|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE task |
|
11 PUBLIC "-//OASIS//DTD DITA Task//EN" "task.dtd"> |
|
12 <task id="GUID-60141F31-6061-5C65-809D-FE7A4F8414F7" xml:lang="en"><title>Setting |
|
13 Management Policies</title><shortdesc>A management policy signifies the security check required to perform |
|
14 management operations on the key. The management policy associated with the |
|
15 key is of type <apiname>TSecurityPolicy</apiname>. The policy can be set to |
|
16 check capabilities or the Vendor ID associated with the calling process. The |
|
17 calling process should have a <codeph>WriteUserData</codeph> capability. </shortdesc><prolog><metadata><keywords/></metadata></prolog><taskbody> |
|
18 <context><p>The following steps explain the process of setting |
|
19 a management policy for a key:</p></context> |
|
20 <steps id="GUID-2D99C179-7CBA-54C4-9111-1F57B3E26C95"> |
|
21 <step id="GUID-458FDF48-670D-56B0-9220-E70FA3EB425C"><cmd>Create a file system |
|
22 session using an <codeph>RFs</codeph> object. </cmd> |
|
23 </step> |
|
24 <step id="GUID-1A8A68D1-9928-57A2-B5B7-75CF911DA4CA"><cmd/> |
|
25 <info>Create an object of type CUnifiedKeyStore using <xref href="GUID-818689D6-EB99-382E-A435-D9C6C5D464DE.dita#GUID-818689D6-EB99-382E-A435-D9C6C5D464DE/GUID-C7A96153-4179-3B3F-878D-1EAA64A98D39"><apiname>CUnifiedKeyStore::NewL()</apiname></xref> or <xref href="GUID-818689D6-EB99-382E-A435-D9C6C5D464DE.dita#GUID-818689D6-EB99-382E-A435-D9C6C5D464DE/GUID-217FBB3B-CEF5-36F2-A612-EDDA0982053C"><apiname>CUnifiedKeyStore::NewLC()</apiname></xref>. </info> |
|
26 </step> |
|
27 <step id="GUID-AF7853D6-1288-55E5-8DC3-7F3862DB70B7"><cmd/> |
|
28 <info>Initialise the member functions and keystore using the asynchronous |
|
29 function <xref href="GUID-818689D6-EB99-382E-A435-D9C6C5D464DE.dita#GUID-818689D6-EB99-382E-A435-D9C6C5D464DE/GUID-6C5D732C-1FD1-3EF0-AC90-87690F891B8D"><apiname>CUnifiedKeyStore::Initialize()</apiname></xref>. </info> |
|
30 </step> |
|
31 <step id="GUID-62AEB118-FA57-56CF-8C0D-241D1DDD2B30"><cmd/> |
|
32 <info>List all keys in the keystore using the <xref href="GUID-818689D6-EB99-382E-A435-D9C6C5D464DE.dita#GUID-818689D6-EB99-382E-A435-D9C6C5D464DE/GUID-8B22E1BC-D779-32DC-9C0A-CA37E4C0A81B"><apiname>CUnifiedKeyStore::List()</apiname></xref> function. |
|
33 Retrieve the handle of the key for which the management policy needs to be |
|
34 set. </info> |
|
35 </step> |
|
36 <step id="GUID-677C109A-AFB9-585C-8949-E1F1E046CF24"><cmd/> |
|
37 <info>Set the management policy for the key using the <xref href="GUID-818689D6-EB99-382E-A435-D9C6C5D464DE.dita#GUID-818689D6-EB99-382E-A435-D9C6C5D464DE/GUID-E5962EE8-9B11-3051-AD85-0F7301E18855"><apiname>CUnifiedKeyStore::SetManagementPolicy()</apiname></xref> function. </info> |
|
38 </step> |
|
39 </steps> |
|
40 <result><p>Management policy is set for the selected key. </p> </result> |
|
41 <example><title>Example</title> <p>The following code snippet shows how to |
|
42 set management policy for a key. </p> <codeblock id="GUID-A8AC1E30-C540-55A9-B12D-C2A46DC8F34A" xml:space="preserve">//Create a file system session object |
|
43 RFs iFs; |
|
44 CleanupClosePushL(&iFs); |
|
45 |
|
46 |
|
47 ... |
|
48 |
|
49 |
|
50 // Initialise the keystore and member functions |
|
51 CUnifiedKeyStore* keyStore = CUnifiedKeyStore::NewL(fs); |
|
52 keyStore->Initialize(iStatus); //iStatus is a TRequestStatus object |
|
53 |
|
54 |
|
55 ... |
|
56 |
|
57 |
|
58 |
|
59 // Retrieve the handle of the key for which management policy has to be set |
|
60 TCTKeyAttributeFilter filter.iUsage = EPKCS15UsageAll; |
|
61 RPointerArray<CCTKeyInfo> iKeys; // This variable will contain the result of the set management policy operation |
|
62 keyStore->List(iKeys, filter, iStatus); |
|
63 |
|
64 |
|
65 ... |
|
66 |
|
67 |
|
68 |
|
69 // Retrieve the key handle of the appropriate key |
|
70 _LIT(KLabel,”keylabel”); |
|
71 |
|
72 // Select the key with the label you are looking for |
|
73 TInt keyIndex; |
|
74 for (TInt j = 0; j < iKeys.Count(); j++) |
|
75 { |
|
76 if (iKeys[j]->Label() == KLabel) |
|
77 { |
|
78 keyIndex = j; |
|
79 break; |
|
80 } |
|
81 } |
|
82 |
|
83 |
|
84 ... |
|
85 |
|
86 |
|
87 |
|
88 // Set the management policy |
|
89 |
|
90 TSecurityPolicy managementPolicy; |
|
91 TUint vendorId = 0x70000007; |
|
92 TCapability caps[3]; |
|
93 caps[0] = ECapabilityWriteUserData; |
|
94 caps[1] = ECapabilityDRM; |
|
95 caps[2] = ECapabilityReadUserData; |
|
96 |
|
97 managementPolicy = TSecurityPolicy(TSecureId(secureId), caps[0], caps[1], caps[2]); |
|
98 keyStore->SetManagementPolicy(*iKeys, managementPolicy, iStatus); |
|
99 |
|
100 |
|
101 //Clean up |
|
102 CleanupStack::PopAndDestroy(); // iFs</codeblock> </example> |
|
103 </taskbody><related-links> |
|
104 <link href="GUID-EFF8D1A1-00D5-5F96-8285-414DC0044AB8.dita"><linktext>Setting Use |
|
105 Policies</linktext></link> |
|
106 </related-links></task> |