134 virtual void ExportPublic(const TCTTokenObjectHandle& aHandle, |
126 virtual void ExportPublic(const TCTTokenObjectHandle& aHandle, |
135 HBufC8*& aPublicKey, |
127 HBufC8*& aPublicKey, |
136 TRequestStatus& aStatus); |
128 TRequestStatus& aStatus); |
137 virtual void CancelExportPublic(); |
129 virtual void CancelExportPublic(); |
138 |
130 |
139 #ifdef SYMBIAN_ENABLE_SDP_WMDRM_SUPPORT |
|
140 virtual void Open(const TCTTokenObjectHandle& aHandle, |
|
141 CryptoSpi::CSigner*& aSigner, |
|
142 TRequestStatus& aStatus); |
|
143 virtual void Open(const TCTTokenObjectHandle& aHandle, |
|
144 CryptoSpi::CAsymmetricCipher*& asymmetricCipherObj, |
|
145 TRequestStatus& aStatus); |
|
146 virtual void Decrypt(const TCTTokenObjectHandle& aHandle, |
|
147 const TDesC8& aCiphertext, |
|
148 HBufC8*& aPlaintextPtr, |
|
149 TRequestStatus& aStatus); |
|
150 virtual void Sign(const TCTTokenObjectHandle& aHandle, |
|
151 const TDesC8& aPlaintext, |
|
152 CryptoSpi::CCryptoParams*& aSignature, |
|
153 TRequestStatus& aStatus); |
|
154 #endif |
|
155 |
131 |
156 public: // For MCTKeyStoreManager except those (CreateKey, ImportKey, ImportEncryptedKey) |
132 public: // For MCTKeyStoreManager except those (CreateKey, ImportKey, ImportEncryptedKey) |
157 // that require a caller-specified store |
133 // that require a caller-specified store |
158 |
134 |
159 /** |
135 /** |
457 * |
433 * |
458 * @panic CUnifiedKeyStore 2 If aIndex s out of range, ie it is greater than |
434 * @panic CUnifiedKeyStore 2 If aIndex s out of range, ie it is greater than |
459 * or equal to the value returned by KeyStoreManagerCount(). |
435 * or equal to the value returned by KeyStoreManagerCount(). |
460 */ |
436 */ |
461 IMPORT_C MCTKeyStoreManager& KeyStoreManager(TInt aIndex); |
437 IMPORT_C MCTKeyStoreManager& KeyStoreManager(TInt aIndex); |
462 |
|
463 #ifdef SYMBIAN_AUTH_SERVER |
|
464 public: |
|
465 /** |
|
466 * Generates a new key pair. The creation of key is for currently authenticated |
|
467 * user. If currently there is no authenticated user then authentication of an user |
|
468 * would be required. |
|
469 * |
|
470 * For the software key store, the owner of the new key is set to the |
|
471 * calling process. Users can subsequently be added by calling SetUsers(). |
|
472 * |
|
473 * @param aKeyStoreIndex The index of the key store manager in which to |
|
474 * create the key. Must be between zero and |
|
475 * KeyStoreMangerCount() exclusive. |
|
476 * @param aUsage The key usage flags in the PKCS#15 format. |
|
477 * @param aSize The size of the key in bits. |
|
478 * @param aLabel A textual label for the key. |
|
479 * @param aAlgorithm The type of key. |
|
480 * @param aAccessType The key access type - a bitfield specifying key |
|
481 * access requirements. Allowed values are zero, or |
|
482 * a comination of CCTKeyInfo::EKeyAccess::ESenstive |
|
483 * and CCTKeyInfo::EKeyAccess::EExtractable |
|
484 * @param aStartDate The start of the validity period. |
|
485 * @param aEndDate The end of the validity period. |
|
486 * @param aAuthenticationString The expression through which a user can be authenticated. |
|
487 * Currently this should correspond to one of the alias values |
|
488 * set by the licensee for authentication server configuration. |
|
489 * @param aFreshness The validity to be considered for an already authenticated |
|
490 * identity. Specification is in seconds. |
|
491 * @param aKeyInfoOut A pointer that is set to a newly created key info |
|
492 * object on successful completion. |
|
493 * @param aStatus Final status of the operation. |
|
494 * |
|
495 * @capability WriteUserData Requires the caller to have WriteUserData capability |
|
496 * @leave KErrPermissionDenied If the caller does not have WriteUserData capability |
|
497 * @leave KErrKeyUsage If the key usage flags are not valid or not |
|
498 * consistent with the key algorithm. |
|
499 * @leave KErrKeyValidity If the validity start and end dates are specified |
|
500 * but do not form a valid time period. |
|
501 * @leave KErrAuthenticationFailure If the user authentication fails. |
|
502 * @leave ... Any of the system wide error code. |
|
503 * @panic If aKeyStoreIndex does not specify a valid keystore manager. |
|
504 */ |
|
505 |
|
506 IMPORT_C void CreateKey(TInt aKeyStoreIndex, TKeyUsagePKCS15 aUsage,TUint aSize, |
|
507 const TDesC& aLabel, CCTKeyInfo::EKeyAlgorithm aAlgorithm, |
|
508 TInt aAccessType, TTime aStartDate, TTime aEndDate, |
|
509 const TDesC& aAuthenticationString, TInt aFreshness, |
|
510 CCTKeyInfo*& aKeyInfoOut, TRequestStatus& aStatus) ; |
|
511 |
|
512 /** |
|
513 * Imports a key pair. The import of key is for currently authenticated |
|
514 * user. If currently there is no authenticated user then authentication |
|
515 * of an user would be required. |
|
516 * |
|
517 * For the software key store, the owner of the new key is set to the |
|
518 * calling process. Users can subsequently be added by calling SetUsers(). |
|
519 * |
|
520 * The key data should be in PKCS#8 format. Both encrypted and cleartext |
|
521 * versions are allowed. |
|
522 * |
|
523 * @param aKeyStoreIndex The index of the key store manager in which to |
|
524 * create the key. Must be between zero and |
|
525 * KeyStoreMangerCount() exclusive. |
|
526 * @param aKeyData The key data to import, ASN.1 DER encoded PKCS#8. |
|
527 * @param aUsage The key usage flags in the PKCS#15 format. |
|
528 * @param aLabel A textual label for the key. |
|
529 * @param aAccessType The key access type - a bitfield specifying key |
|
530 * access requirements. Allowed values are zero, or |
|
531 * a comination of CCTKeyInfo::EKeyAccess::ESenstive |
|
532 * and CCTKeyInfo::EKeyAccess::EExtractable |
|
533 * @param aStartDate The start of the validity period. |
|
534 * @param aEndDate The end of the validity period. |
|
535 * @param aAuthenticationString The expression through which a user can be authenticated. |
|
536 * Currently this should correspond to one of the alias values |
|
537 * set by the licensee for authentication server configuration. |
|
538 * @param aFreshness The validity to be considered for an already authenticated |
|
539 * identity. Specification is in seconds. |
|
540 * @param aKeyInfoOut A pointer that is set to a newly created key info |
|
541 * object on successful completion. |
|
542 * @param aStatus Final status of the operation. |
|
543 * |
|
544 * @capability WriteUserData Requires the caller to have WriteUserData capability |
|
545 * @leave KErrPermissionDenied If the caller does not have WriteUserData capability |
|
546 * @leave KErrKeyUsage If the key usage flags are not valid or not |
|
547 * consistent with the key algorithm. |
|
548 * @leave KErrKeyValidity If the validity start and end dates are specified |
|
549 * but do not form a valid time period. |
|
550 * @leave KErrArgument If the key data cannot be parsed. |
|
551 * @panic If aKeyStoreIndex does not specify a valid keystore manager. |
|
552 */ |
|
553 |
|
554 IMPORT_C void ImportKey( TInt aKeyStoreIndex, const TDesC8& aKeyData, |
|
555 TKeyUsagePKCS15 aUsage, const TDesC& aLabel, |
|
556 TInt aAccessType, TTime aStartDate, TTime aEndDate, |
|
557 const TDesC& aAuthenticationString, TInt aFreshness, |
|
558 CCTKeyInfo*& aKeyInfoOut, TRequestStatus& aStatus); |
|
559 |
|
560 /** |
|
561 * Set the authentication policy for an already existing key in the store. |
|
562 * |
|
563 * @param aHandle The handle of the key whose policy is to be changed. |
|
564 * @param aAuthenticationString The expression associated to this key. |
|
565 * @param aFreshness The validity associated to this key. |
|
566 * Specification is in seconds. |
|
567 * @param aStatus Final status of the operation. |
|
568 */ |
|
569 |
|
570 IMPORT_C void SetAuthenticationPolicy( const TCTTokenObjectHandle aHandle, |
|
571 const TDesC& aAuthenticationString, |
|
572 TInt aFreshness, |
|
573 TRequestStatus& aStatus); |
|
574 |
|
575 /** |
|
576 * Retrieve authentication policy for an already existing key in the store. |
|
577 * |
|
578 * @param aHandle The handle of the key whose policy is to be retrieved. |
|
579 * @param aAuthenticationString The expression associated to this key. The memory would |
|
580 * be allocated at the server side. |
|
581 * @param aFreshness The validity associated to this key. |
|
582 * Specification is in seconds. |
|
583 * @param aStatus Final status of the operation. |
|
584 */ |
|
585 |
|
586 IMPORT_C void GetAuthenticationPolicy( const TCTTokenObjectHandle aHandle, |
|
587 HBufC*& aAuthenticationString, |
|
588 TInt& aFreshness, |
|
589 TRequestStatus& aStatus); |
|
590 #endif // SYMBIAN_AUTH_SERVER |
|
591 |
438 |
592 private: |
439 private: |
593 CUnifiedKeyStore(RFs& aFs); |
440 CUnifiedKeyStore(RFs& aFs); |
594 void ConstructL(); |
441 void ConstructL(); |
595 private: // From CActive |
442 private: // From CActive |