CryptoSys API Library Manual

PBE_Kdf2Hex

Derives a key of any length from a password using the PBKDF2 algorithm from PKCS#5 v2.1 with the salt and derived key encoded in hexadecimal.

VBA/VB6 Syntax

Public Declare Function PBE_Kdf2Hex Lib "diCryptoSys.dll" (ByVal strOutput As String, ByVal nMaxChars As Long, ByVal nKeyBytes As Long, ByVal strPwd As String, ByVal strSaltHex As String, ByVal nCount As Long, ByVal nOptions As Long) As Long

nRet = PBE_Kdf2Hex(strDerivedKey, nMaxChars, nKeyLen, strPassword, strSaltHex, nCount, nOptions)

C/C++ Syntax

long __stdcall PBE_Kdf2Hex(char *szOutput, long nMaxChars, long dkBytes, const char *szPwd, const char *szSaltHex, long nCount, long nOptions);

Parameters

szOutput
[out] to receive the hexadecimal-encoded derived key.
nMaxChars
[in] specifying the maximum number of characters in szOutput.
dkBytes
[in] specifying the size of the required key in bytes.
szPwd
[in] containing the password.
szSaltHex
[in] containing the salt in hex format.
nCount
[in] specifying the required iteration count.
nOptions
[in] Option flags. Select one of:
API_HMAC_SHA1 (0) to use the HMAC-SHA-1 algorithm (default)
API_HMAC_SHA256 to use the HMAC-SHA-256 algorithm
API_HMAC_SHA384 to use the HMAC-SHA-384 algorithm
API_HMAC_SHA512 to use the HMAC-SHA-512 algorithm
API_HMAC_SHA224 to use the HMAC-SHA-224 algorithm
API_HMAC_MD5 to use the HMAC-MD5 algorithm

Returns (VBA/C)

If successful, the return value is 0; otherwise it returns a non-zero error code.

VBA Wrapper Syntax

Public Function pbeKdf2Hex(dkBytes As Long, strPwd As String, strSaltHex As String, nCount As Long, nOptions As Long) As String

.NET Equivalent

Pbe.Kdf2 Method (Int32, String, String, Int32)

COM/ASP Equivalent

pbe.DKF2FromString
Public Function DKF2FromString(ByVal nBytes As Long, ByVal strPassword As String, ByVal strSaltHex As String, nCount As Long) As String

See pbe.DKF2FromString.

Remarks

The output string szOutput should be pre-dimensioned to be at least double the required key length in bytes. (Hint: specify nMaxChars as Len(strOutput)). The seed szSaltHex is specified in hex format and can be any even number of hex digits in length. The password szPassword is normal text, not hexadecimal.

Example (VBA core function)

Dim strDerivedKey As String
Dim nKeyLen As Long
Dim strPassword As String
Dim strSaltHex As String
Dim nCount As Long
Dim nRet As Long

strPassword = "password"  ' NB normal text, not hex

' Set 8-byte salt = 78 57 8E 5A 5D 63 CB 06
strSaltHex = "78578E5A5D63CB06"

' Iteration count is 2048
nCount = 2048

' Pre-dimension output string for derived key to 
' required length of 24 bytes i.e. 48 hex chars
' (Don't forget to do this)
nKeyLen = 24
strDerivedKey = String(2 * nKeyLen, " ")

' Derive PBKDF2 key using function from CryptoSys API
nRet = PBE_Kdf2Hex(strDerivedKey, Len(strDerivedKey), nKeyLen, _
	strPassword, strSaltHex, nCount, 0)

' Check against test vector
Debug.Print "Derived key = " & strDerivedKey
Debug.Print "Correct key = BFDE6BE94DF7E11DD409BCE20A0255EC327CB936FFE93643"

This should result in output as follows:

Derived key = BFDE6BE94DF7E11DD409BCE20A0255EC327CB936FFE93643
Correct key = BFDE6BE94DF7E11DD409BCE20A0255EC327CB936FFE93643

Example (VBA wrapper function)

Dim strDerivedKey As String
strDerivedKey = pbeKdf2Hex(24, "password", "78578E5A5D63CB06", 2048, 0)
Debug.Print "Derived key = " & strDerivedKey
Debug.Print "OK =          " & "BFDE6BE94DF7E11DD409BCE20A0255EC327CB936FFE93643"

See Also

PBE_Kdf2

[Contents] [Index]

[PREV: PBE_Kdf2...]   [Contents]   [Index]   
   [NEXT: PBE_Scrypt...]
Copyright © 2001-24 D.I. Management Services Pty Ltd. All rights reserved. Generated 2024-01-07T07:42:00Z.