cocoa - How to encrypt data in objective-c using a public key generated from php script -


i've looked around , found scant information on encryption on mac os x. seems openssl support deprecated in newer version of mac os x. need able support 10.5 , up. here's problem:

i have public , private key pair generate on our licensing server using php (code shown below)

$dn = array(configs....); $privkey = openssl_pkey_new();  $csr = openssl_csr_new($dn, $privkey);  $sscert = openssl_csr_sign($csr, null, $privkey, $term);  openssl_x509_export($sscert, $publickey); openssl_pkey_export($privkey, $privatekey, "somepassphrase");  //base64 encode keys $privatekey = base64_encode($privatekey); $publickey = base64_encode($publickey);

the base64 encoded private key stored in secure location on 1 of our servers , base64 encoded public key written file download our users. file loaded desktop application macos x written in cocoa, base64 decodes public key. until step good. however, want encrypt data public key , send our license server. know how can use public key encrypt data in cocoa , "best" practice method? examples or tips appreciated!

it not openssl deprecated on mac merely openssl libraries provided os x deprecated. nothing stops compiling own openssl , use in app statically linking it:

although openssl commonly used in open source community, openssl not provide stable api version version. reason, although os x provides openssl libraries, openssl libraries in os x deprecated, , openssl has never been provided part of ios. use of os x openssl libraries apps discouraged.

if app depends on openssl, should compile openssl , statically link known version of openssl app. use of openssl possible on both os x , ios. however, unless trying maintain source compatibility existing open source project, should use different api.

common crypto , security transforms recommended alternatives general encryption. cfnetwork , secure transport recommended alternatives secure communications.

in other words: still fine use openssl in os x app - don't rely on bundled openssl anymore. alternatively, can make use of os x' security framework: capable of handling x.509 public key encryption seem doing well.

source: cocoa cryptographic services guide


Comments

Post a Comment

Popular posts from this blog

java - How to specify maven bin in eclipse maven plugin? -

i have eclipse maven plugin coming on centos. how can execute maven command on linx like: mvn clean package [abigail@localhost ~]$ mvn bash: mvn: command not found how should specify path executable of maven plugin in eclipse? or have install maven seperately? thanks. eclipse (m2e) have bundled central parts of maven inside eclipse plugin, why not detected, , not usable. investigation find correct way bootstrap it, have create launcher file manually. if want run maven outside of eclipse, far better off standalone version of maven. mvn command bootstrap maven runtime system correctly, , secondly, able use advice concerning use of maven. maven binaries quite stable, wouldn't need upgrade upgrade eclipse. you can subsequently switch eclipse use external installation if prefer.
Read more

single sign on - Logging into Plone site with credentials passed through HTTP -

i using plone 4.3.3 , new plone development. here trying achieve: i have site going redirect plone site. in http url line redirects plone site pass username whereas plone site should automatically log user username in without asking credentials password. not care safety or encryption @ point. how achieve that? (i guess need somehow modify existing login view, how do that?) thanks. i had same problem , @ end i've developed own pas plugin. i've followed next steps: create pas plugin implement extractcredentials method following this example implement authenticatecredentials method following this example add plugin develop section in build.conf. start plone , open zope console. go acl_users folder , add plugin pas system there examples here can use templates.
Read more

php - Why does AJAX not process login form? -

i writing simple login script in php form. can't work. there wrong ajax. when click submit button doesn't anything. this login html form: <form id="login_form"> <input type="text" class="input_field" name="username" id="username" value="gebruikersnaam" onclick="if(value=='gebruikersnaam'){ this.value='' }"/> <input type="password" class="input_field" name="password" id="password"/> <input type="submit" class="login_button" id="login_button" value="ga door"/> </form> this ajax: $(document).ready(function(){ $("#login_form").submit(function() { $.ajax({ type: "post", url: 'php/login_check.php', data: $("#login_form").serialize(), // serializes form...
Read more