--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/wim/WimServer/src/WimTrustSettingsStore.cpp Tue Jan 26 15:20:08 2010 +0200
@@ -0,0 +1,1211 @@
+/*
+* Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description: Implements WIM TrustSettingsStore for WIM certificates
+*
+*/
+
+
+
+// INCLUDE FILES
+#include "WimTrustSettingsStore.h"
+#include "WimCertInfo.h"
+#include "WimCertUtil.h"
+#include <x509cert.h>
+#include <x509certext.h>
+#include <hash.h>
+#include "WimTrace.h"
+
+// ============================ MEMBER FUNCTIONS ===============================
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::CWimTrustSettingsStore()
+// Default constructor.
+// -----------------------------------------------------------------------------
+//
+CWimTrustSettingsStore::CWimTrustSettingsStore()
+ : CActive( EPriorityNormal ),
+ iCompact ( EFalse )
+ {
+ CActiveScheduler::Add( this );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::ConstructL()
+// Second phase constructor.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::ConstructL()
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::ConstructL()" ) );
+ // Connect to DB server
+ User::LeaveIfError( iDBSession.Connect() );
+
+ // combine trust settings DB path & name
+
+ HBufC* dbPathBuffer = HBufC::NewLC( KWimTrustSettingsStorePath().Length() +
+ KWimTrustSettingsDBFile().Length() );
+ TPtr wimTrustSettingsDB( dbPathBuffer->Des() );
+ wimTrustSettingsDB = KWimTrustSettingsStorePath;
+ wimTrustSettingsDB.Append( KWimTrustSettingsDBFile );
+
+ // Open database. Note: err used because of create is done if not found
+ TInt err = iDatabase.Open( iDBSession, wimTrustSettingsDB );
+
+ if ( err != KErrNone ) //Database could not open, create new
+ {
+ _WIMTRACE2( _L( "CWimTrustSettingsStore::ConstructL()|DB open error %d" ), err );
+ CreateDBL(); // Create DB
+ User::LeaveIfError( iDatabase.Open( iDBSession, wimTrustSettingsDB ) );
+ }
+
+ iPhase = EIdle;
+ CleanupStack::PopAndDestroy( dbPathBuffer );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::NewL()
+// Two-phased constructor.
+// -----------------------------------------------------------------------------
+//
+CWimTrustSettingsStore* CWimTrustSettingsStore::NewL()
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::NewL()" ) );
+ CWimTrustSettingsStore* self = new( ELeave ) CWimTrustSettingsStore;
+ CleanupStack::PushL( self );
+ self->ConstructL();
+ CleanupStack::Pop( self );
+ return self;
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::~CWimTrustSettingsStore()
+// Destructor. If updates has been done, compact databse.
+// -----------------------------------------------------------------------------
+
+CWimTrustSettingsStore::~CWimTrustSettingsStore()
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::~CWimTrustSettingsStore()" ) );
+ Cancel();
+
+ if ( iCompact ) // Is compact needed
+ {
+ iDatabase.Compact(); //Compact database
+ }
+
+ iDatabase.Close(); // Close database
+ iDBSession.Close(); // Close session to DB server
+
+ if ( iWimCertUtil )
+ {
+ delete iWimCertUtil;
+ }
+
+ delete iEncodedCertBuf;
+ delete iEncodedCertPtr;
+
+ iCertInfos.ResetAndDestroy();
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::CloseD()
+// Closes all open resources and deletes this instance of the TrustSettingsStore
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::CloseD()
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::CloseD()" ) );
+ delete ( this );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::GetTrustSettings()
+// Return trust settings for given certificate.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::GetTrustSettings( const CWimCertInfo& aCert,
+ TBool& aTrusted,
+ RArray<TUid>& aApplications,
+ TRequestStatus& aStatus )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::GetTrustSettings()" ) );
+ TRAPD( err, DoGetTrustSettingsL( aCert, aTrusted, aApplications ) );
+
+ TRequestStatus* status = &aStatus;
+ User::RequestComplete( status, err );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::SetApplicability()
+// Set applicability for certificate.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::SetApplicability( const CWimCertInfo& aCert,
+ const RArray<TUid>& aApplications,
+ TRequestStatus& aStatus )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::SetApplicability()" ) );
+ TRAPD( err, DoSetApplicabilityL( aCert, aApplications ) );
+
+ TRequestStatus* status = &aStatus;
+ User::RequestComplete( status, err );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::SetTrust()
+// Set trust flag for certificate.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::SetTrust( const CWimCertInfo& aCert,
+ TBool aTrusted,
+ TRequestStatus& aStatus )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::SetTrust()" ) );
+ TRAPD( err, DoSetTrustL( aCert, aTrusted ) );
+
+ TRequestStatus* status = &aStatus;
+ User::RequestComplete( status, err );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::SetDefaultTrustSettings()
+// Set default trust settings for certificate.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::SetDefaultTrustSettings( const CWimCertInfo& aCert,
+ TBool aAddApps,
+ TRequestStatus& aStatus )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::SetDefaultTrustSettings()" ) );
+
+ iWimCert = &aCert;
+ iAddApps = aAddApps;
+ iOriginalRequestStatus = &aStatus;
+
+ iCert = aCert.CctCert();
+
+ //Certificate owner type
+ TCertificateOwnerType ownerType;
+ ownerType = iCert->CertificateOwnerType();
+
+ //Certificate format
+ TCertificateFormat certFormat;
+ certFormat = iCert->CertificateFormat();
+
+ // If CA/X509 certificate locates in trusted certs area
+ // check if certificate extensions must be fetched
+ if ( ownerType == ECACertificate &&
+ certFormat == EX509Certificate &&
+ iWimCert->CDFRefs() == EWimTrustedCertsCDF )
+ {
+ // Check if Java Midlet OID is present
+ RArray<HBufC*> arr = iWimCert->TrustedUsage();
+ TInt oidCount = arr.Count();
+ TInt i = 0;
+
+ for ( ; i < oidCount; i++ )
+ {
+ if ( !arr[i]->Compare( KIpKpJavaMidlet ) )
+ {
+ i = oidCount + 1;
+ }
+ }
+ // If OID is not present, extensions must be fetched
+ if ( i == oidCount )
+ {
+ // Fetch extensions only for CA X509 certificates
+ iPhase = ERetrieve;
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete( status, KErrNone );
+ SetActive();
+ }
+ else
+ {
+ TRAPD( err, DoSetDefaultTrustSettingsL( aCert, aAddApps ) );
+ TRequestStatus* status = &aStatus;
+ User::RequestComplete( status, err );
+ }
+ }
+ else
+ {
+ TRAPD( err, DoSetDefaultTrustSettingsL( aCert, aAddApps ) );
+ TRequestStatus* status = &aStatus;
+ User::RequestComplete( status, err );
+ }
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::RemoveTrustSettings()
+// Remove trust settings of given certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::RemoveTrustSettings( const CWimCertInfo& aCert,
+ TRequestStatus& aStatus )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::RemoveTrustSettings()" ) );
+ TRAPD( err, DoRemoveTrustSettingsL( aCert ) );
+ iCompact = ETrue;
+
+ TRequestStatus* status = &aStatus;
+ User::RequestComplete( status, err );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::DoGetTrustSettingsL ()
+// Get trust settings for given certificate.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::DoGetTrustSettingsL( const CWimCertInfo& aCert,
+ TBool& aTrusted,
+ RArray<TUid>& aApplications )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::DoGetTrustSettingsL()" ) );
+ TInt certID;
+ GetCertificateIDL( aCert, certID ); // Get certificate ID
+
+ if ( certID == KErrNotFound ) //Not found settings
+ {
+ User::Leave( KErrNotFound );
+ }
+ GetTrustedL( certID, aTrusted ); //Get trusted flag
+ GetApplicationsL( certID, aApplications ); //Get applications
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::DoSetApplicabilityL()
+// Set applicability for certificate.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::DoSetApplicabilityL( const CWimCertInfo& aCert,
+ const RArray<TUid>& aApplications )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::DoSetApplicabilityL()" ) );
+ TInt certID;
+ GetCertificateIDL( aCert, certID ); // Get certificate ID
+
+ iDatabase.Begin(); // Begin transaction
+
+ TRAPD( err,
+ if ( certID == KErrNotFound ) //Certificate not found -> Insert new one
+ {
+ InsertCertificateL( aCert, EFalse ); //Insert + set flag (EFalse)
+ GetCertificateIDL( aCert, certID ); //Now get certificate ID
+ }
+ else // Certificate found
+ {
+ RemoveApplicationsL( certID ); //Remove old ones before inserting
+ }
+ InsertApplicationsL( certID, aApplications ); // Insert new apps
+ ); //TRAPD
+
+ if ( err != KErrNone ) //Some error occured
+ {
+ iDatabase.Rollback(); //Do rollback = restore changes
+ User::Leave ( err );
+ }
+ else // No errors -> commit changes
+ {
+ iDatabase.Commit(); // Commit changes
+ }
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::DoSetTrustL()
+// Set trust flag for certificate.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::DoSetTrustL( const CWimCertInfo& aCert,
+ TBool aTrusted )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::DoSetTrustL()" ) );
+ TInt certID;
+ GetCertificateIDL( aCert, certID ); // Get certificate ID
+
+ if ( certID == KErrNotFound ) // Certificate not found -> Insert new
+ {
+ InsertCertificateL( aCert, aTrusted ); // Insert + set flag
+ }
+ else // Certificate found
+ {
+ SetTrustedL( certID, aTrusted ); // Set trusted flag
+ }
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::DoSetDefaultTrustSettingsL()
+// Set default trust settings for certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::DoSetDefaultTrustSettingsL(
+ const CWimCertInfo& aCert,
+ TBool aAddApps )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::DoSetDefaultTrustSettingsL()" ) );
+ TInt certID;
+ GetCertificateIDL( aCert, certID ); // Get certificate ID
+
+ iDatabase.Begin(); // Begin transaction
+
+ TRAPD( err,
+ if ( certID == KErrNotFound ) // Certificate not found -> Insert new one
+ {
+ InsertCertificateL( aCert, KDefaultTrustFlag ); // Set default
+ GetCertificateIDL( aCert, certID );
+ }
+ else // Certificate allready exists, set default trusted flag
+ {
+ SetTrustedL( certID, KDefaultTrustFlag );
+ }
+ //
+ // Applications
+ //
+ if ( aAddApps ) // Default applications required
+ {
+ RArray<TUid> applications;
+ CleanupClosePushL( applications );
+
+ DefaultApplicationsL( aCert, applications );
+ RemoveApplicationsL( certID ); // Remove previous applications
+ if ( applications.Count() > 0 ) // There is apps to insert
+ {
+ InsertApplicationsL( certID, applications );
+ }
+
+ CleanupStack::PopAndDestroy( &applications );
+ }
+ );
+
+ if ( err != KErrNone ) // Some error occured
+ {
+ iDatabase.Rollback(); // Do rollback = restore changes
+ User::Leave( err );
+ }
+ else // No errors
+ {
+ iDatabase.Commit(); // Commit changes
+ }
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::DoRemoveTrustSettingsL()
+// Remove trust settings of given certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::DoRemoveTrustSettingsL( const CWimCertInfo& aCert )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::DoRemoveTrustSettingsL()" ) );
+ TInt certID;
+ GetCertificateIDL( aCert, certID ); // Get certificate ID
+
+ if ( certID == KErrNotFound ) // Not found
+ {
+ User::Leave( KErrNotFound );
+ }
+
+ iDatabase.Begin(); // Begin transaction
+
+ TRAPD( err,
+ RemoveApplicationsL( certID ); // Remove applications
+ RemoveCertificateL( certID ); // Remove certificate
+ );
+
+ if ( err ) // Some error occurred
+ {
+ iDatabase.Rollback(); // Rollback changes
+ User::Leave ( err );
+ }
+ else
+ {
+ iDatabase.Commit(); // Commit changes
+ }
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::GetCertificateIDL()
+// Get database ID for given certificate. Return KErrNotFound, if not found
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::GetCertificateIDL( const CWimCertInfo& aCert,
+ TInt& aCertificateID )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::GetCertificateIDL()" ) );
+ _LIT( KSQLQuery, "SELECT CertificateID,\
+ CertHash,\
+ TokenSerial,\
+ LabelHash,\
+ IsTrusted\
+ FROM Certificates" );
+
+ TBuf8<KSHA1HashLengthBytes> hash;
+ aCert.GetCertHash( hash );
+
+ HBufC8* buf8 = HBufC8::NewLC( aCert.CctCert()->Label().Length() );
+ TPtr8* ptr8 = new( ELeave ) TPtr8( buf8->Des() );
+ CleanupStack::PushL( ptr8 );
+
+ ptr8->Copy( aCert.CctCert()->Label() );
+
+ HBufC8* labelHash = GetHashL( *ptr8 );
+ CleanupStack::PushL( labelHash );
+
+ RDbView view;
+ User::LeaveIfError( view.Prepare( iDatabase, TDbQuery( KSQLQuery ) ) );
+ CleanupClosePushL( view );
+
+ TInt i = 0;
+ while ( i == 0 && view.NextL() ) // Should find only one ID
+ {
+ view.GetL();
+ // Compare given hash, token serial number, cert label hash
+ if ( !view.ColDes8( 2 ).Compare( hash ) &&
+ !view.ColDes( 3 ).Compare( aCert.CctCert()->
+ Token().Information( MCTToken::ESerialNo ) ) &&
+ !view.ColDes8( 4 ).Compare( *labelHash ) )
+ {
+ aCertificateID = view.ColUint32( 1 );
+ i++;
+ }
+ }
+
+ if ( i == 0 ) // Not found any matching rows
+ {
+ aCertificateID = KErrNotFound;
+ }
+
+ CleanupStack::PopAndDestroy( 4, buf8 ); // view, labelHash, ptr8, buf8
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::InsertCertificateL()
+// Insert certificate into the Certificates table
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::InsertCertificateL( const CWimCertInfo& aCert,
+ TBool aTrusted )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::InsertCertificateL()" ) );
+ TBuf8<KSHA1HashLengthBytes> hash;
+ aCert.GetCertHash( hash );
+
+ HBufC8* buf8 = HBufC8::NewLC( aCert.CctCert()->Label().Length() );
+ TPtr8* ptr8 = new(ELeave) TPtr8( buf8->Des() );
+ CleanupStack::PushL( ptr8 );
+
+ ptr8->Copy( aCert.CctCert()->Label() );
+
+ HBufC8* labelHash = GetHashL( *ptr8 );
+ CleanupStack::PushL( labelHash );
+
+ RDbView view;
+
+ _LIT( KSQLInsertCert, "SELECT CertHash,\
+ TokenSerial,\
+ LabelHash,\
+ IsTrusted\
+ FROM Certificates" );
+
+ User::LeaveIfError( view.Prepare( iDatabase, TDbQuery( KSQLInsertCert ),
+ TDbWindow::EUnlimited, RDbView::EInsertOnly ) );
+
+ CleanupClosePushL( view );
+
+ view.InsertL();
+ view.SetColL( 1, hash );
+ view.SetColL( 2, aCert.CctCert()->
+ Token().Information( MCTToken::ESerialNo ) );
+ view.SetColL( 3, *labelHash );
+ view.SetColL( 4, aTrusted );
+ view.PutL();
+
+ CleanupStack::PopAndDestroy( 4, buf8 ); // view, labelHash, ptr8, buf8
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::GetHash()
+// Return hash of 8 bit string
+// -----------------------------------------------------------------------------
+//
+HBufC8* CWimTrustSettingsStore::GetHashL( TDesC8& aString )
+ {
+ CSHA1* sha = CSHA1::NewL();
+ CleanupStack::PushL( sha );
+ TPtrC8 shaFingerPrint = sha->Hash( aString );
+ HBufC8* fingerPrint = HBufC8::NewL( shaFingerPrint.Length() ); //make a copy
+ TPtr8 fingerPrintDes = fingerPrint->Des();
+ fingerPrintDes.Copy( shaFingerPrint );
+ CleanupStack::PopAndDestroy( sha );
+ return fingerPrint;
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::GetTrustedL()
+// Get trusted flag of given certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::GetTrustedL( TInt aCertificateID,
+ TBool& aTrusted )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::GetTrustedL()" ) );
+ _LIT( KSQLQuery,
+ "SELECT IsTrusted FROM Certificates WHERE CertificateID = " );
+
+ TBuf<KMaxSQLLength> SQLStatement;
+ SQLStatement.Copy( KSQLQuery );
+
+ SQLStatement.AppendNum( aCertificateID );
+ TPtrC sqlStat( SQLStatement.PtrZ() );
+
+ RDbView view;
+ User::LeaveIfError( view.Prepare( iDatabase, TDbQuery( sqlStat ) ) );
+ CleanupClosePushL( view );
+
+ while ( view.NextL() ) // Should find only one certificate
+ {
+ view.GetL();
+ aTrusted = ( TBool )view.ColUint( 1 );
+ }
+
+ CleanupStack::PopAndDestroy( &view );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::SetTrustedL()
+// Set trusted flag for given certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::SetTrustedL( TInt aCertificateID,
+ TBool aTrusted )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::SetTrustedL()" ) );
+ _LIT( KSQLUpdate1, "UPDATE Certificates SET IsTrusted = " );
+ _LIT( KSQLUpdate2, " WHERE CertificateID = " );
+ TBuf<KMaxSQLLength> SQLStatement;
+ SQLStatement.Copy( KSQLUpdate1 );
+ SQLStatement.AppendNum( aTrusted );
+ SQLStatement.Append( KSQLUpdate2 );
+ SQLStatement.AppendNum( aCertificateID );
+
+ TPtrC sqlStat( SQLStatement.PtrZ() );
+
+ User::LeaveIfError( iDatabase.Execute( sqlStat ) );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::RemoveCertificateL()
+// Delete certificate from Certificates table
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::RemoveCertificateL( TInt aCertificateID )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::RemoveCertificateL()" ) );
+ _LIT( KSQLDelete, "DELETE FROM Certificates WHERE CertificateID = " );
+
+ TBuf<60> SQLStatement;
+ SQLStatement.Copy( KSQLDelete );
+ SQLStatement.AppendNum( aCertificateID );
+ TPtrC sqlStat( SQLStatement.PtrZ() );
+ User::LeaveIfError( iDatabase.Execute( sqlStat ) );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::RemoveApplicationsL()
+// Delete all applications of given certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::RemoveApplicationsL( TInt aCertificateID )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::RemoveApplicationsL()" ) );
+ _LIT( KSQLDelete,
+ "DELETE FROM CertificateApplications WHERE CertificateID = " );
+
+ TBuf<KMaxSQLLength> SQLStatement;
+ SQLStatement.Copy( KSQLDelete );
+ SQLStatement.AppendNum( aCertificateID );
+ TPtrC sqlStat( SQLStatement.PtrZ() );
+ User::LeaveIfError( iDatabase.Execute( sqlStat ) );
+ iCompact = ETrue;
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::GetApplicationsL()
+// Get applications of given certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::GetApplicationsL( TInt aCertificateID,
+ RArray<TUid>& aApplications )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::GetApplicationsL()" ) );
+ _LIT( KSQLQuery, "SELECT AppUid FROM CertificateApplications " );
+ _LIT( KSQLQuery2, "WHERE CertificateID = " );
+
+ TBuf<KMaxSQLLength> SQLStatement;
+ SQLStatement.Copy( KSQLQuery );
+ SQLStatement.Append( KSQLQuery2 );
+ SQLStatement.AppendNum( aCertificateID );
+ TPtrC sqlStat( SQLStatement.PtrZ() );
+
+ RDbView view;
+ User::LeaveIfError( view.Prepare( iDatabase, TDbQuery( sqlStat ) ) );
+ CleanupClosePushL( view );
+
+ TUid uid;
+ while ( view.NextL() )
+ {
+ view.GetL();
+ uid.iUid = view.ColInt32( 1 );
+ aApplications.AppendL( uid );
+ }
+
+ CleanupStack::PopAndDestroy( &view );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::InsertApplicationsL()
+// Insert applications to certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::InsertApplicationsL( TInt aCertificateID,
+ const RArray<TUid>& aApplications )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::InsertApplicationsL()" ) );
+ RDbView view;
+
+ // Insert applications
+ _LIT( KSQLInsert, "SELECT CertificateID, AppUid FROM\
+ CertificateApplications" );
+
+ User::LeaveIfError( view.Prepare( iDatabase, TDbQuery( KSQLInsert ),
+ TDbWindow::EUnlimited, RDbView::EInsertOnly ) );
+ CleanupClosePushL( view );
+
+ // Loop application list and insert each to database
+ for ( TInt i = 0; i < aApplications.Count(); i++ )
+ {
+ view.InsertL();
+ view.SetColL( 1, aCertificateID ); // CertificateID
+ view.SetColL( 2, aApplications[i].iUid ); // AppUid
+ view.PutL();
+ }
+
+ CleanupStack::PopAndDestroy( &view );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::DefaultApplicationsL()
+//
+// Decide default applications for certificate regarding certain rules
+// Format
+// EX509Certificate = 0x00,
+// EWTLSCertificate = 0x01,
+// EX968Certificate = 0x02,
+// EUnknownCertificate = 0x0f,
+// EX509CertificateUrl = 0x10,
+// EWTLSCertificateUrl = 0x11,
+// EX968CertificateUrl = 0x12
+//
+// Trusting applications
+// KTrustUidWapBearer
+// KTrustUidAppController
+// KTrustUidInternet
+// KTrustUidJavaMidlet
+//
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::DefaultApplicationsL( const CWimCertInfo& aCert,
+ RArray<TUid>& aApplications )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::DefaultApplicationsL()" ) );
+ const CCTCertInfo* cctCert = aCert.CctCert();
+
+ //Certificate owner type
+ TCertificateOwnerType ownerType;
+ ownerType = cctCert->CertificateOwnerType();
+
+ //Certificate format
+ TCertificateFormat certFormat;
+ certFormat = cctCert->CertificateFormat();
+ TInt32 appUid;
+
+ // Applications only for CA certificates
+ switch ( ownerType )
+ {
+ case ECACertificate:
+ {
+ // Applications by certificate format
+ switch ( certFormat )
+ {
+ case EX509Certificate: // For Url not the same handling
+ {
+ DefaultAppsByOIDsL( aCert, aApplications );
+ break;
+ }
+ case EWTLSCertificate: //All WTLSs has same apps, flow through!
+ case EWTLSCertificateUrl:
+ {
+ appUid = KTrustUidWapBearer; //WAP
+ TUid uid = {appUid};
+ User::LeaveIfError( aApplications.Append( uid ) );
+ break;
+ }
+ default:
+ {
+ break;
+ }
+ }
+ break;
+ }
+ case EUserCertificate: // User certificate: no defaults
+ {
+ break;
+ }
+ case EPeerCertificate: // Peer certificate: no defaults
+ {
+ break;
+ }
+ default:
+ {
+ break;
+ }
+ }
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::DefaultAppsByOIDsL()
+// Get Default AppUid(s) from database regarding the OIDs from certificate
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::DefaultAppsByOIDsL( const CWimCertInfo& aCert,
+ RArray<TUid>& aApplications )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::DefaultAppsByOIDsL()" ) );
+ // Get trusted usage OID(s) of certificate
+ RArray<HBufC*> certTrustedUsage = aCert.TrustedUsage();
+ // Get extended key usage OID(s) of certificate
+ RArray<HBufC*> certExtendedKeyUsage = aCert.ExtendedKeyUsage();
+ // Get certificate location
+ TUint8 certLocation = aCert.CDFRefs();
+
+ TInt certTrustedCount;
+ TInt certExtendedUsageCount;
+
+ certTrustedCount = certTrustedUsage.Count();
+ certExtendedUsageCount = certExtendedKeyUsage.Count();
+
+ // Select all rows of table
+ _LIT( KSQLQuery1,
+ "SELECT TrustedUsage, ExtendedKeyUsage, Location, AppUid " );
+ _LIT( KSQLQuery2, "FROM CertificateDefaultApps " );
+ TBuf<KMaxSQLLength> SQLStatement;
+ SQLStatement.Copy( KSQLQuery1 );
+ SQLStatement.Append( KSQLQuery2 );
+
+ TPtrC sqlStat( SQLStatement.PtrZ() );
+ RDbView view;
+ User::LeaveIfError( view.Prepare( iDatabase, TDbQuery( sqlStat ) ) );
+ CleanupClosePushL( view );
+
+ TInt32 appUid = 0;
+ TUid uid;
+ TBool found = EFalse;
+ TBool canContinue = EFalse;
+ TPtrC defaultTrustedUsage;
+ TPtrC defaultExtendedKeyUsage;
+ TInt defaultLocation;
+
+ // Check first if certificate's trusted usage field matches
+ // After that check extended key usage
+ while ( view.NextL() )
+ {
+ view.GetL();
+
+ defaultTrustedUsage.Set( view.ColDes( 1 ) );
+ defaultExtendedKeyUsage.Set( view.ColDes( 2 ) );
+ defaultLocation = view.ColInt( 3 ); // Not used yet
+
+ if ( certTrustedCount == 0 ) // No trusted usages in the cert
+ {
+ if ( defaultTrustedUsage.Length() == 0 ) // Either in defaults
+ {
+ canContinue = ETrue;
+ }
+ }
+ else
+ {
+ for ( TInt i = 0; i < certTrustedCount; i++ )
+ {
+ if ( !defaultTrustedUsage.
+ Compare( certTrustedUsage[i]->Des() ) )
+ {
+ canContinue = ETrue;
+ }
+ }
+ }
+
+ if ( canContinue )
+ {
+ canContinue = EFalse;
+
+ if ( certExtendedUsageCount == 0 ) // No ext.key usages in the cert
+ {
+ if ( defaultExtendedKeyUsage.Length() == 0 ) // Either in defs
+ {
+ canContinue = ETrue;
+ }
+ }
+ else
+ {
+ for ( TInt i = 0; i < certExtendedUsageCount; i++ )
+ {
+ if ( !defaultExtendedKeyUsage.
+ Compare( certExtendedKeyUsage[i]->Des() ) )
+ {
+ canContinue = ETrue;
+ }
+ }
+ }
+ }
+
+ if ( canContinue )
+ {
+ if ( defaultLocation == EWimUnknownCDF ) // No default location
+ {
+ appUid = view.ColInt32( 4 );
+ }
+ else
+ {
+ if ( defaultLocation == certLocation )
+ {
+ appUid = view.ColInt32( 4 );
+ }
+ }
+ }
+
+ if ( appUid > 0 ) // Application found -> append it
+ {
+ //Check if app UID allready exists in array
+ for ( TInt i = 0; !found && i < aApplications.Count(); i++ )
+ {
+ if ( aApplications[i].iUid == appUid )
+ {
+ found = ETrue;
+ }
+ }
+ if ( !found ) // AppUid not added to array yet
+ {
+ uid.iUid = appUid;
+ aApplications.AppendL( uid );
+ }
+ found = EFalse;
+ }
+ appUid = 0;
+ canContinue = EFalse;
+ }
+
+ CleanupStack::PopAndDestroy( &view );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::CreateDBL()
+// Create database for trust settings
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::CreateDBL() const
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::CreateDBL()" ) );
+ RFs fsSession;
+ User::LeaveIfError( fsSession.Connect() );
+ CleanupClosePushL( fsSession );
+
+ RDbNamedDatabase database;
+
+ // combine trust settings DB path & name
+
+ TInt pathError = fsSession.MkDirAll( KWimTrustSettingsStorePath );
+ if (( pathError != KErrNone ) && ( pathError != KErrAlreadyExists ))
+ {
+ User::Leave( pathError ); // Dir does not exist and can't be created
+ }
+ HBufC* dbPathBuffer = HBufC::NewLC( KWimTrustSettingsStorePath().Length() +
+ KWimTrustSettingsDBFile().Length() );
+ TPtr wimTrustSettingsDB( dbPathBuffer->Des() );
+ wimTrustSettingsDB = KWimTrustSettingsStorePath;
+ wimTrustSettingsDB.Append( KWimTrustSettingsDBFile );
+
+ User::LeaveIfError( database.Replace( fsSession, wimTrustSettingsDB ) );
+ CleanupClosePushL( database );
+
+ // Create tables
+
+ // Certificates
+ _LIT( KSQLCreateTable1, "CREATE TABLE Certificates (\
+ CertificateID COUNTER NOT NULL,\
+ CertHash CHAR(20) NOT NULL,\
+ TokenSerial CHAR(20) NOT NULL,\
+ LabelHash CHAR(20) NOT NULL,\
+ IsTrusted BIT NOT NULL)" );
+ // CertificateApplications
+ _LIT( KSQLCreateTable2, "CREATE TABLE CertificateApplications (\
+ CertificateID INTEGER NOT NULL,\
+ AppUid INTEGER NOT NULL )" );
+ // CertificateDefaultApps
+ _LIT( KSQLCreateTable3, "CREATE TABLE CertificateDefaultApps (\
+ TrustedUsage VARCHAR(200),\
+ ExtendedKeyUsage VARCHAR(200),\
+ Location INTEGER NOT NULL,\
+ AppUid INTEGER NOT NULL )" );
+
+ User::LeaveIfError( database.Execute( KSQLCreateTable1 ) );
+ User::LeaveIfError( database.Execute( KSQLCreateTable2 ) );
+ User::LeaveIfError( database.Execute( KSQLCreateTable3 ) );
+
+ // Create unique index for CertHash
+ _LIT( KSQLTableIndex, "CREATE UNIQUE INDEX hash_index ON\
+ Certificates (CertHash, TokenSerial, LabelHash)" );
+ User::LeaveIfError( database.Execute( KSQLTableIndex ) );
+
+ CleanupStack::PopAndDestroy( 3, &fsSession ); // database, dbPathBuffer, fsSession
+
+ InsertDefaultAppRulesL();
+
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::CreateDBL()|End" ) );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::InsertDefaultAppRulesL()
+// Insert default application UID selection rules to the database
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::InsertDefaultAppRulesL() const
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::InsertDefaultAppRulesL()" ) );
+ RDbView view;
+
+ RFs fsSession;
+ User::LeaveIfError( fsSession.Connect() );
+ CleanupClosePushL( fsSession );
+
+ RDbNamedDatabase database;
+
+ // combine trust settings DB path & name
+ HBufC* dbPathBuffer = HBufC::NewLC( KWimTrustSettingsStorePath().Length() +
+ KWimTrustSettingsDBFile().Length() );
+ TPtr wimTrustSettingsDB( dbPathBuffer->Des() );
+ wimTrustSettingsDB = KWimTrustSettingsStorePath;
+ wimTrustSettingsDB.Append( KWimTrustSettingsDBFile );
+
+ User::LeaveIfError( database.Open( fsSession, wimTrustSettingsDB ) );
+ CleanupClosePushL( database );
+
+ _LIT( KSQLInsertRules, "SELECT TrustedUsage, ExtendedKeyUsage,\
+ Location, AppUid FROM CertificateDefaultApps" );
+
+ User::LeaveIfError( view.Prepare( database, TDbQuery( KSQLInsertRules ),
+ TDbWindow::EUnlimited, RDbView::EInsertOnly ) );
+
+ CleanupClosePushL( view );
+
+ view.InsertL();
+ view.SetColL( 1, _L("") ); // TrustedUsage OID
+ view.SetColL( 2, _L("") ); // ExtendedUsage OID
+ view.SetColL( 3, TInt( EWimUnknownCDF ) ); // Location
+ view.SetColL( 4, KTrustUidInternet ); // Application Uid
+ view.PutL();
+
+ view.InsertL();
+ view.SetColL( 1, KIpKpServerAuth ); // TrustedUsage OID
+ view.SetColL( 2, KIpKpServerAuth ); // ExtendedUsage OID
+ view.SetColL( 3, TInt( EWimUnknownCDF ) ); // Location
+ view.SetColL( 4, KTrustUidInternet ); // Application Uid
+ view.PutL();
+
+ view.InsertL();
+ view.SetColL( 1, _L("") ); // TrustedUsage OID
+ view.SetColL( 2, KIpKpServerAuth ); // ExtendedUsage OID
+ view.SetColL( 3, TInt( EWimUnknownCDF ) ); // Application Uid
+ view.SetColL( 4, KTrustUidInternet ); // Application Uid
+ view.PutL();
+
+ view.InsertL();
+ view.SetColL( 1, KIpKpServerAuth ); // TrustedUsage OID
+ view.SetColL( 2, _L("") ); // ExtendedUsage OID
+ view.SetColL( 3, TInt( EWimUnknownCDF ) ); // Location
+ view.SetColL( 4, KTrustUidInternet ); // Application Uid
+ view.PutL();
+
+ view.InsertL();
+ view.SetColL( 1, KIpKpJavaMidlet ); // TrustedUsage OID
+ view.SetColL( 2, _L("") ); // ExtendedUsage OID
+ view.SetColL( 3, TInt( EWimTrustedCertsCDF ) ); // Location
+ view.SetColL( 4, KTrustUidJavaMidlet ); // Application Uid
+ view.PutL();
+
+ view.InsertL();
+ view.SetColL( 1, _L("") ); // TrustedUsage OID
+ view.SetColL( 2, KWimCodeSigningOID ); // ExtendedUsage OID
+ view.SetColL( 3, TInt( EWimTrustedCertsCDF ) ); // Location
+ view.SetColL( 4, KTrustUidJavaMidlet ); // Application Uid
+ view.PutL();
+
+ CleanupStack::PopAndDestroy( 4, &fsSession ); // view, database, dbPathBuffer, fsSession
+ }
+
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::RunL()
+// Not used.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::RunL()
+ {
+
+ switch ( iPhase )
+ {
+ case ERetrieve:
+ {
+ iPhase = ECheckRestore;
+
+ if ( !iWimCertUtil )
+ {
+ iWimCertUtil = CWimCertUtil::NewL( iCert->Token() );
+ iCertInfos.ResetAndDestroy();
+ iWimCertUtil->Restore( iCertInfos, iStatus );
+ }
+ else
+ {
+ TRequestStatus* status = &iStatus;
+ User::RequestComplete( status, KErrNone );
+ }
+ SetActive();
+ break;
+ }
+ case ECheckRestore:
+ {
+ if ( iStatus.Int() == KErrNone )
+ {
+ // Allocate space for certificate data
+ delete iEncodedCertBuf;
+ iEncodedCertBuf = 0;
+ delete iEncodedCertPtr;
+ iEncodedCertPtr = 0;
+ iEncodedCertBuf = HBufC8::NewL( iCert->Size() );
+ iEncodedCertPtr = new( ELeave ) TPtr8( iEncodedCertBuf->Des() );
+ iPhase = ECheckRetrieve;
+
+ iWimCertUtil->RetrieveCertByIndexL( iCert->Handle().iObjectId,
+ *iEncodedCertPtr,
+ iStatus );
+ SetActive();
+ }
+ else
+ {
+ iPhase = EIdle;
+ User::RequestComplete( iOriginalRequestStatus, iStatus.Int() );
+ }
+ break;
+ }
+ case ECheckRetrieve:
+ {
+ if ( iStatus.Int() == KErrNone )
+ {
+ ExtractExtensionL();
+ DoSetDefaultTrustSettingsL( *iWimCert, iAddApps );
+ User::RequestComplete( iOriginalRequestStatus, iStatus.Int() );
+ }
+ else
+ {
+ iPhase = EIdle;
+ User::RequestComplete( iOriginalRequestStatus, iStatus.Int() );
+ }
+ break;
+ }
+ default:
+ {
+ // Here we should not be
+ User::RequestComplete( iOriginalRequestStatus, KErrCorrupt );
+ break;
+ }
+ }
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::ExtractExtensionL()
+// If the certificate extension contains extended key usage and certificate
+// locates in the trusted certificates area, add OID to extended key usages
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::ExtractExtensionL()
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::ExtractExtensionL()" ) );
+ CX509Certificate* cert = CX509Certificate::NewLC( *iEncodedCertPtr );
+
+ const CX509CertExtension* ext = cert->Extension( KExtendedKeyUsage );
+
+ if ( ext )
+ {
+ TInt dummy = 0;
+ CX509ExtendedKeyUsageExt* extendedKeyUsage =
+ CX509ExtendedKeyUsageExt::NewL( ext->Data(), dummy );
+ CleanupStack::PushL( extendedKeyUsage );
+ const CArrayPtrFlat<HBufC>& usages = extendedKeyUsage->KeyUsages();
+
+ TInt count = usages.Count();
+ for ( TInt i = 0; i < count; i++ )
+ {
+ HBufC* buf = usages[i]->AllocLC();
+ CWimCertInfo* tmp = const_cast<CWimCertInfo*>( iWimCert );
+ User::LeaveIfError( tmp->AddExtendedKeyUsage( buf ) );
+ CleanupStack::Pop( buf ); // Take the ownership
+ }
+
+ CleanupStack::PopAndDestroy( extendedKeyUsage );
+ }
+
+ CleanupStack::PopAndDestroy( cert );
+ }
+
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::CancelDoing()
+// Not used.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::CancelDoing()
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::Cancel()" ) );
+ Cancel();
+ }
+// -----------------------------------------------------------------------------
+// CWimTrustSettingsStore::DoCancel()
+// Not used.
+// -----------------------------------------------------------------------------
+//
+void CWimTrustSettingsStore::DoCancel()
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::DoCancel()" ) );
+ iPhase = EIdle;
+ User::RequestComplete( iOriginalRequestStatus, KErrCancel );
+ }
+
+// -----------------------------------------------------------------------------
+// void CWimTrustSettingsStore::RunError()
+// Leave leads us here.
+// -----------------------------------------------------------------------------
+//
+TInt CWimTrustSettingsStore::RunError( TInt aError )
+ {
+ _WIMTRACE ( _L( "CWimTrustSettingsStore::RunError()" ) );
+ iPhase = EIdle;
+ User::RequestComplete( iOriginalRequestStatus, aError );
+ return KErrNone;
+ }
+
+// End of File