The unified keystore allows you to search all keys on a device regardless of which keystore they are in.
Filter Criteria | Description |
The key identifier | Used when searching for a particular key. |
The key usage | Used when searching for a key usage, for example encryption. |
The key owner UID | Used when searching for a key owner. Applications must use this to prevent them seeing insecure keys that might have been added by a malicious application. |
The key algorithm | Used when searching for a particular key algorithm, for example RSA. |
The following steps explain the process of finding keys in a keystore:
Keys are listed based on the specified filter criteria.
The following code snippet shows how to set a file system session object, initialize the keystore and its member functions, specify filter criteria for the types of keys to be listed, and then list the specific set of keys.
//Create a file system session object RFs iFs; CleanupClosePushL(&iFs); //Initialise the keystore and member functions CUnifiedKeyStore* keyStore = CUnifiedKeyStore::NewL(iFs); keyStore->Initialize(iStatus); //iStatus is a TRequestStatus object //Specify the filter criteria RPointerArray<CCTKeyInfo> iKeys; // This variable will contain the keys found TCTKeyAttributeFilter filter; filter.iOwner = KApplicationUID; // The UID of the key owner application filter.iUsage = EPKCS15UsageSign; filter.iKeyAlgorithm = CCTKeyInfo::EDSA; //List keys based on specified filter criteria iKeyStore->List(iKeys, filter, iStatus); //Clean up CleanupStack::PopAndDestroy(); // iFs