/*
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
* All rights reserved.
* This component and the accompanying materials are made available
* under the terms of the License "Eclipse Public License v1.0"
* which accompanies this distribution, and is available
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
*
* Initial Contributors:
* Nokia Corporation - initial contribution.
*
* Contributors:
*
* Description:
*
*/
#include "unifiedcertstore.h"
#include "unifiedcertstoreworkingvars.h"
#include "CCheckedCertStore.h"
#include <certificateapps.h>
#include <x509cert.h>
#include <wtlscert.h>
#include <hash.h>
#include <ecom/ecom.h>
_LIT(KUCSPanic, "CUnifiedCertStore");
#define assert(x) __ASSERT_ALWAYS((x), User::Panic(KUCSPanic, 1));
/////////////////////////////////////////////////////////////////////////////////////
//CUnifiedCertStore
/////////////////////////////////////////////////////////////////////////////////////
EXPORT_C CUnifiedCertStore* CUnifiedCertStore::NewL(RFs& aFs, TBool aOpenForWrite)
{
CUnifiedCertStore* self = CUnifiedCertStore::NewLC(aFs, aOpenForWrite);
CleanupStack::Pop(self);
return self;
}
EXPORT_C CUnifiedCertStore* CUnifiedCertStore::NewLC(RFs& aFs, TBool aOpenForWrite)
{
CUnifiedCertStore* self = new(ELeave) CUnifiedCertStore(aFs, aOpenForWrite);
CleanupStack::PushL(self);
RArray<TInt> orderingFilter;
self->ConstructL(orderingFilter);
return self;
}
EXPORT_C CUnifiedCertStore::~CUnifiedCertStore()
{
Cancel();
assert(!iWorkingVars);
TInt end = iReadOnlyCertStores.Count();
TInt i;
for (i = 0; i < end; i++)
{
iReadOnlyCertStores[i]->Release();
}
iReadOnlyCertStores.Close();
end = iWritableCertStores.Count();
for (i = 0; i < end; i++)
{
iWritableCertStores[i]->Release();
}
iWritableCertStores.Close();
// The elements are already released by the two loops above
iCertStores.Close();
// release resources allocated to order attributes list
iOrderAttributes.Close();
DestroyTemporaryMembers();
iHardwareTypeUids.Close();
REComSession::FinalClose();
}
EXPORT_C void CUnifiedCertStore::Initialize(TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, EInitializeGetTokenList);
TRAPD(err, InitializeL());
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::InitializeL()
{
AllocWorkingVarsL();
// We want the list of all token types that support a readable or writable
// certstore interface
RArray<TUid> uidArray;
CleanupClosePushL(uidArray);
User::LeaveIfError(uidArray.Append(TUid::Uid(KInterfaceWritableCertStore)));
TCTFindTokenTypesByInterface filter(uidArray.Array());
CCTTokenTypeInfo::ListL(iWorkingVars->iWritableTokenTypes, filter);
uidArray.Reset();
User::LeaveIfError(uidArray.Append(TUid::Uid(KInterfaceCertStore)));
RCPointerArray<CCTTokenTypeInfo> tokenTypes;
CleanupClosePushL(tokenTypes);
TCTFindTokenTypesByInterface filter2(uidArray.Array());
CCTTokenTypeInfo::ListL(tokenTypes, filter2);
// Check whether client specified order list has attributes in it
if(iOrderAttributes.Count() > 0)
{
ApplyOrderingL(tokenTypes);
}
// Make a note of all hardware token types
TInt i = 0;
TInt end = tokenTypes.Count();
for (; i < end; i++)
{
TCTTokenTypeAttribute software;
software.iUID = KCTSoftware;
TInt find = tokenTypes[i]->Attributes().Find(software);
// In the case (TInt)ETrue == KThirdPartyCertStore == 1
if (find != KErrNotFound && tokenTypes[i]->Attributes()[find].iVal !=
(TInt)ETrue && tokenTypes[i]->Attributes()[find].iVal != KManufactureCertStore)
{
// This is a hardware type. Add its UID to the list.
User::LeaveIfError(iHardwareTypeUids.Append(tokenTypes[i]->Type()));
}
}
i = 0;
while (i < end)
{
TInt j = 0;
TInt jEnd = iWorkingVars->iWritableTokenTypes.Count();
while (j < jEnd)
{
if (iWorkingVars->iWritableTokenTypes[j]->Type() == tokenTypes[i]->Type())
{
break;
}
j++;
}
if (j == jEnd)
{
User::LeaveIfError(iWorkingVars->iReadOnlyTokenTypes.Append(tokenTypes[i]));
tokenTypes.Remove(i);
end--;
}
else
{
i++;
}
}
CleanupStack::PopAndDestroy(2); // uidArray, tokenTypes
iWorkingVars->iIndex = -1;
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
SetActive();
}
EXPORT_C void CUnifiedCertStore::CancelInitialize()
{
if (iState == EInitializeGetTokenList ||
iState == EInitializeGetToken ||
iState == EInitializeGetWritableInterface ||
iState == EInitializeGetReadableInterface ||
iState == EInitializeGetReadableInterfaceFinished ||
iState == EInitializeFinished)
{
Cancel();
}
}
void CUnifiedCertStore::List(RMPointerArray<CCTCertInfo>& aCertInfos,
const CCertAttributeFilter& aFilter,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, EList);
TRAPD(err, ListL(aCertInfos, aFilter));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::ListL(RMPointerArray<CCTCertInfo>& aCertInfos,
const CCertAttributeFilter& aFilter)
{
if (!iIsInitialized)
{
User::Leave(KErrNotReady);
}
AllocWorkingVarsL();
iWorkingVars->iCertInfos = &aCertInfos;
iWorkingVars->iFilter = &aFilter;
iWorkingVars->iCertIndex = aCertInfos.Count();
iIndex = -1;
SetActive();
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
void CUnifiedCertStore::CancelList()
{
if (iState == EList ||
iState == ERetrieveForList)
{
Cancel();
}
}
EXPORT_C void CUnifiedCertStore::List(RMPointerArray<CCTCertInfo>& aCertInfos,
const CCertAttributeFilter& aFilter,
const TDesC8& aIssuer,
TRequestStatus& aStatus)
{
RPointerArray<const TDesC8> array;
if (array.Append(&aIssuer) != KErrNone)
{
TRequestStatus* status = &aStatus;
User::RequestComplete(status, KErrNoMemory);
}
else
{
List(aCertInfos, aFilter, array, aStatus);
array.Close();
}
}
EXPORT_C void CUnifiedCertStore::List(RMPointerArray<CCTCertInfo>& aCertInfos,
const CCertAttributeFilter& aFilter,
RPointerArray<const TDesC8> aIssuers,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, EList);
TRAPD(err, ListL(aCertInfos, aFilter, aIssuers));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::ListL(RMPointerArray<CCTCertInfo>& aCertInfos,
const CCertAttributeFilter& aFilter,
RPointerArray<const TDesC8> aIssuers)
{
// Obscure special case: If aIssuers has no elements, we should
// return nothing.
if (aIssuers.Count() == 0)
{
Complete(KErrNone);
return;
}
AllocWorkingVarsL();
iWorkingVars->iCertInfos = &aCertInfos;
iWorkingVars->iFilter = &aFilter;
iWorkingVars->iCertIndex = aCertInfos.Count();
TInt count = aIssuers.Count();
for (TInt i = 0 ; i < count ; ++i)
{
User::LeaveIfError(iWorkingVars->iIssuerNames.Append(aIssuers[i]));
}
iIndex = -1;
SetActive();
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
EXPORT_C void CUnifiedCertStore::Retrieve(const CCTCertInfo& aCertInfo,
CCertificate*& aCert,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, ERetrieve);
TRAPD(err, RetrieveL(aCertInfo, aCert));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::RetrieveL(const CCTCertInfo& aCertInfo,
CCertificate*& aCert)
{
FindCertStoreL(aCertInfo.Handle());
if (aCertInfo.CertificateFormat() != EX509Certificate &&
aCertInfo.CertificateFormat() != EWTLSCertificate)
{
User::Leave(KErrNotSupported);
}
AllocWorkingVarsL();
iWorkingVars->iCertDesC = HBufC8::NewMaxL(aCertInfo.Size());
iWorkingVars->iReturnedCert = &aCert;
iWorkingVars->iCertType = aCertInfo.CertificateFormat();
iWorkingVars->iCertDes.Set(iWorkingVars->iCertDesC->Des());
iCurrentCertStore->Retrieve(aCertInfo, iWorkingVars->iCertDes, iStatus);
SetActive();
}
void CUnifiedCertStore::GetCert(CCTCertInfo*& aCertInfo,
const TCTTokenObjectHandle& aHandle,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, EGetCert);
TRAPD(err, GetCertL(aCertInfo, aHandle));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::GetCertL(CCTCertInfo*& aCertInfo,
const TCTTokenObjectHandle& aHandle)
{
FindCertStoreL(aHandle);
iCurrentCertStore->GetCert(aCertInfo, aHandle, iStatus);
SetActive();
}
void CUnifiedCertStore::CancelGetCert()
{
if (iState == EGetCert)
{
Cancel();
}
}
void CUnifiedCertStore::Applications(const CCTCertInfo& aCertInfo,
RArray<TUid>& aApplications,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, EApplications);
TRAPD(err, ApplicationsL(aCertInfo, aApplications));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::ApplicationsL(const CCTCertInfo& aCertInfo,
RArray<TUid>& aApplications)
{
FindCertStoreL(aCertInfo.Handle());
iCurrentCertStore->Applications(aCertInfo, aApplications, iStatus);
SetActive();
}
void CUnifiedCertStore::CancelApplications()
{
if (iState == EApplications)
{
Cancel();
}
}
void CUnifiedCertStore::IsApplicable(const CCTCertInfo& aCertInfo,
TUid aApplication,
TBool& aIsApplicable,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, EIsApplicable);
TRAPD(err, IsApplicableL(aCertInfo, aApplication, aIsApplicable));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::IsApplicableL(const CCTCertInfo& aCertInfo,
TUid aApplication,
TBool& aIsApplicable)
{
FindCertStoreL(aCertInfo.Handle());
iCurrentCertStore->IsApplicable(aCertInfo, aApplication, aIsApplicable, iStatus);
SetActive();
}
void CUnifiedCertStore::CancelIsApplicable()
{
if (iState == EIsApplicable)
{
Cancel();
}
}
void CUnifiedCertStore::Trusted(const CCTCertInfo& aCertInfo,
TBool& aTrusted,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, ETrusted);
TRAPD(err, TrustedL(aCertInfo, aTrusted));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::TrustedL(const CCTCertInfo& aCertInfo,
TBool& aTrusted)
{
FindCertStoreL(aCertInfo.Handle());
iCurrentCertStore->Trusted(aCertInfo, aTrusted, iStatus);
SetActive();
}
void CUnifiedCertStore::CancelTrusted()
{
if (iState == ETrusted)
{
Cancel();
}
}
void CUnifiedCertStore::Retrieve(const CCTCertInfo& aCertInfo,
TDes8& aEncodedCert,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, ERetrieveData);
TRAPD(err, RetrieveDataL(aCertInfo, aEncodedCert));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::RetrieveDataL(const CCTCertInfo& aCertInfo,
TDes8& aEncodedCert)
{
FindCertStoreL(aCertInfo.Handle());
iCurrentCertStore->Retrieve(aCertInfo, aEncodedCert, iStatus);
SetActive();
}
void CUnifiedCertStore::CancelRetrieve()
{
if (iState == ERetrieveData)
{
Cancel();
}
}
EXPORT_C void CUnifiedCertStore::Remove(const CCTCertInfo& aCertInfo,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, ERemove);
TRAPD(err, RemoveL(aCertInfo));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::RemoveL(const CCTCertInfo& aCertInfo)
{
FindWritableCertStoreL(aCertInfo.Handle());
iCurrentWritableCertStore->Remove(aCertInfo, iStatus);
SetActive();
}
EXPORT_C void CUnifiedCertStore::CancelRemove()
{
if (iState == ERemove)
{
Cancel();
}
}
EXPORT_C void CUnifiedCertStore::SetApplicability(const CCTCertInfo& aCertInfo,
const RArray<TUid>& aApplications,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, ESetApplicability);
TRAPD(err, SetApplicabilityL(aCertInfo, aApplications));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::SetApplicabilityL(const CCTCertInfo& aCertInfo,
const RArray<TUid>& aApplications)
{
FindWritableCertStoreL(aCertInfo.Handle());
// Search for duplicates in the array of application
// complete with KErrArgument if there are any duplicates
if(aApplications.Count() > 1)
{
TInt i=0, j=1;
for(i=0; i<aApplications.Count()-1; i++ )
{
for(j=i+1; j<aApplications.Count(); j++)
{
if(aApplications[i] == aApplications[j])
{
User::Leave(KErrArgument);
}
}
}
}
// Check requested applications actaully exist
CCertificateAppInfoManager* appInfoManager = CCertificateAppInfoManager::NewLC(iFs, EFalse);
const RArray<TCertificateAppInfo>& applications = appInfoManager->Applications();
for (TInt i = 0 ; i < aApplications.Count() ; ++i)
{
TInt j = 0;
for ( ; j < applications.Count() ; ++j)
{
if (aApplications[i] == applications[j].Id())
{
break;
}
}
if (j == applications.Count())
{
User::Leave(KErrArgument);
}
}
CleanupStack::PopAndDestroy(appInfoManager);
iCurrentWritableCertStore->SetApplicability(aCertInfo, aApplications, iStatus);
SetActive();
}
EXPORT_C void CUnifiedCertStore::CancelSetApplicability()
{
if (iState == ESetApplicability)
{
Cancel();
}
}
EXPORT_C void CUnifiedCertStore::SetTrust(const CCTCertInfo& aCertInfo,
TBool aTrusted,
TRequestStatus& aStatus)
{
BeginAsyncOp(aStatus, ESetTrust);
TRAPD(err, SetTrustL(aCertInfo, aTrusted));
if (err != KErrNone)
{
Complete(err);
}
}
void CUnifiedCertStore::SetTrustL(const CCTCertInfo& aCertInfo, TBool aTrusted)
{
FindWritableCertStoreL(aCertInfo.Handle());
iCurrentWritableCertStore->SetTrust(aCertInfo, aTrusted, iStatus);
SetActive();
}
EXPORT_C void CUnifiedCertStore::CancelSetTrust()
{
if (iState == ESetTrust)
{
Cancel();
}
}
/**
* Get the certstore containing a given certificate.
*
* Returns the certstore containing the cert referenced in certinfo or NULL if
* not found.
*/
MCTCertStore* CUnifiedCertStore::GetCertStore(const TCTTokenObjectHandle& aHandle)
{
TInt count = iCertStores.Count();
for (TInt i = 0; i < count; i++)
{
MCTCertStore* certstore = iCertStores[i];
MCTToken& token = certstore->Token();
if (token.Handle() == aHandle.iTokenHandle)
{
return certstore;
}
}
return NULL;
}
/**
* Set iCurrentCertStore to the certstore containing a given certificate, or
* leave if it could not be found. The handle is the handle of the *certinfo*,
* *NOT* the token.
*/
void CUnifiedCertStore::FindCertStoreL(const TCTTokenObjectHandle& aHandle)
{
assert(!iCurrentCertStore);
assert(!iCurrentWritableCertStore);
if (!iIsInitialized)
{
User::Leave(KErrNotReady);
}
iCurrentCertStore = GetCertStore(aHandle);
if (!iCurrentCertStore)
{
User::Leave(KErrNotFound);
}
}
/**
* Set iCurrentWritableCertStore to the writable certstore containing a given
* certificate, or leave if it could not be found. The handle is the handle of
* the *certinfo*, *NOT* the token.
*/
void CUnifiedCertStore::FindWritableCertStoreL(const TCTTokenObjectHandle& aHandle)
{
assert(!iCurrentCertStore);
assert(!iCurrentWritableCertStore);
if (!iIsInitialized)
{
User::Leave(KErrNotReady);
}
if (!iOpenedForWrite)
{
User::Leave(KErrAccessDenied);
}
iCurrentWritableCertStore = NULL;
TInt count = iWritableCertStores.Count();
for (TInt i = 0; i < count; i++)
{
MCTWritableCertStore* certstore = iWritableCertStores[i];
MCTToken& token = certstore->Token();
if (token.Handle() == aHandle.iTokenHandle)
{
iCurrentWritableCertStore = certstore;
break;
}
}
if (!iCurrentWritableCertStore)
{
User::Leave(KErrNotFound);
}
}
EXPORT_C TInt CUnifiedCertStore::CertStoreCount() const
{
return iCertStores.Count();
}
EXPORT_C MCTCertStore& CUnifiedCertStore::CertStore(TInt aIndex)
{
assert(aIndex < iCertStores.Count());
return *iCertStores[aIndex];
}
EXPORT_C TInt CUnifiedCertStore::WritableCertStoreCount() const
{
return iWritableCertStores.Count();
}
EXPORT_C MCTWritableCertStore& CUnifiedCertStore::WritableCertStore(TInt aIndex)
{
assert(aIndex < iWritableCertStores.Count());
return *iWritableCertStores[aIndex];
}
EXPORT_C TInt CUnifiedCertStore::ReadOnlyCertStoreCount() const
{
return iReadOnlyCertStores.Count();
}
EXPORT_C MCTCertStore& CUnifiedCertStore::ReadOnlyCertStore(TInt aIndex)
{
assert(aIndex < iReadOnlyCertStores.Count());
return *iReadOnlyCertStores[aIndex];
}
CUnifiedCertStore::CUnifiedCertStore(RFs& aFs, TBool aOpenForWrite)
: CActive(EPriorityNormal), iFs(aFs), iOpenedForWrite(aOpenForWrite), iOrderAttributes()
{
CActiveScheduler::Add(this);
assert(IsAdded());
}
void CUnifiedCertStore::ConstructL(RArray<TInt>& aOrderFilter)
{
for (TInt i=0;i<aOrderFilter.Count();i++)
{
User::LeaveIfError(iOrderAttributes.Append(aOrderFilter[i]));
}
}
void CUnifiedCertStore::RunL()
{
if ((iState != EInitializeGetReadableInterface) &&
(iState != EInitializeGetReadableInterfaceFinished) &&
(iState != EInitializeGetToken)) // We don't want to leave if we're in this state
// since we want to enumerate all tokens, see below
{
User::LeaveIfError(iStatus.Int());
}
switch (iState)
{
case EInitializeGetTokenList:
// We need to try to get a list of Tokens for each of the Token Types
iWorkingVars->iIndex++;
TInt end;
if (!iCurrentlyDoingReadOnly)
{
end = iWorkingVars->iWritableTokenTypes.Count();
}
else
{
end = iWorkingVars->iReadOnlyTokenTypes.Count();
}
if (iWorkingVars->iIndex < end)
{
assert(!iTokenType);
TInt createRes = KErrNone;
if (iCurrentlyDoingReadOnly)
{
TRAP(createRes, iTokenType = MCTTokenType::NewL(*iWorkingVars->iReadOnlyTokenTypes[iWorkingVars->iIndex], iFs));
}
else
{
TRAP(createRes, iTokenType = MCTTokenType::NewL(*iWorkingVars->iWritableTokenTypes[iWorkingVars->iIndex], iFs));
}
if (KErrNoMemory==createRes)
{
// Leave if there's no memory, so OOM tests work
User::Leave(createRes);
}
else if (KErrNone!=createRes)
{
// ECOM couldn't load that token type, don't give up, try the next...
TRequestStatus* stat = &iStatus;
User::RequestComplete(stat, KErrNone);
}
else
{
assert(iTokens.Count() == 0);
iTokenType->List(iTokens, iStatus);
iIndexTokens = -1;
iState = EInitializeGetToken;
}
}
else if (!iCurrentlyDoingReadOnly)
{
iCurrentlyDoingReadOnly = ETrue;
iWorkingVars->iIndex = -1;
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
else
{
iState = EInitializeFinished;
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
SetActive();
break;
case EInitializeGetToken:
if (iStatus.Int() == KErrHardwareNotAvailable)
{
// If the hardware corresponding to this
// TokenType has been removed then just skip it
// but DO NOT leave!
++iIndexTokens;
iState = EInitializeGetToken;
TRequestStatus* status = &iStatus;
User::RequestComplete(status,KErrNone);
}
else
{
User::LeaveIfError(iStatus.Int());
// iIndexTokens is initialized at EInitializeGetTokenList
++iIndexTokens;
// We need to try to get a certstore interface (readable or
// writable) for each of the Tokens in iTokens
if (iIndexTokens < iTokens.Count())
{
assert(!iToken);
iTokenType->OpenToken(*iTokens[iIndexTokens], iToken, iStatus);
if ((iOpenedForWrite) && !iCurrentlyDoingReadOnly)
{
iState = EInitializeGetWritableInterface;
}
else
{
iState = EInitializeGetReadableInterface;
}
}
else
{
// We don't need the iTokenType anymore
iTokenType->Release();
iTokenType = 0;
// We don't need the list of Tokens anymore
iTokens.Close();
iState = EInitializeGetTokenList;
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
}
SetActive();
break;
case EInitializeGetWritableInterface:
{
User::LeaveIfError(iStatus.Int());
// First we try to get a writable interface to the store, if
// that doesn't work we will try to get a readable interface
assert(iToken);
assert(!iTokenInterface);
TUid uid = { KInterfaceWritableCertStore };
iToken->GetInterface(uid, iTokenInterface, iStatus);
iState = EInitializeGetReadableInterface;
SetActive();
}
break;
case EInitializeGetReadableInterface:
// We check if we managed to get a writable interface
if (iStatus == KErrNoMemory)
{
User::Leave(KErrNoMemory);
}
if (!iCurrentlyDoingReadOnly && iOpenedForWrite && (iStatus == KErrNone))
{
assert(iTokenInterface);
// Drop the interface into a "writable checking" object
CCheckedCertStore* interf =
CCheckedCertStore::NewCheckedWritableCertStoreL(iTokenInterface, iPSCertstoreChangeProperty);
CleanupReleasePushL(*interf);
iTokenInterface = 0;
User::LeaveIfError(iWritableCertStores.Append(interf));
CleanupStack::Pop();
User::LeaveIfError(iCertStores.Append(interf));
// We don't need the Token anymore
iToken->Release();
iToken = 0;
iState = EInitializeGetToken;
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNone);
}
else
{
// We do the check only if we were not trying to get a Writeable Interface
// before, if we trying to get a writeable interface before, we know that we
// have a valid iToken.
if ((iCurrentlyDoingReadOnly || !iOpenedForWrite) && (iStatus != KErrNone))
{
User::Leave(iStatus.Int());
}
else
{
assert(iToken);
assert(!iTokenInterface);
TUid uid = { KInterfaceCertStore };
iToken->GetInterface(uid, iTokenInterface, iStatus);
iState = EInitializeGetReadableInterfaceFinished;
}
}
SetActive();
break;
case EInitializeGetReadableInterfaceFinished:
{
if (iStatus == KErrNoMemory)
{
User::Leave(KErrNoMemory);
}
if (iStatus == KErrNone)
{
assert(iTokenInterface);
// Drop the interface into a "read only checking" object
CCheckedCertStore* interf =
CCheckedCertStore::NewCheckedCertStoreL(iTokenInterface, iPSCertstoreChangeProperty);
CleanupReleasePushL(*interf);
iTokenInterface = 0;
User::LeaveIfError(iReadOnlyCertStores.Append(interf));
CleanupStack::Pop(interf);
User::LeaveIfError(iCertStores.Append(interf));
}
// We don't need the Token anymore
iToken->Release();
iToken = 0;
iStatus = KErrNone;
iState = EInitializeGetToken;
TRequestStatus* status = &iStatus;
User::RequestComplete(status, iStatus.Int());
SetActive();
}
break;
case EInitializeFinished:
assert(!iTokenType);
assert(!iToken);
assert(!iTokenInterface);
iIsInitialized = ETrue;
Complete(iStatus.Int());
break;
case EList:
// iIndex has been initialized in List
iIndex++;
iCurrentCertStore = NULL;
if (iIndex < iCertStores.Count())
{
iCurrentCertStore = iCertStores[iIndex];
iCurrentCertStore->List(*iWorkingVars->iCertInfos, *iWorkingVars->iFilter, iStatus);
iWorkingVars->iCertIndex = 0;
SetActive();
}
else if (iWorkingVars->iIssuerNames.Count() > 0)
{
// We have an issuer name. We now remove all certs
// that don't match that issuer.
// If this is the first time in here, we need to parse
// and hash all the issuer names.
if (iWorkingVars->iParsedIssuerNames.Count() == 0)
{
CSHA1* sha1 = CSHA1::NewL();
CleanupStack::PushL(sha1);
TInt count = iWorkingVars->iIssuerNames.Count();
for (TInt i = 0; i < count; i++)
{
CX500DistinguishedName* dn =
CX500DistinguishedName::NewLC(*iWorkingVars->
iIssuerNames[i]);
User::LeaveIfError(
iWorkingVars->iParsedIssuerNames.Append(dn));
CleanupStack::Pop(dn);
TPtrC8 hash=sha1->Hash(*iWorkingVars->iIssuerNames[i]);
User::LeaveIfError(
iWorkingVars->iHashedIssuerNames.Append(
hash.AllocLC()));
CleanupStack::Pop();
}
CleanupStack::PopAndDestroy();
}
while (iWorkingVars->iCertIndex <
iWorkingVars->iCertInfos->Count())
{
CCTCertInfo* info =
(*iWorkingVars->iCertInfos)[iWorkingVars->iCertIndex];
TCompareResults res = CompareCertInfoDN(info);
if (res == EYes)
{
// It matches. leave it for the next one.
iWorkingVars->iCertIndex++;
}
else if (res == ENo)
{
// It doesn't match. Remove it and try the next one.
info->Release();
iWorkingVars->iCertInfos->
Remove(iWorkingVars->iCertIndex);
}
else // res == EMaybe
{
// Need to load the cert and properly compare the DNs.
iCurrentCertStore = GetCertStore(info->Handle());
assert(iCurrentCertStore);
iWorkingVars->iCertDesC=HBufC8::NewMaxL(info->Size());
iWorkingVars->iCertType = info->CertificateFormat();
iState = ERetrieveForList;
iWorkingVars->iCertDes.Set(iWorkingVars->iCertDesC->Des());
iCurrentCertStore->Retrieve(*info, iWorkingVars->iCertDes, iStatus);
SetActive();
return;
}
}
Complete(KErrNone);
}
else
{
Complete(KErrNone);
}
break;
case ERetrieve:
{
switch (iWorkingVars->iCertType)
{
case EX509Certificate:
{
TPtr8 theCert(iWorkingVars->iCertDesC->Des());
*(iWorkingVars->iReturnedCert) = CX509Certificate::NewL(theCert);
}
break;
case EWTLSCertificate:
{
TPtr8 theCert(iWorkingVars->iCertDesC->Des());
*(iWorkingVars->iReturnedCert) = CWTLSCertificate::NewL(theCert);
}
break;
default:
assert(EFalse);
break;
}
Complete(KErrNone);
}
break;
case ERetrieveForList:
{
TPtr8 theCert(iWorkingVars->iCertDesC->Des());
CX509Certificate* cert=CX509Certificate::NewLC(theCert);
if (MatchL(cert->IssuerName()))
{
// It matches. leave it for the next one.
iWorkingVars->iCertIndex++;
}
else
{
// It doesn't match. Remove it and try the next one.
(*iWorkingVars->iCertInfos)[iWorkingVars->iCertIndex]->Release();
iWorkingVars->iCertInfos->Remove(iWorkingVars->iCertIndex);
}
CleanupStack::PopAndDestroy(cert);
delete iWorkingVars->iCertDesC;
iWorkingVars->iCertDesC = 0;
iState = EList;
SetActive();
TRequestStatus* status = & iStatus;
User::RequestComplete(status, KErrNone);
break;
}
case ERemove:
case ESetApplicability:
case ESetTrust:
case EGetCert:
case EApplications:
case EIsApplicable:
case ETrusted:
case ERetrieveData:
Complete(KErrNone);
break;
default:
User::Panic(KUCSPanic, 1);
break;
}
}
TInt CUnifiedCertStore::RunError(TInt aError)
{
Complete(aError);
return KErrNone;
}
void CUnifiedCertStore::DoCancel()
{
// If the current state is the last state involved in handling a request, we
// check to see if we have already been completed - in this case we can
// simply complete the client with iStatus (this may be KErrNone). If we
// have not we cancel the outstanding request and pass the resulting iStatus
// back to the client - this too may indicate a successful completion if the
// cancel arrived after the request was executed.
//
// For more complex cases, where there are more states to go through before
// we finish servicing the client request, we cancel any outstanding
// request, and return KErrCancel to the client.
switch (iState)
{
case EInitializeFinished:
case ERetrieve:
case EGetCert:
case EApplications:
case EIsApplicable:
case ETrusted:
case ERetrieveData:
case ERemove:
case ESetApplicability:
case ESetTrust:
if (iStatus == KRequestPending)
{
// Attempt to cancel outstanding request and pass status back to
// client
CancelOutstandingRequest();
Complete(iStatus.Int());
}
else
{
// We've already been completed - call RunL() to process results
// and complete client
TRAPD(err, RunL());
if (err != KErrNone)
{
RunError(err);
}
}
break;
default:
CancelOutstandingRequest();
Complete(KErrCancel);
break;
}
}
void CUnifiedCertStore::CancelOutstandingRequest()
{
switch (iState)
{
case EInitializeGetTokenList:
case EInitializeGetToken:
case EInitializeGetWritableInterface:
case EInitializeGetReadableInterface:
case EInitializeGetReadableInterfaceFinished:
case EInitializeFinished:
// Don't have to cancel initialisation stuff - this happens when we
// release the objects in DestroyTemporaryMembers().
iStatus = KErrCancel;
break;
case EList:
if (iCurrentCertStore)
{
iCurrentCertStore->CancelList();
}
break;
case ERetrieve:
case ERetrieveForList:
case ERetrieveData:
assert(iCurrentCertStore);
iCurrentCertStore->CancelRetrieve();
break;
case EGetCert:
assert(iCurrentCertStore);
iCurrentCertStore->CancelGetCert();
break;
case EApplications:
assert(iCurrentCertStore);
iCurrentCertStore->CancelApplications();
break;
case EIsApplicable:
assert(iCurrentCertStore);
iCurrentCertStore->CancelIsApplicable();
break;
case ETrusted:
assert(iCurrentCertStore);
iCurrentCertStore->CancelTrusted();
break;
case ERemove:
assert(iCurrentWritableCertStore);
iCurrentWritableCertStore->CancelRemove();
break;
case ESetApplicability:
assert(iCurrentWritableCertStore);
iCurrentWritableCertStore->CancelSetApplicability();
break;
case ESetTrust:
assert(iCurrentWritableCertStore);
iCurrentWritableCertStore->CancelSetTrust();
break;
default:
User::Panic(KUCSPanic, 1);
break;
}
}
TBool CUnifiedCertStore::MatchL(const CX500DistinguishedName& aName) const
{
// Return true if the supplied DN is the same as any of the supplied DNs.
TInt count = iWorkingVars->iIssuerNames.Count();
for (TInt i = 0; i < count; i++)
{
if (aName.ExactMatchL(*iWorkingVars->iParsedIssuerNames[i]))
return ETrue;
}
return EFalse;
}
void CUnifiedCertStore::AllocWorkingVarsL()
{
assert(!iWorkingVars);
iWorkingVars = new (ELeave) CUnifiedCertStoreWorkingVars;
}
void CUnifiedCertStore::BeginAsyncOp(TRequestStatus& aStatus, TState aState)
{
assert(iState == EIdle);
assert(!iClientStatus);
iClientStatus = &aStatus;
*iClientStatus = KRequestPending;
iState = aState;
}
void CUnifiedCertStore::Complete(TInt aError)
{
assert(iClientStatus);
User::RequestComplete(iClientStatus, aError);
DestroyTemporaryMembers();
iState = EIdle;
}
void CUnifiedCertStore::DestroyTemporaryMembers()
{
if (!iIsInitialized)
{
TInt end = iReadOnlyCertStores.Count();
TInt i;
for (i = 0; i < end; i++)
{
iReadOnlyCertStores[i]->Release();
}
iReadOnlyCertStores.Close();
end = iWritableCertStores.Count();
for (i = 0; i < end; i++)
{
iWritableCertStores[i]->Release();
}
iWritableCertStores.Close();
// The elements are already released by the two loops above
iCertStores.Close();
}
if (iTokenType)
{
iTokenType->Release();
iTokenType = 0;
}
if (iToken)
{
iToken->Release();
iToken = 0;
}
if (iTokenInterface)
{
iTokenInterface->Release();
iTokenInterface = 0;
}
iTokens.Close();
delete iWorkingVars;
iWorkingVars = 0;
iCurrentCertStore = NULL;
iCurrentWritableCertStore = NULL;
}
CUnifiedCertStore::TCompareResults
CUnifiedCertStore::CompareCertInfoDN(const CCTCertInfo* aCertInfo)
{
if (aCertInfo->IssuerHash() &&
(aCertInfo->CertificateFormat() == EX509CertificateUrl ||
iHardwareTypeUids.Find(aCertInfo->Token().TokenType().Type()) !=
KErrNotFound))
{
TInt count = iWorkingVars->iHashedIssuerNames.Count();
for (TInt i = 0; i < count; i++)
{
if (*aCertInfo->IssuerHash()==*iWorkingVars->iHashedIssuerNames[i])
return EYes;
}
return ENo;
}
if (aCertInfo->CertificateFormat() != EX509Certificate)
return ENo;
return EMaybe;
}
EXPORT_C CUnifiedCertStore* CUnifiedCertStore::NewL(RFs& aFs,
TBool aOpenForWrite,
RArray<TInt>& aOrderFilter)
{
CUnifiedCertStore* self = CUnifiedCertStore::NewLC(aFs,
aOpenForWrite,
aOrderFilter);
CleanupStack::Pop(self);
return self;
}
EXPORT_C CUnifiedCertStore* CUnifiedCertStore::NewLC(RFs& aFs,
TBool aOpenForWrite,
RArray<TInt>& aOrderFilter)
{
CUnifiedCertStore* self = new(ELeave) CUnifiedCertStore(aFs,
aOpenForWrite);
CleanupStack::PushL(self);
self->ConstructL(aOrderFilter);
return self;
}
void CUnifiedCertStore::FilterTokenTypesL(RCPointerArray<CCTTokenTypeInfo>& aSearchTokenTypes,
RCPointerArray<CCTTokenTypeInfo>& aTempTokenTypes,
TInt aOrderAttribute)
{
//We allow aOrderAttribute=KUnknownHardwareCertStore here to keep DC.
//assert(aOrderAttribute);
// Get number of token types
TInt tokenTypesCount = aSearchTokenTypes.Count();
// loop through token types
for(TInt tokenTypesLoop = tokenTypesCount-1; tokenTypesLoop >= 0; tokenTypesLoop--)
{
// get the list of attributes supported by this token type.
// Note: The attribute list consists of values such as
// KCTSoftware defined in TCTTokenTypeAttribute.h
const RArray<TCTTokenTypeAttribute>& attributesList =
aSearchTokenTypes[tokenTypesLoop]->Attributes();
// Get the number of attributes in the attribute list.
// The number of attributes will match the ECOM resource
// file definition. E.g. see 101f5015.rss for the software
// implementation of certstore.
TInt attributeCount = attributesList.Count();
// Check each attribute in the attribute list
for(TInt attribLoop = 0; attribLoop < attributeCount; attribLoop++)
{
// Check whether attribute in the list matches an order attribute
// E.g. KCTSoftware
if(attributesList[attribLoop].iUID == KCTSoftware
&& attributesList[attribLoop].iVal == aOrderAttribute)
{
// Found the attribute of interest. Add token type to the temp container.
User::LeaveIfError(aTempTokenTypes.Append(aSearchTokenTypes[tokenTypesLoop]));
// Remove from the Searchlist.
aSearchTokenTypes.Remove(tokenTypesLoop);
// No need to examine the other attributes, so break loop
break;
}
}
}
}
void CUnifiedCertStore::ApplyOrderingL(RCPointerArray<CCTTokenTypeInfo>& aTokenTypes)
{
// Number of attributes in ordering filter
TInt numOrderAttributes=iOrderAttributes.Count();
assert(numOrderAttributes>0);
// Contains writable tokens types
RCPointerArray<CCTTokenTypeInfo> tempWritableTokenTypes;
CleanupClosePushL(tempWritableTokenTypes);
// Contains read-only tokens types
RCPointerArray<CCTTokenTypeInfo> tempReadOnlyTokenTypes;
CleanupClosePushL(tempReadOnlyTokenTypes);
// For each order attribute, order the token types
for(TInt attributeLoop = 0; attributeLoop < numOrderAttributes; attributeLoop++)
{
// Get ordering attribute Uid from Order filter
TInt orderAttribute = iOrderAttributes[attributeLoop];
// Order for writable token types
FilterTokenTypesL(iWorkingVars->iWritableTokenTypes,
tempWritableTokenTypes,
orderAttribute);
// Order for read-only token types
FilterTokenTypesL(aTokenTypes,
tempReadOnlyTokenTypes,
orderAttribute);
}
// release and close the resources so can refill container, and get rid of
// the TokenType which have been filtered out.
TInt tokenTypesCount = iWorkingVars->iWritableTokenTypes.Count();
TInt i;
for(i = tokenTypesCount-1; i >= 0 ;i--)
{
if (iWorkingVars->iWritableTokenTypes[i])
{
CCTTokenTypeInfo* ptr=iWorkingVars->iWritableTokenTypes[i];
iWorkingVars->iWritableTokenTypes.Remove(i);
delete ptr;
}
}
iWorkingVars->iWritableTokenTypes.Reset();
// release and close the resources so can refill container, and get rid of
// the TokenType which have been filtered out.
tokenTypesCount = aTokenTypes.Count();
for(i = tokenTypesCount-1; i >= 0 ;i--)
{
if (aTokenTypes[i])
{
CCTTokenTypeInfo* ptr=aTokenTypes[i];
aTokenTypes.Remove(i);
delete ptr;
}
}
aTokenTypes.Reset();
// Assign contents of temp token types to containers.
// Note: temp tokens types are ordered according to user specification
tokenTypesCount = tempWritableTokenTypes.Count();
for(i = 0; i < tokenTypesCount; i++)
{
User::LeaveIfError(iWorkingVars->iWritableTokenTypes.Append(tempWritableTokenTypes[i]));
tempWritableTokenTypes[i] = NULL;
}
tokenTypesCount = tempReadOnlyTokenTypes.Count();
for(i = 0; i < tokenTypesCount; i++)
{
User::LeaveIfError(aTokenTypes.Append(tempReadOnlyTokenTypes[i]));
tempReadOnlyTokenTypes[i] = NULL;
}
CleanupStack::PopAndDestroy(2); // tempReadOnlyTokenTypes, tempWritableTokenTypes,
}