CryptoSys PKI Pro Manual

Kdf.ForCms Method

Generate a key-encryption key (KEK) for ECDH key exchange in a CMS EnvelopedData object.

Syntax

[C#]
public static byte[] ForCms(
	byte[] zz,
	Kdf.KeyWrapAlg keyWrapAlg,
	Kdf.KdfAlg kdfAlg,
	Kdf.HashAlg hashAlg,
	byte[] ukm
)
[VB.NET]
Public Shared Function ForCms ( _
	zz As Byte(), _
	keyWrapAlg As Kdf.KeyWrapAlg, _
	kdfAlg As Kdf.KdfAlg, _
	hashAlg As Kdf.HashAlg, _
	ukm As Byte() _
) As Byte()

Parameters

zz
Input key material/shared secret value (denoted variously as ZZ/Z/K/IKM)
keyWrapAlg
Type: Kdf.KeyWrapAlg
Key wrap algorithm (required, cannot be Default)
kdfAlg
Type: Kdf.KdfAlg
Key derivation function to use.
hashAlg
Type: Kdf.HashAlg
Hash algorithm to use with the key derivation function (default is SHA-1)
ukm
Optional user key material (ukm)

Return Value

Output key material (KEK).

Remarks

This is a specialist function using the key definition algorithms described in [RFC5753] and [RFC8418] when used for key agreement with ECDH in a CMS EnvelopedData object. The key-encryption key is derived using the ECC-CMS-SharedInfo type, described in section 7.2 of [RFC5753].

See Also

VB6/C equivalent: KDF_ForCms

[Contents] [Index]

[PREV: Kdf.Bytes Method...]   [Contents]   [Index]   
   [NEXT: Ocsp.MakeRequest Method...]
Copyright © 2004-24 D.I. Management Services Pty Ltd. All rights reserved. Generated 2024-09-23T07:52:09Z.