FCL/sf/mw/securitysrv: comparison wim/WimServer/src/WimCertHandler.cpp

equal deleted inserted replaced

-:d5423fbb4f29
+:b75757c81051
 /*
-* Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
+* Copyright (c) 2002-2010 Nokia Corporation and/or its subsidiary(-ies).
 * All rights reserved.
 * This component and the accompanying materials are made available
 * under the terms of "Eclipse Public License v1.0"
 * which accompanies this distribution, and is available
 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
 // -----------------------------------------------------------------------------
 // CWimCertHandler::NewL
 // Two-phased constructor.
 // -----------------------------------------------------------------------------
 //
 CWimCertHandler* CWimCertHandler::NewL()
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::NewL | Begin"));
 CWimCertHandler* self = new( ELeave ) CWimCertHandler;
 CleanupStack::PushL( self );
 self->ConstructL();
 CleanupStack::Pop( self );
 return self;
 }
 // Destructor
 CWimCertHandler::~CWimCertHandler()
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::~CWimCertHandler | Begin"));
 delete iWimUtilFuncs;
 // CWimCertHandler::GetCertificatesFromWimL
 // Fetches certificates from WIM card.
 // -----------------------------------------------------------------------------
 //
 void CWimCertHandler::GetCertificatesFromWimL(
 const RMessage2& aMessage,
 CWimMemMgmt* aWimMgmt )
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::GetCertificatesFromWimL | Begin"));
 WIMI_STAT callStatus = WIMI_Ok;
 TUint8 certNum = 0;
 TWimEntryType certEntryType = ( TWimEntryType ) aMessage.Int2();
 TUint32* pCertRefLst = ( TUint32* )( certRefLst->Des().Ptr() );
 TWimCertInfo* pCertInfoLst = ( TWimCertInfo* )( certInfoLst->Des().Ptr() );
-temp = aWimMgmt->WimRef();
+__ASSERT_ALWAYS( aWimMgmt, User::Leave( KErrArgument ) );
-if ( !temp )
+temp = MainWimRef( *aWimMgmt );
-{
-temp = WIMI_GetWIMRef( 0 );
-aWimMgmt->SetWIMRef( temp );    // takes ownership
-}
 if ( temp )
 {
 if ( EWimEntryTypeAll == certEntryType ||
 EWimEntryTypeCA == certEntryType )
 {
 callStatus = GetCertificateFromWimRefL( temp, WIMI_CU_CA,
 certNum, pCertRefLst,
 pCertInfoLst, aMessage );
 }
 if ( callStatus == WIMI_Ok && ( EWimEntryTypeAll == certEntryType ||
 EWimEntryTypePersonal == certEntryType ) )
 {
 callStatus = GetCertificateFromWimRefL( temp, WIMI_CU_Client,
 certNum, pCertRefLst,
 pCertInfoLst, aMessage );
 }
 //record the ref for sanity checking, deallocate old refs first
 for( TInt index = 0; index < iCertRefLst.Count(); ++index )
 {
 WIMI_Ref_t* ref = reinterpret_cast< WIMI_Ref_t* >( iCertRefLst[ index ] );
 _WIMTRACE2(_L("WIM | WIMServer | CWimCertHandler::GetCertificatesFromWimL, -ref 0x%08x"), ref);
 for( TInt index = 0; index < certNum; ++index )
 {
 _WIMTRACE2(_L("WIM | WIMServer | CWimCertHandler::GetCertificatesFromWimL, +ref 0x%08x"), pCertRefLst[ index ]);
 iCertRefLst.AppendL( pCertRefLst[ index ] );
 }
 aMessage.WriteL( 0, certRefLst->Des() );
 aMessage.WriteL( 1, certInfoLst->Des() );
 }
 else
 {
 const RMessage2& aMessage )
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::GetCertificateFromWimRefL | Begin"));
 TUint8 tempCrtCount;
 WIMI_RefList_t refList = NULL;
-WIMI_STAT callStatus = WIMI_Ok;
+WIMI_STAT callStatus = WIMI_ERR_BadReference;
 if ( aTmpWimRef )
 {
 callStatus = WIMI_GetCertificateListByWIM( aTmpWimRef,
 aUsage,
 &tempCrtCount,
 &refList );
 if ( callStatus == WIMI_Ok )
 {
 // If the certifcate length is 0,
 // ingore certificate info and continue with the next
 	step++;
 free_WIMI_Ref_t( refList[certIndex] );
 }
 }
 //variable step is equal to the number of certificate in CDF whose
 //length is set as 0.
 aCertNum = static_cast< TUint8 >( aCertNum + tempCrtCount - step );
 // Because list items are moved to aCertRefLst, only refList array
 // needs to be freed. Cannot use free_WIMI_RefList_t() as it would
 // delete also items contained in refList.
 TUint8 uiCDFRefs;
 TUint8 usage;
 TUint8 type;
 TUint16 certLen;
 TUint8 modifiable = 0;
 WIMI_STAT callStatus = WIMI_GetCertificateInfo(
 aCert,
 &tempRef,
 &ptLabel,
 &ptKeyID, /* Key Id (hash)*/
 &ptCAID,
 &ptIssuerHash,
 &ptTrustedUsage,
 &uiCDFRefs,
 &usage,  /* 0 = client, 1 = CA */
 &type,   /* WTLSCert(1),
 X509Cert(2),
 X968Cert(3),
 CertURL(4) */
 &certLen,   /* cert. content or URL length */
 &modifiable );
 if ( callStatus == WIMI_Ok )
 {
 WSL_OS_Free( ptTrustedUsage.pb_buf );
 	return KErrArgument;
 }
 // it is x509cert
-if ( type == 2 && certLen != 0 )
+if ( type == WIMI_CT_X509 && certLen != 0 )
 {
 //use this rough sanity checking for temp
 if ( certLen < 10 )
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::CopyCertificateInfoL | cert is malformated, return KErrArgument"));
 }
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::CopyCertificateInfoL | X509 check ok"));
 aCertInfo.iLabel.Copy(
 TPtr8(
 ptLabel.pb_buf,
 ptLabel.ui_buf_length,
 ptLabel.ui_buf_length ) );
 aCertInfo.iKeyId.Copy(
 TPtr8(
 ptKeyID.pb_buf,
 ptKeyID.ui_buf_length,
 ptKeyID.ui_buf_length ) );
 aCertInfo.iCAId.Copy(
 TPtr8(
 ptCAID.pb_buf,
 ptCAID.ui_buf_length,
 ptCAID.ui_buf_length ) );
 aCertInfo.iIssuerHash.Copy(
 TPtr8(
 ptIssuerHash.pb_buf,
 ptIssuerHash.ui_buf_length,
 ptIssuerHash.ui_buf_length ) );
 aCertInfo.iUsage = usage;
 aCertInfo.iType = type;
 aCertInfo.iCertlen = certLen;
 aCertInfo.iModifiable = modifiable;
 // Certificate location
 aCertInfo.iCDFRefs = iWimUtilFuncs->MapCertLocation( uiCDFRefs );
 //Allocate enough memory for OID
 aCertInfo.iTrustedUsageLength = ptTrustedUsage.ui_buf_length * 16;
 // Fetches certificate's extra info from WIM card. In this case it is
 // trusted usage info.
 // -----------------------------------------------------------------------------
 //
 void CWimCertHandler::GetExtrasFromWimL(
 const RMessage2& aMessage,
 CWimMemMgmt* aWimMgmt )
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::GetExtrasFromWimL | Begin"));
 WIMI_STAT callStatus = WIMI_Ok;
 TInt8 certUsage = 0;
 HBufC8* keyIdBuf = iWimUtilFuncs->DesLC( 0, aMessage );
 TPtrC8 keyIdHash = keyIdBuf->Des();
-WIMI_Ref_t* wimTempRef = aWimMgmt->WimRef();
+__ASSERT_ALWAYS( aWimMgmt, User::Leave( KErrArgument ) );
-if ( !wimTempRef )
+WIMI_Ref_t* wimTempRef = MainWimRef( *aWimMgmt );
-{
-wimTempRef = WIMI_GetWIMRef( 0 );
-aWimMgmt->SetWIMRef( wimTempRef );  // takes ownership
-}
 if ( wimTempRef )
 {
 TWimEntryType certEntryType = static_cast< TWimEntryType >( aMessage.Int2() );
 switch ( certEntryType )
 TInt8 aUsage,
 TDesC8& aKeyHash,
 const RMessage2& aMessage )
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::GetExtrasFromWimRefL | Begin"));
 TUint8 tempCertCount = 0;
 WIMI_RefList_t certRefList = NULL;
 WIMI_STAT callStatus = WIMI_Ok;
 TInt certIndex = 0;
 TPtrC8 keyHash;
 if ( aTmpWimRef )
 {
 // List all certificates (by WIM and usage)
 callStatus = WIMI_GetCertificateListByWIM( aTmpWimRef,
 aUsage,
 &tempCertCount,
 &certRefList );
 }
 else
 {
 callStatus = WIMI_ERR_BadReference;
 }
-CleanupPushWimRefListL( certRefList );
 if ( callStatus == WIMI_Ok )
 {
+CleanupPushWimRefListL( certRefList );
 WIMI_Ref_t* tempRef = NULL;
 WIMI_BinData_t ptLabel;
 WIMI_BinData_t ptKeyID;
 WIMI_BinData_t ptCAID;
 WIMI_BinData_t ptIssuerHash;
 &ptCAID,
 &ptIssuerHash,
 &ptTrustedUsage,
 &uiCDFRefs,
 &usage,
 &certType,
 &certLen,
 &modifiable );
 if ( callStatus == WIMI_Ok )
 {
 free_WIMI_Ref_t( tempRef );
 TCertExtrasInfo certExtraInfo;
 certExtraInfo.iCDFRefs = 0;
 certExtraInfo.iTrustedUsage = NULL;
 WIMI_STAT callStatus = WIMI_GetCertificateInfo(
 aCert,
 &tempref,
 &ptLabel,
 &ptKeyID, /* Key Id (hash)*/
 &ptCAID,
 &ptIssuerHash,
 &ptTrustedUsage,
 &uiCDFRefs,
 &usage,  /* 0 = client, 1 = CA */
 &type,
 &certlen,   /* cert. content or URL length */
 &modifiable);
 if ( callStatus == WIMI_Ok )
 {
 free_WIMI_Ref_t( tempref );
 WSL_OS_Free( ptLabel.pb_buf );
 WSL_OS_Free( ptKeyID.pb_buf );
 CleanupPushWimBufL( ptTrustedUsage );
 pushedItemCount++;
 TPtrC8 undecodedUsage;
 undecodedUsage.Set( ptTrustedUsage.pb_buf );
 if ( ptTrustedUsage.ui_buf_length == 0 ) // No OIDs
 {
 found = EFalse;
 }
 oidsLength += decodedOIDs->Length();
 CleanupStack::Pop( decodedOIDs );
 }
 else    // Not found OID from buffer
 {
 found = EFalse;
 CleanupStack::PopAndDestroy( decodedOIDs );
 }
 decodedOIDs = NULL;
 }
 else    // Error in OID parsing -> Not found OID
 // Alloc new buffer for all OID's
 HBufC* trustedUsagesBuf = HBufC::NewLC( trustedUsagesBufMaxLength );
 pushedItemCount++;
 trustedUsage.Set( trustedUsagesBuf->Des() );
 // Add OID's to one buffer from separate buffers
 for ( TInt i = 0; i < decodedOIDArray.Count(); i++ )
 {
 if ( i == 0 ) //First one
 {
 }
 }
 TPckgBuf<TCertExtrasInfo> wimCertExtraPckg( certExtraInfo );
 aMessage.ReadL( 1, wimCertExtraPckg );
 wimCertExtraPckg().iCDFRefs = iWimUtilFuncs->MapCertLocation( uiCDFRefs );
 if ( oidsLength > 0 ) // OID's found, write buffer to client
 {
 aMessage.WriteL( 3, trustedUsage );
 }
 aMessage.WriteL( 1, wimCertExtraPckg );
 // CWimCertHandler::GetCerticateCountL
 // Fetches count of certicates in certain WIM card.
 // -----------------------------------------------------------------------------
 //
 void CWimCertHandler::GetCerticateCountL(
 const RMessage2& aMessage,
 CWimMemMgmt* aWimMgmt ) const
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::GetCerticateCountL | Begin"));
 WIMI_STAT callStatus = WIMI_Ok;
 TWimEntryType certEntryType = ( TWimEntryType )aMessage.Int1();
 __ASSERT_ALWAYS( certEntryType != EWimEntryTypeAll ||
 certEntryType != EWimEntryTypeCA ||
 certEntryType != EWimEntryTypePersonal, User::Leave( KErrArgument ) );
 WIMI_Ref_t* wimRef = NULL;
 TUint8 certCount = 0;
-wimRef = aWimMgmt->WimRef();
+__ASSERT_ALWAYS( aWimMgmt, User::Leave( KErrArgument ) );
-if ( !wimRef )
+wimRef = MainWimRef( *aWimMgmt );
-{
-wimRef = WIMI_GetWIMRef( 0 );
-aWimMgmt->SetWIMRef( wimRef );  // takes ownership
-}
 if ( wimRef )
 {
 if ( EWimEntryTypeAll == certEntryType ||
 EWimEntryTypeCA == certEntryType )
 {
 callStatus = GetCertificateCountByWIM( wimRef,
 certCount,
 WIMI_CU_CA );
 }
 if ( callStatus == WIMI_Ok && ( EWimEntryTypeAll == certEntryType ||
 EWimEntryTypePersonal == certEntryType ) )
 {
 callStatus = GetCertificateCountByWIM( wimRef,
 certCount,
 WIMI_CU_Client );
 }
 }
 else
 {
 // Fetches count of certicates in certain WIM card.
 // This function MAY NOT leave.
 // -----------------------------------------------------------------------------
 //
 WIMI_STAT CWimCertHandler::GetCertificateCountByWIM(
 WIMI_Ref_t* aRef,
 TUint8& aCertCount,
 TUint8 aUsage ) const
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::GetCertificateCountByWIM | Begin"));
 // Get the number of certificates from smart card.
 TUint8 certNum = 0;
 WIMI_RefList_t refList ;
 WIMI_STAT callStatus = WIMI_GetCertificateListByWIM( aRef,
 aUsage,
 &certNum,
 &refList );
 if ( callStatus != WIMI_Ok )
 {
 	return callStatus;
 }
 // Find out how many certificate has zero length
 TInt certLenZero = 0;
 TInt certMalformat = 0;
 for ( TInt i = 0; i < certNum ; i++ )
 	    {
 	    TUint8 uiCDFRefs;
 	    TUint8 usage;
 	    TUint8 type;
 	    TUint16 certLen;
 	    TUint8 modifiable = 0;
 	    callStatus = WIMI_GetCertificateInfo(
 	                                refList[i],
 	                                &tempRef,
 	                                &ptLabel,
 	                                &ptKeyID, /* Key Id (hash)*/
 	                                &ptCAID,
 	                                &ptIssuerHash,
 	                                &ptTrustedUsage,
 	                                &uiCDFRefs,
 	                                &usage,  /* 0 = client, 1 = CA */
 	                                &type,   /* WTLSCert(1),
 	                                            X509Cert(2),
 	                                            X968Cert(3),
 	                                            CertURL(4) */
 	                                &certLen,   /* cert. content or URL length */
 	                                &modifiable );
 	    if ( callStatus == WIMI_Ok )
 	        {
 	        free_WIMI_Ref_t( tempRef );
 	        if ( certLen == 0 )
 	            {
 	            certLenZero++;
 	            }
 // it is x509cert
-if ( type == 2 && certLen != 0 )
+if ( type == WIMI_CT_X509 && certLen != 0 )
 {
 //use this rough sanity checking
 if ( certLen < 10 )
 {
 // -----------------------------------------------------------------------------
 // CWimCertHandler::StoreCertificateL
 // Stores certificate to the WIM card.
 // -----------------------------------------------------------------------------
 //
 void CWimCertHandler::StoreCertificateL(
 TWimServRqst /*aOpcode*/,
 const RMessage2& aMessage ) const
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::StoreCertificateL | Begin"));
 aMessage.Complete( KErrNotSupported );
 // -----------------------------------------------------------------------------
 // CWimCertHandler::RemoveCertificateL
 // Removes certificate from a WIM card.
 // -----------------------------------------------------------------------------
 //
 void CWimCertHandler::RemoveCertificateL(
 const RMessage2& aMessage,
 CWimMemMgmt* /*aWimMgmt*/ ) const
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::RemoveCertificateL | Begin"));
 aMessage.Complete( KErrNotSupported );
 TInt certNum = iCertRefLst.Count();
 if ( certNum == 0 )
 {
 return EFalse;
 }
 for ( TInt index = 0; index < certNum; ++index )
 {
 if( aCertRef == iCertRefLst[ index ] )
 {
 return ETrue;
 // CWimCertHandler::GetCertificateDetailsL
 // Fetches certificate details.
 // -----------------------------------------------------------------------------
 //
 void CWimCertHandler::GetCertificateDetailsL(
 TWimServRqst aOpCode,
 const RMessage2& aMessage )
 {
 _WIMTRACE(_L("WIM | WIMServer | CWimCertHandler::GetCertificateDetailsL | Begin"));
 TBool IsOk = SanityCheck( (TUint32)aMessage.Ptr0() );
 if ( ! IsOk  )
 {
 aMessage.Panic(_L("WIM"), KErrBadHandle );
 return;
 }
 //capability checking
 TUint8 usage = 255;
 WIMI_STAT callStatus = ResolveCertUsage( aMessage, usage );
 if ( WIMI_Ok == callStatus )
 {
 if( !CheckReadCapsForUsage( aMessage, usage  ) )
 {
 aMessage.Complete(KErrPermissionDenied);
 return;
 }
 }
 //capabilty ok, go to fetch the details of the certificate.
 TUint8& aUsage )
 {
 _WIMTRACE(_L("CWimServer::ResolveCertUsage | Begin"));
 // aMsg.Ptr0 contains reference to certificate
 WIMI_Ref_pt pCertRef = const_cast< WIMI_Ref_pt >( aMsg.Ptr0() );
 _WIMTRACE2(_L("CWimServer::ResolveCertUsage | Begin aMsg.Ptr0() = %d"), aMsg.Ptr0());
 WIMI_STAT callStatus = GetCertificateInfo( pCertRef, aUsage );
 //
 TBool CWimCertHandler::CheckReadCapsForUsage( const RMessage2& aMsg,
 TUint8 aUsage )
 {
 TBool result = EFalse;
 switch ( aUsage )
 {
 case WIMI_CU_CA:
 {
 // CA certificate reading doesn't require any capability.
 // Export public key from certificate.
 // -----------------------------------------------------------------------------
 //
 void CWimCertHandler::ExportPublicKeyL( const RMessage2& aMessage ) const
 {
-_WIMTRACE(_L("WIM | WIMServer | CWimPublicKeyHandler::ExportPublicKeyParamsL | Begin"));
+_WIMTRACE(_L("WIM | WIMServer | CWimPublicKeyHandler::ExportPublicKeyL | Begin"));
 TUint8 certType = 0;
 TPckgBuf<TExportPublicKey> keyExportPckg;
 aMessage.ReadL( 0, keyExportPckg );
 HBufC8* publicKeyBuf = HBufC8::NewLC( KPublicKeyLength );
 TBuf8<KKeyIdLen> keyIdBuf = keyExportPckg().iKeyId;
 WIMI_STAT callStatus = WIMI_Ok;
 &ptCAID,
 &ptIssuerHash,
 &ptTrustedUsage,
 &uiCDFRefs,
 &usage,
 &certType,
 &certLen,
 &modifiable );
 if ( callStatus == WIMI_Ok )
 {
 WSL_OS_Free( ptLabel.pb_buf );
 {
 callStatus = WIMI_ERR_UnsupportedCertificate;
 }
 }
 }
 // Retrieve certificate data from WIM
 if ( callStatus == WIMI_Ok )
 {
 callStatus = WIMI_CertificateReqT( trId, pCert, &ptCertData );
 if ( callStatus == WIMI_Ok )
 CleanupPushWimBufL( ptCertData );
 TPtrC8 certPtr( ptCertData.pb_buf, ptCertData.ui_buf_length );
 TPtr8 publicKeyPtr = publicKeyBuf->Des();
-TRAPD( parseOk, ParseCertPublicKeyL( certPtr, publicKeyPtr, certType ) );
+TRAPD( parseError, ParseCertPublicKeyL( certPtr, publicKeyPtr, certType ) );
-if ( parseOk )
+_WIMTRACE2(_L("WIM | WIMServer | CWimPublicKeyHandler::ExportPublicKeyL parseError %d"), parseError );
+if ( !parseError )
 {
 aMessage.WriteL( 1, publicKeyPtr );
 }
 else
 {
 }
 CleanupStack::PopAndDestroy( ptCertData.pb_buf );
 }
 }
 CleanupStack::PopAndDestroy( certRefList );
 }
 CleanupStack::PopAndDestroy( publicKeyBuf );
+_WIMTRACE2(_L("WIM | WIMServer | CWimPublicKeyHandler::ExportPublicKeyL callStatus %d"), callStatus);
 aMessage.Complete( CWimUtilityFuncs::MapWIMError( callStatus ) );
+_WIMTRACE(_L("WIM | WIMServer | CWimPublicKeyHandler::ExportPublicKeyL | End"));
 }
 // -----------------------------------------------------------------------------
 // CWimCertHandler::ParseCertPublicKeyL
 // Parse public key from certificate.
 void CWimCertHandler::ParseCertPublicKeyL(
 const TDesC8& aCertData,
 TDes8& aPublicKey,
 const TUint8 aCertType ) const
 {
+_WIMTRACE2(_L("WIM | WIMServer | CWimPublicKeyHandler::ParseCertPublicKeyL | Begin, type %d"), aCertType);
 CCertificate* certificate = NULL;
 CRSAPublicKey* publicKey = NULL;
 switch ( aCertType )
 {
 {
 certificate = CWTLSCertificate::NewLC( aCertData );
 publicKey = CWTLSRSAPublicKey::NewLC( certificate->PublicKey().KeyData() );
 break;
 }
 case WIMI_CT_X509:
 {
 certificate = CX509Certificate::NewLC( aCertData );
 publicKey = CX509RSAPublicKey::NewLC( certificate->PublicKey().KeyData() );
 break;
 }
 // Write encoded key to prealloced buffer
 encoded->WriteDERL( aPublicKey, pos );
 CleanupStack::PopAndDestroy( 3, certificate );  // encoded, publicKey, certificate
-}
+_WIMTRACE(_L("WIM | WIMServer | CWimPublicKeyHandler::ParseCertPublicKeyL | End"));
+}
+// -----------------------------------------------------------------------------
+// CWimCertHandler::MainWimRef()
+// Returns cached WIM ref using WIM memory manager
+// -----------------------------------------------------------------------------
+//
+WIMI_Ref_t* CWimCertHandler::MainWimRef( CWimMemMgmt& aWimMgmt ) const
+{
+WIMI_Ref_t* ref = aWimMgmt.WimRef();
+if( !ref )
+{
+ref = WIMI_GetWIMRef( 0 );
+aWimMgmt.SetWIMRef( ref );    // takes ownership
+}
+return ref;
+}
 //  End of File

changeset 14	b75757c81051
parent 0	164170e6151a
child 57	ead42e28e519