1. 技术文章
  2. How to use WSSE in iOS with salted sha512 with more than 1 iteration

How to use WSSE in iOS with salted sha512 with more than 1 iteration

折月煮酒 提交于 2019-12-08 07:04:49

问题


I need some help with WSSE Header generations in iOS. The application it's written in Symfony2 which uses sha512 algorithm with 5000 iterations and encode_as_base64 as true. For the mobile app, I found this question for encoding the password: SHA512 with salt for iOS although it's only one iteration. Using a simple loop which includes the last one would suffice it?

We found the code for the Android generation of the WSSE Headers: http://obtao.com/blog/2013/09/how-to-use-wsse-in-android-app/ It is possible to do the same thing in iOS or should we find another way for authentication, like OAuth2?


回答1:


If you want to reproduce the same encryption as Symfony2 with the 5000 iterations, you can use the following code:

- (NSString *)hashPassword:(NSString *)password ansSalt:(NSString *)salt {

    NSString *passwordSalted = [NSString stringWithFormat:@"%@{%@}",password,salt];

    NSData *passwordData = [passwordSalted dataUsingEncoding:NSUTF8StringEncoding];

    uint8_t hash[CC_SHA512_DIGEST_LENGTH];
    CC_SHA512([passwordData bytes], [passwordData length], hash);

    NSMutableData *allData = [[NSMutableData alloc] init];
    [allData appendBytes:hash length:CC_SHA512_DIGEST_LENGTH];

    for (NSInteger i = 1; i < 5000; i++) {

        [allData appendBytes:[passwordData bytes] length:[passwordData length]];
        uint8_t hashLoop[CC_SHA512_DIGEST_LENGTH];
        CC_SHA512([allData bytes], [allData length], hashLoop);
        [allData setLength:0];
        [allData appendBytes:hashLoop length:CC_SHA512_DIGEST_LENGTH];

    }

    NSData *imageData = [NSData dataWithBytes:[allData bytes] length:[allData length]];

    return [imageData base64EncodedStringWithOptions:0];

}

Don't forgot to import CommonDigest.h:

#import <CommonCrypto/CommonDigest.h>



回答2:


For SHA512 try the following: 

#import <CommonCrypto/CommonDigest.h>
    + (NSData *)sha512:(NSData *)data {
    unsigned char hash[CC_SHA512_DIGEST_LENGTH];
    if ( CC_SHA512([data bytes], [data length], hash) ) {
        NSData *sha512 = [NSData dataWithBytes:hash length:CC_SHA512_DIGEST_LENGTH];        
        return sha512;
        }
        return nil;
    }

for WSSE headers check out https://github.com/laiso/CocoaWSSE



来源:https://stackoverflow.com/questions/27983034/how-to-use-wsse-in-ios-with-salted-sha512-with-more-than-1-iteration

标签
android
ios
symfony
sha512
wsse
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!