Re: licence key validation method
Re: licence key validation method
- Subject: Re: licence key validation method
- From: Dave Fernandes <email@hidden>
- Date: Mon, 12 Jan 2015 12:11:47 -0500
> On Jan 12, 2015, at 11:53 AM, Tamas Nagy <email@hidden> wrote:
>
>>
>> If you use AquaticPrime, unfortunately, it does not generate standard signatures. It manually hashes and then encrypts using the private key. This sounds like a normal signature, but it is missing some information stored in standard PKCS #1 v2.0 signatures. This means that Security.framework WILL NOT be able to verify an AquaticPrime signature. The verify transform does not work for the above reason; and the decrypt transform does not work either because that would require you to decrypt using the public key. Security.framework enforces cryptographic hygiene - you can only decrypt with a private key and verify a signature with a public key.
>>
>
> Are you sure about that? The latest version of CF based AquaticPrime on GitHub using Security.framework: https://github.com/bdrister/AquaticPrime/pull/32
Interesting. I haven’t checked in a while.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden