diff -r 000000000000 -r 33413c0669b9 vpnengine/vpnmanager/inc/policyimporter.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/vpnengine/vpnmanager/inc/policyimporter.h Thu Dec 17 09:14:51 2009 +0200 @@ -0,0 +1,206 @@ +/* +* Copyright (c) 2003-2007 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: Policy importer +* +*/ + + + +#ifndef __POLICYIMPORTER_H__ +#define __POLICYIMPORTER_H__ + +#include +#include +#include "vpnapidefs.h" +#include "fileutil.h" + +class CX509Certificate; +#include "pkiserviceapi.h" + +class CVpnApiServant; +class CPolicyStore; +class RFs; +class CPolicyPatchInfoList; +class CIkeDataArray; +class CIkeData; + +const TInt KMaxExtPolicyIdLength = 256; +const TInt KDoNotGetKeySize = -1; + +typedef TBuf TExtVpnPolicyId; + +/** + * Handles the importing of VPN policies to the system. + * + * @lib internal (vpnmanager.exe) + * @since S60 v3.0 + */ +class CPolicyImporter : public CActive + { +public: + static CPolicyImporter* NewL(const RMessage2& aMessage, + CVpnApiServant& aVpnApiServant, + CPolicyStore& iPolicyStore, RFs& aFs); + static CPolicyImporter* NewL(TRequestStatus& aStatus, + CVpnApiServant& aVpnApiServant, + CPolicyStore& iPolicyStore, RFs& aFs); + ~CPolicyImporter(); + + void ImportPolicyL(const TDesC& aDir); + void ImportSinglePolicyL(const TDesC& aDir, TVpnPolicyId& aNewPolicyId); + +private: + CPolicyImporter(const RMessage2& aMessage, CVpnApiServant& aVpnApiServant, + CPolicyStore& iPolicyStore, RFs& aFs); + CPolicyImporter(TRequestStatus& aStatus, CVpnApiServant& aVpnApiServant, + CPolicyStore& iPolicyStore, RFs& aFs); + void ConstructL(); + +protected: // From CActive + void DoCancel(); + void RunL(); + TInt RunError(TInt aError); + +private: + + void DoImportPolicyL(const TDesC& aDir); + + void GotoState(TInt aState); + void SetCurrState(TInt aState); + void SetNextState(TInt aState); + TInt CurrState(); + TInt NextState(); + void ChangeStateL(); + void CancelOngoingOperation(); + void ImportComplete(TInt aReturnValue); + void StateBeginPolicyImportL(); + void StateImportCaCertL(); + void StateAfterImportCaCertL(); + void StateImportPeerCertL(); + void StateAfterImportPeerCertL(); + void StateImportUserPrivKeyL(); + void StateAfterImportUserPrivKeyL(); + void StateAttachCertificateL(); + void StateAfterAttachCertificateL(); + void StateImportPinAndPolL(); + void StateCreateVpnDestinationL(); + void StateEndPolicyImportL(); + void BuildPolicyIdListL(); + TPkiServiceStoreType GetStoreTypeL(CIkeData* aData); + + + /** + * Checks that BIN format CA certs defined in the policy can be + * found in the same directory, where the .pol and .pin files are and + * collects found certificate file names to the iCurrCaCertList list. + * + * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found. + */ + void BuildCaCertListL(); + + /** + * Checks that BIN format peer certs defined in the policy can be + * found in the same directory, where the .pol and .pin files are and + * collects found certificate file names to the iCurrPeerCertList list. + * + * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found. + */ + void BuildPeerCertListL(); + + /** + * Checks that BIN format user certs have and assosiated bin format + * private key. Checks that both files exists in the same directory, where + * the .pol and .pin files are. Collects the user cert file names to iCurrUserCertList + * and private key file names to iCurrUserPrivKeyList. + * + * Leaves with KVpnErrCaCertFileMissing, if a defined file is not found. + * of with KVpnErrInvalidPolicyFile if the user certificate doesn't has + * a assosiated private key. + */ + void BuildUserPrivKeyAndUserCertListL(); + /** + * Checks if there is other CA certificates which are not defined in policy file + * (like intermediate CAs) and installs them to device. + */ + void BuildOtherCaCertListL(); + + void ParseIkeDataL(); + void PatchPolicyCaCertInfoL(const TFileName& aPolicyFile); + CPolicyPatchInfoList* BuildPolicyPatchInfoListL(); + HBufC8* CertSubjectNameL(const TFileName& aCertFile); + void CleanImportDirectory(); + void AppendIfNotFoundL(CArrayFixFlat* aList, + TFileName* aFileName); + + /** + * Returns subject name of the certificate and sets aKeySize. + * Parameter aKeySize is not set if aKeySize equals KDoNotGetKeySize. + */ + HBufC8* CertInfoL(const TFileName& aCertFile, TInt& aKeySize); + /** + * Returns Issuer name of certificate + */ + HBufC8* CPolicyImporter::CertIssuerL(const TFileName& aCertFile); + TFileName CPolicyImporter::GetCAFromFileListL(const TDesC8& aCertSubjectName, CArrayFixFlat* aCertFileArray); + +private: + RMessage2 iMessage; + TRequestStatus* iExtStatus; + CVpnApiServant& iVpnApiServant; + CPolicyStore& iPolicyStore; + RFs& iFs; + TFileUtil iFileUtil; + RPKIServiceAPI iPkiService; + + TFileName iImportDir; + + TInt iCurrState; + TInt iNextState; + + CArrayFixFlat* iPolicyIdList; + TInt iCurrPolicyIdIndex; + TExtVpnPolicyId iCurrPolicyId; + + CIkeDataArray* iCurrIkeDataArray; + TInt iCurrIkeDataIndex; + + CArrayFixFlat* iCurrCaCertList; + TInt iCurrCaCertIndex; + + CArrayFixFlat* iCurrPeerCertList; + TInt iCurrPeerCertIndex; + + CArrayFixFlat* iCurrUserPrivKeyList; + TInt iCurrUserPrivKeyIndex; + + CArrayFixFlat* iCurrUserCertList; + TInt iCurrUserCertIndex; + //for intermediate CAs + CArrayFixFlat* iCurrOtherCaCertList; + TInt iCurrOtherCaCertIndex; + + TPKIKeyIdentifier iCurrKeyId; + + HBufC8* iCertFileData; + HBufC8* iKeyFileData; + + TAny* iPkiOpContext; + + TBool iImportSinglePolicy; + TVpnPolicyId* iNewPolicyId; + + TVpnPolicyId iPolicyId; + }; + +#endif // __POLICYIMPORTER_H__