sl@0: /* sl@0: * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). sl@0: * All rights reserved. sl@0: * This component and the accompanying materials are made available sl@0: * under the terms of the License "Eclipse Public License v1.0" sl@0: * which accompanies this distribution, and is available sl@0: * at the URL "http://www.eclipse.org/legal/epl-v10.html". sl@0: * sl@0: * Initial Contributors: sl@0: * Nokia Corporation - initial contribution. sl@0: * sl@0: * Contributors: sl@0: * sl@0: * Description: sl@0: * CWTLSCertChainAO class implementation sl@0: * sl@0: */ sl@0: sl@0: sl@0: /** sl@0: @file sl@0: @internalTechnology sl@0: */ sl@0: sl@0: #ifndef __WTLSCERTCHAINAO_H__ sl@0: #define __WTLSCERTCHAINAO_H__ sl@0: sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: sl@0: sl@0: class CWTLSCertChain; sl@0: class CWTLSValidationResult; sl@0: class CWTLSCertificate; sl@0: sl@0: /** sl@0: * This class handles the asynchronous part of the wtls chain validation. It sl@0: * is an active object which handles the asynchronous certificate store operations. sl@0: */ sl@0: class CWTLSCertChainAO : public CActive sl@0: { sl@0: public: sl@0: static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain, sl@0: const CArrayPtr& aRootCerts); sl@0: static CWTLSCertChainAO* NewL(RFs& aFs, CWTLSCertChain &aWTLSCertChain, sl@0: const TUid aClient); sl@0: virtual ~CWTLSCertChainAO(); sl@0: virtual TInt RunError(TInt aError); sl@0: sl@0: private: sl@0: CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain); sl@0: CWTLSCertChainAO(RFs& aFs, CWTLSCertChain &aWTLSCertChain, const TUid aClient); sl@0: void ConstructL(const CArrayPtr& aRootCerts); sl@0: sl@0: public: sl@0: void RunL(); sl@0: void DoCancel(); sl@0: sl@0: private: sl@0: /** sl@0: * This function creates a CCertStoreManager, sl@0: * calls CCertStoreManager initialise and sets the state sl@0: * to EStoreManagerInitialized sl@0: */ sl@0: void HandleEStoreManagerInitializationL(); sl@0: void HandleEStoreManagerInitializedL(); sl@0: void HandleEGetCertHashesL(); sl@0: void HandleEPruneListL(); sl@0: void HandleEPruneListDoneL(); sl@0: void HandleECheckTCAL(); sl@0: void HandleEIsChainSelfSignedL(); sl@0: void HandleERetrieveRootsL(); sl@0: void HandleEAddRootToListL(); sl@0: void HandleEFindRootL(); sl@0: void HandleEValidateEndL(); sl@0: sl@0: // Request functions sl@0: public: sl@0: void Validate(CWTLSValidationResult& aValidationResult, const TTime& aValidationTime, sl@0: TRequestStatus& aStatus); sl@0: sl@0: private: sl@0: TBool CheckSignatureAndNameL(const CWTLSCertificate& aCert, sl@0: CWTLSValidationResult& aResult, TInt aPos) const; sl@0: TBool CheckValidityPeriod(const CWTLSCertificate& aCert, sl@0: CWTLSValidationResult& aResult, const TTime aTime, TInt aPos) const; sl@0: HBufC8& GeneratePublicKeyHashL(const CWTLSCertificate& aCert) const; sl@0: sl@0: enum TState sl@0: { sl@0: EStoreManagerInitialization = 0, sl@0: EStoreManagerInitialized, sl@0: EGetCertHashes, sl@0: EPruneList, sl@0: EPruneListDone, sl@0: ECheckTCA, sl@0: EIsChainSelfSigned, sl@0: ERetrieveRoots, sl@0: EAddRootToList, sl@0: EFindRoot, sl@0: EValidateEnd sl@0: }; sl@0: sl@0: private: sl@0: RFs& iFs; sl@0: CUnifiedCertStore* iCertStoreManager; sl@0: /** sl@0: * List of the subject hashes from the cert store sl@0: * The elements remained owned by the CCTCertInfo sl@0: */ sl@0: RPointerArray< TBuf8<20> > iRootSubjectStoreHashList; sl@0: /** sl@0: * List of the subject hashes from the passed in certs sl@0: * We own this object and all its elements sl@0: */ sl@0: RPointerArray< HBufC8 > iRootSubjectClientHashList; sl@0: CCertAttributeFilter* iFilter; sl@0: /** sl@0: * Stores info on the certs in the cert store sl@0: * We own this object and all its elements sl@0: */ sl@0: RMPointerArray iCertInfos; sl@0: /** sl@0: * Indicates whether iWTLSCertChain.iChain was pruned or not sl@0: */ sl@0: TBool iPruned; sl@0: /** sl@0: * The index within iChain that the chain was pruned sl@0: */ sl@0: TInt iPrunedChainLength; sl@0: sl@0: CWTLSCertChain& iWTLSCertChain; sl@0: TUid iClient; sl@0: TPtr8 iEncodedCert; sl@0: HBufC8* iEncodedCertTemp; sl@0: sl@0: TState iState; sl@0: sl@0: TRequestStatus* iOriginalRequestStatus; sl@0: sl@0: /** sl@0: * Roots passed in from the client that we trust sl@0: * We own this object and all its elements sl@0: */ sl@0: RPointerArray iRootsFromClient; sl@0: /** sl@0: * Roots from the specified cert store that we trust. sl@0: * We own this object and all its elements sl@0: */ sl@0: RPointerArray iRootsFromStore; sl@0: sl@0: /** sl@0: * A counter used to carry counter information between AO states sl@0: */ sl@0: TInt iIndex; sl@0: sl@0: /** sl@0: * Indicates if a root cert has been found for this particular chain sl@0: */ sl@0: TBool iFoundRoot; sl@0: sl@0: /** sl@0: * To store the parameters passed to CWTLSCertChain::Validate sl@0: */ sl@0: CWTLSValidationResult* iValidationResult; sl@0: /** sl@0: * To store the parameters passed to CWTLSCertChain::Validate sl@0: */ sl@0: const TTime* iValidationTime; sl@0: }; sl@0: sl@0: #include sl@0: sl@0: #endif