Eh screw the OS X/iOS crypto libraries... I would just embed my own copy of OpenSSL or GNUTLS myself. (My toolkit library have already included GNU MP, the library GNUTLS is based on) Or if I really have the time reimplement RSA algorithms and key generation using Acceleration.framework
Sent from my iPad > On May 15, 2014, at 11:43 AM, Roland King <r...@rols.org> wrote: > > >> On 15 May, 2014, at 7:25 am, Jens Alfke <j...@mooseyard.com> wrote: >> >> >>> On May 14, 2014, at 3:48 PM, Roland King <r...@rols.org> wrote: >>> >>> I'm just pointing out the advice which is constantly and consistently given >>> by Apple (particularly Quinn) on the developer forum that getting the bits >>> of a private key on iOS is unsupported and subject to change, and to do the >>> job on a server which you trust and return the information. Here's one such >>> thread, there are dozens of them. >>> >>> https://devforums.apple.com/message/951417#951417 >> >> Thanks for the link. I added a rant explaining exactly why this is a >> terrible idea. Who knows whether it’ll do any good; I’ve completely given up >> on Apple ever getting its crypto act together. >> >> —Jens > > That's quite the reply - I've hit the "Email Updates" on the thread and I'm > sitting with a new bag of popcorn waiting to see what happens next. > > Since that method of extracting private keys was recently broken on OSX I > fear that iOS is not far behind. _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
