Symaptic: os/security/cryptoservices/certificateandkeymgmt/pkixcertbase/pkixcertchainao.h@bde4ae8d615e

     1 /*

     2 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of the License "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description:

    15 * CPKIXCertChainAO class implementation

    16 *

    17 */

    20 /**

    21  @file

    22  @internalTechnology

    23 */

    25 #ifndef __PKIXCERTCHAINAO_H__

    26 #define __PKIXCERTCHAINAO_H__

    28 #include <e32base.h>

    29 #include "pkixcerts.h"

    30 #include "pkixchainbuilder.h"

    31 #include "pkixcertstate.h"

    32 #include <x509cert.h>

    33 #include <x509certext.h>

    34 #include <x509gn.h>

    35 #include <pkixcertchain.h>

    37 class CPKIXCertChainBase;

    39 /**

    40  * This class handles the asynchronous part of the pkix chain validation. It

    41  * is an active object which handles the asynchronous certificate store operations.

    42  */

    43 class CPKIXCertChainAO : public CActive

    44 {

    45 public:

    46 	static CPKIXCertChainAO* NewL(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain,

    47 		const RPointerArray<CX509Certificate>& aRootCerts);

    48 	static CPKIXCertChainAO* NewL(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain,

    49 		const TUid aClient);

    50 	virtual ~CPKIXCertChainAO();

    52 private:

    53 	CPKIXCertChainAO(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain);

    54 	CPKIXCertChainAO(MCertStore& aCertStore, CPKIXCertChainBase &aPKIXCertChain, const TUid aClient);

    55 	void ConstructL(const RPointerArray<CX509Certificate>& aRootCerts);

    57 public:

    58 	void RunL();

    59 	TInt RunError(TInt aError);

    60 	void DoCancel();

    62 private:

    63 	void HandleEStoreManagerInitializationL();

    64 	void HandleEStoreManagerInitializedL();

    65 	void HandleEAddRootsL();

    66 	void HandleERootsInitializedL();

    67 	void HandleEBuildChainStartL();

    68 	void HandleEBuildChainAddCandidateEndL();

    69 	void HandleEBuildChainCertsFromStoreBeginL();

    70 	void HandleEBuildChainCertsFromStoreEndL();

    71 	void HandleEAddCandidateIntermediateCertsEndL();

    72 	void HandleEValidateEndL();

    74 	// Request functions

    75 public:

    76 	void ValidateL(CPKIXValidationResultBase& aValidationResult, const TTime& aValidationTime,

    77 		const CArrayPtr<HBufC>* aInitialPolicies, TRequestStatus& aStatus);

    78 	void CancelValidate();

    80 private:

    81 	void InitParamsL();

    82 	void SetParamsL(CX509Certificate& aCert, const TPtrC8& aEncodedParams);

    83 	void DoValidateL(CPKIXValidationResultBase& aValidationResult, const TTime& aValidationTime,

    84 		const CArrayPtr<HBufC>* aInitialPolicies);

    85 	void ProcessCertsL(CPKIXValidationState& aState, CPKIXValidationResultBase& aResult) const;

    86 	void CriticalExtsL(CPKIXValidationState& aState, const CX509Certificate& aCert) const;

    87 	void CheckSignatureAndNameL(const CX509Certificate& aCert, CPKIXValidationState& aState,

    88 								CPKIXValidationResultBase& aResult) const;

    89 	void CheckCriticalExtsL(CPKIXValidationState& aState,

    90 		CPKIXValidationResultBase& aResult) const;

    92 	/**

    93 	 * The states used to know what to do in the RunL function.

    94 	 */

    95 	enum TState

    96 	{

    97 		EAddRoots,

    98 		ERootsInitialized,

    99 		EBuildChainStart,

   100 		EBuildChainAddCandidateEnd,

   101 		EBuildChainCertsFromStoreBegin,

   102 		EBuildChainCertsFromStoreEnd,

   103 		EAddCandidateIntermediateCertsEnd,

   104 		EValidateEnd

   105 	};

   107 private:

   108 	MCertStore* iCertStore;

   109 	// a reference to the object which owns this instance

   110 	CPKIXCertChainBase &iPKIXCertChain;

   111 	TUid iClient;

   112 	TState iState;

   114 	/**

   115 	 * <P>Ownership of this object is peculiar.</P>

   116 	 * <P>We need this to be a member because it is created and initialized in

   117 	 * the EAddRoots handler but is only added to iRoots in the ERootsInitialized

   118 	 * handler. iRoots takes ownesrhip of it, so it is set to 0 afterwards.</P>

   119 	 * <P>The only case where the destructor will have to delete it, is when a leave

   120 	 * occurs between the EAddRoots and ERootsInitialized states.</P>

   121 	 */

   122 	CPKIXCertsFromStore* iCertsFromStoreRoots;

   124 	TRequestStatus* iOriginalRequestStatus;

   126 	/**

   127 	 * The roots that we trust.

   128 	 * This can be given

   129 	 * <UL>

   130 	 * <LI>explicitly : the user gives a set of root certificates at construction time.</LI>

   131 	 * <LI>implicitly : the user gives the uid of the application and the validation code

   132 	 * retrieves the root certificates trusted for this application from the certificate

   133 	 * store.</LI>

   134 	 * </UL>

   135 	 */

   136 	CPKIXChainBuilder* iRoots;

   138 	CPKIXChainBuilder* iBuilder;

   140 	/**

   141 	 * To store the parameters passed to CPKIXCertChainBase::Validate

   142 	 */

   143 	CPKIXValidationResultBase* iValidationResult;

   144 	/**

   145 	 * To store the parameters passed to CPKIXCertChainBase::Validate

   146 	 */

   147 	TTime iValidationTime;

   148 	/**

   149 	 * To store the parameters passed to CPKIXCertChainBase::Validate

   150 	 */

   151 	const CArrayPtr<HBufC>* iInitialPolicies;

   153 	TBool iAddIssuerResult;

   155 	TInt iNumberOfAddedCertificates;

   156 };

   158 #endif

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--