|
1 /* |
|
2 * Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * Implements CFSKeyStoreClient |
|
16 * |
|
17 */ |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 /** |
|
23 @file |
|
24 @internalTechnology |
|
25 */ |
|
26 |
|
27 #ifndef __CFSKEYSTORECLIENT_H__ |
|
28 #define __CFSKEYSTORECLIENT_H__ |
|
29 |
|
30 #include <CFSClient.h> |
|
31 #include <mctkeystoremanager.h> |
|
32 #include <rmpointerarray.h> |
|
33 #include "CKeyStoreAuthObject.h" |
|
34 |
|
35 /** Maximum allowed size of digest to RSA sign (implied by max 2048 bit key length). */ |
|
36 const TInt KMaxRSADigestSize = 2048 / 8; |
|
37 |
|
38 /** Maximum allowed size of digest to DSA sign (implied by 160 bit output of SHA1). */ |
|
39 const TInt KMaxDSADigestSize = 160 / 8; |
|
40 |
|
41 class COpenedKey; |
|
42 class MKeyInfoArray; |
|
43 class CDHParams; |
|
44 |
|
45 /** |
|
46 * Implements the MCTKeyStoreManager interface. Inherits from CFSClient. |
|
47 * |
|
48 * The class implements the keystore manager token interface for the software |
|
49 * keystore. It will be created and owned by the unified keystore. Its main |
|
50 * function is to marshall user requests to the filetokens server and unmarshall |
|
51 * the results back again. |
|
52 */ |
|
53 NONSHARABLE_CLASS(CFSKeyStoreClient) : public CFSClient, public MCTKeyStoreManager |
|
54 { |
|
55 public:// One creator function for each token interface |
|
56 static MCTTokenInterface* NewKeyStoreUserInterfaceL(MCTToken& aToken, RFileStoreClientSession& aClient); |
|
57 static MCTTokenInterface* NewKeyStoreManagerInterfaceL(MCTToken& aToken, RFileStoreClientSession& aClient); |
|
58 public: |
|
59 virtual ~CFSKeyStoreClient(); |
|
60 void AddRef(); |
|
61 public: |
|
62 // ********************************************************************************* |
|
63 // MKeyStore |
|
64 virtual void List(RMPointerArray<CCTKeyInfo>& aKeys, const TCTKeyAttributeFilter& aFilter, TRequestStatus& aStatus); |
|
65 virtual void CancelList(); |
|
66 virtual void GetKeyInfo(TCTTokenObjectHandle aHandle, CCTKeyInfo*& aInfo, TRequestStatus& aStatus); |
|
67 virtual void CancelGetKeyInfo(); |
|
68 |
|
69 /** Open an RSA key for signing */ |
|
70 virtual void Open(const TCTTokenObjectHandle& aHandle, |
|
71 MRSASigner*& aSigner, |
|
72 TRequestStatus& aStatus); |
|
73 /** Open a DSA key for signing */ |
|
74 virtual void Open(const TCTTokenObjectHandle& aHandle, |
|
75 MDSASigner*& aSigner, |
|
76 TRequestStatus& aStatus); |
|
77 /** Open a RSA key for private decryption */ |
|
78 virtual void Open(const TCTTokenObjectHandle& aHandle, |
|
79 MCTDecryptor*& aDecryptor, |
|
80 TRequestStatus& aStatus); |
|
81 /** Open a DH key for key agreement */ |
|
82 virtual void Open(const TCTTokenObjectHandle& aHandle, |
|
83 MCTDH*& aDH, TRequestStatus& aStatus); |
|
84 |
|
85 |
|
86 /// Cancels an ongoing open request |
|
87 virtual void CancelOpen(); |
|
88 |
|
89 /** Returns the public key in DER-encoded ASN-1 */ |
|
90 virtual void ExportPublic(const TCTTokenObjectHandle& aHandle, |
|
91 HBufC8*& aPublicKey, |
|
92 TRequestStatus& aStatus); |
|
93 virtual void CancelExportPublic(); |
|
94 |
|
95 public: |
|
96 // ********************************************************************************* |
|
97 // MCTKeyStoreManager |
|
98 virtual void CreateKey(CCTKeyInfo*& aReturnedKey, TRequestStatus& aStatus); |
|
99 virtual void CancelCreateKey(); |
|
100 virtual void ImportKey(const TDesC8& aKey, CCTKeyInfo*& aReturnedKey, TRequestStatus& aStatus); |
|
101 virtual void CancelImportKey(); |
|
102 virtual void ImportEncryptedKey(const TDesC8& aKey, CCTKeyInfo*& aReturnedKey, TRequestStatus& aStatus); |
|
103 virtual void CancelImportEncryptedKey(); |
|
104 virtual void ExportKey(TCTTokenObjectHandle aHandle, HBufC8*& aKey, TRequestStatus& aStatus); |
|
105 virtual void CancelExportKey(); |
|
106 virtual void ExportEncryptedKey(TCTTokenObjectHandle aHandle, const CPBEncryptParms& aParams, HBufC8*& aKey, TRequestStatus& aStatus); |
|
107 virtual void CancelExportEncryptedKey(); |
|
108 virtual void DeleteKey(TCTTokenObjectHandle aHandle, TRequestStatus& aStatus); |
|
109 virtual void CancelDeleteKey(); |
|
110 virtual void SetUsePolicy(TCTTokenObjectHandle aHandle, const TSecurityPolicy& aPolicy, TRequestStatus& aStatus); |
|
111 virtual void CancelSetUsePolicy(); |
|
112 virtual void SetManagementPolicy(TCTTokenObjectHandle aHandle, const TSecurityPolicy& aPolicy, TRequestStatus& aStatus); |
|
113 virtual void CancelSetManagementPolicy(); |
|
114 virtual void SetPassphraseTimeout(TInt aTimeout, TRequestStatus& aStatus); |
|
115 virtual void CancelSetPassphraseTimeout(); |
|
116 virtual void Relock(TRequestStatus& aStatus); |
|
117 virtual void CancelRelock(); |
|
118 |
|
119 void ReleaseObject(const TCTTokenObjectHandle& aObject); |
|
120 public: |
|
121 // ********************************************************************************* |
|
122 // From MCTTokenInterface |
|
123 virtual MCTToken& Token(); |
|
124 public: |
|
125 // ********************************************************************************* |
|
126 void RepudiableDSASign(const TCTTokenObjectHandle& aObject, const TDesC8& aDigest, CDSASignature*& aSignature, TRequestStatus& aStatus); |
|
127 void CancelRepudiableDSASign(); |
|
128 void RepudiableRSASign(const TCTTokenObjectHandle& aObject, const TDesC8& aDigest, CRSASignature*& aSignature, TRequestStatus& aStatus); |
|
129 void CancelRepudiableRSASign(); |
|
130 void Decrypt(const TCTTokenObjectHandle& aObject, const TDesC8& aCiphertext, TDes8& aPlaintext, TRequestStatus& aStatus); |
|
131 void CancelDecrypt(); |
|
132 void DHPublicKey(const TCTTokenObjectHandle& aHandle, const TInteger& aN, const TInteger& aG, CDHPublicKey*& aX, TRequestStatus& aStatus); |
|
133 void DHAgree(const TCTTokenObjectHandle& aHandle, const CDHPublicKey& iY, HBufC8*& aAgreedKey, TRequestStatus& aStatus); |
|
134 void CancelDH(); |
|
135 |
|
136 public: |
|
137 // Called by CKeyStoreAuthObject |
|
138 void ListProtectedObjects(RMPointerArray<MCTTokenObject>& aObjects, TRequestStatus& aStatus); |
|
139 void ChangeReferenceData(TRequestStatus &aStatus); |
|
140 void CancelChangeReferenceData(); |
|
141 TUint32 AuthStatus() const; |
|
142 void AuthOpen(TRequestStatus& aStatus); |
|
143 void CancelAuthOpen(); |
|
144 void AuthClose(TRequestStatus& aStatus); |
|
145 void TimeRemaining(TInt& aStime, TRequestStatus& aStatus); |
|
146 void SetTimeout(TInt aTime, TRequestStatus& aStatus); |
|
147 void Timeout(TInt& aTime, TRequestStatus& aStatus); |
|
148 |
|
149 protected: |
|
150 // ********************************************************************************* |
|
151 // From MCTTokenInterface |
|
152 virtual void DoRelease(); |
|
153 protected: |
|
154 // ********************************************************************************* |
|
155 // From CActive |
|
156 protected: |
|
157 virtual void RunL(); |
|
158 virtual TInt RunError(TInt aError); |
|
159 virtual void DoCancel(); |
|
160 protected: |
|
161 // ********************************************************************************* |
|
162 CFSKeyStoreClient(TInt aUID, MCTToken& aToken, RFileStoreClientSession& aClient); |
|
163 virtual void ConstructL(); |
|
164 private: |
|
165 void DoListL(const TCTKeyAttributeFilter& aFilter, MKeyInfoArray& aOut); |
|
166 void DoGetKeyInfoL(TCTTokenObjectHandle aHandle, CCTKeyInfo*& aInfo); |
|
167 TInt DoOpenKey(TFSTokenMessages aMessage, const TCTTokenObjectHandle& aHandle, COpenedKey* aOpenedKey); |
|
168 void DoImportKey(TFSTokenMessages aMessage, const TDesC8& aKey, CCTKeyInfo*& aReturnedKey, TRequestStatus& aStatus); |
|
169 void DoExportPublicL(const TCTTokenObjectHandle& aHandle, HBufC8*& aPublicKey); |
|
170 TInt MarshalKeyInfo(CCTKeyInfo& aKey); |
|
171 void Process(const TCTTokenObjectHandle& aHandle,const TDesC8& aText,TFSTokenMessages aMessage,TRequestStatus& aStatus,TInt aBufSize); |
|
172 void DoDHPublicKeyL(const TCTTokenObjectHandle& aHandle, const TInteger& aN, const TInteger& aG, CDHPublicKey*& aX, TRequestStatus& aStatus); |
|
173 private: |
|
174 TInt AllocKeyBuffer(TInt aReqdSize); |
|
175 void FreeKeyBuffer(); |
|
176 void UpdateKey(); |
|
177 TUint GetKeySizeL(TInt aObjectId); |
|
178 void Cleanup(); |
|
179 private: |
|
180 TInt iRefCount; |
|
181 // Data holders for server to write into |
|
182 TPckgBuf<TInt> iIntOut; |
|
183 |
|
184 TInt iObjectId; // Id of object passed to server |
|
185 |
|
186 private: |
|
187 /** |
|
188 * Pointers to client pointers, which we set to return created objects. |
|
189 * Only one of these is ever in use at any one time, determined by the |
|
190 * state. |
|
191 */ |
|
192 union |
|
193 { |
|
194 TAny* iAny; ///< generic pointer, used to zero the contents of the union |
|
195 CCTKeyInfo** iKeyInfo; ///< key info object, used for create and import |
|
196 HBufC8** iBuffer; ///< generic buffer, used for export key and DH agree |
|
197 TDes8* iDecryptedText; ///< decypled plaintext, used for RSA decrypt |
|
198 CDSASignature** iDSASignature; ///< DSA signature |
|
199 CRSASignature** iRSASignature; ///< RSA signature |
|
200 CDHPublicKey** iDHPublicKey; ///< DH public key |
|
201 } iClientPtr; |
|
202 private: |
|
203 HBufC8* iKey; ///< Key data buffer for import/export |
|
204 HBufC8* iText; ///< Buffer used to hold text for decrypt and sign |
|
205 CKeyStoreAuthObject* iAuthObject; ///< The single auth object that serves as protector for all keys |
|
206 CDHParams* iDHParams; ///< DH params for DH public key |
|
207 HBufC8* iPbeParamsBuf; ///< Buffer holding PBE parameters for encrypted key export |
|
208 }; |
|
209 |
|
210 #endif // __CFSKEYSTORECLIENT_H__ |