|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE task |
|
11 PUBLIC "-//OASIS//DTD DITA Task//EN" "task.dtd"> |
|
12 <task id="GUID-F446E658-B717-5257-9C5C-442B07B19565" xml:lang="en"><title> Performing |
|
13 Cryptographic Operations with Keys</title><abstract><p>You can use various types of algorithms (for example RSA sign, |
|
14 DSA sign, Decrypt, DH key agreement, and so on) to perform cryptographic operations |
|
15 with keys in the unified keystore. This section provides information on the |
|
16 signing process. </p><p> The following steps explain the process of signing |
|
17 keys by considering the example of an RSA signing operation:</p></abstract><prolog><metadata><keywords/></metadata></prolog><taskbody> |
|
18 <steps id="GUID-E7265950-3F94-51A6-BD6E-E99A25152E0B"> |
|
19 <step id="GUID-98896CA9-D5F6-5FCD-92B8-627D701DD080"><cmd/> |
|
20 <info>Create an object of type CUnifiedKeyStore using <xref href="GUID-818689D6-EB99-382E-A435-D9C6C5D464DE.dita#GUID-818689D6-EB99-382E-A435-D9C6C5D464DE/GUID-C7A96153-4179-3B3F-878D-1EAA64A98D39"><apiname>CUnifiedKeyStore::NewL()</apiname></xref> or <xref href="GUID-818689D6-EB99-382E-A435-D9C6C5D464DE.dita#GUID-818689D6-EB99-382E-A435-D9C6C5D464DE/GUID-217FBB3B-CEF5-36F2-A612-EDDA0982053C"><apiname>CUnifiedKeyStore::NewLC()</apiname></xref>. </info> |
|
21 </step> |
|
22 <step id="GUID-3CFD0F4D-5467-5FE5-9003-F16FDF6750B1"><cmd/> |
|
23 <info>Initialise the member functions and keystore using the asynchronous |
|
24 function <xref href="GUID-818689D6-EB99-382E-A435-D9C6C5D464DE.dita#GUID-818689D6-EB99-382E-A435-D9C6C5D464DE/GUID-6C5D732C-1FD1-3EF0-AC90-87690F891B8D"><apiname>CUnifiedKeyStore::Initialize()</apiname></xref>. </info> |
|
25 </step> |
|
26 <step id="GUID-73A277E5-45B8-5F87-B114-2004AE4DD4C5"><cmd/> |
|
27 <info>List all the keys in the keystore and then retrieve the key to be signed |
|
28 based on filter criteria. </info> |
|
29 </step> |
|
30 <step id="GUID-036E7985-FB51-52C5-BC27-4ADAD38E0923"><cmd>Invoke the <codeph>MKeyStore::Open()</codeph> function |
|
31 for opening the key. This also enables the creation of an object capable of |
|
32 performing the required signing operation. In the case of an RSA signing process, |
|
33 the key is opened to create a <codeph>MRSASigner</codeph> object. </cmd> |
|
34 <info> Note: The following table lists the objects created for different cryptographic |
|
35 operations: </info> |
|
36 <stepxmp><table id="GUID-0DE1BD27-AF6F-5CC1-8A9E-9D36380D4EBE"> |
|
37 <tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/> |
|
38 <tbody> |
|
39 <row> |
|
40 <entry><p> <b>Operation</b> </p> </entry> |
|
41 <entry><p> <b>Object</b> </p> </entry> |
|
42 </row> |
|
43 <row> |
|
44 <entry><p>DSA Sign </p> </entry> |
|
45 <entry><p> <codeph>MDSASigner</codeph> </p> </entry> |
|
46 </row> |
|
47 <row> |
|
48 <entry><p>Decrypt </p> </entry> |
|
49 <entry><p> <codeph>MCTDecryptor</codeph> </p> </entry> |
|
50 </row> |
|
51 <row> |
|
52 <entry><p>DH Key Agreement </p> </entry> |
|
53 <entry><p> <codeph>MCTDH</codeph> </p> </entry> |
|
54 </row> |
|
55 </tbody> |
|
56 </tgroup> |
|
57 </table> </stepxmp> |
|
58 </step> |
|
59 <step id="GUID-D3E1854A-D798-5CB5-B528-AB5F672C2AC7"><cmd/> |
|
60 <info>Use <codeph>MCTSigner::SignMessage()</codeph> or <codeph>MCTSigner::Sign()</codeph> to |
|
61 perform the signing operation. </info> |
|
62 </step> |
|
63 </steps> |
|
64 <result><p>The <codeph>CRSASignature</codeph> object contains the value of |
|
65 the signing operation. </p> </result> |
|
66 <example><p>The following code snippet shows RSA signing operation: </p><codeblock id="GUID-B7FA7CF8-38D6-5088-B51E-73AB04139997" xml:space="preserve"> |
|
67 |
|
68 //Create a file system session object |
|
69 RFs iFs; |
|
70 CleanupClosePushL(&iFs); |
|
71 |
|
72 |
|
73 //Initialise the keystore and member functions |
|
74 CUnifiedKeyStore* keyStore = CUnifiedKeyStore::NewL(fs); |
|
75 keyStore->Initialize(iStatus); //iStatus is a TRequestStatus object |
|
76 |
|
77 |
|
78 ... |
|
79 |
|
80 |
|
81 |
|
82 // Create a filter to retrieve all keys from the store |
|
83 TCTKeyAttributeFilter filter; |
|
84 filter.iPolicyFilter = TCTKeyAttributeFilter:EAllKeys; |
|
85 |
|
86 |
|
87 |
|
88 // Retrieve a list of all the keys from the key store |
|
89 RPointerArray<CCTKeyInfo> iKeys; // This variable will contain the key to be signed |
|
90 iKeyStore->List(iKeys,filter,iStatus); |
|
91 |
|
92 |
|
93 ... |
|
94 |
|
95 |
|
96 // Retrieve the key based on the label you are looking for |
|
97 _LIT(Klabel,”keylabel”); |
|
98 TInt keyCount = iKeys.Count(); |
|
99 for (i = 0; i < keyCount; i++) |
|
100 { |
|
101 CCTKeyInfo* keyInfo = iKeys[i]; |
|
102 if (keyInfo->Label() == Klabel) |
|
103 { |
|
104 // Create a signer object for the key |
|
105 MRSASigner* iRSASigner |
|
106 // The signer object will be returned after the key has been opened for signing |
|
107 keyStore->Open(*keyInfo, iRSASigner, iStatus); |
|
108 break; |
|
109 } |
|
110 } |
|
111 |
|
112 |
|
113 |
|
114 // Perform the signing operation |
|
115 |
|
116 // Define the data for signing |
|
117 |
|
118 HBufC* dataToSign; |
|
119 dataToSign = HBufC::NewL(20); |
|
120 _LIT(KTxtSign,"Data to be signed"); |
|
121 *dataToSign = KTxtSign; |
|
122 |
|
123 |
|
124 CRSASignature* iRSASignature; |
|
125 // iRSASignature will contain the result after the completion |
|
126 // of the following request |
|
127 |
|
128 iRSASigner->SignMessage(*dataToSign, iRSASignature, iStatus); |
|
129 |
|
130 |
|
131 ... |
|
132 |
|
133 |
|
134 // Retrieve the RSA signature value through the CRSASignature object |
|
135 TInt signature = iRSASignature->S(); |
|
136 </codeblock></example> |
|
137 </taskbody><related-links> |
|
138 <link href="GUID-C4389D60-2A8D-532D-9D92-E57B0CCD14CF.dita"><linktext>Unified Keystore</linktext> |
|
139 </link> |
|
140 </related-links></task> |