--- a/contentmgmt/contentaccessfwfordrm/group/bld.inf Mon May 03 14:11:52 2010 +0300
+++ b/contentmgmt/contentaccessfwfordrm/group/bld.inf Tue May 25 00:47:47 2010 +0530
@@ -21,6 +21,10 @@
@file
*/
+#ifdef SYMBIAN_ENABLE_SDP_WMDRM_SUPPORT
+#include "../../referencedrmagent/refcafhelper/group/bld.inf"
+#endif
+
PRJ_PLATFORMS
DEFAULT
--- a/cryptomgmtlibs/securityutils/group/bld.inf Mon May 03 14:11:52 2010 +0300
+++ b/cryptomgmtlibs/securityutils/group/bld.inf Tue May 25 00:47:47 2010 +0530
@@ -28,7 +28,7 @@
../inc/euserext.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(euserext.h)
../inc/miscutil.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(miscutil.h)
../inc/callbacktimer.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(callbacktimer.h)
-../inc/SecSettingsclient.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(SecSettings/SecSettingsclient.h)
+../inc/secsettingsclient.h SYMBIAN_OS_LAYER_PLATFORM_EXPORT_PATH(secsettings/secsettingsclient.h)
../inc/securityerr.h SYMBIAN_OS_LAYER_PUBLIC_EXPORT_PATH(securityerr.h)
// ROMKIT includes
--- a/cryptoservices/certificateandkeymgmt/asn1/asn1libdec.cpp Mon May 03 14:11:52 2010 +0300
+++ b/cryptoservices/certificateandkeymgmt/asn1/asn1libdec.cpp Tue May 25 00:47:47 2010 +0530
@@ -18,3 +18,8 @@
#include <asn1dec.h>
+
+// Dummy definition, just to satisfy SDK creation check
+EXPORT_C TASN1DecEnumerated::TASN1DecEnumerated()
+{
+}
--- a/cryptoservices/certificateandkeymgmt/bwins/ASN1u.def Mon May 03 14:11:52 2010 +0300
+++ b/cryptoservices/certificateandkeymgmt/bwins/ASN1u.def Tue May 25 00:47:47 2010 +0530
@@ -130,4 +130,5 @@
??1CASN1EncPrintableString@@UAE@XZ @ 129 NONAME ; CASN1EncPrintableString::~CASN1EncPrintableString(void)
?NewL@CASN1EncPrintableString@@SAPAV1@ABVTDesC8@@@Z @ 130 NONAME ; class CASN1EncPrintableString * CASN1EncPrintableString::NewL(class TDesC8 const &)
?NewLC@CASN1EncPrintableString@@SAPAV1@ABVTDesC8@@@Z @ 131 NONAME ; class CASN1EncPrintableString * CASN1EncPrintableString::NewLC(class TDesC8 const &)
+ ??0TASN1DecEnumerated@@QAE@XZ @ 132 NONAME ; TASN1DecEnumerated::TASN1DecEnumerated(void)
--- a/cryptoservices/certificateandkeymgmt/bwins/X509_v2u.def Mon May 03 14:11:52 2010 +0300
+++ b/cryptoservices/certificateandkeymgmt/bwins/X509_v2u.def Tue May 25 00:47:47 2010 +0530
@@ -279,5 +279,5 @@
?NewL@CCertificateValidationWarnings@@SAPAV1@H@Z @ 278 NONAME ; class CCertificateValidationWarnings * CCertificateValidationWarnings::NewL(int)
?NewLC@CCertificateValidationWarnings@@SAPAV1@H@Z @ 279 NONAME ; class CCertificateValidationWarnings * CCertificateValidationWarnings::NewLC(int)
?Warnings@CCertificateValidationWarnings@@QBEABV?$RArray@VTValidationStatus@@@@XZ @ 280 NONAME ; class RArray<class TValidationStatus> const & CCertificateValidationWarnings::Warnings(void) const
- ?SubjectKeyIdL@CX509Certificate@@QAE?AV?$TBuf8@$0BE@@@XZ @ 281 NONAME ; class TBuf8<20> CX509Certificate::SubjectKeyIdL(void)
+ ?SubjectKeyIdL@CX509Certificate@@QBE?AV?$TBuf8@$0BE@@@XZ @ 281 NONAME ; class TBuf8<20> CX509Certificate::SubjectKeyIdL(void) const
--- a/cryptoservices/certificateandkeymgmt/eabi/asn1U.def Mon May 03 14:11:52 2010 +0300
+++ b/cryptoservices/certificateandkeymgmt/eabi/asn1U.def Tue May 25 00:47:47 2010 +0530
@@ -204,4 +204,6 @@
_ZTV23CASN1EncPrintableString @ 203 NONAME ; #<VT>#
_ZN17CASN1EncPrimitiveC2Ej @ 204 NONAME
_ZN17TASN1DecBMPString10CheckValidERK6TDesC8 @ 205 NONAME
+ _ZN18TASN1DecEnumeratedC1Ev @ 206 NONAME
+ _ZN18TASN1DecEnumeratedC2Ev @ 207 NONAME
--- a/cryptoservices/certificateandkeymgmt/eabi/x509_v2u.def Mon May 03 14:11:52 2010 +0300
+++ b/cryptoservices/certificateandkeymgmt/eabi/x509_v2u.def Tue May 25 00:47:47 2010 +0530
@@ -397,5 +397,5 @@
_ZNK30CCertificateValidationWarnings9CertIndexEv @ 396 NONAME
_ZTI30CCertificateValidationWarnings @ 397 NONAME
_ZTV30CCertificateValidationWarnings @ 398 NONAME
- _ZN16CX509Certificate13SubjectKeyIdLEv @ 399 NONAME
+ _ZNK16CX509Certificate13SubjectKeyIdLEv @ 399 NONAME
--- a/cryptoservices/certificateandkeymgmt/inc/x509cert.h Mon May 03 14:11:52 2010 +0300
+++ b/cryptoservices/certificateandkeymgmt/inc/x509cert.h Tue May 25 00:47:47 2010 +0530
@@ -621,7 +621,7 @@
* as an extension in the certificate, any other certificate it returns the keyidentifier as
* calculated by Symbian's proprietary logic.
* @return The subject key identifier for the certificate. */
- IMPORT_C TKeyIdentifier SubjectKeyIdL();
+ IMPORT_C TKeyIdentifier SubjectKeyIdL() const;
/** Destructor.
--- a/cryptoservices/certificateandkeymgmt/x509/x509cert.cpp Mon May 03 14:11:52 2010 +0300
+++ b/cryptoservices/certificateandkeymgmt/x509/x509cert.cpp Tue May 25 00:47:47 2010 +0530
@@ -1339,10 +1339,10 @@
}
-EXPORT_C TKeyIdentifier CX509Certificate::SubjectKeyIdL()
+EXPORT_C TKeyIdentifier CX509Certificate::SubjectKeyIdL() const
{
// if it is a v1 or v2 type then there is no way of knowing which is a CA, treat all certs as CA as done in the certificate recognizer.
- if (Version() != 3 )
+ if (Version() < 3 )
{
return SubjectKeyIdentifierL();
}
--- a/securityanddataprivacytools/securitytools/certapp/encdec/certinfo.cpp Mon May 03 14:11:52 2010 +0300
+++ b/securityanddataprivacytools/securitytools/certapp/encdec/certinfo.cpp Tue May 25 00:47:47 2010 +0530
@@ -197,6 +197,11 @@
return (TCertificateFormat)iFormat.Value();
}
+TCertificateOwnerType CertInfo::CertificateOwnerType() const
+{
+ return (TCertificateOwnerType)iCertificateOwnerType.Value();
+}
+
KeyIdentifierObject &CertInfo::SubjectKeyId()
{
--- a/securityanddataprivacytools/securitytools/certapp/encdec/certinfo.h Mon May 03 14:11:52 2010 +0300
+++ b/securityanddataprivacytools/securitytools/certapp/encdec/certinfo.h Tue May 25 00:47:47 2010 +0530
@@ -64,6 +64,8 @@
TUint32 OutputCertificateId() const;
void SetOutputCertificateId(TUint32 aId);
+
+ TCertificateOwnerType CertificateOwnerType() const;
private:
EncDecObject<TUint8> iTmpCombinedDeletableAndFormat;
--- a/securityanddataprivacytools/securitytools/certapp/encdec/filecertstore.cpp Mon May 03 14:11:52 2010 +0300
+++ b/securityanddataprivacytools/securitytools/certapp/encdec/filecertstore.cpp Tue May 25 00:47:47 2010 +0530
@@ -286,10 +286,11 @@
if(iCertInfo.CertificateFormat() == EX509Certificate)
{
TKeyIdentifier subjectKeyId;
-
+ bool isCA = ( iCertInfo.CertificateOwnerType() != EUserCertificate );
+
// nb. If processing a swicertstore we ignore any SubjectKeyId in the extension.
if(X509SubjectKeyId((iSwiMode)?(KIgnoreCertificateExtension) : (KUseCertificateExtension),
- false,
+ false, isCA,
iCertData,
iCertSubject, subjectKeyId))
{
--- a/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.cpp Mon May 03 14:11:52 2010 +0300
+++ b/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.cpp Tue May 25 00:47:47 2010 +0530
@@ -191,7 +191,7 @@
#endif
bool X509SubjectKeyId(EUseCertificateExtension aUseExtension, bool aUseRfc3280Algorithm,
- const std::string &aCert,
+ bool aIsCa, const std::string &aCert,
std::string &aSubject, TKeyIdentifier &aSubjectKeyId)
{
bool done = false;
@@ -210,8 +210,17 @@
// Return the Subject Name
prog << Log::Indent() << "Cert subject is '" << x509->name << "'" << Log::Endl();
aSubject = std::string(x509->name);
-
- if(aUseExtension)
+ TUint32 ver = X509_get_version(x509);
+ prog << Log::Indent() << "Cert version is '" << ver << "'" << Log::Endl();
+
+ // if the ver is a v1 or v2 type then there is no way of knowing which is a CA, treat all certs as CA as done in the certificate recognizer.
+ bool treatAsCa = false;
+ if ( ver < 3 || aIsCa )
+ {
+ treatAsCa = true;
+ }
+
+ if(treatAsCa && aUseExtension)
{
// Attempt to read Subject Key Id extension
ASN1_OCTET_STRING *subKeyId = (ASN1_OCTET_STRING *) X509_get_ext_d2i(x509, NID_subject_key_identifier, NULL, NULL);
--- a/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.h Mon May 03 14:11:52 2010 +0300
+++ b/securityanddataprivacytools/securitytools/certapp/encdec/x509utils.h Tue May 25 00:47:47 2010 +0530
@@ -71,7 +71,7 @@
If the certificate is invalid then exit the program with an error message!
*/
bool X509SubjectKeyId(EUseCertificateExtension aUseExtension, bool aUseRfc3280Algorithm,
- const std::string &aCert,
+ bool aIsCa, const std::string &aCert,
std::string &aSubject, TKeyIdentifier &aSubjectKeyId);
/**