Does CFNetwork provide API to open a socket on a particular interface? This post suggestsusing SCNetworkInterfaceCopyAll and SCNetworkInterfaceGetInterfaceType to find an interface with a desired type. But I get an error saying SCNetworkInterfaceCopyAll is unavailable in Xcode 8.3.2.If SCNetworkInterfaceCopyAll is unavailable, how would you search the result of getifaddrs to find an interface with a type (e.g. kSCNetworkInterfaceTypeIEEE80211 (wifi) vs kSCNetworkInterfaceTypeWWAN (cell)).Thanks!
When URLSession.dataTask(with request: URLRequest, completionHandler:) returns a nil error, is the URLResponse response parameter guaranteed to be an HTTPURLResponse, so that it is safe to force downcast the URLResponse to an HTTPURLResponse?This article does not force cast the URLResponse to an HTTPURLResponse when there is no error:https://developer.apple.com/documentation/foundation/url_loading_system/fetching_website_data_into_memoryThese examples do:https://developer.apple.com/documentation/network/debugging_http_server-side_errorshttps://forums.developer.apple.com/message/351326#351326Thanks!
Post not yet marked as solved
The Xcode 10 release notes mention a static analyzer feature that checks for a common performance anti-pattern when using Grand Central Dispatch, involving waiting on a callback using a semaphore.1. For a function that needs to synchronously return a value from an asynchronous API, is there a more efficient solution than using a DispatchWorkItem as shown here?https://forums.developer.apple.com/message/251273#251577
2. The analyzer produces the following warning for the anti-pattern:
"Waiting on a callback using a semaphore creates useless threads and is subject to priority inversion; consider using a synchronous API or changing the caller to be asynchronous"What is the priority inversion the warning refers to?At the time of this writing, the analyzer doesn’t produce a warning for the anti-pattern in Swift as it does in Objective-C.Thanks!
iOS 10+ provides the crypto API SecKeyCreateEncryptedData to encrypt data. Using an algorithm of kSecKeyAlgorithmRSAEncryptionOAEPSHA256AESGCM, the data to be encrypted is encrypted using a randomly generated AES-GCM key, and a 16 byte AES-GCM tag is generated. The AES key is encrypted using the RSA public key.We are encrypting data using this method and sending it to a non-macOS server, on which SecKeyCreateDecryptedData is not available. The server is using a recent version of OpenSSL.As a simple test, we are using a 2048 bit RSA key and 16 bytes of data to encrypt. The result of the call to SecKeyCreateEncryptedData is a 288 byte Data.After sending the data to the server, the server is able to successfully decrypt the first 256 bytes of the buffer as the AES key. But the AES decryption fails because the tag verification fails, and the message is not even close to being the same as the original.Our question is, how to successfully decrypt a buffer encrypted with kSecKeyAlgorithmRSAEncryptionOAEPSHA256AESGCM? Given our test message, we assumed the format of the buffer returned from SecKeyCreateEncryptedData is:bytes 0..<256 = RSA encrypted AES keybytes 256..<272 = AES encrypted messagebytes 272..<288 = AES-GCM tagBut that may not be correct. The comment in the header for kSecKeyAlgorithmRSAEncryptionOAEPSHA256AESGCM says: “Raw public key data is used as authentication data for AES-GCM encryption”. We added the RSA public key data as authentication data to the AES decryption operation, but the tag verification still fails.How does one successfully decrypt a buffer encrypted with kSecKeyAlgorithmRSAEncryptionOAEPSHA256AESGCM?Thanks!
Post not yet marked as solved
How would one perform a Diffie Helman key exchange with a remote server using the new SecKey API in iOS 10+?The following is a high level, starting outline:// 1. get the server's public key
let publicKey: SecKey
// 2. Generate an ECSEC private key
let attributes: [String: Any] = [kSecAttrKeyType as String: kSecAttrKeyTypeECSECPrimeRandom, kSecAttrKeySizeInBits as String: 256]
var error: Unmanaged<CFError>?
let privateKey = SecKeyCreateRandomKey(attributes as CFDictionary, &error)!
// 3. Select an ECDH key exchange algorithm
let algorithm: SecKeyAlgorithm = .ecdhKeyExchangeCofactorX963SHA256
let size: SecKeyKeyExchangeParameter = .requestedSize
let parameters: [SecKeyKeyExchangeParameter: Int] = [size: 16]
// 4. perform the shared secret exchange
let sharedSecret = SecKeyCopyKeyExchangeResult(privateKey, algorithm, publicKey, parameters as CFDictionary, &error) as? DataWhat is the format of the data returned from SecKeyCopyKeyExchangeResult?How would an AES key, operating in GCM mode, be derived from it?Thanks!
mjc.