+- Hot Door CORE Forum (http://hotdoorcore.com/forum)
+-- Forum: All forums (http://hotdoorcore.com/forum/forumdisplay.php?fid=1)
+--- Forum: Getting started (http://hotdoorcore.com/forum/forumdisplay.php?fid=6)
+--- Thread: RSA Signing and Verifying Plugin using OpenSSL (/showthread.php?tid=318)
RSA Signing and Verifying Plugin using OpenSSL - kazon - 08-25-2022
Good afternoon,
Was pleasantly surprised to find the forums were back. I'm brand new here but have gotten offline tips from Garrett as well as Rick while the forums were down. Thank you very much guys.
I'm putting the finishing touches on an Illustrator plugin I'm writing, and that is implementing an OpenSSL signing and verifying process for the plugin. I had successfully completed this step but moved up to OpenSSL 3 because of deprecation and this is where my issue began and my question to the forum. Once I added calls to the external version of OpenSSL 3 to my project and rebuild, I was presented with a slew of "xx already defined" linking errors. Below are just a few.
libcrypto.lib(libcrypto-lib-m_sigver.obj) : error LNK2005: EVP_DigestVerifyInit already defined in hdi_core-win-ai16-rls-64.lib(m_sigver.obj)
libcrypto.lib(libcrypto-lib-m_sigver.obj) : error LNK2005: EVP_DigestVerifyFinal already defined in hdi_core-win-ai16-rls-64.lib(m_sigver.obj)
After realizing this, I rolled back my implementation of using the external OpenSSL in favor of what CORE may already have in place. However, I can only find a reference to anything crypto related in "hdicoreCrypt.h". My previously working implementation is as follows:
1. I use a webpage to allow a user to register the software (plugin). The webpage will forward them their "OpenSSL_Signed" licensing information.
2. They would copy and paste this information into the software (plugin) to which it is verified.
How can I get the verify step to either work with OpenSSL through CORE? Or can I get it to work using "hdicoreCrypt" or is there more in CORE? I was having trouble with "hdi::core::crypt::decryptWithPublicKey()" and my guess is because I couldn't figure out how to create the RSA public key which was used to sign.
Regards,
Marvin
RE: RSA Signing and Verifying Plugin using OpenSSL - kazon - 08-26-2022
Good morning,
i may have this one resolved. I'm new to developing plug-ins as well as new to programming in C++ but not new to programming. I have been doing that a long time. After doing some research, realized that in order to use the OpenSSL libraries compiled into CORE, I just needed to add the include to the installed OpenSSL 3.0's headers folder. I think I can consider my questions answered and this post closed.
Regards,
Marvin
RE: RSA Signing and Verifying Plugin using OpenSSL - kazon - 08-26-2022
Seems I have to do an about face on having a resolution to my issue. While it does seem like the right approach (including OpenSSL's headers), it still fell short. Turns out that a few symbols for OpenSSL were missing from hdi_core-win-ai16-rls-64.lib. To list one important one is EVP_DigestVerifyUpdate. To be sure of this, I did a dumpbin of hdi_core-win-ai16-rls-64.lib and there was no reference for it. But did find references for its counterparts EVP_DigestVerifyInit and EVP_DigestVerifyFinal.
I thought maybe I could go through the OpenSSL source on Github and put together an .h and .c files for the missing parts, but after a good part of the day, that was a futile effort. So I'm back to square one on this. And I just might have to revert back to my working code and try to live with the warnings about deprecation. Unless someone out there has another idea.
Regards,
Marvin
RE: RSA Signing and Verifying Plugin using OpenSSL - garrett - 09-01-2022
While we did not intend for others to utilize OpenSSL functionality outside of what hdi_core itself provides, the version of OpenSSL we're currently compiling against is 1.1.1g. Theoretically you should be able to compile against that version of the OpenSSL headers, and the linker should not strip the functions you're calling yourself (i.e. those outside of what hdi_core itself utilizes), leading to a functional binary. I'll add that this is not officially supported so you're sort of on your own in this regard.
We intend to update the version of OpenSSL we compile against when we release the next update to hdi_core, which should occur in the next couple of months. We'll use whatever is the latest at that time, so just giving you a heads up.
RE: RSA Signing and Verifying Plugin using OpenSSL - kazon - 09-10-2022
Thanks for the reply Garrett. No worries. I was able to get past my issues and now everything is working as they should. I definitely could not use OpenSSL for what I needed, but was able to get it all done through Crypto. It has the ability to work with OpenSSL generate keys and was able to handle the verification for me.