Lists

Open Menu Close Menu

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Using OpenSSL and RSA

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using OpenSSL and RSA

Subject: Re: Using OpenSSL and RSA
From: Alex Rice <email@hidden>
Date: Tue, 26 Mar 2002 20:00:55 -0700

On Tuesday, March 26, 2002, at 07:16 PM, Matt Ronge wrote:

Thanks for the suggestions about OpenSSL. I've decided to use it since it's
right in the OS.

However, I can't figure out how to use the functions. I'm interested in
these two:

It took me while to figure it out how to use OpenSSL from Obj-C. Here is the process I went through:

1) prove to yourself that the openssl library exists and contains the function you are looking for. From the shell:

# strings /usr/lib/libcrypto.dylib | grep -i rsa_sign
RSA_sign_ASN1_OCTET_STRING
RSA_sign
rsa_sign.c

OK there is your RSA_sign function. There is probably a more elegant way to verify that symbol exists. Anyways.

2) Find the openssl headers on your machine. In my case:

# locate rsa.h
/Users/alex/Hacking/Cocoa/openssl-0.9.6b/apps/testrsa.h <-- here's an example app, looks like!
/Users/alex/Hacking/Cocoa/openssl-0.9.6b/crypto/rsa/rsa.h
/Users/alex/Hacking/Cocoa/openssl-0.9.6b/include/openssl/rsa.h
/usr/local/include/openssl/rsa.h
# locate crypto.h
/Users/alex/Hacking/Cocoa/openssl-0.9.6b/crypto/crypto.h
/Users/alex/Hacking/Cocoa/openssl-0.9.6b/include/openssl/crypto.h
/Users/alex/src/postgresql-7.2/contrib/pgcrypto/pgcrypto.h

3) Decide if your openssl headers are complete. Now even though libcrypto has RSA_sign, you may not have rsa.h on your system. In my case I needed evp.h, which did not come with OS X, although the EVP functions are indeed in the libcryto. If you are missing a header, grab the source from openssl.org and unpack it somewhere. Don't build or install openssl though.

4) In your ProjectBuilder project, in Target | Build Settings
Add to Search Paths | Headers, the directory containing your openssl headers, like in my case
/usr/local/include/openssl

5) In your ProjectBuilder project, in Target | Build Settings
In Other Linker Flags, add -lcrypto -lssl

That's it! In an Objective-C .m file, just include rsa.h, and write some C code in an objective-c method. There are a bunch of example apps that come with the openssl source, including one that uses RSA.

In my case it looked something this

#import <evp.h>

-(void) someMethod:(id) sender
{

// these are structs and arrays used by the evp message digest functions
EVP_MD_CTX mdctx;
const EVP_MD *md;
char mess1[] = "fu\n";
char mess2[] = "bar\n";
char seedStr[7];
unsigned char md_value[EVP_MAX_MD_SIZE];
int md_len, seed, i;

// this NSString I'm going to use for comparing later on
NSMutableString *curKey = [NSMutableString stringWithCapacity:40];

OpenSSL_add_all_digests();
//...
// create a SHA digest
md = EVP_get_digestbyname("sha1");
EVP_DigestInit(&mdctx, md);
EVP_DigestUpdate(&mdctx, mess1, strlen(mess1));
EVP_DigestUpdate(&mdctx, mess2, strlen(mess2));
EVP_DigestUpdate(&mdctx, seedStr, strlen(seedStr));
EVP_DigestFinal(&mdctx, md_value, &md_len);

// inspect md_value[] and do stuff with it
for(i = 0; i < md_len; i++)
[curKey appendFormat:@"x", md_value[i]];

// more objective-c stuff...

}

Alex Rice <email@hidden>
Mindlube Software
http://www.mindlube.com/
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.

Follow-Ups:
- Re: Using OpenSSL and RSA
  - From: Andy Lee <email@hidden>

References:
	>Using OpenSSL and RSA (From: Matt Ronge <email@hidden>)

Prev by Date: Dropping on Apps Dock icon
Next by Date: Re: adding new class in IB to localized app=connection trouble
Previous by thread: Using OpenSSL and RSA
Next by thread: Re: Using OpenSSL and RSA
Index(es):
- Date
- Thread