Clever Geek Handbook

Deprecated OpenSSL functionality

As an exercise in integrating my own code using an external API with a programming interface for a system, I am faced with the following problem: Apple has marked most of the OpenSSL API as "deprecated". Any help would be greatly appreciated!

I grabbed OpenSSL 1.0.1i version on Aug 6, 2014 from http://www.openssl.org/ .

An attempt to link statically with a "sick horse" was useless:

g++ test.cc -o test -lssl -Bstatic -L/usr/local/ssl/include -lcrypto -lcurcl

I want to add that I was instructed to compile my C ++ code with the g ++ compiler as follows.

g++ test.cc -o test -lssl -lcrypto -lcurl

Both calls complete the following actions.

Output example:

test.cc: In function โ€˜std::string encode_base64(const std::string&)โ€™:
test.cc:104: warning: โ€˜BIO_newโ€™ is deprecated (declared at /usr/include/openssl/bio.h:581)
test.cc:104: warning: โ€˜BIO_f_base64โ€™ is deprecated (declared at /usr/include/openssl/evp.h:647)
test.cc:104: warning: โ€˜BIO_f_base64โ€™ is deprecated (declared at /usr/include/openssl/evp.h:647)
test.cc:104: warning: โ€˜BIO_newโ€™ is deprecated (declared at /usr/include/openssl/bio.h:581)
test.cc:105: warning: โ€˜BIO_newโ€™ is deprecated (declared at /usr/include/openssl/bio.h:581)
test.cc:105: warning: โ€˜BIO_s_memโ€™ is deprecated (declared at /usr/include/openssl/bio.h:616)
test.cc:105: warning: โ€˜BIO_s_memโ€™ is deprecated (declared at /usr/include/openssl/bio.h:616)
test.cc:105: warning: โ€˜BIO_newโ€™ is deprecated (declared at /usr/include/openssl/bio.h:581)
test.cc:106: warning: โ€˜BIO_pushโ€™ is deprecated (declared at /usr/include/openssl/bio.h:594)
test.cc:106: warning: โ€˜BIO_pushโ€™ is deprecated (declared at /usr/include/openssl/bio.h:594)
test.cc:107: warning: โ€˜BIO_writeโ€™ is deprecated (declared at /usr/include/openssl/bio.h:587)
test.cc:107: warning: โ€˜BIO_writeโ€™ is deprecated (declared at /usr/include/openssl/bio.h:587)
test.cc:108: warning: โ€˜BIO_ctrlโ€™ is deprecated (declared at /usr/include/openssl/bio.h:590)
test.cc:108: warning: โ€˜BIO_ctrlโ€™ is deprecated (declared at /usr/include/openssl/bio.h:590)
test.cc:109: warning: โ€˜BIO_ctrlโ€™ is deprecated (declared at /usr/include/openssl/bio.h:590)
test.cc:109: warning: โ€˜BIO_ctrlโ€™ is deprecated (declared at /usr/include/openssl/bio.h:590)
test.cc:113: warning: โ€˜BIO_free_allโ€™ is deprecated (declared at /usr/include/openssl/bio.h:596)
test.cc:113: warning: โ€˜BIO_free_allโ€™ is deprecated (declared at /usr/include/openssl/bio.h:596)
test.cc: In function โ€˜std::string encrypt(const std::string&)โ€™:
test.cc:122: warning: โ€˜OPENSSL_add_all_algorithms_noconfโ€™ is deprecated (declared at /usr/include/openssl/evp.h:828)
test.cc:122: warning: โ€˜OPENSSL_add_all_algorithms_noconfโ€™ is deprecated (declared at /usr/include/openssl/evp.h:828)
test.cc:136: warning: โ€˜RSA_public_encryptโ€™ is deprecated (declared at /usr/include/openssl/rsa.h:275)
test.cc:140: warning: โ€˜RSA_public_encryptโ€™ is deprecated (declared at /usr/include/openssl/rsa.h:275)
test.cc:144: warning: โ€˜RSA_freeโ€™ is deprecated (declared at /usr/include/openssl/rsa.h:282)
test.cc:144: warning: โ€˜RSA_freeโ€™ is deprecated (declared at /usr/include/openssl/rsa.h:282)

Sample source code (test.cc):

#include <string>
#include <iostream>
#include <sstream>
#include <ctime>
#include <openssl/sha.h>
#include <openssl/hmac.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/buffer.h>
#include <openssl/x509v3.h>
#include <openssl/objects.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
#include <curl/curl.h>

using namespace std;

string create_blob(const string &username, const string &password);
string encode_base64(const string &s);
string url_encode(CURL *curl, const string &s);
string encrypt(const string &s);
string timestamp_in_ms();
void login(const string &username, const string &password);

template <typename T>
string to_string(const T &v) 
{ 
  stringstream ss;
  ss << v;
  return ss.str();
};

int main(int argc, const char* argv[])
{
  if (argc != 3) {
    cerr << "Usage: " << argv[0] << "<username> <password>";
    exit(1);
  }
  string username = string(argv[1]);
  string password = string(argv[2]);
  login(username, password);
};

void login(const string &username, const string &password) 
{
  CURL *curl;
  CURLcode res;

  curl_global_init(CURL_GLOBAL_ALL);

  curl = curl_easy_init();
  if (!curl) {
    cerr << "Error starting curl" << endl;
    exit(1);
  }

  struct curl_slist *header = NULL;
  header = curl_slist_append(header, "Accept-Language: sv");
  header = curl_slist_append(header, "Accept: application/json");

  string blob = create_blob(username, password);
  string postdata = "auth=" + url_encode(curl, blob) + "&service=NEXTAPI";

  curl_easy_setopt(curl, CURLOPT_URL, 
    "https://api.test.nordnet.se/next/1/login");
  curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postdata.c_str());
  curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, postdata.length());
  curl_easy_setopt(curl, CURLOPT_HTTPHEADER, header);

  res = curl_easy_perform(curl);

  curl_slist_free_all(header);
  curl_easy_cleanup(curl);

}

string create_blob(const string &username, const string &password) 
{
  string encoded =
    encode_base64(username) + ":" +
    encode_base64(password) + ":" +
    encode_base64(timestamp_in_ms());
  return encode_base64(encrypt(encoded));
}

string timestamp_in_ms() 
{
  return to_string(std::time(0)) + "000";
}

string url_encode(CURL *curl, const string &s)
{
  char *url_encoded = curl_easy_escape(curl, s.c_str(), s.length());
  string url_encoded_str(url_encoded);
  curl_free(url_encoded);

  return url_encoded_str;
}

string encode_base64(const string &s) {
  BIO *bmem, *b64;
  BUF_MEM *bptr;

  b64 = BIO_new(BIO_f_base64());
  bmem = BIO_new(BIO_s_mem());
  b64 = BIO_push(b64, bmem);
  BIO_write(b64, s.c_str(), s.length());
  BIO_flush(b64);
  BIO_get_mem_ptr(b64, &bptr);

  string base64 = string(bptr->data,bptr->length-1);

  BIO_free_all(b64);

  return base64;
}

string encrypt(const string &s) {
  RSA *public_key;  
  FILE *fp;

  OpenSSL_add_all_algorithms();

  fp = fopen("NEXTAPI_TEST_public.pem","r");
  public_key = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
  fclose(fp);

  if (!public_key) {
    cerr << "Can't read public key" << endl;
    exit(1);
  }

  unsigned char encrypted[2560] = {0};

  int len = 
    RSA_public_encrypt(s.length(), 
               reinterpret_cast<unsigned char*>(const_cast<char *>(s.c_str())), 
               encrypted, 
               public_key, 
               RSA_PKCS1_PADDING);

  string result(reinterpret_cast<const char *>(encrypted), len);

  RSA_free(public_key);

  return result;
}

Similar questions:

OpenSSL with gcc on OS X 10.7

"SHA1" is deprecated: Deprecated first in OS X 10.7?

http://www.unix.com/programming/162567-linking-openssl-libcrypto-statically.html

+3


source to share


1 answer


The warnings indicate that you are still compiling the openssl library supplied by apple, as the files .h

from that library are the ones that are adorned with disclaimer warnings.

You need to compile the code that openssl is looking for included in /usr/local/ssl/include

(assuming that this is where you installed your copy of the library:

-I/usr/local/ssl/include

Second, it looks like OSX does nothing with the option -static

- no matter what you try, it will reference the dynamic version, so you need to explicitly reference the file libcrypto.a

completely in the path



/usr/local/ssl/lib/libcrypto.a

so your compilation line will look like this:

g++ -I/usr/local/ssl/include test.cc -o test /usr/local/ssl/lib/libssl.a /usr/local/ssl/lib/libcrypto.a -lcurl

(I assume -lcurl, I have never seen libcurcl before).

+2


source






More articles:


All Articles