| class TPKCS5KDF |
A PKCS#5 compliant Key Derivation Function (KDF).
This class allows the derivation of deterministic arbitrary length byte streams from an input string. The output byte stream is generated using multiple iterations of a CSHA1 message digest and is suitable for use as a cryptographic symmetric key.
| Public Member Functions | |
|---|---|
| IMPORT_C void | DeriveKeyL ( TDes8 &, const TDesC8 &, const TDesC8 &, TUint ) |
| Private Member Functions | |
|---|---|
| void | F ( CMessageDigest &, TUint32 *, TUint32 *, TUint32 *, TUint , const TUint32 *, TUint , TUint , TUint ) |
| void | XORString (const TUint32 *, TUint32 *, TUint ) |
| IMPORT_C void | DeriveKeyL | ( | TDes8 & | aKey, |
| const TDesC8 & | aPasswd, | |||
| const TDesC8 & | aSalt, | |||
| TUint | aIterations = KDefaultIterations | |||
| ) | [static] | |||
Derives deterministic arbitrary length byte streams (aKey) from an input string (aPasswd) and a randomly chosen salt (aSalt) for use as a symmetric key.
Attention -- Improperly chosen values for these parameters will seriously impact the security of the derived key and as a result the security of your application.
See the Cryptography api-guide documentation for more information and recommended usage patterns.
| TDes8 & aKey | Output Value. The key resulting from the operation. The length of the key will be equal to the length of the input descriptor. All data, from the first byte to the set length, will be overwritten with the resulting byte stream. |
| const TDesC8 & aPasswd | Input Value. The password you wish to derive a key from. |
| const TDesC8 & aSalt | Input Value. A randomly selected second input to the key derivation function to discourage certain attacks. PKCS5 recommends a minimum of 8 randomly chosen bytes. |
| TUint aIterations = KDefaultIterations | Input Value. The number of times the internal hashing function should be run over the password and salt. Minimum recommendation is KDefaultIterations. |
| void | F | ( | CMessageDigest & | aDigest, |
| TUint32 * | aAccumulator, | |||
| TUint32 * | S, | |||
| TUint32 * | Ui, | |||
| TUint | aHashBytes, | |||
| const TUint32 * | aSalt, | |||
| TUint | aSaltBytes, | |||
| TUint | c, | |||
| TUint | i | |||
| ) | [private, static] | |||
Internal iterative function that performs the actual hashing.
| void | XORString | ( | const TUint32 * | aOp1, |
| TUint32 * | aOp2, | |||
| TUint | aLength | |||
| ) | [private, static, inline] | |||
XOR's the values of two equal length descriptors. Internally, it operates on a word by word basis. Data stored beyond the end of the descriptor, but before the end of the final word, will be xored as well.
Copyright ©2010 Nokia Corporation and/or its subsidiary(-ies).
All rights
reserved. Unless otherwise stated, these materials are provided under the terms of the Eclipse Public License
v1.0.