This is my first question here as before I found all workarounds from another questions.
The question is very short: Does anyone know if there is any Diffie-Hellman implementation for iOS? I mean...the idea is to share between 2 devices (one is iOS and the other a java web service) a secret key, and I think the best idea should be that method.
If not, can anyone suggest me another option?
I'm not an advanced developer, that's why i'm trying to check for a framework for this.
Thanks in advance everyone!
Apple has an implementation of Diffie-Hellman in iOS as part of Secure Transport. Here is the Secure Transport Reference
I'm posting this answer on a very old question because it's still relevant and other questions might link to this one. Improving this question's completeness may help answer newer questions.
A quick google gives;
http://www.chilkatsoft.com/dh-objc.asp
You should really look into just using SSL though instead of inventing your own security protocol.
You can include openssl as a static library in your app project and use its Diffie-Hellman functions. As Joachim rightly says though, if you're communicating to a web service the easiest and best approach is to use SSL.
There is a Diffie-Hellman implementation for iOS in github.
You can use it.
https://github.com/benjholla/Diffie-Hellman-iOS
Also you can use openssl with ios. Considering openssl is a proven library, it is better to use openssl for this purpose.
There is a Diffie-Hellman implementation for iOS SWIFT-4 on github with complete example code. You can use it. https://github.com/raoarafat/DeffieHelmanKeyExchange-Swift. Just download & use it.
SWIFT-4 Compatible.
Enjoy...
Related
Can anyone provide information on the proper way to hash passwords using objective c (ios 6+)? I'm looking for examples and can't find anything clear out there.
I would avoid doing your own hashing and store them in the Keychain for security.
UPDATE
There are probably many ways to do this, but the way I have sent info securely over the net is to simply use the https protocol. See this question, answer and discussion.
As an aside, why even do this at all? The OAuth protocol has been invented for this purpose, and is fairly easy to setup.
I made an application that works with the twitter API to generate tweets.
Now I want to expand my application but to do the things I want in my application I have to authenticate with the twitter API.
The best example I found was here
But I can't seem to figure out how I can authenticate.
Is there anyone that has experience with this or if there is a good reliable OAuth class for delphi?
I dont consider the class in the example from the link as reliable since this post is from 2009. If you can prove me wrong, please do :)
Any help is much appreciated.
Thanks in advance.
I have made that same search myself a few months ago and come up empty handed. A similar question recently arose on the ADUG mailing list, and again to no avail.
I don't believe that there is a publicly available Delphi library for OAuth and/or Open Id. IMHO, this is an open source project ripe for development by some-one with the time and motivation.
Jeff Dean from pivotal labs wrote about it. I is there any official guides for that? Perhaps if there is a newer blog post that would be also useful.
Not an answer to your question, but rather an alternative :-)
You might wanna look at grape. It's a Sinatra-like framework for building REST APIs :-)
I discovered it a few days ago. It looks promising. I'm going to use it in my next project.
I have a Titanium Appcelerator project and I am trying to incorporate an API that uses oAuth. I found an excellent implementation of oAuth in Titanium Appcelerator for SimpleGeo by Aaron Saunders over at his blog:
http://blog.clearlyinnovative.com/post/3321606289/titanium-appcelerator-quickie-oauth-and-simplegeo
It is extremely simplified and boiled down so I figured it would be easy to transfer the implementation to other APIs. In my case, I would like to extend it to Quizlet's API found here:
https://quizlet.com/api/2.0/docs/authorization_code_flow/
However, I am afraid I am just too new to oAuth in general that I don't even know where to begin, especially in how and what to do to the parameters. I'm hoping it's as simple as changing some parameters around.
It would be terrific if an expert could spare some time and maybe explain how I would go about adapting the implementation for Quizlet's API.
Thank you so much in advance. Please let me know if you would like me to paste in the code from Aaron's blog or do anything. I didn't want to clutter this post.
What is the preferred method of implementing the OpenSocial platform? I'm aware of Apache Shindig but can't really find any useful information on it. Also, is it possible to use an existing solution like the Rails-based lovdbyless and add OpenSocial features to it?
I've ported shindig over to .NET at http://code.google.com/p/pesta/ and a sample site using it from partuza at http://www.codeplex.com/raya
There seems to be a plugin that someone started, Ruby on Rails, OpenSocial Container plugin 0.1.0, the comments have someone from Apache Shindig suggesting it get rolled into there as the Ruby server implementation.
I also found an article on rolling your own, Google's OpenSocial with Ruby on Rails.
I haven't tried, either, yet.
Even some of the guys on the Shindig team admit that the documentation is very sparse, to the extent that they say the source code is the documentation - and, believe me, there's quite a bit of source code to look at.
The most helpful links I've found are these:
http://mail-archives.apache.org/mod_mbox/incubator-shindig-dev/200805.mbox/raw/%3CF60DD781-F361-4865-AEC6-284644D0DFF3#xs4all.nl%3E/
http://cwiki.apache.org/confluence/display/SHINDIG/The+rough+guide+to+deploying+shindig
http://mail-archives.apache.org/mod_mbox/incubator-shindig-dev/200905.mbox/%3c4CC1540B3EC8D54AA01CC6BC40F71030E0991E#EXCHANGE.corp.shop.com%3e
and for an example of how to replace the default classes so as to interact with a database:
http://cwiki.apache.org/confluence/display/SHINDIG/Providing+your+own+data+service+implementation