85 //==================================================================================================================================== |
86 //==================================================================================================================================== |
86 /** |
87 /** |
87 * Initialization routine |
88 * Initialization routine |
88 */ |
89 */ |
89 //==================================================================================================================================== |
90 //==================================================================================================================================== |
90 TInt CPKIWrapper::InitOperation(const RMessage2& aMessage) |
91 void CPKIWrapper::InitOperation(const RMessage2& aMessage) |
91 { |
92 { |
92 if (IsActive()) |
93 if (iMessage.Handle() != 0) |
93 { |
94 { |
94 LOG(Log::Printf(_L("Pkiservice busy. Function %d\n"), aMessage.Function())); |
95 LOG(Log::Printf(_L("Pkiservice busy. Function %d\n"), aMessage.Function())); |
95 return KPKIErrServiceBusy; |
96 aMessage.Complete(KPKIErrServiceBusy); |
96 } |
97 |
97 |
98 } |
98 LOG(Log::Printf(_L("InitOperation function %d\n"), aMessage.Function())); |
99 else |
99 iCurrentStatus = KErrNone; // Clear status |
100 { |
100 iCurrentState = EExecute; // Set state |
101 LOG(Log::Printf(_L("InitOperation function %d\n"), aMessage.Function())); |
101 iMessage = aMessage; // Save message |
102 iCurrentStatus = KErrNone; // Clear status |
102 iPKISupport->SetCurrentFunction(iMessage.Function()); |
103 iCurrentState = EExecute; // Set state |
103 iIndex = KErrNotFound; |
104 iMessage = aMessage; // Save message |
104 |
105 iPKISupport->SetCurrentFunction(iMessage.Function()); |
105 // Trigger function |
106 iIndex = KErrNotFound; |
106 iStatus = KRequestPending; |
107 |
107 SetActive(); |
108 // Trigger function |
108 TRequestStatus *status = &iStatus; |
109 iStatus = KRequestPending; |
109 User::RequestComplete(status, KErrNone); |
110 SetActive(); |
110 |
111 TRequestStatus *status = &iStatus; |
111 return KErrNone; |
112 User::RequestComplete(status, KErrNone); |
|
113 } |
112 } |
114 } |
113 |
115 |
114 /**--------------------------------------------------------- |
116 /**--------------------------------------------------------- |
115 * |
117 * |
116 * CancelPendingOperation |
118 * CancelPendingOperation |
299 { |
301 { |
300 TInt index; |
302 TInt index; |
301 |
303 |
302 LOG(Log::Printf(_L("CPKIWrapper::ExecuteReadCertificateL()\n"))); |
304 LOG(Log::Printf(_L("CPKIWrapper::ExecuteReadCertificateL()\n"))); |
303 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName, |
305 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName, |
304 index, iInfoOnly, |
306 index, iInfoOnly, |
305 iPKISupport->CertStoreType()); |
307 iPKISupport->CertStoreType()); |
306 if(iCurrentStatus == KErrNone) |
308 if(iCurrentStatus == KErrNone) |
307 { |
309 { |
308 TSecurityObjectDescriptor sdesc = iCurrentDescriptor(); |
310 const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index); |
309 iCurrentState = EComplete; |
311 iCurrentState = EComplete; |
310 iPKISupport->RetrieveCertificateL(*iObjectName, iPtrCertBuffer, sdesc.iOwnerType, iStatus); |
312 iPKISupport->RetrieveCertificateL(mapping.Label(), |
|
313 mapping.CertificateKeyId(), |
|
314 iPtrCertBuffer, mapping.OwnerType(), iStatus); |
311 SetActive(); |
315 SetActive(); |
312 } |
316 } |
313 LOG_1("CPKIWrapper::ExecuteReadCertificateL() exit:%d", iCurrentStatus); |
317 LOG_1("CPKIWrapper::ExecuteReadCertificateL() exit:%d", iCurrentStatus); |
314 } |
318 } |
315 |
319 |
330 iPtrCertBuffer); |
334 iPtrCertBuffer); |
331 |
335 |
332 if (certIsNew) |
336 if (certIsNew) |
333 { |
337 { |
334 LOG(Log::Printf(_L("Creating new certificate entry\n"))); |
338 LOG(Log::Printf(_L("Creating new certificate entry\n"))); |
335 delete iCurrentMapping; |
339 |
336 iCurrentMapping = NULL; |
|
337 iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor()); |
|
338 iMapper.GenerateUniqueNameL(iPtrCertBuffer, *iObjectName); |
340 iMapper.GenerateUniqueNameL(iPtrCertBuffer, *iObjectName); |
339 iCurrentMapping->SetMapObjectName(*iObjectName); |
|
340 SaveIdentityL(*iCurrentMapping, iPtrCertBuffer, (TCertificateOwnerType)iCurrentDescriptor().iOwnerType); |
|
341 |
|
342 TPkiServiceStoreType storeType = iPKISupport->CertStoreType(); |
341 TPkiServiceStoreType storeType = iPKISupport->CertStoreType(); |
343 if (storeType == EPkiStoreTypeAny) |
342 if (storeType == EPkiStoreTypeAny) |
344 { |
343 { |
345 storeType = EPkiStoreTypeUser; |
344 storeType = EPkiStoreTypeUser; |
346 } |
345 } |
347 iCurrentMapping->SetCertStoreType(storeType); |
346 |
348 |
347 CX509Certificate* certificate = CX509Certificate::NewLC(iPtrCertBuffer); |
349 if(iCurrentStatus == KErrNone) |
348 |
350 { |
349 PKISERVICE_ASSERT(iCurrentMapping == NULL); |
351 LOG(Log::Printf(_L("Status OK, identity saved\n"))); |
350 CMapDescriptor* newMapping = CMapDescriptor::NewL(*iObjectName, |
352 iCurrentStatus = KErrNone; |
351 *certificate, |
353 iCurrentState = EComplete; |
352 iCurrentDescriptor().iOwnerType, |
354 LOG(Log::Printf(_L("Storing CERT with LABEL:"))); |
353 storeType); |
355 LOG(Log::Printf(iCurrentMapping->iObjectName)); |
354 CleanupStack::PushL(newMapping); |
356 iPKISupport->StoreCertificateL(iCurrentMapping->iObjectName, |
355 newMapping->SetMapDeletable(iCurrentDescriptor().iIsDeletable); |
357 (TCertificateOwnerType)iCurrentDescriptor().iOwnerType, |
356 |
358 iPtrCertBuffer, iCurrentDescriptor().iIsDeletable, iStatus); |
357 iCurrentStatus = KErrNone; |
359 LOG(Log::Printf(_L("CERT stored\n"))); |
358 iCurrentState = EComplete; |
360 SetActive(); |
359 LOG(Log::Printf(_L("Storing CERT with LABEL:"))); |
361 } |
360 LOG(Log::Printf(*iObjectName)); |
|
361 iPKISupport->StoreCertificateL(*iObjectName, |
|
362 (TCertificateOwnerType)iCurrentDescriptor().iOwnerType, |
|
363 iPtrCertBuffer, iCurrentDescriptor().iIsDeletable, iStatus); |
|
364 |
|
365 iCurrentMapping = newMapping; |
|
366 CleanupStack::Pop(newMapping); |
|
367 CleanupStack::PopAndDestroy(certificate); |
|
368 |
|
369 LOG(Log::Printf(_L("CERT stored\n"))); |
|
370 SetActive(); |
|
371 |
362 } |
372 } |
363 else |
373 else |
364 { |
374 { |
365 // Identical certificate already existed, no need to add this one. |
375 // Identical certificate already existed, no need to add this one. |
366 // Set current status to KErrBadName so that the operations can |
376 // Set current status to KErrBadName so that the operations can |
385 void CPKIWrapper::ExecuteAttachCertificateL() |
395 void CPKIWrapper::ExecuteAttachCertificateL() |
386 { |
396 { |
387 LOG(Log::Printf(_L("ExecuteAttachCertificateL"))); |
397 LOG(Log::Printf(_L("ExecuteAttachCertificateL"))); |
388 |
398 |
389 iMapper.GenerateUniqueNameL(iPtrCertBuffer, *iObjectName, EUserCertificate); |
399 iMapper.GenerateUniqueNameL(iPtrCertBuffer, *iObjectName, EUserCertificate); |
390 |
400 |
391 delete iCurrentMapping; |
|
392 iCurrentMapping = NULL; |
|
393 iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor()); |
|
394 iCurrentMapping->SetMapObjectName(*iObjectName); |
|
395 SaveIdentityL(*iCurrentMapping, iPtrCertBuffer, (TCertificateOwnerType)iCurrentDescriptor().iOwnerType); |
|
396 |
|
397 TPkiServiceStoreType storeType = iPKISupport->CertStoreType(); |
401 TPkiServiceStoreType storeType = iPKISupport->CertStoreType(); |
398 if (storeType == EPkiStoreTypeAny) |
402 if (storeType == EPkiStoreTypeAny) |
399 { |
403 { |
400 storeType = EPkiStoreTypeUser; |
404 storeType = EPkiStoreTypeUser; |
401 } |
405 } |
402 iCurrentMapping->SetCertStoreType(storeType); |
406 |
403 if(iCurrentStatus == KErrNone) |
407 PKISERVICE_ASSERT(iCurrentMapping == NULL); |
404 { |
408 |
405 iCurrentStatus = KErrNone; |
409 CX509Certificate* certificate = CX509Certificate::NewLC(iPtrCertBuffer); |
406 iCurrentState = EComplete; |
410 CMapDescriptor* newMapping = CMapDescriptor::NewL(*iObjectName, |
407 LOG(Log::Printf(_L("Attaching certificate"))); |
411 *certificate, |
408 LOG(Log::Printf(iCurrentMapping->iObjectName)); |
412 iCurrentDescriptor().iOwnerType, |
409 iPKISupport->AttachCertificateL(iCurrentMapping->iObjectName, iCurrentDescriptor().iSubjectKeyId, iPtrCertBuffer, iStatus); |
413 storeType); |
410 LOG(Log::Printf(_L("Certificate attached"))); |
414 CleanupStack::PushL(newMapping); |
411 SetActive(); |
415 newMapping->SetMapDeletable(iCurrentDescriptor().iIsDeletable); |
412 } |
416 |
|
417 |
|
418 |
|
419 iCurrentStatus = KErrNone; |
|
420 iCurrentState = EComplete; |
|
421 LOG(Log::Printf(_L("Attaching certificate"))); |
|
422 LOG(Log::Printf(*iObjectName)); |
|
423 iPKISupport->AttachCertificateL(*iObjectName, iPtrCertBuffer, iStatus); |
|
424 LOG(Log::Printf(_L("Certificate attached"))); |
|
425 |
|
426 iCurrentMapping = newMapping; |
|
427 CleanupStack::Pop(newMapping); |
|
428 CleanupStack::PopAndDestroy(certificate); |
|
429 |
|
430 |
|
431 SetActive(); |
413 } |
432 } |
414 |
433 |
415 |
434 |
416 /**--------------------------------------------------------- |
435 /**--------------------------------------------------------- |
417 * |
436 * |
425 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), |
444 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), |
426 *iObjectName, index, iInfoOnly, |
445 *iObjectName, index, iInfoOnly, |
427 iPKISupport->CertStoreType()); |
446 iPKISupport->CertStoreType()); |
428 if(iCurrentStatus == KErrNone) |
447 if(iCurrentStatus == KErrNone) |
429 { |
448 { |
430 delete iCurrentMapping; |
449 const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index); |
431 iCurrentMapping = NULL; |
450 TPKIKeyIdentifier keyId = mapping.CertificateKeyId(); |
432 iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor()); |
451 iMapper.DeleteMapping(index); |
433 *iCurrentMapping = iMapper.GetMapDescriptorAtIndex(index); |
|
434 iCurrentState = EComplete; |
452 iCurrentState = EComplete; |
435 iPKISupport->RemoveCertificateL(*iObjectName, iStatus); |
453 iPKISupport->RemoveCertificateL(*iObjectName, keyId, iStatus); |
436 SetActive(); |
454 SetActive(); |
437 } |
455 } |
438 } |
456 } |
439 |
457 |
440 /**--------------------------------------------------------- |
458 /**--------------------------------------------------------- |
450 index, iInfoOnly, |
468 index, iInfoOnly, |
451 iPKISupport->CertStoreType()); |
469 iPKISupport->CertStoreType()); |
452 if(iCurrentStatus == KErrNone) |
470 if(iCurrentStatus == KErrNone) |
453 { |
471 { |
454 const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index); |
472 const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index); |
455 if (mapping.iOwnerType == EPKICACertificate) |
473 if (mapping.OwnerType() == EPKICACertificate) |
456 { |
474 { |
457 iCurrentState = EComplete; |
475 iCurrentState = EComplete; |
458 iPKISupport->SetTrustL(*iObjectName, iTrusted, iStatus); |
476 iPKISupport->SetTrustL(*iObjectName, mapping.CertificateKeyId(), |
|
477 iTrusted, iStatus); |
459 SetActive(); |
478 SetActive(); |
460 } |
479 } |
461 else |
480 else |
462 { |
481 { |
463 iCurrentStatus = KErrArgument; |
482 iCurrentStatus = KErrArgument; |
477 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName, |
496 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName, |
478 index, iInfoOnly, |
497 index, iInfoOnly, |
479 iPKISupport->CertStoreType()); |
498 iPKISupport->CertStoreType()); |
480 if(iCurrentStatus == KErrNone) |
499 if(iCurrentStatus == KErrNone) |
481 { |
500 { |
|
501 const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index); |
482 iCurrentState = EComplete; |
502 iCurrentState = EComplete; |
483 iPKISupport->TrustedL(*iObjectName, iStatus); |
503 iPKISupport->TrustedL(*iObjectName, mapping.CertificateKeyId(), iStatus); |
484 SetActive(); |
504 SetActive(); |
485 } |
505 } |
486 } |
506 } |
487 |
507 |
488 /**--------------------------------------------------------- |
508 /**--------------------------------------------------------- |
491 * |
511 * |
492 *----------------------------------------------------------*/ |
512 *----------------------------------------------------------*/ |
493 void CPKIWrapper::ExecuteSetApplicabilityL() |
513 void CPKIWrapper::ExecuteSetApplicabilityL() |
494 { |
514 { |
495 TInt index(KErrNotFound); |
515 TInt index(KErrNotFound); |
496 iCurrentStatus = iMapper.ResolveCertMappingL( |
516 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName, |
497 iCurrentDescriptor(), *iObjectName, |
517 index, iInfoOnly, |
498 index, iInfoOnly, |
518 iPKISupport->CertStoreType()); |
499 iPKISupport->CertStoreType()); |
|
500 |
|
501 // Save index |
519 // Save index |
502 iIndex = index; |
520 iIndex = index; |
503 if(iCurrentStatus == KErrNone) |
521 if(iCurrentStatus == KErrNone) |
504 { |
522 { |
505 LOG_1("ExecuteSetApplicabilityL:%d", iIndex); |
523 LOG_1("ExecuteSetApplicabilityL:%d", iIndex); |
|
524 const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index); |
506 iCurrentState = EComplete; |
525 iCurrentState = EComplete; |
507 iPKISupport->SetApplicabilityL(*iObjectName, iUidArray, iStatus); |
526 iPKISupport->SetApplicabilityL(*iObjectName, mapping.CertificateKeyId(), iUidArray, iStatus); |
508 SetActive(); |
527 SetActive(); |
509 } |
528 } |
510 } |
529 } |
511 |
530 |
512 /**--------------------------------------------------------- |
531 /**--------------------------------------------------------- |
559 // FALLTROUGH |
579 // FALLTROUGH |
560 case PkiService::EAttachCertificate: |
580 case PkiService::EAttachCertificate: |
561 if (iCurrentStatus == KErrNone) |
581 if (iCurrentStatus == KErrNone) |
562 { |
582 { |
563 User::LeaveIfError( |
583 User::LeaveIfError( |
564 iMapper.AddMapping(*iCurrentMapping) ); |
584 iMapper.AddMapping(iCurrentMapping) ); |
565 iCurrentMapping = NULL; |
585 } |
566 } |
586 else |
|
587 { |
|
588 delete iCurrentMapping; |
|
589 } |
|
590 iCurrentMapping = NULL; |
567 if (iCurrentStatus == KErrBadName) |
591 if (iCurrentStatus == KErrBadName) |
568 { |
592 { |
569 // Already exists |
593 // Already exists |
570 iCurrentStatus = KErrNone; |
594 iCurrentStatus = KErrNone; |
571 } |
595 } |
572 break; |
596 break; |
573 |
|
574 case PkiService::ERemoveCertificate: |
597 case PkiService::ERemoveCertificate: |
575 if (iCurrentStatus == KErrNone) |
|
576 { |
|
577 iMapper.DeleteMapping(*iCurrentMapping); |
|
578 } |
|
579 break; |
598 break; |
580 |
599 |
581 case PkiService::ESetApplicability: |
600 case PkiService::ESetApplicability: |
582 if (iCurrentStatus == KErrNone) |
601 if (iCurrentStatus == KErrNone) |
583 { |
602 { |
584 iMapper.GetMapDescriptorAtIndex(iIndex).iApplUids.Close(); |
603 iMapper.GetMapDescriptorAtIndex(iIndex).SetMapApplications(iUidArray); |
585 TUint i; |
|
586 for(i=0;i<iCount;i++) |
|
587 { |
|
588 iMapper.GetMapDescriptorAtIndex(iIndex).iApplUids.Append(iUidArray[i]); |
|
589 } |
|
590 } |
604 } |
591 break; |
605 break; |
592 |
606 |
593 case PkiService::ETrusted: |
607 case PkiService::ETrusted: |
594 if (iCurrentStatus == KErrNone) |
608 if (iCurrentStatus == KErrNone) |
752 if ( iPKISupport ) |
762 if ( iPKISupport ) |
753 { |
763 { |
754 iPKISupport->Cancel(); |
764 iPKISupport->Cancel(); |
755 } |
765 } |
756 iMessage.Complete(KErrCancel); |
766 iMessage.Complete(KErrCancel); |
757 } |
767 } |
758 |
|
759 |
|
760 |
|
761 void CPKIWrapper::SaveIdentityL(CMapDescriptor &aCertDesc, |
|
762 const TDesC8& aCertDataIn, |
|
763 TCertificateOwnerType aOwner) |
|
764 { |
|
765 LOG(Log::Printf(_L("CPKIWrapper::SaveIdentityL()\n"))); |
|
766 |
|
767 CX509Certificate* certificate = CX509Certificate::NewLC(aCertDataIn); |
|
768 |
|
769 // Validity period |
|
770 aCertDesc.SetMapStartTime(certificate->ValidityPeriod().Start()); |
|
771 aCertDesc.SetMapEndTime(certificate->ValidityPeriod().Finish()); |
|
772 |
|
773 |
|
774 // Copy issuer |
|
775 const TPtrC8* issuer = certificate->DataElementEncoding(CX509Certificate::EIssuerName); |
|
776 aCertDesc.SetMapTrustedAuthorityL(*issuer); |
|
777 |
|
778 // Copy subject name |
|
779 const TPtrC8* subject = certificate->DataElementEncoding(CX509Certificate::ESubjectName); |
|
780 aCertDesc.SetMapIdentitySubjectNameL(*subject); |
|
781 |
|
782 // Copy rfc822 name from subjectAlt name |
|
783 const CX509CertExtension* subjAltName = certificate->Extension(KSubjectAltName); |
|
784 if(subjAltName != NULL) |
|
785 { |
|
786 CX509AltNameExt* subjectAlt = CX509AltNameExt::NewLC(subjAltName->Data()); |
|
787 if(subjectAlt != NULL) |
|
788 { |
|
789 const CArrayPtrFlat<CX509GeneralName> *nameArray; |
|
790 nameArray = &subjectAlt->AltName(); |
|
791 // Search rfc822 |
|
792 for(TInt i = 0; i < nameArray->Count(); i++) |
|
793 { |
|
794 if(nameArray->At(i)->Tag() == EX509RFC822Name) |
|
795 { |
|
796 TPtrC8 data = nameArray->At(i)->Data(); |
|
797 aCertDesc.SetMapIdentityRfc822NameL(data.Right(data.Length() - 2)); |
|
798 break; |
|
799 } |
|
800 } |
|
801 } |
|
802 CleanupStack::PopAndDestroy(subjectAlt); |
|
803 } |
|
804 |
|
805 // Key usage |
|
806 const CX509CertExtension* keyUsage = certificate->Extension(KKeyUsage); |
|
807 if((keyUsage != NULL) && keyUsage->Critical()) |
|
808 { |
|
809 aCertDesc.iKeyUsageDer.Copy(keyUsage->Data()); |
|
810 } |
|
811 |
|
812 // Serial number |
|
813 const TPtrC8* serial = certificate->DataElementEncoding(CX509Certificate::ESerialNumber); |
|
814 if(serial != NULL) |
|
815 { |
|
816 aCertDesc.SetMapSerialNumberL(*serial); |
|
817 } |
|
818 |
|
819 // Set Subject Key Identifier if we are handling CA |
|
820 if(aOwner == ECACertificate) |
|
821 { |
|
822 TPKIKeyIdentifier keyId = certificate->SubjectKeyIdentifierL(); |
|
823 aCertDesc.SetMapSubjectKeyId(keyId); |
|
824 } |
|
825 |
|
826 CleanupStack::PopAndDestroy(certificate); |
|
827 |
|
828 |
|
829 if(CPKIMapper::CertValidity(aCertDesc.iStartTime, aCertDesc.iEndTime) == EExpired) |
|
830 { |
|
831 LOG(Log::Printf(_L("Certificate expired\n"))); |
|
832 } |
|
833 } |
|
834 |
|
835 |
768 |
836 void CPKIWrapper::SetCertStoreType(TPkiServiceStoreType aStoreType) |
769 void CPKIWrapper::SetCertStoreType(TPkiServiceStoreType aStoreType) |
837 { |
770 { |
838 LOG(Log::Printf(_L("CPKIWrapper: SETTING CERT STORE TYPE: %d\n"), aStoreType)); |
771 LOG(Log::Printf(_L("CPKIWrapper: SETTING CERT STORE TYPE: %d\n"), aStoreType)); |
839 iPKISupport->SetCertStoreType(aStoreType); |
772 iPKISupport->SetCertStoreType(aStoreType); |
840 } |
773 } |
841 |
774 |
842 |
|
843 |
|
844 TPkiServiceStoreType CPKIWrapper::CertStoreType() const |
775 TPkiServiceStoreType CPKIWrapper::CertStoreType() const |
845 { |
776 { |
846 return iPKISupport->CertStoreType(); |
777 return iPKISupport->CertStoreType(); |
847 } |
778 } |
848 |
779 |
849 void CPKIWrapper::SetInformational(const TBool aInfoOnly) |
780 void CPKIWrapper::SetInformational(const TBool aInfoOnly) |
850 { |
781 { |
851 iInfoOnly = aInfoOnly; |
782 iInfoOnly = aInfoOnly; |
852 } |
783 } |
853 |
784 |
|
785 TBool CPKIWrapper::Informational() const |
|
786 { |
|
787 return iInfoOnly; |
|
788 } |