Difference between revisions of "Mobile App Development 2021W Lecture 3"
Jump to navigation
Jump to search
(Created page with "==Video== Video from the lecture given on January 18, 2020 [https://homeostasis.scs.carleton.ca/~soma/mad-2021w/lectures/comp1601-2021w-lec03-20210118.m4v is now available].") |
|||
| Line 2: | Line 2: | ||
Video from the lecture given on January 18, 2020 [https://homeostasis.scs.carleton.ca/~soma/mad-2021w/lectures/comp1601-2021w-lec03-20210118.m4v is now available]. | Video from the lecture given on January 18, 2020 [https://homeostasis.scs.carleton.ca/~soma/mad-2021w/lectures/comp1601-2021w-lec03-20210118.m4v is now available]. | ||
==Notes== | |||
<pre> | |||
Lecture 3 | |||
------------ | |||
Tutorial 1 | |||
command line Swift | |||
Swift language concepts | |||
- class vs struct | |||
- types | |||
Most programming languages have ways to represent collections of data | |||
We normally call these objects nowadays, but objects have a few other properties | |||
abstract data types are what objects are based on | |||
normally we want to associate code with data | |||
- variabes and functions to go with it | |||
an abstract data type is this combination | |||
objects are abstract data types + inheritance | |||
roughly in swift, struct's are abstract data types, class's are objects | |||
- no inheritance with struct's | |||
but there's one other big difference | |||
- classes are reference types | |||
- struct's are value types | |||
Certificates | |||
- when you install an application, how do you know who created it? | |||
- is the code coming from a trusted source? | |||
- code signing certificates are how we make sure that code is legit | |||
- could still be malicious, but at least we'll know who to blame | |||
Every developer should have their own certificate that they use to sign their code | |||
when you install a program, the operating system checks the signature on the code | |||
to see if it is valid and associated with a trusted certificate | |||
- if it isn't, it doesn't allow the code to run (or it puts up big warnings that can | |||
be overridden) | |||
- "untrusted publisher" messages | |||
Underlying certificates is public key cryptography | |||
- a certificate is just a public key with associated metadata (i.e., someone's name | |||
email address, etc) | |||
Basic idea of public key crypto signatures | |||
- create a sig with private key | |||
- associated public key can verify signature | |||
- if it is verified, you know the signed data has not been tampered with | |||
and it was signed by someone with the private key | |||
Certificates are the basis of app stores | |||
- devices will only run code signed by trusted certificates | |||
- the app store controls what is trusted | |||
</pre> | |||
Revision as of 20:37, 19 January 2021
Video
Video from the lecture given on January 18, 2020 is now available.
Notes
Lecture 3
------------
Tutorial 1
command line Swift
Swift language concepts
- class vs struct
- types
Most programming languages have ways to represent collections of data
We normally call these objects nowadays, but objects have a few other properties
abstract data types are what objects are based on
normally we want to associate code with data
- variabes and functions to go with it
an abstract data type is this combination
objects are abstract data types + inheritance
roughly in swift, struct's are abstract data types, class's are objects
- no inheritance with struct's
but there's one other big difference
- classes are reference types
- struct's are value types
Certificates
- when you install an application, how do you know who created it?
- is the code coming from a trusted source?
- code signing certificates are how we make sure that code is legit
- could still be malicious, but at least we'll know who to blame
Every developer should have their own certificate that they use to sign their code
when you install a program, the operating system checks the signature on the code
to see if it is valid and associated with a trusted certificate
- if it isn't, it doesn't allow the code to run (or it puts up big warnings that can
be overridden)
- "untrusted publisher" messages
Underlying certificates is public key cryptography
- a certificate is just a public key with associated metadata (i.e., someone's name
email address, etc)
Basic idea of public key crypto signatures
- create a sig with private key
- associated public key can verify signature
- if it is verified, you know the signed data has not been tampered with
and it was signed by someone with the private key
Certificates are the basis of app stores
- devices will only run code signed by trusted certificates
- the app store controls what is trusted