|
1 /* |
|
2 * Copyright (c) 2000 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Implementation of policymanagement components |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include "RequestContext.h" |
|
20 #include "ManagementContext.h" |
|
21 #include "SettingEnforcementInfo.h" |
|
22 #include "EnforcementConstants.h" |
|
23 |
|
24 #include <PolicyEngineXACML.h> |
|
25 #include <centralrepository.h> |
|
26 #include <delimitedpath8.h> |
|
27 #include <DMCert.h> |
|
28 #include <PolicyEngineClient.h> |
|
29 _LIT( KSecureIdString, "SECUREID"); |
|
30 |
|
31 |
|
32 // ---------------------------------------------------------------------------------------- |
|
33 // TManagementResponse |
|
34 // ---------------------------------------------------------------------------------------- |
|
35 |
|
36 |
|
37 EXPORT_C TParserResponse::TParserResponse() |
|
38 { |
|
39 } |
|
40 |
|
41 |
|
42 EXPORT_C TParserResponse::TParserResponse( TDes8& aReturnMessage) |
|
43 { |
|
44 iReturnMessage = aReturnMessage; |
|
45 } |
|
46 |
|
47 EXPORT_C void TParserResponse::Zero() |
|
48 { |
|
49 |
|
50 } |
|
51 |
|
52 EXPORT_C const TDesC8& TParserResponse::GetReturnMessage() |
|
53 { |
|
54 return iReturnMessage; |
|
55 } |
|
56 |
|
57 |
|
58 // ---------------------------------------------------------------------------------------- |
|
59 // TRequestContext |
|
60 // ---------------------------------------------------------------------------------------- |
|
61 |
|
62 EXPORT_C TRequestContext::TRequestContext() |
|
63 : iRequestDescription(NULL) |
|
64 { |
|
65 } |
|
66 |
|
67 EXPORT_C TRequestContext::~TRequestContext() |
|
68 { |
|
69 delete iRequestDescription; |
|
70 } |
|
71 |
|
72 EXPORT_C void TRequestContext::AddSubjectAttributeL( const TDesC8& aAttributeId, const TUid& aSecureId) |
|
73 { |
|
74 TBuf8<20> secureIdString; |
|
75 |
|
76 //create UID string |
|
77 secureIdString.Append( KSecureIdString); |
|
78 secureIdString.Append( aSecureId.Name()); |
|
79 secureIdString.UpperCase(); |
|
80 |
|
81 //and UID string to request..... |
|
82 AddSubjectAttributeL( aAttributeId, secureIdString, PolicyEngineXACML::KStringDataType); |
|
83 } |
|
84 |
|
85 |
|
86 |
|
87 EXPORT_C void TRequestContext::AddSubjectAttributeL( const TDesC8& aAttributeId, const TCertInfo& aCertInfo) |
|
88 { |
|
89 TInt certLength = aCertInfo.iIssuerDNInfo.iCountry.Length(); |
|
90 certLength += aCertInfo.iIssuerDNInfo.iOrganizationUnit.Length(); |
|
91 certLength += aCertInfo.iIssuerDNInfo.iOrganization.Length(); |
|
92 certLength += aCertInfo.iIssuerDNInfo.iCommonName.Length(); |
|
93 certLength += aCertInfo.iSerialNo.Length() * 2; |
|
94 certLength += aCertInfo.iFingerprint.Length() * 2; |
|
95 |
|
96 HBufC8 *casn = HBufC8::NewLC( certLength + 5); |
|
97 TPtr8 ptr = casn->Des(); |
|
98 const TChar KCASNDelimeter = '-'; |
|
99 |
|
100 |
|
101 if ( aCertInfo.iIssuerDNInfo.iCommonName.Length()) |
|
102 { |
|
103 ptr.Append( aCertInfo.iIssuerDNInfo.iCommonName); |
|
104 ptr.Append( KCASNDelimeter); |
|
105 } |
|
106 |
|
107 if ( aCertInfo.iIssuerDNInfo.iOrganization.Length()) |
|
108 { |
|
109 ptr.Append( aCertInfo.iIssuerDNInfo.iOrganization); |
|
110 ptr.Append( KCASNDelimeter); |
|
111 } |
|
112 |
|
113 if ( aCertInfo.iIssuerDNInfo.iOrganizationUnit.Length()) |
|
114 { |
|
115 ptr.Append( aCertInfo.iIssuerDNInfo.iOrganizationUnit); |
|
116 ptr.Append( KCASNDelimeter); |
|
117 } |
|
118 |
|
119 if ( aCertInfo.iIssuerDNInfo.iCountry.Length()) |
|
120 { |
|
121 ptr.Append( aCertInfo.iIssuerDNInfo.iCountry); |
|
122 ptr.Append( KCASNDelimeter); |
|
123 } |
|
124 |
|
125 if ( aCertInfo.iSerialNo.Length()) |
|
126 { |
|
127 //convert fingerprint to plain text |
|
128 for ( TInt i(0); i < aCertInfo.iSerialNo.Length(); i++) |
|
129 { |
|
130 ptr.AppendNumFixedWidth( aCertInfo.iSerialNo[i], EHex, 2); |
|
131 } |
|
132 ptr.Append( KCASNDelimeter); |
|
133 } |
|
134 |
|
135 if ( aCertInfo.iFingerprint.Length()) |
|
136 { |
|
137 //convert fingerprint to plain text |
|
138 for ( TInt i(0); i < aCertInfo.iFingerprint.Length(); i++) |
|
139 { |
|
140 ptr.AppendNumFixedWidth( aCertInfo.iFingerprint[i], EHex, 2); |
|
141 } |
|
142 } |
|
143 |
|
144 AddSubjectAttributeL( aAttributeId, *casn, PolicyEngineXACML::KStringDataType); |
|
145 |
|
146 CleanupStack::PopAndDestroy( casn); |
|
147 } |
|
148 |
|
149 |
|
150 EXPORT_C void TRequestContext::AddSubjectAttributeL( const TDesC8& aAttributeId, const TDesC8& aAttributeValue, const TDesC8& aDataType) |
|
151 { |
|
152 TInt size = aAttributeId.Length() + aAttributeValue.Length() + aDataType.Length(); |
|
153 |
|
154 ReAllocL( size + 5); |
|
155 |
|
156 TPtr8 ptr = iRequestDescription->Des(); |
|
157 |
|
158 ptr.Append( KMessageDelimiterChar ); |
|
159 ptr.Append( 'S' ); |
|
160 ptr.Append( KMessageDelimiterChar ); |
|
161 ptr.Append( aAttributeId); |
|
162 ptr.Append( KMessageDelimiterChar ); |
|
163 ptr.Append( aAttributeValue); |
|
164 ptr.Append( KMessageDelimiterChar ); |
|
165 ptr.Append( aDataType); |
|
166 } |
|
167 |
|
168 EXPORT_C void TRequestContext::AddActionAttributeL( const TDesC8& aAttributeId, const TDesC8& aAttributeValue, const TDesC8& aDataType) |
|
169 { |
|
170 TInt size = aAttributeId.Length() + aAttributeValue.Length() + aDataType.Length(); |
|
171 |
|
172 ReAllocL( size + 5); |
|
173 |
|
174 TPtr8 ptr = iRequestDescription->Des(); |
|
175 |
|
176 ptr.Append( KMessageDelimiterChar ); |
|
177 ptr.Append( 'A' ); |
|
178 ptr.Append( KMessageDelimiterChar ); |
|
179 ptr.Append( aAttributeId); |
|
180 ptr.Append( KMessageDelimiterChar ); |
|
181 ptr.Append( aAttributeValue); |
|
182 ptr.Append( KMessageDelimiterChar ); |
|
183 ptr.Append( aDataType); |
|
184 } |
|
185 |
|
186 EXPORT_C void TRequestContext::AddResourceAttributeL( const TDesC8& aAttributeId, const TDesC8& aAttributeValue, const TDesC8& aDataType) |
|
187 { |
|
188 TInt size = aAttributeId.Length() + aAttributeValue.Length() + aDataType.Length(); |
|
189 |
|
190 ReAllocL( size + 5); |
|
191 |
|
192 TPtr8 ptr = iRequestDescription->Des(); |
|
193 |
|
194 ptr.Append( KMessageDelimiterChar ); |
|
195 ptr.Append( 'R' ); |
|
196 ptr.Append( KMessageDelimiterChar ); |
|
197 ptr.Append( aAttributeId); |
|
198 ptr.Append( KMessageDelimiterChar ); |
|
199 ptr.Append( aAttributeValue); |
|
200 ptr.Append( KMessageDelimiterChar ); |
|
201 ptr.Append( aDataType); |
|
202 } |
|
203 |
|
204 EXPORT_C void TRequestContext::AddEnvironmentAttributeL( const TDesC8& aAttributeId, const TDesC8& aAttributeValue, const TDesC8& aDataType) |
|
205 { |
|
206 TInt size = aAttributeId.Length() + aAttributeValue.Length() + aDataType.Length(); |
|
207 |
|
208 ReAllocL( size + 5); |
|
209 |
|
210 TPtr8 ptr = iRequestDescription->Des(); |
|
211 |
|
212 ptr.Append( KMessageDelimiterChar ); |
|
213 ptr.Append( 'E' ); |
|
214 ptr.Append( KMessageDelimiterChar ); |
|
215 ptr.Append( aAttributeId); |
|
216 ptr.Append( KMessageDelimiterChar ); |
|
217 ptr.Append( aAttributeValue); |
|
218 ptr.Append( KMessageDelimiterChar ); |
|
219 ptr.Append( aDataType); |
|
220 } |
|
221 |
|
222 void TRequestContext::ReAllocL( TInt aAdditionalLength) |
|
223 { |
|
224 if ( !iRequestDescription ) |
|
225 { |
|
226 iRequestDescription = HBufC8::NewL( aAdditionalLength); |
|
227 } |
|
228 else |
|
229 { |
|
230 iRequestDescription = iRequestDescription->ReAllocL( iRequestDescription->Length() + aAdditionalLength); |
|
231 } |
|
232 } |
|
233 |
|
234 const TDesC8 & TRequestContext::RequestDescription() |
|
235 { |
|
236 return *iRequestDescription; |
|
237 } |
|
238 |
|
239 |
|
240 // ---------------------------------------------------------------------------------------- |
|
241 // TResponse |
|
242 // ---------------------------------------------------------------------------------------- |
|
243 |
|
244 |
|
245 EXPORT_C void TResponse::SetResponseValue(TResponseValue aValue) |
|
246 { |
|
247 iValue = aValue; |
|
248 } |
|
249 |
|
250 EXPORT_C TResponseValue TResponse::GetResponseValue() |
|
251 { |
|
252 return iValue; |
|
253 } |
|
254 |
|
255 // ---------------------------------------------------------------------------------------- |
|
256 // TElementInfo |
|
257 // ---------------------------------------------------------------------------------------- |
|
258 |
|
259 |
|
260 EXPORT_C TElementInfo::TElementInfo( const TDesC8& aElementId ) |
|
261 : iElementId ( aElementId), iDescription(0), iXACMLContent(0) |
|
262 { |
|
263 } |
|
264 |
|
265 EXPORT_C TElementInfo::~TElementInfo() |
|
266 { |
|
267 iChildElements.Close(); |
|
268 delete iDescription; |
|
269 delete iXACMLContent; |
|
270 } |
|
271 |
|
272 EXPORT_C const TDesC8& TElementInfo::GetElementId() const |
|
273 { |
|
274 return iElementId; |
|
275 } |
|
276 |
|
277 |
|
278 EXPORT_C const TDesC8& TElementInfo::GetDescription() const |
|
279 { |
|
280 if ( iDescription ) |
|
281 { |
|
282 return *iDescription; |
|
283 } |
|
284 |
|
285 return KNullDesC8; |
|
286 } |
|
287 |
|
288 |
|
289 EXPORT_C const RElementIdArray& TElementInfo::GetChildElementArray() const |
|
290 { |
|
291 return iChildElements; |
|
292 } |
|
293 |
|
294 |
|
295 |
|
296 EXPORT_C const TDesC8& TElementInfo::GetXACML() const |
|
297 { |
|
298 if ( iXACMLContent ) |
|
299 { |
|
300 return *iXACMLContent; |
|
301 } |
|
302 |
|
303 return KNullDesC8; |
|
304 } |
|
305 |
|
306 |
|
307 EXPORT_C void RElementIdArray::Close() |
|
308 { |
|
309 for ( TInt i = 0; i < Count(); i++) |
|
310 { |
|
311 delete operator[](i); |
|
312 } |
|
313 |
|
314 RArray::Close(); |
|
315 } |
|
316 |
|
317 void RElementIdArray::SetListL( const TDesC8& aChilds) |
|
318 { |
|
319 TInt index = 0; |
|
320 TPtrC8 ptr = aChilds; |
|
321 |
|
322 while ( 0 <= ( index = ptr.Locate( KMessageDelimiterChar))) |
|
323 { |
|
324 AppendL( ptr.Left( index).AllocL()); |
|
325 ptr.Set( ptr.Mid(index + 1)); |
|
326 } |
|
327 } |
|
328 |
|
329 |
|
330 // ---------------------------------------------------------------------------------------- |
|
331 // CSettingEnforcementInfo |
|
332 // ---------------------------------------------------------------------------------------- |
|
333 |
|
334 CSettingEnforcementInfo::CSettingEnforcementInfo() |
|
335 { |
|
336 } |
|
337 |
|
338 EXPORT_C CSettingEnforcementInfo::~CSettingEnforcementInfo() |
|
339 { |
|
340 delete iRepository; |
|
341 } |
|
342 |
|
343 void CSettingEnforcementInfo::ConstructL() |
|
344 { |
|
345 const TUid TPolicyEngineRepositoryID = { 0x10207815 }; |
|
346 iRepository = CRepository::NewL( TPolicyEngineRepositoryID ); |
|
347 } |
|
348 |
|
349 EXPORT_C CSettingEnforcementInfo* CSettingEnforcementInfo::NewL() |
|
350 { |
|
351 CSettingEnforcementInfo * self = new (ELeave) CSettingEnforcementInfo(); |
|
352 |
|
353 CleanupStack::PushL( self ); |
|
354 self->ConstructL(); |
|
355 CleanupStack::Pop( self ); |
|
356 |
|
357 return self; |
|
358 } |
|
359 |
|
360 EXPORT_C TInt CSettingEnforcementInfo::EnforcementActive( KSettingEnforcements aEnforcementType, TBool& aEnforcementActive) |
|
361 { |
|
362 const TUint32 TSettingEnforcementFlags = 0x00000100; |
|
363 TUint32 id = TSettingEnforcementFlags + aEnforcementType; |
|
364 |
|
365 TInt err = iRepository->Get( id, aEnforcementActive); |
|
366 |
|
367 if ( err == KErrNotFound ) |
|
368 { |
|
369 err = KErrNone; |
|
370 aEnforcementActive = EFalse; |
|
371 } |
|
372 |
|
373 return err; |
|
374 } |
|
375 EXPORT_C void CSettingEnforcementInfo::EnforcementActiveL( const TDesC8 & aUri, TInt& aEnforcementActive) |
|
376 { |
|
377 |
|
378 KSettingEnforcements enforcementType; |
|
379 TDelimitedPathParser8 pathParser; |
|
380 pathParser.Parse(aUri); |
|
381 TPtrC8 segmentName; |
|
382 TPtrC8 resourceType; |
|
383 TBool enforcementActive; |
|
384 aEnforcementActive = EResponseNotApplicable; |
|
385 User::LeaveIfError( pathParser.Peek(segmentName)); |
|
386 |
|
387 |
|
388 if((0 == segmentName.Compare(KSyncML12URI))||(0 == segmentName.Compare(KSyncMLURI))) |
|
389 { |
|
390 enforcementType = ESyncMLEnforcement; |
|
391 resourceType.Set(PolicyEngineXACML::KSyncMLEnforcement()); |
|
392 } |
|
393 else if (0 == segmentName.Compare(KDataSyncURI)) |
|
394 { |
|
395 enforcementType = EDataSyncEnforcement; |
|
396 resourceType.Set(PolicyEngineXACML::KDataSyncEnforcement); |
|
397 } |
|
398 else if (0 == segmentName.Compare(KEmailURI)) |
|
399 { |
|
400 enforcementType = EEMailEnforcement; |
|
401 resourceType.Set(PolicyEngineXACML::KEMailEnforcement); |
|
402 } |
|
403 else if (0 == segmentName.Compare(KAPURI)) |
|
404 { |
|
405 if (aUri.Find(KWLANURI)!= KErrNotFound) |
|
406 { |
|
407 enforcementType = EWLANEnforcement; |
|
408 resourceType.Set(PolicyEngineXACML::KWLANEnforcement); |
|
409 } |
|
410 else |
|
411 { |
|
412 enforcementType = EAPEnforcement; |
|
413 resourceType.Set(PolicyEngineXACML::KAccessPointEnforcement); |
|
414 } |
|
415 } |
|
416 else if (0 == segmentName.Compare(KIMURI)) |
|
417 { |
|
418 enforcementType = EIMEnforcement; |
|
419 resourceType.Set(PolicyEngineXACML::KInstantMessagingEnforcemnt); |
|
420 } |
|
421 else if (0 == segmentName.Compare(KCustomizationURI)) |
|
422 { |
|
423 enforcementType = ECustomization; |
|
424 resourceType.Set(PolicyEngineXACML::KCustomizationManagement); |
|
425 } |
|
426 else if (0 == segmentName.Compare(KTerminalSecurityURI)) |
|
427 { |
|
428 enforcementType = ETerminalSecurity; |
|
429 resourceType.Set(PolicyEngineXACML::KTerminalSecurityManagement); |
|
430 } |
|
431 else if ((0 == segmentName.Compare(KApplicationManagementURI))||(0 == segmentName.Compare(KSCOMOURI))) |
|
432 { |
|
433 enforcementType = EApplicationManagement; |
|
434 resourceType.Set(PolicyEngineXACML::KApplicationManagement); |
|
435 } |
|
436 else |
|
437 { |
|
438 |
|
439 return; |
|
440 } |
|
441 User::LeaveIfError(EnforcementActive(enforcementType,enforcementActive)); |
|
442 if(enforcementActive) |
|
443 { |
|
444 RDMCert dmcert; |
|
445 TCertInfo ci; |
|
446 dmcert.Get( ci ); |
|
447 |
|
448 // Policy Engine Request |
|
449 TRequestContext context; |
|
450 TResponse response; |
|
451 context.AddSubjectAttributeL( |
|
452 PolicyEngineXACML::KTrustedSubject, |
|
453 ci |
|
454 ); |
|
455 context.AddResourceAttributeL( |
|
456 PolicyEngineXACML::KResourceId, |
|
457 resourceType, |
|
458 PolicyEngineXACML::KStringDataType |
|
459 ); |
|
460 RPolicyEngine policyEngine; |
|
461 RPolicyRequest policyRequest; |
|
462 User::LeaveIfError(policyEngine.Connect()); |
|
463 User::LeaveIfError(policyRequest.Open( policyEngine )); |
|
464 User::LeaveIfError(policyRequest.MakeRequest( context, response )); |
|
465 TResponseValue resp = response.GetResponseValue(); |
|
466 |
|
467 if (resp == EResponsePermit) |
|
468 { |
|
469 aEnforcementActive = EResponsePermit; |
|
470 } |
|
471 else |
|
472 { |
|
473 aEnforcementActive = EResponseDeny; |
|
474 } |
|
475 } |
|
476 |
|
477 |
|
478 } |
|
479 |