Symaptic: os/security/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertchainao.h@bde4ae8d615e (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	* CPKIXCertChainAO class implementation
sl@0	16	*
sl@0	17	*/
sl@0	18
sl@0	19
sl@0	20	/**
sl@0	21	@file
sl@0	22	@internalTechnology
sl@0	23	*/
sl@0	24
sl@0	25	#ifndef __PKIXCERTCHAINAO_H__
sl@0	26	#define __PKIXCERTCHAINAO_H__
sl@0	27
sl@0	28	#include <e32base.h>
sl@0	29	#include "pkixcerts.h"
sl@0	30	#include "pkixchainbuilder.h"
sl@0	31	#include "pkixcertstate.h"
sl@0	32	#include <x509cert.h>
sl@0	33	#include <x509certext.h>
sl@0	34	#include <x509gn.h>
sl@0	35	#include <pkixcertchain.h>
sl@0	36
sl@0	37	class CPKIXCertChainBase;
sl@0	38
sl@0	39	/**
sl@0	40	* This class handles the asynchronous part of the pkix chain validation. It
sl@0	41	* is an active object which handles the asynchronous certificate store operations.
sl@0	42	*/
sl@0	43	class CPKIXCertChainAO : public CActive
sl@0	44	{
sl@0	45	public:
sl@0	46	static CPKIXCertChainAO* NewL(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain,
sl@0	47	const RPointerArray<CX509Certificate>& aRootCerts);
sl@0	48	static CPKIXCertChainAO* NewL(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain,
sl@0	49	const TUid aClient);
sl@0	50	virtual ~CPKIXCertChainAO();
sl@0	51
sl@0	52	private:
sl@0	53	CPKIXCertChainAO(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain);
sl@0	54	CPKIXCertChainAO(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain, const TUid aClient);
sl@0	55	void ConstructL(const RPointerArray<CX509Certificate>& aRootCerts);
sl@0	56
sl@0	57	public:
sl@0	58	void RunL();
sl@0	59	TInt RunError(TInt aError);
sl@0	60	void DoCancel();
sl@0	61
sl@0	62	private:
sl@0	63	void HandleEStoreManagerInitializationL();
sl@0	64	void HandleEStoreManagerInitializedL();
sl@0	65	void HandleEAddRootsL();
sl@0	66	void HandleERootsInitializedL();
sl@0	67	void HandleEBuildChainStartL();
sl@0	68	void HandleEBuildChainAddCandidateEndL();
sl@0	69	void HandleEBuildChainCertsFromStoreBeginL();
sl@0	70	void HandleEBuildChainCertsFromStoreEndL();
sl@0	71	void HandleEAddCandidateIntermediateCertsEndL();
sl@0	72	void HandleEValidateEndL();
sl@0	73
sl@0	74	// Request functions
sl@0	75	public:
sl@0	76	void ValidateL(CPKIXValidationResultBase& aValidationResult, const TTime& aValidationTime,
sl@0	77	const CArrayPtr<HBufC>* aInitialPolicies, TRequestStatus& aStatus);
sl@0	78	void CancelValidate();
sl@0	79
sl@0	80	private:
sl@0	81	void InitParamsL();
sl@0	82	void SetParamsL(CX509Certificate& aCert, const TPtrC8& aEncodedParams);
sl@0	83	void DoValidateL(CPKIXValidationResultBase& aValidationResult, const TTime& aValidationTime,
sl@0	84	const CArrayPtr<HBufC>* aInitialPolicies);
sl@0	85	void ProcessCertsL(CPKIXValidationState& aState, CPKIXValidationResultBase& aResult) const;
sl@0	86	void CriticalExtsL(CPKIXValidationState& aState, const CX509Certificate& aCert) const;
sl@0	87	void CheckSignatureAndNameL(const CX509Certificate& aCert, CPKIXValidationState& aState,
sl@0	88	CPKIXValidationResultBase& aResult) const;
sl@0	89	void CheckCriticalExtsL(CPKIXValidationState& aState,
sl@0	90	CPKIXValidationResultBase& aResult) const;
sl@0	91
sl@0	92	/**
sl@0	93	* The states used to know what to do in the RunL function.
sl@0	94	*/
sl@0	95	enum TState
sl@0	96	{
sl@0	97	EAddRoots,
sl@0	98	ERootsInitialized,
sl@0	99	EBuildChainStart,
sl@0	100	EBuildChainAddCandidateEnd,
sl@0	101	EBuildChainCertsFromStoreBegin,
sl@0	102	EBuildChainCertsFromStoreEnd,
sl@0	103	EAddCandidateIntermediateCertsEnd,
sl@0	104	EValidateEnd
sl@0	105	};
sl@0	106
sl@0	107	private:
sl@0	108	MCertStore* iCertStore;
sl@0	109	// a reference to the object which owns this instance
sl@0	110	CPKIXCertChainBase &iPKIXCertChain;
sl@0	111	TUid iClient;
sl@0	112	TState iState;
sl@0	113
sl@0	114	/**
sl@0	115	* <P>Ownership of this object is peculiar.</P>
sl@0	116	* <P>We need this to be a member because it is created and initialized in
sl@0	117	* the EAddRoots handler but is only added to iRoots in the ERootsInitialized
sl@0	118	* handler. iRoots takes ownesrhip of it, so it is set to 0 afterwards.</P>
sl@0	119	* <P>The only case where the destructor will have to delete it, is when a leave
sl@0	120	* occurs between the EAddRoots and ERootsInitialized states.</P>
sl@0	121	*/
sl@0	122	CPKIXCertsFromStore* iCertsFromStoreRoots;
sl@0	123
sl@0	124	TRequestStatus* iOriginalRequestStatus;
sl@0	125
sl@0	126	/**
sl@0	127	* The roots that we trust.
sl@0	128	* This can be given
sl@0	129	* <UL>
sl@0	130	* <LI>explicitly : the user gives a set of root certificates at construction time.</LI>
sl@0	131	* <LI>implicitly : the user gives the uid of the application and the validation code
sl@0	132	* retrieves the root certificates trusted for this application from the certificate
sl@0	133	* store.</LI>
sl@0	134	* </UL>
sl@0	135	*/
sl@0	136	CPKIXChainBuilder* iRoots;
sl@0	137
sl@0	138	CPKIXChainBuilder* iBuilder;
sl@0	139
sl@0	140	/**
sl@0	141	* To store the parameters passed to CPKIXCertChainBase::Validate
sl@0	142	*/
sl@0	143	CPKIXValidationResultBase* iValidationResult;
sl@0	144	/**
sl@0	145	* To store the parameters passed to CPKIXCertChainBase::Validate
sl@0	146	*/
sl@0	147	TTime iValidationTime;
sl@0	148	/**
sl@0	149	* To store the parameters passed to CPKIXCertChainBase::Validate
sl@0	150	*/
sl@0	151	const CArrayPtr<HBufC>* iInitialPolicies;
sl@0	152
sl@0	153	TBool iAddIssuerResult;
sl@0	154
sl@0	155	TInt iNumberOfAddedCertificates;
sl@0	156	};
sl@0	157
sl@0	158	#endif

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--