CMSEncoder and timestamps

Question:


How can you get a timestamp using the _public_ CMSEncoder APIs?



As far as I can tell (due to lack of decent official documentation and ggogle search results basically limited to the libsecurity source code), it looks like that getting a timestamp would require to use private APIs (for instance to set a TSA context).



Platform: OS X 10.8 and later

Replies

A secure timestamp? Like the ones issued by

timestamp.apple.com
?

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Yes, those very same timestamps. The ones that are apparently required to be able to notarize a signed item.

Yes, those very same timestamps.

OK. In that case I think you’re right: I don’t think it’s possible to enable secure timestamps on

CMSEncoder
using its public API.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Is the recommended line of conduct then to (try to) use the Feedback Assistant to request public APIs and sit on one's hands waiting for at least a year to get them?

Is the recommended line of conduct then to (try to) use the Feedback Assistant to request public APIs

Yes.

sit on one's hands waiting for at least a year to get them?

That’s really up to you. In general, you have to balance the business need for a specific feature against the business cost of implementing that feature. If you want a more specific answer, you’ll need to share some details about your overall goal. Most folks who need secure timestamps get them via the

codesign
command line tool.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"