We distribute our product outside of the MAS (as a pkg).
It consists of GUI app and several services.
App is sandboxed but it uses custom sandbox profile rules.
Services are installed as launchd daemons and are not located inside the app bundle.
Services have xpc bundles and also use custom sandbox profiles.
At Apple Labs engineer told me to use LAContext ( LocalAuthentication.framework ), because this object is adopting NSSecureCoding protocol and can be used to authenticate user.
The flow is simple.
Create LAContext at main GUI.
Authenticate user via canEvaluatePolicy() and evaluatePolicy()
Send LAContext through XPC to your desired service.
Call canEvaluatePolicy() and evaluatePolicy() again.
However, I have a problem with last part.
I made a wrapper object which carries LAContext through XPC. ( AuthorizationPayload ).
It works fine and carries LAContext to service from main GUI.
However, when I try to verify LAContext on service side, I receive errors:
LAContext[61791:0] failed to initialize: Error Domain=com.apple.LocalAuthentication Code=-10 "Context not found." UserInfo={NSDebugDescription=Context not found., NSLocalizedDescription=Authentication failure.}
and
canEvaluatePolicy() also returns false with the same error.
Additional.
I also added this sandbox rule to my service.
(allow mach-lookup
(global-name "com.apple.CoreAuthentication.daemon")
)
What can I do in this situation?
I have similar problem.
Original post was several years ago.
Is there any new features/API to retrieve AuthorizationRef by TouchID?
Post not yet marked as solved
Intention
I would like to add adapter for networking framework to socket-based transport layer at libgit2 library.
Library
This library creates ssl context as
/// TCP, right?
st->ctx = SSLCreateContext(NULL, kSSLClientSide, kSSLStreamType);
and sets security protocols as
/// TLS
SSLSetProtocolVersionMin(st->ctx, kTLSProtocol1)
SSLSetProtocolVersionMax(st->ctx, kTLSProtocol12)
libgit2 library defines an interface for socket-based api.
You have to provide read/write functions for each "socket-based" adapter.
The adapter write function signature is
static ssize_t adapter_write(git_stream *stream, const char *data, size_t len, int flags)
Adapters
SecureTransport is relying on socket-based functions and it uses straightforward approach without callbacks. Read something, get result.
Networking framework suggests a different approach with callbacks. So, instead of reading data in do-while loops, you have to add callbacks with "received/sent" partial result.
Semaphore approach
To adapt callback API I've added semaphore.
Although I'm not sure this approach is efficient in terms of nw_connections.
/// Rough draft
static ssize_t apple_network_adapter_write(git_stream *stream, const char *data, size_t len, int flags)
{
apple_network_adapter_stream *st = (apple_network_adapter_stream *) stream;
size_t data_len, processed;
OSStatus ret;
GIT_UNUSED(flags);
data_len = min(len, SSIZE_MAX);
nw_connection_t connection = ... ;/// retrieve connection
dispatch_data_t ddata = dispatch_data_create(data, data_len, NULL, DISPATCH_DATA_DESTRUCTOR_DEFAULT);
nw_content_context_t context = NW_CONNECTION_DEFAULT_MESSAGE_CONTEXT;
/// We have to add semaphores for this API.
/// Otherwise, it won't be able to "be" synced.
dispatch_semaphore_t semaphore = dispatch_semaphore_create(0);
__block int errno = 0;
__block processed_length = -1;
nw_connection_send(connection, ddata, context, true, ^(nw_error_t _Nullable error) {
if (error == NULL) {
processed = len;
}
else {
errno = nw_error_get_error_code(error);
}
dispatch_semaphore_signal(semaphore);
});
dispatch_semaphore_wait(semaphore, DISPATCH_TIME_FOREVER);
ret = errno;
if (ret != noErr) {
return apple_network_adapter_error(ret);
}
GIT_ASSERT(processed < SSIZE_MAX);
return (ssize_t)processed;
}
Hint
Also I find another hint with it that nearly every object in networking framework is defined as NSObjectProtocol object.
Post not yet marked as solved
It doesn't help.
Could you show an example where CustomListCell with embedded UITextView expanding on typing with any layout in UICollectionView?
Post not yet marked as solved
Hi!
I have the same layout ( I guess ) where I put a textView ( actually, a subview of subview (of subview...) of cell content view is text view ).
Sorry, and yes, it is only one solution so far.
You can, for example, check this solution on iOS 14, maybe it is not required anymore and it works as expected ( automagically ).
What about your question?
Well, it is long story and it should be covered or solved easily in iOS 14 by Cell Configurations.
Consider you have a ViewModel:
class ViewModel {
	var first: Id
	var second: String
}
It is a simple model and it can be easily conformed to Hashable.
But, however, we don't know how it will going in future, right?
I suggest to add another creature:
extension ListViewModel {
struct Row {
	var viewModel: ViewModel
	var diffable: Diffable
	struct Diffable {
		var id: Id
		var first: String
		var second: Int
	}
}
}
You add additional Row model which represents a model for your Cell and, especially, for a List of Cells.
It is not the same as ListViewModel.Entry. It is an ItemIdentifierType for DiffableDataSource.
I intentionally put it in ListViewModel namespace, because it works with ViewModel and embraces it into self and conforms to necessary protocols.
extension ListViewModel.Row: Hashable {
	static func == (lhs: Self, rhs: Self) {
		lhs.diffable == rhs.diffable
	}
	func hash(_ inout hasher: Hasher) {
		hasher.hash(self.diffable)
	}
}
As you see, I separate an intention of Row and its nature.
It is intended to be an ItemIdentifierType for DiffableDataSource, BUT, it is not what it actually is.
Actually, it is projection of viewModel on properties of cell AND states of cell.
So, here we distinguish a projection and ItemIdentifier. I called it Diffable, because we would check if our view states that are computed from model did change.
Why this solution would work?
First of all, it doesn't rely on view model itself, only on properties for cell and states for cell.
Second, it requires that some structure ( Diffable in our case ) contains all these states and properties inside to compute difference.
Does it look similar to Cell Configuration from iOS 14?
Post not yet marked as solved
I have the same issue.It appears in different places.
Post not yet marked as solved
Hi!I noticed this problem long ago.I use appearance class to set title/footer label color.[UILabel appearanceWhenContainedInInstancesOfClasses:@[UITableViewHeaderFooterView.class]].textColor = self.sectionHeaderTitleColor;Somehow, after section/footer disappears from screen, it redraws with default textColor. ( Gray color )
Post not yet marked as solved
Hi! Yes, I have an application which put blurred screenshot on willResignActive and remove it on didBecomeActiveI also put debug print in both delegate callbacks.And yes, call to -didBecomeActive is delayed.My steps:- swipe up from bottom control panel.- swipe it down.- wait before blurred snapshot disappeared.If I don't put screenshot, it actually become active ( output ) with the same duration.Interesting thing:- I could interact with application before didBecomeActive debug output appeared.
Post not yet marked as solved
Could you advise how to retrieve private part of key?https://github.com/yourkarma/JWT/issues/145Because I do not understand which bytes I should skip ( after stripping off Bit String with Public key ).A part of my inverstigation in this issue.I try to create private key from your key. ( Apple Key )MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgpnX9ZXmgLCWQ+Hkpvae2PLU68XEzJdp+NjswuBS9RHWgCgYIKoZIzj0DAQehRANCAARMSO6bkKjLT+9Mx9wJRXoqUx+CbeOhAbVGS+3fgvVNGv3QM3NlMou3uguMrITwVvpWjuocXbSzjTwMstMMjsZgOk, I move on and strip off public key first ( BIT String ) from the end of key. Next, I cut one-by-one byte from the beginning. And yes, I create both private key and public key. (lldb) po privateKey.key <SecKeyRef curve type: kSecECCurveNone, algorithm id: 3, key type: ECPrivateKey, version: 4, block size: 192 bits, addr: 0x100512a20>
(lldb) po publicKey.key <SecKeyRef curve type: kSecECCurveSecp256r1, algorithm id: 3, key type: ECPublicKey, version: 4, block size: 256 bits, y: FDD0337365328BB7BA0B8CAC84F056FA568EEA1C5DB4B38D3C0CB2D30C8EC660, x: 4C48EE9B90A8CB4FEF4CC7DC09457A2A531F826DE3A101B5464BEDDF82F54D1A, addr: 0x10070efb0>And as I understand, private key is broken. It doesn't have proper curve type.
Post not yet marked as solved
Hi!One year later, I have started to complete this task 🙂Now I could create EC-keys, but it is a bit painful, because Public keys really want BitString.But Private keys want sequence before: SEQUENCE {
OBJECT IDENTIFIER '1 2 840 10045 2 1'
OBJECT IDENTIFIER ansiX9p256r1 (1 2 840 10045 3 1 7)
}Could you advise a correct ASN.1 template from coder which could split key into Public part and Private part?#import <Security/SecAsn1Coder.h>
#import <Security/SecAsn1Templates.h>My task is a bit simple than parsing whole key. I need to parse sequence into sequence of private part ( above ) and public Bit string ( second part ).Thanks!
Post not yet marked as solved
Hi!It seems I have the issue.My setup of location manager: manager.pausesLocationUpdatesAutomatically = NO;
manager.activityType = CLActivityTypeOther;
switch (status) {
case kCLAuthorizationStatusAuthorizedAlways: {
manager.allowsBackgroundLocationUpdates = YES;
break;
}
default: break;
}
manager.desiredAccuracy = kCLLocationAccuracyNearestTenMeters;And even in this aggressive setup it does not work well. App stops for a 20 minutes, which is not an appropriate behavior.Look at Core Bluetooth thread, it seems that background is broken.https://forums.developer.apple.com/thread/90752
Post not yet marked as solved
Hi!Thanks for complete information!I would like to know about modules separation on folder level.I have complex framework which I want to separate into modules.My example framework would be somekind of:framework module ServiceCore {
umbrella header "ServiceCore.h"
export *
module * { export * }
framework module Toolbox {
umbrella header "ServiceToolbox.h"
export *
module * { export * }
}
framework module Random {
umbrella header "ServiceRandom.h"
export *
module * { export * }
}
}All of the headers are a part of ServiceCore target. ( ServiceCore framework target )ServiceCore.h takes care of core headers.ServiceToolbox takes care of toolbox headers ( which are placed somewhere ).ServiceRandom takes care of misc items over random numbers generation.All umbrella headers are placed into folder FrameworkSupplement/.However, after that setup Xcode can't find umbrella headers as ServiceToolbox and ServiceRandom.My main goal is to import items as part of ServiceCore.@import ServiceCore; // import Core part.
@import ServiceCore.Toolbox; // import ServiceToolbox.h
@import ServiceCore.Random; // import ServiceRandom.hThanks for help!
