Igor Delovski Board

delovski · Joined: 14 Jun 2006 Posts: 3524 Location: Zagreb

git - Secure iOS application development

"This guide is a collection of the most common vulnerabilities found in iOS
applications. The focus is on vulnerabilities in the applications' code and only
marginally covers general iOS system security, Darwin security, C/ObjC/C++
memory safety, or high-level application security."

delovski · Joined: 14 Jun 2006 Posts: 3524 Location: Zagreb

so - SecCertificateAddToKeychain - Unknown format in import

"The funcion SecCertificateAddToKeychain() gives me an error with the
certificate I created for testing."

delovski · Joined: 14 Jun 2006 Posts: 3524 Location: Zagreb

apple - Source of SecPKCS12Import()

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

mirror - Security Framework Reference

mirror - Security Interface Framework Reference

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

tech.springcard.com - PC/SC UNDER UNIX/LINUX/MAC WITH PCSC-LITE

"Starting with MacOS X version 10.4, the PCSC-Lite package and the CCID
driver are included in the system. We just need to add entries for SpringCard
readers into the configuration file of the CCID driver to have them supported.

CCID driver's Info.plist

/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist"

delovski · Joined: 14 Jun 2006 Posts: 3524 Location: Zagreb

so - How to create openssh keys on iOS via Objective-C code

"You'll need to use a library like OpenSSL to generate the keys. This isn't
Objective-C, but you can interact with C libraries since Objective-C is a
superset. You will need to read the documentation to fully understand how
the library works..."

delovski · Joined: 14 Jun 2006 Posts: 3524 Location: Zagreb

tutsplus.com - Securing iOS Data at Rest: Encryption

"In this post, we'll look at advanced uses of encryption for user data in iOS
apps. We'll start with a high-level look at AES encryption, and then go on to
look at some examples of how to implement AES encryption in Swift."

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

r - Cocoa: implement a privileged Helper

"If you ever wanted to implement a privileged Helper with a macOS application,
you might have realised how few the resources are to do so. As I implemented
one and struggled, I thought this could be a could idea to write a tutorial. If you
are interested, you can find it on my blog.

In this tutorial, the goal is to execute a script which can only be executed
with the root privileges. In the materials Scripts folder again, you can find
a hello_scriptex_root.sh file, which can only be read, written and executed
by the root."

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

sciencedirect.com - Kernel Extension

Excerpts from:

- Host Integrity Monitoring Using Osiris and Samhain, 2005

- Enrico Perla, Massimiliano Oldani, in A Guide to Kernel Exploitation, 2011

- Jaron Bradley, in OS X Incident Response, 2016

- Chris Hurley, ... Brian Baker, in WarDriving and Wireless Penetration Testing, 2007

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

git - CPLockController

"CPLockController is UIViewController subclass that allows users to set a 4 digit
passcode or enter one."

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

so - Touch ID vs Face ID code

"Now I have noticed that my Face ID works correctly without making any
changes to the TouchID code."

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

devfright - Touch ID Tutorial - Objective-C

"As it turns out, Apple has made some fairly standard code for accessing Touch
ID. The code comes from the Local Authentication Framework"

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

git - OpenSSL-Universal

"OpenSSL CocoaPods, Carthage and Swift Package Manager package for iOS
and macOS. A complete solution to OpenSSL on iOS and macOS. The package
comes with precompiled libraries and includes a script to build newer versions
if necessary.

The current version contains binaries built with the latest iOS SDK (target
11.0), and the latest macOS SDK (target 13) for all supported architectures
(including macOS Catalyst)."

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

git - SkyScraper

"SkyScraper is an advanced web scraping library for iOS written in Obj-C.

The library is an XSLT 1.0 processor based on libxslt (primarily by Daniel
Veillard) with some built-in EXSLT extensions - shipping within libexslt as
part of libxslt, and an external regexp extension by Joel W. Reed."

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

aleksey.com - XML Security Library

"XML Security Library is a C library based on LibXML2. The library supports
major XML security standards:

- XML Signature
- XML Encryption
- Canonical XML (part of the LibXML2)
- Exclusive Canonical XML (part of the LibXML2)"

https://github.com/lsh123/xmlsec/tree/master/src

https://github.com/lsh123/xmlsec/discussions

Archive:

https://xmlsec.aleksey.narkive.com

https://xmlsec.aleksey.narkive.com/M7mmAcOl/building-for-ios

Ike · Kapetan Joined: 17 Jun 2006 Posts: 3136 Location: Europe

git - Compile a library for iOS 4.3 using its configure script

"ios-configure runs a "configure" script using the iOS 4.3 SDK, generating
a static library that will load and run on your choice of iPhone, iPad, and
their respective simulators."

so - Compiling external C++ library for use with iOS project

"The best way then to deal with this is create a build script which will do all the
work for you. This way, it's easier to redo. More importantly, you can reuse the
script or permute it to build other external libs.

There are many ways you can build the script. Here is one."

#!/bin/bash

...