PBKDF2-HMAC-SHA1 for passwords -- examples in C? [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.

Closed last year.

Improve this question

I've been looking for about a week to find an example of something in C that would work as the 'turn this password into properly hashed form for storage' using either the BSAFE or openssl crypto libraries, generating decent salt and doing a arguably adequate number of rounds.

Does anyone know of an example from which to crib? I'm lazy enough to prefer not to have to figure it all out myself the hard way, as this is a small (but key) part of another project.

thanks -dB

Answer 1

I will demo how to use openssl api to generate the hash.

#include <openssl/evp.h>

// more ITERATIONs, more secure. But you should consider the performance on your target machine
ITERATION = 512000; 

// this will be the result of PBKDF2-HMAC-SHA1  
int SHA1_LEN = 20;
unsigned char* out = (unsigned char*)calloc(SHA1_LEN, sizeof(unsigned char));

int SALT_LEN = 5;
unsigned char* salt = (unsigned char*)calloc(SALT_LEN, sizeof(unsigned char));
RAND_bytes(salt, SALT_LEN);

pwd = ""; /*your password here */
PKCS5_PBKDF2_HMAC_SHA1(pwd, strlen(pwd), salt_value, SALT_LEN, ITERATION, SHA1_LEN, out);