|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Perl) Generate Encryption KeyDiscusses symmetric encryption key generation techniques for block encryption algorithms such as AES, Blowfish, and Twofish, or for other algorithms such as ChaCha20.
use chilkat(); # Symmetric encryption algorithms are such that the encryptor and decryptor # share a pre-known secret key. This could be a "single-use" key that is # derived from a secure key exchange algorithm using RSA, ECC, or Diffie-Hellman, # or it could be a password known to both sides, or # it could simply be the binary bytes of the secret key known in advance on both # sides. # A secret key has no structure. It's nothing more than N bytes of data. # It should typically be random data, or bytes that resemble random data such # as the hash of a password. # The number of bytes in the secret key defines the bit-strength of an encryption # algorithm. For example, AES with a 32-byte key is 256-bit AES. Most algorithms # define restrictions on key sizes. For example, AES has 3 choices: 128-bit, 192-bit, # or 256-bit. In the ChaCha20 algorithm, the key size must always be 256-bits (32-bytes). # Both sides (encryptor and decryptor) must be in possession of the same secret key # in order to communicate. Whichever side generates the key, it must somehow # deliver the key to the other side beforehand. Key exchange algorithms, such as RSA, ECC, # and Diffie-Hellman define secure ways of exchanging symmetric encryption keys. # They do so using asymmetric encryption algorithms (public/private keys). It is not # required to use a key exchange algorithm to achieve the goal of having both sides # in possession of the same secret key. A long-living secret key could be exchanged # via any secure out-of-band means. For example, exchanging the information over a secure # TLS (HTTPS) or SSH connection... # This example assumes the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. $crypt = chilkat::CkCrypt2->new(); $crypt->put_CryptAlgorithm("aes"); $crypt->put_KeyLength(256); # Generate a 32-byte random secret key, # and use it in the crypt object. $prng = chilkat::CkPrng->new(); $secretKeyHex = $prng->genRandom(32,"hex"); # It is important that the number of bytes in the secret key # matches the value specified in the KeyLength property (above). $crypt->SetEncodedKey($secretKeyHex,"hex"); print "randomly generated key: " . $secretKeyHex . "\r\n"; |
||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.