Connect iPhone/iPad with Mac (the Apple way)

Hello,

When Apple's Remote app tries to connect to a Mac (running iTunes) on a local network (using WiFi), the user needs to enter a passcode provided by the iPhone as a security measure. This approach has been adopted by a number of other apps (e.g., Rowmote, Pastebot, ...). Is there an API that provides this way of working?

Assuming Bonjour is in play, how does an iPhone checks if the passcode entered on a Mac is correct without resolving the NSNetService the Mac is publishing? Or does the iPhone resolve the NSNetService a Mac is publishing and waits for the passcode to be confirmed before processing any other packets that might be sent via the NSNetService (packets other than the passcode).

I have a solution for my problem, but I would like to know if there's an API I have overlooked that provides a ready-made solution.

Advice and pointers are welcome.

Thanks in advance,

Bart

I don't believe there is an Apple provided API for this. I simply use the Bonjour APIs to open a connection between two devices, then have one randomly create a 4 digit passcode and ask the other device for it. The other device presents a UI to ask the user for the passcode, then transmits it back and waits for an answer. If they match, the devices store each other's identifiers to skip over this process the next time they connect.

Edit: Thanks to tc for pointing out that this implementation isn't totally secure. I'm now having one device create a unique, random password, and send it over to the other device, then store the SHA1 hash of the password for future reference. Then the other device stores the password and sends it back over whenever it connects for authentication. The user does the number code thing once in order to let the devices know that they should trust each other in the future, but now in order for a reverse engineer to connect to a device they would have to know both the identifier of and password for a valid, connected device. (Or they'd have to have access to both devices and do the number code thing; there isn't really a way to stop anyone from doing that, obviously).

-1 Insecure! Device identifiers can be "forged" if someone reverse-engineers your protocol.

tc. 2010-08-11 17:40:44

What's a better way of avoiding having to do passcode authentication over and over, then?

anshuchimala 2010-08-11 17:44:47

Two questions:1) This implies that you make an actual connection to send the Mac the request for a passcode. Right?2) I wonder how Apple manages to send all Macs running iTunes on the same network that passcode request (in the form of your iPhone showing up in iTunes). Does it connect to all those Macs? Thanks for your comment!

bare_nature 2010-08-11 17:50:50

The iPhone showing up in iTunes' sidebar is iTunes using an NSNetServiceBrowser to search for Bonjour services on the network. When you click on one, it resolves the service and does the whole passcode thing.

anshuchimala 2010-08-11 18:24:33

ansaurus

tags:

views:

answers:

Connect iPhone/iPad with Mac (the Apple way)

related questions