Exporting a Private Key

This section explains the steps to export a private key from the keystore. Private keys can be exported in plain text and encrypted formats.

The following steps explain the process of exporting a private key:


  1. Create a file system session using an RFs object.

  2. Create an object of type CUnifiedKeyStore using CUnifiedKeyStore::NewL() or CUnifiedKeyStore::NewLC().

  3. Initialise the member functions and keystore using the asynchronous function CUnifiedKeyStore::Initialize().

  4. Use the CUnifiedKeyStore::List() function to list the keys of the keystore. Retrieve the handle of the private key to be exported.

  5. Invoke the CUnifiedKeyStore::ExportKey() function for exporting the private key in plain text format or the CUnifiedKeyStore::ExportEncryptedKey() function for exporting in encrypted format.

A private key is exported in plain text or encrypted format.

Example

The following code snippet shows how to set a file system session object, list the keys in the keystore and then export the selected private key in plain text format.



//Create a file system session object
RFs iFs;
CleanupClosePushL(&iFs);


//Initialise the keystore and member functions
CUnifiedKeyStore* keyStore = CUnifiedKeyStore::NewL(iFs);
keyStore->Initialize(iStatus); //iStatus is a TRequestStatus object


//List the keys of the keystore
RPointerArray<CCTKeyInfo> iKeys; //This variable will contain the result after the completion of the export operation
TCTKeyAttributeFilter  filter.iUsage = EPKCS15UsageAll;
keyStore->List(iKeys, filter, iStatus);

...


//Retrieve the handle of the private key to be exported
_LIT(KLabel,”keylabel”);
TInt keyIndex;

//Select the key
for (TInt j = 0; j < iKeys.Count(); j++)
    {
    if (iKeys[j]->Label() == KLabel) 
        {
         keyIndex = j;
         break;
        }
    }

...


//Export the key 
HBufC8* iKeyData = NULL;
TCTTokenObjectHandle aHandle = iKeys[keyIndex]->Handle();
keyStore->ExportKey(aHandle, iKeyData, iStatus);


//Clean up
CleanupStack::PopAndDestroy(); // iFs