The unified keystore allows you to search all keys on a device regardless of which keystore they are in.
|The key identifier||Used when searching for a particular key.|
|The key usage||Used when searching for a key usage, for example encryption.|
|The key owner UID||
Used when searching for a key owner.
Applications must use this to prevent them seeing insecure keys that might have been added by a malicious application.
|The key algorithm||Used when searching for a particular key algorithm, for example RSA.|
The following steps explain the process of finding keys in a keystore:
Keys are listed based on the specified filter criteria.
The following code snippet shows how to set a file system session object, initialize the keystore and its member functions, specify filter criteria for the types of keys to be listed, and then list the specific set of keys.
//Create a file system session object RFs iFs; CleanupClosePushL(&iFs); //Initialise the keystore and member functions CUnifiedKeyStore* keyStore = CUnifiedKeyStore::NewL(iFs); keyStore->Initialize(iStatus); //iStatus is a TRequestStatus object //Specify the filter criteria RPointerArray<CCTKeyInfo> iKeys; // This variable will contain the keys found TCTKeyAttributeFilter filter; filter.iOwner = KApplicationUID; // The UID of the key owner application filter.iUsage = EPKCS15UsageSign; filter.iKeyAlgorithm = CCTKeyInfo::EDSA; //List keys based on specified filter criteria iKeyStore->List(iKeys, filter, iStatus); //Clean up CleanupStack::PopAndDestroy(); // iFs
Copyright ©2010 Nokia Corporation and/or its subsidiary(-ies).
All rights reserved. Unless otherwise stated, these materials are provided under the terms of the Eclipse Public License v1.0.