|
1 /* |
|
2 * Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 #include "certificatesmanager.h" |
|
18 |
|
19 #ifndef SYMBIAN_ENABLE_SPLIT_HEADERS |
|
20 #include <securitydefs.h> |
|
21 #else |
|
22 #include <securitydefs.h> |
|
23 #include <securitydefsconst.h> |
|
24 #endif |
|
25 |
|
26 #include "logger.h" |
|
27 |
|
28 using namespace java::security::legacysupport; |
|
29 |
|
30 const int STATE_ENABLED = 1; |
|
31 const int STATE_DISABLED = 2; |
|
32 const int STATE_DELETED = 3; |
|
33 |
|
34 CertificatesManager* CertificatesManager::NewL() |
|
35 { |
|
36 JELOG2(EJavaSystemAMS); |
|
37 CertificatesManager* self = new(ELeave) CertificatesManager(); |
|
38 CleanupStack::PushL(self); |
|
39 self->ConstructL(); |
|
40 CleanupStack::Pop(self); |
|
41 return self; |
|
42 } |
|
43 |
|
44 CertificatesManager::CertificatesManager() |
|
45 : CActive(EPriorityNormal), iState(EStart), iCTToken(NULL), iCTTokenType(NULL), iCertStore(NULL), iCertsFilter(NULL), iBuffer(NULL), iBufferPos(0), iCanDisable(false), iEncodedCert(NULL), iCurrentRetrievedCert(0), iCurrentCert(NULL), iCurrentCertInfo(NULL), iProtDomain(NULL), iCertCount(0), iInitialized(false) |
|
46 { |
|
47 JELOG2(EJavaSystemAMS); |
|
48 } |
|
49 |
|
50 void CertificatesManager::ConstructL() |
|
51 { |
|
52 JELOG2(EJavaSystemAMS); |
|
53 CActiveScheduler::Add(this); |
|
54 } |
|
55 |
|
56 void CertificatesManager::RunL() |
|
57 { |
|
58 JELOG2(EJavaSystemAMS); |
|
59 switch (iState) |
|
60 { |
|
61 case EStart: |
|
62 InitL(); |
|
63 iState = EOpenToken; |
|
64 break; |
|
65 case EOpenToken: |
|
66 OpenToken(); |
|
67 iState = EGetTokenInterface; |
|
68 break; |
|
69 case EGetTokenInterface: |
|
70 GetTokenInterface(); |
|
71 iState = EListCertificates; |
|
72 break; |
|
73 case EListCertificates: |
|
74 ListCertificatesL(); |
|
75 iState = EInitCertsRetrieval; |
|
76 break; |
|
77 case EInitCertsRetrieval: |
|
78 InitCertsRetrievalL(); |
|
79 case ERetrieveCertificates: |
|
80 RetrieveCertificates(); |
|
81 CompleteRequest(); |
|
82 break; |
|
83 case ERetrieveCertState: |
|
84 RetrieveCertState(); |
|
85 iState = ERetrieveCertLength; |
|
86 break; |
|
87 case ERetrieveCertLength: |
|
88 RetrieveCertLengthL(); |
|
89 iState = ECollectCertInfo; |
|
90 break; |
|
91 case ECollectCertInfo: |
|
92 CollectCertInfoL(); |
|
93 iState = ERetrieveCertificates; |
|
94 CompleteRequest(); |
|
95 break; |
|
96 case EFinish: |
|
97 // mark that the initialization was done |
|
98 CActiveScheduler::Stop(); |
|
99 return; |
|
100 } |
|
101 // re-issue a new request |
|
102 SetActive(); |
|
103 } |
|
104 |
|
105 void CertificatesManager::DoCancel() |
|
106 { |
|
107 JELOG2(EJavaSystemAMS); |
|
108 } |
|
109 |
|
110 TInt CertificatesManager::RunError(TInt /*aError*/) |
|
111 { |
|
112 JELOG2(EJavaSystemAMS); |
|
113 return KErrNone; |
|
114 } |
|
115 |
|
116 CertificatesManager::~CertificatesManager() |
|
117 { |
|
118 JELOG2(EJavaSystemAMS); |
|
119 if (iCTTokenType) |
|
120 { |
|
121 iCTTokenType->Release(); |
|
122 iCTTokenType = NULL; |
|
123 } |
|
124 if (iCTToken) |
|
125 { |
|
126 iCTToken->Release(); |
|
127 iCTToken = NULL; |
|
128 } |
|
129 if (iCTTokenInterface) |
|
130 { |
|
131 iCTTokenInterface->Release(); |
|
132 iCTTokenInterface = NULL; |
|
133 } |
|
134 if (iCertsFilter) |
|
135 { |
|
136 delete iCertsFilter; |
|
137 iCertsFilter = NULL; |
|
138 } |
|
139 REComSession::DestroyedImplementation(iJavaCertStoreEcomPluginId); |
|
140 iCertInfos.Close(); |
|
141 iCTTokenInfo.Close(); |
|
142 iCertInfos.Close(); |
|
143 if (iBuffer) |
|
144 { |
|
145 delete iBuffer; |
|
146 iBuffer = NULL; |
|
147 } |
|
148 iApplications.Close(); |
|
149 if (iEncodedCert) |
|
150 { |
|
151 delete iEncodedCert; |
|
152 iEncodedCert = NULL; |
|
153 } |
|
154 if (iCurrentCert) |
|
155 { |
|
156 delete iCurrentCert; |
|
157 iCurrentCert = NULL; |
|
158 } |
|
159 if (iProtDomain) |
|
160 { |
|
161 delete iProtDomain; |
|
162 iProtDomain = NULL; |
|
163 } |
|
164 } |
|
165 |
|
166 TUint32 CertificatesManager::TrustRootCount(const TDesC& aProtectionDomain) |
|
167 { |
|
168 JELOG2(EJavaSystemAMS); |
|
169 LazyInit(); |
|
170 if (iProtDomain == NULL || iProtDomain->Compare(aProtectionDomain) == 0) |
|
171 { |
|
172 iProtDomain = aProtectionDomain.Alloc(); |
|
173 return iCertCount; |
|
174 } |
|
175 else |
|
176 { |
|
177 return 0; |
|
178 } |
|
179 } |
|
180 |
|
181 TPtr8 CertificatesManager::TrustRootInfo(const TDesC& /*aProtectionDomain*/) |
|
182 { |
|
183 JELOG2(EJavaSystemAMS); |
|
184 LazyInit(); |
|
185 return iBuffer->Ptr(0); |
|
186 } |
|
187 |
|
188 TPtr8 CertificatesManager::TrustRootInfoCertificateL(const TInt aId) |
|
189 { |
|
190 JELOG2(EJavaSystemAMS); |
|
191 LazyInit(); |
|
192 iCurrentCertInfo = getTrustRootL(aId); |
|
193 iCurrentCert = HBufC8::NewL(iCurrentCertInfo->Size()); |
|
194 TPtr8 currentCertPtr = iCurrentCert->Des(); |
|
195 iCertStore->Retrieve(*iCurrentCertInfo, currentCertPtr, iStatus); |
|
196 User::WaitForRequest(iStatus); |
|
197 TPtr8 ptr = iCurrentCert->Des(); |
|
198 return ptr; |
|
199 } |
|
200 |
|
201 void CertificatesManager::DeleteTrustRootL(const TInt aId) |
|
202 { |
|
203 JELOG2(EJavaSystemAMS); |
|
204 LazyInit(); |
|
205 iCurrentCertInfo = getTrustRootL(aId); |
|
206 iCertStore->Remove(*iCurrentCertInfo, iStatus); |
|
207 User::WaitForRequest(iStatus); |
|
208 if (iStatus.Int() == KErrNone) |
|
209 { |
|
210 UpdateCacheL(aId, STATE_DELETED); |
|
211 } |
|
212 } |
|
213 |
|
214 void CertificatesManager::DisableTrustRootL(const TInt aId) |
|
215 { |
|
216 JELOG2(EJavaSystemAMS); |
|
217 LazyInit(); |
|
218 iCurrentCertInfo = getTrustRootL(aId); |
|
219 RArray<TUid> applications; |
|
220 iCertStore->SetApplicability(*iCurrentCertInfo, applications, iStatus); |
|
221 User::WaitForRequest(iStatus); |
|
222 if (iStatus.Int() == KErrNone) |
|
223 { |
|
224 UpdateCacheL(aId, STATE_DISABLED); |
|
225 } |
|
226 } |
|
227 |
|
228 void CertificatesManager::EnableTrustRootL(const TInt aId) |
|
229 { |
|
230 JELOG2(EJavaSystemAMS); |
|
231 LazyInit(); |
|
232 iCurrentCertInfo = getTrustRootL(aId); |
|
233 RArray<TUid> applications; |
|
234 applications.Append(KMidletInstallApplicabilityUid); |
|
235 iCertStore->SetApplicability(*iCurrentCertInfo, applications, iStatus); |
|
236 User::WaitForRequest(iStatus); |
|
237 if (iStatus.Int() == KErrNone) |
|
238 { |
|
239 UpdateCacheL(aId, STATE_ENABLED); |
|
240 } |
|
241 } |
|
242 |
|
243 CCTCertInfo* CertificatesManager::getTrustRootL(const TInt aId) |
|
244 { |
|
245 JELOG2(EJavaSystemAMS); |
|
246 for (int i=0; i<iCertInfos.Count(); i++) |
|
247 { |
|
248 if (iCertInfos[i]->Handle().iObjectId == aId) |
|
249 { |
|
250 return iCertInfos[i]; |
|
251 } |
|
252 } |
|
253 User::Leave(KErrNotFound); |
|
254 return 0; // keeps compiler happy |
|
255 } |
|
256 |
|
257 void CertificatesManager::CompleteRequest() |
|
258 { |
|
259 JELOG2(EJavaSystemAMS); |
|
260 TRequestStatus* status = &iStatus; |
|
261 User::RequestComplete(status,KErrNone); |
|
262 } |
|
263 |
|
264 void CertificatesManager::InitL() |
|
265 { |
|
266 JELOG2(EJavaSystemAMS); |
|
267 const TUid javaCertStoreEcomPlugin = {0x200213A3}; |
|
268 iCTTokenType = reinterpret_cast<CCTTokenType*> |
|
269 (REComSession::CreateImplementationL( |
|
270 javaCertStoreEcomPlugin, |
|
271 iJavaCertStoreEcomPluginId)); |
|
272 if (iCTTokenType) |
|
273 { |
|
274 iCTTokenType->List(iCTTokenInfo, iStatus); |
|
275 } |
|
276 else |
|
277 { |
|
278 CompleteRequest(); |
|
279 } |
|
280 } |
|
281 |
|
282 void CertificatesManager::OpenToken() |
|
283 { |
|
284 JELOG2(EJavaSystemAMS); |
|
285 if (iCTTokenType) |
|
286 { |
|
287 iCTTokenType->OpenToken(*iCTTokenInfo[0], iCTToken, iStatus); |
|
288 } |
|
289 else |
|
290 { |
|
291 CompleteRequest(); |
|
292 } |
|
293 } |
|
294 |
|
295 void CertificatesManager::GetTokenInterface() |
|
296 { |
|
297 JELOG2(EJavaSystemAMS); |
|
298 if (iCTToken) |
|
299 { |
|
300 iCTToken->GetInterface(TUid::Uid(KInterfaceCertStore), iCTTokenInterface, iStatus); |
|
301 } |
|
302 else |
|
303 { |
|
304 CompleteRequest(); |
|
305 } |
|
306 } |
|
307 |
|
308 void CertificatesManager::ListCertificatesL() |
|
309 { |
|
310 JELOG2(EJavaSystemAMS); |
|
311 iCertStore = static_cast<MCTWritableCertStore*>(iCTTokenInterface); |
|
312 if (iCertStore) |
|
313 { |
|
314 iCertsFilter = CCertAttributeFilter::NewL(); |
|
315 iCertsFilter->SetOwnerType(ECACertificate); |
|
316 iCertsFilter->SetFormat(EX509Certificate); |
|
317 iCertStore->List(iCertInfos, *iCertsFilter, iStatus); |
|
318 } |
|
319 else |
|
320 { |
|
321 CompleteRequest(); |
|
322 } |
|
323 } |
|
324 |
|
325 void CertificatesManager::InitCertsRetrievalL() |
|
326 { |
|
327 JELOG2(EJavaSystemAMS); |
|
328 iCertCount = iCertInfos.Count(); |
|
329 iBuffer = CBufFlat::NewL(4 /*trusts count*/ + iCertInfos.Count() * 12); |
|
330 RBufWriteStream writer(*iBuffer, iBufferPos); |
|
331 writer.WriteUint32L(iCertInfos.Count()); |
|
332 iBufferPos +=4; |
|
333 } |
|
334 |
|
335 void CertificatesManager::RetrieveCertificates() |
|
336 { |
|
337 JELOG2(EJavaSystemAMS); |
|
338 if (iCurrentRetrievedCert < iCertInfos.Count()) |
|
339 { |
|
340 iState = ERetrieveCertState; |
|
341 } |
|
342 else |
|
343 { |
|
344 iState = EFinish; |
|
345 } |
|
346 } |
|
347 |
|
348 void CertificatesManager::RetrieveCertState() |
|
349 { |
|
350 JELOG2(EJavaSystemAMS); |
|
351 iApplications.Reset(); |
|
352 iCertStore->Applications(*iCertInfos[iCurrentRetrievedCert],iApplications,iStatus); |
|
353 } |
|
354 |
|
355 void CertificatesManager::RetrieveCertLengthL() |
|
356 { |
|
357 JELOG2(EJavaSystemAMS); |
|
358 iEncodedCert = HBufC8::NewL(iCertInfos[iCurrentRetrievedCert]->Size()); |
|
359 TPtr8 ptr = iEncodedCert->Des(); |
|
360 iCertStore->Retrieve(*iCertInfos[iCurrentRetrievedCert], ptr, iStatus); |
|
361 } |
|
362 |
|
363 void CertificatesManager::CollectCertInfoL() |
|
364 { |
|
365 JELOG2(EJavaSystemAMS); |
|
366 TBool canDelete = iCertInfos[iCurrentRetrievedCert]->IsDeletable(); |
|
367 TBool isDisabled = (iApplications.Count() == 0); |
|
368 // flags |
|
369 TInt flags = 0; |
|
370 if (canDelete) |
|
371 { |
|
372 flags |= 0x4; |
|
373 flags |= 0x2; |
|
374 } |
|
375 if (isDisabled) |
|
376 { |
|
377 flags |= 0x1; |
|
378 } |
|
379 RBufWriteStream writer(*iBuffer, iBufferPos); |
|
380 writer.WriteUint32L(iCertInfos[iCurrentRetrievedCert]->Handle().iObjectId); |
|
381 writer.WriteUint32L(flags); |
|
382 writer.WriteUint32L(iEncodedCert->Length()); |
|
383 iBufferPos +=12; |
|
384 iCurrentRetrievedCert++; |
|
385 } |
|
386 |
|
387 void CertificatesManager::UpdateCacheL(TInt aCertId, TInt aCertState) |
|
388 { |
|
389 JELOG2(EJavaSystemAMS); |
|
390 CBufFlat* newBuffer; |
|
391 if (aCertState == STATE_DELETED) |
|
392 { |
|
393 iCertCount--; |
|
394 } |
|
395 newBuffer = CBufFlat::NewL(4 /*trusts count*/ + iCertCount * 12); |
|
396 CleanupStack::PushL(newBuffer); |
|
397 int bufferPos = 0; |
|
398 RBufReadStream reader(*iBuffer, bufferPos); |
|
399 RBufWriteStream writer(*newBuffer, bufferPos); |
|
400 TInt cnt = reader.ReadUint32L(); |
|
401 writer.WriteUint32L(iCertCount); |
|
402 bufferPos += 4; |
|
403 for (int i=0; i<cnt; i++) |
|
404 { |
|
405 TInt id = reader.ReadUint32L(); |
|
406 TInt flags = reader.ReadUint32L(); |
|
407 TInt length = reader.ReadUint32L(); |
|
408 if (id == aCertId) |
|
409 { |
|
410 TInt newFlags = flags & 0x6; |
|
411 switch (aCertState) |
|
412 { |
|
413 case STATE_DISABLED: |
|
414 newFlags |= 0x1; |
|
415 case STATE_ENABLED: |
|
416 // replace the flags with newFlags |
|
417 writer.WriteUint32L(id); |
|
418 writer.WriteUint32L(newFlags); |
|
419 writer.WriteUint32L(length); |
|
420 break; |
|
421 case STATE_DELETED: |
|
422 // don't write the entry |
|
423 break; |
|
424 } |
|
425 } |
|
426 else |
|
427 { |
|
428 writer.WriteUint32L(id); |
|
429 writer.WriteUint32L(flags); |
|
430 writer.WriteUint32L(length); |
|
431 } |
|
432 bufferPos += 12; |
|
433 } |
|
434 delete iBuffer; |
|
435 iBuffer = newBuffer; |
|
436 CleanupStack::Pop(newBuffer); |
|
437 } |
|
438 |
|
439 void CertificatesManager::LazyInit() |
|
440 { |
|
441 if (iInitialized) |
|
442 { |
|
443 return; |
|
444 } |
|
445 // kick off the state machine (RunL method) |
|
446 SetActive(); |
|
447 CompleteRequest(); |
|
448 // start the nested active scheduler (in this way we wait for the RunL method to complete) |
|
449 CActiveScheduler::Start(); |
|
450 // mark that the initialization is complete |
|
451 iInitialized = true; |
|
452 } |