LeaveIfError(iTlsSocket->SetAvailableCipherSuites(ciphers)); |
|
94 } |
|
95 |
|
96 // Set an option on the socket to not use SSL2 |
|
97 User::LeaveIfError(iTlsSocket->SetOpt(KSoUseSSLv2Handshake, KSolInetSSL, KNullDesC8())); |
|
98 |
|
99 // Set an option on the socket to check the server certificate domain |
|
100 User::LeaveIfError(iTlsSocket->SetOpt(KSoSSLDomainName, KSolInetSSL, aHostName)); |
|
101 |
|
102 iTlsSocket->StartClientHandshake(aStatus); |
|
103 } |
|
104 |
|
105 void CSecureSocketController::RecvOneOrMore(TDes8& aBuffer, TRequestStatus& aStatus, TSockXfrLength& aLength) |
|
106 /** |
|
107 Receives data from a connected remote host when it is available. |
|
108 @param aBuffer The buffer for the data to be placed. |
|
109 @param aStatus The request status. Will complete with KErrNone when the |
|
110 data is avaiable, KErrEof indicating the the connection |
|
111 has closed and no more data will will be available or |
|
112 any other system error code. |
|
113 @param aLength On return, this will contain how much data was read. |
|
114 */ |
|
115 { |
|
116 __ASSERT_DEBUG( iTlsSocket!=NULL, THttpTrLayerPanic::Panic(THttpTrLayerPanic::ETlsSocketNotStarted) ); |
|
117 |
|
118 iTlsSocket->RecvOneOrMore(aBuffer, aStatus, aLength); |
|
119 } |
|
120 |
|
121 void CSecureSocketController::CancelRecv() |
|
122 /** |
|
123 Cancels an outstanding data receive call made by RecvOneOrMore(). |
|
124 */ |
|
125 { |
|
126 if( iTlsSocket ) |
|
127 iTlsSocket->CancelRecv(); |
|
128 } |
|
129 |
|
130 void CSecureSocketController::Send(const TDesC8& aBuffer, TRequestStatus& aStatus) |
|
131 /* |
|
132 Sends data to the connected remote host. |
|
133 @param aBuffer The buffer containing the data to send to the remote host. |
|
134 @param aStatus The request status, Will complete with KErrNone when the |
|
135 data is avaiable, KErrEof indicating the the connection |
|
136 has closed or any other system error code. |
|
137 */ |
|
138 { |
|
139 __ASSERT_DEBUG( iTlsSocket!=NULL, THttpTrLayerPanic::Panic(THttpTrLayerPanic::ETlsSocketNotStarted) ); |
|
140 |
|
141 iTlsSocket->Send(aBuffer, aStatus); |
|
142 } |
|
143 |
|
144 void CSecureSocketController::CancelSend() |
|
145 /** |
|
146 Cancels an outstanding send data to a remote host using Send(). |
|
147 */ |
|
148 { |
|
149 if( iTlsSocket ) |
|
150 iTlsSocket->CancelSend(); |
|
151 } |
|
152 |
|
153 const CX509Certificate* CSecureSocketController::ServerCert() |
|
154 /** |
|
155 Get the Server Certificate for this socket session. |
|
156 @return An error code. KErrNone if aServerCert has been completed, |
|
157 otherwise one of the system wide error codes |
|
158 */ |
|
159 { |
|
160 if( iTlsSocket ) |
|
161 { |
|
162 return iTlsSocket->ServerCert(); |
|
163 } |
|
164 return NULL; |
|
165 } |
|
166 |
|
167 void CSecureSocketController::CancelHandshake() |
|
168 /** |
|
169 Cancel the secure handshake. |
|
170 */ |
|
171 { |
|
172 if( iTlsSocket ) |
|
173 iTlsSocket->CancelHandshake(); |
|
174 } |
|
175 |
|
176 TInt CSecureSocketController::CipherSuite(TDes8& aCipherSuite) |
|
177 { |
|
178 if (iTlsSocket) |
|
179 return iTlsSocket->CurrentCipherSuite(aCipherSuite); |
|
180 // else |
|
181 return KErrNotSupported; |
|
182 } |
|
183 |
|
184 TInt CSecureSocketController::PendingBytesToRead () |
|
185 { |
|
186 TInt bytesToRead; |
|
187 TInt err = iTlsSocket->GetOpt ( KSOReadBytesPending, KSOLSocket, bytesToRead ); |
|
188 if ( err == KErrNone ) |
|
189 return bytesToRead; |
|
190 return err; |
|
191 } |
|
192 |