|
1 /* |
|
2 * Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Policy importer |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 #ifndef __POLICYIMPORTER_H__ |
|
21 #define __POLICYIMPORTER_H__ |
|
22 |
|
23 #include <e32std.h> |
|
24 #include <e32base.h> |
|
25 #include "vpnapidefs.h" |
|
26 #include "fileutil.h" |
|
27 |
|
28 class CX509Certificate; |
|
29 #include "pkiserviceapi.h" |
|
30 |
|
31 class CVpnApiServant; |
|
32 class CPolicyStore; |
|
33 class RFs; |
|
34 class CPolicyPatchInfoList; |
|
35 class CIkeDataArray; |
|
36 class CIkeData; |
|
37 |
|
38 const TInt KMaxExtPolicyIdLength = 256; |
|
39 const TInt KDoNotGetKeySize = -1; |
|
40 |
|
41 typedef TBuf<KMaxExtPolicyIdLength> TExtVpnPolicyId; |
|
42 |
|
43 /** |
|
44 * Handles the importing of VPN policies to the system. |
|
45 * |
|
46 * @lib internal (vpnmanager.exe) |
|
47 * @since S60 v3.0 |
|
48 */ |
|
49 class CPolicyImporter : public CActive |
|
50 { |
|
51 public: |
|
52 static CPolicyImporter* NewL(const RMessage2& aMessage, |
|
53 CVpnApiServant& aVpnApiServant, |
|
54 CPolicyStore& iPolicyStore, RFs& aFs); |
|
55 static CPolicyImporter* NewL(TRequestStatus& aStatus, |
|
56 CVpnApiServant& aVpnApiServant, |
|
57 CPolicyStore& iPolicyStore, RFs& aFs); |
|
58 ~CPolicyImporter(); |
|
59 |
|
60 void ImportPolicyL(const TDesC& aDir); |
|
61 void ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId); |
|
62 |
|
63 private: |
|
64 CPolicyImporter(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant, |
|
65 CPolicyStore& iPolicyStore, RFs& aFs); |
|
66 CPolicyImporter(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant, |
|
67 CPolicyStore& iPolicyStore, RFs& aFs); |
|
68 void ConstructL(); |
|
69 |
|
70 protected: // From CActive |
|
71 void DoCancel(); |
|
72 void RunL(); |
|
73 TInt RunError(TInt aError); |
|
74 |
|
75 private: |
|
76 |
|
77 void DoImportPolicyL(const TDesC& aDir); |
|
78 |
|
79 void GotoState(TInt aState); |
|
80 void SetCurrState(TInt aState); |
|
81 void SetNextState(TInt aState); |
|
82 TInt CurrState(); |
|
83 TInt NextState(); |
|
84 void ChangeStateL(); |
|
85 void CancelOngoingOperation(); |
|
86 void ImportComplete(TInt aReturnValue); |
|
87 void StateBeginPolicyImportL(); |
|
88 void StateImportCaCertL(); |
|
89 void StateAfterImportCaCertL(); |
|
90 void StateImportPeerCertL(); |
|
91 void StateAfterImportPeerCertL(); |
|
92 void StateImportUserPrivKeyL(); |
|
93 void StateAfterImportUserPrivKeyL(); |
|
94 void StateAttachCertificateL(); |
|
95 void StateAfterAttachCertificateL(); |
|
96 void StateImportPinAndPolL(); |
|
97 void StateCreateVpnDestinationL(); |
|
98 void StateEndPolicyImportL(); |
|
99 void BuildPolicyIdListL(); |
|
100 TPkiServiceStoreType GetStoreTypeL(CIkeData* aData); |
|
101 |
|
102 |
|
103 /** |
|
104 * Checks that BIN format CA certs defined in the policy can be |
|
105 * found in the same directory, where the .pol and .pin files are and |
|
106 * collects found certificate file names to the iCurrCaCertList list. |
|
107 * |
|
108 * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found. |
|
109 */ |
|
110 void BuildCaCertListL(); |
|
111 |
|
112 /** |
|
113 * Checks that BIN format peer certs defined in the policy can be |
|
114 * found in the same directory, where the .pol and .pin files are and |
|
115 * collects found certificate file names to the iCurrPeerCertList list. |
|
116 * |
|
117 * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found. |
|
118 */ |
|
119 void BuildPeerCertListL(); |
|
120 |
|
121 /** |
|
122 * Checks that BIN format user certs have and assosiated bin format |
|
123 * private key. Checks that both files exists in the same directory, where |
|
124 * the .pol and .pin files are. Collects the user cert file names to iCurrUserCertList |
|
125 * and private key file names to iCurrUserPrivKeyList. |
|
126 * |
|
127 * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found. |
|
128 * of with KVpnErrInvalidPolicyFile if the user certificate doesn't has |
|
129 * a assosiated private key. |
|
130 */ |
|
131 void BuildUserPrivKeyAndUserCertListL(); |
|
132 /** |
|
133 * Checks if there is other CA certificates which are not defined in policy file |
|
134 * (like intermediate CAs) and installs them to device. |
|
135 */ |
|
136 void BuildOtherCaCertListL(); |
|
137 |
|
138 void ParseIkeDataL(); |
|
139 void PatchPolicyCaCertInfoL(const TFileName& aPolicyFile); |
|
140 CPolicyPatchInfoList* BuildPolicyPatchInfoListL(); |
|
141 HBufC8* CertSubjectNameL(const TFileName& aCertFile); |
|
142 void CleanImportDirectory(); |
|
143 void AppendIfNotFoundL(CArrayFixFlat<TFileName>* aList, |
|
144 TFileName* aFileName); |
|
145 |
|
146 /** |
|
147 * Returns subject name of the certificate and sets aKeySize. |
|
148 * Parameter aKeySize is not set if aKeySize equals KDoNotGetKeySize. |
|
149 */ |
|
150 HBufC8* CertInfoL(const TFileName& aCertFile, TInt& aKeySize); |
|
151 /** |
|
152 * Returns Issuer name of certificate |
|
153 */ |
|
154 HBufC8* CPolicyImporter::CertIssuerL(const TFileName& aCertFile); |
|
155 TFileName CPolicyImporter::GetCAFromFileListL(const TDesC8& aCertSubjectName, CArrayFixFlat<TFileName>* aCertFileArray); |
|
156 |
|
157 private: |
|
158 RMessage2 iMessage; |
|
159 TRequestStatus* iExtStatus; |
|
160 CVpnApiServant& iVpnApiServant; |
|
161 CPolicyStore& iPolicyStore; |
|
162 RFs& iFs; |
|
163 TFileUtil iFileUtil; |
|
164 RPKIServiceAPI iPkiService; |
|
165 |
|
166 TFileName iImportDir; |
|
167 |
|
168 TInt iCurrState; |
|
169 TInt iNextState; |
|
170 |
|
171 CArrayFixFlat<TExtVpnPolicyId>* iPolicyIdList; |
|
172 TInt iCurrPolicyIdIndex; |
|
173 TExtVpnPolicyId iCurrPolicyId; |
|
174 |
|
175 CIkeDataArray* iCurrIkeDataArray; |
|
176 TInt iCurrIkeDataIndex; |
|
177 |
|
178 CArrayFixFlat<TFileName>* iCurrCaCertList; |
|
179 TInt iCurrCaCertIndex; |
|
180 |
|
181 CArrayFixFlat<TFileName>* iCurrPeerCertList; |
|
182 TInt iCurrPeerCertIndex; |
|
183 |
|
184 CArrayFixFlat<TFileName>* iCurrUserPrivKeyList; |
|
185 TInt iCurrUserPrivKeyIndex; |
|
186 |
|
187 CArrayFixFlat<TFileName>* iCurrUserCertList; |
|
188 TInt iCurrUserCertIndex; |
|
189 //for intermediate CAs |
|
190 CArrayFixFlat<TFileName>* iCurrOtherCaCertList; |
|
191 TInt iCurrOtherCaCertIndex; |
|
192 |
|
193 TPKIKeyIdentifier iCurrKeyId; |
|
194 |
|
195 HBufC8* iCertFileData; |
|
196 HBufC8* iKeyFileData; |
|
197 |
|
198 TAny* iPkiOpContext; |
|
199 |
|
200 TBool iImportSinglePolicy; |
|
201 TVpnPolicyId* iNewPolicyId; |
|
202 |
|
203 TVpnPolicyId iPolicyId; |
|
204 }; |
|
205 |
|
206 #endif // __POLICYIMPORTER_H__ |