Crypto.PBKDF2

From Xojo Documentation

Method

Crypto.PBKDF2(salt As String, data As MemoryBlock, iterations As Integer, desiredHashLength As Integer, hashAlgorithm As Crypto.HashAlgorithms) As MemoryBlock

New in 2019r3.1

Supported for all project types and targets.

Returns the PBKDF2 hash value of the data, first applying the salt value and using the specified hashAlgorithm. The iteration parameter is the number of loops that the hash algorithm does. The desiredHashLength parameter lets you specify the number of bytes that you want the resulting hash to be. 16 or 32 bytes are commonly used.


Method

Crypto.PBKDF2(salt As String, data As MemoryBlock, iterations As Integer, desiredHashLength As Integer, hashAlgorithm As Crypto.Algorithm) As MemoryBlock

New in 2012r2

Supported for all project types and targets.

Returns the PBKDF2 hash value of the data, first applying the salt value and using the specified hashAlgorithm. The iteration parameter is the number of loops that the hash algorithm does. The desiredHashLength parameter lets you specify the number of bytes that you want the resulting hash to be. 16 or 32 bytes are commonly used.

Notes

PBKDF2 is a "slow", i.e. deliberately processing intensive, algorithm for generating hash values. Slow is relative, for generating a single hash value it is plenty fast. The benefit of a slow algorithm is that it is impractical for hackers to generate hash tables using it because it would take too long to generate the thousands of hashes for commonly used values.

Use a higher value for iterations' to further slow the hash creation.

Refer to PBKDF2 on Wikipedia.

Use the Crypto.HashAlgorithms enumeration with the Hash method to specify the type of hash. It has these values:

  • MD5
  • SHA1
  • SHA256
  • SHA512

Sample Code

This example generates a 32-byte hash using PBKDF2 for the salt and data, iterating 100 times:

Var hash As MemoryBlock
hash = Crypto.PBKDF2("SaltValue", "YourPasswordSentence", 100, 32, Crypto.HashAlgorithms.SHA512)
Var hashValue As String = EncodeHex(hash)
// FB8F64E66A72517AC7CA70145640B1932A986A7A7DDE7EC79602F8CE94DE0F8A