Password Based Encryption (PBE) example code

This example covers:

This example code is for reference only - it would be better to use:

Encrypting data with a password and writing it to a file


void CPBEExample::WriteEncryptedDataL(const TDesC8& aInput, const TDesC& aFilename, const TDesC& aPassword)
         {
         // Open a stream to the output file
         RFileWriteStream writeStream;
         User::LeaveIfError(writeStream.Replace(iFs, aFilename, EFileShareExclusive | EFileWrite));
         CleanupClosePushL(writeStream);

         // Create a CPBEncryptElement object, passing details of the encryption we
         // are using and the user's password
         CPBEncryptElement* encryption = CPBEncryptElement::NewLC(aPassword, ECipherDES_CBC);

         // This is used to create a CPBEncryptor object
         CPBEncryptor* encryptor = encryption->NewEncryptLC();

         // Create a buffer of appropriate size to hold the ciphertext
         HBufC8* ciphertextTemp = HBufC8::NewLC(encryptor->MaxFinalOutputLength(aInput.Length()));
         TPtr8 ciphertext = ciphertextTemp->Des();         

         // Encrypt the input data into the ciphertext buffer
         encryptor->ProcessFinalL(aInput, ciphertext);

         // Store encryption data.  This contains details of the encryption used (e.g.,
         // cipher, key size) as well as things like the salt.  This must be stored
         // along with the encrypted data, otherwise it is not possible to decrypt it
         // again!
         writeStream << encryption->EncryptionData();

         // Store the ciphertext
         writeStream << ciphertext;

         // Commit the stream
         writeStream.CommitL();

         // Free memory (writeStream, encryption, encryptor, ciphertextTemp)
         CleanupStack::PopAndDestroy(4, &writeStream);
         }
            

Reading data from a file and decrypting it


HBufC8* CPBEExample::ReadEncryptedDataLC(const TDesC& aFilename, const TDesC& aPassword)
         {
         // Open a stream to the input file
         RFileReadStream readStream;
         User::LeaveIfError(readStream.Open(iFs, aFilename, EFileRead));
         CleanupClosePushL(readStream);

         // Read the encryption data from the file
         CPBEncryptionData* encryptionData = CPBEncryptionData::NewLC(readStream);
         
         // Recreate the CPBEncryptElement object, using the encryption data from the
         // file and the user's password.  This will leave with KErrBadPassphrase if
         // the password is wrong.
         CPBEncryptElement* encryption = CPBEncryptElement::NewLC(*encryptionData, aPassword);

         // This is used to create a CPBDecryptor object
         CPBDecryptor* decryptor = encryption->NewDecryptLC();
         
         // Read the ciphertext
         HBufC8* ciphertext = HBufC8::NewLC(readStream, KMaxTInt);

         // Allocate a buffer for the plaintext (this will be returned to the caller)
         HBufC8* plaintextBuf = HBufC8::NewLC(decryptor->MaxFinalOutputLength(ciphertext->Length()));
         TPtr8 plaintext = plaintextBuf->Des();

         // Decrypt the data
         decryptor->ProcessFinalL(*ciphertext, plaintext);

         // Free memory (readStream, encryptionData, encryption, decryptor, ciphertext, plaintext)
         CleanupStack::Pop(plaintextBuf); // don't free this
         CleanupStack::PopAndDestroy(5, &readStream);
         CleanupStack::PushL(plaintextBuf);

         // Return plaintext to the caller
         return plaintextBuf;
         }