Information
The topic you requested is included in another documentation set. For convenience, it's displayed below. Choose Switch to see the topic in its original location.

KeyDerivationAlgorithmProvider class

Applies to Windows and Windows Phone

Represents a key derivation algorithm provider.

Syntax


public ref class KeyDerivationAlgorithmProvider sealed 

Attributes

[DualApiPartition()]
[MarshalingBehavior(Agile)]
[Threading(Both)]
[Version(0x06020000)]

Members

The KeyDerivationAlgorithmProvider class has these types of members:

Methods

The KeyDerivationAlgorithmProvider class has these methods. With C#, Visual Basic, and C++, it also inherits methods from the Object class.

MethodDescription
CreateKey Creates a KDF key.
OpenAlgorithm Creates an instance of the KeyDerivationAlgorithmProvider class and opens the specified algorithm for use.

 

Properties

The KeyDerivationAlgorithmProvider class has these properties.

PropertyAccess typeDescription

AlgorithmName

Read-onlyGets the name of the open key derivation function (KDF) algorithm.

 

Remarks

When two or more parties share a secret symmetric key, it is often necessary to derive additional keys for use in cryptographic operations. It is also often necessary for a trusted third party to derive distinct cryptographic keys from a single master key. Key derivation functions are used to derive these additional keys.

You can use the static DeriveKeyMaterial method in the CryptographicEngine class and the following methods in the KeyDerivationParameters class to derive a key.

MethodDescription

BuildForPbkdf2

Creates a KeyDerivationParameters object for use in the password-based key derivation function 2 (PBKDF2).

BuildForSP800108

Creates a KeyDerivationParameters object for use in a counter mode, hash-based message authentication code (HMAC) key derivation function.

BuildForSP80056a

Creates a KeyDerivationParameters object for use in the SP800-56A key derivation function.

 

You create a KeyDerivationAlgorithmProvider object by calling the static OpenAlgorithm method.

Examples



using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;

namespace SampleKeyDerivationAlgorithm
{
    sealed partial class SampleKeyDerivationProviderApp : Application
    {
        public SampleKeyDerivationProviderApp()
        {
            // Initialize the Application.
            this.InitializeComponent();

            // Derive key material from a password-based key derivation function.
            String strKdfAlgName = KeyDerivationAlgorithmNames.Pbkdf2Sha256;
            UInt32 targetKeySize = 32;
            UInt32 iterationCount = 10000;
            IBuffer buffKeyMatl = this.SampleDeriveKeyMaterialPbkdf(
                strKdfAlgName,
                targetKeySize,
                iterationCount);

            // Create a key.
            CryptographicKey key = this.SampleCreateKDFKey(
                strKdfAlgName,
                buffKeyMatl);
        }

        public IBuffer SampleDeriveKeyMaterialPbkdf(
            String strAlgName,
            UInt32 targetKeySize,
            UInt32 iterationCount)
        {

            // Open the specified algorithm.
            KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Demonstrate how to retrieve the algorithm name.
            String strAlgUsed = objKdfProv.AlgorithmName;

            // Create a buffer that contains the secret used during derivation.
            String strSecret = "MyPassword";
            IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);

            // Create a random salt value.
            IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);

            // Create the derivation parameters.
            KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);

            // Create a key from the secret value.
            CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);

            // Derive a key based on the original key and the derivation parameters.
            IBuffer keyMaterial = CryptographicEngine.DeriveKeyMaterial(
                keyOriginal,
                pbkdf2Params,
                targetKeySize);

            // Demonstrate checking the iteration count.
            UInt32 iterationCountOut = pbkdf2Params.IterationCount;

            // Demonstrate returning the derivation parameters to a buffer.
            IBuffer buffParams = pbkdf2Params.KdfGenericBinary;

            // return the KDF key material.
            return keyMaterial;
        }

        public CryptographicKey SampleCreateKDFKey(
            String strAlgName,
            IBuffer buffKeyMaterial)
        {
            // Create a KeyDerivationAlgorithmProvider object and open the specified algorithm.
            KeyDerivationAlgorithmProvider objKdfAlgProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Create a key by using the KDF parameters.
            CryptographicKey key = objKdfAlgProv.CreateKey(buffKeyMaterial);

            return key;
        }
    }
}


Requirements

Minimum supported client

Windows 8 [Windows Store apps, desktop apps]

Minimum supported server

Windows Server 2012 [Windows Store apps, desktop apps]

Minimum supported phone

Windows Phone 8.1 [Windows Runtime apps only]

Namespace

Windows.Security.Cryptography.Core
Windows::Security::Cryptography::Core [C++]

Metadata

Windows.winmd

See also

CryptographicEngine
KeyDerivationParameters

 

 

Show:
© 2014 Microsoft