|
1 /* |
|
2 * Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include "cfskeystoreclient.h" |
|
20 #include "CFStokenclient.h" |
|
21 #include "fsmarshaller.h" |
|
22 #include "fsdatatypes.h" |
|
23 #include "ClientOpenedKeys.h" |
|
24 #include "clientutils.h" |
|
25 #include <mctauthobject.h> |
|
26 #include <asymmetrickeys.h> |
|
27 #include <pbedata.h> |
|
28 #include <ct/logger.h> |
|
29 |
|
30 // When retrieving data from the server we sometimes make a guess at the size of |
|
31 // the data that will be returned so we can allocate a buffer for it. If it's |
|
32 // not big enough, the server tells us the required size and we retry. These |
|
33 // values are the initial guesses at buffer size: |
|
34 const TInt KInitialBufSizeList = 1024; |
|
35 const TInt KInitialBufSizeOpen = 64; |
|
36 |
|
37 /** |
|
38 * A class that wraps an array of key info pointers. |
|
39 * |
|
40 * Implements the MKeyInfoArray interface required for marshalling key info |
|
41 * arrays. The reason for all this is that we want to be able to use either an |
|
42 * array of CCTKeyInfo pointers or an array of MCTTokenObjects interchangably - |
|
43 * but the array classes are implemented as templates, so there is no |
|
44 * inheritance relation between Array\<A\> and Array\<B\> even if B is derived from |
|
45 * A. |
|
46 */ |
|
47 template <class KeyInfoT> class TKeyInfoArray : public MKeyInfoArray |
|
48 { |
|
49 public: |
|
50 TKeyInfoArray(RMPointerArray<KeyInfoT>& aArray) : iArray(aArray) { } |
|
51 virtual TInt Count() { return iArray.Count(); } |
|
52 virtual CCTKeyInfo* operator[](TInt aIndex) { return static_cast<CCTKeyInfo*>(iArray[aIndex]); } |
|
53 virtual TInt Append(CCTKeyInfo* aInfo) { return iArray.Append(aInfo); } |
|
54 virtual void Close() { iArray.Close(); } |
|
55 private: |
|
56 RMPointerArray<KeyInfoT>& iArray; |
|
57 }; |
|
58 |
|
59 /*static*/ MCTTokenInterface* CFSKeyStoreClient::NewKeyStoreUserInterfaceL(MCTToken& aToken, RFileStoreClientSession& aClient) |
|
60 { |
|
61 // Destroyed by MCTTokenInterface::DoRelease() |
|
62 CFSKeyStoreClient* me = new (ELeave) CFSKeyStoreClient(KInterfaceKeyStore, |
|
63 aToken, |
|
64 aClient); |
|
65 CleanupStack::PushL(me); |
|
66 me->ConstructL(); |
|
67 CleanupStack::Pop(me); |
|
68 return (me); |
|
69 } |
|
70 |
|
71 /*static*/ MCTTokenInterface* CFSKeyStoreClient::NewKeyStoreManagerInterfaceL(MCTToken& aToken, RFileStoreClientSession& aClient) |
|
72 { |
|
73 // Destroyed by MCTTokenInterface::DoRelease() |
|
74 CFSKeyStoreClient* me = new (ELeave) CFSKeyStoreClient(KInterfaceKeyStoreManager, |
|
75 aToken, |
|
76 aClient); |
|
77 CleanupStack::PushL(me); |
|
78 me->ConstructL(); |
|
79 CleanupStack::Pop(me); |
|
80 return (me); |
|
81 } |
|
82 |
|
83 CFSKeyStoreClient::CFSKeyStoreClient(TInt aUID, MCTToken& aToken, RFileStoreClientSession& aClient) |
|
84 : CFSClient(aUID, aToken, aClient), |
|
85 // Reference count starts at one as we're always created and returned by a GetInterface() call on the token |
|
86 iRefCount(1) |
|
87 { |
|
88 LOG(_L("CFSKeyStoreClient::CFSKeyStoreClient: keystore client interface created")); |
|
89 } |
|
90 |
|
91 void CFSKeyStoreClient::ConstructL() |
|
92 { |
|
93 CActiveScheduler::Add(this); |
|
94 iAuthObject = CKeyStoreAuthObject::NewL(*this); |
|
95 iAuthObject->AddRef(); |
|
96 } |
|
97 |
|
98 CFSKeyStoreClient::~CFSKeyStoreClient() |
|
99 { |
|
100 LOG(_L("CFSKeyStoreClient::~CFSKeyStoreClient")); |
|
101 LOG_INC_INDENT(); |
|
102 |
|
103 Cleanup(); |
|
104 if (iAuthObject) |
|
105 { |
|
106 iAuthObject->Release(); |
|
107 } |
|
108 |
|
109 LOG_DEC_INDENT(); |
|
110 } |
|
111 |
|
112 MCTToken& CFSKeyStoreClient::Token() |
|
113 { |
|
114 return iToken; |
|
115 } |
|
116 |
|
117 void CFSKeyStoreClient::AddRef() |
|
118 { |
|
119 ++iRefCount; |
|
120 |
|
121 LOG1(_L("CFSKeyStoreClient::AddRef: keystore client interface referenced, refcount = %d"), iRefCount); |
|
122 LOG_INC_INDENT(); |
|
123 |
|
124 iToken.AddRef(); |
|
125 |
|
126 LOG_DEC_INDENT(); |
|
127 } |
|
128 |
|
129 void CFSKeyStoreClient::DoRelease() |
|
130 { |
|
131 --iRefCount; |
|
132 |
|
133 LOG1(_L("CFSKeyStoreClient::DoRelease: keystore client interface released, refcount = %d"), iRefCount); |
|
134 LOG_INC_INDENT(); |
|
135 |
|
136 ASSERT(iRefCount >= 0); |
|
137 if (iRefCount == 0) |
|
138 { |
|
139 MCTTokenInterface::DoRelease(); |
|
140 } |
|
141 |
|
142 LOG_DEC_INDENT(); |
|
143 } |
|
144 |
|
145 void CFSKeyStoreClient::ReleaseObject(const TCTTokenObjectHandle& aHandle) |
|
146 { |
|
147 iClient.SendRequest(ECloseObject, TIpcArgs(aHandle.iObjectId)); |
|
148 } |
|
149 |
|
150 void CFSKeyStoreClient::FreeKeyBuffer() |
|
151 { |
|
152 delete iKey; |
|
153 iKey = NULL; |
|
154 } |
|
155 |
|
156 TInt CFSKeyStoreClient::AllocKeyBuffer(TInt aReqdSize) |
|
157 { |
|
158 ASSERT(aReqdSize > 0); |
|
159 |
|
160 TInt result = KErrNoMemory; |
|
161 FreeKeyBuffer(); |
|
162 iKey = HBufC8::NewMax(aReqdSize); |
|
163 if (iKey) |
|
164 { |
|
165 TPtr8 thePtr(iKey->Des()); |
|
166 thePtr.FillZ(); |
|
167 result = KErrNone; |
|
168 } |
|
169 |
|
170 return result; |
|
171 } |
|
172 |
|
173 // ********************************************************************************* |
|
174 // CActive implementation |
|
175 // ********************************************************************************* |
|
176 |
|
177 /** |
|
178 * Called when the server completes an asynchronous request. Unmarshalls the |
|
179 * data from the server and passes it back to the caller. |
|
180 */ |
|
181 void CFSKeyStoreClient::RunL() |
|
182 { |
|
183 User::LeaveIfError(iStatus.Int()); |
|
184 |
|
185 switch (iCurrentRequest.OutstandingRequest()) |
|
186 { |
|
187 case ECreateKey: |
|
188 case EImportKey: |
|
189 case EImportEncryptedKey: |
|
190 // Unmarshal the created key data and create CCTKeyInfo to pass back to caller |
|
191 UpdateKey(); |
|
192 break; |
|
193 |
|
194 case EExportKey: |
|
195 case EExportEncryptedKey: |
|
196 case EDHAgree: |
|
197 { |
|
198 *iClientPtr.iBuffer = HBufC8::NewL(iRequestPtr.Length()); |
|
199 TPtr8 ptr((*iClientPtr.iBuffer)->Des()); |
|
200 ptr.FillZ(); |
|
201 ptr.Copy(iRequestPtr); |
|
202 break; |
|
203 } |
|
204 |
|
205 case ERepudiableDSASign: |
|
206 TokenDataMarshaller::ReadL(iRequestPtr, *iClientPtr.iDSASignature); |
|
207 break; |
|
208 |
|
209 case ERepudiableRSASign: |
|
210 TokenDataMarshaller::ReadL(iRequestPtr, *iClientPtr.iRSASignature); |
|
211 break; |
|
212 |
|
213 case EDecryptText: |
|
214 iClientPtr.iDecryptedText->Copy(iRequestPtr); |
|
215 break; |
|
216 |
|
217 case EChangePassphrase: |
|
218 case EAuthOpen: |
|
219 // Nothing to do for these operations |
|
220 break; |
|
221 |
|
222 case EDHPublicKey: |
|
223 { |
|
224 ASSERT(iDHParams); |
|
225 RInteger n = iDHParams->TakeN(); |
|
226 CleanupStack::PushL(n); |
|
227 RInteger g = iDHParams->TakeG(); |
|
228 CleanupStack::PushL(g); |
|
229 RInteger X; |
|
230 TokenDataMarshaller::ReadL(iRequestPtr, X); |
|
231 CleanupStack::PushL(X); |
|
232 *iClientPtr.iDHPublicKey = CDHPublicKey::NewL(n, g, X); |
|
233 CleanupStack::Pop(3); // X, g, n |
|
234 break; |
|
235 } |
|
236 |
|
237 default: |
|
238 __ASSERT_DEBUG(EFalse, FSTokenPanic(EInvalidRequest)); |
|
239 } |
|
240 Cleanup(); |
|
241 iCurrentRequest.Complete(KErrNone); |
|
242 } |
|
243 |
|
244 /// Clean up internal state |
|
245 void CFSKeyStoreClient::Cleanup() |
|
246 { |
|
247 FreeRequestBuffer(); |
|
248 FreeKeyBuffer(); |
|
249 |
|
250 delete iPbeParamsBuf; |
|
251 iPbeParamsBuf = NULL; |
|
252 |
|
253 // Zero client pointers |
|
254 iClientPtr.iAny = NULL; |
|
255 |
|
256 delete iDHParams; |
|
257 iDHParams = NULL; |
|
258 |
|
259 delete iText; |
|
260 iText=NULL; |
|
261 } |
|
262 |
|
263 TInt CFSKeyStoreClient::RunError(TInt aError) |
|
264 { |
|
265 Cleanup(); |
|
266 return CFSClient::RunError(aError); |
|
267 } |
|
268 |
|
269 void CFSKeyStoreClient::DoCancel() |
|
270 { |
|
271 TFSTokenMessages message = EIdle; |
|
272 |
|
273 switch (iCurrentRequest.OutstandingRequest()) |
|
274 { |
|
275 case ECreateKey: |
|
276 message = ECancelCreateKey; |
|
277 break; |
|
278 |
|
279 case ERepudiableRSASign: |
|
280 message = ECancelRSASign; |
|
281 break; |
|
282 |
|
283 case ERepudiableDSASign: |
|
284 message = ECancelDSASign; |
|
285 break; |
|
286 |
|
287 case EDecryptText: |
|
288 message = ECancelDecrypt; |
|
289 break; |
|
290 |
|
291 case EDHPublicKey: |
|
292 case EDHAgree: |
|
293 message = ECancelDH; |
|
294 break; |
|
295 |
|
296 case EImportKey: |
|
297 message = ECancelImportKey; |
|
298 break; |
|
299 |
|
300 case EImportEncryptedKey: |
|
301 message = ECancelImportEncryptedKey; |
|
302 break; |
|
303 |
|
304 case EExportKey: |
|
305 message = ECancelExportKey; |
|
306 break; |
|
307 |
|
308 case EExportEncryptedKey: |
|
309 message = ECancelExportEncryptedKey; |
|
310 break; |
|
311 |
|
312 case EChangePassphrase: |
|
313 message = ECancelChangePassphrase; |
|
314 break; |
|
315 |
|
316 case EAuthOpen: |
|
317 message = ECancelAuthOpen; |
|
318 break; |
|
319 |
|
320 default: |
|
321 // Nothing to do |
|
322 break; |
|
323 } |
|
324 |
|
325 if (message != EIdle) |
|
326 { |
|
327 iClient.SendRequest(message, TIpcArgs()); |
|
328 } |
|
329 |
|
330 Cleanup(); |
|
331 CFSClient::DoCancel(); |
|
332 } |
|
333 |
|
334 // ********************************************************************************* |
|
335 // MKeyStore |
|
336 // ********************************************************************************* |
|
337 void CFSKeyStoreClient::List(RMPointerArray<CCTKeyInfo>& aKeys, const TCTKeyAttributeFilter& aFilter, TRequestStatus& aStatus) |
|
338 { |
|
339 LOG(_L("CFSKeyStoreClient::List: list keys")); |
|
340 LOG_INC_INDENT(); |
|
341 |
|
342 TKeyInfoArray<CCTKeyInfo> array(aKeys); |
|
343 TRAPD(err, DoListL(aFilter, array)); |
|
344 FreeRequestBuffer(); |
|
345 TRequestStatus* status = &aStatus; |
|
346 User::RequestComplete(status, err); |
|
347 |
|
348 LOG_DEC_INDENT(); |
|
349 } |
|
350 |
|
351 void CFSKeyStoreClient::DoListL(const TCTKeyAttributeFilter& aFilter, MKeyInfoArray& aOut) |
|
352 { |
|
353 TInt startOfNew = aOut.Count(); |
|
354 ASSERT(iAuthObject); |
|
355 |
|
356 TPckg<TCTKeyAttributeFilter> filterPckg(aFilter); |
|
357 SendSyncRequestAndHandleOverflowL(EListKeys, KInitialBufSizeList, TIpcArgs(&filterPckg, 0, &iRequestPtr)); |
|
358 |
|
359 CleanupClosePushL(aOut); |
|
360 TokenDataMarshaller::ReadL(iRequestPtr, iToken, aOut); |
|
361 |
|
362 for (TInt index = startOfNew ; index < aOut.Count() ; ++index) |
|
363 { |
|
364 iAuthObject->AddRef(); |
|
365 LOG1(_L("CFSKeyStoreClient::DoListL: adding keyinfo %08x."), aOut[index]); |
|
366 aOut[index]->SetProtector(*iAuthObject); |
|
367 } |
|
368 |
|
369 CleanupStack::Pop(&aOut); |
|
370 } |
|
371 |
|
372 void CFSKeyStoreClient::CancelList() |
|
373 { |
|
374 // synchronous, nothing to do |
|
375 } |
|
376 |
|
377 void CFSKeyStoreClient::GetKeyInfo(TCTTokenObjectHandle aHandle, CCTKeyInfo*& aInfo, |
|
378 TRequestStatus& aStatus) |
|
379 { |
|
380 LOG(_L("CFSKeyStoreClient::GetKeyInfo: get key info")); |
|
381 LOG_INC_INDENT(); |
|
382 |
|
383 TRAPD(err, DoGetKeyInfoL(aHandle, aInfo)); |
|
384 LOG2(_L("Got key info %08x with protector %08x"), aInfo, aInfo->Protector()); |
|
385 FreeRequestBuffer(); |
|
386 TRequestStatus* status = &aStatus; |
|
387 User::RequestComplete(status, err); |
|
388 |
|
389 LOG_DEC_INDENT(); |
|
390 } |
|
391 |
|
392 void CFSKeyStoreClient::DoGetKeyInfoL(TCTTokenObjectHandle aHandle, CCTKeyInfo*& aInfo) |
|
393 { |
|
394 SendSyncRequestAndHandleOverflowL(EGetKeyInfo, KInitialBufSizeList, TIpcArgs(aHandle.iObjectId, 0, &iRequestPtr)); |
|
395 TokenDataMarshaller::ReadL(iRequestPtr, iToken, aInfo); |
|
396 } |
|
397 |
|
398 void CFSKeyStoreClient::CancelGetKeyInfo() |
|
399 { |
|
400 // synchronous, nothing to do |
|
401 } |
|
402 |
|
403 void CFSKeyStoreClient::Open(const TCTTokenObjectHandle& aHandle, |
|
404 MRSASigner*& aSigner, |
|
405 TRequestStatus& aStatus) |
|
406 { |
|
407 LOG(_L("CFSKeyStoreClient::Open: open rsa signer")); |
|
408 LOG_INC_INDENT(); |
|
409 |
|
410 CRSARepudiableSigner* signer = CRSARepudiableSigner::New(this); |
|
411 |
|
412 TInt err = DoOpenKey(EOpenKeyRepudiableRSASign, aHandle, signer); |
|
413 if (err == KErrNone) |
|
414 { |
|
415 aSigner = signer; |
|
416 } |
|
417 |
|
418 TRequestStatus* status = &aStatus; |
|
419 User::RequestComplete(status, err); |
|
420 |
|
421 LOG_DEC_INDENT(); |
|
422 } |
|
423 |
|
424 void CFSKeyStoreClient::Open(const TCTTokenObjectHandle& aHandle, |
|
425 MCTSigner<CDSASignature*>*& aSigner, |
|
426 TRequestStatus& aStatus) |
|
427 { |
|
428 LOG(_L("CFSKeyStoreClient::Open: open dsa signer")); |
|
429 LOG_INC_INDENT(); |
|
430 |
|
431 CDSARepudiableSigner* signer = CDSARepudiableSigner::New(this); |
|
432 TInt err = DoOpenKey(EOpenKeyRepudiableDSASign, aHandle, signer); |
|
433 if (err == KErrNone) |
|
434 { |
|
435 aSigner = signer; |
|
436 } |
|
437 TRequestStatus* status = &aStatus; |
|
438 User::RequestComplete(status, err); |
|
439 |
|
440 LOG_DEC_INDENT(); |
|
441 } |
|
442 |
|
443 void CFSKeyStoreClient::Open(const TCTTokenObjectHandle& aHandle, |
|
444 MCTDecryptor*& aDecryptor, |
|
445 TRequestStatus& aStatus) |
|
446 { |
|
447 LOG(_L("CFSKeyStoreClient::Open: open rsa decryptor")); |
|
448 LOG_INC_INDENT(); |
|
449 |
|
450 CFSRSADecryptor* decryptor = CFSRSADecryptor::New(this); |
|
451 TInt err = DoOpenKey(EOpenKeyDecrypt, aHandle, decryptor); |
|
452 if (err == KErrNone) |
|
453 { |
|
454 aDecryptor = decryptor; |
|
455 } |
|
456 TRequestStatus* status = &aStatus; |
|
457 User::RequestComplete(status, err); |
|
458 |
|
459 LOG_DEC_INDENT(); |
|
460 } |
|
461 |
|
462 void CFSKeyStoreClient::Open(const TCTTokenObjectHandle& aHandle, |
|
463 MCTDH*& aDH, TRequestStatus& aStatus) |
|
464 { |
|
465 LOG(_L("CFSKeyStoreClient::Open: open dh agreement")); |
|
466 LOG_INC_INDENT(); |
|
467 |
|
468 CDHAgreement* dh = CDHAgreement::New(this); |
|
469 TInt err = DoOpenKey(EOpenKeyAgree, aHandle, dh); |
|
470 if (err == KErrNone) |
|
471 { |
|
472 aDH = dh; |
|
473 } |
|
474 TRequestStatus* status = &aStatus; |
|
475 User::RequestComplete(status, err); |
|
476 |
|
477 LOG_DEC_INDENT(); |
|
478 } |
|
479 |
|
480 TInt CFSKeyStoreClient::DoOpenKey(TFSTokenMessages aMessage, |
|
481 const TCTTokenObjectHandle& aHandle, |
|
482 COpenedKey* aOpenedKey) |
|
483 { |
|
484 if (!aOpenedKey) |
|
485 { |
|
486 return KErrNoMemory; |
|
487 } |
|
488 |
|
489 // This is similar to SendSyncRequestAndHandleOverflowL, but we're returning data in iLabel |
|
490 TInt handle; |
|
491 TPckg<TInt> handlePckg(handle); |
|
492 |
|
493 HBufC* label = HBufC::NewMax(KInitialBufSizeOpen); |
|
494 if (!label) |
|
495 { |
|
496 aOpenedKey->Release(); |
|
497 return KErrNoMemory; |
|
498 } |
|
499 |
|
500 TPtr labelPtr(label->Des()); |
|
501 |
|
502 TIpcArgs args(aHandle.iObjectId, &handlePckg, 0, &labelPtr); |
|
503 |
|
504 TInt err = iClient.SendRequest(aMessage, args); |
|
505 if (err == KErrOverflow) |
|
506 { |
|
507 TInt sizeReqd = 0; |
|
508 TPckg<TInt> theSize(sizeReqd); |
|
509 TPtrC8 sizePtr(reinterpret_cast<const TUint8*>(label->Ptr()), 4); |
|
510 theSize.Copy(sizePtr); |
|
511 |
|
512 delete label; |
|
513 label = HBufC::NewMax(sizeReqd); |
|
514 if (label) |
|
515 { |
|
516 labelPtr.Set(label->Des()); |
|
517 err = iClient.SendRequest(aMessage, args); |
|
518 } |
|
519 else |
|
520 { |
|
521 err = KErrNoMemory; |
|
522 } |
|
523 } |
|
524 |
|
525 if (err != KErrNone) |
|
526 { |
|
527 aOpenedKey->Release(); |
|
528 delete label; |
|
529 return err; |
|
530 } |
|
531 |
|
532 aOpenedKey->SetObjectID(handle); |
|
533 aOpenedKey->SetLabel(label); |
|
534 return KErrNone; |
|
535 } |
|
536 |
|
537 void CFSKeyStoreClient::CancelOpen() |
|
538 { |
|
539 // synchronous, nothing to do |
|
540 } |
|
541 |
|
542 TUint CFSKeyStoreClient::GetKeySizeL(TInt aObjectId) |
|
543 { |
|
544 // Get the key size |
|
545 TInt result = iClient.SendRequest(EGetKeyLength, TIpcArgs(aObjectId, &iRequestPtr)); |
|
546 User::LeaveIfError(result); |
|
547 return result; |
|
548 } |
|
549 |
|
550 /** Returns the public key in DER-encoded ASN-1 */ |
|
551 void CFSKeyStoreClient::ExportPublic(const TCTTokenObjectHandle& aHandle, |
|
552 HBufC8*& aPublicKey, |
|
553 TRequestStatus& aStatus) |
|
554 { |
|
555 LOG(_L("CFSKeyStoreClient::ExportPublic: export public")); |
|
556 |
|
557 TRAPD(err, DoExportPublicL(aHandle, aPublicKey)); |
|
558 FreeRequestBuffer(); |
|
559 TRequestStatus* status = &aStatus; |
|
560 User::RequestComplete(status, err); |
|
561 } |
|
562 |
|
563 void CFSKeyStoreClient::DoExportPublicL(const TCTTokenObjectHandle& aHandle, HBufC8*& aPublicKey) |
|
564 { |
|
565 // The size of the exported package is always less than keysize in bytes * 4 |
|
566 // DSA generates packages twice as big as RSA |
|
567 TUint bufSize = GetKeySizeL(aHandle.iObjectId) / 2; |
|
568 |
|
569 SendSyncRequestAndHandleOverflowL(EExportPublic, bufSize, TIpcArgs(aHandle.iObjectId, &iRequestPtr)); |
|
570 |
|
571 aPublicKey = HBufC8::NewL(iRequestPtr.MaxLength()); |
|
572 TPtr8 ptr = aPublicKey->Des(); |
|
573 ptr.Copy(iRequestPtr); |
|
574 } |
|
575 |
|
576 void CFSKeyStoreClient::CancelExportPublic() |
|
577 { |
|
578 // synchronous, nothing to do |
|
579 } |
|
580 |
|
581 // ********************************************************************************* |
|
582 // MCTKeyStoreManager |
|
583 // ********************************************************************************* |
|
584 void CFSKeyStoreClient::CreateKey(CCTKeyInfo*& aReturnedKey, TRequestStatus& aStatus) |
|
585 { |
|
586 LOG(_L("CFSKeyStoreClient::CreateKey: create key (starting)")); |
|
587 |
|
588 // [in, out] CCTKeyInfo, caller fills with data required to create the key, |
|
589 // If request succeeds, iId and iHandle members are filled in by server |
|
590 |
|
591 TInt r = MarshalKeyInfo(*aReturnedKey); |
|
592 if (KErrNone!=r) |
|
593 { |
|
594 TRequestStatus* stat = &aStatus; |
|
595 User::RequestComplete(stat, r); |
|
596 return; |
|
597 } |
|
598 |
|
599 // Store CCTKeyInfo to write into later (server will put extra data into it) |
|
600 iClientPtr.iKeyInfo = &aReturnedKey; |
|
601 SetActive(); |
|
602 iCurrentRequest(ECreateKey, &aStatus); |
|
603 iClient.SendAsyncRequest(ECreateKey, TIpcArgs(0, &iRequestPtr), &iStatus); |
|
604 } |
|
605 |
|
606 void CFSKeyStoreClient::CancelCreateKey() |
|
607 { |
|
608 if (iCurrentRequest.OutstandingRequest() == ECreateKey) |
|
609 { |
|
610 Cancel(); |
|
611 } |
|
612 } |
|
613 |
|
614 void CFSKeyStoreClient::ImportKey(const TDesC8& aKey, CCTKeyInfo*& aReturnedKey, TRequestStatus& aStatus) |
|
615 { |
|
616 DoImportKey(EImportKey, aKey, aReturnedKey, aStatus); |
|
617 } |
|
618 |
|
619 void CFSKeyStoreClient::CancelImportKey() |
|
620 { |
|
621 if (iCurrentRequest.OutstandingRequest() == EImportKey) |
|
622 { |
|
623 Cancel(); |
|
624 } |
|
625 } |
|
626 |
|
627 void CFSKeyStoreClient::ImportEncryptedKey(const TDesC8& aKey, CCTKeyInfo*& aReturnedKey, TRequestStatus& aStatus) |
|
628 { |
|
629 DoImportKey(EImportEncryptedKey, aKey, aReturnedKey, aStatus); |
|
630 } |
|
631 |
|
632 void CFSKeyStoreClient::CancelImportEncryptedKey() |
|
633 { |
|
634 if (iCurrentRequest.OutstandingRequest() == EImportEncryptedKey) |
|
635 { |
|
636 Cancel(); |
|
637 } |
|
638 } |
|
639 |
|
640 void CFSKeyStoreClient::DoImportKey(TFSTokenMessages aMessage, const TDesC8& aKey, CCTKeyInfo*& aReturnedKey, TRequestStatus& aStatus) |
|
641 { |
|
642 LOG(_L("CFSKeyStoreClient::DoImportKey: import key (starting)")); |
|
643 |
|
644 // [in] CCTKeyInfo, caller fills with data required to create the key, |
|
645 // [out] TKeyUpdate, key iId and iHandle members from the server |
|
646 TInt r = AllocKeyBuffer(aKey.Size()); |
|
647 if (KErrNone!=r) |
|
648 { |
|
649 TRequestStatus* stat = &aStatus; |
|
650 User::RequestComplete(stat, r); |
|
651 return; |
|
652 } |
|
653 |
|
654 TPtr8 keyPtr(iKey->Des()); |
|
655 keyPtr.Copy(aKey); |
|
656 |
|
657 r = MarshalKeyInfo(*aReturnedKey); |
|
658 if (KErrNone!=r) |
|
659 { |
|
660 FreeKeyBuffer(); |
|
661 TRequestStatus* stat = &aStatus; |
|
662 User::RequestComplete(stat, r); |
|
663 return; |
|
664 } |
|
665 |
|
666 iClientPtr.iKeyInfo = &aReturnedKey; |
|
667 SetActive(); |
|
668 iCurrentRequest(aMessage, &aStatus); |
|
669 iClient.SendAsyncRequest(aMessage, TIpcArgs(iKey, &iRequestPtr), &iStatus); |
|
670 } |
|
671 |
|
672 TInt CFSKeyStoreClient::MarshalKeyInfo(CCTKeyInfo& aKey) |
|
673 { |
|
674 TInt r = AllocRequestBuffer(TokenDataMarshaller::Size(aKey)); |
|
675 if (KErrNone==r) // OOM or some catastrophe, no point continuing |
|
676 { |
|
677 TokenDataMarshaller::Write(aKey, iRequestPtr); |
|
678 } |
|
679 |
|
680 return (r); |
|
681 } |
|
682 |
|
683 void CFSKeyStoreClient::ExportKey(TCTTokenObjectHandle aHandle, HBufC8*& aKey, TRequestStatus& aStatus) |
|
684 { |
|
685 TUint keySize=0; |
|
686 TRAPD(r, keySize = GetKeySizeL(aHandle.iObjectId)); |
|
687 if (KErrNone!=r) |
|
688 { |
|
689 TRequestStatus* stat = &aStatus; |
|
690 User::RequestComplete(stat, r); |
|
691 return; |
|
692 } |
|
693 |
|
694 ASSERT(keySize); |
|
695 |
|
696 iClientPtr.iBuffer = &aKey; |
|
697 iObjectId = aHandle.iObjectId; |
|
698 |
|
699 r = AllocRequestBuffer((keySize/8)*6); // Heuristic, pkcs8 cleartext format is about 6 times the keysize in bytes... |
|
700 |
|
701 if (KErrNone!=r) // OOM or some catastrophe, no point continuing |
|
702 { |
|
703 TRequestStatus* stat = &aStatus; |
|
704 User::RequestComplete(stat, r); |
|
705 } |
|
706 else |
|
707 { |
|
708 SetActive(); |
|
709 |
|
710 iCurrentRequest(EExportKey, &aStatus); |
|
711 |
|
712 iClient.SendAsyncRequest(iCurrentRequest.OutstandingRequest(), TIpcArgs(iObjectId, &iRequestPtr), &iStatus); |
|
713 } |
|
714 } |
|
715 |
|
716 void CFSKeyStoreClient::CancelExportKey() |
|
717 { |
|
718 if (iCurrentRequest.OutstandingRequest() == EExportKey) |
|
719 { |
|
720 Cancel(); |
|
721 } |
|
722 } |
|
723 |
|
724 void CFSKeyStoreClient::ExportEncryptedKey(TCTTokenObjectHandle aHandle, const CPBEncryptParms& aParams, HBufC8*& aKey, TRequestStatus& aStatus) |
|
725 { |
|
726 TUint keySize=0; |
|
727 TRAPD(r, keySize = GetKeySizeL(aHandle.iObjectId)); |
|
728 if (KErrNone!=r) |
|
729 { |
|
730 TRequestStatus* stat = &aStatus; |
|
731 User::RequestComplete(stat, r); |
|
732 return; |
|
733 } |
|
734 |
|
735 ASSERT(keySize); |
|
736 |
|
737 iClientPtr.iBuffer = &aKey; |
|
738 iObjectId = aHandle.iObjectId; |
|
739 |
|
740 r = AllocRequestBuffer((keySize / 8) * 7); // Heuristic, pkcs8 encrypted format is about 7 times the keysize in bytes... |
|
741 |
|
742 if (KErrNone!=r) // OOM or some catastrophe, no point continuing |
|
743 { |
|
744 TRequestStatus* stat = &aStatus; |
|
745 User::RequestComplete(stat, r); |
|
746 return; |
|
747 } |
|
748 |
|
749 iPbeParamsBuf = HBufC8::NewMax(TokenDataMarshaller::Size(aParams)); |
|
750 if (!iPbeParamsBuf) |
|
751 { |
|
752 FreeRequestBuffer(); |
|
753 TRequestStatus* stat = &aStatus; |
|
754 User::RequestComplete(stat, KErrNoMemory); |
|
755 return; |
|
756 } |
|
757 |
|
758 TPtr8 pbeParamsPtr(iPbeParamsBuf->Des()); |
|
759 pbeParamsPtr.FillZ(); |
|
760 TokenDataMarshaller::Write(aParams, pbeParamsPtr); |
|
761 |
|
762 SetActive(); |
|
763 iCurrentRequest(EExportEncryptedKey, &aStatus); |
|
764 |
|
765 // Marshall encryption parameters |
|
766 iClient.SendAsyncRequest(iCurrentRequest.OutstandingRequest(), TIpcArgs(iObjectId, &iRequestPtr, iPbeParamsBuf), &iStatus); |
|
767 } |
|
768 |
|
769 void CFSKeyStoreClient::CancelExportEncryptedKey() |
|
770 { |
|
771 if (iCurrentRequest.OutstandingRequest() == EExportEncryptedKey) |
|
772 { |
|
773 Cancel(); |
|
774 } |
|
775 } |
|
776 |
|
777 void CFSKeyStoreClient::RepudiableDSASign(const TCTTokenObjectHandle& aHandle, |
|
778 const TDesC8& aDigest, |
|
779 CDSASignature*& aSignature, |
|
780 TRequestStatus& aStatus) |
|
781 { |
|
782 if (aDigest.Length() > KMaxDSADigestSize) |
|
783 { |
|
784 TRequestStatus* stat = &aStatus; |
|
785 User::RequestComplete(stat, KErrOverflow); |
|
786 } |
|
787 else |
|
788 {// Calls the same DSA digest function server side for DSA |
|
789 iClientPtr.iDSASignature = &aSignature; |
|
790 Process(aHandle,aDigest,ERepudiableDSASign,aStatus,KMaxDSASignatureSize); |
|
791 } |
|
792 } |
|
793 |
|
794 void CFSKeyStoreClient::CancelRepudiableDSASign() |
|
795 { |
|
796 if (iCurrentRequest.OutstandingRequest() == ERepudiableDSASign) |
|
797 { |
|
798 Cancel(); |
|
799 } |
|
800 } |
|
801 |
|
802 void CFSKeyStoreClient::RepudiableRSASign(const TCTTokenObjectHandle& aHandle, |
|
803 const TDesC8& aDigest, |
|
804 CRSASignature*& aSignature, |
|
805 TRequestStatus& aStatus) |
|
806 { |
|
807 if (aDigest.Length() > KMaxRSADigestSize) |
|
808 { |
|
809 TRequestStatus* stat = &aStatus; |
|
810 User::RequestComplete(stat, KErrOverflow); |
|
811 } |
|
812 else |
|
813 { |
|
814 iClientPtr.iRSASignature = &aSignature; |
|
815 Process(aHandle,aDigest,ERepudiableRSASign,aStatus,KMaxRSASignatureSize); |
|
816 } |
|
817 } |
|
818 |
|
819 void CFSKeyStoreClient::CancelRepudiableRSASign() |
|
820 { |
|
821 if (iCurrentRequest.OutstandingRequest() == ERepudiableRSASign) |
|
822 { |
|
823 Cancel(); |
|
824 } |
|
825 } |
|
826 |
|
827 void CFSKeyStoreClient::Process(const TCTTokenObjectHandle& aHandle, |
|
828 const TDesC8& aText, |
|
829 TFSTokenMessages aMessage, |
|
830 TRequestStatus& aStatus, TInt aBuffSize) |
|
831 { |
|
832 TInt err = AllocRequestBuffer(aBuffSize); //Assuming the buf is large enough |
|
833 if (KErrNone!=err) // OOM or some catastrophe, no point continuing |
|
834 { |
|
835 TRequestStatus* stat = &aStatus; |
|
836 User::RequestComplete(stat, err); |
|
837 return; |
|
838 } |
|
839 |
|
840 iObjectId = aHandle.iObjectId; |
|
841 |
|
842 iText = aText.Alloc(); |
|
843 if (iText==NULL) |
|
844 { |
|
845 FreeRequestBuffer(); |
|
846 TRequestStatus* stat = &aStatus; |
|
847 User::RequestComplete(stat, KErrNoMemory); |
|
848 return; |
|
849 } |
|
850 |
|
851 SetActive(); |
|
852 iCurrentRequest(aMessage, &aStatus); |
|
853 |
|
854 // can use same buffer for in and out? |
|
855 iClient.SendAsyncRequest(aMessage, TIpcArgs(iObjectId, iText, &iRequestPtr), &iStatus); |
|
856 } |
|
857 |
|
858 void CFSKeyStoreClient::Decrypt(const TCTTokenObjectHandle& aHandle, |
|
859 const TDesC8& aCiphertext, |
|
860 TDes8& aDecryptedText, |
|
861 TRequestStatus& aStatus) |
|
862 { |
|
863 iClientPtr.iDecryptedText = &aDecryptedText; |
|
864 Process(aHandle,aCiphertext,EDecryptText,aStatus, KMaxRSAPlaintextSize); |
|
865 } |
|
866 |
|
867 void CFSKeyStoreClient::CancelDecrypt() |
|
868 { |
|
869 if (iCurrentRequest.OutstandingRequest() == EDecryptText) |
|
870 { |
|
871 Cancel(); |
|
872 } |
|
873 } |
|
874 |
|
875 void CFSKeyStoreClient::DHPublicKey(const TCTTokenObjectHandle& aHandle, const TInteger& aN, const TInteger& aG, |
|
876 CDHPublicKey*& aX, TRequestStatus& aStatus) |
|
877 { |
|
878 TRAPD(err, DoDHPublicKeyL(aHandle, aN, aG, aX, aStatus)); |
|
879 if (err != KErrNone) |
|
880 { |
|
881 delete iDHParams; |
|
882 iDHParams = NULL; |
|
883 FreeRequestBuffer(); |
|
884 TRequestStatus* status = &aStatus; |
|
885 User::RequestComplete(status, err); |
|
886 } |
|
887 } |
|
888 |
|
889 void CFSKeyStoreClient::DoDHPublicKeyL(const TCTTokenObjectHandle& aHandle, const TInteger& aN, const TInteger& aG, |
|
890 CDHPublicKey*& aX, TRequestStatus& aStatus) |
|
891 { |
|
892 iDHParams = CDHParams::NewL(aN, aG); |
|
893 |
|
894 TInt sizeReqd = TokenDataMarshaller::Size(*iDHParams); |
|
895 User::LeaveIfError(AllocRequestBuffer(sizeReqd)); |
|
896 |
|
897 TokenDataMarshaller::WriteL(*iDHParams, iRequestPtr); |
|
898 |
|
899 iObjectId = aHandle.iObjectId; |
|
900 iClientPtr.iDHPublicKey = &aX; |
|
901 iCurrentRequest(EDHPublicKey, &aStatus); |
|
902 iClient.SendAsyncRequest(EDHPublicKey, TIpcArgs(iObjectId, &iRequestPtr), &iStatus); |
|
903 SetActive(); |
|
904 } |
|
905 |
|
906 void CFSKeyStoreClient::DHAgree(const TCTTokenObjectHandle& aHandle, const CDHPublicKey& iY, |
|
907 HBufC8*& aAgreedKey, TRequestStatus& aStatus) |
|
908 { |
|
909 TInt sizeReqd = TokenDataMarshaller::Size(iY); |
|
910 TInt err = AllocRequestBuffer(sizeReqd); |
|
911 if (err != KErrNone) |
|
912 { |
|
913 TRequestStatus* status = &aStatus; |
|
914 User::RequestComplete(status, err); |
|
915 return; |
|
916 } |
|
917 |
|
918 TRAP(err, TokenDataMarshaller::WriteL(iY, iRequestPtr)); |
|
919 if (err != KErrNone) |
|
920 { |
|
921 FreeRequestBuffer(); |
|
922 TRequestStatus* status = &aStatus; |
|
923 User::RequestComplete(status, err); |
|
924 return; |
|
925 } |
|
926 |
|
927 iObjectId = aHandle.iObjectId; |
|
928 iClientPtr.iBuffer = &aAgreedKey; |
|
929 iCurrentRequest(EDHAgree, &aStatus); |
|
930 iClient.SendAsyncRequest(EDHAgree, TIpcArgs(iObjectId, &iRequestPtr), &iStatus); |
|
931 SetActive(); |
|
932 } |
|
933 |
|
934 void CFSKeyStoreClient::CancelDH() |
|
935 { |
|
936 if (iCurrentRequest.OutstandingRequest() == EDHPublicKey || |
|
937 iCurrentRequest.OutstandingRequest() == EDHAgree) |
|
938 { |
|
939 Cancel(); |
|
940 } |
|
941 } |
|
942 |
|
943 void CFSKeyStoreClient::DeleteKey(TCTTokenObjectHandle aHandle, TRequestStatus& aStatus) |
|
944 { |
|
945 TInt err = iClient.SendRequest(EDeleteKey, TIpcArgs(aHandle.iObjectId)); |
|
946 TRequestStatus* status = &aStatus; |
|
947 User::RequestComplete(status, err); |
|
948 } |
|
949 |
|
950 void CFSKeyStoreClient::CancelDeleteKey() |
|
951 { |
|
952 // synchronous, nothing to do |
|
953 } |
|
954 |
|
955 void CFSKeyStoreClient::SetUsePolicy(TCTTokenObjectHandle aHandle, |
|
956 const TSecurityPolicy& aPolicy, |
|
957 TRequestStatus& aStatus) |
|
958 { |
|
959 TPckgC<TSecurityPolicy> policyPckg(aPolicy); |
|
960 TInt err = iClient.SendRequest(ESetUsePolicy, TIpcArgs(aHandle.iObjectId, &policyPckg)); |
|
961 TRequestStatus* status = &aStatus; |
|
962 User::RequestComplete(status, err); |
|
963 } |
|
964 |
|
965 void CFSKeyStoreClient::CancelSetUsePolicy() |
|
966 { |
|
967 // synchronous, nothing to do |
|
968 } |
|
969 |
|
970 void CFSKeyStoreClient::SetManagementPolicy(TCTTokenObjectHandle aHandle, |
|
971 const TSecurityPolicy& aPolicy, |
|
972 TRequestStatus& aStatus) |
|
973 { |
|
974 TPckgC<TSecurityPolicy> policyPckg(aPolicy); |
|
975 TInt err = iClient.SendRequest(ESetManagementPolicy, TIpcArgs(aHandle.iObjectId, &policyPckg)); |
|
976 TRequestStatus* status = &aStatus; |
|
977 User::RequestComplete(status, err); |
|
978 } |
|
979 |
|
980 void CFSKeyStoreClient::CancelSetManagementPolicy() |
|
981 { |
|
982 // synchronous, nothing to do |
|
983 } |
|
984 |
|
985 void CFSKeyStoreClient::SetPassphraseTimeout(TInt aTimeout, TRequestStatus& aStatus) |
|
986 { |
|
987 SetTimeout(aTimeout, aStatus); |
|
988 } |
|
989 |
|
990 void CFSKeyStoreClient::CancelSetPassphraseTimeout() |
|
991 { |
|
992 // No point cancelling, not asynchronous |
|
993 } |
|
994 |
|
995 void CFSKeyStoreClient::Relock(TRequestStatus& aStatus) |
|
996 { |
|
997 TInt err = iClient.SendRequest(ERelock, TIpcArgs()); |
|
998 TRequestStatus* status = &aStatus; |
|
999 User::RequestComplete(status, err); |
|
1000 } |
|
1001 |
|
1002 void CFSKeyStoreClient::CancelRelock() |
|
1003 { |
|
1004 // No point cancelling, not asynchronous |
|
1005 } |
|
1006 |
|
1007 void CFSKeyStoreClient::UpdateKey() |
|
1008 { |
|
1009 LOG(_L("CFSKeyStoreClient::UpdateKey: create/import key (completing)")); |
|
1010 LOG_INC_INDENT(); |
|
1011 |
|
1012 __ASSERT_DEBUG((iRequestPtr.Ptr()), FSTokenPanic(ENoDataMarshalled)); |
|
1013 CCTKeyInfo& keyInfo = **iClientPtr.iKeyInfo; |
|
1014 |
|
1015 // Set handle and key id returned from server |
|
1016 TKeyUpdate update; |
|
1017 TPckg<TKeyUpdate> pckg(update); |
|
1018 pckg.Copy(iRequestPtr); |
|
1019 keyInfo.SetHandle(update.iReference); |
|
1020 keyInfo.SetIdentifier(update.iId); |
|
1021 // Set size and algorithm - only strictly necessary for import |
|
1022 keyInfo.SetSize(update.iSize); |
|
1023 keyInfo.SetAlgorithm(update.iAlgorithm); |
|
1024 |
|
1025 ASSERT(iAuthObject); |
|
1026 iAuthObject->AddRef(); |
|
1027 keyInfo.SetProtector(*iAuthObject); |
|
1028 |
|
1029 LOG_DEC_INDENT(); |
|
1030 } |
|
1031 |
|
1032 // Implementation of auth object functionality |
|
1033 |
|
1034 void CFSKeyStoreClient::ListProtectedObjects(RMPointerArray<MCTTokenObject>& aObjects, TRequestStatus& aStatus) |
|
1035 { |
|
1036 TCTKeyAttributeFilter filter; |
|
1037 filter.iPolicyFilter = TCTKeyAttributeFilter::EUsableOrManageableKeys; |
|
1038 TKeyInfoArray<MCTTokenObject> array(aObjects); |
|
1039 TRAPD(err, DoListL(filter, array)); |
|
1040 FreeRequestBuffer(); |
|
1041 TRequestStatus* status = &aStatus; |
|
1042 User::RequestComplete(status, err); |
|
1043 } |
|
1044 |
|
1045 void CFSKeyStoreClient::ChangeReferenceData(TRequestStatus &aStatus) |
|
1046 { |
|
1047 iCurrentRequest(EChangePassphrase, &aStatus); |
|
1048 SetActive(); |
|
1049 iClient.SendAsyncRequest(EChangePassphrase, TIpcArgs(), &iStatus); |
|
1050 } |
|
1051 |
|
1052 void CFSKeyStoreClient::CancelChangeReferenceData() |
|
1053 { |
|
1054 if (iCurrentRequest.OutstandingRequest() == EChangePassphrase) |
|
1055 { |
|
1056 Cancel(); |
|
1057 } |
|
1058 } |
|
1059 |
|
1060 TUint32 CFSKeyStoreClient::AuthStatus() const |
|
1061 { |
|
1062 return EEnabled | EUnblockDisabled; |
|
1063 } |
|
1064 |
|
1065 void CFSKeyStoreClient::AuthOpen(TRequestStatus& aStatus) |
|
1066 { |
|
1067 iCurrentRequest(EAuthOpen, &aStatus); |
|
1068 SetActive(); |
|
1069 iClient.SendAsyncRequest(EAuthOpen, TIpcArgs(), &iStatus); |
|
1070 } |
|
1071 |
|
1072 void CFSKeyStoreClient::CancelAuthOpen() |
|
1073 { |
|
1074 if (iCurrentRequest.OutstandingRequest() == EAuthOpen) |
|
1075 { |
|
1076 Cancel(); |
|
1077 } |
|
1078 } |
|
1079 |
|
1080 void CFSKeyStoreClient::AuthClose(TRequestStatus& aStatus) |
|
1081 { |
|
1082 TInt err = iClient.SendRequest(EAuthClose, TIpcArgs()); |
|
1083 TRequestStatus* status = &aStatus; |
|
1084 User::RequestComplete(status, err); |
|
1085 } |
|
1086 |
|
1087 void CFSKeyStoreClient::TimeRemaining(TInt& aTime, TRequestStatus& aStatus) |
|
1088 { |
|
1089 TInt result = iClient.SendRequest(EAuthTimeRemaining, TIpcArgs()); |
|
1090 if (result >= 0) |
|
1091 { |
|
1092 aTime = result; |
|
1093 result = KErrNone; |
|
1094 } |
|
1095 TRequestStatus* status = &aStatus; |
|
1096 User::RequestComplete(status, result); |
|
1097 } |
|
1098 |
|
1099 void CFSKeyStoreClient::SetTimeout(TInt aTime, TRequestStatus& aStatus) |
|
1100 { |
|
1101 TInt err = iClient.SendRequest(ESetTimeout, TIpcArgs(0, aTime)); |
|
1102 TRequestStatus* status = &aStatus; |
|
1103 User::RequestComplete(status, err); |
|
1104 } |
|
1105 |
|
1106 void CFSKeyStoreClient::Timeout(TInt& aTime, TRequestStatus& aStatus) |
|
1107 { |
|
1108 TInt result = iClient.SendRequest(EGetTimeout, TIpcArgs()); |
|
1109 if (result >= 0) |
|
1110 { |
|
1111 aTime = result; |
|
1112 result = KErrNone; |
|
1113 } |
|
1114 TRequestStatus* status = &aStatus; |
|
1115 User::RequestComplete(status, result); |
|
1116 } |