|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE concept |
|
11 PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd"> |
|
12 <concept id="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7" xml:lang="en"><title>Overview |
|
13 of hash algorithms</title><prolog><metadata><keywords/></metadata></prolog><conbody> |
|
14 <ul> |
|
15 <li id="GUID-81D29BE4-82D6-5880-8612-1A55415A6730"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F">What is a cryptographic hash?</xref> </p> </li> |
|
16 <li id="GUID-716D3CA9-5151-5E18-BD61-216A538E037C"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F">What is an HMAC?</xref> </p> </li> |
|
17 <li id="GUID-C9475D12-31D6-5CF8-BF82-6B37F241B2EF"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-08E26A60-A8B1-5F54-901D-69787BC8950E">The base class and its derived classes</xref> </p> </li> |
|
18 </ul> |
|
19 <section id="GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F"><title>What is a cryptographic |
|
20 hash?</title> <p>A cryptographic hash algorithm (also known as a message digest, |
|
21 a one-way function, or simply a hash) takes a variable-length input (the message) |
|
22 and produce a fixed length output known as the hash (or digest) of the input. |
|
23 It is often useful to think of the resulting output as a representation, or |
|
24 fingerprint, of the original input. </p> <p>There are two properties that |
|
25 are important to cryptographic hashes: </p> <ul> |
|
26 <li id="GUID-2868C035-9933-5EF2-86E7-E696ADF3A67D"><p>it must be hard to find |
|
27 collisions, i.e. it is highly unlikely that two distinct strings will hash |
|
28 to the same output </p> </li> |
|
29 <li id="GUID-43BF26B8-466F-589B-B8F5-B4F6EF42504F"><p>it is extremely difficult |
|
30 to determine the original input given only the output. Even very small changes |
|
31 to the input will give rise to radical changes in the output. </p> </li> |
|
32 </ul> <p>These properties make hash functions useful in cryptography and other |
|
33 applications as they allow the representation of objects in a known fixed |
|
34 size. </p> <p>The hash algorithms supported by the Symbian platform |
|
35 are: </p> <table id="GUID-D9C86D99-3790-5332-988E-E38FA935DE3E"> |
|
36 <tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/> |
|
37 <thead> |
|
38 <row> |
|
39 <entry>Hash algorithms</entry> |
|
40 <entry>Further information</entry> |
|
41 </row> |
|
42 </thead> |
|
43 <tbody> |
|
44 <row> |
|
45 <entry><p>MD4 </p> </entry> |
|
46 <entry><p> <xref href="http://www.ietf.org/rfc/rfc1320.txt" scope="external">RFC |
|
47 1320</xref> </p> </entry> |
|
48 </row> |
|
49 <row> |
|
50 <entry><p>MD5 </p> </entry> |
|
51 <entry><p> <xref href="http://www.ietf.org/rfc/rfc1321.txt" scope="external">RFC |
|
52 1321</xref> </p> </entry> |
|
53 </row> |
|
54 <row> |
|
55 <entry><p>SHA-1 </p> </entry> |
|
56 <entry><p> <xref href="http://www.itl.nist.gov/fipspubs/fip180-1.htm" scope="external">FIPS |
|
57 180-1</xref> and <xref href="http://www.ietf.org/rfc/rfc3174.txt" scope="external">RFC |
|
58 3174</xref> </p> </entry> |
|
59 </row> |
|
60 <row> |
|
61 <entry><p>HMAC </p> </entry> |
|
62 <entry><p> <xref href="http://www.ietf.org/rfc/rfc2104.txt" scope="external">RFC |
|
63 2104</xref> </p> </entry> |
|
64 </row> |
|
65 </tbody> |
|
66 </tgroup> |
|
67 </table> <p>There is also support for MD2 (see <xref href="http://www.ietf.org/rfc/rfc1319.txt" scope="external">RFC 1319</xref>) and SHA, which is there for backward compatibility, |
|
68 but it is not to be used in new code. </p> </section> |
|
69 <section id="GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F"><title>What is an |
|
70 HMAC?</title> <p>Unlike the hashes mentioned above, HMAC (Hashed Message Authentication |
|
71 Code) is a key-dependant hash. It allows a key to be specified at creation |
|
72 of the HMAC. Only people with that key can verify the hash. HMACs are useful |
|
73 when authentication but not secrecy of a message is required. </p> <p>The |
|
74 sender appends to the message data an authentication tag (which is a function |
|
75 of the data and the shared key). The recipient recomputes the authentication |
|
76 tag on the received message using the shared key. The integrity of the message |
|
77 is deemed valid only if the two authentication tags match. </p> <p>For further |
|
78 details see <xref href="http://www.ietf.org/rfc/rfc2104.txt" scope="external">RFC |
|
79 2104</xref>. </p> </section> |
|
80 <section id="GUID-08E26A60-A8B1-5F54-901D-69787BC8950E"><title>The Hash API</title> <p> <codeph>CMessageDigest</codeph> is |
|
81 the base class for all hash algorithms. </p> <p>The diagram below show the |
|
82 main classes used in the hash framework. For information on each class see |
|
83 the Cryptography API Reference material. </p> <fig id="GUID-08CF0C25-D314-56B0-9667-4CDDA925F786"> |
|
84 <title> Inheritance diagram for the Hash API </title> |
|
85 <image href="GUID-8761F82E-5DC4-5BD5-A422-2EC45A92925B_d0e388502_href.png" placement="inline"/> |
|
86 </fig> <p>The hash API is used internally by the Security components: AppInst, |
|
87 Certman (Certificate Management) and Cryptography. Networking/TLS uses a pseudo-random |
|
88 function (PRF) based on HMAC. Both MD5 and SHA-1 are used in TLS. </p> </section> |
|
89 </conbody></concept> |