diff -r 675a964f4eb5 -r 35751d3474b7 cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertchainao.h --- a/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertchainao.h Tue Jul 21 01:04:32 2009 +0100 +++ b/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertchainao.h Thu Sep 10 14:01:51 2009 +0300 @@ -1,160 +1,158 @@ -/* -* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). -* All rights reserved. -* This component and the accompanying materials are made available -* under the terms of the License "Eclipse Public License v1.0" -* which accompanies this distribution, and is available -* at the URL "http://www.eclipse.org/legal/epl-v10.html". -* -* Initial Contributors: -* Nokia Corporation - initial contribution. -* -* Contributors: -* -* Description: -* CPKIXCertChainAO class implementation -* -*/ - - - - -/** - @file - @internalTechnology -*/ - -#ifndef __PKIXCERTCHAINAO_H__ -#define __PKIXCERTCHAINAO_H__ - -#include -#include "pkixcerts.h" -#include "pkixchainbuilder.h" -#include "pkixcertstate.h" -#include -#include -#include -#include - -class CPKIXCertChainBase; - -/** - * This class handles the asynchronous part of the pkix chain validation. It - * is an active object which handles the asynchronous certificate store operations. - */ -class CPKIXCertChainAO : public CActive -{ -public: - static CPKIXCertChainAO* NewL(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain, - const RPointerArray& aRootCerts); - static CPKIXCertChainAO* NewL(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain, - const TUid aClient); - virtual ~CPKIXCertChainAO(); - -private: - CPKIXCertChainAO(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain); - CPKIXCertChainAO(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain, const TUid aClient); - void ConstructL(const RPointerArray& aRootCerts); - -public: - void RunL(); - TInt RunError(TInt aError); - void DoCancel(); - -private: - void HandleEStoreManagerInitializationL(); - void HandleEStoreManagerInitializedL(); - void HandleEAddRootsL(); - void HandleERootsInitializedL(); - void HandleEBuildChainStartL(); - void HandleEBuildChainAddCandidateEndL(); - void HandleEBuildChainCertsFromStoreBeginL(); - void HandleEBuildChainCertsFromStoreEndL(); - void HandleEAddCandidateIntermediateCertsEndL(); - void HandleEValidateEndL(); - - // Request functions -public: - void ValidateL(CPKIXValidationResultBase& aValidationResult, const TTime& aValidationTime, - const CArrayPtr* aInitialPolicies, TRequestStatus& aStatus); - void CancelValidate(); - -private: - void InitParamsL(); - void SetParamsL(CX509Certificate& aCert, const TPtrC8& aEncodedParams); - void DoValidateL(CPKIXValidationResultBase& aValidationResult, const TTime& aValidationTime, - const CArrayPtr* aInitialPolicies); - void ProcessCertsL(CPKIXValidationState& aState, CPKIXValidationResultBase& aResult) const; - void CriticalExtsL(CPKIXValidationState& aState, const CX509Certificate& aCert) const; - void CheckSignatureAndNameL(const CX509Certificate& aCert, CPKIXValidationState& aState, - CPKIXValidationResultBase& aResult) const; - void CheckCriticalExtsL(CPKIXValidationState& aState, - CPKIXValidationResultBase& aResult) const; - - /** - * The states used to know what to do in the RunL function. - */ - enum TState - { - EAddRoots, - ERootsInitialized, - EBuildChainStart, - EBuildChainAddCandidateEnd, - EBuildChainCertsFromStoreBegin, - EBuildChainCertsFromStoreEnd, - EAddCandidateIntermediateCertsEnd, - EValidateEnd - }; - -private: - MCertStore* iCertStore; - // a reference to the object which owns this instance - CPKIXCertChainBase &iPKIXCertChain; - TUid iClient; - TState iState; - - /** - *

Ownership of this object is peculiar.

- *

We need this to be a member because it is created and initialized in - * the EAddRoots handler but is only added to iRoots in the ERootsInitialized - * handler. iRoots takes ownesrhip of it, so it is set to 0 afterwards.

- *

The only case where the destructor will have to delete it, is when a leave - * occurs between the EAddRoots and ERootsInitialized states.

- */ - CPKIXCertsFromStore* iCertsFromStoreRoots; - - TRequestStatus* iOriginalRequestStatus; - - /** - * The roots that we trust. - * This can be given - *
    - *
  • explicitly : the user gives a set of root certificates at construction time.
    • - *
  • implicitly : the user gives the uid of the application and the validation code - * retrieves the root certificates trusted for this application from the certificate - * store.
    • - *
- */ - CPKIXChainBuilder* iRoots; - - CPKIXChainBuilder* iBuilder; - - /** - * To store the parameters passed to CPKIXCertChainBase::Validate - */ - CPKIXValidationResultBase* iValidationResult; - /** - * To store the parameters passed to CPKIXCertChainBase::Validate - */ - TTime iValidationTime; - /** - * To store the parameters passed to CPKIXCertChainBase::Validate - */ - const CArrayPtr* iInitialPolicies; - - TBool iAddIssuerResult; - - TInt iNumberOfAddedCertificates; -}; - -#endif +/* +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* CPKIXCertChainAO class implementation +* +*/ + + +/** + @file + @internalTechnology +*/ + +#ifndef __PKIXCERTCHAINAO_H__ +#define __PKIXCERTCHAINAO_H__ + +#include +#include "pkixcerts.h" +#include "pkixchainbuilder.h" +#include "pkixcertstate.h" +#include +#include +#include +#include + +class CPKIXCertChainBase; + +/** + * This class handles the asynchronous part of the pkix chain validation. It + * is an active object which handles the asynchronous certificate store operations. + */ +class CPKIXCertChainAO : public CActive +{ +public: + static CPKIXCertChainAO* NewL(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain, + const RPointerArray& aRootCerts); + static CPKIXCertChainAO* NewL(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain, + const TUid aClient); + virtual ~CPKIXCertChainAO(); + +private: + CPKIXCertChainAO(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain); + CPKIXCertChainAO(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain, const TUid aClient); + void ConstructL(const RPointerArray& aRootCerts); + +public: + void RunL(); + TInt RunError(TInt aError); + void DoCancel(); + +private: + void HandleEStoreManagerInitializationL(); + void HandleEStoreManagerInitializedL(); + void HandleEAddRootsL(); + void HandleERootsInitializedL(); + void HandleEBuildChainStartL(); + void HandleEBuildChainAddCandidateEndL(); + void HandleEBuildChainCertsFromStoreBeginL(); + void HandleEBuildChainCertsFromStoreEndL(); + void HandleEAddCandidateIntermediateCertsEndL(); + void HandleEValidateEndL(); + + // Request functions +public: + void ValidateL(CPKIXValidationResultBase& aValidationResult, const TTime& aValidationTime, + const CArrayPtr* aInitialPolicies, TRequestStatus& aStatus); + void CancelValidate(); + +private: + void InitParamsL(); + void SetParamsL(CX509Certificate& aCert, const TPtrC8& aEncodedParams); + void DoValidateL(CPKIXValidationResultBase& aValidationResult, const TTime& aValidationTime, + const CArrayPtr* aInitialPolicies); + void ProcessCertsL(CPKIXValidationState& aState, CPKIXValidationResultBase& aResult) const; + void CriticalExtsL(CPKIXValidationState& aState, const CX509Certificate& aCert) const; + void CheckSignatureAndNameL(const CX509Certificate& aCert, CPKIXValidationState& aState, + CPKIXValidationResultBase& aResult) const; + void CheckCriticalExtsL(CPKIXValidationState& aState, + CPKIXValidationResultBase& aResult) const; + + /** + * The states used to know what to do in the RunL function. + */ + enum TState + { + EAddRoots, + ERootsInitialized, + EBuildChainStart, + EBuildChainAddCandidateEnd, + EBuildChainCertsFromStoreBegin, + EBuildChainCertsFromStoreEnd, + EAddCandidateIntermediateCertsEnd, + EValidateEnd + }; + +private: + MCertStore* iCertStore; + // a reference to the object which owns this instance + CPKIXCertChainBase &iPKIXCertChain; + TUid iClient; + TState iState; + + /** + *

Ownership of this object is peculiar.

+ *

We need this to be a member because it is created and initialized in + * the EAddRoots handler but is only added to iRoots in the ERootsInitialized + * handler. iRoots takes ownesrhip of it, so it is set to 0 afterwards.

+ *

The only case where the destructor will have to delete it, is when a leave + * occurs between the EAddRoots and ERootsInitialized states.

+ */ + CPKIXCertsFromStore* iCertsFromStoreRoots; + + TRequestStatus* iOriginalRequestStatus; + + /** + * The roots that we trust. + * This can be given + *
    + *
  • explicitly : the user gives a set of root certificates at construction time.
    • + *
  • implicitly : the user gives the uid of the application and the validation code + * retrieves the root certificates trusted for this application from the certificate + * store.
    • + *
+ */ + CPKIXChainBuilder* iRoots; + + CPKIXChainBuilder* iBuilder; + + /** + * To store the parameters passed to CPKIXCertChainBase::Validate + */ + CPKIXValidationResultBase* iValidationResult; + /** + * To store the parameters passed to CPKIXCertChainBase::Validate + */ + TTime iValidationTime; + /** + * To store the parameters passed to CPKIXCertChainBase::Validate + */ + const CArrayPtr* iInitialPolicies; + + TBool iAddIssuerResult; + + TInt iNumberOfAddedCertificates; +}; + +#endif