MCL/sf/mw/vpnclient: comparison vpnengine/pkiservice/src/pkimapper.cpp

equal deleted inserted replaced

-:33413c0669b9
+:c9c2ad51f972
 * CPKIMapper class holds the information required to map API set to
 * use the storage model which is not native for that API.
 *
 */
-#include <x500dn.h>
 #include <x509cert.h>
 #include "PKIMapper.h"
-#include "pkcs10.h"
+#include "mapdescriptor.h"
 #include "log_r6.h"
 #include "pkiserviceassert.h"
-CMapDescriptor::CMapDescriptor(TSecurityObjectDescriptor &aDesc)
-{
-this->iSubjectKeyId = aDesc.iSubjectKeyId;
-this->iOwnerType = aDesc.iOwnerType;
-this->iKeySize = aDesc.iKeySize;
-this->iKeyAlgorithm = aDesc.iKeyAlgorithm;
-this->iIsDeletable = aDesc.iIsDeletable;
-}
-CMapDescriptor& CMapDescriptor::operator=(CMapDescriptor& aMapDesc)
-{
-delete this->iTrustedAuthority;
-this->iTrustedAuthority = NULL;
-if(aMapDesc.iTrustedAuthority != NULL)
-{
-this->iTrustedAuthority     = aMapDesc.iTrustedAuthority->Des().AllocL();           // Cert TrustedAuthority
-}
-delete this->iIdentitySubjectName;
-this->iIdentitySubjectName = NULL;
-if(aMapDesc.iIdentitySubjectName != NULL)
-{
-this->iIdentitySubjectName  = aMapDesc.iIdentitySubjectName->Des().AllocL();        // Identity subject name
-}
-delete this->iIdentityRfc822Name;
-this->iIdentityRfc822Name = NULL;
-if(aMapDesc.iIdentityRfc822Name != NULL)
-{
-this->iIdentityRfc822Name   = aMapDesc.iIdentityRfc822Name->Des().AllocL();         // Identity subjectAltName rfc822 name
-}
-delete this->iSerialNumber;
-this->iSerialNumber = NULL;
-if(aMapDesc.iSerialNumber != NULL)
-{
-this->iSerialNumber         = aMapDesc.iSerialNumber->Des().AllocL();               // Serialnumber
-}
-this->iSubjectKeyId         = aMapDesc.iSubjectKeyId;                               // SHA1 hash of the corresponding private key
-this->iOwnerType            = aMapDesc.iOwnerType;                                  // User, CA or peer. If user certificate, at least key usage must be set
-this->iKeyUsageDer          = aMapDesc.iKeyUsageDer;                                // Der format flags
-this->iObjectName           = aMapDesc.iObjectName;
-this->iKeySize              = aMapDesc.iKeySize;                                    // Key size
-this->iKeyAlgorithm         = aMapDesc.iKeyAlgorithm;                               // RSA, DSA
-this->iStartTime            = aMapDesc.iStartTime;
-this->iEndTime              = aMapDesc.iEndTime;
-this->iIsDeletable          = aMapDesc.iIsDeletable;
-TInt i;
-for(i=0;i<aMapDesc.iApplUids.Count();i++)
-{
-this->iApplUids.Append(aMapDesc.iApplUids[i]);
-}
-this->iCertStoreType        = aMapDesc.iCertStoreType;
-return *this;
-}
-TBool CMapDescriptor::IsMatchingL(TSecurityObjectDescriptor &aDesc,
-const TBool aInfoOnly,
-TPkiServiceStoreType aCertStoreType) const
-{
-TBool match(EFalse);
-LOG(Log::Printf(_L("Matching")));
-LOG_1(" Pure informational: %d", aInfoOnly);
-LOG(Log::Printf(_L("Matching: certificate %S"), &iObjectName));
-for(;;)
-{
-if (aDesc.iOwnerType != EPKICACertificate &&
-aCertStoreType != EPkiStoreTypeAny)
-{
-if (iCertStoreType != aCertStoreType)
-{
-LOG(Log::Printf(_L("    Store doesn't match, aborting")));
-match = EFalse;
-break;
-}
-}
-else
-{
-LOG(Log::Printf(_L("Skipping store check, not relevant")));
-}
-if (aDesc.iSubjectKeyIdUsed)
-{
-			if(iSubjectKeyId == aDesc.iSubjectKeyId)
-				{
-				match = ETrue;
-				}
-			else
-				{
-				match = EFalse;
-				break;
-				}
-			}
-if(aDesc.iTrustedAuthorityUsed)
-{
-if(iTrustedAuthority == NULL)
-{
-match = EFalse;
-break;
-}
-else
-{
-CX500DistinguishedName* dnSuffix1 = CX500DistinguishedName::NewLC(*iTrustedAuthority);
-CX500DistinguishedName* dnSuffix2;
-TInt popCount = 3;
-// ASN1 or plain text
-if((aDesc.iTrustedAuthority[0] != 0x30)
-|| ((aDesc.iTrustedAuthority[1] != 0x81)
-&& (aDesc.iTrustedAuthority[1] != 0x82)
-&& ((aDesc.iTrustedAuthority[1] + 2) != aDesc.iTrustedAuthority.Length())))
-{
-HBufC8* name2Der;
-CPkcs10Req::BuildDistinguishedNameDerFromTextL(name2Der,
-aDesc.iTrustedAuthority,
-EFalse, KNullDesC8);
-CleanupStack::PushL(name2Der);
-dnSuffix2 = CX500DistinguishedName::NewLC(*name2Der);
-}
-else
-{
-dnSuffix2 = CX500DistinguishedName::NewLC(aDesc.iTrustedAuthority);
-popCount = 2;
-}
-if(PkiUtil::MatchL(*dnSuffix1, *dnSuffix2))
-{
-match = ETrue;
-CleanupStack::PopAndDestroy(popCount);
-}
-else
-{
-match = EFalse;
-CleanupStack::PopAndDestroy(popCount);
-break;
-}
-}
-}
-if(aDesc.iOwnerTypeUsed)
-{
-if(iOwnerType == aDesc.iOwnerType)
-{
-match = ETrue;
-}
-else
-{
-match = EFalse;
-break;
-}
-}
-if(aDesc.iSerialNumberUsed)
-{
-if ((iSerialNumber != NULL) && ((*iSerialNumber).Compare(aDesc.iSerialNumber) == 0))
-{
-match = ETrue;
-}
-else
-{
-match = EFalse;
-break;
-}
-}
-if(aDesc.iIdentitySubjectNameUsed)
-{
-if(iIdentitySubjectName == NULL)
-{
-match = EFalse;
-break;
-}
-else
-{
-CX500DistinguishedName* dnSuffix1 = CX500DistinguishedName::NewLC(*iIdentitySubjectName);
-CX500DistinguishedName* dnSuffix2;
-TInt popCount = 3;
-// ASN1 or plain text
-if((aDesc.iIdentitySubjectName[0] != 0x30)
-|| ((aDesc.iIdentitySubjectName[1] != 0x81)
-&& (aDesc.iIdentitySubjectName[1] != 0x82)
-&& ((aDesc.iIdentitySubjectName[1] + 2) != aDesc.iIdentitySubjectName.Length())))
-{
-HBufC8* name2Der;
-CPkcs10Req::BuildDistinguishedNameDerFromTextL(name2Der,
-aDesc.iIdentitySubjectName,
-EFalse, KNullDesC8);
-CleanupStack::PushL(name2Der);
-dnSuffix2 = CX500DistinguishedName::NewLC(*name2Der);
-}
-else
-{
-dnSuffix2 = CX500DistinguishedName::NewLC(aDesc.iIdentitySubjectName);
-popCount = 2;
-}
-if(PkiUtil::MatchL(*dnSuffix1, *dnSuffix2))
-{
-CleanupStack::PopAndDestroy(popCount);
-match = ETrue;
-}
-else
-{
-CleanupStack::PopAndDestroy(popCount);
-match = EFalse;
-break;
-}
-}
-}
-if(aDesc.iIdentityRfc822NameUsed)
-{
-if(iIdentityRfc822Name == NULL)
-{
-match = EFalse;
-break;
-}
-else
-{
-TInt bytes = aDesc.iIdentityRfc822Name.Length();
-TPtrC8 tail = (*iIdentityRfc822Name).Right(bytes);
-if (tail.CompareF(aDesc.iIdentityRfc822Name) == 0)
-{
-match = ETrue;
-}
-else
-{
-match = EFalse;
-break;
-}
-}
-}
-if(aDesc.iKeyUsageUsed)
-{
-CX509KeyUsageExt* tempUsage = NULL;
-if(iKeyUsageDer.Length() != 0)
-{
-tempUsage = CX509KeyUsageExt::NewL(iKeyUsageDer);
-}
-if((tempUsage == NULL) || tempUsage->IsSet(aDesc.iKeyUsage))
-{
-delete tempUsage;
-match = ETrue;
-}
-else
-{
-delete tempUsage;
-match = EFalse;
-break;
-}
-}
-if(aDesc.iKeySizeUsed)
-{
-if(iKeySize == aDesc.iKeySize)
-{
-match = ETrue;
-}
-else
-{
-match = EFalse;
-break;
-}
-}
-if (match && !aInfoOnly)
-{
-TValidity  val = CPKIMapper::CertValidity(iStartTime, iEndTime);
-// Treat future certificates as valid
-if((val == EValid) || (val == ENotValidYet))
-{
-match = ETrue;
-}
-else
-{
-LOG_("Matching: Expired, and not an informational request");
-match = EFalse;
-break;
-}
-}
-break;
-}
-return match;
-}
-TBool CMapDescriptor::IsEqual(CMapDescriptor &aDesc)
-{
-TBool match = EFalse;
-for(;;)
-{
-if((iTrustedAuthority != NULL) && (aDesc.iTrustedAuthority != NULL) && (iTrustedAuthority->Des().Compare(*aDesc.iTrustedAuthority) == 0))
-{
-match = ETrue;
-}
-else
-{
-match = EFalse;
-break;
-}
-if((iSerialNumber != NULL) && (aDesc.iSerialNumber != NULL) && (iSerialNumber->Des().Compare(*aDesc.iSerialNumber) == 0))
-{
-match = ETrue;
-}
-else
-{
-match = EFalse;
-break;
-}
-break;
-}
-return match;
-}
-void CMapDescriptor::SetCertStoreType(TPkiServiceStoreType aCertStoreType)
-{
-iCertStoreType = aCertStoreType;
-}
 CPKIMapper* CPKIMapper::NewL()
 {
 CPKIMapper* self = new (ELeave) CPKIMapper();
 CleanupStack::PushL(self);
 TBool CPKIMapper::CacheCreated()
 {
 return iCacheCreated;
 }
-TInt CPKIMapper::AddMapping(CMapDescriptor& aMap)
+TInt CPKIMapper::AddMapping(CMapDescriptor* aMap)
 {
 // Insert as first element, so that newest object will be found first
-return iMapping->Insert(&aMap, 0);
+TInt err = iMapping->Insert(aMap, 0);
+if (err != KErrNone)
+{
+delete aMap;
+}
+return err;
 }
 void CPKIMapper::LogMap(CMapDescriptor &aDescriptor) const
 {
-TInt len = aDescriptor.iSubjectKeyId.Length();
+TPtrC objectName = aDescriptor.Label();
+const TPKIKeyIdentifier& subjectKeyId = aDescriptor.CertificateKeyId();
 LOG(Log::Printf(_L("====CertificateObject====\n")));
-LOG(Log::Printf(_L("ObjectName: %S\n"), &(aDescriptor.iObjectName)));
+LOG(Log::Printf(_L("ObjectName: %S\n"), &objectName));
 LOG(Log::Printf(_L("KeyId:")));
-LOG(Log::HexDump(NULL, NULL, aDescriptor.iSubjectKeyId.Ptr(), len));
+LOG(Log::HexDump(NULL, NULL, subjectKeyId.Ptr(), subjectKeyId.Length()));
 }
 void CPKIMapper::DeleteMapping(TInt aIndex)
 {
 delete (*iMapping)[aIndex];
 iMapping->Remove(aIndex);
 iMapping->Compress();
 }
-TInt CPKIMapper::DeleteMapping(CMapDescriptor &aDesc)
+TInt CPKIMapper::CertCount(TBool aInfoOnly)
-{
-TInt status(KErrNotFound);
-for(TInt i(0); i < iMapping->Count(); i++)
-{
-if((*iMapping)[i]->IsEqual(aDesc))
-{
-DeleteMapping(i);
-status = KErrNone;
-break;
-}
-}
-return status;
-}
-TInt CPKIMapper::CertCount()
 {
 TInt count(0);
 for(TInt i(0); i < iMapping->Count(); i++)
 {
 CMapDescriptor* mapping = (*iMapping)[i];
 count++;
-if (CertValidity(mapping->iStartTime, mapping->iEndTime) == EExpired)
+if (!aInfoOnly && mapping->CertValidity() == CMapDescriptor::EExpired)
 {
 // do not count expider certificates
 count--;
 }
 }
 return count;
 }
 TInt CPKIMapper::ApplicableCertCount(const RArray<TUid>& aUidArray)
 {
-TInt count(0);
+iCount = 0;
-TBool uidMatch(EFalse);
+for(TInt i = 0; i < iMapping->Count(); i++)
-for(TInt i(0); i < iMapping->Count(); i++)
+{
-{
+const CMapDescriptor* mapping = (*iMapping)[i];
-CMapDescriptor* mapping = (*iMapping)[i];
+if(mapping->OwnerType() == EPKICACertificate)
-if(mapping->iOwnerType == EPKICACertificate)
+{
-{
+if(mapping->CertValidity() != CMapDescriptor::EExpired)
-if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired)
+{
-{
+for (TInt j = 0; j < aUidArray.Count(); ++j)
-uidMatch = EFalse;
-for(TInt j = 0; j < mapping->iApplUids.Count(); j++)
 {
-for(TInt k = 0; k < aUidArray.Count(); k++)
+if (mapping->IsApplicable(aUidArray[j]))
 {
-if(mapping->iApplUids[j].iUid == aUidArray[k].iUid)
+iCount++;
-{
-uidMatch = ETrue;
-break;
-}
-}
-if(uidMatch)
-{
-count++;
 break;
 }
 }
 }
 }
 }
-iCount = count;
-return count;
+return iCount;
 }
+TInt CPKIMapper::GetCertDetailsL(TSecurityObjectDescriptor& aSecDesc,
-TInt CPKIMapper::GetCertListL(const RMessage2 &aMessage, TPkiServiceStoreType aStoreType,
+TPkiServiceStoreType aStoreType,
-TBool aDescUsed)
+TBool aInfoOnly,
+TCertificateListEntry& aResultCertInfo)
+{
+TInt index;
+TInt err;
+TRAPD(leave, err = ResolveCertMappingL(aSecDesc, iObjectName,
+index, aInfoOnly,
+aStoreType));
+if (leave != KErrNone)
+{
+return leave;
+}
+if (err == KErrNone)
+{
+const CMapDescriptor* mapping = (*iMapping)[index];
+aResultCertInfo.iObjectName = mapping->Label();
+aResultCertInfo.iOwnerType = mapping->OwnerType();
+aResultCertInfo.iTrustedAuthority = mapping->TrustedAuthority();
+aResultCertInfo.iIdentitySubjectName = mapping->IdentitySubjectName();
+aResultCertInfo.iSerialNumber = mapping->SerialNumber();
+aResultCertInfo.iSubjectKeyId = mapping->CertificateKeyId();
+aResultCertInfo.iKeySize = mapping->KeySize();
+aResultCertInfo.iKeyAlgorithm = mapping->KeyAlgorithm();
+aResultCertInfo.iIsDeletable = mapping->Deletable();
+}
+return err;
+}
+TInt CPKIMapper::GetCertListL(const RMessage2 &aMessage, TBool aInfoOnly)
 {
 TInt pos = 0;
 TInt iLast = 0;
 TInt iFirst = 0;
-if(aDescUsed)
+iLast = iMapping->Count();
-{
-aMessage.ReadL(1, iCurrentDescriptor);
-TSecurityObjectDescriptor& secDesc = iCurrentDescriptor();
-TInt status = ResolveCertMappingL(
-iCurrentDescriptor(), iObjectName, iFirst, EFalse, aStoreType);
-if(status == KErrNone)
-{
-iCount = 1;
-iLast = iFirst + 1;
-}
-}
-else
-{
-iLast = iMapping->Count();
-}
 CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry));
 CleanupStack::PushL(list);
 list->ResizeL(iCount * sizeof(TCertificateListEntry));
 TCertificateListEntry certInfo;
 for(TInt i = iFirst; i < iLast; i++)
 {
 CMapDescriptor* mapping = (*iMapping)[i];
-if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired)
+if(aInfoOnly || mapping->CertValidity() != CMapDescriptor::EExpired)
 {
-certInfo.iObjectName = mapping->iObjectName;
+certInfo.iObjectName = mapping->Label();
-certInfo.iOwnerType = mapping->iOwnerType;
+certInfo.iOwnerType = mapping->OwnerType();
-if(mapping->iTrustedAuthority != NULL)
+certInfo.iTrustedAuthority = mapping->TrustedAuthority();
-{
+certInfo.iIdentitySubjectName = mapping->IdentitySubjectName();
-certInfo.iTrustedAuthority = *(mapping->iTrustedAuthority);
+certInfo.iSerialNumber = mapping->SerialNumber();
-}
+certInfo.iSubjectKeyId = mapping->CertificateKeyId();
-if(mapping->iIdentitySubjectName != NULL)
+certInfo.iKeySize = mapping->KeySize();                   // Key size
-{
+certInfo.iKeyAlgorithm = mapping->KeyAlgorithm();         // RSA, DSA
-certInfo.iIdentitySubjectName = *(mapping->iIdentitySubjectName);
+certInfo.iIsDeletable = mapping->Deletable();           // IsDeletable
-}
-if(mapping->iSerialNumber != NULL)
-{
-certInfo.iSerialNumber = *(mapping->iSerialNumber);
-}
-certInfo.iSubjectKeyId = mapping->iSubjectKeyId;
-certInfo.iKeySize = mapping->iKeySize;                   // Key size
-certInfo.iKeyAlgorithm = mapping->iKeyAlgorithm;         // RSA, DSA
-certInfo.iIsDeletable = mapping->iIsDeletable;           // IsDeletable
 list->Write(pos * sizeof(TCertificateListEntry),
 (TAny*)&certInfo,
 sizeof(TCertificateListEntry));
 pos++;
 }
 void CPKIMapper::GetApplicableCertListL(const RMessage2& aMessage, const RArray<TUid>& aUidArray)
 {
-TBool uidMatch = EFalse;
+TInt pos = 0;
-TInt pos(0);
 CBufFlat* list = CBufFlat::NewL(sizeof(TCertificateListEntry));
 CleanupStack::PushL(list);
 list->ResizeL(iCount * sizeof(TCertificateListEntry));
 TCertificateListEntry certInfo;
 for(TInt i = 0; (i < iMapping->Count()) && (pos < iCount); i++)
 {
 CMapDescriptor* mapping = (*iMapping)[i];
-if(mapping->iOwnerType == EPKICACertificate)
+if(mapping->OwnerType() == EPKICACertificate)
 {
-if(CertValidity(mapping->iStartTime, mapping->iEndTime) != EExpired)
+if(mapping->CertValidity() != CMapDescriptor::EExpired)
 {
-uidMatch = EFalse;
+for(TInt j = 0; j < aUidArray.Count(); j++)
-for(TInt j = 0; j < mapping->iApplUids.Count(); j++)
 {
-for(TInt k = 0; k < aUidArray.Count(); k++)
+if(mapping->IsApplicable(aUidArray[j]))
 {
-if(mapping->iApplUids[j].iUid == aUidArray[k].iUid)
+certInfo.iObjectName = mapping->Label();
-{
+certInfo.iOwnerType = mapping->OwnerType();
-uidMatch = ETrue;
+certInfo.iTrustedAuthority = mapping->TrustedAuthority();
-break;
+certInfo.iIdentitySubjectName = mapping->IdentitySubjectName();
-}
+certInfo.iSerialNumber = mapping->SerialNumber();
-}
+certInfo.iSubjectKeyId = mapping->CertificateKeyId();
-if(uidMatch)
+certInfo.iKeySize = mapping->KeySize();                   // Key size
-{
+certInfo.iKeyAlgorithm = mapping->KeyAlgorithm();         // RSA, DSA
-certInfo.iObjectName = mapping->iObjectName;
+certInfo.iIsDeletable = mapping->Deletable();           // IsDeletable
-certInfo.iOwnerType = mapping->iOwnerType;
-if(mapping->iTrustedAuthority != NULL)
-{
-certInfo.iTrustedAuthority = *(mapping->iTrustedAuthority);
-}
-if(mapping->iIdentitySubjectName != NULL)
-{
-certInfo.iIdentitySubjectName = *(mapping->iIdentitySubjectName);
-}
-if(mapping->iSerialNumber != NULL)
-{
-certInfo.iSerialNumber = *(mapping->iSerialNumber);
-}
-certInfo.iSubjectKeyId = mapping->iSubjectKeyId;
-certInfo.iKeySize = mapping->iKeySize;                   // Key size
-certInfo.iKeyAlgorithm = mapping->iKeyAlgorithm;         // RSA, DSA
-certInfo.iIsDeletable = mapping->iIsDeletable;           // IsDeletable
 list->Write(pos * sizeof(TCertificateListEntry),
 (TAny*)&certInfo,
 sizeof(TCertificateListEntry));
 pos++;
 CleanupStack::PopAndDestroy(fileName);
 if(status == KErrNone)
 {
-aKeyId.Copy((*iMapping)[index]->iSubjectKeyId);
+aKeyId.Copy((*iMapping)[index]->CertificateKeyId());
 }
 else
 {
 LOG(Log::Printf(_L("ResolveKeyMapping: key NOT found\n")));
 LogSearchArguments(aDescriptor);
 */
 TBool CPKIMapper::LabelIsUnique(const TDesC& aLabel) const
 {
 for (TInt i(0); i < iMapping->Count(); i++)
 {
-if ((*iMapping)[i]->iObjectName.Compare(aLabel) == 0)
+if ((*iMapping)[i]->Label().Compare(aLabel) == 0)
 {
 return EFalse;
 }
 }
 return ETrue;
 for (TInt i(0); i < count; i++)
 {
 CMapDescriptor* mapitem = (*iMapping)[i];
 //  Use subject name for uniqueness criterion
-if (mapitem->iIdentitySubjectName)
+if (mapitem->IdentitySubjectName().Length() > 0)
 {
-if (subjectname->Compare(*(mapitem->iIdentitySubjectName)) == 0)
+if (subjectname->Compare(mapitem->IdentitySubjectName()) == 0)
 {
 LOG(Log::Printf(_L("Found an existing cert that matches subject")));
-if (issuername->Compare(*(mapitem->iTrustedAuthority)) == 0)
+if (issuername->Compare(mapitem->TrustedAuthority()) == 0)
 {
 ret = EFalse;
 break;
 }
 }
 }
-else if (mapitem->iTrustedAuthority && (subjectname->Compare(*issuername) == 0))
+else if (subjectname->Compare(*issuername) == 0)
 {
-if (subjectname->Compare(*(mapitem->iTrustedAuthority)) == 0)
+if (subjectname->Compare(mapitem->TrustedAuthority()) == 0)
 {
 LOG(Log::Printf(_L("Found an existing cert that matches subject (CA)")));
 ret = EFalse;
 break;
 }
 // If we found a match, process it further
 _LIT(KMidp2Label, "MIDP2");
 TBuf<12> buf;
 buf.Append(KMidp2Label);
 // Discard all MIDP2 certificates to avoid label-mapping problem
-if (buf.Compare(mapping->iObjectName) != 0)
+if (buf.Compare(mapping->Label()) != 0)
 {
-if(mapping->iEndTime > furthestEndTime)
+if(mapping->EndTime() > furthestEndTime)
 {
-furthestEndTime = mapping->iEndTime;
+furthestEndTime = mapping->EndTime();
 foundIndex = i;
 LOG(Log::Printf(_L("Resolve cert mapping: Tentatively found a suitable one")));
 // Continue to search the longest lasting certificate
 }
 }
 {
 aFilename.Zero();
 status = KErrNone;
 if(status == KErrNone)
 {
-aFilename.Append((*iMapping)[foundIndex]->iObjectName);
+aFilename.Append((*iMapping)[foundIndex]->Label());
 status = KErrNone;
 aIndex = foundIndex;
 }
 LOG(Log::Printf(_L("ResolveCertMapping: certificate found\n")));
 LogSearchArguments(aDescriptor);
 LogMap(*(*iMapping)[aIndex]);
 }
 return status;
 }
-TValidity CPKIMapper::CertValidity(const TTime &aStartTime,  const TTime &aEndTime)
-{
-TTimeIntervalSeconds tolerance(120);
-TTime currentTime;
-currentTime.UniversalTime();
-if (aEndTime <= currentTime)
-{
-return EExpired;
-}
-if (aStartTime >= currentTime + tolerance)
-{
-return ENotValidYet;
-}
-return EValid;
-}
 void CPKIMapper::LogSearchArguments(TSecurityObjectDescriptor &aDescriptor) const
 {
 TBuf<256> temp;
 LOG(Log::Printf(_L("====Object Search arguments====\n")));
 {
 LOG(Log::Printf(_L("KeyAlgorithm: %d\n"), aDescriptor.iKeyAlgorithm));
 }
 }
-TBool PkiUtil::MatchL(const CX500DistinguishedName& aDn1, const CX500DistinguishedName& aDn2)
-{
-if((aDn1.Count() == 0) || (aDn2.Count() == 0))
-{
-return EFalse;
-}
-if (aDn1.Count() < aDn2.Count())
-{
-return EFalse;
-}
-else
-{
-// For each field in aDn2, aDn1 must contain a field with the same value
-for (TInt i = 0; i < aDn2.Count(); i++)
-{
-if (!HasElementL(aDn1, aDn2.Element(i)))
-{
-return EFalse;
-}
-}
-}
-return ETrue;
-}
-TBool PkiUtil::HasElementL(const CX500DistinguishedName& aDn, const CX520AttributeTypeAndValue& aElement)
-{
-for (TInt i = 0; i < aDn.Count(); i++)
-{
-if (aElement.ExactMatchL(aDn.Element(i)))
-{
-return ETrue;
-}
-}
-return EFalse;
-}

changeset 1	c9c2ad51f972
parent 0	33413c0669b9
child 2	ef893827b4d1