1 /*

     2 * Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description:  EAP and WLAN authentication protocols.

    15 *

    16 */

    17 

    18 

    19 #ifndef _EAPTLSPEAPCERTINTERFACE_H_

    20 #define _EAPTLSPEAPCERTINTERFACE_H_

    21 

    22 // INCLUDES

    23 #include <e32base.h>

    24 #include "eap_tools.h"

    25 #include "eap_am_type_tls_peap_symbian.h"

    26 #include <unifiedcertstore.h>

    27 #include <mctwritablecertstore.h>

    28 #include <unifiedkeystore.h>

    29 #include <pkixcertchain.h>

    30 #include <x509cert.h>

    31 #include "EapTlsPeapUtils.h"

    32 

    33 const TInt KMaxHashLength = 128;

    34 // FORWARD DECLARATIONS

    35 

    36 

    37 // CLASS DECLARATION

    38 class CEapTlsPeapCertInterface 

    39 : public CActive

    40 {

    41 public:

    42 	

    43 	static CEapTlsPeapCertInterface* NewL(abs_eap_am_tools_c* const aTools, 

    44 		eap_am_type_tls_peap_symbian_c* const aParent);	

    45 

    46 	virtual ~CEapTlsPeapCertInterface();	

    47 	

    48 	void ReadCertificateL(SCertEntry& aCertInfo, const TBool aRetrieveChain);

    49 	

    50 	void ReadCACertificateL(SCertEntry& aCertInfo);

    51 	

    52 	void ReadPrivateKeyL(TKeyIdentifier& aHash);

    53 	

    54 	void ValidateChainL(TDesC8& aCertChain, RArray<SCertEntry>& aCACerts);

    55 

    56 	

    57 	void GetMatchingCertificatesL(

    58 		const RArray<SCertEntry>& aAllowedUserCerts,

    59 		const TBool aUseCertAuthoritiesFilter,

    60 		EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const aCertAuthorities,

    61 		const TBool aUseCertTypesFilter,

    62 		EAP_TEMPLATE_CONST eap_array_c<u8_t> * const aCertTypes,

    63 		const TBool aUseAllowedCipherSuitesFilter,

    64 		const RArray<TUint>& aAllowedCipherSuites);		

    65 

    66 	void SignL(

    67 		TKeyIdentifier& aKeyId,

    68 		const TDesC8& aHashIn,

    69 		const TUint aSignatureLength);

    70 

    71 	void DecryptL(

    72 		TKeyIdentifier& aKeyId,

    73 		const TDesC8& aData);

    74 		

    75 	void CancelSignWithPrivateKey();		

    76 

    77 protected:

    78 	

    79 	CEapTlsPeapCertInterface(abs_eap_am_tools_c* const aTools, eap_am_type_tls_peap_symbian_c* const aParent);

    80 	

    81 	void ConstructL();

    82 	

    83 	void RunL();

    84 	

    85 	void DoCancel();

    86 

    87 private:

    88 

    89 	enum TState

    90 	{

    91 		EReadCertInitStore,

    92 		EReadCertList,

    93 		EReadCert,		

    94 		EValidateChainInitStore,

    95 		EValidateChainGetCACertList,

    96 		EValidateChainGetCACert,		

    97 		EValidateChainEnd,

    98 		EGetMatchingCertsInitStore,

    99 		EGetMatchingCertsInitialize,

   100 		EGetMatchingCertsLoop,

   101 		ESignInitStore,

   102 		ESignList,

   103 		ESignOpenKeyStore,

   104 		ESign,

   105 		EDecryptInitStore,

   106 		EDecryptList,

   107 		EDecryptOpenKeyStore,

   108 		EDecrypt,		

   109 		EGetAllCerts,

   110 		ECreateCertChain,

   111 		ERetrieveChainInitStore,		

   112 		ESetPassphraseTimeout,

   113 		EReadCACertInitStore,

   114 		EReadCACertList,

   115 		EReadCACert

   116 	};

   117 	

   118 	TState iState;

   119 	

   120 	eap_am_type_tls_peap_symbian_c * const iParent;

   121 	

   122 	abs_eap_am_tools_c * const m_am_tools;	

   123 	

   124 	CUnifiedCertStore* iCertStore;	

   125 	

   126 	MRSASigner* iRSASigner;

   127 	

   128 	MDSASigner* iDSASigner;

   129 	

   130 	MCTDecryptor* iDecryptor;

   131 	

   132 	RFs iFs;

   133 	

   134 	RArray<SCertEntry> iAllowedUserCerts;

   135 

   136 	TBool iUseCertAuthoritiesFilter;

   137 	

   138 	TBool iUseCertTypesFilter;

   139 	

   140 	TBool iUseAllowedCipherSuitesFilter;

   141 

   142 	TBool iRSACertsAllowed;

   143 

   144 	TBool iDSACertsAllowed;

   145 	

   146 	RPointerArray<CX500DistinguishedName> iCertAuthorities;

   147 	

   148 	const eap_array_c<u8_t>* iCertTypes;

   149 

   150 	RMPointerArray<CCTCertInfo> iCertInfos;

   151 	

   152 	RMPointerArray<CCTKeyInfo> iKeyInfos;

   153 	

   154 	HBufC8* iEncodedCertificate;

   155 	TPtr8 iCertPtr;

   156 

   157 	CCertAttributeFilter* iCertFilter;

   158 	

   159 	TCTKeyAttributeFilter* iKeyFilter;

   160 	

   161 	CPKIXCertChain* iCertChain;

   162 	

   163 	CPKIXValidationResult* iValidationResult;

   164 	

   165 	TTime iTime;

   166 	

   167 	RPointerArray<CX509Certificate> iRootCerts;

   168 

   169 	RPointerArray<CX509Certificate> iMatchingUserCerts;

   170 

   171 	RPointerArray<CX509Certificate> iUserCertChain;

   172 	

   173 	CArrayFixFlat<SCertEntry> iMatchingUserCertInfos;

   174 

   175 	TUint iCAIndex;

   176 

   177 	TUint iUserCertIndex;

   178 	

   179 	RArray<SCertEntry> iAllowedCACerts;

   180 	

   181 	HBufC8* iInputCertChain;

   182 

   183 	SCertEntry iCertInfo;

   184 

   185 	TAny *iResArray;	

   186 

   187 	// SignL

   188 	TKeyIdentifier iKeyIdentifier;

   189 

   190 	TBuf8<KMaxHashLength> iHashIn;

   191 

   192 	HBufC8* iDataIn;

   193 	

   194 	HBufC8* iDataOut;

   195 

   196 	HBufC8* iSignature;

   197 	

   198 	CRSASignature* iRSASignature;

   199 	

   200 	CDSASignature* iDSASignature;

   201 	

   202 	TPtr8* iSignaturePtr;

   203 

   204 	TPtr8* iPtrOut;

   205 

   206 	CUnifiedKeyStore* iKeyStore;

   207 

   208 	TBool iRetrieveChain;

   209 }; 

   210 

   211 #endif // _EAPTLSPEAPCERTINTERFACE_H_

   212 

   213 // End of file