KeyDerivationAlgorithmProvider
KeyDerivationAlgorithmProvider
KeyDerivationAlgorithmProvider
KeyDerivationAlgorithmProvider
Class
Definition
Represents a key derivation algorithm provider.
public : sealed class KeyDerivationAlgorithmProvider : IKeyDerivationAlgorithmProviderpublic sealed class KeyDerivationAlgorithmProvider : IKeyDerivationAlgorithmProviderPublic NotInheritable Class KeyDerivationAlgorithmProvider Implements IKeyDerivationAlgorithmProvider// You can use this class in JavaScript.
- Attributes
Windows 10 requirements
| Device family |
Windows 10 (introduced v10.0.10240.0)
|
| API contract |
Windows.Foundation.UniversalApiContract (introduced v1)
|
Examples
using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;
namespace SampleKeyDerivationAlgorithm
{
sealed partial class SampleKeyDerivationProviderApp : Application
{
public SampleKeyDerivationProviderApp()
{
// Initialize the Application.
this.InitializeComponent();
// Derive key material from a password-based key derivation function.
String strKdfAlgName = KeyDerivationAlgorithmNames.Pbkdf2Sha256;
UInt32 targetKeySize = 32;
UInt32 iterationCount = 10000;
IBuffer buffKeyMatl = this.SampleDeriveKeyMaterialPbkdf(
strKdfAlgName,
targetKeySize,
iterationCount);
// Create a key.
CryptographicKey key = this.SampleCreateKDFKey(
strKdfAlgName,
buffKeyMatl);
}
public IBuffer SampleDeriveKeyMaterialPbkdf(
String strAlgName,
UInt32 targetKeySize,
UInt32 iterationCount)
{
// Open the specified algorithm.
KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);
// Demonstrate how to retrieve the algorithm name.
String strAlgUsed = objKdfProv.AlgorithmName;
// Create a buffer that contains the secret used during derivation.
String strSecret = "MyPassword";
IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);
// Create a random salt value.
IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);
// Create the derivation parameters.
KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);
// Create a key from the secret value.
CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);
// Derive a key based on the original key and the derivation parameters.
IBuffer keyMaterial = CryptographicEngine.DeriveKeyMaterial(
keyOriginal,
pbkdf2Params,
targetKeySize);
// Demonstrate checking the iteration count.
UInt32 iterationCountOut = pbkdf2Params.IterationCount;
// Demonstrate returning the derivation parameters to a buffer.
IBuffer buffParams = pbkdf2Params.KdfGenericBinary;
// return the KDF key material.
return keyMaterial;
}
public CryptographicKey SampleCreateKDFKey(
String strAlgName,
IBuffer buffKeyMaterial)
{
// Create a KeyDerivationAlgorithmProvider object and open the specified algorithm.
KeyDerivationAlgorithmProvider objKdfAlgProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);
// Create a key by using the KDF parameters.
CryptographicKey key = objKdfAlgProv.CreateKey(buffKeyMaterial);
return key;
}
}
}
Remarks
When two or more parties share a secret symmetric key, it is often necessary to derive additional keys for use in cryptographic operations. It is also often necessary for a trusted third party to derive distinct cryptographic keys from a single master key. Key derivation functions are used to derive these additional keys.
You can use the static DeriveKeyMaterial method in the CryptographicEngine class and the following methods in the KeyDerivationParameters class to derive a key.
| Method | Description |
|---|---|
| BuildForPbkdf2 | Creates a KeyDerivationParameters object for use in the password-based key derivation function 2 (PBKDF2). |
| BuildForSP800108 | Creates a KeyDerivationParameters object for use in a counter mode, hash-based message authentication code (HMAC) key derivation function. |
| BuildForSP80056a | Creates a KeyDerivationParameters object for use in the SP800-56A key derivation function. |
You create a KeyDerivationAlgorithmProvider object by calling the static OpenAlgorithm method.
Properties
AlgorithmName AlgorithmName AlgorithmName AlgorithmName
Gets the name of the open key derivation function (KDF) algorithm.
public : PlatForm::String AlgorithmName { get; }public string AlgorithmName { get; }Public ReadOnly Property AlgorithmName As string// You can use this property in JavaScript.
- Value
- PlatForm::String string string string
Algorithm name.
Remarks
You must call the OpenAlgorithm method before calling this property.
Methods
CreateKey(IBuffer) CreateKey(IBuffer) CreateKey(IBuffer) CreateKey(IBuffer)
Creates a KDF key.
public : CryptographicKey CreateKey(IBuffer keyMaterial)public CryptographicKey CreateKey(IBuffer keyMaterial)Public Function CreateKey(keyMaterial As IBuffer) As CryptographicKey// You can use this method in JavaScript.
Parameters
Returns
Represents the KDF key.
OpenAlgorithm(String) OpenAlgorithm(String) OpenAlgorithm(String) OpenAlgorithm(String)
Creates an instance of the KeyDerivationAlgorithmProvider class and opens the specified algorithm for use.
public : static KeyDerivationAlgorithmProvider OpenAlgorithm(PlatForm::String algorithm)public static KeyDerivationAlgorithmProvider OpenAlgorithm(String algorithm)Public Static Function OpenAlgorithm(algorithm As String) As KeyDerivationAlgorithmProvider// You can use this method in JavaScript.
Parameters
- algorithm
- PlatForm::String String String String
Represents a KDF algorithm provider.
Returns
KeyDerivationAlgorithmProvider
KeyDerivationAlgorithmProvider
KeyDerivationAlgorithmProvider
KeyDerivationAlgorithmProvider
The algorithm provider.
Remarks
You can retrieve the algorithm name by using the AlgorithmName property. You can specify the name of the algorithm by using the static properties in the KeyDerivationAlgorithmNames class.