diff -r f5050f1da672 -r 04becd199f91 javaextensions/satsa/apdu/src.s60/cstsaccesscontrol.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/javaextensions/satsa/apdu/src.s60/cstsaccesscontrol.h Tue Apr 27 16:30:29 2010 +0300 @@ -0,0 +1,155 @@ +/* +* Copyright (c) 2008 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: + * +*/ + + +#ifndef CSTSACCESSCONTROL_H +#define CSTSACCESSCONTROL_H + +// INCLUDES +#include +#include "stsapduconstants.h" //for TPinApduType + +namespace java +{ +namespace satsa +{ + +class CSTSPKCS15Reader; +class CSTSAce; +class CSTSAuthType; +class CSTSMidletInfo; + +// CLASS DECLARATION + +/** + * Handels the security and access logic of SATSA-APDU. + * Uses ACF information and PIN related information found in the card's + * PKCS#15 structure and checks security and access related information + * when asked. + */ +NONSHARABLE_CLASS(CSTSAccessControl): public CBase +{ + +public: // Constructors and destructor + + + static CSTSAccessControl* NewL(CSTSMidletInfo* aMidletInfo); + + virtual ~CSTSAccessControl(); + +public: + + // Reads Access Control related files from the smart card. + void ReadFilesL(); + + /** + * Checks is current J2ME application domain allowed to use + * selected application in the card. + * @return ETrue if domain is allowed to use application, else EFalse + */ + TBool IsAllowedDomain(); + + /** + * Checks is the gived apdu allowed to be sent to card application. + * @param aMidletApduHeader APDU header part, which will be checked + * @return ETrue if apdu is allowed, EFalse if not + */ + TBool IsAllowedApduL(const TDesC8& aMidletApduHeader); + + /** + * Chekcs is the gived PIN method supported in the card application. + * @return ETrue if method is allowed to use, EFalse if not + */ + TBool IsAllowedPinMethod(); + + /** + * Gets recommended PIN header for the gived PIN method if there is any + * @param aPinID Id of the PIN + * @param aPinApduType Which PIN header is tried to get + * @return Pin header if found or KNullDesC8() if not found + */ + const TDesC8& GetPinHeaderL(TInt aPinID, TPinApduType aPinApduType); + + /** + * Gets PIN attributes which can be used for creating proper PIN UI + * @param aPinID Id of the PIN + * @return Reference to CSTSAuthType object, contains PIN information. + */ + const CSTSAuthType& GetPinAttributesL(TInt aPinID); + + /** + * Gets token label which can be used for creating proper PIN UI + * @return Reference to descriptor, contains token label. + */ + const TDesC& TokenLabelL(); + + // Sets card application AID + void SetAIDL(const TDesC8& aAID); + + // Closes connection to PKCS15 application if it is still open + void Close(); + + /** + * Checks change disabled, unblock disabled and disable allowed PIN + * flags depending on which PIN apdu type is used and leaves if + * flag informs that operation is disabled or not allowed to do. + * @param aPinApduType Which PIN header is tried to get + */ + void CheckPinFlagsL(TPinApduType aPinApduType); + +private: + + CSTSAccessControl(CSTSMidletInfo* aMidletInfo); + + void ConstructL(); + + /** + * Finds correct authType of gived PinId. Saves found authType + * to member variable. Leaves, if correct authType will not found. + * @return Reference to descriptor, contains token label. + */ + void FindAuthTypeL(TInt aPinID); + + /** + * Checks is gived ace valid for current Domain, RootId or EndEntityId. + * @param aAce Ace entry which will be used in comparison. + * @return True if ace was proper, otherwice false + */ + TBool IsProperAce(const CSTSAce* aAce) const; + +private: + + // PKCS15 structure reader, owned + CSTSPKCS15Reader* iPKCS15Reader; + CSTSMidletInfo* iMidletInfo; //not owned + + // information of principals, permissions and userAuthentications + CArrayPtrFlat< CSTSAce>* iAces; + + // contains PIN related information, owned + CSTSAuthType* iAuthType; + CArrayPtrFlat< CSTSAuthType>* iAuthTypes; + + // buffer for pin header, owned + HBufC8* iApduHeader; + +}; + +} // namespace satsa +} // namespace java +#endif // CSTSACCESSCONTROL_H +// End of File