Exporting a Private Key

This section explains the steps to export a private key from the keystore. Private keys can be exported in plain text and encrypted formats.

The following steps explain the process of exporting a private key:

  1. Create a file system session using an RFs object.

  2. Create an object of type CUnifiedKeyStore using CUnifiedKeyStore::NewL() or CUnifiedKeyStore::NewLC() .

  3. Initialise the member functions and keystore using the asynchronous function CUnifiedKeyStore::Initialize() .

  4. Use the CUnifiedKeyStore::List() function to list the keys of the keystore. Retrieve the handle of the private key to be exported.

  5. Invoke the CUnifiedKeyStore::ExportKey() function for exporting the private key in plain text format or the CUnifiedKeyStore::ExportEncryptedKey() function for exporting in encrypted format.

A private key is exported in plain text or encrypted format.


The following code snippet shows how to set a file system session object, list the keys in the keystore and then export the selected private key in plain text format.

       //Create a file system session object
RFs iFs;

//Initialise the keystore and member functions
CUnifiedKeyStore* keyStore = CUnifiedKeyStore::NewL(iFs);
keyStore->Initialize(iStatus); //iStatus is a TRequestStatus object

//List the keys of the keystore
RPointerArray<CCTKeyInfo> iKeys; //This variable will contain the result after the completion of the export operation
TCTKeyAttributeFilter  filter.iUsage = EPKCS15UsageAll;
keyStore->List(iKeys, filter, iStatus);


//Retrieve the handle of the private key to be exported
TInt keyIndex;

//Select the key
for (TInt j = 0; j < iKeys.Count(); j++)
    if (iKeys[j]->Label() == KLabel) 
         keyIndex = j;


//Export the key 
HBufC8* iKeyData = NULL;
TCTTokenObjectHandle aHandle = iKeys[keyIndex]->Handle();
keyStore->ExportKey(aHandle, iKeyData, iStatus);

//Clean up
CleanupStack::PopAndDestroy(); // iFs