KeyDerivationParameters.BuildForPbkdf2 | buildForPbkdf2 method

Applies to Windows and Windows Phone

Creates a KeyDerivationParameters object for use in the password-based key derivation function 2 (PBKDF2).

Syntax


var keyDerivationParameters = Windows.Security.Cryptography.Core.KeyDerivationParameters.buildForPbkdf2(pbkdf2Salt, iterationCount);

Parameters

pbkdf2Salt

Type: IBuffer

The salt, a random or pseudorandom value to be combined with the password in multiple iterations. A salt is used to increase entropy above what can be obtained from using a password alone.

iterationCount

Type: Number [JavaScript] | System.UInt32 [.NET] | uint32 [C++]

Number of iterations to be used to derive a key.

Return value

Type: KeyDerivationParameters

Refers to the parameters used during key derivation.

Remarks

You can use the following algorithm names with the OpenAlgorithm function to open a PBKDF2 algorithm provider:

Examples


public void SampleDeriveFromPbkdf()
{
    // Create a string that contains the algorithm name.
    String strAlgName = KeyDerivationAlgorithmNames.Pbkdf2Sha256;

    // Open the specified algorithm.
    KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

    // Specify the requested size, in bytes, of the derived key. 
    UInt32 targetSize = 32;

    // Create a buffer that contains the secret used during derivation.
    String strSecret = "MyPassword";
    IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);

    // Create a random salt value.
    IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);

    // Specify the number of iterations to be used during derivation.
    UInt32 iterationCountIn = 10000;

    // Create the derivation parameters.
    KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCountIn);

    // Create a key from the secret value.
    CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);

    // Derive a key based on the original key and the derivation parameters.
    IBuffer keyDerived = CryptographicEngine.DeriveKeyMaterial(
        keyOriginal,
        pbkdf2Params,
        targetSize);

    // Demonstrate how to check the iteration count.
    UInt32 iterationCountOut = pbkdf2Params.IterationCount;

    // Demonstrate how to retrieve the parameters in a buffer.
    IBuffer buffParams = pbkdf2Params.KdfGenericBinary;

    // Encode the key to a hexadecimal value (for display)
    String strKeyHex = CryptographicBuffer.EncodeToHexString(keyDerived);
}


Requirements

Minimum supported client

Windows 8

Minimum supported server

Windows Server 2012

Minimum supported phone

Windows Phone 8.1 [Windows Runtime apps only]

Namespace

Windows.Security.Cryptography.Core
Windows::Security::Cryptography::Core [C++]

Metadata

Windows.winmd

See also

KeyDerivationParameters

 

 

Show:
© 2014 Microsoft. All rights reserved.