Jaa


CryptographicEngine.DeriveKeyMaterial Method

Definition

Derives a key from another key by using a key derivation function. For more information, see the KeyDerivationAlgorithmProvider and KeyDerivationParameters classes.

public:
 static IBuffer ^ DeriveKeyMaterial(CryptographicKey ^ key, KeyDerivationParameters ^ parameters, unsigned int desiredKeySize);
 static IBuffer DeriveKeyMaterial(CryptographicKey const& key, KeyDerivationParameters const& parameters, uint32_t const& desiredKeySize);
public static IBuffer DeriveKeyMaterial(CryptographicKey key, KeyDerivationParameters parameters, uint desiredKeySize);
function deriveKeyMaterial(key, parameters, desiredKeySize)
Public Shared Function DeriveKeyMaterial (key As CryptographicKey, parameters As KeyDerivationParameters, desiredKeySize As UInteger) As IBuffer

Parameters

key
CryptographicKey

The symmetric or secret key used for derivation.

parameters
KeyDerivationParameters

Derivation parameters. The parameters vary depending on the type of KDF algorithm used.

desiredKeySize
UInt32

unsigned int

uint32_t

Requested size, in bytes, of the derived key.

Returns

Buffer that contains the derived key.

Examples

public String SampleDeriveFromPbkdf(
    String strAlgName,
    UInt32 targetSize)
{
    // Open the specified algorithm.
    KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

    // Create a buffer that contains the secret used during derivation.
    String strSecret = "MyPassword";
    IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);

    // Create a random salt value.
    IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);

    // Specify the number of iterations to be used during derivation.
    UInt32 iterationCount = 10000;

    // Create the derivation parameters.
    KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);

    // Create a key from the secret value.
    CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);

    // Derive a key based on the original key and the derivation parameters.
    IBuffer keyDerived = CryptographicEngine.DeriveKeyMaterial(
        keyOriginal,
        pbkdf2Params,
        targetSize);

    // Encode the key to a hexadecimal value (for display)
    String strKeyHex = CryptographicBuffer.EncodeToHexString(keyDerived);

    // Return the encoded string
    return strKeyHex;
}

Remarks

Deriving keys requires that you use the KeyDerivationAlgorithmProvider and KeyDerivationParameters classes. The following key derivation functions can be used:

For a complete sample that contains the following code example, see the KeyDerivationAlgorithmProvider class.

Applies to

See also