1 // Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).

     2 // All rights reserved.

     3 // This component and the accompanying materials are made available

     4 // under the terms of "Eclipse Public License v1.0"

     5 // which accompanies this distribution, and is available

     6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".

     7 //

     8 // Initial Contributors:

     9 // Nokia Corporation - initial contribution.

    10 //

    11 // Contributors:

    12 //

    13 // Description:

    14 // Implement response cert info object methods

    15 // 

    16 //

    17 

    18 #include "certid.h"

    19 #include <ocsp.h>

    20 

    21 #include <asn1dec.h>

    22 #include "ocsprequestandresponse.h"

    23 

    24 const TUint KNextUpdateTag = 0;

    25 const TUint KSingleExtensionsTag = 1;

    26 

    27 const TUint KGoodTag = 0;

    28 const TUint KRevokedTag = 1;

    29 const TUint KUnknownTag = 2;

    30 

    31 COCSPResponseCertInfo* COCSPResponseCertInfo::NewLC(CArrayPtr<TASN1DecGeneric>& aItems)

    32 	{

    33 	COCSPResponseCertInfo* self = new (ELeave) COCSPResponseCertInfo;

    34 	CleanupStack::PushL(self);

    35 	self->ConstructL(aItems);

    36 	return self;

    37 	}

    38 

    39 

    40 COCSPResponseCertInfo::~COCSPResponseCertInfo()

    41 	{

    42 	delete iNextUpdate;

    43 	delete iRevocationTime;

    44 	delete iCertID;

    45 	}

    46 

    47 

    48 EXPORT_C OCSP::TResult COCSPResponseCertInfo::Status() const

    49 	{

    50 	return iStatus;

    51 	}

    52 

    53 

    54 EXPORT_C TTime COCSPResponseCertInfo::ThisUpdate() const

    55 	{

    56 	return iThisUpdate;

    57 	}

    58 

    59 

    60 EXPORT_C const TTime* COCSPResponseCertInfo::NextUpdate() const

    61 	{

    62 	return iNextUpdate;

    63 	}

    64 

    65 

    66 EXPORT_C const TTime* COCSPResponseCertInfo::RevocationTime() const

    67 	{

    68 	return iRevocationTime;

    69 	}

    70 

    71 

    72 COCSPCertID& COCSPResponseCertInfo::CertID() const

    73 	{

    74 	return *iCertID;

    75 	}

    76 

    77 

    78 void COCSPResponseCertInfo::ConstructL(CArrayPtr<TASN1DecGeneric>& aItems)

    79 	{

    80 	// The CertID

    81 	iCertID = COCSPCertID::NewL(aItems.At(0)->Encoding());

    82 	

    83 	// The cert status - implicitly tagged

    84 	TASN1DecGeneric& statusDec = *aItems.At(1);

    85 	switch(statusDec.Tag())

    86 		{

    87 		case KGoodTag:

    88 			iStatus = OCSP::EGood;

    89 			break;

    90 		case KRevokedTag:

    91 			{

    92 			iStatus = OCSP::ERevoked;

    93 

    94 			// Get revocation time

    95 			TASN1DecSequence seqDec;

    96 			CArrayPtr<TASN1DecGeneric>* revokedInfo = seqDec.DecodeDERLC(statusDec, 1, 2);

    97 			TASN1DecGeneric& revocationTimeDec = *revokedInfo->At(0);

    98 			if (revocationTimeDec.Tag() != EASN1GeneralizedTime)

    99 				{

   100 				User::Leave(OCSP::EMalformedResponse);

   101 				}

   102 

   103 			TASN1DecGeneralizedTime decGT;

   104 			iRevocationTime = new (ELeave) TTime(decGT.DecodeDERL(revocationTimeDec));

   105 

   106 			CleanupStack::PopAndDestroy(revokedInfo);

   107 			break;

   108 			}

   109 		case KUnknownTag:

   110 			iStatus = OCSP::EUnknown;

   111 			break;

   112 		default:

   113 			User::Leave(OCSP::EMalformedResponse);

   114 		}

   115 		

   116 	// Carry on with thisUpdate

   117 	TASN1DecGeneralizedTime decGT;

   118 	iThisUpdate = decGT.DecodeDERL(*aItems.At(2));

   119 

   120 	// Optional bits...

   121 	TInt numItems = aItems.Count();

   122 	if (numItems > 3)

   123 		{

   124 		TInt nextItem = 3;

   125 

   126 		// Maybe nextUpdate is there too

   127 		TASN1DecGeneric& item4 = *aItems.At(3);

   128 		if (item4.Tag() == KNextUpdateTag)

   129 			{

   130 			++nextItem;

   131 			TASN1DecGeneralizedTime decGT;

   132 			TInt pos = 0;

   133 			iNextUpdate = new (ELeave) TTime (decGT.DecodeDERL(item4.GetContentDER(), pos));

   134 			}

   135 

   136 		// Check for extensions - we don't support any, but we need to leave if there are any marked 'critical'

   137 		if (nextItem < numItems)

   138 			{

   139 			TASN1DecGeneric& extnList = *aItems.At(nextItem);

   140 			if (extnList.Tag() == KSingleExtensionsTag)

   141 				{

   142 				// OK, we've got extensions, with an explicit tag.  Loop through them...

   143 				TASN1DecSequence decSeq;

   144 				TInt pos = 0;

   145 				CArrayPtr<TASN1DecGeneric>* extns = decSeq.DecodeDERLC(extnList.GetContentDER(), pos);

   146 				TInt numExts = extns->Count();

   147 				for (TInt extIndex = 0; extIndex < numExts; ++extIndex)

   148 					{

   149 					TASN1DecGeneric& ext = *extns->At(extIndex);

   150 					CArrayPtr<TASN1DecGeneric>* terms = decSeq.DecodeDERLC(ext);

   151 

   152 					// Check critical flag (may be absent - default value false

   153 					if (terms->Count() == 3)

   154 						{

   155 						TASN1DecBoolean boolDec;

   156 						if (boolDec.DecodeDERL(*terms->At(1)))

   157 							{

   158 							User::Leave(OCSP::EUnknownCriticalExtension);

   159 							}

   160 						}

   161 					CleanupStack::PopAndDestroy(); // Clean up 'terms'

   162 					}

   163 				CleanupStack::PopAndDestroy(); // Clean up 'extns'

   164 				}

   165 			}

   166 		}

   167 	}