Skip to main content

Is there a library for iPhone to work with HMAC-SHA-1 encoding



For all operation with Amazon services(S3, EC2, SimpleDB) You need to sign all resquest with HMAC-SHA-1 Signature( http://en.wikipedia.org/wiki/HMAC , http://docs.amazonwebservices.com/AWSFWS/latest/DeveloperGuide/index.html?SummaryOfAuthentication.html ).





I'm working under asp.net backend and there is no problems. Problem is in the iPhone application. iPhone developer says that there is no way to use HMAC-SHA-1 encoding, and he have no rigths to implement his own algorithm. As programmer I cannot understand why there can be a problem.





So I want too know is iPhone developer right?





I've never coded for iPhone, so I don't even where to search such an information.



Source: Tips4all

Comments

  1. CommonCrypto will do it. But if you want code, I have some here:

    http://oauth.googlecode.com/svn/code/obj-c/OAuthConsumer/Crypto/

    Which I wrote for use in the Cocoa OAuth implementation: http://code.google.com/p/oauthconsumer/wiki/UsingOAuthConsumer

    ReplyDelete
  2. CommonCrypto does the trick.

    #import <CommonCrypto/CommonHMAC.h>


    then later

    /*
    inputs:
    NSData *keyData;
    NSData *clearTextData
    */

    uint8_t digest[CC_SHA1_DIGEST_LENGTH] = {0};

    CCHmacContext hmacContext;
    CCHmacInit(&hmacContext, kCCHmacAlgSHA1, keyData.bytes, keyData.length);
    CCHmacUpdate(&hmacContext, clearTextData.bytes, clearTextData.length);
    CCHmacFinal(&hmacContext, digest);

    NSData *out = [NSData dataWithBytes:digest length:CC_SHA1_DIGEST_LENGTH];

    ReplyDelete
  3. A bit of googling and I found this document.


    Exporting of SHA1 is subject to
    (United Statese)Federal Government
    export controls and exporters are
    advised to contact the Department of
    Commerce, Bureau of Export
    Administration for more information.


    I also found this:


    People's Republic of China and the
    former Soviet Block can import SHA as
    long as it's intended for civil
    end-user applications rather than for
    military purpose. The following
    countries are prohibited from
    importing SHA: Cuba, Iran, Iraq,
    Libya, North Korea, Serbia, Syria, and
    Sudan. Please note that this list of
    embargo countries changes over time.


    (Not a direct answer to your question, but certainly pertinent.)

    ReplyDelete
  4. Not for iPhone in particular, but the library libs3 provides a C API for accessing Amazon's S3 services. It, or the FUSE s3fs component, may be good sources for extracting the routines needed to communicate with Amazon's Web Services. As Objective-C is still C at its core, these routines should work just fine on the iPhone.

    I know at least one developer who is using something similar within their iPhone application to communicate with S3 buckets.

    ReplyDelete
  5. I think the CommonCrypto library will do what you want. Look at this file:

    /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS2.2.sdk/usr/include/CommonCrypto/CommonHMAC.h

    ReplyDelete
  6. This article demonstrates a little function that will generate an SHA-1 hash digest that will match what the php sha1() function will generate if you give it the same input:

    #import <CommonCrypto/CommonDigest.h>

    @implementation SHA1

    +(NSString*) digest:(NSString*)input
    {
    const char *cstr = [input cStringUsingEncoding:NSUTF8StringEncoding];
    NSData *data = [NSData dataWithBytes:cstr length:input.length];

    uint8_t digest[CC_SHA1_DIGEST_LENGTH];

    CC_SHA1(data.bytes, data.length, digest);

    NSMutableString* output = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 2];

    for(int i = 0; i < CC_SHA1_DIGEST_LENGTH; i++)
    [output appendFormat:@"%02x", digest[i]];

    return output;

    }
    @end

    ReplyDelete
  7. I don't know if this is the case anymore, but there used to be restrictions on encryption algorithms and your right to distribute them to certain countries were restricted.

    If this is still the case it could be that Apple don't want/can't restrict certain applications from being downloaded in these countries.

    ReplyDelete

Post a Comment

Popular posts from this blog

Why is this Javascript much *slower* than its jQuery equivalent?

I have a HTML list of about 500 items and a "filter" box above it. I started by using jQuery to filter the list when I typed a letter (timing code added later): $('#filter').keyup( function() { var jqStart = (new Date).getTime(); var search = $(this).val().toLowerCase(); var $list = $('ul.ablist > li'); $list.each( function() { if ( $(this).text().toLowerCase().indexOf(search) === -1 ) $(this).hide(); else $(this).show(); } ); console.log('Time: ' + ((new Date).getTime() - jqStart)); } ); However, there was a couple of seconds delay after typing each letter (particularly the first letter). So I thought it may be slightly quicker if I used plain Javascript (I read recently that jQuery's each function is particularly slow). Here's my JS equivalent: document.getElementById('filter').addEventListener( 'keyup', function () { var jsStart = (new Date).getTime()...

Is it possible to have IF statement in an Echo statement in PHP

Thanks in advance. I did look at the other questions/answers that were similar and didn't find exactly what I was looking for. I'm trying to do this, am I on the right path? echo " <div id='tabs-".$match."'> <textarea id='".$match."' name='".$match."'>". if ($COLUMN_NAME === $match) { echo $FIELD_WITH_COLUMN_NAME; } else { } ."</textarea> <script type='text/javascript'> CKEDITOR.replace( '".$match."' ); </script> </div>"; I am getting the following error message in the browser: Parse error: syntax error, unexpected T_IF Please let me know if this is the right way to go about nesting an IF statement inside an echo. Thank you.