MKeyStore Class Reference

class MKeyStore

Defines the interface for a read-only key store.

This prvides the API for the client to query the keys and open objects allowing crypto operations to be performed.

This documentation describes the security policy that must be enforced by implementations of the interface.

Member Functions Documentation

CancelExportPublic()

void CancelExportPublic ( ) [pure virtual]

Cancels an ongoing ExportPublic() operation

CancelGetKeyInfo()

void CancelGetKeyInfo ( ) [pure virtual]

Cancel an ongoing GetKeyInfo() operation

CancelList()

void CancelList ( ) [pure virtual]

Cancel an ongoing List() operation

CancelOpen()

void CancelOpen ( ) [pure virtual]

Cancels an ongoing Open() operation

ExportPublic(const TCTTokenObjectHandle &, HBufC8 *&, TRequestStatus &)

void ExportPublic ( const TCTTokenObjectHandle & aHandle,
HBufC8 *& aPublicKey,
TRequestStatus & aStatus
) [pure virtual]

Exporting keys Get the public half of a key pair.

The key is returned in DER-encoded ASN-1. The format is that of the X509 SubjectPublicKeyInfo type.

For RSA keys, the format is:
         SEQUENCE-OF
     SEQUENCE-OF
         OID of the encryption algorithm (KRSA)
         NULL
     BIT STRING encoded public key.
        
For DSA keys, the format is:
         SEQUENCE-OF
     SEQUENCE-OF
         OID dsa (1.2.840.10040.4.1)
         SEQUENCE-OF
             INTEGER p
             INTEGER q
             INTEGER g
     BIT STRING
         INTEGER public value (y)
        
capability
Dependent Requires the caller to have any capabilities specified in the key use security policy.
leave
KErrPermissionDenied If the caller does not conform to the key use security policy.
leave
KErrNotFound If the key the handle referes to does not exist.
leave
KErrKeyAlgorithm If the key is not an RSA or DSA key.

Parameters

const TCTTokenObjectHandle & aHandle The handle of the key.
HBufC8 *& aPublicKey A pointer to a buffer. This will be set to a newly created buffer containing the exported key data. The caller is responsible for deleting the buffer.
TRequestStatus & aStatus

GetKeyInfo(TCTTokenObjectHandle, CCTKeyInfo *&, TRequestStatus &)

void GetKeyInfo ( TCTTokenObjectHandle aHandle,
CCTKeyInfo *& aInfo,
TRequestStatus & aStatus
) [pure virtual]

Getting a key given a TCTTokenObjectHandle Retrieves a key given its handle.

capability
Dependent Requires the caller to have any capabilities specified in the key use security policy.
leave
KErrPermissionDenied If the caller does not conform to the key use security policy.
leave
KErrNotFound If the key the handle referes to does not exist.

Parameters

TCTTokenObjectHandle aHandle The handle of the required key
CCTKeyInfo *& aInfo The returned key info
TRequestStatus & aStatus Async request notification

List(RMPointerArray< CCTKeyInfo > &, const TCTKeyAttributeFilter &, TRequestStatus &)

void List ( RMPointerArray < CCTKeyInfo > & aKeys,
const TCTKeyAttributeFilter & aFilter,
TRequestStatus & aStatus
) [pure virtual]

Listing keys List all the keys in the store that match the filter.

capability
ReadUserData requires the caller to have ReadUserData capability
leave
KErrPermissionDenied if the caller does not have ReadUserData capability

Parameters

RMPointerArray < CCTKeyInfo > & aKeys An array to which the returned keys are appended
const TCTKeyAttributeFilter & aFilter a filter controlling which keys are returned
TRequestStatus & aStatus This will be completed with the final status code

Open(const TCTTokenObjectHandle &, MRSASigner *&, TRequestStatus &)

void Open ( const TCTTokenObjectHandle & aHandle,
MRSASigner *& aSigner,
TRequestStatus & aStatus
) [pure virtual]

Opening keys Open an RSA key for signing

capability
Dependent Requires the caller to have any capabilities specified in the key use security policy.
leave
KErrPermissionDenied If the caller does not conform to the key use security policy.
leave
KErrNotFound If the key the handle referes to does not exist.
leave
KErrKeyAlgorithm If the key is not an RSA key.
leave
KErrKeyUsage If the key doesn't have sign usage.
leave
KErrKeyValidity If the key is not currently valid.

Parameters

const TCTTokenObjectHandle & aHandle The handle of the key to be opened. This must be the handle of an RSA key on this store that is usable for signing by this process or the operation will fail.
MRSASigner *& aSigner The returned signer object.
TRequestStatus & aStatus Asynchronous request notification.

Open(const TCTTokenObjectHandle &, MDSASigner *&, TRequestStatus &)

void Open ( const TCTTokenObjectHandle & aHandle,
MDSASigner *& aSigner,
TRequestStatus & aStatus
) [pure virtual]

Open a DSA key for signing

capability
Dependent Requires the caller to have any capabilities specified in the key use security policy.
leave
KErrPermissionDenied If the caller does not conform to the key use security policy.
leave
KErrNotFound If the key the handle referes to does not exist.
leave
KErrKeyAlgorithm If the key is not a DSA key.
leave
KErrKeyUsage If the key doesn't have sign usage.
leave
KErrKeyValidity If the key is not currently valid.

Parameters

const TCTTokenObjectHandle & aHandle The handle of the key to be opened. This must be the handle of a DSA key on this store that is usable by this process for signing or the operation will fail.
MDSASigner *& aSigner The returned signer object
TRequestStatus & aStatus Asynchronous request notification.

Open(const TCTTokenObjectHandle &, MCTDecryptor *&, TRequestStatus &)

void Open ( const TCTTokenObjectHandle & aHandle,
MCTDecryptor *& aDecryptor,
TRequestStatus & aStatus
) [pure virtual]

Open a RSA key for private decryption

capability
Dependent Requires the caller to have any capabilities specified in the key use security policy.
leave
KErrPermissionDenied If the caller does not conform to the key use security policy.
leave
KErrNotFound If the key the handle referes to does not exist.
leave
KErrKeyAlgorithm If the key is not an RSA key.
leave
KErrKeyUsage If the key doesn't have decrypt usage.
leave
KErrKeyValidity If the key is not currently valid.

Parameters

const TCTTokenObjectHandle & aHandle The handle of the key to be opened. This must be the handle of a RSA key on this store that is usable by this process for decryption or the operation will fail.
MCTDecryptor *& aDecryptor The returned decryptor object
TRequestStatus & aStatus Asynchronous request notification.

Open(const TCTTokenObjectHandle &, MCTDH *&, TRequestStatus &)

void Open ( const TCTTokenObjectHandle & aHandle,
MCTDH *& aDH,
TRequestStatus & aStatus
) [pure virtual]

Open a DH key for key agreement

capability
Dependent Requires the caller to have any capabilities specified in the key use security policy.
leave
KErrPermissionDenied If the caller does not conform to the key use security policy.
leave
KErrNotFound If the key the handle referes to does not exist.
leave
KErrKeyAlgorithm If the key is not a DH key.
leave
KErrKeyUsage If the key doesn't have derive usage.
leave
KErrKeyValidity If the key is not currently valid.

Parameters

const TCTTokenObjectHandle & aHandle The handle of the key to be opened. This must be the handle of a DH key on this store that is usable by this process for decryption or the operation will fail.
MCTDH *& aDH The returned agreement object
TRequestStatus & aStatus Asynchronous request notification.