On 20 Jun '08, at 8:45 AM, Trygve Inda wrote:
I would embed a public key in my app and encrypt a data file on our site that the software needs to download periodically. This is mostly to ensurethat file can not be modified or substituted except by us.
A good way to do this would be to use SSL. Create a self-signed cert and install it and the private key on your web server as the SSL cert. Copy the cert into your app. Now the app can download its file using HTTP over SSL.
The only wrinkle is verifying the cert. Unfortunately NSURLConnection doesn't give you much control over certs; it will complain because the cert is self-signed, unless it's been added to the user's keychain and marked as trusted. You can use the Keychain APIs in the Security framework to add the cert and change its trust settings when your app first runs.
—JensPS: I used SSCrypto at first, then switched to Keychain.framework. The latter covers a much broader range of tasks, is more mature, and has IMHO better design (SSCrypto just uses these singleton objects with a flat procedural interface, wile Keychain.framework has classes for individual certs, keys, keychains, etc.) However, for just adding a cert to the keychain, I think you can get away with just using the system APIs directly.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
