On 14 May, 2014, at 9:55 pm, Jens Alfke <j...@mooseyard.com> wrote: > > On May 13, 2014, at 9:20 PM, Maxthon Chan <xcvi...@me.com> wrote: > >> I am saying ignore the details of the format, treat certificates as binary >> blobs or plain strings or whatever that is opaque, and let crypto API parse >> it. > > And I am saying that’s naïve, at least where Apple’s crypto API is concerned. > I’ve had to expend a lot of effort over the years to look at exactly what’s > in those blobs to figure out the right formats, and sometimes write my own > code to parse/generate them. (Apple’s code doesn’t support a lot of the > formats, esp. not on iOS.) > > —Jens
+1. I'm with Jens that the crypto libraries are lacking in so many ways. In iOS I feel they got 1/3 ported and instead of finishing the port, the OSX team just deprecated what wasn't ported. I'm not really sure I expect that crypto example to work much longer. They are truly horrible to work with. If you ask a similar question to the original poster on any of the Apple Developer Forums you'll be advised not to generate key pairs on a device but to do it on a server (the advice will probably come from Quinn), that's what I eventually did, at least it was supported and I wasn't trying to embed openssl v ?.x.? in my code. _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
