NSAlert with NSSecureTextField in main thread dont works

Buenas tardes,

I have a problem with a control inside an nsalert from a thread calling it on the main thread. Everything works fine but the textfield does not respond, you write or delete and it has no response.

dispatch_sync(dispatch_get_main_queue(), ^{

    NSAlert *alert = [[NSAlert alloc] init];
    [alert setMessageText:@"Enter PIN"];
    [alert addButtonWithTitle:@"OK"];
    [alert addButtonWithTitle:@"Cancel"];
   
   
    NSSecureTextField *input = [[NSSecureTextField alloc] initWithFrame:NSMakeRect(0, 0, 200, 24)];
    [input setStringValue:@""];
    [alertsetAccessoryView:input];
    [inputsetEditable:true];
    
    NSInteger button = [alert runModal];
    if (button == NSAlertFirstButtonReturn) {
        self.pin = [input stringValue];
        [self.wait signal];
    }else if (button == NSAlertSecondButtonReturn) {
        [Utils Log:@"Pin canceled!"];
        [alert.window close];
        [self.wait signal];
    }
        });

If I try to create an NSWindow, it comes out as disabled and the controls can't be used either.

Thanks greetings

Up vote post of Aekold Down vote post of Aekold
1.4k views
Posted by
Aekold
Reply
Add a Comment

Replies

You tagged your question with CryptoTokenKit and I’m confused as to how that plays into this. Are you trying to do this within a CryptoTokenKit extension?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Yes exactly, in the signData function. I need to ask for the pin of the certificate to validate it, before sending the signature to the api.

To do something fast I made the NSAlert and added a NSSecureTextField. But the control I can not write or delete, only select. If I add a string value by default, when I click the accept button it picks it up.

If I create a new window and initialize it on the main thread. The window comes out all as disabled. I suppose it will be something from the ui update that should also be executed in the main thread.

Thanks.

PS: In the other incident that you helped me with, it didn't work because I had a cpp dll that seems to have broken the token. :)

Posted by
Aekold
Up vote reply of Aekold Down vote reply of Aekold
Add a Comment

Yes exactly

Yikes! That’s not going to work. CryptoTokenKit app extensions are not allowed to present UI by themselves. Standard practice is to fail the operation with the .authenticationNeeded error. CTK will then call your tokenSession(_:beginAuthFor:constraint:) method, from which you can return a TKTokenPasswordAuthOperation subclass that triggers the PIN UI.

The only gotcha here is that, for your beginAuthFor method to be called, your item must have a non-standard constraint set on it. Specifically, when you configure the token by setting the keychainItems property, you must set a constraint that’s neither true as NSNumber nor false as NSNumber. The default constraint is typically true as NSNumber and that means that the beginAuthFor method never gets called )-:

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thank you very much Eskimo, everything perfect in Chrome, although I have a problem with Safari...

He sends me to sign crazy things, where chrome works perfectly.

DataToSign: 37417

Inside there are many CA's and certificates...

Posted by
Aekold
Up vote reply of Aekold Down vote reply of Aekold
Add a Comment

everything perfect in Chrome, although I have a problem with Safari

Should I interpret this to mean that you got your PIN UI working? And so this is a new problem?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Good morning, The CTK works perfectly in Chrome. But in Safari, the hash it sends me to sign doesn't make any sense.

Size to sign: 37417 And the hash is huge does not correspond.

Thanks greetings.

Posted by
Aekold
Up vote reply of Aekold Down vote reply of Aekold
Add a Comment

Are you sure you have your algorithms set up correctly? There’s a difference, for example, between .rsaSignatureMessagePKCS1v15SHA1 and .rsaSignatureDigestPKCS1v15SHA1. With the first, you’re passed a message and you’re expected to create the digest and then sign that. With the second, you’re passed the digest, a digest created by someone else, you’re expected to just do the signing step.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment