DeriveKey

(Engine-Level Function)

Description: Generates a cryptographic session key from a seed value.
Returns: Handle
Usage: Script Only.
Function Groups: Cryptography
Related to: Decrypt | Encrypt | ExportKey | GenerateKey | GetKeyParam | ImportKey | SetKeyParam
Format: DeriveKey(CSPHandle, AlgID, Seed [, Flags, Error])
Parameters:  
CSPHandle   
Required. The handle of a CSPClosed critical security parameter to use to generate the key.
AlgID   
Required. Identifies the algorithm for which the key is to be generated. Values for this parameter vary depending on the CSP used, and are defined in WinCrypt.h
Seed   
Required. A text string to use as a seed.
Flags   
Optional. Specifies the flags to be passed to CryptGenKey. If omitted or invalid, then the value "0" is used.
Error   
Optional. A variable in which the error code for the function is returned. The error codes are as follows

Error

Meaning

0

Key successfully generated

1

CSPHandle or AlgID parameters invalid

X

Any other value is an error from CryptGenKey.
Comments:

DeriveKey guarantees that when the same CSP and algorithms are used, the keys generated from the same seed are identical. The base data can be a password or any other user data. A handle to the key or key pair is returned. This handle can then be used as needed with any Crypto API function requiring a key handle. It is the VTScada analog of the Crypto API CryptDeriveKey call.

The return value for this function is a handle to the Key. If an error occurs, then the return value is Invalid. A key has a value type of 37. If cast to text, then the hexadecimal value of the algorithm ID will be returned.

Does not support CNG (Cryptography New Generation).

Example:

[
  Key1; 
  Constant CALG_RC4 = 0x6801; 
  Constant KEY_SIZE = 40; 
  Constant Password = "A secret password"; 
]
Init [
  If 1 Main; 
  [ 
    { Make a key } 
    Key1 = DeriveKey(CSP, CALG_RC4, Password, KEY_SIZE << 16); 
  ] 
]