--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/pkiutilities/ocsp/src/parameters.cpp	Tue Jan 26 15:20:08 2010 +0200
@@ -0,0 +1,306 @@
+// Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+// All rights reserved.
+// This component and the accompanying materials are made available
+// under the terms of "Eclipse Public License v1.0"
+// which accompanies this distribution, and is available
+// at the URL "http://www.eclipse.org/legal/epl-v10.html".
+//
+// Initial Contributors:
+// Nokia Corporation - initial contribution.
+//
+// Contributors:
+//
+// Description:
+//
+
+#include "panic.h"
+#include "log.h"
+#include <ocsp.h>
+#include <x509certchain.h>
+#include <ocsppolicy.h>
+#include "ocsprequestandresponse.h"
+
+EXPORT_C COCSPParameters* COCSPParameters::NewL()
+	{
+	COCSPParameters* self = NewLC();
+	CleanupStack::Pop(self);
+	return self;
+	}
+
+EXPORT_C COCSPParameters* COCSPParameters::NewLC()
+	{
+	COCSPParameters* self = new (ELeave) COCSPParameters();
+	CleanupStack::PushL(self);
+	self->ConstructL();
+	return self;
+	}
+
+COCSPParameters::COCSPParameters() :
+	iUseNonce(ETrue),
+	iUseAIA(ETrue),
+	iGenerateResponseForMissingUri(ETrue),
+	iResponderCertCheck(EFalse), // should be turned off by default
+	iRetryCount(KTransportDefaultRequestRetryCount),
+	iTimeout(KTransportDefaultRequestTimeout),
+	iCheckCertsWithAiaOnly(EFalse) // should be turned off by default
+	{}
+
+void COCSPParameters::ConstructL()
+	{
+	DEBUG_PRINTF(_L8("Reading policy."));
+	iDefaultURI = KNullDesC8().AllocL();
+	
+	COcspPolicy* ocspPolicy = COcspPolicy::NewL();
+	iGenerateResponseForMissingUri = ocspPolicy->IsGenerateResponseForMissingUriEnabled();
+
+	delete ocspPolicy;
+
+	DEBUG_PRINTF2(_L8("Generate response when no AIA URI and no default OCSP URI: %d."), iGenerateResponseForMissingUri);
+	}
+
+COCSPParameters::~COCSPParameters()
+	{
+	iSubjectCerts.Close();
+	iIssuerCerts.Close();
+	delete iDefaultURI;
+	delete iTransport;
+	iAuthSchemes.ResetAndDestroy();
+	delete iValidationTime;
+	delete iMaxStatusAge;
+	delete iTimeLeeway;
+	}
+
+EXPORT_C void COCSPParameters::AddCertificateL(const CX509Certificate& aSubject, const CX509Certificate& aIssuer)
+	{
+	User::LeaveIfError(iSubjectCerts.Append(&aSubject));
+	User::LeaveIfError(iIssuerCerts.Append(&aIssuer));
+	}
+
+EXPORT_C void COCSPParameters::AddCertificatesL(const CX509CertChain& aChain)
+	{
+	TInt numCerts = aChain.Count();
+	if (numCerts >= 2)
+		{
+		// Go through all but last cert (last = root)
+		const CX509Certificate* issuerCert = &aChain.Cert(0);
+		const CX509Certificate* subjectCert = NULL;
+		for (TInt index = 1; index < numCerts; ++index)
+			{
+			subjectCert = issuerCert;
+			issuerCert = &aChain.Cert(index);
+
+			AddCertificateL(*subjectCert, *issuerCert);
+			}
+		}
+	}
+
+EXPORT_C void COCSPParameters::SetUseNonce(TBool aUseNonce)
+	{
+	iUseNonce = aUseNonce;
+	}
+
+EXPORT_C void COCSPParameters::SetURIL(const TDesC8& aURI, TBool aUseAIA)
+	{
+	delete iDefaultURI;
+	iDefaultURI = NULL;
+	iDefaultURI = aURI.AllocL();
+	iUseAIA = aUseAIA;
+	}
+
+EXPORT_C void COCSPParameters::SetTransport(MOCSPTransport* aTransport)
+	{
+	delete iTransport;
+	iTransport = aTransport;
+	}
+
+EXPORT_C void COCSPParameters::SetRetryCount(const TUint aRetryCount)
+	{
+	iRetryCount = aRetryCount;
+	}
+
+EXPORT_C void COCSPParameters::SetTimeout(const TInt aTimeout)
+	{
+	iTimeout = aTimeout;
+	}
+
+EXPORT_C void COCSPParameters::AddAuthorisationSchemeL(MOCSPAuthorisationScheme* aScheme)
+	{
+	__ASSERT_ALWAYS(aScheme, ::Panic(KErrArgument));
+	User::LeaveIfError(iAuthSchemes.Append(aScheme));
+	}
+
+EXPORT_C void COCSPParameters::AddAllAuthorisationSchemesL(const TUid& aCertStoreUid, MCertStore& aCertStore)
+/**
+	This function adds all of the currently supported authorisation schemes
+	to this object.  It is more convenient than having the client to allocate
+	each scheme.
+
+	This function allocates the authorisation schemes defined in RFC2560 S2.2 -
+	direct authorisation, CA delegate, and CA direct.
+
+	@param	aCertStoreUid	UID of trusted root certificates.  E.g.,
+							KCertStoreUIDForSWInstallOCSPSigning.
+	@param	aCertStore		Certificate store which contains the
+							the trust anchors used to validate the
+							response.	
+	@pre No authorisation schemes should have been added to this object before
+		this function is called.
+	@see AddAuthorisationSchemeL
+ */
+	{
+	__ASSERT_DEBUG(iAuthSchemes.Count() == 0, Panic(EAAASAlreadyHaveSchemes));
+
+	COCSPDirectAuthorisationScheme* directScheme =
+		COCSPDirectAuthorisationScheme::NewLC(aCertStoreUid, aCertStore);
+	AddAuthorisationSchemeL(directScheme);
+	CleanupStack::Pop(directScheme);
+
+	COCSPDelegateAuthorisationScheme* caDelgScheme =
+		COCSPDelegateAuthorisationScheme::NewLC(aCertStore);
+	AddAuthorisationSchemeL(caDelgScheme);
+	CleanupStack::Pop(caDelgScheme);
+
+	COCSPCaDirectAuthorisationScheme* caDirectScheme = COCSPCaDirectAuthorisationScheme::NewLC();
+	AddAuthorisationSchemeL(caDirectScheme);
+	CleanupStack::Pop(caDirectScheme);
+	}
+
+EXPORT_C void COCSPParameters::SetValidationTimeL(const TTime& aValidationTime)
+	{
+	delete iValidationTime;
+	iValidationTime = NULL;
+	iValidationTime = new (ELeave) TTime(aValidationTime);
+	}
+
+EXPORT_C void COCSPParameters::SetMaxStatusAgeL(TUint aMaxAge)
+	{
+	delete iMaxStatusAge;
+	iMaxStatusAge = NULL;
+	iMaxStatusAge = new (ELeave) TUint(aMaxAge);
+	}
+
+EXPORT_C void COCSPParameters::SetTimeLeewayL(TUint aLeewaySeconds)
+	{
+	delete iTimeLeeway;
+	iTimeLeeway = NULL;
+	iTimeLeeway = new (ELeave) TUint(aLeewaySeconds);
+	}
+
+EXPORT_C void COCSPParameters::SetCheckCertsWithAiaOnly(const TBool aCheckCertsWithAiaOnly)
+	{
+	iCheckCertsWithAiaOnly = aCheckCertsWithAiaOnly;
+	}
+
+EXPORT_C void COCSPParameters::SetOCSPCheckForResponderCert(const TBool aResponderCertCheck)
+	{
+	iResponderCertCheck = aResponderCertCheck;
+	}
+
+EXPORT_C void COCSPParameters::SetUseAIA(const TBool aUseAIA)
+	{
+	iUseAIA = aUseAIA;
+	}
+
+TUint COCSPParameters::CertCount() const
+	{
+	return iSubjectCerts.Count();
+	}
+
+const CX509Certificate& COCSPParameters::SubjectCert(TUint aIndex) const
+	{
+	return *iSubjectCerts[aIndex];
+	}
+
+const CX509Certificate& COCSPParameters::IssuerCert(TUint aIndex) const
+	{
+	return *iIssuerCerts[aIndex];
+	}
+
+TBool COCSPParameters::UseNonce() const
+	{
+	return iUseNonce;
+	}
+
+const TDesC8& COCSPParameters::DefaultURI() const
+	{
+	return static_cast<TDesC8&>(*iDefaultURI);
+	}
+
+TBool COCSPParameters::UseAIA() const
+	{
+	return iUseAIA;
+	}
+
+MOCSPTransport* COCSPParameters::Transport() const
+	{
+	return iTransport;
+	}
+
+TUint COCSPParameters::AuthSchemeCount() const
+	{
+	return iAuthSchemes.Count();
+	}
+
+MOCSPAuthorisationScheme& COCSPParameters::AuthScheme(TUint aIndex) const
+	{
+	// Modified so when backported to typhoon this stil compiles, required because of the
+	// RArrayPointer operator[] changes,
+	return const_cast<MOCSPAuthorisationScheme&>(*iAuthSchemes[aIndex]);
+	}
+
+const TTime* COCSPParameters::ValidationTime() const
+	{
+	return iValidationTime;
+	}
+
+const TUint* COCSPParameters::MaxStatusAge() const
+	{
+	return iMaxStatusAge;
+	}
+
+const TUint* COCSPParameters::TimeLeeway() const
+	{
+	return iTimeLeeway;
+	}
+
+TBool COCSPParameters::GenerateResponseForMissingUri() const
+	{
+	return iGenerateResponseForMissingUri;
+	}
+
+TUint COCSPParameters::RetryCount() const
+	{
+	return iRetryCount;
+	}
+
+TInt COCSPParameters::Timeout() const
+	{
+	return iTimeout;
+	}
+
+TBool COCSPParameters::ReponderCertCheck() const
+	{
+	return iResponderCertCheck;
+	}
+
+TBool COCSPParameters::CheckCertsWithAiaOnly() const
+	{
+	return iCheckCertsWithAiaOnly;
+	}
+
+#ifdef _DEBUG
+
+void COCSPParameters::Panic(COCSPParameters::TPanic aPanic)
+/**
+	Halt the current thread with the supplied panic code.
+	The thread is halted with category "OCSPParam" and the supplied
+	reason.
+
+	@param	aPanic			Panic reason.
+ */
+	{
+	_LIT(KPanicCat, "OCSPParam");
+	User::Panic(KPanicCat, aPanic);
+	}
+
+#endif	// #ifdef _DEBUG