CryptographicEngine.DeriveKeyMaterial 方法

定義

命名空間:

Windows.Security.Cryptography.Core

使用金鑰衍生函式，從另一個金鑰衍生金鑰衍生金鑰。 如需詳細資訊，請參閱 KeyDerivationAlgorithmProvider 和 KeyDerivationParameters 類別。

public:
 static IBuffer ^ DeriveKeyMaterial(CryptographicKey ^ key, KeyDerivationParameters ^ parameters, unsigned int desiredKeySize);

 static IBuffer DeriveKeyMaterial(CryptographicKey const& key, KeyDerivationParameters const& parameters, uint32_t const& desiredKeySize);

public static IBuffer DeriveKeyMaterial(CryptographicKey key, KeyDerivationParameters parameters, uint desiredKeySize);

function deriveKeyMaterial(key, parameters, desiredKeySize)

Public Shared Function DeriveKeyMaterial (key As CryptographicKey, parameters As KeyDerivationParameters, desiredKeySize As UInteger) As IBuffer

參數

key

CryptographicKey

用於衍生的對稱或秘密金鑰。

parameters

KeyDerivationParameters

衍生參數。 參數會根據所使用的 KDF 演算法類型而有所不同。

desiredKeySize

UInt32

unsigned int

uint32_t

衍生金鑰的要求大小，以位元組為單位。

傳回

IBuffer

包含衍生金鑰的緩衝區。

範例

public String SampleDeriveFromPbkdf(
    String strAlgName,
    UInt32 targetSize)
{
    // Open the specified algorithm.
    KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

    // Create a buffer that contains the secret used during derivation.
    String strSecret = "MyPassword";
    IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);

    // Create a random salt value.
    IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);

    // Specify the number of iterations to be used during derivation.
    UInt32 iterationCount = 10000;

    // Create the derivation parameters.
    KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);

    // Create a key from the secret value.
    CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);

    // Derive a key based on the original key and the derivation parameters.
    IBuffer keyDerived = CryptographicEngine.DeriveKeyMaterial(
        keyOriginal,
        pbkdf2Params,
        targetSize);

    // Encode the key to a hexadecimal value (for display)
    String strKeyHex = CryptographicBuffer.EncodeToHexString(keyDerived);

    // Return the encoded string
    return strKeyHex;
}

備註

衍生金鑰需要您使用 KeyDerivationAlgorithmProvider 和 KeyDerivationParameters 類別。 您可以使用下列金鑰衍生函式：

• BuildForPbkdf2
• BuildForSP800108
• BuildForSP80056a

如需包含下列程式碼範例的完整範例，請參閱 KeyDerivationAlgorithmProvider 類別。

另請參閱

• KeyDerivationAlgorithmProvider
• KeyDerivationParameters