sl@0
|
1 |
/*
|
sl@0
|
2 |
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
|
sl@0
|
3 |
* All rights reserved.
|
sl@0
|
4 |
* This component and the accompanying materials are made available
|
sl@0
|
5 |
* under the terms of the License "Eclipse Public License v1.0"
|
sl@0
|
6 |
* which accompanies this distribution, and is available
|
sl@0
|
7 |
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
|
sl@0
|
8 |
*
|
sl@0
|
9 |
* Initial Contributors:
|
sl@0
|
10 |
* Nokia Corporation - initial contribution.
|
sl@0
|
11 |
*
|
sl@0
|
12 |
* Contributors:
|
sl@0
|
13 |
*
|
sl@0
|
14 |
* Description:
|
sl@0
|
15 |
* CWTLSCertChainAO class implementation
|
sl@0
|
16 |
*
|
sl@0
|
17 |
*/
|
sl@0
|
18 |
|
sl@0
|
19 |
|
sl@0
|
20 |
/**
|
sl@0
|
21 |
@file
|
sl@0
|
22 |
@internalTechnology
|
sl@0
|
23 |
*/
|
sl@0
|
24 |
|
sl@0
|
25 |
#ifndef __WTLSCERTCHAINAO_H__
|
sl@0
|
26 |
#define __WTLSCERTCHAINAO_H__
|
sl@0
|
27 |
|
sl@0
|
28 |
#include <e32base.h>
|
sl@0
|
29 |
#include <f32file.h>
|
sl@0
|
30 |
#include <unifiedcertstore.h>
|
sl@0
|
31 |
#include <hash.h>
|
sl@0
|
32 |
|
sl@0
|
33 |
|
sl@0
|
34 |
class CWTLSCertChain;
|
sl@0
|
35 |
class CWTLSValidationResult;
|
sl@0
|
36 |
class CWTLSCertificate;
|
sl@0
|
37 |
|
sl@0
|
38 |
/**
|
sl@0
|
39 |
* This class handles the asynchronous part of the wtls chain validation. It
|
sl@0
|
40 |
* is an active object which handles the asynchronous certificate store operations.
|
sl@0
|
41 |
*/
|
sl@0
|
42 |
class CWTLSCertChainAO : public CActive
|
sl@0
|
43 |
{
|
sl@0
|
44 |
public:
|
sl@0
|
45 |
static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain,
|
sl@0
|
46 |
const CArrayPtr<CWTLSCertificate>& aRootCerts);
|
sl@0
|
47 |
static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain,
|
sl@0
|
48 |
const TUid aClient);
|
sl@0
|
49 |
virtual ~CWTLSCertChainAO();
|
sl@0
|
50 |
virtual TInt RunError(TInt aError);
|
sl@0
|
51 |
|
sl@0
|
52 |
private:
|
sl@0
|
53 |
CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain);
|
sl@0
|
54 |
CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain, const TUid aClient);
|
sl@0
|
55 |
void ConstructL(const CArrayPtr<CWTLSCertificate>& aRootCerts);
|
sl@0
|
56 |
|
sl@0
|
57 |
public:
|
sl@0
|
58 |
void RunL();
|
sl@0
|
59 |
void DoCancel();
|
sl@0
|
60 |
|
sl@0
|
61 |
private:
|
sl@0
|
62 |
/**
|
sl@0
|
63 |
* This function creates a CCertStoreManager,
|
sl@0
|
64 |
* calls CCertStoreManager initialise and sets the state
|
sl@0
|
65 |
* to EStoreManagerInitialized
|
sl@0
|
66 |
*/
|
sl@0
|
67 |
void HandleEStoreManagerInitializationL();
|
sl@0
|
68 |
void HandleEStoreManagerInitializedL();
|
sl@0
|
69 |
void HandleEGetCertHashesL();
|
sl@0
|
70 |
void HandleEPruneListL();
|
sl@0
|
71 |
void HandleEPruneListDoneL();
|
sl@0
|
72 |
void HandleECheckTCAL();
|
sl@0
|
73 |
void HandleEIsChainSelfSignedL();
|
sl@0
|
74 |
void HandleERetrieveRootsL();
|
sl@0
|
75 |
void HandleEAddRootToListL();
|
sl@0
|
76 |
void HandleEFindRootL();
|
sl@0
|
77 |
void HandleEValidateEndL();
|
sl@0
|
78 |
|
sl@0
|
79 |
// Request functions
|
sl@0
|
80 |
public:
|
sl@0
|
81 |
void Validate(CWTLSValidationResult& aValidationResult, const TTime& aValidationTime,
|
sl@0
|
82 |
TRequestStatus& aStatus);
|
sl@0
|
83 |
|
sl@0
|
84 |
private:
|
sl@0
|
85 |
TBool CheckSignatureAndNameL(const CWTLSCertificate& aCert,
|
sl@0
|
86 |
CWTLSValidationResult& aResult, TInt aPos) const;
|
sl@0
|
87 |
TBool CheckValidityPeriod(const CWTLSCertificate& aCert,
|
sl@0
|
88 |
CWTLSValidationResult& aResult, const TTime aTime, TInt aPos) const;
|
sl@0
|
89 |
HBufC8& GeneratePublicKeyHashL(const CWTLSCertificate& aCert) const;
|
sl@0
|
90 |
|
sl@0
|
91 |
enum TState
|
sl@0
|
92 |
{
|
sl@0
|
93 |
EStoreManagerInitialization = 0,
|
sl@0
|
94 |
EStoreManagerInitialized,
|
sl@0
|
95 |
EGetCertHashes,
|
sl@0
|
96 |
EPruneList,
|
sl@0
|
97 |
EPruneListDone,
|
sl@0
|
98 |
ECheckTCA,
|
sl@0
|
99 |
EIsChainSelfSigned,
|
sl@0
|
100 |
ERetrieveRoots,
|
sl@0
|
101 |
EAddRootToList,
|
sl@0
|
102 |
EFindRoot,
|
sl@0
|
103 |
EValidateEnd
|
sl@0
|
104 |
};
|
sl@0
|
105 |
|
sl@0
|
106 |
private:
|
sl@0
|
107 |
RFs& iFs;
|
sl@0
|
108 |
CUnifiedCertStore* iCertStoreManager;
|
sl@0
|
109 |
/**
|
sl@0
|
110 |
* List of the subject hashes from the cert store
|
sl@0
|
111 |
* The elements remained owned by the CCTCertInfo
|
sl@0
|
112 |
*/
|
sl@0
|
113 |
RPointerArray< TBuf8<20> > iRootSubjectStoreHashList;
|
sl@0
|
114 |
/**
|
sl@0
|
115 |
* List of the subject hashes from the passed in certs
|
sl@0
|
116 |
* We own this object and all its elements
|
sl@0
|
117 |
*/
|
sl@0
|
118 |
RPointerArray< HBufC8 > iRootSubjectClientHashList;
|
sl@0
|
119 |
CCertAttributeFilter* iFilter;
|
sl@0
|
120 |
/**
|
sl@0
|
121 |
* Stores info on the certs in the cert store
|
sl@0
|
122 |
* We own this object and all its elements
|
sl@0
|
123 |
*/
|
sl@0
|
124 |
RMPointerArray<CCTCertInfo> iCertInfos;
|
sl@0
|
125 |
/**
|
sl@0
|
126 |
* Indicates whether iWTLSCertChain.iChain was pruned or not
|
sl@0
|
127 |
*/
|
sl@0
|
128 |
TBool iPruned;
|
sl@0
|
129 |
/**
|
sl@0
|
130 |
* The index within iChain that the chain was pruned
|
sl@0
|
131 |
*/
|
sl@0
|
132 |
TInt iPrunedChainLength;
|
sl@0
|
133 |
|
sl@0
|
134 |
CWTLSCertChain& iWTLSCertChain;
|
sl@0
|
135 |
TUid iClient;
|
sl@0
|
136 |
TPtr8 iEncodedCert;
|
sl@0
|
137 |
HBufC8* iEncodedCertTemp;
|
sl@0
|
138 |
|
sl@0
|
139 |
TState iState;
|
sl@0
|
140 |
|
sl@0
|
141 |
TRequestStatus* iOriginalRequestStatus;
|
sl@0
|
142 |
|
sl@0
|
143 |
/**
|
sl@0
|
144 |
* Roots passed in from the client that we trust
|
sl@0
|
145 |
* We own this object and all its elements
|
sl@0
|
146 |
*/
|
sl@0
|
147 |
RPointerArray<CWTLSCertificate> iRootsFromClient;
|
sl@0
|
148 |
/**
|
sl@0
|
149 |
* Roots from the specified cert store that we trust.
|
sl@0
|
150 |
* We own this object and all its elements
|
sl@0
|
151 |
*/
|
sl@0
|
152 |
RPointerArray<CWTLSCertificate> iRootsFromStore;
|
sl@0
|
153 |
|
sl@0
|
154 |
/**
|
sl@0
|
155 |
* A counter used to carry counter information between AO states
|
sl@0
|
156 |
*/
|
sl@0
|
157 |
TInt iIndex;
|
sl@0
|
158 |
|
sl@0
|
159 |
/**
|
sl@0
|
160 |
* Indicates if a root cert has been found for this particular chain
|
sl@0
|
161 |
*/
|
sl@0
|
162 |
TBool iFoundRoot;
|
sl@0
|
163 |
|
sl@0
|
164 |
/**
|
sl@0
|
165 |
* To store the parameters passed to CWTLSCertChain::Validate
|
sl@0
|
166 |
*/
|
sl@0
|
167 |
CWTLSValidationResult* iValidationResult;
|
sl@0
|
168 |
/**
|
sl@0
|
169 |
* To store the parameters passed to CWTLSCertChain::Validate
|
sl@0
|
170 |
*/
|
sl@0
|
171 |
const TTime* iValidationTime;
|
sl@0
|
172 |
};
|
sl@0
|
173 |
|
sl@0
|
174 |
#include <wtlscertchain.h>
|
sl@0
|
175 |
|
sl@0
|
176 |
#endif
|