1 /* |
|
2 * Copyright (c) 2010 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0"" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 #include <cctcertinfo.h> |
|
18 #include <x509cert.h> |
|
19 #include <unifiedcertstore.h> |
|
20 #include <X509CertNameParser.h> |
|
21 #include <securitydefs.h> |
|
22 #include <hash.h> // MD5 fingerprint |
|
23 #include <asymmetrickeys.h> |
|
24 |
|
25 #include <e32math.h> // Pow |
|
26 #include <e32cmn.h> |
|
27 |
|
28 #include <QDateTime> |
|
29 #include <QStringList> |
|
30 #include <QGraphicsLinearLayout> |
|
31 |
|
32 #include <hblineedit.h> |
|
33 #include <hbdataform.h> |
|
34 #include <hbdataformmodel.h> |
|
35 #include <hbdataformmodelitem.h> |
|
36 #include <hblabel.h> |
|
37 #include <hbpushbutton.h> |
|
38 #include <hbmenu.h> |
|
39 #include <hbaction.h> |
|
40 #include <hbmessagebox.h> |
|
41 #include <HbListWidget> |
|
42 #include <HbListWidgetItem> |
|
43 #include <HbGroupBox> |
|
44 #include <hbpushbutton.h> |
|
45 #include <hbdataform.h> |
|
46 #include <hbdataformmodel.h> |
|
47 #include <hbdataformmodelitem.h> |
|
48 #include <../../inc/cpsecplugins.h> |
|
49 #include "cpcertdetailview.h" |
|
50 #include "cpcertview.h" |
|
51 #include "cpcertdatacontainer.h" |
|
52 #include "cpcertmanuisyncwrapper.h" |
|
53 #include "../../../pkiutilities/DeviceToken/Inc/TrustedSitesStore.h" |
|
54 |
|
55 const TInt KFileCertStoreUid( 0x101F501A ); |
|
56 const TInt KTrustedServerCertStoreUid( 0x101FB66F ); |
|
57 const TInt KDeviceCertStoreUid( 0x101FB668 ); |
|
58 const TInt KDeviceKeyStoreUid( 0x101FB66A ); |
|
59 const TInt KWIMCertStoreUid ( 0x101F79D9 ); |
|
60 |
|
61 const TInt KMaxLengthTextSerialNumberFormatting = 3; |
|
62 _LIT( KCertManUIDetailsViewHexaFormat, "%02X" ); |
|
63 _LIT( KBlockSeparator, " " ); |
|
64 |
|
65 template <class T> |
|
66 class CleanupResetAndDestroy |
|
67 { |
|
68 public: |
|
69 inline static void PushL( T& aRef ); |
|
70 private: |
|
71 static void ResetAndDestroy( TAny *aPtr ); |
|
72 }; |
|
73 |
|
74 template <class T> |
|
75 inline void CleanupResetAndDestroyPushL( T& aRef ); |
|
76 |
|
77 template <class T> |
|
78 inline void CleanupResetAndDestroy<T>::PushL( T& aRef ) |
|
79 { |
|
80 CleanupStack::PushL( TCleanupItem( &ResetAndDestroy, &aRef ) ); |
|
81 } |
|
82 |
|
83 template <class T> |
|
84 void CleanupResetAndDestroy<T>::ResetAndDestroy( TAny *aPtr ) |
|
85 { |
|
86 if( aPtr ) |
|
87 { |
|
88 static_cast<T*>( aPtr )->ResetAndDestroy(); |
|
89 } |
|
90 } |
|
91 |
|
92 template <class T> |
|
93 inline void CleanupResetAndDestroyPushL( T& aRef ) |
|
94 { |
|
95 CleanupResetAndDestroy<T>::PushL( aRef ); |
|
96 } |
|
97 |
|
98 CpCertDetailView::CpCertDetailView(CpCertView::TCertificateViews aCurrentView,TInt aPos, CpCertDataContainer& aCertDataContainer, QGraphicsItem *parent /*= 0*/) |
|
99 : CpBaseSettingView(0,parent), mCertDataContainer(aCertDataContainer) |
|
100 { |
|
101 setTitle(tr("Certificate Details")); |
|
102 |
|
103 try |
|
104 { |
|
105 QT_TRAP_THROWING(viewCertificateDetailsL(aPos, aCurrentView)); |
|
106 } |
|
107 catch(const std::exception& exception) |
|
108 { |
|
109 HbMessageBox::information(exception.what()); |
|
110 throw(exception); |
|
111 } |
|
112 } |
|
113 |
|
114 |
|
115 CpCertDetailView::~CpCertDetailView() |
|
116 {} |
|
117 |
|
118 void CpCertDetailView::viewCertificateDetailsL( TInt aIndex, CpCertView::TCertificateViews aType ) |
|
119 { |
|
120 RDEBUG("0", 0); |
|
121 QGraphicsLinearLayout *layout = q_check_ptr(new QGraphicsLinearLayout(Qt::Vertical)); |
|
122 setLayout(layout); |
|
123 |
|
124 HbListWidget* mCertDetails = q_check_ptr(new HbListWidget(this)); |
|
125 |
|
126 HBufC8* urlBuf = NULL; |
|
127 CCertificate* details = NULL; |
|
128 CUnifiedCertStore*& store = mCertDataContainer.CertManager(); |
|
129 |
|
130 const CCTCertInfo* entry = certInfo(aIndex, aType); |
|
131 TCertificateFormat certificateFormat = entry->CertificateFormat(); |
|
132 |
|
133 if( certificateFormat != EX509CertificateUrl ) |
|
134 { |
|
135 mCertDataContainer.iWrapper->GetCertificateL( store, *entry, details ); |
|
136 CleanupStack::PushL( details ); |
|
137 validateCertificateL( aIndex, *details, *entry, aType ); |
|
138 } |
|
139 else |
|
140 { |
|
141 urlBuf = HBufC8::NewLC( entry->Size() ); |
|
142 TPtr8 urlPtr = urlBuf->Des(); |
|
143 mCertDataContainer.iWrapper->GetUrlCertificateL( store, *entry, urlPtr ); |
|
144 } |
|
145 |
|
146 if( aType == CpCertView::ETrustedView ) |
|
147 { |
|
148 addTrustedSitesL(*details, *mCertDetails); |
|
149 } |
|
150 else |
|
151 { |
|
152 addLabel(*entry, *mCertDetails); |
|
153 } |
|
154 RDEBUG("0", 0); |
|
155 // certificate issuer and owner |
|
156 if( certificateFormat == EX509Certificate ) |
|
157 { |
|
158 addIssuerL(*details, *mCertDetails); |
|
159 addSubjectL(*details, *mCertDetails); |
|
160 } |
|
161 |
|
162 // Get key usage and location. This is done only client certificates. |
|
163 const TInt KLocationUnknown = 0; |
|
164 TUid keyLocation = { KLocationUnknown }; |
|
165 |
|
166 if(( aType == CpCertView::EPersonalView ) || ( aType == CpCertView::EDeviceView )) |
|
167 { |
|
168 TKeyUsagePKCS15 usage = keyUsageAndLocationL( *entry, &keyLocation ); |
|
169 addCertUsage(usage, *mCertDetails); |
|
170 } |
|
171 RDEBUG("0", 0); |
|
172 if( certificateFormat == EX509Certificate ) |
|
173 { |
|
174 addValidityPeriod( *details, *mCertDetails ); |
|
175 TUid certLoc; |
|
176 certLoc.iUid = entry->Token().TokenType().Type().iUid; |
|
177 // add the location of the certificate |
|
178 setLocationInfo( ETrue, certLoc, *mCertDetails ); |
|
179 } |
|
180 else if( certificateFormat == EX509CertificateUrl ) |
|
181 { |
|
182 setURLLocation( *urlBuf, *mCertDetails ); |
|
183 } |
|
184 else |
|
185 { |
|
186 // nothing |
|
187 } |
|
188 |
|
189 addCertFormat(certificateFormat, *mCertDetails); |
|
190 |
|
191 // Private key location, only for user and device certicates |
|
192 if(( aType == CpCertView::EPersonalView ) || ( aType == CpCertView::EDeviceView )) |
|
193 { |
|
194 setLocationInfo( EFalse, keyLocation, *mCertDetails ); |
|
195 } |
|
196 |
|
197 if( certificateFormat == EX509Certificate ) |
|
198 { |
|
199 addAlgoDetails( *details, *mCertDetails); |
|
200 addSerialNo( *details, *mCertDetails ); |
|
201 addFingerprint( *details, *mCertDetails); |
|
202 addPublicKeyDetailsL( *details, *mCertDetails ); |
|
203 } |
|
204 else |
|
205 { |
|
206 // SetUrlCertAlgorihm() |
|
207 } |
|
208 RDEBUG("0", 0); |
|
209 if( certificateFormat != EX509CertificateUrl ) |
|
210 { |
|
211 CleanupStack::PopAndDestroy( details ); |
|
212 } |
|
213 else |
|
214 { |
|
215 CleanupStack::PopAndDestroy( urlBuf ); |
|
216 } |
|
217 |
|
218 layout->addItem(mCertDetails); |
|
219 } |
|
220 |
|
221 const CCTCertInfo* CpCertDetailView::certInfo( TInt index, CpCertView::TCertificateViews certView ) |
|
222 { |
|
223 RDEBUG("0", 0); |
|
224 const CCTCertInfo* certinfo = NULL; |
|
225 |
|
226 if( certView == CpCertView::EAuthorityView ) |
|
227 { |
|
228 certinfo = ( mCertDataContainer.iCALabelEntries )[ index ]->iCAEntry; |
|
229 } |
|
230 else if( certView == CpCertView::ETrustedView ) |
|
231 { |
|
232 certinfo = ( mCertDataContainer.iPeerLabelEntries )[ index ]->iPeerEntry; |
|
233 } |
|
234 else if( certView == CpCertView::EDeviceView ) |
|
235 { |
|
236 certinfo = ( mCertDataContainer.iDeviceLabelEntries )[ index ]->iDeviceEntry; |
|
237 } |
|
238 else if( certView == CpCertView::EPersonalView ) |
|
239 { |
|
240 certinfo = ( mCertDataContainer.iUserLabelEntries )[ index ]->iUserEntry; |
|
241 } |
|
242 return certinfo; |
|
243 } |
|
244 |
|
245 void CpCertDetailView::addTrustedSitesL( const CCertificate& certDetails, HbListWidget& certDisplayDetails ) |
|
246 { |
|
247 RDEBUG("0", 0); |
|
248 CTrustSitesStore* trustedSitesStore = CTrustSitesStore::NewL(); |
|
249 CleanupStack::PushL( trustedSitesStore ); |
|
250 |
|
251 RPointerArray<HBufC> trustedSites; |
|
252 CleanupResetAndDestroyPushL( trustedSites ); |
|
253 trustedSitesStore->GetTrustedSitesL( certDetails.Encoding(), trustedSites ); |
|
254 |
|
255 QString sTrustedSites = "Site:"; |
|
256 if( trustedSites.Count() > 0 ) |
|
257 { |
|
258 // display trusted sites |
|
259 sTrustedSites = "Site:"; |
|
260 } |
|
261 addToListWidget(certDisplayDetails, sTrustedSites); |
|
262 |
|
263 for(int index=0;index<trustedSites.Count(); ++index) |
|
264 { |
|
265 QString trustedSiteDetail = QString((QChar*)(trustedSites[index]->Ptr()), trustedSites[index]->Length()); |
|
266 addToListWidget(certDisplayDetails, trustedSiteDetail); |
|
267 } |
|
268 |
|
269 CleanupStack::PopAndDestroy( &trustedSites ); |
|
270 CleanupStack::PopAndDestroy( trustedSitesStore ); |
|
271 |
|
272 } |
|
273 |
|
274 void CpCertDetailView::addLabel( const CCTCertInfo& aCertInfo, HbListWidget& certDisplayDetails ) |
|
275 { |
|
276 RDEBUG("0", 0); |
|
277 QString sLabel("Label:"); |
|
278 QString sLabelDetails = "(No label)"; |
|
279 if(aCertInfo.Label().Length() != 0) |
|
280 { |
|
281 sLabelDetails = QString((QChar*)(aCertInfo.Label().Ptr()),aCertInfo.Label().Length()); |
|
282 } |
|
283 addToListWidget(certDisplayDetails, sLabel, sLabelDetails); |
|
284 } |
|
285 |
|
286 void CpCertDetailView::addIssuerL( const CCertificate& aCertDetails, |
|
287 HbListWidget& certDisplayDetails ) |
|
288 { |
|
289 HBufC* issuer = NULL; |
|
290 X509CertNameParser::IssuerFullNameL( (CX509Certificate&)aCertDetails, issuer ); |
|
291 CleanupStack::PushL( issuer ); |
|
292 |
|
293 QString sIssuer = "Issuer:"; |
|
294 QString sIssuerDetails = "(Not defined)"; |
|
295 if(issuer->Des().Length() != 0) |
|
296 { |
|
297 sIssuerDetails = QString((QChar*)issuer->Des().Ptr(),issuer->Des().Length()); |
|
298 } |
|
299 addToListWidget(certDisplayDetails, sIssuer, sIssuerDetails); |
|
300 |
|
301 CleanupStack::PopAndDestroy( issuer ); |
|
302 } |
|
303 |
|
304 void CpCertDetailView::addSubjectL( const CCertificate& aCertDetails, |
|
305 HbListWidget& certDisplayDetails ) |
|
306 { |
|
307 RDEBUG("0", 0); |
|
308 HBufC* subject = NULL; |
|
309 X509CertNameParser::SubjectFullNameL( (CX509Certificate&)aCertDetails, subject ); |
|
310 CleanupStack::PushL( subject ); |
|
311 |
|
312 QString sSubject = "Subject:"; |
|
313 QString sSubjectDetails = "(No subject)"; |
|
314 if(subject->Des().Length() != 0) |
|
315 { |
|
316 sSubjectDetails = QString((QChar*)subject->Des().Ptr(),subject->Des().Length()); |
|
317 } |
|
318 |
|
319 addToListWidget(certDisplayDetails, sSubject, sSubjectDetails); |
|
320 |
|
321 CleanupStack::PopAndDestroy( subject ); |
|
322 } |
|
323 |
|
324 void CpCertDetailView::addCertUsage( TKeyUsagePKCS15 usage, HbListWidget& certDisplayDetails ) |
|
325 { |
|
326 RDEBUG("0", 0); |
|
327 QString strUsage; |
|
328 switch( usage ) |
|
329 { |
|
330 case EPKCS15UsageSignSignRecover: |
|
331 case EPKCS15UsageSignDecrypt: |
|
332 case EPKCS15UsageSign: |
|
333 strUsage = "Client authentication"; |
|
334 break; |
|
335 case EPKCS15UsageNonRepudiation: |
|
336 strUsage = "Digital signing"; |
|
337 break; |
|
338 default: |
|
339 strUsage = "(Not defined)"; |
|
340 break; |
|
341 } |
|
342 addToListWidget(certDisplayDetails, strUsage ); |
|
343 } |
|
344 |
|
345 |
|
346 void CpCertDetailView::addValidityPeriod( const CCertificate& aCertDetails, |
|
347 HbListWidget& certDisplayDetails) |
|
348 { |
|
349 RDEBUG("0", 0); |
|
350 // Certificate validity period |
|
351 // Hometime's offset to UTC |
|
352 TLocale locale; |
|
353 TTimeIntervalSeconds offSet = locale.UniversalTimeOffset(); |
|
354 |
|
355 QString sValidFrom("Valid from: "); |
|
356 const CValidityPeriod& validityPeriod = aCertDetails.ValidityPeriod(); |
|
357 TTime startValue = validityPeriod.Start(); |
|
358 startValue += offSet; |
|
359 TDateTime dateTime = startValue.DateTime(); |
|
360 TMonth month = dateTime.Month(); |
|
361 TInt day = dateTime.Day(); |
|
362 TInt year = dateTime.Year(); |
|
363 QDateTime qValidityPeriod(QDate(year, month, day)); |
|
364 QString sValidFromDetail = qValidityPeriod.toString("MM\\dd\\yyyy"); |
|
365 |
|
366 addToListWidget(certDisplayDetails, sValidFrom, sValidFromDetail); |
|
367 |
|
368 QString sValidUntil("Valid until: "); |
|
369 TTime finishValue = validityPeriod.Finish(); |
|
370 finishValue += offSet; |
|
371 dateTime = finishValue.DateTime(); |
|
372 month = dateTime.Month(); |
|
373 day = dateTime.Day(); |
|
374 year = dateTime.Year(); |
|
375 qValidityPeriod.setDate(QDate(year, month, day)); |
|
376 QString sValidUntilDetail = qValidityPeriod.toString("MM\\dd\\yyyy"); |
|
377 |
|
378 addToListWidget(certDisplayDetails, sValidUntil, sValidUntilDetail); |
|
379 |
|
380 } |
|
381 |
|
382 void CpCertDetailView::setURLLocation( HBufC8& urlDetails, HbListWidget& certDisplayDetails ) |
|
383 { |
|
384 RDEBUG("0", 0); |
|
385 TPtr8 urlPtr = urlDetails.Des(); |
|
386 |
|
387 QString certUrl = "Location:"; |
|
388 QString certURLDetail = "(Not defined)"; |
|
389 TInt length = urlPtr.Length(); |
|
390 if(length != 0) |
|
391 { |
|
392 certURLDetail = QString((QChar*)urlPtr.Ptr(),urlPtr.Length()); |
|
393 } |
|
394 addToListWidget(certDisplayDetails, certUrl, certURLDetail); |
|
395 } |
|
396 |
|
397 void CpCertDetailView::addCertFormat( TCertificateFormat aCertFormat, HbListWidget& certDisplayDetails ) |
|
398 { |
|
399 RDEBUG("0", 0); |
|
400 // certificate format |
|
401 QString certFormat = "Certificate format:"; |
|
402 QString certFormatDetails = "(Not defined)"; |
|
403 if( aCertFormat == EX509Certificate || aCertFormat == EX509CertificateUrl) |
|
404 { |
|
405 certFormatDetails = "X509"; |
|
406 } |
|
407 addToListWidget(certDisplayDetails, certFormat, certFormatDetails); |
|
408 } |
|
409 |
|
410 void CpCertDetailView::addAlgoDetails( const CCertificate& certificate, |
|
411 HbListWidget& certDisplayDetails ) |
|
412 { |
|
413 RDEBUG("0", 0); |
|
414 // certificate algorithms |
|
415 QString sDgstAlgoDetails = "Unknown"; |
|
416 // digest algorithm |
|
417 TAlgorithmId algorithmId = certificate.SigningAlgorithm().DigestAlgorithm().Algorithm(); |
|
418 switch( algorithmId ) |
|
419 { |
|
420 case EMD2: |
|
421 { |
|
422 sDgstAlgoDetails = "MD2"; |
|
423 break; |
|
424 } |
|
425 case EMD5: |
|
426 { |
|
427 sDgstAlgoDetails = "MD5"; |
|
428 break; |
|
429 } |
|
430 case ESHA1: |
|
431 { |
|
432 sDgstAlgoDetails = "SHA1"; |
|
433 break; |
|
434 } |
|
435 } |
|
436 |
|
437 QString sAsymmetricAlgoDetails = asymmetricAlgoId(certificate); |
|
438 QString sAlgorithm("Algorithm:"); |
|
439 QString sAlgoDetails = "Unknown"; |
|
440 // If other algorithm is unknown |
|
441 if( sDgstAlgoDetails != "Unknown" && sAsymmetricAlgoDetails != "Unknown" ) |
|
442 { |
|
443 sAlgoDetails = sDgstAlgoDetails; |
|
444 sAlgoDetails.append(sAsymmetricAlgoDetails); |
|
445 } |
|
446 addToListWidget(certDisplayDetails, sAlgorithm, sAlgoDetails); |
|
447 } |
|
448 |
|
449 void CpCertDetailView::addSerialNo( const CCertificate& certificate, |
|
450 HbListWidget& certDisplayDetails ) |
|
451 { |
|
452 RDEBUG("0", 0); |
|
453 // certificate serial number |
|
454 QString sCertSerialNo("Serial number:"); |
|
455 QString sCertSerialNoDetails = 0; |
|
456 TPtrC8 serialNumber = certificate.SerialNumber(); |
|
457 TBuf<KMaxLengthTextSerialNumberFormatting> buf2; |
|
458 |
|
459 for( TInt i = 0; i < serialNumber.Length(); i++ ) |
|
460 { |
|
461 buf2.Format( KCertManUIDetailsViewHexaFormat, serialNumber[i] ); |
|
462 sCertSerialNoDetails.append( QString( (QChar*)buf2.Ptr(),buf2.Length() ) ); |
|
463 } |
|
464 addToListWidget(certDisplayDetails, sCertSerialNo, sCertSerialNoDetails); |
|
465 } |
|
466 |
|
467 void CpCertDetailView::addFingerprint( const CCertificate& certificate, |
|
468 HbListWidget& certDisplayDetails) |
|
469 { |
|
470 RDEBUG("0", 0); |
|
471 // certificate fingerprint SHA-1 |
|
472 QString sSha1("Fingerprint (SHA1):"); |
|
473 TPtrC8 sha1_fingerprint = certificate.Fingerprint(); |
|
474 HBufC* finalSha1 = NULL; |
|
475 QString sSha1Details = NULL; |
|
476 |
|
477 QT_TRAP_THROWING |
|
478 ( |
|
479 finalSha1 = HBufC::NewLC(100); |
|
480 TPtr finalShaPtr = finalSha1->Des(); |
|
481 divideIntoBlocks( sha1_fingerprint, finalShaPtr ); |
|
482 sSha1Details = QString( (QChar*)finalShaPtr.Ptr(), finalShaPtr.Length() ); |
|
483 CleanupStack::PopAndDestroy(finalSha1); |
|
484 ) |
|
485 |
|
486 addToListWidget(certDisplayDetails, sSha1, sSha1Details); |
|
487 |
|
488 // certificate fingerprint MD5 |
|
489 QString sMd5("Fingerprint (MD5):"); |
|
490 CMD5* md5= NULL; |
|
491 QT_TRAP_THROWING |
|
492 ( |
|
493 md5 = CMD5::NewL(); |
|
494 CleanupStack::PushL( md5 ); |
|
495 TBuf8<20> fingerprint = md5->Hash( certificate.Encoding() ); |
|
496 CleanupStack::PopAndDestroy( md5 ); |
|
497 HBufC* finalMd5 = NULL; |
|
498 finalMd5 = HBufC::NewLC(100); |
|
499 TPtr finalMd5Ptr = finalMd5->Des(); |
|
500 divideIntoBlocks( fingerprint, finalMd5Ptr ); |
|
501 QString sMd5Details = QString( (QChar*)finalMd5Ptr.Ptr(), finalMd5Ptr.Length()); |
|
502 CleanupStack::PopAndDestroy(finalMd5); |
|
503 addToListWidget(certDisplayDetails, sMd5, sMd5Details); |
|
504 ) |
|
505 } |
|
506 |
|
507 void CpCertDetailView::addPublicKeyDetailsL( const CCertificate& certificate, |
|
508 HbListWidget& certDisplayDetails ) |
|
509 { |
|
510 RDEBUG("0", 0); |
|
511 // Public key |
|
512 // Should look like: "Public key (%0U %1N bit):" |
|
513 |
|
514 QString sPublicKey("Public key ("); // %S %d bits):"); |
|
515 sPublicKey.append(asymmetricAlgoId(certificate)); |
|
516 |
|
517 // Get public key already here to get length of it for string loader. |
|
518 const CSubjectPublicKeyInfo& publicKey = certificate.PublicKey(); |
|
519 TPtrC8 keyData = publicKey.KeyData(); |
|
520 TInt size = keyData.Size(); // %1N |
|
521 |
|
522 // To get key size decode DER encoded key got from the certificate. |
|
523 TX509KeyFactory key; |
|
524 |
|
525 // There doesn't seem to be definition of MAX_INT anywhere so calculate it. |
|
526 TReal maxInt; |
|
527 TReal intBits = sizeof( TInt ) * 8; |
|
528 Math::Pow( maxInt, 2, intBits ); |
|
529 maxInt = ( maxInt / 2 ) - 1; |
|
530 |
|
531 TAlgorithmId algorithmId = certificate.SigningAlgorithm().AsymmetricAlgorithm().Algorithm(); |
|
532 switch( algorithmId ) |
|
533 { |
|
534 case ERSA: |
|
535 { |
|
536 const CRSAPublicKey* keyRSA = key.RSAPublicKeyL( keyData ); |
|
537 |
|
538 const TInteger& n = keyRSA->N(); |
|
539 |
|
540 TUint keySizeN = n.BitCount(); |
|
541 |
|
542 // Play it safe. |
|
543 if( keySizeN < maxInt ) |
|
544 { |
|
545 size = keySizeN; |
|
546 } |
|
547 |
|
548 delete keyRSA; |
|
549 |
|
550 break; |
|
551 } |
|
552 case EDSA: |
|
553 { |
|
554 TPtrC8 params = publicKey.EncodedParams(); |
|
555 const CDSAPublicKey* keyDSA = key.DSAPublicKeyL( params, keyData ); |
|
556 |
|
557 const TInteger& y = keyDSA->Y(); |
|
558 |
|
559 TUint keySizeY = y.BitCount(); |
|
560 |
|
561 // Play it safe. |
|
562 if( keySizeY < maxInt ) |
|
563 { |
|
564 size = keySizeY; |
|
565 } |
|
566 |
|
567 delete keyDSA; |
|
568 |
|
569 break; |
|
570 } |
|
571 // There doesn't seem to be TX509KeyFactory function for DH keys. |
|
572 // If the key is DH or unknown, just multiply length of the key |
|
573 // in bytes with 8. It is not correct but at least gives an idea. |
|
574 // Without setting something to size 'unknown' text should be used |
|
575 // below for the string which is much more error prone than setting |
|
576 // at least something. |
|
577 case EDH: |
|
578 default: |
|
579 { |
|
580 size = 8 * keyData.Size(); |
|
581 } |
|
582 } |
|
583 |
|
584 sPublicKey.append(" ").append(QString::number(size)).append(" bits):"); |
|
585 |
|
586 // Finally append the public key. |
|
587 HBufC* pubKey = HBufC::NewLC(size*3); |
|
588 TPtr pubKeyPtr = pubKey->Des(); |
|
589 divideIntoBlocks( keyData, pubKeyPtr ); |
|
590 QString sPublicKeyDetails = QString ( (QChar*)pubKeyPtr.Ptr(), pubKeyPtr.Length()); |
|
591 CleanupStack::PopAndDestroy(pubKey); |
|
592 addToListWidget(certDisplayDetails, sPublicKey, sPublicKeyDetails); |
|
593 } |
|
594 |
|
595 QString CpCertDetailView::asymmetricAlgoId( const CCertificate& certificate ) |
|
596 { |
|
597 RDEBUG("0", 0); |
|
598 QString sAsymmetricAlgoId = 0; |
|
599 // public-key algorithm |
|
600 TAlgorithmId algorithmId = certificate.SigningAlgorithm().AsymmetricAlgorithm().Algorithm(); |
|
601 switch( algorithmId ) |
|
602 { |
|
603 case ERSA: |
|
604 { |
|
605 sAsymmetricAlgoId = "RSA"; |
|
606 break; |
|
607 } |
|
608 case EDSA: |
|
609 { |
|
610 sAsymmetricAlgoId = "DSA"; |
|
611 break; |
|
612 } |
|
613 case EDH: |
|
614 { |
|
615 sAsymmetricAlgoId = "DH"; |
|
616 break; |
|
617 } |
|
618 default: |
|
619 { |
|
620 sAsymmetricAlgoId = "Unknown"; |
|
621 } |
|
622 } |
|
623 return sAsymmetricAlgoId; |
|
624 } |
|
625 |
|
626 void CpCertDetailView::addToListWidget(HbListWidget& certDisplayDetails, const QString& data ) |
|
627 { |
|
628 HbListWidgetItem* wItem = q_check_ptr(new HbListWidgetItem()); |
|
629 wItem->setText(data); |
|
630 certDisplayDetails.addItem(wItem); |
|
631 } |
|
632 |
|
633 void CpCertDetailView::addToListWidget( HbListWidget& certDisplayDetails, |
|
634 const QString& displayString, |
|
635 const QString& displayDetails ) |
|
636 { |
|
637 HbListWidgetItem* wDisplayString = q_check_ptr(new HbListWidgetItem()); |
|
638 wDisplayString->setText(displayString); |
|
639 certDisplayDetails.addItem(wDisplayString); |
|
640 |
|
641 HbListWidgetItem* wDisplayDetails = q_check_ptr(new HbListWidgetItem()); |
|
642 wDisplayDetails->setText(displayDetails); |
|
643 certDisplayDetails.addItem(wDisplayDetails); |
|
644 } |
|
645 |
|
646 void CpCertDetailView::validateCertificateL( |
|
647 TInt aIndex, const CCertificate& certDetails, const CCTCertInfo& aCertInfo, CpCertView::TCertificateViews aType ) |
|
648 { |
|
649 RDEBUG("0", 0); |
|
650 TInt poppableItems = 0; |
|
651 // Check allways first the validity period |
|
652 // Show Expired/Not yet valid notes |
|
653 const CValidityPeriod& validityPeriod = certDetails.ValidityPeriod(); |
|
654 const TTime& startValue = validityPeriod.Start(); |
|
655 const TTime& finishValue = validityPeriod.Finish(); |
|
656 TTime current; |
|
657 current.UniversalTime(); |
|
658 |
|
659 if ( startValue > current ) |
|
660 { |
|
661 // certificate is not valid yet |
|
662 HbMessageBox::warning("The certificate is not valid yet"); |
|
663 } |
|
664 else if ( finishValue < current ) |
|
665 { |
|
666 // certificate is expired |
|
667 HbMessageBox::warning("The certificate has expired"); |
|
668 } |
|
669 else |
|
670 { |
|
671 // put here check for certificate status, show warning notes if needed |
|
672 TBool noValidationError = ETrue; |
|
673 CArrayFixFlat<TValidationError>* validationError = NULL; |
|
674 // set it to the most common cert format |
|
675 TCertificateFormat certificateFormat = EX509Certificate; |
|
676 |
|
677 if ( aType == CpCertView::EAuthorityView ) |
|
678 { |
|
679 certificateFormat = mCertDataContainer.iCALabelEntries[aIndex]-> |
|
680 iCAEntry->CertificateFormat(); |
|
681 } |
|
682 else if ( aType == CpCertView::ETrustedView ) |
|
683 { |
|
684 certificateFormat = mCertDataContainer.iPeerLabelEntries[aIndex]-> |
|
685 iPeerEntry->CertificateFormat(); |
|
686 } |
|
687 else if ( aType == CpCertView::EDeviceView ) |
|
688 { |
|
689 certificateFormat = mCertDataContainer.iDeviceLabelEntries[aIndex]-> |
|
690 iDeviceEntry->CertificateFormat(); |
|
691 } |
|
692 else if( aType == CpCertView::EPersonalView ) |
|
693 { |
|
694 certificateFormat = mCertDataContainer.iUserLabelEntries[aIndex]-> |
|
695 iUserEntry->CertificateFormat(); |
|
696 } |
|
697 |
|
698 switch ( certificateFormat ) |
|
699 { |
|
700 case EX509Certificate: |
|
701 { |
|
702 validationError = validateX509CertificateL((CX509Certificate&)certDetails ); |
|
703 break; |
|
704 } |
|
705 default: |
|
706 { |
|
707 validationError = new ( ELeave) CArrayFixFlat<TValidationError>( 1 ); |
|
708 break; |
|
709 } |
|
710 } |
|
711 CleanupStack::PushL( validationError ); |
|
712 poppableItems++; |
|
713 |
|
714 TInt errorCount = validationError->Count(); |
|
715 TBool ready = EFalse; |
|
716 for ( TInt i = 0; i < errorCount && !ready; i++ ) |
|
717 { |
|
718 TValidationError errorType = validationError->At(i); |
|
719 |
|
720 switch ( errorType ) |
|
721 { |
|
722 case EValidatedOK: |
|
723 case EChainHasNoRoot: |
|
724 case EBadKeyUsage: |
|
725 // Ignore these errors |
|
726 //LOG_WRITE( "Ignored certificate validation error" ); |
|
727 break; |
|
728 |
|
729 default: |
|
730 // certificate is corrupted |
|
731 noValidationError = EFalse; |
|
732 HbMessageBox::warning("The certificate is corrupted"); |
|
733 ready = ETrue; |
|
734 break; |
|
735 } |
|
736 } |
|
737 |
|
738 if ( noValidationError && (aType == CpCertView::EAuthorityView )) |
|
739 // Check for last if the CA certificate has no clients, |
|
740 // ie. the trust state of every client is No |
|
741 // For user certificates we don't do the check |
|
742 { |
|
743 |
|
744 RArray<TUid> trusterUids; |
|
745 CleanupClosePushL( trusterUids ); |
|
746 poppableItems++; |
|
747 |
|
748 mCertDataContainer.iWrapper->GetApplicationsL( |
|
749 mCertDataContainer.CertManager(), aCertInfo, trusterUids ); |
|
750 |
|
751 if ( trusterUids.Count() == 0) |
|
752 { |
|
753 HbMessageBox::warning("Certificate not trusted"); |
|
754 } |
|
755 } |
|
756 } |
|
757 CleanupStack::PopAndDestroy( poppableItems ); |
|
758 } |
|
759 |
|
760 CArrayFixFlat<TValidationError>* CpCertDetailView::validateX509CertificateL( const CX509Certificate& certDetails ) |
|
761 { |
|
762 RDEBUG("0", 0); |
|
763 TInt poppableItems = 0; |
|
764 CArrayFixFlat<TValidationError>* validationError = |
|
765 new ( ELeave ) CArrayFixFlat<TValidationError>( 1 ); |
|
766 CleanupStack::PushL( validationError ); //This is returned, so it isn't destroyed at the end. |
|
767 |
|
768 TTime GMTTime; |
|
769 GMTTime.UniversalTime(); // Get Universal Time |
|
770 RPointerArray<CX509Certificate> certArray; |
|
771 certArray.Append( &certDetails ); |
|
772 |
|
773 CPKIXCertChain* chain = CPKIXCertChain::NewLC( |
|
774 mCertDataContainer.iRfs, certDetails.Encoding(), certArray ); |
|
775 ++poppableItems; |
|
776 |
|
777 CPKIXValidationResult* result = CPKIXValidationResult::NewLC(); |
|
778 ++poppableItems; |
|
779 mCertDataContainer.iWrapper->ValidateX509RootCertificateL( result, GMTTime, chain ); |
|
780 |
|
781 TValidationStatus validationStatus = result->Error(); |
|
782 //Set reserve space. One for error, other for warnings. |
|
783 validationError->SetReserveL( 1 + result->Warnings().Count() ); |
|
784 validationError->AppendL(validationStatus.iReason); |
|
785 for ( TUint8 i = 0; i < result->Warnings().Count(); i++ ) |
|
786 { |
|
787 validationError->AppendL( result->Warnings().At(0).iReason ); |
|
788 } |
|
789 |
|
790 CleanupStack::PopAndDestroy( poppableItems, chain ); // All but validationError. |
|
791 CleanupStack::Pop(validationError); |
|
792 return validationError; |
|
793 } |
|
794 |
|
795 TKeyUsagePKCS15 CpCertDetailView::keyUsageAndLocationL( const CCTCertInfo& certEntry, |
|
796 TUid* keyLocation ) |
|
797 { |
|
798 TKeyUsagePKCS15 keyUsage; |
|
799 RDEBUG("0", 0); |
|
800 // Check whether we have key for this certificate |
|
801 RMPointerArray<CCTKeyInfo> keyEntry; |
|
802 TCTKeyAttributeFilter filter; |
|
803 filter.iKeyId = certEntry.SubjectKeyId(); |
|
804 |
|
805 mCertDataContainer.iWrapper->ListL( mCertDataContainer.KeyManager(), &keyEntry, filter ); |
|
806 |
|
807 if (keyEntry.Count()) |
|
808 { |
|
809 keyUsage = keyEntry[0]->Usage(); |
|
810 // Get Location |
|
811 keyLocation->iUid = keyEntry[0]->Token().TokenType().Type().iUid ; |
|
812 } |
|
813 else |
|
814 { |
|
815 keyUsage = EPKCS15UsageNone; |
|
816 } |
|
817 |
|
818 keyEntry.Close(); |
|
819 return keyUsage; |
|
820 } |
|
821 |
|
822 // --------------------------------------------------------- |
|
823 // CCertManUICertificateHelper::setLocationInfo( (HBufC& aMessage, |
|
824 // TBool certificate, |
|
825 // TUid* aLocUid) |
|
826 // Adds certificate/private key's location info to certificate details |
|
827 // --------------------------------------------------------- |
|
828 // |
|
829 void CpCertDetailView::setLocationInfo(TBool certificate, TUid locUid, HbListWidget& certDisplayDetails) |
|
830 { |
|
831 RDEBUG("0", 0); |
|
832 QString locationDetails = "(Not defined)"; |
|
833 |
|
834 switch ( locUid.iUid ) |
|
835 { |
|
836 case KFileCertStoreUid: |
|
837 case KTrustedServerCertStoreUid: |
|
838 case KDeviceCertStoreUid: |
|
839 case KDeviceKeyStoreUid: |
|
840 case KTokenTypeFileKeystore: |
|
841 locationDetails = "Phone memory"; |
|
842 break; |
|
843 |
|
844 case KWIMCertStoreUid: |
|
845 locationDetails = "Smart card"; |
|
846 break; |
|
847 |
|
848 default: |
|
849 if ( !certificate ) |
|
850 { |
|
851 locationDetails = "No private key"; |
|
852 } |
|
853 break; |
|
854 } |
|
855 |
|
856 QString location = "Location:"; |
|
857 if ( !certificate ) |
|
858 { |
|
859 location = "Private key location:"; |
|
860 } |
|
861 |
|
862 addToListWidget(certDisplayDetails, location, locationDetails ); |
|
863 |
|
864 } |
|
865 |
|
866 // --------------------------------------------------------- |
|
867 // CCertManUICertificateHelper::divideIntoBlocks |
|
868 // --------------------------------------------------------- |
|
869 // |
|
870 void CpCertDetailView::divideIntoBlocks( const TDesC8& input, TPtr& output ) |
|
871 { |
|
872 RDEBUG("0", 0); |
|
873 const TInt KBlockLength = 2; |
|
874 TInt blockIndex = 0; |
|
875 for ( TInt j = 0 ; j < input.Length() ; j++ ) |
|
876 { |
|
877 if ( blockIndex == KBlockLength ) |
|
878 { |
|
879 output.Append( KBlockSeparator ); |
|
880 blockIndex = 0; |
|
881 } |
|
882 output.AppendNumFixedWidthUC( (TUint)(input[ j ]), EHex, 2 ); |
|
883 ++blockIndex; |
|
884 } |
|
885 } |
|
886 |
|
887 |
|