diff -r 51a74ef9ed63 -r ae94777fff8f Symbian3/SDK/Source/GUID-BCDCB147-865F-58B0-816F-5FBF0E7CCDD7.dita
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/Symbian3/SDK/Source/GUID-BCDCB147-865F-58B0-816F-5FBF0E7CCDD7.dita Fri Jun 11 12:39:03 2010 +0100
@@ -0,0 +1,307 @@
+
+
+
+
+
+ CryptoSPI
+( CryptoSPI also provides a framework that allows
+licensees and partners to implement additional cryptographic algorithms as
+plug-ins to CryptoSPI. The benefits of CryptoSPI are: Plug-ins can use cryptographic
+acceleration hardware, which can improve performance and reduce power consumption.
+Client applications do not need to know whether an operation is implemented
+in software or hardware. Its architecture allows
+new algorithms or modes of operation to be added by licensees without impacting
+the existing APIs or client code. The legacy cryptography
+libraries ( CryptoSPI adds support
+for non-extractable keys, which may be used to protect sensitive or high-value
+content. CryptoSPI is more secure
+against malicious code than the legacy API, because it does not store any
+data, it has no server component and plugins must be located in ROM, so cannot
+be replaced or eclipsed. CryptoSPI was introduced in Symbian^3. Before Symbian^3,
+cryptographic algorithms, hash algorithms and random number generation were
+implemented by Symbian in The CryptoSPI scope CryptoSPI
+provides equivalent implementations of all algorithms supported by the legacy
+APIs, including hashing and random number generation. The following algorithms
+are implemented by Symbian in This
+section includes summary details of the following: cryptographic algorithms hash algorithms. random number generator Cryptographic algorithms Symmetric ciphers - The following symmetric algorithms are supported: AES (Advanced Encryption Standard) Block cipher DES (Data Encryption Standard) Block cipher 3DES (Triple Data Encryption Standard) Block cipher RC2-128 Block cipher ARC4 ('alleged' RC4) Stream cipher The internet and a posting to sci.crypt in 1994. Note: Algorithm identifiers for MISTY1, MISTY2 and Kasumi
+(A5/3) block ciphers are in the cryptography library. These identifiers allow
+clients of the cryptography library to request implementations of these algorithms
+from the symmetric cipher factory. Symbian does not provide implementations
+of these algorithms, so the default behavior is for the factory function to
+return an error indicating that there is no implementation available. Note:
+Until Symbian^3, the classes implementing the symmetric and asymmetric ciphers
+were provided in Asymmetric ciphers - The following asymmetric algorithms are
+supported: RSA PKCS#1 v1.5 Signing data Key pair generation DSA Signing data Key pair generation Diffie Hellman Key agreement Key pair generation Hash algorithms - The following hash algorithms are supported: Hash algorithms Specified in MD2 MD4 MD5 SHA1 SHA-224 SHA-256 SHA-384 SHA-512
+
+
+
+
+
+
Hashes in HMAC mode
MD2
MD4
MD5
SHA1
SHA-224
SHA-256
SHA-384
SHA-512
HMAC mode is specified in
Instantiating algorithms
Clients request cryptographic +algorithms using static factory functions.
For instance, to create
+a hash algorithm, use the generic hash factory function
Operation +and padding modes
CryptoSPI has been designed to be simpler and
+more compact than the API that it replaces. Rather than defining separate
+classes to do encryption and decryption, for instance,
The client can switch the algorithm between modes by setting a
+flag, see for example
Operation modes
Symbian platform provides default software +implementations of the following operation modes:
ECB
CBC
CTR (counter)
They are specified in
Padding modes
Symbian platform supports the following +padding modes:
SSLv3-style padding
PKCS#7-style padding
PKCS#1 v1.5 Encryption-style +padding
PKCS#1 v1.5 Signature-style +padding
Asynchronous operation and cancellation
The legacy
+cryptography library only supports synchronous operations. By enabling cryptographic
+acceleration hardware, CryptoSPI supports more advanced use cases. In order
+for users to be able to cancel potentially long-running operations such as
+the decryption of high-quality audio/visual content, CryptoSPI supports both
+synchronous and asynchronous interfaces for each cryptographic operation,
+the latter providing a
Note:
+Symbian's software plug-in module (
Plug-ins
A
+CryptoSPI plugin DLL can implement zero, one or more algorithms, and may provide
+alternative implementations of the same algorithm. The set of plugin DLLs
+is defined in a configuration file in ROM (
The abstract
+base class for all cryptographic plug-ins is
See
+also:
UIDs and plug-in characteristics
Plug-ins +are identified by three UIDs:
the interface supported,
+for instance hash (
the algorithm implemented,
+for instance MD2 (
the unique implementation +ID.
These three UIDs are part of the plug-in's characteristics.
+Plug-in characteristics are defined at compile time as constant data. They
+describe the type and capabilities of a plug-in implementation. Some characteristics
+are relevant to all plug-in types, for instance the name and UID of the algorithm
+implemented, the name of the plug-in vendor and whether the plug-in uses hardware
+acceleration. These are termed common characteristics and are defined
+in
Plug-ins
+may optionally also have 'extended' characteristics. These are set at runtime,
+for instance the number of concurrent operations supported by the plug-in,
+and can be retrieved using
Selection rules
Symbian
+has implemented a plug-in selector,
As
+an alternative to using the default selector, clients can specify a rule-based
+selector (
In general, it is recommended +that applications should not specify selection rules unless it is critical +to the operation of the application. The preferred approach is to use the +plugin chosen by the default selector, which can be assumed to provide good +performance for the most common use cases.
+