|
1 /* |
|
2 * Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * ** IMPORTANT ** PublishedPartner API's in this file are published to 3rd party developers via the |
|
16 * Symbian website. Changes to these API's should be treated as PublishedAll API changes and the Security TA should be consulted. |
|
17 * |
|
18 */ |
|
19 |
|
20 |
|
21 /** |
|
22 @file |
|
23 @publishedPartner |
|
24 @released |
|
25 */ |
|
26 |
|
27 #ifndef __PKCS5KDF_H__ |
|
28 #define __PKCS5KDF_H__ |
|
29 |
|
30 #include <hash.h> |
|
31 |
|
32 /** The number of times the hashing algorithm is run. */ |
|
33 const TUint KDefaultIterations = 1000; |
|
34 |
|
35 /** |
|
36 * A PKCS#5 compliant Key Derivation Function (KDF). |
|
37 * |
|
38 * This class allows the derivation of deterministic arbitrary length byte |
|
39 * streams from an input string. The output byte stream is generated using |
|
40 * multiple iterations of a CSHA1 message digest and is suitable for use |
|
41 * as a cryptographic symmetric key. |
|
42 * |
|
43 * @since v7.0s |
|
44 */ |
|
45 class TPKCS5KDF |
|
46 { |
|
47 public: |
|
48 /** |
|
49 * Derives deterministic arbitrary length byte streams (aKey) from an input |
|
50 * string (aPasswd) and a randomly chosen salt (aSalt) for use as a |
|
51 * symmetric key. |
|
52 * |
|
53 * Attention -- Improperly chosen values for these parameters will seriously |
|
54 * impact the security of the derived key and as a result the security of |
|
55 * your application. |
|
56 * |
|
57 * See the Cryptography api-guide documentation for more information and |
|
58 * recommended usage patterns. |
|
59 * |
|
60 * @param aKey Output Value. The key resulting from the operation. |
|
61 * The length of the key will be equal to the length of |
|
62 * the input descriptor. All data, from the first byte |
|
63 * to the set length, will be overwritten with the resulting |
|
64 * byte stream. |
|
65 * @param aPasswd Input Value. The password you wish to derive a key from. |
|
66 * @param aSalt Input Value. A <B><I>randomly</I></B> selected second |
|
67 * input to the key derivation function to discourage certain |
|
68 * attacks. PKCS5 recommends a minimum of 8 randomly chosen bytes. |
|
69 * @param aIterations Input Value. The number of times the internal hashing |
|
70 * function should be run over the password and salt. |
|
71 * Minimum recommendation is KDefaultIterations. |
|
72 */ |
|
73 IMPORT_C static void DeriveKeyL(TDes8& aKey, const TDesC8& aPasswd, |
|
74 const TDesC8& aSalt, TUint aIterations = KDefaultIterations); |
|
75 private: |
|
76 /** |
|
77 * Internal iterative function that performs the actual hashing. |
|
78 */ |
|
79 static void F(CMessageDigest& aDigest, TUint32* aAccumulator, TUint32* S, |
|
80 TUint32* Ui, TUint aHashBytes, const TUint32* aSalt, TUint aSaltBytes, |
|
81 TUint c, TUint i); |
|
82 |
|
83 /** |
|
84 * XOR's the values of two equal length descriptors. Internally, it |
|
85 * operates on a word by word basis. Data stored beyond the end of the |
|
86 * descriptor, but before the end of the final word, will be xored as well. |
|
87 */ |
|
88 static inline void XORString(const TUint32* aOp1, TUint32* aOp2, |
|
89 TUint aLength); |
|
90 }; |
|
91 |
|
92 #endif |