swift2 – 如何在Swift 2和3中使用CommonCrypto for PBKDF2
发布时间:2020-12-14 04:35:53 所属栏目:百科 来源:网络整理
导读:我试图使用CommonCrypto在 Swift 2中使用PBKDF2散列密码,因为它具有高性能,并且由于它是开源的 我已经设法使用模块映射让CommonCrypto在Swift中工作,但有人可以告诉我使用CommonCrypto在Swift 2中使用PBKDF2进行散列的代码 解决方法 func pbkdf2(hash :CCPBK
|
我试图使用CommonCrypto在
Swift 2中使用PBKDF2散列密码,因为它具有高性能,并且由于它是开源的
我已经设法使用模块映射让CommonCrypto在Swift中工作,但有人可以告诉我使用CommonCrypto在Swift 2中使用PBKDF2进行散列的代码 解决方法func pbkdf2(hash :CCPBKDFAlgorithm,password: String,salt: [UInt8],keyCount: Int,rounds: UInt32!) -> [UInt8]! {
let derivedKey = [UInt8](count:keyCount,repeatedValue:0)
let passwordData = password.dataUsingEncoding(NSUTF8StringEncoding)!
let derivationStatus = CCKeyDerivationPBKDF(
CCPBKDFAlgorithm(kCCPBKDF2),UnsafePointer<Int8>(passwordData.bytes),passwordData.length,UnsafePointer<UInt8>(salt),salt.count,CCPseudoRandomAlgorithm(hash),rounds,UnsafeMutablePointer<UInt8>(derivedKey),derivedKey.count)
if (derivationStatus != 0) {
print("Error: (derivationStatus)")
return nil;
}
return derivedKey
}
hash是哈希类型,例如kCCPRFHmacAlgSHA1,kCCPRFHmacAlgSHA256,kCCPRFHmacAlgSHA512. 日落文档部分的示例: 基于密码的密钥派生2(Swift 3) 基于密码的密钥派生既可用于从密码文本中导出加密密钥,也可用于保存密码以进行身份??验证. 可以使用几种哈希算法,包括SHA1,SHA256,SHA512,这些算法由此示例代码提供. rounds参数用于使计算变慢,以便攻击者必须在每次尝试上花费大量时间.典型的延迟值在100ms到500ms之间,如果有不可接受的性能,可以使用更短的值. 此示例需要Common Crypto 参数: password password String
salt salt Data
keyByteCount number of key bytes to generate
rounds Iteration rounds
returns Derived key
func pbkdf2SHA1(password: String,salt: Data,keyByteCount: Int,rounds: Int) -> Data? {
return pbkdf2(hash:CCPBKDFAlgorithm(kCCPRFHmacAlgSHA1),password:password,salt:salt,keyByteCount:keyByteCount,rounds:rounds)
}
func pbkdf2SHA256(password: String,rounds: Int) -> Data? {
return pbkdf2(hash:CCPBKDFAlgorithm(kCCPRFHmacAlgSHA256),rounds:rounds)
}
func pbkdf2SHA512(password: String,rounds: Int) -> Data? {
return pbkdf2(hash:CCPBKDFAlgorithm(kCCPRFHmacAlgSHA512),rounds:rounds)
}
func pbkdf2(hash :CCPBKDFAlgorithm,rounds: Int) -> Data? {
let passwordData = password.data(using:String.Encoding.utf8)!
var derivedKeyData = Data(repeating:0,count:keyByteCount)
let derivationStatus = derivedKeyData.withUnsafeMutableBytes {derivedKeyBytes in
salt.withUnsafeBytes { saltBytes in
CCKeyDerivationPBKDF(
CCPBKDFAlgorithm(kCCPBKDF2),password,passwordData.count,saltBytes,hash,UInt32(rounds),derivedKeyBytes,derivedKeyData.count)
}
}
if (derivationStatus != 0) {
print("Error: (derivationStatus)")
return nil;
}
return derivedKeyData
}
用法示例: let password = "password"
//let salt = "saltData".data(using: String.Encoding.utf8)!
let salt = Data(bytes: [0x73,0x61,0x6c,0x74,0x44,0x61])
let keyByteCount = 16
let rounds = 100000
let derivedKey = pbkdf2SHA1(password:password,rounds:rounds)
print("derivedKey (SHA1): (derivedKey! as NSData)")
示例输出: derivedKey (SHA1): <6b9d4fa3 0385d128 f6d196ee 3f1d6dbf> 基于密码的密钥派生校准 此示例需要Common Crypto #import <CommonCrypto/CommonCrypto.h> 将Security.framework添加到项目中. 确定当前平台上特定延迟使用的PRF轮次数. 有几个参数默认为不应对圆计数产生实质影响的代表值. password Sample password. salt Sample salt. msec Targeted duration we want to achieve for a key derivation. returns The number of iterations to use for the desired processing time.
func pbkdf2SHA1Calibrate(password: String,msec: Int) -> UInt32 {
let actualRoundCount: UInt32 = CCCalibratePBKDF(
CCPBKDFAlgorithm(kCCPBKDF2),password.utf8.count,CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA1),kCCKeySizeAES256,UInt32(msec));
return actualRoundCount
}
用法示例: let saltData = Data(bytes: [0x73,0x61])
let passwordString = "password"
let delayMsec = 100
let rounds = pbkdf2SHA1Calibrate(password:passwordString,salt:saltData,msec:delayMsec)
print("For (delayMsec) msec delay,rounds: (rounds)")
示例输出: For 100 msec delay,rounds: 93457
func pbkdf2SHA1Calibrate(password:String,salt:[UInt8],msec:Int) -> UInt32 {
let actualRoundCount: UInt32 = CCCalibratePBKDF(
CCPBKDFAlgorithm(kCCPBKDF2),UInt32(msec));
return actualRoundCount
}
用法示例: let saltData = [UInt8]([0x73,0x61]) let passwordString = "password" let delayMsec = 100 let rounds = pbkdf2SHA1Calibrate(passwordString,rounds: (rounds)") (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |