Sailfish::Crypto::KeyDerivationParameters kdfParams;
 kdfParams.setKeyDerivationFunction(Sailfish::Crypto::CryptoManager::KdfPkcs5Pbkdf2);
 kdfParams.setKeyDerivationMac(Sailfish::Crypto::CryptoManager::MacHmac);
 kdfParams.setKeyDerivationDigestFunction(Sailfish::Crypto::CryptoManager::DigestSha512);
 kdfParams.setIterations(16384);
 kdfParams.setSalt(randomBytes);     // 16 random bytes, e.g. GenerateRandomDataRequest
 kdfParams.setOutputKeySize(256);

 Sailfish::Crypto::KeyDerivationParameters kdfParams;
 kdfParams.setKeyDerivationFunction(Sailfish::Crypto::CryptoManager::KdfArgon2d);
 kdfParams.setIterations(256);
 kdfParams.setMemorySize(16384);
 kdfParams.setParallelism(2);
 kdfParams.setSalt(randomBytes);     // 16 random bytes, e.g. GenerateRandomDataRequest
 kdfParams.setOutputKeySize(256);

 kdfParams.setInputData(sessionId); // from remote service etc.
 kdfParams.setSalt(nonce);          // from remote service etc.

Member Function Documentation

KeyDerivationParameters::KeyDerivationParameters()

Constructs a new, empty KeyDerivationParameters instance

KeyDerivationParameters::KeyDerivationParameters(const KeyDerivationParameters &other)

Constructs a copy of the other KeyDerivationParameters instance

KeyDerivationParameters::~KeyDerivationParameters()

Destroys the KeyDerivationParameters instance

QVariantMap KeyDerivationParameters::customParameters() const

Returns the plugin-specific custom parameters which will be used during key generation

Note: Getter function for property customParameters.

See also setCustomParameters().

QByteArray KeyDerivationParameters::inputData() const

Returns the input data which will be used by the key derivation function to generate the output key

For example, often a passphrase is used to generate a key. This parameter is optional for some key derivation functions.

Note: Getter function for property inputData.

See also setInputData().

bool KeyDerivationParameters::isValid() const

Returns true if the key derivation function and output key size are valid.

int KeyDerivationParameters::iterations() const

Returns the number of iterations of the hash function or cipher to be used when deriving the key

Some key derivation functions (e.g. Argon2) allow clients to provide an iterations parameter which modifies the operation of the function to make the output more resilient to bruteforce attack.

Please see the documentation for the plugin providing the KDF you wish to use, to see whether this parameter is applicable for your case.

Note: Getter function for property iterations.

See also setIterations().

Sailfish::Crypto::CryptoManager::Algorithm KeyDerivationParameters::keyDerivationAlgorithm() const

Returns the algorithm which will be used by the key derivation function

Some key derivation functions work by applying a symmetric cipher algorithm multiple times (for example bcrypt which uses the Blowfish cipher), and in some of these cases the client can choose which specific algorithm should be used.

Some other key derivation functions work by applying a MAC function multiple times (for example PBKDF2), and in some of these cases the MAC function works by applying a symmetric cipher algorithm multiple times, and in some of these cases the client can choose which algorithm should be used by the MAC function.

One example of a common parameter selection is to use CryptoManager::KdfPkcs5Pbkdf2 as the key derivation function, with CryptoManager::MacPoly1305 as the MAC function, and CryptoManager::AlgorithmAes as the Poly1305 cipher algorithm.

Note: Getter function for property keyDerivationAlgorithm.

See also setKeyDerivationAlgorithm().

Sailfish::Crypto::CryptoManager::DigestFunction KeyDerivationParameters::keyDerivationDigestFunction() const

Returns the digest function which will be used by the key derivation function

Some key derivation functions work by applying a digest function multiple times (for example Argon2 which uses the Blake2 function), and in some of these cases the client can choose which specific digest function should be used.

Some other key derivation functions work by applying a MAC function multiple times (for example PBKDF2), and in some of these cases the MAC function works by applying a digest function multiple times, and in some of these cases the client can choose which digest function should be used by the MAC function.

One example of a common parameter selection is to use CryptoManager::KdfPkcs5Pbkdf2 as the key derivation function, with CryptoManager::MacHmac as the MAC function, and CryptoManager::DigestSha512 as the HMAC digest function.

Note: Getter function for property keyDerivationDigestFunction.

See also setKeyDerivationDigestFunction().

Sailfish::Crypto::CryptoManager::KeyDerivationFunction KeyDerivationParameters::keyDerivationFunction() const

Returns the key derivation function which should be used to derive the key

A key derivation function is a form of hash function which is intentionally slow to calculate, and has certain randomness characteristics which provide security against bruteforce attacks.

Some key derivation functions (such as CryptoManager::KdfPkcs5Pbkdf2) require certain parameters to be specified (e.g. iterations(), and either keyDerivationMac() and keyDerivationDigestFunction(), or keyDerivationMac() and keyDerivationAlgorithm()), while others (such as CryptoManager::KdfArgon2d) require different parameters (e.g. iterations(), parallelism() and memorySize()).

Note: Getter function for property keyDerivationFunction.

See also setKeyDerivationFunction().

Sailfish::Crypto::CryptoManager::MessageAuthenticationCode KeyDerivationParameters::keyDerivationMac() const

Returns the message authentication code function which will be used by the key derivation function

Some key derivation functions work by applying a MAC function multiple times, and in some cases (e.g. CryptoManager::KdfPkcs5Pbkdf2) the client can choose which specific MAC function should be used.

One example of a common parameter selection is to use CryptoManager::KdfPkcs5Pbkdf2 as the key derivation function, with CryptoManager::MacHmac as the MAC function, and CryptoManager::DigestSha512 as the HMAC digest function.

Note: Getter function for property keyDerivationMac.

See also setKeyDerivationMac().

qint64 KeyDerivationParameters::memorySize() const

Returns the memory size parameter to be used when deriving the key

Some key derivation functions (e.g. Argon2) allow clients to provide a memory size parameter which modifies the operation of the function to make the output more resilient to bruteforce attack.

Please see the documentation for the plugin providing the KDF you wish to use, to see whether this parameter is applicable for your case.

Also, the meaning (and units) of this parameter can be different depending on the key derivation function (e.g. Argon2 vs scrypt), so please see the documentation for your plugin for more information.

Note: Getter function for property memorySize.

See also setMemorySize().

int KeyDerivationParameters::outputKeySize() const

Returns the security size (in bits) of the output key

Note that the security size is not necessarily the same as the data (storage) size, although for symmetric ciphers those usually are the same.

Note: Getter function for property outputKeySize.

See also setOutputKeySize().

int KeyDerivationParameters::parallelism() const

Returns the amount of parallelism (threads) to be used when deriving the key

Some key derivation functions (e.g. Argon2) allow clients to provide a parallelism parameter which modifies the operation of the function to make the output more resilient to bruteforce attack.

Please see the documentation for the plugin providing the KDF you wish to use, to see whether this parameter is applicable for your case.

Note: Getter function for property parallelism.

See also setParallelism().

QByteArray KeyDerivationParameters::salt() const

Returns the salt which will be used during key derivation

The salt should be unique and preferably random. The salt is not secret and can be stored publicly, and offers some protection against precalculation attacks, by adding randomness to the input data.

For generating a symmetric key from a passphrase, many key derivation function implementations suggest providing 16 bytes of salt data.

Note: Getter function for property salt.

See also setSalt().

void KeyDerivationParameters::setCustomParameters(const QVariantMap &params)

Sets the plugin-specific custom parameters to be used during key generation to params

Note: Setter function for property customParameters.

See also customParameters().

void KeyDerivationParameters::setInputData(const QByteArray &data)

Sets the input data to data

Note: Setter function for property inputData.

See also inputData().

void KeyDerivationParameters::setIterations(int iterations)

Sets the number of iterations of the hash function or cipher to be used when deriving the key to iterations

Note: Setter function for property iterations.

See also iterations().

void KeyDerivationParameters::setMemorySize(qint64 size)

Sets the memory size parameter to be used when deriving the key to size

Note: Setter function for property memorySize.

See also memorySize().

void KeyDerivationParameters::setOutputKeySize(int size)

Sets the required security size (in bits) of the output key to size

Note: Setter function for property outputKeySize.

See also outputKeySize().

void KeyDerivationParameters::setParallelism(int parallelism)

Sets the amount of parallelism to be used when deriving the key to parallelism

Note: Setter function for property parallelism.

See also parallelism().

void KeyDerivationParameters::setSalt(const QByteArray &salt)

Sets the salt to be used during key derivation to salt

Note: Setter function for property salt.

See also salt().

KeyDerivationParameters &KeyDerivationParameters::operator=(const KeyDerivationParameters &other)

Assigns the other KeyDerivationParameters instance to this