diff -r f18401adf8e1 -r 641f389e9157 cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/Ckeystoreconduit.cpp --- a/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/Ckeystoreconduit.cpp Thu Aug 19 11:38:48 2010 +0300 +++ b/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/Ckeystoreconduit.cpp Tue Aug 31 17:00:08 2010 +0300 @@ -29,6 +29,11 @@ #include "cfskeystoreserver.h" #include +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER +#include +#include +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER + // CKeyStoreConduit //////////////////////////////////////////////////////////// @@ -173,7 +178,25 @@ case ECancelDH: CancelDH(aMessage, aSession); break; +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER + case ECreateUserKey: + CreateUserKeyL(aMessage); + break; + + case EImportUserKey: + case EImportEncryptedUserKey: + ImportUserKeyL(aMessage); + break; + + case ESetAuthenticationPolicy: + SetAuthenticationPolicyL(aMessage); + break; + + case EGetAuthenticationPolicy: + GetAuthenticationPolicyL(aMessage); + break; +#else case EChangePassphrase: ChangePassphrase(aMessage); break; @@ -201,7 +224,14 @@ case ERelock: Relock(aMessage); break; +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER +#ifdef SYMBIAN_AUTH_SERVER + case EUseNewKeyServer: + IsKeyServerNewL(aMessage); + break; +#endif // SYMBIAN_AUTH_SERVER + default: // Should not reach here PanicClient(aMessage,EPanicIllegalFunction); break; @@ -312,6 +342,151 @@ iServer.CreateKey(*iKeyInfo, iStatus); } +#ifdef SYMBIAN_AUTH_SERVER +void CKeyStoreConduit::IsKeyServerNewL(const RMessage2& aMessage) + { + TBool newKeyServer = EFalse; + #ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER + newKeyServer = ETrue; + #endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER + + TPckg idNewKeyServer(newKeyServer); + aMessage.WriteL(1,idNewKeyServer); + aMessage.Complete(KErrNone); + } +#endif // SYMBIAN_AUTH_SERVER + +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER + +void CKeyStoreConduit::CreateUserKeyL(const RMessage2& aMessage) + { + ASSERT(!iKeyInfo); + + // p[0] has the length of the buffer. Check our buffer is big + // enough, to cope with requests for keys with very long labels. + + TInt bufLength = User::LeaveIfError(aMessage.GetDesLength(1)); + iServer.CheckRangeL(bufLength); + + TInt authExprLength = User::LeaveIfError(aMessage.GetDesLength(2)); + iServer.CheckRangeL(authExprLength); + HBufC* authExprBuf = HBufC::NewMaxLC(authExprLength); + + // p[2] has the authentication expression + TPtr authExprPtr(authExprBuf->Des()); + authExprPtr.FillZ(); + + aMessage.ReadL(2, authExprPtr); + + TInt freshness = aMessage.Int3(); + + // the iKeyInfo buffer should be read at the last as in + // case of OOM this memory would not get freed. + HBufC8* keyInfoBuf = HBufC8::NewMaxLC(bufLength); + + // p[1] has the CKeyInfo structure required to create a key + // Read it and convert from descriptor back to a CKeyInfo + TPtr8 thePtr(keyInfoBuf->Des()); + thePtr.FillZ(); + + aMessage.ReadL(1, thePtr); + TokenDataMarshaller::ReadL(*keyInfoBuf, iKeyInfo); + CleanupStack::PopAndDestroy(keyInfoBuf); + + iCurrentRequest.Set(ECreateUserKey, aMessage); + + SetActive(); + iServer.CreateUserKey(*iKeyInfo, *authExprBuf, freshness, iStatus); + CleanupStack::PopAndDestroy(authExprBuf); + } + +void CKeyStoreConduit::ImportUserKeyL(const RMessage2& aMessage) + { + ASSERT(!iImportKey); + ASSERT(!iKeyInfo); + + // p[0] has the descriptor containing the PKCS8 object (may or may not be encrypted) + TInt keyLen = User::LeaveIfError(aMessage.GetDesLength(0)); + iServer.CheckRangeL(keyLen); + + HBufC8* importBuf = HBufC8::NewMaxLC(keyLen); + TPtr8 theKeyData(importBuf->Des()); + theKeyData.FillZ(); + aMessage.ReadL(0, theKeyData); + + + TInt bufLen = User::LeaveIfError(aMessage.GetDesLength(1)); + iServer.CheckRangeL(bufLen); + + // retrieve the authentication expression + TInt authExprLength = User::LeaveIfError(aMessage.GetDesLength(2)); + iServer.CheckRangeL(authExprLength); + HBufC* authExprBuf = HBufC::NewMaxLC(authExprLength); + + // p[2] has the authentication expression + TPtr authExprPtr(authExprBuf->Des()); + authExprPtr.FillZ(); + + aMessage.ReadL(2, authExprPtr); + + // retrieve the freshness value + TInt freshness = aMessage.Int3(); + + HBufC8* keyInfoBuf = HBufC8::NewMaxLC(bufLen); + + // p[1] has the CKeyInfo structure required to create a key + // Read it and convert from descriptor back to a CKeyInfo + TPtr8 thePtr(keyInfoBuf->Des()); + thePtr.FillZ(); + aMessage.ReadL(1, thePtr); + + TokenDataMarshaller::ReadL(*keyInfoBuf, iKeyInfo); + CleanupStack::PopAndDestroy(keyInfoBuf); + + iImportKey = importBuf; + iCurrentRequest.Set(static_cast(aMessage.Function()), aMessage); + + TBool isEncrypted = (aMessage.Function() == EImportEncryptedUserKey); + SetActive(); + iServer.ImportUserKey(*iImportKey, *iKeyInfo, isEncrypted, *authExprBuf, freshness, iStatus); + CleanupStack::PopAndDestroy(authExprBuf); + CleanupStack::Pop(importBuf); +} + +void CKeyStoreConduit::SetAuthenticationPolicyL(const RMessage2& aMessage) + { + TInt objectId = aMessage.Int0(); + + TInt authExprLen = User::LeaveIfError(aMessage.GetDesLength(1)); + iServer.CheckRangeL(authExprLen); + HBufC* authExpr = HBufC::NewMaxLC(authExprLen); + TPtr authExprPtr(authExpr->Des()); + authExprPtr.FillZ(); + aMessage.ReadL(1, authExprPtr); + + TInt freshness = aMessage.Int2(); + iCurrentRequest.Set(ESetAuthenticationPolicy, aMessage); + + SetActive(); + // ownership of authExpr is with the caller + iServer.SetAuthenticationPolicy(objectId, authExpr, freshness, iStatus); + CleanupStack::Pop(authExpr); + } + +void CKeyStoreConduit::GetAuthenticationPolicyL(const RMessage2& aMessage) + { + TInt objectId = aMessage.Int0(); + HBufC* authExpression = iServer.AuthExpressionL(objectId); + CleanupStack::PushL(authExpression); + TInt freshness = iServer.FreshnessL(objectId); + TPckg pckgFreshness(freshness); + aMessage.WriteL(1, *authExpression); + aMessage.WriteL(2, pckgFreshness); + CleanupStack::PopAndDestroy(authExpression); + aMessage.Complete(KErrNone); + } + +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER void CKeyStoreConduit::CancelCreateKey(const RMessage2& aMessage) { @@ -735,6 +910,8 @@ aMessage.Complete(KErrNone); } +#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER + void CKeyStoreConduit::ChangePassphrase(const RMessage2& aMessage) { iCurrentRequest.Set(EChangePassphrase, aMessage); @@ -806,6 +983,8 @@ aMessage.Complete(KErrNone); } +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER + // // CActive functions // @@ -841,6 +1020,14 @@ iServer.CancelExportEncryptedKey(); break; +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER + case ECreateUserKey: + iServer.CancelCreateKey(); + break; + case EImportUserKey: + case EImportEncryptedUserKey: + iServer.CancelImportKey(); +#else case EChangePassphrase: iServer.CancelChangePassphrase(); break; @@ -848,6 +1035,9 @@ case EAuthOpen: iServer.CancelAuthOpen(); break; + + +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER default: // Nothing to do @@ -870,6 +1060,13 @@ switch (iCurrentRequest.OutstandingRequest()) { +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER + case ESetAuthenticationPolicy: + break; + case ECreateUserKey: + case EImportUserKey: + case EImportEncryptedUserKey: +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER case ECreateKey: case EImportKey: case EImportEncryptedKey: @@ -947,10 +1144,13 @@ case EDHAgree: FinishDHAgreeL(); break; +#ifndef SYMBIAN_KEYSTORE_USE_AUTH_SERVER case EChangePassphrase: case EAuthOpen: // Nothing to do - break; + break; +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER + default: __ASSERT_DEBUG(EFalse, PanicServer(EPanicInvalidRequest)); User::Leave(KErrNotSupported);