--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/cryptomgmtlibs/cryptotokenfw/inc_interfaces/mctwritablecertstore_v2.h Wed Jul 08 11:25:26 2009 +0100
@@ -0,0 +1,215 @@
+/*
+* Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* MCTWritableCertStore.h (v.2)
+*
+*/
+
+
+
+
+/**
+ @file
+ @publishedPartner
+ @released
+*/
+
+#ifndef __MCTWRITABLECERTSTORE_H__
+#define __MCTWRITABLECERTSTORE_H__
+
+#include <mctcertstore.h>
+
+/**
+ * The UID of writeable certificate store interfaces.
+ *
+ * A token that supports this interface should also support the read-only certificate
+ * store interface.
+ */
+const TInt KInterfaceWritableCertStore = 0x102020FB; // new version, since 9.0
+
+/**
+ * Defines the interface for a writeable certificate store token.
+ *
+ * This extends the read-only certificate store API in MCTCertStore by adding
+ * functions to add and delete certificates, and to set their applicability and
+ * trust settings.
+ *
+ * This documentation describes the security policy that must be enforced by
+ * implementations of the interface.
+ *
+ * @publishedPartner
+ * @released
+ */
+class MCTWritableCertStore : public MCTCertStore
+ {
+public:
+ /**
+ * Adding a certificate
+ */
+
+ /**
+ * Adds a certificate to the store.
+ *
+ * This is an asynchronous request.
+ *
+ * @param aLabel The label of the certificate to add.
+ * @param aFormat The format of the certificate.
+ * @param aCertificateOwnerType The owner type.
+ * @param aSubjectKeyId The Subject key ID.
+ * @param aIssuerKeyId The issuer key ID.
+ * @param aCert The certificate to be added.
+ * @param aStatus The request status object; contains the result of the Add()
+ * request when complete. Set to KErrCancel, if an outstanding
+ * request is cancelled.
+ *
+ * @capability WriteUserData This requires the WriteUserData capability when
+ * applied to user certificates.
+ * @capability WriteDeviceData This requires the WriteDeviceData capability
+ * when applied to CA certificates.
+ * @leave KErrPermissionDenied If the caller doesn't have the required capabilities.
+ */
+ virtual void Add(const TDesC& aLabel, TCertificateFormat aFormat,
+ TCertificateOwnerType aCertificateOwnerType,
+ const TKeyIdentifier* aSubjectKeyId,
+ const TKeyIdentifier* aIssuerKeyId,
+ const TDesC8& aCert, TRequestStatus& aStatus) = 0;
+
+ /** Cancels an ongoing Add() operation. */
+ virtual void CancelAdd() = 0;
+
+ /**
+ * Removing Certificates
+ */
+
+ /**
+ * Removes a certificate.
+ *
+ * @param aCertInfo The certificate to be removed.
+ * @param aStatus The request status object; contains the result of the Remove()
+ * request when complete. Set to KErrCancel, if an outstanding request is cancelled.
+ *
+ * @capability WriteUserData This requires the WriteUserData capability when
+ * applied to user certificates.
+ * @capability WriteDeviceData This requires the WriteDeviceData capability
+ * when applied to CA certificates.
+ * @leave KErrPermissionDenied If the caller doesn't have the required capabilities.
+ */
+ virtual void Remove(const CCTCertInfo& aCertInfo, TRequestStatus& aStatus) = 0;
+
+ /** Cancels an ongoing Remove() operation. */
+ virtual void CancelRemove() = 0;
+
+ /**
+ * Setting applicability
+ */
+
+ /**
+ * Replaces the current applicability settings with the settings in the
+ * supplied array.
+ *
+ * This should only be called for CA certificates - it has no meaning for
+ * user certificates.
+ *
+ * If this function is called by the unified certstore the given application
+ * uids array is guaranteed not to contain duplicates. However, client
+ * applications may bypass the unified certstore and call this function
+ * directly, in that case the array passed might contain duplicates.
+ *
+ * @param aCertInfo The certificate whose applicability should be updated.
+ * @param aApplications The new applicability settings. Ownership of this
+ * remains with the caller, and it must remain valid for the
+ * lifetime of the call.
+ * @param aStatus The request status object; contains the result of the SetApplicability()
+ * request when complete. Set to KErrCancel, if an outstanding request is cancelled.
+ *
+ * @capability WriteDeviceData This requires the WriteDeviceData capability.
+ * @leave KErrPermissionDenied If the caller doesn't have the required capabilities.
+ */
+ virtual void SetApplicability(const CCTCertInfo& aCertInfo,
+ const RArray<TUid>& aApplications, TRequestStatus &aStatus) = 0;
+
+ /** Cancels an ongoing SetApplicability() operation. */
+ virtual void CancelSetApplicability() = 0;
+
+ /**
+ * Changing trust settings
+ */
+
+ /**
+ * Changes the trust settings.
+ *
+ * A CA certificate is trusted if the user is willing to use it for authenticating
+ * servers. It has no meaning with other types of certificates.
+ *
+ * @param aCertInfo The certificate to be updated.
+ * @param aTrusted ETrue, if trusted; EFalse, otherwise.
+ * @param aStatus The request status object; contains the result of the SetTrust()
+ * request when complete. Set to KErrCancel, if an outstanding request is cancelled.
+ *
+ * @capability WriteDeviceData This requires the WriteDeviceData capability.
+ * @leave KErrPermissionDenied If the caller doesn't have the required capabilities.
+ */
+ virtual void SetTrust(const CCTCertInfo& aCertInfo, TBool aTrusted,
+ TRequestStatus& aStatus) = 0;
+
+ /** Cancels an ongoing SetTrust() operation. */
+ virtual void CancelSetTrust() = 0;
+
+ /**
+ * Adding a certificate
+ */
+
+ /**
+ * Same as original Add() method above, but with additional parameter TBool aDeletable.
+ *
+ * @param aLabel The label of the certificate to add.
+ * @param aFormat The format of the certificate.
+ * @param aCertificateOwnerType The owner type.
+ * @param aSubjectKeyId The Subject key ID.
+ * @param aIssuerKeyId The issuer key ID.
+ * @param aCert The certificate to be added.
+ *
+ * @param aDeletable Sets the value for the certificate's deletable flag
+ * = true - means it is permitted to remove the
+ * certificate from certstore
+ * = false - means the certificate is NOT deletable.
+ *
+ * @param aStatus The request status object;
+ * contains the result of the Add() request when complete.
+ * Two of possible error values:
+ * = KErrCancel, if an outstanding request is cancelled;
+ * = KErrNotSupported (-5), if the method is called from a
+ * child class that doesn't support implementation of
+ * the new Add() method.
+ *
+ * @capability WriteUserData This requires the WriteUserData capability when
+ * applied to user certificates.
+ * @capability WriteDeviceData This requires the WriteDeviceData capability
+ * when applied to CA certificates.
+ * @leave KErrPermissionDenied If the caller doesn't have the required capabilities.
+ */
+ virtual void Add(const TDesC& aLabel, TCertificateFormat aFormat,
+ TCertificateOwnerType aCertificateOwnerType,
+ const TKeyIdentifier* aSubjectKeyId,
+ const TKeyIdentifier* aIssuerKeyId,
+ const TDesC8& aCert,
+ const TBool aDeletable,
+ TRequestStatus& aStatus );
+
+ };
+
+
+#include "mctwritablecertstore.inl"
+
+#endif