Is there a library for iPhone to work with HMAC-SHA-1 encoding

Question

For all operation with Amazon services(S3, EC2, SimpleDB) You need to sign all resquest with HMAC-SHA-1 Signature(http://en.wikipedia.org/wiki/HMAC , http://docs.amazonwebservices.com/AWSFWS/latest/DeveloperGuide/index.html?SummaryOfAuthentication.html).

I'm working under asp.net backend and there is no problems. Problem is in the iPhone application. iPhone developer says that there is no way to use HMAC-SHA-1 encoding, and he have no rigths to implement his own algorithm. As programmer I cannot understand why there can be a problem.

So I want too know is iPhone developer right?

I've never coded for iPhone, so I don't even where to search such an information.

Answer 1

CommonCrypto does the trick.

#import <CommonCrypto/CommonHMAC.h>

then later

/*
  inputs:
  NSData *keyData;
  NSData *clearTextData
*/

uint8_t digest[CC_SHA1_DIGEST_LENGTH] = {0};

CCHmacContext hmacContext;
CCHmacInit(&hmacContext, kCCHmacAlgSHA1, keyData.bytes, keyData.length);
CCHmacUpdate(&hmacContext, clearTextData.bytes, clearTextData.length);
CCHmacFinal(&hmacContext, digest);

NSData *out = [NSData dataWithBytes:digest length:CC_SHA1_DIGEST_LENGTH];

Answer 2

CommonCrypto will do it. But if you want code, I have some here:

http://oauth.googlecode.com/svn/code/obj-c/OAuthConsumer/Crypto/

Which I wrote for use in the Cocoa OAuth implementation: http://code.google.com/p/oauthconsumer/wiki/UsingOAuthConsumer

Answer 3

This article demonstrates a little function that will generate an SHA-1 hash digest that will match what the php sha1() function will generate if you give it the same input:

#import <CommonCrypto/CommonDigest.h>

@implementation SHA1

+(NSString*) digest:(NSString*)input
{
const char *cstr = [input cStringUsingEncoding:NSUTF8StringEncoding];
NSData *data = [NSData dataWithBytes:cstr length:input.length];

uint8_t digest[CC_SHA1_DIGEST_LENGTH];

CC_SHA1(data.bytes, data.length, digest);

NSMutableString* output = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 2];

for(int i = 0; i < CC_SHA1_DIGEST_LENGTH; i++)
[output appendFormat:@"%02x", digest[i]];

return output;

}
@end

Answer 4

A bit of googling and I found this document.

Exporting of SHA1 is subject to (United Statese)Federal Government export controls and exporters are advised to contact the Department of Commerce, Bureau of Export Administration for more information.

I also found this:

People's Republic of China and the former Soviet Block can import SHA as long as it's intended for civil end-user applications rather than for military purpose. The following countries are prohibited from importing SHA: Cuba, Iran, Iraq, Libya, North Korea, Serbia, Syria, and Sudan. Please note that this list of embargo countries changes over time.

(Not a direct answer to your question, but certainly pertinent.)

Answer 5

Not for iPhone in particular, but the library libs3 provides a C API for accessing Amazon's S3 services. It, or the FUSE s3fs component, may be good sources for extracting the routines needed to communicate with Amazon's Web Services. As Objective-C is still C at its core, these routines should work just fine on the iPhone.

I know at least one developer who is using something similar within their iPhone application to communicate with S3 buckets.