Bootstrapping ad-hoc MultipeerConnectivity could be so much easier
| Originator: | cmsj | ||
| Number: | rdar://22015008 | Date Originated: | 2015-07-27 |
| Status: | Duplicate of 14897803 | Resolved: | 2017-06-09 |
| Product: | Product Version: | ||
| Classification: | Reproducible: |
Summary: In an application using MultipeerConnectivity, there is the option to use certificate authentication as part of the optional encrypted transports. However, after extensive searching, I can find no way to reasonably generate the SecIdentityRef (signed x.509 certificate and corresponding private key). There definitely isn't anything in the MultipeerConnectivity framework, as far as I can tell there's nothing in the Security framework, OpenSSL/CDSA are either deprecated, or not on iOS, or both. I'm not sure how other apps are handling this, but I am forced to assume that they are either ignoring security entirely, or shipping keys/certs in their app bundle (which is, effectively, ignoring security entirely), or are using some kind of cloud service to generate certificates/keys for them (which is also pretty much disregarding security entirely). It seems to me that it would be *extremely* useful to be able to trivially take the output of SecKeyGeneratePair() and use it to generate an x.509 certificate, and then sign it with the private key. This doesn't provide for an independent path of trust, but it does at least allow app developers to build a trust mechanism themselves (e.g. asking the two users, who by definition of MultipeerConnectivity, are close to each other, to verify key fingerprints on screen). Obviously a certificate signed by an authority in the trusted root database, would be the best option here, but that is a very high barrier of entry to secure, ad-hoc, local communication using MultipeerConnectivity. Steps to Reproduce: - Try to use MultipeerConnectivity in a secure fashion Expected Results: - Be able to generate a self-signed certificate (or maybe in future-unicorn-ponies-land, have the key signed by the device, indicating that it is associated with the Apple ID of the user?) Actual Results: - Generating a self-signed certificate, or indeed a certificate of any kind, is extremely difficult and fragile, and typically can only be done using deprecated/missing APIs, or by shipping a third party library of unknown quality. Version: N/A Notes: Configuration: Any iOS device, and OS X computer Attachments:
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!