Openssl For Mac Os X

Posted on  by



Tonight I’m going to discuss OpenSSL for Matlab – which has been tested against Matlab for Windows and Mac OS X.

After installing PowerShell, you should install OpenSSL. OpenSSL is needed for PowerShell remoting and CIM operations. Installation of latest stable release via Homebrew on macOS 10.13 or higher. If the brew command is not found, you need to install Homebrew following their instructions. Now, you can install PowerShell: brew cask install powershell. OpenSSL provides support for the TLS and SSL protocols, and also includes various tools used in cryptography. Note that OpenSSL is officially available only as source, so you must manually compile.

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. For more information about the team and community around the project, or to start making your own contributions, start with the community page. May 10, 2016 Problem: OpenSSL Security Advisory 3rd May 2016 High severity Solution: Update it:) Mac OSX 10.11.4. Check version $ openssl version -a. Backup old version $ sudo mv /usr/bin/openssl /usr/bin. This affects OpenSSL versions including 1.0.1f which is the version on my up-to-date Mavericks computer Mac (because I used port/brew to install other software which updated my openssl without me realizing it): $ openssl version OpenSSL 1.0.1f 6 Jan 2014 This demonstrates I am not using the Mavericks version of OpenSSL.

This code was written strictly to make it easier to look at various algorithms and modes under different circumstances. However, its a neat tool and has many uses beyond its original intentions.

– First step (assuming you already have Matlab) is to build the project. BuildMex is a helper routine to automatically complete the process. If you change the default install path of OpenSSL that change will need to be taken into account in buildMex. I think the path and potential change that may be necessary is obvious (ispc() – is windows only):

if(ispc())

options = [‘ C:opensslliblibeay32.lib -IC:opensslinclude ‘ options];

elseif(isunix())

options = [options ‘ -I/usr/local/ssl/lib -lssl -lcrypto ‘];

end

– Step two, now that everything is built we need to make sure everything is working, example.m will verify that.

This is the output:

Mac os x el capitan
Test 1a Passed
Test 1c Passed
Test 2 Passed

So, now that we know everything is working lets take a look at whats going on. I’m not going to give an overly in depth description of OpenSSL, but I will describe this tool and the inputs which feed directly into OpenSSL. Look for a more in depth discussion on OpenSSL in the future.

I’m going to start with a simple example and work up from there.

% Test 1a: Basic Encryption / Decryption

dataToEncrypt = uint8(1:255);

encryptedData = mexEVP_Encrypt(‘data’,dataToEncrypt);

decrypted = mexEVP_Decrypt(‘data’,encryptedData);


This example starts by generating data of type UINT8. It then encrypts it and decrypts it. If you were to plot dataToEncrypt & encryptedData it will look like this:


While the example above is powerful, it doesn’t support doubles – the primary Matlab data type. We need a way to convert from double to uint8 and back again with out losing data. Which leads to example 2:


%Test 2: Data Conversion

dataStart = 1:255;


toUint8 = [];

for J=1:length(dataStart)

temp = double2uint8(dataStart(J));

Mac Os X Update

toUint8 = [toUint8; temp];

end


toDouble = [];

for J=1:8:length(toUint8)

temp = uint82double(toUint8(J:J+7));

toDouble = [toDouble; temp];

end


The code above is straight forward with a basic understanding of whats happening. Keep in mind a double is 8 bytes and a uint8 is 1 byte and there are 8 bits in 1 byte. So each double in the dataStart array needs to be converted to a uint8 – the first loop accomplishes that. It iterates over each element and appends it to the toUint8 array – which will have 8x more elements than the input array. The toUint8 array could be passed in the mexEVP_Encrypt function at this point as in the first example. The avid Matlab user will also notice the guts of each loop can be reduced to 1 line – more on that in a few minutes.


So lets assume we have just returned from the mexEVP_Decrypt function – we will need to convert the uint8 array back to doubles. This loop looks pretty similar to the first loop with one major difference – the number of elements being passed into uint82double. Since the are 8 bytes in a double – 8 bytes need to be passed in. Thats why J:J+7 is passed in – 8 bytes are passed in and 1 double (8 bytes) is returned.


With any luck you know have a basic understanding of how to encrypt and decrypt data that is a uint8 or a double. We are missing a few key things at this point like:

  1. Which algorithm – with mode and size is being run?
  2. What key is being used to encrypt my data?
  3. What IV is being used in tandem to encrypt my data?

I’m going to point out the included help – if you run mexEVP_Encrypt with no inputs this will output:

mexEVP_Encrypt:

data: What data would you like to encrypt? This is the only required option…

key: what key would you like the data it be encrypted with?

IV: The initialization vector used to speed some algorithms up

Openssl Version Mac Os X

Supported Ciphers: (Reference OpenSSL documentation for current & complete list)

Currently Defaults to: aes-128-cbc

AES: aes-128-ecb, aes-128-cbc, aes-192-ecb, aes-192-cbc, aes-256-ecb, aes-256-cbc

Openssl For Mac Os X 10 13 Download

Blowfish: bf-ecb, bf-cbc, bf-cfb, bf-ofb

Cast: cast-ecb, cast-cbc, cast-cfb, cast-ofb

DES: des-ecb, des-cbc, des-cfb, des-ofb

DESX: desx

3DES: des-ede3, des-ede3-cbc, des-ede3-cfb, des-ede3-ofb, des-ede, des-ede-cbc, des-ede-cfb, des-ede-ofb

IDEA: idea-ecb, idea-cbc, idea-cfb, idea-ofb

I’m also going to point out one other functions: mexRandom


mexRandom can be used to generate a random Key & IV though the official OpenSSL mechanism.

For


Lets put the basic understanding together with everything else we learned so far – into one large example:


% Test (not in example.m): Encryption / Decryption – random key, iv & custom algorithm

dataToEncrypt = 1:0.25:25;

[key, iv] = mexRandom(‘key’,’iv’);


toUint8 = [];

for J=1:length(dataToEncrypt)

toUint8 = [toUint8; double2uint8(dataToEncrypt(J))];

Mac Os X El Capitan

end


encryptedData = mexEVP_Encrypt(‘data’,toUint8,’key’,key,’iv’,iv,’cipher’,’bf-cbc’);

decrypted = mexEVP_Decrypt(‘data’,encryptedData,’key’,key,’iv’,iv,’cipher’,’bf-cbc’);


toDouble = [];

for J=1:8:length(decrypted)

toDouble = [toDouble; uint82double(decrypted(J:J+7))];

end

Which can be easily verified by summing the difference of dataToEncrypt and toDouble:

Mac Os X Versions


>> sum(dataToEncrypt – toDouble’)


ans =


0


Now I that that we now the output is valid look at the inputs.

mexRandom is generating a key and and an iv, here is a sample key:



The cipher being passed in is ‘bf-cbc’ – blowfish with a cbc mode.
I realize at this point your probably a bit saturated and more description about is what is going on behind the curtain is needed. I’m going to cover more about that in a later post, but in the mean time I encourage you to use this code, take a look through my first post, wikipedia, and the OpenSSL website for more details.