|
1 /* |
|
2 * Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Server accepts requests from client threads and forwards them |
|
15 * to the relevant server-side client session. It also handles the |
|
16 * creation of server-side client sessions as a result of requests |
|
17 * for connection from client threads. |
|
18 * |
|
19 */ |
|
20 |
|
21 |
|
22 |
|
23 #ifndef CWIMSERVER_H |
|
24 #define CWIMSERVER_H |
|
25 |
|
26 // INCLUDES |
|
27 #include "Wimi.h" // WIMI definitions |
|
28 #include "WimClsv.h" |
|
29 #include "WimTimer.h" |
|
30 |
|
31 // CONSTANTS |
|
32 _LIT( KWimServer, "CWimServer" ); |
|
33 |
|
34 /* |
|
35 * ============================================================================== |
|
36 WimServer's policy |
|
37 * ============================================================================== |
|
38 */ |
|
39 // Total number of policy ranges |
|
40 const TUint KWimServerRangeCount = 16; |
|
41 |
|
42 /** |
|
43 * Definition of the ranges of IPC numbers in Wim server. |
|
44 * NOTE: Adding new functions to server will mess up policy checking. |
|
45 * @see TWimServRqst |
|
46 */ |
|
47 const TInt wimRanges[KWimServerRangeCount] = |
|
48 { |
|
49 ENon, // Range 0; 'ENon', Opcode has not been assigned yet. |
|
50 EWimInitialize, // Range 1, functions 1-5; WIM mgmt functions EAlwaysPass |
|
51 ECloseWIMAfter, // Range 2, function 6; Set closing time for WIM |
|
52 EGetCloseWIMAfter,// Range 3, functions 7-8; Get WIM closing time info |
|
53 EWIMClose, // Range 4, function 9; Closes the WIM |
|
54 ENotifyOnRemoval, // Range 5, funcs 10-14; Token removal & free mem (internal) |
|
55 EGetPINCount, // Range 6, functions 15-18; PIN info functions |
|
56 EChangePINReq, // Range 7, functions 19-21; PIN & Key mgmt, PIN modif. |
|
57 EVerifyPinReq, // Range 8, functions 22-25; PIN & Key mgmt, Pin&Key read |
|
58 EGetWIMCertLst, // Range 9, functions 26-27; Cert info |
|
59 EGetWIMCertDetails,// Range 10, funcs 28-33; Cert read & manip, PK export, sign text |
|
60 EGetOMAFileSize, // Range 11, functions 34-35; OMA provisioning |
|
61 EGetTrustSettings, // Range 12, functions 36; Get trust settings |
|
62 ESetApplicability, // Range 13, function 37-40; Modify trust settings |
|
63 ECancelTrustSettings, // Range 14, function 41; Cancel any trust operation |
|
64 ECancelTrustSettings+1 // Range 15, 42-; N/A function/end-of-range check |
|
65 }; // -> ENotSupported |
|
66 |
|
67 // Policy to implement for each of the ranges in range table. |
|
68 const TUint8 wimElementsIndex[KWimServerRangeCount] = |
|
69 { |
|
70 CPolicyServer::ENotSupported, // applies to 0th range |
|
71 CPolicyServer::EAlwaysPass, // applies to 1st range |
|
72 3, // Policy "3" applies to 2nd range |
|
73 2, // Policy "2" applies to 3rd range |
|
74 3, // Policy "3" applies to 4th range |
|
75 CPolicyServer::EAlwaysPass, // applies to 5th range |
|
76 2, // Policy "2" applies to 6th range |
|
77 3, // Policy "3" applies to 7th range |
|
78 2, // Policy "2" applies to 8th range |
|
79 CPolicyServer::EAlwaysPass, // applies to 9th range |
|
80 CPolicyServer::ECustomCheck, // applies to 10th range |
|
81 2, // Policy "2" applies to 11th range |
|
82 CPolicyServer::EAlwaysPass, // Applies to 12th range (get trust) |
|
83 CPolicyServer::ECustomCheck, // Applies to 13th range (modify trust) |
|
84 CPolicyServer::EAlwaysPass, // Applies to 14th range (cancel trust) |
|
85 CPolicyServer::ENotSupported // applies to 15th range (out of range IPC) |
|
86 }; |
|
87 |
|
88 // Specific capability checks. |
|
89 const CPolicyServer::TPolicyElement wimElements[] = |
|
90 { |
|
91 // policy "0"; fail call if ReadUserData not present |
|
92 { |
|
93 _INIT_SECURITY_POLICY_C1( ECapabilityReadUserData ), |
|
94 CPolicyServer::EFailClient |
|
95 }, |
|
96 // policy "1"; fail call if WriteUserData not present |
|
97 { |
|
98 _INIT_SECURITY_POLICY_C1( ECapabilityWriteUserData ), |
|
99 CPolicyServer::EFailClient |
|
100 }, |
|
101 // policy "2"; fail call if ReadDeviceData not present |
|
102 { |
|
103 _INIT_SECURITY_POLICY_C1( ECapabilityReadDeviceData ), |
|
104 CPolicyServer::EFailClient |
|
105 }, |
|
106 // policy "3"; fail call if WriteDeviceData not present |
|
107 { |
|
108 _INIT_SECURITY_POLICY_C1( ECapabilityWriteDeviceData ), |
|
109 CPolicyServer::EFailClient |
|
110 } |
|
111 }; |
|
112 |
|
113 // Packs all the security definitions into a policy. |
|
114 const CPolicyServer::TPolicy wimPolicy = |
|
115 { |
|
116 CPolicyServer::EAlwaysPass, // all connect attempts should pass |
|
117 KWimServerRangeCount, // number of ranges |
|
118 wimRanges, // ranges array |
|
119 wimElementsIndex, // elements<->ranges index |
|
120 wimElements, // array of elements |
|
121 }; |
|
122 |
|
123 // FORWARD DECLARATIONS |
|
124 class CWimSession; |
|
125 class CWimMemMgmt; |
|
126 class CWimSessionRegistry; |
|
127 class CWimTrustSettingsStore; |
|
128 class CWimSatRefreshObserver; |
|
129 class CWimBTSapObserver; |
|
130 |
|
131 // CLASS DECLARATION |
|
132 |
|
133 #ifdef WIMSERVER_SHUTDOWN |
|
134 /** |
|
135 * Implements shutdown of the server. When the last client disconnects, this |
|
136 * class is activated, and when the timer expires, causes the server to |
|
137 * close. |
|
138 * |
|
139 * @lib |
|
140 * @since S60 |
|
141 */ |
|
142 class CShutdown : public CTimer |
|
143 { |
|
144 public: |
|
145 |
|
146 inline CShutdown(); |
|
147 |
|
148 inline void ConstructL(); |
|
149 |
|
150 inline void Start(); |
|
151 |
|
152 private: |
|
153 |
|
154 void RunL(); |
|
155 }; |
|
156 |
|
157 #endif //WIMSERVER_SHUTDOWN |
|
158 |
|
159 |
|
160 /** |
|
161 * Main class of the server. |
|
162 * |
|
163 * @since Series60 2.1 |
|
164 */ |
|
165 |
|
166 class CWimServer : public CPolicyServer, public MWimTimerListener // for policy checking |
|
167 { |
|
168 |
|
169 public: // Constructor and destructor |
|
170 |
|
171 /** |
|
172 * Two-phased constructor. |
|
173 */ |
|
174 static CWimServer* NewL(); |
|
175 |
|
176 /** |
|
177 * Destructor. |
|
178 */ |
|
179 virtual ~CWimServer(); |
|
180 |
|
181 |
|
182 public: // New functions |
|
183 |
|
184 /** |
|
185 * Creates a new session. |
|
186 * @param aVersion Version of the server. |
|
187 * @return Pointer to sharable session. |
|
188 */ |
|
189 virtual CSession2* NewSessionL( const TVersion &aVersion, |
|
190 const RMessage2& aMessage ) const; |
|
191 |
|
192 /** |
|
193 * Panics the server |
|
194 * @param aPanic Server panic reasons |
|
195 * @return void |
|
196 */ |
|
197 static void PanicServer( TWimServerPanic aPanic ); |
|
198 |
|
199 /** |
|
200 * Get all sessions of the server |
|
201 * @param aSessions Array of sessions. Empty array constructed in |
|
202 * a calling function |
|
203 * @return void |
|
204 */ |
|
205 void GetSessionsL( RArray<CWimSession*>& aSessions ) const; |
|
206 |
|
207 /** |
|
208 * Get pointer to WimSessionRegistry |
|
209 * @return pointer to WimSessionRegistry |
|
210 */ |
|
211 CWimSessionRegistry* WimSessionRegistry(); |
|
212 |
|
213 /** |
|
214 * Get pointer to WimServer object |
|
215 * @return Pointer to WimServer object |
|
216 */ |
|
217 static CWimServer* Server(); |
|
218 |
|
219 /** |
|
220 * Initializes WIMI if not yet initialized. |
|
221 * In initalization WIM data from card is fetched to WIMI. |
|
222 * @return void |
|
223 */ |
|
224 void WimInitialize( const RMessage2& aMessage ); |
|
225 |
|
226 /** |
|
227 * Cancel Initializes WIMI if not yet initialized. |
|
228 * Stop the apdu sending |
|
229 * @return void |
|
230 */ |
|
231 void CancelWimInitialize( const RMessage2& aMessage ); |
|
232 |
|
233 /** |
|
234 * Set WimInitialized flag |
|
235 * @param aInitialized ETrue/EFalse whether WIM is initialized |
|
236 * @return void |
|
237 */ |
|
238 static void SetWimInitialized( TBool aInitialized, TInt aStatus ); |
|
239 |
|
240 /** |
|
241 * Get TrustSettingsStore pointer |
|
242 * @param void |
|
243 * @return pointer to TrustSettingsStore |
|
244 */ |
|
245 |
|
246 CWimTrustSettingsStore* WimTrustSettingsStore(); |
|
247 |
|
248 /** |
|
249 * Tells if currently requested service is accessing physical token. |
|
250 * @return TBool Is current service request accessing token or not. |
|
251 */ |
|
252 TBool IsAccessingToken(); |
|
253 |
|
254 /** |
|
255 * Tell that currently requested service is accessing physical token. |
|
256 * @param TBool Is current service request accessing token. |
|
257 */ |
|
258 void SetIsAccessingToken( TBool aValue ); |
|
259 |
|
260 /** |
|
261 * Tells if there's been completed SIM Refresh operation. |
|
262 * Returns ETrue if SIM Refresh notification is received in the middle |
|
263 * of service request that accesses physical token. |
|
264 * Server shall re-initialize itself at earliest convenience. |
|
265 * @see IsAccessingToken() |
|
266 * @return TBool Event from SAT received during service. |
|
267 */ |
|
268 TBool RefreshNotificationReceived(); |
|
269 |
|
270 /** |
|
271 * Tell about completed SIM Refresh operation. |
|
272 * Set ETrue if SIM Refresh notification is received in the middle of |
|
273 * service request that accesses physical token. |
|
274 * Server shall re-initialize itself at earliest convenience. |
|
275 * @see IsAccessingToken() |
|
276 * @param TBool Refresh event received from SAT. |
|
277 */ |
|
278 void SetRefreshNotificationReceived( TBool aValue ); |
|
279 |
|
280 /** |
|
281 * Return the pointer of Timer |
|
282 */ |
|
283 CWimTimer* WimTimer(); |
|
284 |
|
285 /** |
|
286 * Interface derived from MWimTimerListener |
|
287 */ |
|
288 void TimerExpired(); |
|
289 |
|
290 #ifdef WIMSERVER_SHUTDOWN |
|
291 void AddSession(); |
|
292 |
|
293 void DropSession(); |
|
294 #endif //WIMSERVER_SHUTDOWN |
|
295 |
|
296 private: |
|
297 |
|
298 /** |
|
299 * C++ default constructor. |
|
300 */ |
|
301 CWimServer(); |
|
302 |
|
303 /** |
|
304 * Constructor |
|
305 * @param aPriority The priority of this active object. |
|
306 * @return void |
|
307 */ |
|
308 CWimServer( TInt aPriority ); |
|
309 |
|
310 /** |
|
311 * By default Symbian 2nd phase constructor is private. |
|
312 */ |
|
313 void ConstructL(); |
|
314 |
|
315 /** |
|
316 * Initializes callback functions. |
|
317 */ |
|
318 void InitializeCallbackFunctions(); |
|
319 |
|
320 /** |
|
321 * From CPolicyServer. Checks client's capabilities. |
|
322 * @param aMsg Message from client. |
|
323 * @param aAction IN/OUT; What to do in case of failure. |
|
324 * @param aMissing IN/OUT; A list of missing security attributes. |
|
325 * @return EPass if checking was passed, EFail otherwise. |
|
326 */ |
|
327 CPolicyServer::TCustomResult |
|
328 CustomSecurityCheckL( const RMessage2& aMsg, |
|
329 TInt& aAction, |
|
330 TSecurityInfo& aMissing ); |
|
331 |
|
332 /** |
|
333 * Resolves usage (CA/User) for a certificate. |
|
334 * @param aMsg Message from client |
|
335 * @param aUsage Certificate usage (CA/User). |
|
336 * @return WIMI_Ok if ok, error code otherwise. |
|
337 */ |
|
338 WIMI_STAT ResolveCertUsage( const RMessage2& aMsg, |
|
339 TUint8& aUsage ); |
|
340 |
|
341 /** |
|
342 * Fetches certificate info. Wrapper for WIMI call. |
|
343 * @param aMsg Message from client |
|
344 * @param aUsage Certificate usage (CA/User). |
|
345 * @return WIMI_Ok if ok, error code otherwise. |
|
346 */ |
|
347 WIMI_STAT GetCertificateInfo( WIMI_Ref_pt aCertRef, |
|
348 TUint8& aUsage ); |
|
349 |
|
350 /** |
|
351 * Resolves which kind of certificate (CA/User) client is accessing. |
|
352 * @param aMsg Message from client |
|
353 * @param aUsage Certificate usage (CA/User). |
|
354 * @return void |
|
355 */ |
|
356 void ResolveStoreCertReqL( const RMessage2& aMsg, |
|
357 TUint8& aUsage ); |
|
358 |
|
359 /** |
|
360 * Resolves which kind of certificate client is accessing. |
|
361 * @param aMsg Message from client |
|
362 * @param aUsage Certificate usage (CA/User). |
|
363 * @return WIMI_Ok if ok, error code otherwise. |
|
364 */ |
|
365 WIMI_STAT ResolveRemoveCertReqL( const RMessage2& aMsg, |
|
366 TUint8& aUsage ); |
|
367 |
|
368 /** |
|
369 * Resolves which kind of certificate client is accessing. |
|
370 * @param aMsg Message from client |
|
371 * @param aUsage Certificate usage (CA/User). |
|
372 * @return ETrue if successful, EFalse otherwise. |
|
373 */ |
|
374 TBool ResolveTrustModficationReqL( const RMessage2& aMsg, |
|
375 TUint8& aUsage ); |
|
376 |
|
377 /** |
|
378 * Resolves which kind of key (CA/User) client requests. |
|
379 * @param aMsg Message from client |
|
380 * @param aUsage Certificate usage (CA/User). |
|
381 * @return WIMI_Ok if ok, error code otherwise. |
|
382 */ |
|
383 WIMI_STAT ResolveExportPublicReqL( const RMessage2& aMsg, |
|
384 TUint8& aUsage ); |
|
385 |
|
386 /** |
|
387 * Check if client has sufficient read capability for service in question. |
|
388 * @param aMsg Message from client |
|
389 * @param aUsage Certificate usage (CA/User). |
|
390 * @return EPass if checking was passed, EFail otherwise |
|
391 */ |
|
392 CPolicyServer::TCustomResult |
|
393 CheckReadCapsForUsage( const RMessage2& aMsg, |
|
394 TUint8 aUsage ); |
|
395 |
|
396 /** |
|
397 * Check if client has sufficient write capability for service in question. |
|
398 * @param aMsg Message from client |
|
399 * @param aUsage Certificate usage (CA/User). |
|
400 * @return EPass if checking was passed, EFail otherwise |
|
401 */ |
|
402 CPolicyServer::TCustomResult |
|
403 CheckWriteCapsForUsage( const RMessage2& aMsg, |
|
404 TUint8 aUsage ); |
|
405 |
|
406 public: // Data |
|
407 |
|
408 // Status of the last initialization action |
|
409 static TInt iWimStatus; |
|
410 // Flag to tell if WIM is already initialized |
|
411 static TBool iWimInitialized; |
|
412 |
|
413 WIMI_Callbacks_t iWimCallBack; |
|
414 private: // Data |
|
415 // Pointer to Trust Settings Store instance. Owned. |
|
416 CWimTrustSettingsStore* iWimTrustSettingsStore; |
|
417 // Session counter |
|
418 TInt iSessionCount; |
|
419 // Pointer to CWimSessionRegistry |
|
420 CWimSessionRegistry* iWimSessionRegistry; |
|
421 // Pointer to CServer object |
|
422 static CWimServer* iWimServer; |
|
423 // Callback structure for WIMI |
|
424 |
|
425 /** |
|
426 * Current service is accessing physical token. |
|
427 * Used to determine if SIM Refresh can be allowed. |
|
428 */ |
|
429 TBool iIsAccessingToken; |
|
430 /** |
|
431 * Informs server of completed SIM Refresh operation. |
|
432 * Is set if SIM Refresh notification is received in the middle of |
|
433 * service request that accesses physical token. |
|
434 * Server shall re-initialize itself at earliest convenience. |
|
435 */ |
|
436 TBool iRefreshNotificationReceived; |
|
437 /** |
|
438 * SAT refresh event observer. Owned. |
|
439 * |
|
440 */ |
|
441 CWimSatRefreshObserver* iRefreshObserver; |
|
442 /** |
|
443 * BT Sap refresh event observer. Owned. |
|
444 * |
|
445 */ |
|
446 CWimBTSapObserver* iBTSapObserver; |
|
447 |
|
448 // Pointer to Timer. Owned |
|
449 CWimTimer* iWimTimer; |
|
450 |
|
451 #ifdef WIMSERVER_SHUTDOWN |
|
452 CShutdown iShutdown; |
|
453 #endif |
|
454 }; |
|
455 |
|
456 #endif // CWIMSERVER_H |
|
457 |
|
458 // End of File |