--- a/accesssec_plat/eap_type_api/inc/EapSettings.h Thu Aug 19 09:58:27 2010 +0300
+++ b/accesssec_plat/eap_type_api/inc/EapSettings.h Tue Aug 31 15:16:37 2010 +0300
@@ -16,7 +16,7 @@
*/
/*
-* %version: 11.1.2.1.3 %
+* %version: 11.1.29 %
*/
// Refer the document S60_3_1_EAP_Symbian_Adaptation_Design_C.doc for more
@@ -25,21 +25,170 @@
#ifndef EAP_SETTINGS_H
#define EAP_SETTINGS_H
+#include <unifiedcertstore.h>
+#include <cctcertinfo.h>
+#include "EapExpandedType.h"
+
const TUint KGeneralStringMaxLength = 255;
const TUint KKeyIdentifierLength = 255;
const TUint KThumbprintMaxLength = 64;
+/* This is the maximum length of a certificate primary/secondary name we are interested in. */
+const TUint32 KMaxCertNameLength = 64;
-class CertificateEntry
+
+//-------------------------------------------------------------------------------
+
+class EapCertificateEntry
+: public CBase
{
+
public:
- CertificateEntry();
-
- enum TCertType {
+ enum TCertType
+ {
+ ENone,
EUser,
ECA
};
+ IMPORT_C EapCertificateEntry();
+
+ IMPORT_C virtual ~EapCertificateEntry();
+
+ IMPORT_C void trace() const;
+
+ IMPORT_C EapCertificateEntry * Copy();
+
+ // This operator is indentionally without implementation.
+ EapCertificateEntry * const operator = (const EapCertificateEntry * const right_type_value); // Do not use this.
+
+ IMPORT_C EapCertificateEntry &operator = (const EapCertificateEntry &right_type_value);
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C TBool GetSubjectNamePresent() const;
+
+ IMPORT_C TBool GetIssuerNamePresent() const;
+
+ IMPORT_C TBool GetSerialNumberPresent() const;
+
+ IMPORT_C TBool GetThumbprintPresent() const;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C TBool GetLabelPresent() const;
+
+ IMPORT_C TBool GetPrimaryNamePresent() const;
+
+ IMPORT_C TBool GetSecondaryNamePresent() const;
+
+ IMPORT_C TBool GetIsEnabledPresent() const;
+
+ IMPORT_C TBool GetSubjectKeyIdPresent() const;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C void SetSubjectNamePresent();
+
+ IMPORT_C void SetIssuerNamePresent();
+
+ IMPORT_C void SetSerialNumberPresent();
+
+ IMPORT_C void SetThumbprintPresent();
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C void SetLabelPresent();
+
+ IMPORT_C void SetPrimaryNamePresent();
+
+ IMPORT_C void SetSecondaryNamePresent();
+
+ IMPORT_C void SetIsEnabledPresent();
+
+ IMPORT_C void SetSubjectKeyIdPresent();
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C TCertType GetCertType() const;
+
+ IMPORT_C const TDes * GetSubjectName() const;
+
+ IMPORT_C const TDes * GetIssuerName() const;
+
+ IMPORT_C const TDes * GetSerialNumber() const;
+
+ IMPORT_C const TDes * GetThumbprint() const;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C TDes * GetSubjectNameWritable();
+
+ IMPORT_C TDes * GetIssuerNameWritable();
+
+ IMPORT_C TDes * GetSerialNumberWritable();
+
+ IMPORT_C TDes * GetThumbprintWritable();
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C const TDes * GetLabel() const;
+
+ IMPORT_C const TKeyIdentifier & GetSubjectKeyId() const;
+
+ IMPORT_C const TDes * GetPrimaryName() const;
+
+ IMPORT_C const TDes * GetSecondaryName() const;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C TDes * GetLabelWritable();
+
+ IMPORT_C TKeyIdentifier * GetSubjectKeyIdWritable();
+
+ IMPORT_C TDes * GetPrimaryNameWritable();
+
+ IMPORT_C TDes * GetSecondaryNameWritable();
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C TInt SetCertType(const TCertType & aType);
+
+ IMPORT_C TInt SetSubjectName(const TBuf<KGeneralStringMaxLength> & aSubjectName);
+
+ IMPORT_C TInt SetIssuerName(const TBuf<KGeneralStringMaxLength> & aIssuerName);
+
+ IMPORT_C TInt SetSerialNumber(const TBuf<KGeneralStringMaxLength> & aSerialNumber);
+
+ IMPORT_C TInt SetThumbprint(const TBuf<KThumbprintMaxLength> & aThumbprint);
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C TInt SetLabel(const TCertLabel & aLabel);
+
+ IMPORT_C TInt SetSubjectKeyId(const TKeyIdentifier & aSubjectKeyId);
+
+ IMPORT_C TInt SetPrimaryName(const TBuf<KMaxCertNameLength> & aPrimaryName);
+
+ IMPORT_C TInt SetSecondaryName(const TBuf<KMaxCertNameLength> & aSecondaryName);
+
+ IMPORT_C TInt SetIsEnabled(const TBool aIsEnabled);
+
+ IMPORT_C TInt SetIsValid(const TBool aIsValid);
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ IMPORT_C TBool GetIsEnabled() const;
+
+ IMPORT_C TBool GetIsValid() const;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+private:
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ // These members are used by authentication protocols.
+
// Specifies whether this entry describes user or CA certificate (mandatory)
TCertType iCertType;
@@ -57,70 +206,108 @@
TBool iSerialNumberPresent;
TBuf<KGeneralStringMaxLength> iSerialNumber;
- // Subject key in binary form. This is mandatory.
- TBool iSubjectKeyIDPresent;
- TBuf8<KKeyIdentifierLength> iSubjectKeyID;
-
// Thumbprint in binary form. This is optional.
TBool iThumbprintPresent;
TBuf<KThumbprintMaxLength> iThumbprint;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ // These members are used by UI.
+
+ // This holds only the certificate label. This is the text UI will show.
+ TBool iLabelPresent;
+ TCertLabel iLabel;
+
+ // Primary name of the certificate if any.
+ TBool iPrimaryNamePresent;
+ TBuf<KMaxCertNameLength> iPrimaryName;
+
+ // Secondary name of the certificate if any.
+ TBool iSecondaryNamePresent;
+ TBuf<KMaxCertNameLength> iSecondaryName;
+
+ // UI uses this to indicate enabled certificate.
+ TBool iIsEnabledPresent;
+ TBool iIsEnabled;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+ // These members are used by both authentication protocols and UI.
+
+ // Subject key in binary form. This is mandatory field to find correct certificate from CUnifiedCertStore. UI uses this too.
+ TBool iSubjectKeyIdPresent;
+ //TBuf8<KKeyIdentifierLength> iSubjectKeyId;
+ TKeyIdentifier iSubjectKeyId; // This is mandatory field to find correct certificate from CUnifiedCertStore.
+
+ // Indicates this object is correctly initialized.
+ TBool iIsValid;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
};
+//-------------------------------------------------------------------------------
+
class EAPSettings : public CBase
{
public:
- EAPSettings();
-
- enum TEapType
- {
- EEapNone = 0,
- EEapGtc = 6,
- EEapTls = 13,
- EEapLeap = 17,
- EEapSim = 18,
- EEapTtls = 21,
- EEapAka = 23,
- EEapPeap = 25,
- EEapMschapv2 = 26,
- EEapSecurid = 32,
- EEapFast = 43,
- ETtlsPlainPap = 98,
- EPlainMschapv2 = 99
- };
+ IMPORT_C EAPSettings();
+
+ IMPORT_C virtual ~EAPSettings();
+
+ IMPORT_C void trace() const;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
// Specifies the EAP type these settings are for.
// Is not really needed but is here so just some sanity checks can be made
- TEapType iEAPType;
+ TEapExpandedType iEAPExpandedType; // Use this in new code.
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ // Use automatic CA certificate.
+ TBool iUseAutomaticCACertificatePresent;
+ TBool iUseAutomaticCACertificate;
+
+ // Use automatic username.
+ TBool iUseAutomaticUsernamePresent;
+ TBool iUseAutomaticUsername;
+
+ // Use automatic realm.
+ TBool iUseAutomaticRealmPresent;
+ TBool iUseAutomaticRealm;
+
// Username in ASCII format
TBool iUsernamePresent;
TBuf<KGeneralStringMaxLength> iUsername;
-
+
+ /// Get: Whether password is stored in database.
+ /// Set: Whether password must be cleared from database.
+ TBool iPasswordExistPresent;
+ TBool iPasswordExist;
+
// Password in ASCII format
TBool iPasswordPresent;
TBuf<KGeneralStringMaxLength> iPassword;
-
+
// Realm in ASCII format
TBool iRealmPresent;
TBuf<KGeneralStringMaxLength> iRealm;
-
+
// Use pseudonym identities in EAP-SIM/AKA
TBool iUsePseudonymsPresent;
TBool iUsePseudonyms;
-
+
// Whether EAP-TLS/TTLS/PEAP should verify server realm
TBool iVerifyServerRealmPresent;
TBool iVerifyServerRealm;
-
+
// Whether EAP-TLS/TTLS/PEAP should require client authentication
TBool iRequireClientAuthenticationPresent;
TBool iRequireClientAuthentication;
-
+
// General session validity time (in minutes)
TBool iSessionValidityTimePresent;
TUint iSessionValidityTime;
-
+
// An array of allowed cipher suites for EAP-TLS/TTLS/PEAP.
// Refer to RFC2246 chapter A.5 for the values.
TBool iCipherSuitesPresent;
@@ -136,13 +323,24 @@
// Subject key ID and Certificate type are the only mandatory certificate
// details needed at the moment.
TBool iCertificatesPresent;
- CArrayFixFlat<CertificateEntry> iCertificates;
+ RPointerArray<EapCertificateEntry> iCertificates;
+
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ // Use this in new code.
+ // Array listing the enabled encapsulated Expanded EAP types (in priority order).
+ // Use constant Expanded EAP type values from EapExpandedType.h.
+ TBool iEnabledEncapsulatedEAPExpandedTypesPresent;
+ RArray<TEapExpandedType> iEnabledEncapsulatedEAPExpandedTypes;
- // Array listing the encapsulated EAP types (in priority order).
- // Use EAP type values from TEapType.
- TBool iEncapsulatedEAPTypesPresent;
- RArray<TUint> iEncapsulatedEAPTypes;
+ // Use this in new code.
+ // Array listing the disabled encapsulated Expanded EAP types.
+ // Use constant Expanded EAP type values from EapExpandedType.h.
+ TBool iDisabledEncapsulatedEAPExpandedTypesPresent;
+ RArray<TEapExpandedType> iDisabledEncapsulatedEAPExpandedTypes;
+ // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
// Whether Authenticated provisioning mode allowed or not in EAP-FAST.
TBool iAuthProvModeAllowedPresent;
TBool iAuthProvModeAllowed;
@@ -169,10 +367,34 @@
// the client with a PAC before but is not currently selected as the default server.
// EAP-FAST specific.
TBool iWarnNotDefaultServerPresent;
- TBool iWarnNotDefaultServer;
+ TBool iWarnNotDefaultServer;
+
+ TBool iShowPassWordPromptPresent;
+ TBool iShowPassWordPrompt;
+
+ // This is used in TLS/PEAP/TTLS/FAST. It activates TLS-renegotiation, that will send user certificate with in TLS-protected application data.
+ TBool iUseIdentityPrivacyPresent;
+ TBool iUseIdentityPrivacy;
+
};
-#include "EapSettings.inl"
+//#include "EapSettings.inl"
+
+//-------------------------------------------------------------------------------
+
+#if defined(USE_EAP_TRACE)
+
+ #define EAP_TRACE_SETTINGS(settings) { (settings)->trace(); }
+
+#else
+
+ #define EAP_TRACE_SETTINGS(settings)
+
+#endif //#if defined(USE_EAP_TRACE)
+
+
+//-------------------------------------------------------------------------------
#endif
+
// End of file