KeyDerivationAlgorithmProvider 类

参考

定义

命名空间:: Windows.Security.Cryptography.Core

重要

一些信息与预发行产品相关，相应产品在发行之前可能会进行重大修改。对于此处提供的信息，Microsoft 不作任何明示或暗示的担保。

编辑

表示密钥派生算法提供程序。

public ref class KeyDerivationAlgorithmProvider sealed

/// [Windows.Foundation.Metadata.ContractVersion(Windows.Foundation.UniversalApiContract, 65536)]
/// [Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
/// [Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.Both)]
class KeyDerivationAlgorithmProvider final

[Windows.Foundation.Metadata.ContractVersion(typeof(Windows.Foundation.UniversalApiContract), 65536)]
[Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
[Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.Both)]
public sealed class KeyDerivationAlgorithmProvider

Public NotInheritable Class KeyDerivationAlgorithmProvider

继承: Object Platform::Object IInspectable KeyDerivationAlgorithmProvider

属性: ContractVersionAttribute MarshalingBehaviorAttribute ThreadingAttribute

Windows 要求

设备系列	Windows 10 (在 10.0.10240.0 中引入)
API contract	Windows.Foundation.UniversalApiContract (在 v1.0 中引入)

示例


using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;

namespace SampleKeyDerivationAlgorithm
{
    sealed partial class SampleKeyDerivationProviderApp : Application
    {
        public SampleKeyDerivationProviderApp()
        {
            // Initialize the Application.
            this.InitializeComponent();

            // Derive key material from a password-based key derivation function.
            String strKdfAlgName = KeyDerivationAlgorithmNames.Pbkdf2Sha256;
            UInt32 targetKeySize = 32;
            UInt32 iterationCount = 10000;
            IBuffer buffKeyMatl = this.SampleDeriveKeyMaterialPbkdf(
                strKdfAlgName,
                targetKeySize,
                iterationCount);

            // Create a key.
            CryptographicKey key = this.SampleCreateKDFKey(
                strKdfAlgName,
                buffKeyMatl);
        }

        public IBuffer SampleDeriveKeyMaterialPbkdf(
            String strAlgName,
            UInt32 targetKeySize,
            UInt32 iterationCount)
        {

            // Open the specified algorithm.
            KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Demonstrate how to retrieve the algorithm name.
            String strAlgUsed = objKdfProv.AlgorithmName;

            // Create a buffer that contains the secret used during derivation.
            String strSecret = "MyPassword";
            IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);

            // Create a random salt value.
            IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);

            // Create the derivation parameters.
            KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);

            // Create a key from the secret value.
            CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);

            // Derive a key based on the original key and the derivation parameters.
            IBuffer keyMaterial = CryptographicEngine.DeriveKeyMaterial(
                keyOriginal,
                pbkdf2Params,
                targetKeySize);

            // Demonstrate checking the iteration count.
            UInt32 iterationCountOut = pbkdf2Params.IterationCount;

            // Demonstrate returning the derivation parameters to a buffer.
            IBuffer buffParams = pbkdf2Params.KdfGenericBinary;

            // return the KDF key material.
            return keyMaterial;
        }

        public CryptographicKey SampleCreateKDFKey(
            String strAlgName,
            IBuffer buffKeyMaterial)
        {
            // Create a KeyDerivationAlgorithmProvider object and open the specified algorithm.
            KeyDerivationAlgorithmProvider objKdfAlgProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Create a key by using the KDF parameters.
            CryptographicKey key = objKdfAlgProv.CreateKey(buffKeyMaterial);

            return key;
        }
    }
}

注解

当两个或更多方共享机密对称密钥时，通常需要派生用于加密操作的其他密钥。受信任的第三方通常还需要从单个主密钥派生不同的加密密钥。密钥派生函数用于派生这些附加键。

可以使用 CryptographicEngine 类中的静态 DeriveKeyMaterial 方法和 KeyDerivationParameters 类中的以下方法派生密钥。

方法	说明
BuildForPbkdf2	创建 KeyDerivationParameters 对象，用于基于密码的密钥派生函数 2 (PBKDF2) 。
BuildForSP800108	创建 KeyDerivationParameters 对象，用于计数器模式、基于哈希的消息身份验证代码 (HMAC) 密钥派生函数。
BuildForSP80056a	创建 KeyDerivationParameters 对象，以便在 SP800-56A 密钥派生函数中使用。

通过调用静态 OpenAlgorithm 方法创建 KeyDerivationAlgorithmProvider 对象。

属性

AlgorithmName

获取 KDF) 算法 (打开键派生函数的名称。

方法

CreateKey(IBuffer)	创建 KDF 密钥。
OpenAlgorithm(String)	创建 KeyDerivationAlgorithmProvider 类的实例，并打开要使用的指定算法。

适用于

另请参阅

反馈

此页面是否有帮助？