diff -r e1b950c65cb4 -r 837f303aceeb epoc32/include/mctwritablecertstore.h --- a/epoc32/include/mctwritablecertstore.h Wed Mar 31 12:27:01 2010 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,215 +0,0 @@ -/* -* Copyright (c) 2001-2009 Nokia Corporation and/or its subsidiary(-ies). -* All rights reserved. -* This component and the accompanying materials are made available -* under the terms of the License "Eclipse Public License v1.0" -* which accompanies this distribution, and is available -* at the URL "http://www.eclipse.org/legal/epl-v10.html". -* -* Initial Contributors: -* Nokia Corporation - initial contribution. -* -* Contributors: -* -* Description: -* MCTWritableCertStore.h (v.2) -* -*/ - - - - -/** - @file - @publishedPartner - @released -*/ - -#ifndef __MCTWRITABLECERTSTORE_H__ -#define __MCTWRITABLECERTSTORE_H__ - -#include - -/** - * The UID of writeable certificate store interfaces. - * - * A token that supports this interface should also support the read-only certificate - * store interface. - */ -const TInt KInterfaceWritableCertStore = 0x102020FB; // new version, since 9.0 - -/** - * Defines the interface for a writeable certificate store token. - * - * This extends the read-only certificate store API in MCTCertStore by adding - * functions to add and delete certificates, and to set their applicability and - * trust settings. - * - * This documentation describes the security policy that must be enforced by - * implementations of the interface. - * - * @publishedPartner - * @released - */ -class MCTWritableCertStore : public MCTCertStore - { -public: - /** - * Adding a certificate - */ - - /** - * Adds a certificate to the store. - * - * This is an asynchronous request. - * - * @param aLabel The label of the certificate to add. - * @param aFormat The format of the certificate. - * @param aCertificateOwnerType The owner type. - * @param aSubjectKeyId The Subject key ID. - * @param aIssuerKeyId The issuer key ID. - * @param aCert The certificate to be added. - * @param aStatus The request status object; contains the result of the Add() - * request when complete. Set to KErrCancel, if an outstanding - * request is cancelled. - * - * @capability WriteUserData This requires the WriteUserData capability when - * applied to user certificates. - * @capability WriteDeviceData This requires the WriteDeviceData capability - * when applied to CA certificates. - * @leave KErrPermissionDenied If the caller doesn't have the required capabilities. - */ - virtual void Add(const TDesC& aLabel, TCertificateFormat aFormat, - TCertificateOwnerType aCertificateOwnerType, - const TKeyIdentifier* aSubjectKeyId, - const TKeyIdentifier* aIssuerKeyId, - const TDesC8& aCert, TRequestStatus& aStatus) = 0; - - /** Cancels an ongoing Add() operation. */ - virtual void CancelAdd() = 0; - - /** - * Removing Certificates - */ - - /** - * Removes a certificate. - * - * @param aCertInfo The certificate to be removed. - * @param aStatus The request status object; contains the result of the Remove() - * request when complete. Set to KErrCancel, if an outstanding request is cancelled. - * - * @capability WriteUserData This requires the WriteUserData capability when - * applied to user certificates. - * @capability WriteDeviceData This requires the WriteDeviceData capability - * when applied to CA certificates. - * @leave KErrPermissionDenied If the caller doesn't have the required capabilities. - */ - virtual void Remove(const CCTCertInfo& aCertInfo, TRequestStatus& aStatus) = 0; - - /** Cancels an ongoing Remove() operation. */ - virtual void CancelRemove() = 0; - - /** - * Setting applicability - */ - - /** - * Replaces the current applicability settings with the settings in the - * supplied array. - * - * This should only be called for CA certificates - it has no meaning for - * user certificates. - * - * If this function is called by the unified certstore the given application - * uids array is guaranteed not to contain duplicates. However, client - * applications may bypass the unified certstore and call this function - * directly, in that case the array passed might contain duplicates. - * - * @param aCertInfo The certificate whose applicability should be updated. - * @param aApplications The new applicability settings. Ownership of this - * remains with the caller, and it must remain valid for the - * lifetime of the call. - * @param aStatus The request status object; contains the result of the SetApplicability() - * request when complete. Set to KErrCancel, if an outstanding request is cancelled. - * - * @capability WriteDeviceData This requires the WriteDeviceData capability. - * @leave KErrPermissionDenied If the caller doesn't have the required capabilities. - */ - virtual void SetApplicability(const CCTCertInfo& aCertInfo, - const RArray& aApplications, TRequestStatus &aStatus) = 0; - - /** Cancels an ongoing SetApplicability() operation. */ - virtual void CancelSetApplicability() = 0; - - /** - * Changing trust settings - */ - - /** - * Changes the trust settings. - * - * A CA certificate is trusted if the user is willing to use it for authenticating - * servers. It has no meaning with other types of certificates. - * - * @param aCertInfo The certificate to be updated. - * @param aTrusted ETrue, if trusted; EFalse, otherwise. - * @param aStatus The request status object; contains the result of the SetTrust() - * request when complete. Set to KErrCancel, if an outstanding request is cancelled. - * - * @capability WriteDeviceData This requires the WriteDeviceData capability. - * @leave KErrPermissionDenied If the caller doesn't have the required capabilities. - */ - virtual void SetTrust(const CCTCertInfo& aCertInfo, TBool aTrusted, - TRequestStatus& aStatus) = 0; - - /** Cancels an ongoing SetTrust() operation. */ - virtual void CancelSetTrust() = 0; - - /** - * Adding a certificate - */ - - /** - * Same as original Add() method above, but with additional parameter TBool aDeletable. - * - * @param aLabel The label of the certificate to add. - * @param aFormat The format of the certificate. - * @param aCertificateOwnerType The owner type. - * @param aSubjectKeyId The Subject key ID. - * @param aIssuerKeyId The issuer key ID. - * @param aCert The certificate to be added. - * - * @param aDeletable Sets the value for the certificate's deletable flag - * = true - means it is permitted to remove the - * certificate from certstore - * = false - means the certificate is NOT deletable. - * - * @param aStatus The request status object; - * contains the result of the Add() request when complete. - * Two of possible error values: - * = KErrCancel, if an outstanding request is cancelled; - * = KErrNotSupported (-5), if the method is called from a - * child class that doesn't support implementation of - * the new Add() method. - * - * @capability WriteUserData This requires the WriteUserData capability when - * applied to user certificates. - * @capability WriteDeviceData This requires the WriteDeviceData capability - * when applied to CA certificates. - * @leave KErrPermissionDenied If the caller doesn't have the required capabilities. - */ - virtual void Add(const TDesC& aLabel, TCertificateFormat aFormat, - TCertificateOwnerType aCertificateOwnerType, - const TKeyIdentifier* aSubjectKeyId, - const TKeyIdentifier* aIssuerKeyId, - const TDesC8& aCert, - const TBool aDeletable, - TRequestStatus& aStatus ); - - }; - - -#include "mctwritablecertstore.inl" - -#endif