|
1 // Copyright (c) 1997-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // The HTTP Security plug-in provides an implementation of security policy for use by HTTP |
|
15 // when configuring WTLS in the WAP stack. |
|
16 // |
|
17 // |
|
18 |
|
19 /** |
|
20 @file CPushSecurityPolicy.h |
|
21 */ |
|
22 |
|
23 #ifndef __CPUSHSECURITYPOLICY_H__ |
|
24 #define __CPUSHSECURITYPOLICY_H__ |
|
25 |
|
26 // System includes |
|
27 // |
|
28 #include <e32base.h> |
|
29 |
|
30 namespace RWTLS |
|
31 { |
|
32 enum TBulkEncryptionAlgorithm |
|
33 { |
|
34 EBulkNull = 0x00, |
|
35 ERc5_cbc_40 = 0x01, |
|
36 ERc5_cbc_56 = 0x02, |
|
37 ERc5_cbc = 0x03, |
|
38 EDes_cbc_40 = 0x04, |
|
39 EDes_cbc = 0x05, |
|
40 E3Des_cbc_ede = 0x06, |
|
41 EIdea_cbc_40 = 0x07, |
|
42 EIdea_cbc_56 = 0x08, |
|
43 EIdea_cbc = 0x09 |
|
44 }; |
|
45 |
|
46 enum TMacAlgorithm |
|
47 { |
|
48 ESha_0 = 0x00, |
|
49 ESha_40 = 0x01, |
|
50 ESha_80 = 0x02, |
|
51 ESha = 0x03, |
|
52 ESha_xor_40 = 0x04, |
|
53 EMd5_40 = 0x05, |
|
54 EMd5_80 = 0x06, |
|
55 EMd5 = 0x07 |
|
56 }; |
|
57 |
|
58 enum TIdType |
|
59 { |
|
60 EIdNull, |
|
61 EText, |
|
62 EBinary, |
|
63 EKeyHashSha = 254, |
|
64 EX509Name = 255 |
|
65 }; |
|
66 |
|
67 enum TKeyExchangeSuite |
|
68 { |
|
69 ESharedSecret = 1, |
|
70 EDHAnon, |
|
71 EDHAnon512, |
|
72 EDHAnon768, |
|
73 ERsaAnon, |
|
74 ERsaAnon512, |
|
75 ERsaAnon768, |
|
76 ERsa, |
|
77 ERsa512, |
|
78 ERsa768, |
|
79 EEcdhAnon, |
|
80 EEcdhAnon113, |
|
81 EEcdhAnon131, |
|
82 EEcdhEcdsa |
|
83 }; |
|
84 |
|
85 struct TCipherSuite |
|
86 { |
|
87 TBulkEncryptionAlgorithm iBulkEncryptionAlgorithm; |
|
88 TMacAlgorithm iMacAlgorithm; |
|
89 }; |
|
90 |
|
91 typedef CArrayFixFlat<TCipherSuite> CipherSuiteArray; |
|
92 |
|
93 enum TSequenceNumberMode |
|
94 { |
|
95 ENotUsed = 0, |
|
96 EImplicit, |
|
97 EExplicit |
|
98 }; |
|
99 } |
|
100 |
|
101 |
|
102 // Constant definitions used by this class |
|
103 // |
|
104 // Push Security Plug-in data type handled |
|
105 // |
|
106 _LIT(KPushSecurityData,"WTLS/SecurityPolicy"); |
|
107 |
|
108 // PushSecurity Plug-in UID matched to by the plugin server |
|
109 // |
|
110 const TUid KUidPushSecurityPolicy = { 0x101F3E59 }; |
|
111 |
|
112 // Class definition for CPushSecurityPolicy |
|
113 // |
|
114 //##ModelId=3B66B89D0232 |
|
115 class CPushSecurityPolicy : public CBase |
|
116 /** |
|
117 @internalComponent |
|
118 @released |
|
119 */ |
|
120 { |
|
121 public: // Types |
|
122 |
|
123 /** |
|
124 @enum TCipherResponse |
|
125 An enumeration of actions to be taken in response to the negotiated cipher, |
|
126 as obtained from the WTLS layer of the stack. In circumstances where a lower |
|
127 cipher strength was obtained than requested, the policy may choose to abandon |
|
128 connection or to ask the user if they wish to continue. |
|
129 |
|
130 @internalComponent |
|
131 @released |
|
132 */ |
|
133 enum TCipherResponse |
|
134 { |
|
135 /** Specifies that connection should be abandoned */ |
|
136 ENeverConnect = 0, |
|
137 /** Specifies that the user should be asked if the they wish to continue connecting */ |
|
138 EAskToConnect = 1, |
|
139 /** Specifies that connection should continue */ |
|
140 EAlwaysConnect = 2 |
|
141 }; |
|
142 |
|
143 public: // Methods |
|
144 |
|
145 /** |
|
146 Intended Usage : Static c'tor that uses ECom to instantiate a CPushSecurityPolicy |
|
147 derived class that matches the data in aMatchData. |
|
148 @since 6.0 |
|
149 @param aMatchData A descriptor with the matching data |
|
150 @return A pointer to the created CPushSecurityPolicy derived object that can |
|
151 matches the matching data. |
|
152 */ |
|
153 //##ModelId=3B66B89D02DB |
|
154 inline static CPushSecurityPolicy* NewL(const TDesC& aMatchData); |
|
155 |
|
156 /** |
|
157 Intended Usage : D'tor. Uses ECom to ensure that the DLL containing the |
|
158 used interface implementation is unloaded at the appropriate time. |
|
159 @since 6.0 |
|
160 */ |
|
161 //##ModelId=3B66B89D02D4 |
|
162 inline virtual ~CPushSecurityPolicy(); |
|
163 |
|
164 /** |
|
165 Intended Usage : Queries to see if anonymous authentication allowed. |
|
166 @since 6.0 |
|
167 @return A boolean value of ETrue if anonymous authentication can be |
|
168 allowed, otherwise EFalse if given. |
|
169 */ |
|
170 //##ModelId=3B66B89D02D3 |
|
171 virtual TBool AnonymousAuthenticationAllowed() =0; |
|
172 |
|
173 /** |
|
174 Intended Usage : Obtain the key exchange suite for WTLS, for a non-anonymous |
|
175 session (ie on in which the server-certificate is obtained and authenticated). |
|
176 @since 6.0 |
|
177 @param aSuite An output argument with the key exchange suite desired for WTLS |
|
178 @param aIdType An output argument with the ID type desired for WTLS |
|
179 @param aKeyId An output argument with the key ID desired for WTLS |
|
180 @return A boolean value of ETrue if the default is to be overridden. |
|
181 */ |
|
182 //##ModelId=3B66B89D02CA |
|
183 virtual TBool GetKeyExchangeSuiteNormal( |
|
184 RWTLS::TKeyExchangeSuite& aSuite, |
|
185 RWTLS::TIdType& aIdType, |
|
186 TDes8& aKeyId |
|
187 ) =0; |
|
188 /** |
|
189 Intended Usage : Obtain the key exchange suite for WTLS for an anonymous |
|
190 session (ie on in which no server-certificate is obtained). |
|
191 @since 6.0 |
|
192 @param aSuite An output argument with the key exchange suite desired for WTLS |
|
193 @param aIdType An output argument with the ID type desired for WTLS |
|
194 @param aKeyId An output argument with the key ID desired for WTLS |
|
195 @return A boolean value of ETrue if the default is to be overridden. |
|
196 */ |
|
197 //##ModelId=3B66B89D02BF |
|
198 virtual TBool GetKeyExchangeSuiteAnon( |
|
199 RWTLS::TKeyExchangeSuite& aSuite, |
|
200 RWTLS::TIdType& aIdType, |
|
201 TDes8& aKeyId |
|
202 ) =0; |
|
203 |
|
204 /** |
|
205 Intended Usage : Obtain the number of cipher suites desired for WTLS. |
|
206 @since 6.0 |
|
207 @param aNumCipherSuites An output argument with the number of |
|
208 cipher suites to be requested |
|
209 @return A boolean value of ETrue if the default is to be overridden. |
|
210 */ |
|
211 //##ModelId=3B66B89D02BD |
|
212 virtual TBool GetNumCipherSuites(TInt& aNumCipherSuites) =0; |
|
213 |
|
214 /** |
|
215 Intended Usage : Obtain the cipher suites desired for WTLS - an array of |
|
216 TCipherSuite |
|
217 @since 6.0 |
|
218 @param aCipherSuites An output argument with the cipher suites to |
|
219 be requested |
|
220 @return A boolean value of ETrue if the default is to be overridden. |
|
221 */ |
|
222 //##ModelId=3B66B89D02B5 |
|
223 virtual TBool GetCipherSuitesL(RWTLS::CipherSuiteArray& aCipherSuites) =0; |
|
224 |
|
225 /** |
|
226 Intended Usage : Obtain the key refresh rate for WTLS. |
|
227 @since 6.0 |
|
228 @param aRate An output argument with the rate value desired. |
|
229 Refreshing occurs every 2^aRate messages |
|
230 @return A boolean value of ETrue if the default is to be overridden. |
|
231 @todo Add the pre and post conditions. |
|
232 @pre None |
|
233 @post Unspecified |
|
234 */ |
|
235 //##ModelId=3B66B89D02B3 |
|
236 virtual TBool GetKeyRefreshRate(TUint8& aRate) =0; |
|
237 |
|
238 /** |
|
239 Intended Usage : Obtain the sequence number mode desired for WTLS. |
|
240 @since 6.0 |
|
241 @param aMode An output argument with the desired mode |
|
242 @return A boolean value of ETrue if the default is to be overridden. |
|
243 */ |
|
244 //##ModelId=3B66B89D02AB |
|
245 virtual TBool GetSequenceNumberMode(RWTLS::TSequenceNumberMode& aMode) =0; |
|
246 |
|
247 /** |
|
248 Intended Usage : Obtain the record length usage flag for WTLS. |
|
249 @since 6.0 |
|
250 @param aUseRecordLengthFlag An output argument which has a value |
|
251 of ETrue if record length usage is desired for WTLS |
|
252 @return A boolean value of ETrue if the default is to be overridden |
|
253 */ |
|
254 //##ModelId=3B66B89D02A9 |
|
255 virtual TBool GetRecordLengthUsage(TBool& aUseRecordLengthFlag) =0; |
|
256 |
|
257 /** |
|
258 Intended Usage : Obtain the shared secret used for WTLS. |
|
259 @since 6.0 |
|
260 @param aSharedSecret An output argument with the shared secret data |
|
261 @return A boolean value of ETrue if the default is to be overridden |
|
262 */ |
|
263 //##ModelId=3B66B89D02A0 |
|
264 virtual TBool GetSharedSecretLC(HBufC8*& aSharedSecret) =0; |
|
265 |
|
266 /** |
|
267 Intended Usage : Finds out what action to take with the actual ciphers |
|
268 negotiated with the stack. |
|
269 @since 6.0 |
|
270 @param aSuite The negotiated cipher suite, or NULL if none was |
|
271 reported by the stack |
|
272 @param aMode The negotiated mode, or NULL if none was reported |
|
273 by the stack |
|
274 @return A TCipherResponse value that specifies the response to be taken. |
|
275 */ |
|
276 //##ModelId=3B66B89D0297 |
|
277 virtual TCipherResponse GetNegotiatedCipherAction(RWTLS::TCipherSuite* aSuite, RWTLS::TSequenceNumberMode* aMode) =0; |
|
278 |
|
279 protected: // Methods |
|
280 |
|
281 /** |
|
282 Intended Usage : C'tor. |
|
283 @since 6.0 |
|
284 */ |
|
285 //##ModelId=3B66B89D0296 |
|
286 inline CPushSecurityPolicy(); |
|
287 |
|
288 private: // Methods |
|
289 |
|
290 /** |
|
291 Intended Usage : Reserved for future expansion. Reserves space in export |
|
292 table to maintain binary compatibility. |
|
293 @since 6.0 |
|
294 @param aArg An argument |
|
295 @return A pointer to a generic data structure. |
|
296 */ |
|
297 //##ModelId=3B66B89D0294 |
|
298 virtual TAny* Extend_CPushSecurityPolicy1(TAny* aArg) =0; |
|
299 |
|
300 /** |
|
301 Intended Usage : Reserved for future expansion. Reserves space in export |
|
302 table to maintain binary compatibility. |
|
303 @since 6.0 |
|
304 @param aArg An argument |
|
305 @return A pointer to a generic data structure. |
|
306 */ |
|
307 //##ModelId=3B66B89D028A |
|
308 virtual TAny* Extend_CPushSecurityPolicy2(TAny* aArg) =0; |
|
309 |
|
310 private: |
|
311 |
|
312 /** A unique UID used in interface destruction |
|
313 */ |
|
314 //##ModelId=3B66B89D0282 |
|
315 TUid iDtor_ID_Key; |
|
316 |
|
317 }; |
|
318 |
|
319 #include "CPushSecurityPolicy.inl" |
|
320 |
|
321 #endif // __CPUSHSECURITYPOLICY_H__ |
|
322 |
|
323 |
|
324 |
|
325 |