it-as
/
patbef-iOS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add debug mode for SSL

This commit is contained in:
Artur Savitskiy 2024-06-04 10:46:10 +02:00
parent 16f5e5aea4
commit 55ea15418b
2 changed files with 94 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Befund/Core/Https/Request.swift
View File

@ -350,22 +350,16 @@ extension Core
}
}
}
/*
public func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void)
{
public func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
#if DEBUG
completionHandler(.useCredential, URLCredential(trust: challenge.protectionSpace.serverTrust!))
// Accept all certificates
let urlCredential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
completionHandler(.useCredential, urlCredential)
#else
if(challenge.protectionSpace.host.contains("pba-simulator.patientenbefundapp.labor-limbach-hannover.de"))
{
completionHandler(.useCredential, URLCredential(trust: challenge.protectionSpace.serverTrust!))
}
else
{
completionHandler(.performDefaultHandling, nil)
}
#endif
}*/
}
}
/**

90
Befund/Core/Https/RequestAsync.swift
View File

@ -11,8 +11,35 @@ import Combine
import CryptoKit
extension SecTrust {
var isSelfSigned: Bool? {
guard SecTrustGetCertificateCount(self) == 1 else {
return false
}
guard let cert = SecTrustGetCertificateAtIndex(self, 0) else {
return nil
}
return cert.isSelfSigned
}
}
extension SecCertificate {
var isSelfSigned: Bool? {
guard
let subject = SecCertificateCopyNormalizedSubjectSequence(self),
let issuer = SecCertificateCopyNormalizedIssuerSequence(self)
else {
return nil
}
return subject == issuer
}
}
extension Core
{
enum RequestError: Error
{
case HANDLED_ERROR(msg: String)
@ -66,7 +93,7 @@ extension Core
get async throws {
if (_publicKey == nil)
{
_publicKey = try await postRequest.getPublicKey(host: host, controller: controller, action: action, _keyPair: keyPair)
_publicKey = try await postRequest.getPublicKey(host: host, _keyPair: keyPair)
}
return _publicKey
}
@ -80,13 +107,22 @@ extension Core
public var response: Core.Models.Response.EncryptedResponse? {
get async throws {
let encryptedRequest = Core.Models.Request.EncryptedRequest(descriptor: descriptor, contentObject: contentObject, requestType: requestType, key: try await sharedKey!)
let _shared = try await sharedKey
if(_shared != nil)
{
let encryptedRequest = Core.Models.Request.EncryptedRequest(descriptor: descriptor, contentObject: contentObject, requestType: requestType, key: _shared!)
let encryptedResponse = try await postRequest.getEncryptedResponse(host: host, controller: controller, action: action, _request: encryptedRequest, serverPublicKey: publicKey, _keyPair: keyPair)
return encryptedResponse
}
else
{
return nil
}
}
}
}
@ -118,13 +154,19 @@ extension Core
*/
func getEncryptedResponse(host: Https.Servers, controller: String, action: String, _request: Core.Models.Request.EncryptedRequest, serverPublicKey: Core.Models.Response.PublicKey?, _keyPair: Core.Security.Curve25519.KeyPair? = nil) async throws -> Core.Models.Response.EncryptedResponse
{
var (data,response) : (Data, URLResponse)
let keyPair = PrepareKeyPair(_keyPair: _keyPair)
do
{
let keyPair = PrepareKeyPair(_keyPair: _keyPair)
let request = try PrepareURLRequest(host: host, controller: controller, action: action, _request: _request, keyPair: keyPair)
let (data,response) = try await URLSession.shared.data(for: request)
let s = URLSession(configuration: URLSessionConfiguration.default, delegate: self, delegateQueue: nil)
(data,response) = try await s.data(for: request)
}
catch
{
throw RequestError.UNEXPECTED_ERROR(msg: error.localizedDescription)
}
let httpR = response as? HTTPURLResponse
if (httpR != nil)
@ -169,23 +211,24 @@ extension Core
}
}
catch
{
throw RequestError.UNEXPECTED_ERROR(msg: error.localizedDescription)
}
}
@MainActor
func getPublicKey(host: Https.Servers, controller: String, action: String, _keyPair: Core.Security.Curve25519.KeyPair? = nil) async throws -> Core.Models.Response.PublicKey
func getPublicKey(host: Https.Servers, _keyPair: Core.Security.Curve25519.KeyPair? = nil) async throws -> Core.Models.Response.PublicKey
{
var (data,response) : (Data, URLResponse)
do
{
let keyPair = PrepareKeyPair(_keyPair: _keyPair)
let request = try PrepareURLRequest(host: host, controller: controller, action: action, _request: nil, keyPair: keyPair)
let request = try PrepareURLRequest(host: host, controller: "exchange", action: "key", _request: nil, keyPair: keyPair)
let s = URLSession(configuration: URLSessionConfiguration.default, delegate: self, delegateQueue: nil)
let (data,response) = try await s.data(for: request)
(data,response) = try await s.data(for: request)
}
catch
{
throw RequestError.UNEXPECTED_ERROR(msg: error.localizedDescription)
}
let httpR = response as? HTTPURLResponse
if(httpR != nil)
@ -223,23 +266,16 @@ extension Core
}
}
catch
{
throw RequestError.UNEXPECTED_ERROR(msg: error.localizedDescription)
}
}
nonisolated public func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
let trust = challenge.protectionSpace.serverTrust!
completionHandler(.useCredential, URLCredential(trust:trust))
return
#if DEBUG
// Accept all certificates
let urlCredential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
completionHandler(.useCredential, urlCredential)
#else
completionHandler(.performDefaultHandling, nil)
#endif
}
completionHandler(.cancelAuthenticationChallenge, nil)
}
private func PrepareKeyPair(_keyPair: Core.Security.Curve25519.KeyPair? = nil) -> Core.Security.Curve25519.KeyPair
{