|
1 /* |
|
2 * Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Implementation of single authentication object |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 // INCLUDE FILES |
|
20 |
|
21 #include "WimSecModuleMgr.h" |
|
22 #include "WimAuthenticationObject.h" |
|
23 #include "WimPin.h" |
|
24 #include "WimTrace.h" |
|
25 //#include "WimDebug.h" |
|
26 #include "WimTokenListener.h" |
|
27 #include "WimImplementationUID.hrh" |
|
28 #include <unifiedkeystore.h> |
|
29 |
|
30 // ============================ MEMBER FUNCTIONS =============================== |
|
31 |
|
32 // ----------------------------------------------------------------------------- |
|
33 // CWimAuthenticationObject::CWimAuthenticationObject() |
|
34 // Defalt constructor |
|
35 // ----------------------------------------------------------------------------- |
|
36 // |
|
37 CWimAuthenticationObject::CWimAuthenticationObject( |
|
38 CWimToken& aToken, |
|
39 CWimPin& aWimPin, |
|
40 const TUid aType, |
|
41 const TInt aHandle, |
|
42 TUint32 aObjectStatus ) : |
|
43 |
|
44 CActive( EPriorityNormal ), |
|
45 MCTAuthenticationObject( aToken ), |
|
46 iToken( aToken ), |
|
47 iWimPin ( aWimPin ), |
|
48 iType ( aType ), |
|
49 iObjectId ( aHandle ), |
|
50 iObjectStatus( aObjectStatus ), |
|
51 iTokenWider( aToken ) |
|
52 |
|
53 { |
|
54 CActiveScheduler::Add( this ); |
|
55 iPhase = EIdle; |
|
56 } |
|
57 |
|
58 // ----------------------------------------------------------------------------- |
|
59 // CWimAuthenticationObject::NewLC() |
|
60 // Two-phased constructor. One object stays in cleanup stack. |
|
61 // ----------------------------------------------------------------------------- |
|
62 // |
|
63 CWimAuthenticationObject* CWimAuthenticationObject::NewLC( |
|
64 CWimToken& aToken, |
|
65 CWimPin& aWimPin, |
|
66 const TDesC& aLabel, |
|
67 const TUid aType, |
|
68 const TInt aHandle, |
|
69 TUint32 aObjectStatus ) |
|
70 { |
|
71 _WIMTRACE ( _L( "CWimAuthenticationObject::NewLC()" ) ); |
|
72 __ASSERT_ALWAYS( aLabel.Length() > 0, User::Leave( KErrArgument ) ); |
|
73 |
|
74 if ( aType.iUid != WIM_PIN_G_UID && aType.iUid != WIM_PIN_NR_UID ) |
|
75 { |
|
76 User::Leave( KErrArgument ); |
|
77 } |
|
78 |
|
79 CWimAuthenticationObject* that = |
|
80 new( ELeave ) CWimAuthenticationObject( aToken, |
|
81 aWimPin, |
|
82 aType, |
|
83 aHandle, |
|
84 aObjectStatus ); |
|
85 CleanupStack::PushL( that ); |
|
86 that->ConstructL( aLabel ); |
|
87 return that; |
|
88 } |
|
89 |
|
90 // ----------------------------------------------------------------------------- |
|
91 // CWimAuthenticationObject::ConstructL() |
|
92 // Second phase constructor. |
|
93 // ----------------------------------------------------------------------------- |
|
94 // |
|
95 void CWimAuthenticationObject::ConstructL( const TDesC& aLabel ) |
|
96 { |
|
97 _WIMTRACE ( _L( "CWimAuthenticationObject::ConstructL()" ) ); |
|
98 iLabel = aLabel.AllocL(); |
|
99 iPhase = EIdle; |
|
100 } |
|
101 |
|
102 // ----------------------------------------------------------------------------- |
|
103 // CWimAuthenticationObject::~CWimAuthenticationObject() |
|
104 // Destructor |
|
105 // ----------------------------------------------------------------------------- |
|
106 // |
|
107 CWimAuthenticationObject::~CWimAuthenticationObject() |
|
108 { |
|
109 _WIMTRACE ( _L( "CWimAuthenticationObject::~CWimAuthenticationObject()" ) ); |
|
110 Cancel(); |
|
111 FreeUnifiedKeyStore(); |
|
112 FreeUnifiedCertStore(); |
|
113 delete iCertFilter; |
|
114 delete iLabel; |
|
115 } |
|
116 |
|
117 // ============================ MEMBER FUNCTIONS =============================== |
|
118 |
|
119 // ----------------------------------------------------------------------------- |
|
120 // CWimAuthenticationObject::Label() |
|
121 // Returns a reference to this authentication object's label. |
|
122 // ----------------------------------------------------------------------------- |
|
123 // |
|
124 const TDesC& CWimAuthenticationObject::Label() const |
|
125 { |
|
126 _WIMTRACE ( _L( "CWimAuthenticationObject::Label()" ) ); |
|
127 |
|
128 return *iLabel; |
|
129 } |
|
130 |
|
131 // ----------------------------------------------------------------------------- |
|
132 // CWimAuthenticationObject::Token() |
|
133 // Returns a reference to token (MCTToken) of this authentication object |
|
134 // ----------------------------------------------------------------------------- |
|
135 // |
|
136 MCTToken& CWimAuthenticationObject::Token() const |
|
137 { |
|
138 _WIMTRACE ( _L( "CWimAuthenticationObject::Token()" ) ); |
|
139 return iToken; |
|
140 } |
|
141 |
|
142 // ----------------------------------------------------------------------------- |
|
143 // CWimAuthenticationObject::TokenWider() |
|
144 // Returns a reference to token (CWimToken) of this authentication object |
|
145 // ----------------------------------------------------------------------------- |
|
146 // |
|
147 CWimToken& CWimAuthenticationObject::TokenWider() const |
|
148 { |
|
149 _WIMTRACE ( _L( "CWimAuthenticationObject::TokenWider()" ) ); |
|
150 return iTokenWider; |
|
151 } |
|
152 |
|
153 // ----------------------------------------------------------------------------- |
|
154 // CWimAuthenticationObject::Type() |
|
155 // Returns type (TUid) of current authentication object. |
|
156 // WIM_PIN_G_UID or WIM_PIN_NR_UID |
|
157 // ----------------------------------------------------------------------------- |
|
158 // |
|
159 TUid CWimAuthenticationObject::Type() const |
|
160 { |
|
161 _WIMTRACE ( _L( "CWimAuthenticationObject::Type()" ) ); |
|
162 return iType; |
|
163 } |
|
164 |
|
165 // ----------------------------------------------------------------------------- |
|
166 // CWimAuthenticationObject::Release() |
|
167 // Deletes this instance |
|
168 // ----------------------------------------------------------------------------- |
|
169 // |
|
170 void CWimAuthenticationObject::DoRelease() |
|
171 { |
|
172 _WIMTRACE ( _L( "CWimAuthenticationObject::DoRelease()" ) ); |
|
173 delete this; |
|
174 } |
|
175 |
|
176 // ----------------------------------------------------------------------------- |
|
177 // CWimAuthenticationObject::Handle() |
|
178 // Returns a handle (TCTTokenObjectHandle) of this authentication object. |
|
179 // iObjectId runs from 0 to N where N is (count of authentication objects) - 1 |
|
180 // ----------------------------------------------------------------------------- |
|
181 // |
|
182 TCTTokenObjectHandle CWimAuthenticationObject::Handle() const |
|
183 { |
|
184 _WIMTRACE ( _L( "CWimAuthenticationObject::Handle()" ) ); |
|
185 return TCTTokenObjectHandle( Token().Handle(), iObjectId ); |
|
186 } |
|
187 |
|
188 // ----------------------------------------------------------------------------- |
|
189 // CWimAuthenticationObject::PinModule() |
|
190 // Returns a reference to pin module manager (CWimPin) |
|
191 // ----------------------------------------------------------------------------- |
|
192 // |
|
193 CWimPin& CWimAuthenticationObject::PinModule() const |
|
194 { |
|
195 _WIMTRACE ( _L( "CWimAuthenticationObject::PinModule()" ) ); |
|
196 return iWimPin; |
|
197 } |
|
198 // ----------------------------------------------------------------------------- |
|
199 // CWimAuthenticationObject::ListProtectedObjects() |
|
200 // Returns a list of all the objects which this authentication object protects. |
|
201 // Procedure: 1. Fetch all keys this authentication object protects |
|
202 // 2. Fetch certificates those keys are used for and |
|
203 // 3. Make objects from those protected keys and certificates |
|
204 // ----------------------------------------------------------------------------- |
|
205 // |
|
206 void CWimAuthenticationObject:: |
|
207 ListProtectedObjects( RMPointerArray<MCTTokenObject>& aObjects, |
|
208 TRequestStatus& aStatus ) |
|
209 { |
|
210 _WIMTRACE ( _L( "CWimAuthenticationObject::ListProtectedObjects()" ) ); |
|
211 |
|
212 if ( !EnteringAllowed( aStatus ) ) |
|
213 { |
|
214 return; |
|
215 } |
|
216 |
|
217 iObjects = &aObjects; |
|
218 |
|
219 iKeyInfos.Close(); |
|
220 |
|
221 iFs = static_cast<CCTTokenType&>( Token().TokenType() ).Fs(); |
|
222 |
|
223 TRAPD( err, iUnifiedKeyStore = CUnifiedKeyStore::NewL( iFs ) ); |
|
224 |
|
225 if ( err != KErrNone ) |
|
226 { |
|
227 User::RequestComplete( iOriginalRequestStatus, err ); |
|
228 } |
|
229 else |
|
230 { |
|
231 iStatus = KRequestPending; |
|
232 iUnifiedKeyStore->Initialize( iStatus ); |
|
233 iPhase = EGetKeyInfos; |
|
234 SetActive(); |
|
235 } |
|
236 } |
|
237 |
|
238 // ----------------------------------------------------------------------------- |
|
239 // void CWimAuthenticationObject::RunL() |
|
240 // Core operations are done here. |
|
241 // ----------------------------------------------------------------------------- |
|
242 // |
|
243 void CWimAuthenticationObject::RunL() |
|
244 { |
|
245 switch ( iPhase ) |
|
246 { |
|
247 case EGetKeyInfos: |
|
248 { |
|
249 if ( iStatus.Int() == KErrNone ) |
|
250 { |
|
251 iKeyFilter.iKeyId = KNullDesC8; |
|
252 iKeyFilter.iUsage = EPKCS15UsageAll; |
|
253 iStatus = KRequestPending; |
|
254 iPhase = EFilterKeys; |
|
255 iStatus = KRequestPending; |
|
256 iUnifiedKeyStore->List( iKeyInfos, iKeyFilter, iStatus ); |
|
257 SetActive(); |
|
258 } |
|
259 else // Something went wrong (or call was cancelled) with |
|
260 // iUnifiedKeyStore->Initialize( iStatus ) |
|
261 { |
|
262 FreeUnifiedKeyStore(); |
|
263 iPhase = EIdle; |
|
264 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
265 } |
|
266 break; |
|
267 } |
|
268 case EFilterKeys: |
|
269 { |
|
270 DoFilterKeys(); |
|
271 break; |
|
272 } |
|
273 case EGetCerts: |
|
274 { |
|
275 // In this phase cert store must allways be NULL |
|
276 if ( !iUnifiedCertStore ) |
|
277 { |
|
278 iFs = static_cast<CCTTokenType&>( Token().TokenType() ).Fs(); |
|
279 iUnifiedCertStore = CUnifiedCertStore::NewL( iFs, EFalse ); |
|
280 iStatus = KRequestPending; |
|
281 iPhase = EInitCertStore; |
|
282 iUnifiedCertStore->Initialize( iStatus ); |
|
283 SetActive(); |
|
284 } |
|
285 else |
|
286 { |
|
287 FreeUnifiedKeyStore(); |
|
288 iPhase = EIdle; |
|
289 User::RequestComplete( iOriginalRequestStatus, KErrCorrupt ); |
|
290 } |
|
291 break; |
|
292 } |
|
293 case EInitCertStore: |
|
294 { |
|
295 // Called when cert store init completes |
|
296 if ( iStatus.Int() == KErrNone ) |
|
297 { |
|
298 if ( iCertFilter ) |
|
299 { |
|
300 delete iCertFilter; |
|
301 iCertFilter = NULL; |
|
302 } |
|
303 iCertFilter = CCertAttributeFilter::NewL(); |
|
304 iStatus = KRequestPending; |
|
305 iPhase = EListCertEntries; |
|
306 iUnifiedCertStore->List( iCertStoreEntries, |
|
307 *iCertFilter, |
|
308 iStatus ); |
|
309 SetActive(); |
|
310 } |
|
311 else // Something went wrong (or call was cancelled) with |
|
312 // iUnifiedCertStore->Initialize( iStatus ) |
|
313 { |
|
314 FreeUnifiedKeyStore(); |
|
315 FreeUnifiedCertStore(); |
|
316 iPhase = EIdle; |
|
317 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
318 } |
|
319 break; |
|
320 } |
|
321 case EListCertEntries: |
|
322 { |
|
323 DoListCertEntries(); |
|
324 break; |
|
325 } |
|
326 case EMakeObjects: |
|
327 { |
|
328 DoMakeObjectsL(); |
|
329 break; |
|
330 } |
|
331 case EEnablePinQuery: |
|
332 { |
|
333 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
334 break; |
|
335 } |
|
336 case EDisablePinQuery: |
|
337 { |
|
338 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
339 break; |
|
340 } |
|
341 case EChangePin: |
|
342 { |
|
343 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
344 break; |
|
345 } |
|
346 case EUnblockPin: |
|
347 { |
|
348 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
349 break; |
|
350 } |
|
351 case EVerifyPin: |
|
352 { |
|
353 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
354 break; |
|
355 } |
|
356 default: |
|
357 { |
|
358 User::RequestComplete( iOriginalRequestStatus, KErrCorrupt ); |
|
359 break; |
|
360 } |
|
361 } |
|
362 } |
|
363 |
|
364 // ----------------------------------------------------------------------------- |
|
365 // void CWimAuthenticationObject::DoFilterKeys() |
|
366 // Select keys according to given filter |
|
367 // ----------------------------------------------------------------------------- |
|
368 // |
|
369 void CWimAuthenticationObject::DoFilterKeys() |
|
370 { |
|
371 _WIMTRACE ( _L( "CWimAuthenticationObject::DoFilterKeys()" ) ); |
|
372 if ( iStatus.Int() == KErrNone ) |
|
373 { |
|
374 // From all keys get only those that match with |
|
375 // this protector |
|
376 TInt count = iKeyInfos.Count(); |
|
377 TInt i = 0; |
|
378 for ( i = 0; i < count ; i++ ) |
|
379 { |
|
380 // If protector is not set or protector is not this, delete item |
|
381 if ( !iKeyInfos[i]->Protector() || |
|
382 ( iKeyInfos[i]->Protector()->Handle().iObjectId != |
|
383 this->Handle().iObjectId ) ) |
|
384 { |
|
385 // If match is not found, delete object |
|
386 CCTKeyInfo* keyinfo = ( iKeyInfos ) [i]; |
|
387 keyinfo->Release(); |
|
388 ( iKeyInfos ) [i] = NULL; |
|
389 } |
|
390 } |
|
391 i = 0; |
|
392 while ( count ) |
|
393 { |
|
394 if ( !iKeyInfos[i] ) |
|
395 { |
|
396 // Remove element placeholder from CWimCertStore array |
|
397 iKeyInfos.Remove( i ); |
|
398 } |
|
399 else |
|
400 { |
|
401 i++; |
|
402 } |
|
403 count--; |
|
404 } |
|
405 iKeyInfos.Compress(); |
|
406 count = iKeyInfos.Count(); |
|
407 if ( count ) // Continue handling |
|
408 { |
|
409 iPhase = EGetCerts; |
|
410 TRequestStatus* status = &iStatus; |
|
411 User::RequestComplete( status, KErrNone ); |
|
412 SetActive(); |
|
413 } |
|
414 else // No keys, no continue |
|
415 { |
|
416 FreeUnifiedKeyStore(); |
|
417 iPhase = EIdle; |
|
418 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
419 } |
|
420 } |
|
421 else // Something went wrong (or call was cancelled) with |
|
422 // iUnifiedKeyStore->List(...) |
|
423 { |
|
424 FreeUnifiedKeyStore(); |
|
425 iPhase = EIdle; |
|
426 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
427 } |
|
428 } |
|
429 |
|
430 // ----------------------------------------------------------------------------- |
|
431 // void CWimAuthenticationObject::DoListCertEntries() |
|
432 // Select certificates according to keys |
|
433 // ----------------------------------------------------------------------------- |
|
434 // |
|
435 void CWimAuthenticationObject::DoListCertEntries() |
|
436 { |
|
437 _WIMTRACE ( _L( "CWimAuthenticationObject::DoListCertEntries()" ) ); |
|
438 if ( iStatus.Int() == KErrNone ) |
|
439 { |
|
440 // All certs are listed |
|
441 // Match every cert to keys. If match not found, delete cert |
|
442 TInt certcount = iCertStoreEntries.Count(); |
|
443 TInt i = 0; |
|
444 for ( i = 0; i < certcount; i++ ) |
|
445 { |
|
446 TInt keycount = iKeyInfos.Count(); |
|
447 TInt j = 0; |
|
448 for ( j = 0; j < keycount; j++ ) |
|
449 { |
|
450 if ( iKeyInfos[j]->ID() == |
|
451 iCertStoreEntries[i]->SubjectKeyId() ) |
|
452 { |
|
453 j = keycount + 1; |
|
454 } |
|
455 } |
|
456 if ( j == keycount ) |
|
457 { |
|
458 // If match is not found, delete object and remove item |
|
459 CCTCertInfo* certinfo = ( iCertStoreEntries ) [i]; |
|
460 // Delete object self |
|
461 certinfo->Release(); |
|
462 ( iCertStoreEntries ) [i] = NULL; |
|
463 } |
|
464 } |
|
465 i = 0; |
|
466 while ( certcount ) |
|
467 { |
|
468 if ( !iCertStoreEntries[i] ) |
|
469 { |
|
470 // Remove element placeholder from array |
|
471 iCertStoreEntries.Remove( i ); |
|
472 } |
|
473 else |
|
474 { |
|
475 i++; |
|
476 } |
|
477 certcount--; |
|
478 } |
|
479 iCertStoreEntries.Compress(); |
|
480 iPhase = EMakeObjects; |
|
481 TRequestStatus* status = &iStatus; |
|
482 User::RequestComplete( status, KErrNone ); |
|
483 SetActive(); |
|
484 } |
|
485 else // Something went wrong (or call was cancelled) with |
|
486 // iUnifiedCertStore->List(...) |
|
487 { |
|
488 FreeUnifiedKeyStore(); |
|
489 FreeUnifiedCertStore(); |
|
490 iPhase = EIdle; |
|
491 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
492 } |
|
493 } |
|
494 |
|
495 // ----------------------------------------------------------------------------- |
|
496 // void CWimAuthenticationObject::DoMakeObjectsL() |
|
497 // Protected objects are validated here |
|
498 // ----------------------------------------------------------------------------- |
|
499 // |
|
500 void CWimAuthenticationObject::DoMakeObjectsL() |
|
501 { |
|
502 _WIMTRACE ( _L( "CWimAuthenticationObject::DoMakeObjectsL()" ) ); |
|
503 if ( iStatus.Int() == KErrNone ) // Not cancelled |
|
504 { |
|
505 TInt count = iKeyInfos.Count(); |
|
506 TInt i = 0; |
|
507 for ( ; i < count; i++ ) |
|
508 { |
|
509 // Make a copy of key info |
|
510 HBufC* wlabel = HBufC::NewLC( ( iKeyInfos )[i]->Label().Length() ); |
|
511 wlabel->Des().Copy( ( iKeyInfos )[i]->Label() ); |
|
512 // Make a copy of protector if there is |
|
513 MCTAuthenticationObject* protector = NULL; |
|
514 if ( iKeyInfos[i]->Protector() ) |
|
515 { |
|
516 TUint thishandle = iKeyInfos[i]->Protector()-> |
|
517 Handle().iObjectId; |
|
518 |
|
519 //All the key list here is protected by this Authobj |
|
520 if( this->Handle().iObjectId == thishandle ) |
|
521 { |
|
522 protector = MakeAuthObjectL(); |
|
523 } |
|
524 |
|
525 else |
|
526 { |
|
527 return; |
|
528 } |
|
529 |
|
530 |
|
531 if ( protector ) |
|
532 { |
|
533 CleanupStack::PushL( protector ); |
|
534 } |
|
535 } |
|
536 #ifdef __SECURITY_PLATSEC_ARCH__ |
|
537 CCTKeyInfo* copy = |
|
538 CCTKeyInfo::NewL( ( iKeyInfos ) [i]->ID(), |
|
539 ( iKeyInfos ) [i]->Usage(), |
|
540 ( iKeyInfos ) [i]->Size(), |
|
541 protector, |
|
542 wlabel, |
|
543 ( iKeyInfos ) [i]->Token(), |
|
544 ( iKeyInfos ) [i]->Handle().iObjectId, |
|
545 ( iKeyInfos ) [i]->UsePolicy(), |
|
546 ( iKeyInfos ) [i]->ManagementPolicy(), |
|
547 ( iKeyInfos ) [i]->Algorithm(), |
|
548 ( iKeyInfos ) [i]->AccessType(), |
|
549 ( iKeyInfos ) [i]->Native(), |
|
550 ( iKeyInfos ) [i]->StartDate(), |
|
551 ( iKeyInfos ) [i]->EndDate() ); |
|
552 #else |
|
553 CCTKeyInfo* copy = |
|
554 CCTKeyInfo::NewL( ( iKeyInfos ) [i]->ID(), |
|
555 ( iKeyInfos ) [i]->Usage(), |
|
556 ( iKeyInfos ) [i]->Size(), |
|
557 protector, |
|
558 wlabel, |
|
559 ( iKeyInfos ) [i]->Token(), |
|
560 ( iKeyInfos ) [i]->Handle().iObjectId, |
|
561 ( iKeyInfos ) [i]->Owner(), |
|
562 ( iKeyInfos ) [i]->Users(), |
|
563 ( iKeyInfos ) [i]->Algorithm(), |
|
564 ( iKeyInfos ) [i]->AccessType(), |
|
565 ( iKeyInfos ) [i]->Native(), |
|
566 ( iKeyInfos ) [i]->StartDate(), |
|
567 ( iKeyInfos ) [i]->EndDate() ); |
|
568 #endif |
|
569 // Call Release() for copy, if leave occurs |
|
570 CleanupReleasePushL( *copy ); |
|
571 // Take MCTokenObject part of it and append it to client |
|
572 MCTTokenObject* obj = copy; |
|
573 User::LeaveIfError( iObjects->Append ( obj ) ); |
|
574 CleanupStack::Pop( copy ); |
|
575 if ( protector ) |
|
576 { |
|
577 CleanupStack::Pop( protector ); |
|
578 } |
|
579 CleanupStack::Pop( wlabel ); |
|
580 } |
|
581 count = iCertStoreEntries.Count(); |
|
582 for ( i = 0; i < count; i++ ) |
|
583 { |
|
584 // Make a copy of certificate info |
|
585 |
|
586 CCTCertInfo* copy = CCTCertInfo::NewLC( *iCertStoreEntries [i] ); |
|
587 MCTTokenObject* obj = copy; |
|
588 User::LeaveIfError( iObjects->Append ( obj ) ); |
|
589 CleanupStack::Pop( copy ); |
|
590 } |
|
591 } |
|
592 FreeUnifiedKeyStore(); |
|
593 FreeUnifiedCertStore(); |
|
594 iPhase = EIdle; |
|
595 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
596 } |
|
597 |
|
598 // ----------------------------------------------------------------------------- |
|
599 // void CWimAuthenticationObject::MakeAuthObjectL() |
|
600 // Leavable function for making authenticaton objects |
|
601 // ----------------------------------------------------------------------------- |
|
602 // |
|
603 MCTAuthenticationObject* |
|
604 CWimAuthenticationObject::MakeAuthObjectL() |
|
605 { |
|
606 _WIMTRACE ( _L( "CWimAuthenticationObject::MakeAuthObjectL()" ) ); |
|
607 |
|
608 CWimAuthenticationObject* me = |
|
609 CWimAuthenticationObject::NewLC( this->TokenWider(), |
|
610 this->PinModule(), |
|
611 this->Label(), |
|
612 this->Type(), |
|
613 this->Handle().iObjectId, |
|
614 this->Status() ); |
|
615 CleanupStack::Pop( me ); |
|
616 return me; |
|
617 } |
|
618 |
|
619 // ----------------------------------------------------------------------------- |
|
620 // void CWimAuthenticationObject::FreeUnifiedKeyStore() |
|
621 // Frees key storage resources. |
|
622 // ----------------------------------------------------------------------------- |
|
623 // |
|
624 void CWimAuthenticationObject::FreeUnifiedKeyStore() |
|
625 { |
|
626 _WIMTRACE ( _L( "CWimAuthenticationObject::FreeUnifiedKeyStore()" ) ); |
|
627 if ( iUnifiedKeyStore ) |
|
628 { |
|
629 iKeyInfos.Close(); |
|
630 delete iUnifiedKeyStore; |
|
631 iUnifiedKeyStore = 0; |
|
632 } |
|
633 iPhase = EIdle; |
|
634 } |
|
635 |
|
636 // ----------------------------------------------------------------------------- |
|
637 // void CWimAuthenticationObject::FreeUnifiedCertStore() |
|
638 // Frees certificate storage resources. |
|
639 // ----------------------------------------------------------------------------- |
|
640 // |
|
641 void CWimAuthenticationObject::FreeUnifiedCertStore() |
|
642 { |
|
643 if ( iUnifiedCertStore ) |
|
644 { |
|
645 iCertStoreEntries.Close(); |
|
646 delete iUnifiedCertStore; |
|
647 iUnifiedCertStore = NULL; |
|
648 } |
|
649 } |
|
650 // ----------------------------------------------------------------------------- |
|
651 // void CWimAuthenticationObject::RunError() |
|
652 // Unexpected error in RunL (e.g. Leave) leads us here. |
|
653 // ----------------------------------------------------------------------------- |
|
654 // |
|
655 TInt CWimAuthenticationObject::RunError( TInt aError ) |
|
656 { |
|
657 _WIMTRACE ( _L( "CWimAuthenticationObject::RunError()" ) ); |
|
658 FreeUnifiedKeyStore(); |
|
659 FreeUnifiedCertStore(); |
|
660 iPhase = EIdle; |
|
661 User::RequestComplete( iOriginalRequestStatus, aError ); |
|
662 return KErrNone; |
|
663 } |
|
664 |
|
665 // ----------------------------------------------------------------------------- |
|
666 // void CWimAuthenticationObject::DoCancel() |
|
667 // |
|
668 // ----------------------------------------------------------------------------- |
|
669 // |
|
670 void CWimAuthenticationObject::DoCancel() |
|
671 { |
|
672 _WIMTRACE ( _L( "CWimAuthenticationObject::DoCancel()" ) ); |
|
673 |
|
674 if ( iUnifiedKeyStore ) |
|
675 { |
|
676 switch ( iPhase ) |
|
677 { |
|
678 case EGetKeyInfos: |
|
679 { |
|
680 if ( iUnifiedKeyStore->IsActive() ) |
|
681 { |
|
682 iUnifiedKeyStore->CancelInitialize(); |
|
683 } |
|
684 break; |
|
685 } |
|
686 case EFilterKeys: |
|
687 { |
|
688 if ( iUnifiedKeyStore->IsActive() ) |
|
689 { |
|
690 iUnifiedKeyStore->CancelList(); |
|
691 } |
|
692 break; |
|
693 } |
|
694 default: |
|
695 { |
|
696 break; |
|
697 } |
|
698 } |
|
699 } |
|
700 |
|
701 if ( iUnifiedCertStore ) |
|
702 { |
|
703 switch ( iPhase ) |
|
704 { |
|
705 case EInitCertStore: |
|
706 { |
|
707 if ( iUnifiedCertStore->IsActive() ) |
|
708 { |
|
709 iUnifiedCertStore->CancelInitialize(); |
|
710 } |
|
711 break; |
|
712 } |
|
713 case EListCertEntries: |
|
714 { |
|
715 if ( iUnifiedCertStore->IsActive() ) |
|
716 { |
|
717 iUnifiedCertStore->CancelList(); |
|
718 } |
|
719 break; |
|
720 } |
|
721 default: |
|
722 { |
|
723 // Other phases won't cause any action |
|
724 break; |
|
725 } |
|
726 } |
|
727 } |
|
728 |
|
729 switch ( iPhase ) |
|
730 { |
|
731 case EEnablePinQuery: |
|
732 { |
|
733 PinModule().CancelEnablePinQuery(); |
|
734 break; |
|
735 } |
|
736 case EDisablePinQuery: |
|
737 { |
|
738 PinModule().CancelDisablePinQuery(); |
|
739 break; |
|
740 } |
|
741 case EChangePin: |
|
742 { |
|
743 PinModule().CancelChangePin(); |
|
744 break; |
|
745 } |
|
746 case EUnblockPin: |
|
747 { |
|
748 PinModule().CancelUnblockPin(); |
|
749 break; |
|
750 } |
|
751 case EVerifyPin: |
|
752 { |
|
753 PinModule().CancelVerifyPin(); |
|
754 break; |
|
755 } |
|
756 default: break; |
|
757 } |
|
758 |
|
759 |
|
760 FreeUnifiedKeyStore(); |
|
761 FreeUnifiedCertStore(); |
|
762 iPhase = EIdle; |
|
763 User::RequestComplete( iOriginalRequestStatus, KErrCancel ); |
|
764 } |
|
765 |
|
766 // ----------------------------------------------------------------------------- |
|
767 // CWimAuthenticationObject::CancelListProtectedObjects() |
|
768 // Cancels an ongoing ListProtectedObjects operation. |
|
769 // ----------------------------------------------------------------------------- |
|
770 // |
|
771 void CWimAuthenticationObject::CancelListProtectedObjects() |
|
772 { |
|
773 _WIMTRACE ( _L( "CWimAuthenticationObject::CancelListProtectedObjects()" ) ); |
|
774 |
|
775 if ( TokenRemoved() ) |
|
776 { |
|
777 return; |
|
778 } |
|
779 |
|
780 Cancel(); |
|
781 } |
|
782 |
|
783 // ----------------------------------------------------------------------------- |
|
784 // CWimAuthenticationObject::ChangeReferenceData() |
|
785 // Change the reference data (e.g. PIN value). |
|
786 // ----------------------------------------------------------------------------- |
|
787 // |
|
788 void CWimAuthenticationObject::ChangeReferenceData( TRequestStatus& aStatus ) |
|
789 { |
|
790 _WIMTRACE ( _L( "CWimAuthenticationObject::ChangeReferenceData()" ) ); |
|
791 |
|
792 if ( !EnteringAllowed( aStatus ) ) |
|
793 { |
|
794 return; |
|
795 } |
|
796 |
|
797 PinModule().ChangePin( iStatus ); |
|
798 iPhase = EChangePin; |
|
799 SetActive(); |
|
800 } |
|
801 |
|
802 // ----------------------------------------------------------------------------- |
|
803 // CWimAuthenticationObject::CancelListProtectedObjects() |
|
804 // Cancel an ongoing ChangeReferenceData operation. |
|
805 // ----------------------------------------------------------------------------- |
|
806 // |
|
807 void CWimAuthenticationObject::CancelChangeReferenceData() |
|
808 { |
|
809 _WIMTRACE ( _L( "CWimAuthenticationObject::CancelChangeReferenceData()" ) ); |
|
810 |
|
811 if ( TokenRemoved() ) |
|
812 { |
|
813 return; |
|
814 } |
|
815 |
|
816 Cancel(); |
|
817 } |
|
818 |
|
819 // ----------------------------------------------------------------------------- |
|
820 // CWimAuthenticationObject::Unblock() |
|
821 // Unblock the authentication object. |
|
822 // ----------------------------------------------------------------------------- |
|
823 // |
|
824 void CWimAuthenticationObject::Unblock( TRequestStatus& aStatus ) |
|
825 { |
|
826 _WIMTRACE ( _L( "CWimAuthenticationObject::Unblock()" ) ); |
|
827 |
|
828 if ( !EnteringAllowed( aStatus ) ) |
|
829 { |
|
830 return; |
|
831 } |
|
832 |
|
833 PinModule().UnblockPin( iStatus ); |
|
834 iPhase = EUnblockPin; |
|
835 SetActive(); |
|
836 } |
|
837 |
|
838 // ----------------------------------------------------------------------------- |
|
839 // CWimAuthenticationObject::CancelUnblock() |
|
840 // Cancel an ongoing Unblock operation. |
|
841 // ----------------------------------------------------------------------------- |
|
842 // |
|
843 void CWimAuthenticationObject::CancelUnblock() |
|
844 { |
|
845 _WIMTRACE ( _L( "CWimAuthenticationObject::CancelUnblock()" ) ); |
|
846 |
|
847 if ( TokenRemoved() ) |
|
848 { |
|
849 return; |
|
850 } |
|
851 |
|
852 Cancel(); |
|
853 } |
|
854 |
|
855 // ----------------------------------------------------------------------------- |
|
856 // CWimAuthenticationObject::Status() |
|
857 // Get the status of the authentication object. |
|
858 // Values are as in enum TCTAuthenticationStatus. Note: Blocked information |
|
859 // is not available before authentication object is verified. |
|
860 // ----------------------------------------------------------------------------- |
|
861 // |
|
862 TUint32 CWimAuthenticationObject::Status() const |
|
863 { |
|
864 _WIMTRACE ( _L( "CWimAuthenticationObject::Status()" ) ); |
|
865 |
|
866 if ( iToken.TokenListener()->TokenStatus() != KRequestPending ) |
|
867 { |
|
868 return 0; |
|
869 } |
|
870 |
|
871 return PinModule().PinStatus(); |
|
872 } |
|
873 |
|
874 // ----------------------------------------------------------------------------- |
|
875 // CWimAuthenticationObject::Disable() |
|
876 // Disables the authentication object. This means that authentication data is |
|
877 // is not asked for any operations. Note: Disabling requires authentication data |
|
878 // to be entered. |
|
879 // ----------------------------------------------------------------------------- |
|
880 // |
|
881 void CWimAuthenticationObject::Disable( TRequestStatus& aStatus ) |
|
882 { |
|
883 _WIMTRACE ( _L( "CWimAuthenticationObject::Disable()" ) ); |
|
884 |
|
885 |
|
886 if ( !EnteringAllowed( aStatus ) ) |
|
887 { |
|
888 return; |
|
889 } |
|
890 |
|
891 PinModule().DisablePinQuery( iStatus ); |
|
892 iPhase = EDisablePinQuery; |
|
893 SetActive(); |
|
894 } |
|
895 |
|
896 // ----------------------------------------------------------------------------- |
|
897 // CWimAuthenticationObject::CancelDisable() |
|
898 // Cancel an ongoing Disable operation. |
|
899 // ----------------------------------------------------------------------------- |
|
900 // |
|
901 void CWimAuthenticationObject::CancelDisable() |
|
902 { |
|
903 _WIMTRACE ( _L( "CWimAuthenticationObject::CancelDisable()" ) ); |
|
904 |
|
905 if ( TokenRemoved() ) |
|
906 { |
|
907 return; |
|
908 } |
|
909 |
|
910 Cancel(); |
|
911 } |
|
912 |
|
913 // ----------------------------------------------------------------------------- |
|
914 // CWimAuthenticationObject::Enable() |
|
915 // Enables the authentication object. This means that authentication data is |
|
916 // is asked for certain operations. Note: Enabling requires authentication data |
|
917 // to be entered. |
|
918 // ----------------------------------------------------------------------------- |
|
919 // |
|
920 void CWimAuthenticationObject::Enable( TRequestStatus& aStatus ) |
|
921 { |
|
922 _WIMTRACE ( _L( "CWimAuthenticationObject::Enable()" ) ); |
|
923 |
|
924 if ( !EnteringAllowed( aStatus ) ) |
|
925 { |
|
926 return; |
|
927 } |
|
928 |
|
929 PinModule().EnablePinQuery( iStatus ); |
|
930 iPhase = EEnablePinQuery; |
|
931 SetActive(); |
|
932 } |
|
933 |
|
934 // ----------------------------------------------------------------------------- |
|
935 // CWimAuthenticationObject::CancelEnable() |
|
936 // Cancel an ongoing Enable operation. |
|
937 // ----------------------------------------------------------------------------- |
|
938 // |
|
939 void CWimAuthenticationObject::CancelEnable() |
|
940 { |
|
941 _WIMTRACE ( _L( "CWimAuthenticationObject::CancelEnable()" ) ); |
|
942 |
|
943 if ( TokenRemoved() ) |
|
944 { |
|
945 return; |
|
946 } |
|
947 |
|
948 Cancel(); |
|
949 } |
|
950 |
|
951 // ----------------------------------------------------------------------------- |
|
952 // CWimAuthenticationObject::Open() |
|
953 // Opens the authentication object, meaning that the protected objects can be |
|
954 // accessed without provoking the authentication mechanism for the duration of |
|
955 // the timeout period. Note. It is not strictly necessary to call this function, |
|
956 // as the authentication object will be opened when any operation that needs it |
|
957 // to be opened is called, but it is sometimes useful to control the timing of |
|
958 // authentication dialogs. Note also that this function will do nothing if the |
|
959 // authentication object is open, or if it authentication object requires |
|
960 // the authentication |
|
961 // ----------------------------------------------------------------------------- |
|
962 // |
|
963 void CWimAuthenticationObject::Open( TRequestStatus& aStatus ) |
|
964 { |
|
965 _WIMTRACE ( _L( "CWimAuthenticationObject::Open()" ) ); |
|
966 |
|
967 if ( !EnteringAllowed( aStatus ) ) |
|
968 { |
|
969 return; |
|
970 } |
|
971 |
|
972 if ( this->Type().iUid == WIM_PIN_G_UID ) // If this is a Pin-G |
|
973 { |
|
974 TBool wimopen = iToken.WimSecModule()->IsOpen(); |
|
975 if ( !wimopen ) |
|
976 { |
|
977 if( iToken.WimSecModule()->CloseAfter() != 0 ) |
|
978 { |
|
979 PinModule().VerifyPin( iStatus ); |
|
980 iPhase = EVerifyPin; |
|
981 SetActive(); |
|
982 } |
|
983 else |
|
984 { |
|
985 User::RequestComplete( iOriginalRequestStatus, KErrNone ); |
|
986 } |
|
987 |
|
988 } |
|
989 else |
|
990 { |
|
991 User::RequestComplete( iOriginalRequestStatus, KErrNone ); |
|
992 } |
|
993 } |
|
994 else |
|
995 { |
|
996 User::RequestComplete( iOriginalRequestStatus, KErrNotSupported ); |
|
997 } |
|
998 } |
|
999 |
|
1000 // ----------------------------------------------------------------------------- |
|
1001 // CWimAuthenticationObject::Close() |
|
1002 // Closes an authentication object. After this call authentication data is |
|
1003 // needed again for certain operations. |
|
1004 // ----------------------------------------------------------------------------- |
|
1005 // |
|
1006 void CWimAuthenticationObject::Close( TRequestStatus& aStatus ) |
|
1007 { |
|
1008 _WIMTRACE ( _L( "CWimAuthenticationObject::Close()" ) ); |
|
1009 TInt err = KErrNone; |
|
1010 |
|
1011 if ( !EnteringAllowed( aStatus ) ) |
|
1012 { |
|
1013 return; |
|
1014 } |
|
1015 |
|
1016 if ( this->Type().iUid == WIM_PIN_G_UID ) // If this is a Pin-G |
|
1017 { |
|
1018 TBool wimopen = iToken.WimSecModule()->IsOpen(); |
|
1019 if ( wimopen ) |
|
1020 { |
|
1021 err = iToken.WimSecModule()->Close(); |
|
1022 } |
|
1023 } |
|
1024 else |
|
1025 { |
|
1026 err = KErrNotSupported; |
|
1027 } |
|
1028 User::RequestComplete( iOriginalRequestStatus, err ); |
|
1029 } |
|
1030 |
|
1031 // ----------------------------------------------------------------------------- |
|
1032 // CWimAuthenticationObject::TimeRemaining() |
|
1033 // Returns the amount of time in seconds that the authentication object |
|
1034 // will remain open for, or 0 if it is closed. |
|
1035 // ----------------------------------------------------------------------------- |
|
1036 void CWimAuthenticationObject::TimeRemaining( TInt& aStime, |
|
1037 TRequestStatus& aStatus ) |
|
1038 { |
|
1039 _WIMTRACE ( _L( "CWimAuthenticationObject::TimeRemaining()" ) ); |
|
1040 TInt ret = KErrNone; |
|
1041 aStime = 0; |
|
1042 |
|
1043 if ( !EnteringAllowed( aStatus ) ) |
|
1044 { |
|
1045 return; |
|
1046 } |
|
1047 |
|
1048 if ( this->Type().iUid == WIM_PIN_G_UID ) // If this is a Pin-G |
|
1049 { |
|
1050 TBool wimopen = iToken.WimSecModule()->IsOpen(); |
|
1051 if ( wimopen ) |
|
1052 { |
|
1053 aStime = iToken.WimSecModule()->CloseAfter(); |
|
1054 } |
|
1055 } |
|
1056 else |
|
1057 { |
|
1058 ret = KErrNotSupported; |
|
1059 } |
|
1060 User::RequestComplete( iOriginalRequestStatus, ret ); |
|
1061 } |
|
1062 |
|
1063 // ----------------------------------------------------------------------------- |
|
1064 // CWimAuthenticationObject::SetTimeout() |
|
1065 // Sets the time in seconds for this authentication object. Non-positive |
|
1066 // special values is 0, meaning always ask, and -1, meaning until it's |
|
1067 // explicitly closed. |
|
1068 // ----------------------------------------------------------------------------- |
|
1069 // |
|
1070 void CWimAuthenticationObject::SetTimeout( TInt aTimeout, |
|
1071 TRequestStatus& aStatus ) |
|
1072 { |
|
1073 _WIMTRACE ( _L( "CWimAuthenticationObject::SetTimeout()" ) ); |
|
1074 TInt ret = KErrNone; |
|
1075 |
|
1076 if ( !EnteringAllowed( aStatus ) ) |
|
1077 { |
|
1078 return; |
|
1079 } |
|
1080 |
|
1081 if ( this->Type().iUid == WIM_PIN_G_UID ) // If this is a Pin-G |
|
1082 { |
|
1083 if ( aTimeout >= -1 && aTimeout <= 2146 ) |
|
1084 { |
|
1085 iToken.WimSecModule()->SetCloseAfter( aTimeout ); |
|
1086 } |
|
1087 else |
|
1088 { |
|
1089 ret = KErrArgument; |
|
1090 } |
|
1091 } |
|
1092 else |
|
1093 { |
|
1094 ret = KErrNotSupported; |
|
1095 } |
|
1096 User::RequestComplete( iOriginalRequestStatus, ret ); |
|
1097 } |
|
1098 |
|
1099 // ----------------------------------------------------------------------------- |
|
1100 // CWimAuthenticationObject::Timeout() |
|
1101 // Gets the current timeout value, in seconds. See SetTimeout for an explanation |
|
1102 // of the values. |
|
1103 // ----------------------------------------------------------------------------- |
|
1104 // |
|
1105 void CWimAuthenticationObject::Timeout( TInt& aTime, |
|
1106 TRequestStatus& aStatus ) |
|
1107 { |
|
1108 _WIMTRACE ( _L( "CWimAuthenticationObject::Timeout()" ) ); |
|
1109 TInt ret = KErrNone; |
|
1110 |
|
1111 if ( !EnteringAllowed( aStatus ) ) |
|
1112 { |
|
1113 return; |
|
1114 } |
|
1115 |
|
1116 aTime = 0; |
|
1117 |
|
1118 if ( this->Type().iUid == WIM_PIN_G_UID ) // If this is a Pin-G |
|
1119 { |
|
1120 aTime = iToken.WimSecModule()->CloseAfter(); |
|
1121 } |
|
1122 else |
|
1123 { |
|
1124 ret = KErrNotSupported; |
|
1125 } |
|
1126 User::RequestComplete( iOriginalRequestStatus, ret ); |
|
1127 } |
|
1128 |
|
1129 // ----------------------------------------------------------------------------- |
|
1130 // CWimAuthenticationObject::EnteringAllowed() |
|
1131 // |
|
1132 // ----------------------------------------------------------------------------- |
|
1133 // |
|
1134 TBool CWimAuthenticationObject::EnteringAllowed( TRequestStatus& aStatus ) |
|
1135 { |
|
1136 _WIMTRACE ( _L( "CWimAuthenticationObject::EnteringAllowed()" ) ); |
|
1137 if ( TokenRemoved() ) |
|
1138 { |
|
1139 TRequestStatus* status = &aStatus; |
|
1140 User::RequestComplete( status, KErrHardwareNotAvailable ); |
|
1141 return EFalse; |
|
1142 } |
|
1143 |
|
1144 // If this active object is in running, don't accept entering |
|
1145 if ( IsActive() ) |
|
1146 { |
|
1147 // If the caller status is the same as the status, that activated |
|
1148 // this object, just return |
|
1149 if ( &aStatus == iOriginalRequestStatus ) |
|
1150 { |
|
1151 return EFalse; |
|
1152 } |
|
1153 else |
|
1154 { |
|
1155 // Otherwise complete it with error |
|
1156 TRequestStatus* status = &aStatus; |
|
1157 User::RequestComplete( status, KErrInUse ); |
|
1158 return EFalse; |
|
1159 } |
|
1160 } |
|
1161 else |
|
1162 { |
|
1163 iOriginalRequestStatus = &aStatus; |
|
1164 aStatus = KRequestPending; |
|
1165 return ETrue; |
|
1166 } |
|
1167 } |
|
1168 |
|
1169 // ----------------------------------------------------------------------------- |
|
1170 // CWimAuthenticationObject::TokenRemoved() |
|
1171 // Returns true or false indicating if token is removed |
|
1172 // ----------------------------------------------------------------------------- |
|
1173 // |
|
1174 TBool CWimAuthenticationObject::TokenRemoved() |
|
1175 { |
|
1176 _WIMTRACE ( _L( "CWimAuthenticationObject::TokenRemoved()" ) ); |
|
1177 |
|
1178 // If token listener is not alive, then token is removed |
|
1179 if ( iToken.TokenListener()->TokenStatus() != KRequestPending ) |
|
1180 { |
|
1181 return ETrue; |
|
1182 } |
|
1183 else |
|
1184 { |
|
1185 return EFalse; |
|
1186 } |
|
1187 } |
|
1188 |
|
1189 // End of File |