1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/tcertcommon/tcertutils.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,770 @@
1.4 +/*
1.5 +* Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +* tcertuils.cpp
1.19 +*
1.20 +*/
1.21 +
1.22 +
1.23 +#include "tcertutils.h"
1.24 +#include <wtlscert.h>
1.25 +#include <certificateapps.h>
1.26 +#include "t_input.h"
1.27 +#include <ccertattributefilter.h>
1.28 +#include <cctcertinfo.h>
1.29 +#include <mctwritablecertstore.h>
1.30 +
1.31 +
1.32 +EXPORT_C CCertUtils* CCertUtils::NewL(RFs& aFs)
1.33 + {
1.34 + CCertUtils* self = CCertUtils::NewLC(aFs);
1.35 + CleanupStack::Pop(self);
1.36 + return self;
1.37 + }
1.38 +
1.39 +EXPORT_C CCertUtils* CCertUtils::NewLC(RFs& aFs)
1.40 + {
1.41 + CCertUtils* self = new(ELeave) CCertUtils(aFs);
1.42 + CleanupStack::PushL(self);
1.43 + self->ConstructL();
1.44 + return self;
1.45 + }
1.46 +
1.47 +CCertUtils::CCertUtils(RFs& aFs)
1.48 +: CActive(EPriorityNormal), iFs(aFs)
1.49 + {
1.50 + CActiveScheduler::Add(this);
1.51 + }
1.52 +
1.53 +EXPORT_C CCertUtils::~CCertUtils()
1.54 + {
1.55 + Cancel();
1.56 +
1.57 + delete iCertificate;
1.58 + delete iCreatedUnifiedCertStore;
1.59 +
1.60 + delete iCertData;
1.61 + delete iLabelData;
1.62 + delete iSecondCertUtils;
1.63 +
1.64 + delete iCAFilter;
1.65 + delete iUserFilter;
1.66 +
1.67 + iCACertStoreEntries.Close(); // The entries are owned by us
1.68 + iUserCertStoreEntries.Close(); // The entries are owned by us
1.69 + iTrusters.Close();
1.70 + }
1.71 +
1.72 +/**
1.73 +This function handles all the asynchronous calls. There is at least
1.74 +one state for each of the functions of CCertUtils that requires
1.75 +asynchronicity.
1.76 +*/
1.77 +void CCertUtils::RunL()
1.78 + {
1.79 + if (iStatus != KErrNone)
1.80 + {
1.81 + User::RequestComplete(iOriginalRequestStatus, iStatus.Int());
1.82 + return;
1.83 + }
1.84 +
1.85 + switch (iState)
1.86 + {
1.87 + // Used for AddCACerts
1.88 + case EAddCACerts:
1.89 + HandleEAddCACertsL();
1.90 + break;
1.91 +
1.92 + // Used for AddCert
1.93 + case EAddCert:
1.94 + TRAPD(err, HandleEAddCACertL());
1.95 + if (err != KErrNone)
1.96 + {
1.97 + iDiagnosticState = EAddCert;
1.98 + User::RequestComplete(iOriginalRequestStatus, err);
1.99 + }
1.100 + break;
1.101 + case EAddCACertGetCAEntry:
1.102 + HandleEAddCACertGetCAEntry();
1.103 + break;
1.104 + case EAddCACertSetApplications:
1.105 + HandleEAddCACertSetApplicationsL();
1.106 + break;
1.107 + case EAddCACertSetTrust:
1.108 + HandleEAddCACertSetTrust();
1.109 + break;
1.110 + case EAddCACertFinished:
1.111 + HandleEAddCACertFinishedL();
1.112 + delete iCreatedUnifiedCertStore;
1.113 + iCreatedUnifiedCertStore = 0;
1.114 + break;
1.115 +
1.116 + // Used for RemoveCerts
1.117 + case ERemoveCertsGetCACerts:
1.118 + HandleERemoveCertsGetCACerts();
1.119 + break;
1.120 + case ERemoveCertsCACertsRetrieved:
1.121 + HandleERemoveCertsCACertsRetrieved();
1.122 + break;
1.123 + case ERemoveCertsRemoveCACerts:
1.124 + HandleERemoveCertsRemoveCACerts();
1.125 + break;
1.126 + case ERemoveCertsGetUserCerts:
1.127 + HandleERemoveCertsGetUserCerts();
1.128 + break;
1.129 + case ERemoveCertsUserCertsRetrieved:
1.130 + HandleERemoveCertsUserCertsRetrieved();
1.131 + break;
1.132 + case ERemoveCertsRemoveUserCerts:
1.133 + HandleERemoveCertsRemoveUserCerts();
1.134 + break;
1.135 + case ERemoveCertsFinished:
1.136 + HandleERemoveCertsFinished();
1.137 + delete iCreatedUnifiedCertStore;
1.138 + iCreatedUnifiedCertStore = 0;
1.139 + break;
1.140 +
1.141 + default:
1.142 + break;
1.143 + }
1.144 + }
1.145 +
1.146 +TInt CCertUtils::RunError(TInt aError)
1.147 + {
1.148 + User::RequestComplete(iOriginalRequestStatus, aError);
1.149 + return KErrNone;
1.150 + }
1.151 +
1.152 +void CCertUtils::DoCancel()
1.153 + {
1.154 + if (iSecondCertUtils)
1.155 + iSecondCertUtils->Cancel();
1.156 +
1.157 + if (iUnifiedCertStore)
1.158 + {
1.159 + iUnifiedCertStore->Cancel();
1.160 + if (iUnifiedCertStore->WritableCertStoreCount() != 0)
1.161 + {
1.162 + MCTWritableCertStore *store;
1.163 + store = &iUnifiedCertStore->WritableCertStore(0);
1.164 + store->CancelRemove();
1.165 + store->CancelSetApplicability();
1.166 + }
1.167 + }
1.168 +
1.169 + if (iStore)
1.170 + iStore->CancelAdd();
1.171 + }
1.172 +
1.173 +EXPORT_C CCertificate* CCertUtils::CertFromFileLC(const TDesC& aFilename,
1.174 + const TDesC& aPathname,
1.175 + RFs& aFs,
1.176 + TCertificateFormat aFormat)
1.177 + {
1.178 + TFileName fullname;
1.179 + fullname.Append(aPathname);
1.180 + fullname.Append(aFilename);
1.181 + HBufC8* certBuf = Input::ReadFileLC(fullname, aFs);
1.182 + CCertificate* cert = 0;
1.183 + if (aFormat == EX509Certificate)
1.184 + {
1.185 + cert = CX509Certificate::NewLC(*certBuf);
1.186 + }
1.187 + else if (aFormat == EWTLSCertificate)
1.188 + {
1.189 + cert = CWTLSCertificate::NewLC(*certBuf);
1.190 + }
1.191 + CleanupStack::Pop();//cert
1.192 + CleanupStack::PopAndDestroy();//buf
1.193 + CleanupStack::PushL(cert);
1.194 + return cert;
1.195 + }
1.196 +
1.197 +EXPORT_C CCertificate* CCertUtils::CertFromFileL(const TDesC& aFilename,
1.198 + const TDesC& aPathname,
1.199 + RFs& aFs,
1.200 + TCertificateFormat aFormat)
1.201 + {
1.202 + CCertificate* cert = CertFromFileLC(aFilename, aPathname, aFs, aFormat);
1.203 + CleanupStack::Pop();
1.204 + return cert;
1.205 + }
1.206 +
1.207 +EXPORT_C void CCertUtils::AddCertL(const TDesC& aLabel,
1.208 + TCertificateFormat aFormat,
1.209 + TCertificateOwnerType aCertificateOwnerType,
1.210 + TInt aTrustedUsage,
1.211 + const TDesC& aCertificatePath,
1.212 + const TDesC& aCertificateFileName,
1.213 + TRequestStatus& aStatus)
1.214 + {
1.215 + iOriginalRequestStatus = &aStatus;
1.216 + aStatus = KRequestPending;
1.217 +
1.218 + // We set up the member variable as required for this function
1.219 + iCertificateFileName = &aCertificateFileName;
1.220 + iLabel = &aLabel;
1.221 + iFormat = aFormat;
1.222 + iTrustedUsage = aTrustedUsage;
1.223 + iPath = &aCertificatePath;
1.224 + iCertificateOwnerType = aCertificateOwnerType;
1.225 +
1.226 + if (iCreatedUnifiedCertStore)
1.227 + {
1.228 + delete iCreatedUnifiedCertStore;
1.229 + }
1.230 +
1.231 + iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for
1.232 + // writing
1.233 + iUnifiedCertStore = iCreatedUnifiedCertStore;
1.234 + iCreatedUnifiedCertStore->Initialize(iStatus);
1.235 + iState = EAddCert;
1.236 + SetActive();
1.237 + }
1.238 +
1.239 +EXPORT_C void CCertUtils::AddCert(const TDesC& aLabel,
1.240 + TCertificateFormat aFormat,
1.241 + TCertificateOwnerType aCertificateOwnerType,
1.242 + TInt aTrustedUsage,
1.243 + const TDesC& aCertificatePath,
1.244 + const TDesC& aCertificateFileName,
1.245 + CUnifiedCertStore& aUnifiedCertStore,
1.246 + TRequestStatus& aStatus)
1.247 + {
1.248 + iOriginalRequestStatus = &aStatus;
1.249 + aStatus = KRequestPending;
1.250 +
1.251 + // We set up the member variable as required for this function
1.252 + iCertificateFileName = &aCertificateFileName;
1.253 + iLabel = &aLabel;
1.254 + iFormat = aFormat;
1.255 + iTrustedUsage = aTrustedUsage;
1.256 + iPath = &aCertificatePath;
1.257 + iCertificateOwnerType = aCertificateOwnerType;
1.258 + iUnifiedCertStore = &aUnifiedCertStore;
1.259 +
1.260 + iState = EAddCert;
1.261 + SetActive();
1.262 + TRequestStatus* status = &iStatus;
1.263 + User::RequestComplete(status, KErrNone);
1.264 + }
1.265 +
1.266 +EXPORT_C void CCertUtils::AddCACertsL(const CDesCArray& aRoots,
1.267 + const CDesCArray& aLabels,
1.268 + TCertificateFormat aFormat,
1.269 + TInt aTrustedUsage,
1.270 + const TDesC& aPath,
1.271 + TRequestStatus& aStatus)
1.272 + {
1.273 + iOriginalRequestStatus = &aStatus;
1.274 + aStatus = KRequestPending;
1.275 +
1.276 + // We set up the member variable as required for this function
1.277 + iRoots = &aRoots;
1.278 + iFormat = aFormat;
1.279 + iLabels = &aLabels;
1.280 + iTrustedUsage = aTrustedUsage;
1.281 + iPath = &aPath;
1.282 +
1.283 + iIndex = -1; // -1 because it will be incremented before its first use
1.284 + if (!iSecondCertUtils)
1.285 + {
1.286 + iSecondCertUtils = CCertUtils::NewL(iFs);
1.287 + }
1.288 +
1.289 + if (iCreatedUnifiedCertStore)
1.290 + {
1.291 + delete iCreatedUnifiedCertStore;
1.292 + }
1.293 +
1.294 + iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for
1.295 + // writing
1.296 + iUnifiedCertStore = iCreatedUnifiedCertStore;
1.297 + iCreatedUnifiedCertStore->Initialize(iStatus);
1.298 +
1.299 + iState = EAddCACerts;
1.300 + SetActive();
1.301 + }
1.302 +
1.303 +EXPORT_C void CCertUtils::AddCACertsL(const CDesCArray& aRoots,
1.304 + const CDesCArray& aLabels,
1.305 + TCertificateFormat aFormat,
1.306 + TInt aTrustedUsage,
1.307 + const TDesC& aPath,
1.308 + CUnifiedCertStore& aUnifiedCertStore,
1.309 + TRequestStatus& aStatus)
1.310 + {
1.311 + iOriginalRequestStatus = &aStatus;
1.312 + aStatus = KRequestPending;
1.313 +
1.314 + // We set up the member variable as required for this function
1.315 + iRoots = &aRoots;
1.316 + iFormat = aFormat;
1.317 + iLabels = &aLabels;
1.318 + iTrustedUsage = aTrustedUsage;
1.319 + iPath = &aPath;
1.320 + iUnifiedCertStore = &aUnifiedCertStore;
1.321 +
1.322 + iIndex = -1; // -1 because it will be incremented before its first use
1.323 + if (!iSecondCertUtils)
1.324 + {
1.325 + iSecondCertUtils = CCertUtils::NewL(iFs);
1.326 + }
1.327 +
1.328 + iState = EAddCACerts;
1.329 + SetActive();
1.330 + TRequestStatus* status = &iStatus;
1.331 + User::RequestComplete(status, KErrNone);
1.332 + }
1.333 +
1.334 +EXPORT_C void CCertUtils::RemoveCertsL(CUnifiedCertStore& aUnifiedCertStore,
1.335 + TRequestStatus& aStatus)
1.336 + {
1.337 + iOriginalRequestStatus = &aStatus;
1.338 + aStatus = KRequestPending;
1.339 + iUnifiedCertStore = &aUnifiedCertStore;
1.340 +
1.341 + iState = ERemoveCertsGetCACerts;
1.342 + TRequestStatus* status = &iStatus;
1.343 + User::RequestComplete(status, KErrNone);
1.344 + SetActive();
1.345 + }
1.346 +
1.347 +EXPORT_C void CCertUtils::RemoveCertsL(TRequestStatus& aStatus)
1.348 + {
1.349 + iOriginalRequestStatus = &aStatus;
1.350 + aStatus = KRequestPending;
1.351 + iState = ERemoveCertsGetCACerts;
1.352 +
1.353 + if (iCreatedUnifiedCertStore)
1.354 + {
1.355 + delete iCreatedUnifiedCertStore;
1.356 + }
1.357 +
1.358 + iCreatedUnifiedCertStore = CUnifiedCertStore::NewL(iFs, ETrue); // We want to open it for
1.359 + // writing
1.360 + iUnifiedCertStore = iCreatedUnifiedCertStore;
1.361 + iCreatedUnifiedCertStore->Initialize(iStatus);
1.362 + SetActive();
1.363 + }
1.364 +
1.365 +EXPORT_C void CCertUtils::WriteError(TValidationError aError, Output& aOut)
1.366 + {
1.367 + aOut.writeString(CCertUtils::MapError(aError));
1.368 + }
1.369 +
1.370 +EXPORT_C TPtrC CCertUtils::MapError(TValidationError aError)
1.371 + {
1.372 +
1.373 + switch(aError)
1.374 + {
1.375 + //errors
1.376 + case EValidatedOK:
1.377 + {
1.378 + return (_L("Validated OK"));
1.379 + }
1.380 + case EChainHasNoRoot:
1.381 + {
1.382 + return(_L("Chain has no root"));
1.383 + }
1.384 + case ESignatureInvalid:
1.385 + {
1.386 + return(_L("Signature invalid"));
1.387 + }
1.388 + case EDateOutOfRange:
1.389 + {
1.390 + return(_L("Date out of range"));
1.391 + }
1.392 + case ENameIsExcluded:
1.393 + {
1.394 + return(_L("Name is excluded"));
1.395 + }
1.396 + case ENameNotPermitted:
1.397 + {
1.398 + return(_L("Name is not permitted"));
1.399 + }
1.400 + case ECertificateRevoked:
1.401 + {
1.402 + return(_L("Certificate revoked"));
1.403 + }
1.404 + case EUnrecognizedCriticalExtension:
1.405 + {
1.406 + return(_L("Unrecognized Critical Extension"));
1.407 + }
1.408 + case ENoBasicConstraintInCACert:
1.409 + {
1.410 + return(_L("CA cert with no Basic Constraint"));
1.411 + }
1.412 + case ENoAcceptablePolicy:
1.413 + {
1.414 + return(_L("No acceptable policy"));
1.415 + }
1.416 + case EPathTooLong:
1.417 + {
1.418 + return(_L("Path too long"));
1.419 + }
1.420 + case ENegativePathLengthSpecified:
1.421 + {
1.422 + return(_L("Negative path length specified"));
1.423 + }
1.424 + case ENamesDontChain:
1.425 + {
1.426 + return(_L("Names don't chain"));
1.427 + }
1.428 + case ERequiredPolicyNotFound:
1.429 + {
1.430 + return(_L("Required policy not found"));
1.431 + }
1.432 + case EBadKeyUsage:
1.433 + {
1.434 + return(_L("Bad key usage"));
1.435 + }
1.436 + case ENotCACert:
1.437 + {
1.438 + return(_L("Non-CA cert used as CA cert"));
1.439 + }
1.440 + //warnings
1.441 + case ERootCertNotSelfSigned:
1.442 + {
1.443 + return(_L("Root cert not self-signed"));
1.444 + }
1.445 + case ECriticalExtendedKeyUsage:
1.446 + {
1.447 + return(_L("Critical extended key usage"));
1.448 + }
1.449 + case ECriticalCertPoliciesWithQualifiers:
1.450 + {
1.451 + return(_L("Critical cert policies with qualifiers"));
1.452 + }
1.453 + case ECriticalPolicyMapping:
1.454 + {
1.455 + return(_L("Critical policy mapping"));
1.456 + }
1.457 + case ECriticalDeviceId:
1.458 + {
1.459 + return(_L("Critical Device Id"));
1.460 + }
1.461 + case ECriticalSid:
1.462 + {
1.463 + return(_L("Critical Sid"));
1.464 + }
1.465 + case ECriticalVid:
1.466 + {
1.467 + return(_L("Critical Vid"));
1.468 + }
1.469 + case ECriticalCapabilities:
1.470 + {
1.471 + return(_L("Critical Capabilities"));
1.472 + }
1.473 + }
1.474 + return (_L("Unknown Error"));
1.475 + }
1.476 +
1.477 +
1.478 +EXPORT_C HBufC* CCertUtils::DiagnosticLC() const
1.479 + {
1.480 + HBufC* result = HBufC::NewLC(600);
1.481 + switch (iDiagnosticState)
1.482 + {
1.483 + case EAddCert:
1.484 + result->Des().Append(_L("EAddCACert"));
1.485 + result->Des().Append(_L(" : "));
1.486 + result->Des().Append(iDiagnosticMessage);
1.487 + break;
1.488 +
1.489 + default:
1.490 + break;
1.491 + }
1.492 +
1.493 + return result;
1.494 + }
1.495 +
1.496 +EXPORT_C void CCertUtils::AddApplicationL(const TDesC& aName, TUid aUid) const
1.497 + {
1.498 + CCertificateAppInfoManager* appManager = CCertificateAppInfoManager::NewL(iFs, ETrue);
1.499 + CleanupStack::PushL(appManager);
1.500 +
1.501 + // Only add the application if it doesn't exist already
1.502 + const RArray<TCertificateAppInfo>& apps = appManager->Applications();
1.503 + TInt i;
1.504 + for (i = 0 ; i < apps.Count() ; ++i)
1.505 + {
1.506 + if (apps[i].Id() == aUid && apps[i].Name() == aName)
1.507 + break;
1.508 + }
1.509 +
1.510 + if (i == apps.Count())
1.511 + {
1.512 + appManager->AddL(TCertificateAppInfo(aUid, aName));
1.513 + }
1.514 +
1.515 + CleanupStack::PopAndDestroy(appManager);
1.516 + }
1.517 +
1.518 +EXPORT_C void CCertUtils::RemoveApplicationL(TUid aUid) const
1.519 + {
1.520 + CCertificateAppInfoManager* appManager = CCertificateAppInfoManager::NewL(iFs, ETrue);
1.521 + CleanupStack::PushL(appManager);
1.522 + appManager->RemoveL(aUid);
1.523 + CleanupStack::PopAndDestroy(appManager);
1.524 + }
1.525 +
1.526 +
1.527 +void CCertUtils::ConstructL()
1.528 + {
1.529 + iCAFilter = CCertAttributeFilter::NewL();
1.530 + iCAFilter->SetOwnerType(ECACertificate);
1.531 + iUserFilter = CCertAttributeFilter::NewL();
1.532 + iUserFilter->SetOwnerType(EUserCertificate);
1.533 + }
1.534 +
1.535 +void CCertUtils::HandleEAddCACertsL()
1.536 + {
1.537 + iIndex++;
1.538 + if (iIndex < iRoots->Count())
1.539 + {
1.540 + // We still have some certificates to add
1.541 + if (iCertData)
1.542 + {
1.543 + delete iCertData;
1.544 + iCertData = 0;
1.545 + }
1.546 + iCertData = iRoots->MdcaPoint(iIndex).AllocL();
1.547 + if (iLabelData)
1.548 + {
1.549 + delete iLabelData;
1.550 + iLabelData = 0;
1.551 + }
1.552 + iLabelData = iLabels->MdcaPoint(iIndex).AllocL();
1.553 + iSecondCertUtils->AddCert(*iLabelData, iFormat, ECACertificate,
1.554 + iTrustedUsage, *iPath, *iCertData, *iUnifiedCertStore, iStatus);
1.555 + SetActive();
1.556 + }
1.557 + else
1.558 + {
1.559 + // We have finished adding all the certificates
1.560 + delete iSecondCertUtils;
1.561 + iSecondCertUtils = 0;
1.562 + delete iCreatedUnifiedCertStore;
1.563 + iCreatedUnifiedCertStore = 0;
1.564 + User::RequestComplete(iOriginalRequestStatus, KErrNone);
1.565 + }
1.566 + }
1.567 +
1.568 +void CCertUtils::HandleEAddCACertL()
1.569 + {
1.570 + // At this stage we should always have an initialized iStoreManager
1.571 + __ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
1.572 +
1.573 + // We use the first writable certstore
1.574 + iStore = &iUnifiedCertStore->WritableCertStore(0);
1.575 +
1.576 + __ASSERT_DEBUG(!iCertificate, User::Panic(_L("TCertUtils"), 1));
1.577 + iCertificate = 0;
1.578 + TRAPD(err, iCertificate =
1.579 + CCertUtils::CertFromFileL(*iCertificateFileName, *iPath, iFs, iFormat));
1.580 + if (err != KErrNone)
1.581 + {
1.582 + if (err != KErrNoMemory)
1.583 + {
1.584 + iDiagnosticMessage.Zero();
1.585 + iDiagnosticMessage.Append(_L("CertFromFileL failed ("));
1.586 + iDiagnosticMessage.Append(*iCertificateFileName);
1.587 + iDiagnosticMessage.Append(_L(")"));
1.588 + }
1.589 + User::Leave(err);
1.590 + }
1.591 + iEncoding.Set(iCertificate->Encoding());
1.592 + iStore->Add(*iLabel, iFormat, iCertificateOwnerType, 0, 0, iEncoding, iStatus);
1.593 + iState = EAddCACertGetCAEntry;
1.594 + SetActive();
1.595 + }
1.596 +
1.597 +void CCertUtils::HandleEAddCACertGetCAEntry()
1.598 + {
1.599 + delete iCertificate;
1.600 + iCertificate = 0;
1.601 + iCACertStoreEntries.Close();
1.602 + iUnifiedCertStore->List(iCACertStoreEntries, *iCAFilter, iStatus);
1.603 + iState = EAddCACertSetApplications;
1.604 + SetActive();
1.605 + }
1.606 +
1.607 +void CCertUtils::HandleEAddCACertSetApplicationsL()
1.608 + {
1.609 + CCTCertInfo* entry = 0;
1.610 + TInt iEnd = iCACertStoreEntries.Count();
1.611 + for (TInt i = 0; i < iEnd; i++)
1.612 + {
1.613 + if (iCACertStoreEntries[i]->Label() == *iLabel)
1.614 + {
1.615 + entry = iCACertStoreEntries[i];
1.616 + }
1.617 + }
1.618 +
1.619 + __ASSERT_ALWAYS(entry, User::Panic(_L("TCertUtils"), 1));
1.620 +
1.621 + iTrusters.Reset();
1.622 + TUid truster = { iTrustedUsage };
1.623 + User::LeaveIfError(iTrusters.Append(truster));
1.624 +
1.625 + iUnifiedCertStore->SetApplicability(*entry, iTrusters, iStatus);
1.626 + iState = EAddCACertSetTrust;
1.627 + SetActive();
1.628 + }
1.629 +
1.630 +void CCertUtils::HandleEAddCACertSetTrust()
1.631 + {
1.632 + CCTCertInfo* entry = 0;
1.633 + TInt iEnd = iCACertStoreEntries.Count();
1.634 + for (TInt i = 0; i < iEnd; i++)
1.635 + {
1.636 + if (iCACertStoreEntries[i]->Label() == *iLabel)
1.637 + {
1.638 + entry = iCACertStoreEntries[i];
1.639 + }
1.640 + }
1.641 +
1.642 + __ASSERT_ALWAYS(entry, User::Panic(_L("TCertUtils"), 1));
1.643 +
1.644 + iUnifiedCertStore->SetTrust(*entry, ETrue, iStatus);
1.645 + iState = EAddCACertFinished;
1.646 + SetActive();
1.647 + }
1.648 +
1.649 +void CCertUtils::HandleEAddCACertFinishedL()
1.650 + {
1.651 + User::RequestComplete(iOriginalRequestStatus, iStatus.Int());
1.652 + }
1.653 +
1.654 +void CCertUtils::HandleERemoveCertsGetCACerts()
1.655 + {
1.656 + // At this stage we should always have an initialized iStoreManager
1.657 + __ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
1.658 +
1.659 + iCACertStoreEntries.Close();
1.660 + iUnifiedCertStore->List(iCACertStoreEntries, *iCAFilter, iStatus);
1.661 +
1.662 + iState = ERemoveCertsCACertsRetrieved;
1.663 + SetActive();
1.664 + }
1.665 +
1.666 +void CCertUtils::HandleERemoveCertsCACertsRetrieved()
1.667 + {
1.668 + // This index will be used to keep track of the current entry
1.669 + iIndex = -1;
1.670 +
1.671 + iState = ERemoveCertsRemoveCACerts;
1.672 + TRequestStatus* status = &iStatus;
1.673 + SetActive();
1.674 + User::RequestComplete(status, KErrNone);
1.675 + }
1.676 +
1.677 +void CCertUtils::HandleERemoveCertsRemoveCACerts()
1.678 + {
1.679 + iIndex++;
1.680 + if (iIndex < iCACertStoreEntries.Count())
1.681 + {
1.682 + // Remove this certificate if it can be deleted.
1.683 +
1.684 + CCTCertInfo& cert = *iCACertStoreEntries[iIndex];
1.685 +
1.686 + // Unfortunately, certs in non-writable stores can still be
1.687 + // marked as deletable, so need to check if cert is also in a
1.688 + // writable store.
1.689 +
1.690 + TBool isDeletable = cert.IsDeletable();
1.691 +
1.692 + TBool inWritableStore = EFalse;
1.693 +
1.694 + TCTTokenObjectHandle certHandle(cert.Handle());
1.695 + TInt writeStoreCount = iUnifiedCertStore->WritableCertStoreCount();
1.696 + for (TInt i = 0; i < writeStoreCount; ++i)
1.697 + {
1.698 + MCTWritableCertStore& wcs = iUnifiedCertStore->WritableCertStore(i);
1.699 + if (wcs.Token().Handle() == certHandle.iTokenHandle)
1.700 + {
1.701 + inWritableStore = ETrue;
1.702 + break;
1.703 + }
1.704 + }
1.705 +
1.706 + if (isDeletable && inWritableStore)
1.707 + {
1.708 + iUnifiedCertStore->Remove(cert, iStatus);
1.709 + SetActive();
1.710 + }
1.711 + else
1.712 + {
1.713 + TRequestStatus* status = &iStatus;
1.714 + SetActive();
1.715 + User::RequestComplete(status, KErrNone);
1.716 + }
1.717 + }
1.718 + else
1.719 + {
1.720 + iState = ERemoveCertsGetUserCerts;
1.721 + TRequestStatus* status = &iStatus;
1.722 + SetActive();
1.723 + User::RequestComplete(status, KErrNone);
1.724 + }
1.725 + }
1.726 +
1.727 +void CCertUtils::HandleERemoveCertsGetUserCerts()
1.728 + {
1.729 + // At this stage we should always have an initialized iStoreManager
1.730 + __ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
1.731 +
1.732 + iUserCertStoreEntries.Close();
1.733 + iUnifiedCertStore->List(iUserCertStoreEntries, *iUserFilter, iStatus);
1.734 +
1.735 + iState = ERemoveCertsUserCertsRetrieved;
1.736 + SetActive();
1.737 + }
1.738 +
1.739 +void CCertUtils::HandleERemoveCertsUserCertsRetrieved()
1.740 + {
1.741 + iIndex = -1;
1.742 +
1.743 + iState = ERemoveCertsRemoveUserCerts;
1.744 + TRequestStatus* status = &iStatus;
1.745 + SetActive();
1.746 + User::RequestComplete(status, KErrNone);
1.747 + }
1.748 +
1.749 +void CCertUtils::HandleERemoveCertsRemoveUserCerts()
1.750 + {
1.751 + // At this stage we should always have an initialized iStoreManager
1.752 + __ASSERT_DEBUG(iUnifiedCertStore, User::Panic(_L("TCertUtils"), 1));
1.753 +
1.754 + iIndex++;
1.755 + if (iIndex < iUserCertStoreEntries.Count())
1.756 + {
1.757 + iUnifiedCertStore->Remove(*iUserCertStoreEntries[iIndex], iStatus);
1.758 + SetActive();
1.759 + }
1.760 + else
1.761 + {
1.762 + iState = ERemoveCertsFinished;
1.763 + TRequestStatus* status = &iStatus;
1.764 + SetActive();
1.765 + User::RequestComplete(status, KErrNone);
1.766 + }
1.767 + }
1.768 +
1.769 +void CCertUtils::HandleERemoveCertsFinished()
1.770 + {
1.771 + User::RequestComplete(iOriginalRequestStatus, KErrNone);
1.772 + }
1.773 +