|
1 /* |
|
2 * Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * tcertuils.cpp |
|
16 * |
|
17 */ |
|
18 |
|
19 |
|
20 #include "tcertutils.h" |
|
21 #include <wtlscert.h> |
|
22 #include <certificateapps.h> |
|
23 #include <t_input.h> |
|
24 #include <ccertattributefilter.h> |
|
25 #include <cctcertinfo.h> |
|
26 #include <mctwritablecertstore.h> |
|
27 |
|
28 |
|
29 EXPORT_C CCertUtils* CCertUtils::NewL(RFs& aFs) |
|
30 { |
|
31 CCertUtils* self = CCertUtils::NewLC(aFs); |
|
32 CleanupStack::Pop(self); |
|
33 return self; |
|
34 } |
|
35 |
|
36 EXPORT_C CCertUtils* CCertUtils::NewLC(RFs& aFs) |
|
37 { |
|
38 CCertUtils* self = new(ELeave) CCertUtils(aFs); |
|
39 CleanupStack::PushL(self); |
|
40 self->ConstructL(); |
|
41 return self; |
|
42 } |
|
43 |
|
44 CCertUtils::CCertUtils(RFs& aFs) |
|
45 : CActive(EPriorityNormal), iFs(aFs) |
|
46 { |
|
47 CActiveScheduler::Add(this); |
|
48 } |
|
49 |
|
50 EXPORT_C CCertUtils::~CCertUtils() |
|
51 { |
|
52 Cancel(); |
|
53 |
|
54 delete iCertificate; |
|
55 delete iCreatedUnifiedCertStore; |
|
56 |
|
57 delete iCertData; |
|
58 delete iLabelData; |
|
59 delete iSecondCertUtils; |
|
60 |
|
61 delete iCAFilter; |
|
62 delete iUserFilter; |
|
63 |
|
64 iCACertStoreEntries.Close(); // The entries are owned by us |
|
65 iUserCertStoreEntries.Close(); // The entries are owned by us |
|
66 iTrusters.Close(); |
|
67 } |
|
68 |
|
69 /** |
|
70 This function handles all the asynchronous calls. There is at least |
|
71 one state for each of the functions of CCertUtils that requires |
|
72 asynchronicity. |
|
73 */ |
|
74 void CCertUtils::RunL() |
|
75 { |
|
76 if (iStatus != KErrNone) |
|
77 { |
|
78 User::RequestComplete(iOriginalRequestStatus, iStatus.Int()); |
|
79 return; |
|
80 } |
|
81 |
|
82 switch (iState) |
|
83 { |
|
84 // Used for AddCACerts |
|
85 case EAddCACerts: |
|
86 HandleEAddCACertsL(); |
|
87 break; |
|
88 |
|
89 // Used for AddCert |
|
90 case EAddCert: |
|
91 TRAPD(err, HandleEAddCACertL()); |
|
92 if (err != KErrNone) |
|
93 { |
|
94 iDiagnosticState = EAddCert; |
|
95 User::RequestComplete(iOriginalRequestStatus, err); |
|
96 } |
|
97 break; |
|
98 case EAddCACertGetCAEntry: |
|
99 HandleEAddCACertGetCAEntry(); |
|
100 break; |
|
101 case EAddCACertSetApplications: |
|
102 HandleEAddCACertSetApplicationsL(); |
|
103 break; |
|
104 case EAddCACertSetTrust: |
|
105 HandleEAddCACertSetTrust(); |
|
106 break; |
|
107 case EAddCACertFinished: |
|
108 HandleEAddCACertFinishedL(); |
|
109 delete iCreatedUnifiedCertStore; |
|
110 iCreatedUnifiedCertStore = 0; |
|
111 break; |
|
112 |
|
113 // Used for RemoveCerts |
|
114 case ERemoveCertsGetCACerts: |
|
115 HandleERemoveCertsGetCACerts(); |
|
116 break; |
|
117 case ERemoveCertsCACertsRetrieved: |
|
118 HandleERemoveCertsCACertsRetrieved(); |
|
119 break; |
|
120 case ERemoveCertsRemoveCACerts: |
|
121 HandleERemoveCertsRemoveCACerts(); |
|
122 break; |
|
123 case ERemoveCertsGetUserCerts: |
|
124 HandleERemoveCertsGetUserCerts(); |
|
125 break; |
|
126 case ERemoveCertsUserCertsRetrieved: |
|
127 HandleERemoveCertsUserCertsRetrieved(); |
|
128 break; |
|
129 case ERemoveCertsRemoveUserCerts: |
|
130 HandleERemoveCertsRemoveUserCerts(); |
|
131 break; |
|
132 case ERemoveCertsFinished: |
|
133 HandleERemoveCertsFinished(); |
|
134 delete iCreatedUnifiedCertStore; |
|
135 iCreatedUnifiedCertStore = 0; |
|
136 break; |
|
137 |
|
138 default: |
|
139 break; |
|
140 } |
|
141 } |
|
142 |
|
143 TInt CCertUtils::RunError(TInt aError) |
|
144 { |
|
145 User::RequestComplete(iOriginalRequestStatus, aError); |
|
146 return KErrNone; |
|
147 } |
|
148 |
|
149 void CCertUtils::DoCancel() |
|
150 { |
|
151 if (iSecondCertUtils) |
|
152 iSecondCertUtils->Cancel(); |
|
153 |
|
154 if (iUnifiedCertStore) |
|
155 { |
|
156 iUnifiedCertStore->Cancel(); |
|
157 if (iUnifiedCertStore->WritableCertStoreCount() != 0) |
|
158 { |
|
159 MCTWritableCertStore *store; |
|
160 store = &iUnifiedCertStore->WritableCertStore(0); |
|
161 store->CancelRemove(); |
|
162 store->CancelSetApplicability(); |
|
163 } |
|
164 } |
|
165 |
|
166 if (iStore) |
|
167 iStore->CancelAdd(); |
|
168 } |
|
169 |
|
170 EXPORT_C CCertificate* CCertUtils::CertFromFileLC(const TDesC& aFilename, |
|
171 const TDesC& aPathname, |
|
172 RFs& aFs, |
|
173 TCertificateFormat aFormat) |
|
174 { |
|
175 TFileName fullname; |
|
176 fullname.Append(aPathname); |
|
177 fullname.Append(aFilename); |
|
178 HBufC8* certBuf = Input::ReadFileLC(fullname, aFs); |
|
179 CCertificate* cert = 0; |
|
180 if (aFormat == EX509Certificate) |
|
181 { |
|
182 cert = CX509Certificate::NewLC(*certBuf); |
|
183 } |
|
184 else if (aFormat == EWTLSCertificate) |
|
185 { |
|
186 cert = CWTLSCertificate::NewLC(*certBuf); |
|
187 } |
|
188 CleanupStack::Pop();//cert |
|
189 CleanupStack::PopAndDestroy();//buf |
|
190 CleanupStack::PushL(cert); |
|
191 return cert; |
|
192 } |
|
193 |
|
194 EXPORT_C CCertificate* CCertUtils::CertFromFileL(const TDesC& aFilename, |
|
195 const TDesC& aPathname, |
|
196 RFs& aFs, |
|
197 TCertificateFormat aFormat) |
|
198 { |
|
199 CCertificate* cert = CertFromFileLC(aFilename, aPathname, aFs, aFormat); |
|
200 CleanupStack::Pop(); |
|
201 return cert; |
|
202 } |
|
203 |
|
204 EXPORT_C void CCertUtils::AddCertL(const TDesC& aLabel, |
|
205 TCertificateFormat aFormat, |
|
206 TCertificateOwnerType aCertificateOwnerType, |
|
207 TInt aTrustedUsage, |
|
208 const TDesC& aCertificatePath, |
|
209 const TDesC& aCertificateFileName, |
|
210 TRequestStatus& aStatus) |
|
211 { |
|
212 iOriginalRequestStatus = &aStatus; |
|
213 aStatus = KRequestPending; |
|
214 |
|
215 // We set up the member variable as required for this function |
|
216 iCertificateFileName = &aCertificateFileName; |
|
217 iLabel = &aLabel; |
|
218 iFormat = aFormat; |
|
219 iTrustedUsage = aTrustedUsage; |
|
220 iPath = &aCertificatePath; |
|
221 iCertificateOwnerType = aCertificateOwnerType; |
|
222 |
|
223 if (iCreatedUnifiedCertStore) |
|
224 { |
|
225 delete iCreatedUnifiedCertStore; |
|
226 } |
|
227 |
|
228 iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for |
|
229 // writing |
|
230 iUnifiedCertStore = iCreatedUnifiedCertStore; |
|
231 iCreatedUnifiedCertStore->Initialize(iStatus); |
|
232 iState = EAddCert; |
|
233 SetActive(); |
|
234 } |
|
235 |
|
236 EXPORT_C void CCertUtils::AddCert(const TDesC& aLabel, |
|
237 TCertificateFormat aFormat, |
|
238 TCertificateOwnerType aCertificateOwnerType, |
|
239 TInt aTrustedUsage, |
|
240 const TDesC& aCertificatePath, |
|
241 const TDesC& aCertificateFileName, |
|
242 CUnifiedCertStore& aUnifiedCertStore, |
|
243 TRequestStatus& aStatus) |
|
244 { |
|
245 iOriginalRequestStatus = &aStatus; |
|
246 aStatus = KRequestPending; |
|
247 |
|
248 // We set up the member variable as required for this function |
|
249 iCertificateFileName = &aCertificateFileName; |
|
250 iLabel = &aLabel; |
|
251 iFormat = aFormat; |
|
252 iTrustedUsage = aTrustedUsage; |
|
253 iPath = &aCertificatePath; |
|
254 iCertificateOwnerType = aCertificateOwnerType; |
|
255 iUnifiedCertStore = &aUnifiedCertStore; |
|
256 |
|
257 iState = EAddCert; |
|
258 SetActive(); |
|
259 TRequestStatus* status = &iStatus; |
|
260 User::RequestComplete(status, KErrNone); |
|
261 } |
|
262 |
|
263 EXPORT_C void CCertUtils::AddCACertsL(const CDesCArray& aRoots, |
|
264 const CDesCArray& aLabels, |
|
265 TCertificateFormat aFormat, |
|
266 TInt aTrustedUsage, |
|
267 const TDesC& aPath, |
|
268 TRequestStatus& aStatus) |
|
269 { |
|
270 iOriginalRequestStatus = &aStatus; |
|
271 aStatus = KRequestPending; |
|
272 |
|
273 // We set up the member variable as required for this function |
|
274 iRoots = &aRoots; |
|
275 iFormat = aFormat; |
|
276 iLabels = &aLabels; |
|
277 iTrustedUsage = aTrustedUsage; |
|
278 iPath = &aPath; |
|
279 |
|
280 iIndex = -1; // -1 because it will be incremented before its first use |
|
281 if (!iSecondCertUtils) |
|
282 { |
|
283 iSecondCertUtils = CCertUtils::NewL(iFs); |
|
284 } |
|
285 |
|
286 if (iCreatedUnifiedCertStore) |
|
287 { |
|
288 delete iCreatedUnifiedCertStore; |
|
289 } |
|
290 |
|
291 iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for |
|
292 // writing |
|
293 iUnifiedCertStore = iCreatedUnifiedCertStore; |
|
294 iCreatedUnifiedCertStore->Initialize(iStatus); |
|
295 |
|
296 iState = EAddCACerts; |
|
297 SetActive(); |
|
298 } |
|
299 |
|
300 EXPORT_C void CCertUtils::AddCACertsL(const CDesCArray& aRoots, |
|
301 const CDesCArray& aLabels, |
|
302 TCertificateFormat aFormat, |
|
303 TInt aTrustedUsage, |
|
304 const TDesC& aPath, |
|
305 CUnifiedCertStore& aUnifiedCertStore, |
|
306 TRequestStatus& aStatus) |
|
307 { |
|
308 iOriginalRequestStatus = &aStatus; |
|
309 aStatus = KRequestPending; |
|
310 |
|
311 // We set up the member variable as required for this function |
|
312 iRoots = &aRoots; |
|
313 iFormat = aFormat; |
|
314 iLabels = &aLabels; |
|
315 iTrustedUsage = aTrustedUsage; |
|
316 iPath = &aPath; |
|
317 iUnifiedCertStore = &aUnifiedCertStore; |
|
318 |
|
319 iIndex = -1; // -1 because it will be incremented before its first use |
|
320 if (!iSecondCertUtils) |
|
321 { |
|
322 iSecondCertUtils = CCertUtils::NewL(iFs); |
|
323 } |
|
324 |
|
325 iState = EAddCACerts; |
|
326 SetActive(); |
|
327 TRequestStatus* status = &iStatus; |
|
328 User::RequestComplete(status, KErrNone); |
|
329 } |
|
330 |
|
331 EXPORT_C void CCertUtils::RemoveCertsL(CUnifiedCertStore& aUnifiedCertStore, |
|
332 TRequestStatus& aStatus) |
|
333 { |
|
334 iOriginalRequestStatus = &aStatus; |
|
335 aStatus = KRequestPending; |
|
336 iUnifiedCertStore = &aUnifiedCertStore; |
|
337 |
|
338 iState = ERemoveCertsGetCACerts; |
|
339 TRequestStatus* status = &iStatus; |
|
340 User::RequestComplete(status, KErrNone); |
|
341 SetActive(); |
|
342 } |
|
343 |
|
344 EXPORT_C void CCertUtils::RemoveCertsL(TRequestStatus& aStatus) |
|
345 { |
|
346 iOriginalRequestStatus = &aStatus; |
|
347 aStatus = KRequestPending; |
|
348 iState = ERemoveCertsGetCACerts; |
|
349 |
|
350 if (iCreatedUnifiedCertStore) |
|
351 { |
|
352 delete iCreatedUnifiedCertStore; |
|
353 } |
|
354 |
|
355 iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for |
|
356 // writing |
|
357 iUnifiedCertStore = iCreatedUnifiedCertStore; |
|
358 iCreatedUnifiedCertStore->Initialize(iStatus); |
|
359 SetActive(); |
|
360 } |
|
361 |
|
362 EXPORT_C void CCertUtils::WriteError(TValidationError aError, Output& aOut) |
|
363 { |
|
364 aOut.writeString(CCertUtils::MapError(aError)); |
|
365 } |
|
366 |
|
367 EXPORT_C TPtrC CCertUtils::MapError(TValidationError aError) |
|
368 { |
|
369 |
|
370 switch(aError) |
|
371 { |
|
372 //errors |
|
373 case EValidatedOK: |
|
374 { |
|
375 return (_L("Validated OK")); |
|
376 } |
|
377 case EChainHasNoRoot: |
|
378 { |
|
379 return(_L("Chain has no root")); |
|
380 } |
|
381 case ESignatureInvalid: |
|
382 { |
|
383 return(_L("Signature invalid")); |
|
384 } |
|
385 case EDateOutOfRange: |
|
386 { |
|
387 return(_L("Date out of range")); |
|
388 } |
|
389 case ENameIsExcluded: |
|
390 { |
|
391 return(_L("Name is excluded")); |
|
392 } |
|
393 case ENameNotPermitted: |
|
394 { |
|
395 return(_L("Name is not permitted")); |
|
396 } |
|
397 case ECertificateRevoked: |
|
398 { |
|
399 return(_L("Certificate revoked")); |
|
400 } |
|
401 case EUnrecognizedCriticalExtension: |
|
402 { |
|
403 return(_L("Unrecognized Critical Extension")); |
|
404 } |
|
405 case ENoBasicConstraintInCACert: |
|
406 { |
|
407 return(_L("CA cert with no Basic Constraint")); |
|
408 } |
|
409 case ENoAcceptablePolicy: |
|
410 { |
|
411 return(_L("No acceptable policy")); |
|
412 } |
|
413 case EPathTooLong: |
|
414 { |
|
415 return(_L("Path too long")); |
|
416 } |
|
417 case ENegativePathLengthSpecified: |
|
418 { |
|
419 return(_L("Negative path length specified")); |
|
420 } |
|
421 case ENamesDontChain: |
|
422 { |
|
423 return(_L("Names don't chain")); |
|
424 } |
|
425 case ERequiredPolicyNotFound: |
|
426 { |
|
427 return(_L("Required policy not found")); |
|
428 } |
|
429 case EBadKeyUsage: |
|
430 { |
|
431 return(_L("Bad key usage")); |
|
432 } |
|
433 case ENotCACert: |
|
434 { |
|
435 return(_L("Non-CA cert used as CA cert")); |
|
436 } |
|
437 //warnings |
|
438 case ERootCertNotSelfSigned: |
|
439 { |
|
440 return(_L("Root cert not self-signed")); |
|
441 } |
|
442 case ECriticalExtendedKeyUsage: |
|
443 { |
|
444 return(_L("Critical extended key usage")); |
|
445 } |
|
446 case ECriticalCertPoliciesWithQualifiers: |
|
447 { |
|
448 return(_L("Critical cert policies with qualifiers")); |
|
449 } |
|
450 case ECriticalPolicyMapping: |
|
451 { |
|
452 return(_L("Critical policy mapping")); |
|
453 } |
|
454 case ECriticalDeviceId: |
|
455 { |
|
456 return(_L("Critical Device Id")); |
|
457 } |
|
458 case ECriticalSid: |
|
459 { |
|
460 return(_L("Critical Sid")); |
|
461 } |
|
462 case ECriticalVid: |
|
463 { |
|
464 return(_L("Critical Vid")); |
|
465 } |
|
466 case ECriticalCapabilities: |
|
467 { |
|
468 return(_L("Critical Capabilities")); |
|
469 } |
|
470 } |
|
471 return (_L("Unknown Error")); |
|
472 } |
|
473 |
|
474 |
|
475 EXPORT_C HBufC* CCertUtils::DiagnosticLC() const |
|
476 { |
|
477 HBufC* result = HBufC::NewLC(600); |
|
478 switch (iDiagnosticState) |
|
479 { |
|
480 case EAddCert: |
|
481 result->Des().Append(_L("EAddCACert")); |
|
482 result->Des().Append(_L(" : ")); |
|
483 result->Des().Append(iDiagnosticMessage); |
|
484 break; |
|
485 |
|
486 default: |
|
487 break; |
|
488 } |
|
489 |
|
490 return result; |
|
491 } |
|
492 |
|
493 EXPORT_C void CCertUtils::AddApplicationL(const TDesC& aName, TUid aUid) const |
|
494 { |
|
495 CCertificateAppInfoManager* appManager = CCertificateAppInfoManager::NewL(iFs, ETrue); |
|
496 CleanupStack::PushL(appManager); |
|
497 |
|
498 // Only add the application if it doesn't exist already |
|
499 const RArray<TCertificateAppInfo>& apps = appManager->Applications(); |
|
500 TInt i; |
|
501 for (i = 0 ; i < apps.Count() ; ++i) |
|
502 { |
|
503 if (apps[i].Id() == aUid && apps[i].Name() == aName) |
|
504 break; |
|
505 } |
|
506 |
|
507 if (i == apps.Count()) |
|
508 { |
|
509 appManager->AddL(TCertificateAppInfo(aUid, aName)); |
|
510 } |
|
511 |
|
512 CleanupStack::PopAndDestroy(appManager); |
|
513 } |
|
514 |
|
515 EXPORT_C void CCertUtils::RemoveApplicationL(TUid aUid) const |
|
516 { |
|
517 CCertificateAppInfoManager* appManager = CCertificateAppInfoManager::NewL(iFs, ETrue); |
|
518 CleanupStack::PushL(appManager); |
|
519 appManager->RemoveL(aUid); |
|
520 CleanupStack::PopAndDestroy(appManager); |
|
521 } |
|
522 |
|
523 |
|
524 void CCertUtils::ConstructL() |
|
525 { |
|
526 iCAFilter = CCertAttributeFilter::NewL(); |
|
527 iCAFilter->SetOwnerType(ECACertificate); |
|
528 iUserFilter = CCertAttributeFilter::NewL(); |
|
529 iUserFilter->SetOwnerType(EUserCertificate); |
|
530 } |
|
531 |
|
532 void CCertUtils::HandleEAddCACertsL() |
|
533 { |
|
534 iIndex++; |
|
535 if (iIndex < iRoots->Count()) |
|
536 { |
|
537 // We still have some certificates to add |
|
538 if (iCertData) |
|
539 { |
|
540 delete iCertData; |
|
541 iCertData = 0; |
|
542 } |
|
543 iCertData = iRoots->MdcaPoint(iIndex).AllocL(); |
|
544 if (iLabelData) |
|
545 { |
|
546 delete iLabelData; |
|
547 iLabelData = 0; |
|
548 } |
|
549 iLabelData = iLabels->MdcaPoint(iIndex).AllocL(); |
|
550 iSecondCertUtils->AddCert(*iLabelData, iFormat, ECACertificate, |
|
551 iTrustedUsage, *iPath, *iCertData, *iUnifiedCertStore, iStatus); |
|
552 SetActive(); |
|
553 } |
|
554 else |
|
555 { |
|
556 // We have finished adding all the certificates |
|
557 delete iSecondCertUtils; |
|
558 iSecondCertUtils = 0; |
|
559 delete iCreatedUnifiedCertStore; |
|
560 iCreatedUnifiedCertStore = 0; |
|
561 User::RequestComplete(iOriginalRequestStatus, KErrNone); |
|
562 } |
|
563 } |
|
564 |
|
565 void CCertUtils::HandleEAddCACertL() |
|
566 { |
|
567 // At this stage we should always have an initialized iStoreManager |
|
568 __ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1)); |
|
569 |
|
570 // We use the first writable certstore |
|
571 iStore = &iUnifiedCertStore->WritableCertStore(0); |
|
572 |
|
573 __ASSERT_DEBUG(!iCertificate, User::Panic(_L("TCertUtils"), 1)); |
|
574 iCertificate = 0; |
|
575 TRAPD(err, iCertificate = |
|
576 CCertUtils::CertFromFileL(*iCertificateFileName, *iPath, iFs, iFormat)); |
|
577 if (err != KErrNone) |
|
578 { |
|
579 if (err != KErrNoMemory) |
|
580 { |
|
581 iDiagnosticMessage.Zero(); |
|
582 iDiagnosticMessage.Append(_L("CertFromFileL failed (")); |
|
583 iDiagnosticMessage.Append(*iCertificateFileName); |
|
584 iDiagnosticMessage.Append(_L(")")); |
|
585 } |
|
586 User::Leave(err); |
|
587 } |
|
588 iEncoding.Set(iCertificate->Encoding()); |
|
589 iStore->Add(*iLabel, iFormat, iCertificateOwnerType, 0, 0, iEncoding, iStatus); |
|
590 iState = EAddCACertGetCAEntry; |
|
591 SetActive(); |
|
592 } |
|
593 |
|
594 void CCertUtils::HandleEAddCACertGetCAEntry() |
|
595 { |
|
596 delete iCertificate; |
|
597 iCertificate = 0; |
|
598 iCACertStoreEntries.Close(); |
|
599 iUnifiedCertStore->List(iCACertStoreEntries, *iCAFilter, iStatus); |
|
600 iState = EAddCACertSetApplications; |
|
601 SetActive(); |
|
602 } |
|
603 |
|
604 void CCertUtils::HandleEAddCACertSetApplicationsL() |
|
605 { |
|
606 CCTCertInfo* entry = 0; |
|
607 TInt iEnd = iCACertStoreEntries.Count(); |
|
608 for (TInt i = 0; i < iEnd; i++) |
|
609 { |
|
610 if (iCACertStoreEntries[i]->Label() == *iLabel) |
|
611 { |
|
612 entry = iCACertStoreEntries[i]; |
|
613 } |
|
614 } |
|
615 |
|
616 __ASSERT_ALWAYS(entry, User::Panic(_L("TCertUtils"), 1)); |
|
617 |
|
618 iTrusters.Reset(); |
|
619 TUid truster = { iTrustedUsage }; |
|
620 User::LeaveIfError(iTrusters.Append(truster)); |
|
621 |
|
622 iUnifiedCertStore->SetApplicability(*entry, iTrusters, iStatus); |
|
623 iState = EAddCACertSetTrust; |
|
624 SetActive(); |
|
625 } |
|
626 |
|
627 void CCertUtils::HandleEAddCACertSetTrust() |
|
628 { |
|
629 CCTCertInfo* entry = 0; |
|
630 TInt iEnd = iCACertStoreEntries.Count(); |
|
631 for (TInt i = 0; i < iEnd; i++) |
|
632 { |
|
633 if (iCACertStoreEntries[i]->Label() == *iLabel) |
|
634 { |
|
635 entry = iCACertStoreEntries[i]; |
|
636 } |
|
637 } |
|
638 |
|
639 __ASSERT_ALWAYS(entry, User::Panic(_L("TCertUtils"), 1)); |
|
640 |
|
641 iUnifiedCertStore->SetTrust(*entry, ETrue, iStatus); |
|
642 iState = EAddCACertFinished; |
|
643 SetActive(); |
|
644 } |
|
645 |
|
646 void CCertUtils::HandleEAddCACertFinishedL() |
|
647 { |
|
648 User::RequestComplete(iOriginalRequestStatus, iStatus.Int()); |
|
649 } |
|
650 |
|
651 void CCertUtils::HandleERemoveCertsGetCACerts() |
|
652 { |
|
653 // At this stage we should always have an initialized iStoreManager |
|
654 __ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1)); |
|
655 |
|
656 iCACertStoreEntries.Close(); |
|
657 iUnifiedCertStore->List(iCACertStoreEntries, *iCAFilter, iStatus); |
|
658 |
|
659 iState = ERemoveCertsCACertsRetrieved; |
|
660 SetActive(); |
|
661 } |
|
662 |
|
663 void CCertUtils::HandleERemoveCertsCACertsRetrieved() |
|
664 { |
|
665 // This index will be used to keep track of the current entry |
|
666 iIndex = -1; |
|
667 |
|
668 iState = ERemoveCertsRemoveCACerts; |
|
669 TRequestStatus* status = &iStatus; |
|
670 SetActive(); |
|
671 User::RequestComplete(status, KErrNone); |
|
672 } |
|
673 |
|
674 void CCertUtils::HandleERemoveCertsRemoveCACerts() |
|
675 { |
|
676 iIndex++; |
|
677 if (iIndex < iCACertStoreEntries.Count()) |
|
678 { |
|
679 // Remove this certificate if it can be deleted. |
|
680 |
|
681 CCTCertInfo& cert = *iCACertStoreEntries[iIndex]; |
|
682 |
|
683 // Unfortunately, certs in non-writable stores can still be |
|
684 // marked as deletable, so need to check if cert is also in a |
|
685 // writable store. |
|
686 |
|
687 TBool isDeletable = cert.IsDeletable(); |
|
688 |
|
689 TBool inWritableStore = EFalse; |
|
690 |
|
691 TCTTokenObjectHandle certHandle(cert.Handle()); |
|
692 TInt writeStoreCount = iUnifiedCertStore->WritableCertStoreCount(); |
|
693 for (TInt i = 0; i < writeStoreCount; ++i) |
|
694 { |
|
695 MCTWritableCertStore& wcs = iUnifiedCertStore->WritableCertStore(i); |
|
696 if (wcs.Token().Handle() == certHandle.iTokenHandle) |
|
697 { |
|
698 inWritableStore = ETrue; |
|
699 break; |
|
700 } |
|
701 } |
|
702 |
|
703 if (isDeletable && inWritableStore) |
|
704 { |
|
705 iUnifiedCertStore->Remove(cert, iStatus); |
|
706 SetActive(); |
|
707 } |
|
708 else |
|
709 { |
|
710 TRequestStatus* status = &iStatus; |
|
711 SetActive(); |
|
712 User::RequestComplete(status, KErrNone); |
|
713 } |
|
714 } |
|
715 else |
|
716 { |
|
717 iState = ERemoveCertsGetUserCerts; |
|
718 TRequestStatus* status = &iStatus; |
|
719 SetActive(); |
|
720 User::RequestComplete(status, KErrNone); |
|
721 } |
|
722 } |
|
723 |
|
724 void CCertUtils::HandleERemoveCertsGetUserCerts() |
|
725 { |
|
726 // At this stage we should always have an initialized iStoreManager |
|
727 __ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1)); |
|
728 |
|
729 iUserCertStoreEntries.Close(); |
|
730 iUnifiedCertStore->List(iUserCertStoreEntries, *iUserFilter, iStatus); |
|
731 |
|
732 iState = ERemoveCertsUserCertsRetrieved; |
|
733 SetActive(); |
|
734 } |
|
735 |
|
736 void CCertUtils::HandleERemoveCertsUserCertsRetrieved() |
|
737 { |
|
738 iIndex = -1; |
|
739 |
|
740 iState = ERemoveCertsRemoveUserCerts; |
|
741 TRequestStatus* status = &iStatus; |
|
742 SetActive(); |
|
743 User::RequestComplete(status, KErrNone); |
|
744 } |
|
745 |
|
746 void CCertUtils::HandleERemoveCertsRemoveUserCerts() |
|
747 { |
|
748 // At this stage we should always have an initialized iStoreManager |
|
749 __ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1)); |
|
750 |
|
751 iIndex++; |
|
752 if (iIndex < iUserCertStoreEntries.Count()) |
|
753 { |
|
754 iUnifiedCertStore->Remove(*iUserCertStoreEntries[iIndex], iStatus); |
|
755 SetActive(); |
|
756 } |
|
757 else |
|
758 { |
|
759 iState = ERemoveCertsFinished; |
|
760 TRequestStatus* status = &iStatus; |
|
761 SetActive(); |
|
762 User::RequestComplete(status, KErrNone); |
|
763 } |
|
764 } |
|
765 |
|
766 void CCertUtils::HandleERemoveCertsFinished() |
|
767 { |
|
768 User::RequestComplete(iOriginalRequestStatus, KErrNone); |
|
769 } |