DMAD_EXPORT_C void CDmAdEngine::ExecuteCommandL(const TDesC8& aUri,
const TDesC8& aLuid,
const TDesC8& aArgument,
const TDesC8& aType,
TInt aStatusRef)
{
TRACE("CDmAdEngine::ExecuteCommandL");
DEBUG_LOG1(_L8("aUri %S"), &aUri);
DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
DEBUG_LOG(_L("Argument:"));
DEBUG_LOG_HEX(aArgument);
DEBUG_LOG1(_L8("aType %S"), &aType);
DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
if (!iDdfApi->IsLeafUnderRtNodeL(aUri))
{
iDdfApi->NotRtNodeUpdateLeafObjectL(aUri, aLuid, aArgument, aType, aStatusRef);
}
else
{
iCallBack->SetStatusL(aStatusRef, KErrNotFound);
}
}
DMAD_EXPORT_C void CDmAdEngine::DeleteObjectL(const TDesC8& aUri, const TDesC8& aLuid, TInt aStatusRef)
{
TRACE("CDmAdEngine::DeleteObjectL");
DEBUG_LOG1(_L8("aUri %S"), &aUri);
DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
TRAPD(err, DoDeleteObjectL(uri, aLuid, aStatusRef));
if (err != KErrNone)
{
iCallBack->SetStatusL(aStatusRef, err);
}
}
void CIkeV2PkiService::SignalObserverL(TInt aStatus)
{
DEBUG_LOG1(_L("CIkeV2PkiService::SignalObserverL: Signalling with %d"), aStatus);
if (aStatus != KErrNone)
{
delete iUserCertificate;
iUserCertificate = NULL;
delete iCaName;
iCaName = NULL;
iCertPtr.Zero();
iTrustedCAList->ResetAndDestroy(); // Trusted CA certificate list
}
iIkeData = NULL;
iSubjName->Des().Zero();
iRfc822Name->Des().Zero();
iCertKeyId.Zero();
iResArray = NULL;
iCasTrustedByPeer.Reset();
delete iIkeDataCAList;
iIkeDataCAList = NULL;
iState = EPkiServiceIdle;
iObserver.IkeV2PkiInitCompleteL(aStatus);
}
void CIkev1SA::CancelRekey()
{
if ( iLeftOverTime != 0 )
{
DEBUG_LOG1(_L("CIkev1SA::CancelRekey, remaining time=%d"), iLeftOverTime );
iRemainingTime = iLeftOverTime;
iLeftOverTime = 0;
}
}
DMAD_EXPORT_C void CDmAdEngine::ChildURIListL(const TDesC8& aUri, const TDesC8& aParentLuid,
const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList,
TInt aResultsRef, TInt aStatusRef)
{
TRACE("CDmAdEngine::ChildURIListL");
DEBUG_LOG1(_L8("aUri %S"), &aUri);
DEBUG_LOG1(_L8("aParentLuid %S"), &aParentLuid);
DEBUG_LOG2(_L("aResultsRef = %d, aStatusRef = %d"), aResultsRef, aStatusRef);
TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
TRAPD(err, DoChildUriListL(uri, aParentLuid, aPreviousUriSegmentList, aResultsRef, aStatusRef));
if (err != KErrNone)
{
iCallBack->SetStatusL(aStatusRef, err);
}
}
static void damagerect(VTermScreen *screen, VTermRect rect)
{
VTermRect emit;
switch(screen->damage_merge) {
case VTERM_DAMAGE_CELL:
/* Always emit damage event */
emit = rect;
break;
case VTERM_DAMAGE_ROW:
/* Emit damage longer than one row. Try to merge with existing damage in
* the same row */
if(rect.end_row > rect.start_row + 1) {
/* Bigger than 1 line - flush existing, emit this */
vterm_screen_flush_damage(screen);
emit = rect;
}
else if(screen->damaged.start_row == -1) {
/* None stored yet */
screen->damaged = rect;
return;
}
else if(rect.start_row == screen->damaged.start_row) {
/* Merge with the stored line */
if(screen->damaged.start_col > rect.start_col)
screen->damaged.start_col = rect.start_col;
if(screen->damaged.end_col < rect.end_col)
screen->damaged.end_col = rect.end_col;
return;
}
else {
/* Emit the currently stored line, store a new one */
emit = screen->damaged;
screen->damaged = rect;
}
break;
case VTERM_DAMAGE_SCREEN:
case VTERM_DAMAGE_SCROLL:
/* Never emit damage event */
if(screen->damaged.start_row == -1)
screen->damaged = rect;
else {
rect_expand(&screen->damaged, &rect);
}
return;
default:
DEBUG_LOG1("TODO: Maybe merge damage for level %d\n", screen->damage_merge);
return;
}
if(screen->callbacks && screen->callbacks->damage)
(*screen->callbacks->damage)(emit, screen->cbdata);
}
DMAD_EXPORT_C void CDmAdEngine::UpdateLeafObjectL(const TDesC8& aUri, const TDesC8& aLuid,
const TDesC8& aObject, const TDesC8& aType,
TInt aStatusRef)
{
TRACE("CDmAdEngine::UpdateLeafObjectL");
DEBUG_LOG1(_L8("aUri %S"), &aUri);
DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
DEBUG_LOG1(_L8("aType %S"), &aType);
DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
DEBUG_LOG(_L("Object:"));
DEBUG_LOG_HEX(aObject);
TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
TRAPD(err, DoUpdateLeafObjectL(uri, aLuid, aObject, aType, aStatusRef));
if (err != KErrNone)
{
iCallBack->SetStatusL(aStatusRef, err);
}
}
DMAD_EXPORT_C void CDmAdEngine::FetchLeafObjectSizeL(const TDesC8& aUri,
const TDesC8& aLuid,
const TDesC8& aType,
TInt aResultsRef,
TInt aStatusRef)
{
TRACE("CDmAdEngine::FetchLeafObjectSizeL");
DEBUG_LOG1(_L8("aUri %S"), &aUri);
DEBUG_LOG1(_L8("aLuid %S"), &aLuid);
DEBUG_LOG1(_L8("aType %S"), &aType);
DEBUG_LOG2(_L("aResultsRef = %d, aStatusRef = %d"), aResultsRef, aStatusRef);
TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
TInt status = KErrNone;
CBufBase* object = 0;
TRAPD(err, status = DoFetchLeafObjectL(uri, aLuid, aType, object));
if (err != KErrNone)
{
iCallBack->SetStatusL(aStatusRef, err);
return;
}
if (status != KErrNone)
{
delete object;
iCallBack->SetStatusL(aStatusRef, status);
return;
}
CleanupStack::PushL(object);
TInt objSizeInBytes = object->Size();
HBufC8* sizeBuf = TDmAdUtil::IntToDes8LC(objSizeInBytes);
object->Reset();
object->InsertL(0, *sizeBuf);
iCallBack->SetResultsL(aResultsRef, *object, aType);
iCallBack->SetStatusL(aStatusRef, status);
CleanupStack::PopAndDestroy(2); //sizeBuf, object
}
void CIkeV2PkiService::RunL()
{
DEBUG_LOG1(_L("CIkeV2PkiService::RunL: Status %d"), iStatus.Int());
//
// A PKI service operation completed. Take actions according to
// iOperation code
//
TInt err = KErrNone;
TInt status = iStatus.Int();
iPkiService.Finalize(iResArray);
iResArray = NULL;
switch ( iState )
{
case EBuildingCaList:
TRAP(err, BuildingCaListRunL());
break;
case EReadingCertificate:
TRAP(err, ReadUserCertificateRunL());
break;
case EReadingCertificateChain:
TRAP(err, ReadCertificateChainRunL());
break;
default:
DEBUG_LOG(_L("RunL called in unknown state"));
User::Invariant();
break;
}
if ( err != KErrNone )
{
DEBUG_LOG(_L("Operation completed. Signalling observer."));
SignalObserverL(err);
}
}
//
// Flush all Ipsec SA:s bound to this IKE SA from SADB and send Delete
// payload for all inbound SAs
//
void CIkev1SA::DeleteIpsecSAs()
{
TIpsecSPI* spi_node;
TInt c = iSPIList->Count();
for (TInt i = 0; i < c; i++)
{
spi_node = iSPIList->At(i);
if ( spi_node->iInbound )
{
//Only the inbound ones notified to avoid receiving packets using an expired SA
//The opposite if receiving a Delete
DEBUG_LOG1(_L("Sending ISAKMP Delete payload for IPSec SPI %x"),
(int)ByteOrder::Swap32(spi_node->iSPI));
// Call to delete may fail (delete sends DELETE payloads, and the data connection
// may not be open anymore). This is non-fatal, however.
TRAPD(err, iPluginSession.DeleteIpsecSAL(&iHdr, spi_node));
if (err == KErrNone)
{
// DELETE sent successfully
DEBUG_LOG(_L("CIkev1SA::DeleteIpsecSAsL() IPsec SA delete OK"));
}
else if (err == KErrNotFound)
{
// Non-fatal leave occured (couldn't send DELETE due to invalid connection)
// We can still continue purging IPSEC SAs.
DEBUG_LOG(_L("CIkev1SA::DeleteIpsecSAsL() IPsec SA delete failed due non-existing connection. Non-fatal, continuing"));
}
else
{
// Fatal leave (e.g. out of memory etc)
DEBUG_LOG(_L("CIkev1SA::DeleteIpsecSAsL() IPsec SA deletion error. Fatal."));
iPluginSession.HandleError(err);
return;
}
}
iPluginSession.DeleteIpsecSA(spi_node->iSPI, spi_node->iSrcAddr, spi_node->iDstAddr, spi_node->iProtocol);
delete spi_node;
}
iSPIList->Reset(); //Empties the full list at once
}
DMAD_EXPORT_C void CDmAdEngine::CopyCommandL(const TDesC8& aTargetUri,
const TDesC8& aTargetLuid,
const TDesC8& aSourceUri,
const TDesC8& aSourceLuid,
const TDesC8& aType,
TInt aStatusRef)
{
TRACE("CDmAdEngine::CopyCommandL");
DEBUG_LOG1(_L8("aTargetUri = %S"), &aTargetUri);
DEBUG_LOG1(_L8("aTargetLuid = %S"), &aTargetLuid);
DEBUG_LOG1(_L8("aSourceUri = %S"), &aSourceUri);
DEBUG_LOG1(_L8("aSourceLuid = %S"), &aSourceLuid);
DEBUG_LOG1(_L8("aType = %S"), &aType);
DEBUG_LOG1(_L("aStatusRef = %d"), aStatusRef);
TInt err = KErrNone;
TPtrC8 sourceUri(TDmAdUtil::RemoveDotSlash(aSourceUri));
TInt status = KErrNone;
CBufBase* object = 0;
TRAP(err, status = DoFetchLeafObjectL(sourceUri, aSourceLuid, aType, object));
if (err != KErrNone)
{
iCallBack->SetStatusL(aStatusRef, err);
return;
}
if (status != KErrNone)
{
delete object;
iCallBack->SetStatusL(aStatusRef, status);
return;
}
CleanupStack::PushL(object);
DEBUG_LOG(_L("object:"));
DEBUG_LOG_HEX(object->Ptr(0));
TPtrC8 targetUri(TDmAdUtil::RemoveDotSlash(aTargetUri));
TRAP(err, DoUpdateLeafObjectL(targetUri, aTargetLuid, object->Ptr(0), aType, aStatusRef));
if (err != KErrNone)
{
iCallBack->SetStatusL(aStatusRef, err);
}
CleanupStack::PopAndDestroy(); // object
}
DMAD_EXPORT_C void TDmAdUtil::ParseUriLC(const TDesC8& aUri, CArrayFix<TPtrC8>*& aUriSegList)
{
TPtrC8 uri(TDmAdUtil::RemoveDotSlash(aUri));
CArrayFix<TPtrC8>* uriSegList;
uriSegList = new (ELeave) CArrayFixFlat<TPtrC8>(8);
CleanupStack::PushL(uriSegList);
TPtrC8 seg;
TPtrC8 curr(uri);
while (curr.Length() > 0)
{
TInt offset = curr.Locate('/');
if (offset == KErrNotFound)
{
seg.Set(curr);
curr.Set(KNullDesC8);
}
else
{
seg.Set(curr.Left(offset));
TInt rightLth = curr.Length() - offset - 1;
if (rightLth <= 0)
{
DEBUG_LOG(_L("TDmAdUtil::ParseUriLC: corrupted uri"));
DEBUG_LOG1(_L8("URI: %S"), &aUri);
User::Leave(KErrGeneral);
}
curr.Set(curr.Right(rightLth));
}
uriSegList->AppendL(seg);
}
aUriSegList = uriSegList;
}
DMAD_EXPORT_C void TDmAdUtil::BuildRtNodeChildUriListL(MDmAdCallBack* aDmAdCallBack,
MDmAdStoreApi* aStoreApi,
const TDesC8& aUri,
const TDesC8& aParentLuid,
const CArrayFix<TSmlDmMappingInfo>& aPreviousUriSegmentList,
CBufBase& aCurrentList)
{
#ifdef DMAD_DUMP_PREVIOUS_URI_SEGMENT_LIST
DEBUG_LOG(_L("BuildRtNodeChildUriListL:"));
{
for (TInt i=0; i < aPreviousUriSegmentList.Count(); i++)
{
const TSmlDmMappingInfo& mappingInfo = aPreviousUriSegmentList.At(i);
DEBUG_LOG1(_L("entry %d:"), i);
DEBUG_LOG1(_L8("Uri: %S"), &(mappingInfo.iURISeg));
DEBUG_LOG_HEX(mappingInfo.iURISegLUID);
}
}
#endif
RPointerArray<HBufC8> luidList;
CleanupStack::PushL(TCleanupItem(PointerArrayCleanup, &luidList));
aStoreApi->LuidListL(aUri, aParentLuid, luidList);
// Finds largest number used in cli<x> named nodes.
TInt largest = FindLargestLocallyCreated(aPreviousUriSegmentList);
DEBUG_LOG1(_L("largest is cli%d"), largest);
TInt countLuidList = luidList.Count();
for (TInt j=0; j < countLuidList; j++)
{
const HBufC8* luidElem = luidList[j];
HBufC8* uriSeg = 0;
//Tries to find the luid from the aPreviousUriSegmentList
for (TInt i=0; i < aPreviousUriSegmentList.Count(); i++)
{
const TSmlDmMappingInfo& mappingInfo = aPreviousUriSegmentList.At(i);
if (mappingInfo.iURISegLUID.Compare(*luidElem) == 0)
{
uriSeg = mappingInfo.iURISeg.AllocLC();
break;
}
}
if (uriSeg == 0)
{
//Uri was not found from the aPreviousUriSegmentList
uriSeg = BuildLocallyCreatedRtNodeUriSegLC(largest);
DEBUG_LOG2(_L8("uriSeg %S, largest %d"), uriSeg, largest);
HBufC8* wholeUri = TDmAdUtil::BuildUriLC(aUri, *uriSeg);
aDmAdCallBack->SetMappingL(*wholeUri, *luidElem);
CleanupStack::PopAndDestroy(); //wholeUri
}
//If this is not the first element, inserts slash at the beginning
//of the result list.
if (j > 0)
{
aCurrentList.InsertL(aCurrentList.Size(), KDmAdSeparator);
}
aCurrentList.InsertL(aCurrentList.Size(), *uriSeg);
CleanupStack::PopAndDestroy(); // uriSeg
}
CleanupStack::PopAndDestroy(); //luidList
}
EXPORT_C TInt CIkeV2PkiService::Ikev2SignatureL(const TDesC8& aTrustedAuthority,
const TOwnCertInfo& aOwnCertInfo,
const TDesC8& aMsgOctets,
TDes8& aSignature, TUint8 aAuthMeth)
{
__ASSERT_ALWAYS(!IsActive(), User::Invariant());
TPKIKeyAlgorithm keyAlgorithm = EPKIRSA;
TInt length = aOwnCertInfo.iSubjectDnSuffix.Length();
if ( length )
{
delete iSubjName;
iSubjName = NULL;
iSubjName = HBufC8::NewL(length);
iSubjName->Des().Copy(aOwnCertInfo.iSubjectDnSuffix);
}
else
{
iSubjName->Des().Zero();
}
length = aOwnCertInfo.iRfc822NameFqdn.Length();
if ( length )
{
delete iRfc822Name;
iRfc822Name = NULL;
iRfc822Name = HBufC8::NewL(length);
iRfc822Name->Des().Copy(aOwnCertInfo.iRfc822NameFqdn);
}
else
{
iRfc822Name->Des().Zero();
}
//
// Build PKCS1v15 format signature (ASN1 encoded) for RSA and SHA1 for DSA
//
CUtlMessageDigest* digest = TUtlCrypto::MakeMessageDigesterL(TUtlCrypto::EUtlMessageDigestSha1);
CleanupStack::PushL(digest);
HBufC8* asn1EncodedHash =NULL;
HBufC8* DSSHash = NULL;
switch( aAuthMeth )
{
case RSA_DIGITAL_SIGN:
asn1EncodedHash = IkeCert::BuildPkcs1v15HashL(digest->Final(aMsgOctets));
User::LeaveIfNull(asn1EncodedHash);
CleanupStack::PopAndDestroy(digest);
CleanupStack::PushL(asn1EncodedHash);
User::LeaveIfError(iPkiService.Sign(aTrustedAuthority, *iSubjName, *iRfc822Name,
EX509DigitalSignature, aOwnCertInfo.iPrivateKeyLength,
keyAlgorithm, *asn1EncodedHash, aSignature));
CleanupStack::PopAndDestroy(asn1EncodedHash);
DEBUG_LOG(_L("Signing Auth data using RSA key."));
break;
case DSS_DIGITAL_SIGN:
DSSHash = HBufC8::New(20);
DSSHash->Des().Append(digest->Final(aMsgOctets));
CleanupStack::PopAndDestroy(digest);
CleanupStack::PushL(DSSHash);
User::LeaveIfError(iPkiService.Sign(aTrustedAuthority, *iSubjName, *iRfc822Name,
EX509DigitalSignature, aOwnCertInfo.iPrivateKeyLength,
keyAlgorithm, *DSSHash, aSignature));
CleanupStack::PopAndDestroy(DSSHash);
DEBUG_LOG(_L("Signing Auth data using DSA key."));
break;
default:
DEBUG_LOG1(_L("Authentication method %d not supported when using digital signatures."), aAuthMeth);
User::Leave(KErrNotSupported);
break;
}
return aSignature.Length();
}
void CIkev1SA::ConstructL(TIkev1SAData& aIkev1SAdata, CSARekeyInfo* aSaRekey)
{
CTimer::ConstructL();
iHdr.CopyL(aIkev1SAdata);
if ( aSaRekey )
{
//
// Rekeyed IKE SA. Try to find "original" IKE SA and move IPSEC
// SPI list from that SA to the new rekeyed one.
// If "original" IKE SA is found, (re)start expiration timer
// with rekey "left over" time.
//
iRekeyed = ETrue;
CIkev1SA *OrigSA = iPluginSession.FindIkev1SA(aSaRekey->GetCookieI(), aSaRekey->GetCookieR());
if ( OrigSA )
{
DEBUG_LOG(_L("ISAKMP SA Rekeyed, SPI list moved from original SA"));
iSPIList = OrigSA->iSPIList;
OrigSA->iSPIList = NULL;
OrigSA->iSPIList = new (ELeave) CIpsecSPIList(1); // Dummy
if ( OrigSA->IsActive() )
{
OrigSA->Cancel();
OrigSA->iRemainingTime = 0;
OrigSA->iLeftOverTime = 0;
DEBUG_LOG1(_L("Rekeyed SA expiration time set to %u"),OrigSA->iRemainingTime);
OrigSA->StartTimer();
}
}
}
if ( !iSPIList )
iSPIList = new (ELeave) CIpsecSPIList(4);
TInt DPDHeartbeat;
if ( iHdr.iDPDSupported && iHdr.iIkeData->iDPDHeartBeat )
DPDHeartbeat = iHdr.iIkeData->iDPDHeartBeat;
else DPDHeartbeat = 0;
TInt KeepAliveTimeout = 0;
TInt port = IkeSocket::KIkePort500;
TUint32 NATKeepAlive = (iHdr.iNAT_D_Flags & LOCAL_END_NAT);
if ( NATKeepAlive || iHdr.iNAT_T_Required )
{
KeepAliveTimeout = (TInt)iHdr.iIkeData->iNatKeepAlive;
if ( NATKeepAlive )
{
port = IkeSocket::KIkePort4500;
if ( KeepAliveTimeout == 0 )
KeepAliveTimeout = 120; // If not configured use 2 minutes
}
}
if ( DPDHeartbeat || KeepAliveTimeout )
{
iIkeKeepAlive = CIkeV1KeepAlive::NewL( iPluginSession,
port,
(TInetAddr&)iHdr.iDestinAddr,
KeepAliveTimeout,
DPDHeartbeat,
(MDpdHeartBeatEventHandler*)this );
}
// Nokia NAT-T needed
if (!NATKeepAlive &&
iHdr.iNAT_T_Required &&
(KeepAliveTimeout > 0) )
{
// Start Nokia IPsec over NAT keepalive handler
TInetAddr addr = (TInetAddr)iHdr.iDestinAddr;
// NAT-T default ESP UDP port
TInt port(KNokiaNattDefaultPort);
if (iHdr.iIkeData->iEspUdpPort)
port = iHdr.iIkeData->iEspUdpPort;
iNokiaNatt = CIkev1NokiaNattKeepAlive::NewL( iPluginSession,
addr,
port,
KeepAliveTimeout,
iDebug );
}
if ( !iHdr.iVirtualIp && aSaRekey )
{
//
// Rekeyed IKE SA. No virtual IP address received in IKE SA
// negotiation. Get "old" virtual IP address saved into
// CSARekeyInfo object (if any).
//
iHdr.StoreVirtualIp(aSaRekey->GetInternalAddr());
}
//Lifetime in seconds
iRemainingTime = iHdr.iLifeTimeSecs;
if ( iRemainingTime == 0 )
iRemainingTime = DEFAULT_MAX_ISAKMP_LIFETIME;
//
// Check if IKE SA rekeying threshold value (per cent) defined
// If it is (value is between 70 - 95), use that per cent value
// as IKE SA timeout (Rekey for a new IKE SA is started then)
// "Left over" time is the expiration timeout for rekeyed IKE SA
// value which is used when rekey negotiation is started.
// The minimum value for that is set to 30 seconds
//
TInt RekeyThreshold = iHdr.iIkeData->iRekeyingThreshold;
if ( RekeyThreshold != 0 )
{
if ( RekeyThreshold < 70 )
RekeyThreshold = 70;
else if ( RekeyThreshold > 95 )
RekeyThreshold = 95;
DEBUG_LOG1(_L("Negotiated ISAKMP Lifetime set to %u"),iRemainingTime);
iLeftOverTime = iRemainingTime - ((iRemainingTime/100.0) * RekeyThreshold);
iRemainingTime -= iLeftOverTime;
if ( iLeftOverTime < 30 )
iLeftOverTime = 30;
}
DEBUG_LOG1(_L("ISAKMP Lifetime set to %u"),iRemainingTime);
//Lifetime in Kb
iRemainingKB = iHdr.iLifeTimeKB;
DEBUG_LOG1(_L("ISAKMP KB Lifetime set to %u"),iRemainingKB);
StartTimer();
}
// ---------------------------------------------------------------------------
// From class CActive
// Handles completion of asynchronous notification request.
// ---------------------------------------------------------------------------
//
void CErrorObserver::RunL()
{
DEBUG_LOG1(_L("IKE plugin session error=%d"), iStatus.Int());
iCallback.IkePluginSessionError( iStatus.Int() );
}
void CIkeV2PkiService::BuildingCaListRunL()
{
switch(iStatus.Int())
{
case KErrNone:
{
iIkeDataCAList->Delete(0);
ASSERT(iReadCertificate);
HBufC8* caCert = iReadCertificate; // Link CA buffer to CIkeCaElem
CleanupStack::PushL(caCert);
iReadCertificate = NULL;
iReadCertificate = HBufC8::NewL(KDefaultCertificateBufferSize);
iCertPtr.Set(iReadCertificate->Des());
CIkeCaElem* caElem = CIkeCaElem::NewL(caCert);
CleanupStack::Pop(caCert);
CleanupStack::PushL(caElem);
//Append ca cert to list, if not already present.
if (iTrustedCAList->FindCaElem(caElem->KeyHash()) == NULL)
{
iTrustedCAList->AppendL(caElem);
CleanupStack::Pop(caElem);
}
else
{
CleanupStack::PopAndDestroy(caElem);
}
if (iIkeDataCAList->Count() > 0)
{
ImportNextCaElemFromIkeDataListL();
}
else
{
if (iIkeData->iOwnCert.iOwnCertExists)
{
ReadTrustedUserCertificateL();
}
else
{
SignalObserverL(KErrNone);
}
}
}
break;
case KPKIErrBufferTooShort:
{
DEBUG_LOG(_L("Buffer too short"));
TInt certSize = 0;
User::LeaveIfError(iPkiService.GetRequiredBufferSize(certSize));
__ASSERT_DEBUG(iCertPtr.MaxLength() < certSize, User::Invariant());
delete iReadCertificate;
iReadCertificate = NULL;
iReadCertificate = HBufC8::NewL(certSize);
iCertPtr.Set(iReadCertificate->Des());
//Tries to reimport the certificate.
ImportNextCaElemFromIkeDataListL();
}
break;
default:
DEBUG_LOG1(_L("Error code %d"), iStatus.Int());
User::Leave(iStatus.Int());
break;
}
}
void CIkeV2PkiService::ImportNextCaElemFromIkeDataListL()
{
__ASSERT_DEBUG(iIkeDataCAList != NULL, User::Invariant());
__ASSERT_DEBUG(iIkeDataCAList->Count() > 0, User::Invariant());
const TCertInfo certInfo = (*iIkeDataCAList)[0];
switch(certInfo.iFormat)
{
case CA_NAME:
delete iSubjName;
iSubjName = NULL;
iSubjName = HBufC8::NewL(certInfo.iData.Length());
iSubjName->Des().Copy(certInfo.iData);
iPkiService.ReadCertificateL(KEmptyString,
*iSubjName, KEmptyString,
EPKICACertificate, 0,
EPKIRSA, iCertPtr,
&iResArray, iStatus);
SET_ACTIVE;
break;
case KEY_ID:
if (!IkeParser::TextToHexOctets(certInfo.iData, iCertKeyId))
{
User::Leave(KErrArgument);
}
iPkiService.ReadCertificateL(iCertKeyId, iCertPtr,
&iResArray, iStatus);
SET_ACTIVE;
break;
case APPL_UID:
{
//Get the list of applicable CA certs and appends it
//to the original list, which was defined in the policy.
//After this removes the currently handled node and
//calls the method recursively.
RArray<TUid>* applUidList = IkeParser::GetApplUidListL(certInfo.iData);
CleanupStack::PushL(TCleanupItem(CIkeV2PkiServiceApplUidArrayCleanup,
applUidList));
CArrayFix<TCertificateListEntry>* applicableCaCertList;
iPkiService.ListApplicableCertificatesL(*applUidList, applicableCaCertList);
CleanupStack::PopAndDestroy(); //applUidList
if (applicableCaCertList->Count() > 0)
{
CleanupStack::PushL(applicableCaCertList);
TCertInfo* info = new (ELeave) TCertInfo;
CleanupDeletePushL(info);
for (TInt i = 0; i < applicableCaCertList->Count(); i++)
{
const TCertificateListEntry& entry = (*applicableCaCertList)[i];
info->iFormat = CA_NAME;
info->iData.Zero();
info->iData.Copy(entry.iIdentitySubjectName);
iIkeDataCAList->AppendL(*info);
DEBUG_LOG1(_L("Appending Applicable cert to the list (%S)"), &(info->iData));
}
CleanupStack::PopAndDestroy(info);
CleanupStack::PopAndDestroy(applicableCaCertList);
iIkeDataCAList->Delete(0);
ImportNextCaElemFromIkeDataListL();
}
else
{
delete applicableCaCertList;
applicableCaCertList = NULL;
iStatus = KRequestPending;
SET_ACTIVE;
TRequestStatus* status = &iStatus;
User::RequestComplete(status, KErrNotFound);
}
}
break;
default:
User::Leave(KErrArgument);
break;
}
}
TInt CIkev1SA::RunError(TInt aError)
{
DEBUG_LOG1(_L("CIkev1SA::RunError, err=%d"), aError);
iPluginSession.HandleError(aError);
return KErrNone;
}
TBool CIkev1Payloads::ParsePayloadsL(const ThdrISAKMP &aHdr)
{
TBool Status = ETrue;
TUint16 ptype = aHdr.GetPayload();
const TPayloadISAKMP* payload = (const TPayloadISAKMP*)aHdr.Next();
iPadding = aHdr.GetLength() - sizeof(aHdr);
while ( ptype != ISAKMP_PAYLOAD_NONE )
{
if (!iNegotiation.CheckGenericPayloadL(payload)) //Checks the generic payload is OK
{
Status = EFalse;
break;
}
switch (ptype)
{
case ISAKMP_PAYLOAD_SA: //also includes proposal and transform
DEBUG_LOG(_L("[SA]"));
if ( !iSa ) // Only one SA payload (The first)
iSa = TSAISAKMP::Ptr(payload);
break;
case ISAKMP_PAYLOAD_KE:
DEBUG_LOG(_L("[KE]"));
if ( !iKe ) // Only one KE payload (The first)
iKe = TKeyISAKMP::Ptr(payload);
break;
case ISAKMP_PAYLOAD_ID:
DEBUG_LOG(_L("[ID]"));
iIds->AppendL(TIdentISAKMP::Ptr(payload));
break;
case ISAKMP_PAYLOAD_CERT:
DEBUG_LOG(_L("[CERT]"));
iCerts->AppendL(TCertificateISAKMP::Ptr(payload));
break;
case ISAKMP_PAYLOAD_CR:
DEBUG_LOG(_L("[CR]"));
iCertReqs->AppendL(TCertificateReqISAKMP::Ptr(payload));
break;
case ISAKMP_PAYLOAD_HASH:
DEBUG_LOG(_L("[HASH]"));
if ( !iHash ) // Only one HASH payload (The first)
iHash = THashISAKMP::Ptr(payload);
break;
case ISAKMP_PAYLOAD_SIG:
DEBUG_LOG(_L("[SIG]"));
if ( !iSign ) // Only one HASH payload (The first)
iSign = TSignatureISAKMP::Ptr(payload);
break;
case ISAKMP_PAYLOAD_NONCE:
DEBUG_LOG(_L("[NONCE]"));
if ( !iNonce ) // Only one NONCE payload (The first)
iNonce = TNonceISAKMP::Ptr(payload);
break;
case ISAKMP_PAYLOAD_NOTIF:
DEBUG_LOG(_L("[NOTIF]"));
iNotifs->AppendL(TNotificationISAKMP::Ptr(payload));
break;
case ISAKMP_PAYLOAD_D:
DEBUG_LOG(_L("[DELETE]"));
iDeletes->AppendL(TDeleteISAKMP::Ptr(payload));
break;
case ISAKMP_PAYLOAD_VID:
DEBUG_LOG(_L("[VID]"));
iVids->AppendL(TVendorISAKMP::Ptr(payload));
break;
//
// Extensions payloads
//
case ISAKMP_PAYLOAD_ATTRIBUTES:
DEBUG_LOG(_L("[ATTR]"));
if ( !iAttr ) // Only one ATTR payload (The first)
iAttr = TAttributeISAKMP::Ptr(payload);
break;
case ISAKMP_PAYLOAD_CHRE:
DEBUG_LOG(_L("[CHRE]"));
if ( !iChre ) // Only one CHRE payload (The first)
iChre = TCHREISAKMP::Ptr(payload);
break;
case ISAKMP_INT_NETWORK:
DEBUG_LOG(_L("[IA]"));
if ( !iIaddr ) // Only one IA payload (The first)
iIaddr = TINTNETISAKMP::Ptr(payload);
break;
case IETF_NAT_DISCOVERY:
DEBUG_LOG(_L("[NAT-D]"));
iNatDs->AppendL(TNATDISAKMP::Ptr(payload));
break;
case IETF_RFC_NAT_DISCOVERY:
DEBUG_LOG(_L("[NAT-D]"));
iNatDs->AppendL(TNATDISAKMP::Ptr(payload));
break;
case IETF_NAT_ORIG_ADDR:
DEBUG_LOG(_L("[NAT-OA]"));
if ( !iNatOa ) // Only one NONCE payload (The first)
iNatOa = TNATOaISAKMP::Ptr(payload);
break;
case IETF_RFC_NAT_ORIG_ADDR:
DEBUG_LOG(_L("[NAT-OA]"));
if ( !iNatOa ) // Only one NONCE payload (The first)
iNatOa = TNATOaISAKMP::Ptr(payload);
break;
//
// Unknown payloads are queued into iGenPlds array
//
default:
DEBUG_LOG1(_L("[PL TYPE (%d)]"),ptype);
iGenPlds->AppendL(payload);
break;
}
iPadding -= payload->GetLength();
ptype = payload->GetPayload();
payload = payload->Next();
}
return Status;
}
