sl@0
|
1 |
/*
|
sl@0
|
2 |
* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
|
sl@0
|
3 |
* All rights reserved.
|
sl@0
|
4 |
* This component and the accompanying materials are made available
|
sl@0
|
5 |
* under the terms of the License "Eclipse Public License v1.0"
|
sl@0
|
6 |
* which accompanies this distribution, and is available
|
sl@0
|
7 |
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
|
sl@0
|
8 |
*
|
sl@0
|
9 |
* Initial Contributors:
|
sl@0
|
10 |
* Nokia Corporation - initial contribution.
|
sl@0
|
11 |
*
|
sl@0
|
12 |
* Contributors:
|
sl@0
|
13 |
*
|
sl@0
|
14 |
* Description:
|
sl@0
|
15 |
* tcertuils.cpp
|
sl@0
|
16 |
*
|
sl@0
|
17 |
*/
|
sl@0
|
18 |
|
sl@0
|
19 |
|
sl@0
|
20 |
#include "tcertutils.h"
|
sl@0
|
21 |
#include <wtlscert.h>
|
sl@0
|
22 |
#include <certificateapps.h>
|
sl@0
|
23 |
#include "t_input.h"
|
sl@0
|
24 |
#include <ccertattributefilter.h>
|
sl@0
|
25 |
#include <cctcertinfo.h>
|
sl@0
|
26 |
#include <mctwritablecertstore.h>
|
sl@0
|
27 |
|
sl@0
|
28 |
|
sl@0
|
29 |
EXPORT_C CCertUtils* CCertUtils::NewL(RFs& aFs)
|
sl@0
|
30 |
{
|
sl@0
|
31 |
CCertUtils* self = CCertUtils::NewLC(aFs);
|
sl@0
|
32 |
CleanupStack::Pop(self);
|
sl@0
|
33 |
return self;
|
sl@0
|
34 |
}
|
sl@0
|
35 |
|
sl@0
|
36 |
EXPORT_C CCertUtils* CCertUtils::NewLC(RFs& aFs)
|
sl@0
|
37 |
{
|
sl@0
|
38 |
CCertUtils* self = new(ELeave) CCertUtils(aFs);
|
sl@0
|
39 |
CleanupStack::PushL(self);
|
sl@0
|
40 |
self->ConstructL();
|
sl@0
|
41 |
return self;
|
sl@0
|
42 |
}
|
sl@0
|
43 |
|
sl@0
|
44 |
CCertUtils::CCertUtils(RFs& aFs)
|
sl@0
|
45 |
: CActive(EPriorityNormal), iFs(aFs)
|
sl@0
|
46 |
{
|
sl@0
|
47 |
CActiveScheduler::Add(this);
|
sl@0
|
48 |
}
|
sl@0
|
49 |
|
sl@0
|
50 |
EXPORT_C CCertUtils::~CCertUtils()
|
sl@0
|
51 |
{
|
sl@0
|
52 |
Cancel();
|
sl@0
|
53 |
|
sl@0
|
54 |
delete iCertificate;
|
sl@0
|
55 |
delete iCreatedUnifiedCertStore;
|
sl@0
|
56 |
|
sl@0
|
57 |
delete iCertData;
|
sl@0
|
58 |
delete iLabelData;
|
sl@0
|
59 |
delete iSecondCertUtils;
|
sl@0
|
60 |
|
sl@0
|
61 |
delete iCAFilter;
|
sl@0
|
62 |
delete iUserFilter;
|
sl@0
|
63 |
|
sl@0
|
64 |
iCACertStoreEntries.Close(); // The entries are owned by us
|
sl@0
|
65 |
iUserCertStoreEntries.Close(); // The entries are owned by us
|
sl@0
|
66 |
iTrusters.Close();
|
sl@0
|
67 |
}
|
sl@0
|
68 |
|
sl@0
|
69 |
/**
|
sl@0
|
70 |
This function handles all the asynchronous calls. There is at least
|
sl@0
|
71 |
one state for each of the functions of CCertUtils that requires
|
sl@0
|
72 |
asynchronicity.
|
sl@0
|
73 |
*/
|
sl@0
|
74 |
void CCertUtils::RunL()
|
sl@0
|
75 |
{
|
sl@0
|
76 |
if (iStatus != KErrNone)
|
sl@0
|
77 |
{
|
sl@0
|
78 |
User::RequestComplete(iOriginalRequestStatus, iStatus.Int());
|
sl@0
|
79 |
return;
|
sl@0
|
80 |
}
|
sl@0
|
81 |
|
sl@0
|
82 |
switch (iState)
|
sl@0
|
83 |
{
|
sl@0
|
84 |
// Used for AddCACerts
|
sl@0
|
85 |
case EAddCACerts:
|
sl@0
|
86 |
HandleEAddCACertsL();
|
sl@0
|
87 |
break;
|
sl@0
|
88 |
|
sl@0
|
89 |
// Used for AddCert
|
sl@0
|
90 |
case EAddCert:
|
sl@0
|
91 |
TRAPD(err, HandleEAddCACertL());
|
sl@0
|
92 |
if (err != KErrNone)
|
sl@0
|
93 |
{
|
sl@0
|
94 |
iDiagnosticState = EAddCert;
|
sl@0
|
95 |
User::RequestComplete(iOriginalRequestStatus, err);
|
sl@0
|
96 |
}
|
sl@0
|
97 |
break;
|
sl@0
|
98 |
case EAddCACertGetCAEntry:
|
sl@0
|
99 |
HandleEAddCACertGetCAEntry();
|
sl@0
|
100 |
break;
|
sl@0
|
101 |
case EAddCACertSetApplications:
|
sl@0
|
102 |
HandleEAddCACertSetApplicationsL();
|
sl@0
|
103 |
break;
|
sl@0
|
104 |
case EAddCACertSetTrust:
|
sl@0
|
105 |
HandleEAddCACertSetTrust();
|
sl@0
|
106 |
break;
|
sl@0
|
107 |
case EAddCACertFinished:
|
sl@0
|
108 |
HandleEAddCACertFinishedL();
|
sl@0
|
109 |
delete iCreatedUnifiedCertStore;
|
sl@0
|
110 |
iCreatedUnifiedCertStore = 0;
|
sl@0
|
111 |
break;
|
sl@0
|
112 |
|
sl@0
|
113 |
// Used for RemoveCerts
|
sl@0
|
114 |
case ERemoveCertsGetCACerts:
|
sl@0
|
115 |
HandleERemoveCertsGetCACerts();
|
sl@0
|
116 |
break;
|
sl@0
|
117 |
case ERemoveCertsCACertsRetrieved:
|
sl@0
|
118 |
HandleERemoveCertsCACertsRetrieved();
|
sl@0
|
119 |
break;
|
sl@0
|
120 |
case ERemoveCertsRemoveCACerts:
|
sl@0
|
121 |
HandleERemoveCertsRemoveCACerts();
|
sl@0
|
122 |
break;
|
sl@0
|
123 |
case ERemoveCertsGetUserCerts:
|
sl@0
|
124 |
HandleERemoveCertsGetUserCerts();
|
sl@0
|
125 |
break;
|
sl@0
|
126 |
case ERemoveCertsUserCertsRetrieved:
|
sl@0
|
127 |
HandleERemoveCertsUserCertsRetrieved();
|
sl@0
|
128 |
break;
|
sl@0
|
129 |
case ERemoveCertsRemoveUserCerts:
|
sl@0
|
130 |
HandleERemoveCertsRemoveUserCerts();
|
sl@0
|
131 |
break;
|
sl@0
|
132 |
case ERemoveCertsFinished:
|
sl@0
|
133 |
HandleERemoveCertsFinished();
|
sl@0
|
134 |
delete iCreatedUnifiedCertStore;
|
sl@0
|
135 |
iCreatedUnifiedCertStore = 0;
|
sl@0
|
136 |
break;
|
sl@0
|
137 |
|
sl@0
|
138 |
default:
|
sl@0
|
139 |
break;
|
sl@0
|
140 |
}
|
sl@0
|
141 |
}
|
sl@0
|
142 |
|
sl@0
|
143 |
TInt CCertUtils::RunError(TInt aError)
|
sl@0
|
144 |
{
|
sl@0
|
145 |
User::RequestComplete(iOriginalRequestStatus, aError);
|
sl@0
|
146 |
return KErrNone;
|
sl@0
|
147 |
}
|
sl@0
|
148 |
|
sl@0
|
149 |
void CCertUtils::DoCancel()
|
sl@0
|
150 |
{
|
sl@0
|
151 |
if (iSecondCertUtils)
|
sl@0
|
152 |
iSecondCertUtils->Cancel();
|
sl@0
|
153 |
|
sl@0
|
154 |
if (iUnifiedCertStore)
|
sl@0
|
155 |
{
|
sl@0
|
156 |
iUnifiedCertStore->Cancel();
|
sl@0
|
157 |
if (iUnifiedCertStore->WritableCertStoreCount() != 0)
|
sl@0
|
158 |
{
|
sl@0
|
159 |
MCTWritableCertStore *store;
|
sl@0
|
160 |
store = &iUnifiedCertStore->WritableCertStore(0);
|
sl@0
|
161 |
store->CancelRemove();
|
sl@0
|
162 |
store->CancelSetApplicability();
|
sl@0
|
163 |
}
|
sl@0
|
164 |
}
|
sl@0
|
165 |
|
sl@0
|
166 |
if (iStore)
|
sl@0
|
167 |
iStore->CancelAdd();
|
sl@0
|
168 |
}
|
sl@0
|
169 |
|
sl@0
|
170 |
EXPORT_C CCertificate* CCertUtils::CertFromFileLC(const TDesC& aFilename,
|
sl@0
|
171 |
const TDesC& aPathname,
|
sl@0
|
172 |
RFs& aFs,
|
sl@0
|
173 |
TCertificateFormat aFormat)
|
sl@0
|
174 |
{
|
sl@0
|
175 |
TFileName fullname;
|
sl@0
|
176 |
fullname.Append(aPathname);
|
sl@0
|
177 |
fullname.Append(aFilename);
|
sl@0
|
178 |
HBufC8* certBuf = Input::ReadFileLC(fullname, aFs);
|
sl@0
|
179 |
CCertificate* cert = 0;
|
sl@0
|
180 |
if (aFormat == EX509Certificate)
|
sl@0
|
181 |
{
|
sl@0
|
182 |
cert = CX509Certificate::NewLC(*certBuf);
|
sl@0
|
183 |
}
|
sl@0
|
184 |
else if (aFormat == EWTLSCertificate)
|
sl@0
|
185 |
{
|
sl@0
|
186 |
cert = CWTLSCertificate::NewLC(*certBuf);
|
sl@0
|
187 |
}
|
sl@0
|
188 |
CleanupStack::Pop();//cert
|
sl@0
|
189 |
CleanupStack::PopAndDestroy();//buf
|
sl@0
|
190 |
CleanupStack::PushL(cert);
|
sl@0
|
191 |
return cert;
|
sl@0
|
192 |
}
|
sl@0
|
193 |
|
sl@0
|
194 |
EXPORT_C CCertificate* CCertUtils::CertFromFileL(const TDesC& aFilename,
|
sl@0
|
195 |
const TDesC& aPathname,
|
sl@0
|
196 |
RFs& aFs,
|
sl@0
|
197 |
TCertificateFormat aFormat)
|
sl@0
|
198 |
{
|
sl@0
|
199 |
CCertificate* cert = CertFromFileLC(aFilename, aPathname, aFs, aFormat);
|
sl@0
|
200 |
CleanupStack::Pop();
|
sl@0
|
201 |
return cert;
|
sl@0
|
202 |
}
|
sl@0
|
203 |
|
sl@0
|
204 |
EXPORT_C void CCertUtils::AddCertL(const TDesC& aLabel,
|
sl@0
|
205 |
TCertificateFormat aFormat,
|
sl@0
|
206 |
TCertificateOwnerType aCertificateOwnerType,
|
sl@0
|
207 |
TInt aTrustedUsage,
|
sl@0
|
208 |
const TDesC& aCertificatePath,
|
sl@0
|
209 |
const TDesC& aCertificateFileName,
|
sl@0
|
210 |
TRequestStatus& aStatus)
|
sl@0
|
211 |
{
|
sl@0
|
212 |
iOriginalRequestStatus = &aStatus;
|
sl@0
|
213 |
aStatus = KRequestPending;
|
sl@0
|
214 |
|
sl@0
|
215 |
// We set up the member variable as required for this function
|
sl@0
|
216 |
iCertificateFileName = &aCertificateFileName;
|
sl@0
|
217 |
iLabel = &aLabel;
|
sl@0
|
218 |
iFormat = aFormat;
|
sl@0
|
219 |
iTrustedUsage = aTrustedUsage;
|
sl@0
|
220 |
iPath = &aCertificatePath;
|
sl@0
|
221 |
iCertificateOwnerType = aCertificateOwnerType;
|
sl@0
|
222 |
|
sl@0
|
223 |
if (iCreatedUnifiedCertStore)
|
sl@0
|
224 |
{
|
sl@0
|
225 |
delete iCreatedUnifiedCertStore;
|
sl@0
|
226 |
}
|
sl@0
|
227 |
|
sl@0
|
228 |
iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for
|
sl@0
|
229 |
// writing
|
sl@0
|
230 |
iUnifiedCertStore = iCreatedUnifiedCertStore;
|
sl@0
|
231 |
iCreatedUnifiedCertStore->Initialize(iStatus);
|
sl@0
|
232 |
iState = EAddCert;
|
sl@0
|
233 |
SetActive();
|
sl@0
|
234 |
}
|
sl@0
|
235 |
|
sl@0
|
236 |
EXPORT_C void CCertUtils::AddCert(const TDesC& aLabel,
|
sl@0
|
237 |
TCertificateFormat aFormat,
|
sl@0
|
238 |
TCertificateOwnerType aCertificateOwnerType,
|
sl@0
|
239 |
TInt aTrustedUsage,
|
sl@0
|
240 |
const TDesC& aCertificatePath,
|
sl@0
|
241 |
const TDesC& aCertificateFileName,
|
sl@0
|
242 |
CUnifiedCertStore& aUnifiedCertStore,
|
sl@0
|
243 |
TRequestStatus& aStatus)
|
sl@0
|
244 |
{
|
sl@0
|
245 |
iOriginalRequestStatus = &aStatus;
|
sl@0
|
246 |
aStatus = KRequestPending;
|
sl@0
|
247 |
|
sl@0
|
248 |
// We set up the member variable as required for this function
|
sl@0
|
249 |
iCertificateFileName = &aCertificateFileName;
|
sl@0
|
250 |
iLabel = &aLabel;
|
sl@0
|
251 |
iFormat = aFormat;
|
sl@0
|
252 |
iTrustedUsage = aTrustedUsage;
|
sl@0
|
253 |
iPath = &aCertificatePath;
|
sl@0
|
254 |
iCertificateOwnerType = aCertificateOwnerType;
|
sl@0
|
255 |
iUnifiedCertStore = &aUnifiedCertStore;
|
sl@0
|
256 |
|
sl@0
|
257 |
iState = EAddCert;
|
sl@0
|
258 |
SetActive();
|
sl@0
|
259 |
TRequestStatus* status = &iStatus;
|
sl@0
|
260 |
User::RequestComplete(status, KErrNone);
|
sl@0
|
261 |
}
|
sl@0
|
262 |
|
sl@0
|
263 |
EXPORT_C void CCertUtils::AddCACertsL(const CDesCArray& aRoots,
|
sl@0
|
264 |
const CDesCArray& aLabels,
|
sl@0
|
265 |
TCertificateFormat aFormat,
|
sl@0
|
266 |
TInt aTrustedUsage,
|
sl@0
|
267 |
const TDesC& aPath,
|
sl@0
|
268 |
TRequestStatus& aStatus)
|
sl@0
|
269 |
{
|
sl@0
|
270 |
iOriginalRequestStatus = &aStatus;
|
sl@0
|
271 |
aStatus = KRequestPending;
|
sl@0
|
272 |
|
sl@0
|
273 |
// We set up the member variable as required for this function
|
sl@0
|
274 |
iRoots = &aRoots;
|
sl@0
|
275 |
iFormat = aFormat;
|
sl@0
|
276 |
iLabels = &aLabels;
|
sl@0
|
277 |
iTrustedUsage = aTrustedUsage;
|
sl@0
|
278 |
iPath = &aPath;
|
sl@0
|
279 |
|
sl@0
|
280 |
iIndex = -1; // -1 because it will be incremented before its first use
|
sl@0
|
281 |
if (!iSecondCertUtils)
|
sl@0
|
282 |
{
|
sl@0
|
283 |
iSecondCertUtils = CCertUtils::NewL(iFs);
|
sl@0
|
284 |
}
|
sl@0
|
285 |
|
sl@0
|
286 |
if (iCreatedUnifiedCertStore)
|
sl@0
|
287 |
{
|
sl@0
|
288 |
delete iCreatedUnifiedCertStore;
|
sl@0
|
289 |
}
|
sl@0
|
290 |
|
sl@0
|
291 |
iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for
|
sl@0
|
292 |
// writing
|
sl@0
|
293 |
iUnifiedCertStore = iCreatedUnifiedCertStore;
|
sl@0
|
294 |
iCreatedUnifiedCertStore->Initialize(iStatus);
|
sl@0
|
295 |
|
sl@0
|
296 |
iState = EAddCACerts;
|
sl@0
|
297 |
SetActive();
|
sl@0
|
298 |
}
|
sl@0
|
299 |
|
sl@0
|
300 |
EXPORT_C void CCertUtils::AddCACertsL(const CDesCArray& aRoots,
|
sl@0
|
301 |
const CDesCArray& aLabels,
|
sl@0
|
302 |
TCertificateFormat aFormat,
|
sl@0
|
303 |
TInt aTrustedUsage,
|
sl@0
|
304 |
const TDesC& aPath,
|
sl@0
|
305 |
CUnifiedCertStore& aUnifiedCertStore,
|
sl@0
|
306 |
TRequestStatus& aStatus)
|
sl@0
|
307 |
{
|
sl@0
|
308 |
iOriginalRequestStatus = &aStatus;
|
sl@0
|
309 |
aStatus = KRequestPending;
|
sl@0
|
310 |
|
sl@0
|
311 |
// We set up the member variable as required for this function
|
sl@0
|
312 |
iRoots = &aRoots;
|
sl@0
|
313 |
iFormat = aFormat;
|
sl@0
|
314 |
iLabels = &aLabels;
|
sl@0
|
315 |
iTrustedUsage = aTrustedUsage;
|
sl@0
|
316 |
iPath = &aPath;
|
sl@0
|
317 |
iUnifiedCertStore = &aUnifiedCertStore;
|
sl@0
|
318 |
|
sl@0
|
319 |
iIndex = -1; // -1 because it will be incremented before its first use
|
sl@0
|
320 |
if (!iSecondCertUtils)
|
sl@0
|
321 |
{
|
sl@0
|
322 |
iSecondCertUtils = CCertUtils::NewL(iFs);
|
sl@0
|
323 |
}
|
sl@0
|
324 |
|
sl@0
|
325 |
iState = EAddCACerts;
|
sl@0
|
326 |
SetActive();
|
sl@0
|
327 |
TRequestStatus* status = &iStatus;
|
sl@0
|
328 |
User::RequestComplete(status, KErrNone);
|
sl@0
|
329 |
}
|
sl@0
|
330 |
|
sl@0
|
331 |
EXPORT_C void CCertUtils::RemoveCertsL(CUnifiedCertStore& aUnifiedCertStore,
|
sl@0
|
332 |
TRequestStatus& aStatus)
|
sl@0
|
333 |
{
|
sl@0
|
334 |
iOriginalRequestStatus = &aStatus;
|
sl@0
|
335 |
aStatus = KRequestPending;
|
sl@0
|
336 |
iUnifiedCertStore = &aUnifiedCertStore;
|
sl@0
|
337 |
|
sl@0
|
338 |
iState = ERemoveCertsGetCACerts;
|
sl@0
|
339 |
TRequestStatus* status = &iStatus;
|
sl@0
|
340 |
User::RequestComplete(status, KErrNone);
|
sl@0
|
341 |
SetActive();
|
sl@0
|
342 |
}
|
sl@0
|
343 |
|
sl@0
|
344 |
EXPORT_C void CCertUtils::RemoveCertsL(TRequestStatus& aStatus)
|
sl@0
|
345 |
{
|
sl@0
|
346 |
iOriginalRequestStatus = &aStatus;
|
sl@0
|
347 |
aStatus = KRequestPending;
|
sl@0
|
348 |
iState = ERemoveCertsGetCACerts;
|
sl@0
|
349 |
|
sl@0
|
350 |
if (iCreatedUnifiedCertStore)
|
sl@0
|
351 |
{
|
sl@0
|
352 |
delete iCreatedUnifiedCertStore;
|
sl@0
|
353 |
}
|
sl@0
|
354 |
|
sl@0
|
355 |
iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for
|
sl@0
|
356 |
// writing
|
sl@0
|
357 |
iUnifiedCertStore = iCreatedUnifiedCertStore;
|
sl@0
|
358 |
iCreatedUnifiedCertStore->Initialize(iStatus);
|
sl@0
|
359 |
SetActive();
|
sl@0
|
360 |
}
|
sl@0
|
361 |
|
sl@0
|
362 |
EXPORT_C void CCertUtils::WriteError(TValidationError aError, Output& aOut)
|
sl@0
|
363 |
{
|
sl@0
|
364 |
aOut.writeString(CCertUtils::MapError(aError));
|
sl@0
|
365 |
}
|
sl@0
|
366 |
|
sl@0
|
367 |
EXPORT_C TPtrC CCertUtils::MapError(TValidationError aError)
|
sl@0
|
368 |
{
|
sl@0
|
369 |
|
sl@0
|
370 |
switch(aError)
|
sl@0
|
371 |
{
|
sl@0
|
372 |
//errors
|
sl@0
|
373 |
case EValidatedOK:
|
sl@0
|
374 |
{
|
sl@0
|
375 |
return (_L("Validated OK"));
|
sl@0
|
376 |
}
|
sl@0
|
377 |
case EChainHasNoRoot:
|
sl@0
|
378 |
{
|
sl@0
|
379 |
return(_L("Chain has no root"));
|
sl@0
|
380 |
}
|
sl@0
|
381 |
case ESignatureInvalid:
|
sl@0
|
382 |
{
|
sl@0
|
383 |
return(_L("Signature invalid"));
|
sl@0
|
384 |
}
|
sl@0
|
385 |
case EDateOutOfRange:
|
sl@0
|
386 |
{
|
sl@0
|
387 |
return(_L("Date out of range"));
|
sl@0
|
388 |
}
|
sl@0
|
389 |
case ENameIsExcluded:
|
sl@0
|
390 |
{
|
sl@0
|
391 |
return(_L("Name is excluded"));
|
sl@0
|
392 |
}
|
sl@0
|
393 |
case ENameNotPermitted:
|
sl@0
|
394 |
{
|
sl@0
|
395 |
return(_L("Name is not permitted"));
|
sl@0
|
396 |
}
|
sl@0
|
397 |
case ECertificateRevoked:
|
sl@0
|
398 |
{
|
sl@0
|
399 |
return(_L("Certificate revoked"));
|
sl@0
|
400 |
}
|
sl@0
|
401 |
case EUnrecognizedCriticalExtension:
|
sl@0
|
402 |
{
|
sl@0
|
403 |
return(_L("Unrecognized Critical Extension"));
|
sl@0
|
404 |
}
|
sl@0
|
405 |
case ENoBasicConstraintInCACert:
|
sl@0
|
406 |
{
|
sl@0
|
407 |
return(_L("CA cert with no Basic Constraint"));
|
sl@0
|
408 |
}
|
sl@0
|
409 |
case ENoAcceptablePolicy:
|
sl@0
|
410 |
{
|
sl@0
|
411 |
return(_L("No acceptable policy"));
|
sl@0
|
412 |
}
|
sl@0
|
413 |
case EPathTooLong:
|
sl@0
|
414 |
{
|
sl@0
|
415 |
return(_L("Path too long"));
|
sl@0
|
416 |
}
|
sl@0
|
417 |
case ENegativePathLengthSpecified:
|
sl@0
|
418 |
{
|
sl@0
|
419 |
return(_L("Negative path length specified"));
|
sl@0
|
420 |
}
|
sl@0
|
421 |
case ENamesDontChain:
|
sl@0
|
422 |
{
|
sl@0
|
423 |
return(_L("Names don't chain"));
|
sl@0
|
424 |
}
|
sl@0
|
425 |
case ERequiredPolicyNotFound:
|
sl@0
|
426 |
{
|
sl@0
|
427 |
return(_L("Required policy not found"));
|
sl@0
|
428 |
}
|
sl@0
|
429 |
case EBadKeyUsage:
|
sl@0
|
430 |
{
|
sl@0
|
431 |
return(_L("Bad key usage"));
|
sl@0
|
432 |
}
|
sl@0
|
433 |
case ENotCACert:
|
sl@0
|
434 |
{
|
sl@0
|
435 |
return(_L("Non-CA cert used as CA cert"));
|
sl@0
|
436 |
}
|
sl@0
|
437 |
//warnings
|
sl@0
|
438 |
case ERootCertNotSelfSigned:
|
sl@0
|
439 |
{
|
sl@0
|
440 |
return(_L("Root cert not self-signed"));
|
sl@0
|
441 |
}
|
sl@0
|
442 |
case ECriticalExtendedKeyUsage:
|
sl@0
|
443 |
{
|
sl@0
|
444 |
return(_L("Critical extended key usage"));
|
sl@0
|
445 |
}
|
sl@0
|
446 |
case ECriticalCertPoliciesWithQualifiers:
|
sl@0
|
447 |
{
|
sl@0
|
448 |
return(_L("Critical cert policies with qualifiers"));
|
sl@0
|
449 |
}
|
sl@0
|
450 |
case ECriticalPolicyMapping:
|
sl@0
|
451 |
{
|
sl@0
|
452 |
return(_L("Critical policy mapping"));
|
sl@0
|
453 |
}
|
sl@0
|
454 |
case ECriticalDeviceId:
|
sl@0
|
455 |
{
|
sl@0
|
456 |
return(_L("Critical Device Id"));
|
sl@0
|
457 |
}
|
sl@0
|
458 |
case ECriticalSid:
|
sl@0
|
459 |
{
|
sl@0
|
460 |
return(_L("Critical Sid"));
|
sl@0
|
461 |
}
|
sl@0
|
462 |
case ECriticalVid:
|
sl@0
|
463 |
{
|
sl@0
|
464 |
return(_L("Critical Vid"));
|
sl@0
|
465 |
}
|
sl@0
|
466 |
case ECriticalCapabilities:
|
sl@0
|
467 |
{
|
sl@0
|
468 |
return(_L("Critical Capabilities"));
|
sl@0
|
469 |
}
|
sl@0
|
470 |
}
|
sl@0
|
471 |
return (_L("Unknown Error"));
|
sl@0
|
472 |
}
|
sl@0
|
473 |
|
sl@0
|
474 |
|
sl@0
|
475 |
EXPORT_C HBufC* CCertUtils::DiagnosticLC() const
|
sl@0
|
476 |
{
|
sl@0
|
477 |
HBufC* result = HBufC::NewLC(600);
|
sl@0
|
478 |
switch (iDiagnosticState)
|
sl@0
|
479 |
{
|
sl@0
|
480 |
case EAddCert:
|
sl@0
|
481 |
result->Des().Append(_L("EAddCACert"));
|
sl@0
|
482 |
result->Des().Append(_L(" : "));
|
sl@0
|
483 |
result->Des().Append(iDiagnosticMessage);
|
sl@0
|
484 |
break;
|
sl@0
|
485 |
|
sl@0
|
486 |
default:
|
sl@0
|
487 |
break;
|
sl@0
|
488 |
}
|
sl@0
|
489 |
|
sl@0
|
490 |
return result;
|
sl@0
|
491 |
}
|
sl@0
|
492 |
|
sl@0
|
493 |
EXPORT_C void CCertUtils::AddApplicationL(const TDesC& aName, TUid aUid) const
|
sl@0
|
494 |
{
|
sl@0
|
495 |
CCertificateAppInfoManager* appManager = CCertificateAppInfoManager::NewL(iFs, ETrue);
|
sl@0
|
496 |
CleanupStack::PushL(appManager);
|
sl@0
|
497 |
|
sl@0
|
498 |
// Only add the application if it doesn't exist already
|
sl@0
|
499 |
const RArray<TCertificateAppInfo>& apps = appManager->Applications();
|
sl@0
|
500 |
TInt i;
|
sl@0
|
501 |
for (i = 0 ; i < apps.Count() ; ++i)
|
sl@0
|
502 |
{
|
sl@0
|
503 |
if (apps[i].Id() == aUid && apps[i].Name() == aName)
|
sl@0
|
504 |
break;
|
sl@0
|
505 |
}
|
sl@0
|
506 |
|
sl@0
|
507 |
if (i == apps.Count())
|
sl@0
|
508 |
{
|
sl@0
|
509 |
appManager->AddL(TCertificateAppInfo(aUid, aName));
|
sl@0
|
510 |
}
|
sl@0
|
511 |
|
sl@0
|
512 |
CleanupStack::PopAndDestroy(appManager);
|
sl@0
|
513 |
}
|
sl@0
|
514 |
|
sl@0
|
515 |
EXPORT_C void CCertUtils::RemoveApplicationL(TUid aUid) const
|
sl@0
|
516 |
{
|
sl@0
|
517 |
CCertificateAppInfoManager* appManager = CCertificateAppInfoManager::NewL(iFs, ETrue);
|
sl@0
|
518 |
CleanupStack::PushL(appManager);
|
sl@0
|
519 |
appManager->RemoveL(aUid);
|
sl@0
|
520 |
CleanupStack::PopAndDestroy(appManager);
|
sl@0
|
521 |
}
|
sl@0
|
522 |
|
sl@0
|
523 |
|
sl@0
|
524 |
void CCertUtils::ConstructL()
|
sl@0
|
525 |
{
|
sl@0
|
526 |
iCAFilter = CCertAttributeFilter::NewL();
|
sl@0
|
527 |
iCAFilter->SetOwnerType(ECACertificate);
|
sl@0
|
528 |
iUserFilter = CCertAttributeFilter::NewL();
|
sl@0
|
529 |
iUserFilter->SetOwnerType(EUserCertificate);
|
sl@0
|
530 |
}
|
sl@0
|
531 |
|
sl@0
|
532 |
void CCertUtils::HandleEAddCACertsL()
|
sl@0
|
533 |
{
|
sl@0
|
534 |
iIndex++;
|
sl@0
|
535 |
if (iIndex < iRoots->Count())
|
sl@0
|
536 |
{
|
sl@0
|
537 |
// We still have some certificates to add
|
sl@0
|
538 |
if (iCertData)
|
sl@0
|
539 |
{
|
sl@0
|
540 |
delete iCertData;
|
sl@0
|
541 |
iCertData = 0;
|
sl@0
|
542 |
}
|
sl@0
|
543 |
iCertData = iRoots->MdcaPoint(iIndex).AllocL();
|
sl@0
|
544 |
if (iLabelData)
|
sl@0
|
545 |
{
|
sl@0
|
546 |
delete iLabelData;
|
sl@0
|
547 |
iLabelData = 0;
|
sl@0
|
548 |
}
|
sl@0
|
549 |
iLabelData = iLabels->MdcaPoint(iIndex).AllocL();
|
sl@0
|
550 |
iSecondCertUtils->AddCert(*iLabelData, iFormat, ECACertificate,
|
sl@0
|
551 |
iTrustedUsage, *iPath, *iCertData, *iUnifiedCertStore, iStatus);
|
sl@0
|
552 |
SetActive();
|
sl@0
|
553 |
}
|
sl@0
|
554 |
else
|
sl@0
|
555 |
{
|
sl@0
|
556 |
// We have finished adding all the certificates
|
sl@0
|
557 |
delete iSecondCertUtils;
|
sl@0
|
558 |
iSecondCertUtils = 0;
|
sl@0
|
559 |
delete iCreatedUnifiedCertStore;
|
sl@0
|
560 |
iCreatedUnifiedCertStore = 0;
|
sl@0
|
561 |
User::RequestComplete(iOriginalRequestStatus, KErrNone);
|
sl@0
|
562 |
}
|
sl@0
|
563 |
}
|
sl@0
|
564 |
|
sl@0
|
565 |
void CCertUtils::HandleEAddCACertL()
|
sl@0
|
566 |
{
|
sl@0
|
567 |
// At this stage we should always have an initialized iStoreManager
|
sl@0
|
568 |
__ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
|
sl@0
|
569 |
|
sl@0
|
570 |
// We use the first writable certstore
|
sl@0
|
571 |
iStore = &iUnifiedCertStore->WritableCertStore(0);
|
sl@0
|
572 |
|
sl@0
|
573 |
__ASSERT_DEBUG(!iCertificate, User::Panic(_L("TCertUtils"), 1));
|
sl@0
|
574 |
iCertificate = 0;
|
sl@0
|
575 |
TRAPD(err, iCertificate =
|
sl@0
|
576 |
CCertUtils::CertFromFileL(*iCertificateFileName, *iPath, iFs, iFormat));
|
sl@0
|
577 |
if (err != KErrNone)
|
sl@0
|
578 |
{
|
sl@0
|
579 |
if (err != KErrNoMemory)
|
sl@0
|
580 |
{
|
sl@0
|
581 |
iDiagnosticMessage.Zero();
|
sl@0
|
582 |
iDiagnosticMessage.Append(_L("CertFromFileL failed ("));
|
sl@0
|
583 |
iDiagnosticMessage.Append(*iCertificateFileName);
|
sl@0
|
584 |
iDiagnosticMessage.Append(_L(")"));
|
sl@0
|
585 |
}
|
sl@0
|
586 |
User::Leave(err);
|
sl@0
|
587 |
}
|
sl@0
|
588 |
iEncoding.Set(iCertificate->Encoding());
|
sl@0
|
589 |
iStore->Add(*iLabel, iFormat, iCertificateOwnerType, 0, 0, iEncoding, iStatus);
|
sl@0
|
590 |
iState = EAddCACertGetCAEntry;
|
sl@0
|
591 |
SetActive();
|
sl@0
|
592 |
}
|
sl@0
|
593 |
|
sl@0
|
594 |
void CCertUtils::HandleEAddCACertGetCAEntry()
|
sl@0
|
595 |
{
|
sl@0
|
596 |
delete iCertificate;
|
sl@0
|
597 |
iCertificate = 0;
|
sl@0
|
598 |
iCACertStoreEntries.Close();
|
sl@0
|
599 |
iUnifiedCertStore->List(iCACertStoreEntries, *iCAFilter, iStatus);
|
sl@0
|
600 |
iState = EAddCACertSetApplications;
|
sl@0
|
601 |
SetActive();
|
sl@0
|
602 |
}
|
sl@0
|
603 |
|
sl@0
|
604 |
void CCertUtils::HandleEAddCACertSetApplicationsL()
|
sl@0
|
605 |
{
|
sl@0
|
606 |
CCTCertInfo* entry = 0;
|
sl@0
|
607 |
TInt iEnd = iCACertStoreEntries.Count();
|
sl@0
|
608 |
for (TInt i = 0; i < iEnd; i++)
|
sl@0
|
609 |
{
|
sl@0
|
610 |
if (iCACertStoreEntries[i]->Label() == *iLabel)
|
sl@0
|
611 |
{
|
sl@0
|
612 |
entry = iCACertStoreEntries[i];
|
sl@0
|
613 |
}
|
sl@0
|
614 |
}
|
sl@0
|
615 |
|
sl@0
|
616 |
__ASSERT_ALWAYS(entry, User::Panic(_L("TCertUtils"), 1));
|
sl@0
|
617 |
|
sl@0
|
618 |
iTrusters.Reset();
|
sl@0
|
619 |
TUid truster = { iTrustedUsage };
|
sl@0
|
620 |
User::LeaveIfError(iTrusters.Append(truster));
|
sl@0
|
621 |
|
sl@0
|
622 |
iUnifiedCertStore->SetApplicability(*entry, iTrusters, iStatus);
|
sl@0
|
623 |
iState = EAddCACertSetTrust;
|
sl@0
|
624 |
SetActive();
|
sl@0
|
625 |
}
|
sl@0
|
626 |
|
sl@0
|
627 |
void CCertUtils::HandleEAddCACertSetTrust()
|
sl@0
|
628 |
{
|
sl@0
|
629 |
CCTCertInfo* entry = 0;
|
sl@0
|
630 |
TInt iEnd = iCACertStoreEntries.Count();
|
sl@0
|
631 |
for (TInt i = 0; i < iEnd; i++)
|
sl@0
|
632 |
{
|
sl@0
|
633 |
if (iCACertStoreEntries[i]->Label() == *iLabel)
|
sl@0
|
634 |
{
|
sl@0
|
635 |
entry = iCACertStoreEntries[i];
|
sl@0
|
636 |
}
|
sl@0
|
637 |
}
|
sl@0
|
638 |
|
sl@0
|
639 |
__ASSERT_ALWAYS(entry, User::Panic(_L("TCertUtils"), 1));
|
sl@0
|
640 |
|
sl@0
|
641 |
iUnifiedCertStore->SetTrust(*entry, ETrue, iStatus);
|
sl@0
|
642 |
iState = EAddCACertFinished;
|
sl@0
|
643 |
SetActive();
|
sl@0
|
644 |
}
|
sl@0
|
645 |
|
sl@0
|
646 |
void CCertUtils::HandleEAddCACertFinishedL()
|
sl@0
|
647 |
{
|
sl@0
|
648 |
User::RequestComplete(iOriginalRequestStatus, iStatus.Int());
|
sl@0
|
649 |
}
|
sl@0
|
650 |
|
sl@0
|
651 |
void CCertUtils::HandleERemoveCertsGetCACerts()
|
sl@0
|
652 |
{
|
sl@0
|
653 |
// At this stage we should always have an initialized iStoreManager
|
sl@0
|
654 |
__ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
|
sl@0
|
655 |
|
sl@0
|
656 |
iCACertStoreEntries.Close();
|
sl@0
|
657 |
iUnifiedCertStore->List(iCACertStoreEntries, *iCAFilter, iStatus);
|
sl@0
|
658 |
|
sl@0
|
659 |
iState = ERemoveCertsCACertsRetrieved;
|
sl@0
|
660 |
SetActive();
|
sl@0
|
661 |
}
|
sl@0
|
662 |
|
sl@0
|
663 |
void CCertUtils::HandleERemoveCertsCACertsRetrieved()
|
sl@0
|
664 |
{
|
sl@0
|
665 |
// This index will be used to keep track of the current entry
|
sl@0
|
666 |
iIndex = -1;
|
sl@0
|
667 |
|
sl@0
|
668 |
iState = ERemoveCertsRemoveCACerts;
|
sl@0
|
669 |
TRequestStatus* status = &iStatus;
|
sl@0
|
670 |
SetActive();
|
sl@0
|
671 |
User::RequestComplete(status, KErrNone);
|
sl@0
|
672 |
}
|
sl@0
|
673 |
|
sl@0
|
674 |
void CCertUtils::HandleERemoveCertsRemoveCACerts()
|
sl@0
|
675 |
{
|
sl@0
|
676 |
iIndex++;
|
sl@0
|
677 |
if (iIndex < iCACertStoreEntries.Count())
|
sl@0
|
678 |
{
|
sl@0
|
679 |
// Remove this certificate if it can be deleted.
|
sl@0
|
680 |
|
sl@0
|
681 |
CCTCertInfo& cert = *iCACertStoreEntries[iIndex];
|
sl@0
|
682 |
|
sl@0
|
683 |
// Unfortunately, certs in non-writable stores can still be
|
sl@0
|
684 |
// marked as deletable, so need to check if cert is also in a
|
sl@0
|
685 |
// writable store.
|
sl@0
|
686 |
|
sl@0
|
687 |
TBool isDeletable = cert.IsDeletable();
|
sl@0
|
688 |
|
sl@0
|
689 |
TBool inWritableStore = EFalse;
|
sl@0
|
690 |
|
sl@0
|
691 |
TCTTokenObjectHandle certHandle(cert.Handle());
|
sl@0
|
692 |
TInt writeStoreCount = iUnifiedCertStore->WritableCertStoreCount();
|
sl@0
|
693 |
for (TInt i = 0; i < writeStoreCount; ++i)
|
sl@0
|
694 |
{
|
sl@0
|
695 |
MCTWritableCertStore& wcs = iUnifiedCertStore->WritableCertStore(i);
|
sl@0
|
696 |
if (wcs.Token().Handle() == certHandle.iTokenHandle)
|
sl@0
|
697 |
{
|
sl@0
|
698 |
inWritableStore = ETrue;
|
sl@0
|
699 |
break;
|
sl@0
|
700 |
}
|
sl@0
|
701 |
}
|
sl@0
|
702 |
|
sl@0
|
703 |
if (isDeletable && inWritableStore)
|
sl@0
|
704 |
{
|
sl@0
|
705 |
iUnifiedCertStore->Remove(cert, iStatus);
|
sl@0
|
706 |
SetActive();
|
sl@0
|
707 |
}
|
sl@0
|
708 |
else
|
sl@0
|
709 |
{
|
sl@0
|
710 |
TRequestStatus* status = &iStatus;
|
sl@0
|
711 |
SetActive();
|
sl@0
|
712 |
User::RequestComplete(status, KErrNone);
|
sl@0
|
713 |
}
|
sl@0
|
714 |
}
|
sl@0
|
715 |
else
|
sl@0
|
716 |
{
|
sl@0
|
717 |
iState = ERemoveCertsGetUserCerts;
|
sl@0
|
718 |
TRequestStatus* status = &iStatus;
|
sl@0
|
719 |
SetActive();
|
sl@0
|
720 |
User::RequestComplete(status, KErrNone);
|
sl@0
|
721 |
}
|
sl@0
|
722 |
}
|
sl@0
|
723 |
|
sl@0
|
724 |
void CCertUtils::HandleERemoveCertsGetUserCerts()
|
sl@0
|
725 |
{
|
sl@0
|
726 |
// At this stage we should always have an initialized iStoreManager
|
sl@0
|
727 |
__ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
|
sl@0
|
728 |
|
sl@0
|
729 |
iUserCertStoreEntries.Close();
|
sl@0
|
730 |
iUnifiedCertStore->List(iUserCertStoreEntries, *iUserFilter, iStatus);
|
sl@0
|
731 |
|
sl@0
|
732 |
iState = ERemoveCertsUserCertsRetrieved;
|
sl@0
|
733 |
SetActive();
|
sl@0
|
734 |
}
|
sl@0
|
735 |
|
sl@0
|
736 |
void CCertUtils::HandleERemoveCertsUserCertsRetrieved()
|
sl@0
|
737 |
{
|
sl@0
|
738 |
iIndex = -1;
|
sl@0
|
739 |
|
sl@0
|
740 |
iState = ERemoveCertsRemoveUserCerts;
|
sl@0
|
741 |
TRequestStatus* status = &iStatus;
|
sl@0
|
742 |
SetActive();
|
sl@0
|
743 |
User::RequestComplete(status, KErrNone);
|
sl@0
|
744 |
}
|
sl@0
|
745 |
|
sl@0
|
746 |
void CCertUtils::HandleERemoveCertsRemoveUserCerts()
|
sl@0
|
747 |
{
|
sl@0
|
748 |
// At this stage we should always have an initialized iStoreManager
|
sl@0
|
749 |
__ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
|
sl@0
|
750 |
|
sl@0
|
751 |
iIndex++;
|
sl@0
|
752 |
if (iIndex < iUserCertStoreEntries.Count())
|
sl@0
|
753 |
{
|
sl@0
|
754 |
iUnifiedCertStore->Remove(*iUserCertStoreEntries[iIndex], iStatus);
|
sl@0
|
755 |
SetActive();
|
sl@0
|
756 |
}
|
sl@0
|
757 |
else
|
sl@0
|
758 |
{
|
sl@0
|
759 |
iState = ERemoveCertsFinished;
|
sl@0
|
760 |
TRequestStatus* status = &iStatus;
|
sl@0
|
761 |
SetActive();
|
sl@0
|
762 |
User::RequestComplete(status, KErrNone);
|
sl@0
|
763 |
}
|
sl@0
|
764 |
}
|
sl@0
|
765 |
|
sl@0
|
766 |
void CCertUtils::HandleERemoveCertsFinished()
|
sl@0
|
767 |
{
|
sl@0
|
768 |
User::RequestComplete(iOriginalRequestStatus, KErrNone);
|
sl@0
|
769 |
}
|
sl@0
|
770 |
|