Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Unicode C++) Generate Encryption KeyDiscusses symmetric encryption key generation techniques for block encryption algorithms such as AES, Blowfish, and Twofish, or for other algorithms such as ChaCha20.
#include <CkCrypt2W.h> #include <CkPrngW.h> void ChilkatSample(void) { // Symmetric encryption algorithms are such that the encryptor and decryptor // share a pre-known secret key. This could be a "single-use" key that is // derived from a secure key exchange algorithm using RSA, ECC, or Diffie-Hellman, // or it could be a password known to both sides, or // it could simply be the binary bytes of the secret key known in advance on both // sides. // A secret key has no structure. It's nothing more than N bytes of data. // It should typically be random data, or bytes that resemble random data such // as the hash of a password. // The number of bytes in the secret key defines the bit-strength of an encryption // algorithm. For example, AES with a 32-byte key is 256-bit AES. Most algorithms // define restrictions on key sizes. For example, AES has 3 choices: 128-bit, 192-bit, // or 256-bit. In the ChaCha20 algorithm, the key size must always be 256-bits (32-bytes). // Both sides (encryptor and decryptor) must be in possession of the same secret key // in order to communicate. Whichever side generates the key, it must somehow // deliver the key to the other side beforehand. Key exchange algorithms, such as RSA, ECC, // and Diffie-Hellman define secure ways of exchanging symmetric encryption keys. // They do so using asymmetric encryption algorithms (public/private keys). It is not // required to use a key exchange algorithm to achieve the goal of having both sides // in possession of the same secret key. A long-living secret key could be exchanged // via any secure out-of-band means. For example, exchanging the information over a secure // TLS (HTTPS) or SSH connection... // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. bool success; CkCrypt2W crypt; crypt.put_CryptAlgorithm(L"aes"); crypt.put_KeyLength(256); // Generate a 32-byte random secret key, // and use it in the crypt object. CkPrngW prng; const wchar_t *secretKeyHex = prng.genRandom(32,L"hex"); // It is important that the number of bytes in the secret key // matches the value specified in the KeyLength property (above). crypt.SetEncodedKey(secretKeyHex,L"hex"); wprintf(L"randomly generated key: %s\n",secretKeyHex); // Alternatively, a password could be hashed using a hash algorithm // the results in the desired key length. Our desired key length // in this case is 32 bytes, so we wouldn't want MD5 (16 bytes), // nor would we want to use SHA-1 (20 bytes). SHA256 would be the // hash of choice because it results in 32-bytes of random-looking // key material. crypt.put_HashAlgorithm(L"SHA256"); crypt.put_EncodingMode(L"hex"); secretKeyHex = crypt.hashStringENC(L"mypassword"); crypt.SetEncodedKey(secretKeyHex,L"hex"); wprintf(L"password-based key: %s\n",secretKeyHex); } |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.