sl@0: /*
sl@0: * Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0: * All rights reserved.
sl@0: * This component and the accompanying materials are made available
sl@0: * under the terms of the License "Eclipse Public License v1.0"
sl@0: * which accompanies this distribution, and is available
sl@0: * at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0: *
sl@0: * Initial Contributors:
sl@0: * Nokia Corporation - initial contribution.
sl@0: *
sl@0: * Contributors:
sl@0: *
sl@0: * Description: 
sl@0: * ** IMPORTANT ** PublishedPartner API's in this file are published to 3rd party developers via the 
sl@0: * Symbian website. Changes to these API's should be treated as PublishedAll API changes and the Security TA should be consulted.
sl@0: *
sl@0: */
sl@0: 
sl@0: 
sl@0: /**
sl@0:  @file
sl@0:  @publishedPartner
sl@0:  @released
sl@0: */
sl@0: 
sl@0: #ifndef __PKCS5KDF_H__
sl@0: #define __PKCS5KDF_H__
sl@0: 
sl@0: #include <hash.h>
sl@0: 
sl@0: /** The number of times the hashing algorithm is run. */
sl@0: const TUint KDefaultIterations = 1000;
sl@0: 
sl@0: /**
sl@0:  * A PKCS#5 compliant Key Derivation Function (KDF).
sl@0:  *
sl@0:  * This class allows the derivation of deterministic arbitrary length byte 
sl@0:  * streams from an input string. The output byte stream is generated using 
sl@0:  * multiple iterations of a CSHA1 message digest and is suitable for use 
sl@0:  * as a cryptographic symmetric key.
sl@0:  *
sl@0:  * @since v7.0s
sl@0:  */
sl@0: class TPKCS5KDF
sl@0: 	{
sl@0: public:
sl@0: 	/** 
sl@0: 	 * Derives deterministic arbitrary length byte streams (aKey) from an input
sl@0: 	 * string (aPasswd) and a randomly chosen salt (aSalt) for use as a
sl@0: 	 * symmetric key.
sl@0: 	 *
sl@0: 	 * Attention -- Improperly chosen values for these parameters will seriously
sl@0: 	 * impact the security of the derived key and as a result the security of 
sl@0: 	 * your application. 
sl@0: 	 *
sl@0: 	 * See the Cryptography api-guide documentation for more information and 
sl@0: 	 * recommended usage patterns.
sl@0: 	 * 
sl@0: 	 * @param aKey			Output Value. The key resulting from the operation.
sl@0: 	 * 						The length of the key will be equal to the length of
sl@0: 	 * 						the input descriptor. All data, from the first byte 
sl@0: 	 * 						to the set length, will be overwritten with the resulting
sl@0: 	 *						byte stream.
sl@0: 	 * @param aPasswd		Input Value. The password you wish to derive a key from.
sl@0: 	 * @param aSalt			Input Value. A <B><I>randomly</I></B> selected second
sl@0: 	 * 						input to the key derivation function to discourage certain
sl@0: 	 * 						attacks. PKCS5 recommends a minimum of 8 randomly chosen bytes.
sl@0: 	 * @param aIterations	Input Value. The number of times the internal hashing
sl@0: 	 * 						function should be run over the password and salt.
sl@0: 	 *						Minimum recommendation is KDefaultIterations.
sl@0: 	 */
sl@0: 	IMPORT_C static void DeriveKeyL(TDes8& aKey, const TDesC8& aPasswd, 
sl@0: 		const TDesC8& aSalt, TUint aIterations = KDefaultIterations);
sl@0: private:
sl@0: 	/** 
sl@0: 	 * Internal iterative function that performs the actual hashing. 
sl@0: 	 */
sl@0: 	static void F(CMessageDigest& aDigest, TUint32* aAccumulator, TUint32* S,
sl@0: 	TUint32* Ui, TUint aHashBytes, const TUint32* aSalt, TUint aSaltBytes, 
sl@0: 	TUint c, TUint i);
sl@0: 	
sl@0: 	/** 
sl@0: 	 * XOR's the values of two equal length descriptors.  Internally, it
sl@0: 	 * operates on a word by word basis.  Data stored beyond the end of the
sl@0: 	 * descriptor, but before the end of the final word, will be xored as well.
sl@0: 	 */
sl@0: 	static inline void XORString(const TUint32* aOp1, TUint32* aOp2,
sl@0: 		TUint aLength);
sl@0: 	};
sl@0: 
sl@0: #endif