Initial contribution of Documentation_content according to Feature bug 1266 bug 1268 bug 1269 bug 1270 bug 1372 bug 1374 bug 1375 bug 1379 bug 1380 bug 1381 bug 1382 bug 1383 bug 1385
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept xml:lang="en" id="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7"><title>Overview of hash algorithms</title><prolog><metadata><keywords/></metadata></prolog><conbody><ul><li id="GUID-81D29BE4-82D6-5880-8612-1A55415A6730"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F">What is a cryptographic hash?</xref> </p> </li> <li id="GUID-716D3CA9-5151-5E18-BD61-216A538E037C"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F">What is an HMAC?</xref> </p> </li> <li id="GUID-C9475D12-31D6-5CF8-BF82-6B37F241B2EF"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-08E26A60-A8B1-5F54-901D-69787BC8950E">The base class and its derived classes</xref> </p> </li> </ul> <section id="GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F"><title>What is a cryptographic hash?</title> <p>A cryptographic hash algorithm (also known as a message digest, a one-way function, or simply a hash) takes a variable-length input (the message) and produce a fixed length output known as the hash (or digest) of the input. It is often useful to think of the resulting output as a representation, or fingerprint, of the original input. </p> <p>There are two properties that are important to cryptographic hashes: </p> <ul><li id="GUID-2868C035-9933-5EF2-86E7-E696ADF3A67D"><p>it must be hard to find collisions, i.e. it is highly unlikely that two distinct strings will hash to the same output </p> </li> <li id="GUID-43BF26B8-466F-589B-B8F5-B4F6EF42504F"><p>it is extremely difficult to determine the original input given only the output. Even very small changes to the input will give rise to radical changes in the output. </p> </li> </ul> <p>These properties make hash functions useful in cryptography and other applications as they allow the representation of objects in a known fixed size. </p> <p>The hash algorithms supported by Symbian platform are: </p> <table id="GUID-D9C86D99-3790-5332-988E-E38FA935DE3E"><tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/><thead><row><entry>Hash algorithms</entry> <entry>Further information</entry> </row> </thead> <tbody><row><entry><p>MD4 </p> </entry> <entry><p> <xref scope="external" href="http://www.ietf.org/rfc/rfc1320.txt">RFC 1320</xref> </p> </entry> </row> <row><entry><p>MD5 </p> </entry> <entry><p> <xref scope="external" href="http://www.ietf.org/rfc/rfc1321.txt">RFC 1321</xref> </p> </entry> </row> <row><entry><p>SHA-1 </p> </entry> <entry><p> <xref scope="external" href="http://www.itl.nist.gov/fipspubs/fip180-1.htm">FIPS 180-1</xref> and <xref scope="external" href="http://www.ietf.org/rfc/rfc3174.txt">RFC 3174</xref> </p> </entry> </row> <row><entry><p>HMAC </p> </entry> <entry><p> <xref scope="external" href="http://www.ietf.org/rfc/rfc2104.txt">RFC 2104</xref> </p> </entry> </row> </tbody> </tgroup> </table> <p>There is also support for MD2 (see <xref scope="external" href="http://www.ietf.org/rfc/rfc1319.txt">RFC 1319</xref>) and SHA, which is there for backward compatibility, but it is not to be used in new code. </p> </section> <section id="GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F"><title>What is an HMAC?</title> <p>Unlike the hashes mentioned above, HMAC (Hashed Message Authentication Code) is a key-dependant hash. It allows a key to be specified at creation of the HMAC. Only people with that key can verify the hash. HMACs are useful when authentication but not secrecy of a message is required. </p> <p>The sender appends to the message data an authentication tag (which is a function of the data and the shared key). The recipient recomputes the authentication tag on the received message using the shared key. The integrity of the message is deemed valid only if the two authentication tags match. </p> <p>For further details see <xref scope="external" href="http://www.ietf.org/rfc/rfc2104.txt">RFC 2104</xref>. </p> </section> <section id="GUID-08E26A60-A8B1-5F54-901D-69787BC8950E"><title>The Hash API</title> <p> <codeph>CMessageDigest</codeph> is the base class for all hash algorithms. </p> <p>The diagram below show the main classes used in the hash framework. For information on each class see the Cryptography API Reference material. </p> <fig id="GUID-08CF0C25-D314-56B0-9667-4CDDA925F786"><title>
Inheritance diagram for the Hash API
</title> <image href="GUID-8761F82E-5DC4-5BD5-A422-2EC45A92925B_d0e361961_href.png" placement="inline"/></fig> <p>The hash API is used internally by the Security components: AppInst, Certman (Certificate Management) and Cryptography. Networking/TLS uses a pseudo-random function (PRF) based on HMAC. Both MD5 and SHA-1 are used in TLS. </p> </section> </conbody></concept>