15 * CPKIMapper class holds the information required to map API set to |
15 * CPKIMapper class holds the information required to map API set to |
16 * use the storage model which is not native for that API. |
16 * use the storage model which is not native for that API. |
17 * |
17 * |
18 */ |
18 */ |
19 |
19 |
20 |
|
21 #include <x500dn.h> |
|
22 #include <x509cert.h> |
20 #include <x509cert.h> |
23 |
21 |
24 #include "PKIMapper.h" |
22 #include "PKIMapper.h" |
25 #include "pkcs10.h" |
23 #include "mapdescriptor.h" |
26 #include "log_r6.h" |
24 #include "log_r6.h" |
27 #include "pkiserviceassert.h" |
25 #include "pkiserviceassert.h" |
28 |
26 |
29 |
|
30 CMapDescriptor::CMapDescriptor(TSecurityObjectDescriptor &aDesc) |
|
31 { |
|
32 this->iSubjectKeyId = aDesc.iSubjectKeyId; |
|
33 this->iOwnerType = aDesc.iOwnerType; |
|
34 this->iKeySize = aDesc.iKeySize; |
|
35 this->iKeyAlgorithm = aDesc.iKeyAlgorithm; |
|
36 this->iIsDeletable = aDesc.iIsDeletable; |
|
37 } |
|
38 |
|
39 CMapDescriptor& CMapDescriptor::operator=(CMapDescriptor& aMapDesc) |
|
40 { |
|
41 delete this->iTrustedAuthority; |
|
42 this->iTrustedAuthority = NULL; |
|
43 if(aMapDesc.iTrustedAuthority != NULL) |
|
44 { |
|
45 this->iTrustedAuthority = aMapDesc.iTrustedAuthority->Des().AllocL(); // Cert TrustedAuthority |
|
46 } |
|
47 delete this->iIdentitySubjectName; |
|
48 this->iIdentitySubjectName = NULL; |
|
49 if(aMapDesc.iIdentitySubjectName != NULL) |
|
50 { |
|
51 this->iIdentitySubjectName = aMapDesc.iIdentitySubjectName->Des().AllocL(); // Identity subject name |
|
52 } |
|
53 delete this->iIdentityRfc822Name; |
|
54 this->iIdentityRfc822Name = NULL; |
|
55 if(aMapDesc.iIdentityRfc822Name != NULL) |
|
56 { |
|
57 this->iIdentityRfc822Name = aMapDesc.iIdentityRfc822Name->Des().AllocL(); // Identity subjectAltName rfc822 name |
|
58 } |
|
59 delete this->iSerialNumber; |
|
60 this->iSerialNumber = NULL; |
|
61 if(aMapDesc.iSerialNumber != NULL) |
|
62 { |
|
63 this->iSerialNumber = aMapDesc.iSerialNumber->Des().AllocL(); // Serialnumber |
|
64 } |
|
65 |
|
66 this->iSubjectKeyId = aMapDesc.iSubjectKeyId; // SHA1 hash of the corresponding private key |
|
67 this->iOwnerType = aMapDesc.iOwnerType; // User, CA or peer. If user certificate, at least key usage must be set |
|
68 this->iKeyUsageDer = aMapDesc.iKeyUsageDer; // Der format flags |
|
69 this->iObjectName = aMapDesc.iObjectName; |
|
70 this->iKeySize = aMapDesc.iKeySize; // Key size |
|
71 this->iKeyAlgorithm = aMapDesc.iKeyAlgorithm; // RSA, DSA |
|
72 this->iStartTime = aMapDesc.iStartTime; |
|
73 this->iEndTime = aMapDesc.iEndTime; |
|
74 this->iIsDeletable = aMapDesc.iIsDeletable; |
|
75 TInt i; |
|
76 for(i=0;i<aMapDesc.iApplUids.Count();i++) |
|
77 { |
|
78 this->iApplUids.Append(aMapDesc.iApplUids[i]); |
|
79 } |
|
80 |
|
81 this->iCertStoreType = aMapDesc.iCertStoreType; |
|
82 return *this; |
|
83 } |
|
84 |
|
85 |
|
86 TBool CMapDescriptor::IsMatchingL(TSecurityObjectDescriptor &aDesc, |
|
87 const TBool aInfoOnly, |
|
88 TPkiServiceStoreType aCertStoreType) const |
|
89 { |
|
90 TBool match(EFalse); |
|
91 |
|
92 LOG(Log::Printf(_L("Matching"))); |
|
93 LOG_1(" Pure informational: %d", aInfoOnly); |
|
94 |
|
95 LOG(Log::Printf(_L("Matching: certificate %S"), &iObjectName)); |
|
96 for(;;) |
|
97 { |
|
98 if (aDesc.iOwnerType != EPKICACertificate && |
|
99 aCertStoreType != EPkiStoreTypeAny) |
|
100 { |
|
101 if (iCertStoreType != aCertStoreType) |
|
102 { |
|
103 LOG(Log::Printf(_L(" Store doesn't match, aborting"))); |
|
104 match = EFalse; |
|
105 break; |
|
106 } |
|
107 } |
|
108 else |
|
109 { |
|
110 LOG(Log::Printf(_L("Skipping store check, not relevant"))); |
|
111 } |
|
112 |
|
113 |
|
114 if (aDesc.iSubjectKeyIdUsed) |
|
115 { |
|
116 if(iSubjectKeyId == aDesc.iSubjectKeyId) |
|
117 { |
|
118 match = ETrue; |
|
119 } |
|
120 else |
|
121 { |
|
122 match = EFalse; |
|
123 break; |
|
124 } |
|
125 } |
|
126 |
|
127 if(aDesc.iTrustedAuthorityUsed) |
|
128 { |
|
129 if(iTrustedAuthority == NULL) |
|
130 { |
|
131 match = EFalse; |
|
132 break; |
|
133 } |
|
134 else |
|
135 { |
|
136 CX500DistinguishedName* dnSuffix1 = CX500DistinguishedName::NewLC(*iTrustedAuthority); |
|
137 CX500DistinguishedName* dnSuffix2; |
|
138 TInt popCount = 3; |
|
139 |
|
140 // ASN1 or plain text |
|
141 if((aDesc.iTrustedAuthority[0] != 0x30) |
|
142 || ((aDesc.iTrustedAuthority[1] != 0x81) |
|
143 && (aDesc.iTrustedAuthority[1] != 0x82) |
|
144 && ((aDesc.iTrustedAuthority[1] + 2) != aDesc.iTrustedAuthority.Length()))) |
|
145 { |
|
146 HBufC8* name2Der; |
|
147 CPkcs10Req::BuildDistinguishedNameDerFromTextL(name2Der, |
|
148 aDesc.iTrustedAuthority, |
|
149 EFalse, KNullDesC8); |
|
150 CleanupStack::PushL(name2Der); |
|
151 |
|
152 dnSuffix2 = CX500DistinguishedName::NewLC(*name2Der); |
|
153 } |
|
154 else |
|
155 { |
|
156 dnSuffix2 = CX500DistinguishedName::NewLC(aDesc.iTrustedAuthority); |
|
157 popCount = 2; |
|
158 } |
|
159 |
|
160 |
|
161 if(PkiUtil::MatchL(*dnSuffix1, *dnSuffix2)) |
|
162 { |
|
163 match = ETrue; |
|
164 CleanupStack::PopAndDestroy(popCount); |
|
165 } |
|
166 else |
|
167 { |
|
168 match = EFalse; |
|
169 CleanupStack::PopAndDestroy(popCount); |
|
170 break; |
|
171 } |
|
172 } |
|
173 } |
|
174 if(aDesc.iOwnerTypeUsed) |
|
175 { |
|
176 if(iOwnerType == aDesc.iOwnerType) |
|
177 { |
|
178 match = ETrue; |
|
179 } |
|
180 else |
|
181 { |
|
182 match = EFalse; |
|
183 break; |
|
184 } |
|
185 } |
|
186 if(aDesc.iSerialNumberUsed) |
|
187 { |
|
188 if ((iSerialNumber != NULL) && ((*iSerialNumber).Compare(aDesc.iSerialNumber) == 0)) |
|
189 { |
|
190 match = ETrue; |
|
191 } |
|
192 else |
|
193 { |
|
194 match = EFalse; |
|
195 break; |
|
196 } |
|
197 } |
|
198 |
|
199 if(aDesc.iIdentitySubjectNameUsed) |
|
200 { |
|
201 if(iIdentitySubjectName == NULL) |
|
202 { |
|
203 match = EFalse; |
|
204 break; |
|
205 } |
|
206 else |
|
207 { |
|
208 CX500DistinguishedName* dnSuffix1 = CX500DistinguishedName::NewLC(*iIdentitySubjectName); |
|
209 CX500DistinguishedName* dnSuffix2; |
|
210 TInt popCount = 3; |
|
211 // ASN1 or plain text |
|
212 if((aDesc.iIdentitySubjectName[0] != 0x30) |
|
213 || ((aDesc.iIdentitySubjectName[1] != 0x81) |
|
214 && (aDesc.iIdentitySubjectName[1] != 0x82) |
|
215 && ((aDesc.iIdentitySubjectName[1] + 2) != aDesc.iIdentitySubjectName.Length()))) |
|
216 { |
|
217 HBufC8* name2Der; |
|
218 CPkcs10Req::BuildDistinguishedNameDerFromTextL(name2Der, |
|
219 aDesc.iIdentitySubjectName, |
|
220 EFalse, KNullDesC8); |
|
221 CleanupStack::PushL(name2Der); |
|
222 |
|
223 dnSuffix2 = CX500DistinguishedName::NewLC(*name2Der); |
|
224 } |
|
225 else |
|
226 { |
|
227 dnSuffix2 = CX500DistinguishedName::NewLC(aDesc.iIdentitySubjectName); |
|
228 popCount = 2; |
|
229 } |
|
230 |
|
231 if(PkiUtil::MatchL(*dnSuffix1, *dnSuffix2)) |
|
232 { |
|
233 CleanupStack::PopAndDestroy(popCount); |
|
234 match = ETrue; |
|
235 } |
|
236 else |
|
237 { |
|
238 CleanupStack::PopAndDestroy(popCount); |
|
239 match = EFalse; |
|
240 break; |
|
241 } |
|
242 } |
|
243 } |
|
244 |
|
245 if(aDesc.iIdentityRfc822NameUsed) |
|
246 { |
|
247 if(iIdentityRfc822Name == NULL) |
|
248 { |
|
249 match = EFalse; |
|
250 break; |
|
251 } |
|
252 else |
|
253 { |
|
254 TInt bytes = aDesc.iIdentityRfc822Name.Length(); |
|
255 TPtrC8 tail = (*iIdentityRfc822Name).Right(bytes); |
|
256 if (tail.CompareF(aDesc.iIdentityRfc822Name) == 0) |
|
257 { |
|
258 match = ETrue; |
|
259 } |
|
260 else |
|
261 { |
|
262 match = EFalse; |
|
263 break; |
|
264 } |
|
265 } |
|
266 } |
|
267 |
|
268 if(aDesc.iKeyUsageUsed) |
|
269 { |
|
270 CX509KeyUsageExt* tempUsage = NULL; |
|
271 if(iKeyUsageDer.Length() != 0) |
|
272 { |
|
273 tempUsage = CX509KeyUsageExt::NewL(iKeyUsageDer); |
|
274 } |
|
275 if((tempUsage == NULL) || tempUsage->IsSet(aDesc.iKeyUsage)) |
|
276 { |
|
277 delete tempUsage; |
|
278 match = ETrue; |
|
279 } |
|
280 else |
|
281 { |
|
282 delete tempUsage; |
|
283 match = EFalse; |
|
284 break; |
|
285 } |
|
286 } |
|
287 |
|
288 if(aDesc.iKeySizeUsed) |
|
289 { |
|
290 if(iKeySize == aDesc.iKeySize) |
|
291 { |
|
292 match = ETrue; |
|
293 } |
|
294 else |
|
295 { |
|
296 match = EFalse; |
|
297 break; |
|
298 } |
|
299 } |
|
300 |
|
301 if (match && !aInfoOnly) |
|
302 { |
|
303 TValidity val = CPKIMapper::CertValidity(iStartTime, iEndTime); |
|
304 // Treat future certificates as valid |
|
305 if((val == EValid) || (val == ENotValidYet)) |
|
306 { |
|
307 match = ETrue; |
|
308 } |
|
309 else |
|
310 { |
|
311 LOG_("Matching: Expired, and not an informational request"); |
|
312 match = EFalse; |
|
313 break; |
|
314 } |
|
315 } |
|
316 |
|
317 break; |
|
318 } |
|
319 |
|
320 return match; |
|
321 } |
|
322 |
|
323 TBool CMapDescriptor::IsEqual(CMapDescriptor &aDesc) |
|
324 { |
|
325 TBool match = EFalse; |
|
326 |
|
327 for(;;) |
|
328 { |
|
329 if((iTrustedAuthority != NULL) && (aDesc.iTrustedAuthority != NULL) && (iTrustedAuthority->Des().Compare(*aDesc.iTrustedAuthority) == 0)) |
|
330 { |
|
331 match = ETrue; |
|
332 } |
|
333 else |
|
334 { |
|
335 match = EFalse; |
|
336 break; |
|
337 } |
|
338 |
|
339 if((iSerialNumber != NULL) && (aDesc.iSerialNumber != NULL) && (iSerialNumber->Des().Compare(*aDesc.iSerialNumber) == 0)) |
|
340 { |
|
341 match = ETrue; |
|
342 } |
|
343 else |
|
344 { |
|
345 match = EFalse; |
|
346 break; |
|
347 } |
|
348 |
|
349 break; |
|
350 } |
|
351 |
|
352 return match; |
|
353 } |
|
354 |
|
355 |
|
356 void CMapDescriptor::SetCertStoreType(TPkiServiceStoreType aCertStoreType) |
|
357 { |
|
358 iCertStoreType = aCertStoreType; |
|
359 } |
|
360 |
27 |
361 CPKIMapper* CPKIMapper::NewL() |
28 CPKIMapper* CPKIMapper::NewL() |
362 { |
29 { |
363 CPKIMapper* self = new (ELeave) CPKIMapper(); |
30 CPKIMapper* self = new (ELeave) CPKIMapper(); |
364 CleanupStack::PushL(self); |
31 CleanupStack::PushL(self); |
395 TBool CPKIMapper::CacheCreated() |
62 TBool CPKIMapper::CacheCreated() |
396 { |
63 { |
397 return iCacheCreated; |
64 return iCacheCreated; |
398 } |
65 } |
399 |
66 |
400 TInt CPKIMapper::AddMapping(CMapDescriptor& aMap) |
67 TInt CPKIMapper::AddMapping(CMapDescriptor* aMap) |
401 { |
68 { |
402 // Insert as first element, so that newest object will be found first |
69 // Insert as first element, so that newest object will be found first |
403 return iMapping->Insert(&aMap, 0); |
70 TInt err = iMapping->Insert(aMap, 0); |
|
71 if (err != KErrNone) |
|
72 { |
|
73 delete aMap; |
|
74 } |
|
75 return err; |
404 } |
76 } |
405 |
77 |
406 void CPKIMapper::LogMap(CMapDescriptor &aDescriptor) const |
78 void CPKIMapper::LogMap(CMapDescriptor &aDescriptor) const |
407 { |
79 { |
408 TInt len = aDescriptor.iSubjectKeyId.Length(); |
80 TPtrC objectName = aDescriptor.Label(); |
|
81 const TPKIKeyIdentifier& subjectKeyId = aDescriptor.CertificateKeyId(); |
|
82 |
409 LOG(Log::Printf(_L("====CertificateObject====\n"))); |
83 LOG(Log::Printf(_L("====CertificateObject====\n"))); |
410 LOG(Log::Printf(_L("ObjectName: %S\n"), &(aDescriptor.iObjectName))); |
84 LOG(Log::Printf(_L("ObjectName: %S\n"), &objectName)); |
411 LOG(Log::Printf(_L("KeyId:"))); |
85 LOG(Log::Printf(_L("KeyId:"))); |
412 LOG(Log::HexDump(NULL, NULL, aDescriptor.iSubjectKeyId.Ptr(), len)); |
86 LOG(Log::HexDump(NULL, NULL, subjectKeyId.Ptr(), subjectKeyId.Length())); |
413 } |
87 } |
414 |
88 |
415 |
89 |
416 void CPKIMapper::DeleteMapping(TInt aIndex) |
90 void CPKIMapper::DeleteMapping(TInt aIndex) |
417 { |
91 { |
457 return count; |
115 return count; |
458 } |
116 } |
459 |
117 |
460 TInt CPKIMapper::ApplicableCertCount(const RArray<TUid>& aUidArray) |
118 TInt CPKIMapper::ApplicableCertCount(const RArray<TUid>& aUidArray) |
461 { |
119 { |
462 TInt count(0); |
120 iCount = 0; |
463 TBool uidMatch(EFalse); |
121 |
464 |
122 for(TInt i = 0; i < iMapping->Count(); i++) |
465 for(TInt i(0); i < iMapping->Count(); i++) |
123 { |
466 { |
124 const CMapDescriptor* mapping = (*iMapping)[i]; |
467 CMapDescriptor* mapping = (*iMapping)[i]; |
125 if(mapping->OwnerType() == EPKICACertificate) |
468 if(mapping->iOwnerType == EPKICACertificate) |
126 { |
469 { |
127 if(mapping->CertValidity() != CMapDescriptor::EExpired) |
470 if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired) |
128 { |
471 { |
129 for (TInt j = 0; j < aUidArray.Count(); ++j) |
472 uidMatch = EFalse; |
|
473 for(TInt j = 0; j < mapping->iApplUids.Count(); j++) |
|
474 { |
130 { |
475 for(TInt k = 0; k < aUidArray.Count(); k++) |
131 if (mapping->IsApplicable(aUidArray[j])) |
476 { |
132 { |
477 if(mapping->iApplUids[j].iUid == aUidArray[k].iUid) |
133 iCount++; |
478 { |
|
479 uidMatch = ETrue; |
|
480 break; |
|
481 } |
|
482 } |
|
483 if(uidMatch) |
|
484 { |
|
485 count++; |
|
486 break; |
134 break; |
487 } |
135 } |
488 } |
136 } |
489 } |
137 } |
490 } |
138 } |
491 } |
139 } |
492 iCount = count; |
140 |
493 return count; |
141 return iCount; |
494 } |
142 } |
495 |
143 |
496 |
144 TInt CPKIMapper::GetCertDetailsL(TSecurityObjectDescriptor& aSecDesc, |
497 TInt CPKIMapper::GetCertListL(const RMessage2 &aMessage, TPkiServiceStoreType aStoreType, |
145 TPkiServiceStoreType aStoreType, |
498 TBool aDescUsed) |
146 TBool aInfoOnly, |
|
147 TCertificateListEntry& aResultCertInfo) |
|
148 { |
|
149 TInt index; |
|
150 TInt err; |
|
151 |
|
152 TRAPD(leave, err = ResolveCertMappingL(aSecDesc, iObjectName, |
|
153 index, aInfoOnly, |
|
154 aStoreType)); |
|
155 if (leave != KErrNone) |
|
156 { |
|
157 return leave; |
|
158 } |
|
159 |
|
160 if (err == KErrNone) |
|
161 { |
|
162 const CMapDescriptor* mapping = (*iMapping)[index]; |
|
163 aResultCertInfo.iObjectName = mapping->Label(); |
|
164 aResultCertInfo.iOwnerType = mapping->OwnerType(); |
|
165 aResultCertInfo.iTrustedAuthority = mapping->TrustedAuthority(); |
|
166 aResultCertInfo.iIdentitySubjectName = mapping->IdentitySubjectName(); |
|
167 aResultCertInfo.iSerialNumber = mapping->SerialNumber(); |
|
168 aResultCertInfo.iSubjectKeyId = mapping->CertificateKeyId(); |
|
169 aResultCertInfo.iKeySize = mapping->KeySize(); |
|
170 aResultCertInfo.iKeyAlgorithm = mapping->KeyAlgorithm(); |
|
171 aResultCertInfo.iIsDeletable = mapping->Deletable(); |
|
172 } |
|
173 return err; |
|
174 } |
|
175 |
|
176 |
|
177 TInt CPKIMapper::GetCertListL(const RMessage2 &aMessage, TBool aInfoOnly) |
499 { |
178 { |
500 TInt pos = 0; |
179 TInt pos = 0; |
501 TInt iLast = 0; |
180 TInt iLast = 0; |
502 TInt iFirst = 0; |
181 TInt iFirst = 0; |
503 |
182 |
504 if(aDescUsed) |
183 iLast = iMapping->Count(); |
505 { |
|
506 aMessage.ReadL(1, iCurrentDescriptor); |
|
507 TSecurityObjectDescriptor& secDesc = iCurrentDescriptor(); |
|
508 TInt status = ResolveCertMappingL( |
|
509 iCurrentDescriptor(), iObjectName, iFirst, EFalse, aStoreType); |
|
510 if(status == KErrNone) |
|
511 { |
|
512 iCount = 1; |
|
513 iLast = iFirst + 1; |
|
514 } |
|
515 } |
|
516 else |
|
517 { |
|
518 iLast = iMapping->Count(); |
|
519 } |
|
520 |
|
521 CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry)); |
184 CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry)); |
522 CleanupStack::PushL(list); |
185 CleanupStack::PushL(list); |
523 list->ResizeL(iCount * sizeof(TCertificateListEntry)); |
186 list->ResizeL(iCount * sizeof(TCertificateListEntry)); |
524 TCertificateListEntry certInfo; |
187 TCertificateListEntry certInfo; |
525 |
188 |
526 for(TInt i = iFirst; i < iLast; i++) |
189 for(TInt i = iFirst; i < iLast; i++) |
527 { |
190 { |
528 CMapDescriptor* mapping = (*iMapping)[i]; |
191 CMapDescriptor* mapping = (*iMapping)[i]; |
529 if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired) |
192 if(aInfoOnly || mapping->CertValidity() != CMapDescriptor::EExpired) |
530 { |
193 { |
531 certInfo.iObjectName = mapping->iObjectName; |
194 certInfo.iObjectName = mapping->Label(); |
532 certInfo.iOwnerType = mapping->iOwnerType; |
195 certInfo.iOwnerType = mapping->OwnerType(); |
533 if(mapping->iTrustedAuthority != NULL) |
196 certInfo.iTrustedAuthority = mapping->TrustedAuthority(); |
534 { |
197 certInfo.iIdentitySubjectName = mapping->IdentitySubjectName(); |
535 certInfo.iTrustedAuthority = *(mapping->iTrustedAuthority); |
198 certInfo.iSerialNumber = mapping->SerialNumber(); |
536 } |
199 certInfo.iSubjectKeyId = mapping->CertificateKeyId(); |
537 if(mapping->iIdentitySubjectName != NULL) |
200 certInfo.iKeySize = mapping->KeySize(); // Key size |
538 { |
201 certInfo.iKeyAlgorithm = mapping->KeyAlgorithm(); // RSA, DSA |
539 certInfo.iIdentitySubjectName = *(mapping->iIdentitySubjectName); |
202 certInfo.iIsDeletable = mapping->Deletable(); // IsDeletable |
540 } |
|
541 if(mapping->iSerialNumber != NULL) |
|
542 { |
|
543 certInfo.iSerialNumber = *(mapping->iSerialNumber); |
|
544 } |
|
545 certInfo.iSubjectKeyId = mapping->iSubjectKeyId; |
|
546 certInfo.iKeySize = mapping->iKeySize; // Key size |
|
547 certInfo.iKeyAlgorithm = mapping->iKeyAlgorithm; // RSA, DSA |
|
548 certInfo.iIsDeletable = mapping->iIsDeletable; // IsDeletable |
|
549 |
203 |
550 list->Write(pos * sizeof(TCertificateListEntry), |
204 list->Write(pos * sizeof(TCertificateListEntry), |
551 (TAny*)&certInfo, |
205 (TAny*)&certInfo, |
552 sizeof(TCertificateListEntry)); |
206 sizeof(TCertificateListEntry)); |
553 pos++; |
207 pos++; |
565 } |
219 } |
566 |
220 |
567 |
221 |
568 void CPKIMapper::GetApplicableCertListL(const RMessage2& aMessage, const RArray<TUid>& aUidArray) |
222 void CPKIMapper::GetApplicableCertListL(const RMessage2& aMessage, const RArray<TUid>& aUidArray) |
569 { |
223 { |
570 TBool uidMatch = EFalse; |
224 TInt pos = 0; |
571 TInt pos(0); |
|
572 |
225 |
573 CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry)); |
226 CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry)); |
574 CleanupStack::PushL(list); |
227 CleanupStack::PushL(list); |
575 list->ResizeL(iCount * sizeof(TCertificateListEntry)); |
228 list->ResizeL(iCount * sizeof(TCertificateListEntry)); |
576 TCertificateListEntry certInfo; |
229 TCertificateListEntry certInfo; |
577 |
230 |
578 for(TInt i = 0; (i < iMapping->Count()) && (pos < iCount); i++) |
231 for(TInt i = 0; (i < iMapping->Count()) && (pos < iCount); i++) |
579 { |
232 { |
580 CMapDescriptor* mapping = (*iMapping)[i]; |
233 CMapDescriptor* mapping = (*iMapping)[i]; |
581 if(mapping->iOwnerType == EPKICACertificate) |
234 if(mapping->OwnerType() == EPKICACertificate) |
582 { |
235 { |
583 if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired) |
236 if(mapping->CertValidity() != CMapDescriptor::EExpired) |
584 { |
237 { |
585 uidMatch = EFalse; |
238 for(TInt j = 0; j < aUidArray.Count(); j++) |
586 for(TInt j = 0; j < mapping->iApplUids.Count(); j++) |
|
587 { |
239 { |
588 for(TInt k = 0; k < aUidArray.Count(); k++) |
240 if(mapping->IsApplicable(aUidArray[j])) |
589 { |
241 { |
590 if(mapping->iApplUids[j].iUid == aUidArray[k].iUid) |
242 certInfo.iObjectName = mapping->Label(); |
591 { |
243 certInfo.iOwnerType = mapping->OwnerType(); |
592 uidMatch = ETrue; |
244 certInfo.iTrustedAuthority = mapping->TrustedAuthority(); |
593 break; |
245 certInfo.iIdentitySubjectName = mapping->IdentitySubjectName(); |
594 } |
246 certInfo.iSerialNumber = mapping->SerialNumber(); |
595 } |
247 certInfo.iSubjectKeyId = mapping->CertificateKeyId(); |
596 if(uidMatch) |
248 certInfo.iKeySize = mapping->KeySize(); // Key size |
597 { |
249 certInfo.iKeyAlgorithm = mapping->KeyAlgorithm(); // RSA, DSA |
598 certInfo.iObjectName = mapping->iObjectName; |
250 certInfo.iIsDeletable = mapping->Deletable(); // IsDeletable |
599 certInfo.iOwnerType = mapping->iOwnerType; |
|
600 if(mapping->iTrustedAuthority != NULL) |
|
601 { |
|
602 certInfo.iTrustedAuthority = *(mapping->iTrustedAuthority); |
|
603 } |
|
604 if(mapping->iIdentitySubjectName != NULL) |
|
605 { |
|
606 certInfo.iIdentitySubjectName = *(mapping->iIdentitySubjectName); |
|
607 } |
|
608 if(mapping->iSerialNumber != NULL) |
|
609 { |
|
610 certInfo.iSerialNumber = *(mapping->iSerialNumber); |
|
611 } |
|
612 certInfo.iSubjectKeyId = mapping->iSubjectKeyId; |
|
613 certInfo.iKeySize = mapping->iKeySize; // Key size |
|
614 certInfo.iKeyAlgorithm = mapping->iKeyAlgorithm; // RSA, DSA |
|
615 certInfo.iIsDeletable = mapping->iIsDeletable; // IsDeletable |
|
616 |
251 |
617 list->Write(pos * sizeof(TCertificateListEntry), |
252 list->Write(pos * sizeof(TCertificateListEntry), |
618 (TAny*)&certInfo, |
253 (TAny*)&certInfo, |
619 sizeof(TCertificateListEntry)); |
254 sizeof(TCertificateListEntry)); |
620 pos++; |
255 pos++; |