# HG changeset patch # User hgs # Date 1274728667 -19800 # Node ID 970c0057d9bcf6456f82a272beb27492df0f1518 # Parent 11c66574c2a2953664ee3329436a386835e2f74a 201019_03 diff -r 11c66574c2a2 -r 970c0057d9bc contentmgmt/contentaccessfwfordrm/group/bld.inf --- a/contentmgmt/contentaccessfwfordrm/group/bld.inf Mon May 03 14:11:52 2010 +0300 +++ b/contentmgmt/contentaccessfwfordrm/group/bld.inf Tue May 25 00:47:47 2010 +0530 @@ -21,6 +21,10 @@ @file */ +#ifdef SYMBIAN_ENABLE_SDP_WMDRM_SUPPORT +#include "../../referencedrmagent/refcafhelper/group/bld.inf" +#endif + PRJ_PLATFORMS DEFAULT diff -r 11c66574c2a2 -r 970c0057d9bc cryptomgmtlibs/securityutils/group/bld.inf --- a/cryptomgmtlibs/securityutils/group/bld.inf Mon May 03 14:11:52 2010 +0300 +++ b/cryptomgmtlibs/securityutils/group/bld.inf Tue May 25 00:47:47 2010 +0530 @@ -28,7 +28,7 @@ ../inc/euserext.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(euserext.h) ../inc/miscutil.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(miscutil.h) ../inc/callbacktimer.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(callbacktimer.h) -../inc/SecSettingsclient.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(SecSettings/SecSettingsclient.h) +../inc/secsettingsclient.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(secsettings/secsettingsclient.h) ../inc/securityerr.h SYMBIAN_OS_LAYER_PUBLIC_EXPORT_PATH(securityerr.h) // ROMKIT includes diff -r 11c66574c2a2 -r 970c0057d9bc cryptoservices/certificateandkeymgmt/asn1/asn1libdec.cpp --- a/cryptoservices/certificateandkeymgmt/asn1/asn1libdec.cpp Mon May 03 14:11:52 2010 +0300 +++ b/cryptoservices/certificateandkeymgmt/asn1/asn1libdec.cpp Tue May 25 00:47:47 2010 +0530 @@ -18,3 +18,8 @@ #include + +// Dummy definition, just to satisfy SDK creation check +EXPORT_C TASN1DecEnumerated::TASN1DecEnumerated() +{ +} diff -r 11c66574c2a2 -r 970c0057d9bc cryptoservices/certificateandkeymgmt/bwins/ASN1u.def --- a/cryptoservices/certificateandkeymgmt/bwins/ASN1u.def Mon May 03 14:11:52 2010 +0300 +++ b/cryptoservices/certificateandkeymgmt/bwins/ASN1u.def Tue May 25 00:47:47 2010 +0530 @@ -130,4 +130,5 @@ ??1CASN1EncPrintableString@@UAE@XZ @ 129 NONAME ; CASN1EncPrintableString::~CASN1EncPrintableString(void) ?NewL@CASN1EncPrintableString@@SAPAV1@ABVTDesC8@@@Z @ 130 NONAME ; class CASN1EncPrintableString * CASN1EncPrintableString::NewL(class TDesC8 const &) ?NewLC@CASN1EncPrintableString@@SAPAV1@ABVTDesC8@@@Z @ 131 NONAME ; class CASN1EncPrintableString * CASN1EncPrintableString::NewLC(class TDesC8 const &) + ??0TASN1DecEnumerated@@QAE@XZ @ 132 NONAME ; TASN1DecEnumerated::TASN1DecEnumerated(void) diff -r 11c66574c2a2 -r 970c0057d9bc cryptoservices/certificateandkeymgmt/bwins/X509_v2u.def --- a/cryptoservices/certificateandkeymgmt/bwins/X509_v2u.def Mon May 03 14:11:52 2010 +0300 +++ b/cryptoservices/certificateandkeymgmt/bwins/X509_v2u.def Tue May 25 00:47:47 2010 +0530 @@ -279,5 +279,5 @@ ?NewL@CCertificateValidationWarnings@@SAPAV1@H@Z @ 278 NONAME ; class CCertificateValidationWarnings * CCertificateValidationWarnings::NewL(int) ?NewLC@CCertificateValidationWarnings@@SAPAV1@H@Z @ 279 NONAME ; class CCertificateValidationWarnings * CCertificateValidationWarnings::NewLC(int) ?Warnings@CCertificateValidationWarnings@@QBEABV?$RArray@VTValidationStatus@@@@XZ @ 280 NONAME ; class RArray const & CCertificateValidationWarnings::Warnings(void) const - ?SubjectKeyIdL@CX509Certificate@@QAE?AV?$TBuf8@$0BE@@@XZ @ 281 NONAME ; class TBuf8<20> CX509Certificate::SubjectKeyIdL(void) + ?SubjectKeyIdL@CX509Certificate@@QBE?AV?$TBuf8@$0BE@@@XZ @ 281 NONAME ; class TBuf8<20> CX509Certificate::SubjectKeyIdL(void) const diff -r 11c66574c2a2 -r 970c0057d9bc cryptoservices/certificateandkeymgmt/eabi/asn1U.def --- a/cryptoservices/certificateandkeymgmt/eabi/asn1U.def Mon May 03 14:11:52 2010 +0300 +++ b/cryptoservices/certificateandkeymgmt/eabi/asn1U.def Tue May 25 00:47:47 2010 +0530 @@ -204,4 +204,6 @@ _ZTV23CASN1EncPrintableString @ 203 NONAME ; ## _ZN17CASN1EncPrimitiveC2Ej @ 204 NONAME _ZN17TASN1DecBMPString10CheckValidERK6TDesC8 @ 205 NONAME + _ZN18TASN1DecEnumeratedC1Ev @ 206 NONAME + _ZN18TASN1DecEnumeratedC2Ev @ 207 NONAME diff -r 11c66574c2a2 -r 970c0057d9bc cryptoservices/certificateandkeymgmt/eabi/x509_v2u.def --- a/cryptoservices/certificateandkeymgmt/eabi/x509_v2u.def Mon May 03 14:11:52 2010 +0300 +++ b/cryptoservices/certificateandkeymgmt/eabi/x509_v2u.def Tue May 25 00:47:47 2010 +0530 @@ -397,5 +397,5 @@ _ZNK30CCertificateValidationWarnings9CertIndexEv @ 396 NONAME _ZTI30CCertificateValidationWarnings @ 397 NONAME _ZTV30CCertificateValidationWarnings @ 398 NONAME - _ZN16CX509Certificate13SubjectKeyIdLEv @ 399 NONAME + _ZNK16CX509Certificate13SubjectKeyIdLEv @ 399 NONAME diff -r 11c66574c2a2 -r 970c0057d9bc cryptoservices/certificateandkeymgmt/inc/x509cert.h --- a/cryptoservices/certificateandkeymgmt/inc/x509cert.h Mon May 03 14:11:52 2010 +0300 +++ b/cryptoservices/certificateandkeymgmt/inc/x509cert.h Tue May 25 00:47:47 2010 +0530 @@ -621,7 +621,7 @@ * as an extension in the certificate, any other certificate it returns the keyidentifier as * calculated by Symbian's proprietary logic. * @return The subject key identifier for the certificate. */ - IMPORT_C TKeyIdentifier SubjectKeyIdL(); + IMPORT_C TKeyIdentifier SubjectKeyIdL() const; /** Destructor. diff -r 11c66574c2a2 -r 970c0057d9bc cryptoservices/certificateandkeymgmt/x509/x509cert.cpp --- a/cryptoservices/certificateandkeymgmt/x509/x509cert.cpp Mon May 03 14:11:52 2010 +0300 +++ b/cryptoservices/certificateandkeymgmt/x509/x509cert.cpp Tue May 25 00:47:47 2010 +0530 @@ -1339,10 +1339,10 @@ } -EXPORT_C TKeyIdentifier CX509Certificate::SubjectKeyIdL() +EXPORT_C TKeyIdentifier CX509Certificate::SubjectKeyIdL() const { // if it is a v1 or v2 type then there is no way of knowing which is a CA, treat all certs as CA as done in the certificate recognizer. - if (Version() != 3 ) + if (Version() < 3 ) { return SubjectKeyIdentifierL(); } diff -r 11c66574c2a2 -r 970c0057d9bc securityanddataprivacytools/securitytools/certapp/encdec/certinfo.cpp --- a/securityanddataprivacytools/securitytools/certapp/encdec/certinfo.cpp Mon May 03 14:11:52 2010 +0300 +++ b/securityanddataprivacytools/securitytools/certapp/encdec/certinfo.cpp Tue May 25 00:47:47 2010 +0530 @@ -197,6 +197,11 @@ return (TCertificateFormat)iFormat.Value(); } +TCertificateOwnerType CertInfo::CertificateOwnerType() const +{ + return (TCertificateOwnerType)iCertificateOwnerType.Value(); +} + KeyIdentifierObject &CertInfo::SubjectKeyId() { diff -r 11c66574c2a2 -r 970c0057d9bc securityanddataprivacytools/securitytools/certapp/encdec/certinfo.h --- a/securityanddataprivacytools/securitytools/certapp/encdec/certinfo.h Mon May 03 14:11:52 2010 +0300 +++ b/securityanddataprivacytools/securitytools/certapp/encdec/certinfo.h Tue May 25 00:47:47 2010 +0530 @@ -64,6 +64,8 @@ TUint32 OutputCertificateId() const; void SetOutputCertificateId(TUint32 aId); + + TCertificateOwnerType CertificateOwnerType() const; private: EncDecObject iTmpCombinedDeletableAndFormat; diff -r 11c66574c2a2 -r 970c0057d9bc securityanddataprivacytools/securitytools/certapp/encdec/filecertstore.cpp --- a/securityanddataprivacytools/securitytools/certapp/encdec/filecertstore.cpp Mon May 03 14:11:52 2010 +0300 +++ b/securityanddataprivacytools/securitytools/certapp/encdec/filecertstore.cpp Tue May 25 00:47:47 2010 +0530 @@ -286,10 +286,11 @@ if(iCertInfo.CertificateFormat() == EX509Certificate) { TKeyIdentifier subjectKeyId; - + bool isCA = ( iCertInfo.CertificateOwnerType() != EUserCertificate ); + // nb. If processing a swicertstore we ignore any SubjectKeyId in the extension. if(X509SubjectKeyId((iSwiMode)?(KIgnoreCertificateExtension) : (KUseCertificateExtension), - false, + false, isCA, iCertData, iCertSubject, subjectKeyId)) { diff -r 11c66574c2a2 -r 970c0057d9bc securityanddataprivacytools/securitytools/certapp/encdec/x509utils.cpp --- a/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.cpp Mon May 03 14:11:52 2010 +0300 +++ b/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.cpp Tue May 25 00:47:47 2010 +0530 @@ -191,7 +191,7 @@ #endif bool X509SubjectKeyId(EUseCertificateExtension aUseExtension, bool aUseRfc3280Algorithm, - const std::string &aCert, + bool aIsCa, const std::string &aCert, std::string &aSubject, TKeyIdentifier &aSubjectKeyId) { bool done = false; @@ -210,8 +210,17 @@ // Return the Subject Name prog << Log::Indent() << "Cert subject is '" << x509->name << "'" << Log::Endl(); aSubject = std::string(x509->name); - - if(aUseExtension) + TUint32 ver = X509_get_version(x509); + prog << Log::Indent() << "Cert version is '" << ver << "'" << Log::Endl(); + + // if the ver is a v1 or v2 type then there is no way of knowing which is a CA, treat all certs as CA as done in the certificate recognizer. + bool treatAsCa = false; + if ( ver < 3 || aIsCa ) + { + treatAsCa = true; + } + + if(treatAsCa && aUseExtension) { // Attempt to read Subject Key Id extension ASN1_OCTET_STRING *subKeyId = (ASN1_OCTET_STRING *) X509_get_ext_d2i(x509, NID_subject_key_identifier, NULL, NULL); diff -r 11c66574c2a2 -r 970c0057d9bc securityanddataprivacytools/securitytools/certapp/encdec/x509utils.h --- a/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.h Mon May 03 14:11:52 2010 +0300 +++ b/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.h Tue May 25 00:47:47 2010 +0530 @@ -71,7 +71,7 @@ If the certificate is invalid then exit the program with an error message! */ bool X509SubjectKeyId(EUseCertificateExtension aUseExtension, bool aUseRfc3280Algorithm, - const std::string &aCert, + bool aIsCa, const std::string &aCert, std::string &aSubject, TKeyIdentifier &aSubjectKeyId); /**