MacAlgorithmProvider class

Applies to Windows and Windows Phone

Represents a message authentication code (MAC). A MAC uses symmetric key cryptography to prevent message tampering. For more information, see MACs, Hashes, and Signatures.

Syntax


var macAlgorithmProvider = Windows.Security.Cryptography.Core.MacAlgorithmProvider;

Attributes

[DualApiPartition()]
[MarshalingBehavior(Agile)]
[Threading(Both)]
[Version(0x06020000)]

Members

The MacAlgorithmProvider class has these types of members:

Methods

The MacAlgorithmProvider class has these methods. With C#, Visual Basic, and C++, it also inherits methods from the Object class.

MethodDescription
CreateHash Creates a CryptographicHash object that supports incremental hash operations.
CreateKey Creates a symmetric key that can be used to create the MAC value.
OpenAlgorithm Creates a MacAlgorithmProvider object and opens the specified algorithm for use.

 

Properties

The MacAlgorithmProvider class has these properties.

PropertyAccess typeDescription

AlgorithmName

Read-onlyGets the name of the open MAC algorithm.

MacLength

Read-onlyGets the length, in bytes, of the message authentication code.

 

Remarks

You create a MacAlgorithmProvider object by calling the static OpenAlgorithm method and specifying one of the following algorithm names:

  • HMAC_MD5
  • HMAC_SHA1
  • HMAC_SHA256
  • HMAC_SHA384
  • HMAC_SHA512
  • AES_CMAC

Examples


using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;

namespace SampleMacAlgorithmProvider
{
    sealed partial class MacAlgProviderApp : Application
    {
        public MacAlgProviderApp()
        {
            // Initialize the application.
            this.InitializeComponent();

            // Initialize the hashing process.
            String strMsg = "This is a message to be authenticated";
            String strAlgName = MacAlgorithmNames.HmacSha384;
            IBuffer buffMsg;
            CryptographicKey hmacKey;
            IBuffer buffHMAC;

            // Create a hashed message authentication code (HMAC)
            this.CreateHMAC(
                strMsg,
                strAlgName,
                out buffMsg,
                out hmacKey,
                out buffHMAC);

            // Verify the HMAC.
            this.VerifyHMAC(
                buffMsg,
                hmacKey,
                buffHMAC);
        }

        void CreateHMAC(
            String strMsg,
            String strAlgName,
            out IBuffer buffMsg,
            out CryptographicKey hmacKey,
            out IBuffer buffHMAC)
        {
            // Create a MacAlgorithmProvider object for the specified algorithm.
            MacAlgorithmProvider objMacProv = MacAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Demonstrate how to retrieve the name of the algorithm used.
            String strNameUsed = objMacProv.AlgorithmName;

            // Create a buffer that contains the message to be signed.
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
            buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Create a key to be signed with the message.
            IBuffer buffKeyMaterial = CryptographicBuffer.GenerateRandom(objMacProv.MacLength);
            hmacKey = objMacProv.CreateKey(buffKeyMaterial);

            // Sign the key and message together.
            buffHMAC = CryptographicEngine.Sign(hmacKey, buffMsg);

            // Verify that the HMAC length is correct for the selected algorithm
            if (buffHMAC.Length != objMacProv.MacLength)
            {
                throw new Exception("Error computing digest");
            }
         }

        public void VerifyHMAC(
            IBuffer buffMsg,
            CryptographicKey hmacKey,
            IBuffer buffHMAC)
        {
            // The input key must be securely shared between the sender of the HMAC and 
            // the recipient. The recipient uses the CryptographicEngine.VerifySignature() 
            // method as follows to verify that the message has not been altered in transit.
            Boolean IsAuthenticated = CryptographicEngine.VerifySignature(hmacKey, buffMsg, buffHMAC);
            if (!IsAuthenticated)
            {
                throw new Exception("The message cannot be verified.");
            }
        }
    }
}


Requirements

Minimum supported client

Windows 8 [Windows Store apps, desktop apps]

Minimum supported server

Windows Server 2012 [Windows Store apps, desktop apps]

Minimum supported phone

Windows Phone 8.1 [Windows Runtime apps only]

Namespace

Windows.Security.Cryptography.Core
Windows::Security::Cryptography::Core [C++]

Metadata

Windows.winmd

See also

HashAlgorithmProvider

 

 

Show:
© 2014 Microsoft