Sailfish Secrets
API DocumentationEncryptedStoragePlugin Class
(Sailfish::Secrets::EncryptedStoragePlugin)Specifies an interface allowing storage and retrieval of secrets into and from an encrypted backing store. More...
| Header: | #include <Secrets/Plugins/extensionplugins.h> |
| Inherits: | Sailfish::Secrets::PluginBase |
Public Functions
| EncryptedStoragePlugin() | |
| virtual | ~EncryptedStoragePlugin() |
| virtual Sailfish::Secrets::Result | accessSecret(const QString &secretName, const QByteArray &key, QByteArray *secret, Sailfish::Secrets::Secret::FilterData *filterData) = 0 |
| virtual Sailfish::Secrets::Result | collectionNames(QStringList *names) = 0 |
| virtual Sailfish::Secrets::Result | createCollection(const QString &collectionName, const QByteArray &key) = 0 |
| virtual Sailfish::Secrets::Result | deriveKeyFromCode(const QByteArray &authenticationCode, const QByteArray &salt, QByteArray *key) = 0 |
| virtual Sailfish::Secrets::EncryptionPlugin::EncryptionAlgorithm | encryptionAlgorithm() const = 0 |
| virtual Sailfish::Secrets::EncryptionPlugin::EncryptionType | encryptionType() const = 0 |
| virtual Sailfish::Secrets::Result | findSecrets(const QString &collectionName, const Sailfish::Secrets::Secret::FilterData &filter, Sailfish::Secrets::StoragePlugin::FilterOperator filterOperator, QVector<Sailfish::Secrets::Secret::Identifier> *identifiers) = 0 |
| virtual Sailfish::Secrets::Result | getSecret(const QString &collectionName, const QString &secretName, QByteArray *secret, Sailfish::Secrets::Secret::FilterData *filterData) = 0 |
| virtual Sailfish::Secrets::Result | isCollectionLocked(const QString &collectionName, bool *locked) = 0 |
| virtual Sailfish::Secrets::Result | reencrypt(const QString &collectionName, const QByteArray &oldkey, const QByteArray &newkey) = 0 |
| virtual Sailfish::Secrets::Result | reencryptSecret(const QString &secretName, const QByteArray &oldkey, const QByteArray &newkey) = 0 |
| virtual Sailfish::Secrets::Result | removeCollection(const QString &collectionName) = 0 |
| virtual Sailfish::Secrets::Result | removeSecret(const QString &collectionName, const QString &secretName) = 0 |
| virtual Sailfish::Secrets::Result | removeSecret(const QString &secretName) = 0 |
| virtual Sailfish::Secrets::Result | secretNames(const QString &collectionName, QStringList *secretNames) = 0 |
| virtual Sailfish::Secrets::Result | setEncryptionKey(const QString &collectionName, const QByteArray &key) = 0 |
| virtual Sailfish::Secrets::Result | setSecret(const QString &collectionName, const QString &secretName, const QByteArray &secret, const Sailfish::Secrets::Secret::FilterData &filterData) = 0 |
| virtual Sailfish::Secrets::Result | setSecret(const QString &secretName, const QByteArray &secret, const Sailfish::Secrets::Secret::FilterData &filterData, const QByteArray &key) = 0 |
| virtual Sailfish::Secrets::StoragePlugin::StorageType | storageType() const = 0 |
- 11 public functions inherited from Sailfish::Secrets::PluginBase
Detailed Description
Specifies an interface allowing storage and retrieval of secrets into and from an encrypted backing store.
The EncryptedStoragePlugin type specifies an interface which includes a variety of operations on secrets and collections of secrets, where the underlying storage is encrypted (e.g. block-level file encryption using SQLCipher, or an encrypted USB device).
The basic mode of operation of this type of plugin is that either the entire storage will need to be unlocked (via the PluginBase::unlock() method) or a specific collection will need to be unlocked (via the setEncryptionKey() method) before data can be read from or written to the storage. See the included SQLCipher-based plugin for an example of a plugin which supports per-collection locking (via setEncryptionKey()).
If a plugin implements both the EncryptedStoragePlugin interface and the Sailfish::Crypto::CryptoPlugin interface, it is referred to as a crypto-storage plugin (and can store or provides cryptographic keys for use by clients). See the included example USB token plugin for an example of a plugin which provides built-in encryption keys and requires storage unlocking, and implements both the EncryptedStoragePlugin and CryptoPlugin interfaces.
Plugin implementers must be aware that the information reporting methods (storageType(), encryptionType(), and encryptionAlgorithm()) will be invoked from the main thread of the secrets daemon, while the various interface operation methods will be invoked from a separate thread. Plugins are loaded and plugin instances are constructed in the main thread.
Member Function Documentation
EncryptedStoragePlugin::EncryptedStoragePlugin()
Construct a new EncryptedStoragePlugin instance
[virtual] EncryptedStoragePlugin::~EncryptedStoragePlugin()
Clean up any memory associated with the EncryptedStoragePlugin instance
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::accessSecret(const QString &secretName, const QByteArray &key, QByteArray *secret, Sailfish::Secrets::Secret::FilterData *filterData)
Retrieve the standalone secret identified by the given secretName and decrypt it with the specified key, and also retrieve its associated filterData.
The key is guaranteed to have been derived by this plugin, via a previous call to deriveKeyFromCode().
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the storage plugin does not support storing standalone secrets, it should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::OperationNotSupportedError.
If no standalone secret with the specified secretName is stored in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidSecretError.
Otherwise the secret and filterData for the secret with the given secretName should be retrieved, the secret should be decrypted with the given key, and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::collectionNames(QStringList *names)
Writes the names of collections managed by the plugin to names
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the encrypted storage plugin supports storing collections of secrets, it must implement this method by returning the names of currently stored collections into the out-parameter names and returning a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
Otherwise, it should write an empty list of collection names to the out-parameter names and return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::createCollection(const QString &collectionName, const QByteArray &key)
Creates a collection encrypted with the given key within which to store secrets called collectionName
The key is guaranteed to have been derived by this plugin, via a previous call to deriveKeyFromCode().
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the storage plugin does not support the creation of new collections, it should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::OperationNotSupportedError.
If a collection with that name already exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::CollectionAlreadyExistsError.
If the encrypted storage plugin supports storing collections of secrets, it must implement this method such that the new collection is created, its name is subsequently returned from collectionNames(), and secrets can be stored in it, and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::deriveKeyFromCode(const QByteArray &authenticationCode, const QByteArray &salt, QByteArray *key)
Derive an encryption key valid for use in encryption and decryption operations offered by this plugin from the given authenticationCode and salt, and write it to the out-parameter key.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
[pure virtual] Sailfish::Secrets::EncryptionPlugin::EncryptionAlgorithm EncryptedStoragePlugin::encryptionAlgorithm() const
Returns the encryption algorithm which is used by the plugin
[pure virtual] Sailfish::Secrets::EncryptionPlugin::EncryptionType EncryptedStoragePlugin::encryptionType() const
Returns the type of encryption capability offered by the plugin
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::findSecrets(const QString &collectionName, const Sailfish::Secrets::Secret::FilterData &filter, Sailfish::Secrets::StoragePlugin::FilterOperator filterOperator, QVector<Sailfish::Secrets::Secret::Identifier> *identifiers)
Retrieve the names of secrets in the collection identified by the given collectionName which match the given filter according to the specified filterOperator, and return them in the identifiers out-parameter.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If no collection with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidCollectionError.
If the collection identified by the given collectionName is locked then the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::CollectionIsLockedError.
Otherwise the secret names should be retrieved from the collection and a vector of valid identifiers should be constructed and returned in the out-parameter identifiers, and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::getSecret(const QString &collectionName, const QString &secretName, QByteArray *secret, Sailfish::Secrets::Secret::FilterData *filterData)
Retrieve the secret data and filter data for the secret identified by the given secretName from the collection identified by the given collectionName and write them to the secret and filterData out-parameters respectively.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If no collection with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidCollectionError.
If the collection identified by the given collectionName is locked then the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::CollectionIsLockedError.
If no secret identified by the given secretName exists within the specified collection then the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidSecretError.
Otherwise the secret and filterData for the secret with the given secretName should be retrieved from the collection and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::isCollectionLocked(const QString &collectionName, bool *locked)
Writes true to the out-parameter locked if the collection with the given collectionName is locked and needs to be unlocked via setEncryptionKey() before any data can be written to or read from it.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If no collection with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidCollectionError.
Otherwise, the lock state of the collection should be written to the locked out-parameter, and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::reencrypt(const QString &collectionName, const QByteArray &oldkey, const QByteArray &newkey)
Transactionally unlock the collection with the given collectionName with the given oldkey and then re-encrypt it with the specified newkey.
The oldkey and the newkey are guaranteed to have been derived by this plugin, via a previous call to deriveKeyFromCode().
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the plugin does not support per-collection locks (or per-collection encryption) but instead only supports plugin-global locking, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::OperationNotSupportedError.
If no collection with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidCollectionError.
If the oldkey does not successfully unlock the collection then the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::CollectionIsLockedError.
Otherwise the collection should be encrypted with the newkey and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::reencryptSecret(const QString &secretName, const QByteArray &oldkey, const QByteArray &newkey)
Reencrypt the standalone secret with the specified secretName with the given newkey after decrypting it with the given oldkey.
Both the newkey and the oldkey are guaranteed to have been derived by this plugin, via previous calls to deriveKeyFromCode().
Only the secret data (and not the filter data) should be re-encrypted.
This method will be invoked if the user changes the master encryption key, if any standalone secret stored within this storage plugin uses master-lock (or device-lock) semantics. It will also be invoked if the user changes a custom-lock associated with a standalone secret.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the storage plugin does not support storing standalone secrets, it should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::OperationNotSupportedError.
If no standalone secret with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidSecretError.
If the oldkey does not successfully decrypt the secret data then the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginDecryptionError.
If the secret data was re-encrypted and updated within storage successfully, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::removeCollection(const QString &collectionName)
Removes the collection with the given collectionName from the storage managed by the plugin.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the storage plugin does not support the removal of collections, it should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::OperationNotSupportedError.
If no collection with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidCollectionError.
If the encryptedstorage plugin supports removing collections of secrets, it must implement this method such that the specified collection is removed, its name is subsequently no longer returned from collectionNames(), and and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded. Any secrets which were stored into this collection should be removed as part of this operation.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::removeSecret(const QString &collectionName, const QString &secretName)
Remove the secret (and associated filter data) identified by the given secretName from the collection identified by the given collectionName.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If no collection with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidCollectionError.
If the collection identified by the given collectionName is locked then the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::CollectionIsLockedError.
If no standalone secret with the given secretName exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidSecretError.
Otherwise the secret with the given secretName should be removed from the collection and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::removeSecret(const QString &secretName)
Remove the standalone secret identified by the given secretName along with any associated filter data.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the storage plugin does not support storing standalone secrets, it should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::OperationNotSupportedError.
Otherwise the secret and filter data for the secret with the given secretName should be removed from the storage managed by the plugin, and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::secretNames(const QString &collectionName, QStringList *secretNames)
Retrive the names of secrets stored in the collection identified by the given collectionName and write them to the out-parameter secretNames.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If no collection with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidCollectionError.
If the collection identified by the given collectionName is locked then the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::CollectionIsLockedError.
Otherwise the secretNames should be retrieved from the collection and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::setEncryptionKey(const QString &collectionName, const QByteArray &key)
Unlock the collection identified by the given collectionName using the specified encryption key.
The key is guaranteed to have been derived by this plugin, via a previous call to deriveKeyFromCode().
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the plugin does not support per-collection locks (or per-collection encryption) but instead only supports plugin-global locking, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::OperationNotSupportedError.
If the given key is correct, the collection should be able to be written to and read from, and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
Otherwise, if the key is incorrect, the plugin should lock the collection if it was previous unlocked, and return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded, but the new lock-state of the collection should be reflected in the out-parameter result of subsequent calls to isCollectionLocked().
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::setSecret(const QString &collectionName, const QString &secretName, const QByteArray &secret, const Sailfish::Secrets::Secret::FilterData &filterData)
Store secret data identified by the given secretName with associated filterData into the collection identified by the given collectionName.
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If no collection with that name exists in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::InvalidCollectionError.
If the collection identified by the given collectionName is locked then the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::CollectionIsLockedError.
If a secret with the specified secretName is already stored in the collection identified by the given collectionName, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretAlreadyExistsError.
Otherwise the secret and filterData for the secret with the given secretName should be stored into the collection and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::Result EncryptedStoragePlugin::setSecret(const QString &secretName, const QByteArray &secret, const Sailfish::Secrets::Secret::FilterData &filterData, const QByteArray &key)
Store a standalone secret identified by the given secretName with the specified secret data and filter data filterData, encrypted with the specified encryption key.
The key is guaranteed to have been derived by this plugin, via a previous call to deriveKeyFromCode().
If the plugin itself is locked, this function should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretsPluginIsLockedError.
If the storage plugin does not support storing standalone secrets, it should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::OperationNotSupportedError.
If a standalone secret with the specified secretName is already stored in the storage managed by the plugin, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Failed and the error code set to Sailfish::Secrets::Result::SecretAlreadyExistsError.
Otherwise the secret and filterData for the secret with the given secretName should be stored and the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Result::Succeeded.
If the operation failed due to storage backend failure, the plugin should return a Sailfish::Secrets::Result with the result code set to Sailfish::Secrets::Failed and the error code set to Sailfish::Secrets::Result::DatabaseError.
[pure virtual] Sailfish::Secrets::StoragePlugin::StorageType EncryptedStoragePlugin::storageType() const
Returns the type of storage which is exposed by the plugin