31 #include <d32dbms.h> |
31 #include <d32dbms.h> |
32 #include <EapType.h> |
32 #include <EapType.h> |
33 #include <unifiedcertstore.h> |
33 #include <unifiedcertstore.h> |
34 #include <mctwritablecertstore.h> |
34 #include <mctwritablecertstore.h> |
35 #include <pkixcertchain.h> |
35 #include <pkixcertchain.h> |
36 #include "eap_auth_notifier.h" |
36 #include "EapTlsPeapNotifierStructs.h" |
37 |
|
38 #include "EapTlsPeapUtils.h" |
37 #include "EapTlsPeapUtils.h" |
39 #include <bigint.h> |
38 #include <bigint.h> |
40 |
39 |
41 #if defined(USE_FAST_EAP_TYPE) |
40 #if defined(USE_FAST_EAP_TYPE) |
42 #include "EapFastNotifierStruct.h" |
41 #include "EapFastNotifierStruct.h" |
47 |
46 |
48 class CX509Certificate; |
47 class CX509Certificate; |
49 class CEapTlsPeapCertInterface; |
48 class CEapTlsPeapCertInterface; |
50 class eap_am_tools_symbian_c; |
49 class eap_am_tools_symbian_c; |
51 class abs_tls_am_application_eap_fast_c; |
50 class abs_tls_am_application_eap_fast_c; |
52 |
51 #if defined(USE_FAST_EAP_TYPE) |
53 |
52 class CEapFastActive; |
|
53 #endif |
|
54 class CEapTtlsPapActive; |
54 |
55 |
55 #ifdef USE_PAC_STORE |
56 #ifdef USE_PAC_STORE |
56 class CPacStoreDatabase; |
57 class CPacStoreDatabase; |
57 class SInfoEntry; |
58 struct SInfoEntry; |
58 #endif |
59 #endif |
59 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
60 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
60 class eap_file_config_c; |
61 class eap_file_config_c; |
61 #endif |
62 #endif |
62 |
63 |
63 const TInt KMaxLabelLength = 64; |
64 const TInt KMaxLabelLength = 64; |
64 const TInt KMaxDatabaseTableName = 64; |
65 const TInt KMaxDatabaseTableName = 64; |
65 const TInt KOffsetCorrection = 1; |
|
66 |
66 |
67 #if defined(USE_FAST_EAP_TYPE) |
67 #if defined(USE_FAST_EAP_TYPE) |
68 const char KEapFastPacProvisResultKey[] = "eap_am_type_tls_peap_symbian_c prov. result"; |
68 const char KEapFastPacProvisResultKey[] = "eap_am_type_tls_peap_symbian_c prov. result"; |
69 const TInt KEapFastPacProvisResultType = 1; |
69 const TInt KEapFastPacProvisResultType = 1; |
70 const u32_t KEapFastPacProvisResultDefaultTimeout = 10000; // in milliseconds = 10 seconds |
70 const u32_t KEapFastPacProvisResultDefaultTimeout = 10000; // in milliseconds = 10 seconds |
71 #endif |
71 #endif |
72 |
72 |
73 /// This class is interface to adaptation module of EAP/TLS and PEAP. |
73 /// This class is interface to adaptation module of EAP/TLS and PEAP. |
74 class EAP_EXPORT eap_am_type_tls_peap_symbian_c |
74 class EAP_EXPORT eap_am_type_tls_peap_symbian_c |
75 : public CActive |
75 : public CActive, public eap_am_type_tls_peap_c |
76 , public eap_am_type_tls_peap_c |
76 ,public abs_eap_base_timer_c |
77 , public abs_eap_base_timer_c |
|
78 , public MNotificationCallback |
|
79 { |
77 { |
80 |
78 |
81 public: |
79 public: |
82 |
80 |
83 #if defined(USE_FAST_EAP_TYPE) |
81 #if defined(USE_FAST_EAP_TYPE) |
85 { |
83 { |
86 EEapFastPacProvisResultFailure, /* 0 */ |
84 EEapFastPacProvisResultFailure, /* 0 */ |
87 EEapFastPacProvisResultSuccess /* 1 */ |
85 EEapFastPacProvisResultSuccess /* 1 */ |
88 }; |
86 }; |
89 #endif |
87 #endif |
90 |
|
91 private: // data |
88 private: // data |
92 |
89 //-------------------------------------------------- |
93 //-------------------------------------------------- |
90 |
94 |
91 RDbs m_session; |
95 RFs m_session; |
|
96 |
92 |
97 RDbNamedDatabase m_database; |
93 RDbNamedDatabase m_database; |
98 |
94 |
99 enum TState |
95 enum TState |
100 { |
96 { |
101 EHandlingIdentityQuery, /* 0 */ |
97 EHandlingIdentityQuery, /* 0 */ |
102 EHandlingManualIdentityQuery, /* 1 */ |
98 EHandlingManualIdentityQuery, /* 1 */ |
103 EHandlingChainQuery, /* 2 */ |
99 EHandlingChainQuery, /* 2 */ |
104 EHandlingCipherSuiteQuery, /* 3 */ |
100 EHandlingCipherSuiteQuery, /* 3 */ |
105 EHandlingDeviceSeedQuery, /* 4 */ |
101 #if defined(USE_FAST_EAP_TYPE) /* 4 */ |
106 #if defined(USE_FAST_EAP_TYPE) /* 5 */ |
102 EHandlingNotifierQuery, /* 5 */ |
107 EHandlingNotifierQuery, /* 6 */ |
103 EPasswordQuery, /* 6 */ |
108 EPasswordQuery, /* 7 */ |
104 EWrongPassword, /* 7 */ |
109 EWrongPassword, /* 8 */ |
105 EFilePasswordQuery, /* 8 */ |
110 EFilePasswordQuery, /* 9 */ |
106 EMasterkeyQuery, /* 9 */ |
111 EMasterkeyQuery, /* 10 */ |
107 EPasswordCancel, /* 10 */ |
112 EPasswordCancel, /* 11 */ |
108 EShowProvSuccesstNote, /* 11 */ |
113 EShowProvSuccesstNote, /* 12 */ |
109 EShowProvNotSuccesstNote, /* 12 */ |
114 EShowProvNotSuccesstNote, /* 13 */ |
110 ENone /* 13 */ |
115 ENotifierComplete, /*14 */ |
|
116 #endif //#if defined(USE_FAST_EAP_TYPE) |
111 #endif //#if defined(USE_FAST_EAP_TYPE) |
117 EPapUserNameAndPassword, /* 15 */ |
|
118 EPapChallenge, /* 16 */ |
|
119 ENone /* 17 */ |
|
120 |
112 |
121 }; |
113 }; |
122 |
114 |
123 TState m_state; |
115 TState m_state; |
124 TState m_prev_state; |
116 TState m_prev_state; |
150 bool m_is_valid; |
144 bool m_is_valid; |
151 bool m_is_client; |
145 bool m_is_client; |
152 |
146 |
153 eap_type_value_e m_current_eap_type; |
147 eap_type_value_e m_current_eap_type; |
154 |
148 |
|
149 // These are the vendor-types for EAP type and tunneling EAP type. |
|
150 // Valid for both expanded and non-expanded EAP types. |
|
151 u32_t m_current_eap_vendor_type; |
|
152 u32_t m_tunneling_vendor_type; |
|
153 |
155 TBufC<KMaxDatabaseTableName> m_db_table_name; |
154 TBufC<KMaxDatabaseTableName> m_db_table_name; |
156 TBufC<KMaxDatabaseTableName> m_db_user_cert_table_name; |
155 TBufC<KMaxDatabaseTableName> m_db_user_cert_table_name; |
157 TBufC<KMaxDatabaseTableName> m_db_ca_cert_table_name; |
156 TBufC<KMaxDatabaseTableName> m_db_ca_cert_table_name; |
158 TBufC<KMaxDatabaseTableName> m_db_cipher_suite_table_name; |
157 TBufC<KMaxDatabaseTableName> m_db_cipher_suite_table_name; |
159 TBufC<KMaxDatabaseTableName> m_db_name; |
158 TBufC<KMaxDatabaseTableName> m_db_name; |
160 |
159 |
161 #if defined (USE_FAST_EAP_TYPE) |
160 #if defined (USE_FAST_EAP_TYPE) |
162 TBufC<KMaxDatabaseTableName> m_db_fast_special_table_name; |
161 TBufC<KMaxDatabaseTableName> m_db_fast_special_table_name; |
163 RPointerArray<SInfoEntry> m_info_array; |
162 RArray<SInfoEntry> m_info_array; |
164 #endif |
163 #endif |
165 |
164 |
166 u32_t m_max_count_of_session_resumes; |
165 u32_t m_max_count_of_session_resumes; |
167 |
166 |
168 tls_cipher_suites_e m_cipher_suite; |
167 tls_cipher_suites_e m_cipher_suite; |
173 |
172 |
174 CX509Certificate* m_peer_certificate; |
173 CX509Certificate* m_peer_certificate; |
175 |
174 |
176 CEapTlsPeapCertInterface* m_cert_if; |
175 CEapTlsPeapCertInterface* m_cert_if; |
177 |
176 |
178 EapCertificateEntry m_own_certificate_info; |
177 SCertEntry m_own_certificate_info; |
179 |
178 |
180 eap_am_network_id_c m_receive_network_id; |
179 eap_am_network_id_c m_receive_network_id; |
181 |
180 |
182 u8_t m_eap_identifier; |
181 u8_t m_eap_identifier; |
183 |
182 |
184 TKeyIdentifier m_subject_key_id; |
183 TKeyIdentifier m_subject_key_id; |
185 |
184 |
186 RPointerArray<EapCertificateEntry> m_allowed_ca_certs; |
185 RArray<SCertEntry> m_allowed_ca_certs; |
187 |
186 |
188 RPointerArray<EapCertificateEntry> m_allowed_user_certs; |
187 RArray<SCertEntry> m_allowed_user_certs; |
189 |
188 |
190 RPointerArray<EapCertificateEntry> m_allowed_server_certs; |
189 RArray<SCertEntry> m_allowed_server_certs; |
191 |
190 |
192 RArray<TUint> m_allowed_cipher_suites; |
191 RArray<TUint> m_allowed_cipher_suites; |
193 |
192 |
194 eap_variable_data_c m_peer_public_key; |
193 eap_variable_data_c m_peer_public_key; |
195 |
194 |
197 eap_variable_data_c m_param_q; |
196 eap_variable_data_c m_param_q; |
198 eap_variable_data_c m_param_g; |
197 eap_variable_data_c m_param_g; |
199 |
198 |
200 bool m_shutdown_was_called; |
199 bool m_shutdown_was_called; |
201 |
200 |
|
201 #ifdef USE_EAP_EXPANDED_TYPES |
|
202 |
202 /// Tunneling EAP configuration data from EAP database. |
203 /// Tunneling EAP configuration data from EAP database. |
203 RPointerArray<TEapExpandedType> m_enabled_tunneling_exp_eap_array; |
204 RExpandedEapTypePtrArray m_enabled_tunneling_exp_eap_array; |
204 RPointerArray<TEapExpandedType> m_disabled_tunneling_exp_eap_array; |
205 RExpandedEapTypePtrArray m_disabled_tunneling_exp_eap_array; |
205 |
206 |
206 |
207 #else |
|
208 |
|
209 /// Tunneling EAP configuration data from EAP database. |
|
210 TEapArray m_iap_eap_array; |
|
211 |
|
212 #endif // #ifdef USE_EAP_EXPANDED_TYPES |
|
213 TIdentityInfo* m_identity_info; |
|
214 |
207 TBuf8<4> m_selector_output; |
215 TBuf8<4> m_selector_output; |
208 |
216 |
209 eap_type_value_e m_tunneled_type; |
217 eap_type_value_e m_tunneled_type; |
210 |
218 |
211 bool m_verify_certificate_realm; |
219 bool m_verify_certificate_realm; |
219 |
227 |
220 bool m_use_manual_realm; |
228 bool m_use_manual_realm; |
221 eap_variable_data_c m_manual_realm; |
229 eap_variable_data_c m_manual_realm; |
222 |
230 |
223 bool m_tls_peap_server_authenticates_client_policy_flag; |
231 bool m_tls_peap_server_authenticates_client_policy_flag; |
224 |
|
225 bool m_use_automatic_ca_certificate; |
|
226 |
232 |
227 /// This flag prevents double configuration. This can happen when |
233 /// This flag prevents double configuration. This can happen when |
228 /// this class implements many interfaces. |
234 /// this class implements many interfaces. |
229 bool m_configured; |
235 bool m_configured; |
230 |
236 |
256 eap_array_c<eap_fast_pac_store_data_c> m_new_references_and_data_blocks; |
262 eap_array_c<eap_fast_pac_store_data_c> m_new_references_and_data_blocks; |
257 eap_array_c<eap_fast_pac_store_data_c> m_ready_references_and_data_blocks; |
263 eap_array_c<eap_fast_pac_store_data_c> m_ready_references_and_data_blocks; |
258 |
264 |
259 bool m_serv_unauth_prov_mode; |
265 bool m_serv_unauth_prov_mode; |
260 bool m_serv_auth_prov_mode; |
266 bool m_serv_auth_prov_mode; |
261 #endif |
267 |
262 |
268 // For FAST notifiers |
263 |
269 RNotifier m_notifier; |
264 |
270 bool m_is_notifier_connected; // Tells if notifier server is connected. |
265 CEapAuthNotifier::TEapDialogInfo * m_notifier_data_to_user; |
271 |
266 |
272 TEapFastNotifierStruct * m_notifier_data_to_user; |
267 TPckg<CEapAuthNotifier::TEapDialogInfo> * m_notifier_data_pckg_to_user; |
273 TPckg<TEapFastNotifierStruct> * m_notifier_data_pckg_to_user; |
|
274 |
|
275 TEapFastNotifierStruct * m_notifier_data_from_user; |
|
276 TPckg<TEapFastNotifierStruct> * m_notifier_data_pckg_from_user; |
268 |
277 |
269 /* For MMETEL */ |
278 /* For MMETEL */ |
270 #if defined(USE_FAST_EAP_TYPE) |
|
271 |
279 |
272 // ETel connection. |
280 // ETel connection. |
273 RTelServer iServer; |
281 RTelServer iServer; |
274 RMobilePhone iPhone; |
282 RMobilePhone iPhone; |
275 |
283 |
277 // revision and serial number |
285 // revision and serial number |
278 RMobilePhone::TMobilePhoneIdentityV1 iDeviceId; |
286 RMobilePhone::TMobilePhoneIdentityV1 iDeviceId; |
279 |
287 |
280 // Tells if MMETEL is connected already or not. |
288 // Tells if MMETEL is connected already or not. |
281 TBool iMMETELConnectionStatus; |
289 TBool iMMETELConnectionStatus; |
282 |
|
283 TBool m_completed_with_zero; |
290 TBool m_completed_with_zero; |
284 TBool m_verificationStatus; |
291 TBool m_verificationStatus; |
285 |
292 |
286 HBufC8* m_pacStorePWBuf8; |
293 HBufC8* m_pacStorePWBuf8; |
287 EEapFastNotifierUserAction m_userAction; |
294 EEapFastNotifierUserAction m_userAction; |
288 eap_pac_store_data_type_e m_pacStoreDataRefType; |
295 eap_pac_store_data_type_e m_pacStoreDataRefType; |
289 eap_fast_pac_store_data_c m_data_reference; |
296 eap_fast_pac_store_data_c m_data_reference; |
|
297 TBool m_notifier_complete; |
290 eap_variable_data_c m_userResponse; |
298 eap_variable_data_c m_userResponse; |
291 eap_fast_pac_store_pending_operation_e m_pending_operation; |
299 eap_fast_pac_store_pending_operation_e m_pending_operation; |
292 TInt m_both_completed; |
300 TInt m_both_completed; |
293 TInt m_both_asked; |
301 TInt m_both_asked; |
294 TUint m_ready_references_array_index; |
302 TUint m_ready_references_array_index; |
329 |
336 |
330 /** |
337 /** |
331 * Provides asynch services used by the caller such as |
338 * Provides asynch services used by the caller such as |
332 * query for TTLS-PAP user name and password. |
339 * query for TTLS-PAP user name and password. |
333 */ |
340 */ |
334 |
341 CEapTtlsPapActive* iEapTtlsPapActive; |
335 // eap_am_type_tls_peap_symbian_c* iCaller; |
|
336 |
|
337 eap_variable_data_c* iPacStoreDeviceSeed; |
|
338 |
|
339 #ifdef USE_PAC_STORE |
|
340 #endif |
|
341 |
|
342 CEapAuthNotifier* iEapAuthNotifier; |
|
343 |
|
344 |
342 |
345 |
343 |
346 //-------------------------------------------------- |
344 //-------------------------------------------------- |
347 private: // methods |
345 private: // methods |
348 //-------------------------------------------------- |
346 //-------------------------------------------------- |
418 TDesC& manual_username, |
416 TDesC& manual_username, |
419 const TBool use_manual_realm, |
417 const TBool use_manual_realm, |
420 TDesC& manual_realm); |
418 TDesC& manual_realm); |
421 |
419 |
422 void send_error_notification(const eap_status_e error); |
420 void send_error_notification(const eap_status_e error); |
|
421 |
|
422 eap_status_e show_certificate_selection_dialog(); |
|
423 |
|
424 eap_status_e show_manual_identity_dialog(); |
423 |
425 |
424 void ResetSessionIdL(); |
426 void ResetSessionIdL(); |
425 |
427 |
426 /** |
428 /** |
427 * Returns true if the full authenticated session is valid. |
429 * Returns true if the full authenticated session is valid. |
456 |
458 |
457 void WritePACStoreDataL( |
459 void WritePACStoreDataL( |
458 const eap_fast_pac_store_pending_operation_e in_pending_operation, |
460 const eap_fast_pac_store_pending_operation_e in_pending_operation, |
459 EAP_TEMPLATE_CONST eap_array_c<eap_fast_pac_store_data_c> * const in_references_and_data_blocks); |
461 EAP_TEMPLATE_CONST eap_array_c<eap_fast_pac_store_data_c> * const in_references_and_data_blocks); |
460 |
462 |
461 |
463 eap_status_e ShowNotifierItemAndGetResponse( |
|
464 EEapFastNotifierUiItem aNotifierUiItem, TBool aSetActive ); |
462 |
465 |
463 eap_status_e RemoveIAPReference(); |
466 eap_status_e RemoveIAPReference(); |
464 |
467 |
465 eap_status_e ImportFilesL(); |
468 eap_status_e ImportFilesL(); |
466 |
469 |
468 |
471 |
469 eap_status_e CompletePasswordQueryL(); |
472 eap_status_e CompletePasswordQueryL(); |
470 |
473 |
471 eap_status_e CompleteFilePasswordQueryL(); |
474 eap_status_e CompleteFilePasswordQueryL(); |
472 |
475 |
|
476 eap_status_e CompleteNotifierL(); |
|
477 |
473 eap_status_e CompleteFilePasswordQuery(); |
478 eap_status_e CompleteFilePasswordQuery(); |
474 |
479 |
475 eap_status_e FinalCompleteReadPACStoreDataL(eap_status_e status); |
480 eap_status_e FinalCompleteReadPACStoreDataL(eap_status_e status); |
476 |
481 |
477 void ConvertUnicodeToAsciiL(const TDesC16& aFromUnicode, TDes8& aToAscii); |
482 void ConvertUnicodeToAsciiL(const TDesC16& aFromUnicode, TDes8& aToAscii); |
555 */ |
560 */ |
556 TBool CheckTtlsPapSessionValidity( |
561 TBool CheckTtlsPapSessionValidity( |
557 const TInt64& aInMaxSessionTime, |
562 const TInt64& aInMaxSessionTime, |
558 const TInt64& aInLastFullAuthTime ); |
563 const TInt64& aInLastFullAuthTime ); |
559 |
564 |
560 #ifdef USE_FAST_EAP_TYPE |
565 |
561 TInt CreateMMETelConnectionL(); |
|
562 |
|
563 void DisconnectMMETel(); |
|
564 |
|
565 eap_status_e CreateDeviceSeedAsync(); |
|
566 |
|
567 void CompleteCreateDeviceSeedL( TInt aStatus ); |
|
568 #endif |
|
569 |
|
570 eap_status_e select_cipher_suite( |
|
571 const bool select_all_cipher_suites, |
|
572 const tls_cipher_suites_e test_cipher_suite, |
|
573 const TAlgorithmId testcertAlgorithm, |
|
574 const TAlgorithmId certAlgorithm, |
|
575 eap_array_c<u16_t> * cipher_suites); |
|
576 |
|
577 //-------------------------------------------------- |
566 //-------------------------------------------------- |
578 protected: // methods |
567 protected: // methods |
579 //-------------------------------------------------- |
568 //-------------------------------------------------- |
580 |
569 |
581 |
570 |
611 const bool aIsClient, |
600 const bool aIsClient, |
612 const eap_am_network_id_c * const receive_network_id); |
601 const eap_am_network_id_c * const receive_network_id); |
613 |
602 |
614 EAP_FUNC_IMPORT virtual ~eap_am_type_tls_peap_symbian_c(); |
603 EAP_FUNC_IMPORT virtual ~eap_am_type_tls_peap_symbian_c(); |
615 |
604 |
616 EAP_FUNC_IMPORT eap_status_e shutdown(); |
605 EAP_FUNC_EXPORT eap_status_e shutdown(); |
617 |
606 |
618 EAP_FUNC_IMPORT void set_is_valid(); |
607 EAP_FUNC_IMPORT void set_is_valid(); |
619 |
608 |
620 EAP_FUNC_IMPORT bool get_is_valid(); |
609 EAP_FUNC_IMPORT bool get_is_valid(); |
621 |
610 |
825 const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus); |
814 const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus); |
826 |
815 |
827 eap_status_e complete_read_ca_certificate( |
816 eap_status_e complete_read_ca_certificate( |
828 const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus); |
817 const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus); |
829 |
818 |
830 void complete_validate_chain(const CPKIXValidationResult * const aValidationResult, const eap_status_e aStatus); |
819 void complete_validate_chain(CPKIXValidationResult& aValidationResult, eap_status_e aStatus); |
831 |
820 |
832 void complete_get_matching_certificates(RPointerArray<EapCertificateEntry>& aMatchingCerts, eap_status_e aStatus); |
821 void complete_get_matching_certificates(CArrayFixFlat<SCertEntry>& aMatchingCerts, eap_status_e aStatus); |
833 |
822 |
834 void complete_sign(const RInteger& aR, const RInteger& aS, eap_status_e aStatus); |
823 void complete_sign(const RInteger& aR, const RInteger& aS, eap_status_e aStatus); |
835 |
824 |
836 void complete_decrypt(TDes8& aData, eap_status_e aStatus); |
825 void complete_decrypt(TDes8& aData, eap_status_e aStatus); |
837 |
826 |
1025 |
1014 |
1026 #if defined(USE_FAST_EAP_TYPE) |
1015 #if defined(USE_FAST_EAP_TYPE) |
1027 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
1016 #if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS) |
1028 eap_status_e ReadFileConfig(); |
1017 eap_status_e ReadFileConfig(); |
1029 #endif |
1018 #endif |
1030 |
1019 #endif |
1031 #endif |
|
1032 |
|
1033 EAP_FUNC_IMPORT void DlgComplete( TInt aStatus ); |
|
1034 |
|
1035 |
|
1036 }; // class eap_am_type_tls_peap_symbian_c |
1020 }; // class eap_am_type_tls_peap_symbian_c |
1037 |
1021 |
1038 |
1022 |
1039 #endif //#if !defined(_EAP_AM_TYPE_TLS_PEAP_SYMBIAN_H_) |
1023 #endif //#if !defined(_EAP_AM_TYPE_TLS_PEAP_SYMBIAN_H_) |
1040 |
1024 |