Deprecated OpenSSL functionality
As an exercise in integrating my own code using an external API with a programming interface for a system, I am faced with the following problem: Apple has marked most of the OpenSSL API as "deprecated". Any help would be greatly appreciated!
I grabbed OpenSSL 1.0.1i version on Aug 6, 2014 from http://www.openssl.org/ .
An attempt to link statically with a "sick horse" was useless:
g++ test.cc -o test -lssl -Bstatic -L/usr/local/ssl/include -lcrypto -lcurcl
I want to add that I was instructed to compile my C ++ code with the g ++ compiler as follows.
g++ test.cc -o test -lssl -lcrypto -lcurl
Both calls complete the following actions.
Output example:
test.cc: In function โstd::string encode_base64(const std::string&)โ:
test.cc:104: warning: โBIO_newโ is deprecated (declared at /usr/include/openssl/bio.h:581)
test.cc:104: warning: โBIO_f_base64โ is deprecated (declared at /usr/include/openssl/evp.h:647)
test.cc:104: warning: โBIO_f_base64โ is deprecated (declared at /usr/include/openssl/evp.h:647)
test.cc:104: warning: โBIO_newโ is deprecated (declared at /usr/include/openssl/bio.h:581)
test.cc:105: warning: โBIO_newโ is deprecated (declared at /usr/include/openssl/bio.h:581)
test.cc:105: warning: โBIO_s_memโ is deprecated (declared at /usr/include/openssl/bio.h:616)
test.cc:105: warning: โBIO_s_memโ is deprecated (declared at /usr/include/openssl/bio.h:616)
test.cc:105: warning: โBIO_newโ is deprecated (declared at /usr/include/openssl/bio.h:581)
test.cc:106: warning: โBIO_pushโ is deprecated (declared at /usr/include/openssl/bio.h:594)
test.cc:106: warning: โBIO_pushโ is deprecated (declared at /usr/include/openssl/bio.h:594)
test.cc:107: warning: โBIO_writeโ is deprecated (declared at /usr/include/openssl/bio.h:587)
test.cc:107: warning: โBIO_writeโ is deprecated (declared at /usr/include/openssl/bio.h:587)
test.cc:108: warning: โBIO_ctrlโ is deprecated (declared at /usr/include/openssl/bio.h:590)
test.cc:108: warning: โBIO_ctrlโ is deprecated (declared at /usr/include/openssl/bio.h:590)
test.cc:109: warning: โBIO_ctrlโ is deprecated (declared at /usr/include/openssl/bio.h:590)
test.cc:109: warning: โBIO_ctrlโ is deprecated (declared at /usr/include/openssl/bio.h:590)
test.cc:113: warning: โBIO_free_allโ is deprecated (declared at /usr/include/openssl/bio.h:596)
test.cc:113: warning: โBIO_free_allโ is deprecated (declared at /usr/include/openssl/bio.h:596)
test.cc: In function โstd::string encrypt(const std::string&)โ:
test.cc:122: warning: โOPENSSL_add_all_algorithms_noconfโ is deprecated (declared at /usr/include/openssl/evp.h:828)
test.cc:122: warning: โOPENSSL_add_all_algorithms_noconfโ is deprecated (declared at /usr/include/openssl/evp.h:828)
test.cc:136: warning: โRSA_public_encryptโ is deprecated (declared at /usr/include/openssl/rsa.h:275)
test.cc:140: warning: โRSA_public_encryptโ is deprecated (declared at /usr/include/openssl/rsa.h:275)
test.cc:144: warning: โRSA_freeโ is deprecated (declared at /usr/include/openssl/rsa.h:282)
test.cc:144: warning: โRSA_freeโ is deprecated (declared at /usr/include/openssl/rsa.h:282)
Sample source code (test.cc):
#include <string>
#include <iostream>
#include <sstream>
#include <ctime>
#include <openssl/sha.h>
#include <openssl/hmac.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/buffer.h>
#include <openssl/x509v3.h>
#include <openssl/objects.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
#include <curl/curl.h>
using namespace std;
string create_blob(const string &username, const string &password);
string encode_base64(const string &s);
string url_encode(CURL *curl, const string &s);
string encrypt(const string &s);
string timestamp_in_ms();
void login(const string &username, const string &password);
template <typename T>
string to_string(const T &v)
{
stringstream ss;
ss << v;
return ss.str();
};
int main(int argc, const char* argv[])
{
if (argc != 3) {
cerr << "Usage: " << argv[0] << "<username> <password>";
exit(1);
}
string username = string(argv[1]);
string password = string(argv[2]);
login(username, password);
};
void login(const string &username, const string &password)
{
CURL *curl;
CURLcode res;
curl_global_init(CURL_GLOBAL_ALL);
curl = curl_easy_init();
if (!curl) {
cerr << "Error starting curl" << endl;
exit(1);
}
struct curl_slist *header = NULL;
header = curl_slist_append(header, "Accept-Language: sv");
header = curl_slist_append(header, "Accept: application/json");
string blob = create_blob(username, password);
string postdata = "auth=" + url_encode(curl, blob) + "&service=NEXTAPI";
curl_easy_setopt(curl, CURLOPT_URL,
"https://api.test.nordnet.se/next/1/login");
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postdata.c_str());
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, postdata.length());
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, header);
res = curl_easy_perform(curl);
curl_slist_free_all(header);
curl_easy_cleanup(curl);
}
string create_blob(const string &username, const string &password)
{
string encoded =
encode_base64(username) + ":" +
encode_base64(password) + ":" +
encode_base64(timestamp_in_ms());
return encode_base64(encrypt(encoded));
}
string timestamp_in_ms()
{
return to_string(std::time(0)) + "000";
}
string url_encode(CURL *curl, const string &s)
{
char *url_encoded = curl_easy_escape(curl, s.c_str(), s.length());
string url_encoded_str(url_encoded);
curl_free(url_encoded);
return url_encoded_str;
}
string encode_base64(const string &s) {
BIO *bmem, *b64;
BUF_MEM *bptr;
b64 = BIO_new(BIO_f_base64());
bmem = BIO_new(BIO_s_mem());
b64 = BIO_push(b64, bmem);
BIO_write(b64, s.c_str(), s.length());
BIO_flush(b64);
BIO_get_mem_ptr(b64, &bptr);
string base64 = string(bptr->data,bptr->length-1);
BIO_free_all(b64);
return base64;
}
string encrypt(const string &s) {
RSA *public_key;
FILE *fp;
OpenSSL_add_all_algorithms();
fp = fopen("NEXTAPI_TEST_public.pem","r");
public_key = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL);
fclose(fp);
if (!public_key) {
cerr << "Can't read public key" << endl;
exit(1);
}
unsigned char encrypted[2560] = {0};
int len =
RSA_public_encrypt(s.length(),
reinterpret_cast<unsigned char*>(const_cast<char *>(s.c_str())),
encrypted,
public_key,
RSA_PKCS1_PADDING);
string result(reinterpret_cast<const char *>(encrypted), len);
RSA_free(public_key);
return result;
}
Similar questions:
"SHA1" is deprecated: Deprecated first in OS X 10.7?
http://www.unix.com/programming/162567-linking-openssl-libcrypto-statically.html
source to share
The warnings indicate that you are still compiling the openssl library supplied by apple, as the files .h
from that library are the ones that are adorned with disclaimer warnings.
You need to compile the code that openssl is looking for included in /usr/local/ssl/include
(assuming that this is where you installed your copy of the library:
-I/usr/local/ssl/include
Second, it looks like OSX does nothing with the option -static
- no matter what you try, it will reference the dynamic version, so you need to explicitly reference the file libcrypto.a
completely in the path
/usr/local/ssl/lib/libcrypto.a
so your compilation line will look like this:
g++ -I/usr/local/ssl/include test.cc -o test /usr/local/ssl/lib/libssl.a /usr/local/ssl/lib/libcrypto.a -lcurl
(I assume -lcurl, I have never seen libcurcl before).
source to share