HmacSHA256 objective-c encryption

Question

HmacSHA256 objective-c encryption

I want to encpryt a string with a key using HmacSHA256. The code that everyone uses is below, but there is one thing that does not make sense. Why will we use base64 at the end if all we need is an HmacSHA256 hash?

I tried to see the hash generated after calling the CCHmac method with

NSString *str = [[NSString alloc] initWithData:HMAC encoding:NSASCIIStringEncoding]; NSLog(@"%@", str);

But I do not get the hash generated, I get null or garbage, for example:

2011-10-11 09: 38: 05.082 Hash_HmacSHA256 [368: 207] (null) 2011-10-11 09: 38: 05.085 Hash_HmacSHA256 [368: 207] Rwªb7iså {yyþ§ '(& o ÷ ÛËÚ ¥ M`f

 import < CommonCrypto/CommonHMAC.h> NSString *key; NSString *data; const char *cKey = [key cStringUsingEncoding:NSASCIIStringEncoding]; const char *cData = [data cStringUsingEncoding:NSASCIIStringEncoding]; unsigned char cHMAC[CC_SHA256_DIGEST_LENGTH]; CCHmac(kCCHmacAlgSHA256, cKey, strlen(cKey), cData, strlen(cData), cHMAC); NSData *HMAC = [[NSData alloc] initWithBytes:cHMAC length:sizeof(cHMAC)]; NSString *hash = [HMAC base64Encoding]; //This line doesn´t make sense [key release]; [data release];

+4

objective-c iphone encryption hmac sha256

bruno Oct 11 '11 at 8:49

source share

3 answers

I spend the whole day trying to convert the generated hash (bytes) into readable data. I used the base64 encoding you said and it did not work at all for me.

So I did this:

 CCHmac(kCCHmacAlgSHA256, cKey, strlen(cKey), cData, strlen(cData), cHMAC); // Now convert to NSData structure to make it usable again NSData *out = [NSData dataWithBytes:cHMAC length:CC_SHA256_DIGEST_LENGTH]; // description converts to hex but puts <> around it and spaces every 4 bytes NSString *hash = [out description]; hash = [hash stringByReplacingOccurrencesOfString:@" " withString:@""]; hash = [hash stringByReplacingOccurrencesOfString:@"<" withString:@""]; hash = [hash stringByReplacingOccurrencesOfString:@">" withString:@""]; // hash is now a string with just the 40char hash value in it NSLog(@"%@",hash);

+2

bruno Oct 12 '11 at 10:03

source share

Do not "[out description]" to get the hash as a string.

Do [hash base64Encoding] to get base64 encoding. Use http://cybersam.com/ios-dev/http-basic-access-authentication-with-objective-c-and-ios/attachment/nsdataadditions to get the base64Encoding function. The add-on class is a category that will add the base64Encoding function to the NSData implementation.

Or you can do [[NSString alloc] initWithData: out encoding: NSUTF8StringEncoding].

+1

Amber haq dixon Jul 13 '12 at 20:24

source share

Can berk güder · Accepted Answer · 2011-10-11T10:50:25+0000

First of all, for those who are wondering, this concerns my answer to this question: Objective-C sample code for HMAC-SHA1

The HMAC you created is a 256-bit binary value that may or may not begin with 0 bytes.

To be able to print it, you need a string representation (binary, hexadecimal, decimal, base64, etc.). Base64 is one of the most efficient among them, so I used Base64 encoding there.

The reason you get garbage is because most (if not all) of the octets in the HMAC value are outside the range of printable ASCII characters. If the first octet is 0 (0x00), you get zero. This is why you need an encoding that supports arbitrary values. ASCII does not.

Of course, if you do not want to print the HMAC value, then such an encoding may not be necessary, and it can support HMAC as is (binary NSData).

HmacSHA256 objective-c encryption

More articles: