MCL/sf/mw/vpnclient: comparison vpnengine/pkiservice/src/pkiwrapper.cpp

equal deleted inserted replaced

-:33413c0669b9
+:c9c2ad51f972
 #include <x509cert.h>
 #include "pkiwrapper.h"
 #include "PKIMapper.h"
+#include "mapdescriptor.h"
 #include "pkisession.h"
 #include "pkisupport.h"
+#include "pkiserviceassert.h"
 #include "log_r6.h"
 CPKIWrapper* CPKIWrapper::NewL(CPKIMapper& aMapper)
 CPKIWrapper::~CPKIWrapper()
 {
 LOG_("-> CPKIWrapper::~CPKIWrapper()");
 Cancel();
-delete iCurrentMapping;
 delete iObjectName;
 delete iCertBuffer;
 iUidArray.Close();
 delete iPKISupport;
 //====================================================================================================================================
 /**
 *   Initialization routine
 */
 //====================================================================================================================================
-TInt CPKIWrapper::InitOperation(const RMessage2& aMessage)
+void CPKIWrapper::InitOperation(const RMessage2& aMessage)
 {
-if (IsActive())
+if (iMessage.Handle() != 0)
 {
 LOG(Log::Printf(_L("Pkiservice busy. Function %d\n"), aMessage.Function()));
-return KPKIErrServiceBusy;
+aMessage.Complete(KPKIErrServiceBusy);
-}
+}
-LOG(Log::Printf(_L("InitOperation function %d\n"), aMessage.Function()));
+else
-iCurrentStatus = KErrNone;              // Clear status
+{
-iCurrentState = EExecute;               // Set state
+LOG(Log::Printf(_L("InitOperation function %d\n"), aMessage.Function()));
-iMessage = aMessage;                    // Save message
+iCurrentStatus = KErrNone;              // Clear status
-iPKISupport->SetCurrentFunction(iMessage.Function());
+iCurrentState = EExecute;               // Set state
-iIndex = KErrNotFound;
+iMessage = aMessage;                    // Save message
+iPKISupport->SetCurrentFunction(iMessage.Function());
-// Trigger function
+iIndex = KErrNotFound;
-iStatus = KRequestPending;
-SetActive();
+// Trigger function
-TRequestStatus *status = &iStatus;
+iStatus = KRequestPending;
-User::RequestComplete(status, KErrNone);
+SetActive();
+TRequestStatus *status = &iStatus;
-return KErrNone;
+User::RequestComplete(status, KErrNone);
+}
 }
 /**---------------------------------------------------------
 *
 * CancelPendingOperation
 {
 TInt index;
 LOG(Log::Printf(_L("CPKIWrapper::ExecuteReadCertificateL()\n")));
 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName,
 index, iInfoOnly,
 iPKISupport->CertStoreType());
 if(iCurrentStatus == KErrNone)
 {
-TSecurityObjectDescriptor sdesc = iCurrentDescriptor();
+const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index);
 iCurrentState = EComplete;
-iPKISupport->RetrieveCertificateL(*iObjectName, iPtrCertBuffer, sdesc.iOwnerType, iStatus);
+iPKISupport->RetrieveCertificateL(mapping.Label(),
+mapping.CertificateKeyId(),
+iPtrCertBuffer, mapping.OwnerType(), iStatus);
 SetActive();
 }
 LOG_1("CPKIWrapper::ExecuteReadCertificateL() exit:%d", iCurrentStatus);
 }
 iPtrCertBuffer);
 if (certIsNew)
 {
 LOG(Log::Printf(_L("Creating new certificate entry\n")));
-delete iCurrentMapping;
-iCurrentMapping = NULL;
-iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor());
 iMapper.GenerateUniqueNameL(iPtrCertBuffer, *iObjectName);
-iCurrentMapping->SetMapObjectName(*iObjectName);
-SaveIdentityL(*iCurrentMapping, iPtrCertBuffer, (TCertificateOwnerType)iCurrentDescriptor().iOwnerType);
 TPkiServiceStoreType storeType = iPKISupport->CertStoreType();
 if (storeType == EPkiStoreTypeAny)
 {
 storeType = EPkiStoreTypeUser;
 }
-iCurrentMapping->SetCertStoreType(storeType);
+CX509Certificate* certificate = CX509Certificate::NewLC(iPtrCertBuffer);
-if(iCurrentStatus == KErrNone)
-{
+PKISERVICE_ASSERT(iCurrentMapping == NULL);
-LOG(Log::Printf(_L("Status OK, identity saved\n")));
+CMapDescriptor* newMapping = CMapDescriptor::NewL(*iObjectName,
-iCurrentStatus = KErrNone;
+*certificate,
-iCurrentState = EComplete;
+iCurrentDescriptor().iOwnerType,
-LOG(Log::Printf(_L("Storing CERT with LABEL:")));
+storeType);
-LOG(Log::Printf(iCurrentMapping->iObjectName));
+CleanupStack::PushL(newMapping);
-iPKISupport->StoreCertificateL(iCurrentMapping->iObjectName,
+newMapping->SetMapDeletable(iCurrentDescriptor().iIsDeletable);
-(TCertificateOwnerType)iCurrentDescriptor().iOwnerType,
-iPtrCertBuffer, iCurrentDescriptor().iIsDeletable, iStatus);
+iCurrentStatus = KErrNone;
-LOG(Log::Printf(_L("CERT stored\n")));
+iCurrentState = EComplete;
-SetActive();
+LOG(Log::Printf(_L("Storing CERT with LABEL:")));
-}
+LOG(Log::Printf(*iObjectName));
+iPKISupport->StoreCertificateL(*iObjectName,
+(TCertificateOwnerType)iCurrentDescriptor().iOwnerType,
+iPtrCertBuffer, iCurrentDescriptor().iIsDeletable, iStatus);
+iCurrentMapping = newMapping;
+CleanupStack::Pop(newMapping);
+CleanupStack::PopAndDestroy(certificate);
+LOG(Log::Printf(_L("CERT stored\n")));
+SetActive();
 }
 else
 {
 // Identical certificate already existed, no need to add this one.
 // Set current status to KErrBadName so that the operations can
 void CPKIWrapper::ExecuteAttachCertificateL()
 {
 LOG(Log::Printf(_L("ExecuteAttachCertificateL")));
 iMapper.GenerateUniqueNameL(iPtrCertBuffer, *iObjectName, EUserCertificate);
-delete iCurrentMapping;
-iCurrentMapping = NULL;
-iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor());
-iCurrentMapping->SetMapObjectName(*iObjectName);
-SaveIdentityL(*iCurrentMapping, iPtrCertBuffer, (TCertificateOwnerType)iCurrentDescriptor().iOwnerType);
 TPkiServiceStoreType storeType = iPKISupport->CertStoreType();
 if (storeType == EPkiStoreTypeAny)
 {
 storeType = EPkiStoreTypeUser;
 }
-iCurrentMapping->SetCertStoreType(storeType);
-if(iCurrentStatus == KErrNone)
+PKISERVICE_ASSERT(iCurrentMapping == NULL);
-{
-iCurrentStatus = KErrNone;
+CX509Certificate* certificate = CX509Certificate::NewLC(iPtrCertBuffer);
-iCurrentState = EComplete;
+CMapDescriptor* newMapping = CMapDescriptor::NewL(*iObjectName,
-LOG(Log::Printf(_L("Attaching certificate")));
+*certificate,
-LOG(Log::Printf(iCurrentMapping->iObjectName));
+iCurrentDescriptor().iOwnerType,
-iPKISupport->AttachCertificateL(iCurrentMapping->iObjectName, iCurrentDescriptor().iSubjectKeyId, iPtrCertBuffer, iStatus);
+storeType);
-LOG(Log::Printf(_L("Certificate attached")));
+CleanupStack::PushL(newMapping);
-SetActive();
+newMapping->SetMapDeletable(iCurrentDescriptor().iIsDeletable);
-}
+iCurrentStatus = KErrNone;
+iCurrentState = EComplete;
+LOG(Log::Printf(_L("Attaching certificate")));
+LOG(Log::Printf(*iObjectName));
+iPKISupport->AttachCertificateL(*iObjectName, iPtrCertBuffer, iStatus);
+LOG(Log::Printf(_L("Certificate attached")));
+iCurrentMapping = newMapping;
+CleanupStack::Pop(newMapping);
+CleanupStack::PopAndDestroy(certificate);
+SetActive();
 }
 /**---------------------------------------------------------
 *
 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(),
 *iObjectName, index, iInfoOnly,
 iPKISupport->CertStoreType());
 if(iCurrentStatus == KErrNone)
 {
-delete iCurrentMapping;
+const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index);
-iCurrentMapping = NULL;
+TPKIKeyIdentifier keyId = mapping.CertificateKeyId();
-iCurrentMapping = new (ELeave) CMapDescriptor(iCurrentDescriptor());
+iMapper.DeleteMapping(index);
-*iCurrentMapping = iMapper.GetMapDescriptorAtIndex(index);
 iCurrentState = EComplete;
-iPKISupport->RemoveCertificateL(*iObjectName, iStatus);
+iPKISupport->RemoveCertificateL(*iObjectName, keyId, iStatus);
 SetActive();
 }
 }
 /**---------------------------------------------------------
 index, iInfoOnly,
 iPKISupport->CertStoreType());
 if(iCurrentStatus == KErrNone)
 {
 const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index);
-if (mapping.iOwnerType == EPKICACertificate)
+if (mapping.OwnerType() == EPKICACertificate)
 {
 iCurrentState = EComplete;
-iPKISupport->SetTrustL(*iObjectName, iTrusted, iStatus);
+iPKISupport->SetTrustL(*iObjectName, mapping.CertificateKeyId(),
+iTrusted, iStatus);
 SetActive();
 }
 else
 {
 iCurrentStatus = KErrArgument;
 iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName,
 index, iInfoOnly,
 iPKISupport->CertStoreType());
 if(iCurrentStatus == KErrNone)
 {
+const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index);
 iCurrentState = EComplete;
-iPKISupport->TrustedL(*iObjectName, iStatus);
+iPKISupport->TrustedL(*iObjectName, mapping.CertificateKeyId(), iStatus);
 SetActive();
 }
 }
 /**---------------------------------------------------------
 *
 *----------------------------------------------------------*/
 void CPKIWrapper::ExecuteSetApplicabilityL()
 {
 TInt index(KErrNotFound);
-iCurrentStatus = iMapper.ResolveCertMappingL(
+iCurrentStatus = iMapper.ResolveCertMappingL(iCurrentDescriptor(), *iObjectName,
-iCurrentDescriptor(), *iObjectName,
+index, iInfoOnly,
-index, iInfoOnly,
+iPKISupport->CertStoreType());
-iPKISupport->CertStoreType());
 	// Save index
 	iIndex = index;
 if(iCurrentStatus == KErrNone)
 {
 LOG_1("ExecuteSetApplicabilityL:%d", iIndex);
+const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index);
 iCurrentState = EComplete;
-iPKISupport->SetApplicabilityL(*iObjectName, iUidArray, iStatus);
+iPKISupport->SetApplicabilityL(*iObjectName, mapping.CertificateKeyId(), iUidArray, iStatus);
 SetActive();
 }
 }
 /**---------------------------------------------------------
 index, iInfoOnly,
 iPKISupport->CertStoreType());
 iUidArray.Close();
 if(iCurrentStatus == KErrNone)
 {
+const CMapDescriptor& mapping = iMapper.GetMapDescriptorAtIndex(index);
 iCurrentState = EComplete;
-iPKISupport->ApplicationsL(*iObjectName, iStatus);
+iPKISupport->ApplicationsL(*iObjectName, mapping.CertificateKeyId(), iStatus);
 SetActive();
 }
 }
 // FALLTROUGH
 case PkiService::EAttachCertificate:
 if (iCurrentStatus == KErrNone)
 {
 User::LeaveIfError(
-iMapper.AddMapping(*iCurrentMapping) );
+iMapper.AddMapping(iCurrentMapping) );
-iCurrentMapping = NULL;
+}
-}
+else
+{
+delete iCurrentMapping;
+}
+iCurrentMapping = NULL;
 if (iCurrentStatus == KErrBadName)
 {
 // Already exists
 iCurrentStatus = KErrNone;
 }
 break;
 case PkiService::ERemoveCertificate:
-if (iCurrentStatus == KErrNone)
-{
-iMapper.DeleteMapping(*iCurrentMapping);
-}
 break;
 		case PkiService::ESetApplicability:
 			if (iCurrentStatus == KErrNone)
 				{
-				iMapper.GetMapDescriptorAtIndex(iIndex).iApplUids.Close();
+				iMapper.GetMapDescriptorAtIndex(iIndex).SetMapApplications(iUidArray);
-				TUint i;
-				for(i=0;i<iCount;i++)
-					{
-					iMapper.GetMapDescriptorAtIndex(iIndex).iApplUids.Append(iUidArray[i]);
-					}
 				}
 			break;
 case PkiService::ETrusted:
 if (iCurrentStatus == KErrNone)
 LOG(Log::Printf(_L("Complete function %d, status %d\n"),
 iMessage.Function(), iCurrentStatus));
 delete iCertBuffer;
-delete iCurrentMapping;
-iCurrentMapping = NULL;
 iCertBuffer = NULL;
 iMessage.Complete(iCurrentStatus);
 }
 }
 TInt CPKIWrapper::RunError(TInt aError)
 {
 LOG(Log::Printf(_L("CPKIWrapper::RunError, Complete function %d, status %d\n"), iMessage.Function(), aError));
 delete iCertBuffer;
-delete iCurrentMapping;
-iCurrentMapping = NULL;
 iCertBuffer = NULL;
 iMessage.Complete(aError);
 return KErrNone;
 }
 if ( iPKISupport )
 {
 iPKISupport->Cancel();
 }
 iMessage.Complete(KErrCancel);
 }
-void CPKIWrapper::SaveIdentityL(CMapDescriptor &aCertDesc,
-const TDesC8& aCertDataIn,
-TCertificateOwnerType aOwner)
-{
-LOG(Log::Printf(_L("CPKIWrapper::SaveIdentityL()\n")));
-CX509Certificate* certificate = CX509Certificate::NewLC(aCertDataIn);
-// Validity period
-aCertDesc.SetMapStartTime(certificate->ValidityPeriod().Start());
-aCertDesc.SetMapEndTime(certificate->ValidityPeriod().Finish());
-// Copy issuer
-const TPtrC8* issuer = certificate->DataElementEncoding(CX509Certificate::EIssuerName);
-aCertDesc.SetMapTrustedAuthorityL(*issuer);
-// Copy subject name
-const TPtrC8* subject = certificate->DataElementEncoding(CX509Certificate::ESubjectName);
-aCertDesc.SetMapIdentitySubjectNameL(*subject);
-// Copy rfc822 name from subjectAlt name
-const CX509CertExtension* subjAltName = certificate->Extension(KSubjectAltName);
-if(subjAltName != NULL)
-{
-CX509AltNameExt* subjectAlt = CX509AltNameExt::NewLC(subjAltName->Data());
-if(subjectAlt != NULL)
-{
-const CArrayPtrFlat<CX509GeneralName> *nameArray;
-nameArray = &subjectAlt->AltName();
-// Search rfc822
-for(TInt i = 0; i < nameArray->Count(); i++)
-{
-if(nameArray->At(i)->Tag() == EX509RFC822Name)
-{
-TPtrC8 data = nameArray->At(i)->Data();
-aCertDesc.SetMapIdentityRfc822NameL(data.Right(data.Length() - 2));
-break;
-}
-}
-}
-CleanupStack::PopAndDestroy(subjectAlt);
-}
-// Key usage
-const CX509CertExtension* keyUsage = certificate->Extension(KKeyUsage);
-if((keyUsage != NULL) && keyUsage->Critical())
-{
-aCertDesc.iKeyUsageDer.Copy(keyUsage->Data());
-}
-// Serial number
-	const TPtrC8* serial = certificate->DataElementEncoding(CX509Certificate::ESerialNumber);
-	if(serial != NULL)
-		{
-		aCertDesc.SetMapSerialNumberL(*serial);
-		}
-	// Set Subject Key Identifier if we are handling CA
-	if(aOwner == ECACertificate)
-	{
-	    TPKIKeyIdentifier keyId = certificate->SubjectKeyIdentifierL();
-	    aCertDesc.SetMapSubjectKeyId(keyId);
-	}
-CleanupStack::PopAndDestroy(certificate);
-if(CPKIMapper::CertValidity(aCertDesc.iStartTime, aCertDesc.iEndTime) == EExpired)
-{
-LOG(Log::Printf(_L("Certificate expired\n")));
-}
-}
 void CPKIWrapper::SetCertStoreType(TPkiServiceStoreType aStoreType)
 {
 	LOG(Log::Printf(_L("CPKIWrapper: SETTING CERT STORE TYPE: %d\n"), aStoreType));
 iPKISupport->SetCertStoreType(aStoreType);
 }
 TPkiServiceStoreType CPKIWrapper::CertStoreType() const
 {
 return iPKISupport->CertStoreType();
 }
 void CPKIWrapper::SetInformational(const TBool aInfoOnly)
 {
 iInfoOnly = aInfoOnly;
 }
+TBool CPKIWrapper::Informational() const
+{
+return iInfoOnly;
+}

changeset 1	c9c2ad51f972
parent 0	33413c0669b9
child 4	29b591713d44