I am working on a Swift app which does a TLS connection to a server. I want to set an identity, which the server will validate. I'm given a pkcs12 file. The cert is not trusted locally on my system, but the server can validate it. First, I didn't need to import the cert - I just want to create an identity that I can use with my connection. I don't think that's possible, so I do this: var importStatus = SecPKCS12Import(pkcs12Data as CFData, importOptions as CFDictionary, &importArray) The first time I call this, it's successful. I have come to extract the identity (and certificate) from the importArray returned, but in my case, even though I get an errSecSuccess return status, the importArray is empty. So first question: why would it be empty? ( if the code is run again, I get an errSecDuplicateItem - I don't need to store it in the keychain but I guess I'm being forced to) When I imported, I used a UUID as my identifier - I set it in the options: let importOptions: [String: Any] = [ kSecImportExportPassphrase as String: password, kSecImportItemLabel as String: identifier ] So I try to retrieve the identity from the keychain: let identityQuery = [ kSecClass: kSecClassIdentity, kSecReturnRef: true, kSecAttrLabel: identifier ] as NSDictionary var identityItem: CFTypeRef? let status = SecItemCopyMatching(identityQuery as CFDictionary, &identityItem) where I pass the UUID as identifier, but I actually get back my apple identity, not the certificate. However, if I pass in the certificate's CN, (hard-coded for my testing) I get the right identity back. So my second question: am I doing something wrong? If i pass an ItemLabel on import, can I retrieve the certificate using that same label? So for me to get this working, I need to know the CN of my cert, or I need the ItemLabel to work so that I can just retrieve using a UUID. To determine the CN of my cert, the only apple API I found is this: SecCertificateCopyCommonName which requires the cert to be in .der format, rather than .pkcs12. So I have a bit of a chicken and egg problem. So my last question - is there a way to extract the CN from the pkcs12 file, or to convert the Data from .pkcs12 to .der? Thanks!

I'm making a macOS app using SwiftUI. I have a Table view. I have selection enabled but I can't find any way to customize the selection color - it's always blue. My table looks something like this: Table(of: MyObj.self, selection: $selectedID, sortOrder: $sortOrder) { TableColumn("Column Name") { obj in // do some custom view } . . . } rows: { Foreach (model.items) { obj in TableRow(obj) } }

Hi folks, For accessing the logs, I’m using OSLogStore object. I want to be able to read logs from any previous run of my application. I can of course do this: // Open the log store. var logStore = try OSLogStore(scope: .currentProcessIdentifier) But this only allows me to retrieve logs from my current running process. I can also do this: // Open the log store. var logStore = try OSLogStore(scope: .system) But this only works if my App Sandbox entitlement is false. I tried disabling the sandbox, and I was able to get to all the logs (which is good) but according to this page: https://developer.apple.com/documentation/security/app_sandbox/ it says: To distribute a macOS app through the Mac App Store, you must enable the App Sandbox capability Since we are planning on distributing our app on the store, this presents a big problem for me. (I didn't try submitting to TestFlight to see if it's really the case). I don’t know if there are exclusions or ways around this – I don’t see an entitlement that I can add which would allow access to the logs. Does anyone know a way around this? Thanks, David

I'm building a network client with Swift (using QUIC). I set everything up properly (I know this because I can successfully connect, send and receive streams). But I'm trying to catch connection errors. For example if I try to connect to a totally bogus IP address, I would like to display Connecting, then ConnectionFailed I do the following: create my NWMultiplexGroup descriptor set my appropriate NWParameters create my NWConnectionGroup set up my handlers (setReceiveHandler, newConnectionHandler) and my state update handler i call connection.start When I pass a valid address to a server that is listening for the connection, all is good - in my stateUpdateHandler I get the .ready state, but I don't get any intermediate states, and if I pass it a bogus IP address, I get absolutely no callbacks to my handler (I would have expected to get .waiting and/or .failed) I couldn't find any quic options that I'm not doing, and the apple documentation is not helpful Any suggestions as to what I might be missing?