我刚刚在Lion上使用了libcrypto,看起来整个api已被弃用了。自{10.6.6以来man pages尚未更新。
有人知道在Lion上替换libcrypto是什么意思吗?
答案 0 :(得分:7)
libcrypto是OpenSSL的一部分,它没有太大变化。它不会消失,但Apple建议开发人员使用他们的CDSA (Common Data Security Architecture)库而不是直接使用OpenSSL。
答案 1 :(得分:7)
如果你知道自己在做什么,而你只是想摆脱这些警告,一种方法是添加
#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
到相关的标题 - 在我的案例中是/usr/include/openssl/crypto.h和/usr/include/openssl/md5.h。
答案 2 :(得分:3)
好的,在这里回答我自己的问题。
10.7将变换引入Security.framework,它与SecKey紧密相关。转换可以让你做很多事情,包括编码(例如base64),摘要,签名/验证和加密。
以下是如何签署某些数据的示例。所有变换都遵循相同的基本模式;如果您查看Headers for Security.framework,您将看到每种类型转换的标题。它们来自SecTransformReadTransform.h和SecSignVerifyTransform.h。为简单起见,我在这里省略了任何错误检查或清理代码。
NSData *dataToBeSigned = ;// Get this from somewhere. We set sha1 attributes down below, so this should be a sha1 digest
SecKeyRef *key = ;// Get this from somewhere; keychain or SecItemImport
SecGroupTransformRef group = SecTransformCreateGroupTransform();
CFReadStreamRef readStream = NULL;
SecTransformRef readTransform = NULL;
SecTransformRef signingTransform = NULL;
// Setup our input stream as well as an input transform
readStream = CFReadStreamCreateWithBytesNoCopy(kCFAllocatorDefault,
[dataToBeSigned bytes],
[dataToBeSigned length],
kCFAllocatorNull); // Pass Null allocator so it doesn't free NSData's bytes
readTransform = SecTransformCreateReadTransformWithReadStream(readStream);
// Setup a signing transform
signingTransform = SecSignTransformCreate(key, NULL);
SecTransformSetAttribute(signingTransform, kSecInputIsDigest, kCFBooleanTrue, NULL);
SecTransformSetAttribute(signingTransform, kSecDigestTypeAttribute, kSecDigestSHA1, NULL);
// Connect read and signing transform; Have read pass its data to the signer
SecTransformConnectTransforms(readTransform, kSecTransformOutputAttributeName,
self.signingTransformRef, kSecTransformInputAttributeName,
group, NULL);
// Execute the sequence of transforms (group)
// The last one in the connected sequence is the return value
NSData *signature = SecTransformExecute(group, NULL);