I'm syncing my Mac application with my iPhone application using NSStream and am trying to encrypt the communication with SSL. I've tried to run CFReadStreamSetProperty(readStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings)
on the iPhone side and CFWriteStreamSetProperty(writeStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings)
on the Mac side when I set up the NSInputStream and NSOutputStream respectively. For the settings dictionary, I'm following the advice of http://iphonedevelopment.blogspot.com/2010/05/nsstream-tcp-and-ssl.html and ignoring the properties of the certificate. However, encrypting it in this way doesn't seem to work as the transfer does not go through - is there something else I need to do to get this functionality working?
Thanks!
EDIT: Here's some code:
On the Mac:
NSOutputStream *outStream;
[service getInputStream:nil outputStream:&outStream];
[outStream open];
[outStream setProperty:NSStreamSocketSecurityLevelNegotiatedSSL
forKey:NSStreamSocketSecurityLevelKey];
NSDictionary *settings = [[NSDictionary alloc] initWithObjectsAndKeys:
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates,
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot,
[NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain,
kCFNull,kCFStreamSSLPeerName, nil];
CFWriteStreamSetProperty((CFWriteStreamRef)outStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings);
int bytes = [outStream write:[rawPacket bytes] maxLength:[rawPacket length]];
[outStream close];
On the iPhone:
CFReadStreamRef readStream;
NSString *filePath = [NSHomeDirectory() stringByAppendingPathComponent:@"file"];
NSOutputStream *fileStream = [NSOutputStream outputStreamToFileAtPath:self.filePath append:NO];
[fileStream open];
CFStreamCreatePairWithSocket(NULL, fd, &readStream, NULL);
NSInputStream *networkStream = (NSInputStream *) readStream;
CFRelease(readStream);
[networkStream setProperty:(id)kCFBooleanTrue forKey:(NSString *)kCFStreamPropertyShouldCloseNativeSocket];
networkStream.delegate = self;
[networkStream scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode];
[networkStream open];
[self.networkStream setProperty:NSStreamSocketSecurityLevelNegotiatedSSL
forKey:NSStreamSocketSecurityLevelKey];
NSDictionary *settings = [[NSDictionary alloc] initWithObjectsAndKeys:
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates,
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot,
[NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain,
kCFNull,kCFStreamSSLPeerName, nil];
CFReadStreamSetProperty((CFReadStreamRef)self.networkStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings);