Comments for Cocoaphony

Comment on Wrapping C++ – Take 2, Part 1 by Rob Napier

Rob Napier — Sun, 13 May 2012 00:12:40 +0000

@Orpheus Check out my new post: http://robnapier.net/blog/wrapping-cppfinal-edition-759.

Comment on Wrapping C++ – Take 2, Part 1 by Wrapping C++ Final Edition | Cocoaphony

Wrapping C++ Final Edition | Cocoaphony — Sun, 13 May 2012 00:11:54 +0000

[...] Objective-C can read it? This used to be a question that required some significant thought. See Wrapping C++, Take 2 Part 1 and Part 2 for my previous thinking on the [...]

Comment on Wrapping C++ – Take 2, Part 1 by Orpheus

Orpheus — Fri, 11 May 2012 13:44:37 +0000

@Rob Napier I'm an iOS developer with no C++ knowledge and I've recently been pointed to your blog as a great resource for instruction on Objective C++ wrappers. I'm wondering if it wouldn't be too much trouble for you to provide a simple example of what you meant when you said "..now that you can declare ivars in the @implementation block, much of this technique is not required anymore" in response to @mydogisbox's question: "Why not just forward declare the class as a struct? C++ classes and structs are compatible.." As my c++ header has no namespace, I feel that this would be useful to me and others. Thanks for the help if you had the time. Great blog!

Comment on Properly encrypting with AES with CommonCrypto by Carey

Carey — Wed, 09 May 2012 20:25:59 +0000

I’m completely confused now. I just thought that encrypting and decrypting the data was the easiest safest way. I’m new to security and don’t really know how I should be handling data or which way is the best way. I don’t know how to get the server to respond to the AuthenticationChallenge. I often don’t have access to a webserice’s server. I wonder if perhaps you would be willing to assist me further in understanding. I would compensate you for your time. This is a huge weakness in my iOS programming skills and I would like to improve it and understand it much better. Would you be interested?

Comment on Properly encrypting with AES with CommonCrypto by Rob Napier

Rob Napier — Wed, 09 May 2012 20:16:03 +0000

@Carey Yes, that would be fine provided you are correctly verifying the server certificate. The TLS tunnel is established before you send your data, so it is already encrypted and authenticated, which is the same thing you'd be trying to recreate with RNCryptor.

Ideally, you should limit the server certificates you are willing to accept for a secure HTTPS connection. You can do this in connection:willSendRequestForAuthenticationChallenge: by using SecTrustSetAnchorCertificates() to set the acceptable list of root certificates to just your signing root (rather than "any trusted signing root"). This is detailed in Chapter 11 of iOS:PTL (page 222). I don't believe I have any sample code posted for it, though.

That said, it's certainly not the end of the world to just accept any device-trusted certificate (which is the default behavior). That gives you good protection against most attacks.

Comment on Properly encrypting with AES with CommonCrypto by Carey

Carey — Wed, 09 May 2012 19:49:44 +0000

So you’re saying that when my user on the iPhone enters his/her password as “password” I can just send it to the the server over https and all is fine and secure?

Comment on Properly encrypting with AES with CommonCrypto by Rob Napier

Rob Napier — Wed, 09 May 2012 19:39:01 +0000

Why do you believe that the HTTPS functionality on iOS devices is less secure than the system you’re planning to implement? I’m not aware of major flaws in the HTTPS implementation on iOS. What have you read?

Comment on Properly encrypting with AES with CommonCrypto by Carey

Carey — Wed, 09 May 2012 19:10:33 +0000

From what I have read that isn’t very secure on the device. The device is reading sensitive medical data. So I need to decrypt what the server sends me and encrypt it to send back. Right?

Comment on Properly encrypting with AES with CommonCrypto by Rob Napier

Rob Napier — Wed, 09 May 2012 19:07:10 +0000

The other party to this must read and/or write the format documented here: https://github.com/rnapier/RNCryptor/wiki/Data-Format

It’s a fairly simple format and should be implementable in any language. The one difficult part of it is that the HMAC is at the end. That means that when you get to the end of the message, you have to roll back 32 bytes to find the end of the ciphertext. This is required to allow streaming. As long as you’re able to encrypt or decrypt the entire message in memory, then this is a very easy format. If you want to support the same kind of streaming that RNCryptor does (where the entire message never has to be in memory), then you’ll need to do the same thing I do and use a read-ahead buffer.

RNCryptor will interoperate with OpenSSL format using RNOpenSSLCryptor, but this significantly reduces the security of the message. OpenSSL provides no message authentication, has a non-random IV, and a poor KDF.

As noted on the Data-Format page, I’ve considered supporting the more standard CMS format, but I don’t know a lot of products that support this and it would add a lot of code and data overhead for potentially little real benefit to developers. I’m not familiar with the formats that Windows uses for writing encrypted messages. If you have specs for the formats you’re interested in, I can look at them.

Generally if I were sending data to a server that the server was going to decrypt, I’d just use HTTPS. Is there a reason you’re performing a separate AES encryption?

Comment on Properly encrypting with AES with CommonCrypto by Carey

Carey — Wed, 09 May 2012 18:41:49 +0000

This code seems great. Except one problem. How does the server decrypt what I’m sending? What’s the standard for a windows server to match what I’m doing with the RNCryptor class?