epoc32/include/unifiedcertstore.h
author William Roberts <williamr@symbian.org>
Wed, 31 Mar 2010 12:27:01 +0100 (2010-03-31)
branchSymbian2
changeset 3 e1b950c65cb4
parent 0 061f57f2323e
child 4 837f303aceeb
permissions -rw-r--r--
Attempt to represent the S^2->S^3 header reorganisation as a series of "hg rename" operations
williamr@2
     1
/*
williamr@2
     2
* Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
williamr@2
     3
* All rights reserved.
williamr@2
     4
* This component and the accompanying materials are made available
williamr@2
     5
* under the terms of the License "Eclipse Public License v1.0"
williamr@2
     6
* which accompanies this distribution, and is available
williamr@2
     7
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
williamr@2
     8
*
williamr@2
     9
* Initial Contributors:
williamr@2
    10
* Nokia Corporation - initial contribution.
williamr@2
    11
*
williamr@2
    12
* Contributors:
williamr@2
    13
*
williamr@2
    14
* Description: 
williamr@2
    15
* UNIFIEDCERTSTORE.H
williamr@2
    16
* The unified certificate store implementation
williamr@2
    17
*
williamr@2
    18
*/
williamr@2
    19
williamr@2
    20
williamr@2
    21
williamr@2
    22
williamr@2
    23
/**
williamr@2
    24
 @file 
williamr@2
    25
 @internalTechnology
williamr@2
    26
 @released
williamr@2
    27
*/
williamr@2
    28
 
williamr@2
    29
#ifndef __UNIFIEDCERTSTORE_H__
williamr@2
    30
#define __UNIFIEDCERTSTORE_H__
williamr@2
    31
williamr@2
    32
class CCertificate;
williamr@2
    33
williamr@2
    34
#include <signed.h>
williamr@2
    35
#include <e32std.h>
williamr@2
    36
#include <f32file.h>
williamr@2
    37
#include <e32property.h>
williamr@2
    38
#include <sacls.h>
williamr@2
    39
#include <mcertstore.h>
williamr@2
    40
#include <ct/rmpointerarray.h>
williamr@2
    41
#include <ct/rcpointerarray.h>
williamr@2
    42
williamr@2
    43
williamr@2
    44
williamr@2
    45
williamr@2
    46
/**  
williamr@2
    47
 *
williamr@2
    48
 * Publish and Subscribe - UnifiedCertSTore Category
williamr@2
    49
 * Aliased here to System Category to prevent SC break.
williamr@2
    50
 *
williamr@2
    51
 */
williamr@2
    52
const TUid KUnifiedCertStorePropertyCat = {KUidSystemCategoryValue};
williamr@2
    53
williamr@2
    54
/**  
williamr@2
    55
 *
williamr@2
    56
 * Publish and subscribe key for UnifiedCertSTore.
williamr@2
    57
 */
williamr@2
    58
enum TUnifiedCertStoreKey
williamr@2
    59
	{
williamr@2
    60
	/**  
williamr@2
    61
 	 *
williamr@2
    62
 	 * The Publish and subscribe key for the certstore changes.
williamr@2
    63
	 * If the client of the UnifiedCertstore needs to be notified when
williamr@2
    64
	 * certificate addition, removal and trust&application setting occurs,
williamr@2
    65
	 * the client needs to subscribe to KUnifiedCertStorePropertyCat and
williamr@2
    66
	 * EUnifiedCertStoreFlag.
williamr@2
    67
	 *
williamr@2
    68
	 * Aliased here to KUidUnifiedCertstore flag to avoid SC break.
williamr@2
    69
 	 */
williamr@2
    70
 	EUnifiedCertStoreFlag = KUidUnifiedCertstoreFlag
williamr@2
    71
 	};
williamr@2
    72
williamr@2
    73
/**
williamr@2
    74
 *
williamr@2
    75
 * The Unique ID for unknown hardware certstore, used as the input parameter when it is to be filtered.
williamr@2
    76
 * @deprecated. Used only for Data compatibility.
williamr@2
    77
 */
williamr@2
    78
williamr@2
    79
const TInt KUnknownHardwareCertStore = 0;
williamr@2
    80
williamr@2
    81
williamr@2
    82
/**
williamr@2
    83
 *
williamr@2
    84
 * The Unique ID for mutable software certstore, used as the input parameter when it is to be filtered.
williamr@2
    85
 *
williamr@2
    86
 */
williamr@2
    87
williamr@2
    88
const TInt KThirdPartyCertStore = 1;
williamr@2
    89
williamr@2
    90
williamr@2
    91
/**
williamr@2
    92
 *
williamr@2
    93
 * The Unique ID for SIM certstore, used as the input parameter when it is to be filtered.
williamr@2
    94
 *
williamr@2
    95
 */
williamr@2
    96
williamr@2
    97
const TInt KSIMCertStore  = 2;
williamr@2
    98
williamr@2
    99
/**
williamr@2
   100
 *
williamr@2
   101
 * The Unique ID for WIM certstore, used as the input parameter when it is to be filtered.
williamr@2
   102
 *  
williamr@2
   103
 */
williamr@2
   104
williamr@2
   105
const TInt KWIMCertStore  = 3;
williamr@2
   106
williamr@2
   107
/**  
williamr@2
   108
 *
williamr@2
   109
 * The Unique ID for UICC certstore, used as the input parameter when it is to be filtered.
williamr@2
   110
 *  
williamr@2
   111
 */
williamr@2
   112
const TInt KUICCCertStore = 4;
williamr@2
   113
williamr@2
   114
/**  
williamr@2
   115
 *
williamr@2
   116
 * The Unique ID for immutable software certstore, used as the input parameter when it is to be filtered.
williamr@2
   117
 *  
williamr@2
   118
 */
williamr@2
   119
williamr@2
   120
const TInt KManufactureCertStore = 5;
williamr@2
   121
williamr@2
   122
// Forward declarations
williamr@2
   123
class MCTCertStore;
williamr@2
   124
class MCTWritableCertStore;
williamr@2
   125
class MCTTokenInterface;
williamr@2
   126
class MCTToken;
williamr@2
   127
class MCTTokenType;
williamr@2
   128
class CCTCertInfo;
williamr@2
   129
class CCertAttributeFilter;
williamr@2
   130
class CCTTokenTypeInfo;
williamr@2
   131
class TCTTokenObjectHandle;
williamr@2
   132
class CCheckedCertStore;
williamr@2
   133
williamr@2
   134
// This class is forward declared to avoid including its definition in this
williamr@2
   135
// exported header file because it must only be used internally.
williamr@2
   136
class CUnifiedCertStoreWorkingVars;
williamr@2
   137
class CX500DistinguishedName;
williamr@2
   138
williamr@2
   139
/**
williamr@2
   140
 * The unified certificate store.
williamr@2
   141
 * 
williamr@2
   142
 * This class provides a certificate store whose contents are the sum of the
williamr@2
   143
 * contents of all certificate store implementations on the device.  It is
williamr@2
   144
 * intended as the single point of access for clients wishing to use certificate
williamr@2
   145
 * stores.
williamr@2
   146
 *
williamr@2
   147
 * Since this class is intended for widespread use, capability checks relating
williamr@2
   148
 * to certificate access are documented here even though the checks are actually
williamr@2
   149
 * made in the individual cert store implementations.
williamr@2
   150
 * 
williamr@2
   151
 * @publishedAll
williamr@2
   152
 * @released
williamr@2
   153
 */
williamr@2
   154
NONSHARABLE_CLASS(CUnifiedCertStore) : public CActive, public MCertStore
williamr@2
   155
	{
williamr@2
   156
public:
williamr@2
   157
	/** 
williamr@2
   158
	 * Creates a new CUnifiedCertStore
williamr@2
   159
	 *
williamr@2
   160
	 * @param aFs			A file server session. It must already be open.
williamr@2
   161
	 * @param aOpenForWrite	ETrue if the stores must be opened with write access
williamr@2
   162
	 *						(e.g. for adding certificates) and EFalse if the user 
williamr@2
   163
	 *						only needs read-only access.
williamr@2
   164
	 * @return				A pointer to an instance of the CUnifiedCertStore class.
williamr@2
   165
	 */
williamr@2
   166
	IMPORT_C static CUnifiedCertStore* NewL(RFs& aFs, TBool aOpenForWrite);
williamr@2
   167
	
williamr@2
   168
	/** 
williamr@2
   169
	 * Creates a new CUnifiedCertStore and pushes it on the cleanup stack.
williamr@2
   170
	 *
williamr@2
   171
	 * @param aFs			A file server session. It must already be open.
williamr@2
   172
	 * @param aOpenForWrite	ETrue if the stores must be opened with write access
williamr@2
   173
	 *						(e.g. for adding certificates) and EFalse if the user
williamr@2
   174
	 *						only needs read-only access.
williamr@2
   175
	 * @return				A pointer to an instance of the CUnifiedCertStore class.
williamr@2
   176
	 */
williamr@2
   177
	IMPORT_C static CUnifiedCertStore* NewLC(RFs& aFs, TBool aOpenForWrite);
williamr@2
   178
 	/** 
williamr@2
   179
 	 * Creates a new CUnifiedCertStore with the sequence filter, so that multiple certstores that are managed
williamr@2
   180
	 * by it will be filtered and ordered.
williamr@2
   181
 	 *
williamr@2
   182
 	 * @param aFs			A file server session. It must already be open.
williamr@2
   183
 	 * @param aOpenForWrite	ETrue if the stores must be opened with write access
williamr@2
   184
 	 *						(e.g. for adding certificates) and EFalse if the user
williamr@2
   185
 	 *						only needs read-only access. Ownership is taken.
williamr@2
   186
 	 * @param aOrderFilter  An array of the unique sequence IDs specifying CertStore ordering.
williamr@2
   187
 	 * @return				A pointer to an instance of the CUnifiedCertStore class.
williamr@2
   188
 	 */
williamr@2
   189
 	IMPORT_C static CUnifiedCertStore* NewL(RFs& aFs, 
williamr@2
   190
 	                                        TBool aOpenForWrite,
williamr@2
   191
 	                                        RArray<TInt>& aOrderFilter);
williamr@2
   192
 	/** 
williamr@2
   193
 	 * Creates a new CUnifiedCertStore with the sequence filter, so that multiple certstores that are managed
williamr@2
   194
	 * by it will be filtered and ordered, and it is pushed on the cleanup stack.
williamr@2
   195
 	 *
williamr@2
   196
 	 * @param aFs			A file server session. It must already be open.
williamr@2
   197
 	 * @param aOpenForWrite	ETrue if the stores must be opened with write access
williamr@2
   198
 	 *						(e.g. for adding certificates) and EFalse if the user
williamr@2
   199
 	 *						only needs read-only access. Ownership is taken.
williamr@2
   200
 	 * @param aOrderFilter  An array of the unique sequence IDs specifying CertStore ordering.
williamr@2
   201
 	 * @return				A pointer to an instance of the CUnifiedCertStore class.
williamr@2
   202
 	 */
williamr@2
   203
 	IMPORT_C static CUnifiedCertStore* NewLC(RFs& aFs, 
williamr@2
   204
 	                                         TBool aOpenForWrite,
williamr@2
   205
 	                                         RArray<TInt>& aOrderFilter);
williamr@2
   206
	
williamr@2
   207
	/**
williamr@2
   208
	 * The destructor destroys all the resources owned by this object.
williamr@2
   209
	 */
williamr@2
   210
	IMPORT_C ~CUnifiedCertStore();
williamr@2
   211
	
williamr@2
   212
	/**
williamr@2
   213
	 * Initializes the manager. 
williamr@2
   214
	 * 
williamr@2
   215
	 * It must be called after the manager has been constructed
williamr@2
   216
	 * and before any call to the manager functions.
williamr@2
   217
	 * 
williamr@2
   218
	 * This is an asynchronous request.
williamr@2
   219
	 * 
williamr@2
   220
	 * @param aStatus	The request status object; contains the result of the Initialize() 
williamr@2
   221
	 * 					request when complete. Set to KErrCancel if any outstanding request is cancelled.
williamr@2
   222
	 */
williamr@2
   223
	IMPORT_C void Initialize(TRequestStatus& aStatus);
williamr@2
   224
williamr@2
   225
	/** 
williamr@2
   226
	 * Cancels an ongoing Initialize() operation.
williamr@2
   227
	 *
williamr@2
   228
	 * The operation completes with KErrCancel.
williamr@2
   229
	 */
williamr@2
   230
	IMPORT_C void CancelInitialize();
williamr@2
   231
williamr@2
   232
public:	// Implementation of MCertStore interface
williamr@2
   233
williamr@2
   234
	/** Lists all certificates that satisfy the supplied filter.
williamr@2
   235
	*
williamr@2
   236
	* @param aCertInfos	An array that the returned certificates are added to .
williamr@2
   237
	* @param aFilter	A filter to restrict which certificates are returned.
williamr@2
   238
	* @param aStatus	The request status object.
williamr@2
   239
	* 
williamr@2
   240
	*/
williamr@2
   241
	virtual void List(RMPointerArray<CCTCertInfo>& aCertInfos,
williamr@2
   242
					  const CCertAttributeFilter& aFilter, TRequestStatus& aStatus);
williamr@2
   243
	virtual void CancelList();
williamr@2
   244
	virtual void GetCert(CCTCertInfo*& aCertInfo, const TCTTokenObjectHandle& aHandle, 
williamr@2
   245
						 TRequestStatus& aStatus);
williamr@2
   246
	virtual void CancelGetCert();
williamr@2
   247
williamr@2
   248
	/** Gets the list of applications . Applications are represented by UIDs .
williamr@2
   249
	* 	
williamr@2
   250
	* @param aCertInfos		An array of certificates .
williamr@2
   251
	* @param aApplications	An array that the returned application UIDs are added to.
williamr@2
   252
	* @param aStatus		The request status object.
williamr@2
   253
	*
williamr@2
   254
	*/
williamr@2
   255
	virtual void Applications(const CCTCertInfo& aCertInfo, 
williamr@2
   256
							  RArray<TUid>& aApplications, TRequestStatus &aStatus);
williamr@2
   257
	virtual void CancelApplications();
williamr@2
   258
	virtual void IsApplicable(const CCTCertInfo& aCertInfo, TUid aApplication, 
williamr@2
   259
							  TBool& aIsApplicable, TRequestStatus& aStatus);
williamr@2
   260
	virtual void CancelIsApplicable();
williamr@2
   261
	virtual void Trusted(const CCTCertInfo& aCertInfo, TBool& aTrusted, 
williamr@2
   262
						 TRequestStatus& aStatus);
williamr@2
   263
	virtual void CancelTrusted();
williamr@2
   264
	virtual void Retrieve(const CCTCertInfo& aCertInfo, TDes8& aEncodedCert,
williamr@2
   265
						  TRequestStatus& aStatus);
williamr@2
   266
	virtual void CancelRetrieve();
williamr@2
   267
williamr@2
   268
public:	// Functions defined in MCTWritableCertStore except Add functions
williamr@2
   269
williamr@2
   270
	/**
williamr@2
   271
	 * Removes a certificate.
williamr@2
   272
	 * 
williamr@2
   273
	 * @param aCertInfo				The certificate to be removed.
williamr@2
   274
	 * @param aStatus				The request status object; contains the result of the Remove() 
williamr@2
   275
	 * 								request when complete. Set to KErrCancel if an outstanding request is cancelled.
williamr@2
   276
	 *
williamr@2
   277
	 * @capability WriteUserData	This requires the WriteUserData capability when
williamr@2
   278
	 *								applied to user certificates.
williamr@2
   279
	 * @capability WriteDeviceData	This requires the WriteDeviceData capability
williamr@2
   280
	 *								when applied to CA certificates.
williamr@2
   281
	 * @leave KErrPermissionDenied	If the caller doesn't have the required
williamr@2
   282
	 *								capabilities.
williamr@2
   283
	 */
williamr@2
   284
	IMPORT_C void Remove(const CCTCertInfo& aCertInfo, TRequestStatus& aStatus);
williamr@2
   285
	
williamr@2
   286
	/** 
williamr@2
   287
	 * Cancels an ongoing Remove() operation.
williamr@2
   288
	 *
williamr@2
   289
	 * The operation completes with KErrCancel.
williamr@2
   290
	 */
williamr@2
   291
	IMPORT_C void CancelRemove();
williamr@2
   292
	
williamr@2
   293
	/**
williamr@2
   294
	 * Replaces the current applicability settings with the settings in the
williamr@2
   295
	 * supplied array.
williamr@2
   296
	 * 
williamr@2
   297
	 * This should only be called for CA certificates - it has no meaning for
williamr@2
   298
	 * user certificates.
williamr@2
   299
	 * 
williamr@2
   300
	 * @param aCertInfo		The certificate whose applicability should be updated.
williamr@2
   301
	 * @param aApplications	The new applicability settings. Ownership of this
williamr@2
   302
	 * 						remains with the caller, and it must remain valid for the
williamr@2
   303
	 * 						lifetime of the call.
williamr@2
   304
	 * @param aStatus		The request status object; contains the result of the SetApplicability() 
williamr@2
   305
	 * 						request when complete. Set to KErrCancel, if an outstanding request is cancelled.
williamr@2
   306
	 *
williamr@2
   307
	 * @capability WriteDeviceData	This requires the WriteDeviceData capability.
williamr@2
   308
	 * @leave KErrPermissionDenied	If the caller doesn't have the required capabilities.
williamr@2
   309
	 */
williamr@2
   310
	IMPORT_C void SetApplicability(const CCTCertInfo& aCertInfo, 
williamr@2
   311
		const RArray<TUid>& aApplications, TRequestStatus &aStatus);
williamr@2
   312
	
williamr@2
   313
	/** 
williamr@2
   314
	 * Cancels an ongoing SetApplicability() operation.
williamr@2
   315
	 *
williamr@2
   316
	 * The operation completes with KErrCancel.
williamr@2
   317
	 */
williamr@2
   318
	IMPORT_C void CancelSetApplicability();
williamr@2
   319
	
williamr@2
   320
	/**
williamr@2
   321
	 * Changes the trust settings.
williamr@2
   322
	 * 
williamr@2
   323
	 * A CA certificate is trusted if the user is willing to use it for authenticating
williamr@2
   324
	 * servers. It has no meaning with other types of certificates.
williamr@2
   325
	 * 
williamr@2
   326
	 * @param aCertInfo	The certificate to be updated.
williamr@2
   327
	 * @param aTrusted	ETrue, if trusted; EFalse, otherwise.
williamr@2
   328
	 * @param aStatus	The request status object; contains the result of the SetTrust() 
williamr@2
   329
	 * 					request when complete. Set to KErrCancel, if an outstanding request is cancelled.
williamr@2
   330
	 *
williamr@2
   331
	 * @capability WriteDeviceData This requires the WriteDeviceData capability.
williamr@2
   332
	 * @leave KErrPermissionDenied If the caller doesn't have the required capabilities.
williamr@2
   333
	 */
williamr@2
   334
	IMPORT_C void SetTrust(const CCTCertInfo& aCertInfo, TBool aTrusted, 
williamr@2
   335
		TRequestStatus& aStatus);
williamr@2
   336
	
williamr@2
   337
	/** 
williamr@2
   338
	 * Cancels an ongoing SetTrust() operation.
williamr@2
   339
	 *
williamr@2
   340
	 * The operation completes with KErrCancel.
williamr@2
   341
	 */
williamr@2
   342
	IMPORT_C void CancelSetTrust();
williamr@2
   343
williamr@2
   344
public:
williamr@2
   345
	/**
williamr@2
   346
	 * Lists all certificates that have a particular subject DN.
williamr@2
   347
	 * 
williamr@2
   348
	 * @param aCertInfos	An array that the returned certificates are added to
williamr@2
   349
	 * @param aFilter		A filter to restrict which certificates are returned.
williamr@2
   350
	 * @param aIssuer		Only certificates with this issuer DN will be returned
williamr@2
   351
	 * @param aStatus		Asynchronous request status.
williamr@2
   352
	 */
williamr@2
   353
	IMPORT_C void List(RMPointerArray<CCTCertInfo>& aCertInfos,
williamr@2
   354
					   const CCertAttributeFilter& aFilter, 
williamr@2
   355
					   const TDesC8& aIssuer, 
williamr@2
   356
					   TRequestStatus& aStatus);
williamr@2
   357
williamr@2
   358
	/**
williamr@2
   359
	 * Lists all certificates that have a particular issuer.
williamr@2
   360
	 * 
williamr@2
   361
	 * @param aCertInfos	An array that the returned certificates are added to
williamr@2
   362
	 * @param aFilter		A filter to restrict which certificates are returned.
williamr@2
   363
	 * @param aIssuers		Only certificates with this issuer will be returned
williamr@2
   364
	 * @param aStatus		Asynchronous request status.
williamr@2
   365
	 */
williamr@2
   366
	IMPORT_C void List(RMPointerArray<CCTCertInfo>& aCertInfos,
williamr@2
   367
					   const CCertAttributeFilter& aFilter, 
williamr@2
   368
					   RPointerArray<const TDesC8> aIssuers, 
williamr@2
   369
					   TRequestStatus& aStatus);
williamr@2
   370
williamr@2
   371
	/**
williamr@2
   372
	 * Retrieves a certificate as a parsed object.
williamr@2
   373
	 *
williamr@2
   374
	 * This will only work for certificates that have a CCertificate-derived
williamr@2
   375
	 * representation, in other words X509 and WTLS certificates.  If called for
williamr@2
   376
	 * a URL certificate, KErrNotSupported is returned.
williamr@2
   377
	 * 
williamr@2
   378
	 * @param aCertInfo	The certificate to retrieve
williamr@2
   379
	 * @param aCert		The returned certificate.  This object can safely be up-cast
williamr@2
   380
	 *					to a CX509Certificate or CWTLSCertificate if it's known that
williamr@2
   381
	 *					that is the certificate format.
williamr@2
   382
	 * @param aStatus	Asynchronous request status.
williamr@2
   383
	 * 
williamr@2
   384
	 * @capability ReadUserData		This requires the ReadUserData capability when
williamr@2
   385
	 *								applied to user certificates, as these may contain
williamr@2
   386
	 *								sensitive user data.
williamr@2
   387
	 * @leave KErrPermissionDenied	If called for a user certificate when the
williamr@2
   388
	 *								caller doesn't have the ReadUserData capability.
williamr@2
   389
	 */
williamr@2
   390
	IMPORT_C void Retrieve(const CCTCertInfo& aCertInfo, CCertificate*& aCert,
williamr@2
   391
						   TRequestStatus& aStatus);
williamr@2
   392
	
williamr@2
   393
	/** 
williamr@2
   394
	 * Gets the number of certificate stores.
williamr@2
   395
	 *
williamr@2
   396
	 * @return	The total number of certificate stores.
williamr@2
   397
	 */
williamr@2
   398
	IMPORT_C TInt CertStoreCount() const;
williamr@2
   399
	
williamr@2
   400
	/**
williamr@2
   401
	 * Gets a particular certificate store.
williamr@2
   402
	 * 
williamr@2
   403
	 * @param aIndex	The index of the required certificate store.
williamr@2
   404
	 *					A number between 0 and CertStoreCount() - 1.
williamr@2
   405
	 * @return			The certificate store.
williamr@2
   406
	 */
williamr@2
   407
	IMPORT_C MCTCertStore& CertStore(TInt aIndex);
williamr@2
   408
	
williamr@2
   409
	/** 
williamr@2
   410
	 * Gets the number of writeable certificate stores.
williamr@2
   411
	 *
williamr@2
   412
	 * @return	The number of writeable certificate stores.
williamr@2
   413
	 */
williamr@2
   414
	IMPORT_C TInt WritableCertStoreCount() const;
williamr@2
   415
	
williamr@2
   416
	/**
williamr@2
   417
	 * Gets a particular writeable certificate store.
williamr@2
   418
	 *
williamr@2
   419
	 * @param aIndex	The index of the required certificate store.
williamr@2
   420
	 *					A number between 0 and WriteableCertStoreCount() - 1.
williamr@2
   421
	 * @return			The writeable certificate store.
williamr@2
   422
	 */
williamr@2
   423
	IMPORT_C MCTWritableCertStore& WritableCertStore(TInt aIndex);
williamr@2
   424
	
williamr@2
   425
	/** 
williamr@2
   426
	 * Gets the number of read-only certificate stores.
williamr@2
   427
	 *
williamr@2
   428
	 * @return	The number of read-only certificate stores.
williamr@2
   429
	 */
williamr@2
   430
	IMPORT_C TInt ReadOnlyCertStoreCount() const;
williamr@2
   431
	
williamr@2
   432
	/**
williamr@2
   433
	 * Gets a particular read-only certificate store.
williamr@2
   434
	 * 
williamr@2
   435
	 * @param aIndex	The index of the required certificate store.
williamr@2
   436
	 *					A number between 0 and ReadOnlyCertStoreCount() - 1.
williamr@2
   437
	 * @return			The read-only certificate store.
williamr@2
   438
	 */
williamr@2
   439
	IMPORT_C MCTCertStore& ReadOnlyCertStore(TInt aIndex);
williamr@2
   440
williamr@2
   441
private:
williamr@2
   442
	enum TState
williamr@2
   443
		{
williamr@2
   444
		EIdle,
williamr@2
   445
williamr@2
   446
		EInitializeGetTokenList,
williamr@2
   447
		EInitializeGetToken,
williamr@2
   448
		EInitializeGetWritableInterface,
williamr@2
   449
		EInitializeGetReadableInterface,
williamr@2
   450
		EInitializeGetReadableInterfaceFinished,
williamr@2
   451
		EInitializeFinished,
williamr@2
   452
williamr@2
   453
		EList,
williamr@2
   454
		ERetrieve,
williamr@2
   455
		ERetrieveForList,
williamr@2
   456
williamr@2
   457
		EGetCert,
williamr@2
   458
		EApplications,
williamr@2
   459
		EIsApplicable,
williamr@2
   460
		ETrusted,
williamr@2
   461
		ERetrieveData,
williamr@2
   462
		ERemove,
williamr@2
   463
		ESetApplicability,
williamr@2
   464
		ESetTrust
williamr@2
   465
		};
williamr@2
   466
	enum TCompareResults
williamr@2
   467
		{
williamr@2
   468
		ENo,
williamr@2
   469
		EYes,
williamr@2
   470
		EMaybe
williamr@2
   471
		};
williamr@2
   472
private:
williamr@2
   473
	CUnifiedCertStore(RFs& aFs, TBool aOpenForWrite);
williamr@2
   474
	void ConstructL(RArray<TInt>& aOrderFilter);
williamr@2
   475
	void DoCancel();
williamr@2
   476
	void RunL();
williamr@2
   477
	TInt RunError(TInt aError);
williamr@2
   478
williamr@2
   479
	// Implementations for asynchronous operations
williamr@2
   480
	void InitializeL();
williamr@2
   481
	void ListL(RMPointerArray<CCTCertInfo>& aCertInfos,
williamr@2
   482
			   const CCertAttributeFilter& aFilter);
williamr@2
   483
	void ListL(RMPointerArray<CCTCertInfo>& aCertInfos,
williamr@2
   484
			  const CCertAttributeFilter& aFilter, 
williamr@2
   485
			  RPointerArray<const TDesC8> aIssuers);
williamr@2
   486
	void RetrieveL(const CCTCertInfo& aCertInfo, CCertificate*& aCert);
williamr@2
   487
	void GetCertL(CCTCertInfo*& aCertInfo, const TCTTokenObjectHandle& aHandle);
williamr@2
   488
	void ApplicationsL(const CCTCertInfo& aCertInfo, RArray<TUid>& aApplications);
williamr@2
   489
	void IsApplicableL(const CCTCertInfo& aCertInfo, TUid aApplication, 
williamr@2
   490
					   TBool& aIsApplicable);
williamr@2
   491
	void TrustedL(const CCTCertInfo& aCertInfo, TBool& aTrusted);
williamr@2
   492
	void RetrieveDataL(const CCTCertInfo& aCertInfo, TDes8& aEncodedCert);
williamr@2
   493
	void RemoveL(const CCTCertInfo& aCertInfo);
williamr@2
   494
	void SetApplicabilityL(const CCTCertInfo& aCertInfo,
williamr@2
   495
						   const RArray<TUid>& aApplications);
williamr@2
   496
	void SetTrustL(const CCTCertInfo& aCertInfo, TBool aTrusted);
williamr@2
   497
williamr@2
   498
	// Helper functions
williamr@2
   499
	void AllocWorkingVarsL();
williamr@2
   500
	void BeginAsyncOp(TRequestStatus& aStatus, TState aState);	
williamr@2
   501
	void DestroyTemporaryMembers();
williamr@2
   502
	MCTCertStore* GetCertStore(const TCTTokenObjectHandle& aHandle);
williamr@2
   503
	void FindCertStoreL(const TCTTokenObjectHandle& aHandle);
williamr@2
   504
	void FindWritableCertStoreL(const TCTTokenObjectHandle& aHandle);
williamr@2
   505
	TCompareResults CompareCertInfoDN(const CCTCertInfo* aCertInfo);
williamr@2
   506
	TBool MatchL(const CX500DistinguishedName& aName) const;
williamr@2
   507
	void Complete(TInt aError);
williamr@2
   508
	void CancelOutstandingRequest();
williamr@2
   509
 	
williamr@2
   510
 	// Filters CertStores according to specified order.
williamr@2
   511
 	void ApplyOrderingL(RCPointerArray<CCTTokenTypeInfo>& aTokenTypes);
williamr@2
   512
 	
williamr@2
   513
 	void FilterTokenTypesL(RCPointerArray<CCTTokenTypeInfo>& aSearchTokenTypes,
williamr@2
   514
						RCPointerArray<CCTTokenTypeInfo>& aTempTokenTypes,
williamr@2
   515
						TInt aOrderAttribute);
williamr@2
   516
 
williamr@2
   517
private:
williamr@2
   518
	/**
williamr@2
   519
	 * A file server session, this is not logically a part of this class
williamr@2
   520
	 * but is needed for the client store and the file certstore.
williamr@2
   521
	 */
williamr@2
   522
	RFs& iFs;
williamr@2
   523
williamr@2
   524
	TBool iOpenedForWrite;
williamr@2
   525
williamr@2
   526
	RPointerArray<CCheckedCertStore> iReadOnlyCertStores;
williamr@2
   527
	RPointerArray<CCheckedCertStore> iWritableCertStores;
williamr@2
   528
	RPointerArray<CCheckedCertStore> iCertStores;
williamr@2
   529
williamr@2
   530
	TBool iCurrentlyDoingReadOnly;
williamr@2
   531
williamr@2
   532
	/**
williamr@2
   533
	 * This a TokenType retrieved from the iTokenTypes array.
williamr@2
   534
	 * We use this to get a list of Tokens and to open these Tokens.
williamr@2
   535
	 */
williamr@2
   536
	MCTTokenType* iTokenType;
williamr@2
   537
williamr@2
   538
	/**
williamr@2
   539
	 * This is the list of Tokens for one of the Token Types of iTokenTypes.
williamr@2
   540
	 */
williamr@2
   541
	RCPointerArray<HBufC> iTokens;
williamr@2
   542
williamr@2
   543
	/** All the UIDs of hardware token types */
williamr@2
   544
	RArray<TUid> iHardwareTypeUids;
williamr@2
   545
	/**
williamr@2
   546
	 * This is used as an index for the iTokens array when we try 
williamr@2
   547
	 * to get an interface to each of the tokens.
williamr@2
   548
	 */
williamr@2
   549
	TInt iIndexTokens;
williamr@2
   550
williamr@2
   551
	/**
williamr@2
   552
	 * A Token interface. We will use the interface to get a readable or writable
williamr@2
   553
	 * certstore interface. The value is updated at EInitializeGetToken and used
williamr@2
   554
	 * at EInitializeGetWritableInterface.
williamr@2
   555
	 */
williamr@2
   556
	MCTToken* iToken;
williamr@2
   557
williamr@2
   558
	/**
williamr@2
   559
	 * We use this to (temporarily) store the interface we obtained from iToken.
williamr@2
   560
	 * It will be inserted in iWritableCertStores or iCertStores.
williamr@2
   561
	 */
williamr@2
   562
	MCTTokenInterface* iTokenInterface;
williamr@2
   563
williamr@2
   564
 	/**
williamr@2
   565
 	The index of the plugin certstore that is being processed
williamr@2
   566
 	*/
williamr@2
   567
	TInt iIndex;
williamr@2
   568
williamr@2
   569
	/**
williamr@2
   570
	 * This is the status of the caller of an asynchronous function. It must be set
williamr@2
   571
	 * to KRequestPending by the function while doing the processing.
williamr@2
   572
	 */
williamr@2
   573
	TRequestStatus* iClientStatus;
williamr@2
   574
williamr@2
   575
	TState iState;
williamr@2
   576
williamr@2
   577
	TBool iIsInitialized;
williamr@2
   578
williamr@2
   579
	/**
williamr@2
   580
	 * This member holds all the variables that are only used to store temporary results
williamr@2
   581
	 * while performing a given operation. It must be initialized at the start of the
williamr@2
   582
	 * operation and deleted at the end of it whether the opeartion completes successfully
williamr@2
   583
	 * or not. When no operation is being performed it must be 0.
williamr@2
   584
	 */
williamr@2
   585
	CUnifiedCertStoreWorkingVars* iWorkingVars;
williamr@2
   586
williamr@2
   587
	/**
williamr@2
   588
	 * The cert store in use by an outstanding async operation.
williamr@2
   589
	 */
williamr@2
   590
	MCTCertStore *iCurrentCertStore;
williamr@2
   591
williamr@2
   592
	/**
williamr@2
   593
	 * The writable cert store in use by an outstanding async operation.
williamr@2
   594
	 */
williamr@2
   595
	MCTWritableCertStore *iCurrentWritableCertStore;
williamr@2
   596
williamr@2
   597
	// Padding to keep class size constant
williamr@2
   598
	TInt32 iUnused1;
williamr@2
   599
	TInt32 iUnused2;
williamr@2
   600
	                  
williamr@2
   601
 	// An array of Uids specifying Token Type ordering
williamr@2
   602
 	RArray<TInt> iOrderAttributes;
williamr@2
   603
 	
williamr@2
   604
 	// Publish and subscribe property which is used to notify the 
williamr@2
   605
	// cerificate addition,removal and application&trust setting.
williamr@2
   606
 	RProperty iPSCertstoreChangeProperty;
williamr@2
   607
williamr@2
   608
	};
williamr@2
   609
williamr@2
   610
#endif