Symaptic: os/security/cryptomgmtlibs/securitytestfw/test/testhandler2/t_capabilities.cpp@260cb5ec6c19 (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	* Parsing of capability names
sl@0	16	*
sl@0	17	*/
sl@0	18
sl@0	19
sl@0	20	/**
sl@0	21	@file
sl@0	22	*/
sl@0	23
sl@0	24	#include "t_input.h"
sl@0	25	#include "t_output.h"
sl@0	26
sl@0	27	// This file needs to be updated in three places whenever new capabilities are
sl@0	28	// added - the list of capability names below and the methods
sl@0	29	// Input::ParseCapabilityNameL and Output::writeCapabilityL.
sl@0	30
sl@0	31	// Capability names
sl@0	32	_LIT8(KCapabilityTCB, "TCB");
sl@0	33	_LIT8(KCapabilityCommDD, "CommDD");
sl@0	34	_LIT8(KCapabilityPowerMgmt, "PowerMgmt");
sl@0	35	_LIT8(KCapabilityMultimediaDD, "MultimediaDD");
sl@0	36	_LIT8(KCapabilityReadDeviceData, "ReadDeviceData");
sl@0	37	_LIT8(KCapabilityWriteDeviceData, "WriteDeviceData");
sl@0	38	_LIT8(KCapabilityDRM, "DRM");
sl@0	39	_LIT8(KCapabilityTrustedUI, "TrustedUI");
sl@0	40	_LIT8(KCapabilityProtServ, "ProtServ");
sl@0	41	_LIT8(KCapabilityDiskAdmin, "DiskAdmin");
sl@0	42	_LIT8(KCapabilityNetworkControl, "NetworkControl");
sl@0	43	_LIT8(KCapabilityAllFiles, "AllFiles");
sl@0	44	_LIT8(KCapabilitySwEvent, "SwEvent");
sl@0	45	_LIT8(KCapabilityNetworkServices, "NetworkServices");
sl@0	46	_LIT8(KCapabilityLocalServices, "LocalServices");
sl@0	47	_LIT8(KCapabilityReadUserData, "ReadUserData");
sl@0	48	_LIT8(KCapabilityWriteUserData, "WriteUserData");
sl@0	49	_LIT8(KCapabilityLocation, "Location");
sl@0	50	_LIT8(KCapabilitySurroundingsDD, "SurroundingsDD");
sl@0	51	_LIT8(KCapabilityUserEnvironment, "UserEnvironment");
sl@0	52
sl@0	53	// Script file tags
sl@0	54	_LIT8(KCapabilityStart, "<capability>");
sl@0	55	_LIT8(KCapabilityEnd, "</capability>");
sl@0	56	_LIT8(KPolicyPass, "<pass/>");
sl@0	57	_LIT8(KPolicyFail, "<fail/>");
sl@0	58	_LIT8(KSecureIdStart, "<secureid>");
sl@0	59	_LIT8(KSecureIdEnd, "</secureid>");
sl@0	60	_LIT8(KVendorIdStart, "<vendorid>");
sl@0	61	_LIT8(KVendorIdEnd, "</vendorid>");
sl@0	62
sl@0	63	_LIT(KCommaSpace, ", ");
sl@0	64
sl@0	65	EXPORT_C TCapability Input::ParseCapabilityNameL(const TDesC8& aName)
sl@0	66	{
sl@0	67	TCapability result = ECapability_None;
sl@0	68
sl@0	69	if (aName == KCapabilityTCB) result = ECapabilityTCB;
sl@0	70	else if (aName == KCapabilityCommDD) result = ECapabilityCommDD;
sl@0	71	else if (aName == KCapabilityPowerMgmt) result = ECapabilityPowerMgmt;
sl@0	72	else if (aName == KCapabilityMultimediaDD) result = ECapabilityMultimediaDD;
sl@0	73	else if (aName == KCapabilityReadDeviceData) result = ECapabilityReadDeviceData;
sl@0	74	else if (aName == KCapabilityWriteDeviceData) result = ECapabilityWriteDeviceData;
sl@0	75	else if (aName == KCapabilityDRM) result = ECapabilityDRM;
sl@0	76	else if (aName == KCapabilityTrustedUI) result = ECapabilityTrustedUI;
sl@0	77	else if (aName == KCapabilityProtServ) result = ECapabilityProtServ;
sl@0	78	else if (aName == KCapabilityDiskAdmin) result = ECapabilityDiskAdmin;
sl@0	79	else if (aName == KCapabilityNetworkControl) result = ECapabilityNetworkControl;
sl@0	80	else if (aName == KCapabilityAllFiles) result = ECapabilityAllFiles;
sl@0	81	else if (aName == KCapabilitySwEvent) result = ECapabilitySwEvent;
sl@0	82	else if (aName == KCapabilityNetworkServices) result = ECapabilityNetworkServices;
sl@0	83	else if (aName == KCapabilityLocalServices) result = ECapabilityLocalServices;
sl@0	84	else if (aName == KCapabilityReadUserData) result = ECapabilityReadUserData;
sl@0	85	else if (aName == KCapabilityWriteUserData) result = ECapabilityWriteUserData;
sl@0	86	else if (aName == KCapabilityLocation) result = ECapabilityLocation;
sl@0	87	else if (aName == KCapabilitySurroundingsDD) result = ECapabilitySurroundingsDD;
sl@0	88	else if (aName == KCapabilityUserEnvironment) result = ECapabilityUserEnvironment;
sl@0	89
sl@0	90	if (result == ECapability_None)
sl@0	91	{
sl@0	92	User::Leave(KErrArgument);
sl@0	93	}
sl@0	94
sl@0	95	return result;
sl@0	96	}
sl@0	97
sl@0	98	EXPORT_C void Input::ParseCapabilitySetL(const TDesC8& aIn, TCapabilitySet& aOut)
sl@0	99	{
sl@0	100	aOut.SetEmpty();
sl@0	101	TInt pos = 0, err = KErrNone;
sl@0	102	for (;;)
sl@0	103	{
sl@0	104	const TDesC8& match = Input::ParseElement(aIn, KCapabilityStart, KCapabilityEnd, pos, err);
sl@0	105	if (err != KErrNone)
sl@0	106	{
sl@0	107	break;
sl@0	108	}
sl@0	109	aOut.AddCapability(ParseCapabilityNameL(match));
sl@0	110	}
sl@0	111	if (err != KErrNone && err != KErrNotFound)
sl@0	112	{
sl@0	113	User::Leave(err);
sl@0	114	}
sl@0	115	}
sl@0	116
sl@0	117	EXPORT_C void Input::ParseSecurityPolicyL(const TDesC8& aIn, TSecurityPolicy& aOut)
sl@0	118	{
sl@0	119	TInt options = 0;
sl@0	120
sl@0	121	TBool pass = aIn.Find(KPolicyPass) != KErrNotFound; // why didn't we use a proper xml parser?
sl@0	122	if (pass) ++options;
sl@0	123
sl@0	124	TBool fail = aIn.Find(KPolicyFail) != KErrNotFound;
sl@0	125	if (fail) ++options;
sl@0	126
sl@0	127	TUint secureId = ParseIntElement(aIn, KSecureIdStart, KSecureIdEnd);
sl@0	128	if (secureId) ++options;
sl@0	129
sl@0	130	TUint vendorId = ParseIntElement(aIn, KVendorIdStart, KVendorIdEnd);
sl@0	131	if (vendorId) ++options;
sl@0	132
sl@0	133	// Can only sepcify one of pass, fail, secureid, vendorid
sl@0	134	if (options > 1)
sl@0	135	User::Leave(KErrArgument);
sl@0	136
sl@0	137	// Parse the capabilities
sl@0	138	TCapabilitySet capSet;
sl@0	139	ParseCapabilitySetL(aIn, capSet);
sl@0	140
sl@0	141	// Determine maximum number of capabilities allowed
sl@0	142	TInt maxCaps;
sl@0	143	if (pass \|\| fail)
sl@0	144	{
sl@0	145	maxCaps = 0;
sl@0	146	}
sl@0	147	else if (secureId \|\| vendorId)
sl@0	148	{
sl@0	149	maxCaps = 3;
sl@0	150	}
sl@0	151	else
sl@0	152	{
sl@0	153	maxCaps = 7;
sl@0	154	}
sl@0	155
sl@0	156	TCapability caps[7];
sl@0	157	TInt count = 0;
sl@0	158
sl@0	159	// Extract capabilities into array
sl@0	160	TInt i;
sl@0	161	for (i = 0 ; i < ECapability_Limit ; ++i)
sl@0	162	{
sl@0	163	TCapability c = static_cast<TCapability>(i);
sl@0	164	if (capSet.HasCapability(c))
sl@0	165	{
sl@0	166	// Check if more capabities are specified that allowed
sl@0	167	if (count == maxCaps)
sl@0	168	{
sl@0	169	User::Leave(KErrArgument);
sl@0	170	}
sl@0	171	caps[count++] = c;
sl@0	172	}
sl@0	173	}
sl@0	174
sl@0	175	// Fill the rest of the array with ECapability_None
sl@0	176	for (i = count ; i < maxCaps ; ++i)
sl@0	177	{
sl@0	178	caps[i] = ECapability_None;
sl@0	179	}
sl@0	180
sl@0	181	if (pass)
sl@0	182	{
sl@0	183	aOut = TSecurityPolicy(TSecurityPolicy::EAlwaysPass);
sl@0	184	}
sl@0	185	else if (fail)
sl@0	186	{
sl@0	187	aOut = TSecurityPolicy(TSecurityPolicy::EAlwaysFail);
sl@0	188	}
sl@0	189	else if (secureId)
sl@0	190	{
sl@0	191	aOut = TSecurityPolicy(TSecureId(secureId), caps[0], caps[1], caps[2]);
sl@0	192	}
sl@0	193	else if (vendorId)
sl@0	194	{
sl@0	195	aOut = TSecurityPolicy(TVendorId(vendorId), caps[0], caps[1], caps[2]);
sl@0	196	}
sl@0	197	else
sl@0	198	{
sl@0	199	aOut = TSecurityPolicy(caps[0], caps[1], caps[2], caps[3],
sl@0	200	caps[4], caps[5], caps[6]);
sl@0	201	}
sl@0	202	}
sl@0	203
sl@0	204	EXPORT_C void Output::writeCapabilityL(TCapability aCap)
sl@0	205	{
sl@0	206	switch (aCap)
sl@0	207	{
sl@0	208	case ECapabilityTCB:
sl@0	209	writeString(KCapabilityTCB);
sl@0	210	break;
sl@0	211
sl@0	212	case ECapabilityCommDD:
sl@0	213	writeString(KCapabilityCommDD);
sl@0	214	break;
sl@0	215
sl@0	216	case ECapabilityPowerMgmt:
sl@0	217	writeString(KCapabilityPowerMgmt);
sl@0	218	break;
sl@0	219
sl@0	220	case ECapabilityMultimediaDD:
sl@0	221	writeString(KCapabilityMultimediaDD);
sl@0	222	break;
sl@0	223
sl@0	224	case ECapabilityReadDeviceData:
sl@0	225	writeString(KCapabilityReadDeviceData);
sl@0	226	break;
sl@0	227
sl@0	228	case ECapabilityWriteDeviceData:
sl@0	229	writeString(KCapabilityWriteDeviceData);
sl@0	230	break;
sl@0	231
sl@0	232	case ECapabilityDRM:
sl@0	233	writeString(KCapabilityDRM);
sl@0	234	break;
sl@0	235
sl@0	236	case ECapabilityTrustedUI:
sl@0	237	writeString(KCapabilityTrustedUI);
sl@0	238	break;
sl@0	239
sl@0	240	case ECapabilityProtServ:
sl@0	241	writeString(KCapabilityProtServ);
sl@0	242	break;
sl@0	243
sl@0	244	case ECapabilityDiskAdmin:
sl@0	245	writeString(KCapabilityDiskAdmin);
sl@0	246	break;
sl@0	247
sl@0	248	case ECapabilityNetworkControl:
sl@0	249	writeString(KCapabilityNetworkControl);
sl@0	250	break;
sl@0	251
sl@0	252	case ECapabilityAllFiles:
sl@0	253	writeString(KCapabilityAllFiles);
sl@0	254	break;
sl@0	255
sl@0	256	case ECapabilitySwEvent:
sl@0	257	writeString(KCapabilitySwEvent);
sl@0	258	break;
sl@0	259
sl@0	260	case ECapabilityNetworkServices:
sl@0	261	writeString(KCapabilityNetworkServices);
sl@0	262	break;
sl@0	263
sl@0	264	case ECapabilityLocalServices:
sl@0	265	writeString(KCapabilityLocalServices);
sl@0	266	break;
sl@0	267
sl@0	268	case ECapabilityReadUserData:
sl@0	269	writeString(KCapabilityReadUserData);
sl@0	270	break;
sl@0	271
sl@0	272	case ECapabilityWriteUserData:
sl@0	273	writeString(KCapabilityWriteUserData);
sl@0	274	break;
sl@0	275
sl@0	276	case ECapabilityLocation:
sl@0	277	writeString(KCapabilityLocation);
sl@0	278	break;
sl@0	279
sl@0	280	case ECapabilitySurroundingsDD:
sl@0	281	writeString(KCapabilitySurroundingsDD);
sl@0	282	break;
sl@0	283
sl@0	284	case ECapabilityUserEnvironment:
sl@0	285	writeString(KCapabilityUserEnvironment);
sl@0	286	break;
sl@0	287
sl@0	288	default:
sl@0	289	User::Invariant();
sl@0	290	}
sl@0	291	}
sl@0	292
sl@0	293	EXPORT_C void Output::writeCapabilitySetL(const TCapabilitySet& aCaps)
sl@0	294	{
sl@0	295	TBool first = ETrue;
sl@0	296	for (TInt i = 0 ; i < ECapability_Limit ; ++i)
sl@0	297	{
sl@0	298	TCapability cap = static_cast<TCapability>(i);
sl@0	299	if (aCaps.HasCapability(cap))
sl@0	300	{
sl@0	301	if (!first)
sl@0	302	{
sl@0	303	writeString(KCommaSpace);
sl@0	304	}
sl@0	305	else
sl@0	306	{
sl@0	307	first = EFalse;
sl@0	308	}
sl@0	309	writeCapabilityL(cap);
sl@0	310	}
sl@0	311	}
sl@0	312	}
sl@0	313
sl@0	314	/**
sl@0	315	* The real TSecurityPolicy class has no accessors, so to extract information
sl@0	316	* from it we cast it to this class, which has exactly the same layout.
sl@0	317	*/
sl@0	318	class TPrintableSecurityPolicy
sl@0	319	{
sl@0	320	public:
sl@0	321	void WriteL(Output& aOut) const;
sl@0	322
sl@0	323	public:
sl@0	324	enum TType
sl@0	325	{
sl@0	326	ETypeFail=0, // Always fail
sl@0	327	ETypePass=1, // Always pass
sl@0	328	ETypeC3=2, // Up to 3 capabilities
sl@0	329	ETypeC7=3, // Up to 7 capabilities
sl@0	330	ETypeS3=4, // SID + up to 3 capabilities
sl@0	331	ETypeV3=5, // VID + up to 3 capabilities
sl@0	332
sl@0	333	ETypeLimit
sl@0	334	};
sl@0	335
sl@0	336	private:
sl@0	337	TPrintableSecurityPolicy();
sl@0	338	TBool WriteCapsL(Output& aOut, TBool aFirst) const;
sl@0	339	void WriteExtraCapsL(Output& aOut, TBool aFirst) const;
sl@0	340
sl@0	341	private:
sl@0	342	TUint8 iType;
sl@0	343	TUint8 iCaps[3]; // missing capabilities are set to 0xff
sl@0	344	union
sl@0	345	{
sl@0	346	TUint32 iSecureId;
sl@0	347	TUint32 iVendorId;
sl@0	348	TUint8 iExtraCaps[4]; // missing capabilities are set to 0xff
sl@0	349	};
sl@0	350	};
sl@0	351
sl@0	352	// Check noone added another type to the enumeration
sl@0	353	__ASSERT_COMPILE(((TInt)TPrintableSecurityPolicy::ETypeLimit) == ((TInt)TSecurityPolicy::ETypeLimit));
sl@0	354
sl@0	355	EXPORT_C void Output::writeSecurityPolicyL(const TSecurityPolicy& aPolicy)
sl@0	356	{
sl@0	357	const TPrintableSecurityPolicy* p = reinterpret_cast<const TPrintableSecurityPolicy*>(&aPolicy);
sl@0	358	p->WriteL(*this);
sl@0	359	}
sl@0	360
sl@0	361	void TPrintableSecurityPolicy::WriteL(Output& aOut) const
sl@0	362	{
sl@0	363	switch (iType)
sl@0	364	{
sl@0	365	case ETypeFail:
sl@0	366	aOut.writeString(_L("AlwaysFail"));
sl@0	367	break;
sl@0	368	case ETypePass:
sl@0	369	aOut.writeString(_L("AlwaysPass"));
sl@0	370	break;
sl@0	371	case ETypeC3:
sl@0	372	WriteCapsL(aOut, ETrue);
sl@0	373	break;
sl@0	374	case ETypeC7:
sl@0	375	{
sl@0	376	TBool first = WriteCapsL(aOut, ETrue);
sl@0	377	WriteExtraCapsL(aOut, first);
sl@0	378	}
sl@0	379	break;
sl@0	380	case ETypeS3:
sl@0	381	aOut.writeString(_L("SID 0x"));
sl@0	382	aOut.writeHex(iSecureId);
sl@0	383	WriteCapsL(aOut, EFalse);
sl@0	384	break;
sl@0	385	case ETypeV3:
sl@0	386	aOut.writeString(_L("VID 0x"));
sl@0	387	aOut.writeHex(iVendorId);
sl@0	388	WriteCapsL(aOut, EFalse);
sl@0	389	break;
sl@0	390	default:
sl@0	391	User::Invariant();
sl@0	392	}
sl@0	393	}
sl@0	394
sl@0	395	TBool TPrintableSecurityPolicy::WriteCapsL(Output& aOut, TBool aFirst) const
sl@0	396	{
sl@0	397	for (TInt i = 0 ; i < 3 ; ++i)
sl@0	398	{
sl@0	399	if (iCaps[i] != 0xff)
sl@0	400	{
sl@0	401	if (!aFirst)
sl@0	402	{
sl@0	403	aOut.writeString(KCommaSpace);
sl@0	404	}
sl@0	405	aFirst = EFalse;
sl@0	406	aOut.writeCapabilityL((TCapability) iCaps[i]);
sl@0	407	}
sl@0	408	}
sl@0	409	return aFirst;
sl@0	410	}
sl@0	411
sl@0	412	void TPrintableSecurityPolicy::WriteExtraCapsL(Output& aOut, TBool aFirst) const
sl@0	413	{
sl@0	414	for (TInt i = 0 ; i < 3 ; ++i)
sl@0	415	{
sl@0	416	if (iExtraCaps[i] != 0xff)
sl@0	417	{
sl@0	418	if (!aFirst)
sl@0	419	{
sl@0	420	aOut.writeString(KCommaSpace);
sl@0	421	}
sl@0	422	aFirst = EFalse;
sl@0	423	aOut.writeCapabilityL((TCapability) iExtraCaps[i]);
sl@0	424	}
sl@0	425	}
sl@0	426	}

author	sl
	Tue, 10 Jun 2014 14:32:02 +0200
changeset 1	260cb5ec6c19
permissions	-rw-r--r--