Week 23 contribution of SDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE concept
PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept id="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7" xml:lang="en"><title>Overview
of hash algorithms</title><prolog><metadata><keywords/></metadata></prolog><conbody>
<ul>
<li id="GUID-81D29BE4-82D6-5880-8612-1A55415A6730"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F">What is a cryptographic hash?</xref> </p> </li>
<li id="GUID-716D3CA9-5151-5E18-BD61-216A538E037C"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F">What is an HMAC?</xref> </p> </li>
<li id="GUID-C9475D12-31D6-5CF8-BF82-6B37F241B2EF"><p><xref href="GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7.dita#GUID-73491C1D-6C74-5434-B2F3-4AF416AE37B7/GUID-08E26A60-A8B1-5F54-901D-69787BC8950E">The base class and its derived classes</xref> </p> </li>
</ul>
<section id="GUID-AEB1ABD2-4977-5A54-86AC-F1D87615C57F"><title>What is a cryptographic
hash?</title> <p>A cryptographic hash algorithm (also known as a message digest,
a one-way function, or simply a hash) takes a variable-length input (the message)
and produce a fixed length output known as the hash (or digest) of the input.
It is often useful to think of the resulting output as a representation, or
fingerprint, of the original input. </p> <p>There are two properties that
are important to cryptographic hashes: </p> <ul>
<li id="GUID-2868C035-9933-5EF2-86E7-E696ADF3A67D"><p>it must be hard to find
collisions, i.e. it is highly unlikely that two distinct strings will hash
to the same output </p> </li>
<li id="GUID-43BF26B8-466F-589B-B8F5-B4F6EF42504F"><p>it is extremely difficult
to determine the original input given only the output. Even very small changes
to the input will give rise to radical changes in the output. </p> </li>
</ul> <p>These properties make hash functions useful in cryptography and other
applications as they allow the representation of objects in a known fixed
size. </p> <p>The hash algorithms supported by the Symbian platform
are: </p> <table id="GUID-D9C86D99-3790-5332-988E-E38FA935DE3E">
<tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/>
<thead>
<row>
<entry>Hash algorithms</entry>
<entry>Further information</entry>
</row>
</thead>
<tbody>
<row>
<entry><p>MD4 </p> </entry>
<entry><p> <xref href="http://www.ietf.org/rfc/rfc1320.txt" scope="external">RFC
1320</xref> </p> </entry>
</row>
<row>
<entry><p>MD5 </p> </entry>
<entry><p> <xref href="http://www.ietf.org/rfc/rfc1321.txt" scope="external">RFC
1321</xref> </p> </entry>
</row>
<row>
<entry><p>SHA-1 </p> </entry>
<entry><p> <xref href="http://www.itl.nist.gov/fipspubs/fip180-1.htm" scope="external">FIPS
180-1</xref> and <xref href="http://www.ietf.org/rfc/rfc3174.txt" scope="external">RFC
3174</xref> </p> </entry>
</row>
<row>
<entry><p>HMAC </p> </entry>
<entry><p> <xref href="http://www.ietf.org/rfc/rfc2104.txt" scope="external">RFC
2104</xref> </p> </entry>
</row>
</tbody>
</tgroup>
</table> <p>There is also support for MD2 (see <xref href="http://www.ietf.org/rfc/rfc1319.txt" scope="external">RFC 1319</xref>) and SHA, which is there for backward compatibility,
but it is not to be used in new code. </p> </section>
<section id="GUID-1F051CF3-77A8-5408-B14B-A7FD5CFF197F"><title>What is an
HMAC?</title> <p>Unlike the hashes mentioned above, HMAC (Hashed Message Authentication
Code) is a key-dependant hash. It allows a key to be specified at creation
of the HMAC. Only people with that key can verify the hash. HMACs are useful
when authentication but not secrecy of a message is required. </p> <p>The
sender appends to the message data an authentication tag (which is a function
of the data and the shared key). The recipient recomputes the authentication
tag on the received message using the shared key. The integrity of the message
is deemed valid only if the two authentication tags match. </p> <p>For further
details see <xref href="http://www.ietf.org/rfc/rfc2104.txt" scope="external">RFC
2104</xref>. </p> </section>
<section id="GUID-08E26A60-A8B1-5F54-901D-69787BC8950E"><title>The Hash API</title> <p> <codeph>CMessageDigest</codeph> is
the base class for all hash algorithms. </p> <p>The diagram below show the
main classes used in the hash framework. For information on each class see
the Cryptography API Reference material. </p> <fig id="GUID-08CF0C25-D314-56B0-9667-4CDDA925F786">
<title> Inheritance diagram for the Hash API </title>
<image href="GUID-8761F82E-5DC4-5BD5-A422-2EC45A92925B_d0e383456_href.png" placement="inline"/>
</fig> <p>The hash API is used internally by the Security components: AppInst,
Certman (Certificate Management) and Cryptography. Networking/TLS uses a pseudo-random
function (PRF) based on HMAC. Both MD5 and SHA-1 are used in TLS. </p> </section>
</conbody></concept>