TPKCS5KDF Class Reference

class TPKCS5KDF

A PKCS#5 compliant Key Derivation Function (KDF).

This class allows the derivation of deterministic arbitrary length byte streams from an input string. The output byte stream is generated using multiple iterations of a CSHA1 message digest and is suitable for use as a cryptographic symmetric key.

Since
v7.0s
Public Member Functions
IMPORT_C void DeriveKeyL ( TDes8 &, const TDesC8 &, const TDesC8 &, TUint )
Private Member Functions
void F ( CMessageDigest &, TUint32 *, TUint32 *, TUint32 *, TUint , const TUint32 *, TUint , TUint , TUint )
void XORString (const TUint32 *, TUint32 *, TUint )

Member Functions Documentation

DeriveKeyL(TDes8 &, const TDesC8 &, const TDesC8 &, TUint)

IMPORT_C void DeriveKeyL ( TDes8 & aKey,
const TDesC8 & aPasswd,
const TDesC8 & aSalt,
TUint aIterations =  KDefaultIterations
) [static]

Derives deterministic arbitrary length byte streams (aKey) from an input string (aPasswd) and a randomly chosen salt (aSalt) for use as a symmetric key.

Attention -- Improperly chosen values for these parameters will seriously impact the security of the derived key and as a result the security of your application.

See the Cryptography api-guide documentation for more information and recommended usage patterns.

Parameters

TDes8 & aKey Output Value. The key resulting from the operation. The length of the key will be equal to the length of the input descriptor. All data, from the first byte to the set length, will be overwritten with the resulting byte stream.
const TDesC8 & aPasswd Input Value. The password you wish to derive a key from.
const TDesC8 & aSalt Input Value. A randomly selected second input to the key derivation function to discourage certain attacks. PKCS5 recommends a minimum of 8 randomly chosen bytes.
TUint aIterations =  KDefaultIterations Input Value. The number of times the internal hashing function should be run over the password and salt. Minimum recommendation is KDefaultIterations.

F(CMessageDigest &, TUint32 *, TUint32 *, TUint32 *, TUint, const TUint32 *, TUint, TUint, TUint)

void F ( CMessageDigest & aDigest,
TUint32 * aAccumulator,
TUint32 * S,
TUint32 * Ui,
TUint aHashBytes,
const TUint32 * aSalt,
TUint aSaltBytes,
TUint c,
TUint i
) [private, static]

Internal iterative function that performs the actual hashing.

Parameters

CMessageDigest & aDigest
TUint32 * aAccumulator
TUint32 * S
TUint32 * Ui
TUint aHashBytes
const TUint32 * aSalt
TUint aSaltBytes
TUint c
TUint i

XORString(const TUint32 *, TUint32 *, TUint)

void XORString ( const TUint32 * aOp1,
TUint32 * aOp2,
TUint aLength
) [private, static, inline]

XOR's the values of two equal length descriptors. Internally, it operates on a word by word basis. Data stored beyond the end of the descriptor, but before the end of the final word, will be xored as well.

Parameters

const TUint32 * aOp1
TUint32 * aOp2
TUint aLength