23

I have a function that's generating a sha256 encryption of a string,

Here's the function:

    -(NSString*)sha256HashFor:(NSString*)input
{
    const char* str = [input UTF8String];
    unsigned char result[CC_SHA256_DIGEST_LENGTH];
    CC_SHA256(str, strlen(str), result);

    NSMutableString *ret = [NSMutableString stringWithCapacity:CC_SHA256_DIGEST_LENGTH*2];
    for(int i = 0; i<CC_SHA256_DIGEST_LENGTH; i++)
    {
        [ret appendFormat:@"%02x",result[i]];
    }
    return ret;
}

Now this line right here CC_SHA256(str, strlen(str), result); is what's producing this warning (the warning is for the strlen(str) variable).

Implicit conversion loses integer precision: 'size_t' (aka 'unsigned long') to 'CC_LONG' (aka 'unsigned int')

I'm guessing I just need to convert the strlen(str) to a CC_Long, but I have no idea how to do that.

garetmckinley
  • 1,122
  • 2
  • 11
  • 29
  • 10
    `(CC_LONG)strlen(str)` – mah Jun 09 '13 at 20:30
  • What kind of compiler/toolchain and settings are you using? This seems like something overly pedantic. –  Jun 09 '13 at 20:31
  • 3
    By the way, why would this be tagged osx or automatic-ref-counting... exactly zero of either of these is in the question. – mah Jun 09 '13 at 20:31
  • @mah Just like when iOS programming questions are tagged with `xcode` - *why?* Would it really matter if OP used Eclipse instead? Whatever... –  Jun 09 '13 at 20:32

3 Answers3

56

  1. Presumably that's not an error but a warning.

  2. "I just need to convert the strlen(str) to a CC_Long, but I have no idea how to do that." - explicit type conversion (type casting): (CC_LONG)strlen(str), but I don't think you really need this.

neowinston
  • 7,584
  • 10
  • 52
  • 83
  • 1
    it is a warning indeed... warning you that in theory the size_t could be bigger than the CC_Long ... add a cast to say: yes I know and it is okay – Daij-Djan Jun 09 '13 at 20:52
  • @Daij-Djan Yep, I find it either unlikely or potentially screwed up if a string is more than 4GB long (on OS X `int` is 4 bytes wide). –  Jun 09 '13 at 20:55
  • It was just was just a warning, however my app is breaking on this line every time I run it. – garetmckinley Jun 09 '13 at 23:41
  • I actually fixed it, turned out even though it was breaking on that line, it was from a different reason. However, this answer still answered the original question. Got rid of that warning :D – garetmckinley Jun 10 '13 at 13:33
  • Thanks for a quick around solution. it worked for me. Thnk u very much – Abdul Yasin Apr 08 '14 at 11:57
3

This code will not show any warning and works perfectly.

- (NSString*) sha256 {
    const char * pointer = [self UTF8String];
    unsigned char result[CC_SHA256_DIGEST_LENGTH];
    CC_SHA256(pointer, (CC_LONG)strlen(pointer), result);

    NSMutableString *ret = [NSMutableString stringWithCapacity:CC_SHA256_DIGEST_LENGTH*2];
    for(int i = 0; i<CC_SHA256_DIGEST_LENGTH; i++)
    {
        [ret appendFormat:@"%02x",result[i]];
    }
    return ret;
}
Shubham
  • 1,230
  • 2
  • 12
  • 26
1

Speaking from the iOS perspective, the fact that CC_LONG (a.k.a. uint32_t) and size_t (unsigned long) are incompatible sizes can be a security/stability concern in some applications, especially when dealing with reusable library functions.

An MD5 hash is a 128 bit hash of a potentially unlimited length message, so there is a good reason for this warning. If you truncate a length greater than 2^32, you will come up with an incorrect hash.

Your code should logically decide on how large of a string it can support. In this case using CC_MD5, it would have to be 2^32 bytes.

Maximum length for MD5 input/output

Community
  • 1
  • 1
Joey Carson
  • 2,973
  • 7
  • 36
  • 60