Archived Forum Post

Index of archived forum posts

Question:

Algorithm for GenerateSecretKey??

Aug 27 '12 at 17:04

We have hit on small snag however. We have a web service that uses keys generated by CkCrypt’s GenerateSecretKey() function on the client. However, we need to integrate this same functionality on a different platform. We are hitting a snag where we do not know the algorithm/methodology used by GenerateSecretKey(). Would you be able to discuss any of that, so that we can generate keys that interoperate with Chilkat from different platforms? It seems to be a hash algorithm of some sort, but I imagine there is a salt involved or something else.


Answer

The GenerateSecretKey takes an arbitrary password string and produces a binary secret key equal in length to the value specified by the KeyLength property as follows:

1) Generate 32-bytes of key material.

A) Write the password to a byte array using the character encoding specified by the Charset property. Typically, if the password is entirely us-ascii (7bit) chars, this is simply the ascii bytes of the password. Differences would arise if non-English (8bit) chars are used in the password, and then it is important to understand the byte representation used for the password string.
B) MD5 hash the byte array to produce the 1st 16 bytes of key material.
C) Base64 encode the byte array from (A) and then MD5 hash the ascii bytes of the Base64 string. This becomes the 2nd 16 bytes of the key material.

2) Return the 1st N bytes of the key material according to the KeyLength property. For example, if the KeyLength = 192, then 24 bytes are returned.