ios - Meaning of values received from "SecTrustCopyPublicKey" call -

-

when making https request google.com, did following:

import foundation  class learnnsurlsession: nsobject, nsurlsessiondelegate, nsurlsessiontaskdelegate {     override init() {         super.init()         let mysession = nsurlsession(configuration: nsurlsessionconfiguration.ephemeralsessionconfiguration(), delegate: self, delegatequeue: nsoperationqueue.mainqueue())         let data = mysession.datataskwithurl(nsurl(string: "https://www.google.com")!, completionhandler: myhandler)         data.resume()     }      func myhandler(data: nsdata!, response: nsurlresponse!, error: nserror!) -> void {         let s = nsstring(data: data, encoding: nsasciistringencoding)         println(s)     }      func urlsession(session: nsurlsession, task: nsurlsessiontask, didcompletewitherror error: nserror?) {         println("error:  \(error)")     }      // handles https connections     func urlsession(session: nsurlsession, didreceivechallenge challenge: nsurlauthenticationchallenge, completionhandler: (nsurlsessionauthchallengedisposition, nsurlcredential!) -> void) {         println("\npublic key:  \(sectrustcopypublickey(challenge.protectionspace.servertrust).takeunretainedvalue())")         completionhandler(nsurlsessionauthchallengedisposition.performdefaulthandling, nil)     }      // handles redirection     func urlsession(session: nsurlsession, task: nsurlsessiontask, willperformhttpredirection response: nshttpurlresponse, newrequest request: nsurlrequest, completionhandler: (nsurlrequest!) -> void) {         completionhandler(request)     }

when run code, notice urlsession:didreceivechallenge gets called twice , following outputs println("public key:\(sectrustcopypublickey(challenge.protectionspace.servertrust).takeunretainedvalue())"):

public key:  <seckeyref algorithm id: 1, key type: rsapublickey, version: 3, block size: 2048 bits, exponent: {hex: 10001, decimal: 65537}, modulus: 982a37418af3b46a9c0bdc42520dd4efe3854b118194b8a199ace499b8b3ff8f566360e0dcf44659aa2bb07ccad187fb9238c925b2f1f7864492bf79f99de9dd8f8cfb6d868c5dca4146d78ba33182fc4fe54d9c68b14f3d13795faaa20a5133b73d1febd1ad1b12b2010a8687d6848335a1c0ba4fcbf530a098ee16c22eebe21d5dd8c296eca39501b3d1a8848dec265b9a1f63d95c852040b40a5b2e7712d8a24cac67245d9ad3a8d9446e26905a4d8a2002876659bfe9204d30a08cbc49095ff3045c33e52c20fd6ea6fd5dd7e9f61e103190be46638c0fbd43cce88242020395921c7542f59d17e63beb17c95798e45deb989610b672294a856bf1f6667b, addr: 0x7f96fb044000>  public key:  <seckeyref curve type: ksececcurvesecp256r1, algorithm id: 3, key type: ecpublickey, version: 3, block size: 256 bits, y: value1, x: value2, addr: 0x7f96fc032970>

i have ommited values of "y" , "x" in second output, because don't know if should post them. "value1" (y) string 66 characters , "value2" (x) string 130 characters. both have numbers , upper-case letter, no symbols.

what "x" , "y" values in second output? "subjectpublickeyinfo"? why function called twice? , why must call "sectrustevaluate" before calling "sectrustcopypublickey"? documentation said must so, couldn't find why. also, ios automatically "sectrustevaluate" does, when https connection being established?

what "x" , "y" values in second output?

the parameters of elliptic curve being used. basically, "the public key." purposes, don't need know math, accept there 2 large numbers when put formula mathematical curve can used encrypt data sender can decrypt, or symmetrically, verify data sent given sender. if care, here's reasonably useful introduction concept. it's difficult explain without math, math in paper isn't crazy.

the "numbers , letters" hexidecimal encoding of 2 massive numbers. it's same "modulus" in other key list. that's different algorithm, called rsa. in case, that's (really incredibly huge) number used modulus (number divide , take remainder) in 1 of steps.

all of these numbers public. there no secrets here.

why function called twice?

it starts out negotiating rsa. looks upgrades elliptic curve, stronger given number of bits in key. short answer: "protocol upgrade."

and why must call "sectrustevaluate" before calling "sectrustcopypublickey"?

sectrustevaluate bunch of decoding necessary before public key available in data structure. "because security.framework implemented way." in theory, sectrustcopypublickey decoding if necessary, doesn't.

also, ios automatically "sectrustevaluate" does, when https connection being established?

yes.


Comments

Post a Comment

Popular posts from this blog

javascript - Karma not able to start PhantomJS on Windows - Error: spawn UNKNOWN -

-
i lost "unknown" error: karma.conf.js: frameworks: ['mocha', 'should'], plugins: ['karma-mocha', 'karma-should', 'karma-phantomjs-launcher'], ... browsers: ['phantomjs'], error: 23 07 2015 14:35:37.691:warn [karma]: no captured browser, open http://localhost:9876/ 23 07 2015 14:35:37.701:info [karma]: karma v0.13.3 server started @ http://localhost:9876/ 23 07 2015 14:35:37.707:info [launcher]: starting browser phantomjs 23 07 2015 14:35:37.738:error [karma]: { [error: spawn unknown] code: 'unknown', errno: 'unknown', syscall: 'spawn' } error: spawn unknown @ exports._errnoexception (util.js:749:11) @ childprocess.spawn (child_process.js:1093:11) @ exports.spawn (child_process.js:933:9) @ object._execcommand (c:\users\jinga4x\git\mdl-sample-project\node_modules\karma\lib\launchers\process.js:63:21) @ object._start (c:\users\jinga4x\git\md...
Read more

c# - Display ASPX Popup control in RowDeleteing Event (ASPX Gridview) -

-
i have aspxgridview includes new , delete button. delete button includs gv_rowdeleting event. want show aspxpopupcontrol (id="pupconfirm"). want user have confirm password delete item. tried: protected void gv_rowdeleting(object sender, devexpress.web.data.aspxdatadeletingeventargs e) { pupconfirm.showonpageload = true; } but nothing happened. please me. !!! you can create template column javascript prompt confirmation. <itemtemplate> <asp:linkbutton id="btndelete" runat="server" text="delete" commandname="delete" onclientclick="javascript:if(!confirm('are sure want delete record?')){return false;}"> </asp:linkbutton> </itemtemplate>
Read more

Nuget pack csproj using nuspec -

-
i want create nuget package contains specified in nuspec file, still version csproj. in order use token have pack like: nuget pack myproj.csproj but when adds dependencies , creates unwanted folder in nuget package. nuspec file is: <?xml version="1.0" encoding="utf-8"?> <package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd"> <metadata> <id>test</id> <version>$version$</version> <title>test</title> <authors>test</authors> <owners>test</owners> <requirelicenseacceptance>false</requirelicenseacceptance> <description>test</description> <summary>test</summary> <releasenotes>test</releasenotes> <copyright>test</copyright> </metadata> <files> <file src="bin\debug\*.dll" target="lib\net45" /> <file s...
Read more