os/security/cryptoservices/certificateandkeymgmt/wtlscert/wtlscertchainao.h
author sl@SLION-WIN7.fritz.box
Fri, 15 Jun 2012 03:10:57 +0200
changeset 0 bde4ae8d615e
permissions -rw-r--r--
First public contribution.
     1 /*
     2 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
     3 * All rights reserved.
     4 * This component and the accompanying materials are made available
     5 * under the terms of the License "Eclipse Public License v1.0"
     6 * which accompanies this distribution, and is available
     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
     8 *
     9 * Initial Contributors:
    10 * Nokia Corporation - initial contribution.
    11 *
    12 * Contributors:
    13 *
    14 * Description: 
    15 * CWTLSCertChainAO class implementation
    16 *
    17 */
    18 
    19 
    20 /**
    21  @file 
    22  @internalTechnology
    23 */
    24  
    25 #ifndef __WTLSCERTCHAINAO_H__
    26 #define __WTLSCERTCHAINAO_H__
    27 
    28 #include <e32base.h>
    29 #include <f32file.h>
    30 #include <unifiedcertstore.h>
    31 #include <hash.h>
    32 
    33 
    34 class CWTLSCertChain;
    35 class CWTLSValidationResult;
    36 class CWTLSCertificate;
    37 
    38 /**
    39  * This class handles the asynchronous part of the wtls chain validation. It
    40  * is an active object which handles the asynchronous certificate store operations.
    41  */
    42 class CWTLSCertChainAO : public CActive
    43 {
    44 public:
    45 	static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain,
    46 		const CArrayPtr<CWTLSCertificate>& aRootCerts);
    47 	static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain, 
    48 		const TUid aClient);
    49 	virtual ~CWTLSCertChainAO();
    50 	virtual TInt RunError(TInt aError);
    51 
    52 private:
    53 	CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain);
    54 	CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain, const TUid aClient);
    55 	void ConstructL(const CArrayPtr<CWTLSCertificate>& aRootCerts);
    56 
    57 public:
    58 	void RunL();
    59 	void DoCancel();
    60 
    61 private:
    62 	/**
    63 	 * This function creates a CCertStoreManager,
    64 	 * calls CCertStoreManager initialise and sets the state
    65 	 * to EStoreManagerInitialized
    66 	 */
    67 	void HandleEStoreManagerInitializationL();
    68 	void HandleEStoreManagerInitializedL();
    69 	void HandleEGetCertHashesL();
    70 	void HandleEPruneListL();
    71 	void HandleEPruneListDoneL();
    72 	void HandleECheckTCAL();
    73 	void HandleEIsChainSelfSignedL();
    74 	void HandleERetrieveRootsL();
    75 	void HandleEAddRootToListL();
    76 	void HandleEFindRootL();
    77 	void HandleEValidateEndL();
    78 
    79 	// Request functions
    80 public:
    81 	void Validate(CWTLSValidationResult& aValidationResult, const TTime& aValidationTime,							
    82 		TRequestStatus& aStatus);
    83 
    84 private:
    85 	TBool CheckSignatureAndNameL(const CWTLSCertificate& aCert,
    86 		CWTLSValidationResult& aResult, TInt aPos) const;
    87 	TBool CheckValidityPeriod(const CWTLSCertificate& aCert,
    88 		CWTLSValidationResult& aResult,	const TTime aTime, TInt aPos) const;
    89 	HBufC8& GeneratePublicKeyHashL(const CWTLSCertificate& aCert) const;
    90 
    91 	enum TState
    92 	{
    93 		EStoreManagerInitialization = 0,
    94 		EStoreManagerInitialized,
    95 		EGetCertHashes,
    96 		EPruneList,
    97 		EPruneListDone,
    98 		ECheckTCA,
    99 		EIsChainSelfSigned,
   100 		ERetrieveRoots,
   101 		EAddRootToList,
   102 		EFindRoot,
   103 		EValidateEnd
   104 	};
   105 
   106 private:
   107 	RFs& iFs;
   108 	CUnifiedCertStore* iCertStoreManager;
   109 	/**
   110 	 * List of the subject hashes from the cert store
   111 	 * The elements remained owned by the CCTCertInfo
   112 	 */
   113 	RPointerArray< TBuf8<20> > iRootSubjectStoreHashList;
   114 	/**
   115 	 * List of the subject hashes from the passed in certs
   116 	 * We own this object and all its elements
   117 	 */
   118 	RPointerArray< HBufC8 > iRootSubjectClientHashList;
   119 	CCertAttributeFilter* iFilter;
   120 	/**
   121 	 * Stores info on the certs in the cert store
   122 	 * We own this object and all its elements
   123 	 */
   124 	RMPointerArray<CCTCertInfo> iCertInfos;
   125 	/**
   126 	 * Indicates whether iWTLSCertChain.iChain was pruned or not
   127 	 */
   128 	TBool iPruned;
   129 	/**
   130 	 * The index within iChain that the chain was pruned
   131 	 */
   132 	TInt iPrunedChainLength;
   133 
   134 	CWTLSCertChain& iWTLSCertChain;
   135 	TUid iClient;
   136 	TPtr8 iEncodedCert;
   137 	HBufC8* iEncodedCertTemp;
   138 
   139 	TState iState;
   140 
   141 	TRequestStatus* iOriginalRequestStatus;
   142 
   143 	/**
   144 	 * Roots passed in from the client that we trust
   145 	 * We own this object and all its elements
   146 	 */
   147 	RPointerArray<CWTLSCertificate> iRootsFromClient;
   148 	/**
   149 	 * Roots from the specified cert store that we trust.
   150 	 * We own this object and all its elements
   151 	 */
   152 	RPointerArray<CWTLSCertificate> iRootsFromStore;
   153 
   154 	/**
   155 	 * A counter used to carry counter information between AO states
   156 	 */
   157 	TInt iIndex;
   158 
   159 	/**
   160 	 * Indicates if a root cert has been found for this particular chain
   161 	 */
   162 	TBool iFoundRoot;
   163 
   164 	/**
   165 	 * To store the parameters passed to CWTLSCertChain::Validate
   166 	 */ 
   167 	CWTLSValidationResult* iValidationResult;
   168 	/**
   169 	 * To store the parameters passed to CWTLSCertChain::Validate
   170 	 */ 
   171 	const TTime* iValidationTime;					 
   172 };
   173 
   174 #include <wtlscertchain.h>
   175 
   176 #endif