Re: SSCrypto Framework
Re: SSCrypto Framework
- Subject: Re: SSCrypto Framework
- From: Jens Alfke <email@hidden>
- Date: Fri, 20 Jun 2008 14:26:01 -0700
On 20 Jun '08, at 8:45 AM, Trygve Inda wrote:
I would embed a public key in my app and encrypt a data file on our
site
that the software needs to download periodically. This is mostly to
ensure
that file can not be modified or substituted except by us.
A good way to do this would be to use SSL. Create a self-signed cert
and install it and the private key on your web server as the SSL cert.
Copy the cert into your app. Now the app can download its file using
HTTP over SSL.
The only wrinkle is verifying the cert. Unfortunately NSURLConnection
doesn't give you much control over certs; it will complain because the
cert is self-signed, unless it's been added to the user's keychain and
marked as trusted. You can use the Keychain APIs in the Security
framework to add the cert and change its trust settings when your app
first runs.
—Jens
PS: I used SSCrypto at first, then switched to Keychain.framework. The
latter covers a much broader range of tasks, is more mature, and has
IMHO better design (SSCrypto just uses these singleton objects with a
flat procedural interface, wile Keychain.framework has classes for
individual certs, keys, keychains, etc.) However, for just adding a
cert to the keychain, I think you can get away with just using the
system APIs directly.Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden