共用方式為


KeyDerivationAlgorithmProvider 類別

定義

表示金鑰衍生演算法提供者。

public ref class KeyDerivationAlgorithmProvider sealed
/// [Windows.Foundation.Metadata.ContractVersion(Windows.Foundation.UniversalApiContract, 65536)]
/// [Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
/// [Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.Both)]
class KeyDerivationAlgorithmProvider final
[Windows.Foundation.Metadata.ContractVersion(typeof(Windows.Foundation.UniversalApiContract), 65536)]
[Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
[Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.Both)]
public sealed class KeyDerivationAlgorithmProvider
Public NotInheritable Class KeyDerivationAlgorithmProvider
繼承
Object Platform::Object IInspectable KeyDerivationAlgorithmProvider
屬性

Windows 需求

裝置系列
Windows 10 (已於 10.0.10240.0 引進)
API contract
Windows.Foundation.UniversalApiContract (已於 v1.0 引進)

範例


using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;

namespace SampleKeyDerivationAlgorithm
{
    sealed partial class SampleKeyDerivationProviderApp : Application
    {
        public SampleKeyDerivationProviderApp()
        {
            // Initialize the Application.
            this.InitializeComponent();

            // Derive key material from a password-based key derivation function.
            String strKdfAlgName = KeyDerivationAlgorithmNames.Pbkdf2Sha256;
            UInt32 targetKeySize = 32;
            UInt32 iterationCount = 10000;
            IBuffer buffKeyMatl = this.SampleDeriveKeyMaterialPbkdf(
                strKdfAlgName,
                targetKeySize,
                iterationCount);

            // Create a key.
            CryptographicKey key = this.SampleCreateKDFKey(
                strKdfAlgName,
                buffKeyMatl);
        }

        public IBuffer SampleDeriveKeyMaterialPbkdf(
            String strAlgName,
            UInt32 targetKeySize,
            UInt32 iterationCount)
        {

            // Open the specified algorithm.
            KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Demonstrate how to retrieve the algorithm name.
            String strAlgUsed = objKdfProv.AlgorithmName;

            // Create a buffer that contains the secret used during derivation.
            String strSecret = "MyPassword";
            IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);

            // Create a random salt value.
            IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);

            // Create the derivation parameters.
            KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);

            // Create a key from the secret value.
            CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);

            // Derive a key based on the original key and the derivation parameters.
            IBuffer keyMaterial = CryptographicEngine.DeriveKeyMaterial(
                keyOriginal,
                pbkdf2Params,
                targetKeySize);

            // Demonstrate checking the iteration count.
            UInt32 iterationCountOut = pbkdf2Params.IterationCount;

            // Demonstrate returning the derivation parameters to a buffer.
            IBuffer buffParams = pbkdf2Params.KdfGenericBinary;

            // return the KDF key material.
            return keyMaterial;
        }

        public CryptographicKey SampleCreateKDFKey(
            String strAlgName,
            IBuffer buffKeyMaterial)
        {
            // Create a KeyDerivationAlgorithmProvider object and open the specified algorithm.
            KeyDerivationAlgorithmProvider objKdfAlgProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Create a key by using the KDF parameters.
            CryptographicKey key = objKdfAlgProv.CreateKey(buffKeyMaterial);

            return key;
        }
    }
}

備註

當兩個或多個合作物件共用秘密對稱金鑰時,通常必須衍生其他金鑰,才能用於密碼編譯作業。 信任的協力廠商通常也需要從單一主要金鑰衍生不同的密碼編譯金鑰。 金鑰衍生函式可用來衍生這些額外的金鑰。

您可以在CryptographicEngine類別中使用靜態DeriveKeyMaterial方法,以及KeyDerivationParameters類別中的下列方法來衍生金鑰。

方法 描述
BuildForPbkdf2 建立 KeyDerivationParameters 物件,以用於密碼型金鑰衍生函式 2 (PBKDF2) 。
BuildForSP800108 建立 KeyDerivationParameters 物件,以用於計數器模式、雜湊型訊息驗證程式代碼 (HMAC) 金鑰衍生函式。
BuildForSP80056a 建立 KeyDerivationParameters 物件,以用於 SP800-56A 金鑰衍生函式。

您可以呼叫靜態 OpenAlgorithm 方法來建立 KeyDerivationAlgorithmProvider 物件。

屬性

AlgorithmName

取得開啟金鑰衍生函式的名稱, (KDF) 演算法。

方法

CreateKey(IBuffer)

建立 KDF 金鑰。

OpenAlgorithm(String)

建立 KeyDerivationAlgorithmProvider 類別的實例,並開啟指定的演算法以供使用。

適用於

另請參閱