Result CheckIssuerIndependentProperties(TrustDomain& trustDomain, BackCert& cert, PRTime time, EndEntityOrCA endEntityOrCA, KeyUsage requiredKeyUsageIfPresent, KeyPurposeId requiredEKUIfPresent, const CertPolicyId& requiredPolicy, unsigned int subCACount, /*optional out*/ TrustLevel* trustLevelOut) { Result rv; TrustLevel trustLevel; rv = MapSECStatus(trustDomain.GetCertTrust(endEntityOrCA, requiredPolicy, cert.GetDER(), &trustLevel)); if (rv != Success) { return rv; } if (trustLevel == TrustLevel::ActivelyDistrusted) { return Fail(RecoverableError, SEC_ERROR_UNTRUSTED_CERT); } if (trustLevel != TrustLevel::TrustAnchor && trustLevel != TrustLevel::InheritsTrust) { // The TrustDomain returned a trust level that we weren't expecting. PORT_SetError(PR_INVALID_STATE_ERROR); return FatalError; } if (trustLevelOut) { *trustLevelOut = trustLevel; } // 4.2.1.1. Authority Key Identifier is ignored (see bug 965136). // 4.2.1.2. Subject Key Identifier is ignored (see bug 965136). // 4.2.1.3. Key Usage rv = CheckKeyUsage(endEntityOrCA, cert.encodedKeyUsage, requiredKeyUsageIfPresent); if (rv != Success) { return rv; } // 4.2.1.4. Certificate Policies rv = CheckCertificatePolicies(endEntityOrCA, cert.encodedCertificatePolicies, cert.encodedInhibitAnyPolicy, trustLevel, requiredPolicy); if (rv != Success) { return rv; } // 4.2.1.5. Policy Mappings are not supported; see the documentation about // policy enforcement in pkix.h. // 4.2.1.6. Subject Alternative Name dealt with during name constraint // checking and during name verification (CERT_VerifyCertName). // 4.2.1.7. Issuer Alternative Name is not something that needs checking. // 4.2.1.8. Subject Directory Attributes is not something that needs // checking. // 4.2.1.9. Basic Constraints. rv = CheckBasicConstraints(endEntityOrCA, cert.encodedBasicConstraints, cert.version, trustLevel, subCACount); if (rv != Success) { return rv; } // 4.2.1.10. Name Constraints is dealt with in during path building. // 4.2.1.11. Policy Constraints are implicitly supported; see the // documentation about policy enforcement in pkix.h. // 4.2.1.12. Extended Key Usage rv = CheckExtendedKeyUsage(endEntityOrCA, cert.encodedExtendedKeyUsage, requiredEKUIfPresent); if (rv != Success) { return rv; } // 4.2.1.13. CRL Distribution Points is not supported, though the // TrustDomain's CheckRevocation method may parse it and process it // on its own. // 4.2.1.14. Inhibit anyPolicy is implicitly supported; see the documentation // about policy enforcement in pkix.h. // IMPORTANT: This check must come after the other checks in order for error // ranking to work correctly. rv = CheckTimes(cert.GetNSSCert(), time); if (rv != Success) { return rv; } return Success; }
void CUT_PBASE_T_USBDI_0498::TransferCompleteL(TInt aTransferId,TInt aCompletionCode) { OstTraceFunctionEntryExt( CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_ENTRY, this ); Cancel(); TInt err(KErrNone); TBuf<256> msg; OstTraceExt3(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL, "Transfer completed (id=%d), aCompletionCode = %d, test step = %d",aTransferId, aCompletionCode, iCaseStep); switch(iCaseStep) { case ETransfer: if(aCompletionCode != KErrNone) { iIfc1OutTransfer[0]->Cancel(); iIfc1OutTransfer[1]->Cancel(); iIfc2OutTransfer[0]->Cancel(); iIfc2OutTransfer[1]->Cancel(); iIfc1InTransfer[0]->Cancel(); iIfc1InTransfer[1]->Cancel(); iIfc2InTransfer[0]->Cancel(); iIfc2InTransfer[1]->Cancel(); err = KErrCorrupt; msg.Format(_L("<Error %d> The transfer completed with an error."), aCompletionCode); break; //switch(iCaseStep) } switch(aTransferId) { case KIfc1BulkTransferOutId1: case KIfc1BulkTransferOutId2: case KIfc2BulkTransferOutId1: case KIfc2BulkTransferOutId2: iTransferComplete |= aTransferId; OstTraceExt2(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP01, "Transfer OUT %d completed (Transfer Completion Aggregation Mask 0x%x)", aTransferId, iTransferComplete); break; //switch(aTransferId) case KIfc1BulkTransferInId1: case KIfc1BulkTransferInId2: case KIfc2BulkTransferInId1: case KIfc2BulkTransferInId2: iTransferComplete |= aTransferId; OstTraceExt2(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP02, "Transfer OUT %d completed (Transfer Completion Aggregation Mask 0x%x)", aTransferId, iTransferComplete); break; //switch(aTransferId) default: iTransferComplete = 0; //reset err = KUnexpectedTransferID; msg.Format(_L("<Error %d> Unexpected transfer ID, GOT %d, (wanted one of:- %d, %d, %d, %d, %d, %d, %d, or%d)"), err, aTransferId, KIfc1BulkTransferInId1, KIfc1BulkTransferInId2, KIfc2BulkTransferInId1, KIfc2BulkTransferInId2, KIfc1BulkTransferOutId1, KIfc1BulkTransferOutId2, KIfc2BulkTransferOutId1, KIfc2BulkTransferOutId2 ); break; //switch(aTransferId) } // Transfer Out Response if(err==KErrNone && iTimeElapsed[0] == 0 && (iTransferComplete & KIfc1BulkTransferOutIdMask) == KIfc1BulkTransferOutIdMask) //Record time elapsed for Interface 1 if not yet recorded. { RecordTime(0); } if(err==KErrNone && iTimeElapsed[1] == 0 && (iTransferComplete & KIfc2BulkTransferOutIdMask) == KIfc2BulkTransferOutIdMask) //Record time elapsed for Interface 2 if not yet recorded. { RecordTime(1); } if(err==KErrNone && (iTransferComplete & KBulkTransferOutIdMask) == KBulkTransferOutIdMask) { OstTrace1(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP03, "All OUT Transfers Completed Successfully: Transfer Completion Aggregation Mask 0x%x", iTransferComplete); //Leave validation to the point at which all transfers have completed. } // Transfer In Response if(err==KErrNone && iTimeElapsed[2] == 0 && (iTransferComplete & KIfc1BulkTransferInIdMask) == KIfc1BulkTransferInIdMask) //Record time elapsed for Interface 1 if not yet recorded. { RecordTime(2); } if(err==KErrNone && iTimeElapsed[3] == 0 && (iTransferComplete & KIfc2BulkTransferInIdMask) == KIfc2BulkTransferInIdMask) //Record time elapsed for Interface 2 if not yet recorded. { RecordTime(3); } if(err==KErrNone && (iTransferComplete & KBulkTransferInIdMask) == KBulkTransferInIdMask) { // ok, compare data rcvd now OstTrace1(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP04, "All IN Transfers Completed Successfully: Transfer Completion Aggregation Mask 0x%x", iTransferComplete); TPtrC8 data1(iIfc1InTransfer[0]->DataPolled()); TPtrC8 data2(iIfc1InTransfer[1]->DataPolled()); TPtrC8 data3(iIfc2InTransfer[0]->DataPolled()); TPtrC8 data4(iIfc2InTransfer[1]->DataPolled()); //Validate first transfer on Interface 1 for number of bytes originally written. if(ValidateData(data1, KLiteralFrench4(), KHostNumWriteBytes1) == EFalse) { OstTrace0(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP05, "Validation failure 1st transfer, Interface 1"); err = KErrCompletion; //indicates data validation failure break; //switch(iCaseStep) } //Validate second transfer on Interface 1 for number of bytes originally written. if(ValidateData(data2, KLiteralFrench4(), KHostNumWriteBytes1, KHostNumWriteBytes2) == EFalse) { OstTrace0(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP06, "Validation failure 2nd transfer, Interface 1"); err = KErrCompletion; //indicates data validation failure break; //switch(iCaseStep) } //Validate first transfer on Interface 2 for number of bytes originally written. if(ValidateData(data3, KLiteralEnglish2(), KHostNumWriteBytes1) == EFalse) { OstTrace0(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP07, "Validation failure 1st transfer, Interface 2"); err = KErrCompletion; //indicates data validation failure break; //switch(iCaseStep) } //Validate second transfer on Interface 2 for number of bytes originally written. if(ValidateData(data4, KLiteralEnglish2(), KHostNumWriteBytes1, KHostNumWriteBytes2) == EFalse) { OstTrace0(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP08, "Validation failure 2nd transfer, Interface 2"); err = KErrCompletion; //indicates data validation failure break; //switch(iCaseStep) } // Comparison is a match OstTrace0(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP09, "Comparison for IN transfer is a match"); } break; //switch(iCaseStep) default: err = KUndefinedStep; msg.Format(_L("<Error %d> Undefined case step %d reached"),KUndefinedStep, iCaseStep); break; //switch(iCaseStep) } if(err == KErrNone && iTransferComplete == KBulkTransferIdMask) /* Transfers all complete - now ask device to validate first interface's transfer OUT */ { OstTrace0(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP10, "Checking all times against each other"); err = CheckTimes(0, 1, KMaxTimeDiffPercentage); err = err?err:CheckTimes(0, 2, KMaxTimeDiffPercentage); err = err?err:CheckTimes(0, 3, KMaxTimeDiffPercentage); err = err?err:CheckTimes(1, 2, KMaxTimeDiffPercentage); err = err?err:CheckTimes(1, 3, KMaxTimeDiffPercentage); err = err?err:CheckTimes(2, 3, KMaxTimeDiffPercentage); ResetTimes(0); ResetTimes(1); ResetTimes(2); ResetTimes(3); if(err==KErrNone) { OstTrace0(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP11, "Asking client for 'Validate' data written on interface 1"); iCaseStep = ERequestDeviceValidateIFC1; TEndpointStringValidationRequest request(1,1,KLiteralFrench4(),KDeviceNumReadBytes); iControlEp0->SendRequest(request,this); } } if(err == KErrCompletion) //indicates data validation failure { msg.Format(_L("<Error %d> Bulk transfer IN data received does not match Bulk Transfer OUT data"), err); } if(err == KErrTooBig) //indicates timing validation failure { msg.Format(_L("<Error %d> Timer comparison showed too great a difference in transfer times between the two interfaces"), err); } if(err!=KErrNone) { OstTrace0(TRACE_NORMAL, CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_DUP12, msg); iCaseStep = EFailed; TTestCaseFailed request(err,msg); return iControlEp0->SendRequest(request,this); } OstTraceFunctionExit1( CUT_PBASE_T_USBDI_0498_TRANSFERCOMPLETEL_EXIT, this ); }