|
1 /* |
|
2 * Copyright (c) 2006 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Implementation of DevandTruSrvCertStoreServer |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include <ccertattributefilter.h> |
|
20 #include <signed.h> |
|
21 #include <x509cert.h> |
|
22 #include <x509certext.h> |
|
23 #include <x509keys.h> |
|
24 #include <wtlscert.h> |
|
25 #include <x500dn.h> |
|
26 #include "DevandTruSrvCertStoreServer.h" |
|
27 #include "DevandTruSrvCertStoreConduit.h" |
|
28 #include "DevandTruSrvCertStoreSession.h" |
|
29 #include "DevandTruSrvCertStoreEntry.h" |
|
30 #include "DevandTruSrvCertStoreEntryList.h" |
|
31 #include "DevTokenCliServ.h" |
|
32 #include "DevTokenUtil.h" |
|
33 #include "DevTokenDataTypes.h" |
|
34 #include "TrustedSitesServer.h" |
|
35 |
|
36 _LIT(KCertStoreFilename,"devandtrusrvcerts.dat"); |
|
37 |
|
38 const TInt KSHA1Length = 20; |
|
39 |
|
40 // API policing |
|
41 _LIT_SECURITY_POLICY_PASS(KPolicyAlwaysPass); |
|
42 _LIT_SECURITY_POLICY_FAIL(KPolicyAlwaysFail); |
|
43 _LIT_SECURITY_POLICY_C1(KPolicyRequireReadUserData, ECapabilityReadUserData); |
|
44 _LIT_SECURITY_POLICY_C1(KPolicyRequireWriteDeviceData, ECapabilityWriteDeviceData); |
|
45 |
|
46 // ======== MEMBER FUNCTIONS ======== |
|
47 |
|
48 //CDevandTruSrvCertStoreServer |
|
49 |
|
50 // --------------------------------------------------------------------------- |
|
51 // CDevandTruSrvCertStoreServer::NewL() |
|
52 // --------------------------------------------------------------------------- |
|
53 // |
|
54 CDevandTruSrvCertStoreServer* CDevandTruSrvCertStoreServer::NewL(CTrustedSitesServer* aTrustedSitesServer ) |
|
55 { |
|
56 CDevandTruSrvCertStoreServer* self = new (ELeave) CDevandTruSrvCertStoreServer( aTrustedSitesServer ); |
|
57 CleanupStack::PushL(self); |
|
58 self->ConstructL(); |
|
59 CleanupStack::Pop(self); |
|
60 return self; |
|
61 } |
|
62 |
|
63 |
|
64 // --------------------------------------------------------------------------- |
|
65 // CDevandTruSrvCertStoreServer::CDevandTruSrvCertStoreServer() |
|
66 // --------------------------------------------------------------------------- |
|
67 // |
|
68 CDevandTruSrvCertStoreServer::CDevandTruSrvCertStoreServer( CTrustedSitesServer* aTrustedSitesServer ) |
|
69 : iTrustedSitesServer( aTrustedSitesServer ) |
|
70 { |
|
71 } |
|
72 |
|
73 |
|
74 // --------------------------------------------------------------------------- |
|
75 // CDevandTruSrvCertStoreServer::ConstructL() |
|
76 // --------------------------------------------------------------------------- |
|
77 // |
|
78 void CDevandTruSrvCertStoreServer::ConstructL() |
|
79 { |
|
80 iConduit = CDevandTruSrvCertStoreConduit::NewL(*this); |
|
81 User::LeaveIfError(iFs.Connect()); |
|
82 OpenStoreL(); |
|
83 } |
|
84 |
|
85 |
|
86 // --------------------------------------------------------------------------- |
|
87 // CDevandTruSrvCertStoreServer::~CDevandTruSrvCertStoreServer() |
|
88 // --------------------------------------------------------------------------- |
|
89 // |
|
90 CDevandTruSrvCertStoreServer::~CDevandTruSrvCertStoreServer() |
|
91 { |
|
92 delete iStore; |
|
93 delete iEntryList; |
|
94 delete iConduit; |
|
95 iFs.Close(); |
|
96 } |
|
97 |
|
98 |
|
99 // --------------------------------------------------------------------------- |
|
100 // CDevandTruSrvCertStoreServer::CreateSessionL() |
|
101 // --------------------------------------------------------------------------- |
|
102 // |
|
103 CDevandTruSrvCertStoreSession* CDevandTruSrvCertStoreServer::CreateSessionL() |
|
104 { |
|
105 return CDevandTruSrvCertStoreSession::NewL(*iConduit); |
|
106 } |
|
107 |
|
108 |
|
109 // --------------------------------------------------------------------------- |
|
110 // CDevandTruSrvCertStoreServer::ListPolicy() |
|
111 // --------------------------------------------------------------------------- |
|
112 // |
|
113 const TSecurityPolicy& CDevandTruSrvCertStoreServer::ListPolicy(TCertificateOwnerType aOwnerType) const |
|
114 { |
|
115 switch (aOwnerType) |
|
116 { |
|
117 case EUserCertificate: |
|
118 return KPolicyAlwaysPass; |
|
119 case EPeerCertificate: |
|
120 return KPolicyRequireReadUserData; |
|
121 |
|
122 default: |
|
123 return KPolicyAlwaysFail; |
|
124 } |
|
125 } |
|
126 |
|
127 |
|
128 // --------------------------------------------------------------------------- |
|
129 // CDevandTruSrvCertStoreServer::AddRemovePolicy() |
|
130 // --------------------------------------------------------------------------- |
|
131 // |
|
132 const TSecurityPolicy& CDevandTruSrvCertStoreServer::AddRemovePolicy(TCertificateOwnerType aOwnerType) const |
|
133 { |
|
134 switch (aOwnerType) |
|
135 { |
|
136 case EUserCertificate: |
|
137 case EPeerCertificate: |
|
138 return KPolicyRequireWriteDeviceData; |
|
139 |
|
140 default: |
|
141 return KPolicyAlwaysFail; |
|
142 } |
|
143 } |
|
144 |
|
145 |
|
146 // --------------------------------------------------------------------------- |
|
147 // CDevandTruSrvCertStoreServer::RetrievePolicy() |
|
148 // --------------------------------------------------------------------------- |
|
149 // |
|
150 const TSecurityPolicy& CDevandTruSrvCertStoreServer::RetrievePolicy(TCertificateOwnerType aOwnerType) const |
|
151 { |
|
152 switch (aOwnerType) |
|
153 { |
|
154 case EUserCertificate: |
|
155 case EPeerCertificate: |
|
156 return KPolicyRequireReadUserData; |
|
157 |
|
158 default: |
|
159 return KPolicyAlwaysFail; |
|
160 } |
|
161 } |
|
162 |
|
163 |
|
164 // --------------------------------------------------------------------------- |
|
165 // CDevandTruSrvCertStoreServer::WriteTrustSettingsPolicy() |
|
166 // --------------------------------------------------------------------------- |
|
167 // |
|
168 const TSecurityPolicy& CDevandTruSrvCertStoreServer::WriteTrustSettingsPolicy() const |
|
169 { |
|
170 return KPolicyRequireWriteDeviceData; |
|
171 } |
|
172 |
|
173 |
|
174 // Read-only interface |
|
175 |
|
176 // --------------------------------------------------------------------------- |
|
177 // CDevandTruSrvCertStoreServer::ListL() |
|
178 // --------------------------------------------------------------------------- |
|
179 // |
|
180 void CDevandTruSrvCertStoreServer::ListL(const CCertAttributeFilter& aFilter, |
|
181 RPointerArray<CDevTokenCertInfo>& aCertsOut, |
|
182 const RMessage2& aMessage, TBool aFromTruSiteSrv ) const |
|
183 { |
|
184 |
|
185 // check that if KeyUsage is set, only User certificates are requested |
|
186 if (aFilter.iKeyUsage != EX509UsageAll && |
|
187 (!aFilter.iOwnerTypeIsSet || aFilter.iOwnerType != EUserCertificate)) |
|
188 { |
|
189 User::Leave(KErrArgument); |
|
190 } |
|
191 |
|
192 // API policing |
|
193 if (!aFromTruSiteSrv) |
|
194 { |
|
195 if (!ListPolicy( aFilter.iOwnerType ).CheckPolicy(aMessage)) |
|
196 { |
|
197 User::Leave(KErrPermissionDenied); |
|
198 } |
|
199 } |
|
200 |
|
201 TInt count = iEntryList->Count(); |
|
202 for (TInt index = 0; index < count; index++) |
|
203 { |
|
204 const CDevandTruSrvCertStoreEntry& entry = iEntryList->GetByIndex(index); |
|
205 |
|
206 if (CertEntryMatchesFilter(aFilter, entry)) |
|
207 { |
|
208 User::LeaveIfError(aCertsOut.Append(&entry.CertInfo())); |
|
209 } |
|
210 } |
|
211 } |
|
212 |
|
213 |
|
214 // --------------------------------------------------------------------------- |
|
215 // CDevandTruSrvCertStoreServer::CertEntryMatchesFilter() |
|
216 // --------------------------------------------------------------------------- |
|
217 // |
|
218 TBool CDevandTruSrvCertStoreServer::CertEntryMatchesFilter(const CCertAttributeFilter& aFilter, |
|
219 const CDevandTruSrvCertStoreEntry& aEntry) const |
|
220 { |
|
221 if (aFilter.iUidIsSet && !aEntry.IsApplicable(aFilter.iUid)) |
|
222 { |
|
223 return EFalse; |
|
224 } |
|
225 |
|
226 const CDevTokenCertInfo& certInfo = aEntry.CertInfo(); |
|
227 |
|
228 if (aFilter.iFormatIsSet && aFilter.iFormat != certInfo.CertificateFormat()) |
|
229 { |
|
230 return EFalse; |
|
231 } |
|
232 |
|
233 if (aFilter.iOwnerTypeIsSet && aFilter.iOwnerType != certInfo.CertificateOwnerType()) |
|
234 { |
|
235 return EFalse; |
|
236 } |
|
237 |
|
238 if (aFilter.iSubjectKeyIdIsSet && aFilter.iSubjectKeyId != certInfo.SubjectKeyId()) |
|
239 { |
|
240 return EFalse; |
|
241 } |
|
242 |
|
243 if (aFilter.iLabelIsSet && aFilter.iLabel != certInfo.Label()) |
|
244 { |
|
245 return EFalse; |
|
246 } |
|
247 |
|
248 return ETrue; |
|
249 } |
|
250 |
|
251 |
|
252 // --------------------------------------------------------------------------- |
|
253 // CDevandTruSrvCertStoreServer::GetCertL() |
|
254 // --------------------------------------------------------------------------- |
|
255 // |
|
256 const CDevTokenCertInfo& CDevandTruSrvCertStoreServer::GetCertL(TInt aHandle) const |
|
257 { |
|
258 // Leaves if not found |
|
259 return iEntryList->GetByHandleL(aHandle).CertInfo(); |
|
260 } |
|
261 |
|
262 |
|
263 // --------------------------------------------------------------------------- |
|
264 // CDevandTruSrvCertStoreServer::ApplicationsL() |
|
265 // --------------------------------------------------------------------------- |
|
266 // |
|
267 const RArray<TUid>& CDevandTruSrvCertStoreServer::ApplicationsL(TInt aHandle) const |
|
268 { |
|
269 return iEntryList->GetByHandleL(aHandle).CertificateApps(); |
|
270 } |
|
271 |
|
272 |
|
273 // --------------------------------------------------------------------------- |
|
274 // CDevandTruSrvCertStoreServer::IsApplicableL() |
|
275 // --------------------------------------------------------------------------- |
|
276 // |
|
277 TBool CDevandTruSrvCertStoreServer::IsApplicableL(TInt aHandle, TUid aApplication) const |
|
278 { |
|
279 return iEntryList->GetByHandleL(aHandle).IsApplicable(aApplication); |
|
280 } |
|
281 |
|
282 |
|
283 // --------------------------------------------------------------------------- |
|
284 // CDevandTruSrvCertStoreServer::TrustedL() |
|
285 // --------------------------------------------------------------------------- |
|
286 // |
|
287 TBool CDevandTruSrvCertStoreServer::TrustedL(TInt aHandle) const |
|
288 { |
|
289 return iEntryList->GetByHandleL(aHandle).Trusted(); |
|
290 } |
|
291 |
|
292 |
|
293 // --------------------------------------------------------------------------- |
|
294 // CDevandTruSrvCertStoreServer::RetrieveLC() |
|
295 // --------------------------------------------------------------------------- |
|
296 // |
|
297 HBufC8* CDevandTruSrvCertStoreServer::RetrieveLC(TInt aHandle, const RMessage2& aMessage, TBool aFromTruSiteSrv) const |
|
298 { |
|
299 const CDevandTruSrvCertStoreEntry& entry = iEntryList->GetByHandleL(aHandle); |
|
300 |
|
301 // API policing |
|
302 if ( !aFromTruSiteSrv ) |
|
303 { |
|
304 if (!RetrievePolicy(entry.CertInfo().CertificateOwnerType()).CheckPolicy(aMessage)) |
|
305 { |
|
306 User::Leave( KErrPermissionDenied ); |
|
307 } |
|
308 } |
|
309 |
|
310 TInt size = entry.CertInfo().Size(); |
|
311 HBufC8* buf = HBufC8::NewMaxLC(size); |
|
312 TPtr8 ptr = buf->Des(); |
|
313 ptr.FillZ(); |
|
314 |
|
315 RStoreReadStream stream; |
|
316 stream.OpenLC(*iStore, entry.DataStreamId()); |
|
317 stream.ReadL(ptr, size); |
|
318 CleanupStack::PopAndDestroy(&stream); |
|
319 |
|
320 return buf; |
|
321 } |
|
322 |
|
323 |
|
324 // Writable interface |
|
325 |
|
326 // --------------------------------------------------------------------------- |
|
327 // CDevandTruSrvCertStoreServer::AddL() |
|
328 // --------------------------------------------------------------------------- |
|
329 // |
|
330 void CDevandTruSrvCertStoreServer::AddL(const TDevTokenAddCertDataStruct& aInfo, |
|
331 const TDesC8& aCert, |
|
332 const RMessage2& aMessage, TBool aFromTruSiteSrv ) |
|
333 { |
|
334 // Check if a certificate with this name already exists |
|
335 if (iEntryList->LabelExists(aInfo.iLabel)) |
|
336 { |
|
337 User::Leave(KErrBadName); |
|
338 } |
|
339 |
|
340 // Check subject key id and cert data are supplied, issuer key id is optional |
|
341 if (aInfo.iSubjectKeyId == KNullDesC8 || aCert == KNullDesC8) |
|
342 { |
|
343 User::Leave(KErrArgument); |
|
344 } |
|
345 |
|
346 // Create cert entry (this sanity checks the rest of the arguments) |
|
347 CDevTokenCertInfo* certInfo = CDevTokenCertInfo::NewLC( |
|
348 aInfo.iLabel, |
|
349 aInfo.iFormat, |
|
350 aInfo.iCertificateOwnerType, |
|
351 aCert.Length(), |
|
352 &aInfo.iSubjectKeyId, |
|
353 &aInfo.iIssuerKeyId, |
|
354 iEntryList->NextFreeHandle(), |
|
355 aInfo.iDeletable); |
|
356 |
|
357 // API policing |
|
358 if ( !aFromTruSiteSrv ) |
|
359 { |
|
360 if (!AddRemovePolicy(aInfo.iCertificateOwnerType).CheckPolicy(aMessage)) |
|
361 { |
|
362 User::Leave(KErrPermissionDenied); |
|
363 } |
|
364 } |
|
365 |
|
366 CompactStoreL(); |
|
367 |
|
368 TRAPD(err, DoAddL(*certInfo, aCert)); |
|
369 CleanupStack::PopAndDestroy(certInfo); |
|
370 |
|
371 if (err != KErrNone) |
|
372 { |
|
373 iStore->Revert(); |
|
374 User::Leave(err); |
|
375 } |
|
376 } |
|
377 |
|
378 |
|
379 // --------------------------------------------------------------------------- |
|
380 // CDevandTruSrvCertStoreServer::DoAddL() |
|
381 // --------------------------------------------------------------------------- |
|
382 // |
|
383 void CDevandTruSrvCertStoreServer::DoAddL(const CDevTokenCertInfo& aCertInfo, const TDesC8& aCertData) |
|
384 { |
|
385 TStreamId dataStreamId = WriteCertDataStreamL(aCertData); |
|
386 |
|
387 RArray<TUid> initialApps; |
|
388 CleanupClosePushL(initialApps); |
|
389 |
|
390 CDevandTruSrvCertStoreEntry* entry = CDevandTruSrvCertStoreEntry::NewL( |
|
391 aCertInfo, |
|
392 initialApps, |
|
393 EFalse, |
|
394 dataStreamId); |
|
395 CleanupStack::PopAndDestroy(&initialApps); |
|
396 CleanupStack::PushL(entry); |
|
397 |
|
398 TInt index = iEntryList->AppendL(entry); |
|
399 CleanupStack::Pop(entry); // iEntryList has taken ownership |
|
400 |
|
401 TRAPD(err, UpdateStoreL()); |
|
402 if ( (err == KErrNone) && (aCertInfo.CertificateOwnerType() == EPeerCertificate )) |
|
403 { |
|
404 CX509Certificate* cert = CX509Certificate::NewLC( aCertData ); |
|
405 TBuf8<KSHA1Length> certHash; |
|
406 certHash.Copy(cert->Fingerprint()); |
|
407 |
|
408 |
|
409 const CX500DistinguishedName& dName = cert->SubjectName(); |
|
410 // Retrieve CN |
|
411 HBufC* cn = dName.ExtractFieldL( KX520CommonName ); |
|
412 CleanupStack::PushL(cn); |
|
413 iTrustedSitesServer->AddL( certHash, *cn ); |
|
414 |
|
415 CleanupStack::PopAndDestroy( 2 );//cert, cn |
|
416 } |
|
417 if (err != KErrNone) |
|
418 { |
|
419 iEntryList->Remove(index); |
|
420 delete entry; |
|
421 User::Leave(err); |
|
422 } |
|
423 } |
|
424 |
|
425 |
|
426 // --------------------------------------------------------------------------- |
|
427 // CDevandTruSrvCertStoreServer::WriteCertDataStreamL() |
|
428 // --------------------------------------------------------------------------- |
|
429 // |
|
430 TStreamId CDevandTruSrvCertStoreServer::WriteCertDataStreamL(const TDesC8& aData) |
|
431 { |
|
432 RStoreWriteStream stream; |
|
433 TStreamId streamId = stream.CreateLC(*iStore); |
|
434 stream.WriteL(aData); |
|
435 stream.CommitL(); |
|
436 CleanupStack::PopAndDestroy(&stream); |
|
437 return streamId; |
|
438 } |
|
439 |
|
440 |
|
441 // --------------------------------------------------------------------------- |
|
442 // CDevandTruSrvCertStoreServer::RemoveL() |
|
443 // --------------------------------------------------------------------------- |
|
444 // |
|
445 void CDevandTruSrvCertStoreServer::RemoveL(TInt aHandle, const RMessage2& aMessage, TBool aFromTruSiteSrv) |
|
446 { |
|
447 TInt index = iEntryList->IndexForHandle(aHandle); |
|
448 User::LeaveIfError(index); |
|
449 |
|
450 // API policing |
|
451 const CDevandTruSrvCertStoreEntry& entry = iEntryList->GetByIndex(index); |
|
452 if (!aFromTruSiteSrv) |
|
453 { |
|
454 if (!AddRemovePolicy(entry.CertInfo().CertificateOwnerType()).CheckPolicy(aMessage)) |
|
455 { |
|
456 User::Leave(KErrPermissionDenied); |
|
457 } |
|
458 } |
|
459 |
|
460 CompactStoreL(); |
|
461 |
|
462 CDevandTruSrvCertStoreEntry* oldEntry = iEntryList->Remove(index); |
|
463 TRAPD(err, UpdateStoreL()); |
|
464 if (err == KErrNone) |
|
465 { |
|
466 // If trusted site certificate is removed, the corresponding records |
|
467 // in trusted site store should also be removed to stop trusting. |
|
468 if( oldEntry->CertInfo().CertificateOwnerType() == EPeerCertificate ) |
|
469 { |
|
470 TInt size = oldEntry->CertInfo().Size(); |
|
471 HBufC8* buf = HBufC8::NewMaxLC(size); |
|
472 TPtr8 ptr = buf->Des(); |
|
473 ptr.FillZ(); |
|
474 |
|
475 RStoreReadStream stream; |
|
476 stream.OpenLC(*iStore, oldEntry->DataStreamId()); |
|
477 stream.ReadL(ptr, size); |
|
478 CleanupStack::PopAndDestroy(&stream); |
|
479 |
|
480 |
|
481 CX509Certificate* cert = CX509Certificate::NewLC(*buf); |
|
482 TBuf8<KSHA1Length> certHash; |
|
483 certHash.Copy(cert->Fingerprint()); |
|
484 |
|
485 iTrustedSitesServer->RemoveL( certHash ); |
|
486 |
|
487 CleanupStack::PopAndDestroy( 2 );//buf, cert |
|
488 } |
|
489 delete oldEntry; |
|
490 } |
|
491 else |
|
492 { |
|
493 iStore->Revert(); |
|
494 // This will always succeed because we just did a remove |
|
495 iEntryList->AppendL(oldEntry); |
|
496 } |
|
497 } |
|
498 |
|
499 |
|
500 // --------------------------------------------------------------------------- |
|
501 // CDevandTruSrvCertStoreServer::SetApplicabilityL() |
|
502 // --------------------------------------------------------------------------- |
|
503 // |
|
504 void CDevandTruSrvCertStoreServer::SetApplicabilityL(TInt /*aHandle*/, |
|
505 const RArray<TUid>& /*aApps*/, |
|
506 const RMessage2& aMessage) |
|
507 { |
|
508 // Setting Applicability is meant for CA certificate only. |
|
509 // in DevandTruSrvCertStore, we only store Personal ceritificate(Device Cert ) |
|
510 // and Peer certificate( trust server cert ). |
|
511 |
|
512 aMessage.Complete( KErrNotSupported ); |
|
513 } |
|
514 |
|
515 |
|
516 // --------------------------------------------------------------------------- |
|
517 // CDevandTruSrvCertStoreServer::SetTrustL() |
|
518 // --------------------------------------------------------------------------- |
|
519 // |
|
520 void CDevandTruSrvCertStoreServer::SetTrustL(TInt /*aHandle*/, |
|
521 TBool /*aTrusted*/, |
|
522 const RMessage2& aMessage) |
|
523 { |
|
524 // Setting Trust is meant for CA certificate only. |
|
525 // in DevandTruSrvCertStore, we only store Personal ceritificate(Device Cert ) |
|
526 // and Peer certificate( trust server cert ). |
|
527 |
|
528 aMessage.Complete( KErrNotSupported ); |
|
529 } |
|
530 |
|
531 |
|
532 // --------------------------------------------------------------------------- |
|
533 // CDevandTruSrvCertStoreServer::UpdateStoreL() |
|
534 // --------------------------------------------------------------------------- |
|
535 // |
|
536 void CDevandTruSrvCertStoreServer::UpdateStoreL() |
|
537 { |
|
538 RStoreWriteStream stream; |
|
539 stream.ReplaceLC(*iStore, iStreamId); |
|
540 stream << *iEntryList; |
|
541 stream.CommitL(); |
|
542 CleanupStack::PopAndDestroy(&stream); |
|
543 |
|
544 iStore->CommitL(); |
|
545 } |
|
546 |
|
547 |
|
548 // --------------------------------------------------------------------------- |
|
549 // CDevandTruSrvCertStoreServer::CompactStoreL() |
|
550 // --------------------------------------------------------------------------- |
|
551 // |
|
552 void CDevandTruSrvCertStoreServer::CompactStoreL() |
|
553 { |
|
554 iStore->ReclaimL(); |
|
555 iStore->CompactL(); |
|
556 iStore->CommitL(); |
|
557 } |
|
558 |
|
559 |
|
560 // --------------------------------------------------------------------------- |
|
561 // CDevandTruSrvCertStoreServer::RestoreL() |
|
562 // --------------------------------------------------------------------------- |
|
563 // |
|
564 void CDevandTruSrvCertStoreServer::RestoreL(const TDesC& aFilename) |
|
565 { |
|
566 // Make sure the store is not read-only |
|
567 User::LeaveIfError(iFs.SetAtt(aFilename, KEntryAttNormal, KEntryAttReadOnly)); |
|
568 |
|
569 // Open the store |
|
570 RFile file; |
|
571 User::LeaveIfError(file.Open(iFs, aFilename, EFileRead | EFileWrite)); |
|
572 CleanupClosePushL(file); |
|
573 CPermanentFileStore* store = CPermanentFileStore::FromL(file); |
|
574 CleanupStack::Pop(&file); // now owned by store |
|
575 CleanupStack::PushL(store); |
|
576 |
|
577 // Read id of cert list stream |
|
578 TStreamId caCertEntryStreamId; |
|
579 RStoreReadStream stream; |
|
580 stream.OpenLC(*store, store->Root()); |
|
581 stream >> iStreamId; |
|
582 CleanupStack::PopAndDestroy(&stream); |
|
583 |
|
584 // Read the certificate list |
|
585 RStoreReadStream caCertEntryStream; |
|
586 caCertEntryStream.OpenLC(*store, iStreamId); |
|
587 iEntryList = CDevandTruSrvCertStoreEntryList::NewL(caCertEntryStream); |
|
588 CleanupStack::PopAndDestroy(&caCertEntryStream); |
|
589 |
|
590 assert(!iStore, EPanicCertStoreRestoreState); |
|
591 iStore = store; |
|
592 CleanupStack::Pop(store); |
|
593 } |
|
594 |
|
595 |
|
596 // --------------------------------------------------------------------------- |
|
597 // CDevandTruSrvCertStoreServer::OpenStoreL() |
|
598 // --------------------------------------------------------------------------- |
|
599 // |
|
600 void CDevandTruSrvCertStoreServer::OpenStoreL() |
|
601 { |
|
602 TBuf<KMaxFilenameLength> filename; |
|
603 FileUtils::MakePrivateFilenameL(iFs, KCertStoreFilename, filename); |
|
604 |
|
605 TRAPD(err, RestoreL(filename)); |
|
606 |
|
607 if (err == KErrNoMemory || err == KErrInUse) |
|
608 { |
|
609 User::Leave(err); |
|
610 } |
|
611 |
|
612 if (err != KErrNone) |
|
613 { |
|
614 // Couldn't open RAM based store, copy from ROM |
|
615 |
|
616 FileUtils::EnsurePathL(iFs, filename); |
|
617 |
|
618 TBuf<KMaxFilenameLength> romFilename; |
|
619 FileUtils::MakePrivateROMFilenameL(iFs, KCertStoreFilename, romFilename); |
|
620 |
|
621 if (FileUtils::ExistsL(iFs, romFilename)) |
|
622 { |
|
623 FileUtils::CopyL(iFs, romFilename, filename); |
|
624 } |
|
625 else |
|
626 { |
|
627 CreateStoreFileL(filename); |
|
628 } |
|
629 |
|
630 // Retry open, and leave on failure |
|
631 RestoreL(filename); |
|
632 } |
|
633 |
|
634 assert(iStore, EPanicCertStoreOpenState); |
|
635 } |
|
636 |
|
637 |
|
638 // --------------------------------------------------------------------------- |
|
639 // CDevandTruSrvCertStoreServer::CreateStoreFileL() |
|
640 // --------------------------------------------------------------------------- |
|
641 // |
|
642 void CDevandTruSrvCertStoreServer::CreateStoreFileL(const TDesC& aFile) |
|
643 { |
|
644 TRAPD(err, DoCreateStoreFileL(aFile)); |
|
645 if (err != KErrNone) |
|
646 { |
|
647 // Attempt to delete file, but don't complain if it fails |
|
648 iFs.Delete(aFile); |
|
649 User::Leave(err); |
|
650 } |
|
651 } |
|
652 |
|
653 |
|
654 // --------------------------------------------------------------------------- |
|
655 // CDevandTruSrvCertStoreServer::DoCreateStoreFileL() |
|
656 // --------------------------------------------------------------------------- |
|
657 // |
|
658 void CDevandTruSrvCertStoreServer::DoCreateStoreFileL(const TDesC& aFile) |
|
659 { |
|
660 CPermanentFileStore* fileStore = CPermanentFileStore::ReplaceLC(iFs, aFile, EFileRead | EFileWrite | EFileShareExclusive); |
|
661 fileStore->SetTypeL(KPermanentFileStoreLayoutUid); |
|
662 |
|
663 // Create info stream |
|
664 CDevandTruSrvCertStoreEntryList* emptyCertList = CDevandTruSrvCertStoreEntryList::NewLC(); |
|
665 RStoreWriteStream infoStream; |
|
666 TStreamId streamId = infoStream.CreateLC(*fileStore); |
|
667 infoStream << *emptyCertList; |
|
668 infoStream.CommitL(); |
|
669 CleanupStack::PopAndDestroy(2, emptyCertList); |
|
670 |
|
671 // Create root stream - just contains id of info stream |
|
672 RStoreWriteStream rootStream; |
|
673 TStreamId rootStreamId = rootStream.CreateLC(*fileStore); |
|
674 fileStore->SetRootL(rootStreamId); |
|
675 rootStream << streamId; |
|
676 rootStream.CommitL(); |
|
677 CleanupStack::PopAndDestroy(&rootStream); |
|
678 |
|
679 fileStore->CommitL(); |
|
680 CleanupStack::PopAndDestroy(fileStore); |
|
681 } |
|
682 |
|
683 //EOF |
|
684 |