CryptographicEngine.DeriveKeyMaterial(CryptographicKey, KeyDerivationParameters, UInt32) CryptographicEngine.DeriveKeyMaterial(CryptographicKey, KeyDerivationParameters, UInt32) CryptographicEngine.DeriveKeyMaterial(CryptographicKey, KeyDerivationParameters, UInt32) CryptographicEngine.DeriveKeyMaterial(CryptographicKey, KeyDerivationParameters, UInt32) CryptographicEngine.DeriveKeyMaterial(CryptographicKey, KeyDerivationParameters, UInt32) Method

Definition

Derives a key from another key by using a key derivation function. For more information, see the KeyDerivationAlgorithmProvider and KeyDerivationParameters classes.

public : static IBuffer DeriveKeyMaterial(CryptographicKey key, KeyDerivationParameters parameters, unsigned int desiredKeySize)
static IBuffer DeriveKeyMaterial(CryptographicKey key, KeyDerivationParameters parameters, uint32_t desiredKeySize) const;
public static IBuffer DeriveKeyMaterial(CryptographicKey key, KeyDerivationParameters parameters, UInt32 desiredKeySize)
Public Shared Function DeriveKeyMaterial(key As CryptographicKey, parameters As KeyDerivationParameters, desiredKeySize As UInt32) As IBuffer
var iBuffer = Windows.Security.Cryptography.Core.CryptographicEngine.deriveKeyMaterial(key, parameters, desiredKeySize);

Parameters

key
CryptographicKey CryptographicKey CryptographicKey

The symmetric or secret key used for derivation.

parameters
KeyDerivationParameters KeyDerivationParameters KeyDerivationParameters

Derivation parameters. The parameters vary depending on the type of KDF algorithm used.

desiredKeySize
UInt32 UInt32 UInt32

Requested size, in bytes, of the derived key.

Returns

Buffer that contains the derived key.

Examples

public String SampleDeriveFromPbkdf(
    String strAlgName,
    UInt32 targetSize)
{
    // Open the specified algorithm.
    KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

    // Create a buffer that contains the secret used during derivation.
    String strSecret = "MyPassword";
    IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);

    // Create a random salt value.
    IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);

    // Specify the number of iterations to be used during derivation.
    UInt32 iterationCount = 10000;

    // Create the derivation parameters.
    KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);

    // Create a key from the secret value.
    CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);

    // Derive a key based on the original key and the derivation parameters.
    IBuffer keyDerived = CryptographicEngine.DeriveKeyMaterial(
        keyOriginal,
        pbkdf2Params,
        targetSize);

    // Encode the key to a hexadecimal value (for display)
    String strKeyHex = CryptographicBuffer.EncodeToHexString(keyDerived);

    // Return the encoded string
    return strKeyHex;
}

Remarks

Deriving keys requires that you use the KeyDerivationAlgorithmProvider and KeyDerivationParameters classes. The following key derivation functions can be used:

For a complete sample that contains the following code example, see the KeyDerivationAlgorithmProvider class.

See also