Symaptic: os/security/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/CKeyDataManager.h@260cb5ec6c19 (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	* Implements CFileKeyData and CFileKeyDataManager
sl@0	16	*
sl@0	17	*/
sl@0	18
sl@0	19
sl@0	20	/**
sl@0	21	@file
sl@0	22	@internalTechnology
sl@0	23	*/
sl@0	24
sl@0	25	#ifndef __CKEYDATAMANAGER_H__
sl@0	26	#define __CKEYDATAMANAGER_H__
sl@0	27
sl@0	28	#include <s32file.h>
sl@0	29	#include <ct/tcttokenobjecthandle.h>
sl@0	30	#include <ct.h>
sl@0	31
sl@0	32	class CKeyInfo;
sl@0	33	class CPassphraseManager;
sl@0	34	class CPassphrase;
sl@0	35
sl@0	36	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	37	#include <authserver/authtypes.h>
sl@0	38	#include <e32property.h>
sl@0	39	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	40
sl@0	41	#ifdef KEYTOOL
sl@0	42	#include <authserver/authtypes.h>
sl@0	43	#include <e32property.h>
sl@0	44	#endif // KEYTOOL
sl@0	45
sl@0	46	/**
sl@0	47	* Server side in-memory representation of a key for file key store management
sl@0	48	* purposes. Objects of this type are stored in an in-memory array for quick
sl@0	49	* keystore lookup.
sl@0	50	*/
sl@0	51	class CFileKeyData : public CBase
sl@0	52	{
sl@0	53	public:
sl@0	54	/// Create a new key data object
sl@0	55	static CFileKeyData* NewLC(TInt aObjectId, const TDesC& aLabel, TStreamId aInfoData,
sl@0	56	TStreamId aPassphraseId, TStreamId aPublicData, TStreamId aPrivateData);
sl@0	57	/// Read a key data object from a stream
sl@0	58	static CFileKeyData* NewL(RStoreReadStream& aReadStream);
sl@0	59
sl@0	60	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	61	static CFileKeyData* NewLC( TInt aObjectId, const TDesC& aLabel,
sl@0	62	TStreamId aInfoData, TStreamId aPublicData,
sl@0	63	TStreamId aPrivateData, AuthServer::TIdentityId aIdentityId);
sl@0	64	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	65
sl@0	66	#ifdef KEYTOOL
sl@0	67	static CFileKeyData* CreateOldKeyL(RStoreReadStream& aReadStream);
sl@0	68	#endif // KEYTOOL
sl@0	69	public:
sl@0	70	~CFileKeyData();
sl@0	71	public:
sl@0	72	/// Write out the key data to a stream
sl@0	73	void ExternalizeL(RWriteStream&) const;
sl@0	74	#ifdef KEYTOOL
sl@0	75	void ExternalizeWithAuthL(RWriteStream& aWriteStream) ;
sl@0	76	#endif // KEYTOOL
sl@0	77	public:
sl@0	78	inline const TDesC& Label() const;
sl@0	79	inline TInt32 Handle() const;
sl@0	80	inline TStreamId InfoDataStreamId() const;
sl@0	81	inline TStreamId PassphraseStreamId() const;
sl@0	82	inline TStreamId PublicDataStreamId() const;
sl@0	83	inline TStreamId PrivateDataStreamId() const;
sl@0	84	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	85	inline AuthServer::TIdentityId Identity() const;
sl@0	86	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	87	#ifdef KEYTOOL
sl@0	88	inline void SetInfoDataStreamId( TStreamId& aInfoDataStreamId );
sl@0	89	inline void SetPublicDataStreamId( TStreamId& aPublicDataStreamId );
sl@0	90	inline void SetPrivateDataStreamId( TStreamId& aPrivateDataStreamId );
sl@0	91	inline AuthServer::TIdentityId Identity() const;
sl@0	92	#endif // KEYTOOL
sl@0	93	private:
sl@0	94	CFileKeyData(TInt aObjectId, TStreamId aInfoData, TStreamId aPassphraseId,
sl@0	95	TStreamId aPublicData, TStreamId aPrivateData);
sl@0	96
sl@0	97	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	98	CFileKeyData( TInt aObjectId, TStreamId aInfoData,
sl@0	99	TStreamId aPublicData, TStreamId aPrivateData,
sl@0	100	AuthServer::TIdentityId aIdentityId);
sl@0	101	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	102
sl@0	103	#ifdef KEYTOOL
sl@0	104	CFileKeyData( TInt aObjectId, TStreamId aInfoData,
sl@0	105	TStreamId aPublicData, TStreamId aPrivateData,
sl@0	106	AuthServer::TIdentityId aIdentityId);
sl@0	107	#endif // KEYTOOL
sl@0	108
sl@0	109	CFileKeyData();
sl@0	110	void ConstructL(const TDesC& aLabel);
sl@0	111	void InternalizeL(RReadStream&);
sl@0	112	#ifdef KEYTOOL
sl@0	113	void InternalizeOldKeyL(RReadStream& aReadStream);
sl@0	114	#endif // KEYTOOL
sl@0	115
sl@0	116	private:
sl@0	117	TInt iObjectId; ///< Data to identify the key
sl@0	118	TStreamId iInfoData; ///< ID of stream holding publicly available data for key
sl@0	119	TStreamId iPassphraseId; ///< ID of stream holding passphrase data (not currently used)
sl@0	120	TStreamId iPublicKeyData; ///< ID of stream holding public key data
sl@0	121	TStreamId iPrivateKeyData; ///< ID of stream holding private key data
sl@0	122	HBufC* iLabel; ///< Key label data
sl@0	123	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	124	AuthServer::TIdentityId iIdentityId;
sl@0	125	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	126	#ifdef KEYTOOL
sl@0	127	AuthServer::TIdentityId iIdentityId;
sl@0	128	#endif // KEYTOOL
sl@0	129	};
sl@0	130
sl@0	131	inline const TDesC& CFileKeyData::Label() const
sl@0	132	{
sl@0	133	return *iLabel;
sl@0	134	}
sl@0	135
sl@0	136	inline TInt32 CFileKeyData::Handle() const
sl@0	137	{
sl@0	138	return iObjectId;
sl@0	139	}
sl@0	140
sl@0	141	inline TStreamId CFileKeyData::InfoDataStreamId() const
sl@0	142	{
sl@0	143	return iInfoData;
sl@0	144	}
sl@0	145
sl@0	146	inline TStreamId CFileKeyData::PassphraseStreamId() const
sl@0	147	{
sl@0	148	return iPassphraseId;
sl@0	149	}
sl@0	150
sl@0	151	inline TStreamId CFileKeyData::PublicDataStreamId() const
sl@0	152	{
sl@0	153	return iPublicKeyData;
sl@0	154	}
sl@0	155
sl@0	156	inline TStreamId CFileKeyData::PrivateDataStreamId() const
sl@0	157	{
sl@0	158	return iPrivateKeyData;
sl@0	159	}
sl@0	160
sl@0	161	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	162	inline AuthServer::TIdentityId CFileKeyData::Identity() const
sl@0	163	{
sl@0	164	return iIdentityId;
sl@0	165	}
sl@0	166	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	167
sl@0	168	#ifdef KEYTOOL
sl@0	169	inline void CFileKeyData::SetInfoDataStreamId( TStreamId& aInfoDataStreamId )
sl@0	170	{
sl@0	171	iInfoData = aInfoDataStreamId;
sl@0	172	}
sl@0	173
sl@0	174	inline void CFileKeyData::SetPublicDataStreamId( TStreamId& aPublicDataStreamId )
sl@0	175	{
sl@0	176	iPublicKeyData = aPublicDataStreamId;
sl@0	177	}
sl@0	178
sl@0	179	inline void CFileKeyData::SetPrivateDataStreamId( TStreamId& aPrivateDataStreamId )
sl@0	180	{
sl@0	181	iPrivateKeyData = aPrivateDataStreamId;
sl@0	182	}
sl@0	183
sl@0	184	#endif // KEYTOOL
sl@0	185	/**
sl@0	186	* Access the server file store of all keys and key data. The only class to
sl@0	187	* access the store, which maintains store integrity When a new key is created,
sl@0	188	* it is represented by a CFileKeyData object and added to the array.
sl@0	189	*/
sl@0	190	class CFileKeyDataManager : public CBase
sl@0	191	{
sl@0	192	public:
sl@0	193	static CFileKeyDataManager* NewL();
sl@0	194	~CFileKeyDataManager();
sl@0	195	public:
sl@0	196	CPassphraseManager* CreatePassphraseManagerLC();
sl@0	197	void AddL(const CFileKeyData*);
sl@0	198	void RemoveL(TInt aObjectId);
sl@0	199	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	200	TBool IsKeyAlreadyInStore(const TDesC& aKeyLabel, AuthServer::TIdentityId aIdentity) const;
sl@0	201	#else
sl@0	202	TBool IsKeyAlreadyInStore(const TDesC& aKeyLabel) const;
sl@0	203	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	204	public:
sl@0	205	/// Get the id of the default passphrase, or KNullStreamId if it doesn't exist yet.
sl@0	206	TStreamId DefaultPassphraseId() const;
sl@0	207	/// Create a new key data object for a key create/import and leave it one the cleanup stack
sl@0	208	const CFileKeyData* CreateKeyDataLC(const TDesC& aLabel, TStreamId aPassphrase);
sl@0	209
sl@0	210	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	211	const CFileKeyData* CreateKeyDataLC(const TDesC& aLabel, AuthServer::TIdentityId aIdentity);
sl@0	212	TUint32 CachedIdentity();
sl@0	213	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	214
sl@0	215	/// Reads the info data for a given key, returning a new CKeyInfo that's on the cleanup stack
sl@0	216	CKeyInfo* ReadKeyInfoLC(const CFileKeyData& aKeyData) const;
sl@0	217
sl@0	218	/// Writes key info data for a key
sl@0	219	void WriteKeyInfoL(const CFileKeyData& aKeyData, const CKeyInfo& aKeyInfo);
sl@0	220	/// Writes key info data and reverts changes to the store if if leaves
sl@0	221	void SafeWriteKeyInfoL(const CFileKeyData& aKeyData, const CKeyInfo& aKeyInfo);
sl@0	222	// Methods for opening data streams for a key
sl@0	223	void OpenPublicDataStreamLC(const CFileKeyData& aKeyData, RStoreWriteStream& aStream);
sl@0	224	void OpenPublicDataStreamLC(const CFileKeyData& aKeyData, RStoreReadStream& aStream) const;
sl@0	225	void OpenPrivateDataStreamLC(const CFileKeyData& aKeyData, CPassphrase& aPassphrase, RStoreReadStream& aStream);
sl@0	226
sl@0	227	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	228	void OpenPrivateDataStreamLC(const CFileKeyData& aKeyData, RStoreWriteStream& aStream);
sl@0	229	void OpenPrivateDataStreamLC(const CFileKeyData& aKeyData, RStoreReadStream& aStream) const;
sl@0	230	#else
sl@0	231	void OpenPrivateDataStreamLC(const CFileKeyData& aKeyData, CPassphrase& aPassphrase, RStoreWriteStream& aStream);
sl@0	232
sl@0	233	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	234
sl@0	235	/*
sl@0	236	* not currently implemented, but might be someday
sl@0	237	/// Create a new passphrase by prompting the user and pass back its id.
sl@0	238	void CreatePassphrase(CPassphraseManager& aPassMan, TStreamId& aIdOut, TRequestStatus& aStatus);
sl@0	239	/// Remove an existing passphrase. Leaves if the passphrase is used by any key.
sl@0	240	void RemovePassphraseL(TStreamId aId);
sl@0	241	*/
sl@0	242
sl@0	243	public:
sl@0	244	TInt Count() const;
sl@0	245	const CFileKeyData* operator[](TInt aIndex) const;
sl@0	246	const CFileKeyData* Lookup(TInt aObjectId) const;
sl@0	247	public:
sl@0	248	/**
sl@0	249	* Get the passphrase timeout. A timeout of zero indicates
sl@0	250	* that passphrases are never cached. A timeout of -1 means cache until an
sl@0	251	* explicit close operation occurs.
sl@0	252	*/
sl@0	253	TInt GetPassphraseTimeout() const;
sl@0	254	void SetPassphraseTimeoutL(TInt aTimeout);
sl@0	255	private:
sl@0	256	CFileKeyDataManager();
sl@0	257	void ConstructL();
sl@0	258	private: // Manages access to store
sl@0	259	void OpenStoreL();
sl@0	260	void OpenStoreInFileL(const TDesC& aFile);
sl@0	261	void CreateStoreInFileL(const TDesC& aFile);
sl@0	262	private:
sl@0	263	void OpenInfoDataStreamLC(const CFileKeyData& aKeyData, RStoreWriteStream&);
sl@0	264	static void RevertStore(TAny* aStore); // Cleanupitem
sl@0	265	void WriteKeysToStoreL();
sl@0	266	void UpdateStoreL();
sl@0	267	TStreamId CreateWriteStreamL();
sl@0	268	void ReadPassphraseTimeoutL();
sl@0	269	void WritePassphraseTimeoutL();
sl@0	270	void CompactStore();
sl@0	271	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	272	const HBufC8* DecryptKey(const TDesC8& aEncryptedKey);
sl@0	273	void WriteAuthDetailsL( RStoreWriteStream& aInfoStream, const CKeyInfo& aKeyInfo );
sl@0	274	void ReadAuthDetailsL( RStoreReadStream& aInfoStream, CKeyInfo& aKeyInfo ) const;
sl@0	275	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	276
sl@0	277	private:
sl@0	278	RFile iFile;
sl@0	279	RFs iFs;
sl@0	280	CPermanentFileStore* iFileStore;
sl@0	281	TStreamId iRootStreamId; ///< Root of the store
sl@0	282	TStreamId iInfoStreamId; ///< Stream that contains list of key data
sl@0	283
sl@0	284	#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	285	RProperty iIdentityId;
sl@0	286	#else
sl@0	287	TStreamId iPassStreamId; ///< Stream for the default passphrase
sl@0	288	TStreamId iTimeoutStreamId; ///< Stream for timeout data
sl@0	289	#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
sl@0	290
sl@0	291	private:
sl@0	292	TInt iKeyIdentifier;
sl@0	293	RPointerArray<const CFileKeyData> iKeys; ///< In memory representation of keys in the store
sl@0	294	TInt iTimeout; ///< The passphrase timeout
sl@0	295
sl@0	296	};
sl@0	297
sl@0	298	#endif

author	sl
	Tue, 10 Jun 2014 14:32:02 +0200 (2014-06-10)
changeset 1	260cb5ec6c19
permissions	-rw-r--r--