0

I'm a very newb programmer trying to write some iOS programs, and when I reached the part where I must encrypt my data, I ran into a misty and ill-documented wall. Apple apparently provides all the tools one needs to encrypt data but doesn't write about it anywhere. Currently I am experimenting with stuff found in https://github.com/AlanQuatermain/aqtoolkit, which apparently work. However, I read in http://robnapier.net/blog/aes-commoncrypto-564 that one should not use user selected passwords as encryption keys, but I have seen a few examples of people using the user's password directly with this library and others. Does this apply here, and should I run the user password through a small hurdle race before using it?

Serendipity
  • 2,001
  • 2
  • 13
  • 12

1 Answers1

2

It is a good idea to use the hash of a password as a key for your crypto routines. One reason for that is that different algorithms may need keys of a different length and by selecting the appropriate hashing algorithm (e.g. SHA256 for AES256) you automatically get a key with the appropriate length.

zlajo
  • 2,173
  • 1
  • 19
  • 25
  • Thanks for the speedy answer. Where would I find code or examples of a hash function? Or is it something I should look to writing myself? (If I sound really stupid, it's probably because I am in this respect) – Serendipity Dec 23 '11 at 10:02
  • The library you mentioned provides an easy way for hashing. Have a look at https://github.com/AlanQuatermain/aqtoolkit/blob/master/CommonCrypto/NSData+CommonCrypto.h. – zlajo Dec 23 '11 at 10:56
  • I am currently encrypting my data with `AES256EncryptedDataUsingKey: @"passwordHere" etc` which is obviously wrong, but I have no idea _how_ to use the hash function in the .h. Would you be patient enough to to explain please? – Serendipity Dec 26 '11 at 01:40
  • Try something like [[@"my message" dataUsingEncoding:NSUTF8StringEncoding] AES256EncryptedDataUsingKey: [[@"password" dataUsingEncoding:NSUTF8StringEncoding] SHA256Hash] error:nil]; – zlajo Dec 28 '11 at 16:52