os/security/cryptoservices/certificateandkeymgmt/wtlscert/wtlscertchainao.h
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
sl@0
     1
/*
sl@0
     2
* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0
     3
* All rights reserved.
sl@0
     4
* This component and the accompanying materials are made available
sl@0
     5
* under the terms of the License "Eclipse Public License v1.0"
sl@0
     6
* which accompanies this distribution, and is available
sl@0
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0
     8
*
sl@0
     9
* Initial Contributors:
sl@0
    10
* Nokia Corporation - initial contribution.
sl@0
    11
*
sl@0
    12
* Contributors:
sl@0
    13
*
sl@0
    14
* Description: 
sl@0
    15
* CWTLSCertChainAO class implementation
sl@0
    16
*
sl@0
    17
*/
sl@0
    18
sl@0
    19
sl@0
    20
/**
sl@0
    21
 @file 
sl@0
    22
 @internalTechnology
sl@0
    23
*/
sl@0
    24
 
sl@0
    25
#ifndef __WTLSCERTCHAINAO_H__
sl@0
    26
#define __WTLSCERTCHAINAO_H__
sl@0
    27
sl@0
    28
#include <e32base.h>
sl@0
    29
#include <f32file.h>
sl@0
    30
#include <unifiedcertstore.h>
sl@0
    31
#include <hash.h>
sl@0
    32
sl@0
    33
sl@0
    34
class CWTLSCertChain;
sl@0
    35
class CWTLSValidationResult;
sl@0
    36
class CWTLSCertificate;
sl@0
    37
sl@0
    38
/**
sl@0
    39
 * This class handles the asynchronous part of the wtls chain validation. It
sl@0
    40
 * is an active object which handles the asynchronous certificate store operations.
sl@0
    41
 */
sl@0
    42
class CWTLSCertChainAO : public CActive
sl@0
    43
{
sl@0
    44
public:
sl@0
    45
	static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain,
sl@0
    46
		const CArrayPtr<CWTLSCertificate>& aRootCerts);
sl@0
    47
	static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain, 
sl@0
    48
		const TUid aClient);
sl@0
    49
	virtual ~CWTLSCertChainAO();
sl@0
    50
	virtual TInt RunError(TInt aError);
sl@0
    51
sl@0
    52
private:
sl@0
    53
	CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain);
sl@0
    54
	CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain, const TUid aClient);
sl@0
    55
	void ConstructL(const CArrayPtr<CWTLSCertificate>& aRootCerts);
sl@0
    56
sl@0
    57
public:
sl@0
    58
	void RunL();
sl@0
    59
	void DoCancel();
sl@0
    60
sl@0
    61
private:
sl@0
    62
	/**
sl@0
    63
	 * This function creates a CCertStoreManager,
sl@0
    64
	 * calls CCertStoreManager initialise and sets the state
sl@0
    65
	 * to EStoreManagerInitialized
sl@0
    66
	 */
sl@0
    67
	void HandleEStoreManagerInitializationL();
sl@0
    68
	void HandleEStoreManagerInitializedL();
sl@0
    69
	void HandleEGetCertHashesL();
sl@0
    70
	void HandleEPruneListL();
sl@0
    71
	void HandleEPruneListDoneL();
sl@0
    72
	void HandleECheckTCAL();
sl@0
    73
	void HandleEIsChainSelfSignedL();
sl@0
    74
	void HandleERetrieveRootsL();
sl@0
    75
	void HandleEAddRootToListL();
sl@0
    76
	void HandleEFindRootL();
sl@0
    77
	void HandleEValidateEndL();
sl@0
    78
sl@0
    79
	// Request functions
sl@0
    80
public:
sl@0
    81
	void Validate(CWTLSValidationResult& aValidationResult, const TTime& aValidationTime,							
sl@0
    82
		TRequestStatus& aStatus);
sl@0
    83
sl@0
    84
private:
sl@0
    85
	TBool CheckSignatureAndNameL(const CWTLSCertificate& aCert,
sl@0
    86
		CWTLSValidationResult& aResult, TInt aPos) const;
sl@0
    87
	TBool CheckValidityPeriod(const CWTLSCertificate& aCert,
sl@0
    88
		CWTLSValidationResult& aResult,	const TTime aTime, TInt aPos) const;
sl@0
    89
	HBufC8& GeneratePublicKeyHashL(const CWTLSCertificate& aCert) const;
sl@0
    90
sl@0
    91
	enum TState
sl@0
    92
	{
sl@0
    93
		EStoreManagerInitialization = 0,
sl@0
    94
		EStoreManagerInitialized,
sl@0
    95
		EGetCertHashes,
sl@0
    96
		EPruneList,
sl@0
    97
		EPruneListDone,
sl@0
    98
		ECheckTCA,
sl@0
    99
		EIsChainSelfSigned,
sl@0
   100
		ERetrieveRoots,
sl@0
   101
		EAddRootToList,
sl@0
   102
		EFindRoot,
sl@0
   103
		EValidateEnd
sl@0
   104
	};
sl@0
   105
sl@0
   106
private:
sl@0
   107
	RFs& iFs;
sl@0
   108
	CUnifiedCertStore* iCertStoreManager;
sl@0
   109
	/**
sl@0
   110
	 * List of the subject hashes from the cert store
sl@0
   111
	 * The elements remained owned by the CCTCertInfo
sl@0
   112
	 */
sl@0
   113
	RPointerArray< TBuf8<20> > iRootSubjectStoreHashList;
sl@0
   114
	/**
sl@0
   115
	 * List of the subject hashes from the passed in certs
sl@0
   116
	 * We own this object and all its elements
sl@0
   117
	 */
sl@0
   118
	RPointerArray< HBufC8 > iRootSubjectClientHashList;
sl@0
   119
	CCertAttributeFilter* iFilter;
sl@0
   120
	/**
sl@0
   121
	 * Stores info on the certs in the cert store
sl@0
   122
	 * We own this object and all its elements
sl@0
   123
	 */
sl@0
   124
	RMPointerArray<CCTCertInfo> iCertInfos;
sl@0
   125
	/**
sl@0
   126
	 * Indicates whether iWTLSCertChain.iChain was pruned or not
sl@0
   127
	 */
sl@0
   128
	TBool iPruned;
sl@0
   129
	/**
sl@0
   130
	 * The index within iChain that the chain was pruned
sl@0
   131
	 */
sl@0
   132
	TInt iPrunedChainLength;
sl@0
   133
sl@0
   134
	CWTLSCertChain& iWTLSCertChain;
sl@0
   135
	TUid iClient;
sl@0
   136
	TPtr8 iEncodedCert;
sl@0
   137
	HBufC8* iEncodedCertTemp;
sl@0
   138
sl@0
   139
	TState iState;
sl@0
   140
sl@0
   141
	TRequestStatus* iOriginalRequestStatus;
sl@0
   142
sl@0
   143
	/**
sl@0
   144
	 * Roots passed in from the client that we trust
sl@0
   145
	 * We own this object and all its elements
sl@0
   146
	 */
sl@0
   147
	RPointerArray<CWTLSCertificate> iRootsFromClient;
sl@0
   148
	/**
sl@0
   149
	 * Roots from the specified cert store that we trust.
sl@0
   150
	 * We own this object and all its elements
sl@0
   151
	 */
sl@0
   152
	RPointerArray<CWTLSCertificate> iRootsFromStore;
sl@0
   153
sl@0
   154
	/**
sl@0
   155
	 * A counter used to carry counter information between AO states
sl@0
   156
	 */
sl@0
   157
	TInt iIndex;
sl@0
   158
sl@0
   159
	/**
sl@0
   160
	 * Indicates if a root cert has been found for this particular chain
sl@0
   161
	 */
sl@0
   162
	TBool iFoundRoot;
sl@0
   163
sl@0
   164
	/**
sl@0
   165
	 * To store the parameters passed to CWTLSCertChain::Validate
sl@0
   166
	 */ 
sl@0
   167
	CWTLSValidationResult* iValidationResult;
sl@0
   168
	/**
sl@0
   169
	 * To store the parameters passed to CWTLSCertChain::Validate
sl@0
   170
	 */ 
sl@0
   171
	const TTime* iValidationTime;					 
sl@0
   172
};
sl@0
   173
sl@0
   174
#include <wtlscertchain.h>
sl@0
   175
sl@0
   176
#endif