For all operation with Amazon services(S3, EC2, SimpleDB) You need to sign all resquest with HMAC-SHA-1 Signature( http://en.wikipedia.org/wiki/HMAC , http://docs.amazonwebservices.com/AWSFWS/latest/DeveloperGuide/index.html?SummaryOfAuthentication.html ).
I'm working under asp.net backend and there is no problems. Problem is in the iPhone application. iPhone developer says that there is no way to use HMAC-SHA-1 encoding, and he have no rigths to implement his own algorithm. As programmer I cannot understand why there can be a problem.
So I want too know is iPhone developer right?
I've never coded for iPhone, so I don't even where to search such an information.
Source: Tips4all
CommonCrypto will do it. But if you want code, I have some here:
ReplyDeletehttp://oauth.googlecode.com/svn/code/obj-c/OAuthConsumer/Crypto/
Which I wrote for use in the Cocoa OAuth implementation: http://code.google.com/p/oauthconsumer/wiki/UsingOAuthConsumer
CommonCrypto does the trick.
ReplyDelete#import <CommonCrypto/CommonHMAC.h>
then later
/*
inputs:
NSData *keyData;
NSData *clearTextData
*/
uint8_t digest[CC_SHA1_DIGEST_LENGTH] = {0};
CCHmacContext hmacContext;
CCHmacInit(&hmacContext, kCCHmacAlgSHA1, keyData.bytes, keyData.length);
CCHmacUpdate(&hmacContext, clearTextData.bytes, clearTextData.length);
CCHmacFinal(&hmacContext, digest);
NSData *out = [NSData dataWithBytes:digest length:CC_SHA1_DIGEST_LENGTH];
A bit of googling and I found this document.
ReplyDeleteExporting of SHA1 is subject to
(United Statese)Federal Government
export controls and exporters are
advised to contact the Department of
Commerce, Bureau of Export
Administration for more information.
I also found this:
People's Republic of China and the
former Soviet Block can import SHA as
long as it's intended for civil
end-user applications rather than for
military purpose. The following
countries are prohibited from
importing SHA: Cuba, Iran, Iraq,
Libya, North Korea, Serbia, Syria, and
Sudan. Please note that this list of
embargo countries changes over time.
(Not a direct answer to your question, but certainly pertinent.)
Not for iPhone in particular, but the library libs3 provides a C API for accessing Amazon's S3 services. It, or the FUSE s3fs component, may be good sources for extracting the routines needed to communicate with Amazon's Web Services. As Objective-C is still C at its core, these routines should work just fine on the iPhone.
ReplyDeleteI know at least one developer who is using something similar within their iPhone application to communicate with S3 buckets.
I think the CommonCrypto library will do what you want. Look at this file:
ReplyDelete/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS2.2.sdk/usr/include/CommonCrypto/CommonHMAC.h
This article demonstrates a little function that will generate an SHA-1 hash digest that will match what the php sha1() function will generate if you give it the same input:
ReplyDelete#import <CommonCrypto/CommonDigest.h>
@implementation SHA1
+(NSString*) digest:(NSString*)input
{
const char *cstr = [input cStringUsingEncoding:NSUTF8StringEncoding];
NSData *data = [NSData dataWithBytes:cstr length:input.length];
uint8_t digest[CC_SHA1_DIGEST_LENGTH];
CC_SHA1(data.bytes, data.length, digest);
NSMutableString* output = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 2];
for(int i = 0; i < CC_SHA1_DIGEST_LENGTH; i++)
[output appendFormat:@"%02x", digest[i]];
return output;
}
@end
I don't know if this is the case anymore, but there used to be restrictions on encryption algorithms and your right to distribute them to certain countries were restricted.
ReplyDeleteIf this is still the case it could be that Apple don't want/can't restrict certain applications from being downloaded in these countries.