Re: Share and store RSA - public key in java server and vice versa
Re: Share and store RSA - public key in java server and vice versa
- Subject: Re: Share and store RSA - public key in java server and vice versa
- From: ChanMaxthon <email@hidden>
- Date: Fri, 16 May 2014 15:37:49 +0800
I got fed up by Apple already and found a little BSD-licensed CXX crypto library called Botan. I will either wrap it in Objective-C or rewrite it for my later projects.
Sent from my iPhone
> On May 15, 2014, at 8:00 PM, Roland King <email@hidden> wrote:
>
> I try not to 'screw' the Apple crypto libraries, I use them where possible and file bug reports to improve them where they are lacking.
>
> Lots of people do end up embedding OpenSSL, a fact not lost on the recipients of bug reports I'm sure, I've thus far managed not to have to. I'd prefer Apple improved their crypto library API so I didn't have to mess around with it.
>
>> On 15 May, 2014, at 7:46 pm, ChanMaxthon <email@hidden> wrote:
>>
>> Eh screw the OS X/iOS crypto libraries... I would just embed my own copy of OpenSSL or GNUTLS myself. (My toolkit library have already included GNU MP, the library GNUTLS is based on) Or if I really have the time reimplement RSA algorithms and key generation using Acceleration.framework
>>
>> Sent from my iPad
>>
>>> On May 15, 2014, at 11:43 AM, Roland King <email@hidden> wrote:
>>>
>>>
>>>> On 15 May, 2014, at 7:25 am, Jens Alfke <email@hidden> wrote:
>>>>
>>>>
>>>>> On May 14, 2014, at 3:48 PM, Roland King <email@hidden> wrote:
>>>>>
>>>>> I'm just pointing out the advice which is constantly and consistently given by Apple (particularly Quinn) on the developer forum that getting the bits of a private key on iOS is unsupported and subject to change, and to do the job on a server which you trust and return the information. Here's one such thread, there are dozens of them.
>>>>>
>>>>> https://devforums.apple.com/message/951417#951417
>>>>
>>>> Thanks for the link. I added a rant explaining exactly why this is a terrible idea. Who knows whether it’ll do any good; I’ve completely given up on Apple ever getting its crypto act together.
>>>>
>>>> —Jens
>>>
>>> That's quite the reply - I've hit the "Email Updates" on the thread and I'm sitting with a new bag of popcorn waiting to see what happens next.
>>>
>>> Since that method of extracting private keys was recently broken on OSX I fear that iOS is not far behind.
>
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden