Menu
I am developing logon function for my iPhone Application, so I want to hash the password using the SHA512 hashing algorithm then get the result as NSString (the result should be the same with SHA512 in C#). After spending a lot of time in the internet, I still not find out the solution yet! :(
Is there anyone has the solution and sample code, please help me! Thanks a lot!
[Update] In my C# code, the password is stored using SecureString, so maybe it's cause make different byte array between objective-c and C#
932
Password Hash Security Considerations The SHA1, SHA256, and SHA512 functions are no longer considered secure, either, and PBKDF2 is considered acceptable. The most secure current hash functions are BCRYPT, SCRYPT, and Argon2. In addition to the hash function, the scheme should always use a salt.
There isn't a single answer to this question as there are too many variables, but SHA2 is not yet really cracked (see: Lifetimes of cryptographic hash functions) so it is still a good algorithm to use to store passwords in. The use of salt is good because it prevents attack from dictionary attacks or rainbow tables.
Since SHA512 is a hash algorithm based on non-linear functions, it is designed to prevent any decryption method and so is made to be uncrackable. The only possible method is to assume that the hash content is a password, to recover a database of online passwords and to compare their hash with the desired one.
SHA-512, or Secure Hash Algorithm 512, is a hashing algorithm used to convert text of any length into a fixed-size string. Each output produces a SHA-512 length of 512 bits (64 bytes). This algorithm is commonly used for email addresses hashing, password hashing, and digital record verification.
This function will hash a string using SHA512. The resulting string is a hex representation of the hash:
+ (NSString *) createSHA512:(NSString *)source { const char *s = [source cStringUsingEncoding:NSASCIIStringEncoding]; NSData *keyData = [NSData dataWithBytes:s length:strlen(s)]; uint8_t digest[CC_SHA512_DIGEST_LENGTH] = {0}; CC_SHA512(keyData.bytes, keyData.length, digest); NSData *out = [NSData dataWithBytes:digest length:CC_SHA512_DIGEST_LENGTH]; return [out description]; } Don't forget to include the correct header:
#include <CommonCrypto/CommonDigest.h> I am using this one.
It matches PHP SHA512 algorithm output:
<?php `hash('sha512', 'The quick brown fox jumped over the lazy dog.');` ?>
Objective-C code:
+(NSString *)createSHA512:(NSString *)string { const char *cstr = [string cStringUsingEncoding:NSUTF8StringEncoding]; NSData *data = [NSData dataWithBytes:cstr length:string.length]; uint8_t digest[CC_SHA512_DIGEST_LENGTH]; CC_SHA512(data.bytes, data.length, digest); NSMutableString* output = [NSMutableString stringWithCapacity:CC_SHA512_DIGEST_LENGTH * 2]; for(int i = 0; i < CC_SHA512_DIGEST_LENGTH; i++) [output appendFormat:@"%02x", digest[i]]; return output; } If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
