--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/webservices/wscredentialmanager/src/sencredentialmanager.cpp Thu Jan 07 16:19:19 2010 +0200
@@ -0,0 +1,1758 @@
+/*
+* Copyright (c) 2002-2005 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+
+
+
+
+
+
+
+#include "sencredentialmanager.h"
+#include "seninternalcredential.h"
+
+#include <s32mem.h>
+#include <s32file.h>
+#include <sysutil.h>
+#include <SenXmlProperties.h>
+#include <SenXmlConstants.h>
+
+#include "sendebug.h" // internal \Utils\inc - filelogging MACROs
+#include "senlogger.h"
+#include "msencoreservicemanager.h" // internal \Framework\inc
+
+#include "senservicemanagerdefines.h" // KMaxTicks (1209600000)
+ // 1 tick = 1 millisec
+ // 86400 sec = 1 day
+ // 86400*1000 millisec = 1 day
+ // 86400*14*1000 = 1209600000 millisec = 2 weeks
+
+#include "SenParser.h"
+#include "SenDateUtils.h"
+#include "senwsdescription.h"
+#include "senwebservicesession.h"
+
+#include <SenServiceConnection.h> // KErrSenNoPermission ( -30315 )
+#include <xmlengnodelist.h>
+#include <SenCredential.h>
+
+#include <SenXmlUtils.h>
+#ifdef __CRYPTO_HW__
+#include "sencryptoutils.h"
+#include <SecEnv.h>
+#include <SecEnvDevice.h>
+#include <SecEnvType.h>
+#include <SecEnvMgr.h>
+const TInt KCryptoPADataLen = 16;
+const TInt KCryptoPACipherLen = 48;
+const TInt KPaCryptAuthLen = 32;
+const TInt KEncryptNoSalt = 3;
+const TInt KDecrypt = 2;
+const TUint KPadding = 0;
+const TUint KEncrypedLen = 128;
+_LIT8(KCryptoPA, "PA_CRYPT");
+#endif // __CRYPTO_HW__
+
+namespace
+ {
+#if !defined( EKA2 ) && !defined( RD_SECURE_PRIV_DATA )
+ _LIT(KCredentialFile, "C:\\system\\data\\sencredentials.xml");
+#else
+ _LIT(KCredentialFile, "sencredentials.xml");
+#endif
+
+ _LIT8(KCredentials, "Credentials");
+ _LIT8(KCredentialsMaxID, "CredentialsMaxID");
+ _LIT8(KCredentialContainer, "CredentialContainer");
+ _LIT8(KCredentialIdentifier, "Identifier");
+ _LIT8(KCredentialProperties, "Properties");
+ _LIT8(KTouch, "touch");
+ _LIT8(KCredentialId, "CredentialId");
+
+ const TInt KStateParsingCredentialContainer = 99;
+ const TInt KStateParsingCredentialIdentifier = 100;
+ const TInt KStateParsingCredentialProperties = 102;
+ const TInt KStateParsingCredential = 104;
+ const TInt KFlatBufSize = 128;
+
+ /* microseconds before actual notOnOrAfter (or validUntil) time
+ * when credentials are treated as expired.
+ */
+ const TInt KClockSlipMicroSeconds = 3*60*1000*1000;
+ }
+
+EXPORT_C CSenCredentialManager* CSenCredentialManager::NewL(MSenCoreServiceManager& aManager)
+ {
+ CSenCredentialManager* pNew = NewLC(aManager);
+ CleanupStack::Pop(pNew);
+ return(pNew);
+ }
+
+EXPORT_C CSenCredentialManager* CSenCredentialManager::NewLC(MSenCoreServiceManager& aManager)
+ {
+ CSenCredentialManager* pNew = new (ELeave) CSenCredentialManager(aManager);
+ CleanupStack::PushL(pNew);
+ pNew->ConstructL();
+ return pNew;
+ }
+
+CSenCredentialManager::CSenCredentialManager(MSenCoreServiceManager& aManager)
+: iManager(aManager),
+ iLog((RFileLogger*)aManager.Log()),
+ iMaxCredentialID(0)
+ {
+ }
+
+EXPORT_C CSenCredentialManager::~CSenCredentialManager()
+ {
+ SaveCredentialDB();
+
+ TInt count = iCredentialArray.Count();
+ for (TInt i=0; i < count; i++)
+ {
+ iCredentialArray[i].Close();
+ }
+ iCredentialArray.Close();
+
+ delete ipParser;
+
+ // Sanity check for Delegates (which are not handled correctly
+ // during parsing)
+ delete ipCredentialContainer;
+ delete ipCredentialIdentifier;
+ delete ipCredentialProperties;
+ delete ipCredential;
+ }
+
+void CSenCredentialManager::ConstructL()
+ {
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"CSenCredentialManager::ConstructL");
+ BaseConstructL(KCredentials);
+ LoadDB();
+ }
+
+RFileLogger* CSenCredentialManager::Log()
+ {
+ return iLog;
+ }
+
+void CSenCredentialManager::OnStartElementL(const RTagInfo& aElement,
+ const RAttributeArray& aAttributes,
+ TInt aErrorCode)
+ {
+ const TPtrC8 localName = aElement.LocalName().DesC();
+
+ switch (iState)
+ {
+ case KSenStateSave:
+ {
+ const TPtrC8 saxLocalName = aElement.LocalName().DesC();
+
+ if (saxLocalName == KCredentialContainer)
+ {
+ if ( ipCredentialContainer )
+ {
+ TXmlEngElement element = ipCredentialContainer->AsElementL();
+ element.Remove(); // Deletes Container from Dom tree
+ delete ipCredentialContainer;
+ ipCredentialContainer = NULL;
+ }
+
+ const TPtrC8 saxNsUri = aElement.Uri().DesC();
+ const TPtrC8 saxPrefix = aElement.Prefix().DesC();
+
+ TXmlEngElement element = AsElementL();
+ RSenDocument document = AsDocumentL();
+
+ ipCredentialContainer = CSenFragmentBase::NewL(
+ saxNsUri, saxLocalName,
+ saxPrefix, aAttributes,
+ element, document
+ );
+
+ iState = KStateParsingCredentialContainer;
+ }
+
+ break;
+ }
+ case KStateParsingCredentialContainer: // KStateParsingCredentialContainer
+ // is also Save state
+ {
+ const TPtrC8 saxLocalName = aElement.LocalName().DesC();
+
+ if (saxLocalName == KCredentialIdentifier)
+ {
+ if ( ipCredentialIdentifier )
+ {
+ TXmlEngElement element = ipCredentialIdentifier->AsElementL();
+ element.Remove(); // Deletes Identifier from Dom tree
+ delete ipCredentialIdentifier;
+ ipCredentialIdentifier = NULL;
+ }
+
+ const TPtrC8 saxNsUri = aElement.Uri().DesC();
+ const TPtrC8 saxPrefix = aElement.Prefix().DesC();
+
+ TXmlEngElement element = ipCredentialContainer->AsElementL();
+ RSenDocument document = AsDocumentL();
+
+ ipCredentialIdentifier = CSenCredentialIdentifier::NewL(
+ saxNsUri, saxLocalName,
+ saxPrefix, aAttributes,
+ element, document
+ );
+
+ iState = KStateParsingCredentialIdentifier;
+
+ OnDelegateParsingL(*ipCredentialIdentifier);
+ }
+ else if (saxLocalName == KCredentialProperties)
+ {
+ if ( ipCredentialProperties )
+ {
+ TXmlEngElement element = ipCredentialProperties->AsElementL();
+ element.Remove(); // Deletes Properties from Dom tree
+ delete ipCredentialProperties;
+ ipCredentialProperties = NULL;
+ }
+
+ const TPtrC8 saxNsUri = aElement.Uri().DesC();
+ const TPtrC8 saxPrefix = aElement.Prefix().DesC();
+
+ TXmlEngElement element = ipCredentialContainer->AsElementL();
+ RSenDocument document = AsDocumentL();
+
+ ipCredentialProperties = CSenCredentialProperties::NewL(
+ saxNsUri, saxLocalName,
+ saxPrefix, aAttributes,
+ element, document
+ );
+
+ iState = KStateParsingCredentialProperties;
+
+ OnDelegateParsingL(*ipCredentialProperties);
+ }
+ else
+ {
+ // Parsing Credential
+ //
+ // <=> Container can have only three elements:
+ // 1) CredentialIdentifier,
+ // 2) CredentialProperties and
+ // 3) Credential (which LocalName we do not know)
+ //
+ // If we see that LocalName was not CredentialIdentifier
+ // or CredentialProperties
+ // we know that we are handling Credential.
+
+ if ( ipCredential )
+ {
+ TXmlEngElement element = ipCredential->AsElementL();
+ element.Remove(); // Deletes Credential from Dom tree
+ delete ipCredential;
+ ipCredential = NULL;
+ }
+
+ const TPtrC8 saxNsUri = aElement.Uri().DesC();
+ const TPtrC8 saxPrefix = aElement.Prefix().DesC();
+
+ TXmlEngElement element = ipCredentialContainer->AsElementL();
+ RSenDocument document = AsDocumentL();
+
+ ipCredential = CSenInternalCredential::NewL(
+ saxNsUri, saxLocalName,
+ saxPrefix, aAttributes,
+ element, document
+ );
+ ipCredential->SetIdentifier(ipCredentialIdentifier);
+ ipCredentialIdentifier = NULL;
+
+ ipCredential->SetProperties(ipCredentialProperties);
+ ipCredentialProperties = NULL;
+
+ iState = KStateParsingCredential;
+
+ OnDelegateParsingL(*ipCredential);
+ }
+ break;
+ }
+ default:
+ {
+ const TPtrC8 saxLocalName = aElement.LocalName().DesC();
+
+ if (saxLocalName == KCredentials)
+ {
+ TInt count(aAttributes.Count());
+
+ for (TInt i=0; i<count; i++)
+ {
+ TPtrC8 localName = aAttributes[i].Attribute().LocalName().DesC();
+ TPtrC8 value = aAttributes[i].Value().DesC();
+
+ if ( localName == KCredentialsMaxID )
+ {
+ TLex8 lex;
+ lex.Assign(value);
+ lex.Val( iMaxCredentialID );
+ break;
+ }
+ }
+ }
+
+ CSenFragmentBase::OnStartElementL( aElement, aAttributes, aErrorCode );
+ break;
+ }
+ }
+ }
+
+void CSenCredentialManager::OnEndElementL( const RTagInfo& aElement, TInt aErrorCode )
+
+ {
+ const TPtrC8 localName = aElement.LocalName().DesC();
+
+ switch(iState)
+ {
+ case KStateParsingCredentialIdentifier:
+ {
+#ifdef __CRYPTO_HW__
+
+ TInt leaveCode(KErrNone);
+ TPtrC8 pass;
+ TBuf8<KEncrypedLen> decPwd;
+ ipCredentialIdentifier->PropertyL(KSenIdpPasswordLocalname, pass);
+ TRAP(leaveCode, DecryptPasswordL(pass, decPwd));
+ if (leaveCode == KErrNone)
+ {
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KMinLogLevel, _L8("SenCredentialManager::DecryptPasswordL success")));
+ }
+ else
+ {
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KMinLogLevel, _L8("SenCredentialManager::DecryptPasswordL Failed")));
+ }
+ ipCredentialIdentifier->SetPropertyL(KSenIdpPasswordLocalname, decPwd);
+
+#endif // __CRYPTO_HW__
+ iState = KStateParsingCredentialContainer;
+ break;
+ }
+ case KStateParsingCredentialProperties:
+ {
+ iState = KStateParsingCredentialContainer;
+ break;
+ }
+ case KStateParsingCredential:
+ {
+ TTime now;
+ now.UniversalTime();
+
+ TPtrC8 value;
+ TTimeIntervalMicroSeconds clientServerInterval = 0;
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"Checking 'ServiceInterval' property.");
+ _LIT8(KServiceInterval,"ServiceInterval"); //CodeScannerWarnings
+ TInt ret = ipCredential->PropertiesL().PropertyL(KServiceInterval, value);
+
+ TBool propertiesExist(ETrue);
+
+ if ( ret == KErrNone )
+ {
+ TLex8 lex(value);
+ TInt64 val;
+ ret = lex.Val(val);
+ TTimeIntervalMicroSeconds clientServerInterval = val;
+ if ( ret == KErrNone )
+ {
+#ifdef _SENDEBUG
+ TInt leaveCode(KErrNone);
+ TBuf8<SenDateUtils::KXmlDateTimeMaxLength> ts;
+ TRAP(leaveCode, SenDateUtils::ToXmlDateTimeUtf82L(ts, now);)
+ if (leaveCode == KErrNone)
+ {
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KNormalLogLevel, _L8("Client time : %S"), &ts));
+ }
+#endif // _SENDEBUG
+ now += clientServerInterval;
+#ifdef _SENDEBUG
+ TBuf8<64> buf;
+ buf.AppendNum(clientServerInterval.Int64());
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KNormalLogLevel, _L8("Client-Server Interval in microseconds: %S"),&buf));
+ TRAP(leaveCode, SenDateUtils::ToXmlDateTimeUtf82L(ts, now);)
+ if (leaveCode == KErrNone)
+ {
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KNormalLogLevel, _L8("Fixed client time : %S"), &ts));
+ }
+ leaveCode = 0; // not used
+#endif // _SENDEBUG
+ }
+ }
+ else if ( ret == KErrNotFound )
+ {
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"- 'ServiceInterval' not found.");
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"Checking 'ValidUntil' property.");
+ TInt ret2 = ipCredential->PropertiesL().PropertyL(_L8("ValidUntil"), value);
+ if ( ret2 == KErrNotFound )
+ {
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"- 'ValidUntil' not found.");
+ propertiesExist = EFalse;
+ }
+ }
+
+ if ( !propertiesExist ||
+ ( ( ipCredential->PropertiesL().ValidUntilL() != Time::NullTTime() ) &&
+ ( now > (ipCredential->PropertiesL().ValidUntilL()-TTimeIntervalMicroSeconds(KClockSlipMicroSeconds)) ) )
+ )
+ {
+
+#ifdef _SENDEBUG
+ if ( propertiesExist )
+ {
+ TLSLOG(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,(_L("- Loaded credential is expired:")));
+ TInt leaveCode(KErrNone);
+ TBuf8<SenDateUtils::KXmlDateTimeMaxLength> ts2;
+ TRAP(leaveCode, SenDateUtils::ToXmlDateTimeUtf82L(ts2, ipCredential->PropertiesL().ValidUntilL());)//codescannerwarnings
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KNormalLogLevel, _L8("- Credential time : %S, clockslip: %d micros"), &ts2, KClockSlipMicroSeconds));
+ leaveCode = 0; // not used
+ }
+ else
+ {
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"- Neither 'ValidUntil' or 'ServiceInterval' exist: credential should be discarded(!)");
+ }
+#endif // _SENDEBUG
+ TLSLOG(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,(_L("-- Invalid credential will be removed from CredentialManager.")));
+
+
+ delete ipCredential;
+ ipCredential = NULL;
+ }
+ else
+ {
+ if ( ipCredential->PropertiesL().ValidUntilL() != Time::NullTTime() )
+ {
+ TTime validUntil = ipCredential->PropertiesL().ValidUntilL();
+ ipCredential->SetValidUntil(validUntil);
+ }
+
+ RSenCredentialPtr credentialPtr;
+ credentialPtr.OpenL(ipCredential);
+ CleanupClosePushL(credentialPtr);
+ iCredentialArray.Append(credentialPtr);
+ CleanupStack::Pop(&credentialPtr);
+ }
+
+ ipCredential = NULL;
+
+ iState = KStateParsingCredentialContainer;
+ break;
+ }
+ case KStateParsingCredentialContainer:
+ {
+ if(localName == KCredentialContainer)
+ {
+ if ( ipCredentialContainer )
+ {
+ TXmlEngElement element = ipCredentialContainer->AsElementL();
+ RXmlEngNodeList<TXmlEngElement> children;
+
+ CleanupClosePushL(children);
+ element.GetChildElements(children);
+
+ // Element should always have 3 child elements:
+ // 1) CredentialIdentifier and
+ // 2) Credential
+ // 3) CredentialProperties
+ if ( children.Count() < 2 )
+ {
+ if ( ipCredentialIdentifier )
+ {
+ TXmlEngElement element = ipCredentialIdentifier->AsElementL();
+ element.Remove(); // Deletes Identifier from Dom tree
+ delete ipCredentialIdentifier;
+ ipCredentialIdentifier = NULL;
+ }
+ if ( ipCredentialProperties )
+ {
+ TXmlEngElement element = ipCredentialProperties->AsElementL();
+ element.Remove(); // Deletes Identifier from Dom tree
+ delete ipCredentialProperties;
+ ipCredentialProperties = NULL;
+ }
+ if ( ipCredential )
+ {
+ TXmlEngElement element = ipCredential->AsElementL();
+ element.Remove(); // Deletes Credential from Dom tree
+ delete ipCredential;
+ ipCredential = NULL;
+ }
+ element.Remove();
+ }
+ CleanupStack::PopAndDestroy(&children);
+
+ delete ipCredentialContainer;
+ ipCredentialContainer = NULL;
+ if ( ipContentBuf )
+ {
+
+ delete ipContentBuf;
+ ipContentBuf = NULL;
+
+ delete ipContentWriteStream;
+ ipContentWriteStream = NULL;
+ }
+ }
+
+ iState = KSenStateSave;
+ break;
+ }
+ else
+ {
+ return;
+ }
+ }
+ default:
+ {
+ CSenFragmentBase::OnEndElementL(aElement, aErrorCode);
+
+ break;
+ }
+ }
+ }
+
+TInt CSenCredentialManager::LoadDB()
+ {
+ TInt retVal(KErrNone);
+ if ( !ipParser )
+ {
+ TRAP( retVal, ipParser = CSenParser::NewL(); )
+ if( retVal == KErrNone )
+ {
+ ipParser->EnableFeature(EReportNamespaceMapping);
+ }
+ }
+ if( retVal == KErrNone )
+ {
+ TRAP(retVal, LoadFromL(KCredentialFile));
+ }
+ return retVal;
+ }
+
+void CSenCredentialManager::LoadFromL(const TDesC& aFile)
+ {
+ RFs fss;
+ User::LeaveIfError(fss.Connect());
+ CleanupClosePushL(fss);
+
+ TInt leaveCode(KErrNone);
+
+#if defined( EKA2 ) || defined( RD_SECURE_PRIV_DATA )
+ TBuf<KMaxPath> file;
+ fss.CreatePrivatePath(EDriveC);
+ fss.PrivatePath(file);
+ file.Append(aFile);
+ TRAP(leaveCode, ipParser->ParseL(fss, file, *this));
+#else
+ TRAP(leaveCode, aReader.ParseL(fss, aFile, *this));
+#endif
+
+ iState = KSenStateSave;
+
+#ifdef _SENDEBUG
+ if(leaveCode == KErrNotFound)
+ {
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"- The sencredentials.xml does not exist!");
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"- New file will be generated.");
+ }
+ else if(leaveCode != KErrNone)
+ {
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KMinLogLevel, _L8("- Parsing of sencredentials.xml leaved: %d"), leaveCode));
+ }
+ else
+ {
+ TLSLOG_L(KSenCoreServiceManagerLogChannelBase , KMinLogLevel,"- Credential database (sencredentials.xml) successfully read.");
+ }
+#else
+ leaveCode=0; // this is a decision: we are not interested
+ // of invalid input in read/parse phase
+#endif
+
+ SaveCredentialDB(); // Always validate by saving
+
+ CleanupStack::PopAndDestroy(); // fss
+ }
+
+TInt CSenCredentialManager::SaveCredentialDB()
+ {
+ TInt retVal(KErrNone);
+ TRAP(retVal, SaveToL(KCredentialFile));
+ return retVal;
+ }
+
+TInt CSenCredentialManager::SaveToL(const TDesC& aFile)
+ {
+ TInt count = iCredentialArray.Count();
+ TInt maxId = 0;
+#ifdef __CRYPTO_HW__
+
+ RArray<RBuf8 *> password;
+ TPtrC8 tempPass;
+ TInt leaveCode(KErrNone);
+
+#endif // __CRYPTO_HW__
+ for (TInt i=0; i<count; i++)
+ {
+#ifdef __CRYPTO_HW__
+ iCredentialArray[i].Credential()->IdentifierL().PropertyL(KSenIdpPasswordLocalname, tempPass);
+ RBuf8 *pTempBuf = new RBuf8;
+ pTempBuf->Create(tempPass);
+ password.Append(pTempBuf);
+
+ leaveCode = KErrNone;
+ TBuf8<KEncrypedLen> encPwd;
+ TRAP(leaveCode, EncryptPasswordL(tempPass, encPwd));
+ if (leaveCode == KErrNone)
+ {
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KMinLogLevel, _L8("SenCredentialManager::EncryptPasswordL success")));
+ }
+ else
+ {
+ TLSLOG_FORMAT((KSenCoreServiceManagerLogChannelBase , KMinLogLevel, _L8("SenCredentialManager::EncryptPasswordL Failed")));
+ }
+ // EncryptPasswordL(tempPass, encPwd);
+ iCredentialArray[i].Credential()->IdentifierL().SetPropertyL(KSenIdpPasswordLocalname, encPwd);
+#endif // __CRYPTO_HW__
+ if ( iCredentialArray[i].Credential()->IdentifierL().IdL() > maxId )
+ {
+ maxId = iCredentialArray[i].Credential()->IdentifierL().IdL();
+ }
+ }
+ iMaxCredentialID = maxId;
+ UpdateMaxCredentialIdL();
+
+ // First, collect everything into MEMORY
+ CBufFlat *pBuf = CBufFlat::NewL(KFlatBufSize);
+ CleanupStack::PushL(pBuf);
+
+ RBufWriteStream bufWs(*pBuf);
+ CleanupClosePushL(bufWs);
+
+ WriteAsXMLToL(bufWs);
+
+ TPtrC8 p8 = pBuf->Ptr(0);
+
+ CleanupStack::PopAndDestroy(1); // bufWs
+
+ // Everything in MEMORY ok, prepare to write into file
+ RFs fss;
+ User::LeaveIfError(fss.Connect());
+ CleanupClosePushL(fss);
+
+ RFileWriteStream fileOutStream;
+ CleanupClosePushL(fileOutStream);
+
+ if(!SysUtil::FFSSpaceBelowCriticalLevelL(&fss, p8.Length()) )
+ {
+ //Data caging 2 implementation
+#if defined( EKA2 ) || defined( RD_SECURE_PRIV_DATA )
+ TBuf<KMaxPath> file;
+ fss.CreatePrivatePath(EDriveC);
+ fss.PrivatePath(file);
+ file.Append(aFile);
+ fileOutStream.Replace(fss, file, EFileWrite);
+#else
+ fileOutStream.Replace(fss, aFile, EFileWrite);
+#endif
+ // finally write the UTF-8 into the file.
+ fileOutStream.WriteL(p8);
+ }
+
+ CleanupStack::PopAndDestroy(3); // fileOutStream, fss, pBuf
+#ifdef __CRYPTO_HW__
+ for (TInt i=0; i<count; i++)
+ {
+ iCredentialArray[i].Credential()->IdentifierL().SetPropertyL(KSenIdpPasswordLocalname, *password[i]);
+ password[i]->Close();
+ delete password[i];
+ }
+#endif // __CRYPTO_HW__
+ return KErrNone;
+ }
+
+TInt CSenCredentialManager::CredentialsL(const CSenWSDescription& aPattern,
+ RSenCredentialArray& aCredentials)
+ {
+ TInt retVal(KErrNotFound);
+ // RefreshMTL(aPattern);
+
+ TInt count = iCredentialArray.Count();
+
+ for (TInt i=0; i<count; i++)
+ {
+ if(IsApplicableOrShareableL(aPattern, iCredentialArray[i].Credential()))
+// if ( iCredentialArray[i].Credential()->IsApplicable(aPattern) )
+ {
+ TPtrC8 providerId;
+ retVal = iCredentialArray[i].Credential()->IdentityProviderIdL(providerId);
+ if ( retVal == KErrNone )
+ {
+ CSenWSDescription* pPattern = CSenWSDescription::NewLC();
+ pPattern->SetEndPointL(providerId);
+ CSenIdentityProvider* pProvider = iManager.IdentityProviderL(*pPattern);
+ CleanupStack::PopAndDestroy(pPattern);
+ if ( pProvider )
+ {
+ if ( ( pProvider->UserName() == KNullDesC8 ) &&
+ ( pProvider->Password() == KNullDesC8 ) )
+ {
+ aCredentials.AppendL(iCredentialArray[i].Credential());
+ }
+ else
+ {
+ retVal = KErrSenNoPermission;
+ }
+ }
+ else
+ {
+ // Note: Serene DB should not contain Credential
+ // which has IdentityProviderId which points
+ // to non-existent IdentityProvider.
+ // After all we cannot give access to Credential
+ // which has IdentityProviderId, even though actual
+ // IdentityProvider can not be found anymore.
+ retVal = KErrSenNoPermission;
+ }
+ }
+ else
+ {
+ aCredentials.AppendL(iCredentialArray[i].Credential());
+ }
+ }
+ }
+
+ if ( aCredentials.Count() == 0 )
+ {
+ return retVal;
+ }
+
+ return KErrNone;
+ }
+
+TBool CSenCredentialManager::IsAuto(CSenIdentityProvider& aIdp)
+ {
+ CSenElement* el(NULL);
+ TPtrC8 ext = aIdp.AccountExtensions(el);
+ if (ext == KNullDesC8)
+ {
+ if (el)
+ {
+ el = el->Element(KSenAccAutoSignIn);
+ if (el && el->Content() == KSenPropertyTrue)
+ {
+ return ETrue;
+ }
+ }
+ }
+ else
+ {
+ RBuf8 mask;
+ mask.Create(KSenAccAutoSignIn().Length() +
+ KSenGreaterThan().Length() +
+ KSenPropertyTrue().Length());
+ mask.CleanupClosePushL();
+ mask.Append(KSenAccAutoSignIn);
+ mask.Append(KSenGreaterThan);
+ mask.Append(KSenPropertyTrue);
+ if (ext.FindF(mask) != KErrNotFound)
+ {
+ return ETrue;
+ }
+ CleanupStack::PopAndDestroy(&mask);
+ }
+ return EFalse;
+ }
+TInt CSenCredentialManager::CredentialsL(const CSenWSDescription& aPattern,
+ const CSenIdentityProvider& aIdP,
+ RSenCredentialArray& aCredentials)
+ {
+ // RefreshMTL(aPattern);
+ TInt count = iCredentialArray.Count();
+ for (TInt i=0; i<count; i++)
+ {
+ if(IsApplicableOrShareableL(aPattern, iCredentialArray[i].Credential()))
+// if ( iCredentialArray[i].Credential()->IsApplicable(aPattern) )
+ {
+ TPtrC8 providerId;
+ TInt retVal = iCredentialArray[i].Credential()->IdentityProviderIdL(providerId);
+
+ if ( retVal == KErrNone )
+ {
+ CSenWSDescription* pPattern = CSenWSDescription::NewLC();
+ pPattern->SetEndPointL(providerId);
+ CSenIdentityProvider* pProvider = iManager.IdentityProviderL(*pPattern);
+ CleanupStack::PopAndDestroy(pPattern);
+ CSenCredentialIdentifier& identifier = iCredentialArray[i].Credential()->IdentifierL();
+
+ TPtrC8 usernameIdent;
+ TInt retVal = identifier.PropertyL(KSenIdpAuthzIDLocalname, usernameIdent);
+ TPtrC8 passwordIdent;
+ retVal = identifier.PropertyL(KSenIdpPasswordLocalname, passwordIdent);
+
+ TPtrC8 usernameProv = ((CSenIdentityProvider&)aIdP).UserName();
+ TPtrC8 passwordProv = ((CSenIdentityProvider&)aIdP).Password();
+
+ HBufC8* decPasswordIden = SenXmlUtils::DecodeHttpCharactersLC(passwordIdent);
+ HBufC8* decPasswordProv = SenXmlUtils::DecodeHttpCharactersLC(passwordProv);
+
+ if( ( usernameIdent.Length() == 0 || usernameIdent == usernameProv ) &&
+ (
+ ( decPasswordIden->Length() == 0 || *decPasswordIden == *decPasswordProv )
+ ||
+ (IsAuto(*pProvider) && *decPasswordProv == KNullDesC8)
+ )
+ )
+ {
+ aCredentials.AppendL(iCredentialArray[i].Credential());
+ }
+ CleanupStack::PopAndDestroy(2); // decode x2
+ }
+ }
+ }
+
+ if ( aCredentials.Count() == 0 )
+ {
+ return KErrNotFound;
+ }
+
+ return KErrNone;
+ }
+
+TInt CSenCredentialManager::CredentialsL(const CSenWSDescription& aPattern,
+ RSenCredentialPtrArray& aCredentials)
+ {
+ TInt retVal(KErrNotFound);
+
+ TInt count = iCredentialArray.Count();
+
+ for (TInt i=0; i<count; i++)
+ {
+ if(IsApplicableOrShareableL(aPattern, iCredentialArray[i].Credential()))
+// if ( iCredentialArray[i].Credential()->IsApplicable(aPattern) )
+ {
+ TPtrC8 providerId;
+ retVal = iCredentialArray[i].Credential()->IdentityProviderIdL(providerId);
+ if ( retVal == KErrNone )
+ {
+ CSenWSDescription* pPattern = CSenWSDescription::NewLC();
+ pPattern->SetEndPointL(providerId);
+ CSenIdentityProvider* pProvider = iManager.IdentityProviderL(*pPattern);
+ CleanupStack::PopAndDestroy(pPattern);
+ if ( pProvider )
+ {
+ if ( ( pProvider->UserName() == KNullDesC8 ) &&
+ ( pProvider->Password() == KNullDesC8 ) )
+ {
+ aCredentials.AppendL(iCredentialArray[i]);
+ }
+ else
+ {
+ retVal = KErrSenNoPermission;
+ }
+ }
+ else
+ {
+ // Note: Serene DB should not contain Credential
+ // which has IdentityProviderId which points
+ // to non-existent IdentityProvider.
+ // After all we cannot give access to Credential
+ // which has IdentityProviderId, even though actual
+ // IdentityProvider can not be found anymore.
+ retVal = KErrSenNoPermission;
+ }
+ }
+ else
+ {
+ aCredentials.AppendL(iCredentialArray[i]);
+ }
+ }
+ }
+
+ if ( aCredentials.Count() == 0 )
+ {
+ return retVal;
+ }
+
+ return KErrNone;
+ }
+
+TInt CSenCredentialManager::CredentialsL(const CSenWSDescription& aPattern,
+ const CSenIdentityProvider& aIdP,
+ RSenCredentialPtrArray& aCredentials)
+ {
+ TInt count = iCredentialArray.Count();
+ for (TInt i=0; i<count; i++)
+ {
+ if(IsApplicableOrShareableL(aPattern, iCredentialArray[i].Credential()))
+// if ( iCredentialArray[i].Credential()->IsApplicable(aPattern) )
+ {
+ TPtrC8 providerId;
+ TInt retVal = iCredentialArray[i].Credential()->IdentityProviderIdL(providerId);
+ if ( retVal == KErrNone )
+ {
+ /*CSenWSDescription* pPattern = CSenWSDescription::NewLC();
+ pPattern->SetEndPointL(providerId);
+ CSenIdentityProvider* pProvider = iManager.IdentityProviderL(*pPattern);
+ CleanupStack::PopAndDestroy(pPattern);
+ if ( pProvider )
+ {
+ if ( ( ((CSenIdentityProvider&)aIdP).UserName() == pProvider->UserName() ) &&
+ ( ((CSenIdentityProvider&)aIdP).Password() == pProvider->Password() ) )
+ {
+ aCredentials.AppendL(iCredentialArray[i]);
+ }
+ }*/
+ CSenCredentialIdentifier& identifier = iCredentialArray[i].Credential()->IdentifierL();
+
+ TPtrC8 username;
+ TInt retVal = identifier.PropertyL(KSenIdpAuthzIDLocalname, username);
+ TPtrC8 passwordId;
+ retVal = identifier.PropertyL(KSenIdpPasswordLocalname, passwordId);
+ HBufC8* decPasswordId = SenXmlUtils::DecodeHttpCharactersLC(passwordId);
+
+ TPtrC8 passwordProv = ((CSenIdentityProvider&)aIdP).Password();
+ HBufC8* decPasswordProv = SenXmlUtils::DecodeHttpCharactersLC(passwordProv);
+
+ if( ( username.Length() == 0 || username == ((CSenIdentityProvider&)aIdP).UserName() ) &&
+ ( decPasswordId->Length() == 0 || *decPasswordId == *decPasswordProv) )
+ {
+ aCredentials.AppendL(iCredentialArray[i]);
+ }
+ CleanupStack::PopAndDestroy(2); // encodehttp
+ }
+ }
+ }
+
+ if ( aCredentials.Count() == 0 )
+ {
+ return KErrNotFound;
+ }
+
+ return KErrNone;
+ }
+
+RSenCredentialPtr CSenCredentialManager::AddCredentialL(CSenInternalCredential* apCredential,
+ TInt& aErrorTo)
+ {
+ if ( !apCredential )
+ {
+ SENDEBUG_L("AddCredentialL(*) - Illegal argument: NULL");
+ aErrorTo = KErrArgument;
+ return RSenCredentialPtr();
+ }
+
+ CleanupStack::PushL(apCredential);
+ RSenCredentialPtr credentialPtr;
+ credentialPtr.OpenL(apCredential);
+ CleanupStack::Pop(apCredential);
+ CleanupClosePushL(credentialPtr);
+ iCredentialArray.AppendL(credentialPtr);
+ CleanupStack::Pop(&credentialPtr);
+
+ TXmlEngElement element = this->AsElementL().AddNewElementL(KCredentialContainer);
+ apCredential->IdentifierL().AsElementL().MoveTo(element);
+ apCredential->IdentifierL().SetDocument(AsDocumentL());
+ apCredential->IdentifierL().SetIdL(NextCredentialIdL());
+ apCredential->PropertiesL().AsElementL().MoveTo(element);
+ apCredential->PropertiesL().SetDocument(AsDocumentL());
+ apCredential->AsElementL().MoveTo(element);
+ apCredential->SetDocument(AsDocumentL());
+
+ SaveCredentialDB();
+
+ aErrorTo = KErrNone;
+ return credentialPtr;
+ }
+
+RSenCredentialPtr CSenCredentialManager::AddCredentialL( CSenIdentityProvider* apIdP,
+ CSenInternalCredential* apCredential,
+ TInt& aErrorTo )
+ {
+ CleanupStack::PushL(apCredential);
+ CleanupStack::PushL(apIdP);
+
+ if ( !apCredential )
+ {
+ SENDEBUG_L("AddCredentialL(*) - Illegal argument: NULL");
+ CleanupStack::PopAndDestroy(apIdP);
+ CleanupStack::PopAndDestroy(apCredential);
+ return RSenCredentialPtr();
+ }
+
+ CSenIdentityProvider* pIdP = NULL;
+ // Note: Following function returns either KErrNotFound or the index of found
+ // IdentityProvider (index >= 0).
+ TInt retVal = ((MSenIdentityManager&)iManager).FindMatchingIdentityProviderL(*apIdP, pIdP);
+ if ( retVal > KErrNone )
+ {
+ retVal = KErrNone;
+ }
+
+ if ( retVal == KErrNotFound )
+ {
+ CleanupStack::PopAndDestroy(apIdP);
+ CleanupStack::PopAndDestroy(apCredential);
+ aErrorTo = retVal;
+ return RSenCredentialPtr();
+ }
+ else
+ {
+ CleanupStack::PopAndDestroy(apIdP);
+ TPtrC8 providerId = pIdP->ProviderID();
+ apCredential->SetIdentityProviderIdL(providerId);
+ TPtrC8 userName = pIdP->UserName();
+ if(userName.Length() > 0)
+ {
+ TPtrC8 password = pIdP->Password();
+ apCredential->SetAuthInfo(userName, password);
+ }
+ }
+
+ RSenCredentialPtr credentialPtr;
+ credentialPtr.OpenL(apCredential);
+ CleanupStack::Pop(apCredential);
+ CleanupClosePushL(credentialPtr);
+ iCredentialArray.AppendL(credentialPtr);
+ CleanupStack::Pop(&credentialPtr);
+
+
+ TXmlEngElement element = this->AsElementL().AddNewElementL(KCredentialContainer);
+ apCredential->IdentifierL().AsElementL().MoveTo(element);
+ apCredential->IdentifierL().SetDocument(AsDocumentL());
+ apCredential->IdentifierL().SetIdL(NextCredentialIdL());
+ apCredential->PropertiesL().AsElementL().MoveTo(element);
+ apCredential->PropertiesL().SetDocument(AsDocumentL());
+ apCredential->AsElementL().MoveTo(element);
+ apCredential->SetDocument(AsDocumentL());
+
+ SaveCredentialDB();
+
+ aErrorTo = retVal;
+ return credentialPtr;
+ }
+
+RSenCredentialPtr CSenCredentialManager::AddCredentialL(const TDesC8& aCredential,
+ TInt& aErrorTo)
+ {
+ CSenInternalCredential* pCredential = CSenInternalCredential::NewLC();
+ ipParser->ParseL(aCredential, *pCredential);
+ CleanupStack::Pop(pCredential);
+
+ // Following takes the ownership of pCredential
+ RSenCredentialPtr credPtr = AddCredentialL(pCredential, aErrorTo);
+
+ return credPtr;
+ }
+
+RSenCredentialPtr CSenCredentialManager::AddCredentialL(CSenIdentityProvider* apIdP,
+ const TDesC8& aCredential,
+ TInt& aErrorTo)
+ {
+ CSenInternalCredential* pCredential = CSenInternalCredential::NewLC();
+ ipParser->ParseL(aCredential, *pCredential);
+ CleanupStack::Pop(pCredential);
+
+ // Following takes the ownership of pCredential
+ RSenCredentialPtr credPtr = AddCredentialL(apIdP, pCredential, aErrorTo);
+
+ return credPtr;
+ }
+
+// Very efficient method that removes all the credentials of certain *service*,
+// independent of provider ID and/or user account
+TInt CSenCredentialManager::RemoveCredentialsL(const CSenWSDescription& aPattern)
+ {
+ TInt retVal(KErrNotFound);
+
+ TInt count = iCredentialArray.Count();
+ for (TInt i=0; i<count; i++)
+ {
+ if ( iCredentialArray[i].Credential() &&
+ iCredentialArray[i].Credential()->IsApplicableL(aPattern) )
+ {
+ // Get CredentialContainer element
+ TXmlEngNode element = iCredentialArray[i].Credential()->AsElementL().ParentNode();
+ // Delete and destroy both CredentialIdentifier and Credential
+ iCredentialArray[i].CloseAndDestroyCredential();
+ // Delete and destroy CredentialContainer element
+ iCredentialArray.Remove(i);
+ element.Remove();
+ i--;
+ count--;
+
+ retVal = KErrNone;
+ }
+ }
+
+ SaveCredentialDB();
+
+ return retVal;
+ }
+
+TInt CSenCredentialManager::RemoveCredentialsL( const CSenWSDescription& aPattern,
+ const CSenIdentityProvider& aIdP )
+ {
+ TInt retVal(KErrNotFound);
+
+ TInt count = iCredentialArray.Count();
+ for (TInt i=0; i<count; i++)
+ {
+ if ( iCredentialArray[i].Credential() &&
+ iCredentialArray[i].Credential()->IsApplicableL(aPattern) )
+ {
+ TPtrC8 providerId;
+ retVal = iCredentialArray[i].Credential()->IdentityProviderIdL(providerId);
+ if ( retVal == KErrNone )
+ {
+ CSenWSDescription* pPattern = CSenWSDescription::NewLC();
+ pPattern->SetEndPointL(providerId);
+ CSenIdentityProvider* pProvider = iManager.IdentityProviderL(*pPattern);
+ CleanupStack::PopAndDestroy(pPattern);
+ /*if ( pProvider )
+ {
+ if ( ( ((CSenIdentityProvider&)aIdP).UserName() == pProvider->UserName() ) &&
+ ( ((CSenIdentityProvider&)aIdP).Password() == pProvider->Password() ) )
+ {
+ // Get CredentialContainer element
+ TXmlEngNode element = iCredentialArray[i].Credential()->AsElementL().ParentNode();
+ // Delete and destroy both CredentialIdentifier and Credential
+
+ iCredentialArray[i].CloseAndDestroyCredential();
+ // Delete and destroy CredentialContainer element
+ iCredentialArray.Remove(i);
+ element.Remove();
+ i--;
+ count--;
+
+ retVal = KErrNone;
+ }
+ }*/
+ CSenCredentialIdentifier& identifier = iCredentialArray[i].Credential()->IdentifierL();
+ TPtrC8 username;
+ TInt retVal = identifier.PropertyL(KSenIdpAuthzIDLocalname, username);
+ TPtrC8 password;
+ retVal = identifier.PropertyL(KSenIdpPasswordLocalname, password);
+
+ HBufC8* decPasswordIden = SenXmlUtils::DecodeHttpCharactersLC(password);
+ HBufC8* decPasswordProv = SenXmlUtils::DecodeHttpCharactersLC(((CSenIdentityProvider&)aIdP).Password());
+
+ if( ( username.Length() == 0 || username == ((CSenIdentityProvider&)aIdP).UserName() ) &&
+ (( decPasswordIden->Length() == 0 || *decPasswordIden == *decPasswordProv )
+ ||
+ (IsAuto(*pProvider) && ((CSenIdentityProvider&)aIdP).Password() == KNullDesC8)))
+ {
+ // Get CredentialContainer element
+ TXmlEngNode element = iCredentialArray[i].Credential()->AsElementL().ParentNode();
+ // Delete and destroy both CredentialIdentifier and Credential
+
+ iCredentialArray[i].CloseAndDestroyCredential();
+ // Delete and destroy CredentialContainer element
+ iCredentialArray.Remove(i);
+ element.Remove();
+ i--;
+ count--;
+
+ retVal = KErrNone;
+ }
+ CleanupStack::PopAndDestroy(2); // decode http x2
+ }
+ }
+ }
+
+ if( retVal == KErrNone )
+ {
+ // At least one credential was removed, serialize the db
+ SaveCredentialDB();
+ }
+ return retVal;
+ }
+
+TInt CSenCredentialManager::RemoveCredentialsL(const TDesC8& aProviderId)
+ {
+ TInt retVal(KErrNotFound);
+
+ TInt count = iCredentialArray.Count();
+ for (TInt i=0; i<count; i++)
+ {
+ TPtrC8 providerId;
+ if (iCredentialArray[i].Credential())
+ {
+ retVal = iCredentialArray[i].Credential()->IdentityProviderIdL(providerId);
+ }
+ if ( ( retVal == KErrNone ) && ( aProviderId == providerId ) )
+ {
+ CSenCredentialIdentifier& identifier = iCredentialArray[i].Credential()->IdentifierL();
+
+ TPtrC8 username;
+ TInt retVal = identifier.PropertyL(KSenIdpAuthzIDLocalname, username);
+ TPtrC8 password;
+ retVal = identifier.PropertyL(KSenIdpPasswordLocalname, password);
+
+ CSenWSDescription* pPattern = CSenWSDescription::NewLC();
+ pPattern->SetEndPointL(providerId);
+ CSenIdentityProvider* pProvider = iManager.IdentityProviderL(*pPattern);
+ CleanupStack::PopAndDestroy(pPattern);
+
+ if ( pProvider )
+ {
+ HBufC8* decPasswordIden = SenXmlUtils::DecodeHttpCharactersLC(password);
+ HBufC8* decPasswordProv = SenXmlUtils::DecodeHttpCharactersLC(pProvider->Password());
+
+ if( ( username.Length() == 0 || username == pProvider->UserName() ) &&
+ ( decPasswordIden->Length() == 0 || *decPasswordIden == *decPasswordProv ) )
+ {
+ // Permission to remove this credential is granted(!)
+
+ // Get CredentialContainer element
+ TXmlEngNode element;
+ if (iCredentialArray[i].Credential())
+ {
+ element = iCredentialArray[i].Credential()->AsElementL().ParentNode();
+ }
+ // Delete and destroy both CredentialIdentifier and Credential
+ iCredentialArray[i].CloseAndDestroyCredential();
+ // Delete and destroy CredentialContainer element
+ iCredentialArray.Remove(i);
+ element.Remove();
+ i--;
+ count--;
+
+ retVal = KErrNone;
+ }
+ CleanupStack::PopAndDestroy(2); // decode http chars x2
+ }
+/*
+ else
+ {
+ // no IDP (account) exists, credential will be removed at some later time
+ continue;
+ }
+*/
+ }
+ }
+
+ if( retVal == KErrNone )
+ {
+ // At least one credential was removed, serialize the db
+ SaveCredentialDB();
+ }
+
+ return retVal;
+ }
+
+TInt CSenCredentialManager::NextCredentialIdL()
+ {
+ iMaxCredentialID++;
+
+ UpdateMaxCredentialIdL();
+
+ return iMaxCredentialID;
+ }
+
+void CSenCredentialManager::UpdateMaxCredentialIdL()
+ {
+ TBool found = EFalse;
+ TXmlEngElement element = AsElementL();
+ RXmlEngNodeList<TXmlEngAttr> attrList;
+ element.GetAttributes(attrList);
+ CleanupClosePushL(attrList);
+ while ( attrList.HasNext() && !found )
+ {
+ TXmlEngAttr attr = attrList.Next();
+ if ( attr.Name() == KCredentialsMaxID )
+ {
+ TBuf8<KFlatBufSize> buffer;
+ buffer.Num( iMaxCredentialID );
+ attr.SetValueL(buffer);
+ found = ETrue;
+ }
+ }
+ CleanupStack::PopAndDestroy(&attrList); // Close()
+
+ if ( !found )
+ {
+ TBuf8<KFlatBufSize> buffer;
+ buffer.Num(iMaxCredentialID);
+ element.AddNewAttributeL(KCredentialsMaxID, buffer);
+ }
+ }
+
+// Very powerful method, that removes the credential without checking
+// account details (username & password), and/or provider ID
+// (low level, private method)
+TInt CSenCredentialManager::RemoveCredentialL(TInt aInternalCredentialId)
+ {
+ TInt retVal(KErrNotFound);
+
+ TInt credId( KErrNotFound );
+ TInt count = iCredentialArray.Count();
+ for (TInt i=0; i<count; i++)
+ {
+ CSenInternalCredential* pCred = iCredentialArray[i].Credential();
+ if( pCred )
+ {
+
+
+ //TRAP( leaveCode, credId = pCred->IdentifierL().IdL(); )
+ //if( !leaveCode && (credId == aInternalCredentialId) )
+
+ credId = pCred->IdentifierL().IdL();
+ if( credId == aInternalCredentialId )
+ {
+ // Get CredentialContainer element
+ TXmlEngNode element = iCredentialArray[i].Credential()->AsElementL().ParentNode();
+ // Delete and destroy both CredentialIdentifier and Credential
+ iCredentialArray[i].CloseAndDestroyCredential();
+ // Delete and destroy CredentialContainer element
+ iCredentialArray.Remove(i);
+ element.Remove();
+ retVal = KErrNone;
+ break;
+ }
+ }
+ }
+ return retVal;
+ }
+
+RSenCredentialPtr CSenCredentialManager::CredentialL( TInt aInternalCredentialId,
+ TInt& aErrorTo )
+ {
+ TInt count = iCredentialArray.Count();
+ for (TInt i=0; i<count; i++)
+ {
+ if ( iCredentialArray[i].Credential() && iCredentialArray[i].Credential()->IdentifierL().IdL() == aInternalCredentialId )
+ {
+
+ // Check if current account has permission to use this credential
+ CSenCredentialIdentifier& identifier = iCredentialArray[i].Credential()->IdentifierL();
+
+ // Collect significant properties that are checked in order to
+ // grant (or not gran)t permission to consume this credential:
+ TPtrC8 providerID;
+ TInt retVal = iCredentialArray[i].Credential()->IdentityProviderIdL(providerID);
+ //TInt retVal = identifier.PropertyL(KSenIdpProviderIdLocalname, providerID);
+
+ TPtrC8 username;
+ retVal = identifier.PropertyL(KSenIdpAuthzIDLocalname, username);
+
+ TPtrC8 password;
+ retVal = identifier.PropertyL(KSenIdpPasswordLocalname, password);
+
+ if( username.Length() > 0 && password.Length() > 0 )
+ {
+ CSenWSDescription* pPattern = CSenWSDescription::NewLC();
+ pPattern->SetEndPointL(providerID);
+ CSenIdentityProvider* pProvider = iManager.IdentityProviderL(*pPattern);
+ CleanupStack::PopAndDestroy(pPattern);
+ if ( pProvider )
+ {
+ HBufC8* passProvDec = SenXmlUtils::DecodeHttpCharactersLC(pProvider->Password());
+ HBufC8* passIdDec = SenXmlUtils::DecodeHttpCharactersLC(password);
+ if ( ( pProvider->UserName() != username ) ||
+ ( *passProvDec != *passIdDec ) )
+ {
+ CleanupStack::PopAndDestroy(2); //decode x2
+ // userinfo does not match with stored credential's username & password
+ continue;
+ }
+ else
+ {
+ CleanupStack::PopAndDestroy(2); //decode x2
+ }
+ }
+ else
+ {
+ // No IDP exists, but credential was protected
+ continue; // no permission to use this credential
+ }
+ }
+ // either credential is not protected in fist place, or both password and username match
+ // (permission was granted)
+ aErrorTo = KErrNone;
+ return iCredentialArray[i];
+ }
+ }
+ aErrorTo = KErrNotFound;
+ return RSenCredentialPtr();
+ }
+
+RSenCredentialPtr CSenCredentialManager::UpdateCredentialL( TInt aInternalCredentialId,
+ CSenInternalCredential* apCredential,
+ TInt& aErrorTo )
+ {
+ // Call to CredentialL (search method) will check the userinfo (account) /
+ // permission to manipulate the credential
+ RSenCredentialPtr credPtr = CredentialL( aInternalCredentialId, aErrorTo );
+ if ( aErrorTo == KErrNone )
+ {
+ // Get CredentialContainer element
+ if (credPtr.Credential())
+ {
+ TXmlEngNode containerElement =
+ credPtr.Credential()->AsElementL().ParentNode();
+ // Get Credential element
+ TXmlEngNode element =
+ credPtr.Credential()->AsElementL();
+ element.Remove();
+ credPtr.SetCredential(apCredential);
+ apCredential->AsElementL().MoveTo(containerElement);
+ apCredential->SetDocument(AsDocumentL());
+ aErrorTo = KErrNone;
+ }
+ }
+ return credPtr;
+ }
+
+RSenCredentialPtr CSenCredentialManager::UpdateCredentialL( TInt aInternalCredentialId,
+ const TDesC8& aCredential,
+ TInt& aErrorTo )
+ {
+ CSenInternalCredential* pCredential = CSenInternalCredential::NewLC();
+ ipParser->ParseL(aCredential, *pCredential);
+
+ // Following takes the ownership of pCredential
+ RSenCredentialPtr credPtr = UpdateCredentialL( aInternalCredentialId,
+ pCredential,
+ aErrorTo );
+ CleanupStack::Pop(pCredential);
+
+ return credPtr;
+ }
+
+TBool CSenCredentialManager::IsApplicableOrShareableL(const CSenWSDescription& aPattern,CSenInternalCredential* aCredential)
+ {
+ TBool retVal = ETrue;
+ if (aCredential && !aCredential->IsApplicableL(aPattern)) //codescannerwarings
+ {
+ retVal = EFalse;
+ RWSDescriptionArray arr;
+ CleanupClosePushL(arr);
+
+ CSenWSDescription* pSD = CSenWSDescription::NewLC();
+ pSD->SetEndPointL(((CSenWSDescription&)aPattern).Endpoint());
+
+ iManager.ServiceDescriptionsL(arr, *pSD);
+ CleanupStack::PopAndDestroy(pSD);
+ for (TInt i=0;i<arr.Count();i++)
+ {
+ MSenServiceDescription::TDescriptionClassType dt = arr[i]->DescriptionClassType();
+ if (dt == MSenServiceDescription::EWSStarServiceSession ||
+ dt == MSenServiceDescription::EOviServiceSession )
+ {
+ //CWSStarServiceSession* session = (CWSStarServiceSession*)arr[i];
+ CSenWebServiceSession* session = (CSenWebServiceSession*)arr[i];
+ TInt credId = session->GetCredentialIdL();
+ TInt id = aCredential->IdentifierL().IdL(); //codescannerwarings
+ if (credId==id)
+ {
+ retVal = ETrue;
+ }
+ }
+ }
+ CleanupStack::PopAndDestroy(&arr);
+ }
+
+ return retVal;
+ }
+
+TInt CSenCredentialManager::RefreshMTL(const CSenWSDescription& aPattern)
+ {
+ TInt retVal(KErrNone);
+
+ RWSDescriptionArray arr;
+ CSenWSDescription* pSD = CSenWSDescription::NewLC();
+ pSD->SetEndPointL(((CSenWSDescription&)aPattern).Endpoint());
+
+ iManager.ServiceDescriptionsL(arr, *pSD);
+ CleanupStack::PopAndDestroy(pSD);
+ CleanupClosePushL(arr);
+ for (TInt i=0;i<arr.Count();i++)
+ {
+ MSenServiceDescription::TDescriptionClassType dt = arr[i]->DescriptionClassType();
+ if (dt == MSenServiceDescription::EWSStarServiceSession)
+ {
+ CSenWebServiceSession* session = (CSenWebServiceSession*)arr[i];
+ HBufC8* revalidationError = NULL;
+ retVal = session->RefreshMTL(revalidationError);
+ delete revalidationError;
+ }
+ }
+ CleanupStack::PopAndDestroy(); //arr.Close() is enough
+ return retVal;
+ }
+
+EXPORT_C void CSenCredentialManager::UpdateTouchCredDBL(MSenServiceDescription& asd)
+ {
+ RXmlEngNodeList<TXmlEngElement> credContElemList;
+ CleanupClosePushL(credContElemList);
+ RWSDescriptionArray arr;
+ CleanupClosePushL(arr);
+
+ iManager.ServiceDescriptionsL(arr, asd);
+ AsElementL().GetElementsByTagNameL(credContElemList, KCredentialContainer());
+
+ for (TInt i=0;i<arr.Count();i++)
+ {
+ CSenWebServiceSession* session = (CSenWebServiceSession*)arr[i];
+ TInt credId = session->GetCredentialIdL();
+
+ while(credContElemList.HasNext())
+ {
+ RXmlEngNodeList<TXmlEngElement> credIdentElemList; // credential identifier element
+ CleanupClosePushL(credIdentElemList);
+
+
+ TXmlEngElement credContElem = credContElemList.Next();
+ credContElem.GetElementsByTagNameL(credIdentElemList, KCredentialIdentifier());
+
+ if(credIdentElemList.HasNext())
+ {
+ RXmlEngNodeList<TXmlEngElement> credIdElemList;
+ CleanupClosePushL(credIdElemList);
+
+ TXmlEngElement credIdentElem = credIdentElemList.Next();
+ credIdentElem.GetElementsByTagNameL(credIdElemList, KCredentialId());
+
+ if(credIdElemList.HasNext())
+ {
+ TInt res(0);
+ TInt credIdDb(0);
+
+ TXmlEngElement credIdElem = credIdElemList.Next();
+
+ TLex8 lex;
+ lex.Assign(credIdElem.Text());
+ lex.Val(credIdDb);
+ res = credId - credIdDb;
+ if(res == 0)
+ {
+ TUint32 current_tick(0);
+ TBuf8<32> tickBuf;
+
+ current_tick = User::NTickCount();
+ tickBuf.Num(current_tick);
+ credContElem.SetAttributeL(KTouch(), tickBuf);
+ }
+ }
+
+ CleanupStack::PopAndDestroy(&credIdElemList);
+ }
+ CleanupStack::PopAndDestroy(&credIdentElemList);
+ }
+ }
+
+ CleanupStack::PopAndDestroy(&arr);
+ CleanupStack::PopAndDestroy(&credContElemList);
+// CleanupUnusedCredDBL();
+
+
+ }
+
+void CSenCredentialManager::CleanupUnusedCredDBL()
+ {
+ TInt result(1);
+ TInt loc(KErrNotFound); // Not found
+ TInt res(0);
+ TUint32 current_tick(0);
+ TUint32 db_ticks(0);
+ TUint32 diff_ticks(0);
+
+ RXmlEngNodeList<TXmlEngElement> credContElemList;
+ CleanupClosePushL(credContElemList);
+
+ AsElementL().GetElementsByTagNameL(credContElemList, KCredentialContainer());
+
+ while(credContElemList.HasNext()) // Can be many credential containers
+ {
+ RXmlEngNodeList<TXmlEngAttr> attrList;
+ CleanupClosePushL(attrList);
+
+ TXmlEngElement credContElem = credContElemList.Next();
+ credContElem.GetAttributes(attrList);
+ while(attrList.HasNext()) // Only one attribute now i.e touch attribute
+ {
+ TXmlEngAttr attrElem = attrList.Next();
+ res = attrElem.Name().Compare(KTouch);
+ if(res == 0)
+ {
+ TPtrC8 val = attrElem.Value();
+
+ TLex8 lex;
+ lex.Assign(val);
+ lex.Val(db_ticks, EDecimal);
+
+ current_tick = User::NTickCount();
+ diff_ticks = current_tick - db_ticks;
+ if(KMaxTicks <= diff_ticks || current_tick < db_ticks)
+ {
+ RXmlEngNodeList<TXmlEngElement> credIdentElemList; //credential Identifier element
+ CleanupClosePushL(credIdentElemList);
+ RXmlEngNodeList<TXmlEngElement> credIdElemList; //credentialId element
+ CleanupClosePushL(credIdElemList);
+
+ credContElem.GetElementsByTagNameL(credIdentElemList, KCredentialIdentifier());
+ // There will be only one Credential Identifier within a Credential Container
+ if(credIdentElemList.HasNext())
+ {
+ TXmlEngElement credIdentElem = credIdentElemList.Next();
+ credIdentElem.GetElementsByTagNameL(credIdElemList, KCredentialId());
+
+ // There will be only one Credential Id element within a Credential Identifier
+ if(credIdElemList.HasNext())
+ {
+ TInt credId(0);
+ TInt credCount(0);
+ TInt credIdDb(0);
+
+ credCount = iCredentialArray.Count();
+ for(TInt i=0; i < credCount; i++)
+ {
+ credId = iCredentialArray[i].Credential()->IdentifierL().IdL();
+ TXmlEngElement credIdElem = credIdElemList.Next();
+ lex.Assign(credIdElem.Text());
+ lex.Val(credIdDb);
+ result = credId - credIdDb;
+ if(result == 0)
+ {
+ loc = i;
+ break;
+ }
+ }
+ }
+ }
+ if(result == 0 && loc != KErrNotFound)
+ {
+ // Get CredentialContainer element
+ TXmlEngNode element = iCredentialArray[loc].Credential()->AsElementL().ParentNode();
+ // Delete and destroy both CredentialIdentifier and Credential
+ iCredentialArray[loc].CloseAndDestroyCredential();
+ // Delete and destroy CredentialContainer element
+ iCredentialArray.Remove(loc);
+ element.Remove();
+ }
+
+ CleanupStack::PopAndDestroy(&credIdElemList);
+ CleanupStack::PopAndDestroy(&credIdentElemList);
+
+ break;
+ }
+ }
+ }
+ CleanupStack::PopAndDestroy(&attrList);
+ }
+ CleanupStack::PopAndDestroy(&credContElemList);
+ }
+// End of file
+#ifdef __CRYPTO_HW__
+void CSenCredentialManager::EncryptPasswordL(const TDesC8& aData, TDes8& aCipherText)
+ {
+#ifndef __WINSCW__
+ TUint cipherLen;
+ TBuf8<KEncrypedLen> temp;
+
+ // add padding if length is less than 16
+ if (aData.Length() < KCryptoPADataLen)
+ {
+ const TInt remainder = aData.Length() % KCryptoPADataLen;
+ temp.Copy(aData);
+ temp.AppendFill( KPadding, KCryptoPADataLen - remainder );
+ cipherLen = temp.Length() + KPaCryptAuthLen ;
+ aCipherText.SetLength(cipherLen);
+ }
+ else
+ {
+ temp.Copy(aData);
+ cipherLen = aData.Length() + KPaCryptAuthLen ;
+ aCipherText.SetLength(cipherLen);
+ }
+
+ TBuf8<20> paId;
+ paId.Copy(KCryptoPA);
+
+ CSecEnv* secEnv = CSecEnv::NewL();
+ TInt err = secEnv->ProtectedApplicationExecute(paId, (TAny*)temp.Ptr(), temp.Length(),
+ (TAny*)aCipherText.Ptr(), cipherLen, KEncryptNoSalt);
+ delete secEnv;
+
+ // Encode data into Base64 format
+ HBufC8 *b64encPwd = SenCryptoUtils::EncodeBase64L(aCipherText);
+ if(b64encPwd)
+ {
+ aCipherText = (*b64encPwd);
+ delete b64encPwd;
+ }
+
+
+#else
+
+aCipherText = aData;
+//return KErrNotSupported;
+#endif
+
+ }
+
+void CSenCredentialManager::DecryptPasswordL(const TDesC8& aCipherText, TDes8& aData)
+ {
+#ifndef __WINSCW__
+ TUint dataLen = aCipherText.Length() - KPaCryptAuthLen ;
+ aData.SetLength(dataLen);
+ TBuf8<20> paId;
+ paId.Copy(KCryptoPA);
+ // Decode data from Base64 format
+ HBufC8 *b64decPwd = SenCryptoUtils::DecodeBase64L(aCipherText);
+ TDesC8 aTmpTxt= (*b64decPwd);
+ // Decrypt using PA
+ CSecEnv* secEnv = CSecEnv::NewL();
+ TInt err = secEnv->ProtectedApplicationExecute(paId, (TAny*)aTmpTxt.Ptr(), aTmpTxt.Length(),
+ (TAny*)aData.Ptr(), dataLen, KDecrypt);
+ // remove padding
+ if (aData.Length() == KCryptoPADataLen)
+ {
+ RBuf8 decPwd;
+ decPwd.Create(KCryptoPADataLen);
+ decPwd.Copy(aData);
+ TInt pos = decPwd.Locate(KPadding);
+ if(pos != KErrNotFound)
+ {
+ decPwd.SetLength(pos);
+ aData.SetLength(decPwd.Length());
+ aData = decPwd;
+ }
+ decPwd.Close();
+ }
+ delete secEnv;
+ if(b64decPwd)
+ {
+ delete b64decPwd;
+ }
+
+#else
+
+aData = aCipherText ;
+//return KErrNotSupported;
+#endif
+}
+#endif // __CRYPTO_HW__
+// End of file
+
+
+