TLS certificate authentication using my CryptoTokenKit plugin

Question

Created Oct ’20

Replies 4

Boosts 0

Views 1.3k

Participants 4

I have written a CTK plugin for iOS and Safari can now authenticate with web sites that require client authentication (certificaterequest/certificateverity). However, a WKWebView in my own app never accesses my CTK plugin for authentication.
I need WKWebView TLS to be able to use my CTK just like Safari does. Is there a solution for this?

Answered by nelsonlogic in 641837022

You must provide a keychain access group entitlement for your app as follows. Be sure to inspect your editing and make sure you don't have your application prefix in the string:

Code Block 	<key>keychain-access-groups</key>	<array>
		<string>com.apple.token</string>
	</array>

Boost

Answer 1

DTS Engineer OP

Apple

Oct ’20

However, a WKWebView in my own app never accesses my CTK plugin for
authentication.

Does it work with NSURLSession?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 2

nelsonlogic OP

Oct ’20

Accepted Answer

You must provide a keychain access group entitlement for your app as follows. Be sure to inspect your editing and make sure you don't have your application prefix in the string:

Code Block 	<key>keychain-access-groups</key>	<array>
		<string>com.apple.token</string>
	</array>

0

Answer 3

xaqfan OP

Apr ’21

Hi,
How to create a ctk plugin for ios? I have write a CryptoTokenKit extension refer to the official example base on macos.
And run it on ios 14.4 ,it have no logs.
Is there any thing to pay attention to?
Could you help me ?

Thank u!

0

Answer 4

DTS Engineer OP

Apple

Apr ’21

How to create a ctk plugin for ios?

I recommend that you start a new thread for that, tagging it with CryptoTokenKit.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0