--- a/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcerts.h Tue Jul 21 01:04:32 2009 +0100
+++ b/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcerts.h Thu Sep 10 14:01:51 2009 +0300
@@ -1,220 +1,218 @@
-/*
-* Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies).
-* All rights reserved.
-* This component and the accompanying materials are made available
-* under the terms of the License "Eclipse Public License v1.0"
-* which accompanies this distribution, and is available
-* at the URL "http://www.eclipse.org/legal/epl-v10.html".
-*
-* Initial Contributors:
-* Nokia Corporation - initial contribution.
-*
-* Contributors:
-*
-* Description:
-*
-*/
-
-
-
-
-/**
- @file
- @internalTechnology
-*/
-
-#ifndef __PKIXCERTS_H__
-#define __PKIXCERTS_H__
-
-//pkixroots.h
-#include <e32std.h>
-#include <x509cert.h>
-#include <x509certext.h>
-#include <mcertstore.h>
-
-/**
- * Base class for classes that help retrieving certificates from stores
- */
-class MPKIXCertSource
- {
-public:
- //copies cert into aCandidates, passes ownership of cert to calling code...
- virtual void CandidatesL(const CX509Certificate& aSubject,
- RPointerArray<CX509Certificate>& aCandidates, TRequestStatus& aStatus) = 0;
- virtual void CancelCandidates() = 0;
- virtual void Release() = 0;
-
-protected:
- virtual ~MPKIXCertSource();
-
-protected:
- /**
- * This function compares the issuer altname in aSubjectCert with the
- * subject altname in aIssuerCert
- * @param aSubjectCert We will compare the issuer altname of this certificate.
- * @param aIssuerCert We will compare the subject altname of this certificate.
- * @return
- * <UL>
- * <LI>ETrue if the issuer altname in aSubjectCert matches the subject altname in
- * aIssuerCert</LI>
- * <LI>EFalse otherwise</LI>
- * </UL>
- */
- TBool AltNameMatchL(const CX509Certificate& aSubjectCert, const CX509Certificate& aIssuerCert) const;
- };
-
-/**
- * This class is used to retrieve the certificates from a store
- * It doesn't work with client base trust.
- */
-class CPKIXCertsFromStore : public CActive, public MPKIXCertSource
- {
-public:
- /**
- * Constructs a new CPKIXCertsFromStore instance and adds it to the active scheduler
- * Initialize must be called after this function
- * @param aStore Reference to the cert store. The store is created with the default
- * filter intialized to retrieve certificate of CA type and of X509 format.
- * @return Initialized instance of this class.
- */
- static CPKIXCertsFromStore* NewL(MCertStore& aCertStore);
- static CPKIXCertsFromStore* NewLC(MCertStore& aCertStore);
-
- /**
- * Constructs a new CPKIXCertsFromStore instance and adds it to the active scheduler
- * Initialize must be called after this function
- * @param aStore Reference to the cert store. The store is created with the default
- * filter intialized to retrieve certificate of CA type and of X509 format.
- * @param aClient The UID for which the certificates are to be retrieved from the
- * cert store, This UID is also passed to the filter for retrieving the certificates
- * specific to this client UID.
- * @return Initialized instance of this class.
- */
-
- static CPKIXCertsFromStore* NewL(MCertStore& aCertStore, TUid aClient);
- static CPKIXCertsFromStore* NewLC(MCertStore& aCertStore, TUid aClient);
- /**
- * This function does the actual listing of certificates based on the filter created.
- * It must be called after construction.
- * @param aStatus Standard parameter for asynchronous calling convention.
- */
- void Initialize(TRequestStatus& aStatus);
- /**
- * This function returns a list of CA certificates that authenticate the
- * aSubject certificate.
- * @param aCandidates On return, this array contains the list of CA certificates
- * that can possibly be used to authenticate aSubject. The array owns the elements
- * and must take care of deleting them.
- */
- virtual void CandidatesL(const CX509Certificate& aSubject,
- RPointerArray<CX509Certificate>& aCandidates, TRequestStatus& aStatus);
- virtual void CancelCandidates();
- virtual void Release();
- virtual ~CPKIXCertsFromStore();
-
-private:
- CPKIXCertsFromStore(MCertStore& aCertStore);
- CPKIXCertsFromStore(MCertStore& aCertStore, TUid aClient);
- void ConstructL();
- void ConstructL(TUid aClient);
-
-public:
- void RunL();
- TInt RunError(TInt aError);
- void DoCancel();
-
-private:
- void HandleEGetCertificateL();
- void HandleEAddCandidateL();
- void HandleECheckTrusted();
-
- TBool IsDuplicateL(const CX509Certificate& aCertificate);
-
-private:
- enum TState
- {
- EIdle = 0,
- EInitialize,
- ECheckTrusted,
- EGetCertificate,
- EAddCandidate,
- EEnd
- };
-
-private:
- /**
- * The state used to know what must be done when executing
- * RunL().
- */
- TState iState;
-
- /**
- * The TRequestStatus that must be updated when the operation
- * requested by a user of this class has been
- * completed
- */
- TRequestStatus *iOriginalRequestStatus;
-
- TUid iClient;
-
- CCertAttributeFilter *iFilter;
-
- /**
- * iRootName is used for CandidateL
- */
- const CX500DistinguishedName* iRootName;
-
- /**
- * We don't own this
- */
- const CX509Certificate* iSubject;
-
- /**
- * We don't own this
- */
- RPointerArray<CX509Certificate>* iCandidates;
-
- /**
- * iCertData is used for CandidateL
- */
- HBufC8* iCertData;
-
- TPtr8* iCertPtr;
-
- /**
- * iEntriesIndex is used for CandidateL
- */
- TInt iEntriesIndex;
-
- /**
- * Applies to certificate at iEntriesIndex - reflects trust setting
- */
- TBool iIsTrusted;
-
- /**
- * Used when listing certificates (filtered but not on trust).
- */
- RMPointerArray<CCTCertInfo> iCertInfos;
-
- MCertStore& iCertStore;
- };
-
-class CPKIXCertsFromClient : public MPKIXCertSource
- {
-public:
- static CPKIXCertsFromClient* NewL(const RPointerArray<CX509Certificate>& aCerts);
- static CPKIXCertsFromClient* NewLC(const RPointerArray<CX509Certificate>& aCerts);
- virtual void CandidatesL(const CX509Certificate& aSubject,
- RPointerArray<CX509Certificate>& aCandidates, TRequestStatus& aStatus);
- virtual void CancelCandidates();
- virtual void Release();
- virtual ~CPKIXCertsFromClient();
-
-private:
- CPKIXCertsFromClient(const RPointerArray<CX509Certificate>& aCerts);
-
-private:
- const RPointerArray<CX509Certificate>& iCerts;
- };
-
-#endif
+/*
+* Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+
+
+/**
+ @file
+ @internalTechnology
+*/
+
+#ifndef __PKIXCERTS_H__
+#define __PKIXCERTS_H__
+
+//pkixroots.h
+#include <e32std.h>
+#include <x509cert.h>
+#include <x509certext.h>
+#include <mcertstore.h>
+
+/**
+ * Base class for classes that help retrieving certificates from stores
+ */
+class MPKIXCertSource
+ {
+public:
+ //copies cert into aCandidates, passes ownership of cert to calling code...
+ virtual void CandidatesL(const CX509Certificate& aSubject,
+ RPointerArray<CX509Certificate>& aCandidates, TRequestStatus& aStatus) = 0;
+ virtual void CancelCandidates() = 0;
+ virtual void Release() = 0;
+
+protected:
+ virtual ~MPKIXCertSource();
+
+protected:
+ /**
+ * This function compares the issuer altname in aSubjectCert with the
+ * subject altname in aIssuerCert
+ * @param aSubjectCert We will compare the issuer altname of this certificate.
+ * @param aIssuerCert We will compare the subject altname of this certificate.
+ * @return
+ * <UL>
+ * <LI>ETrue if the issuer altname in aSubjectCert matches the subject altname in
+ * aIssuerCert</LI>
+ * <LI>EFalse otherwise</LI>
+ * </UL>
+ */
+ TBool AltNameMatchL(const CX509Certificate& aSubjectCert, const CX509Certificate& aIssuerCert) const;
+ };
+
+/**
+ * This class is used to retrieve the certificates from a store
+ * It doesn't work with client base trust.
+ */
+class CPKIXCertsFromStore : public CActive, public MPKIXCertSource
+ {
+public:
+ /**
+ * Constructs a new CPKIXCertsFromStore instance and adds it to the active scheduler
+ * Initialize must be called after this function
+ * @param aStore Reference to the cert store. The store is created with the default
+ * filter intialized to retrieve certificate of CA type and of X509 format.
+ * @return Initialized instance of this class.
+ */
+ static CPKIXCertsFromStore* NewL(MCertStore& aCertStore);
+ static CPKIXCertsFromStore* NewLC(MCertStore& aCertStore);
+
+ /**
+ * Constructs a new CPKIXCertsFromStore instance and adds it to the active scheduler
+ * Initialize must be called after this function
+ * @param aStore Reference to the cert store. The store is created with the default
+ * filter intialized to retrieve certificate of CA type and of X509 format.
+ * @param aClient The UID for which the certificates are to be retrieved from the
+ * cert store, This UID is also passed to the filter for retrieving the certificates
+ * specific to this client UID.
+ * @return Initialized instance of this class.
+ */
+
+ static CPKIXCertsFromStore* NewL(MCertStore& aCertStore, TUid aClient);
+ static CPKIXCertsFromStore* NewLC(MCertStore& aCertStore, TUid aClient);
+ /**
+ * This function does the actual listing of certificates based on the filter created.
+ * It must be called after construction.
+ * @param aStatus Standard parameter for asynchronous calling convention.
+ */
+ void Initialize(TRequestStatus& aStatus);
+ /**
+ * This function returns a list of CA certificates that authenticate the
+ * aSubject certificate.
+ * @param aCandidates On return, this array contains the list of CA certificates
+ * that can possibly be used to authenticate aSubject. The array owns the elements
+ * and must take care of deleting them.
+ */
+ virtual void CandidatesL(const CX509Certificate& aSubject,
+ RPointerArray<CX509Certificate>& aCandidates, TRequestStatus& aStatus);
+ virtual void CancelCandidates();
+ virtual void Release();
+ virtual ~CPKIXCertsFromStore();
+
+private:
+ CPKIXCertsFromStore(MCertStore& aCertStore);
+ CPKIXCertsFromStore(MCertStore& aCertStore, TUid aClient);
+ void ConstructL();
+ void ConstructL(TUid aClient);
+
+public:
+ void RunL();
+ TInt RunError(TInt aError);
+ void DoCancel();
+
+private:
+ void HandleEGetCertificateL();
+ void HandleEAddCandidateL();
+ void HandleECheckTrusted();
+
+ TBool IsDuplicateL(const CX509Certificate& aCertificate);
+
+private:
+ enum TState
+ {
+ EIdle = 0,
+ EInitialize,
+ ECheckTrusted,
+ EGetCertificate,
+ EAddCandidate,
+ EEnd
+ };
+
+private:
+ /**
+ * The state used to know what must be done when executing
+ * RunL().
+ */
+ TState iState;
+
+ /**
+ * The TRequestStatus that must be updated when the operation
+ * requested by a user of this class has been
+ * completed
+ */
+ TRequestStatus *iOriginalRequestStatus;
+
+ TUid iClient;
+
+ CCertAttributeFilter *iFilter;
+
+ /**
+ * iRootName is used for CandidateL
+ */
+ const CX500DistinguishedName* iRootName;
+
+ /**
+ * We don't own this
+ */
+ const CX509Certificate* iSubject;
+
+ /**
+ * We don't own this
+ */
+ RPointerArray<CX509Certificate>* iCandidates;
+
+ /**
+ * iCertData is used for CandidateL
+ */
+ HBufC8* iCertData;
+
+ TPtr8* iCertPtr;
+
+ /**
+ * iEntriesIndex is used for CandidateL
+ */
+ TInt iEntriesIndex;
+
+ /**
+ * Applies to certificate at iEntriesIndex - reflects trust setting
+ */
+ TBool iIsTrusted;
+
+ /**
+ * Used when listing certificates (filtered but not on trust).
+ */
+ RMPointerArray<CCTCertInfo> iCertInfos;
+
+ MCertStore& iCertStore;
+ };
+
+class CPKIXCertsFromClient : public MPKIXCertSource
+ {
+public:
+ static CPKIXCertsFromClient* NewL(const RPointerArray<CX509Certificate>& aCerts);
+ static CPKIXCertsFromClient* NewLC(const RPointerArray<CX509Certificate>& aCerts);
+ virtual void CandidatesL(const CX509Certificate& aSubject,
+ RPointerArray<CX509Certificate>& aCandidates, TRequestStatus& aStatus);
+ virtual void CancelCandidates();
+ virtual void Release();
+ virtual ~CPKIXCertsFromClient();
+
+private:
+ CPKIXCertsFromClient(const RPointerArray<CX509Certificate>& aCerts);
+
+private:
+ const RPointerArray<CX509Certificate>& iCerts;
+ };
+
+#endif