Ad

Our DNA is written in Swift
Jump

Preview: DTCertificateViewer

Mar 08, 2013

It’s gotten very late, already 8 pm. But let me still show you a few screen shots of my upcoming DTCertificateViewer component. You can already pre-order for 50% off the final retail price.

Let’s say you have an app that makes call to a URL that you don’t control. For example one of your corporate clients has his own web API and they don’t want to spend a couple of hundred dollars for a “proper” certificate. Still they want to have their web API traffic be encrypted with HTTPS.

So the first time you encounter this certificate you evaluate the SecTrustRef and get the information that it is a recoverable trust problem. So you show this alert. The demo app that comes with this component demonstrates how.

Alert Certificate

Cancel would cancel the web request. Continue would ignore the trust problem. Details shows details. There is a dialog in-between the alert and the following one, but that should be easy to do.

This is an actual certificate and the display of the already implemented sections is identical with the original Apple certificate viewer. This screenshot is also from the Demo, it shows the display of my own *.cocoanetics.com wildcard certificate.

Subject Section

Also of interest is the bottom of this table view which shows the certificate details.

Certificate Details

And of course this also works in landscape.

Landscape

My first goal is to have the display to match exactly Apple’s original. Once we have achieved this we can start to make it better.

There are many problems with Apple’s solution, including:

  • German localization of the field names is generally too long so that you can only see some values if you rotate to landscape
  • The rotation is not animated but it jumps, clearly this is very old code
  • Apple’s certificate viewer doesn’t even support 4″ displays
  • All the values that show an angle bracket are actually plain NSData descriptions.
  • I found that the public key data value is actually not the true public key but it is a still encoded ASN.1 sequence of the actual key data and the exponent. This also – unnecessarily – contains the ASN.1 tag part. Very sloppy.
  • It is no public API that you could use.

All of this adds to some great potential for DTCertificateViewer which is why I chose to pursue it. If you have a use case for it then please don’t hesitate to get in touch with me.

Categories: Business

Leave a Comment