Posts

Post not yet marked as solved
3 Replies
226 Views
Hi, I noticed that when running my program as root (using sudo) and calling SecKeyCreateRandomKey, the attribute for hash public key value is wrongly set. Reading the documentation, hush public key correspond to kSecAttrApplicationLabel. I tried setting only kSecAttrApplicationTag (or kSecAttrLabel) but it still mess up the hash key value. Here is my code: NSDictionary *attributes = @{(id) kSecAttrKeyType: (id)kSecAttrKeyTypeRSA, (id) kSecAttrKeySizeInBits: [NSNumber numberWithInt:key_size], (id) kSecAttrApplicationTag: tag_name, (id) kSecPrivateKeyAttrs: @{ (id) kSecAttrIsPermanent: @YES, (id) kSecAttrLabel : label_name} }; private_key = SecKeyCreateRandomKey((__bridge CFDictionaryRef)attributes, &error); I also try save it to keychain with SecItemAdd but it did not help: NSDictionary* addquery = @{ (id)kSecValueRef: (__bridge id)private_key, (id)kSecClass: (id)kSecClassKey, (id)kSecAttrApplicationTag: tag }; OSStatus status = SecItemAdd((__bridge CFDictionaryRef)addquery, NULL); I verify the value of the public hash value using command - security dump-keychain (looking at 0x00000006 attribute). Is that a know bug ? Is there a way to set attributes on a private key after creating it ? for example, create it with no tag, set a tag and save it using SecItemAdd. Thanks, Tal
Posted
by taloz1.
Last updated
.
Post marked as solved
5 Replies
304 Views
Hi, I'm writing application which use NSURLSession for https communication. It was all good until I change my app to run as root (using sudo). It is failing on the connection (SSL Error) and I suspect the fault is that it is not able to validate the server certificate. I install the relevant root certificate in the system keychain (beside login) but it did not help. What I should do for root user to be able to use the certificates in system keychain ? b.t.w - I'm running on macOS BigSur
Posted
by taloz1.
Last updated
.