1 /*

     2 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description: 

    15 * CWTLSCertChainAO class implementation

    16 *

    17 */

    18 

    19 

    20 

    21 

    22 /**

    23  @file 

    24  @internalTechnology

    25 */

    26  

    27 #ifndef __WTLSCERTCHAINAO_H__

    28 #define __WTLSCERTCHAINAO_H__

    29 

    30 #include <e32base.h>

    31 #include <f32file.h>

    32 #include <unifiedcertstore.h>

    33 #include <hash.h>

    34 

    35 

    36 class CWTLSCertChain;

    37 class CWTLSValidationResult;

    38 class CWTLSCertificate;

    39 

    40 /**

    41  * This class handles the asynchronous part of the wtls chain validation. It

    42  * is an active object which handles the asynchronous certificate store operations.

    43  */

    44 class CWTLSCertChainAO : public CActive

    45 {

    46 public:

    47 	static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain,

    48 		const CArrayPtr<CWTLSCertificate>& aRootCerts);

    49 	static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain, 

    50 		const TUid aClient);

    51 	virtual ~CWTLSCertChainAO();

    52 	virtual TInt RunError(TInt aError);

    53 

    54 private:

    55 	CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain);

    56 	CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain, const TUid aClient);

    57 	void ConstructL(const CArrayPtr<CWTLSCertificate>& aRootCerts);

    58 

    59 public:

    60 	void RunL();

    61 	void DoCancel();

    62 

    63 private:

    64 	/**

    65 	 * This function creates a CCertStoreManager,

    66 	 * calls CCertStoreManager initialise and sets the state

    67 	 * to EStoreManagerInitialized

    68 	 */

    69 	void HandleEStoreManagerInitializationL();

    70 	void HandleEStoreManagerInitializedL();

    71 	void HandleEGetCertHashesL();

    72 	void HandleEPruneListL();

    73 	void HandleEPruneListDoneL();

    74 	void HandleECheckTCAL();

    75 	void HandleEIsChainSelfSignedL();

    76 	void HandleERetrieveRootsL();

    77 	void HandleEAddRootToListL();

    78 	void HandleEFindRootL();

    79 	void HandleEValidateEndL();

    80 

    81 	// Request functions

    82 public:

    83 	void Validate(CWTLSValidationResult& aValidationResult, const TTime& aValidationTime,							

    84 		TRequestStatus& aStatus);

    85 

    86 private:

    87 	TBool CheckSignatureAndNameL(const CWTLSCertificate& aCert,

    88 		CWTLSValidationResult& aResult, TInt aPos) const;

    89 	TBool CheckValidityPeriod(const CWTLSCertificate& aCert,

    90 		CWTLSValidationResult& aResult,	const TTime aTime, TInt aPos) const;

    91 	HBufC8& GeneratePublicKeyHashL(const CWTLSCertificate& aCert) const;

    92 

    93 	enum TState

    94 	{

    95 		EStoreManagerInitialization = 0,

    96 		EStoreManagerInitialized,

    97 		EGetCertHashes,

    98 		EPruneList,

    99 		EPruneListDone,

   100 		ECheckTCA,

   101 		EIsChainSelfSigned,

   102 		ERetrieveRoots,

   103 		EAddRootToList,

   104 		EFindRoot,

   105 		EValidateEnd

   106 	};

   107 

   108 private:

   109 	RFs& iFs;

   110 	CUnifiedCertStore* iCertStoreManager;

   111 	/**

   112 	 * List of the subject hashes from the cert store

   113 	 * The elements remained owned by the CCTCertInfo

   114 	 */

   115 	RPointerArray< TBuf8<20> > iRootSubjectStoreHashList;

   116 	/**

   117 	 * List of the subject hashes from the passed in certs

   118 	 * We own this object and all its elements

   119 	 */

   120 	RPointerArray< HBufC8 > iRootSubjectClientHashList;

   121 	CCertAttributeFilter* iFilter;

   122 	/**

   123 	 * Stores info on the certs in the cert store

   124 	 * We own this object and all its elements

   125 	 */

   126 	RMPointerArray<CCTCertInfo> iCertInfos;

   127 	/**

   128 	 * Indicates whether iWTLSCertChain.iChain was pruned or not

   129 	 */

   130 	TBool iPruned;

   131 	/**

   132 	 * The index within iChain that the chain was pruned

   133 	 */

   134 	TInt iPrunedChainLength;

   135 

   136 	CWTLSCertChain& iWTLSCertChain;

   137 	TUid iClient;

   138 	TPtr8 iEncodedCert;

   139 	HBufC8* iEncodedCertTemp;

   140 

   141 	TState iState;

   142 

   143 	TRequestStatus* iOriginalRequestStatus;

   144 

   145 	/**

   146 	 * Roots passed in from the client that we trust

   147 	 * We own this object and all its elements

   148 	 */

   149 	RPointerArray<CWTLSCertificate> iRootsFromClient;

   150 	/**

   151 	 * Roots from the specified cert store that we trust.

   152 	 * We own this object and all its elements

   153 	 */

   154 	RPointerArray<CWTLSCertificate> iRootsFromStore;

   155 

   156 	/**

   157 	 * A counter used to carry counter information between AO states

   158 	 */

   159 	TInt iIndex;

   160 

   161 	/**

   162 	 * Indicates if a root cert has been found for this particular chain

   163 	 */

   164 	TBool iFoundRoot;

   165 

   166 	/**

   167 	 * To store the parameters passed to CWTLSCertChain::Validate

   168 	 */ 

   169 	CWTLSValidationResult* iValidationResult;

   170 	/**

   171 	 * To store the parameters passed to CWTLSCertChain::Validate

   172 	 */ 

   173 	const TTime* iValidationTime;					 

   174 };

   175 

   176 #include <wtlscertchain.h>

   177 

   178 #endif