|
1 /** |
|
2 @page mainpage_cryptography Cryptography |
|
3 |
|
4 The Cryptography component comprises: |
|
5 |
|
6 <!-- @li @ref bigint --> |
|
7 <!-- |
|
8 @li @ref cryptographic_hash -- (points to cryptalg documentation) |
|
9 @li @ref mainpage_pbe |
|
10 @li @ref mainpage_rng Random number generator (RNG) |
|
11 @li @ref symmetric_ciphers -- (points to cryptalg documentation) |
|
12 @li @ref asymmetric_cryptography -- (points to cryptalg documentation) |
|
13 --> |
|
14 |
|
15 - Cryptographic Hash Functions |
|
16 - @ref mainpage_pbe |
|
17 - @ref secure_stream_encryption |
|
18 - Random Number Generator (RNG) |
|
19 - Symmetric Cryptography |
|
20 - Asymmetric Cryptography |
|
21 |
|
22 <b>Important Note</b>: \n |
|
23 <code>Security/crypto</code> is a new replacement library, the previous RSA-based version being <code>Security/cryptalg</code>. |
|
24 Note that the <code>Security/cryptalg</code> module is still available from GT, but configurability defaults now enable |
|
25 the new component in all builds. |
|
26 |
|
27 See @ref mainpage_cryptalg "Cryptalg documentation". |
|
28 |
|
29 <hr> |
|
30 |
|
31 For <b>pre-v.8.0</b>, the <b> Security Supplement </b> of the Developer Library gives: |
|
32 |
|
33 @li @ref SS_Cryptalg_cryptography_overview |
|
34 @li @ref SS_Cryptalg_symmetric_ciphers |
|
35 @li @ref SS_Cryptalg_asymmetric_ciphers |
|
36 @li @ref SS_Cryptalg_private_key_interface |
|
37 @li @ref SS_Cryptalg_signature_classes |
|
38 @li @ref SS_Cryptalg_parameter_classes |
|
39 @li @ref SS_Cryptalg_hash_algorithms |
|
40 @li @ref SS_Cryptalg_weak_strong_crypto |
|
41 @li @ref SS_Cryptalg_howto_find_crypto_strength |
|
42 @li @ref SS_Cryptalg_howto_change_crypto_strength |
|
43 |
|
44 <hr> |
|
45 |
|
46 @section crypto_apis Security/Cryptography APIs |
|
47 |
|
48 The crypto API is a new component that is based on Symbian-developed code rather than code licensed from RSA. |
|
49 |
|
50 The component is configurable, and can be built as either a strong or weak library based on a compilation option. |
|
51 By its very nature, the code - being capable of strong encryption - is subject to export controls (as is the strong binary). |
|
52 |
|
53 See the Legal Notices for the Security Subsystem and the 3rd Party Supplier Information for guidelines on handling of this |
|
54 code. |
|
55 |
|
56 The cryptography component includes these significant sub-components: |
|
57 -# Symmetric and asymmetric ciphers. \n |
|
58 The following ciphers are supported: |
|
59 - Symmetric ciphers: DES, 3DES, RC2, RC4, AES. |
|
60 - Asymmetric ciphers: RSA, DSA, DH |
|
61 -# Hash functions. The hash functions supported are MD2, MD5, SHA (SHA1) and HMAC. |
|
62 -# Random number generator (RNG). Several cryptographic applications like one-time pads, key generation and random nonces |
|
63 all rely upon the randomness, unpredictability and irreproducibility of the random number generator |
|
64 <A HREF="http://www.schneier.com/book-applied.html">[AC]</A>. The RNG uses |
|
65 RANROT seeded by random data available on the target hardware (e.g. free running counters available on ARM processors). |
|
66 -# Big Integers. Implementation of arbitrarily large integers (Big ints, big numbers). This is only intended for use by |
|
67 the crypto library and not by application code, so as few functions as possible are exported. |
|
68 |
|
69 |
|
70 The following APIs are exposed by the <code>Security/Cryptography</code> component: |
|
71 <table> |
|
72 <tr><th>API Name</th><th>Broad Purpose</th><th>Intended Users</th></tr> |
|
73 <tr> |
|
74 <td>Random</td> |
|
75 <td>Generation of cryptographically strong random numbers |
|
76 <A HREF="http://www.schneier.com/paper-prngs.html">[PRNG]</A>.</td> |
|
77 <td>Used internally by certman and crypto. External users include <code>networking/tls</code> (SSL and WTLS support) |
|
78 and <code>app-engines/cntmodel</code> (generating a unique machine id).</td> |
|
79 </tr> |
|
80 <tr> |
|
81 <td>Hash</td> |
|
82 <td>MD2, MD5, SHA (SHA1) and HMAC implementations.</td> |
|
83 <td>Used internally by appinst, certman and crypto. |
|
84 <code>networking/tls</code> uses a pseudo-random function (PRF) based on HMAC. Both MD5 and SHA-1 are used in TLS.</td> |
|
85 </tr> |
|
86 <tr> |
|
87 <td>Cryptography</td> |
|
88 <td> |
|
89 <table> |
|
90 <tr><td>Symmetric ciphers: DES, 3DES, RC2, RC4, AES.</td></tr> |
|
91 <tr><td>Asymmetric ciphers: RSA, DSA, DH. Only the public operations.</td></tr> |
|
92 </table> |
|
93 </td> |
|
94 <td> |
|
95 <table> |
|
96 <tr><td>Used by Networking (<code>TLS/IPSec</code>).</td></tr> |
|
97 <tr><td>Used by \c certman for WTLS and x509 certificate support and by appinst for SIS file signature |
|
98 verification. \n Used by Networking (<code>TLS/IPSec</code>).</td></tr> |
|
99 </table> |
|
100 </td> |
|
101 </tr> |
|
102 <tr> |
|
103 <td>PKCS5</td> |
|
104 <td>Key Derivation Support</td> |
|
105 <td>Allows the derivation of deterministic arbitrary length byte streams from an input string. The output byte stream |
|
106 is generated using multiple iterations of a CSHA-1 message digest and is suitable for use as a cryptographic symmetric |
|
107 key</td> |
|
108 </tr> |
|
109 <tr> |
|
110 <td>%PBE</td> |
|
111 <td>Password Based Encryption. Efficient password based encryption and decryption of multiple elements</td> |
|
112 <td>This is useful if one wants random access to an encrypted source consisting of multiple, independent, elements; |
|
113 for example a database or a store</td> |
|
114 </tr> |
|
115 </table> |
|
116 |
|
117 */ |
|
118 |