|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE concept |
|
11 PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd"> |
|
12 <concept xml:lang="en" id="GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636"><title>Secure store encryption example code</title><prolog><metadata><keywords/></metadata></prolog><conbody><p>This example covers: </p> <ul><li id="GUID-C08CC80E-FDF5-54FB-A289-2D1C4B4AD982"><p> <xref href="GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636.dita#GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636/GUID-3CE75F7F-B812-5010-99E6-50416C207B41">Creating and opening a new secure store protected by the supplied password</xref> </p> </li> <li id="GUID-67FA0BEE-6BC5-5F49-9CD8-9B81CD25894C"><p> <xref href="GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636.dita#GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636/GUID-58FD2C9E-80E8-5F88-AF83-DC0022FE92E7">Opening an existing secure store</xref> </p> </li> <li id="GUID-F3D2DF1D-A547-594C-BCB8-8BADD69D980D"><p> <xref href="GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636.dita#GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636/GUID-6C8BF1E2-E824-539D-A57F-DED436C24C88">Writing some data to a new stream in the currently opened store, and returning the ID of the stream</xref> </p> </li> <li id="GUID-1B9A3CB6-6ADB-508F-8563-03E17BD7BB02"><p> <xref href="GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636.dita#GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636/GUID-A6AF8D9B-6A03-5CA4-BC0E-0296FBC10EDD">Reading the data in a given stream from the currently opened store</xref> </p> </li> <li id="GUID-51A035CA-16CD-5547-828A-049E3FD20D5B"><p> <xref href="GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636.dita#GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636/GUID-2C2E3C02-8F9D-5FA6-8ACA-1CDBA8EA11A9">Closing the currently opened store</xref> </p> </li> <li id="GUID-1E71B260-5C38-51C7-B535-4A3C6EE210AF"><p> <xref href="GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636.dita#GUID-36BCDD1F-3713-5DF0-8D8A-CF093694B636/GUID-4ABE3513-0B3D-5F17-8F1B-CDA12C5DE370">Changing the password for the currently opened store.</xref> </p> </li> </ul> <p>Also, see: </p> <ul><li id="GUID-96A01360-DFA8-5FC3-97CD-6B2013756CBC"><p> <xref href="GUID-3385079E-84F4-534F-B937-BD3A568D71BC.dita">PBE example code</xref> </p> </li> <li id="GUID-2E08A91C-C02C-5DF6-8051-7209E48FDA02"><p> <xref href="GUID-598B6698-3518-50CA-98DE-D85CB255BA2D.dita">Secure stream example code</xref> </p> </li> </ul> <section id="GUID-3CE75F7F-B812-5010-99E6-50416C207B41"><title>Creating and opening a new secure store protected by the supplied password</title> <ul><li id="GUID-913C5F07-E786-546A-90F6-D26019A52C96"><p> <xref href="GUID-7D53E323-CF8D-5C4D-ABCD-4D95C7A4A5B5.dita">Supporting code for this example</xref> </p> </li> </ul> <codeblock id="GUID-0BBC7516-B37F-5A01-9853-DFD7B490C931" xml:space="preserve"> |
|
13 void CSecureStoreExample::CreateNewStoreL(const TDesC& aPassword) |
|
14 { |
|
15 // Check store is not already open |
|
16 ASSERT(!iEncryptSet && !iSecureStore && !iFileStore); |
|
17 |
|
18 // Create a standard file store |
|
19 iFileStore = CPermanentFileStore::ReplaceL(iFs, iFilename, EFileRead | EFileWrite | EFileShareExclusive); |
|
20 iFileStore->SetTypeL(KPermanentFileStoreLayoutUid); |
|
21 |
|
22 // Create a CPBEncryptSet object (because a store is comprised of multiple |
|
23 // independent objects) |
|
24 TPBPassword password(aPassword); |
|
25 iEncryptSet = CPBEncryptSet::NewL(password, ECipherDES_CBC); |
|
26 |
|
27 // Write encryption data and encrypted master key to the root stream of the |
|
28 // store. We need to store both of these pieces of information to be able |
|
29 // to access the secure store at a later time. |
|
30 RStoreWriteStream writeStream; |
|
31 TStreamId rootId = writeStream.CreateLC(*iFileStore); |
|
32 writeStream << iEncryptSet->EncryptionData(); |
|
33 writeStream << iEncryptSet->EncryptedMasterKey(); |
|
34 writeStream.CommitL(); |
|
35 CleanupStack::PopAndDestroy(&writeStream); |
|
36 iFileStore->SetRootL(rootId); |
|
37 iFileStore->CommitL(); |
|
38 |
|
39 // Create the secure store - this wraps the file store providing transparent |
|
40 // encryption/decryption of streams. |
|
41 iSecureStore = CSecureStore::NewL(*iFileStore, *iEncryptSet); |
|
42 } |
|
43 </codeblock> </section> <section id="GUID-58FD2C9E-80E8-5F88-AF83-DC0022FE92E7"><title>Opening an existing secure store</title> <ul><li id="GUID-9B07EB34-D2C1-53FF-8338-3F18A235ADC5"><p> <xref href="GUID-7D53E323-CF8D-5C4D-ABCD-4D95C7A4A5B5.dita">Supporting code for this example</xref> </p> </li> </ul> <codeblock id="GUID-6EDC3451-A2DF-537F-BF71-1A4925462790" xml:space="preserve"> |
|
44 // Leaves with KErrBadPassphrase if the password is |
|
45 // not the same as the one used when creating the store. |
|
46 void CSecureStoreExample::OpenExistingStoreL(const TDesC& aPassword) |
|
47 { |
|
48 // Check store is not already open |
|
49 ASSERT(!iEncryptSet && !iSecureStore && !iFileStore); |
|
50 |
|
51 // Open a standard file store |
|
52 iFileStore = CPermanentFileStore::OpenL(iFs, iFilename, EFileRead | EFileWrite | EFileShareExclusive); |
|
53 |
|
54 // Read the encryption data and encrypted master key from the root stream |
|
55 TStreamId rootId = iFileStore->Root(); |
|
56 RStoreReadStream readStream; |
|
57 readStream.OpenLC(*iFileStore, rootId); |
|
58 CPBEncryptionData* encryptionData = CPBEncryptionData::NewLC(readStream); |
|
59 HBufC8* encryptedMasterKey = HBufC8::NewLC(readStream, KMaxTInt); |
|
60 |
|
61 // Use these to recreate the CPBEncryptSet object (this leaves if |
|
62 // aPassword is wrong) |
|
63 iEncryptSet = CPBEncryptSet::NewL(*encryptionData, *encryptedMasterKey, aPassword); |
|
64 |
|
65 // Create the secure store |
|
66 iSecureStore = CSecureStore::NewL(*iFileStore, *iEncryptSet); |
|
67 |
|
68 // Free memory |
|
69 CleanupStack::PopAndDestroy(3, &readStream); |
|
70 } |
|
71 </codeblock> </section> <section id="GUID-6C8BF1E2-E824-539D-A57F-DED436C24C88"><title>Writing some data to a new stream in the currently opened store, and returning the ID of the stream</title> <ul><li id="GUID-1FF9BA5F-296F-5AF7-9737-A95B9059061E"><p> <xref href="GUID-7D53E323-CF8D-5C4D-ABCD-4D95C7A4A5B5.dita">Supporting code for this example</xref> </p> </li> </ul> <codeblock id="GUID-F8539B5E-197A-5FAF-B908-4EAD26BA2A6A" xml:space="preserve"> |
|
72 TStreamId CSecureStoreExample::WriteEncryptedDataL(const TDesC8& aInput) |
|
73 { |
|
74 // Check store is open |
|
75 ASSERT(iEncryptSet && iSecureStore && iFileStore); |
|
76 |
|
77 // Create a new stream in the store |
|
78 RStoreWriteStream writeStream; |
|
79 TStreamId newStreamId = writeStream.CreateLC(*iSecureStore); |
|
80 |
|
81 // Write data - this is automatically encrypted |
|
82 writeStream << aInput; |
|
83 writeStream.CommitL(); |
|
84 iSecureStore->CommitL(); |
|
85 |
|
86 CleanupStack::PopAndDestroy(&writeStream); |
|
87 return newStreamId; |
|
88 } |
|
89 </codeblock> </section> <section id="GUID-A6AF8D9B-6A03-5CA4-BC0E-0296FBC10EDD"><title>Reading the data in a given stream from the currently opened store</title> <ul><li id="GUID-8F696865-A038-5649-ACCF-030A482C5C3A"><p> <xref href="GUID-7D53E323-CF8D-5C4D-ABCD-4D95C7A4A5B5.dita">Supporting code for this example</xref> </p> </li> </ul> <codeblock id="GUID-DC1CABBD-2D1A-5A94-B28E-73C9F94A579E" xml:space="preserve"> |
|
90 HBufC8* CSecureStoreExample::ReadEncryptedDataLC(TStreamId aStreamId) |
|
91 { |
|
92 // Check store is open |
|
93 ASSERT(iEncryptSet && iSecureStore && iFileStore); |
|
94 |
|
95 // Open an existing stream in the store |
|
96 RStoreReadStream readStream; |
|
97 readStream.OpenLC(*iSecureStore, aStreamId); |
|
98 |
|
99 // Read data - this is automatically decrypted |
|
100 HBufC8* output = HBufC8::NewL(readStream, KMaxTInt); |
|
101 |
|
102 CleanupStack::PopAndDestroy(&readStream); |
|
103 CleanupStack::PushL(output); |
|
104 return output; |
|
105 } |
|
106 </codeblock> </section> <section id="GUID-2C2E3C02-8F9D-5FA6-8ACA-1CDBA8EA11A9"><title>Closing the currently opened store</title> <ul><li id="GUID-6C2360BE-435D-5350-8149-AAF679A441D7"><p> <xref href="GUID-7D53E323-CF8D-5C4D-ABCD-4D95C7A4A5B5.dita">Supporting code for this example</xref> </p> </li> </ul> <codeblock id="GUID-253A7771-4030-5393-83B9-10D4538A0CC6" xml:space="preserve"> |
|
107 void CSecureStoreExample::CloseStore() |
|
108 { |
|
109 delete iSecureStore; |
|
110 iSecureStore = NULL; |
|
111 delete iEncryptSet; |
|
112 iEncryptSet = NULL; |
|
113 delete iFileStore; |
|
114 iFileStore = NULL; |
|
115 } |
|
116 </codeblock> </section> <section id="GUID-4ABE3513-0B3D-5F17-8F1B-CDA12C5DE370"><title>Changing the password for the currently opened store</title> <ul><li id="GUID-DFBC3396-7564-5647-8B6C-525F46FA6512"><p> <xref href="GUID-7D53E323-CF8D-5C4D-ABCD-4D95C7A4A5B5.dita">Supporting code for this example</xref> </p> </li> </ul> <codeblock id="GUID-D7A38D85-EAC1-579F-8ECB-F7420A21E519" xml:space="preserve"> |
|
117 void CSecureStoreExample::ChangePasswordL(const TDesC& aNewPassword) |
|
118 { |
|
119 // Check store is open |
|
120 ASSERT(iEncryptSet && iSecureStore && iFileStore); |
|
121 |
|
122 // Change password on encrypt set object |
|
123 iEncryptSet->ChangePasswordL(aNewPassword); |
|
124 |
|
125 // Must now rewrite data in root stream |
|
126 TStreamId rootId = iFileStore->Root(); |
|
127 RStoreWriteStream writeStream; |
|
128 writeStream.ReplaceLC(*iFileStore, rootId); |
|
129 writeStream << iEncryptSet->EncryptionData(); |
|
130 writeStream << iEncryptSet->EncryptedMasterKey(); |
|
131 writeStream.CommitL(); |
|
132 iFileStore->CommitL(); |
|
133 |
|
134 CleanupStack::PopAndDestroy(&writeStream); |
|
135 } |
|
136 </codeblock> </section> </conbody></concept> |