|
1 /* |
|
2 * Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Policy importer |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 #include "policyimporter.h" |
|
21 #include "vpnapiservant.h" |
|
22 #include "fileutil.h" |
|
23 #include "policypatcher.h" |
|
24 #include "policystore.h" |
|
25 #include "vpnclientuids.h" |
|
26 #include "vpnmanagerserverdefs.h" |
|
27 #include "ikepolparser.h" |
|
28 #include "pkiutil.h" |
|
29 #include "cmmanagerutils.h" |
|
30 #include "log_r6.h" |
|
31 |
|
32 #include <f32file.h> |
|
33 #include <x509cert.h> |
|
34 |
|
35 const TInt KDefaultKeySize(1024); |
|
36 |
|
37 enum TImportState |
|
38 { |
|
39 EStateBeginPolicyImport = 1, |
|
40 EStateImportCaCert, |
|
41 EStateAfterImportCaCert, |
|
42 EStateImportPeerCert, |
|
43 EStateAfterImportPeerCert, |
|
44 EStateImportUserPrivKey, |
|
45 EStateAfterImportUserPrivKey, |
|
46 EStateAttachCertificate, |
|
47 EStateAfterAttachCertificate, |
|
48 EStateImportPinAndPol, |
|
49 EStateCreateVpnDestination, |
|
50 EStateEndPolicyImport |
|
51 }; |
|
52 |
|
53 CPolicyImporter* CPolicyImporter::NewL(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant, |
|
54 CPolicyStore& aPolicyStore, RFs& aFs) |
|
55 { |
|
56 LOG_("-> CPolicyImporter::NewL()"); |
|
57 CPolicyImporter* self = new (ELeave) CPolicyImporter(aMessage, aVpnApiServant, aPolicyStore, aFs); |
|
58 CleanupStack::PushL(self); |
|
59 self->ConstructL(); |
|
60 CleanupStack::Pop(); // self |
|
61 LOG_("<- CPolicyImporter::NewL()"); |
|
62 return self; |
|
63 } |
|
64 |
|
65 CPolicyImporter* CPolicyImporter::NewL(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant, |
|
66 CPolicyStore& aPolicyStore, RFs& aFs) |
|
67 { |
|
68 LOG_("-> CPolicyImporter::NewL()"); |
|
69 CPolicyImporter* self = new (ELeave) CPolicyImporter(aStatus, aVpnApiServant, aPolicyStore, aFs); |
|
70 CleanupStack::PushL(self); |
|
71 self->ConstructL(); |
|
72 CleanupStack::Pop(); // self |
|
73 LOG_("<- CPolicyImporter::NewL()"); |
|
74 return self; |
|
75 } |
|
76 |
|
77 CPolicyImporter::CPolicyImporter(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant, |
|
78 CPolicyStore& aPolicyStore, RFs& aFs) : |
|
79 CActive(0), iMessage(aMessage), iVpnApiServant(aVpnApiServant), |
|
80 iPolicyStore(aPolicyStore), iFs(aFs), iFileUtil(aFs) |
|
81 { |
|
82 } |
|
83 |
|
84 CPolicyImporter::CPolicyImporter(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant, |
|
85 CPolicyStore& aPolicyStore, RFs& aFs) : |
|
86 CActive(0), iExtStatus(&aStatus), iVpnApiServant(aVpnApiServant), |
|
87 iPolicyStore(aPolicyStore), iFs(aFs), iFileUtil(aFs) |
|
88 { |
|
89 } |
|
90 |
|
91 void CPolicyImporter::ConstructL() |
|
92 { |
|
93 CActiveScheduler::Add(this); |
|
94 User::LeaveIfError(iPkiService.Connect()); |
|
95 } |
|
96 |
|
97 CPolicyImporter::~CPolicyImporter() |
|
98 { |
|
99 LOG_("-> CPolicyImporter::~CPolicyImporter()"); |
|
100 Cancel(); |
|
101 iPkiService.Close(); |
|
102 |
|
103 delete iPolicyIdList; |
|
104 |
|
105 delete iCurrIkeDataArray; |
|
106 |
|
107 delete iCurrCaCertList; |
|
108 delete iCurrPeerCertList; |
|
109 delete iCurrUserPrivKeyList; |
|
110 delete iCurrUserCertList; |
|
111 delete iCurrOtherCaCertList; |
|
112 |
|
113 delete iCertFileData; |
|
114 delete iKeyFileData; |
|
115 LOG_("<- CPolicyImporter::~CPolicyImporter()"); |
|
116 } |
|
117 |
|
118 TInt CPolicyImporter::RunError(TInt aError) |
|
119 { |
|
120 LOG_EVENT_2B(R_VPN_MSG_POLICY_INSTALL_FAIL, iNewPolicyId, NULL, |
|
121 aError, iImportSinglePolicy); |
|
122 |
|
123 ImportComplete(aError); |
|
124 return KErrNone; |
|
125 } |
|
126 |
|
127 void CPolicyImporter::RunL() |
|
128 { |
|
129 ChangeStateL(); |
|
130 } |
|
131 |
|
132 void CPolicyImporter::DoCancel() |
|
133 { |
|
134 CancelOngoingOperation(); |
|
135 if (iImportSinglePolicy) |
|
136 { |
|
137 User::RequestComplete(iExtStatus, KErrCancel); |
|
138 } |
|
139 else |
|
140 { |
|
141 iMessage.Complete(KErrCancel); |
|
142 } |
|
143 CleanImportDirectory(); |
|
144 } |
|
145 |
|
146 void CPolicyImporter::GotoState(TInt aState) |
|
147 { |
|
148 LOG_1("-> CPolicyImporter::GotoState() STATE %d", aState); |
|
149 SetNextState(aState); |
|
150 SetActive(); |
|
151 TRequestStatus* status = &iStatus; |
|
152 User::RequestComplete(status, KErrNone); |
|
153 LOG_("<- CPolicyImporter::GotoState()"); |
|
154 } |
|
155 |
|
156 void CPolicyImporter::SetCurrState(TInt aState) |
|
157 { |
|
158 iCurrState = aState; |
|
159 } |
|
160 |
|
161 void CPolicyImporter::SetNextState(TInt aState) |
|
162 { |
|
163 iNextState = aState; |
|
164 } |
|
165 |
|
166 TInt CPolicyImporter::CurrState() |
|
167 { |
|
168 return iCurrState; |
|
169 } |
|
170 |
|
171 TInt CPolicyImporter::NextState() |
|
172 { |
|
173 return iNextState; |
|
174 } |
|
175 |
|
176 void CPolicyImporter::ChangeStateL() |
|
177 { |
|
178 switch (NextState()) |
|
179 { |
|
180 case EStateBeginPolicyImport: |
|
181 StateBeginPolicyImportL(); |
|
182 break; |
|
183 |
|
184 case EStateImportCaCert: |
|
185 StateImportCaCertL(); |
|
186 break; |
|
187 |
|
188 case EStateAfterImportCaCert: |
|
189 StateAfterImportCaCertL(); |
|
190 break; |
|
191 |
|
192 case EStateImportPeerCert: |
|
193 StateImportPeerCertL(); |
|
194 break; |
|
195 |
|
196 case EStateAfterImportPeerCert: |
|
197 StateAfterImportPeerCertL(); |
|
198 break; |
|
199 |
|
200 case EStateImportUserPrivKey: |
|
201 StateImportUserPrivKeyL(); |
|
202 break; |
|
203 |
|
204 case EStateAfterImportUserPrivKey: |
|
205 StateAfterImportUserPrivKeyL(); |
|
206 break; |
|
207 |
|
208 case EStateAttachCertificate: |
|
209 StateAttachCertificateL(); |
|
210 break; |
|
211 |
|
212 case EStateAfterAttachCertificate: |
|
213 StateAfterAttachCertificateL(); |
|
214 break; |
|
215 |
|
216 case EStateImportPinAndPol: |
|
217 StateImportPinAndPolL(); |
|
218 break; |
|
219 |
|
220 case EStateCreateVpnDestination: |
|
221 StateCreateVpnDestinationL(); |
|
222 break; |
|
223 |
|
224 case EStateEndPolicyImport: |
|
225 StateEndPolicyImportL(); |
|
226 break; |
|
227 |
|
228 default: |
|
229 User::Panic(KVpnManagerServer, EInvalidImportState); |
|
230 break; |
|
231 } |
|
232 } |
|
233 |
|
234 void CPolicyImporter::CancelOngoingOperation() |
|
235 { |
|
236 switch (CurrState()) |
|
237 { |
|
238 case EStateImportCaCert: |
|
239 case EStateImportPeerCert: |
|
240 case EStateImportUserPrivKey: |
|
241 case EStateAttachCertificate: |
|
242 iPkiService.CancelPendingOperation(); |
|
243 iPkiService.Finalize(iPkiOpContext); |
|
244 break; |
|
245 |
|
246 default: |
|
247 break; |
|
248 } |
|
249 } |
|
250 |
|
251 void CPolicyImporter::ImportComplete(TInt aReturnValue) |
|
252 { |
|
253 LOG_("-> CPolicyImporter::ImportComplete()"); |
|
254 if (iImportSinglePolicy) |
|
255 { |
|
256 User::RequestComplete(iExtStatus, aReturnValue); |
|
257 } |
|
258 else |
|
259 { |
|
260 iMessage.Complete(aReturnValue); |
|
261 } |
|
262 CleanImportDirectory(); |
|
263 iVpnApiServant.PolicyImportComplete(); |
|
264 LOG_("<- CPolicyImporter::ImportComplete()"); |
|
265 } |
|
266 |
|
267 void CPolicyImporter::ImportPolicyL(const TDesC& aDir) |
|
268 { |
|
269 LOG_("-> CPolicyImporter::ImportPolicyL()"); |
|
270 iImportSinglePolicy = EFalse; |
|
271 iNewPolicyId = &iPolicyId; |
|
272 DoImportPolicyL(aDir); |
|
273 LOG_("<- CPolicyImporter::ImportPolicyL()"); |
|
274 } |
|
275 |
|
276 void CPolicyImporter::ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId) |
|
277 { |
|
278 LOG_("-> CPolicyImporter::ImportSinglePolicyL()"); |
|
279 iImportSinglePolicy = ETrue; |
|
280 iNewPolicyId = &aNewPolicyId; |
|
281 DoImportPolicyL(aDir); |
|
282 LOG_("<- CPolicyImporter::ImportSinglePolicyL()"); |
|
283 } |
|
284 |
|
285 void CPolicyImporter::DoImportPolicyL(const TDesC& aDir) |
|
286 { |
|
287 LOG_("-> CPolicyImporter::DoImportPolicyL()"); |
|
288 iImportDir.Copy(aDir); |
|
289 iCurrPolicyIdIndex = -1; |
|
290 |
|
291 BuildPolicyIdListL(); |
|
292 |
|
293 if (iPolicyIdList->Count() == 0) |
|
294 { |
|
295 ImportComplete(KErrNone); |
|
296 return; |
|
297 } |
|
298 |
|
299 if (iImportSinglePolicy && iPolicyIdList->Count() != 1) |
|
300 { |
|
301 // We're supposed to import a single policy |
|
302 // only but the import directory contains |
|
303 // multiple policies... |
|
304 ImportComplete(KErrArgument); |
|
305 return; |
|
306 } |
|
307 |
|
308 // All is well, so begin import |
|
309 GotoState(EStateBeginPolicyImport); |
|
310 LOG_("<- CPolicyImporter::DoImportPolicyL()"); |
|
311 } |
|
312 |
|
313 void CPolicyImporter::StateBeginPolicyImportL() |
|
314 { |
|
315 SetCurrState(EStateBeginPolicyImport); |
|
316 |
|
317 iCurrPolicyIdIndex++; |
|
318 |
|
319 if (iCurrPolicyIdIndex == iPolicyIdList->Count()) |
|
320 { |
|
321 ImportComplete(KErrNone); |
|
322 return; |
|
323 } |
|
324 |
|
325 iCurrPolicyId.Copy(iPolicyIdList->At(iCurrPolicyIdIndex)); |
|
326 |
|
327 ParseIkeDataL(); |
|
328 |
|
329 BuildCaCertListL(); |
|
330 iCurrCaCertIndex = -1; |
|
331 |
|
332 BuildPeerCertListL(); |
|
333 iCurrPeerCertIndex = -1; |
|
334 |
|
335 BuildUserPrivKeyAndUserCertListL(); |
|
336 iCurrUserPrivKeyIndex = -1; |
|
337 iCurrUserCertIndex = -1; |
|
338 |
|
339 BuildOtherCaCertListL(); |
|
340 iCurrOtherCaCertIndex=-1; |
|
341 GotoState(EStateImportCaCert); |
|
342 } |
|
343 |
|
344 void CPolicyImporter::StateImportCaCertL() |
|
345 { |
|
346 LOG_("CPolicyImporter::StateImportCaCertL() entry"); |
|
347 SetCurrState(EStateImportCaCert); |
|
348 |
|
349 iCurrCaCertIndex++; |
|
350 |
|
351 if (iCurrCaCertIndex == iCurrCaCertList->Count()) |
|
352 { |
|
353 GotoState(EStateImportPeerCert); |
|
354 LOG_("CPolicyImporter::StateImportCaCertL() exit (all CA certs imported)"); |
|
355 return; |
|
356 } |
|
357 |
|
358 delete iCertFileData; |
|
359 iCertFileData = NULL; |
|
360 iCertFileData = iFileUtil.LoadFileDataL(iCurrCaCertList->At(iCurrCaCertIndex)); |
|
361 |
|
362 iPkiService.StoreCertificateL(EPKICACertificate, KDefaultKeySize, EPKIRSA, *iCertFileData, |
|
363 &iPkiOpContext, iStatus); |
|
364 |
|
365 SetNextState(EStateAfterImportCaCert); |
|
366 SetActive(); |
|
367 LOG_("CPolicyImporter::StateImportCaCertL() exit"); |
|
368 } |
|
369 |
|
370 void CPolicyImporter::StateAfterImportCaCertL() |
|
371 { |
|
372 SetCurrState(EStateAfterImportCaCert); |
|
373 |
|
374 iPkiService.Finalize(iPkiOpContext); |
|
375 |
|
376 |
|
377 if (iStatus == KErrArgument) |
|
378 { |
|
379 User::Leave(KVpnErrInvalidCaCertFile); |
|
380 } |
|
381 else if (iStatus != KErrNone) |
|
382 { |
|
383 User::Leave(iStatus.Int()); |
|
384 } |
|
385 |
|
386 // Set VPN trusted |
|
387 CX509Certificate* tempCert = CX509Certificate::NewLC(*iCertFileData); |
|
388 RArray<TUid> appArray; |
|
389 CleanupClosePushL(appArray); |
|
390 appArray.AppendL(TUid::Uid(KUidVpnManager)); |
|
391 |
|
392 const TPtrC8* serialNumber = tempCert->DataElementEncoding( |
|
393 CX509Certificate::ESerialNumber); |
|
394 const TPtrC8* issuername = tempCert->DataElementEncoding( |
|
395 CX509Certificate::EIssuerName); |
|
396 |
|
397 iPkiService.SetApplicabilityL( |
|
398 *issuername, |
|
399 *serialNumber, |
|
400 appArray); |
|
401 |
|
402 CleanupStack::PopAndDestroy(2); // appArray, tempCert |
|
403 |
|
404 // Handle the next certificate, if present |
|
405 GotoState(EStateImportCaCert); |
|
406 } |
|
407 |
|
408 void CPolicyImporter::StateImportPeerCertL() |
|
409 { |
|
410 LOG_("CPolicyImporter::StateImportOtherCaCertL() entry"); |
|
411 SetCurrState(EStateImportPeerCert); |
|
412 |
|
413 iCurrOtherCaCertIndex++; |
|
414 |
|
415 if (iCurrOtherCaCertIndex == iCurrOtherCaCertList->Count()) |
|
416 { |
|
417 GotoState(EStateImportUserPrivKey); |
|
418 LOG_("CPolicyImporter::StateImportOtherCaCertL() exit (all intermediate CAs imported)"); |
|
419 return; |
|
420 } |
|
421 |
|
422 delete iCertFileData; |
|
423 iCertFileData = NULL; |
|
424 iCertFileData = iFileUtil.LoadFileDataL(iCurrOtherCaCertList->At(iCurrOtherCaCertIndex)); |
|
425 CIkeData* data = iCurrIkeDataArray->At(iCurrIkeDataIndex); |
|
426 TPkiServiceStoreType storeType = GetStoreTypeL(data); |
|
427 iPkiService.SetStoreType(storeType); |
|
428 |
|
429 iPkiService.StoreCertificateL(EPKICACertificate, KDefaultKeySize, EPKIRSA, *iCertFileData, |
|
430 &iPkiOpContext, iStatus); |
|
431 |
|
432 SetNextState(EStateAfterImportPeerCert); |
|
433 SetActive(); |
|
434 LOG_("CPolicyImporter::StateImportOtherCACertL() exit"); |
|
435 } |
|
436 |
|
437 void CPolicyImporter::StateAfterImportPeerCertL() |
|
438 { |
|
439 SetCurrState(EStateAfterImportPeerCert); |
|
440 |
|
441 iPkiService.Finalize(iPkiOpContext); |
|
442 |
|
443 if (iStatus != KErrNone) |
|
444 { |
|
445 User::Leave(iStatus.Int()); |
|
446 } |
|
447 |
|
448 // Handle the next certificate, if present |
|
449 GotoState(EStateImportPeerCert); |
|
450 } |
|
451 |
|
452 TPkiServiceStoreType CPolicyImporter::GetStoreTypeL(CIkeData* aData) |
|
453 { |
|
454 TPkiServiceStoreType ret(EPkiStoreTypeAny); |
|
455 if (aData->iClientCertType) |
|
456 { |
|
457 HBufC8* storename = aData->iClientCertType->GetAsciiDataL(); |
|
458 CleanupStack::PushL(storename); |
|
459 LOG(Log::Printf(_L8("CPolicyImporter::BuildPeerCertListL() Store type defined in policy: %S\n"), &(*storename))); |
|
460 |
|
461 if (storename->Compare(_L8("DEVICE")) == 0) |
|
462 { |
|
463 LOG_("CPolicyImporter::BuildPeerCertListL() Policy uses DEVICE store\n"); |
|
464 ret = EPkiStoreTypeDevice; |
|
465 } |
|
466 else |
|
467 { |
|
468 LOG_("CPolicyImporter::BuildPeerCertListL() Policy uses USER store\n"); |
|
469 ret = EPkiStoreTypeUser; |
|
470 } |
|
471 |
|
472 CleanupStack::PopAndDestroy(storename); |
|
473 } |
|
474 else |
|
475 { |
|
476 LOG_("CPolicyImporter::GetStoreType() No store type specified in policy"); |
|
477 } |
|
478 return ret; |
|
479 } |
|
480 void CPolicyImporter::StateImportUserPrivKeyL() |
|
481 { |
|
482 LOG_("CPolicyImporter::StateImportUserPrivKeyL() entry"); |
|
483 SetCurrState(EStateImportUserPrivKey); |
|
484 |
|
485 iCurrUserPrivKeyIndex++; |
|
486 |
|
487 if (iCurrUserPrivKeyIndex == iCurrUserPrivKeyList->Count()) |
|
488 { |
|
489 GotoState(EStateImportPinAndPol); |
|
490 LOG_("CPolicyImporter::StateImportUserPrivKeyL() exit (all keys imported)"); |
|
491 return; |
|
492 } |
|
493 |
|
494 delete iKeyFileData; |
|
495 iKeyFileData = NULL; |
|
496 iKeyFileData = iFileUtil.LoadFileDataL(iCurrUserPrivKeyList->At(iCurrUserPrivKeyIndex)); |
|
497 CIkeData* data = iCurrIkeDataArray->At(iCurrIkeDataIndex); |
|
498 TPkiServiceStoreType storeType = GetStoreTypeL(data); |
|
499 iPkiService.SetStoreType(storeType); |
|
500 |
|
501 iPkiService.StoreKeypair(iCurrKeyId, *iKeyFileData, iStatus); |
|
502 |
|
503 SetNextState(EStateAfterImportUserPrivKey); |
|
504 SetActive(); |
|
505 LOG_("CPolicyImporter::StateImportUserPrivKeyL() exit"); |
|
506 } |
|
507 |
|
508 void CPolicyImporter::StateAfterImportUserPrivKeyL() |
|
509 { |
|
510 SetCurrState(EStateAfterImportUserPrivKey); |
|
511 |
|
512 if (iStatus == KErrArgument || iStatus == KErrNotSupported) |
|
513 { |
|
514 User::Leave(KVpnErrInvalidUserPrivKeyFile); |
|
515 } |
|
516 else if (iStatus != KErrNone) |
|
517 { |
|
518 User::Leave(iStatus.Int()); |
|
519 } |
|
520 |
|
521 // Attach user certificates to the imported private key |
|
522 iCurrIkeDataIndex = -1; |
|
523 GotoState(EStateAttachCertificate); |
|
524 } |
|
525 |
|
526 void CPolicyImporter::StateAttachCertificateL() |
|
527 { |
|
528 LOG_("CPolicyImporter::StateAttachCertificateL() entry"); |
|
529 SetCurrState(EStateAttachCertificate); |
|
530 |
|
531 iCurrIkeDataIndex++; |
|
532 |
|
533 if (iCurrIkeDataIndex == iCurrIkeDataArray->Count()) |
|
534 { |
|
535 // Import the next private key, if present |
|
536 GotoState(EStateImportUserPrivKey); |
|
537 return; |
|
538 } |
|
539 |
|
540 CIkeData* ikeData = iCurrIkeDataArray->At(iCurrIkeDataIndex); |
|
541 HBufC* fileName(NULL); |
|
542 TPkiServiceStoreType storeType = GetStoreTypeL(ikeData); |
|
543 iPkiService.SetStoreType(storeType); |
|
544 |
|
545 fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iPrivKey.iData).AllocLC(); |
|
546 |
|
547 if (fileName->CompareF(iCurrUserPrivKeyList->At(iCurrUserPrivKeyIndex)) == 0) |
|
548 { |
|
549 CleanupStack::PopAndDestroy(fileName); |
|
550 fileName = NULL; |
|
551 |
|
552 fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iOwnCert.iData).AllocLC(); |
|
553 |
|
554 delete iCertFileData; |
|
555 iCertFileData = NULL; |
|
556 iCertFileData = iFileUtil.LoadFileDataL(*fileName); |
|
557 |
|
558 iPkiService.AttachCertificateL(iCurrKeyId, KDefaultKeySize, EPKIRSA, *iCertFileData, |
|
559 &iPkiOpContext, iStatus); |
|
560 |
|
561 SetNextState(EStateAfterAttachCertificate); |
|
562 SetActive(); |
|
563 } |
|
564 else |
|
565 { |
|
566 // Attach the next certificate, if present |
|
567 GotoState(EStateAttachCertificate); |
|
568 } |
|
569 CleanupStack::PopAndDestroy(fileName); // fileName |
|
570 LOG_("CPolicyImporter::StateAttachCertificateL() exit"); |
|
571 } |
|
572 |
|
573 void CPolicyImporter::StateAfterAttachCertificateL() |
|
574 { |
|
575 SetCurrState(EStateAfterAttachCertificate); |
|
576 |
|
577 iPkiService.Finalize(iPkiOpContext); |
|
578 |
|
579 if (iStatus == KErrArgument) |
|
580 { |
|
581 User::Leave(KVpnErrInvalidUserCertFile); |
|
582 } |
|
583 else if (iStatus != KErrNone) |
|
584 { |
|
585 User::Leave(iStatus.Int()); |
|
586 } |
|
587 |
|
588 // Attach the next certificate, if present |
|
589 GotoState(EStateAttachCertificate); |
|
590 } |
|
591 |
|
592 void CPolicyImporter::StateImportPinAndPolL() |
|
593 { |
|
594 LOG_("-> CPolicyImporter::StateImportPinAndPolL()"); |
|
595 SetCurrState(EStateImportPinAndPol); |
|
596 |
|
597 HBufC* pinFile = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KPinFileExt); |
|
598 HBufC* polFile = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KPolFileExt); |
|
599 |
|
600 if (!iFileUtil.FileExists(*pinFile)) |
|
601 { |
|
602 LOG_("<- CPolicyImporter::StateImportPinAndPolL() LEAVE: KVpnErrNoPolicyInfoFile"); |
|
603 User::Leave(KVpnErrNoPolicyInfoFile); |
|
604 } |
|
605 else if (!iFileUtil.FileExists(*polFile)) |
|
606 { |
|
607 LOG_("<- CPolicyImporter::StateImportPinAndPolL() LEAVE: KVpnErrNoPolicyFile"); |
|
608 User::Leave(KVpnErrNoPolicyFile); |
|
609 } |
|
610 else |
|
611 { |
|
612 PatchPolicyCaCertInfoL(*polFile); |
|
613 |
|
614 iPolicyStore.ImportPolicyL(*pinFile, *polFile, iNewPolicyId); |
|
615 |
|
616 //iImportSinglePolicy is used when policy is installed via |
|
617 //OMA DM or ACU. If the policy is installed from .vpn file |
|
618 //the iImportSinglePolicy is not used. |
|
619 //The VPN destination is only created in .vpn case. |
|
620 if (iImportSinglePolicy) |
|
621 { |
|
622 GotoState(EStateEndPolicyImport); |
|
623 } |
|
624 else |
|
625 { |
|
626 GotoState(EStateCreateVpnDestination); |
|
627 } |
|
628 } |
|
629 CleanupStack::PopAndDestroy(2); // polfile, pinfile |
|
630 LOG_("<- CPolicyImporter::StateImportPinAndPolL()"); |
|
631 } |
|
632 |
|
633 void CPolicyImporter::StateCreateVpnDestinationL() |
|
634 { |
|
635 LOG_("-> CPolicyImporter::StateCreateVpnDestinationL()"); |
|
636 SetCurrState(EStateCreateVpnDestination); |
|
637 |
|
638 //Gets the IAP name from policy name |
|
639 TVpnPolicyInfo* policyInfo = new (ELeave) TVpnPolicyInfo; |
|
640 CleanupDeletePushL(policyInfo); |
|
641 |
|
642 User::LeaveIfError(iPolicyStore.GetPolicyInfo(*iNewPolicyId, *policyInfo)); |
|
643 |
|
644 CmManagerUtils::CreateVPNConnectionMethodToIntranetL(*policyInfo, |
|
645 *(iVpnApiServant.iEventLogger)); |
|
646 |
|
647 CleanupStack::PopAndDestroy(); //policyInfo |
|
648 GotoState(EStateEndPolicyImport); |
|
649 |
|
650 LOG_("<- CPolicyImporter::StateCreateVpnDestinationL()"); |
|
651 } |
|
652 |
|
653 void CPolicyImporter::StateEndPolicyImportL() |
|
654 { |
|
655 LOG_("-> CPolicyImporter::StateEndPolicyImportL()"); |
|
656 |
|
657 STACK_LEFT; |
|
658 |
|
659 SetCurrState(EStateEndPolicyImport); |
|
660 |
|
661 // Delete the files that were just imported from the import/install directory |
|
662 |
|
663 HBufC* fileFilter = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KAllFilesPat); |
|
664 iFileUtil.DeleteFilesL(*fileFilter); |
|
665 |
|
666 CleanupStack::PopAndDestroy(); // fileFilter |
|
667 |
|
668 LOG_EVENT_2B(R_VPN_MSG_INSTALLED_POLICY_FILE, iNewPolicyId, NULL, 0, iImportSinglePolicy); |
|
669 |
|
670 GotoState(EStateBeginPolicyImport); |
|
671 LOG_("<- CPolicyImporter::StateEndPolicyImportL()"); |
|
672 } |
|
673 |
|
674 void CPolicyImporter::BuildPolicyIdListL() |
|
675 { |
|
676 delete iPolicyIdList; |
|
677 iPolicyIdList = NULL; |
|
678 iPolicyIdList = new (ELeave) CArrayFixFlat<TExtVpnPolicyId>(2); |
|
679 |
|
680 TFindFile* fileFinder = new (ELeave) TFindFile(iFs); |
|
681 CleanupStack::PushL(fileFinder); |
|
682 |
|
683 CDir* fileList; |
|
684 |
|
685 TInt ret = fileFinder->FindWildByDir(KPinFilePat, iImportDir, fileList); |
|
686 |
|
687 if (ret == KErrNone) |
|
688 { |
|
689 CleanupStack::PushL(fileList); |
|
690 |
|
691 for (TInt i = 0; i < fileList->Count(); i++) |
|
692 { |
|
693 TParse* fileNameParser = new (ELeave) TParse(); |
|
694 CleanupStack::PushL(fileNameParser); |
|
695 |
|
696 fileNameParser->Set((*fileList)[i].iName, NULL, NULL); |
|
697 |
|
698 TExtVpnPolicyId policyId; |
|
699 policyId.Copy(fileNameParser->Name()); |
|
700 |
|
701 iPolicyIdList->AppendL(policyId); |
|
702 |
|
703 CleanupStack::PopAndDestroy(); // fileNameParser |
|
704 } |
|
705 CleanupStack::PopAndDestroy(); // fileList |
|
706 } |
|
707 CleanupStack::PopAndDestroy(); // fileFinder |
|
708 } |
|
709 |
|
710 void CPolicyImporter::BuildCaCertListL() |
|
711 { |
|
712 LOG_("-> CPolicyImporter::BuildCaCertListL()"); |
|
713 delete iCurrCaCertList; |
|
714 iCurrCaCertList = NULL; |
|
715 iCurrCaCertList = new (ELeave) CArrayFixFlat<TFileName>(2); |
|
716 |
|
717 TFileName *fileName = new (ELeave) TFileName; |
|
718 CleanupStack::PushL(fileName); |
|
719 |
|
720 LOG_("Pre-for"); |
|
721 for (TInt i = 0; i < iCurrIkeDataArray->Count(); i++) |
|
722 { |
|
723 LOG_("For start"); |
|
724 CIkeData* ikeData = iCurrIkeDataArray->At(i); |
|
725 fileName->Zero(); |
|
726 |
|
727 if (ikeData->iCAList) |
|
728 { |
|
729 LOG_("CAlist found"); |
|
730 for (TInt j = 0; j < ikeData->iCAList->Count(); j++) |
|
731 { |
|
732 LOG_("CA iter start"); |
|
733 if (ikeData->iCAList->At(j)->iFormat == BIN_CERT) |
|
734 { |
|
735 LOG_("Bin cert found"); |
|
736 *fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iCAList->At(j)->iData); |
|
737 if (!iFileUtil.FileExists(*fileName)) |
|
738 { |
|
739 LOG_("<- CPolicyImporter::BuildCaCertListL() LEAVE (KVpnErrCaCertFileMissing)"); |
|
740 User::Leave(KVpnErrInvalidCaCertFile); |
|
741 } |
|
742 //Makes sure every file name is appended only once. |
|
743 AppendIfNotFoundL( iCurrCaCertList, fileName ); |
|
744 } |
|
745 } |
|
746 } |
|
747 } |
|
748 |
|
749 CleanupStack::PopAndDestroy(); //fileName |
|
750 LOG_("<- CPolicyImporter::BuildCaCertListL()"); |
|
751 } |
|
752 |
|
753 |
|
754 void CPolicyImporter::BuildPeerCertListL() |
|
755 { |
|
756 LOG(Log::Printf(_L8("-> CPolicyImporter::BuildPeerCertListL()\n"))); |
|
757 delete iCurrPeerCertList; |
|
758 iCurrPeerCertList = NULL; |
|
759 iCurrPeerCertList = new (ELeave) CArrayFixFlat<TFileName>(2); |
|
760 |
|
761 TFileName *fileName = new (ELeave) TFileName; |
|
762 CleanupStack::PushL(fileName); |
|
763 |
|
764 for (TInt i = 0; i < iCurrIkeDataArray->Count(); i++) |
|
765 { |
|
766 CIkeData* ikeData = iCurrIkeDataArray->At(i); |
|
767 fileName->Zero(); |
|
768 |
|
769 if (ikeData->iPeerCert.iData.Length() > 0 && |
|
770 ikeData->iPeerCert.iFormat == BIN_CERT) |
|
771 { |
|
772 *fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iPeerCert.iData); |
|
773 if (!iFileUtil.FileExists(*fileName)) |
|
774 { |
|
775 User::Leave(KVpnErrPeerCertFileMissing); |
|
776 } |
|
777 AppendIfNotFoundL( iCurrPeerCertList, fileName ); |
|
778 } |
|
779 } |
|
780 |
|
781 CleanupStack::PopAndDestroy(); //fileName |
|
782 LOG_("<- CPolicyImporter::BuildPeerCertListL()"); |
|
783 } |
|
784 |
|
785 |
|
786 void CPolicyImporter::BuildUserPrivKeyAndUserCertListL() |
|
787 { |
|
788 LOG_("-> CPolicyImporter::BuildUserPrivKeyAndUserCertListL()"); |
|
789 delete iCurrUserPrivKeyList; |
|
790 iCurrUserPrivKeyList = NULL; |
|
791 iCurrUserPrivKeyList = new (ELeave) CArrayFixFlat<TFileName>(2); |
|
792 |
|
793 delete iCurrUserCertList; |
|
794 iCurrUserCertList = NULL; |
|
795 iCurrUserCertList = new (ELeave) CArrayFixFlat<TFileName>(2); |
|
796 |
|
797 TFileName *fileName = new (ELeave) TFileName; |
|
798 CleanupStack::PushL(fileName); |
|
799 |
|
800 |
|
801 for (TInt i = 0; i < iCurrIkeDataArray->Count(); i++) |
|
802 { |
|
803 CIkeData* ikeData = iCurrIkeDataArray->At(i); |
|
804 fileName->Zero(); |
|
805 |
|
806 if (ikeData->iOwnCert.iData.Length() > 0 && |
|
807 ikeData->iOwnCert.iFormat == BIN_CERT) |
|
808 { |
|
809 //First check that defined user cert is found and if so |
|
810 //add the file name to the list |
|
811 |
|
812 *fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iOwnCert.iData); |
|
813 if (!iFileUtil.FileExists(*fileName)) |
|
814 { |
|
815 User::Leave(KVpnErrInvalidUserCertFile); |
|
816 } |
|
817 AppendIfNotFoundL( iCurrUserCertList, fileName ); |
|
818 |
|
819 //After the user cert is found check that the assosiated private key |
|
820 //is found. |
|
821 if (ikeData->iPrivKey.iData.Length() > 0 && |
|
822 ikeData->iPrivKey.iFormat == BIN_CERT) |
|
823 { |
|
824 fileName->Zero(); |
|
825 *fileName = iFileUtil.MakeFileName(iImportDir, ikeData->iPrivKey.iData); |
|
826 if (!iFileUtil.FileExists(*fileName)) |
|
827 { |
|
828 User::Leave(KVpnErrInvalidUserPrivKeyFile); |
|
829 } |
|
830 AppendIfNotFoundL( iCurrUserPrivKeyList, fileName ); |
|
831 } |
|
832 else |
|
833 { |
|
834 User::Leave(KVpnErrInvalidPolicyFile); |
|
835 } |
|
836 } |
|
837 } |
|
838 |
|
839 CleanupStack::PopAndDestroy(); //fileName |
|
840 LOG_("<- CPolicyImporter::BuildUserPrivKeyAndUserCertListL()"); |
|
841 } |
|
842 |
|
843 void CPolicyImporter::BuildOtherCaCertListL() |
|
844 { |
|
845 LOG(Log::Printf(_L8("-> CPolicyImporter::BuildOtherCACertListL()\n"))); |
|
846 delete iCurrOtherCaCertList; |
|
847 iCurrOtherCaCertList = NULL; |
|
848 iCurrOtherCaCertList = new (ELeave) CArrayFixFlat<TFileName>(2); |
|
849 TFileName *fileName = new (ELeave) TFileName; |
|
850 CleanupStack::PushL(fileName); |
|
851 TFileName *totalPath= new (ELeave) TFileName; |
|
852 CleanupStack::PushL(totalPath); |
|
853 CDir* dirList=NULL; |
|
854 _LIT(KFileSpec, "*ca-?.*er"); |
|
855 *totalPath=iImportDir; |
|
856 totalPath->Append(KFileSpec); |
|
857 |
|
858 |
|
859 User::LeaveIfError( |
|
860 iFs.GetDir(*totalPath, |
|
861 KEntryAttMaskSupported, |
|
862 ESortByName, dirList)); |
|
863 CleanupStack::PushL(dirList); |
|
864 if ( dirList->Count()>1 ) |
|
865 { |
|
866 for (TInt i=0;i<dirList->Count();i++) |
|
867 { |
|
868 *fileName = (*dirList)[i].iName; |
|
869 *totalPath = iImportDir; |
|
870 totalPath->Append(*fileName); |
|
871 AppendIfNotFoundL(iCurrOtherCaCertList, totalPath); |
|
872 } |
|
873 } |
|
874 CleanupStack::PopAndDestroy(dirList); |
|
875 CleanupStack::PopAndDestroy(totalPath); |
|
876 |
|
877 CleanupStack::PopAndDestroy(); //fileName |
|
878 LOG_("<- CPolicyImporter::BuildOtherCaCertListL()"); |
|
879 } |
|
880 |
|
881 void CPolicyImporter::ParseIkeDataL() |
|
882 { |
|
883 LOG_("-> CPolicyImporter::ParseIkeDataL()"); |
|
884 |
|
885 HBufC* polFile = iFileUtil.MakeFileNameLC(iImportDir, iCurrPolicyId, KPolFileExt); |
|
886 |
|
887 if (!iFileUtil.FileExists(*polFile)) |
|
888 { |
|
889 LOG_("<- CPolicyImporter::ParseIkeDataL() LEAVE (KVpnErrNoPolicyFile)"); |
|
890 User::Leave(KVpnErrNoPolicyFile); |
|
891 } |
|
892 |
|
893 HBufC8* fileData = iFileUtil.LoadFileDataL(*polFile); |
|
894 CleanupStack::PushL(fileData); |
|
895 |
|
896 HBufC* fileData16 = HBufC::NewLC(fileData->Length()); |
|
897 |
|
898 fileData16->Des().Copy(*fileData); |
|
899 |
|
900 delete iCurrIkeDataArray; |
|
901 iCurrIkeDataArray = NULL; |
|
902 iCurrIkeDataArray = CIkeDataArray::NewL(1); |
|
903 |
|
904 TIkeParser* ikeParser = new (ELeave) TIkeParser(*fileData16); |
|
905 CleanupStack::PushL(ikeParser); |
|
906 ikeParser->ParseIKESectionsL(iCurrIkeDataArray); |
|
907 |
|
908 CleanupStack::PopAndDestroy(4); // ikeParser, fileData16, fileData, polFile |
|
909 LOG_("<- CPolicyImporter::ParseIkeDataL()"); |
|
910 } |
|
911 |
|
912 |
|
913 void CPolicyImporter::PatchPolicyCaCertInfoL(const TFileName& aPolicyFile) |
|
914 { |
|
915 LOG_("-> CPolicyImporter::PatchPolicyCaCertInfoL()"); |
|
916 HBufC8* policyData = iFileUtil.LoadFileDataL(aPolicyFile); |
|
917 CleanupStack::PushL(policyData); |
|
918 |
|
919 CPolicyPatchInfoList* patchInfoList = BuildPolicyPatchInfoListL(); |
|
920 CleanupStack::PushL(patchInfoList); |
|
921 |
|
922 CPolicyPatcher* patcher = CPolicyPatcher::NewL(); |
|
923 CleanupStack::PushL(patcher); |
|
924 |
|
925 HBufC8* patchedPolicyData = patcher->PatchPolicyL(*policyData, patchInfoList); |
|
926 CleanupStack::PushL(patchedPolicyData); |
|
927 |
|
928 iFileUtil.SaveFileDataL(aPolicyFile, *patchedPolicyData); |
|
929 |
|
930 CleanupStack::PopAndDestroy(4); // patchedPolicyData, patcher, patchInfoList, policyData |
|
931 LOG_("<- CPolicyImporter::PatchPolicyCaCertInfoL()"); |
|
932 } |
|
933 |
|
934 CPolicyPatchInfoList* CPolicyImporter::BuildPolicyPatchInfoListL() |
|
935 { |
|
936 LOG_("-> CPolicyImporter::BuildPolicyPatchInfoListL()"); |
|
937 CPolicyPatchInfoList* patchInfoList = new (ELeave) CPolicyPatchInfoList(2); |
|
938 CleanupStack::PushL(patchInfoList); |
|
939 HBufC8* subjectName; |
|
940 // First, append the CA certs to patch list... |
|
941 for (TInt i = 0; i < iCurrCaCertList->Count(); i++) |
|
942 { |
|
943 |
|
944 CPolicyPatchInfo* patchInfo = new (ELeave) CPolicyPatchInfo(); |
|
945 CleanupStack::PushL(patchInfo); |
|
946 |
|
947 TParse fileNameParser; |
|
948 fileNameParser.Set(iCurrCaCertList->At(i), NULL, NULL); |
|
949 |
|
950 patchInfo->iCertFileName.Copy(fileNameParser.NameAndExt()); |
|
951 subjectName = CertSubjectNameL(iCurrCaCertList->At(i)); |
|
952 CleanupStack::PushL(subjectName); |
|
953 if ( iCurrOtherCaCertList->Count()>1 && iCurrCaCertList->Count()==1 ) //if other than basic CA certificate exists |
|
954 { |
|
955 // Set original intermediate CA untrusted. . |
|
956 HBufC8* certData = iFileUtil.LoadFileDataL(iCurrCaCertList->At(0)); |
|
957 CleanupStack::PushL(certData); |
|
958 CX509Certificate* tempCert = CX509Certificate::NewLC(*certData); |
|
959 RArray<TUid> appArray; |
|
960 CleanupClosePushL(appArray); |
|
961 const TPtrC8* serialNumber = tempCert->DataElementEncoding( |
|
962 CX509Certificate::ESerialNumber); |
|
963 const TPtrC8* issuername = tempCert->DataElementEncoding( |
|
964 CX509Certificate::EIssuerName); |
|
965 |
|
966 iPkiService.SetApplicabilityL( |
|
967 *issuername, |
|
968 *serialNumber, |
|
969 appArray); |
|
970 |
|
971 CleanupStack::PopAndDestroy(3); // appArray, tempcert |
|
972 |
|
973 //get CA from chain |
|
974 TFileName rootCAFile=GetCAFromFileListL(*subjectName, iCurrOtherCaCertList); |
|
975 CleanupStack::PopAndDestroy(subjectName); |
|
976 subjectName=NULL; |
|
977 subjectName = CertSubjectNameL(rootCAFile); |
|
978 CleanupStack::PushL(subjectName); |
|
979 |
|
980 //Set highest CA as trusted |
|
981 certData = iFileUtil.LoadFileDataL(rootCAFile); |
|
982 CleanupStack::PushL(certData); |
|
983 tempCert = CX509Certificate::NewLC(*certData); |
|
984 CleanupClosePushL(appArray); |
|
985 appArray.AppendL(TUid::Uid(KUidVpnManager)); |
|
986 serialNumber = tempCert->DataElementEncoding( |
|
987 CX509Certificate::ESerialNumber); |
|
988 issuername = tempCert->DataElementEncoding( |
|
989 CX509Certificate::EIssuerName); |
|
990 |
|
991 iPkiService.SetApplicabilityL( |
|
992 *issuername, |
|
993 *serialNumber, |
|
994 appArray); |
|
995 |
|
996 CleanupStack::PopAndDestroy(3); // appArray, tempcert, certData |
|
997 } |
|
998 patchInfo->SetCertSubjectNameL(*subjectName); |
|
999 |
|
1000 patchInfoList->AppendL(patchInfo); |
|
1001 CleanupStack::PopAndDestroy(subjectName); |
|
1002 subjectName=NULL; |
|
1003 CleanupStack::Pop(patchInfo); // patcInfo (now owned by the list) |
|
1004 } |
|
1005 |
|
1006 // ... then, append also the user certificates. |
|
1007 for (TInt i = 0; i < iCurrUserCertList->Count(); i++) |
|
1008 { |
|
1009 TInt keySize = 0; |
|
1010 HBufC8* subjectName = CertInfoL(iCurrUserCertList->At(i), keySize); |
|
1011 CleanupStack::PushL(subjectName); |
|
1012 |
|
1013 CPolicyPatchInfo* patchInfo = new (ELeave) CPolicyPatchInfo(); |
|
1014 CleanupStack::PushL(patchInfo); |
|
1015 |
|
1016 TParse fileNameParser; |
|
1017 fileNameParser.Set(iCurrUserCertList->At(i), NULL, NULL); |
|
1018 |
|
1019 patchInfo->iCertFileName.Copy(fileNameParser.NameAndExt()); |
|
1020 patchInfo->SetCertSubjectNameL(*subjectName); |
|
1021 patchInfo->SetUserCertKeyLen(keySize); |
|
1022 |
|
1023 patchInfoList->AppendL(patchInfo); |
|
1024 |
|
1025 CleanupStack::Pop(); // patchInfo (now owned by the list) |
|
1026 CleanupStack::PopAndDestroy(); // subjectName |
|
1027 } |
|
1028 |
|
1029 CleanupStack::Pop(); // patchInfoList, ownership transferred |
|
1030 |
|
1031 LOG_("<- CPolicyImporter::BuildPolicyPatchInfoListL()"); |
|
1032 return patchInfoList; |
|
1033 } |
|
1034 |
|
1035 HBufC8* CPolicyImporter::CertSubjectNameL(const TFileName& aCertFile) |
|
1036 { |
|
1037 TInt keySize = KDoNotGetKeySize; |
|
1038 return CertInfoL(aCertFile,keySize); |
|
1039 } |
|
1040 |
|
1041 void CPolicyImporter::CleanImportDirectory() |
|
1042 { |
|
1043 LOG_("-> CPolicyImporter::CleanImportDirectory()"); |
|
1044 |
|
1045 TRAP_IGNORE( |
|
1046 { |
|
1047 HBufC* fileFilter = iFileUtil.MakeFileNameLC(iImportDir, KNullDesC, KAllFilesPat); |
|
1048 iFileUtil.DeleteFilesL(*fileFilter); |
|
1049 CleanupStack::PopAndDestroy(); |
|
1050 }); |
|
1051 |
|
1052 LOG_("<- CPolicyImporter::CleanImportDirectory()"); |
|
1053 } |
|
1054 |
|
1055 void CPolicyImporter::AppendIfNotFoundL(CArrayFixFlat<TFileName>* aList, |
|
1056 TFileName* aFileName) |
|
1057 { |
|
1058 ASSERT(aList && aFileName); |
|
1059 |
|
1060 TKeyArrayFix arrayKey(0, ECmpFolded); |
|
1061 TInt position; |
|
1062 if ( aList->FindIsq( *aFileName, arrayKey, position ) ) |
|
1063 { |
|
1064 aList->AppendL( *aFileName ); |
|
1065 } |
|
1066 } |
|
1067 |
|
1068 HBufC8* CPolicyImporter::CertInfoL(const TFileName& aCertFile, TInt& aKeySize) |
|
1069 { |
|
1070 HBufC8* certData = iFileUtil.LoadFileDataL(aCertFile); |
|
1071 CleanupStack::PushL(certData); |
|
1072 |
|
1073 HBufC* subjectName = PkiUtil::CertSubjectNameL(*certData); |
|
1074 CleanupStack::PushL(subjectName); |
|
1075 |
|
1076 HBufC8* subjectName8 = HBufC8::NewL(subjectName->Length()); |
|
1077 subjectName8->Des().Copy(*subjectName); |
|
1078 |
|
1079 if(KDoNotGetKeySize != aKeySize) |
|
1080 { |
|
1081 aKeySize = PkiUtil::CertKeySizeL(*certData); |
|
1082 } |
|
1083 |
|
1084 CleanupStack::PopAndDestroy(2); // subjectName, certData |
|
1085 |
|
1086 return subjectName8; |
|
1087 } |
|
1088 |
|
1089 HBufC8* CPolicyImporter::CertIssuerL(const TFileName& aCertFile) |
|
1090 { |
|
1091 HBufC8* certData = iFileUtil.LoadFileDataL(aCertFile); |
|
1092 CleanupStack::PushL(certData); |
|
1093 |
|
1094 HBufC* issuerName = PkiUtil::CertIssuerNameL(*certData); |
|
1095 CleanupStack::PushL(issuerName); |
|
1096 |
|
1097 HBufC8* issuerName8 = HBufC8::NewL(issuerName->Length()); |
|
1098 issuerName8->Des().Copy(*issuerName); |
|
1099 |
|
1100 CleanupStack::PopAndDestroy(2); // subjectName, certData |
|
1101 |
|
1102 return issuerName8; |
|
1103 } |
|
1104 |
|
1105 TFileName CPolicyImporter::GetCAFromFileListL(const TDesC8& aCertSubjectName, CArrayFixFlat<TFileName>* aCertFileArray) |
|
1106 { |
|
1107 TFileName rootCa; |
|
1108 TInt currCaIndex=0; |
|
1109 TInt currIndex=1; |
|
1110 TInt keySize = 0; |
|
1111 for ( TInt i=0; i<aCertFileArray->Count(); i++) |
|
1112 { |
|
1113 HBufC8* certSubjectName = CertInfoL(aCertFileArray->At(i), keySize); |
|
1114 CleanupStack::PushL(certSubjectName); |
|
1115 if ( certSubjectName->Compare(aCertSubjectName) == 0) |
|
1116 currCaIndex=i; |
|
1117 CleanupStack::PopAndDestroy(certSubjectName); |
|
1118 certSubjectName=NULL; |
|
1119 } |
|
1120 |
|
1121 |
|
1122 while ( currIndex< aCertFileArray->Count()) |
|
1123 { |
|
1124 HBufC8* issuerName = CertIssuerL(aCertFileArray->At(currCaIndex)); |
|
1125 CleanupStack::PushL(issuerName); |
|
1126 HBufC8* subjectName = CertInfoL(aCertFileArray->At(currCaIndex), keySize); |
|
1127 CleanupStack::PushL(subjectName); |
|
1128 |
|
1129 for (TInt i=0; i<aCertFileArray->Count();i++) |
|
1130 { |
|
1131 HBufC8* certSubjectName = CertInfoL(aCertFileArray->At(i), keySize); |
|
1132 CleanupStack::PushL(certSubjectName); |
|
1133 if ( certSubjectName->Compare(*issuerName)==0 ) |
|
1134 { |
|
1135 currCaIndex=i; |
|
1136 CleanupStack::PopAndDestroy(certSubjectName); |
|
1137 certSubjectName=NULL; |
|
1138 break; |
|
1139 } |
|
1140 CleanupStack::PopAndDestroy(certSubjectName); |
|
1141 certSubjectName=NULL; |
|
1142 } |
|
1143 |
|
1144 CleanupStack::PopAndDestroy(subjectName); |
|
1145 subjectName=NULL; |
|
1146 CleanupStack::PopAndDestroy(issuerName); |
|
1147 issuerName=NULL; |
|
1148 currIndex++; |
|
1149 } |
|
1150 |
|
1151 return aCertFileArray->At(currCaIndex); |
|
1152 |
|
1153 } |
|
1154 /***/ |