diff -r 675a964f4eb5 -r 35751d3474b7 cryptoservices/certificateandkeymgmt/tpkixcert_tef/src/validateteststep.cpp --- a/cryptoservices/certificateandkeymgmt/tpkixcert_tef/src/validateteststep.cpp Tue Jul 21 01:04:32 2009 +0100 +++ b/cryptoservices/certificateandkeymgmt/tpkixcert_tef/src/validateteststep.cpp Thu Sep 10 14:01:51 2009 +0300 @@ -1,402 +1,403 @@ -/* -* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies). -* All rights reserved. -* This component and the accompanying materials are made available -* under the terms of the License "Eclipse Public License v1.0" -* which accompanies this distribution, and is available -* at the URL "http://www.eclipse.org/legal/epl-v10.html". -* -* Initial Contributors: -* Nokia Corporation - initial contribution. -* -* Contributors: -* -* Description: -* -*/ - - -#include "validateteststep.h" - - -CValidateCertChainStep::CValidateCertChainStep() - { - SetTestStepName(KValidateCertChainStep); - } - -CValidateCertChainStep::~CValidateCertChainStep() - { - delete iActiveObject; - } - -TVerdict CValidateCertChainStep::doTestStepPreambleL() - { - CPkixCertStepBase::doTestStepPreambleL(); - GetIntFromConfig(ConfigSection(), KNumberOfCerts, iNumberOfCerts); - return EPass; - } - -void CValidateCertChainStep::PerformTestL() - { - CPkixCertStepBase::PerformTestL(); - - iCertChain->SetSupportedCriticalExtensionsL(iProcessedOids); - - TTime time; - time.UniversalTime(); - - ValidateL(time, ConfigSection()); - - CleanupStack::PopAndDestroy(iCertChain); - - } - - -void CValidateCertChainStep::ValidateL(TTime aValidateTime, TDes& aConfigSection) - { - - CPKIXValidationResult* result = CPKIXValidationResult::NewLC(); - - iActiveObject = new (ELeave) CValidateCertChainHelper(Logger()); - CleanupStack::PushL(iActiveObject); - - User::LeaveIfError(iActiveObject->PerformTestL(iCertChain, *result, aValidateTime)); - - CleanupStack::PopAndDestroy(iActiveObject); - iActiveObject = NULL; - - TInt expectedError; - GetIntFromConfig(aConfigSection, KError, expectedError); - - if ((result->Error()).iReason != expectedError) - { - ERR_PRINTF3(_L("ERROR: Error: %d. Expected error: %d"), (result->Error()).iReason, expectedError); - User::Leave(KErrGeneral); - } - - if (expectedError != EValidatedOK) - { - //we are expected to error - TInt certIndex; - GetIntFromConfig(aConfigSection, KErrorIndex, certIndex); - if ((result->Error()).iCert != certIndex) - { - ERR_PRINTF3(_L("ERROR: Error certificate index: %d. Expected index: %d"), (result->Error()).iCert, certIndex); - User::Leave(KErrGeneral); - } - else{ - CleanupStack::PopAndDestroy(result); - return; //we have passed - } - } - - - const CArrayFixFlat& warns = result->Warnings(); - RArray resultOldWarnings; - CleanupClosePushL(resultOldWarnings); - TInt i; - for (i=0; i < warns.Count(); ++i) - { - resultOldWarnings.AppendL(warns[i]); - } - - const RPointerArray& certificateWarningsArray = result->ValidationWarnings(); - - HBufC* key; - - RArray processedPolicyQualifiers; - CleanupClosePushL(processedPolicyQualifiers); - - TInt qualifierWarning = 18; - - for (i=0; i < iNumberOfCerts; ++i) - { - key = HBufC::NewLC(KCert().Length() + KKeyFormat().Length() + KPolicyIndex().Length()); - TPtr ptr(key->Des()); - ptr = KCert(); - ptr.AppendFormat(KKeyFormat(), i); - ptr.Append(KPolicyIndex()); - - TInt policyIndex = 0; - GetIntFromConfig(aConfigSection, *key, policyIndex); - - if (policyIndex > 0) - { - TValidationError error = (TValidationError) qualifierWarning; - processedPolicyQualifiers.Append(TValidationStatus(error, policyIndex)); - } - - CleanupStack::PopAndDestroy(key); - } - - //handle 1st part old warnings first - check any warnings we expect are present (later we check no additionals) - CheckWarningsPresentAndRemoveL(processedPolicyQualifiers, resultOldWarnings); - - RArray configOldWarnings; - CleanupClosePushL(configOldWarnings); - RArray processedConfigOldWarnings; - CleanupClosePushL(processedConfigOldWarnings); - - RArray configNewWarnings; - CleanupClosePushL(configNewWarnings); - RArray configCritOids; - CleanupClosePushL(configCritOids); - - for (TInt cert_index=0; cert_index < iNumberOfCerts; ++cert_index) - { - INFO_PRINTF2(_L("Certificate index: %d"), cert_index); - key = HBufC::NewLC(KCert().Length() + KKeyFormat().Length() + KOldWarnings().Length()); - TPtr ptr(key->Des()); - ptr = KCert(); - ptr.AppendFormat(KKeyFormat(), cert_index); - ptr.Append(KOldWarnings()); - - GetIntArrayFromConfigL(aConfigSection, *key, configOldWarnings); - - processedConfigOldWarnings.Reset(); - for (TInt i=0; i < configOldWarnings.Count(); ++i) - { - TValidationError error = (TValidationError) configOldWarnings[i]; - processedConfigOldWarnings.Append(TValidationStatus(error, cert_index)); - } - - TransferToNewWarningsL(configOldWarnings, configNewWarnings, cert_index); - - ptr.Zero(); - ptr = KCert(); - ptr.AppendFormat(KKeyFormat(), cert_index); - ptr.Append(KCritOid()); - - GetStringArrayFromConfigL(aConfigSection, *key, configCritOids); - - CleanupStack::PopAndDestroy(key); - - //we now have all our arguments from the config file - - //handle 1st part old warnings first - check any warnings we expect are present (later we check no additionals) - CheckWarningsPresentAndRemoveL(processedConfigOldWarnings, resultOldWarnings); - - - CCertificateValidationWarnings* certWarning = certificateWarningsArray[((iNumberOfCerts - cert_index) - 1)]; //not owned //warnings returned in reverse order - - //check cert and certindex match up correctly - if (certWarning->CertIndex() != cert_index) - { - ERR_PRINTF3(_L("ERROR: Certificate indexes do not match. Certificate index: %d. Expected index: %d"), certWarning->CertIndex(), cert_index); - User::Leave(KErrGeneral); - } - - key = HBufC::NewLC(KCert().Length() + KKeyFormat().Length() + KPolicyIndex().Length()); - TPtr pt(key->Des()); - pt = KCert(); - pt.AppendFormat(KKeyFormat(), cert_index); - pt.Append(KPolicyIndex()); - - TInt policyIndex = 0; - GetIntFromConfig(aConfigSection, *key, policyIndex); - - if (policyIndex > 0) - { - TValidationError error = (TValidationError) qualifierWarning; - configNewWarnings.Append(TValidationStatus(error, policyIndex)); - } - - CleanupStack::PopAndDestroy(key); - - //check new warnings behave correctly - CheckWarningsPresentAndRemoveL(certWarning->Warnings(), configNewWarnings); - - if (configNewWarnings.Count() != 0) - { - for (TInt err=0; err < configNewWarnings.Count(); ++err) - { - ERR_PRINTF2(_L("ERROR: Warning(new API) not reported: %d"), (configNewWarnings[err]).iReason); - } - User::Leave(KErrGeneral); - } - - - //check critoids behave correctly - CheckCriticalExtsPresentAndRemoveL(certWarning->CriticalExtensionsFound(), configCritOids); - if (configCritOids.Count() != 0) - { - for (TInt err=0; err < configCritOids.Count(); ++err) - { - ERR_PRINTF2(_L("ERROR: Critical extension not reported: %S"), &configCritOids[err]); - } - User::Leave(KErrGeneral); - } - - configOldWarnings.Reset(); - configNewWarnings.Reset(); - configCritOids.Reset(); - } - - CleanupStack::PopAndDestroy(5, &processedPolicyQualifiers); - - //check if any warnings in old api we weren't expecting - if (resultOldWarnings.Count() != 0) - { - for (TInt warn=0; warn < resultOldWarnings.Count(); ++warn) - { - ERR_PRINTF3(_L("ERROR: Warning(old API) not reported: %d. Index: %d"), (resultOldWarnings[warn]).iReason, (resultOldWarnings[warn]).iCert); - } - User::Leave(KErrGeneral); - } - - CleanupStack::PopAndDestroy(2, result); - } - -void CValidateCertChainStep::TransferToNewWarningsL(RArray& aOldWarnings, RArray& aNewWarnings, TInt aCertIndex) - { - for (TInt i=0; i < aOldWarnings.Count(); ++i) - { - switch (aOldWarnings[i]) - { - case ECriticalExtendedKeyUsage: - break; - case ECriticalPolicyMapping: - break; - case ECriticalDeviceId: - break; - case ECriticalSid: - break; - case ECriticalVid: - break; - case ECriticalCapabilities: - break; - case ECriticalCertPoliciesWithQualifiers: //handled by ini parameter due to overloading by warning of iCert value - break; - default: - TValidationError error = (TValidationError) aOldWarnings[i]; - aNewWarnings.AppendL(TValidationStatus(error, aCertIndex)); - } - } - } - - - - - -void CValidateCertChainStep::CheckWarningsPresentAndRemoveL(const RArray& aWarningsToCheckFor, RArray& aWarningsToCheckIn) - { - TBool found; - for (TInt warnings_index=0; warnings_index < aWarningsToCheckFor.Count(); ++warnings_index) - { - found = EFalse; - for (TInt k=0; k < aWarningsToCheckIn.Count(); ++k) - { - if (ValidationStatusEqual(aWarningsToCheckFor[warnings_index], aWarningsToCheckIn[k])) - { - found = ETrue; - aWarningsToCheckIn.Remove(k); - break; - } - } - - if (!found) - { - ERR_PRINTF2(_L("ERROR: Warning not present: %d"), aWarningsToCheckFor[warnings_index].iReason); - User::Leave(KErrGeneral); - } - } - } - - -TBool CValidateCertChainStep::ValidationStatusEqual(const TValidationStatus& aValidationStatus1, const TValidationStatus& aValidationStatus2) - { - if (aValidationStatus1.iReason != aValidationStatus2.iReason) - { - return EFalse; - } - if (aValidationStatus1.iCert != aValidationStatus2.iCert) - { - return EFalse; - } - return ETrue; - } - - -//takes away from aOidsToCheckAgainst -void CValidateCertChainStep::CheckCriticalExtsPresentAndRemoveL(const RPointerArray& aOidsToLookFor, RArray& aOidsToCheckAgainst) - { - TBool found; - for (TInt oid_index=0; oid_index < aOidsToLookFor.Count(); ++oid_index) - { - found = EFalse; - for (TInt k=0; k < aOidsToCheckAgainst.Count(); ++k) - { - if ((*aOidsToLookFor[oid_index])==(aOidsToCheckAgainst[k])) - { - found = ETrue; - aOidsToCheckAgainst.Remove(k); - break; - } - } - - if (!found) - { - ERR_PRINTF2(_L("ERROR: Critical extension OID not present: %S"), aOidsToLookFor[oid_index]); - User::Leave(KErrGeneral); - } - } - } - - - -//////////////////////////************ - -CValidateCertChainHelper::CValidateCertChainHelper(CTestExecuteLogger& aLogger) -: CActive(EPriorityStandard), iLogger(aLogger) - { - CActiveScheduler::Add(this); - } - - -CValidateCertChainHelper::~CValidateCertChainHelper() - { - Cancel(); - } - - -TInt CValidateCertChainHelper::PerformTestL(CPKIXCertChain* aCertChain, CPKIXValidationResult& aValidResult, TTime aValidateTime) - { - iCertChain = aCertChain; - - //call async - aCertChain->ValidateL(aValidResult, aValidateTime, iStatus); - - SetActive(); - CActiveScheduler::Start(); - - return iRunError; - } - - -void CValidateCertChainHelper::DoCancel() - { - iCertChain->CancelValidate(); - } - - -void CValidateCertChainHelper::RunL() - { - iRunError = KErrNone; - User::LeaveIfError(iStatus.Int()); - - //processing here - - - CActiveScheduler::Stop(); - } - - -TInt CValidateCertChainHelper::RunError(TInt aError) - { - iRunError = aError; - //processing here - - - CActiveScheduler::Stop(); - return KErrNone; - } +/* +* Copyright (c) 2008-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* +*/ + + +#include "validateteststep.h" + + +CValidateCertChainStep::CValidateCertChainStep() + { + SetTestStepName(KValidateCertChainStep); + } + +CValidateCertChainStep::~CValidateCertChainStep() + { + delete iActiveObject; + } + +TVerdict CValidateCertChainStep::doTestStepPreambleL() + { + CPkixCertStepBase::doTestStepPreambleL(); + GetIntFromConfig(ConfigSection(), KNumberOfCerts, iNumberOfCerts); + return EPass; + } + +void CValidateCertChainStep::PerformTestL() + { + CPkixCertStepBase::PerformTestL(); + + iCertChain->SetSupportedCriticalExtensionsL(iProcessedOids); + + TTime time; + time.UniversalTime(); + + ValidateL(time, ConfigSection()); + + CleanupStack::PopAndDestroy(iCertChain); + + } + + +void CValidateCertChainStep::ValidateL(TTime aValidateTime, TDes& aConfigSection) + { + + CPKIXValidationResult* result = CPKIXValidationResult::NewLC(); + + iActiveObject = new (ELeave) CValidateCertChainHelper(Logger()); + CleanupStack::PushL(iActiveObject); + + User::LeaveIfError(iActiveObject->PerformTestL(iCertChain, *result, aValidateTime)); + + CleanupStack::PopAndDestroy(iActiveObject); + iActiveObject = NULL; + + TInt expectedError; + GetIntFromConfig(aConfigSection, KError, expectedError); + + if ((result->Error()).iReason != expectedError) + { + ERR_PRINTF3(_L("ERROR: Error: %d. Expected error: %d"), (result->Error()).iReason, expectedError); + User::Leave(KErrGeneral); + } + + if (expectedError != EValidatedOK) + { + //we are expected to error + TInt certIndex; + GetIntFromConfig(aConfigSection, KErrorIndex, certIndex); + if ((result->Error()).iCert != certIndex) + { + ERR_PRINTF3(_L("ERROR: Error certificate index: %d. Expected index: %d"), (result->Error()).iCert, certIndex); + User::Leave(KErrGeneral); + } + else{ + CleanupStack::PopAndDestroy(result); + return; //we have passed + } + } + + + const CArrayFixFlat& warns = result->Warnings(); + RArray resultOldWarnings; + CleanupClosePushL(resultOldWarnings); + TInt i; + for (i=0; i < warns.Count(); ++i) + { + resultOldWarnings.AppendL(warns[i]); + } + + const RPointerArray& certificateWarningsArray = result->ValidationWarnings(); + + HBufC* key; + + RArray processedPolicyQualifiers; + CleanupClosePushL(processedPolicyQualifiers); + + TInt qualifierWarning = 18; + + for (i=0; i < iNumberOfCerts; ++i) + { + key = HBufC::NewLC(KCert().Length() + KKeyFormat().Length() + KPolicyIndex().Length()); + TPtr ptr(key->Des()); + ptr = KCert(); + ptr.AppendFormat(KKeyFormat(), i); + ptr.Append(KPolicyIndex()); + + TInt policyIndex = 0; + GetIntFromConfig(aConfigSection, *key, policyIndex); + + if (policyIndex > 0) + { + TValidationError error = (TValidationError) qualifierWarning; + processedPolicyQualifiers.Append(TValidationStatus(error, policyIndex)); + } + + CleanupStack::PopAndDestroy(key); + } + + //handle 1st part old warnings first - check any warnings we expect are present (later we check no additionals) + CheckWarningsPresentAndRemoveL(processedPolicyQualifiers, resultOldWarnings); + + RArray configOldWarnings; + CleanupClosePushL(configOldWarnings); + RArray processedConfigOldWarnings; + CleanupClosePushL(processedConfigOldWarnings); + + RArray configNewWarnings; + CleanupClosePushL(configNewWarnings); + RArray configCritOids; + CleanupClosePushL(configCritOids); + + for (TInt cert_index=0; cert_index < iNumberOfCerts; ++cert_index) + { + INFO_PRINTF2(_L("Certificate index: %d"), cert_index); + key = HBufC::NewLC(KCert().Length() + KKeyFormat().Length() + KOldWarnings().Length()); + TPtr ptr(key->Des()); + ptr = KCert(); + ptr.AppendFormat(KKeyFormat(), cert_index); + ptr.Append(KOldWarnings()); + + GetIntArrayFromConfigL(aConfigSection, *key, configOldWarnings); + + processedConfigOldWarnings.Reset(); + for (TInt i=0; i < configOldWarnings.Count(); ++i) + { + TValidationError error = (TValidationError) configOldWarnings[i]; + processedConfigOldWarnings.Append(TValidationStatus(error, cert_index)); + } + + TransferToNewWarningsL(configOldWarnings, configNewWarnings, cert_index); + + ptr.Zero(); + ptr = KCert(); + ptr.AppendFormat(KKeyFormat(), cert_index); + ptr.Append(KCritOid()); + + GetStringArrayFromConfigL(aConfigSection, *key, configCritOids); + + CleanupStack::PopAndDestroy(key); + + //we now have all our arguments from the config file + + //handle 1st part old warnings first - check any warnings we expect are present (later we check no additionals) + CheckWarningsPresentAndRemoveL(processedConfigOldWarnings, resultOldWarnings); + + + CCertificateValidationWarnings* certWarning = certificateWarningsArray[((iNumberOfCerts - cert_index) - 1)]; //not owned //warnings returned in reverse order + + //check cert and certindex match up correctly + if (certWarning->CertIndex() != cert_index) + { + ERR_PRINTF3(_L("ERROR: Certificate indexes do not match. Certificate index: %d. Expected index: %d"), certWarning->CertIndex(), cert_index); + User::Leave(KErrGeneral); + } + + key = HBufC::NewLC(KCert().Length() + KKeyFormat().Length() + KPolicyIndex().Length()); + TPtr pt(key->Des()); + pt = KCert(); + pt.AppendFormat(KKeyFormat(), cert_index); + pt.Append(KPolicyIndex()); + + TInt policyIndex = 0; + GetIntFromConfig(aConfigSection, *key, policyIndex); + + if (policyIndex > 0) + { + TValidationError error = (TValidationError) qualifierWarning; + configNewWarnings.Append(TValidationStatus(error, policyIndex)); + } + + CleanupStack::PopAndDestroy(key); + + //check new warnings behave correctly + CheckWarningsPresentAndRemoveL(certWarning->Warnings(), configNewWarnings); + + if (configNewWarnings.Count() != 0) + { + for (TInt err=0; err < configNewWarnings.Count(); ++err) + { + ERR_PRINTF2(_L("ERROR: Warning(new API) not reported: %d"), (configNewWarnings[err]).iReason); + } + User::Leave(KErrGeneral); + } + + + //check critoids behave correctly + CheckCriticalExtsPresentAndRemoveL(certWarning->CriticalExtensionsFound(), configCritOids); + if (configCritOids.Count() != 0) + { + for (TInt err=0; err < configCritOids.Count(); ++err) + { + ERR_PRINTF2(_L("ERROR: Critical extension not reported: %S"), &configCritOids[err]); + } + User::Leave(KErrGeneral); + } + + configOldWarnings.Reset(); + configNewWarnings.Reset(); + configCritOids.Reset(); + } + + CleanupStack::PopAndDestroy(5, &processedPolicyQualifiers); + + //check if any warnings in old api we weren't expecting + if (resultOldWarnings.Count() != 0) + { + for (TInt warn=0; warn < resultOldWarnings.Count(); ++warn) + { + ERR_PRINTF3(_L("ERROR: Warning(old API) not reported: %d. Index: %d"), (resultOldWarnings[warn]).iReason, (resultOldWarnings[warn]).iCert); + } + User::Leave(KErrGeneral); + } + + CleanupStack::PopAndDestroy(2, result); + } + +void CValidateCertChainStep::TransferToNewWarningsL(RArray& aOldWarnings, RArray& aNewWarnings, TInt aCertIndex) + { + for (TInt i=0; i < aOldWarnings.Count(); ++i) + { + switch (aOldWarnings[i]) + { + case ECriticalExtendedKeyUsage: + break; + case ECriticalPolicyMapping: + break; + case ECriticalDeviceId: + break; + case ECriticalSid: + break; + case ECriticalVid: + break; + case ECriticalCapabilities: + break; + case ECriticalCertPoliciesWithQualifiers: //handled by ini parameter due to overloading by warning of iCert value + break; + default: + TValidationError error = (TValidationError) aOldWarnings[i]; + aNewWarnings.AppendL(TValidationStatus(error, aCertIndex)); + } + } + } + + + + + +void CValidateCertChainStep::CheckWarningsPresentAndRemoveL(const RArray& aWarningsToCheckFor, RArray& aWarningsToCheckIn) + { + TBool found; + for (TInt warnings_index=0; warnings_index < aWarningsToCheckFor.Count(); ++warnings_index) + { + found = EFalse; + for (TInt k=0; k < aWarningsToCheckIn.Count(); ++k) + { + if (ValidationStatusEqual(aWarningsToCheckFor[warnings_index], aWarningsToCheckIn[k])) + { + found = ETrue; + aWarningsToCheckIn.Remove(k); + break; + } + } + + if (!found) + { + ERR_PRINTF2(_L("ERROR: Warning not present: %d"), aWarningsToCheckFor[warnings_index].iReason); + User::Leave(KErrGeneral); + } + } + } + + +TBool CValidateCertChainStep::ValidationStatusEqual(const TValidationStatus& aValidationStatus1, const TValidationStatus& aValidationStatus2) + { + if (aValidationStatus1.iReason != aValidationStatus2.iReason) + { + return EFalse; + } + if (aValidationStatus1.iCert != aValidationStatus2.iCert) + { + return EFalse; + } + return ETrue; + } + + +//takes away from aOidsToCheckAgainst +void CValidateCertChainStep::CheckCriticalExtsPresentAndRemoveL(const RPointerArray& aOidsToLookFor, RArray& aOidsToCheckAgainst) + { + TBool found; + for (TInt oid_index=0; oid_index < aOidsToLookFor.Count(); ++oid_index) + { + found = EFalse; + for (TInt k=0; k < aOidsToCheckAgainst.Count(); ++k) + { + if ((*aOidsToLookFor[oid_index])==(aOidsToCheckAgainst[k])) + { + found = ETrue; + aOidsToCheckAgainst.Remove(k); + break; + } + } + + if (!found) + { + ERR_PRINTF2(_L("ERROR: Critical extension OID not present: %S"), aOidsToLookFor[oid_index]); + User::Leave(KErrGeneral); + } + } + } + + + +//////////////////////////************ + +CValidateCertChainHelper::CValidateCertChainHelper(CTestExecuteLogger& aLogger) +: CActive(EPriorityStandard), iLogger(aLogger) + { + CActiveScheduler::Add(this); + } + + +CValidateCertChainHelper::~CValidateCertChainHelper() + { + Cancel(); + } + + +TInt CValidateCertChainHelper::PerformTestL(CPKIXCertChain* aCertChain, CPKIXValidationResult& aValidResult, TTime aValidateTime) + { + iCertChain = aCertChain; + + //call async + aCertChain->ValidateL(aValidResult, aValidateTime, iStatus); + + SetActive(); + CActiveScheduler::Start(); + + return iRunError; + } + + +void CValidateCertChainHelper::DoCancel() + { + iCertChain->CancelValidate(); + } + + +void CValidateCertChainHelper::RunL() + { + iRunError = KErrNone; + User::LeaveIfError(iStatus.Int()); + + //processing here + + + CActiveScheduler::Stop(); + } + + +TInt CValidateCertChainHelper::RunError(TInt aError) + { + iRunError = aError; + //processing here + + + CActiveScheduler::Stop(); + return KErrNone; + } +