Mercurial Mercurial > oss > FCL > sf > os > security / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
cryptomgmtlibs/cryptotokenfw/inc_interfaces/MCTKeyStoreManager_v2.h
branchRCL_3
changeset 95 641f389e9157
parent 53 030c4fbc13d7
child 96 a71299154b21 
--- a/cryptomgmtlibs/cryptotokenfw/inc_interfaces/MCTKeyStoreManager_v2.h	Thu Aug 19 11:38:48 2010 +0300
+++ b/cryptomgmtlibs/cryptotokenfw/inc_interfaces/MCTKeyStoreManager_v2.h	Tue Aug 31 17:00:08 2010 +0300
@@ -278,6 +278,194 @@
 	/** Cancels an ongoing Relock() operation. */
 	virtual void CancelRelock() = 0;
 
+#ifdef SYMBIAN_AUTH_SERVER
+	/**
+	 * Generate a new key pair and store it in keystore. The key should be stored against an
+	 * already authenticated user. If there is no user currently authenticated then authentication
+	 * should be performed before creation of the key.
+	 *	
+	 * @param aReturnedKey				This is filled by the caller with required
+	 *									attributes, leaving the TKeyIdentifier iID and object handle 
+	 * 									iHandle	uninitialised - these values are set if the key is 
+	 * 									created successfully.
+ 	 * @param aAuthenticationString		The expression through which a user can be authenticated.
+	 * 									Currently this should correspond to one of the alias values
+	 * 									set by the licensee for authentication server configuration.
+	 * 									This should be stored against the created key.
+	 * @param aFreshness				The validity to be considered for an already authenticated 
+	 * 									identity. This should be stored against the created key. 
+	 * 									Specification is in seconds.
+	 * 
+	 * @param aStatus					This will be completed with the final status code. Some specific
+	 * 									codes are as follows.
+	 * 									KErrPermissionDenied		If the caller does not have WriteUserData 
+	 * 																capability.
+	 * 									KErrAlreadyExists			If a key with the specified label already
+	 *																exists in the keystore for the specific
+	 * 																user.
+	 * 									KErrKeySize					If the requested key size is not supported.
+	 * 									KErrKeyAccess				If an invalid combination of key access 
+	 * 																flags were specified.
+	 * 									KErrKeyValidity				If a validity period was specified, but the 
+	 * 																end date was in the past.
+	 * 									KErrAuthenticationFailure	If the user authentication fails.
+	 * 
+	 * @see 							AuthServer::CAuthExpression
+	 * 
+	 * @capability WriteUserData	Should require the caller to have WriteUserData capability.
+	 */
+	virtual void CreateKey(	const TDesC& /*aAuthenticationString*/, 
+							TInt /*aFreshness*/,
+							CCTKeyInfo*& /*aReturnedKey*/,
+							TRequestStatus& aStatus )
+		{
+		TRequestStatus* status = &aStatus;
+		User::RequestComplete(status,KErrNotSupported);
+		}
+
+	/**
+	 * Imports a der-encoded PKCS#8 format key pair into the keystore. The key should be stored against an
+	 * already authenticated user. If there is no user currently authenticated then authentication
+	 * should be performed before creation of the key.
+	 *
+	 * 
+	 * @param aKey						This is a descriptor representation of the PKCS#8 key data.
+	 * @param aAuthenticationString		The expression through which a user can be authenticated.
+	 * 									Currently this should correspond to one of the alias values
+	 * 									set by the licensee for authentication server configuration.
+	 * 									This should be stored against the created key.
+	 * @param aFreshness				The validity to be considered for an already authenticated 
+	 * 									identity. This should be stored against the created key.
+	 * 									Specification is in seconds.
+	 * @param aReturnedKey				This is filled by the caller with required
+	 *									attributes, leaving the TKeyIdentifier iID and object handle 
+	 * 									iHandle	uninitialised - these values are set if the key is 
+	 * 									created successfully.
+	 * @param aStatus					This will be completed with the final status code. Some specific
+	 * 									codes are as follows.
+	 * 									KErrPermissionDenied	If the caller does not have WriteUserData 
+	 * 															capability.
+	 * 									KErrAlreadyExists		If a key with the specified label already 
+	 * 															exists in the keystore for the specific
+	 * 															user.
+	 * 									KErrKeySize				If the requested key size is not supported.
+	 * 									KErrKeyAccess			If an invalid combination of key access flags 
+	 * 															were specified.
+	 * 									KErrKeyValidity			If a validity period was specified, but the end
+	 *															date was in the past.
+	 * 									KErrArgument			If there is an error parsing the key data.
+	 * 									KErrAuthenticationFailure	If the user authentication fails.
+	 * 
+	 * @see 							AuthServer::CAuthExpression
+	 * 
+	 * @capability WriteUserData			Should require the caller to have WriteUserData capability
+	*/
+	virtual void ImportKey( const TDesC8& /*aKey*/, 
+							const TDesC& /*aAuthenticationString*/, 
+							TInt /*aFreshness*/, 
+							CCTKeyInfo*& /*aReturnedKey*/, 
+							TRequestStatus& aStatus )
+		{
+		TRequestStatus* status = &aStatus;
+		User::RequestComplete(status,KErrNotSupported);
+		}
+
+	/**
+	 * Imports an encrypted key pair into the keystore. The key should be stored against an
+	 * already authenticated user. If there is no user currently authenticated then authentication
+	 * should be performed before creation of the key.
+	 *
+	 * The import data should be der-encoded PKCS#8 format encrypted in accordance to PKCS#5 
+	 * specification.
+	 * 
+	 * @param aKey						This is a descriptor representation of the PKCS#8 key data.
+	 * 									Encrypted in accordance to PKCS#5 specification.	
+	 * @param aAuthenticationString		The expression through which a user can be authenticated.
+	 * 									Currently this should correspond to one of the alias values
+	 * 									set by the licensee for authentication server configuration.
+	 * 									This should be stored against the created key.
+	 * @param aFreshness				The validity to be considered for an already authenticated 
+	 * 									identity. This should be stored against the created key.
+	 * 									Specification is in seconds.
+	 * @param aReturnedKey				This is filled by the caller with required
+	 *									attributes, leaving the TKeyIdentifier iID and object handle 
+	 * 									iHandle	uninitialised - these values are set if the key is 
+	 * 									created successfully.
+	 * @param aStatus					This will be completed with the final status code. Some specific
+	 * 									codes are as follows.
+	 * 									KErrPermissionDenied	If the caller does not have WriteUserData 
+	 * 															capability.
+	 * 									KErrAlreadyExists		If a key with the specified label already 
+	 * 															exists in the keystore for the specific
+	 * 															user.
+	 * 									KErrKeySize				If the requested key size is not supported.
+	 * 									KErrKeyAccess			If an invalid combination of key access flags 
+	 * 															were specified.
+	 * 									KErrKeyValidity			If a validity period was specified, but the end
+	 *															date was in the past.
+	 * 									KErrArgument			If there is an error parsing the key data.
+	 * 									KErrAuthenticationFailure	If the user authentication fails.
+	 * 
+	 * @see 							AuthServer::CAuthExpression
+	 * 
+	 * @capability WriteUserData		Should require the caller to have WriteUserData capability
+	*/
+	virtual void ImportEncryptedKey( 	const TDesC8& /*aKey*/, 
+										const TDesC& /*aAuthenticationString*/, 
+										TInt /*aFreshness*/, 
+										CCTKeyInfo*& /*aReturnedKey*/, 
+										TRequestStatus& aStatus )
+		{
+		TRequestStatus* status = &aStatus;
+		User::RequestComplete(status, KErrNotSupported);
+		}
+	
+	/**
+	 *  Set the authentication policy for an already existing key in the store.
+	 * 
+	 * @param aHandle					The handle of the key whose policy is to be changed.
+	 * @param aAuthenticationString		The expression associated to this key.
+	 * @param aFreshness				The validity associated to this key.
+	 * 									Specification is in seconds.
+	 * @param aStatus					Final status of the operation.
+	 * 									KErrAuthenticationFailure	If the user authentication fails.
+	 * 
+	 * @see 							AuthServer::CAuthExpression
+	 *   
+	*/
+	virtual void SetAuthenticationPolicy(	const TCTTokenObjectHandle /*aHandle*/,
+											const TDesC& /*aAuthenticationString*/,
+											TInt /*aFreshness*/,
+											TRequestStatus& aStatus)
+		{
+		TRequestStatus* status = &aStatus;
+		User::RequestComplete(status, KErrNotSupported);
+		}
+	
+	/**
+	 *  Retrieve authentication policy for an already existing key in the store.
+	 * 
+	 * @param aHandle					The handle of the key whose policy is to be retrieved.
+	 * @param aAuthenticationString		The expression associated to this key. The memory would
+	 * 									be allocated at the server side.
+	 * @param aFreshness				The validity associated to this key.
+	 * 									Specification is in seconds.
+	 * @param aStatus					Final status of the operation.
+	 * 									KErrAuthenticationFailure	If the user authentication fails.
+	 * 
+	 * @see 							AuthServer::CAuthExpression
+	 *  
+	*/
+	virtual void GetAuthenticationPolicy(	const TCTTokenObjectHandle /*aHandle*/,
+											HBufC*& /*aAuthenticationString*/,
+											TInt& /*aFreshness*/,
+											TRequestStatus& aStatus)
+		{
+		TRequestStatus* status = &aStatus;
+		User::RequestComplete(status, KErrNotSupported);
+		}
+#endif // SYMBIAN_AUTH_SERVER
+
 };
FCL/sf/os/security