This is how I have been generating my cryptographic keys until now:

这就是我到目前为止生成加密密钥的方法:

unsigned char *salt; //8 salt bytes were created earlier
unsigned char *password; //password was obtained earlier
int passwordLength; //password length as well

unsigned char evp_key[EVP_MAX_KEY_LENGTH] = {"\0"};
unsigned char iv[EVP_MAX_IV_LENGTH];

EVP_BytesToKey(cipher, EVP_md5(), salt, password,  //cipher is also given
               passwordLength,
               1, evp_key, iv);

The result is a key and an “initial value.” I can then use these two (evp_key and iv) along with the given cipher to encrypt my data.

结果是一个键和一个“初始值”。然后我可以使用这两个(evp_key和iv)以及给定的密码来加密我的数据。

Now that with Lion, Apple has deprecated the above code, I have the following question:

现在,对于Lion,Apple已弃用上述代码,我有以下问题:

Question: How do I do the same thing with CommonCrypto? I just came across the CCKeyDerivationPBKDF() function. Is this the one I’m looking for? I can’t see how this is the case, since I don’t get any “initial value” back. I don’t know how to compare this CommonCrypto function with the old method.

问题:如何使用CommonCrypto执行相同的操作?我刚刚遇到了CCKeyDerivationPBKDF()函数。这是我正在寻找的那个吗?我看不出这是怎么回事,因为我没有得到任何“初始价值”。我不知道如何将这个CommonCrypto函数与旧方法进行比较。

In particular: This new function doesn’t seem to even support the MD5 algorithm—only the SHA1. How, then, can I create new code that is backwards compatible with my old codebase (and files it has created)?

特别是:这个新功能似乎甚至不支持MD5算法 - 只支持SHA1。那么,我如何创建与我的旧代码库(以及它创建的文件)向后兼容的新代码?

1 个解决方案

#1

---