Re: NSSecureCoding & NSAttributedString
Re: NSSecureCoding & NSAttributedString
- Subject: Re: NSSecureCoding & NSAttributedString
- From: Alex Zavatone <email@hidden>
- Date: Fri, 16 Feb 2018 17:58:57 -0600
> On Feb 16, 2018, at 5:17 PM, Quincey Morris
> <email@hidden> wrote:
>
> On Feb 16, 2018, at 15:06 , Alex Zavatone <email@hidden <mailto:email@hidden>>
> wrote:
>>
>> do you think that this be a case when it’s best to encrypt the strings
>> yourself with an HMac256 method on the attributed strings?
>
> There’s no actual encryption in NSSecureCoding, it’s just about making sure
> that malicious classes aren’t substituted for the intended ones. You *could*
> introduce extra security, but at some point you’d have to hand the plain ol'
> raw data over to a NSKeyedUnarchiver, so the extra stuff wouldn’t help.
>
So, splitting the solution into separate archival and unarchiving into 2
sections, where the unsupported classes are handled separately is the ugly but
required path to take?
Sort of a wrapper for archiving and unarchiving to handle NSParagraphStyle
storage and rebuilding?
That’s my first inclination, but thought I’d ask for the sake of discussion.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden