• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Security issue in developing Mac code -- not sure where to discuss
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security issue in developing Mac code -- not sure where to discuss

  • Subject: Re: Security issue in developing Mac code -- not sure where to discuss
  • From: Jens Alfke <email@hidden>
  • Date: Fri, 2 Apr 2010 13:28:10 -0700

On Apr 2, 2010, at 1:05 PM, Jay Reynolds Freeman wrote:

I am not sure where to discuss issues related to developing
Macintosh code that uses the Internet to transmit data in
a secure manner:

macnetworkprog is the general networking list; that's probably the best place for this. And discussion of Mac crypto/security APIs is at the apple-cdsa list (great name, no?)

The app is not
a web-server-and-client kind of thing; I expect to be using
Internet socket connections directly, from within the
various instances of the application.
So far, I have described a very general programming issue
-- probably too general for this group.  What I am wondering
about is what special support is available for this kind of
thing based on the fact that I am using Macintoshes, and have
all the facilities of MacOS and Xcode to develop and run with.

It depends on what levels of APIs you're comfortable with and will integrate best with your code. At the lowest level you have the standard BSD socket API. At a higher level, but still procedural, are the CFNetwork APIs (specifically CFSocket and CFStream). In Objective- C there are some OOP wrappers around CFNetwork in the form of NSStream etc., although they're somewhat incomplete.

If you're concerned about security, SSL is a good choice. The SecureTransport API implements that on whatever stream layer you want to use. Mac OS also comes with the cross-platform OpenSSL library which does basically the same thing. If you use CFStream you can enable SSL transport pretty easily without having to know the lower level APIs.

Using SSL in a peer-to-peer environment means messing with X.509 certificates and key-pairs, and secure storage of them. The "Sec-" prefixed APIs in the Security framework deal with that. (OpenSSL has its own APIs too.)

You might be interested in a framework I wrote called MYNetwork which is a very high-level Objective-C API for networking, including SSL support and Bonjour discovery. It wraps the above APIs and hides a lot of the complexity. http://bitbucket.org/snej/mynetwork/

—Jens _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Security issue in developing Mac code -- not sure where to discuss (From: Jay Reynolds Freeman <email@hidden>)






    

  • Prev by Date:
Re: Security issue in developing Mac code -- not sure where to	discuss

    • 

  • Next by Date:
Re: Socket read tuning on Mac OS X

    • 

  • Previous by thread:
Re: Security issue in developing Mac code -- not sure where to	discuss

    • 

  • Next by thread:
Re: code signing strategies

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •