Mercurial Mercurial > oss > FCL > sftools > depl > docscontent / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Symbian3/PDK/Source/GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita
changeset 5 f345bda72bc4
parent 3 46218c8b8afa
child 9 59758314f811
equal deleted inserted replaced
4:4816d766a08a 5:f345bda72bc4 
     7     Nokia Corporation - initial contribution.
 
     7     Nokia Corporation - initial contribution.
 
     8 Contributors: 
     8 Contributors: 
     9 -->
 
     9 -->
 
    10 <!DOCTYPE concept
 
    10 <!DOCTYPE concept
 
    11   PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
 
    11   PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
 
    12 <concept xml:lang="en" id="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7"><title>Overview of hash algorithms</title><prolog><metadata><keywords/></metadata></prolog><conbody><ul><li id="GUID-81D29BE4-82D6-5880-8612-1A55415A6730"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F">What is a cryptographic hash?</xref>  </p> </li> <li id="GUID-716D3CA9-5151-5E18-BD61-216A538E037C"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F">What is an HMAC?</xref>  </p> </li> <li id="GUID-C9475D12-31D6-5CF8-BF82-6B37F241B2EF"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-08E26A60-A8B1-5F54-901D-69787BC8950E">The base class and its derived classes</xref>  </p> </li> </ul> <section id="GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F"><title>What is a cryptographic hash?</title> <p>A cryptographic hash algorithm (also known as a message digest, a one-way function, or simply a hash) takes a variable-length input (the message) and produce a fixed length output known as the hash (or digest) of the input. It is often useful to think of the resulting output as a representation, or fingerprint, of the original input. </p> <p>There are two properties that are important to cryptographic hashes: </p> <ul><li id="GUID-2868C035-9933-5EF2-86E7-E696ADF3A67D"><p>it must be hard to find collisions, i.e. it is highly unlikely that two distinct strings will hash to the same output </p> </li> <li id="GUID-43BF26B8-466F-589B-B8F5-B4F6EF42504F"><p>it is extremely difficult to determine the original input given only the output. Even very small changes to the input will give rise to radical changes in the output. </p> </li> </ul> <p>These properties make hash functions useful in cryptography and other applications as they allow the representation of objects in a known fixed size. </p> <p>The hash algorithms supported by Symbian platform are: </p> <table id="GUID-D9C86D99-3790-5332-988E-E38FA935DE3E"><tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/><thead><row><entry>Hash algorithms</entry> <entry>Further information</entry> </row> </thead> <tbody><row><entry><p>MD4 </p> </entry> <entry><p> <xref scope="external" href="http://www.ietf.org/rfc/rfc1320.txt">RFC 1320</xref>  </p> </entry> </row> <row><entry><p>MD5 </p> </entry> <entry><p> <xref scope="external" href="http://www.ietf.org/rfc/rfc1321.txt">RFC 1321</xref>  </p> </entry> </row> <row><entry><p>SHA-1 </p> </entry> <entry><p> <xref scope="external" href="http://www.itl.nist.gov/fipspubs/fip180-1.htm">FIPS 180-1</xref> and <xref scope="external" href="http://www.ietf.org/rfc/rfc3174.txt">RFC 3174</xref>  </p> </entry> </row> <row><entry><p>HMAC </p> </entry> <entry><p> <xref scope="external" href="http://www.ietf.org/rfc/rfc2104.txt">RFC 2104</xref>  </p> </entry> </row> </tbody> </tgroup> </table> <p>There is also support for MD2 (see <xref scope="external" href="http://www.ietf.org/rfc/rfc1319.txt">RFC 1319</xref>) and SHA, which is there for backward compatibility, but it is not to be used in new code. </p> </section> <section id="GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F"><title>What is an HMAC?</title> <p>Unlike the hashes mentioned above, HMAC (Hashed Message Authentication Code) is a key-dependant hash. It allows a key to be specified at creation of the HMAC. Only people with that key can verify the hash. HMACs are useful when authentication but not secrecy of a message is required. </p> <p>The sender appends to the message data an authentication tag (which is a function of the data and the shared key). The recipient recomputes the authentication tag on the received message using the shared key. The integrity of the message is deemed valid only if the two authentication tags match. </p> <p>For further details see <xref scope="external" href="http://www.ietf.org/rfc/rfc2104.txt">RFC 2104</xref>. </p> </section> <section id="GUID-08E26A60-A8B1-5F54-901D-69787BC8950E"><title>The Hash API</title> <p> <codeph>CMessageDigest</codeph> is the base class for all hash algorithms. </p> <p>The diagram below show the main classes used in the hash framework. For information on each class see the Cryptography API Reference material. </p> <fig id="GUID-08CF0C25-D314-56B0-9667-4CDDA925F786"><title>
 
    12 <concept id="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7" xml:lang="en"><title>Overview
 
    13              Inheritance diagram for the Hash API 
    13 of hash algorithms</title><prolog><metadata><keywords/></metadata></prolog><conbody>
 
    14           </title> <image href="GUID-8761F82E-5DC4-5BD5-A422-2EC45A92925B_d0e615440_href.png" placement="inline"/></fig> <p>The hash API is used internally by the Security components: AppInst, Certman (Certificate Management) and Cryptography. Networking/TLS uses a pseudo-random function (PRF) based on HMAC. Both MD5 and SHA-1 are used in TLS. </p> </section> </conbody></concept>
 
    14 <ul>
 
       
    15 <li id="GUID-81D29BE4-82D6-5880-8612-1A55415A6730"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F">What is a cryptographic hash?</xref>  </p> </li>
 
       
    16 <li id="GUID-716D3CA9-5151-5E18-BD61-216A538E037C"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F">What is an HMAC?</xref>  </p> </li>
 
       
    17 <li id="GUID-C9475D12-31D6-5CF8-BF82-6B37F241B2EF"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-08E26A60-A8B1-5F54-901D-69787BC8950E">The base class and its derived classes</xref>  </p> </li>
 
       
    18 </ul>
 
       
    19 <section id="GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F"><title>What is a cryptographic
 
       
    20 hash?</title> <p>A cryptographic hash algorithm (also known as a message digest,
 
       
    21 a one-way function, or simply a hash) takes a variable-length input (the message)
 
       
    22 and produce a fixed length output known as the hash (or digest) of the input.
 
       
    23 It is often useful to think of the resulting output as a representation, or
 
       
    24 fingerprint, of the original input. </p> <p>There are two properties that
 
       
    25 are important to cryptographic hashes: </p> <ul>
 
       
    26 <li id="GUID-2868C035-9933-5EF2-86E7-E696ADF3A67D"><p>it must be hard to find
 
       
    27 collisions, i.e. it is highly unlikely that two distinct strings will hash
 
       
    28 to the same output </p> </li>
 
       
    29 <li id="GUID-43BF26B8-466F-589B-B8F5-B4F6EF42504F"><p>it is extremely difficult
 
       
    30 to determine the original input given only the output. Even very small changes
 
       
    31 to the input will give rise to radical changes in the output. </p> </li>
 
       
    32 </ul> <p>These properties make hash functions useful in cryptography and other
 
       
    33 applications as they allow the representation of objects in a known fixed
 
       
    34 size. </p> <p>The hash algorithms supported by the Symbian platform
 
       
    35 are: </p> <table id="GUID-D9C86D99-3790-5332-988E-E38FA935DE3E">
 
       
    36 <tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/>
 
       
    37 <thead>
 
       
    38 <row>
 
       
    39 <entry>Hash algorithms</entry>
 
       
    40 <entry>Further information</entry>
 
       
    41 </row>
 
       
    42 </thead>
 
       
    43 <tbody>
 
       
    44 <row>
 
       
    45 <entry><p>MD4 </p> </entry>
 
       
    46 <entry><p> <xref href="http://www.ietf.org/rfc/rfc1320.txt" scope="external">RFC
 
       
    47 1320</xref>  </p> </entry>
 
       
    48 </row>
 
       
    49 <row>
 
       
    50 <entry><p>MD5 </p> </entry>
 
       
    51 <entry><p> <xref href="http://www.ietf.org/rfc/rfc1321.txt" scope="external">RFC
 
       
    52 1321</xref>  </p> </entry>
 
       
    53 </row>
 
       
    54 <row>
 
       
    55 <entry><p>SHA-1 </p> </entry>
 
       
    56 <entry><p> <xref href="http://www.itl.nist.gov/fipspubs/fip180-1.htm" scope="external">FIPS
 
       
    57 180-1</xref> and <xref href="http://www.ietf.org/rfc/rfc3174.txt" scope="external">RFC
 
       
    58 3174</xref>  </p> </entry>
 
       
    59 </row>
 
       
    60 <row>
 
       
    61 <entry><p>HMAC </p> </entry>
 
       
    62 <entry><p> <xref href="http://www.ietf.org/rfc/rfc2104.txt" scope="external">RFC
 
       
    63 2104</xref>  </p> </entry>
 
       
    64 </row>
 
       
    65 </tbody>
 
       
    66 </tgroup>
 
       
    67 </table> <p>There is also support for MD2 (see <xref href="http://www.ietf.org/rfc/rfc1319.txt" scope="external">RFC 1319</xref>) and SHA, which is there for backward compatibility,
 
       
    68 but it is not to be used in new code. </p> </section>
 
       
    69 <section id="GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F"><title>What is an
 
       
    70 HMAC?</title> <p>Unlike the hashes mentioned above, HMAC (Hashed Message Authentication
 
       
    71 Code) is a key-dependant hash. It allows a key to be specified at creation
 
       
    72 of the HMAC. Only people with that key can verify the hash. HMACs are useful
 
       
    73 when authentication but not secrecy of a message is required. </p> <p>The
 
       
    74 sender appends to the message data an authentication tag (which is a function
 
       
    75 of the data and the shared key). The recipient recomputes the authentication
 
       
    76 tag on the received message using the shared key. The integrity of the message
 
       
    77 is deemed valid only if the two authentication tags match. </p> <p>For further
 
       
    78 details see <xref href="http://www.ietf.org/rfc/rfc2104.txt" scope="external">RFC
 
       
    79 2104</xref>. </p> </section>
 
       
    80 <section id="GUID-08E26A60-A8B1-5F54-901D-69787BC8950E"><title>The Hash API</title> <p> <codeph>CMessageDigest</codeph> is
 
       
    81 the base class for all hash algorithms. </p> <p>The diagram below show the
 
       
    82 main classes used in the hash framework. For information on each class see
 
       
    83 the Cryptography API Reference material. </p> <fig id="GUID-08CF0C25-D314-56B0-9667-4CDDA925F786">
 
       
    84 <title>              Inheritance diagram for the Hash API            </title>
 
       
    85 <image href="GUID-8761F82E-5DC4-5BD5-A422-2EC45A92925B_d0e636478_href.png" placement="inline"/>
 
       
    86 </fig> <p>The hash API is used internally by the Security components: AppInst,
 
       
    87 Certman (Certificate Management) and Cryptography. Networking/TLS uses a pseudo-random
 
       
    88 function (PRF) based on HMAC. Both MD5 and SHA-1 are used in TLS. </p> </section>
 
       
    89 </conbody></concept>
FCL/sftools/depl/docscontent