--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/cryptoservices/certificateandkeymgmt/certstore/unifiedcertstore.cpp Wed Jul 08 11:25:26 2009 +0100
@@ -0,0 +1,1468 @@
+/*
+* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+
+#include "unifiedcertstore.h"
+#include "unifiedcertstoreworkingvars.h"
+#include "CCheckedCertStore.h"
+#include <certificateapps.h>
+#include <x509cert.h>
+#include <wtlscert.h>
+#include <hash.h>
+#include <ecom.h>
+
+_LIT(KUCSPanic, "CUnifiedCertStore");
+#define assert(x) __ASSERT_ALWAYS((x), User::Panic(KUCSPanic, 1));
+
+/////////////////////////////////////////////////////////////////////////////////////
+//CUnifiedCertStore
+/////////////////////////////////////////////////////////////////////////////////////
+
+EXPORT_C CUnifiedCertStore* CUnifiedCertStore::NewL(RFs& aFs, TBool aOpenForWrite)
+ {
+ CUnifiedCertStore* self = CUnifiedCertStore::NewLC(aFs, aOpenForWrite);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+EXPORT_C CUnifiedCertStore* CUnifiedCertStore::NewLC(RFs& aFs, TBool aOpenForWrite)
+ {
+ CUnifiedCertStore* self = new(ELeave) CUnifiedCertStore(aFs, aOpenForWrite);
+ CleanupStack::PushL(self);
+ RArray<TInt> orderingFilter;
+ self->ConstructL(orderingFilter);
+ return self;
+ }
+
+EXPORT_C CUnifiedCertStore::~CUnifiedCertStore()
+ {
+ Cancel();
+
+ assert(!iWorkingVars);
+
+ TInt end = iReadOnlyCertStores.Count();
+ TInt i;
+ for (i = 0; i < end; i++)
+ {
+ iReadOnlyCertStores[i]->Release();
+ }
+ iReadOnlyCertStores.Close();
+
+ end = iWritableCertStores.Count();
+ for (i = 0; i < end; i++)
+ {
+ iWritableCertStores[i]->Release();
+ }
+ iWritableCertStores.Close();
+
+ // The elements are already released by the two loops above
+ iCertStores.Close();
+
+ // release resources allocated to order attributes list
+ iOrderAttributes.Close();
+
+ DestroyTemporaryMembers();
+ iHardwareTypeUids.Close();
+ REComSession::FinalClose();
+ }
+
+
+EXPORT_C void CUnifiedCertStore::Initialize(TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, EInitializeGetTokenList);
+ TRAPD(err, InitializeL());
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::InitializeL()
+ {
+ AllocWorkingVarsL();
+
+ // We want the list of all token types that support a readable or writable
+ // certstore interface
+ RArray<TUid> uidArray;
+ CleanupClosePushL(uidArray);
+
+ User::LeaveIfError(uidArray.Append(TUid::Uid(KInterfaceWritableCertStore)));
+
+ TCTFindTokenTypesByInterface filter(uidArray.Array());
+ CCTTokenTypeInfo::ListL(iWorkingVars->iWritableTokenTypes, filter);
+
+ uidArray.Reset();
+
+ User::LeaveIfError(uidArray.Append(TUid::Uid(KInterfaceCertStore)));
+
+ RCPointerArray<CCTTokenTypeInfo> tokenTypes;
+ CleanupClosePushL(tokenTypes);
+
+ TCTFindTokenTypesByInterface filter2(uidArray.Array());
+ CCTTokenTypeInfo::ListL(tokenTypes, filter2);
+
+ // Check whether client specified order list has attributes in it
+ if(iOrderAttributes.Count() > 0)
+ {
+ ApplyOrderingL(tokenTypes);
+ }
+
+ // Make a note of all hardware token types
+ TInt i = 0;
+ TInt end = tokenTypes.Count();
+ for (; i < end; i++)
+ {
+ TCTTokenTypeAttribute software;
+ software.iUID = KCTSoftware;
+ TInt find = tokenTypes[i]->Attributes().Find(software);
+ // In the case (TInt)ETrue == KThirdPartyCertStore == 1
+ if (find != KErrNotFound && tokenTypes[i]->Attributes()[find].iVal !=
+ (TInt)ETrue && tokenTypes[i]->Attributes()[find].iVal != KManufactureCertStore)
+ {
+ // This is a hardware type. Add its UID to the list.
+ User::LeaveIfError(iHardwareTypeUids.Append(tokenTypes[i]->Type()));
+ }
+ }
+
+ i = 0;
+ while (i < end)
+ {
+ TInt j = 0;
+ TInt jEnd = iWorkingVars->iWritableTokenTypes.Count();
+ while (j < jEnd)
+ {
+ if (iWorkingVars->iWritableTokenTypes[j]->Type() == tokenTypes[i]->Type())
+ {
+ break;
+ }
+ j++;
+ }
+ if (j == jEnd)
+ {
+ User::LeaveIfError(iWorkingVars->iReadOnlyTokenTypes.Append(tokenTypes[i]));
+ tokenTypes.Remove(i);
+ end--;
+ }
+ else
+ {
+ i++;
+ }
+ }
+
+ CleanupStack::PopAndDestroy(2); // uidArray, tokenTypes
+
+ iWorkingVars->iIndex = -1;
+
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ SetActive();
+ }
+
+EXPORT_C void CUnifiedCertStore::CancelInitialize()
+ {
+ if (iState == EInitializeGetTokenList ||
+ iState == EInitializeGetToken ||
+ iState == EInitializeGetWritableInterface ||
+ iState == EInitializeGetReadableInterface ||
+ iState == EInitializeGetReadableInterfaceFinished ||
+ iState == EInitializeFinished)
+ {
+ Cancel();
+ }
+ }
+
+void CUnifiedCertStore::List(RMPointerArray<CCTCertInfo>& aCertInfos,
+ const CCertAttributeFilter& aFilter,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, EList);
+ TRAPD(err, ListL(aCertInfos, aFilter));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::ListL(RMPointerArray<CCTCertInfo>& aCertInfos,
+ const CCertAttributeFilter& aFilter)
+ {
+ if (!iIsInitialized)
+ {
+ User::Leave(KErrNotReady);
+ }
+
+ AllocWorkingVarsL();
+ iWorkingVars->iCertInfos = &aCertInfos;
+ iWorkingVars->iFilter = &aFilter;
+ iWorkingVars->iCertIndex = aCertInfos.Count();
+ iIndex = -1;
+
+ SetActive();
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ }
+
+void CUnifiedCertStore::CancelList()
+ {
+ if (iState == EList ||
+ iState == ERetrieveForList)
+ {
+ Cancel();
+ }
+ }
+
+EXPORT_C void CUnifiedCertStore::List(RMPointerArray<CCTCertInfo>& aCertInfos,
+ const CCertAttributeFilter& aFilter,
+ const TDesC8& aIssuer,
+ TRequestStatus& aStatus)
+ {
+ RPointerArray<const TDesC8> array;
+ if (array.Append(&aIssuer) != KErrNone)
+ {
+ TRequestStatus* status = &aStatus;
+ User::RequestComplete(status, KErrNoMemory);
+ }
+ else
+ {
+ List(aCertInfos, aFilter, array, aStatus);
+ array.Close();
+ }
+ }
+
+EXPORT_C void CUnifiedCertStore::List(RMPointerArray<CCTCertInfo>& aCertInfos,
+ const CCertAttributeFilter& aFilter,
+ RPointerArray<const TDesC8> aIssuers,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, EList);
+ TRAPD(err, ListL(aCertInfos, aFilter, aIssuers));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::ListL(RMPointerArray<CCTCertInfo>& aCertInfos,
+ const CCertAttributeFilter& aFilter,
+ RPointerArray<const TDesC8> aIssuers)
+ {
+ // Obscure special case: If aIssuers has no elements, we should
+ // return nothing.
+ if (aIssuers.Count() == 0)
+ {
+ Complete(KErrNone);
+ return;
+ }
+
+ AllocWorkingVarsL();
+ iWorkingVars->iCertInfos = &aCertInfos;
+ iWorkingVars->iFilter = &aFilter;
+ iWorkingVars->iCertIndex = aCertInfos.Count();
+
+ TInt count = aIssuers.Count();
+ for (TInt i = 0 ; i < count ; ++i)
+ {
+ User::LeaveIfError(iWorkingVars->iIssuerNames.Append(aIssuers[i]));
+ }
+
+ iIndex = -1;
+ SetActive();
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ }
+
+EXPORT_C void CUnifiedCertStore::Retrieve(const CCTCertInfo& aCertInfo,
+ CCertificate*& aCert,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, ERetrieve);
+ TRAPD(err, RetrieveL(aCertInfo, aCert));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::RetrieveL(const CCTCertInfo& aCertInfo,
+ CCertificate*& aCert)
+ {
+ FindCertStoreL(aCertInfo.Handle());
+
+ if (aCertInfo.CertificateFormat() != EX509Certificate &&
+ aCertInfo.CertificateFormat() != EWTLSCertificate)
+ {
+ User::Leave(KErrNotSupported);
+ }
+
+ AllocWorkingVarsL();
+ iWorkingVars->iCertDesC = HBufC8::NewMaxL(aCertInfo.Size());
+ iWorkingVars->iReturnedCert = &aCert;
+ iWorkingVars->iCertType = aCertInfo.CertificateFormat();
+ iWorkingVars->iCertDes.Set(iWorkingVars->iCertDesC->Des());
+ iCurrentCertStore->Retrieve(aCertInfo, iWorkingVars->iCertDes, iStatus);
+ SetActive();
+ }
+
+void CUnifiedCertStore::GetCert(CCTCertInfo*& aCertInfo,
+ const TCTTokenObjectHandle& aHandle,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, EGetCert);
+ TRAPD(err, GetCertL(aCertInfo, aHandle));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::GetCertL(CCTCertInfo*& aCertInfo,
+ const TCTTokenObjectHandle& aHandle)
+ {
+ FindCertStoreL(aHandle);
+ iCurrentCertStore->GetCert(aCertInfo, aHandle, iStatus);
+ SetActive();
+ }
+
+void CUnifiedCertStore::CancelGetCert()
+ {
+ if (iState == EGetCert)
+ {
+ Cancel();
+ }
+ }
+
+void CUnifiedCertStore::Applications(const CCTCertInfo& aCertInfo,
+ RArray<TUid>& aApplications,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, EApplications);
+ TRAPD(err, ApplicationsL(aCertInfo, aApplications));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::ApplicationsL(const CCTCertInfo& aCertInfo,
+ RArray<TUid>& aApplications)
+ {
+ FindCertStoreL(aCertInfo.Handle());
+ iCurrentCertStore->Applications(aCertInfo, aApplications, iStatus);
+ SetActive();
+ }
+
+void CUnifiedCertStore::CancelApplications()
+ {
+ if (iState == EApplications)
+ {
+ Cancel();
+ }
+ }
+
+void CUnifiedCertStore::IsApplicable(const CCTCertInfo& aCertInfo,
+ TUid aApplication,
+ TBool& aIsApplicable,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, EIsApplicable);
+ TRAPD(err, IsApplicableL(aCertInfo, aApplication, aIsApplicable));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::IsApplicableL(const CCTCertInfo& aCertInfo,
+ TUid aApplication,
+ TBool& aIsApplicable)
+ {
+ FindCertStoreL(aCertInfo.Handle());
+ iCurrentCertStore->IsApplicable(aCertInfo, aApplication, aIsApplicable, iStatus);
+ SetActive();
+ }
+
+void CUnifiedCertStore::CancelIsApplicable()
+ {
+ if (iState == EIsApplicable)
+ {
+ Cancel();
+ }
+ }
+
+void CUnifiedCertStore::Trusted(const CCTCertInfo& aCertInfo,
+ TBool& aTrusted,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, ETrusted);
+ TRAPD(err, TrustedL(aCertInfo, aTrusted));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::TrustedL(const CCTCertInfo& aCertInfo,
+ TBool& aTrusted)
+ {
+ FindCertStoreL(aCertInfo.Handle());
+ iCurrentCertStore->Trusted(aCertInfo, aTrusted, iStatus);
+ SetActive();
+ }
+
+void CUnifiedCertStore::CancelTrusted()
+ {
+ if (iState == ETrusted)
+ {
+ Cancel();
+ }
+ }
+
+void CUnifiedCertStore::Retrieve(const CCTCertInfo& aCertInfo,
+ TDes8& aEncodedCert,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, ERetrieveData);
+ TRAPD(err, RetrieveDataL(aCertInfo, aEncodedCert));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::RetrieveDataL(const CCTCertInfo& aCertInfo,
+ TDes8& aEncodedCert)
+ {
+ FindCertStoreL(aCertInfo.Handle());
+ iCurrentCertStore->Retrieve(aCertInfo, aEncodedCert, iStatus);
+ SetActive();
+ }
+
+void CUnifiedCertStore::CancelRetrieve()
+ {
+ if (iState == ERetrieveData)
+ {
+ Cancel();
+ }
+ }
+
+EXPORT_C void CUnifiedCertStore::Remove(const CCTCertInfo& aCertInfo,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, ERemove);
+ TRAPD(err, RemoveL(aCertInfo));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::RemoveL(const CCTCertInfo& aCertInfo)
+ {
+ FindWritableCertStoreL(aCertInfo.Handle());
+ iCurrentWritableCertStore->Remove(aCertInfo, iStatus);
+ SetActive();
+ }
+
+EXPORT_C void CUnifiedCertStore::CancelRemove()
+ {
+ if (iState == ERemove)
+ {
+ Cancel();
+ }
+ }
+
+EXPORT_C void CUnifiedCertStore::SetApplicability(const CCTCertInfo& aCertInfo,
+ const RArray<TUid>& aApplications,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, ESetApplicability);
+ TRAPD(err, SetApplicabilityL(aCertInfo, aApplications));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::SetApplicabilityL(const CCTCertInfo& aCertInfo,
+ const RArray<TUid>& aApplications)
+ {
+ FindWritableCertStoreL(aCertInfo.Handle());
+
+ // Search for duplicates in the array of application
+ // complete with KErrArgument if there are any duplicates
+ if(aApplications.Count() > 1)
+ {
+ TInt i=0, j=1;
+
+ for(i=0; i<aApplications.Count()-1; i++ )
+ {
+ for(j=i+1; j<aApplications.Count(); j++)
+ {
+ if(aApplications[i] == aApplications[j])
+ {
+ User::Leave(KErrArgument);
+ }
+ }
+ }
+ }
+
+ // Check requested applications actaully exist
+ CCertificateAppInfoManager* appInfoManager = CCertificateAppInfoManager::NewLC(iFs, EFalse);
+ const RArray<TCertificateAppInfo>& applications = appInfoManager->Applications();
+
+ for (TInt i = 0 ; i < aApplications.Count() ; ++i)
+ {
+ TInt j = 0;
+ for ( ; j < applications.Count() ; ++j)
+ {
+ if (aApplications[i] == applications[j].Id())
+ {
+ break;
+ }
+ }
+ if (j == applications.Count())
+ {
+ User::Leave(KErrArgument);
+ }
+ }
+ CleanupStack::PopAndDestroy(appInfoManager);
+
+ iCurrentWritableCertStore->SetApplicability(aCertInfo, aApplications, iStatus);
+ SetActive();
+ }
+
+EXPORT_C void CUnifiedCertStore::CancelSetApplicability()
+ {
+ if (iState == ESetApplicability)
+ {
+ Cancel();
+ }
+ }
+
+EXPORT_C void CUnifiedCertStore::SetTrust(const CCTCertInfo& aCertInfo,
+ TBool aTrusted,
+ TRequestStatus& aStatus)
+ {
+ BeginAsyncOp(aStatus, ESetTrust);
+ TRAPD(err, SetTrustL(aCertInfo, aTrusted));
+ if (err != KErrNone)
+ {
+ Complete(err);
+ }
+ }
+
+void CUnifiedCertStore::SetTrustL(const CCTCertInfo& aCertInfo, TBool aTrusted)
+ {
+ FindWritableCertStoreL(aCertInfo.Handle());
+ iCurrentWritableCertStore->SetTrust(aCertInfo, aTrusted, iStatus);
+ SetActive();
+ }
+
+EXPORT_C void CUnifiedCertStore::CancelSetTrust()
+ {
+ if (iState == ESetTrust)
+ {
+ Cancel();
+ }
+ }
+
+/**
+ * Get the certstore containing a given certificate.
+ *
+ * Returns the certstore containing the cert referenced in certinfo or NULL if
+ * not found.
+ */
+MCTCertStore* CUnifiedCertStore::GetCertStore(const TCTTokenObjectHandle& aHandle)
+ {
+ TInt count = iCertStores.Count();
+ for (TInt i = 0; i < count; i++)
+ {
+ MCTCertStore* certstore = iCertStores[i];
+ MCTToken& token = certstore->Token();
+ if (token.Handle() == aHandle.iTokenHandle)
+ {
+ return certstore;
+ }
+ }
+ return NULL;
+ }
+
+/**
+ * Set iCurrentCertStore to the certstore containing a given certificate, or
+ * leave if it could not be found. The handle is the handle of the *certinfo*,
+ * *NOT* the token.
+ */
+void CUnifiedCertStore::FindCertStoreL(const TCTTokenObjectHandle& aHandle)
+ {
+ assert(!iCurrentCertStore);
+ assert(!iCurrentWritableCertStore);
+
+ if (!iIsInitialized)
+ {
+ User::Leave(KErrNotReady);
+ }
+
+ iCurrentCertStore = GetCertStore(aHandle);
+
+ if (!iCurrentCertStore)
+ {
+ User::Leave(KErrNotFound);
+ }
+ }
+
+/**
+ * Set iCurrentWritableCertStore to the writable certstore containing a given
+ * certificate, or leave if it could not be found. The handle is the handle of
+ * the *certinfo*, *NOT* the token.
+ */
+void CUnifiedCertStore::FindWritableCertStoreL(const TCTTokenObjectHandle& aHandle)
+ {
+ assert(!iCurrentCertStore);
+ assert(!iCurrentWritableCertStore);
+
+ if (!iIsInitialized)
+ {
+ User::Leave(KErrNotReady);
+ }
+
+ if (!iOpenedForWrite)
+ {
+ User::Leave(KErrAccessDenied);
+ }
+
+ iCurrentWritableCertStore = NULL;
+ TInt count = iWritableCertStores.Count();
+ for (TInt i = 0; i < count; i++)
+ {
+ MCTWritableCertStore* certstore = iWritableCertStores[i];
+ MCTToken& token = certstore->Token();
+ if (token.Handle() == aHandle.iTokenHandle)
+ {
+ iCurrentWritableCertStore = certstore;
+ break;
+ }
+ }
+
+ if (!iCurrentWritableCertStore)
+ {
+ User::Leave(KErrNotFound);
+ }
+ }
+
+EXPORT_C TInt CUnifiedCertStore::CertStoreCount() const
+ {
+ return iCertStores.Count();
+ }
+
+EXPORT_C MCTCertStore& CUnifiedCertStore::CertStore(TInt aIndex)
+ {
+ assert(aIndex < iCertStores.Count());
+ return *iCertStores[aIndex];
+ }
+
+EXPORT_C TInt CUnifiedCertStore::WritableCertStoreCount() const
+ {
+ return iWritableCertStores.Count();
+ }
+
+EXPORT_C MCTWritableCertStore& CUnifiedCertStore::WritableCertStore(TInt aIndex)
+ {
+ assert(aIndex < iWritableCertStores.Count());
+ return *iWritableCertStores[aIndex];
+ }
+
+EXPORT_C TInt CUnifiedCertStore::ReadOnlyCertStoreCount() const
+ {
+ return iReadOnlyCertStores.Count();
+ }
+
+EXPORT_C MCTCertStore& CUnifiedCertStore::ReadOnlyCertStore(TInt aIndex)
+ {
+ assert(aIndex < iReadOnlyCertStores.Count());
+ return *iReadOnlyCertStores[aIndex];
+ }
+
+CUnifiedCertStore::CUnifiedCertStore(RFs& aFs, TBool aOpenForWrite)
+ : CActive(EPriorityNormal), iFs(aFs), iOpenedForWrite(aOpenForWrite), iOrderAttributes()
+ {
+ CActiveScheduler::Add(this);
+ assert(IsAdded());
+ }
+
+void CUnifiedCertStore::ConstructL(RArray<TInt>& aOrderFilter)
+ {
+
+ for (TInt i=0;i<aOrderFilter.Count();i++)
+ {
+ User::LeaveIfError(iOrderAttributes.Append(aOrderFilter[i]));
+ }
+ }
+
+void CUnifiedCertStore::RunL()
+ {
+ if ((iState != EInitializeGetReadableInterface) &&
+ (iState != EInitializeGetReadableInterfaceFinished) &&
+ (iState != EInitializeGetToken)) // We don't want to leave if we're in this state
+ // since we want to enumerate all tokens, see below
+ {
+ User::LeaveIfError(iStatus.Int());
+ }
+
+ switch (iState)
+ {
+ case EInitializeGetTokenList:
+ // We need to try to get a list of Tokens for each of the Token Types
+ iWorkingVars->iIndex++;
+ TInt end;
+ if (!iCurrentlyDoingReadOnly)
+ {
+ end = iWorkingVars->iWritableTokenTypes.Count();
+ }
+ else
+ {
+ end = iWorkingVars->iReadOnlyTokenTypes.Count();
+ }
+ if (iWorkingVars->iIndex < end)
+ {
+ assert(!iTokenType);
+ TInt createRes = KErrNone;
+ if (iCurrentlyDoingReadOnly)
+ {
+ TRAP(createRes, iTokenType = MCTTokenType::NewL(*iWorkingVars->iReadOnlyTokenTypes[iWorkingVars->iIndex], iFs));
+ }
+ else
+ {
+ TRAP(createRes, iTokenType = MCTTokenType::NewL(*iWorkingVars->iWritableTokenTypes[iWorkingVars->iIndex], iFs));
+ }
+
+ if (KErrNoMemory==createRes)
+ {
+ // Leave if there's no memory, so OOM tests work
+ User::Leave(createRes);
+ }
+ else if (KErrNone!=createRes)
+ {
+ // ECOM couldn't load that token type, don't give up, try the next...
+ TRequestStatus* stat = &iStatus;
+ User::RequestComplete(stat, KErrNone);
+ }
+ else
+ {
+ assert(iTokens.Count() == 0);
+ iTokenType->List(iTokens, iStatus);
+ iIndexTokens = -1;
+ iState = EInitializeGetToken;
+ }
+ }
+ else if (!iCurrentlyDoingReadOnly)
+ {
+ iCurrentlyDoingReadOnly = ETrue;
+ iWorkingVars->iIndex = -1;
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ }
+ else
+ {
+ iState = EInitializeFinished;
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ }
+ SetActive();
+ break;
+
+ case EInitializeGetToken:
+ if (iStatus.Int() == KErrHardwareNotAvailable)
+ {
+ // If the hardware corresponding to this
+ // TokenType has been removed then just skip it
+ // but DO NOT leave!
+ ++iIndexTokens;
+ iState = EInitializeGetToken;
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status,KErrNone);
+ }
+ else
+ {
+ User::LeaveIfError(iStatus.Int());
+
+ // iIndexTokens is initialized at EInitializeGetTokenList
+ ++iIndexTokens;
+
+ // We need to try to get a certstore interface (readable or
+ // writable) for each of the Tokens in iTokens
+ if (iIndexTokens < iTokens.Count())
+ {
+ assert(!iToken);
+ iTokenType->OpenToken(*iTokens[iIndexTokens], iToken, iStatus);
+ if ((iOpenedForWrite) && !iCurrentlyDoingReadOnly)
+ {
+ iState = EInitializeGetWritableInterface;
+ }
+ else
+ {
+ iState = EInitializeGetReadableInterface;
+ }
+ }
+ else
+ {
+ // We don't need the iTokenType anymore
+ iTokenType->Release();
+ iTokenType = 0;
+ // We don't need the list of Tokens anymore
+ iTokens.Close();
+ iState = EInitializeGetTokenList;
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ }
+ }
+ SetActive();
+ break;
+
+ case EInitializeGetWritableInterface:
+ {
+ User::LeaveIfError(iStatus.Int());
+ // First we try to get a writable interface to the store, if
+ // that doesn't work we will try to get a readable interface
+ assert(iToken);
+ assert(!iTokenInterface);
+ TUid uid = { KInterfaceWritableCertStore };
+ iToken->GetInterface(uid, iTokenInterface, iStatus);
+ iState = EInitializeGetReadableInterface;
+ SetActive();
+ }
+ break;
+
+ case EInitializeGetReadableInterface:
+ // We check if we managed to get a writable interface
+ if (iStatus == KErrNoMemory)
+ {
+ User::Leave(KErrNoMemory);
+ }
+
+ if (!iCurrentlyDoingReadOnly && iOpenedForWrite && (iStatus == KErrNone))
+ {
+ assert(iTokenInterface);
+
+ // Drop the interface into a "writable checking" object
+ CCheckedCertStore* interf =
+ CCheckedCertStore::NewCheckedWritableCertStoreL(iTokenInterface, iPSCertstoreChangeProperty);
+
+ CleanupReleasePushL(*interf);
+ iTokenInterface = 0;
+
+ User::LeaveIfError(iWritableCertStores.Append(interf));
+ CleanupStack::Pop();
+
+ User::LeaveIfError(iCertStores.Append(interf));
+
+ // We don't need the Token anymore
+ iToken->Release();
+ iToken = 0;
+ iState = EInitializeGetToken;
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, KErrNone);
+ }
+ else
+ {
+ // We do the check only if we were not trying to get a Writeable Interface
+ // before, if we trying to get a writeable interface before, we know that we
+ // have a valid iToken.
+ if ((iCurrentlyDoingReadOnly || !iOpenedForWrite) && (iStatus != KErrNone))
+ {
+ User::Leave(iStatus.Int());
+ }
+ else
+ {
+ assert(iToken);
+ assert(!iTokenInterface);
+ TUid uid = { KInterfaceCertStore };
+ iToken->GetInterface(uid, iTokenInterface, iStatus);
+ iState = EInitializeGetReadableInterfaceFinished;
+ }
+ }
+ SetActive();
+ break;
+
+ case EInitializeGetReadableInterfaceFinished:
+ {
+ if (iStatus == KErrNoMemory)
+ {
+ User::Leave(KErrNoMemory);
+ }
+
+ if (iStatus == KErrNone)
+ {
+ assert(iTokenInterface);
+
+ // Drop the interface into a "read only checking" object
+ CCheckedCertStore* interf =
+ CCheckedCertStore::NewCheckedCertStoreL(iTokenInterface, iPSCertstoreChangeProperty);
+
+ CleanupReleasePushL(*interf);
+ iTokenInterface = 0;
+
+ User::LeaveIfError(iReadOnlyCertStores.Append(interf));
+ CleanupStack::Pop(interf);
+
+ User::LeaveIfError(iCertStores.Append(interf));
+ }
+
+ // We don't need the Token anymore
+ iToken->Release();
+ iToken = 0;
+
+ iStatus = KErrNone;
+ iState = EInitializeGetToken;
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete(status, iStatus.Int());
+ SetActive();
+ }
+ break;
+
+ case EInitializeFinished:
+ assert(!iTokenType);
+ assert(!iToken);
+ assert(!iTokenInterface);
+ iIsInitialized = ETrue;
+ Complete(iStatus.Int());
+ break;
+
+ case EList:
+ // iIndex has been initialized in List
+ iIndex++;
+ iCurrentCertStore = NULL;
+ if (iIndex < iCertStores.Count())
+ {
+ iCurrentCertStore = iCertStores[iIndex];
+ iCurrentCertStore->List(*iWorkingVars->iCertInfos, *iWorkingVars->iFilter, iStatus);
+ iWorkingVars->iCertIndex = 0;
+ SetActive();
+ }
+ else if (iWorkingVars->iIssuerNames.Count() > 0)
+ {
+ // We have an issuer name. We now remove all certs
+ // that don't match that issuer.
+
+ // If this is the first time in here, we need to parse
+ // and hash all the issuer names.
+ if (iWorkingVars->iParsedIssuerNames.Count() == 0)
+ {
+ CSHA1* sha1 = CSHA1::NewL();
+ CleanupStack::PushL(sha1);
+ TInt count = iWorkingVars->iIssuerNames.Count();
+ for (TInt i = 0; i < count; i++)
+ {
+ CX500DistinguishedName* dn =
+ CX500DistinguishedName::NewLC(*iWorkingVars->
+ iIssuerNames[i]);
+ User::LeaveIfError(
+ iWorkingVars->iParsedIssuerNames.Append(dn));
+ CleanupStack::Pop(dn);
+ TPtrC8 hash=sha1->Hash(*iWorkingVars->iIssuerNames[i]);
+ User::LeaveIfError(
+ iWorkingVars->iHashedIssuerNames.Append(
+ hash.AllocLC()));
+ CleanupStack::Pop();
+ }
+ CleanupStack::PopAndDestroy();
+ }
+
+ while (iWorkingVars->iCertIndex <
+ iWorkingVars->iCertInfos->Count())
+ {
+ CCTCertInfo* info =
+ (*iWorkingVars->iCertInfos)[iWorkingVars->iCertIndex];
+ TCompareResults res = CompareCertInfoDN(info);
+ if (res == EYes)
+ {
+ // It matches. leave it for the next one.
+ iWorkingVars->iCertIndex++;
+ }
+ else if (res == ENo)
+ {
+ // It doesn't match. Remove it and try the next one.
+ info->Release();
+ iWorkingVars->iCertInfos->
+ Remove(iWorkingVars->iCertIndex);
+ }
+ else // res == EMaybe
+ {
+ // Need to load the cert and properly compare the DNs.
+ iCurrentCertStore = GetCertStore(info->Handle());
+ assert(iCurrentCertStore);
+
+ iWorkingVars->iCertDesC=HBufC8::NewMaxL(info->Size());
+ iWorkingVars->iCertType = info->CertificateFormat();
+ iState = ERetrieveForList;
+ iWorkingVars->iCertDes.Set(iWorkingVars->iCertDesC->Des());
+ iCurrentCertStore->Retrieve(*info, iWorkingVars->iCertDes, iStatus);
+ SetActive();
+ return;
+ }
+ }
+ Complete(KErrNone);
+ }
+ else
+ {
+ Complete(KErrNone);
+ }
+ break;
+
+ case ERetrieve:
+ {
+ switch (iWorkingVars->iCertType)
+ {
+ case EX509Certificate:
+ {
+ TPtr8 theCert(iWorkingVars->iCertDesC->Des());
+ *(iWorkingVars->iReturnedCert) = CX509Certificate::NewL(theCert);
+ }
+ break;
+ case EWTLSCertificate:
+ {
+ TPtr8 theCert(iWorkingVars->iCertDesC->Des());
+ *(iWorkingVars->iReturnedCert) = CWTLSCertificate::NewL(theCert);
+ }
+ break;
+ default:
+ assert(EFalse);
+ break;
+ }
+ Complete(KErrNone);
+ }
+ break;
+
+ case ERetrieveForList:
+ {
+ TPtr8 theCert(iWorkingVars->iCertDesC->Des());
+ CX509Certificate* cert=CX509Certificate::NewLC(theCert);
+ if (MatchL(cert->IssuerName()))
+ {
+ // It matches. leave it for the next one.
+ iWorkingVars->iCertIndex++;
+ }
+ else
+ {
+ // It doesn't match. Remove it and try the next one.
+ (*iWorkingVars->iCertInfos)[iWorkingVars->iCertIndex]->Release();
+ iWorkingVars->iCertInfos->Remove(iWorkingVars->iCertIndex);
+ }
+ CleanupStack::PopAndDestroy(cert);
+ delete iWorkingVars->iCertDesC;
+ iWorkingVars->iCertDesC = 0;
+ iState = EList;
+ SetActive();
+ TRequestStatus* status = & iStatus;
+ User::RequestComplete(status, KErrNone);
+ break;
+ }
+
+ case ERemove:
+ case ESetApplicability:
+ case ESetTrust:
+ case EGetCert:
+ case EApplications:
+ case EIsApplicable:
+ case ETrusted:
+ case ERetrieveData:
+ Complete(KErrNone);
+ break;
+
+ default:
+ User::Panic(KUCSPanic, 1);
+ break;
+ }
+ }
+
+TInt CUnifiedCertStore::RunError(TInt aError)
+ {
+ Complete(aError);
+ return KErrNone;
+ }
+
+void CUnifiedCertStore::DoCancel()
+ {
+ // If the current state is the last state involved in handling a request, we
+ // check to see if we have already been completed - in this case we can
+ // simply complete the client with iStatus (this may be KErrNone). If we
+ // have not we cancel the outstanding request and pass the resulting iStatus
+ // back to the client - this too may indicate a successful completion if the
+ // cancel arrived after the request was executed.
+ //
+ // For more complex cases, where there are more states to go through before
+ // we finish servicing the client request, we cancel any outstanding
+ // request, and return KErrCancel to the client.
+
+ switch (iState)
+ {
+ case EInitializeFinished:
+ case ERetrieve:
+ case EGetCert:
+ case EApplications:
+ case EIsApplicable:
+ case ETrusted:
+ case ERetrieveData:
+ case ERemove:
+ case ESetApplicability:
+ case ESetTrust:
+ if (iStatus == KRequestPending)
+ {
+ // Attempt to cancel outstanding request and pass status back to
+ // client
+ CancelOutstandingRequest();
+ Complete(iStatus.Int());
+ }
+ else
+ {
+ // We've already been completed - call RunL() to process results
+ // and complete client
+ TRAPD(err, RunL());
+ if (err != KErrNone)
+ {
+ RunError(err);
+ }
+ }
+ break;
+
+ default:
+ CancelOutstandingRequest();
+ Complete(KErrCancel);
+ break;
+ }
+ }
+
+void CUnifiedCertStore::CancelOutstandingRequest()
+ {
+ switch (iState)
+ {
+ case EInitializeGetTokenList:
+ case EInitializeGetToken:
+ case EInitializeGetWritableInterface:
+ case EInitializeGetReadableInterface:
+ case EInitializeGetReadableInterfaceFinished:
+ case EInitializeFinished:
+ // Don't have to cancel initialisation stuff - this happens when we
+ // release the objects in DestroyTemporaryMembers().
+ iStatus = KErrCancel;
+ break;
+
+ case EList:
+ if (iCurrentCertStore)
+ {
+ iCurrentCertStore->CancelList();
+ }
+ break;
+
+ case ERetrieve:
+ case ERetrieveForList:
+ case ERetrieveData:
+ assert(iCurrentCertStore);
+ iCurrentCertStore->CancelRetrieve();
+ break;
+
+ case EGetCert:
+ assert(iCurrentCertStore);
+ iCurrentCertStore->CancelGetCert();
+ break;
+
+ case EApplications:
+ assert(iCurrentCertStore);
+ iCurrentCertStore->CancelApplications();
+ break;
+
+ case EIsApplicable:
+ assert(iCurrentCertStore);
+ iCurrentCertStore->CancelIsApplicable();
+ break;
+
+ case ETrusted:
+ assert(iCurrentCertStore);
+ iCurrentCertStore->CancelTrusted();
+ break;
+
+ case ERemove:
+ assert(iCurrentWritableCertStore);
+ iCurrentWritableCertStore->CancelRemove();
+ break;
+
+ case ESetApplicability:
+ assert(iCurrentWritableCertStore);
+ iCurrentWritableCertStore->CancelSetApplicability();
+ break;
+
+ case ESetTrust:
+ assert(iCurrentWritableCertStore);
+ iCurrentWritableCertStore->CancelSetTrust();
+ break;
+
+ default:
+ User::Panic(KUCSPanic, 1);
+ break;
+ }
+ }
+
+TBool CUnifiedCertStore::MatchL(const CX500DistinguishedName& aName) const
+ {
+ // Return true if the supplied DN is the same as any of the supplied DNs.
+ TInt count = iWorkingVars->iIssuerNames.Count();
+ for (TInt i = 0; i < count; i++)
+ {
+ if (aName.ExactMatchL(*iWorkingVars->iParsedIssuerNames[i]))
+ return ETrue;
+ }
+ return EFalse;
+ }
+
+void CUnifiedCertStore::AllocWorkingVarsL()
+ {
+ assert(!iWorkingVars);
+ iWorkingVars = new (ELeave) CUnifiedCertStoreWorkingVars;
+ }
+
+void CUnifiedCertStore::BeginAsyncOp(TRequestStatus& aStatus, TState aState)
+ {
+ assert(iState == EIdle);
+ assert(!iClientStatus);
+
+ iClientStatus = &aStatus;
+ *iClientStatus = KRequestPending;
+ iState = aState;
+ }
+
+void CUnifiedCertStore::Complete(TInt aError)
+ {
+ assert(iClientStatus);
+ User::RequestComplete(iClientStatus, aError);
+ DestroyTemporaryMembers();
+ iState = EIdle;
+ }
+
+void CUnifiedCertStore::DestroyTemporaryMembers()
+ {
+ if (!iIsInitialized)
+ {
+ TInt end = iReadOnlyCertStores.Count();
+ TInt i;
+ for (i = 0; i < end; i++)
+ {
+ iReadOnlyCertStores[i]->Release();
+ }
+ iReadOnlyCertStores.Close();
+
+ end = iWritableCertStores.Count();
+ for (i = 0; i < end; i++)
+ {
+ iWritableCertStores[i]->Release();
+ }
+ iWritableCertStores.Close();
+
+ // The elements are already released by the two loops above
+ iCertStores.Close();
+ }
+
+ if (iTokenType)
+ {
+ iTokenType->Release();
+ iTokenType = 0;
+ }
+
+ if (iToken)
+ {
+ iToken->Release();
+ iToken = 0;
+ }
+
+ if (iTokenInterface)
+ {
+ iTokenInterface->Release();
+ iTokenInterface = 0;
+ }
+
+ iTokens.Close();
+
+ delete iWorkingVars;
+ iWorkingVars = 0;
+
+ iCurrentCertStore = NULL;
+ iCurrentWritableCertStore = NULL;
+ }
+
+CUnifiedCertStore::TCompareResults
+CUnifiedCertStore::CompareCertInfoDN(const CCTCertInfo* aCertInfo)
+ {
+ if (aCertInfo->IssuerHash() &&
+ (aCertInfo->CertificateFormat() == EX509CertificateUrl ||
+ iHardwareTypeUids.Find(aCertInfo->Token().TokenType().Type()) !=
+ KErrNotFound))
+ {
+ TInt count = iWorkingVars->iHashedIssuerNames.Count();
+ for (TInt i = 0; i < count; i++)
+ {
+ if (*aCertInfo->IssuerHash()==*iWorkingVars->iHashedIssuerNames[i])
+ return EYes;
+ }
+ return ENo;
+ }
+ if (aCertInfo->CertificateFormat() != EX509Certificate)
+ return ENo;
+ return EMaybe;
+ }
+
+EXPORT_C CUnifiedCertStore* CUnifiedCertStore::NewL(RFs& aFs,
+ TBool aOpenForWrite,
+ RArray<TInt>& aOrderFilter)
+ {
+ CUnifiedCertStore* self = CUnifiedCertStore::NewLC(aFs,
+ aOpenForWrite,
+ aOrderFilter);
+ CleanupStack::Pop(self);
+ return self;
+ }
+
+EXPORT_C CUnifiedCertStore* CUnifiedCertStore::NewLC(RFs& aFs,
+ TBool aOpenForWrite,
+ RArray<TInt>& aOrderFilter)
+ {
+ CUnifiedCertStore* self = new(ELeave) CUnifiedCertStore(aFs,
+ aOpenForWrite);
+ CleanupStack::PushL(self);
+ self->ConstructL(aOrderFilter);
+ return self;
+ }
+
+void CUnifiedCertStore::FilterTokenTypesL(RCPointerArray<CCTTokenTypeInfo>& aSearchTokenTypes,
+ RCPointerArray<CCTTokenTypeInfo>& aTempTokenTypes,
+ TInt aOrderAttribute)
+ {
+ //We allow aOrderAttribute=KUnknownHardwareCertStore here to keep DC.
+ //assert(aOrderAttribute);
+
+ // Get number of token types
+ TInt tokenTypesCount = aSearchTokenTypes.Count();
+
+ // loop through token types
+ for(TInt tokenTypesLoop = tokenTypesCount-1; tokenTypesLoop >= 0; tokenTypesLoop--)
+ {
+ // get the list of attributes supported by this token type.
+ // Note: The attribute list consists of values such as
+ // KCTSoftware defined in TCTTokenTypeAttribute.h
+ const RArray<TCTTokenTypeAttribute>& attributesList =
+ aSearchTokenTypes[tokenTypesLoop]->Attributes();
+
+ // Get the number of attributes in the attribute list.
+ // The number of attributes will match the ECOM resource
+ // file definition. E.g. see 101f5015.rss for the software
+ // implementation of certstore.
+ TInt attributeCount = attributesList.Count();
+
+ // Check each attribute in the attribute list
+ for(TInt attribLoop = 0; attribLoop < attributeCount; attribLoop++)
+ {
+ // Check whether attribute in the list matches an order attribute
+ // E.g. KCTSoftware
+ if(attributesList[attribLoop].iUID == KCTSoftware
+ && attributesList[attribLoop].iVal == aOrderAttribute)
+ {
+ // Found the attribute of interest. Add token type to the temp container.
+ User::LeaveIfError(aTempTokenTypes.Append(aSearchTokenTypes[tokenTypesLoop]));
+ // Remove from the Searchlist.
+ aSearchTokenTypes.Remove(tokenTypesLoop);
+ // No need to examine the other attributes, so break loop
+ break;
+ }
+ }
+ }
+ }
+
+void CUnifiedCertStore::ApplyOrderingL(RCPointerArray<CCTTokenTypeInfo>& aTokenTypes)
+ {
+ // Number of attributes in ordering filter
+ TInt numOrderAttributes=iOrderAttributes.Count();
+ assert(numOrderAttributes>0);
+
+ // Contains writable tokens types
+ RCPointerArray<CCTTokenTypeInfo> tempWritableTokenTypes;
+ CleanupClosePushL(tempWritableTokenTypes);
+
+ // Contains read-only tokens types
+ RCPointerArray<CCTTokenTypeInfo> tempReadOnlyTokenTypes;
+ CleanupClosePushL(tempReadOnlyTokenTypes);
+
+ // For each order attribute, order the token types
+ for(TInt attributeLoop = 0; attributeLoop < numOrderAttributes; attributeLoop++)
+ {
+ // Get ordering attribute Uid from Order filter
+ TInt orderAttribute = iOrderAttributes[attributeLoop];
+
+ // Order for writable token types
+ FilterTokenTypesL(iWorkingVars->iWritableTokenTypes,
+ tempWritableTokenTypes,
+ orderAttribute);
+
+ // Order for read-only token types
+ FilterTokenTypesL(aTokenTypes,
+ tempReadOnlyTokenTypes,
+ orderAttribute);
+ }
+
+ // release and close the resources so can refill container, and get rid of
+ // the TokenType which have been filtered out.
+ TInt tokenTypesCount = iWorkingVars->iWritableTokenTypes.Count();
+ TInt i;
+ for(i = tokenTypesCount-1; i >= 0 ;i--)
+ {
+ if (iWorkingVars->iWritableTokenTypes[i])
+ {
+ CCTTokenTypeInfo* ptr=iWorkingVars->iWritableTokenTypes[i];
+ iWorkingVars->iWritableTokenTypes.Remove(i);
+ delete ptr;
+ }
+ }
+ iWorkingVars->iWritableTokenTypes.Reset();
+
+ // release and close the resources so can refill container, and get rid of
+ // the TokenType which have been filtered out.
+ tokenTypesCount = aTokenTypes.Count();
+ for(i = tokenTypesCount-1; i >= 0 ;i--)
+ {
+ if (aTokenTypes[i])
+ {
+ CCTTokenTypeInfo* ptr=aTokenTypes[i];
+ aTokenTypes.Remove(i);
+ delete ptr;
+ }
+ }
+ aTokenTypes.Reset();
+
+ // Assign contents of temp token types to containers.
+ // Note: temp tokens types are ordered according to user specification
+ tokenTypesCount = tempWritableTokenTypes.Count();
+ for(i = 0; i < tokenTypesCount; i++)
+ {
+ User::LeaveIfError(iWorkingVars->iWritableTokenTypes.Append(tempWritableTokenTypes[i]));
+ tempWritableTokenTypes[i] = NULL;
+ }
+
+ tokenTypesCount = tempReadOnlyTokenTypes.Count();
+ for(i = 0; i < tokenTypesCount; i++)
+ {
+ User::LeaveIfError(aTokenTypes.Append(tempReadOnlyTokenTypes[i]));
+ tempReadOnlyTokenTypes[i] = NULL;
+ }
+
+ CleanupStack::PopAndDestroy(2); // tempReadOnlyTokenTypes, tempWritableTokenTypes,
+ }