Mercurialtest / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw
| help
epoc32/include/mctwritablecertstore.h
branchSymbian2
changeset 2 2fe1408b6811
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/epoc32/include/mctwritablecertstore.h	Tue Mar 16 16:12:26 2010 +0000
     1.3 @@ -0,0 +1,215 @@
     1.4 +/*
     1.5 +* Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies).
     1.6 +* All rights reserved.
     1.7 +* This component and the accompanying materials are made available
     1.8 +* under the terms of the License "Eclipse Public License v1.0"
     1.9 +* which accompanies this distribution, and is available
    1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
    1.11 +*
    1.12 +* Initial Contributors:
    1.13 +* Nokia Corporation - initial contribution.
    1.14 +*
    1.15 +* Contributors:
    1.16 +*
    1.17 +* Description: 
    1.18 +* MCTWritableCertStore.h (v.2)
    1.19 +*
    1.20 +*/
    1.21 +
    1.22 +
    1.23 +
    1.24 +
    1.25 +/**
    1.26 + @file 
    1.27 + @publishedPartner
    1.28 + @released
    1.29 +*/
    1.30 + 
    1.31 +#ifndef __MCTWRITABLECERTSTORE_H__
    1.32 +#define __MCTWRITABLECERTSTORE_H__
    1.33 +
    1.34 +#include <mctcertstore.h>
    1.35 +
    1.36 +/**
    1.37 + * The UID of writeable certificate store interfaces.
    1.38 + *
    1.39 + * A token that supports this interface should also support the read-only certificate 
    1.40 + * store interface.
    1.41 + */
    1.42 +const TInt KInterfaceWritableCertStore = 0x102020FB; // new version, since 9.0
    1.43 +
    1.44 +/**
    1.45 + * Defines the interface for a writeable certificate store token.
    1.46 + * 
    1.47 + * This extends the read-only certificate store API in MCTCertStore by adding 
    1.48 + * functions to add and delete certificates, and to set their applicability and 
    1.49 + * trust settings. 
    1.50 + *
    1.51 + * This documentation describes the security policy that must be enforced by
    1.52 + * implementations of the interface.
    1.53 + * 
    1.54 + * @publishedPartner
    1.55 + * @released
    1.56 + */
    1.57 +class MCTWritableCertStore : public MCTCertStore
    1.58 +	{
    1.59 +public:
    1.60 +	/**
    1.61 +	 * Adding a certificate
    1.62 +	 */
    1.63 +
    1.64 +	/**
    1.65 +	 * Adds a certificate to the store.
    1.66 +	 * 
    1.67 +	 * This is an asynchronous request.	
    1.68 +	 * 
    1.69 +	 * @param aLabel				The label of the certificate to add.
    1.70 +	 * @param aFormat				The format of the certificate.
    1.71 +	 * @param aCertificateOwnerType	The owner type.
    1.72 +	 * @param aSubjectKeyId			The Subject key ID.
    1.73 +	 * @param aIssuerKeyId			The issuer key ID.
    1.74 +	 * @param aCert					The certificate to be added.
    1.75 +	 * @param aStatus				The request status object; contains the result of the Add() 
    1.76 +	 * 								request when complete. Set to KErrCancel, if an outstanding 
    1.77 +	 * 								request is cancelled.
    1.78 +	 *
    1.79 +	 * @capability WriteUserData	This requires the WriteUserData capability when
    1.80 +	 *								applied to user certificates.
    1.81 +	 * @capability WriteDeviceData	This requires the WriteDeviceData capability
    1.82 +	 *								when applied to CA certificates.
    1.83 +	 * @leave KErrPermissionDenied	If the caller doesn't have the required capabilities.
    1.84 +	 */
    1.85 +	virtual void Add(const TDesC& aLabel, TCertificateFormat aFormat,
    1.86 +					 TCertificateOwnerType aCertificateOwnerType, 
    1.87 +					 const TKeyIdentifier* aSubjectKeyId,
    1.88 +					 const TKeyIdentifier* aIssuerKeyId,
    1.89 +					 const TDesC8& aCert, TRequestStatus& aStatus) = 0;
    1.90 +		
    1.91 +	/** Cancels an ongoing Add() operation. */
    1.92 +	virtual void CancelAdd() = 0;
    1.93 +
    1.94 +	/**
    1.95 +	 * Removing Certificates
    1.96 +	 */
    1.97 +	
    1.98 +	/**
    1.99 +	 * Removes a certificate.
   1.100 +	 * 
   1.101 +	 * @param aCertInfo	The certificate to be removed.
   1.102 +	 * @param aStatus	The request status object; contains the result of the Remove() 
   1.103 +	 * 					request when complete. Set to KErrCancel, if an outstanding request is cancelled.
   1.104 +	 *
   1.105 +	 * @capability WriteUserData	This requires the WriteUserData capability when
   1.106 +	 *								applied to user certificates.
   1.107 +	 * @capability WriteDeviceData	This requires the WriteDeviceData capability
   1.108 +	 *								when applied to CA certificates.
   1.109 +	 * @leave KErrPermissionDenied	If the caller doesn't have the required capabilities.
   1.110 +	 */
   1.111 +	virtual void Remove(const CCTCertInfo& aCertInfo, TRequestStatus& aStatus) = 0;
   1.112 +
   1.113 +	/** Cancels an ongoing Remove() operation. */
   1.114 +	virtual void CancelRemove() = 0;
   1.115 +
   1.116 +	/**
   1.117 +	 * Setting applicability
   1.118 +	 */
   1.119 +		
   1.120 +	/**
   1.121 +	 * Replaces the current applicability settings with the settings in the
   1.122 +	 * supplied array.
   1.123 +	 * 
   1.124 +	 * This should only be called for CA certificates - it has no meaning for
   1.125 +	 * user certificates.
   1.126 +	 * 
   1.127 +	 * If this function is called by the unified certstore the given application
   1.128 +	 * uids array is guaranteed not to contain duplicates. However, client
   1.129 +	 * applications may bypass the unified certstore and call this function
   1.130 +	 * directly, in that case the array passed might contain duplicates.
   1.131 +	 * 
   1.132 +	 * @param aCertInfo		The certificate whose applicability should be updated.
   1.133 +	 * @param aApplications	The new applicability settings. Ownership of this
   1.134 +	 * 						remains with the caller, and it must remain valid for the
   1.135 +	 * 						lifetime of the call.
   1.136 +	 * @param aStatus		The request status object; contains the result of the SetApplicability() 
   1.137 +	 * 						request when complete. Set to KErrCancel, if an outstanding request is cancelled.
   1.138 +	 *
   1.139 +	 * @capability WriteDeviceData	This requires the WriteDeviceData capability.
   1.140 +	 * @leave KErrPermissionDenied	If the caller doesn't have the required capabilities.
   1.141 +	 */
   1.142 +	virtual void SetApplicability(const CCTCertInfo& aCertInfo, 
   1.143 +						  const RArray<TUid>& aApplications, TRequestStatus &aStatus) = 0;
   1.144 +
   1.145 +	/** Cancels an ongoing SetApplicability() operation. */
   1.146 +	virtual void CancelSetApplicability() = 0;
   1.147 +
   1.148 +	/**
   1.149 +	 * Changing trust settings
   1.150 +	 */
   1.151 +
   1.152 +	/**
   1.153 +	 * Changes the trust settings.
   1.154 +	 * 
   1.155 +	 * A CA certificate is trusted if the user is willing to use it for authenticating 
   1.156 +	 * servers. It has no meaning with other types of certificates.
   1.157 +	 * 
   1.158 +	 * @param aCertInfo	The certificate to be updated.
   1.159 +	 * @param aTrusted	ETrue, if trusted; EFalse, otherwise.
   1.160 +	 * @param aStatus	The request status object; contains the result of the SetTrust() 
   1.161 +	 * 					request when complete. Set to KErrCancel, if an outstanding request is cancelled.
   1.162 +	 *
   1.163 +	 * @capability WriteDeviceData	This requires the WriteDeviceData capability.
   1.164 +	 * @leave KErrPermissionDenied	If the caller doesn't have the required capabilities.
   1.165 +	 */
   1.166 +	virtual void SetTrust(const CCTCertInfo& aCertInfo, TBool aTrusted, 
   1.167 +						  TRequestStatus& aStatus) = 0;
   1.168 +
   1.169 +	/** Cancels an ongoing SetTrust() operation. */
   1.170 +	virtual void CancelSetTrust() = 0;
   1.171 +			
   1.172 +	/**
   1.173 +	 * Adding a certificate
   1.174 +	 */
   1.175 +	
   1.176 +	/**
   1.177 +	 * Same as original Add() method above, but with additional parameter TBool aDeletable.
   1.178 +	 *
   1.179 +	 * @param aLabel				The label of the certificate to add.
   1.180 +	 * @param aFormat				The format of the certificate.
   1.181 +	 * @param aCertificateOwnerType	The owner type.
   1.182 +	 * @param aSubjectKeyId			The Subject key ID.
   1.183 +	 * @param aIssuerKeyId			The issuer key ID.
   1.184 +	 * @param aCert					The certificate to be added.
   1.185 +	 * 
   1.186 +	 * @param aDeletable			Sets the value for the certificate's deletable flag
   1.187 +	 * 									= true 	- means it is permitted to remove the
   1.188 +	 *												certificate from certstore
   1.189 +	 * 									= false - means the certificate is NOT deletable.
   1.190 +	 *
   1.191 +	 * @param aStatus				The request status object;
   1.192 +	 * 								contains the result of the Add() request when complete. 
   1.193 +	 *								Two of possible error values:
   1.194 +	 *									= KErrCancel, if an outstanding request is cancelled;
   1.195 +	 *									= KErrNotSupported (-5), if the method is called from a
   1.196 +	 *										child class that doesn't support implementation of
   1.197 +	 *										the new Add() method.
   1.198 +	 *
   1.199 +	 * @capability WriteUserData	This requires the WriteUserData capability when
   1.200 +	 *								applied to user certificates.
   1.201 +	 * @capability WriteDeviceData	This requires the WriteDeviceData capability
   1.202 +	 *								when applied to CA certificates.
   1.203 +	 * @leave KErrPermissionDenied	If the caller doesn't have the required capabilities.
   1.204 +	 */
   1.205 +	virtual void Add(const TDesC& aLabel, TCertificateFormat aFormat,
   1.206 +					 TCertificateOwnerType aCertificateOwnerType, 
   1.207 +					 const TKeyIdentifier* aSubjectKeyId,
   1.208 +					 const TKeyIdentifier* aIssuerKeyId,
   1.209 +					 const TDesC8& aCert, 
   1.210 +					 const TBool aDeletable,
   1.211 +					 TRequestStatus& aStatus );
   1.212 +	
   1.213 +	};
   1.214 +
   1.215 +
   1.216 +#include "mctwritablecertstore.inl"
   1.217 +
   1.218 +#endif
test