os/security/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/CKeyDataManager.h
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/filebasedcertificateandkeystores/source/keystore/Server/CKeyDataManager.h Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,298 @@
1.4 +/*
1.5 +* Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +* Implements CFileKeyData and CFileKeyDataManager
1.19 +*
1.20 +*/
1.21 +
1.22 +
1.23 +/**
1.24 + @file
1.25 + @internalTechnology
1.26 +*/
1.27 +
1.28 +#ifndef __CKEYDATAMANAGER_H__
1.29 +#define __CKEYDATAMANAGER_H__
1.30 +
1.31 +#include <s32file.h>
1.32 +#include <ct/tcttokenobjecthandle.h>
1.33 +#include <ct.h>
1.34 +
1.35 +class CKeyInfo;
1.36 +class CPassphraseManager;
1.37 +class CPassphrase;
1.38 +
1.39 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.40 +#include <authserver/authtypes.h>
1.41 +#include <e32property.h>
1.42 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.43 +
1.44 +#ifdef KEYTOOL
1.45 +#include <authserver/authtypes.h>
1.46 +#include <e32property.h>
1.47 +#endif // KEYTOOL
1.48 +
1.49 +/**
1.50 + * Server side in-memory representation of a key for file key store management
1.51 + * purposes. Objects of this type are stored in an in-memory array for quick
1.52 + * keystore lookup.
1.53 + */
1.54 +class CFileKeyData : public CBase
1.55 + {
1.56 +public:
1.57 + /// Create a new key data object
1.58 + static CFileKeyData* NewLC(TInt aObjectId, const TDesC& aLabel, TStreamId aInfoData,
1.59 + TStreamId aPassphraseId, TStreamId aPublicData, TStreamId aPrivateData);
1.60 + /// Read a key data object from a stream
1.61 + static CFileKeyData* NewL(RStoreReadStream& aReadStream);
1.62 +
1.63 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.64 + static CFileKeyData* NewLC( TInt aObjectId, const TDesC& aLabel,
1.65 + TStreamId aInfoData, TStreamId aPublicData,
1.66 + TStreamId aPrivateData, AuthServer::TIdentityId aIdentityId);
1.67 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.68 +
1.69 +#ifdef KEYTOOL
1.70 + static CFileKeyData* CreateOldKeyL(RStoreReadStream& aReadStream);
1.71 +#endif // KEYTOOL
1.72 +public:
1.73 + ~CFileKeyData();
1.74 +public:
1.75 + /// Write out the key data to a stream
1.76 + void ExternalizeL(RWriteStream&) const;
1.77 +#ifdef KEYTOOL
1.78 + void ExternalizeWithAuthL(RWriteStream& aWriteStream) ;
1.79 +#endif // KEYTOOL
1.80 +public:
1.81 + inline const TDesC& Label() const;
1.82 + inline TInt32 Handle() const;
1.83 + inline TStreamId InfoDataStreamId() const;
1.84 + inline TStreamId PassphraseStreamId() const;
1.85 + inline TStreamId PublicDataStreamId() const;
1.86 + inline TStreamId PrivateDataStreamId() const;
1.87 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.88 + inline AuthServer::TIdentityId Identity() const;
1.89 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.90 +#ifdef KEYTOOL
1.91 + inline void SetInfoDataStreamId( TStreamId& aInfoDataStreamId );
1.92 + inline void SetPublicDataStreamId( TStreamId& aPublicDataStreamId );
1.93 + inline void SetPrivateDataStreamId( TStreamId& aPrivateDataStreamId );
1.94 + inline AuthServer::TIdentityId Identity() const;
1.95 +#endif // KEYTOOL
1.96 +private:
1.97 + CFileKeyData(TInt aObjectId, TStreamId aInfoData, TStreamId aPassphraseId,
1.98 + TStreamId aPublicData, TStreamId aPrivateData);
1.99 +
1.100 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.101 + CFileKeyData( TInt aObjectId, TStreamId aInfoData,
1.102 + TStreamId aPublicData, TStreamId aPrivateData,
1.103 + AuthServer::TIdentityId aIdentityId);
1.104 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.105 +
1.106 +#ifdef KEYTOOL
1.107 + CFileKeyData( TInt aObjectId, TStreamId aInfoData,
1.108 + TStreamId aPublicData, TStreamId aPrivateData,
1.109 + AuthServer::TIdentityId aIdentityId);
1.110 +#endif // KEYTOOL
1.111 +
1.112 + CFileKeyData();
1.113 + void ConstructL(const TDesC& aLabel);
1.114 + void InternalizeL(RReadStream&);
1.115 +#ifdef KEYTOOL
1.116 + void InternalizeOldKeyL(RReadStream& aReadStream);
1.117 +#endif // KEYTOOL
1.118 +
1.119 +private:
1.120 + TInt iObjectId; ///< Data to identify the key
1.121 + TStreamId iInfoData; ///< ID of stream holding publicly available data for key
1.122 + TStreamId iPassphraseId; ///< ID of stream holding passphrase data (not currently used)
1.123 + TStreamId iPublicKeyData; ///< ID of stream holding public key data
1.124 + TStreamId iPrivateKeyData; ///< ID of stream holding private key data
1.125 + HBufC* iLabel; ///< Key label data
1.126 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.127 + AuthServer::TIdentityId iIdentityId;
1.128 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.129 +#ifdef KEYTOOL
1.130 + AuthServer::TIdentityId iIdentityId;
1.131 +#endif // KEYTOOL
1.132 +};
1.133 +
1.134 +inline const TDesC& CFileKeyData::Label() const
1.135 + {
1.136 + return *iLabel;
1.137 + }
1.138 +
1.139 +inline TInt32 CFileKeyData::Handle() const
1.140 + {
1.141 + return iObjectId;
1.142 + }
1.143 +
1.144 +inline TStreamId CFileKeyData::InfoDataStreamId() const
1.145 + {
1.146 + return iInfoData;
1.147 + }
1.148 +
1.149 +inline TStreamId CFileKeyData::PassphraseStreamId() const
1.150 + {
1.151 + return iPassphraseId;
1.152 + }
1.153 +
1.154 +inline TStreamId CFileKeyData::PublicDataStreamId() const
1.155 + {
1.156 + return iPublicKeyData;
1.157 + }
1.158 +
1.159 +inline TStreamId CFileKeyData::PrivateDataStreamId() const
1.160 + {
1.161 + return iPrivateKeyData;
1.162 + }
1.163 +
1.164 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.165 +inline AuthServer::TIdentityId CFileKeyData::Identity() const
1.166 + {
1.167 + return iIdentityId;
1.168 + }
1.169 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.170 +
1.171 +#ifdef KEYTOOL
1.172 + inline void CFileKeyData::SetInfoDataStreamId( TStreamId& aInfoDataStreamId )
1.173 + {
1.174 + iInfoData = aInfoDataStreamId;
1.175 + }
1.176 +
1.177 + inline void CFileKeyData::SetPublicDataStreamId( TStreamId& aPublicDataStreamId )
1.178 + {
1.179 + iPublicKeyData = aPublicDataStreamId;
1.180 + }
1.181 +
1.182 + inline void CFileKeyData::SetPrivateDataStreamId( TStreamId& aPrivateDataStreamId )
1.183 + {
1.184 + iPrivateKeyData = aPrivateDataStreamId;
1.185 + }
1.186 +
1.187 +#endif // KEYTOOL
1.188 +/**
1.189 + * Access the server file store of all keys and key data. The only class to
1.190 + * access the store, which maintains store integrity When a new key is created,
1.191 + * it is represented by a CFileKeyData object and added to the array.
1.192 + */
1.193 +class CFileKeyDataManager : public CBase
1.194 +{
1.195 +public:
1.196 + static CFileKeyDataManager* NewL();
1.197 + ~CFileKeyDataManager();
1.198 +public:
1.199 + CPassphraseManager* CreatePassphraseManagerLC();
1.200 + void AddL(const CFileKeyData*);
1.201 + void RemoveL(TInt aObjectId);
1.202 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.203 + TBool IsKeyAlreadyInStore(const TDesC& aKeyLabel, AuthServer::TIdentityId aIdentity) const;
1.204 +#else
1.205 + TBool IsKeyAlreadyInStore(const TDesC& aKeyLabel) const;
1.206 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.207 +public:
1.208 + /// Get the id of the default passphrase, or KNullStreamId if it doesn't exist yet.
1.209 + TStreamId DefaultPassphraseId() const;
1.210 + /// Create a new key data object for a key create/import and leave it one the cleanup stack
1.211 + const CFileKeyData* CreateKeyDataLC(const TDesC& aLabel, TStreamId aPassphrase);
1.212 +
1.213 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.214 + const CFileKeyData* CreateKeyDataLC(const TDesC& aLabel, AuthServer::TIdentityId aIdentity);
1.215 + TUint32 CachedIdentity();
1.216 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.217 +
1.218 + /// Reads the info data for a given key, returning a new CKeyInfo that's on the cleanup stack
1.219 + CKeyInfo* ReadKeyInfoLC(const CFileKeyData& aKeyData) const;
1.220 +
1.221 + /// Writes key info data for a key
1.222 + void WriteKeyInfoL(const CFileKeyData& aKeyData, const CKeyInfo& aKeyInfo);
1.223 + /// Writes key info data and reverts changes to the store if if leaves
1.224 + void SafeWriteKeyInfoL(const CFileKeyData& aKeyData, const CKeyInfo& aKeyInfo);
1.225 + // Methods for opening data streams for a key
1.226 + void OpenPublicDataStreamLC(const CFileKeyData& aKeyData, RStoreWriteStream& aStream);
1.227 + void OpenPublicDataStreamLC(const CFileKeyData& aKeyData, RStoreReadStream& aStream) const;
1.228 + void OpenPrivateDataStreamLC(const CFileKeyData& aKeyData, CPassphrase& aPassphrase, RStoreReadStream& aStream);
1.229 +
1.230 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.231 + void OpenPrivateDataStreamLC(const CFileKeyData& aKeyData, RStoreWriteStream& aStream);
1.232 + void OpenPrivateDataStreamLC(const CFileKeyData& aKeyData, RStoreReadStream& aStream) const;
1.233 +#else
1.234 + void OpenPrivateDataStreamLC(const CFileKeyData& aKeyData, CPassphrase& aPassphrase, RStoreWriteStream& aStream);
1.235 +
1.236 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.237 +
1.238 + /*
1.239 + * not currently implemented, but might be someday
1.240 + /// Create a new passphrase by prompting the user and pass back its id.
1.241 + void CreatePassphrase(CPassphraseManager& aPassMan, TStreamId& aIdOut, TRequestStatus& aStatus);
1.242 + /// Remove an existing passphrase. Leaves if the passphrase is used by any key.
1.243 + void RemovePassphraseL(TStreamId aId);
1.244 + */
1.245 +
1.246 +public:
1.247 + TInt Count() const;
1.248 + const CFileKeyData* operator[](TInt aIndex) const;
1.249 + const CFileKeyData* Lookup(TInt aObjectId) const;
1.250 +public:
1.251 + /**
1.252 + * Get the passphrase timeout. A timeout of zero indicates
1.253 + * that passphrases are never cached. A timeout of -1 means cache until an
1.254 + * explicit close operation occurs.
1.255 + */
1.256 + TInt GetPassphraseTimeout() const;
1.257 + void SetPassphraseTimeoutL(TInt aTimeout);
1.258 +private:
1.259 + CFileKeyDataManager();
1.260 + void ConstructL();
1.261 +private: // Manages access to store
1.262 + void OpenStoreL();
1.263 + void OpenStoreInFileL(const TDesC& aFile);
1.264 + void CreateStoreInFileL(const TDesC& aFile);
1.265 +private:
1.266 + void OpenInfoDataStreamLC(const CFileKeyData& aKeyData, RStoreWriteStream&);
1.267 + static void RevertStore(TAny* aStore); // Cleanupitem
1.268 + void WriteKeysToStoreL();
1.269 + void UpdateStoreL();
1.270 + TStreamId CreateWriteStreamL();
1.271 + void ReadPassphraseTimeoutL();
1.272 + void WritePassphraseTimeoutL();
1.273 + void CompactStore();
1.274 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.275 + const HBufC8* DecryptKey(const TDesC8& aEncryptedKey);
1.276 + void WriteAuthDetailsL( RStoreWriteStream& aInfoStream, const CKeyInfo& aKeyInfo );
1.277 + void ReadAuthDetailsL( RStoreReadStream& aInfoStream, CKeyInfo& aKeyInfo ) const;
1.278 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.279 +
1.280 +private:
1.281 + RFile iFile;
1.282 + RFs iFs;
1.283 + CPermanentFileStore* iFileStore;
1.284 + TStreamId iRootStreamId; ///< Root of the store
1.285 + TStreamId iInfoStreamId; ///< Stream that contains list of key data
1.286 +
1.287 +#ifdef SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.288 + RProperty iIdentityId;
1.289 +#else
1.290 + TStreamId iPassStreamId; ///< Stream for the default passphrase
1.291 + TStreamId iTimeoutStreamId; ///< Stream for timeout data
1.292 +#endif // SYMBIAN_KEYSTORE_USE_AUTH_SERVER
1.293 +
1.294 +private:
1.295 + TInt iKeyIdentifier;
1.296 + RPointerArray<const CFileKeyData> iKeys; ///< In memory representation of keys in the store
1.297 + TInt iTimeout; ///< The passphrase timeout
1.298 +
1.299 +};
1.300 +
1.301 +#endif