1 // Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).

     2 // All rights reserved.

     3 // This component and the accompanying materials are made available

     4 // under the terms of "Eclipse Public License v1.0"

     5 // which accompanies this distribution, and is available

     6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".

     7 //

     8 // Initial Contributors:

     9 // Nokia Corporation - initial contribution.

    10 //

    11 // Contributors:

    12 //

    13 // Description:

    14 //

    15 

    16 // User includes

    17 #include "csecuresocketcontroller.h"

    18 #include "thttptrlayerpanic.h"

    19 #include <x509certext.h>

    20 #include <securesocket.h>

    21 #include <ssl_internal.h>

    22 

    23 

    24 CSecureSocketController* CSecureSocketController::NewL(TAny* aInitParams)

    25 /**

    26 	Factory constructor.

    27 	@param		aSocket 			The socket that requires a secure connection,

    28 									takes ownership.

    29 	@param		aCommsInfoProvider	The Comms info provider for accessing client 

    30 									security preferences.

    31 	@return		Pointer to the newly constructed class.

    32 */

    33 	{

    34 	THttpSecureSocketParams* initParams = REINTERPRET_CAST(THttpSecureSocketParams*, aInitParams);

    35 	CSecureSocketController* self = new (ELeave) CSecureSocketController(*(initParams->iSocket), *(initParams->iCommsInfoProvider));

    36 	return self;

    37 	}

    38 

    39 CSecureSocketController::~CSecureSocketController()

    40 /**

    41 	Destructor.

    42 */

    43 	{

    44 	if( iTlsSocket )

    45 		{

    46 		iTlsSocket->Close();

    47 		delete iTlsSocket;

    48 		}

    49 	else

    50 		iSocket.Close(); // Has ownership of socket if secure layer was not created

    51 	}

    52 

    53 CSecureSocketController::CSecureSocketController(RSocket& aSocket, MCommsInfoProvider& aCommsInfoProvider)

    54 : iSocket(aSocket), iCommsInfoProvider(aCommsInfoProvider)

    55 /**

    56 	Constructor.

    57 	@param		aSocket 			The socket that requires a secure connection,

    58 									takes ownership.

    59 	@param		aCommsInfoProvider	The Comms info provider for accessing client 

    60 									security preferences.

    61 */

    62 	{

    63 	}

    64 

    65 void CSecureSocketController::StartSecureHandshakeL(TRequestStatus& aStatus, const TDesC8& aHostName)

    66 /**

    67 	Start a secure handshake to upgrade the socket to a secure connection.

    68 	@param		aStatus		The request status, this will complete with KErrNone

    69 							if	the secure handshake completed succesfully.

    70 	@param		aHostName	The server host name, used for domain name checking 

    71 							against certificates.

    72 */

    73 	{

    74 	// Create the secure layer

    75 	_LIT(KTxtTls, "tls1.0");

    76 	if( iTlsSocket == NULL )

    77 		iTlsSocket = CSecureSocket::NewL(iSocket, KTxtTls());

    78 

    79 	// Get the security preferences, dialog prompt and security policy

    80 	TBool dialogPref = ETrue;

    81 	MSecurityPolicy* securityPolicy = NULL;

    82 	iCommsInfoProvider.SecurityPreferences(dialogPref, securityPolicy);

    83 

    84 	// Dialog preferences

    85 	if( !dialogPref )

    86 		User::LeaveIfError(iTlsSocket->SetDialogMode(EDialogModeUnattended));

    87 

    88 	// Security policy preferences

    89 	if( securityPolicy )

    90 		{

    91 		TPtrC8 ciphers = securityPolicy->GetTlsCipherSuites();

    92 		if (ciphers.Length() >0)

    93 			User::LeaveIfError(iTlsSocket->SetAvailableCipherSuites(ciphers));

    94 		}

    95 

    96 	// Set an option on the socket to not use SSL2

    97 	User::LeaveIfError(iTlsSocket->SetOpt(KSoUseSSLv2Handshake, KSolInetSSL, KNullDesC8()));

    98 

    99 	// Set an option on the socket to check the server certificate domain

   100 	User::LeaveIfError(iTlsSocket->SetOpt(KSoSSLDomainName, KSolInetSSL, aHostName));

   101 	

   102 	iTlsSocket->StartClientHandshake(aStatus);

   103 	}

   104 

   105 void CSecureSocketController::RecvOneOrMore(TDes8& aBuffer, TRequestStatus& aStatus, TSockXfrLength& aLength)

   106 /**

   107 	Receives data from a connected remote host when it is available.

   108 	@param		aBuffer The buffer for the data to be placed.

   109 	@param		aStatus	The request status. Will complete with KErrNone when the

   110 						data is avaiable, KErrEof indicating the the connection

   111 						has closed and no more data will will be available or 

   112 						any	other system error code.

   113 	@param		aLength On return, this will contain how much data was read.

   114 */

   115 	{

   116 	__ASSERT_DEBUG( iTlsSocket!=NULL, THttpTrLayerPanic::Panic(THttpTrLayerPanic::ETlsSocketNotStarted) );

   117 

   118 	iTlsSocket->RecvOneOrMore(aBuffer, aStatus, aLength);

   119 	}

   120 

   121 void CSecureSocketController::CancelRecv()

   122 /**

   123 	Cancels an outstanding data receive call made by RecvOneOrMore().

   124 */

   125 	{

   126 	if( iTlsSocket )

   127 		iTlsSocket->CancelRecv();

   128 	}

   129 

   130 void CSecureSocketController::Send(const TDesC8& aBuffer, TRequestStatus& aStatus)

   131 /*

   132 	Sends data to the connected remote host.

   133 	@param		aBuffer The buffer containing the data to send to the remote host.

   134 	@param		aStatus The request status, Will complete with KErrNone when the

   135 						data is avaiable, KErrEof indicating the the connection

   136 						has closed or any other system error code.

   137 */

   138 	{

   139 	__ASSERT_DEBUG( iTlsSocket!=NULL, THttpTrLayerPanic::Panic(THttpTrLayerPanic::ETlsSocketNotStarted) );

   140 	

   141 	iTlsSocket->Send(aBuffer, aStatus);

   142 	}

   143 

   144 void CSecureSocketController::CancelSend()

   145 /**

   146 	Cancels an outstanding send data to a remote host using Send().

   147 */

   148 	{

   149 	if( iTlsSocket )

   150 		iTlsSocket->CancelSend();

   151 	}

   152 

   153 const CX509Certificate* CSecureSocketController::ServerCert()

   154 /**

   155 	Get the Server Certificate for this socket session.

   156 	@return		An error code. KErrNone if aServerCert has been completed, 

   157 				otherwise one of the system wide error codes

   158 */

   159 	{

   160  	if( iTlsSocket ) 

   161 		{

   162 		return iTlsSocket->ServerCert();

   163  		}

   164 	return NULL;

   165 	}

   166 

   167 void CSecureSocketController::CancelHandshake()

   168 /**

   169 	Cancel the secure handshake.

   170 */

   171 	{

   172 	if( iTlsSocket )

   173 		iTlsSocket->CancelHandshake();

   174 	}

   175 

   176 TInt CSecureSocketController::CipherSuite(TDes8& aCipherSuite)

   177 	{

   178 	if (iTlsSocket)

   179 		return iTlsSocket->CurrentCipherSuite(aCipherSuite);

   180 	// else

   181 	return KErrNotSupported;

   182 	}

   183 

   184 TInt CSecureSocketController::PendingBytesToRead ()

   185 	{

   186 	TInt bytesToRead;

   187 	TInt err = iTlsSocket->GetOpt ( KSOReadBytesPending, KSOLSocket, bytesToRead );

   188 	if ( err == KErrNone )

   189 		return bytesToRead;

   190 	return err;

   191 	}

   192