Re: md5 hashing on GNUstep

discuss-gnustep

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: md5 hashing on GNUstep

From:	Johannes Brakensiek
Subject:	Re: md5 hashing on GNUstep
Date:	Wed, 01 Apr 2020 21:42:17 +0200



On 1 Apr 2020, at 20:36, Andreas Fink wrote:

Your approach might not give you the intended result if you haveNSStrings containing Unicode characters which contains zero bytes.Your strlen() call would stop at that character and not go to the fulllength of a NSString. So a conversion to NSData and use its lengthwould be better. For ASCII and Laltin1 it wouldnt make a differencethough.
so this would be better appraoch:

   NSData *d = [self dataUsingEncoding:NSUTF8StringEncoding];
   unsigned char result[CC_MD5_DIGEST_LENGTH];
   CC_MD5( d.bytes, (int)d.length, result );

One might add (you probably know) that MD5 is broken regardingcryptographic purposes.[1]For many use cases you should use something like SHA-2[2] or - iftargeting passwords - hashing and salting[3] instead.


Johannes

[1] https://en.wikipedia.org/wiki/MD5
[2] https://en.wikipedia.org/wiki/SHA-2
[3] https://download.libsodium.org/doc/password_hashing

[Prev in Thread]

Current Thread

[Next in Thread]

md5 hashing on GNUstep, Andreas Höschler, 2020/04/01
- Re: md5 hashing on GNUstep, H. Nikolaus Schaller, 2020/04/01
  - Re: md5 hashing on GNUstep, Niels Grewe, 2020/04/01
  - Re: md5 hashing on GNUstep, Fred Kiefer, 2020/04/01
    - Re: md5 hashing on GNUstep, Andreas Höschler, 2020/04/01
  - Re: md5 hashing on GNUstep, Andreas Höschler, 2020/04/01
    - Re: md5 hashing on GNUstep, Andreas Fink, 2020/04/01
    - Re: md5 hashing on GNUstep, Johannes Brakensiek <=

Prev by Date: Re: md5 hashing on GNUstep
Next by Date: Swift on Mac OS 9
Previous by thread: Re: md5 hashing on GNUstep
Next by thread: Swift on Mac OS 9
Index(es):
- Date
- Thread