os/security/cryptoservices/certificateandkeymgmt/tcertcommon/tcertutils.cpp
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
sl@0
     1
/*
sl@0
     2
* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0
     3
* All rights reserved.
sl@0
     4
* This component and the accompanying materials are made available
sl@0
     5
* under the terms of the License "Eclipse Public License v1.0"
sl@0
     6
* which accompanies this distribution, and is available
sl@0
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0
     8
*
sl@0
     9
* Initial Contributors:
sl@0
    10
* Nokia Corporation - initial contribution.
sl@0
    11
*
sl@0
    12
* Contributors:
sl@0
    13
*
sl@0
    14
* Description: 
sl@0
    15
* tcertuils.cpp
sl@0
    16
*
sl@0
    17
*/
sl@0
    18
sl@0
    19
sl@0
    20
#include "tcertutils.h"
sl@0
    21
#include <wtlscert.h>
sl@0
    22
#include <certificateapps.h>
sl@0
    23
#include "t_input.h"
sl@0
    24
#include <ccertattributefilter.h>
sl@0
    25
#include <cctcertinfo.h>
sl@0
    26
#include <mctwritablecertstore.h>
sl@0
    27
sl@0
    28
sl@0
    29
EXPORT_C CCertUtils* CCertUtils::NewL(RFs& aFs)
sl@0
    30
	{
sl@0
    31
	CCertUtils* self = CCertUtils::NewLC(aFs);
sl@0
    32
	CleanupStack::Pop(self);
sl@0
    33
	return self;
sl@0
    34
	}
sl@0
    35
sl@0
    36
EXPORT_C CCertUtils* CCertUtils::NewLC(RFs& aFs)
sl@0
    37
	{
sl@0
    38
	CCertUtils* self = new(ELeave) CCertUtils(aFs);
sl@0
    39
	CleanupStack::PushL(self);
sl@0
    40
	self->ConstructL();
sl@0
    41
	return self;
sl@0
    42
	}
sl@0
    43
sl@0
    44
CCertUtils::CCertUtils(RFs& aFs)
sl@0
    45
: CActive(EPriorityNormal), iFs(aFs)
sl@0
    46
	{
sl@0
    47
	CActiveScheduler::Add(this);
sl@0
    48
	}
sl@0
    49
sl@0
    50
EXPORT_C CCertUtils::~CCertUtils()
sl@0
    51
	{
sl@0
    52
	Cancel();
sl@0
    53
sl@0
    54
	delete iCertificate;
sl@0
    55
	delete iCreatedUnifiedCertStore;
sl@0
    56
	
sl@0
    57
	delete iCertData;
sl@0
    58
	delete iLabelData;
sl@0
    59
	delete iSecondCertUtils;
sl@0
    60
sl@0
    61
	delete iCAFilter;
sl@0
    62
	delete iUserFilter;
sl@0
    63
sl@0
    64
	iCACertStoreEntries.Close();		// The entries are owned by us
sl@0
    65
	iUserCertStoreEntries.Close();		// The entries are owned by us
sl@0
    66
	iTrusters.Close();
sl@0
    67
	}
sl@0
    68
sl@0
    69
/**
sl@0
    70
This function handles all the asynchronous calls. There is at least 
sl@0
    71
one state for each of the functions of CCertUtils that requires 
sl@0
    72
asynchronicity.
sl@0
    73
*/
sl@0
    74
void CCertUtils::RunL()
sl@0
    75
	{
sl@0
    76
	if (iStatus != KErrNone)
sl@0
    77
        {
sl@0
    78
        User::RequestComplete(iOriginalRequestStatus, iStatus.Int());
sl@0
    79
        return;
sl@0
    80
        }
sl@0
    81
sl@0
    82
	switch (iState)
sl@0
    83
		{
sl@0
    84
		// Used for AddCACerts
sl@0
    85
		case EAddCACerts:
sl@0
    86
			HandleEAddCACertsL();
sl@0
    87
			break;
sl@0
    88
sl@0
    89
		// Used for AddCert
sl@0
    90
		case EAddCert:
sl@0
    91
			TRAPD(err, HandleEAddCACertL());
sl@0
    92
			if (err != KErrNone)
sl@0
    93
				{
sl@0
    94
				iDiagnosticState = EAddCert;
sl@0
    95
                User::RequestComplete(iOriginalRequestStatus, err);
sl@0
    96
				}
sl@0
    97
			break;
sl@0
    98
		case EAddCACertGetCAEntry:
sl@0
    99
			HandleEAddCACertGetCAEntry();
sl@0
   100
			break;
sl@0
   101
		case EAddCACertSetApplications:
sl@0
   102
			HandleEAddCACertSetApplicationsL();
sl@0
   103
			break;
sl@0
   104
		case EAddCACertSetTrust:
sl@0
   105
			HandleEAddCACertSetTrust();
sl@0
   106
			break;
sl@0
   107
		case EAddCACertFinished:
sl@0
   108
			HandleEAddCACertFinishedL();
sl@0
   109
			delete iCreatedUnifiedCertStore;
sl@0
   110
			iCreatedUnifiedCertStore = 0;
sl@0
   111
			break;
sl@0
   112
sl@0
   113
		// Used for RemoveCerts
sl@0
   114
		case ERemoveCertsGetCACerts:
sl@0
   115
			HandleERemoveCertsGetCACerts();
sl@0
   116
			break;
sl@0
   117
		case ERemoveCertsCACertsRetrieved:
sl@0
   118
			HandleERemoveCertsCACertsRetrieved();
sl@0
   119
			break;
sl@0
   120
		case ERemoveCertsRemoveCACerts:
sl@0
   121
			HandleERemoveCertsRemoveCACerts();
sl@0
   122
			break;
sl@0
   123
		case ERemoveCertsGetUserCerts:
sl@0
   124
			HandleERemoveCertsGetUserCerts();
sl@0
   125
			break;
sl@0
   126
		case ERemoveCertsUserCertsRetrieved:
sl@0
   127
			HandleERemoveCertsUserCertsRetrieved();
sl@0
   128
			break;
sl@0
   129
		case ERemoveCertsRemoveUserCerts:
sl@0
   130
			HandleERemoveCertsRemoveUserCerts();
sl@0
   131
			break;
sl@0
   132
		case ERemoveCertsFinished:
sl@0
   133
			HandleERemoveCertsFinished();
sl@0
   134
			delete iCreatedUnifiedCertStore;
sl@0
   135
			iCreatedUnifiedCertStore = 0;
sl@0
   136
			break;
sl@0
   137
sl@0
   138
		default:
sl@0
   139
			break;
sl@0
   140
		}
sl@0
   141
	}
sl@0
   142
sl@0
   143
TInt CCertUtils::RunError(TInt aError)
sl@0
   144
    {
sl@0
   145
	User::RequestComplete(iOriginalRequestStatus, aError);
sl@0
   146
    return KErrNone;
sl@0
   147
    }
sl@0
   148
sl@0
   149
void CCertUtils::DoCancel()
sl@0
   150
	{
sl@0
   151
	if (iSecondCertUtils)
sl@0
   152
		iSecondCertUtils->Cancel();
sl@0
   153
sl@0
   154
	if (iUnifiedCertStore)
sl@0
   155
		{
sl@0
   156
		iUnifiedCertStore->Cancel();
sl@0
   157
		if (iUnifiedCertStore->WritableCertStoreCount() != 0)
sl@0
   158
			{
sl@0
   159
			MCTWritableCertStore *store;
sl@0
   160
			store = &iUnifiedCertStore->WritableCertStore(0);
sl@0
   161
			store->CancelRemove();
sl@0
   162
			store->CancelSetApplicability();
sl@0
   163
			}
sl@0
   164
		}
sl@0
   165
sl@0
   166
	if (iStore)
sl@0
   167
		iStore->CancelAdd();
sl@0
   168
	}
sl@0
   169
sl@0
   170
EXPORT_C CCertificate* CCertUtils::CertFromFileLC(const TDesC& aFilename, 
sl@0
   171
												  const TDesC& aPathname, 
sl@0
   172
												  RFs& aFs,
sl@0
   173
												  TCertificateFormat aFormat)
sl@0
   174
	{
sl@0
   175
	TFileName fullname;
sl@0
   176
	fullname.Append(aPathname);
sl@0
   177
	fullname.Append(aFilename);
sl@0
   178
	HBufC8* certBuf = Input::ReadFileLC(fullname, aFs);
sl@0
   179
	CCertificate* cert = 0;
sl@0
   180
	if (aFormat == EX509Certificate)
sl@0
   181
		{
sl@0
   182
		cert = CX509Certificate::NewLC(*certBuf);
sl@0
   183
		}
sl@0
   184
	else if (aFormat == EWTLSCertificate)
sl@0
   185
		{
sl@0
   186
		cert = CWTLSCertificate::NewLC(*certBuf);
sl@0
   187
		}
sl@0
   188
	CleanupStack::Pop();//cert
sl@0
   189
	CleanupStack::PopAndDestroy();//buf
sl@0
   190
	CleanupStack::PushL(cert);
sl@0
   191
	return cert;
sl@0
   192
	}
sl@0
   193
sl@0
   194
EXPORT_C CCertificate* CCertUtils::CertFromFileL(const TDesC& aFilename,
sl@0
   195
												 const TDesC& aPathname,
sl@0
   196
												 RFs& aFs,
sl@0
   197
												 TCertificateFormat aFormat)
sl@0
   198
	{
sl@0
   199
	CCertificate* cert = CertFromFileLC(aFilename, aPathname, aFs, aFormat);
sl@0
   200
	CleanupStack::Pop();
sl@0
   201
	return cert;
sl@0
   202
	}
sl@0
   203
sl@0
   204
EXPORT_C void CCertUtils::AddCertL(const TDesC& aLabel,
sl@0
   205
								  TCertificateFormat aFormat,
sl@0
   206
								  TCertificateOwnerType aCertificateOwnerType, 
sl@0
   207
								  TInt aTrustedUsage, 
sl@0
   208
								  const TDesC& aCertificatePath, 
sl@0
   209
								  const TDesC& aCertificateFileName,
sl@0
   210
								  TRequestStatus& aStatus)
sl@0
   211
	{
sl@0
   212
	iOriginalRequestStatus = &aStatus;
sl@0
   213
	aStatus = KRequestPending;
sl@0
   214
sl@0
   215
	// We set up the member variable as required for this function
sl@0
   216
	iCertificateFileName = &aCertificateFileName;
sl@0
   217
	iLabel = &aLabel;
sl@0
   218
	iFormat = aFormat;
sl@0
   219
	iTrustedUsage = aTrustedUsage;
sl@0
   220
	iPath = &aCertificatePath;
sl@0
   221
	iCertificateOwnerType = aCertificateOwnerType;
sl@0
   222
sl@0
   223
	if (iCreatedUnifiedCertStore)
sl@0
   224
		{
sl@0
   225
		delete iCreatedUnifiedCertStore;
sl@0
   226
		}
sl@0
   227
sl@0
   228
	iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue);	// We want to open it for 
sl@0
   229
																	// writing
sl@0
   230
	iUnifiedCertStore = iCreatedUnifiedCertStore;
sl@0
   231
	iCreatedUnifiedCertStore->Initialize(iStatus);
sl@0
   232
	iState = EAddCert;
sl@0
   233
	SetActive();
sl@0
   234
	}
sl@0
   235
sl@0
   236
EXPORT_C void CCertUtils::AddCert(const TDesC& aLabel,
sl@0
   237
								  TCertificateFormat aFormat,
sl@0
   238
								  TCertificateOwnerType aCertificateOwnerType, 
sl@0
   239
								  TInt aTrustedUsage, 
sl@0
   240
								  const TDesC& aCertificatePath, 
sl@0
   241
								  const TDesC& aCertificateFileName,
sl@0
   242
								  CUnifiedCertStore& aUnifiedCertStore,
sl@0
   243
								  TRequestStatus& aStatus)
sl@0
   244
	{
sl@0
   245
	iOriginalRequestStatus = &aStatus;
sl@0
   246
	aStatus = KRequestPending;
sl@0
   247
sl@0
   248
	// We set up the member variable as required for this function
sl@0
   249
	iCertificateFileName = &aCertificateFileName;
sl@0
   250
	iLabel = &aLabel;
sl@0
   251
	iFormat = aFormat;
sl@0
   252
	iTrustedUsage = aTrustedUsage;
sl@0
   253
	iPath = &aCertificatePath;
sl@0
   254
	iCertificateOwnerType = aCertificateOwnerType;
sl@0
   255
	iUnifiedCertStore = &aUnifiedCertStore;
sl@0
   256
	
sl@0
   257
	iState = EAddCert;
sl@0
   258
	SetActive();
sl@0
   259
	TRequestStatus* status = &iStatus;
sl@0
   260
	User::RequestComplete(status, KErrNone);
sl@0
   261
	}
sl@0
   262
sl@0
   263
EXPORT_C void CCertUtils::AddCACertsL(const CDesCArray& aRoots,
sl@0
   264
									  const CDesCArray& aLabels,
sl@0
   265
									  TCertificateFormat aFormat,
sl@0
   266
									  TInt aTrustedUsage, 									
sl@0
   267
									  const TDesC& aPath,
sl@0
   268
									  TRequestStatus& aStatus)
sl@0
   269
	{
sl@0
   270
	iOriginalRequestStatus = &aStatus;
sl@0
   271
	aStatus = KRequestPending;
sl@0
   272
sl@0
   273
	// We set up the member variable as required for this function
sl@0
   274
	iRoots = &aRoots;
sl@0
   275
	iFormat = aFormat;
sl@0
   276
	iLabels = &aLabels;	
sl@0
   277
	iTrustedUsage = aTrustedUsage;
sl@0
   278
	iPath = &aPath;
sl@0
   279
	
sl@0
   280
	iIndex = -1;	// -1 because it will be incremented before its first use
sl@0
   281
	if (!iSecondCertUtils)
sl@0
   282
		{
sl@0
   283
		iSecondCertUtils = CCertUtils::NewL(iFs);
sl@0
   284
		}
sl@0
   285
sl@0
   286
	if (iCreatedUnifiedCertStore)
sl@0
   287
		{
sl@0
   288
		delete iCreatedUnifiedCertStore;
sl@0
   289
		}
sl@0
   290
sl@0
   291
	iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue);	// We want to open it for 
sl@0
   292
																	// writing
sl@0
   293
	iUnifiedCertStore = iCreatedUnifiedCertStore;
sl@0
   294
	iCreatedUnifiedCertStore->Initialize(iStatus);
sl@0
   295
sl@0
   296
	iState = EAddCACerts;
sl@0
   297
	SetActive();
sl@0
   298
	}
sl@0
   299
sl@0
   300
EXPORT_C void CCertUtils::AddCACertsL(const CDesCArray& aRoots,
sl@0
   301
									  const CDesCArray& aLabels,
sl@0
   302
									  TCertificateFormat aFormat,
sl@0
   303
									  TInt aTrustedUsage, 									
sl@0
   304
									  const TDesC& aPath,
sl@0
   305
									  CUnifiedCertStore& aUnifiedCertStore, 
sl@0
   306
									  TRequestStatus& aStatus)
sl@0
   307
	{
sl@0
   308
	iOriginalRequestStatus = &aStatus;
sl@0
   309
	aStatus = KRequestPending;
sl@0
   310
sl@0
   311
	// We set up the member variable as required for this function
sl@0
   312
	iRoots = &aRoots;
sl@0
   313
	iFormat = aFormat;
sl@0
   314
	iLabels = &aLabels;
sl@0
   315
	iTrustedUsage = aTrustedUsage;
sl@0
   316
	iPath = &aPath;
sl@0
   317
	iUnifiedCertStore = &aUnifiedCertStore;
sl@0
   318
sl@0
   319
	iIndex = -1;	// -1 because it will be incremented before its first use
sl@0
   320
	if (!iSecondCertUtils)
sl@0
   321
		{
sl@0
   322
		iSecondCertUtils = CCertUtils::NewL(iFs);
sl@0
   323
		}
sl@0
   324
sl@0
   325
	iState = EAddCACerts;
sl@0
   326
	SetActive();
sl@0
   327
	TRequestStatus* status = &iStatus;
sl@0
   328
	User::RequestComplete(status, KErrNone);
sl@0
   329
	}
sl@0
   330
sl@0
   331
EXPORT_C void CCertUtils::RemoveCertsL(CUnifiedCertStore& aUnifiedCertStore,
sl@0
   332
									   TRequestStatus& aStatus)
sl@0
   333
	{
sl@0
   334
	iOriginalRequestStatus = &aStatus;
sl@0
   335
	aStatus = KRequestPending;	
sl@0
   336
	iUnifiedCertStore = &aUnifiedCertStore;
sl@0
   337
sl@0
   338
	iState = ERemoveCertsGetCACerts;
sl@0
   339
	TRequestStatus* status = &iStatus;
sl@0
   340
	User::RequestComplete(status, KErrNone);
sl@0
   341
	SetActive();
sl@0
   342
	}
sl@0
   343
sl@0
   344
EXPORT_C void CCertUtils::RemoveCertsL(TRequestStatus& aStatus)
sl@0
   345
	{
sl@0
   346
	iOriginalRequestStatus = &aStatus;
sl@0
   347
	aStatus = KRequestPending;	
sl@0
   348
	iState = ERemoveCertsGetCACerts;
sl@0
   349
	
sl@0
   350
	if (iCreatedUnifiedCertStore)
sl@0
   351
		{
sl@0
   352
		delete iCreatedUnifiedCertStore;
sl@0
   353
		}
sl@0
   354
	
sl@0
   355
	iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue);	// We want to open it for 
sl@0
   356
																	// writing
sl@0
   357
	iUnifiedCertStore = iCreatedUnifiedCertStore;
sl@0
   358
	iCreatedUnifiedCertStore->Initialize(iStatus);
sl@0
   359
	SetActive();
sl@0
   360
	}
sl@0
   361
sl@0
   362
EXPORT_C void CCertUtils::WriteError(TValidationError aError, Output& aOut)
sl@0
   363
	{
sl@0
   364
	aOut.writeString(CCertUtils::MapError(aError));
sl@0
   365
	}
sl@0
   366
sl@0
   367
EXPORT_C TPtrC CCertUtils::MapError(TValidationError aError)
sl@0
   368
	{
sl@0
   369
sl@0
   370
	switch(aError)
sl@0
   371
		{
sl@0
   372
		//errors
sl@0
   373
		case EValidatedOK:
sl@0
   374
			{
sl@0
   375
			return (_L("Validated OK"));
sl@0
   376
			}
sl@0
   377
		case EChainHasNoRoot:
sl@0
   378
			{
sl@0
   379
			return(_L("Chain has no root"));
sl@0
   380
			}
sl@0
   381
		case ESignatureInvalid:
sl@0
   382
			{
sl@0
   383
			return(_L("Signature invalid"));
sl@0
   384
			}
sl@0
   385
		case EDateOutOfRange:
sl@0
   386
			{
sl@0
   387
			return(_L("Date out of range"));
sl@0
   388
			}
sl@0
   389
		case ENameIsExcluded:
sl@0
   390
			{
sl@0
   391
			return(_L("Name is excluded"));
sl@0
   392
			}
sl@0
   393
		case ENameNotPermitted:
sl@0
   394
			{
sl@0
   395
			return(_L("Name is not permitted"));
sl@0
   396
			}
sl@0
   397
		case ECertificateRevoked:
sl@0
   398
			{
sl@0
   399
			return(_L("Certificate revoked"));
sl@0
   400
			}
sl@0
   401
		case EUnrecognizedCriticalExtension:
sl@0
   402
			{
sl@0
   403
			return(_L("Unrecognized Critical Extension"));
sl@0
   404
			}
sl@0
   405
		case ENoBasicConstraintInCACert:
sl@0
   406
			{
sl@0
   407
			return(_L("CA cert with no Basic Constraint"));
sl@0
   408
			}
sl@0
   409
		case ENoAcceptablePolicy:
sl@0
   410
			{
sl@0
   411
			return(_L("No acceptable policy"));
sl@0
   412
			}
sl@0
   413
		case EPathTooLong:
sl@0
   414
			{
sl@0
   415
			return(_L("Path too long"));
sl@0
   416
			}
sl@0
   417
		case ENegativePathLengthSpecified:
sl@0
   418
			{
sl@0
   419
			return(_L("Negative path length specified"));
sl@0
   420
			}
sl@0
   421
		case ENamesDontChain:
sl@0
   422
			{
sl@0
   423
			return(_L("Names don't chain"));
sl@0
   424
			}
sl@0
   425
		case ERequiredPolicyNotFound:
sl@0
   426
			{
sl@0
   427
			return(_L("Required policy not found"));
sl@0
   428
			}
sl@0
   429
		case EBadKeyUsage:
sl@0
   430
			{
sl@0
   431
			return(_L("Bad key usage"));
sl@0
   432
			}
sl@0
   433
		case ENotCACert:
sl@0
   434
			{
sl@0
   435
			return(_L("Non-CA cert used as CA cert"));
sl@0
   436
			}
sl@0
   437
		//warnings
sl@0
   438
		case ERootCertNotSelfSigned:
sl@0
   439
			{
sl@0
   440
			return(_L("Root cert not self-signed"));
sl@0
   441
			}
sl@0
   442
		case ECriticalExtendedKeyUsage:
sl@0
   443
			{
sl@0
   444
			return(_L("Critical extended key usage"));
sl@0
   445
			}
sl@0
   446
		case ECriticalCertPoliciesWithQualifiers:
sl@0
   447
			{
sl@0
   448
			return(_L("Critical cert policies with qualifiers"));
sl@0
   449
			}
sl@0
   450
		case ECriticalPolicyMapping:
sl@0
   451
			{
sl@0
   452
			return(_L("Critical policy mapping"));
sl@0
   453
			}
sl@0
   454
		case ECriticalDeviceId:
sl@0
   455
			{
sl@0
   456
			return(_L("Critical Device Id"));
sl@0
   457
			}
sl@0
   458
		case ECriticalSid:
sl@0
   459
			{
sl@0
   460
			return(_L("Critical Sid"));
sl@0
   461
			}
sl@0
   462
		case ECriticalVid:
sl@0
   463
			{
sl@0
   464
			return(_L("Critical Vid"));
sl@0
   465
			}
sl@0
   466
		case ECriticalCapabilities:
sl@0
   467
			{
sl@0
   468
			return(_L("Critical Capabilities"));
sl@0
   469
			}
sl@0
   470
		}
sl@0
   471
	return (_L("Unknown Error"));
sl@0
   472
	}
sl@0
   473
sl@0
   474
sl@0
   475
EXPORT_C HBufC* CCertUtils::DiagnosticLC() const
sl@0
   476
	{
sl@0
   477
	HBufC* result = HBufC::NewLC(600);
sl@0
   478
	switch (iDiagnosticState)
sl@0
   479
		{
sl@0
   480
		case EAddCert:
sl@0
   481
			result->Des().Append(_L("EAddCACert"));
sl@0
   482
			result->Des().Append(_L(" : "));
sl@0
   483
			result->Des().Append(iDiagnosticMessage);
sl@0
   484
			break;
sl@0
   485
sl@0
   486
		default:
sl@0
   487
			break;
sl@0
   488
		}
sl@0
   489
sl@0
   490
	return result;
sl@0
   491
	}
sl@0
   492
sl@0
   493
EXPORT_C void CCertUtils::AddApplicationL(const TDesC& aName, TUid aUid) const
sl@0
   494
	{
sl@0
   495
	CCertificateAppInfoManager* appManager = CCertificateAppInfoManager::NewL(iFs, ETrue);
sl@0
   496
	CleanupStack::PushL(appManager);
sl@0
   497
sl@0
   498
	// Only add the application if it doesn't exist already
sl@0
   499
	const RArray<TCertificateAppInfo>& apps = appManager->Applications();
sl@0
   500
	TInt i;
sl@0
   501
	for (i = 0 ; i < apps.Count() ; ++i)
sl@0
   502
		{
sl@0
   503
		if (apps[i].Id() == aUid && apps[i].Name() == aName)
sl@0
   504
			break;
sl@0
   505
		}
sl@0
   506
sl@0
   507
	if (i == apps.Count())
sl@0
   508
		{
sl@0
   509
		appManager->AddL(TCertificateAppInfo(aUid, aName));
sl@0
   510
		}
sl@0
   511
	
sl@0
   512
	CleanupStack::PopAndDestroy(appManager);
sl@0
   513
	}
sl@0
   514
sl@0
   515
EXPORT_C void CCertUtils::RemoveApplicationL(TUid aUid) const
sl@0
   516
	{
sl@0
   517
	CCertificateAppInfoManager* appManager = CCertificateAppInfoManager::NewL(iFs, ETrue);
sl@0
   518
	CleanupStack::PushL(appManager);
sl@0
   519
	appManager->RemoveL(aUid);
sl@0
   520
	CleanupStack::PopAndDestroy(appManager);
sl@0
   521
	}
sl@0
   522
sl@0
   523
sl@0
   524
void CCertUtils::ConstructL()
sl@0
   525
	{
sl@0
   526
	iCAFilter = CCertAttributeFilter::NewL();
sl@0
   527
	iCAFilter->SetOwnerType(ECACertificate);
sl@0
   528
	iUserFilter = CCertAttributeFilter::NewL();
sl@0
   529
	iUserFilter->SetOwnerType(EUserCertificate);
sl@0
   530
	}
sl@0
   531
sl@0
   532
void CCertUtils::HandleEAddCACertsL()
sl@0
   533
	{
sl@0
   534
	iIndex++;
sl@0
   535
	if (iIndex < iRoots->Count())
sl@0
   536
		{
sl@0
   537
		// We still have some certificates to add
sl@0
   538
		if (iCertData)
sl@0
   539
			{	
sl@0
   540
			delete iCertData;
sl@0
   541
			iCertData = 0;
sl@0
   542
			}
sl@0
   543
		iCertData = iRoots->MdcaPoint(iIndex).AllocL();
sl@0
   544
		if (iLabelData)
sl@0
   545
			{
sl@0
   546
			delete iLabelData;
sl@0
   547
			iLabelData = 0;
sl@0
   548
			}
sl@0
   549
		iLabelData = iLabels->MdcaPoint(iIndex).AllocL();
sl@0
   550
		iSecondCertUtils->AddCert(*iLabelData, iFormat, ECACertificate,
sl@0
   551
			iTrustedUsage, *iPath, *iCertData, *iUnifiedCertStore, iStatus);
sl@0
   552
		SetActive();
sl@0
   553
		}
sl@0
   554
	else
sl@0
   555
		{
sl@0
   556
		// We have finished adding all the certificates
sl@0
   557
		delete iSecondCertUtils;
sl@0
   558
		iSecondCertUtils = 0;
sl@0
   559
		delete iCreatedUnifiedCertStore;
sl@0
   560
		iCreatedUnifiedCertStore = 0;
sl@0
   561
		User::RequestComplete(iOriginalRequestStatus, KErrNone);
sl@0
   562
		}
sl@0
   563
	}
sl@0
   564
sl@0
   565
void CCertUtils::HandleEAddCACertL()
sl@0
   566
	{
sl@0
   567
	// At this stage we should always have an initialized iStoreManager
sl@0
   568
	__ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
sl@0
   569
	
sl@0
   570
	// We use the first writable certstore
sl@0
   571
	iStore = &iUnifiedCertStore->WritableCertStore(0);
sl@0
   572
		
sl@0
   573
	__ASSERT_DEBUG(!iCertificate, User::Panic(_L("TCertUtils"), 1));
sl@0
   574
	iCertificate = 0;
sl@0
   575
	TRAPD(err, iCertificate =
sl@0
   576
		CCertUtils::CertFromFileL(*iCertificateFileName, *iPath, iFs, iFormat));
sl@0
   577
	if (err != KErrNone)
sl@0
   578
		{
sl@0
   579
		if (err != KErrNoMemory)
sl@0
   580
			{
sl@0
   581
			iDiagnosticMessage.Zero();
sl@0
   582
			iDiagnosticMessage.Append(_L("CertFromFileL failed ("));
sl@0
   583
			iDiagnosticMessage.Append(*iCertificateFileName);
sl@0
   584
			iDiagnosticMessage.Append(_L(")"));
sl@0
   585
			}
sl@0
   586
		User::Leave(err);
sl@0
   587
		}
sl@0
   588
	iEncoding.Set(iCertificate->Encoding());
sl@0
   589
	iStore->Add(*iLabel, iFormat, iCertificateOwnerType, 0, 0, iEncoding, iStatus);
sl@0
   590
	iState = EAddCACertGetCAEntry;
sl@0
   591
	SetActive();
sl@0
   592
	}
sl@0
   593
sl@0
   594
void CCertUtils::HandleEAddCACertGetCAEntry()
sl@0
   595
	{
sl@0
   596
	delete iCertificate;
sl@0
   597
	iCertificate = 0;
sl@0
   598
	iCACertStoreEntries.Close();
sl@0
   599
	iUnifiedCertStore->List(iCACertStoreEntries, *iCAFilter, iStatus);
sl@0
   600
	iState = EAddCACertSetApplications;
sl@0
   601
	SetActive();
sl@0
   602
	}
sl@0
   603
sl@0
   604
void CCertUtils::HandleEAddCACertSetApplicationsL()
sl@0
   605
	{
sl@0
   606
	CCTCertInfo* entry = 0;
sl@0
   607
	TInt iEnd = iCACertStoreEntries.Count();
sl@0
   608
	for (TInt i = 0; i < iEnd; i++)
sl@0
   609
		{
sl@0
   610
		if (iCACertStoreEntries[i]->Label() == *iLabel)
sl@0
   611
			{
sl@0
   612
			entry = iCACertStoreEntries[i];
sl@0
   613
			}
sl@0
   614
		}
sl@0
   615
sl@0
   616
	__ASSERT_ALWAYS(entry, User::Panic(_L("TCertUtils"), 1));
sl@0
   617
sl@0
   618
	iTrusters.Reset();
sl@0
   619
	TUid truster = { iTrustedUsage };
sl@0
   620
	User::LeaveIfError(iTrusters.Append(truster));
sl@0
   621
	
sl@0
   622
	iUnifiedCertStore->SetApplicability(*entry, iTrusters, iStatus);
sl@0
   623
	iState = EAddCACertSetTrust;
sl@0
   624
	SetActive();
sl@0
   625
	}
sl@0
   626
sl@0
   627
void CCertUtils::HandleEAddCACertSetTrust()
sl@0
   628
	{
sl@0
   629
	CCTCertInfo* entry = 0;
sl@0
   630
	TInt iEnd = iCACertStoreEntries.Count();
sl@0
   631
	for (TInt i = 0; i < iEnd; i++)
sl@0
   632
		{
sl@0
   633
		if (iCACertStoreEntries[i]->Label() == *iLabel)
sl@0
   634
			{
sl@0
   635
			entry = iCACertStoreEntries[i];
sl@0
   636
			}
sl@0
   637
		}
sl@0
   638
sl@0
   639
	__ASSERT_ALWAYS(entry, User::Panic(_L("TCertUtils"), 1));
sl@0
   640
sl@0
   641
	iUnifiedCertStore->SetTrust(*entry, ETrue, iStatus);
sl@0
   642
	iState = EAddCACertFinished;
sl@0
   643
	SetActive();
sl@0
   644
	}
sl@0
   645
sl@0
   646
void CCertUtils::HandleEAddCACertFinishedL()
sl@0
   647
	{
sl@0
   648
	User::RequestComplete(iOriginalRequestStatus, iStatus.Int());
sl@0
   649
	}
sl@0
   650
sl@0
   651
void CCertUtils::HandleERemoveCertsGetCACerts()
sl@0
   652
	{
sl@0
   653
	// At this stage we should always have an initialized iStoreManager
sl@0
   654
	__ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
sl@0
   655
sl@0
   656
	iCACertStoreEntries.Close();
sl@0
   657
	iUnifiedCertStore->List(iCACertStoreEntries, *iCAFilter, iStatus);
sl@0
   658
sl@0
   659
	iState = ERemoveCertsCACertsRetrieved;
sl@0
   660
	SetActive();
sl@0
   661
	}
sl@0
   662
sl@0
   663
void CCertUtils::HandleERemoveCertsCACertsRetrieved()
sl@0
   664
	{
sl@0
   665
	// This index will be used to keep track of the current entry
sl@0
   666
	iIndex = -1;
sl@0
   667
sl@0
   668
	iState = ERemoveCertsRemoveCACerts;
sl@0
   669
	TRequestStatus* status = &iStatus;
sl@0
   670
	SetActive();
sl@0
   671
	User::RequestComplete(status, KErrNone);
sl@0
   672
	}
sl@0
   673
sl@0
   674
void CCertUtils::HandleERemoveCertsRemoveCACerts()
sl@0
   675
	{
sl@0
   676
	iIndex++;
sl@0
   677
	if (iIndex < iCACertStoreEntries.Count())
sl@0
   678
		{
sl@0
   679
		// Remove this certificate if it can be deleted.
sl@0
   680
		
sl@0
   681
		CCTCertInfo& cert = *iCACertStoreEntries[iIndex];
sl@0
   682
		
sl@0
   683
		// Unfortunately, certs in non-writable stores can still be
sl@0
   684
		// marked as deletable, so need to check if cert is also in a
sl@0
   685
		// writable store.
sl@0
   686
		
sl@0
   687
		TBool isDeletable = cert.IsDeletable();
sl@0
   688
		
sl@0
   689
		TBool inWritableStore = EFalse;
sl@0
   690
		
sl@0
   691
		TCTTokenObjectHandle certHandle(cert.Handle());
sl@0
   692
		TInt writeStoreCount = iUnifiedCertStore->WritableCertStoreCount();
sl@0
   693
		for (TInt i = 0; i < writeStoreCount; ++i)
sl@0
   694
			{
sl@0
   695
			MCTWritableCertStore& wcs = iUnifiedCertStore->WritableCertStore(i);
sl@0
   696
			if (wcs.Token().Handle() == certHandle.iTokenHandle)
sl@0
   697
				{
sl@0
   698
				inWritableStore = ETrue;
sl@0
   699
				break;
sl@0
   700
				}
sl@0
   701
			}
sl@0
   702
		
sl@0
   703
		if (isDeletable && inWritableStore)
sl@0
   704
			{
sl@0
   705
			iUnifiedCertStore->Remove(cert, iStatus);
sl@0
   706
			SetActive();
sl@0
   707
			}
sl@0
   708
		else
sl@0
   709
			{
sl@0
   710
			TRequestStatus* status = &iStatus;
sl@0
   711
			SetActive();
sl@0
   712
			User::RequestComplete(status, KErrNone);
sl@0
   713
			}
sl@0
   714
		}
sl@0
   715
	else
sl@0
   716
		{
sl@0
   717
		iState = ERemoveCertsGetUserCerts;
sl@0
   718
		TRequestStatus* status = &iStatus;
sl@0
   719
		SetActive();
sl@0
   720
		User::RequestComplete(status, KErrNone);
sl@0
   721
		}
sl@0
   722
	}
sl@0
   723
sl@0
   724
void CCertUtils::HandleERemoveCertsGetUserCerts()
sl@0
   725
	{
sl@0
   726
	// At this stage we should always have an initialized iStoreManager
sl@0
   727
	__ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
sl@0
   728
sl@0
   729
	iUserCertStoreEntries.Close();
sl@0
   730
	iUnifiedCertStore->List(iUserCertStoreEntries, *iUserFilter, iStatus);
sl@0
   731
sl@0
   732
	iState = ERemoveCertsUserCertsRetrieved;
sl@0
   733
	SetActive();
sl@0
   734
	}
sl@0
   735
sl@0
   736
void CCertUtils::HandleERemoveCertsUserCertsRetrieved()
sl@0
   737
	{
sl@0
   738
	iIndex = -1;
sl@0
   739
sl@0
   740
	iState = ERemoveCertsRemoveUserCerts;
sl@0
   741
	TRequestStatus* status = &iStatus;
sl@0
   742
	SetActive();
sl@0
   743
	User::RequestComplete(status, KErrNone);
sl@0
   744
	}
sl@0
   745
sl@0
   746
void CCertUtils::HandleERemoveCertsRemoveUserCerts()
sl@0
   747
	{
sl@0
   748
	// At this stage we should always have an initialized iStoreManager
sl@0
   749
	__ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
sl@0
   750
sl@0
   751
	iIndex++;
sl@0
   752
	if (iIndex < iUserCertStoreEntries.Count())
sl@0
   753
		{
sl@0
   754
		iUnifiedCertStore->Remove(*iUserCertStoreEntries[iIndex], iStatus);
sl@0
   755
		SetActive();
sl@0
   756
		}
sl@0
   757
	else
sl@0
   758
		{
sl@0
   759
		iState = ERemoveCertsFinished;
sl@0
   760
		TRequestStatus* status = &iStatus;
sl@0
   761
		SetActive();
sl@0
   762
		User::RequestComplete(status, KErrNone);
sl@0
   763
		}
sl@0
   764
	}
sl@0
   765
sl@0
   766
void CCertUtils::HandleERemoveCertsFinished()
sl@0
   767
	{
sl@0
   768
	User::RequestComplete(iOriginalRequestStatus, KErrNone);
sl@0
   769
	}
sl@0
   770