Performing -Cryptographic Operations with Keys

diff -r 48780e181b38 -r 578be2adaf3e Symbian3/PDK/Source/GUID-F446E658-B717-5257-9C5C-442B07B19565.dita --- a/Symbian3/PDK/Source/GUID-F446E658-B717-5257-9C5C-442B07B19565.dita Tue Jul 20 12:00:49 2010 +0100 +++ b/Symbian3/PDK/Source/GUID-F446E658-B717-5257-9C5C-442B07B19565.dita Fri Aug 13 16:47:46 2010 +0100 @@ -1,140 +1,140 @@ - - - - - - Performing -Cryptographic Operations with Keys

You can use various types of algorithms (for example RSA sign, -DSA sign, Decrypt, DH key agreement, and so on) to perform cryptographic operations -with keys in the unified keystore. This section provides information on the -signing process.

The following steps explain the process of signing -keys by considering the example of an RSA signing operation:

- - -Create an object of type CUnifiedKeyStore using CUnifiedKeyStore::NewL() or CUnifiedKeyStore::NewLC(). - - -Initialise the member functions and keystore using the asynchronous -function CUnifiedKeyStore::Initialize(). - - -List all the keys in the keystore and then retrieve the key to be signed -based on filter criteria. - -Invoke the MKeyStore::Open() function -for opening the key. This also enables the creation of an object capable of -performing the required signing operation. In the case of an RSA signing process, -the key is opened to create a MRSASigner object. - Note: The following table lists the objects created for different cryptographic -operations: - - - - -

Operation

Object

- - -

DSA Sign

MDSASigner

- - -

Decrypt

MCTDecryptor

- - -

DH Key Agreement

MCTDH

- - - -

- - -Use MCTSigner::SignMessage() or MCTSigner::Sign() to -perform the signing operation. - - -

The CRSASignature object contains the value of -the signing operation.

The following code snippet shows RSA signing operation:

- -//Create a file system session object -RFs iFs; -CleanupClosePushL(&iFs); - - -//Initialise the keystore and member functions -CUnifiedKeyStore* keyStore = CUnifiedKeyStore::NewL(fs); -keyStore->Initialize(iStatus); //iStatus is a TRequestStatus object - - -... - - - -// Create a filter to retrieve all keys from the store -TCTKeyAttributeFilter filter; -filter.iPolicyFilter = TCTKeyAttributeFilter:EAllKeys; - - - -// Retrieve a list of all the keys from the key store -RPointerArray<CCTKeyInfo> iKeys; // This variable will contain the key to be signed -iKeyStore->List(iKeys,filter,iStatus); - - -... - - -// Retrieve the key based on the label you are looking for -_LIT(Klabel,”keylabel”); -TInt keyCount = iKeys.Count(); -for (i = 0; i < keyCount; i++) -{ - CCTKeyInfo* keyInfo = iKeys[i]; - if (keyInfo->Label() == Klabel) - { - // Create a signer object for the key - MRSASigner* iRSASigner - // The signer object will be returned after the key has been opened for signing - keyStore->Open(*keyInfo, iRSASigner, iStatus); - break; - } -} - - - -// Perform the signing operation - -// Define the data for signing - -HBufC* dataToSign; -dataToSign = HBufC::NewL(20); -_LIT(KTxtSign,"Data to be signed"); -*dataToSign = KTxtSign; - - -CRSASignature* iRSASignature; -// iRSASignature will contain the result after the completion -// of the following request - -iRSASigner->SignMessage(*dataToSign, iRSASignature, iStatus); - - -... - - -// Retrieve the RSA signature value through the CRSASignature object -TInt signature = iRSASignature->S(); - -

-Unified Keystore - + + + + + + Performing +Cryptographic Operations with Keys

You can use various types of algorithms (for example RSA sign, +DSA sign, Decrypt, DH key agreement, and so on) to perform cryptographic operations +with keys in the unified keystore. This section provides information on the +signing process.

The following steps explain the process of signing +keys by considering the example of an RSA signing operation:

+ + +Create an object of type CUnifiedKeyStore using CUnifiedKeyStore::NewL() or CUnifiedKeyStore::NewLC(). + + +Initialise the member functions and keystore using the asynchronous +function CUnifiedKeyStore::Initialize(). + + +List all the keys in the keystore and then retrieve the key to be signed +based on filter criteria. + +Invoke the MKeyStore::Open() function +for opening the key. This also enables the creation of an object capable of +performing the required signing operation. In the case of an RSA signing process, +the key is opened to create a MRSASigner object. + Note: The following table lists the objects created for different cryptographic +operations: + + + + +

Operation

Object

+ + +

DSA Sign

MDSASigner

+ + +

Decrypt

MCTDecryptor

+ + +

DH Key Agreement

MCTDH

+ + + +

+ + +Use MCTSigner::SignMessage() or MCTSigner::Sign() to +perform the signing operation. + + +

The CRSASignature object contains the value of +the signing operation.

The following code snippet shows RSA signing operation:

+ +//Create a file system session object +RFs iFs; +CleanupClosePushL(&iFs); + + +//Initialise the keystore and member functions +CUnifiedKeyStore* keyStore = CUnifiedKeyStore::NewL(fs); +keyStore->Initialize(iStatus); //iStatus is a TRequestStatus object + + +... + + + +// Create a filter to retrieve all keys from the store +TCTKeyAttributeFilter filter; +filter.iPolicyFilter = TCTKeyAttributeFilter:EAllKeys; + + + +// Retrieve a list of all the keys from the key store +RPointerArray<CCTKeyInfo> iKeys; // This variable will contain the key to be signed +iKeyStore->List(iKeys,filter,iStatus); + + +... + + +// Retrieve the key based on the label you are looking for +_LIT(Klabel,”keylabel”); +TInt keyCount = iKeys.Count(); +for (i = 0; i < keyCount; i++) +{ + CCTKeyInfo* keyInfo = iKeys[i]; + if (keyInfo->Label() == Klabel) + { + // Create a signer object for the key + MRSASigner* iRSASigner + // The signer object will be returned after the key has been opened for signing + keyStore->Open(*keyInfo, iRSASigner, iStatus); + break; + } +} + + + +// Perform the signing operation + +// Define the data for signing + +HBufC* dataToSign; +dataToSign = HBufC::NewL(20); +_LIT(KTxtSign,"Data to be signed"); +*dataToSign = KTxtSign; + + +CRSASignature* iRSASignature; +// iRSASignature will contain the result after the completion +// of the following request + +iRSASigner->SignMessage(*dataToSign, iRSASignature, iStatus); + + +... + + +// Retrieve the RSA signature value through the CRSASignature object +TInt signature = iRSASignature->S(); + +

+Unified Keystore +

\ No newline at end of file