|
1 /* |
|
2 * Copyright (c) 2010 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0"" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 #include <CCTCertInfo.h> |
|
18 #include <x509cert.h> |
|
19 #include <unifiedcertstore.h> |
|
20 #include <X509CertNameParser.h> |
|
21 #include <securitydefs.h> |
|
22 #include <hash.h> // MD5 fingerprint |
|
23 #include <asymmetrickeys.h> |
|
24 |
|
25 #include <e32math.h> // Pow |
|
26 #include <e32cmn.h> |
|
27 |
|
28 #include <QDateTime> |
|
29 #include <QStringList> |
|
30 #include <QGraphicsLinearLayout> |
|
31 |
|
32 #include <hblineedit.h> |
|
33 #include <hbdataform.h> |
|
34 #include <hbdataformmodel.h> |
|
35 #include <hbdataformmodelitem.h> |
|
36 #include <hblabel.h> |
|
37 #include <hbpushbutton.h> |
|
38 #include <HbMenu.h> |
|
39 #include <hbaction.h> |
|
40 #include <HbMessageBox.h> |
|
41 #include <HbListWidget> |
|
42 #include <HbListWidgetItem> |
|
43 #include <HbGroupBox> |
|
44 #include <hbpushbutton.h> |
|
45 #include <hbdataform.h> |
|
46 #include <hbdataformmodel.h> |
|
47 #include <hbdataformmodelitem.h> |
|
48 |
|
49 #include "cpcertdetailview.h" |
|
50 #include "cpcertview.h" |
|
51 #include "cpcertdatacontainer.h" |
|
52 #include "cpcertmanuisyncwrapper.h" |
|
53 #include "../../../pkiutilities/DeviceToken/Inc/TrustedSitesStore.h" |
|
54 |
|
55 const TInt KFileCertStoreUid( 0x101F501A ); |
|
56 const TInt KTrustedServerCertStoreUid( 0x101FB66F ); |
|
57 const TInt KDeviceCertStoreUid( 0x101FB668 ); |
|
58 const TInt KDeviceKeyStoreUid( 0x101FB66A ); |
|
59 const TInt KWIMCertStoreUid ( 0x101F79D9 ); |
|
60 |
|
61 const TInt KMaxLengthTextSerialNumberFormatting = 3; |
|
62 _LIT( KCertManUIDetailsViewHexaFormat, "%02X" ); |
|
63 _LIT( KBlockSeparator, " " ); |
|
64 |
|
65 template <class T> |
|
66 class CleanupResetAndDestroy |
|
67 { |
|
68 public: |
|
69 inline static void PushL( T& aRef ); |
|
70 private: |
|
71 static void ResetAndDestroy( TAny *aPtr ); |
|
72 }; |
|
73 |
|
74 template <class T> |
|
75 inline void CleanupResetAndDestroyPushL( T& aRef ); |
|
76 |
|
77 template <class T> |
|
78 inline void CleanupResetAndDestroy<T>::PushL( T& aRef ) |
|
79 { |
|
80 CleanupStack::PushL( TCleanupItem( &ResetAndDestroy, &aRef ) ); |
|
81 } |
|
82 |
|
83 template <class T> |
|
84 void CleanupResetAndDestroy<T>::ResetAndDestroy( TAny *aPtr ) |
|
85 { |
|
86 if( aPtr ) |
|
87 { |
|
88 static_cast<T*>( aPtr )->ResetAndDestroy(); |
|
89 } |
|
90 } |
|
91 |
|
92 template <class T> |
|
93 inline void CleanupResetAndDestroyPushL( T& aRef ) |
|
94 { |
|
95 CleanupResetAndDestroy<T>::PushL( aRef ); |
|
96 } |
|
97 |
|
98 CpCertDetailView::CpCertDetailView(CpCertView::TCertificateViews aCurrentView,TInt aPos, CpCertDataContainer& aCertDataContainer, QGraphicsItem *parent /*= 0*/) |
|
99 : CpBaseSettingView(0,parent), mCertDataContainer(aCertDataContainer) |
|
100 { |
|
101 setTitle(tr("Certificate Details")); |
|
102 |
|
103 try |
|
104 { |
|
105 QT_TRAP_THROWING(viewCertificateDetailsL(aPos, aCurrentView)); |
|
106 } |
|
107 catch(const std::exception& exception) |
|
108 { |
|
109 HbMessageBox::information(exception.what()); |
|
110 throw(exception); |
|
111 } |
|
112 } |
|
113 |
|
114 |
|
115 CpCertDetailView::~CpCertDetailView() |
|
116 {} |
|
117 |
|
118 void CpCertDetailView::viewCertificateDetailsL( TInt aIndex, CpCertView::TCertificateViews aType ) |
|
119 { |
|
120 |
|
121 QGraphicsLinearLayout *layout = q_check_ptr(new QGraphicsLinearLayout(Qt::Vertical)); |
|
122 setLayout(layout); |
|
123 |
|
124 HbListWidget* mCertDetails = q_check_ptr(new HbListWidget(this)); |
|
125 |
|
126 HBufC8* urlBuf = NULL; |
|
127 CCertificate* details = NULL; |
|
128 CUnifiedCertStore*& store = mCertDataContainer.CertManager(); |
|
129 |
|
130 const CCTCertInfo* entry = certInfo(aIndex, aType); |
|
131 TCertificateFormat certificateFormat = entry->CertificateFormat(); |
|
132 |
|
133 if( certificateFormat != EX509CertificateUrl ) |
|
134 { |
|
135 mCertDataContainer.iWrapper->GetCertificateL( store, *entry, details ); |
|
136 CleanupStack::PushL( details ); |
|
137 validateCertificateL( aIndex, *details, *entry, aType ); |
|
138 } |
|
139 else |
|
140 { |
|
141 urlBuf = HBufC8::NewLC( entry->Size() ); |
|
142 TPtr8 urlPtr = urlBuf->Des(); |
|
143 mCertDataContainer.iWrapper->GetUrlCertificateL( store, *entry, urlPtr ); |
|
144 } |
|
145 |
|
146 if( aType == CpCertView::ETrustedView ) |
|
147 { |
|
148 addTrustedSitesL(*details, *mCertDetails); |
|
149 } |
|
150 else |
|
151 { |
|
152 addLabel(*entry, *mCertDetails); |
|
153 } |
|
154 |
|
155 // certificate issuer and owner |
|
156 if( certificateFormat == EX509Certificate ) |
|
157 { |
|
158 addIssuerL(*details, *mCertDetails); |
|
159 addSubjectL(*details, *mCertDetails); |
|
160 } |
|
161 |
|
162 // Get key usage and location. This is done only client certificates. |
|
163 const TInt KLocationUnknown = 0; |
|
164 TUid keyLocation = { KLocationUnknown }; |
|
165 |
|
166 if(( aType == CpCertView::EPersonalView ) || ( aType == CpCertView::EDeviceView )) |
|
167 { |
|
168 TKeyUsagePKCS15 usage = keyUsageAndLocationL( *entry, &keyLocation ); |
|
169 addCertUsage(usage, *mCertDetails); |
|
170 } |
|
171 |
|
172 if( certificateFormat == EX509Certificate ) |
|
173 { |
|
174 addValidityPeriod( *details, *mCertDetails ); |
|
175 TUid certLoc; |
|
176 certLoc.iUid = entry->Token().TokenType().Type().iUid; |
|
177 // add the location of the certificate |
|
178 setLocationInfo( ETrue, certLoc, *mCertDetails ); |
|
179 } |
|
180 else if( certificateFormat == EX509CertificateUrl ) |
|
181 { |
|
182 setURLLocation( *urlBuf, *mCertDetails ); |
|
183 } |
|
184 else |
|
185 { |
|
186 // nothing |
|
187 } |
|
188 |
|
189 addCertFormat(certificateFormat, *mCertDetails); |
|
190 |
|
191 // Private key location, only for user and device certicates |
|
192 if(( aType == CpCertView::EPersonalView ) || ( aType == CpCertView::EDeviceView )) |
|
193 { |
|
194 setLocationInfo( EFalse, keyLocation, *mCertDetails ); |
|
195 } |
|
196 |
|
197 if( certificateFormat == EX509Certificate ) |
|
198 { |
|
199 addAlgoDetails( *details, *mCertDetails); |
|
200 addSerialNo( *details, *mCertDetails ); |
|
201 addFingerprint( *details, *mCertDetails); |
|
202 addPublicKeyDetailsL( *details, *mCertDetails ); |
|
203 } |
|
204 else |
|
205 { |
|
206 // SetUrlCertAlgorihm() |
|
207 } |
|
208 |
|
209 if( certificateFormat != EX509CertificateUrl ) |
|
210 { |
|
211 CleanupStack::PopAndDestroy( details ); |
|
212 } |
|
213 else |
|
214 { |
|
215 CleanupStack::PopAndDestroy( urlBuf ); |
|
216 } |
|
217 |
|
218 layout->addItem(mCertDetails); |
|
219 } |
|
220 |
|
221 const CCTCertInfo* CpCertDetailView::certInfo( TInt index, CpCertView::TCertificateViews certView ) |
|
222 { |
|
223 const CCTCertInfo* certinfo = NULL; |
|
224 |
|
225 if( certView == CpCertView::EAuthorityView ) |
|
226 { |
|
227 certinfo = ( mCertDataContainer.iCALabelEntries )[ index ]->iCAEntry; |
|
228 } |
|
229 else if( certView == CpCertView::ETrustedView ) |
|
230 { |
|
231 certinfo = ( mCertDataContainer.iPeerLabelEntries )[ index ]->iPeerEntry; |
|
232 } |
|
233 else if( certView == CpCertView::EDeviceView ) |
|
234 { |
|
235 certinfo = ( mCertDataContainer.iDeviceLabelEntries )[ index ]->iDeviceEntry; |
|
236 } |
|
237 else if( certView == CpCertView::EPersonalView ) |
|
238 { |
|
239 certinfo = ( mCertDataContainer.iUserLabelEntries )[ index ]->iUserEntry; |
|
240 } |
|
241 return certinfo; |
|
242 } |
|
243 |
|
244 void CpCertDetailView::addTrustedSitesL( const CCertificate& certDetails, HbListWidget& certDisplayDetails ) |
|
245 { |
|
246 CTrustSitesStore* trustedSitesStore = CTrustSitesStore::NewL(); |
|
247 CleanupStack::PushL( trustedSitesStore ); |
|
248 |
|
249 RPointerArray<HBufC> trustedSites; |
|
250 CleanupResetAndDestroyPushL( trustedSites ); |
|
251 trustedSitesStore->GetTrustedSitesL( certDetails.Encoding(), trustedSites ); |
|
252 |
|
253 QString sTrustedSites = "Site:"; |
|
254 if( trustedSites.Count() > 0 ) |
|
255 { |
|
256 // display trusted sites |
|
257 sTrustedSites = "Site:"; |
|
258 } |
|
259 addToListWidget(certDisplayDetails, sTrustedSites); |
|
260 |
|
261 for(int index=0;index<trustedSites.Count(); ++index) |
|
262 { |
|
263 QString trustedSiteDetail = QString((QChar*)(trustedSites[index]->Ptr()), trustedSites[index]->Length()); |
|
264 addToListWidget(certDisplayDetails, trustedSiteDetail); |
|
265 } |
|
266 |
|
267 CleanupStack::PopAndDestroy( &trustedSites ); |
|
268 CleanupStack::PopAndDestroy( trustedSitesStore ); |
|
269 |
|
270 } |
|
271 |
|
272 void CpCertDetailView::addLabel( const CCTCertInfo& aCertInfo, HbListWidget& certDisplayDetails ) |
|
273 { |
|
274 QString sLabel("Label:"); |
|
275 QString sLabelDetails = "(No label)"; |
|
276 if(aCertInfo.Label().Length() != 0) |
|
277 { |
|
278 sLabelDetails = QString((QChar*)(aCertInfo.Label().Ptr()),aCertInfo.Label().Length()); |
|
279 } |
|
280 addToListWidget(certDisplayDetails, sLabel, sLabelDetails); |
|
281 } |
|
282 |
|
283 void CpCertDetailView::addIssuerL( const CCertificate& aCertDetails, |
|
284 HbListWidget& certDisplayDetails ) |
|
285 { |
|
286 HBufC* issuer = NULL; |
|
287 X509CertNameParser::IssuerFullNameL( (CX509Certificate&)aCertDetails, issuer ); |
|
288 CleanupStack::PushL( issuer ); |
|
289 |
|
290 QString sIssuer = "Issuer:"; |
|
291 QString sIssuerDetails = "(Not defined)"; |
|
292 if(issuer->Des().Length() != 0) |
|
293 { |
|
294 sIssuerDetails = QString((QChar*)issuer->Des().Ptr(),issuer->Des().Length()); |
|
295 } |
|
296 addToListWidget(certDisplayDetails, sIssuer, sIssuerDetails); |
|
297 |
|
298 CleanupStack::PopAndDestroy( issuer ); |
|
299 } |
|
300 |
|
301 void CpCertDetailView::addSubjectL( const CCertificate& aCertDetails, |
|
302 HbListWidget& certDisplayDetails ) |
|
303 { |
|
304 HBufC* subject = NULL; |
|
305 X509CertNameParser::SubjectFullNameL( (CX509Certificate&)aCertDetails, subject ); |
|
306 CleanupStack::PushL( subject ); |
|
307 |
|
308 QString sSubject = "Subject:"; |
|
309 QString sSubjectDetails = "(No subject)"; |
|
310 if(subject->Des().Length() != 0) |
|
311 { |
|
312 sSubjectDetails = QString((QChar*)subject->Des().Ptr(),subject->Des().Length()); |
|
313 } |
|
314 |
|
315 addToListWidget(certDisplayDetails, sSubject, sSubjectDetails); |
|
316 |
|
317 CleanupStack::PopAndDestroy( subject ); |
|
318 } |
|
319 |
|
320 void CpCertDetailView::addCertUsage( TKeyUsagePKCS15 usage, HbListWidget& certDisplayDetails ) |
|
321 { |
|
322 QString strUsage; |
|
323 switch( usage ) |
|
324 { |
|
325 case EPKCS15UsageSignSignRecover: |
|
326 case EPKCS15UsageSignDecrypt: |
|
327 case EPKCS15UsageSign: |
|
328 strUsage = "Client authentication"; |
|
329 break; |
|
330 case EPKCS15UsageNonRepudiation: |
|
331 strUsage = "Digital signing"; |
|
332 break; |
|
333 default: |
|
334 strUsage = "(Not defined)"; |
|
335 break; |
|
336 } |
|
337 addToListWidget(certDisplayDetails, strUsage ); |
|
338 } |
|
339 |
|
340 |
|
341 void CpCertDetailView::addValidityPeriod( const CCertificate& aCertDetails, |
|
342 HbListWidget& certDisplayDetails) |
|
343 { |
|
344 // Certificate validity period |
|
345 // Hometime's offset to UTC |
|
346 TLocale locale; |
|
347 TTimeIntervalSeconds offSet = locale.UniversalTimeOffset(); |
|
348 |
|
349 QString sValidFrom("Valid from: "); |
|
350 const CValidityPeriod& validityPeriod = aCertDetails.ValidityPeriod(); |
|
351 TTime startValue = validityPeriod.Start(); |
|
352 startValue += offSet; |
|
353 TDateTime dateTime = startValue.DateTime(); |
|
354 TMonth month = dateTime.Month(); |
|
355 TInt day = dateTime.Day(); |
|
356 TInt year = dateTime.Year(); |
|
357 QDateTime qValidityPeriod(QDate(year, month, day)); |
|
358 QString sValidFromDetail = qValidityPeriod.toString("MM\\dd\\yyyy"); |
|
359 |
|
360 addToListWidget(certDisplayDetails, sValidFrom, sValidFromDetail); |
|
361 |
|
362 QString sValidUntil("Valid until: "); |
|
363 TTime finishValue = validityPeriod.Finish(); |
|
364 finishValue += offSet; |
|
365 dateTime = finishValue.DateTime(); |
|
366 month = dateTime.Month(); |
|
367 day = dateTime.Day(); |
|
368 year = dateTime.Year(); |
|
369 qValidityPeriod.setDate(QDate(year, month, day)); |
|
370 QString sValidUntilDetail = qValidityPeriod.toString("MM\\dd\\yyyy"); |
|
371 |
|
372 addToListWidget(certDisplayDetails, sValidUntil, sValidUntilDetail); |
|
373 |
|
374 } |
|
375 |
|
376 void CpCertDetailView::setURLLocation( HBufC8& urlDetails, HbListWidget& certDisplayDetails ) |
|
377 { |
|
378 TPtr8 urlPtr = urlDetails.Des(); |
|
379 |
|
380 QString certUrl = "Location:"; |
|
381 QString certURLDetail = "(Not defined)"; |
|
382 TInt length = urlPtr.Length(); |
|
383 if(length != 0) |
|
384 { |
|
385 certURLDetail = QString((QChar*)urlPtr.Ptr(),urlPtr.Length()); |
|
386 } |
|
387 addToListWidget(certDisplayDetails, certUrl, certURLDetail); |
|
388 } |
|
389 |
|
390 void CpCertDetailView::addCertFormat( TCertificateFormat aCertFormat, HbListWidget& certDisplayDetails ) |
|
391 { |
|
392 // certificate format |
|
393 QString certFormat = "Certificate format:"; |
|
394 QString certFormatDetails = "(Not defined)"; |
|
395 if( aCertFormat == EX509Certificate || aCertFormat == EX509CertificateUrl) |
|
396 { |
|
397 certFormatDetails = "X509"; |
|
398 } |
|
399 addToListWidget(certDisplayDetails, certFormat, certFormatDetails); |
|
400 } |
|
401 |
|
402 void CpCertDetailView::addAlgoDetails( const CCertificate& certificate, |
|
403 HbListWidget& certDisplayDetails ) |
|
404 { |
|
405 // certificate algorithms |
|
406 QString sDgstAlgoDetails = "Unknown"; |
|
407 // digest algorithm |
|
408 TAlgorithmId algorithmId = certificate.SigningAlgorithm().DigestAlgorithm().Algorithm(); |
|
409 switch( algorithmId ) |
|
410 { |
|
411 case EMD2: |
|
412 { |
|
413 sDgstAlgoDetails = "MD2"; |
|
414 break; |
|
415 } |
|
416 case EMD5: |
|
417 { |
|
418 sDgstAlgoDetails = "MD5"; |
|
419 break; |
|
420 } |
|
421 case ESHA1: |
|
422 { |
|
423 sDgstAlgoDetails = "SHA1"; |
|
424 break; |
|
425 } |
|
426 } |
|
427 |
|
428 QString sAsymmetricAlgoDetails = asymmetricAlgoId(certificate); |
|
429 QString sAlgorithm("Algorithm:"); |
|
430 QString sAlgoDetails = "Unknown"; |
|
431 // If other algorithm is unknown |
|
432 if( sDgstAlgoDetails != "Unknown" && sAsymmetricAlgoDetails != "Unknown" ) |
|
433 { |
|
434 sAlgoDetails = sDgstAlgoDetails; |
|
435 sAlgoDetails.append(sAsymmetricAlgoDetails); |
|
436 } |
|
437 addToListWidget(certDisplayDetails, sAlgorithm, sAlgoDetails); |
|
438 } |
|
439 |
|
440 void CpCertDetailView::addSerialNo( const CCertificate& certificate, |
|
441 HbListWidget& certDisplayDetails ) |
|
442 { |
|
443 // certificate serial number |
|
444 QString sCertSerialNo("Serial number:"); |
|
445 QString sCertSerialNoDetails = 0; |
|
446 TPtrC8 serialNumber = certificate.SerialNumber(); |
|
447 TBuf<KMaxLengthTextSerialNumberFormatting> buf2; |
|
448 |
|
449 for( TInt i = 0; i < serialNumber.Length(); i++ ) |
|
450 { |
|
451 buf2.Format( KCertManUIDetailsViewHexaFormat, serialNumber[i] ); |
|
452 sCertSerialNoDetails.append( QString( (QChar*)buf2.Ptr(),buf2.Length() ) ); |
|
453 } |
|
454 addToListWidget(certDisplayDetails, sCertSerialNo, sCertSerialNoDetails); |
|
455 } |
|
456 |
|
457 void CpCertDetailView::addFingerprint( const CCertificate& certificate, |
|
458 HbListWidget& certDisplayDetails) |
|
459 { |
|
460 // certificate fingerprint SHA-1 |
|
461 QString sSha1("Fingerprint (SHA1):"); |
|
462 TPtrC8 sha1_fingerprint = certificate.Fingerprint(); |
|
463 HBufC* finalSha1 = NULL; |
|
464 QT_TRAP_THROWING( finalSha1 = HBufC::NewLC(100)); |
|
465 TPtr finalShaPtr = finalSha1->Des(); |
|
466 divideIntoBlocks( sha1_fingerprint, finalShaPtr ); |
|
467 QString sSha1Details = QString( (QChar*)finalShaPtr.Ptr(), finalShaPtr.Length() ); |
|
468 CleanupStack::PopAndDestroy(finalSha1); |
|
469 |
|
470 addToListWidget(certDisplayDetails, sSha1, sSha1Details); |
|
471 |
|
472 // certificate fingerprint MD5 |
|
473 QString sMd5("Fingerprint (MD5):"); |
|
474 CMD5* md5= NULL; |
|
475 QT_TRAP_THROWING( md5 = CMD5::NewL()); |
|
476 QT_TRAP_THROWING(CleanupStack::PushL( md5 )); |
|
477 TBuf8<20> fingerprint = md5->Hash( certificate.Encoding() ); |
|
478 CleanupStack::PopAndDestroy( md5 ); |
|
479 HBufC* finalMd5 = NULL; |
|
480 QT_TRAP_THROWING( finalMd5 = HBufC::NewLC(100)); |
|
481 TPtr finalMd5Ptr = finalMd5->Des(); |
|
482 divideIntoBlocks( fingerprint, finalMd5Ptr ); |
|
483 QString sMd5Details = QString( (QChar*)finalMd5Ptr.Ptr(), finalMd5Ptr.Length()); |
|
484 CleanupStack::PopAndDestroy(finalMd5); |
|
485 addToListWidget(certDisplayDetails, sMd5, sMd5Details); |
|
486 } |
|
487 |
|
488 void CpCertDetailView::addPublicKeyDetailsL( const CCertificate& certificate, |
|
489 HbListWidget& certDisplayDetails ) |
|
490 { |
|
491 // Public key |
|
492 // Should look like: "Public key (%0U %1N bit):" |
|
493 |
|
494 QString sPublicKey("Public key ("); // %S %d bits):"); |
|
495 sPublicKey.append(asymmetricAlgoId(certificate)); |
|
496 |
|
497 // Get public key already here to get length of it for string loader. |
|
498 const CSubjectPublicKeyInfo& publicKey = certificate.PublicKey(); |
|
499 TPtrC8 keyData = publicKey.KeyData(); |
|
500 TInt size = keyData.Size(); // %1N |
|
501 |
|
502 // To get key size decode DER encoded key got from the certificate. |
|
503 TX509KeyFactory key; |
|
504 |
|
505 // There doesn't seem to be definition of MAX_INT anywhere so calculate it. |
|
506 TReal maxInt; |
|
507 TReal intBits = sizeof( TInt ) * 8; |
|
508 Math::Pow( maxInt, 2, intBits ); |
|
509 maxInt = ( maxInt / 2 ) - 1; |
|
510 |
|
511 TAlgorithmId algorithmId = certificate.SigningAlgorithm().AsymmetricAlgorithm().Algorithm(); |
|
512 switch( algorithmId ) |
|
513 { |
|
514 case ERSA: |
|
515 { |
|
516 const CRSAPublicKey* keyRSA = key.RSAPublicKeyL( keyData ); |
|
517 |
|
518 const TInteger& n = keyRSA->N(); |
|
519 |
|
520 TUint keySizeN = n.BitCount(); |
|
521 |
|
522 // Play it safe. |
|
523 if( keySizeN < maxInt ) |
|
524 { |
|
525 size = keySizeN; |
|
526 } |
|
527 |
|
528 delete keyRSA; |
|
529 |
|
530 break; |
|
531 } |
|
532 case EDSA: |
|
533 { |
|
534 TPtrC8 params = publicKey.EncodedParams(); |
|
535 const CDSAPublicKey* keyDSA = key.DSAPublicKeyL( params, keyData ); |
|
536 |
|
537 const TInteger& y = keyDSA->Y(); |
|
538 |
|
539 TUint keySizeY = y.BitCount(); |
|
540 |
|
541 // Play it safe. |
|
542 if( keySizeY < maxInt ) |
|
543 { |
|
544 size = keySizeY; |
|
545 } |
|
546 |
|
547 delete keyDSA; |
|
548 |
|
549 break; |
|
550 } |
|
551 // There doesn't seem to be TX509KeyFactory function for DH keys. |
|
552 // If the key is DH or unknown, just multiply length of the key |
|
553 // in bytes with 8. It is not correct but at least gives an idea. |
|
554 // Without setting something to size 'unknown' text should be used |
|
555 // below for the string which is much more error prone than setting |
|
556 // at least something. |
|
557 case EDH: |
|
558 default: |
|
559 { |
|
560 size = 8 * keyData.Size(); |
|
561 } |
|
562 } |
|
563 |
|
564 sPublicKey.append(" ").append(QString::number(size)).append(" bits):"); |
|
565 |
|
566 // Finally append the public key. |
|
567 HBufC* pubKey = HBufC::NewLC(size*3); |
|
568 TPtr pubKeyPtr = pubKey->Des(); |
|
569 divideIntoBlocks( keyData, pubKeyPtr ); |
|
570 QString sPublicKeyDetails = QString ( (QChar*)pubKeyPtr.Ptr(), pubKeyPtr.Length()); |
|
571 CleanupStack::PopAndDestroy(pubKey); |
|
572 addToListWidget(certDisplayDetails, sPublicKey, sPublicKeyDetails); |
|
573 } |
|
574 |
|
575 QString CpCertDetailView::asymmetricAlgoId( const CCertificate& certificate ) |
|
576 { |
|
577 QString sAsymmetricAlgoId = 0; |
|
578 // public-key algorithm |
|
579 TAlgorithmId algorithmId = certificate.SigningAlgorithm().AsymmetricAlgorithm().Algorithm(); |
|
580 switch( algorithmId ) |
|
581 { |
|
582 case ERSA: |
|
583 { |
|
584 sAsymmetricAlgoId = "RSA"; |
|
585 break; |
|
586 } |
|
587 case EDSA: |
|
588 { |
|
589 sAsymmetricAlgoId = "DSA"; |
|
590 break; |
|
591 } |
|
592 case EDH: |
|
593 { |
|
594 sAsymmetricAlgoId = "DH"; |
|
595 break; |
|
596 } |
|
597 default: |
|
598 { |
|
599 sAsymmetricAlgoId = "Unknown"; |
|
600 } |
|
601 } |
|
602 return sAsymmetricAlgoId; |
|
603 } |
|
604 |
|
605 void CpCertDetailView::addToListWidget(HbListWidget& certDisplayDetails, const QString& data ) |
|
606 { |
|
607 HbListWidgetItem* wItem = q_check_ptr(new HbListWidgetItem()); |
|
608 wItem->setText(data); |
|
609 certDisplayDetails.addItem(wItem); |
|
610 } |
|
611 |
|
612 void CpCertDetailView::addToListWidget( HbListWidget& certDisplayDetails, |
|
613 const QString& displayString, |
|
614 const QString& displayDetails ) |
|
615 { |
|
616 HbListWidgetItem* wDisplayString = q_check_ptr(new HbListWidgetItem()); |
|
617 wDisplayString->setText(displayString); |
|
618 certDisplayDetails.addItem(wDisplayString); |
|
619 |
|
620 HbListWidgetItem* wDisplayDetails = q_check_ptr(new HbListWidgetItem()); |
|
621 wDisplayDetails->setText(displayDetails); |
|
622 certDisplayDetails.addItem(wDisplayDetails); |
|
623 } |
|
624 |
|
625 void CpCertDetailView::validateCertificateL( |
|
626 TInt aIndex, const CCertificate& certDetails, const CCTCertInfo& aCertInfo, CpCertView::TCertificateViews aType ) |
|
627 { |
|
628 |
|
629 TInt poppableItems = 0; |
|
630 // Check allways first the validity period |
|
631 // Show Expired/Not yet valid notes |
|
632 const CValidityPeriod& validityPeriod = certDetails.ValidityPeriod(); |
|
633 const TTime& startValue = validityPeriod.Start(); |
|
634 const TTime& finishValue = validityPeriod.Finish(); |
|
635 TTime current; |
|
636 current.UniversalTime(); |
|
637 |
|
638 if ( startValue > current ) |
|
639 { |
|
640 // certificate is not valid yet |
|
641 HbMessageBox::warning("The certificate is not valid yet"); |
|
642 } |
|
643 else if ( finishValue < current ) |
|
644 { |
|
645 // certificate is expired |
|
646 HbMessageBox::warning("The certificate has expired"); |
|
647 } |
|
648 else |
|
649 { |
|
650 // put here check for certificate status, show warning notes if needed |
|
651 TBool noValidationError = ETrue; |
|
652 CArrayFixFlat<TValidationError>* validationError = NULL; |
|
653 // set it to the most common cert format |
|
654 TCertificateFormat certificateFormat = EX509Certificate; |
|
655 |
|
656 if ( aType == CpCertView::EAuthorityView ) |
|
657 { |
|
658 certificateFormat = mCertDataContainer.iCALabelEntries[aIndex]-> |
|
659 iCAEntry->CertificateFormat(); |
|
660 } |
|
661 else if ( aType == CpCertView::ETrustedView ) |
|
662 { |
|
663 certificateFormat = mCertDataContainer.iPeerLabelEntries[aIndex]-> |
|
664 iPeerEntry->CertificateFormat(); |
|
665 } |
|
666 else if ( aType == CpCertView::EDeviceView ) |
|
667 { |
|
668 certificateFormat = mCertDataContainer.iDeviceLabelEntries[aIndex]-> |
|
669 iDeviceEntry->CertificateFormat(); |
|
670 } |
|
671 else if( aType == CpCertView::EPersonalView ) |
|
672 { |
|
673 certificateFormat = mCertDataContainer.iUserLabelEntries[aIndex]-> |
|
674 iUserEntry->CertificateFormat(); |
|
675 } |
|
676 |
|
677 switch ( certificateFormat ) |
|
678 { |
|
679 case EX509Certificate: |
|
680 { |
|
681 validationError = validateX509CertificateL((CX509Certificate&)certDetails ); |
|
682 break; |
|
683 } |
|
684 default: |
|
685 { |
|
686 validationError = new ( ELeave) CArrayFixFlat<TValidationError>( 1 ); |
|
687 break; |
|
688 } |
|
689 } |
|
690 CleanupStack::PushL( validationError ); |
|
691 poppableItems++; |
|
692 |
|
693 TInt errorCount = validationError->Count(); |
|
694 TBool ready = EFalse; |
|
695 for ( TInt i = 0; i < errorCount && !ready; i++ ) |
|
696 { |
|
697 TValidationError errorType = validationError->At(i); |
|
698 |
|
699 switch ( errorType ) |
|
700 { |
|
701 case EValidatedOK: |
|
702 case EChainHasNoRoot: |
|
703 case EBadKeyUsage: |
|
704 // Ignore these errors |
|
705 //LOG_WRITE( "Ignored certificate validation error" ); |
|
706 break; |
|
707 |
|
708 default: |
|
709 // certificate is corrupted |
|
710 noValidationError = EFalse; |
|
711 HbMessageBox::warning("The certificate is corrupted"); |
|
712 ready = ETrue; |
|
713 break; |
|
714 } |
|
715 } |
|
716 |
|
717 if ( noValidationError && (aType == CpCertView::EAuthorityView )) |
|
718 // Check for last if the CA certificate has no clients, |
|
719 // ie. the trust state of every client is No |
|
720 // For user certificates we don't do the check |
|
721 { |
|
722 |
|
723 RArray<TUid> trusterUids; |
|
724 CleanupClosePushL( trusterUids ); |
|
725 poppableItems++; |
|
726 |
|
727 mCertDataContainer.iWrapper->GetApplicationsL( |
|
728 mCertDataContainer.CertManager(), aCertInfo, trusterUids ); |
|
729 |
|
730 if ( trusterUids.Count() == 0) |
|
731 { |
|
732 HbMessageBox::warning("Certificate not trusted"); |
|
733 } |
|
734 } |
|
735 } |
|
736 CleanupStack::PopAndDestroy( poppableItems ); |
|
737 } |
|
738 |
|
739 CArrayFixFlat<TValidationError>* CpCertDetailView::validateX509CertificateL( const CX509Certificate& certDetails ) |
|
740 { |
|
741 TInt poppableItems = 0; |
|
742 CArrayFixFlat<TValidationError>* validationError = |
|
743 new ( ELeave ) CArrayFixFlat<TValidationError>( 1 ); |
|
744 CleanupStack::PushL( validationError ); //This is returned, so it isn't destroyed at the end. |
|
745 |
|
746 TTime GMTTime; |
|
747 GMTTime.UniversalTime(); // Get Universal Time |
|
748 RPointerArray<CX509Certificate> certArray; |
|
749 certArray.Append( &certDetails ); |
|
750 |
|
751 CPKIXCertChain* chain = CPKIXCertChain::NewLC( |
|
752 mCertDataContainer.iRfs, certDetails.Encoding(), certArray ); |
|
753 ++poppableItems; |
|
754 |
|
755 CPKIXValidationResult* result = CPKIXValidationResult::NewLC(); |
|
756 ++poppableItems; |
|
757 mCertDataContainer.iWrapper->ValidateX509RootCertificateL( result, GMTTime, chain ); |
|
758 |
|
759 TValidationStatus validationStatus = result->Error(); |
|
760 //Set reserve space. One for error, other for warnings. |
|
761 validationError->SetReserveL( 1 + result->Warnings().Count() ); |
|
762 validationError->AppendL(validationStatus.iReason); |
|
763 for ( TUint8 i = 0; i < result->Warnings().Count(); i++ ) |
|
764 { |
|
765 validationError->AppendL( result->Warnings().At(0).iReason ); |
|
766 } |
|
767 |
|
768 CleanupStack::PopAndDestroy( poppableItems, chain ); // All but validationError. |
|
769 CleanupStack::Pop(validationError); |
|
770 return validationError; |
|
771 } |
|
772 |
|
773 TKeyUsagePKCS15 CpCertDetailView::keyUsageAndLocationL( const CCTCertInfo& certEntry, |
|
774 TUid* keyLocation ) |
|
775 { |
|
776 TKeyUsagePKCS15 keyUsage; |
|
777 |
|
778 // Check whether we have key for this certificate |
|
779 RMPointerArray<CCTKeyInfo> keyEntry; |
|
780 TCTKeyAttributeFilter filter; |
|
781 filter.iKeyId = certEntry.SubjectKeyId(); |
|
782 |
|
783 mCertDataContainer.iWrapper->ListL( mCertDataContainer.KeyManager(), &keyEntry, filter ); |
|
784 |
|
785 if (keyEntry.Count()) |
|
786 { |
|
787 keyUsage = keyEntry[0]->Usage(); |
|
788 // Get Location |
|
789 keyLocation->iUid = keyEntry[0]->Token().TokenType().Type().iUid ; |
|
790 } |
|
791 else |
|
792 { |
|
793 keyUsage = EPKCS15UsageNone; |
|
794 } |
|
795 |
|
796 keyEntry.Close(); |
|
797 return keyUsage; |
|
798 } |
|
799 |
|
800 // --------------------------------------------------------- |
|
801 // CCertManUICertificateHelper::setLocationInfo( (HBufC& aMessage, |
|
802 // TBool certificate, |
|
803 // TUid* aLocUid) |
|
804 // Adds certificate/private key's location info to certificate details |
|
805 // --------------------------------------------------------- |
|
806 // |
|
807 void CpCertDetailView::setLocationInfo(TBool certificate, TUid locUid, HbListWidget& certDisplayDetails) |
|
808 { |
|
809 |
|
810 QString locationDetails = "(Not defined)"; |
|
811 |
|
812 switch ( locUid.iUid ) |
|
813 { |
|
814 case KFileCertStoreUid: |
|
815 case KTrustedServerCertStoreUid: |
|
816 case KDeviceCertStoreUid: |
|
817 case KDeviceKeyStoreUid: |
|
818 case KTokenTypeFileKeystore: |
|
819 locationDetails = "Phone memory"; |
|
820 break; |
|
821 |
|
822 case KWIMCertStoreUid: |
|
823 locationDetails = "Smart card"; |
|
824 break; |
|
825 |
|
826 default: |
|
827 if ( !certificate ) |
|
828 { |
|
829 locationDetails = "No private key"; |
|
830 } |
|
831 break; |
|
832 } |
|
833 |
|
834 QString location = "Location:"; |
|
835 if ( !certificate ) |
|
836 { |
|
837 location = "Private key location:"; |
|
838 } |
|
839 |
|
840 addToListWidget(certDisplayDetails, location, locationDetails ); |
|
841 |
|
842 } |
|
843 |
|
844 // --------------------------------------------------------- |
|
845 // CCertManUICertificateHelper::divideIntoBlocks |
|
846 // --------------------------------------------------------- |
|
847 // |
|
848 void CpCertDetailView::divideIntoBlocks( const TDesC8& input, TPtr& output ) |
|
849 { |
|
850 const TInt KBlockLength = 2; |
|
851 TInt blockIndex = 0; |
|
852 for ( TInt j = 0 ; j < input.Length() ; j++ ) |
|
853 { |
|
854 if ( blockIndex == KBlockLength ) |
|
855 { |
|
856 output.Append( KBlockSeparator ); |
|
857 blockIndex = 0; |
|
858 } |
|
859 output.AppendNumFixedWidthUC( (TUint)(input[ j ]), EHex, 2 ); |
|
860 ++blockIndex; |
|
861 } |
|
862 } |
|
863 |
|
864 |