iOS AdHoc delivery - the process of becoming iOS developer

My attempt to explain the AdHoc delivery process.
Everything from creating a developer account, generating a certificate, to deploying your app on a device.


UINavigationController issue fixed

If you try to push / pop several view controllers in a sequence, animated, the UI stack sometimes get corrupted. Usually you will end up with a screen which is not in the UINavigationController's stack.

It's all an animation issue.
I have finally managed to find a proper fix by subclassing the navigation controller, and using that one instead:


iOS SSL renegotiation issue

It seams that the iOS SDK has some issues with SSL renegotiations.
I have filed this bug report:



Few iOS Security API hints

Sharing a RSA public key

On the iOS you can generate a RSA key pair using the SecKeyGeneratePair function. However this function doesn't pack the public key into a complete PublicKeyInfo structure. It generates only the public key data annotated below:
So if you need to share the public key (e.g. with the backend) you would usually need to manually add the header. When doing this pay attention to properly adjust the lengths of the first SEQUENCE and the BIT_STRING.

Getting an identity reference for a certificate created in runtime

Let's say you have created your key pair, and shared the public key with the backend. And you have received a certificate containing your public key, which should be used as a client certificate for establishing a 2-way SSL:
  1. DO NOT add the certificate to the keychain by simply inserting it's bytes using the SecItemAdd function. If you do this, you would be able to access the certificate, even get a proper reference for it, but it want get associated  to your private key. So, you want be able to get a proper identity reference for establishing the SSL connection.
  2. You should first use the SecCertificateCreateWithData function, to create a proper certificate reference (SecCertificateRef), which then you provide to the SecItemAdd function, to insert the certificate.
  3. Now you should be able to query the keychain and get a valid SecIdentityRef instance. You can use the same filtering parameters (e.g. keychain item label) which you have used for your certificate.