CryptographicEngine.DeriveKeyMaterial Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Derives a key from another key by using a key derivation function. For more information, see the KeyDerivationAlgorithmProvider and KeyDerivationParameters classes.
public:
static IBuffer ^ DeriveKeyMaterial(CryptographicKey ^ key, KeyDerivationParameters ^ parameters, unsigned int desiredKeySize); static IBuffer DeriveKeyMaterial(CryptographicKey const& key, KeyDerivationParameters const& parameters, uint32_t const& desiredKeySize);public static IBuffer DeriveKeyMaterial(CryptographicKey key, KeyDerivationParameters parameters, uint desiredKeySize);function deriveKeyMaterial(key, parameters, desiredKeySize)Public Shared Function DeriveKeyMaterial (key As CryptographicKey, parameters As KeyDerivationParameters, desiredKeySize As UInteger) As IBufferParameters
- key
- CryptographicKey
The symmetric or secret key used for derivation.
- parameters
- KeyDerivationParameters
Derivation parameters. The parameters vary depending on the type of KDF algorithm used.
- desiredKeySize
-
UInt32
unsigned int
uint32_t
Requested size, in bytes, of the derived key.
Returns
Buffer that contains the derived key.
Examples
public String SampleDeriveFromPbkdf(
String strAlgName,
UInt32 targetSize)
{
// Open the specified algorithm.
KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);
// Create a buffer that contains the secret used during derivation.
String strSecret = "MyPassword";
IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);
// Create a random salt value.
IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);
// Specify the number of iterations to be used during derivation.
UInt32 iterationCount = 10000;
// Create the derivation parameters.
KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);
// Create a key from the secret value.
CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);
// Derive a key based on the original key and the derivation parameters.
IBuffer keyDerived = CryptographicEngine.DeriveKeyMaterial(
keyOriginal,
pbkdf2Params,
targetSize);
// Encode the key to a hexadecimal value (for display)
String strKeyHex = CryptographicBuffer.EncodeToHexString(keyDerived);
// Return the encoded string
return strKeyHex;
}
Remarks
Deriving keys requires that you use the KeyDerivationAlgorithmProvider and KeyDerivationParameters classes. The following key derivation functions can be used:
For a complete sample that contains the following code example, see the KeyDerivationAlgorithmProvider class.