diff -r 000000000000 -r 33413c0669b9 vpnengine/pkiservice/inc/PKIMapper.h
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/vpnengine/pkiservice/inc/PKIMapper.h	Thu Dec 17 09:14:51 2009 +0200
@@ -0,0 +1,232 @@
+/*
+* Copyright (c) 2006-2008 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:   CPKIMapper class holds the information required to map API set 
+*				 to use the storage model which is not native for that API.
+*
+*/
+
+
+
+#if !defined (__PKIMAPPER_H__)
+#define __PKIMAPPER_H__
+
+#include <e32base.h>
+#include <securitydefs.h>
+
+#include "pkidefs.h"
+#include "pkiserviceclientservercommon.h"
+
+class TSecurityObjectDescriptor;
+class CX500DistinguishedName;
+class CX520AttributeTypeAndValue;
+
+enum TValidity
+{
+    EValid,
+    EExpired,
+    ENotValidYet
+};
+
+
+/**
+ *  CMapDescriptor
+ *
+ *  Maintains information of installed certificates and keys
+ *
+ *  @lib internal (pkiservice.exe)
+ *  @since S60 v3.0
+ */
+class CMapDescriptor : public CBase
+{
+    public:
+        CMapDescriptor()
+                {
+                iOwnerType = EPKICACertificate;
+                iKeySize = 0;
+                iKeyAlgorithm = EPKIInvalidAlgorithm;
+                };
+
+        ~CMapDescriptor()
+            {
+            delete iTrustedAuthority;
+            iTrustedAuthority = NULL;
+            delete iIdentitySubjectName;
+            iIdentitySubjectName = NULL;
+            delete iIdentityRfc822Name;
+            iIdentityRfc822Name = NULL;
+            delete iSerialNumber;
+            iSerialNumber = NULL;
+            iApplUids.Close();
+            };
+        CMapDescriptor(TSecurityObjectDescriptor& aDesc);
+        CMapDescriptor& operator=(CMapDescriptor& aMapDesc);
+        void SetMapObjectName(const TDesC& aFilename) {iObjectName.Copy(aFilename);};
+        TBool IsMatchingL(TSecurityObjectDescriptor &aDesc, 
+                          const TBool aInfoOnly, 
+                          TPkiServiceStoreType aCertStoreType) const;
+                          
+        TBool IsEqual(CMapDescriptor &aDesc);
+        void SetMapSubjectKeyId(const TPKIKeyIdentifier &aKeyId)
+            {
+            iSubjectKeyId.Copy(aKeyId);
+            };
+        void SetMapOwnerType(const TPKICertificateOwnerType aOwnerType) {iOwnerType = aOwnerType;};        
+        void SetMapKeyUsageDer(const TDesC8 &aKeyUsage)
+            {
+            iKeyUsageDer.Copy(aKeyUsage);
+            };                          // Optional if only certificate is needed
+        // Key usage is not defined in the filter, this will be checked separately
+        void SetMapKeySize(const TUint aKeySize) {iKeySize = aKeySize;};                // Optional if only certificate is needed
+        // Issuer and serial are not defined in the filter, these will be checked separately
+        void SetMapTrustedAuthorityL(const TDesC8 &aTrustedAuthority)
+            {
+            delete iTrustedAuthority;
+            iTrustedAuthority = NULL;
+            iTrustedAuthority = aTrustedAuthority.AllocL();
+            };
+        void SetMapIdentitySubjectNameL(const TDesC8 &aIdentitySubjectName)
+            {
+            delete iIdentitySubjectName;
+            iIdentitySubjectName = NULL;
+            iIdentitySubjectName = aIdentitySubjectName.AllocL();
+            };
+        void SetMapIdentityRfc822NameL(const TDesC8 &aIdentityRfc822Name)
+            {
+            delete iIdentityRfc822Name;
+            iIdentityRfc822Name = NULL;
+            iIdentityRfc822Name = aIdentityRfc822Name.AllocL();
+            };
+        void SetMapSerialNumberL(const TDesC8 &aSerialNumber)
+            {
+            delete iSerialNumber;
+            iSerialNumber = NULL;
+            iSerialNumber = aSerialNumber.AllocL();
+            };
+
+        void SetCertStoreType(TPkiServiceStoreType aCertStoreType);
+
+        void SetMapKeyAlgorithm(const TPKIKeyAlgorithm &aKeyAlgorithm) {iKeyAlgorithm = aKeyAlgorithm;};
+        void SetMapStartTime(const TTime &aTime) {iStartTime = aTime;};
+        void SetMapEndTime(const TTime &aTime) {iEndTime = aTime;};
+        void SetMapTrusted(const TBool &aTrusted) {iIsTrusted = aTrusted;};
+        void SetMapIsDeletable(const TBool &aIsDeletable) {iIsDeletable = aIsDeletable;};
+		void SetMapApplications(const RArray<TUid> &aApplications) {for(TInt i=0; i<aApplications.Count();i++){ iApplUids.Append(aApplications[i]);}};
+        
+        TBool IsMatchingCertStore(const TDesC& aCertStoreName);
+
+    public: // data
+        // No get methods introduced, values are used directly!     
+        
+        /// Key or certificate: used internally, depends on the operation              
+        /// Own: Cert TrustedAuthority
+        HBufC8*                     iTrustedAuthority;          
+        HBufC8*                     iIdentitySubjectName;       // Identity subject name
+        HBufC8*                     iIdentityRfc822Name;        // Identity subjectAltName rfc822 name
+        HBufC8*                     iSerialNumber;              // Serialnumber
+        TPKIKeyIdentifier           iSubjectKeyId;              // SHA1 hash of the corresponding private key
+        TPKICertificateOwnerType    iOwnerType;                 // User, CA or peer. If user certificate, at least key usage must be set
+        TBuf8<KMaxUsageDer>         iKeyUsageDer;               // Der format flags
+        TBuf<SHORT_FILENAME_LENGTH> iObjectName;
+        TUint                       iKeySize;                   // Key size
+        TPKIKeyAlgorithm            iKeyAlgorithm;              // RSA, DSA
+        TTime                       iStartTime;
+        TTime                       iEndTime;
+        TBool                       iIsDeletable;              
+        TBool                       iIsTrusted;
+        RArray<TUid>                iApplUids;
+        TPkiServiceStoreType        iCertStoreType;
+};
+
+/**
+ *  CPKIMapper
+ *
+ *  Maintains array of CMapDescriptor objects
+ *
+ *  @lib internal (pkiservice.exe)
+ *  @since S60 v3.0
+ */
+class CPKIMapper : public CBase
+{
+    public:
+        // Constructors, destructor
+        // When constructing an invocation, check if some key/certificate has been manually removed.
+        static CPKIMapper* NewL();
+        static TValidity CertValidity(const TTime &aStartTime, const TTime &aEndTime);
+        ~CPKIMapper();
+        
+        ////////////////////////////////////////////////////////////////////////////////////////////
+        // Mapping methods
+        ////////////////////////////////////////////////////////////////////////////////////////////
+        // These are new methods, which will be called from ipsecmanager when importing policy or deleting a certificate/key
+        // In acuagent, these will be called after user key has been generated and authorized by CA
+        TInt AddMapping(CMapDescriptor &aMap);
+        TInt DeleteMapping(CMapDescriptor &aDesc);        
+        CMapDescriptor& GetMapDescriptorAtIndex(TInt aIndex);
+        // One-to-one mapping functions        
+        void GetCertificateKeyIdL(TSecurityObjectDescriptor &aDescriptor, TPKIKeyIdentifier &aKeyId,
+                                  TPkiServiceStoreType aStoreType = EPkiStoreTypeUser) const;
+                                 
+        TInt ResolveCertMappingL(TSecurityObjectDescriptor &aDescriptor, TDes16 &aFilename, 
+                                TInt &aIndex, const TBool aInfoOnly, 
+                                TPkiServiceStoreType aStoreType = EPkiStoreTypeUser) const;
+        
+        TInt CertCount(void);
+		TInt ApplicableCertCount(const RArray<TUid>& aUidArray);		
+        TInt GetCertListL(const RMessage2& aMessage, TPkiServiceStoreType aStoreType, TBool aDescUsed = EFalse);
+		void GetApplicableCertListL(const RMessage2& aMessage, const RArray<TUid>& aUidArray);               
+        		    
+        // Function to check whether the given certificate is unique (doesn't exist in cert store)
+        TBool CertificateIsUniqueL(const TDesC8& aCertData);
+        
+        // Function that returns a guaranteedly unique certificate label.
+        void GenerateUniqueNameL(const TDesC8& aCertData, TDes& aName, 
+                                 TCertificateOwnerType aOwnerType = ECACertificate);       
+        void SetCacheCreated();
+        TBool CacheCreated();        
+    
+    private: // implementation
+        
+        void DeleteMapping(TInt aIndex);        
+        TBool LabelIsUnique(const TDesC& aLabel) const;
+        void LogMap(CMapDescriptor& aDescriptor) const;
+        void LogSearchArguments(TSecurityObjectDescriptor& aDescriptor) const;        
+                
+    private: // C'tor    
+
+        CPKIMapper();
+        void ConstructL();
+    
+    private: // data    
+        TBool   iCacheCreated;       
+        TInt    iCount;
+        /// Used when generating uniqname
+
+        RPointerArray<CMapDescriptor>*      iMapping;
+        TPckgBuf<TSecurityObjectDescriptor> iCurrentDescriptor;
+    	TBuf<MAX_FILENAME_LENGTH>           iObjectName;
+};
+
+class PkiUtil
+{
+    public:
+        static TBool MatchL(const CX500DistinguishedName& aDn1,
+                            const CX500DistinguishedName& aDn2);
+
+    private:    
+        static TBool HasElementL(const CX500DistinguishedName& aDn,
+                                 const CX520AttributeTypeAndValue& aElement);
+};
+
+
+#endif
\ No newline at end of file