diff -r ae94777fff8f -r 59758314f811 Symbian3/PDK/Source/GUID-5B112A34-1CBA-5B28-A941-27847FC1D30A.dita --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/Symbian3/PDK/Source/GUID-5B112A34-1CBA-5B28-A941-27847FC1D30A.dita Fri Jun 11 15:24:34 2010 +0100 @@ -0,0 +1,75 @@ + + + + + +Cryptography +overview +
Purpose

The +Cryptography module is the basis of the Symbian platform Security system. +The services provided by this module are used by the following components: +Certman (Certificate Management), Software Installation, Secure Communication +Protocols (for example, SSL, TLS, IPSEC), and WTLS.

These services +include:

    +
  • symmetric encryption-decryption

  • +
  • asymmetric encryption-decryption

  • +
  • integrity checking and +signature verification

  • +
  • key exchange

  • +
  • message digests

  • +

The interface for the cryptographic services hides the implementation +details of particular algorithms. No detailed knowledge of the cryptographic +algorithms is needed to use the cryptographic services.

+
Description

The +Cryptography module encapsulates the following significant components:

    +
  • Cryptographic algorithms

  • +
  • Hash algorithms

  • +
  • Random Number Generator (RNG)

  • +
  • Supporting APIs

  • +

Cryptographic algorithms

These +algorithms allow data to be encrypted and decrypted. They include:

    +
  • Symmetric +ciphers — algorithms that require communicating parties to hold a shared +secret. They are fast and used for the transmission of bulk data.

  • +
  • Asymmetric +ciphers — algorithms which have two keys, one private to the keys' +owner and one which can be published. They are slow compared to symmetric +ciphers and are used to exchange a symmetric key before transmission of data +encrypted using that key.

  • +

The classes implementing the symmetric and asymmetric ciphers are +provided in cryptography.dll (see Cryptography +library).

Hash +algorithms

Hash algorithms compact a message down to a short series +of bytes from which it is impossible to regenerate the message. They are used +with an asymmetric cipher to generate signatures.

The classes implementing +the hash algorithms are provided in hash.dll.

Hash +algorithms are documented in the mainstream Symbian platform library.

Random Number Generator +(RNG)

RNG is the basis for the cryptographic key generation. It +uses the RANROT algorithm seeded by random data available on the target hardware +(for example, free running counters available on ARM processors).

The +Random number library is provided by random.dll.

The +Random Number Generator API is documented in the mainstream Symbian OS Library.

Supporting APIs

    +
  • Password +Based Encryption (PBE) — provides an API to encrypt and decrypt data +with a user-supplied password.

    The classes implementing PBE (for example, +for secure stream encryption) are provided in pbe.dll.

  • +
  • Padding — is extra bits +concatenated with a key, password, or plaintext to make their length equal +to the block size. It defines the way blocks are filled with data when the +data to be encrypted is smaller than the block size. Padding is added at encryption +and checked on decryption. (See Block +and stream ciphers and CPadding +class relationships.)

    The Cryptography library supports PKCS#1 public +and private padding, and PKCS#7 style padding (see RFC 2315 section 10.3).

  • +
  • Big +integers — Implementation of arbitrarily large integers.

    Note +that although some methods are exported, the intent is that this library is +only for use by the Cryptography library and not by application code.

  • +
+
\ No newline at end of file