20 |
20 |
21 #if !defined (__PKIMAPPER_H__) |
21 #if !defined (__PKIMAPPER_H__) |
22 #define __PKIMAPPER_H__ |
22 #define __PKIMAPPER_H__ |
23 |
23 |
24 #include <e32base.h> |
24 #include <e32base.h> |
25 #include <securitydefs.h> |
25 #include "pkiserviceclientservercommon.h" |
|
26 #include "pkidefs.h" |
26 |
27 |
27 #include "pkidefs.h" |
28 class CMapDescriptor; |
28 #include "pkiserviceclientservercommon.h" |
|
29 |
|
30 class TSecurityObjectDescriptor; |
|
31 class CX500DistinguishedName; |
|
32 class CX520AttributeTypeAndValue; |
|
33 |
|
34 enum TValidity |
|
35 { |
|
36 EValid, |
|
37 EExpired, |
|
38 ENotValidYet |
|
39 }; |
|
40 |
|
41 |
|
42 /** |
|
43 * CMapDescriptor |
|
44 * |
|
45 * Maintains information of installed certificates and keys |
|
46 * |
|
47 * @lib internal (pkiservice.exe) |
|
48 * @since S60 v3.0 |
|
49 */ |
|
50 class CMapDescriptor : public CBase |
|
51 { |
|
52 public: |
|
53 CMapDescriptor() |
|
54 { |
|
55 iOwnerType = EPKICACertificate; |
|
56 iKeySize = 0; |
|
57 iKeyAlgorithm = EPKIInvalidAlgorithm; |
|
58 }; |
|
59 |
|
60 ~CMapDescriptor() |
|
61 { |
|
62 delete iTrustedAuthority; |
|
63 iTrustedAuthority = NULL; |
|
64 delete iIdentitySubjectName; |
|
65 iIdentitySubjectName = NULL; |
|
66 delete iIdentityRfc822Name; |
|
67 iIdentityRfc822Name = NULL; |
|
68 delete iSerialNumber; |
|
69 iSerialNumber = NULL; |
|
70 iApplUids.Close(); |
|
71 }; |
|
72 CMapDescriptor(TSecurityObjectDescriptor& aDesc); |
|
73 CMapDescriptor& operator=(CMapDescriptor& aMapDesc); |
|
74 void SetMapObjectName(const TDesC& aFilename) {iObjectName.Copy(aFilename);}; |
|
75 TBool IsMatchingL(TSecurityObjectDescriptor &aDesc, |
|
76 const TBool aInfoOnly, |
|
77 TPkiServiceStoreType aCertStoreType) const; |
|
78 |
|
79 TBool IsEqual(CMapDescriptor &aDesc); |
|
80 void SetMapSubjectKeyId(const TPKIKeyIdentifier &aKeyId) |
|
81 { |
|
82 iSubjectKeyId.Copy(aKeyId); |
|
83 }; |
|
84 void SetMapOwnerType(const TPKICertificateOwnerType aOwnerType) {iOwnerType = aOwnerType;}; |
|
85 void SetMapKeyUsageDer(const TDesC8 &aKeyUsage) |
|
86 { |
|
87 iKeyUsageDer.Copy(aKeyUsage); |
|
88 }; // Optional if only certificate is needed |
|
89 // Key usage is not defined in the filter, this will be checked separately |
|
90 void SetMapKeySize(const TUint aKeySize) {iKeySize = aKeySize;}; // Optional if only certificate is needed |
|
91 // Issuer and serial are not defined in the filter, these will be checked separately |
|
92 void SetMapTrustedAuthorityL(const TDesC8 &aTrustedAuthority) |
|
93 { |
|
94 delete iTrustedAuthority; |
|
95 iTrustedAuthority = NULL; |
|
96 iTrustedAuthority = aTrustedAuthority.AllocL(); |
|
97 }; |
|
98 void SetMapIdentitySubjectNameL(const TDesC8 &aIdentitySubjectName) |
|
99 { |
|
100 delete iIdentitySubjectName; |
|
101 iIdentitySubjectName = NULL; |
|
102 iIdentitySubjectName = aIdentitySubjectName.AllocL(); |
|
103 }; |
|
104 void SetMapIdentityRfc822NameL(const TDesC8 &aIdentityRfc822Name) |
|
105 { |
|
106 delete iIdentityRfc822Name; |
|
107 iIdentityRfc822Name = NULL; |
|
108 iIdentityRfc822Name = aIdentityRfc822Name.AllocL(); |
|
109 }; |
|
110 void SetMapSerialNumberL(const TDesC8 &aSerialNumber) |
|
111 { |
|
112 delete iSerialNumber; |
|
113 iSerialNumber = NULL; |
|
114 iSerialNumber = aSerialNumber.AllocL(); |
|
115 }; |
|
116 |
|
117 void SetCertStoreType(TPkiServiceStoreType aCertStoreType); |
|
118 |
|
119 void SetMapKeyAlgorithm(const TPKIKeyAlgorithm &aKeyAlgorithm) {iKeyAlgorithm = aKeyAlgorithm;}; |
|
120 void SetMapStartTime(const TTime &aTime) {iStartTime = aTime;}; |
|
121 void SetMapEndTime(const TTime &aTime) {iEndTime = aTime;}; |
|
122 void SetMapTrusted(const TBool &aTrusted) {iIsTrusted = aTrusted;}; |
|
123 void SetMapIsDeletable(const TBool &aIsDeletable) {iIsDeletable = aIsDeletable;}; |
|
124 void SetMapApplications(const RArray<TUid> &aApplications) {for(TInt i=0; i<aApplications.Count();i++){ iApplUids.Append(aApplications[i]);}}; |
|
125 |
|
126 TBool IsMatchingCertStore(const TDesC& aCertStoreName); |
|
127 |
|
128 public: // data |
|
129 // No get methods introduced, values are used directly! |
|
130 |
|
131 /// Key or certificate: used internally, depends on the operation |
|
132 /// Own: Cert TrustedAuthority |
|
133 HBufC8* iTrustedAuthority; |
|
134 HBufC8* iIdentitySubjectName; // Identity subject name |
|
135 HBufC8* iIdentityRfc822Name; // Identity subjectAltName rfc822 name |
|
136 HBufC8* iSerialNumber; // Serialnumber |
|
137 TPKIKeyIdentifier iSubjectKeyId; // SHA1 hash of the corresponding private key |
|
138 TPKICertificateOwnerType iOwnerType; // User, CA or peer. If user certificate, at least key usage must be set |
|
139 TBuf8<KMaxUsageDer> iKeyUsageDer; // Der format flags |
|
140 TBuf<SHORT_FILENAME_LENGTH> iObjectName; |
|
141 TUint iKeySize; // Key size |
|
142 TPKIKeyAlgorithm iKeyAlgorithm; // RSA, DSA |
|
143 TTime iStartTime; |
|
144 TTime iEndTime; |
|
145 TBool iIsDeletable; |
|
146 TBool iIsTrusted; |
|
147 RArray<TUid> iApplUids; |
|
148 TPkiServiceStoreType iCertStoreType; |
|
149 }; |
|
150 |
29 |
151 /** |
30 /** |
152 * CPKIMapper |
31 * CPKIMapper |
153 * |
32 * |
154 * Maintains array of CMapDescriptor objects |
33 * Maintains array of CMapDescriptor objects |
159 class CPKIMapper : public CBase |
38 class CPKIMapper : public CBase |
160 { |
39 { |
161 public: |
40 public: |
162 // Constructors, destructor |
41 // Constructors, destructor |
163 // When constructing an invocation, check if some key/certificate has been manually removed. |
42 // When constructing an invocation, check if some key/certificate has been manually removed. |
164 static CPKIMapper* NewL(); |
43 static CPKIMapper* NewL(); |
165 static TValidity CertValidity(const TTime &aStartTime, const TTime &aEndTime); |
|
166 ~CPKIMapper(); |
44 ~CPKIMapper(); |
167 |
45 |
168 //////////////////////////////////////////////////////////////////////////////////////////// |
46 TInt AddMapping(CMapDescriptor* aMap); |
169 // Mapping methods |
47 void DeleteMapping(TInt aIndex); |
170 //////////////////////////////////////////////////////////////////////////////////////////// |
|
171 // These are new methods, which will be called from ipsecmanager when importing policy or deleting a certificate/key |
|
172 // In acuagent, these will be called after user key has been generated and authorized by CA |
|
173 TInt AddMapping(CMapDescriptor &aMap); |
|
174 TInt DeleteMapping(CMapDescriptor &aDesc); |
|
175 CMapDescriptor& GetMapDescriptorAtIndex(TInt aIndex); |
48 CMapDescriptor& GetMapDescriptorAtIndex(TInt aIndex); |
176 // One-to-one mapping functions |
49 // One-to-one mapping functions |
177 void GetCertificateKeyIdL(TSecurityObjectDescriptor &aDescriptor, TPKIKeyIdentifier &aKeyId, |
50 void GetCertificateKeyIdL(TSecurityObjectDescriptor& aDescriptor, TPKIKeyIdentifier& aKeyId, |
178 TPkiServiceStoreType aStoreType = EPkiStoreTypeUser) const; |
51 TPkiServiceStoreType aStoreType = EPkiStoreTypeUser) const; |
179 |
52 |
180 TInt ResolveCertMappingL(TSecurityObjectDescriptor &aDescriptor, TDes16 &aFilename, |
53 TInt ResolveCertMappingL(TSecurityObjectDescriptor& aDescriptor, TDes16& aFilename, |
181 TInt &aIndex, const TBool aInfoOnly, |
54 TInt &aIndex, TBool aInfoOnly, |
182 TPkiServiceStoreType aStoreType = EPkiStoreTypeUser) const; |
55 TPkiServiceStoreType aStoreType = EPkiStoreTypeUser) const; |
183 |
56 |
184 TInt CertCount(void); |
57 TInt CertCount(TBool aInfoOnly); |
185 TInt ApplicableCertCount(const RArray<TUid>& aUidArray); |
58 TInt ApplicableCertCount(const RArray<TUid>& aUidArray); |
186 TInt GetCertListL(const RMessage2& aMessage, TPkiServiceStoreType aStoreType, TBool aDescUsed = EFalse); |
59 TInt GetCertListL(const RMessage2& aMessage, TBool aInfoOnly); |
|
60 |
|
61 TInt GetCertDetailsL(TSecurityObjectDescriptor& aSecDesc, |
|
62 TPkiServiceStoreType aStoreType, |
|
63 TBool aInfoOnly, |
|
64 TCertificateListEntry& aResultCertInfo); |
|
65 |
|
66 |
187 void GetApplicableCertListL(const RMessage2& aMessage, const RArray<TUid>& aUidArray); |
67 void GetApplicableCertListL(const RMessage2& aMessage, const RArray<TUid>& aUidArray); |
188 |
68 |
189 // Function to check whether the given certificate is unique (doesn't exist in cert store) |
69 // Function to check whether the given certificate is unique (doesn't exist in cert store) |
190 TBool CertificateIsUniqueL(const TDesC8& aCertData); |
70 TBool CertificateIsUniqueL(const TDesC8& aCertData); |
191 |
71 |