jonas vermeulen
Reputation: 1245
pbkdf2 objective c compare hashes
i found an implementation of pbkdf2 hashing algorithm , I can calculate the hash, but i don't know how i can compare the hash with a password if i do a log in. can somebody give me a hint? here is my implementation of the hasing algorithm
#import <CommonCrypto/CommonKeyDerivation.h>
...
// Makes a random 256-bit salt
- (NSData*)generateSalt256 {
unsigned char salt[32];
for (int i=0; i<32; i++) {
salt[i] = (unsigned char)arc4random();
}
return [NSData dataWithBytes:salt length:32];
}
...
// Make keys!
NSString* myPass = @"MyPassword1234";
NSData* myPassData = [myPass dataUsingEncoding:NSUTF8StringEncoding];
NSData* salt = [self generateSalt256];
// How many rounds to use so that it takes 0.1s ?
int rounds = CCCalibratePBKDF(kCCPBKDF2, myPassData.length, salt.length, kCCPRFHmacAlgSHA256, 32, 100);
// Open CommonKeyDerivation.h for help
unsigned char key[32];
CCKeyDerivationPBKDF(kCCPBKDF2, myPassData.bytes, myPassData.length, salt.bytes, salt.length, kCCPRFHmacAlgSHA256, rounds, key, 32);
Upvotes: 1
Views: 709
Answers (1)
Yusuf X
Reputation: 14633
PBKDF2 is usually used to generate an encryption key from your password; it's not used to hash like you would use MD5. How are you using it for login? Something like LastPass?
Normally one sends the password (after salt and hash) to the server, and the server does the comparison, not the client. Do you have a different use case?
Upvotes: 1
Related Questions
- Confused about the default isEqual and hash implements
- Objective C SHA512 hash of two NSData
- About isEqual and hash
- How to compare 2 objects for equality in Objective-C
- objective C Comparing 2 files bytewise
- help with isEquals and hash in iphone
- How to implement -hash for -isEqual: with OR condition?
- pbkdf2 and hash comparison
- Implementing -hash / -isEqual: / -isEqualTo...: for Objective-C collections
- PBKDF2-HMAC-SHA256 Objective-C implementation