Re: licence key validation method
Re: licence key validation method
- Subject: Re: licence key validation method
- From: Dave Fernandes <email@hidden>
- Date: Mon, 12 Jan 2015 12:10:49 -0500
> On Jan 12, 2015, at 12:05 PM, Jens Alfke <email@hidden> wrote:
>
>
> Somebody (Dave Fernandes, apparently) wrote:
>>>
>>> If you use AquaticPrime, unfortunately, it does not generate standard signatures. It manually hashes and then encrypts using the private key. This sounds like a normal signature, but it is missing some information stored in standard PKCS #1 v2.0 signatures. This means that Security.framework WILL NOT be able to verify an AquaticPrime signature. The verify transform does not work for the above reason; and the decrypt transform does not work either because that would require you to decrypt using the public key. Security.framework enforces cryptographic hygiene - you can only decrypt with a private key and verify a signature with a public key.
>
> The Security Transform API won't let you do that. But there are lower level functions in the framework (the CDSA API) that allow it.
>
> —Jens
Yes, but aren’t they all deprecated?
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden