add debug mode for SSL
This commit is contained in:
parent
16f5e5aea4
commit
55ea15418b
|
@ -350,22 +350,16 @@ extension Core
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/*
|
|
||||||
public func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void)
|
public func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
|
||||||
{
|
|
||||||
#if DEBUG
|
#if DEBUG
|
||||||
completionHandler(.useCredential, URLCredential(trust: challenge.protectionSpace.serverTrust!))
|
// Accept all certificates
|
||||||
|
let urlCredential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
|
||||||
|
completionHandler(.useCredential, urlCredential)
|
||||||
#else
|
#else
|
||||||
if(challenge.protectionSpace.host.contains("pba-simulator.patientenbefundapp.labor-limbach-hannover.de"))
|
completionHandler(.performDefaultHandling, nil)
|
||||||
{
|
|
||||||
completionHandler(.useCredential, URLCredential(trust: challenge.protectionSpace.serverTrust!))
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
completionHandler(.performDefaultHandling, nil)
|
|
||||||
}
|
|
||||||
#endif
|
#endif
|
||||||
}*/
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -11,8 +11,35 @@ import Combine
|
||||||
import CryptoKit
|
import CryptoKit
|
||||||
|
|
||||||
|
|
||||||
|
extension SecTrust {
|
||||||
|
|
||||||
|
var isSelfSigned: Bool? {
|
||||||
|
guard SecTrustGetCertificateCount(self) == 1 else {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
guard let cert = SecTrustGetCertificateAtIndex(self, 0) else {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
return cert.isSelfSigned
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
extension SecCertificate {
|
||||||
|
|
||||||
|
var isSelfSigned: Bool? {
|
||||||
|
guard
|
||||||
|
let subject = SecCertificateCopyNormalizedSubjectSequence(self),
|
||||||
|
let issuer = SecCertificateCopyNormalizedIssuerSequence(self)
|
||||||
|
else {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
return subject == issuer
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
extension Core
|
extension Core
|
||||||
{
|
{
|
||||||
|
|
||||||
enum RequestError: Error
|
enum RequestError: Error
|
||||||
{
|
{
|
||||||
case HANDLED_ERROR(msg: String)
|
case HANDLED_ERROR(msg: String)
|
||||||
|
@ -66,7 +93,7 @@ extension Core
|
||||||
get async throws {
|
get async throws {
|
||||||
if (_publicKey == nil)
|
if (_publicKey == nil)
|
||||||
{
|
{
|
||||||
_publicKey = try await postRequest.getPublicKey(host: host, controller: controller, action: action, _keyPair: keyPair)
|
_publicKey = try await postRequest.getPublicKey(host: host, _keyPair: keyPair)
|
||||||
}
|
}
|
||||||
return _publicKey
|
return _publicKey
|
||||||
}
|
}
|
||||||
|
@ -80,11 +107,20 @@ extension Core
|
||||||
|
|
||||||
public var response: Core.Models.Response.EncryptedResponse? {
|
public var response: Core.Models.Response.EncryptedResponse? {
|
||||||
get async throws {
|
get async throws {
|
||||||
let encryptedRequest = Core.Models.Request.EncryptedRequest(descriptor: descriptor, contentObject: contentObject, requestType: requestType, key: try await sharedKey!)
|
let _shared = try await sharedKey
|
||||||
|
if(_shared != nil)
|
||||||
|
{
|
||||||
|
let encryptedRequest = Core.Models.Request.EncryptedRequest(descriptor: descriptor, contentObject: contentObject, requestType: requestType, key: _shared!)
|
||||||
|
|
||||||
let encryptedResponse = try await postRequest.getEncryptedResponse(host: host, controller: controller, action: action, _request: encryptedRequest, serverPublicKey: publicKey, _keyPair: keyPair)
|
let encryptedResponse = try await postRequest.getEncryptedResponse(host: host, controller: controller, action: action, _request: encryptedRequest, serverPublicKey: publicKey, _keyPair: keyPair)
|
||||||
|
|
||||||
return encryptedResponse
|
return encryptedResponse
|
||||||
|
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -118,17 +154,23 @@ extension Core
|
||||||
*/
|
*/
|
||||||
func getEncryptedResponse(host: Https.Servers, controller: String, action: String, _request: Core.Models.Request.EncryptedRequest, serverPublicKey: Core.Models.Response.PublicKey?, _keyPair: Core.Security.Curve25519.KeyPair? = nil) async throws -> Core.Models.Response.EncryptedResponse
|
func getEncryptedResponse(host: Https.Servers, controller: String, action: String, _request: Core.Models.Request.EncryptedRequest, serverPublicKey: Core.Models.Response.PublicKey?, _keyPair: Core.Security.Curve25519.KeyPair? = nil) async throws -> Core.Models.Response.EncryptedResponse
|
||||||
{
|
{
|
||||||
|
var (data,response) : (Data, URLResponse)
|
||||||
|
let keyPair = PrepareKeyPair(_keyPair: _keyPair)
|
||||||
do
|
do
|
||||||
{
|
{
|
||||||
let keyPair = PrepareKeyPair(_keyPair: _keyPair)
|
|
||||||
|
|
||||||
let request = try PrepareURLRequest(host: host, controller: controller, action: action, _request: _request, keyPair: keyPair)
|
let request = try PrepareURLRequest(host: host, controller: controller, action: action, _request: _request, keyPair: keyPair)
|
||||||
|
|
||||||
let (data,response) = try await URLSession.shared.data(for: request)
|
let s = URLSession(configuration: URLSessionConfiguration.default, delegate: self, delegateQueue: nil)
|
||||||
|
(data,response) = try await s.data(for: request)
|
||||||
|
}
|
||||||
|
catch
|
||||||
|
{
|
||||||
|
throw RequestError.UNEXPECTED_ERROR(msg: error.localizedDescription)
|
||||||
|
}
|
||||||
|
|
||||||
let httpR = response as? HTTPURLResponse
|
let httpR = response as? HTTPURLResponse
|
||||||
if (httpR != nil)
|
if (httpR != nil)
|
||||||
{
|
{
|
||||||
if (httpR?.statusCode == 429)
|
if (httpR?.statusCode == 429)
|
||||||
{
|
{
|
||||||
AppDelegate.Session.Maintenance = false
|
AppDelegate.Session.Maintenance = false
|
||||||
|
@ -162,34 +204,35 @@ extension Core
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
throw RequestError.HANDLED_ERROR(msg: Core.Lang.Get(key: "ERROR_INVALID_RESPONSE"))
|
throw RequestError.HANDLED_ERROR(msg: Core.Lang.Get(key: "ERROR_INVALID_RESPONSE"))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@MainActor
|
||||||
|
func getPublicKey(host: Https.Servers, _keyPair: Core.Security.Curve25519.KeyPair? = nil) async throws -> Core.Models.Response.PublicKey
|
||||||
|
{
|
||||||
|
var (data,response) : (Data, URLResponse)
|
||||||
|
do
|
||||||
|
{
|
||||||
|
let keyPair = PrepareKeyPair(_keyPair: _keyPair)
|
||||||
|
|
||||||
|
let request = try PrepareURLRequest(host: host, controller: "exchange", action: "key", _request: nil, keyPair: keyPair)
|
||||||
|
|
||||||
|
let s = URLSession(configuration: URLSessionConfiguration.default, delegate: self, delegateQueue: nil)
|
||||||
|
(data,response) = try await s.data(for: request)
|
||||||
}
|
}
|
||||||
catch
|
catch
|
||||||
{
|
{
|
||||||
throw RequestError.UNEXPECTED_ERROR(msg: error.localizedDescription)
|
throw RequestError.UNEXPECTED_ERROR(msg: error.localizedDescription)
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
@MainActor
|
let httpR = response as? HTTPURLResponse
|
||||||
func getPublicKey(host: Https.Servers, controller: String, action: String, _keyPair: Core.Security.Curve25519.KeyPair? = nil) async throws -> Core.Models.Response.PublicKey
|
if(httpR != nil)
|
||||||
{
|
|
||||||
do
|
|
||||||
{
|
{
|
||||||
let keyPair = PrepareKeyPair(_keyPair: _keyPair)
|
|
||||||
|
|
||||||
let request = try PrepareURLRequest(host: host, controller: controller, action: action, _request: nil, keyPair: keyPair)
|
|
||||||
|
|
||||||
let s = URLSession(configuration: URLSessionConfiguration.default, delegate: self, delegateQueue: nil)
|
|
||||||
let (data,response) = try await s.data(for: request)
|
|
||||||
|
|
||||||
let httpR = response as? HTTPURLResponse
|
|
||||||
if(httpR != nil)
|
|
||||||
{
|
|
||||||
|
|
||||||
if (httpR!.statusCode == 429)
|
if (httpR!.statusCode == 429)
|
||||||
{
|
{
|
||||||
|
@ -216,31 +259,24 @@ extension Core
|
||||||
return publicKey
|
return publicKey
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
throw RequestError.HANDLED_ERROR(msg: Core.Lang.Get(key: "ERROR_INVALID_RESPONSE"))
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
catch
|
else
|
||||||
{
|
{
|
||||||
throw RequestError.UNEXPECTED_ERROR(msg: error.localizedDescription)
|
throw RequestError.HANDLED_ERROR(msg: Core.Lang.Get(key: "ERROR_INVALID_RESPONSE"))
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
nonisolated public func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
|
nonisolated public func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
|
||||||
if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
|
#if DEBUG
|
||||||
let trust = challenge.protectionSpace.serverTrust!
|
// Accept all certificates
|
||||||
completionHandler(.useCredential, URLCredential(trust:trust))
|
let urlCredential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
|
||||||
return
|
completionHandler(.useCredential, urlCredential)
|
||||||
}
|
#else
|
||||||
completionHandler(.cancelAuthenticationChallenge, nil)
|
completionHandler(.performDefaultHandling, nil)
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private func PrepareKeyPair(_keyPair: Core.Security.Curve25519.KeyPair? = nil) -> Core.Security.Curve25519.KeyPair
|
private func PrepareKeyPair(_keyPair: Core.Security.Curve25519.KeyPair? = nil) -> Core.Security.Curve25519.KeyPair
|
||||||
{
|
{
|
||||||
var keyPair = _keyPair;
|
var keyPair = _keyPair;
|
||||||
|
|
Loading…
Reference in New Issue