Re: licence key validation method
Re: licence key validation method
- Subject: Re: licence key validation method
- From: Jens Alfke <email@hidden>
- Date: Mon, 12 Jan 2015 09:05:21 -0800
Somebody (Dave Fernandes, apparently) wrote:
>>
>> If you use AquaticPrime, unfortunately, it does not generate standard signatures. It manually hashes and then encrypts using the private key. This sounds like a normal signature, but it is missing some information stored in standard PKCS #1 v2.0 signatures. This means that Security.framework WILL NOT be able to verify an AquaticPrime signature. The verify transform does not work for the above reason; and the decrypt transform does not work either because that would require you to decrypt using the public key. Security.framework enforces cryptographic hygiene - you can only decrypt with a private key and verify a signature with a public key.
The Security Transform API won't let you do that. But there are lower level functions in the framework (the CDSA API) that allow it.
—Jens
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden