/OpenSSL

OpenSSL package for SPM, CocoaPod, and Carthage, for iOS and macOS

Primary LanguageCOtherNOASSERTION

OpenSSL-Universal

OpenSSL CocoaPods, Carthage and Swift Package Manager package for iOS and macOS. Complete solution to OpenSSL on iOS and macOS. Package comes with precompiled libraries, and includes a script to build newer versions if necessary.

Current version contains binaries built with latest iOS SDK (target 7.0), and latest macOS SDK (target 10.10) for all supported architectures (including macOS Catalyst).

Support

It takes some time to keep it all for your convenience, so maybe spare $1, so I can keep working on that. There are more than 8000 clones daily. If I'd get $1/month from each company that uses my work here, I'd say we're even. Hurry up, find the Sponsorship button, and fulfill your duty.

Architectures

  • iOS with architectures: armv7, armv7s, arm64 + simulator (x86_64, arm64)
  • macOS with architectures: x86_64, arm64

Output Formats

Why?

Apple says: "Although OpenSSL is commonly used in the open source community, OpenSSL does not provide a stable API from version to version. For this reason, although OS X provides OpenSSL libraries, the OpenSSL libraries in OS X are deprecated, and OpenSSL has never been provided as part of iOS."

Installation

Build

You don't have to use pre-built binaries I provide. You can build it locally on your trusted machine.

$ git clone https://github.com/krzyzanowskim/OpenSSL.git
$ cd OpenSSL
$ make

The result of a build process is put inside Frameworks directory.

Hardened Runtime (macOS) and Xcode

Binary OpenSSL.xcframework (Used by the Swift Package Manager package integration) won't load properly in your app if the app uses Sign to Run Locally Signing Certificate with Hardened Runtime enabled. It is possible to setup Xcode like this. To solve the problem you have two options:

  • Use proper Signing Certificate, eg. Development <- this is the proper action
  • Use Disable Library Validation aka com.apple.security.cs.disable-library-validation entitlement

Swift Package Manager

dependencies: [
    .package(url: "https://github.com/krzyzanowskim/OpenSSL.git", .upToNextMinor(from: "1.1.180"))
]

CocoaPods

pod 'OpenSSL-Universal'

Carthage

  • If building from source is preferred:
github "krzyzanowskim/OpenSSL"
  • If using a prebuilt framework is preferred:
binary "https://raw.githubusercontent.com/krzyzanowskim/OpenSSL/master/OpenSSL.json"

Authors

Marcin Krzyżanowski

FAQ etc.

Where can I use OpenSSL-Universal?

These libraries work for both iOS and macOS. There are two OpenSSL static libraries; libcrypto.a and libssl.a Do NOT expect these OpenSSL files to work on every CPU architecture in the world. It is your prerogative to check. Ask yourself, are you trying to write an app for old devices? new devices only? all iOS devices? only macOS?, etc ::

Fat Binaries

The OpenSSL-Universal Framework is a Fat Binary. That means it supports multiple CPU architectures in a single file. To understand this, return to Terminal. Navigate to your OpenSSL-Universal macOS files and run the command file libcrypto.a This will tell you architecture the file is compiled against x86_64. If you tried the iOS OpenSSL-Universal files it would have said armv7, armv7s, arm64 + Simulators (x86_64).

Xcode Setup

You want to ensure Xcode knows;

  1. Where the OpenSSL static libraries are located.
  2. Where the OpenSSL header files are located for the C include statements. Inside your workspace, go to the Target (not the Project). The Target is the C app that is produced after a successful build. Select Build Phases and Link Binary With Libraries. Select + and navigate to the static OpenSSL libraries that was included in the framework. The magical result was, your Target and Building Settings Library Search Paths were populated without you typing anything. Now go to the Target. In Build Settings set the Always Search User Paths to Yes. Then add a new entry to the User Header Search Paths. This should be the location of the OpenSSL header files that were included in OpenSSLUniversal.