1 /*

     2 * Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description:   Policy importer

    15 *

    16 */

    17 

    18 

    19 

    20 #ifndef __POLICYIMPORTER_H__

    21 #define __POLICYIMPORTER_H__

    22 

    23 #include <e32std.h>

    24 #include <e32base.h>

    25 #include "vpnapidefs.h"

    26 #include "fileutil.h"

    27 

    28 class CX509Certificate;

    29 #include "pkiserviceapi.h"

    30 

    31 class CVpnApiServant;

    32 class CPolicyStore;

    33 class RFs;

    34 class CPolicyPatchInfoList;

    35 class CIkeDataArray;

    36 class CIkeData;

    37 

    38 const TInt KMaxExtPolicyIdLength = 256;

    39 const TInt KDoNotGetKeySize      = -1;

    40 

    41 typedef TBuf<KMaxExtPolicyIdLength> TExtVpnPolicyId;

    42 

    43 /**

    44  *  Handles the importing of VPN policies to the system.

    45  *

    46  *  @lib internal (vpnmanager.exe)

    47  *  @since S60 v3.0

    48  */

    49 class CPolicyImporter : public CActive

    50     {

    51 public:

    52     static CPolicyImporter* NewL(const RMessage2& aMessage,

    53         CVpnApiServant& aVpnApiServant,

    54         CPolicyStore& iPolicyStore, RFs& aFs);

    55     static CPolicyImporter* NewL(TRequestStatus& aStatus,

    56         CVpnApiServant& aVpnApiServant,

    57         CPolicyStore& iPolicyStore, RFs& aFs);

    58     ~CPolicyImporter();

    59 

    60     void ImportPolicyL(const TDesC& aDir);

    61     void ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId);

    62 

    63 private:

    64     CPolicyImporter(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant,

    65                     CPolicyStore& iPolicyStore, RFs& aFs);

    66     CPolicyImporter(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant,

    67                     CPolicyStore& iPolicyStore, RFs& aFs);

    68     void ConstructL();

    69 

    70 protected: // From CActive

    71     void DoCancel();

    72     void RunL();

    73     TInt RunError(TInt aError);

    74 

    75 private:

    76 

    77     void DoImportPolicyL(const TDesC& aDir);

    78 

    79     void GotoState(TInt aState);

    80     void SetCurrState(TInt aState);

    81     void SetNextState(TInt aState);

    82     TInt CurrState();

    83     TInt NextState();

    84     void ChangeStateL();

    85     void CancelOngoingOperation();

    86     void ImportComplete(TInt aReturnValue);

    87     void StateBeginPolicyImportL();

    88     void StateImportCaCertL();

    89     void StateAfterImportCaCertL();

    90     void StateImportPeerCertL();

    91     void StateAfterImportPeerCertL();

    92     void StateImportUserPrivKeyL();

    93     void StateAfterImportUserPrivKeyL();

    94     void StateAttachCertificateL();

    95     void StateAfterAttachCertificateL();

    96     void StateImportPinAndPolL();

    97     void StateCreateVpnDestinationL();

    98     void StateEndPolicyImportL();

    99     void BuildPolicyIdListL();

   100     TPkiServiceStoreType GetStoreTypeL(CIkeData* aData);

   101 

   102 

   103     /**

   104      * Checks that BIN format CA certs defined in the policy can be

   105      * found in the same directory, where the .pol and .pin files are and

   106      * collects found certificate file names to the iCurrCaCertList list.

   107      *

   108      * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found.

   109      */

   110     void BuildCaCertListL();

   111 

   112     /**

   113      * Checks that BIN format peer certs defined in the policy can be

   114      * found in the same directory, where the .pol and .pin files are and

   115      * collects found certificate file names to the iCurrPeerCertList list.

   116      *

   117      * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found.

   118      */

   119     void BuildPeerCertListL();

   120 

   121     /**

   122      * Checks that BIN format user certs have and assosiated bin format

   123      * private key. Checks that both files exists in the same directory, where

   124      * the .pol and .pin files are. Collects the user cert file names to iCurrUserCertList

   125      * and private key file names to iCurrUserPrivKeyList.

   126      *

   127      * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found.

   128      * of with KVpnErrInvalidPolicyFile if the user certificate doesn't has

   129      * a assosiated private key.

   130      */

   131     void BuildUserPrivKeyAndUserCertListL();

   132     /**

   133      * Checks if there is other CA certificates which are not defined in policy file

   134      *  (like intermediate CAs) and installs them to device. 

   135      */

   136     void BuildOtherCaCertListL();

   137 

   138     void ParseIkeDataL();

   139     void PatchPolicyCaCertInfoL(const TFileName& aPolicyFile);

   140     CPolicyPatchInfoList* BuildPolicyPatchInfoListL();

   141     HBufC8* CertSubjectNameL(const TFileName& aCertFile);

   142     void CleanImportDirectory();

   143     void AppendIfNotFoundL(CArrayFixFlat<TFileName>* aList,

   144         TFileName* aFileName);

   145 

   146     /**

   147      * Returns subject name of the certificate and sets aKeySize.

   148      * Parameter aKeySize is not set if aKeySize equals KDoNotGetKeySize.

   149      */

   150     HBufC8* CertInfoL(const TFileName& aCertFile, TInt& aKeySize);

   151     /**

   152      * Returns Issuer name of certificate

   153      */

   154     HBufC8* CPolicyImporter::CertIssuerL(const TFileName& aCertFile);

   155     TFileName CPolicyImporter::GetCAFromFileListL(const TDesC8& aCertSubjectName, CArrayFixFlat<TFileName>* aCertFileArray);

   156 

   157 private:

   158     RMessage2 iMessage;

   159     TRequestStatus* iExtStatus;

   160     CVpnApiServant& iVpnApiServant;

   161     CPolicyStore& iPolicyStore;

   162     RFs& iFs;

   163     TFileUtil iFileUtil;

   164     RPKIServiceAPI iPkiService;

   165 

   166     TFileName iImportDir;

   167 

   168     TInt iCurrState;

   169     TInt iNextState;

   170 

   171     CArrayFixFlat<TExtVpnPolicyId>* iPolicyIdList;

   172     TInt iCurrPolicyIdIndex;

   173     TExtVpnPolicyId iCurrPolicyId;

   174 

   175     CIkeDataArray* iCurrIkeDataArray;

   176     TInt iCurrIkeDataIndex;

   177 

   178     CArrayFixFlat<TFileName>* iCurrCaCertList;

   179     TInt iCurrCaCertIndex;

   180 

   181     CArrayFixFlat<TFileName>* iCurrPeerCertList;

   182     TInt iCurrPeerCertIndex;

   183 

   184     CArrayFixFlat<TFileName>* iCurrUserPrivKeyList;

   185     TInt iCurrUserPrivKeyIndex;

   186 

   187     CArrayFixFlat<TFileName>* iCurrUserCertList;

   188     TInt iCurrUserCertIndex;

   189     //for intermediate CAs

   190     CArrayFixFlat<TFileName>* iCurrOtherCaCertList;

   191     TInt iCurrOtherCaCertIndex;

   192 

   193     TPKIKeyIdentifier iCurrKeyId;

   194 

   195     HBufC8* iCertFileData;

   196     HBufC8* iKeyFileData;

   197 

   198     TAny* iPkiOpContext;

   199 

   200     TBool iImportSinglePolicy;

   201     TVpnPolicyId* iNewPolicyId;

   202 

   203     TVpnPolicyId iPolicyId;

   204     };

   205 

   206 #endif // __POLICYIMPORTER_H__