How to replicate hash_hmac('sha256', $key, $secret_key) function in Swift 4?

Question

I\'ve tried generating the hash_hmac(\'sha256\', $key, $secret_key) php function equivalent in Swift 4 without success, after using libraries like CommonCrypto, CryptoSwift.

Answer 1

First of all it might be better to go straight for SHA512, SHA is notoriously easy to crack with GPU's, thus upping the memory scale a bit is not a bad idea.

Second, using CommonCrypto it is actually extremely easy to generate HMAC's, this is the implementation that I use:

static func hmac(_ secretKey: inout [UInt8], cipherText: inout [UInt8], algorithm: CommonCrypto.HMACAlgorithm = .sha512) -> [UInt8] {
        var mac = [UInt8](repeating: 0, count: 64)
        CCHmac(algorithm.value, &secretKey, secretKey.count, &cipherText, cipherText.count, &mac)
        return mac
    }

Where the algorithm is defined as such:

enum HMACAlgorithm {
        case sha512

        var value: UInt32 {
            switch(self) {
            case .sha512:
                return UInt32(kCCHmacAlgSHA512)
            }
        }
    }

My cipher text is cipherText+IV in this instance. When you are not using AES-GCM it seems suggested / recommended to HMAC IV+Cipher, but I cannot give you the technical details as to why.

Converting Data or NSData to a byte array:

var byteArray = data.withUnsafeBytes { [UInt8](UnsafeBufferPointer(start: $0, count: data.count) }

The reason for using an array is a substantial performance increase over Data, I don't know what the core team is doing but Data performs worse than NSMutableData even.