PKCS12KDF Class Reference

class PKCS12KDF

Namespace class contains static functions which are used to generate a key for PKCS#12 operations.

See Section B from PKCS 12 v1.0.

Public Member Functions
IMPORT_C void DeriveKeyL ( TDes8 &, TIDByteType , const TDesC8 &, const TDesC8 &, const TUint )
IMPORT_C HBufC8 * GeneratePasswordLC (const TDesC &)
Private Member Functions
PKCS12KDF ()
void Process6cL ( TDes8 &, const TDesC8 &, TInt )
Public Member Enumerations
enum TIDByteType { EIDByteEncryptKey  = 1, EIDByteIV  = 2, EIDByteMACKey  = 3 }

Constructor & Destructor Documentation

PKCS12KDF()

PKCS12KDF ( ) [private]

Member Functions Documentation

DeriveKeyL(TDes8 &, TIDByteType, const TDesC8 &, const TDesC8 &, const TUint)

IMPORT_C void DeriveKeyL ( TDes8 & aKey,
TIDByteType aIDType,
const TDesC8 & aPasswd,
const TDesC8 & aSalt,
const TUint aIterations
) [static]

Generate a key for the supplied password and salt. This implementation uses SHA1 as the hashing algorithm.

panic
PKCS#12 16 Password is empty (debug only.)
panic
PKCS#12 17 Password does not contain an even number of bytes, and so can't use double-byte characters (debug only.)
panic
PKCS#12 18 The final two-byte character is not a null terminator, or a null terminator occurs before the end (debug only.)

Parameters

TDes8 & aKey Descriptor which will hold key. On entry its length must be set to the expected key length.
TIDByteType aIDType Whether this function is being called to generate an (en|de)cryption key, an initialization vector, or a key for MAC-ing. See SB.3 of spec.
const TDesC8 & aPasswd Password string. To comply with PKCS#12 spec, this must have 2-byte big-endian characters with a terminating null character.
const TDesC8 & aSalt Used with aPasswd to generate key.
const TUint aIterations Number of times to call the hash function for each block in the key.

GeneratePasswordLC(const TDesC &)

IMPORT_C HBufC8 * GeneratePasswordLC ( const TDesC & aDes ) [static]

Convert the supplied string to a byte string, as described in SB.1 of the PKCS 12 v1.0.

Each character is converted to a big endian two-byte value, and a terminating NULL character is appended to the end.

Parameters

const TDesC & aDes String to use as password.

Process6cL(TDes8 &, const TDesC8 &, TInt)

void Process6cL ( TDes8 & Ij,
const TDesC8 & B,
TInt v
) [private, static]

Helper function for DeriveKeyL modifies part of I, as described in step 6c of SB.2.

Parameters

TDes8 & Ij Section of I (S || P).
const TDesC8 & B rth hash of D || I.
TInt v Number of bits to preserve in result.

Member Enumerations Documentation

Enum TIDByteType

ID byte value used to generate (en|de)cryption key, IV, or MAC key. See SB.3 of spec.

Enumerators

EIDByteEncryptKey = 1

Generates a key for (en|de)cryption.

EIDByteIV = 2

Generates an initialization vector.

EIDByteMACKey = 3

Generates a key for MAC-ing.