|
1 // Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // Implement response cert info object methods |
|
15 // |
|
16 // |
|
17 |
|
18 #include "certid.h" |
|
19 #include <ocsp.h> |
|
20 |
|
21 #include <asn1dec.h> |
|
22 #include "ocsprequestandresponse.h" |
|
23 |
|
24 const TUint KNextUpdateTag = 0; |
|
25 const TUint KSingleExtensionsTag = 1; |
|
26 |
|
27 const TUint KGoodTag = 0; |
|
28 const TUint KRevokedTag = 1; |
|
29 const TUint KUnknownTag = 2; |
|
30 |
|
31 COCSPResponseCertInfo* COCSPResponseCertInfo::NewLC(CArrayPtr<TASN1DecGeneric>& aItems) |
|
32 { |
|
33 COCSPResponseCertInfo* self = new (ELeave) COCSPResponseCertInfo; |
|
34 CleanupStack::PushL(self); |
|
35 self->ConstructL(aItems); |
|
36 return self; |
|
37 } |
|
38 |
|
39 |
|
40 COCSPResponseCertInfo::~COCSPResponseCertInfo() |
|
41 { |
|
42 delete iNextUpdate; |
|
43 delete iRevocationTime; |
|
44 delete iCertID; |
|
45 } |
|
46 |
|
47 |
|
48 EXPORT_C OCSP::TResult COCSPResponseCertInfo::Status() const |
|
49 { |
|
50 return iStatus; |
|
51 } |
|
52 |
|
53 |
|
54 EXPORT_C TTime COCSPResponseCertInfo::ThisUpdate() const |
|
55 { |
|
56 return iThisUpdate; |
|
57 } |
|
58 |
|
59 |
|
60 EXPORT_C const TTime* COCSPResponseCertInfo::NextUpdate() const |
|
61 { |
|
62 return iNextUpdate; |
|
63 } |
|
64 |
|
65 |
|
66 EXPORT_C const TTime* COCSPResponseCertInfo::RevocationTime() const |
|
67 { |
|
68 return iRevocationTime; |
|
69 } |
|
70 |
|
71 |
|
72 COCSPCertID& COCSPResponseCertInfo::CertID() const |
|
73 { |
|
74 return *iCertID; |
|
75 } |
|
76 |
|
77 |
|
78 void COCSPResponseCertInfo::ConstructL(CArrayPtr<TASN1DecGeneric>& aItems) |
|
79 { |
|
80 // The CertID |
|
81 iCertID = COCSPCertID::NewL(aItems.At(0)->Encoding()); |
|
82 |
|
83 // The cert status - implicitly tagged |
|
84 TASN1DecGeneric& statusDec = *aItems.At(1); |
|
85 switch(statusDec.Tag()) |
|
86 { |
|
87 case KGoodTag: |
|
88 iStatus = OCSP::EGood; |
|
89 break; |
|
90 case KRevokedTag: |
|
91 { |
|
92 iStatus = OCSP::ERevoked; |
|
93 |
|
94 // Get revocation time |
|
95 TASN1DecSequence seqDec; |
|
96 CArrayPtr<TASN1DecGeneric>* revokedInfo = seqDec.DecodeDERLC(statusDec, 1, 2); |
|
97 TASN1DecGeneric& revocationTimeDec = *revokedInfo->At(0); |
|
98 if (revocationTimeDec.Tag() != EASN1GeneralizedTime) |
|
99 { |
|
100 User::Leave(OCSP::EMalformedResponse); |
|
101 } |
|
102 |
|
103 TASN1DecGeneralizedTime decGT; |
|
104 iRevocationTime = new (ELeave) TTime(decGT.DecodeDERL(revocationTimeDec)); |
|
105 |
|
106 CleanupStack::PopAndDestroy(revokedInfo); |
|
107 break; |
|
108 } |
|
109 case KUnknownTag: |
|
110 iStatus = OCSP::EUnknown; |
|
111 break; |
|
112 default: |
|
113 User::Leave(OCSP::EMalformedResponse); |
|
114 } |
|
115 |
|
116 // Carry on with thisUpdate |
|
117 TASN1DecGeneralizedTime decGT; |
|
118 iThisUpdate = decGT.DecodeDERL(*aItems.At(2)); |
|
119 |
|
120 // Optional bits... |
|
121 TInt numItems = aItems.Count(); |
|
122 if (numItems > 3) |
|
123 { |
|
124 TInt nextItem = 3; |
|
125 |
|
126 // Maybe nextUpdate is there too |
|
127 TASN1DecGeneric& item4 = *aItems.At(3); |
|
128 if (item4.Tag() == KNextUpdateTag) |
|
129 { |
|
130 ++nextItem; |
|
131 TASN1DecGeneralizedTime decGT; |
|
132 TInt pos = 0; |
|
133 iNextUpdate = new (ELeave) TTime (decGT.DecodeDERL(item4.GetContentDER(), pos)); |
|
134 } |
|
135 |
|
136 // Check for extensions - we don't support any, but we need to leave if there are any marked 'critical' |
|
137 if (nextItem < numItems) |
|
138 { |
|
139 TASN1DecGeneric& extnList = *aItems.At(nextItem); |
|
140 if (extnList.Tag() == KSingleExtensionsTag) |
|
141 { |
|
142 // OK, we've got extensions, with an explicit tag. Loop through them... |
|
143 TASN1DecSequence decSeq; |
|
144 TInt pos = 0; |
|
145 CArrayPtr<TASN1DecGeneric>* extns = decSeq.DecodeDERLC(extnList.GetContentDER(), pos); |
|
146 TInt numExts = extns->Count(); |
|
147 for (TInt extIndex = 0; extIndex < numExts; ++extIndex) |
|
148 { |
|
149 TASN1DecGeneric& ext = *extns->At(extIndex); |
|
150 CArrayPtr<TASN1DecGeneric>* terms = decSeq.DecodeDERLC(ext); |
|
151 |
|
152 // Check critical flag (may be absent - default value false |
|
153 if (terms->Count() == 3) |
|
154 { |
|
155 TASN1DecBoolean boolDec; |
|
156 if (boolDec.DecodeDERL(*terms->At(1))) |
|
157 { |
|
158 User::Leave(OCSP::EUnknownCriticalExtension); |
|
159 } |
|
160 } |
|
161 CleanupStack::PopAndDestroy(); // Clean up 'terms' |
|
162 } |
|
163 CleanupStack::PopAndDestroy(); // Clean up 'extns' |
|
164 } |
|
165 } |
|
166 } |
|
167 } |