The following code samples illustrate how to use cryptography in C# and VisualBasic.NET for such common tasks as data encryption, hashing, and random password generation.
Illustrates how to generate a persistent (i.e. non-random) symmetric key and use this key to encrypt and decrypt data. This sample is intended to help novice users get a grasp on encryption and decryption.
Explains how to use random salt values when encrypting the same plain text value with the same symmetric key to generate different cipher text. This approach eliminates the need to use different initialization vectors or keys for the purpose of avoiding dictionary attacks.
When used as a replacement for Sec Key Generate, set the k Sec Use Keychain key to the keychain (Sec Keychain) into which the key should be stored, k Sec Attr Label to a user-visible label for the key, and k Sec Attr Application Label to an identifier defined by your application, for subsequent use in calls to Sec Item Copy Matching(: :). Ways to generate symmetric and asymmetric keys. Ask Question. Symmetric for encryption big firmware file and asymmetric for encrypting symmetric key file., urandom suggest to use urandom in case one is not sure about it. However we have seed enough.
Demonstrates how to encrypt and decrypt data using Windows Data Protection API (DPAPI).
Illustrates how to hash a text string with a random salt value using various hashing algorithms and verify a hash against a plain text value. What do you open key generator with generator.
Shows how to generate a random password, which consists of a combination of 7-bit ASCII alpha-numeric characters and special symbols, but does not contain ambiguous characters (such as [1,I,l]).
How to Generate a Symmetric Key by Usingthe pktool Command
Some applications require a symmetric key for encryption and decryptionof communications. In this procedure, you create a symmetric key and storeit.
If your site has a random number generator, you can use thegenerator to create a random number for the key. This procedure does not useyour site's random number generator.
You can instead use the dd command withthe Solaris /dev/urandom device as input. The dd commanddoes not store the key. For the procedure, see How to Generate a Symmetric Key by Using the dd Command.
(Optional) If you plan touse a keystore, create it.
To create and initialize a PKCS #11 keystore, see How to Generate a Passphrase by Using the pktool setpin Command.
To create and initialize an NSS database, see Example 15–5.
Generate a random number for use as a symmetric key.
Useone of the following methods.
Generate a key and store it in a file.
The advantageof a file-stored key is that you can extract the key from this file for usein an application's key file, such as the /etc/inet/secret/ipseckeys fileor IPsec.
- keystore
The value file specifies the file typeof storage location for the key.
- outkey=key-fn
Is the filename when keystore=file.
- keytype=specific-symmetric-algorithm
For a particular algorithm, specify aes, arcfour, des, or 3des.
- keylen=size-in-bits
Is the length of the key in bits. The number must be divisibleby 8. Do not specify for des or 3des.
- dir=directory
Is the directory path to key-fn.By default, directory is the current directory.
Please consider upgrading to a more recent version of Internet Explorer, or trying another browser such as Firefox, Safari, or Google Chrome.(Please remember to honor your company's IT policies before installing new software!). Attention, Internet Explorer UserAnnouncement: Jive has discontinued support for Internet Explorer 7 and below.In order to provide the best platform for continued innovation, Jive no longer supports Internet Explorer 7.Jive will not function with this version of Internet Explorer. Sso generate private key net.
- print=n
Prints the key to the terminal window. By default, the valueof print is n.
Generate a key and store it in a PKCS #11 keystore.
Theadvantage of the PKCS #11 keystore is that you can retrieve the key by itslabel. This method is useful for keys that encrypt and decrypt files. Youmust complete Step 1 beforeusing this method.
- label=key-label
Is a user-specified label for the key. The key can be retrievedfrom the keystore by its label.
- keytype=specific-symmetric-algorithm
For a particular algorithm, specify aes, arcfour, des, or 3des.
- keylen=size-in-bits
Is the length of the key in bits. The number must be divisibleby 8. Do not specify for des or 3des.
- token=token
Is the token name. By default, the token is Sun SoftwarePKCS#11 softtoken.
- sensitive=n
Specifies the sensitivity of the key. When the value is y, the key cannot be printed by using the print=y argument.By default, the value of sensitive is n.
- extractable=y
Specifies that the key can be extracted from the keystore.Specify n to prevent the key from being extracted.
- print=n
Prints the key to the terminal window. By default, the valueof print is n.
Generate a key and store it in an NSS keystore.
Youmust complete Step 1 beforeusing this method.
- keystore
The value nss specifies the NSS type ofstorage location for the key.
- label=key-label
Is a user-specified label for the key. The key can be retrievedfrom the keystore by its label.
- keytype=specific-symmetric-algorithm
For a particular algorithm, specify aes, arcfour, des, or 3des.
- keylen=size-in-bits
Is the length of the key in bits. The number must be divisibleby 8. Do not specify for des or 3des.
- token=token
Is the token name. By default, the token is the NSS internaltoken.
- dir=directory
Is the directory path to the NSS database. By default, directory is the current directory.
- prefix=directory
Is the prefix to the NSS database. The default is no prefix.
- print=n
Prints the key to the terminal window. By default, the valueof print is n.
(Optional) Verify that the key exists.
Useone of the following commands, depending on where you stored the key.
Verify the key in the key-fn file.
Verify the key in the PKCS #11 or the NSS keystore.
Example 14–5 Creating a DES Key by Using the pktool Command
In the following example, a secret key for the DES algorithm is created.The key is stored in a local file for later decryption. The command protectsthe file with 400 permissions. When the key is created,the print=y option displays the generated key in the terminalwindow.
DES mechanisms use a 64-bit key. The user who owns the keyfile retrievesthe key by using the od command.