Symaptic: os/security/cryptoservices/certificateandkeymgmt/wtlscert/wtlscertchainao.h@bde4ae8d615e (annotated)

sl@0	1	/*
sl@0	2	* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0	3	* All rights reserved.
sl@0	4	* This component and the accompanying materials are made available
sl@0	5	* under the terms of the License "Eclipse Public License v1.0"
sl@0	6	* which accompanies this distribution, and is available
sl@0	7	* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0	8	*
sl@0	9	* Initial Contributors:
sl@0	10	* Nokia Corporation - initial contribution.
sl@0	11	*
sl@0	12	* Contributors:
sl@0	13	*
sl@0	14	* Description:
sl@0	15	* CWTLSCertChainAO class implementation
sl@0	16	*
sl@0	17	*/
sl@0	18
sl@0	19
sl@0	20	/**
sl@0	21	@file
sl@0	22	@internalTechnology
sl@0	23	*/
sl@0	24
sl@0	25	#ifndef __WTLSCERTCHAINAO_H__
sl@0	26	#define __WTLSCERTCHAINAO_H__
sl@0	27
sl@0	28	#include <e32base.h>
sl@0	29	#include <f32file.h>
sl@0	30	#include <unifiedcertstore.h>
sl@0	31	#include <hash.h>
sl@0	32
sl@0	33
sl@0	34	class CWTLSCertChain;
sl@0	35	class CWTLSValidationResult;
sl@0	36	class CWTLSCertificate;
sl@0	37
sl@0	38	/**
sl@0	39	* This class handles the asynchronous part of the wtls chain validation. It
sl@0	40	* is an active object which handles the asynchronous certificate store operations.
sl@0	41	*/
sl@0	42	class CWTLSCertChainAO : public CActive
sl@0	43	{
sl@0	44	public:
sl@0	45	static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain,
sl@0	46	const CArrayPtr<CWTLSCertificate>& aRootCerts);
sl@0	47	static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain,
sl@0	48	const TUid aClient);
sl@0	49	virtual ~CWTLSCertChainAO();
sl@0	50	virtual TInt RunError(TInt aError);
sl@0	51
sl@0	52	private:
sl@0	53	CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain);
sl@0	54	CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain, const TUid aClient);
sl@0	55	void ConstructL(const CArrayPtr<CWTLSCertificate>& aRootCerts);
sl@0	56
sl@0	57	public:
sl@0	58	void RunL();
sl@0	59	void DoCancel();
sl@0	60
sl@0	61	private:
sl@0	62	/**
sl@0	63	* This function creates a CCertStoreManager,
sl@0	64	* calls CCertStoreManager initialise and sets the state
sl@0	65	* to EStoreManagerInitialized
sl@0	66	*/
sl@0	67	void HandleEStoreManagerInitializationL();
sl@0	68	void HandleEStoreManagerInitializedL();
sl@0	69	void HandleEGetCertHashesL();
sl@0	70	void HandleEPruneListL();
sl@0	71	void HandleEPruneListDoneL();
sl@0	72	void HandleECheckTCAL();
sl@0	73	void HandleEIsChainSelfSignedL();
sl@0	74	void HandleERetrieveRootsL();
sl@0	75	void HandleEAddRootToListL();
sl@0	76	void HandleEFindRootL();
sl@0	77	void HandleEValidateEndL();
sl@0	78
sl@0	79	// Request functions
sl@0	80	public:
sl@0	81	void Validate(CWTLSValidationResult& aValidationResult, const TTime& aValidationTime,
sl@0	82	TRequestStatus& aStatus);
sl@0	83
sl@0	84	private:
sl@0	85	TBool CheckSignatureAndNameL(const CWTLSCertificate& aCert,
sl@0	86	CWTLSValidationResult& aResult, TInt aPos) const;
sl@0	87	TBool CheckValidityPeriod(const CWTLSCertificate& aCert,
sl@0	88	CWTLSValidationResult& aResult, const TTime aTime, TInt aPos) const;
sl@0	89	HBufC8& GeneratePublicKeyHashL(const CWTLSCertificate& aCert) const;
sl@0	90
sl@0	91	enum TState
sl@0	92	{
sl@0	93	EStoreManagerInitialization = 0,
sl@0	94	EStoreManagerInitialized,
sl@0	95	EGetCertHashes,
sl@0	96	EPruneList,
sl@0	97	EPruneListDone,
sl@0	98	ECheckTCA,
sl@0	99	EIsChainSelfSigned,
sl@0	100	ERetrieveRoots,
sl@0	101	EAddRootToList,
sl@0	102	EFindRoot,
sl@0	103	EValidateEnd
sl@0	104	};
sl@0	105
sl@0	106	private:
sl@0	107	RFs& iFs;
sl@0	108	CUnifiedCertStore* iCertStoreManager;
sl@0	109	/**
sl@0	110	* List of the subject hashes from the cert store
sl@0	111	* The elements remained owned by the CCTCertInfo
sl@0	112	*/
sl@0	113	RPointerArray< TBuf8<20> > iRootSubjectStoreHashList;
sl@0	114	/**
sl@0	115	* List of the subject hashes from the passed in certs
sl@0	116	* We own this object and all its elements
sl@0	117	*/
sl@0	118	RPointerArray< HBufC8 > iRootSubjectClientHashList;
sl@0	119	CCertAttributeFilter* iFilter;
sl@0	120	/**
sl@0	121	* Stores info on the certs in the cert store
sl@0	122	* We own this object and all its elements
sl@0	123	*/
sl@0	124	RMPointerArray<CCTCertInfo> iCertInfos;
sl@0	125	/**
sl@0	126	* Indicates whether iWTLSCertChain.iChain was pruned or not
sl@0	127	*/
sl@0	128	TBool iPruned;
sl@0	129	/**
sl@0	130	* The index within iChain that the chain was pruned
sl@0	131	*/
sl@0	132	TInt iPrunedChainLength;
sl@0	133
sl@0	134	CWTLSCertChain& iWTLSCertChain;
sl@0	135	TUid iClient;
sl@0	136	TPtr8 iEncodedCert;
sl@0	137	HBufC8* iEncodedCertTemp;
sl@0	138
sl@0	139	TState iState;
sl@0	140
sl@0	141	TRequestStatus* iOriginalRequestStatus;
sl@0	142
sl@0	143	/**
sl@0	144	* Roots passed in from the client that we trust
sl@0	145	* We own this object and all its elements
sl@0	146	*/
sl@0	147	RPointerArray<CWTLSCertificate> iRootsFromClient;
sl@0	148	/**
sl@0	149	* Roots from the specified cert store that we trust.
sl@0	150	* We own this object and all its elements
sl@0	151	*/
sl@0	152	RPointerArray<CWTLSCertificate> iRootsFromStore;
sl@0	153
sl@0	154	/**
sl@0	155	* A counter used to carry counter information between AO states
sl@0	156	*/
sl@0	157	TInt iIndex;
sl@0	158
sl@0	159	/**
sl@0	160	* Indicates if a root cert has been found for this particular chain
sl@0	161	*/
sl@0	162	TBool iFoundRoot;
sl@0	163
sl@0	164	/**
sl@0	165	* To store the parameters passed to CWTLSCertChain::Validate
sl@0	166	*/
sl@0	167	CWTLSValidationResult* iValidationResult;
sl@0	168	/**
sl@0	169	* To store the parameters passed to CWTLSCertChain::Validate
sl@0	170	*/
sl@0	171	const TTime* iValidationTime;
sl@0	172	};
sl@0	173
sl@0	174	#include <wtlscertchain.h>
sl@0	175
sl@0	176	#endif

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--