|
1 /* |
|
2 * Copyright (c) 2002 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Implementation of single certificate store interface |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 // INCLUDE FILES |
|
20 |
|
21 #include "WimCertStore.h" |
|
22 #include "WimCertConverter.h" |
|
23 #include "WimCertInfo.h" |
|
24 #include "WimTrustSettingsAPI.h" |
|
25 #include "WimTrace.h" |
|
26 #include "WimToken.h" |
|
27 #include "WimTokenListener.h" |
|
28 #include <unifiedkeystore.h> |
|
29 #include <ct.h> |
|
30 #include <x509cert.h> |
|
31 #include <x509certext.h> |
|
32 #include <wtlscert.h> |
|
33 #include <certificateapps.h> |
|
34 |
|
35 // ============================ MEMBER FUNCTIONS =============================== |
|
36 |
|
37 // ----------------------------------------------------------------------------- |
|
38 // CWimCertStore::CWimCertStore() |
|
39 // Default constructor |
|
40 // ----------------------------------------------------------------------------- |
|
41 // |
|
42 CWimCertStore::CWimCertStore( CWimToken& aToken ) |
|
43 : CActive( EPriorityNormal ), |
|
44 iToken( aToken ) |
|
45 { |
|
46 CActiveScheduler::Add( this ); |
|
47 } |
|
48 |
|
49 // ----------------------------------------------------------------------------- |
|
50 // CWimCertStore::NewL() |
|
51 // Two-phased constructor |
|
52 // ----------------------------------------------------------------------------- |
|
53 // |
|
54 CWimCertStore* CWimCertStore::NewL( CWimToken& aToken ) |
|
55 { |
|
56 _WIMTRACE ( _L( "CWimCertStore::NewL()" ) ); |
|
57 CWimCertStore* self = new( ELeave ) CWimCertStore( aToken ); |
|
58 CleanupStack::PushL( self ); |
|
59 self->ConstructL(); |
|
60 CleanupStack::Pop( self ); |
|
61 return self; |
|
62 } |
|
63 |
|
64 // ----------------------------------------------------------------------------- |
|
65 // CWimCertStore::ConstructL() |
|
66 // Instantiates converter, completes message |
|
67 // ----------------------------------------------------------------------------- |
|
68 // |
|
69 void CWimCertStore::ConstructL() |
|
70 { |
|
71 _WIMTRACE ( _L( "CWimCertStore::ConstructL()" ) ); |
|
72 iCWimCertConverter = CWimCertConverter::NewL( Token() ); |
|
73 // Open trust settings database |
|
74 iCWimTrustSettingsStore = CWimTrustSettingsAPI::NewL(); |
|
75 iPhase = EIdle; |
|
76 iPhaseOriginal = EIdle; |
|
77 } |
|
78 |
|
79 // ----------------------------------------------------------------------------- |
|
80 // CWimCertStore::~CWimCertStore() |
|
81 // Destructor |
|
82 // ----------------------------------------------------------------------------- |
|
83 // |
|
84 CWimCertStore::~CWimCertStore() |
|
85 { |
|
86 _WIMTRACE ( _L( "CWimCertStore::~CWimCertStore()" ) ); |
|
87 Cancel(); |
|
88 iKeyInfos.Close(); |
|
89 if ( iCerts ) |
|
90 { |
|
91 delete iCerts; |
|
92 } |
|
93 iCertInfos.ResetAndDestroy(); |
|
94 iCertsList = NULL; |
|
95 delete iUnifiedKeyStore; |
|
96 if ( iCWimTrustSettingsStore ) |
|
97 { |
|
98 iCWimTrustSettingsStore->Close(); |
|
99 } |
|
100 iOriginalRequestStatus = NULL; |
|
101 iFilter = NULL; |
|
102 iEncodedCert = NULL; |
|
103 if ( iCWimCertConverter ) |
|
104 { |
|
105 delete iCWimCertConverter; |
|
106 } |
|
107 |
|
108 if ( iOldTrusters ) |
|
109 { |
|
110 iOldTrusters->Close(); |
|
111 delete iOldTrusters; |
|
112 } |
|
113 } |
|
114 |
|
115 // ----------------------------------------------------------------------------- |
|
116 // CWimCertStore::Token() |
|
117 // Returns a reference to current token (MCTToken) of this certificate store |
|
118 // interface. Reference is created during construction. |
|
119 // ----------------------------------------------------------------------------- |
|
120 // |
|
121 MCTToken& CWimCertStore::Token() |
|
122 { |
|
123 _WIMTRACE ( _L( "CWimCertStore::Token()" ) ); |
|
124 return iToken; |
|
125 } |
|
126 |
|
127 // ----------------------------------------------------------------------------- |
|
128 // CWimCertStore::DoRelease() |
|
129 // Deletes this interface on demand. |
|
130 // ----------------------------------------------------------------------------- |
|
131 // |
|
132 void CWimCertStore::DoRelease() |
|
133 { |
|
134 _WIMTRACE ( _L( "CWimCertStore::DoRelease()" ) ); |
|
135 delete this; |
|
136 } |
|
137 |
|
138 // ----------------------------------------------------------------------------- |
|
139 // CWimCertStore::List() |
|
140 // Lists certificates according to filter parameter. |
|
141 // ----------------------------------------------------------------------------- |
|
142 // |
|
143 void CWimCertStore::List( RMPointerArray<CCTCertInfo>& aCertInfos, |
|
144 const CCertAttributeFilter& aFilter, |
|
145 TRequestStatus& aStatus ) |
|
146 { |
|
147 _WIMTRACE ( _L( "CWimCertStore::List()" ) ); |
|
148 |
|
149 if ( !EnteringAllowed( aStatus ) ) |
|
150 { |
|
151 return; |
|
152 } |
|
153 |
|
154 iCertsList = &aCertInfos; |
|
155 iFilter = &aFilter; |
|
156 |
|
157 if ( iFilter->iKeyUsage != EX509UsageAll ) |
|
158 { |
|
159 // We must ensure that in this case only user certs are allowed |
|
160 if ( iFilter->iOwnerTypeIsSet && |
|
161 iFilter->iOwnerType == EUserCertificate ) |
|
162 { |
|
163 // We have to initialize the unified key store because |
|
164 // in this phase we don't know if user certificates are found or not. |
|
165 // User certificate private key must be checked for usage reason |
|
166 if ( iUnifiedKeyStore ) |
|
167 { |
|
168 User::RequestComplete( iOriginalRequestStatus, KErrCorrupt ); |
|
169 } |
|
170 else |
|
171 { |
|
172 iFs = static_cast<CCTTokenType&>( Token().TokenType() ).Fs(); |
|
173 TRAPD( err, iUnifiedKeyStore = CUnifiedKeyStore::NewL( iFs ) ); |
|
174 |
|
175 if ( err != KErrNone ) |
|
176 { |
|
177 User::RequestComplete( iOriginalRequestStatus, err ); |
|
178 } |
|
179 else |
|
180 { |
|
181 iPhase = EGetKeyInfos; |
|
182 iUnifiedKeyStore->Initialize( iStatus ); |
|
183 SetActive(); |
|
184 } |
|
185 } |
|
186 } |
|
187 else |
|
188 { |
|
189 User::RequestComplete( iOriginalRequestStatus, KErrArgument ); |
|
190 } |
|
191 } |
|
192 else |
|
193 { |
|
194 iPhase = EList; |
|
195 iPhaseOriginal = EList; |
|
196 TRequestStatus* status = &iStatus; |
|
197 User::RequestComplete( status, KErrNone ); |
|
198 SetActive(); |
|
199 } |
|
200 } |
|
201 |
|
202 // ----------------------------------------------------------------------------- |
|
203 // CWimCertStore::CancelList() |
|
204 // Cancels issued List operation. Main functionality in DoCancel(). |
|
205 // ----------------------------------------------------------------------------- |
|
206 // |
|
207 void CWimCertStore::CancelList() |
|
208 { |
|
209 _WIMTRACE ( _L( "CWimCertStore::CancelList()" ) ); |
|
210 if ( TokenRemoved() ) |
|
211 { |
|
212 return; |
|
213 } |
|
214 Cancel(); |
|
215 } |
|
216 |
|
217 // ----------------------------------------------------------------------------- |
|
218 // CWimCertStore::GetCert() |
|
219 // Fetches one certificate info according to given handle. |
|
220 // ----------------------------------------------------------------------------- |
|
221 // |
|
222 void CWimCertStore::GetCert( CCTCertInfo*& aCertInfo, |
|
223 const TCTTokenObjectHandle& aHandle, |
|
224 TRequestStatus& aStatus ) |
|
225 { |
|
226 _WIMTRACE ( _L( "CWimCertStore::GetCert()" ) ); |
|
227 |
|
228 if ( !EnteringAllowed( aStatus ) ) |
|
229 { |
|
230 return; |
|
231 } |
|
232 |
|
233 if ( aHandle.iTokenHandle != Token().Handle() ) |
|
234 { |
|
235 User::RequestComplete( iOriginalRequestStatus, KErrBadHandle ); |
|
236 } |
|
237 else |
|
238 { |
|
239 iCertInfo = &aCertInfo; |
|
240 iHandle = &aHandle; |
|
241 iPhase = EGetCert; |
|
242 TRequestStatus* status = &iStatus; |
|
243 User::RequestComplete( status, KErrNone ); |
|
244 SetActive(); |
|
245 } |
|
246 } |
|
247 |
|
248 // ----------------------------------------------------------------------------- |
|
249 // CWimCertStore::DoGetCert() |
|
250 // Fetches one certificate |
|
251 // ----------------------------------------------------------------------------- |
|
252 // |
|
253 void CWimCertStore::DoGetCert() |
|
254 { |
|
255 _WIMTRACE ( _L( "CWimCertStore::DoGetCert()" ) ); |
|
256 |
|
257 TInt err = KErrNotFound; |
|
258 TRAP( err, *iCertInfo = |
|
259 CCTCertInfo::NewL( iCerts->EntryByHandleL ( iHandle->iObjectId ) ) ); |
|
260 User::RequestComplete( iOriginalRequestStatus, err ); |
|
261 } |
|
262 |
|
263 // ----------------------------------------------------------------------------- |
|
264 // CWimCertStore::CancelGetCert() |
|
265 // Cancels issued GetCert operation. Main functionality in DoCancel(). |
|
266 // ----------------------------------------------------------------------------- |
|
267 // |
|
268 void CWimCertStore::CancelGetCert() |
|
269 { |
|
270 _WIMTRACE ( _L( "CWimCertStore::CancelGetCert()" ) ); |
|
271 Cancel(); |
|
272 } |
|
273 |
|
274 // ----------------------------------------------------------------------------- |
|
275 // CWimCertStore::Applications() |
|
276 // Lists the applications of a certificate. Applications are represented by UIDs |
|
277 // ----------------------------------------------------------------------------- |
|
278 // |
|
279 void CWimCertStore::Applications( const CCTCertInfo& aCertInfo, |
|
280 RArray<TUid>& aApplications, |
|
281 TRequestStatus& aStatus ) |
|
282 { |
|
283 _WIMTRACE ( _L( "CWimCertStore::Applications()" ) ); |
|
284 |
|
285 if ( !EnteringAllowed( aStatus ) ) |
|
286 { |
|
287 return; |
|
288 } |
|
289 |
|
290 iCertInfoReadOnly = &aCertInfo; |
|
291 iApplications = &aApplications; |
|
292 iPhase = EApplications; |
|
293 TRequestStatus* status = &iStatus; |
|
294 User::RequestComplete( status, KErrNone ); |
|
295 SetActive(); |
|
296 } |
|
297 |
|
298 // ----------------------------------------------------------------------------- |
|
299 // CWimCertStore::DoApplications() |
|
300 // Fetch all certificate's applications |
|
301 // ----------------------------------------------------------------------------- |
|
302 // |
|
303 void CWimCertStore::DoApplications() |
|
304 { |
|
305 _WIMTRACE ( _L( "CWimCertStore::DoApplications()" ) ); |
|
306 |
|
307 TInt err = KErrNone; |
|
308 TInt index = iCerts->Index( *iCertInfoReadOnly ); |
|
309 |
|
310 if ( index != KErrNotFound ) |
|
311 { |
|
312 const RArray<TUid>& apps = iCerts->Mapping( index )->CertificateApps(); |
|
313 TInt end = apps.Count(); |
|
314 for ( TInt i = 0; ( i < end ) && ( err == KErrNone ); i++ ) |
|
315 { |
|
316 err = iApplications->Append( apps[i] ); |
|
317 } |
|
318 } |
|
319 else |
|
320 { |
|
321 err = index; |
|
322 } |
|
323 |
|
324 if ( err != KErrNone ) |
|
325 { |
|
326 iApplications->Reset(); |
|
327 } |
|
328 User::RequestComplete( iOriginalRequestStatus, err ); |
|
329 } |
|
330 // ----------------------------------------------------------------------------- |
|
331 // CWimCertStore::CancelApplications() |
|
332 // Cancels issued Applications operation. Main functionality in DoCancel(). |
|
333 // ----------------------------------------------------------------------------- |
|
334 // |
|
335 void CWimCertStore::CancelApplications() |
|
336 { |
|
337 _WIMTRACE ( _L( "CWimCertStore::CancelApplications()" ) ); |
|
338 Cancel(); |
|
339 } |
|
340 |
|
341 // ----------------------------------------------------------------------------- |
|
342 // CWimCertStore::IsApplicable() |
|
343 // Checks if a particular certificate is applicable to a particular application. |
|
344 // ----------------------------------------------------------------------------- |
|
345 // |
|
346 void CWimCertStore::IsApplicable( const CCTCertInfo& aCertInfo, |
|
347 TUid aApplication, |
|
348 TBool& aIsApplicable, |
|
349 TRequestStatus& aStatus ) |
|
350 { |
|
351 _WIMTRACE ( _L( "CWimCertStore::IsApplicable()" ) ); |
|
352 |
|
353 if ( !EnteringAllowed( aStatus ) ) |
|
354 { |
|
355 return; |
|
356 } |
|
357 |
|
358 iCertInfoReadOnly = &aCertInfo; |
|
359 iApplication = aApplication; |
|
360 iIsApplicable = &aIsApplicable; |
|
361 iPhase = EIsApplicable; |
|
362 TRequestStatus* status = &iStatus; |
|
363 User::RequestComplete( status, KErrNone ); |
|
364 SetActive(); |
|
365 } |
|
366 |
|
367 // ----------------------------------------------------------------------------- |
|
368 // CWimCertStore::DoIsApplicable() |
|
369 // Match given application to certificate's application |
|
370 // ----------------------------------------------------------------------------- |
|
371 // |
|
372 void CWimCertStore::DoIsApplicable() |
|
373 { |
|
374 _WIMTRACE ( _L( "CWimCertStore::DoIsApplicable()" ) ); |
|
375 |
|
376 TInt index = iCerts->Index( *iCertInfoReadOnly ); |
|
377 if ( index != KErrNotFound ) |
|
378 { |
|
379 const RArray<TUid>& apps = iCerts->Mapping( index )->CertificateApps(); |
|
380 TInt end = apps.Count(); |
|
381 TInt i = 0; |
|
382 for ( ; i < end; i++ ) |
|
383 { |
|
384 if ( apps[i] == iApplication ) |
|
385 { |
|
386 i = end + 1; // This completes loop but differentiates from |
|
387 // normal end condition |
|
388 } |
|
389 } |
|
390 if ( i == end ) |
|
391 { |
|
392 *iIsApplicable = EFalse; |
|
393 } |
|
394 else |
|
395 { |
|
396 *iIsApplicable = ETrue; |
|
397 } |
|
398 index = KErrNone; |
|
399 } |
|
400 User::RequestComplete( iOriginalRequestStatus, index ); |
|
401 } |
|
402 |
|
403 // ----------------------------------------------------------------------------- |
|
404 // CWimCertStore::CancelIsApplicable() |
|
405 // Cancels issued IsApplicable operation. Main functionality in DoCancel(). |
|
406 // ----------------------------------------------------------------------------- |
|
407 // |
|
408 void CWimCertStore::CancelIsApplicable() |
|
409 { |
|
410 _WIMTRACE ( _L( "CWimCertStore::CancelIsApplicable()" ) ); |
|
411 Cancel(); |
|
412 } |
|
413 |
|
414 // ----------------------------------------------------------------------------- |
|
415 // CWimCertStore::Trusted() |
|
416 // Returns a parameter with true or false, if a certificate is trusted. |
|
417 // Trust is only meaningful for CA certificates where it means that the |
|
418 // certificate can be used as a trust root for the purposes |
|
419 // of certificate validation. |
|
420 // ----------------------------------------------------------------------------- |
|
421 // |
|
422 void CWimCertStore::Trusted( const CCTCertInfo& aCertInfo, |
|
423 TBool& aTrusted, |
|
424 TRequestStatus& aStatus ) |
|
425 { |
|
426 _WIMTRACE ( _L( "CWimCertStore::Trusted()" ) ); |
|
427 |
|
428 if ( !EnteringAllowed( aStatus ) ) |
|
429 { |
|
430 return; |
|
431 } |
|
432 |
|
433 iCertInfoReadOnly = &aCertInfo; |
|
434 iTrustedCert = &aTrusted; |
|
435 iPhase = ETrusted; |
|
436 TRequestStatus* status = &iStatus; |
|
437 User::RequestComplete( status, KErrNone ); |
|
438 SetActive(); |
|
439 } |
|
440 |
|
441 // ----------------------------------------------------------------------------- |
|
442 // CWimCertStore::DoTrusted() |
|
443 // |
|
444 // ----------------------------------------------------------------------------- |
|
445 // |
|
446 void CWimCertStore::DoTrusted() |
|
447 { |
|
448 _WIMTRACE ( _L( "CWimCertStore::DoTrusted()" ) ); |
|
449 |
|
450 TInt index = iCerts->Index( *iCertInfoReadOnly ); |
|
451 if ( index != KErrNotFound ) |
|
452 { |
|
453 *iTrustedCert = iCerts->Mapping( index )->Trusted(); |
|
454 index = KErrNone; |
|
455 } |
|
456 |
|
457 User::RequestComplete( iOriginalRequestStatus, index ); |
|
458 } |
|
459 |
|
460 // ----------------------------------------------------------------------------- |
|
461 // CWimCertStore::CancelTrusted() |
|
462 // Cancels issued Trusted operation. Main functionality in DoCancel(). |
|
463 // ----------------------------------------------------------------------------- |
|
464 // |
|
465 void CWimCertStore::CancelTrusted() |
|
466 { |
|
467 _WIMTRACE ( _L( "CWimCertStore::CancelTrusted()" ) ); |
|
468 Cancel(); |
|
469 } |
|
470 |
|
471 // ----------------------------------------------------------------------------- |
|
472 // CWimCertStore::Retrieve() |
|
473 // Retrieves all the data of the certificate. |
|
474 // ----------------------------------------------------------------------------- |
|
475 // |
|
476 void CWimCertStore::Retrieve( const CCTCertInfo& aCertInfo, |
|
477 TDes8& aEncodedCert, |
|
478 TRequestStatus& aStatus ) |
|
479 { |
|
480 _WIMTRACE ( _L( "CWimCertStore::Retrieve()" ) ); |
|
481 |
|
482 if ( !EnteringAllowed( aStatus ) ) |
|
483 { |
|
484 return; |
|
485 } |
|
486 |
|
487 iCertInfoReadOnly = &aCertInfo; |
|
488 iEncodedCert = &aEncodedCert; |
|
489 iPhase = ERetrieve; |
|
490 TRequestStatus* status = &iStatus; |
|
491 User::RequestComplete( status, KErrNone ); |
|
492 SetActive(); |
|
493 } |
|
494 |
|
495 // ----------------------------------------------------------------------------- |
|
496 // CWimCertStore::DoRetrieve() |
|
497 // Retrieves all the data of the certificate. |
|
498 // ----------------------------------------------------------------------------- |
|
499 // |
|
500 void CWimCertStore::DoRetrieve() |
|
501 { |
|
502 _WIMTRACE ( _L( "CWimCertStore::DoRetrieve()" ) ); |
|
503 |
|
504 // Let's get the index of certificate info |
|
505 // Index used as handle in WimClient in order to locate this certificate |
|
506 iCertIndex = iCerts->Index( *iCertInfoReadOnly ); |
|
507 |
|
508 if ( iCertIndex == KErrNotFound ) |
|
509 { |
|
510 User::RequestComplete( iOriginalRequestStatus, KErrNotFound ); |
|
511 } |
|
512 else |
|
513 { |
|
514 iPhase = ERetrieveFromWim; |
|
515 TRequestStatus* status = &iStatus; |
|
516 User::RequestComplete( status, KErrNone ); |
|
517 SetActive(); |
|
518 } |
|
519 } |
|
520 |
|
521 // ----------------------------------------------------------------------------- |
|
522 // CWimCertStore::CancelRetrieve() |
|
523 // Cancels issued Retrieve operation and informs converter to stop. |
|
524 // ----------------------------------------------------------------------------- |
|
525 // |
|
526 void CWimCertStore::CancelRetrieve() |
|
527 { |
|
528 _WIMTRACE ( _L( "CWimCertStore::CancelRetrieve()" ) ); |
|
529 Cancel(); |
|
530 } |
|
531 |
|
532 // ----------------------------------------------------------------------------- |
|
533 // void CWimCertStore::Add() |
|
534 // Adds a certificate to the WIM store. |
|
535 // ----------------------------------------------------------------------------- |
|
536 // |
|
537 void CWimCertStore::Add( const TDesC& aLabel, |
|
538 TCertificateFormat aFormat, |
|
539 TCertificateOwnerType aCertificateOwnerType, |
|
540 const TKeyIdentifier* aSubjectKeyId, |
|
541 const TKeyIdentifier* aIssuerKeyId, |
|
542 const TDesC8& aCert, |
|
543 TRequestStatus& aStatus ) |
|
544 { |
|
545 _WIMTRACE ( _L( "CWimCertStore::Add()" ) ); |
|
546 |
|
547 if ( !EnteringAllowed( aStatus ) ) |
|
548 { |
|
549 return; |
|
550 } |
|
551 |
|
552 // Label must be |
|
553 if ( aLabel.Length() == 0 ) |
|
554 { |
|
555 User::RequestComplete( iOriginalRequestStatus, KErrArgument ); |
|
556 return; |
|
557 } |
|
558 |
|
559 switch ( aCertificateOwnerType ) |
|
560 { |
|
561 case ECACertificate: |
|
562 { |
|
563 break; |
|
564 } |
|
565 case EUserCertificate: |
|
566 { |
|
567 break; |
|
568 } |
|
569 case EPeerCertificate: |
|
570 { |
|
571 break; |
|
572 } |
|
573 default: |
|
574 { |
|
575 User::RequestComplete( iOriginalRequestStatus, KErrArgument ); |
|
576 return; |
|
577 } |
|
578 } |
|
579 |
|
580 iKeyFilter.iKeyId = KNullDesC8; |
|
581 iKeyFilter.iUsage = ( TKeyUsagePKCS15 )0; |
|
582 iLabel = &aLabel; |
|
583 iFormat = aFormat; |
|
584 iCertificateOwnerType = aCertificateOwnerType; |
|
585 |
|
586 if ( aSubjectKeyId && ( *aSubjectKeyId != KNullDesC8 ) ) |
|
587 { |
|
588 iSubjectKeyId = aSubjectKeyId; |
|
589 } |
|
590 else |
|
591 { |
|
592 iSubjectKeyId = 0; |
|
593 } |
|
594 |
|
595 iIssuerKeyId = aIssuerKeyId; |
|
596 iCert = &aCert; |
|
597 |
|
598 TRAPD( err, ComputeAndCheckSubjectKeyIdL() ); |
|
599 |
|
600 if ( err != KErrNone ) |
|
601 { |
|
602 User::RequestComplete( iOriginalRequestStatus, err ); |
|
603 return; |
|
604 } |
|
605 |
|
606 if ( aCertificateOwnerType == EUserCertificate ) |
|
607 { |
|
608 if ( iUnifiedKeyStore ) // Should never happen |
|
609 { |
|
610 User::RequestComplete( iOriginalRequestStatus, KErrCorrupt ); |
|
611 } |
|
612 else |
|
613 { |
|
614 iFs = static_cast<CCTTokenType&>( Token().TokenType() ).Fs(); |
|
615 |
|
616 TRAPD( err2, iUnifiedKeyStore = CUnifiedKeyStore::NewL( iFs ) ); |
|
617 if ( err2 != KErrNone ) |
|
618 { |
|
619 User::RequestComplete( iOriginalRequestStatus, err2 ); |
|
620 } |
|
621 else |
|
622 { |
|
623 iPhase = EGetCorrespondingPrivateKey; |
|
624 iUnifiedKeyStore->Initialize( iStatus ); |
|
625 SetActive(); |
|
626 } |
|
627 } |
|
628 } |
|
629 else |
|
630 { |
|
631 iPhase = EAdd; |
|
632 TRequestStatus* status = &iStatus; |
|
633 User::RequestComplete( status, KErrNone ); |
|
634 SetActive(); |
|
635 } |
|
636 } |
|
637 |
|
638 // ----------------------------------------------------------------------------- |
|
639 // void CWimCertStore::DoAdd() |
|
640 // Adds a certificate to the WIM store. |
|
641 // ----------------------------------------------------------------------------- |
|
642 // |
|
643 void CWimCertStore::DoAdd() |
|
644 { |
|
645 _WIMTRACE ( _L( "CWimCertStore::DoAdd()" ) ); |
|
646 |
|
647 // Check that certificate label don't already exist |
|
648 TInt iend = iCerts->Count(); |
|
649 for ( TInt i = 0; i < iend; i++ ) |
|
650 { |
|
651 if ( iCerts->Entry( i ).Label() == *iLabel ) |
|
652 { |
|
653 User::RequestComplete( iOriginalRequestStatus, KErrBadName ); |
|
654 return; |
|
655 } |
|
656 } |
|
657 iPhase = EAddToWim; |
|
658 TRequestStatus* status = &iStatus; |
|
659 User::RequestComplete( status, KErrNone ); |
|
660 SetActive(); |
|
661 } |
|
662 |
|
663 // ----------------------------------------------------------------------------- |
|
664 // CWimCertStore::ComputeAndCheckSubjectKeyIdL() |
|
665 // Computes subject key id |
|
666 // ----------------------------------------------------------------------------- |
|
667 // |
|
668 void CWimCertStore::ComputeAndCheckSubjectKeyIdL() |
|
669 { |
|
670 _WIMTRACE ( _L( "CWimCertStore::ComputeAndCheckSubjectKeyIdL()" ) ); |
|
671 switch ( iFormat ) |
|
672 { |
|
673 case EX509Certificate: |
|
674 { |
|
675 CX509Certificate* cert = CX509Certificate::NewLC( *iCert ); |
|
676 const CX509CertExtension* ext = cert->Extension( KKeyUsage ); |
|
677 if ( ext ) |
|
678 { |
|
679 CX509KeyUsageExt* keyUsageExt = |
|
680 CX509KeyUsageExt::NewLC( ext->Data() ); |
|
681 if ( keyUsageExt->IsSet( EX509DigitalSignature ) ) |
|
682 { |
|
683 iKeyFilter.iUsage = |
|
684 ( TKeyUsagePKCS15 ) |
|
685 ( iKeyFilter.iUsage | EX509UsageDigitalSignature ); |
|
686 } |
|
687 if ( keyUsageExt->IsSet( EX509NonRepudiation ) ) |
|
688 { |
|
689 iKeyFilter.iUsage = |
|
690 ( TKeyUsagePKCS15 ) |
|
691 ( iKeyFilter.iUsage | EX509UsageNonRepudiation ); |
|
692 } |
|
693 if ( keyUsageExt->IsSet( EX509KeyEncipherment ) ) |
|
694 { |
|
695 iKeyFilter.iUsage = |
|
696 ( TKeyUsagePKCS15 ) |
|
697 ( iKeyFilter.iUsage | EX509UsageKeyEncipherment ); |
|
698 } |
|
699 if ( keyUsageExt->IsSet( EX509DataEncipherment ) ) |
|
700 { |
|
701 iKeyFilter.iUsage = |
|
702 ( TKeyUsagePKCS15 ) |
|
703 ( iKeyFilter.iUsage | EX509UsageDataEncipherment ); |
|
704 } |
|
705 if ( keyUsageExt->IsSet( EX509KeyAgreement ) ) |
|
706 { |
|
707 iKeyFilter.iUsage = |
|
708 ( TKeyUsagePKCS15 ) |
|
709 ( iKeyFilter.iUsage | EX509UsageKeyAgreement ); |
|
710 } |
|
711 if ( keyUsageExt->IsSet( EX509KeyCertSign ) ) |
|
712 { |
|
713 iKeyFilter.iUsage = |
|
714 ( TKeyUsagePKCS15 ) |
|
715 ( iKeyFilter.iUsage | EX509UsageKeyCertSign ); |
|
716 } |
|
717 if ( keyUsageExt->IsSet( EX509CRLSign ) ) |
|
718 { |
|
719 iKeyFilter.iUsage = |
|
720 ( TKeyUsagePKCS15 ) |
|
721 ( iKeyFilter.iUsage | EX509UsageCRLSign ); |
|
722 } |
|
723 if ( keyUsageExt->IsSet( EX509EncipherOnly ) ) |
|
724 { |
|
725 iKeyFilter.iUsage = |
|
726 ( TKeyUsagePKCS15 ) |
|
727 ( iKeyFilter.iUsage | EX509UsageEncipherOnly ); |
|
728 } |
|
729 if ( keyUsageExt->IsSet( EX509DecipherOnly ) ) |
|
730 { |
|
731 iKeyFilter.iUsage = |
|
732 ( TKeyUsagePKCS15 ) |
|
733 ( iKeyFilter.iUsage | EX509UsageDecipherOnly ); |
|
734 } |
|
735 |
|
736 CleanupStack::PopAndDestroy( keyUsageExt ); |
|
737 } |
|
738 iComputedSubjectKeyId = cert->KeyIdentifierL(); |
|
739 if ( !iSubjectKeyId ) |
|
740 { |
|
741 iSubjectKeyId = &iComputedSubjectKeyId; |
|
742 } |
|
743 else if ( iComputedSubjectKeyId.Compare( *iSubjectKeyId ) ) |
|
744 { |
|
745 User::Leave( KErrArgument ); |
|
746 } |
|
747 CleanupStack::PopAndDestroy( cert ); |
|
748 break; |
|
749 } |
|
750 case EWTLSCertificate: |
|
751 { |
|
752 CCertificate* cert = CWTLSCertificate::NewLC( *iCert ); |
|
753 iComputedSubjectKeyId = cert->KeyIdentifierL(); |
|
754 if ( !iSubjectKeyId ) |
|
755 { |
|
756 iSubjectKeyId = &iComputedSubjectKeyId; |
|
757 } |
|
758 else if ( iComputedSubjectKeyId.Compare( *iSubjectKeyId ) ) |
|
759 { |
|
760 User::Leave( KErrArgument ); |
|
761 } |
|
762 CleanupStack::PopAndDestroy( cert ); |
|
763 break; |
|
764 } |
|
765 case EX509CertificateUrl: |
|
766 { |
|
767 iKeyFilter.iUsage = EPKCS15UsageAll; |
|
768 if ( !iSubjectKeyId ) |
|
769 { |
|
770 User::Leave( KErrArgument ); |
|
771 } |
|
772 break; |
|
773 } |
|
774 default: |
|
775 { |
|
776 User::Leave( KErrNotSupported ); |
|
777 break; |
|
778 } |
|
779 } |
|
780 } |
|
781 |
|
782 // ----------------------------------------------------------------------------- |
|
783 // CWimCertStore::CancelAdd() |
|
784 // Cancels issued Add operation and informs converter to stop. |
|
785 // ----------------------------------------------------------------------------- |
|
786 // |
|
787 void CWimCertStore::CancelAdd() |
|
788 { |
|
789 _WIMTRACE ( _L( "CWimCertStore::CancelAdd()" ) ); |
|
790 Cancel(); |
|
791 } |
|
792 |
|
793 // ----------------------------------------------------------------------------- |
|
794 // CWimCertStore::Remove() |
|
795 // Removes a certificate from WIM store |
|
796 // ----------------------------------------------------------------------------- |
|
797 // |
|
798 void CWimCertStore::Remove( const CCTCertInfo& aCertInfo, |
|
799 TRequestStatus& aStatus ) |
|
800 { |
|
801 _WIMTRACE ( _L( "CWimCertStore::Remove()" ) ); |
|
802 |
|
803 if ( !EnteringAllowed( aStatus ) ) |
|
804 { |
|
805 return; |
|
806 } |
|
807 |
|
808 iCertInfoReadOnly = &aCertInfo; |
|
809 iPhase = ERemove; |
|
810 TRequestStatus* status = &iStatus; |
|
811 User::RequestComplete( status, KErrNone ); |
|
812 SetActive(); |
|
813 } |
|
814 |
|
815 // ----------------------------------------------------------------------------- |
|
816 // CWimCertStore::DoRemove() |
|
817 // Removes a certificate from WIM store |
|
818 // ----------------------------------------------------------------------------- |
|
819 // |
|
820 void CWimCertStore::DoRemove() |
|
821 { |
|
822 _WIMTRACE ( _L( "CWimCertStore::DoRemove()" ) ); |
|
823 |
|
824 TInt index = iCerts->Index( *iCertInfoReadOnly ); |
|
825 // Check that given certificate info exists |
|
826 if ( index == KErrNotFound ) |
|
827 { |
|
828 User::RequestComplete( iOriginalRequestStatus, KErrNotFound ); |
|
829 return; |
|
830 } |
|
831 |
|
832 CWimCertStoreMapping* mapping = iCerts->Mapping( index ); |
|
833 |
|
834 if ( !mapping ) |
|
835 { |
|
836 User::RequestComplete( iOriginalRequestStatus, KErrNotFound ); |
|
837 return; |
|
838 } |
|
839 |
|
840 // Is certificate deletable? |
|
841 |
|
842 const CCTCertInfo& certInfo = iCerts->Entry( index ); |
|
843 |
|
844 if ( !certInfo.IsDeletable() ) |
|
845 { |
|
846 User::RequestComplete( iOriginalRequestStatus, KErrAccessDenied ); |
|
847 return; |
|
848 } |
|
849 |
|
850 // This index is used in the next phase when deleting certificate from Wim |
|
851 iCertIndex = index; |
|
852 iPhase = EDeleteFromWim; |
|
853 TRequestStatus* status = &iStatus; |
|
854 User::RequestComplete( status, KErrNone ); |
|
855 SetActive(); |
|
856 } |
|
857 |
|
858 // ----------------------------------------------------------------------------- |
|
859 // CWimCertStore::CancelRemove() |
|
860 // Cancels ongoing certificate removal. |
|
861 // ----------------------------------------------------------------------------- |
|
862 // |
|
863 void CWimCertStore::CancelRemove() |
|
864 { |
|
865 _WIMTRACE ( _L( "CWimCertStore::CancelRemove()" ) ); |
|
866 Cancel(); |
|
867 } |
|
868 |
|
869 // ----------------------------------------------------------------------------- |
|
870 // void CWimCertStore::SetApplicability() |
|
871 // Replaces the current applicability settings with the settings |
|
872 // in the supplied array. |
|
873 // ----------------------------------------------------------------------------- |
|
874 // |
|
875 void CWimCertStore::SetApplicability( const CCTCertInfo& aCertInfo, |
|
876 #ifdef __SECURITY_PLATSEC_ARCH__ |
|
877 const RArray<TUid>& aTrusters, |
|
878 #else |
|
879 RArray<TUid>* aTrusters, |
|
880 #endif |
|
881 TRequestStatus& aStatus ) |
|
882 { |
|
883 _WIMTRACE ( _L( "CWimCertStore::SetApplicability()" ) ); |
|
884 |
|
885 if ( !EnteringAllowed( aStatus ) ) |
|
886 { |
|
887 return; |
|
888 } |
|
889 |
|
890 TRAPD( err, CheckApplicabilityL( aTrusters ) ); |
|
891 |
|
892 if ( err == KErrNone ) |
|
893 { |
|
894 iCertInfoReadOnly = &aCertInfo; |
|
895 |
|
896 #ifdef __SECURITY_PLATSEC_ARCH__ |
|
897 iApplications = new RArray<TUid>; |
|
898 if ( iApplications ) |
|
899 { |
|
900 for ( TInt i = 0; i < aTrusters.Count(); i++ ) |
|
901 { |
|
902 iApplications->Append( aTrusters[i] ); |
|
903 } |
|
904 } |
|
905 else |
|
906 { |
|
907 User::RequestComplete( iOriginalRequestStatus, KErrNoMemory ); |
|
908 } |
|
909 #else |
|
910 iApplications = aTrusters; |
|
911 #endif |
|
912 |
|
913 iPhase = ESetApplicability; |
|
914 TRequestStatus* status = &iStatus; |
|
915 User::RequestComplete( status, KErrNone ); |
|
916 SetActive(); |
|
917 } |
|
918 else |
|
919 { |
|
920 User::RequestComplete( iOriginalRequestStatus, err ); |
|
921 } |
|
922 } |
|
923 |
|
924 // ----------------------------------------------------------------------------- |
|
925 // void CWimCertStore::DoSetApplicability() |
|
926 // Replaces the current applicability settings with the settings |
|
927 // in the supplied array. |
|
928 // ----------------------------------------------------------------------------- |
|
929 // |
|
930 void CWimCertStore::DoSetApplicability() |
|
931 { |
|
932 _WIMTRACE ( _L( "CWimCertStore::DoSetApplicability()" ) ); |
|
933 |
|
934 TRAPD( err, DoSetApplicabilityL() ); |
|
935 if ( err != KErrNone ) |
|
936 { |
|
937 #ifdef __SECURITY_PLATSEC_ARCH__ |
|
938 iApplications->Close(); |
|
939 delete iApplications; |
|
940 iApplications = NULL; |
|
941 #endif |
|
942 User::RequestComplete( iOriginalRequestStatus, err ); |
|
943 } |
|
944 } |
|
945 |
|
946 // ----------------------------------------------------------------------------- |
|
947 // void CWimCertStore::CheckApplicabilityL() |
|
948 // Check that given applications exist |
|
949 // ----------------------------------------------------------------------------- |
|
950 // |
|
951 void CWimCertStore::CheckApplicabilityL( |
|
952 #ifdef __SECURITY_PLATSEC_ARCH__ |
|
953 const RArray<TUid>& aTrusters |
|
954 #else |
|
955 RArray<TUid>* aTrusters |
|
956 #endif |
|
957 ) |
|
958 { |
|
959 _WIMTRACE ( _L( "CWimCertStore::CheckApplicabilityL()" ) ); |
|
960 |
|
961 #ifndef __SECURITY_PLATSEC_ARCH__ |
|
962 TCleanupItem cleanupTrusters( CWimCertStore::CleanTrustersArray, aTrusters ); |
|
963 CleanupStack::PushL( cleanupTrusters ); |
|
964 #endif |
|
965 // Let's fetch application infos from file this device supports |
|
966 iFs = static_cast<CCTTokenType&>( Token().TokenType() ).Fs(); |
|
967 CCertificateAppInfoManager* appInfoManager = |
|
968 CCertificateAppInfoManager::NewLC( iFs, EFalse ); |
|
969 // Take references to those application infos |
|
970 const RArray<TCertificateAppInfo>& applications = |
|
971 appInfoManager->Applications(); |
|
972 // Chcek that given new applications exists in supported applications |
|
973 #ifdef __SECURITY_PLATSEC_ARCH__ |
|
974 TInt count1 = aTrusters.Count(); |
|
975 #else |
|
976 TInt count1 = aTrusters->Count(); |
|
977 #endif |
|
978 |
|
979 TInt count2 = applications.Count(); |
|
980 TInt i = 0; |
|
981 for ( ; i < count1; i++ ) |
|
982 { |
|
983 TInt j = 0; |
|
984 for ( ; j < count2; j++ ) |
|
985 { |
|
986 #ifdef __SECURITY_PLATSEC_ARCH__ |
|
987 if ( aTrusters[i] == applications[j].Id() ) // Match found |
|
988 #else |
|
989 if ( ( *aTrusters)[i] == applications[j].Id() ) // Match found |
|
990 #endif |
|
991 |
|
992 { |
|
993 j = count2 + 1; // This stops loop but differentiates from |
|
994 // normal end ( j == count2 ) |
|
995 } |
|
996 } |
|
997 if ( j == count2 ) // Some of the given application does not exist |
|
998 { |
|
999 User::Leave( KErrArgument ); |
|
1000 } |
|
1001 } |
|
1002 |
|
1003 // Application info not needed anymore |
|
1004 CleanupStack::PopAndDestroy( appInfoManager ); |
|
1005 #ifndef __SECURITY_PLATSEC_ARCH__ |
|
1006 CleanupStack::Pop(); |
|
1007 #endif |
|
1008 } |
|
1009 |
|
1010 // ----------------------------------------------------------------------------- |
|
1011 // void CWimCertStore::CleanTrustersArray() |
|
1012 // Deletes array of trusters. |
|
1013 // ----------------------------------------------------------------------------- |
|
1014 // |
|
1015 void CWimCertStore::CleanTrustersArray( TAny* aTrusters ) |
|
1016 { |
|
1017 RArray<TUid>* array = reinterpret_cast< RArray<TUid>* >( aTrusters ); |
|
1018 array->Close(); |
|
1019 delete array; |
|
1020 } |
|
1021 |
|
1022 // ----------------------------------------------------------------------------- |
|
1023 // void CWimCertStore::DoSetApplicabilityL() |
|
1024 // Replaces the current applicability settings with the settings |
|
1025 // in the supplied array. |
|
1026 // ----------------------------------------------------------------------------- |
|
1027 // |
|
1028 void CWimCertStore::DoSetApplicabilityL() |
|
1029 { |
|
1030 _WIMTRACE ( _L( "CWimCertStore::DoSetApplicabilityL()" ) ); |
|
1031 |
|
1032 TCleanupItem cleanupTrusters( CWimCertStore::CleanTrustersArray, iApplications ); |
|
1033 CleanupStack::PushL( cleanupTrusters ); |
|
1034 |
|
1035 // Check that given certificate info exists |
|
1036 TInt index = iCerts->Index( *iCertInfoReadOnly ); |
|
1037 if ( index == KErrNotFound ) |
|
1038 { |
|
1039 User::Leave( index ); |
|
1040 } |
|
1041 |
|
1042 // The idea behind next operation is to keep old applications in safe |
|
1043 // until they are succesfully replaced with given new applications |
|
1044 |
|
1045 // Take a pointer to mapping |
|
1046 CWimCertStoreMapping* mapping = iCerts->Mapping( index ); |
|
1047 // Check that mapping is found |
|
1048 if ( !mapping ) |
|
1049 { |
|
1050 User::Leave( KErrNotFound ); |
|
1051 } |
|
1052 // Take a reference to old applications |
|
1053 const RArray<TUid>& trusters = mapping->CertificateApps(); |
|
1054 |
|
1055 // Copy old applications to recently created new pointer array |
|
1056 if ( iOldTrusters ) |
|
1057 { |
|
1058 // There can be old trusters if next leaving function has leaved |
|
1059 // last time |
|
1060 iOldTrusters->Close(); |
|
1061 delete iOldTrusters; |
|
1062 iOldTrusters = NULL; |
|
1063 } |
|
1064 |
|
1065 iOldTrusters = new( ELeave ) RArray<TUid>; |
|
1066 TInt end = trusters.Count(); |
|
1067 for ( TInt i = 0; i < end; i++ ) |
|
1068 { |
|
1069 User::LeaveIfError( iOldTrusters->Append( trusters[i] ) ); |
|
1070 } |
|
1071 // Set new applications to mapping. This replaces old ones |
|
1072 mapping->SetCertificateAppsL( iApplications ); |
|
1073 |
|
1074 // In this phase old applications are in oldTrusted |
|
1075 // and new applications are in mapping |
|
1076 // Now we must update TrustSettingStore to make applications permanent |
|
1077 iStatus = KRequestPending; |
|
1078 iPhase = EWaitSetApplicability; |
|
1079 iCWimTrustSettingsStore->SetApplicability( *iCertInfos[index], |
|
1080 *iApplications, |
|
1081 iStatus ); |
|
1082 SetActive(); |
|
1083 |
|
1084 CleanupStack::Pop(); |
|
1085 } |
|
1086 |
|
1087 // ----------------------------------------------------------------------------- |
|
1088 // void CWimCertStore::CancelSetApplicability() |
|
1089 // Cancels an ongoing operation. The operation will be |
|
1090 // completed with KErrCancel if it was cancelled |
|
1091 // ----------------------------------------------------------------------------- |
|
1092 // |
|
1093 void CWimCertStore::CancelSetApplicability() |
|
1094 { |
|
1095 _WIMTRACE ( _L( "CWimCertStore::CancelSetApplicability()" ) ); |
|
1096 Cancel(); |
|
1097 } |
|
1098 |
|
1099 // ----------------------------------------------------------------------------- |
|
1100 // void CWimCertStore::SetTrust() |
|
1101 // Changes the trust settings. A CA certificate is trusted if the |
|
1102 // user is willing to use it for authenticating servers. It has no |
|
1103 // meaning with other types of certificates. |
|
1104 // ----------------------------------------------------------------------------- |
|
1105 // |
|
1106 void CWimCertStore::SetTrust( const CCTCertInfo& aCertInfo, |
|
1107 TBool aTrusted, |
|
1108 TRequestStatus& aStatus ) |
|
1109 { |
|
1110 _WIMTRACE ( _L( "CWimCertStore::SetTrust()" ) ); |
|
1111 |
|
1112 if ( !EnteringAllowed( aStatus ) ) |
|
1113 { |
|
1114 return; |
|
1115 } |
|
1116 |
|
1117 switch ( aTrusted ) |
|
1118 { |
|
1119 case EFalse: |
|
1120 { |
|
1121 break; |
|
1122 } |
|
1123 case ETrue: |
|
1124 { |
|
1125 break; |
|
1126 } |
|
1127 default: |
|
1128 { |
|
1129 User::RequestComplete( iOriginalRequestStatus, KErrArgument ); |
|
1130 return; |
|
1131 } |
|
1132 } |
|
1133 |
|
1134 iCertInfoReadOnly = &aCertInfo; |
|
1135 iTrustedValue = aTrusted; |
|
1136 iPhase = ESetTrust; |
|
1137 TRequestStatus* status = &iStatus; |
|
1138 User::RequestComplete( status, KErrNone ); |
|
1139 SetActive(); |
|
1140 } |
|
1141 |
|
1142 // ----------------------------------------------------------------------------- |
|
1143 // void CWimCertStore::DoSetTrust() |
|
1144 // Changes the trust settings. |
|
1145 // ----------------------------------------------------------------------------- |
|
1146 // |
|
1147 void CWimCertStore::DoSetTrust() |
|
1148 { |
|
1149 _WIMTRACE ( _L( "CWimCertStore::DoSetTrust()" ) ); |
|
1150 TRAPD( err, DoSetTrustL() ); |
|
1151 |
|
1152 if ( err != KErrNone ) |
|
1153 { |
|
1154 User::RequestComplete( iOriginalRequestStatus, err ); |
|
1155 } |
|
1156 } |
|
1157 |
|
1158 // ----------------------------------------------------------------------------- |
|
1159 // void CWimCertStore::DoSetTrustL() |
|
1160 // Changes the trust settings. |
|
1161 // ----------------------------------------------------------------------------- |
|
1162 // |
|
1163 void CWimCertStore::DoSetTrustL() |
|
1164 { |
|
1165 _WIMTRACE ( _L( "CWimCertStore::DoSetTrustL()" ) ); |
|
1166 // Check that given certificate info exists |
|
1167 TInt index = iCerts->Index( *iCertInfoReadOnly ); |
|
1168 if ( index == KErrNotFound ) |
|
1169 { |
|
1170 User::Leave( index ); |
|
1171 } |
|
1172 |
|
1173 CWimCertStoreMapping* mapping = iCerts->Mapping( index ); |
|
1174 // Check that mapping is found |
|
1175 if ( !mapping ) |
|
1176 { |
|
1177 User::Leave( KErrNotFound ); |
|
1178 } |
|
1179 // Save old trust value for back up reason |
|
1180 iOldTrusted = mapping->Trusted(); |
|
1181 // Set new trust value |
|
1182 const_cast<CWimCertStoreMapping*>( mapping )->SetTrusted( iTrusted ); |
|
1183 // In this phase old trust value is in iOldTrusted |
|
1184 // and new value is in mapping |
|
1185 // Now we must update TrustSettingStore to make trust value permanent |
|
1186 iPhase = EWaitSetTrust; |
|
1187 iStatus = KRequestPending; |
|
1188 iCWimTrustSettingsStore->SetTrust( *iCertInfos[index], |
|
1189 iTrusted, |
|
1190 iStatus ); |
|
1191 SetActive(); |
|
1192 } |
|
1193 |
|
1194 // ----------------------------------------------------------------------------- |
|
1195 // void CWimCertStore::CancelSetTrust() |
|
1196 // Cancels an ongoing SetTrust operation. |
|
1197 // ----------------------------------------------------------------------------- |
|
1198 // |
|
1199 void CWimCertStore::CancelSetTrust() |
|
1200 { |
|
1201 _WIMTRACE ( _L( "CWimCertStore::CancelSetTrust()" ) ); |
|
1202 Cancel(); |
|
1203 } |
|
1204 |
|
1205 // ----------------------------------------------------------------------------- |
|
1206 // void CWimCertStore::RunL() |
|
1207 // The first thing is to ensure that certificates are read from WIM |
|
1208 // ----------------------------------------------------------------------------- |
|
1209 // |
|
1210 void CWimCertStore::RunL() |
|
1211 { |
|
1212 _WIMTRACE3( _L( "CWimCertStore::RunL()| iStatus=%d, iPhase=%d" ), iStatus.Int(), iPhase ); |
|
1213 if ( !iCerts && |
|
1214 iPhase != EList && |
|
1215 iPhase != EInitializeGetCertList && |
|
1216 iPhase != EInitializeLoadMappings && |
|
1217 iPhase != EGetKeyInfos ) |
|
1218 { |
|
1219 iPhaseOriginal = iPhase; |
|
1220 iPhase = EList; |
|
1221 TRequestStatus* status = &iStatus; |
|
1222 User::RequestComplete( status, KErrNone ); |
|
1223 SetActive(); |
|
1224 } |
|
1225 else |
|
1226 { |
|
1227 switch ( iPhase ) |
|
1228 { |
|
1229 case EInitializeGetCertList: |
|
1230 { |
|
1231 DoInitializeGetCertListL(); |
|
1232 break; |
|
1233 } |
|
1234 case EInitializeLoadMappings: |
|
1235 { |
|
1236 DoInitializeLoadMappingsL(); |
|
1237 break; |
|
1238 } |
|
1239 case EInitializeLoadTrustSettingsStart: |
|
1240 { |
|
1241 DoInitializeLoadTrustSettingsStartL(); |
|
1242 break; |
|
1243 } |
|
1244 case EInitializeLoadTrustSettingsWait: |
|
1245 { |
|
1246 DoInitializeLoadTrustSettingsWaitL(); |
|
1247 break; |
|
1248 } |
|
1249 case EGetKeyInfos: |
|
1250 { |
|
1251 DoGetKeyInfos(); |
|
1252 break; |
|
1253 } |
|
1254 case EList: |
|
1255 { |
|
1256 DoList(); |
|
1257 break; |
|
1258 } |
|
1259 case EListGo: |
|
1260 { |
|
1261 DoListGoL(); |
|
1262 break; |
|
1263 } |
|
1264 case EGetCert: |
|
1265 { |
|
1266 DoGetCert(); |
|
1267 break; |
|
1268 } |
|
1269 case EApplications: |
|
1270 { |
|
1271 DoApplications(); |
|
1272 break; |
|
1273 } |
|
1274 case EIsApplicable: |
|
1275 { |
|
1276 DoIsApplicable(); |
|
1277 break; |
|
1278 } |
|
1279 case ETrusted: |
|
1280 { |
|
1281 DoTrusted(); |
|
1282 break; |
|
1283 } |
|
1284 case ESetApplicability: |
|
1285 { |
|
1286 DoSetApplicability(); |
|
1287 break; |
|
1288 } |
|
1289 case EWaitSetApplicability: |
|
1290 { |
|
1291 // If there is an error undo the change |
|
1292 if ( iStatus.Int() != KErrNone ) |
|
1293 { |
|
1294 TInt index = iCerts->Index( *iCertInfoReadOnly ); |
|
1295 // Take a pointer to mapping |
|
1296 CWimCertStoreMapping* mapping = iCerts->Mapping( index ); |
|
1297 // Set backed up trusters to mapping |
|
1298 mapping->SetCertificateAppsL( iOldTrusters ); |
|
1299 iOldTrusters = NULL; // Ownership moved to mapping |
|
1300 } |
|
1301 else // Delete old trusters array, it is not needed anymore |
|
1302 { |
|
1303 iOldTrusters->Close(); |
|
1304 delete iOldTrusters; |
|
1305 iOldTrusters = NULL; |
|
1306 } |
|
1307 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1308 break; |
|
1309 } |
|
1310 case ESetTrust: |
|
1311 { |
|
1312 DoSetTrust(); |
|
1313 break; |
|
1314 } |
|
1315 case EWaitSetTrust: |
|
1316 { |
|
1317 if ( iStatus.Int() != KErrNone ) |
|
1318 { |
|
1319 // Couldn't add changes to file, so restore old settings |
|
1320 TInt index = iCerts->Index( *iCertInfoReadOnly ); |
|
1321 CWimCertStoreMapping* mapping = iCerts->Mapping( index ); |
|
1322 mapping->SetTrusted( iOldTrusted ); |
|
1323 } |
|
1324 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1325 break; |
|
1326 } |
|
1327 case ERetrieve: |
|
1328 { |
|
1329 DoRetrieve(); |
|
1330 break; |
|
1331 } |
|
1332 case ERetrieveFromWim: |
|
1333 { |
|
1334 iPhase = ERetrieveWait; |
|
1335 iCWimCertConverter->RetrieveCertByIndexL( iCertIndex, |
|
1336 *iEncodedCert, |
|
1337 iStatus ); |
|
1338 SetActive(); |
|
1339 break; |
|
1340 } |
|
1341 case ERetrieveWait: |
|
1342 { |
|
1343 iPhase = EIdle; |
|
1344 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1345 break; |
|
1346 } |
|
1347 case EGetCorrespondingPrivateKey: |
|
1348 { |
|
1349 if ( iStatus.Int() == KErrNone ) |
|
1350 { |
|
1351 iKeyFilter.iKeyId = *iSubjectKeyId; |
|
1352 iUnifiedKeyStore->List( iKeyInfos, iKeyFilter, iStatus ); |
|
1353 iPhase = ECheckCorrespondingPrivateKey; |
|
1354 SetActive(); |
|
1355 } |
|
1356 else |
|
1357 { |
|
1358 iPhase = EIdle; |
|
1359 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1360 } |
|
1361 break; |
|
1362 } |
|
1363 case ECheckCorrespondingPrivateKey: |
|
1364 { |
|
1365 DoCheckCorrespondingPrivateKey(); |
|
1366 break; |
|
1367 } |
|
1368 case EAdd: |
|
1369 { |
|
1370 DoAdd(); |
|
1371 break; |
|
1372 } |
|
1373 case EAddToWim: |
|
1374 { |
|
1375 iPhase = ECheckAddToWim; |
|
1376 // Update last Wim cache |
|
1377 iCWimCertConverter->AddCertificate ( *iLabel, |
|
1378 iFormat, |
|
1379 iCertificateOwnerType, |
|
1380 *iSubjectKeyId, |
|
1381 *iIssuerKeyId, |
|
1382 *iCert, |
|
1383 iStatus ); |
|
1384 SetActive(); |
|
1385 break; |
|
1386 } |
|
1387 case ECheckAddToWim: |
|
1388 { |
|
1389 if ( iStatus.Int() == KErrNone ) |
|
1390 { |
|
1391 iPhase = EList; |
|
1392 iPhaseOriginal = ECompleteMessage; |
|
1393 TRequestStatus* status = &iStatus; |
|
1394 User::RequestComplete( status, KErrNone ); |
|
1395 SetActive(); |
|
1396 } |
|
1397 else |
|
1398 { |
|
1399 iPhase = EIdle; |
|
1400 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1401 } |
|
1402 break; |
|
1403 } |
|
1404 case ERemove: |
|
1405 { |
|
1406 DoRemove(); |
|
1407 break; |
|
1408 } |
|
1409 case EDeleteFromWim: |
|
1410 { |
|
1411 iPhase = ECheckDeleteFromWim; |
|
1412 // Update Wim cache |
|
1413 iCWimCertConverter->RemoveL( iCertIndex, iStatus ); |
|
1414 SetActive(); |
|
1415 break; |
|
1416 } |
|
1417 case ECheckDeleteFromWim: |
|
1418 { |
|
1419 DoCheckDeleteFromWim(); |
|
1420 break; |
|
1421 } |
|
1422 case EWaitRemoveTrustSettings: |
|
1423 { |
|
1424 if ( iStatus.Int() == KErrNone ) |
|
1425 { |
|
1426 iPhase = EList; |
|
1427 iPhaseOriginal = ECompleteMessage; |
|
1428 TRequestStatus* status = &iStatus; |
|
1429 User::RequestComplete( status, KErrNone ); |
|
1430 SetActive(); |
|
1431 } |
|
1432 else |
|
1433 { |
|
1434 iPhase = EIdle; |
|
1435 User::RequestComplete( iOriginalRequestStatus, |
|
1436 iStatus.Int() ); |
|
1437 } |
|
1438 break; |
|
1439 } |
|
1440 case ECompleteMessage: |
|
1441 { |
|
1442 iPhase = EIdle; |
|
1443 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1444 break; |
|
1445 } |
|
1446 default: |
|
1447 { |
|
1448 // Here we should not be |
|
1449 User::RequestComplete( iOriginalRequestStatus, KErrCorrupt ); |
|
1450 break; |
|
1451 } |
|
1452 } // switch |
|
1453 } // if |
|
1454 } |
|
1455 |
|
1456 // ----------------------------------------------------------------------------- |
|
1457 // void CWimCertStore::DoInitializeGetCertListL() |
|
1458 // Certificates are fetched from Wim |
|
1459 // ----------------------------------------------------------------------------- |
|
1460 // |
|
1461 void CWimCertStore::DoInitializeGetCertListL() |
|
1462 { |
|
1463 _WIMTRACE ( _L( "CWimCertStore::DoInitializeGetCertListL()" ) ); |
|
1464 iCertInfos.ResetAndDestroy(); |
|
1465 if ( iCWimCertConverter ) |
|
1466 { |
|
1467 delete iCWimCertConverter; |
|
1468 iCWimCertConverter = NULL; |
|
1469 } |
|
1470 iCWimCertConverter = CWimCertConverter::NewL( Token() ); |
|
1471 iStatus = KRequestPending; |
|
1472 // Call converter to fetch certificate infos from Wim |
|
1473 iPhase = EInitializeLoadMappings; |
|
1474 iCWimCertConverter->Restore( iCertInfos, iStatus ); |
|
1475 SetActive(); |
|
1476 } |
|
1477 |
|
1478 // ----------------------------------------------------------------------------- |
|
1479 // void CWimCertStore::DoInitializeLoadMappingsL() |
|
1480 // Load certificates into mappings |
|
1481 // ----------------------------------------------------------------------------- |
|
1482 // |
|
1483 void CWimCertStore::DoInitializeLoadMappingsL() |
|
1484 { |
|
1485 _WIMTRACE ( _L( "CWimCertStore::DoInitializeLoadMappingsL()" ) ); |
|
1486 if ( iStatus.Int() == KErrNone || iStatus.Int() == KErrNotFound ) |
|
1487 { |
|
1488 // Load certificate infos into mappings |
|
1489 LoadMappingsL(); |
|
1490 iCertIndex = 0; |
|
1491 if ( iCertInfos.Count() > 0 ) |
|
1492 { |
|
1493 iPhase = EInitializeLoadTrustSettingsStart; |
|
1494 } |
|
1495 else |
|
1496 { |
|
1497 iPhase = EListGo; |
|
1498 } |
|
1499 TRequestStatus* status = &iStatus; |
|
1500 User::RequestComplete( status, KErrNone ); |
|
1501 SetActive(); |
|
1502 } |
|
1503 else // Something went wrong with Restore or Cancel call was issued |
|
1504 { |
|
1505 FreeUnifiedKeyStore(); |
|
1506 iPhase = EIdle; |
|
1507 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1508 } |
|
1509 } |
|
1510 // ----------------------------------------------------------------------------- |
|
1511 // void CWimCertStore::DoInitializeLoadTrustSettingsStartL() |
|
1512 // Fetch trust settings for a certificate |
|
1513 // ----------------------------------------------------------------------------- |
|
1514 // |
|
1515 void CWimCertStore::DoInitializeLoadTrustSettingsStartL() |
|
1516 { |
|
1517 _WIMTRACE ( _L( "CWimCertStore::DoInitializeLoadTrustSettingsStartL()" ) ); |
|
1518 switch ( iStatus.Int() ) |
|
1519 { |
|
1520 case KErrNone: |
|
1521 { |
|
1522 // Application array is created here |
|
1523 // Ownership is transferred to CWimCertStoreMapping class |
|
1524 iCertificateApps = new( ELeave ) RArray<TUid>(); |
|
1525 iStatus = KRequestPending; |
|
1526 iCWimTrustSettingsStore-> |
|
1527 GetTrustSettings( *iCertInfos[iCertIndex], |
|
1528 iTrusted, |
|
1529 *iCertificateApps, |
|
1530 iStatus ); |
|
1531 iPhase = EInitializeLoadTrustSettingsWait; |
|
1532 SetActive(); |
|
1533 break; |
|
1534 } |
|
1535 case KErrArgument: |
|
1536 { |
|
1537 // Certificate data was corrupted. Skip default trustsettings. |
|
1538 if ( iCertIndex < iCerts->Count() - 1 ) |
|
1539 { |
|
1540 iCertIndex++; |
|
1541 iPhase = EInitializeLoadTrustSettingsStart; |
|
1542 } |
|
1543 else |
|
1544 { |
|
1545 iCertIndex = 0; |
|
1546 iPhase = EListGo; |
|
1547 } |
|
1548 TRequestStatus* status = &iStatus; |
|
1549 User::RequestComplete( status, KErrNone ); |
|
1550 SetActive(); |
|
1551 break; |
|
1552 } |
|
1553 default: |
|
1554 { |
|
1555 FreeUnifiedKeyStore(); |
|
1556 iPhase = EIdle; |
|
1557 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1558 } |
|
1559 } |
|
1560 } |
|
1561 |
|
1562 // ----------------------------------------------------------------------------- |
|
1563 // void CWimCertStore::DoInitializeLoadTrustSettingsWaitL() |
|
1564 // Check if trust settings were found, if not, do them and assign to mappings |
|
1565 // ----------------------------------------------------------------------------- |
|
1566 // |
|
1567 void CWimCertStore::DoInitializeLoadTrustSettingsWaitL() |
|
1568 { |
|
1569 _WIMTRACE ( _L( "CWimCertStore::DoInitializeLoadTrustSettingsWaitL()" ) ); |
|
1570 switch ( iStatus.Int() ) |
|
1571 { |
|
1572 case KErrNone: |
|
1573 { |
|
1574 // Parameters are fetched from trust store |
|
1575 // and assigned into mapping |
|
1576 SetTrustSettingsOnMappingL( iTrusted, |
|
1577 iCertificateApps ); |
|
1578 if ( iCertIndex < iCerts->Count() - 1 ) |
|
1579 { |
|
1580 iCertIndex++; |
|
1581 iPhase = EInitializeLoadTrustSettingsStart; |
|
1582 } |
|
1583 else |
|
1584 { |
|
1585 iCertIndex = 0; |
|
1586 iPhase = EListGo; |
|
1587 } |
|
1588 TRequestStatus* status = &iStatus; |
|
1589 User::RequestComplete( status, KErrNone ); |
|
1590 SetActive(); |
|
1591 break; |
|
1592 } |
|
1593 case KErrNotFound: // Trust settings not found; let's do |
|
1594 { |
|
1595 iStatus = KRequestPending; |
|
1596 iCWimTrustSettingsStore->SetDefaultTrustSettings( |
|
1597 *iCertInfos[iCertIndex], |
|
1598 ETrue, |
|
1599 iStatus ); |
|
1600 iPhase = EInitializeLoadTrustSettingsStart; |
|
1601 |
|
1602 // Nobody is taking ownership of these so delete them |
|
1603 if ( iCertificateApps ) |
|
1604 { |
|
1605 iCertificateApps->Close(); |
|
1606 delete iCertificateApps; |
|
1607 iCertificateApps = NULL; |
|
1608 } |
|
1609 |
|
1610 SetActive(); |
|
1611 break; |
|
1612 } |
|
1613 default: // Something went wrong with GetTrustSettings |
|
1614 // or Cancel call was issued |
|
1615 { |
|
1616 // Nobody is taking ownership of these so delete them |
|
1617 if ( iCertificateApps ) |
|
1618 { |
|
1619 iCertificateApps->Close(); |
|
1620 delete iCertificateApps; |
|
1621 iCertificateApps = NULL; |
|
1622 } |
|
1623 |
|
1624 FreeUnifiedKeyStore(); |
|
1625 iPhase = EIdle; |
|
1626 User::RequestComplete( iOriginalRequestStatus, |
|
1627 iStatus.Int() ); |
|
1628 break; |
|
1629 } |
|
1630 } // switch |
|
1631 } |
|
1632 |
|
1633 // ----------------------------------------------------------------------------- |
|
1634 // void CWimCertStore::DoGetKeyInfos() |
|
1635 // Fetch keys from keystores |
|
1636 // ----------------------------------------------------------------------------- |
|
1637 // |
|
1638 void CWimCertStore::DoGetKeyInfos() |
|
1639 { |
|
1640 _WIMTRACE ( _L( "CWimCertStore::DoGetKeyInfos()" ) ); |
|
1641 if ( iStatus.Int() == KErrNone ) |
|
1642 { |
|
1643 // In this phase key info count must allways be zero |
|
1644 if ( iKeyInfos.Count() == 0 ) |
|
1645 { |
|
1646 iCertIndex = 0; |
|
1647 iKeyFilter.iKeyId = KNullDesC8; |
|
1648 iKeyFilter.iUsage = |
|
1649 KeyUsageX509ToPKCS15Private( iFilter->iKeyUsage ); |
|
1650 iPhase = EList; |
|
1651 iPhaseOriginal = EList; |
|
1652 iUnifiedKeyStore->List( iKeyInfos, iKeyFilter, iStatus ); |
|
1653 SetActive(); |
|
1654 } |
|
1655 else |
|
1656 { |
|
1657 FreeUnifiedKeyStore(); |
|
1658 iPhase = EIdle; |
|
1659 User::RequestComplete( iOriginalRequestStatus, KErrCorrupt ); |
|
1660 } |
|
1661 } |
|
1662 else // Something went wrong (or call was cancelled) with |
|
1663 // iUnifiedKeyStore->Initialize( iStatus ) |
|
1664 { |
|
1665 FreeUnifiedKeyStore(); |
|
1666 iPhase = EIdle; |
|
1667 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1668 } |
|
1669 } |
|
1670 |
|
1671 |
|
1672 // ----------------------------------------------------------------------------- |
|
1673 // void CWimCertStore::DoList() |
|
1674 // Start listing certificates |
|
1675 // ----------------------------------------------------------------------------- |
|
1676 // |
|
1677 void CWimCertStore::DoList() |
|
1678 { |
|
1679 _WIMTRACE ( _L( "CWimCertStore::DoList()" ) ); |
|
1680 if ( iStatus.Int() == KErrNone ) |
|
1681 { |
|
1682 iCertIndex = 0; |
|
1683 iPhase = EInitializeGetCertList; |
|
1684 TRequestStatus* status = &iStatus; |
|
1685 User::RequestComplete( status, KErrNone ); |
|
1686 SetActive(); |
|
1687 } |
|
1688 else // iUnifiedKeyStore->List call has been cancelled or failed |
|
1689 { |
|
1690 FreeUnifiedKeyStore(); |
|
1691 iPhase = EIdle; |
|
1692 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1693 } |
|
1694 } |
|
1695 |
|
1696 // ----------------------------------------------------------------------------- |
|
1697 // void CWimCertStore::DoListGoL() |
|
1698 // In this phase all certificates are fetched from Wim. |
|
1699 // Serve the original request. |
|
1700 // ----------------------------------------------------------------------------- |
|
1701 // |
|
1702 void CWimCertStore::DoListGoL() |
|
1703 { |
|
1704 _WIMTRACE ( _L( "CWimCertStore::DoListGoL()" ) ); |
|
1705 if ( iPhaseOriginal == EList ) |
|
1706 { |
|
1707 if ( iCertIndex < ( iCerts->Count() ) ) |
|
1708 { |
|
1709 const CCTCertInfo& certInfo = iCerts->Entry( iCertIndex ); |
|
1710 TBool accept = ETrue; |
|
1711 if ( iFilter->iUidIsSet ) |
|
1712 { |
|
1713 accept = iCerts->Mapping( iCertIndex )-> |
|
1714 IsApplicable( iFilter->iUid ); |
|
1715 } |
|
1716 if ( iFilter->iFormatIsSet && accept ) |
|
1717 { |
|
1718 accept = ( iFilter->iFormat == certInfo.CertificateFormat() ); |
|
1719 } |
|
1720 if ( iFilter->iOwnerTypeIsSet && accept ) |
|
1721 { |
|
1722 accept = ( iFilter->iOwnerType == certInfo.CertificateOwnerType() ); |
|
1723 } |
|
1724 if ( ( iFilter->iSubjectKeyId != KNullDesC8 ) && accept ) |
|
1725 { |
|
1726 accept = ( iFilter->iSubjectKeyId == certInfo.SubjectKeyId() ); |
|
1727 } |
|
1728 if ( ( iFilter->iIssuerKeyId != KNullDesC8 ) && accept ) |
|
1729 { |
|
1730 accept = ( iFilter->iIssuerKeyId == certInfo.IssuerKeyId() ); |
|
1731 } |
|
1732 if ( ( iFilter->iLabelIsSet ) && accept ) |
|
1733 { |
|
1734 accept = ( iFilter->iLabel == certInfo.Label() ); |
|
1735 } |
|
1736 if ( ( iFilter->iKeyUsage != EX509UsageAll ) && accept && |
|
1737 ( certInfo.CertificateOwnerType() == EUserCertificate) ) |
|
1738 { |
|
1739 // This test must be done after we checked that |
|
1740 // the certificate owner is a user cert |
|
1741 // We must get the private key info associated with the |
|
1742 // certificate so that we know the usages |
|
1743 TInt end = iKeyInfos.Count(); |
|
1744 TInt i = 0; |
|
1745 for ( ; i < end; i++ ) |
|
1746 { |
|
1747 if ( iKeyInfos[i]->ID() == certInfo.SubjectKeyId() ) |
|
1748 { |
|
1749 i = end + 1; // This completes loop and |
|
1750 // differentiates from normal |
|
1751 // ending (i == end) |
|
1752 } |
|
1753 } |
|
1754 if ( i == end ) |
|
1755 { |
|
1756 accept = EFalse; |
|
1757 } |
|
1758 } |
|
1759 |
|
1760 if ( accept ) |
|
1761 { |
|
1762 // Here is done another copy of certificate for |
|
1763 // application needs |
|
1764 CCTCertInfo* copy = CCTCertInfo::NewLC( certInfo ); |
|
1765 User::LeaveIfError( iCertsList->Append( copy ) ); |
|
1766 CleanupStack::Pop( copy ); |
|
1767 } |
|
1768 |
|
1769 // iCertIndex is initialized in EList/KErrNone |
|
1770 iCertIndex++; |
|
1771 |
|
1772 // Poll status in order to give time for other aos |
|
1773 TRequestStatus* status = &iStatus; |
|
1774 User::RequestComplete( status, KErrNone ); |
|
1775 SetActive(); |
|
1776 } // if ( iCertIndex... |
|
1777 else |
|
1778 { |
|
1779 // All certificates are listed or there are not any |
|
1780 iKeyInfos.Close(); |
|
1781 delete iUnifiedKeyStore; |
|
1782 iUnifiedKeyStore = NULL; |
|
1783 iPhase = EIdle; |
|
1784 User::RequestComplete( iOriginalRequestStatus, KErrNone ); |
|
1785 } |
|
1786 } |
|
1787 else |
|
1788 { |
|
1789 iPhase = iPhaseOriginal; |
|
1790 iPhaseOriginal = EIdle; |
|
1791 TRequestStatus* status = &iStatus; |
|
1792 User::RequestComplete( status, KErrNone ); |
|
1793 SetActive(); |
|
1794 } |
|
1795 } |
|
1796 |
|
1797 // ----------------------------------------------------------------------------- |
|
1798 // void CWimCertStore::DoCheckCorrespondingPrivateKey() |
|
1799 // Check if private key is found for user certificate |
|
1800 // ----------------------------------------------------------------------------- |
|
1801 // |
|
1802 void CWimCertStore::DoCheckCorrespondingPrivateKey() |
|
1803 { |
|
1804 _WIMTRACE ( _L( "CWimCertStore::DoCheckCorrespondingPrivateKey()" ) ); |
|
1805 if ( iStatus.Int() == KErrNone ) |
|
1806 { |
|
1807 if ( ( iKeyInfos.Count() == 0 ) || |
|
1808 ( ( iFormat != EX509CertificateUrl ) && |
|
1809 ( iKeyInfos[0]->Usage() != iKeyFilter.iUsage ) ) ) |
|
1810 { |
|
1811 // The private key can't be found in any key store, |
|
1812 // so we must return an error |
|
1813 iPhase = EIdle; |
|
1814 User::RequestComplete( iOriginalRequestStatus, KErrArgument ); |
|
1815 } |
|
1816 else |
|
1817 { |
|
1818 // |
|
1819 iPhase = EAdd; |
|
1820 TRequestStatus* status = &iStatus; |
|
1821 User::RequestComplete( status, KErrNone ); |
|
1822 SetActive(); |
|
1823 } |
|
1824 } |
|
1825 else |
|
1826 { |
|
1827 iPhase = EIdle; |
|
1828 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1829 } |
|
1830 iKeyInfos.Close(); |
|
1831 delete iUnifiedKeyStore; |
|
1832 iUnifiedKeyStore = NULL; |
|
1833 } |
|
1834 |
|
1835 // ----------------------------------------------------------------------------- |
|
1836 // void CWimCertStore::DoCheckDeleteFromWim() |
|
1837 // If delete from Wim succeeded, continue deleting from trust setting store |
|
1838 // ----------------------------------------------------------------------------- |
|
1839 // |
|
1840 void CWimCertStore::DoCheckDeleteFromWim() |
|
1841 { |
|
1842 _WIMTRACE ( _L( "CWimCertStore::DoCheckDeleteFromWim()" ) ); |
|
1843 if ( iStatus.Int() == KErrNone ) |
|
1844 { |
|
1845 iStatus = KRequestPending; |
|
1846 iPhase = EWaitRemoveTrustSettings; |
|
1847 iCWimTrustSettingsStore->RemoveTrustSettings( |
|
1848 *iCertInfos[iCertIndex], iStatus ); |
|
1849 SetActive(); |
|
1850 } |
|
1851 else |
|
1852 { |
|
1853 iPhase = EIdle; |
|
1854 User::RequestComplete( iOriginalRequestStatus, iStatus.Int() ); |
|
1855 } |
|
1856 } |
|
1857 |
|
1858 // ----------------------------------------------------------------------------- |
|
1859 // void CWimCertStore::FreeUnifiedKeyStore() |
|
1860 // Frees key storage resources. |
|
1861 // ----------------------------------------------------------------------------- |
|
1862 // |
|
1863 void CWimCertStore::FreeUnifiedKeyStore() |
|
1864 { |
|
1865 _WIMTRACE ( _L( "CWimCertStore::FreeUnifiedKeyStore()" ) ); |
|
1866 if ( iUnifiedKeyStore ) |
|
1867 { |
|
1868 iKeyInfos.Close(); |
|
1869 delete iUnifiedKeyStore; |
|
1870 iUnifiedKeyStore = NULL; |
|
1871 iCertsList->Reset(); |
|
1872 } |
|
1873 } |
|
1874 |
|
1875 // ----------------------------------------------------------------------------- |
|
1876 // void CWimCertStore::RunError() |
|
1877 // Unexpected error in RunL (e.g. Leave) leads us here. |
|
1878 // ----------------------------------------------------------------------------- |
|
1879 // |
|
1880 TInt CWimCertStore::RunError( TInt aError ) |
|
1881 { |
|
1882 _WIMTRACE ( _L( "CWimCertStore::RunError()" ) ); |
|
1883 |
|
1884 FreeUnifiedKeyStore(); |
|
1885 iPhase = EIdle; |
|
1886 User::RequestComplete( iOriginalRequestStatus, aError ); |
|
1887 return KErrNone; |
|
1888 } |
|
1889 |
|
1890 // ----------------------------------------------------------------------------- |
|
1891 // void CWimCertStore::DoCancel() |
|
1892 // Cancels current operation. |
|
1893 // ----------------------------------------------------------------------------- |
|
1894 // |
|
1895 void CWimCertStore::DoCancel() |
|
1896 { |
|
1897 _WIMTRACE ( _L( "CWimCertStore::DoCancel()" ) ); |
|
1898 |
|
1899 if ( iUnifiedKeyStore ) |
|
1900 { |
|
1901 switch ( iPhase ) |
|
1902 { |
|
1903 case EGetKeyInfos: |
|
1904 { |
|
1905 if ( iUnifiedKeyStore->IsActive() ) |
|
1906 { |
|
1907 iUnifiedKeyStore->CancelInitialize(); |
|
1908 } |
|
1909 break; |
|
1910 } |
|
1911 case EList: |
|
1912 { |
|
1913 if ( iUnifiedKeyStore->IsActive() ) |
|
1914 { |
|
1915 iUnifiedKeyStore->CancelList(); |
|
1916 } |
|
1917 break; |
|
1918 } |
|
1919 default: |
|
1920 { |
|
1921 // Other phases won't cause any action |
|
1922 break; |
|
1923 } |
|
1924 } |
|
1925 } |
|
1926 |
|
1927 if ( iCWimCertConverter ) |
|
1928 { |
|
1929 switch ( iPhase ) |
|
1930 { |
|
1931 case EInitializeLoadMappings: |
|
1932 { |
|
1933 if ( iCWimCertConverter->IsActive() ) |
|
1934 { |
|
1935 iCWimCertConverter->CancelRestore(); |
|
1936 delete iCWimCertConverter; |
|
1937 iCWimCertConverter = NULL; |
|
1938 } |
|
1939 break; |
|
1940 } |
|
1941 case ERetrieveWait: |
|
1942 { |
|
1943 if ( iCWimCertConverter->IsActive() ) |
|
1944 { |
|
1945 iCWimCertConverter->CancelRetrieve(); |
|
1946 delete iCWimCertConverter; |
|
1947 iCWimCertConverter = NULL; |
|
1948 } |
|
1949 break; |
|
1950 } |
|
1951 case ECheckAddToWim: |
|
1952 { |
|
1953 if ( iCWimCertConverter->IsActive() ) |
|
1954 { |
|
1955 iCWimCertConverter->CancelAddCertificate(); |
|
1956 delete iCWimCertConverter; |
|
1957 iCWimCertConverter = NULL; |
|
1958 } |
|
1959 break; |
|
1960 } |
|
1961 case ECheckDeleteFromWim: |
|
1962 { |
|
1963 if ( iCWimCertConverter->IsActive() ) |
|
1964 { |
|
1965 iCWimCertConverter->CancelRemove(); |
|
1966 delete iCWimCertConverter; |
|
1967 iCWimCertConverter = NULL; |
|
1968 } |
|
1969 break; |
|
1970 } |
|
1971 default: |
|
1972 { |
|
1973 // Other phases won't cause any action |
|
1974 break; |
|
1975 } |
|
1976 } |
|
1977 } |
|
1978 |
|
1979 if ( iCWimTrustSettingsStore ) |
|
1980 { |
|
1981 switch ( iPhase ) |
|
1982 { |
|
1983 case EInitializeLoadTrustSettingsStart: |
|
1984 { |
|
1985 if ( iCWimTrustSettingsStore->IsActive() ) |
|
1986 { |
|
1987 iCWimTrustSettingsStore->CancelDoing(); |
|
1988 } |
|
1989 break; |
|
1990 } |
|
1991 default: |
|
1992 { |
|
1993 // Other phases won't cause any action |
|
1994 break; |
|
1995 } |
|
1996 } |
|
1997 } |
|
1998 |
|
1999 if ( iCerts ) |
|
2000 { |
|
2001 delete iCerts; |
|
2002 iCerts = NULL; |
|
2003 } |
|
2004 |
|
2005 if ( iPhase == EInitializeLoadTrustSettingsWait ) |
|
2006 { |
|
2007 // Nobody is taking ownership of these so delete them |
|
2008 iCertificateApps->Close(); |
|
2009 delete iCertificateApps; |
|
2010 } |
|
2011 |
|
2012 FreeUnifiedKeyStore(); |
|
2013 iPhase = EIdle; |
|
2014 User::RequestComplete( iOriginalRequestStatus, KErrCancel ); |
|
2015 } |
|
2016 |
|
2017 // ----------------------------------------------------------------------------- |
|
2018 // void CWimCertStore::LoadMappingsL() |
|
2019 // In this phase we have retrieved certificate infos from WimClient and they |
|
2020 // are in the iCertInfos array. This methdod creates iCerts array |
|
2021 // and loads those certificates into it. Trust settings are updated in the next |
|
2022 // phase. |
|
2023 // ----------------------------------------------------------------------------- |
|
2024 // |
|
2025 void CWimCertStore::LoadMappingsL() |
|
2026 { |
|
2027 _WIMTRACE ( _L( "CWimCertStore::LoadMappingsL()" ) ); |
|
2028 if ( iCerts ) |
|
2029 { |
|
2030 delete iCerts; |
|
2031 iCerts = NULL; |
|
2032 } |
|
2033 // Create a manager class for mapping entries |
|
2034 iCerts = CWimCertStoreMappings::NewL(); |
|
2035 TInt count = iCertInfos.Count(); |
|
2036 // Go through all certificates and insert them into a mapping array |
|
2037 for ( TInt i = 0; i < count; i++ ) |
|
2038 { |
|
2039 CWimCertStoreMapping* certMapping = CWimCertStoreMapping::NewL(); |
|
2040 CleanupStack::PushL( certMapping ); |
|
2041 // Ownership moves to CWimCertStoreMapping |
|
2042 CCTCertInfo* certInfo = ( CCTCertInfo* )( iCertInfos )[i]->CctCert(); |
|
2043 certMapping->SetEntryL( certInfo ); |
|
2044 // Set default applications. This object must not push to cleanupstack |
|
2045 // because on leave at AddL this object is deleted in association with |
|
2046 // certMapping |
|
2047 RArray<TUid>* certificateApps = new( ELeave ) RArray<TUid>(); |
|
2048 certMapping->SetCertificateAppsL( certificateApps ); |
|
2049 // Set default |
|
2050 certMapping->SetTrusted( ETrue ); |
|
2051 // Append mapping pointer to pointer array |
|
2052 iCerts->AddL( certMapping ); |
|
2053 CleanupStack::Pop( certMapping ); |
|
2054 } |
|
2055 } |
|
2056 |
|
2057 // ----------------------------------------------------------------------------- |
|
2058 // void CWimCertStore::SetTrustSettingsOnMappingL() |
|
2059 // If certificate has no trust settings and there should be, |
|
2060 // here they are updated. This method sets applications and trusted |
|
2061 // information into mapping entry. |
|
2062 // ----------------------------------------------------------------------------- |
|
2063 // |
|
2064 void CWimCertStore::SetTrustSettingsOnMappingL( TBool aTrusted, |
|
2065 RArray<TUid>* aApplications ) |
|
2066 { |
|
2067 _WIMTRACE ( _L( "CWimCertStore::SetTrustSettingsOnMappingL()" ) ); |
|
2068 // Take a pointer to mapping |
|
2069 CWimCertStoreMapping* mapping = iCerts->Mapping( iCertIndex ); |
|
2070 // Check that mapping is found |
|
2071 if ( !mapping ) |
|
2072 { |
|
2073 User::Leave( KErrNotFound ); |
|
2074 } |
|
2075 // Ownership is changed here: |
|
2076 // iCertificateApps is not any more responsible for this array. |
|
2077 mapping->SetCertificateAppsL( aApplications ); |
|
2078 mapping->SetTrusted( aTrusted ); |
|
2079 } |
|
2080 |
|
2081 // ----------------------------------------------------------------------------- |
|
2082 // CWimCertStore::EnteringAllowed() |
|
2083 // Check if token is removed and if this ao is active. |
|
2084 // ----------------------------------------------------------------------------- |
|
2085 // |
|
2086 TBool CWimCertStore::EnteringAllowed( TRequestStatus& aStatus ) |
|
2087 { |
|
2088 _WIMTRACE ( _L( "CWimCertStore::EnteringAllowed()" ) ); |
|
2089 if ( TokenRemoved() ) |
|
2090 { |
|
2091 TRequestStatus* status = &aStatus; |
|
2092 User::RequestComplete( status, KErrHardwareNotAvailable ); |
|
2093 return EFalse; |
|
2094 } |
|
2095 |
|
2096 // If this active object is in running, don't accept entering |
|
2097 if ( IsActive() ) |
|
2098 { |
|
2099 // If the caller status is the same as the status, that activated |
|
2100 // this object, just return |
|
2101 if ( &aStatus == iOriginalRequestStatus ) |
|
2102 { |
|
2103 return EFalse; |
|
2104 } |
|
2105 else |
|
2106 { |
|
2107 // Otherwise complete it with error |
|
2108 TRequestStatus* status = &aStatus; |
|
2109 User::RequestComplete( status, KErrInUse ); |
|
2110 return EFalse; |
|
2111 } |
|
2112 } |
|
2113 else |
|
2114 { |
|
2115 iOriginalRequestStatus = &aStatus; |
|
2116 aStatus = KRequestPending; |
|
2117 return ETrue; |
|
2118 } |
|
2119 } |
|
2120 |
|
2121 // ----------------------------------------------------------------------------- |
|
2122 // CWimCertStore::TokenRemoved() |
|
2123 // Returns true or false indicating if token is removed |
|
2124 // ----------------------------------------------------------------------------- |
|
2125 // |
|
2126 TBool CWimCertStore::TokenRemoved() |
|
2127 { |
|
2128 _WIMTRACE ( _L( "CWimCertStore::TokenRemoved()" ) ); |
|
2129 // If token listener is not alive, then token is removed |
|
2130 if ( iToken.TokenListener()->TokenStatus() != KRequestPending ) |
|
2131 { |
|
2132 return ETrue; |
|
2133 } |
|
2134 else |
|
2135 { |
|
2136 return EFalse; |
|
2137 } |
|
2138 } |