// -----------------------------------------------------------------------------
// CSTSCredentialManager::GenerateCSRL
// Creates a DER encoded PKCS#10 certificate enrollment request.
// -----------------------------------------------------------------------------
//
TDesC8& CSTSCredentialManager::GenerateCSRL(
const TDesC& aNameInfo,
const TDesC& aAlgorithm,
TInt aKeyLen,
TInt aKeyUsage,
const TDesC* aSecurityElementID,
const TDesC* aSecurityElementPrompt)
{
TInt storeIndex = CheckKeyStoreSEIDL(aSecurityElementID,
aSecurityElementPrompt);
CKeyInfoBase::EKeyAlgorithm algorithm(CKeyInfoBase::EInvalidAlgorithm);
if (aAlgorithm.Compare(KSTSAlgorithmRsa()) == 0)
{
algorithm = CKeyInfoBase::ERSA;
}
else
{
CheckOIDL(aAlgorithm);
User::Leave(KSTSErrSeNoKeys);
}
TSTSDistinguishedNameConverter dnConverter;
CX500DistinguishedName* dName = dnConverter.CreateDNL(aNameInfo);
delete iDistinguishedName;
iDistinguishedName = dName;
HBufC* dispName = dName->DisplayNameL();
delete iDisplayName;
iDisplayName = dispName;
TKeyUsagePKCS15 keyUsage(EPKCS15UsageNone);
switch (aKeyUsage)
{
case KSTSKeyUsageAuthentication:
{
keyUsage = EPKCS15UsageSign;
break;
}
case KSTSKeyUsageNonRepudiation:
{
keyUsage = EPKCS15UsageNonRepudiation;
break;
}
default:
{
User::Leave(KErrKeyUsage);
}
}
// have to search for the key
TCTKeyAttributeFilter filter;
filter.iKeyAlgorithm = algorithm;
filter.iUsage = keyUsage;
RMPointerArray< CCTKeyInfo >* keyInfoArray =
new(ELeave) RMPointerArray< CCTKeyInfo >();
if (iKeyInfoArray)
{
iKeyInfoArray->Close();
delete iKeyInfoArray;
}
iKeyInfoArray = keyInfoArray;
iKeyLen = aKeyLen;
iState = ESearchingKey;
iKeyStore->KeyStore(storeIndex).List(
*iKeyInfoArray, filter, iStatus);
WaitForCompletionL();
return *iRequestEncoded;
}
int main(int argc,char *argv[])
{
struct pgpmainBones *mainbPtr = &_pgp_mainBones;
struct pgpargsBones *argsbPtr;
struct pgpfileBones *filebPtr;
struct pgpenvBones *envbPtr;
PGPContextRef mainContext;
int errorLvl = 0, status;
PGPError err = PGPsdkInit();
pgpAssertNoErr(err);
err = PGPsdkNetworkLibInit();
pgpAssertNoErr(err);
err = PGPNewContext( kPGPsdkAPIVersion, &mainContext );
pgpAssertNoErr(err);
err = pgpInitSDKPrefsDir( mainContext );
pgpAssertNoErr(err);
initMainBones( mainbPtr, mainContext );
signonMsg(mainbPtr);
/* link the context and initialize what used to be the global
variables. */
argsbPtr = mainbPtr->argsbPtr;
filebPtr = mainbPtr->filebPtr;
envbPtr = mainbPtr->envbPtr;
err = pgpParseArgs( mainbPtr, argc, argv, &errorLvl);
/* parse the arguments */
if(err != 0)
goto ex;
if (argsbPtr->keyFlag && argsbPtr->keyChar == '\0') {
keyUsage(filebPtr,&errorLvl);
goto ex;
}
if (argsbPtr->groupFlag && argsbPtr->groupChar == '\0') {
groupUsage(filebPtr,&errorLvl);
goto ex;
}
/*
* Write to stdout if explicitly asked to, or in filter mode and
* no explicit file name was given.
*/
mainbPtr->outputStdout = argsbPtr->outputFileName ?
strcmp(argsbPtr->outputFileName, "-") == 0 : envbPtr->filterMode;
#if 1
/* At request of Peter Simons, use stderr always. Sounds reasonable. */
/* JIS: Put this code back in... removing it broke too many things */
if (!mainbPtr->outputStdout)
filebPtr->pgpout = stdout;
#endif
#if defined(PGP_UNIX) || defined(VMS)
umask(077); /* Make files default to private */
#endif
initSignals(); /* Catch signals */
/* get our groups...*/
err = pgpInitializeWorkingGroupSet( mainbPtr );
if (argsbPtr->keyFlag) {
status = doKeyOpt( mainbPtr, argsbPtr->keyChar, &errorLvl );
if (status < 0) {
userError(filebPtr,&errorLvl);
goto ex;
}
errorLvl=status;
goto ex;
}
if(argsbPtr->groupFlag) {
status = doGroupOpt( mainbPtr, argsbPtr->groupChar, &errorLvl );
if( status < 0 ) {
userError(filebPtr,&errorLvl);
goto ex;
}
errorLvl=status;
goto ex;
}
err = pgpProcessArgs(mainbPtr, &errorLvl);
ex:
err = pgpFinalizeWorkingGroupSet( mainbPtr );
pgpTearDown( mainbPtr, &errorLvl );
exit(errorLvl);
/*NOTREACHED*/
return errorLvl;
}
