github/OpenVPNAdapter
4
0
Fork 0
mirror of https://github.com/deneraraujo/OpenVPNAdapter.git synced 2026-02-11 00:00:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'feature/convert-certificates' into develop

Browse Source
This commit is contained in:
Sergey Abramchuk
2017-09-07 20:14:17 +03:00
parent 9c5831fd9d d747d1f613
commit 8e387bfb98
17 changed files with 728 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
OpenVPN Adapter Tests/OpenVPNCertificateTests.swift Normal file
View File

@@ -0,0 +1,81 @@
//
// OpenVPNCertificateTests.swift
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 06.09.17.
//
//
import XCTest
@testable import OpenVPNAdapter
class OpenVPNCertificateTests: XCTestCase {
override func setUp() {
super.setUp()
// Put setup code here. This method is called before the invocation of each test method in the class.
}
override func tearDown() {
// Put teardown code here. This method is called after the invocation of each test method in the class.
super.tearDown()
}
func testCertificatePEMandDER() {
guard
let caURL = Bundle.current.url(forResource: "test-ca", withExtension: "crt"),
let caOriginalPEMData = try? Data(contentsOf: caURL)
else {
XCTFail()
return
}
let certificateFromPEM: OpenVPNCertificate
do {
certificateFromPEM = try OpenVPNCertificate(pem: caOriginalPEMData)
} catch {
XCTFail(error.localizedDescription)
return
}
let caDERData: Data
do {
caDERData = try certificateFromPEM.derData()
} catch {
XCTFail(error.localizedDescription)
return
}
let certificateFromDER: OpenVPNCertificate
do {
certificateFromDER = try OpenVPNCertificate(der: caDERData)
} catch {
XCTFail(error.localizedDescription)
return
}
let caGeneratedPEMData: Data
do {
caGeneratedPEMData = try certificateFromDER.pemData()
} catch {
XCTFail(error.localizedDescription)
return
}
XCTAssert(caGeneratedPEMData.elementsEqual(caOriginalPEMData))
}
func testCertificateFromEmptyPEM() {
let caData = Data(count: 1024)
let certificate: OpenVPNCertificate
do {
certificate = try OpenVPNCertificate(pem: caData)
} catch {
return
}
XCTFail("Initialization with empty PEM data should fail")
}
}

124
OpenVPN Adapter Tests/OpenVPNPrivateKeyTests.swift Normal file
View File

@@ -0,0 +1,124 @@
//
// OpenVPNPrivateKeyTests.swift
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 07.09.17.
//
//
import XCTest
@testable import OpenVPNAdapter
class OpenVPNPrivateKeyTests: XCTestCase {
override func setUp() {
super.setUp()
// Put setup code here. This method is called before the invocation of each test method in the class.
}
override func tearDown() {
// Put teardown code here. This method is called after the invocation of each test method in the class.
super.tearDown()
}
func testKeyPEMandDERWithoutPassword() {
guard
let caURL = Bundle.current.url(forResource: "keyfile-decrypted", withExtension: "3des"),
let caOriginalPEMData = try? Data(contentsOf: caURL)
else {
XCTFail()
return
}
let keyFromPEM: OpenVPNPrivateKey
do {
keyFromPEM = try OpenVPNPrivateKey(pem: caOriginalPEMData, password: nil)
} catch {
XCTFail("\(error)")
return
}
XCTAssert(keyFromPEM.type == .RSA)
let keyDERData: Data
do {
keyDERData = try keyFromPEM.derData()
} catch {
XCTFail("\(error)")
return
}
let keyFromDER: OpenVPNPrivateKey
do {
keyFromDER = try OpenVPNPrivateKey(der: keyDERData, password: nil)
} catch {
XCTFail("\(error)")
return
}
XCTAssert(keyFromDER.type == .RSA)
let keyGeneratedPEMData: Data
do {
keyGeneratedPEMData = try keyFromDER.pemData()
} catch {
XCTFail("\(error)")
return
}
XCTAssert(keyGeneratedPEMData.elementsEqual(caOriginalPEMData))
}
func testKeyPEMandDERWithPassword() {
guard
let keyURL = Bundle.current.url(forResource: "keyfile-encrypted", withExtension: "3des"),
let keyOriginalPEMData = try? Data(contentsOf: keyURL)
else {
XCTFail()
return
}
let keyFromPEM: OpenVPNPrivateKey
do {
keyFromPEM = try OpenVPNPrivateKey(pem: keyOriginalPEMData, password: "testkey")
} catch {
XCTFail("\(error)")
return
}
let keyDERData: Data
do {
keyDERData = try keyFromPEM.derData()
} catch {
XCTFail("\(error)")
return
}
let keyFromDER: OpenVPNPrivateKey
do {
keyFromDER = try OpenVPNPrivateKey(der: keyDERData, password: nil)
} catch {
XCTFail("\(error)")
return
}
let keyGeneratedPEMData: Data
do {
keyGeneratedPEMData = try keyFromDER.pemData()
} catch {
XCTFail("\(error)")
return
}
guard
let keySampleURL = Bundle.current.url(forResource: "keyfile-decrypted", withExtension: "3des"),
let keySamplePEMData = try? Data(contentsOf: keySampleURL)
else {
XCTFail()
return
}
XCTAssert(keyGeneratedPEMData.elementsEqual(keySamplePEMData))
}
}

15
OpenVPN Adapter Tests/Resources/keyfile-decrypted.3des Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDMYfnvWtC8Id5bPKae5yXSxQTt+Zpul6AnnZWfI2TtIarvjHBF
UtXRo96y7hoL4VWOPKGCsRqMFDkrbeUjRrx8iL914/srnyf6sh9c8Zk04xEOpK1y
pvBz+Ks4uZObtjnnitf0NBGdjMKxveTq+VE7BWUIyQjtQ8mbDOsiLLvh7wIDAQAB
AoGAefPIT8MPpAJNjIE/JrfkAMTgsSLrvCurO5gzDBbxhPE+7tsMrsDDpuix3HBo
iEg3ZbzV3obQwV7b0gcr34W4t0CMuJf5b5irHRG8JcZuncmofDy6z7S5Vs75O85z
fVzTIuVUyuHy1rM6rSBYKfsMLVyImUb4wtIXEMHPzdCL9LECQQD3ZfgGqudMWq8v
3BlKhsQ4fsR0vxzNlMZfoRrZzcvBT339Bp1UQ8aUo8xBtHiRwuW1NaPNgYKX6XQ6
ppuWuTiJAkEA030i493KnFPLRwWypqF/s6ZNlVye+euFN5NF/IeJcvb/GUDRYv9O
pRozRS1jNx4ZB1K2xT7N9MwsPHD6j6K4twJBALdfHTfT9RzjGnae7SAQQ+CcFYFz
JiY6386B2yUVJLFj+j5RaMvMcKQ7xGnvGm7vxtNJrt/j3qg6oavXUfulzgECQQDP
CEVLhCd/+ZeZoz5MWPTGTRrOCKmoRqNW0FlG6PfpD1qSwh04KG44uflO0yu5HUGr
JZG+bcj4x5bWZFMkoUrpAkEAyEgQzesKFqcbt1cqv3pLXJYQBBw6leFXgHk11a7k
+AkexhrPYyq/4tXFO2TLk2hs7tpYgNDOqZCvEu7jtN3RuA==
-----END RSA PRIVATE KEY-----

18
OpenVPN Adapter Tests/Resources/keyfile-encrypted.3des Normal file
View File

@@ -0,0 +1,18 @@
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,BE8274D6692AF2A7
9ZXjoF55A9XgJpdaWmF/ZL1sJfbnE1M42N7HHRDwpq1/K+afC9poM0/AdCUbRL7w
uvQERievbAYpNeLdah1EftM6033e1oTxUMivdL4orDKcbb3qDpSQ0o0UbjavbT+d
aruilW8zVP4dz3mYMvGbkgoujgzdT+4wM0T1mTTuYcRKQsHlg7QDy2QrBILNuXA4
Hmye4GlSXVUSON8vPXT12V4oeubEIZVlnkLTRFGRVA4qz5tby9GBymkeNCBu+LCw
JwJLTbQwMFqozHvioq/2YBaHDcySpTD4X5AwrCjifUNO9BnLWLAmt8dOWr0z+48E
P/yWr5xZl3DrKh9r9EGb9xbTxhum3yHV7bvXLoUH+t9gowmd4Lq3Qjjf8jQXle0P
zoCOVxwN1E1IMhleEUPV7L8mbt26b0JyvrSS5ByrXahGu9vGQyy7qqx9ZANkzgXF
3hPMDuzQXMJiUeG92VsMEdGdA1/8V5ro+ceB5c7Zca5MjMzvx2tihda7BUjj6dSE
cA8Vvksy/NX/nqHSt0aSgphvBmZP8dN6GMcZ+hT7p0fhCq4mSFEykQqueKXiFUfz
0xCUVZC6WzOoEkc8k7xiLWQDlsZZ13Z4yxU1IxJp7llZXpZ8GkwS+678/Nx8h54A
mv5ZlSFWWQrvN5JPQJka7aU2ITu1LUK6mXBu+DoSDOfQuqR4vQytkjOqHK185iHs
JQtBGkFFdElkWgubPX/S8/xxoT8MoQY/c+dr6iwcswyUnSJXh32KLPGNBoqWCCbY
jp/VYmeb117gNpEJKJhcNbrP7DoQrC3/D7JFXnOvTA/z6FOtUmz0rQ==
-----END RSA PRIVATE KEY-----

15
OpenVPN Adapter Tests/Resources/test-ca.crt Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT
Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g
JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7
NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE
AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w
CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56
t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv
uCjn8pwUOkABXK8Mss90fzCfCEOtIA==
-----END CERTIFICATE-----

88
OpenVPN Adapter.xcodeproj/project.pbxproj
View File

@@ -9,6 +9,20 @@
/* Begin PBXBuildFile section */
C90BAD311E73FF6C00DEFB32 /* SystemConfiguration.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = C90BAD301E73FF6C00DEFB32 /* SystemConfiguration.framework */; };
C912BB251E7C3339002B9414 /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = C912BB241E7C3339002B9414 /* NetworkExtension.framework */; };
C915F1F41F612F3300B3DF23 /* OpenVPNPrivateKey.h in Headers */ = {isa = PBXBuildFile; fileRef = C915F1F21F612F3300B3DF23 /* OpenVPNPrivateKey.h */; settings = {ATTRIBUTES = (Public, ); }; };
C915F1F51F612F3300B3DF23 /* OpenVPNPrivateKey.h in Headers */ = {isa = PBXBuildFile; fileRef = C915F1F21F612F3300B3DF23 /* OpenVPNPrivateKey.h */; settings = {ATTRIBUTES = (Public, ); }; };
C915F1F61F612F3300B3DF23 /* OpenVPNPrivateKey.m in Sources */ = {isa = PBXBuildFile; fileRef = C915F1F31F612F3300B3DF23 /* OpenVPNPrivateKey.m */; };
C915F1F71F612F3300B3DF23 /* OpenVPNPrivateKey.m in Sources */ = {isa = PBXBuildFile; fileRef = C915F1F31F612F3300B3DF23 /* OpenVPNPrivateKey.m */; };
C915F1F91F615BB400B3DF23 /* OpenVPNPrivateKeyTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = C915F1F81F615BB400B3DF23 /* OpenVPNPrivateKeyTests.swift */; };
C915F1FA1F615BB400B3DF23 /* OpenVPNPrivateKeyTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = C915F1F81F615BB400B3DF23 /* OpenVPNPrivateKeyTests.swift */; };
C915F1FE1F6164CF00B3DF23 /* OpenVPNKeyType.h in Headers */ = {isa = PBXBuildFile; fileRef = C915F1FD1F6164CF00B3DF23 /* OpenVPNKeyType.h */; settings = {ATTRIBUTES = (Public, ); }; };
C915F1FF1F6164CF00B3DF23 /* OpenVPNKeyType.h in Headers */ = {isa = PBXBuildFile; fileRef = C915F1FD1F6164CF00B3DF23 /* OpenVPNKeyType.h */; settings = {ATTRIBUTES = (Public, ); }; };
C915F21F1F6199E300B3DF23 /* keyfile-encrypted.3des in Resources */ = {isa = PBXBuildFile; fileRef = C915F21E1F6199E300B3DF23 /* keyfile-encrypted.3des */; };
C915F2201F6199E300B3DF23 /* keyfile-encrypted.3des in Resources */ = {isa = PBXBuildFile; fileRef = C915F21E1F6199E300B3DF23 /* keyfile-encrypted.3des */; };
C915F2221F61B0E700B3DF23 /* keyfile-decrypted.3des in Resources */ = {isa = PBXBuildFile; fileRef = C915F2211F61B0E700B3DF23 /* keyfile-decrypted.3des */; };
C915F2231F61B0E700B3DF23 /* keyfile-decrypted.3des in Resources */ = {isa = PBXBuildFile; fileRef = C915F2211F61B0E700B3DF23 /* keyfile-decrypted.3des */; };
C915F2251F61B22300B3DF23 /* test-ca.crt in Resources */ = {isa = PBXBuildFile; fileRef = C915F2241F61B22300B3DF23 /* test-ca.crt */; };
C915F2261F61B22300B3DF23 /* test-ca.crt in Resources */ = {isa = PBXBuildFile; fileRef = C915F2241F61B22300B3DF23 /* test-ca.crt */; };
C9354F451F1E4A4500F4C935 /* OpenVPNReachabilityStatus.h in Headers */ = {isa = PBXBuildFile; fileRef = C9B795681F1D219C00CF35FE /* OpenVPNReachabilityStatus.h */; settings = {ATTRIBUTES = (Public, ); }; };
C9354F461F1E4A4600F4C935 /* OpenVPNReachabilityStatus.h in Headers */ = {isa = PBXBuildFile; fileRef = C9B795681F1D219C00CF35FE /* OpenVPNReachabilityStatus.h */; settings = {ATTRIBUTES = (Public, ); }; };
C9354F471F1E4AE200F4C935 /* OpenVPNReachabilityTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = C9354F431F1E49A500F4C935 /* OpenVPNReachabilityTests.swift */; };
@@ -104,6 +118,12 @@
C9BDB1361EBCC3B900C204FF /* OpenVPNTunnelSettings.h in Headers */ = {isa = PBXBuildFile; fileRef = C9BDB1331EBCC3B900C204FF /* OpenVPNTunnelSettings.h */; };
C9BDB1371EBCC3B900C204FF /* OpenVPNTunnelSettings.m in Sources */ = {isa = PBXBuildFile; fileRef = C9BDB1341EBCC3B900C204FF /* OpenVPNTunnelSettings.m */; };
C9BDB1381EBCC3B900C204FF /* OpenVPNTunnelSettings.m in Sources */ = {isa = PBXBuildFile; fileRef = C9BDB1341EBCC3B900C204FF /* OpenVPNTunnelSettings.m */; };
C9CA4DD31F602F7B00C4F184 /* OpenVPNCertificate.h in Headers */ = {isa = PBXBuildFile; fileRef = C9CA4DD11F602F7B00C4F184 /* OpenVPNCertificate.h */; settings = {ATTRIBUTES = (Public, ); }; };
C9CA4DD41F602F7B00C4F184 /* OpenVPNCertificate.h in Headers */ = {isa = PBXBuildFile; fileRef = C9CA4DD11F602F7B00C4F184 /* OpenVPNCertificate.h */; settings = {ATTRIBUTES = (Public, ); }; };
C9CA4DD51F602F7B00C4F184 /* OpenVPNCertificate.m in Sources */ = {isa = PBXBuildFile; fileRef = C9CA4DD21F602F7B00C4F184 /* OpenVPNCertificate.m */; };
C9CA4DD61F602F7B00C4F184 /* OpenVPNCertificate.m in Sources */ = {isa = PBXBuildFile; fileRef = C9CA4DD21F602F7B00C4F184 /* OpenVPNCertificate.m */; };
C9CA4DE11F603A5300C4F184 /* OpenVPNCertificateTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = C9CA4DE01F603A5300C4F184 /* OpenVPNCertificateTests.swift */; };
C9CA4DE21F603A5300C4F184 /* OpenVPNCertificateTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = C9CA4DE01F603A5300C4F184 /* OpenVPNCertificateTests.swift */; };
C9D2ABDB1EA20F99007EDF9D /* OpenVPNAdapter.mm in Sources */ = {isa = PBXBuildFile; fileRef = C9BB477E1E7173C700F3F98C /* OpenVPNAdapter.mm */; };
C9D2ABDC1EA20F99007EDF9D /* OpenVPNClient.mm in Sources */ = {isa = PBXBuildFile; fileRef = C9BB47781E7171ED00F3F98C /* OpenVPNClient.mm */; };
C9D2ABDE1EA20F99007EDF9D /* ovpncli.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C9FD92191E9A667600374FC4 /* ovpncli.cpp */; };
@@ -120,6 +140,10 @@
C9D2ABF61EA212A3007EDF9D /* OpenVPNAdapterTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = C9BB47901E71821A00F3F98C /* OpenVPNAdapterTests.swift */; };
C9D2ABF71EA212A3007EDF9D /* Bundle.swift in Sources */ = {isa = PBXBuildFile; fileRef = C9BB47A11E7183DB00F3F98C /* Bundle.swift */; };
C9D2AC051EA214EA007EDF9D /* OpenVPNAdapter.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = C9D2ABF01EA20F99007EDF9D /* OpenVPNAdapter.framework */; };
C9E4401D1F6086A1001D7C41 /* NSError+Message.h in Headers */ = {isa = PBXBuildFile; fileRef = C9E4401B1F6086A1001D7C41 /* NSError+Message.h */; };
C9E4401E1F6086A1001D7C41 /* NSError+Message.h in Headers */ = {isa = PBXBuildFile; fileRef = C9E4401B1F6086A1001D7C41 /* NSError+Message.h */; };
C9E4401F1F6086A1001D7C41 /* NSError+Message.m in Sources */ = {isa = PBXBuildFile; fileRef = C9E4401C1F6086A1001D7C41 /* NSError+Message.m */; };
C9E440201F6086A1001D7C41 /* NSError+Message.m in Sources */ = {isa = PBXBuildFile; fileRef = C9E4401C1F6086A1001D7C41 /* NSError+Message.m */; };
C9FD921A1E9A667600374FC4 /* ovpncli.hpp in Headers */ = {isa = PBXBuildFile; fileRef = C9FD92181E9A667600374FC4 /* ovpncli.hpp */; };
C9FD921B1E9A667600374FC4 /* ovpncli.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C9FD92191E9A667600374FC4 /* ovpncli.cpp */; };
/* End PBXBuildFile section */
@@ -151,6 +175,13 @@
C90BAD2F1E73FA7400DEFB32 /* Tests.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = Tests.xcconfig; sourceTree = "<group>"; };
C90BAD301E73FF6C00DEFB32 /* SystemConfiguration.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = SystemConfiguration.framework; path = System/Library/Frameworks/SystemConfiguration.framework; sourceTree = SDKROOT; };
C912BB241E7C3339002B9414 /* NetworkExtension.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = NetworkExtension.framework; path = System/Library/Frameworks/NetworkExtension.framework; sourceTree = SDKROOT; };
C915F1F21F612F3300B3DF23 /* OpenVPNPrivateKey.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenVPNPrivateKey.h; sourceTree = "<group>"; };
C915F1F31F612F3300B3DF23 /* OpenVPNPrivateKey.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OpenVPNPrivateKey.m; sourceTree = "<group>"; };
C915F1F81F615BB400B3DF23 /* OpenVPNPrivateKeyTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = OpenVPNPrivateKeyTests.swift; sourceTree = "<group>"; };
C915F1FD1F6164CF00B3DF23 /* OpenVPNKeyType.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenVPNKeyType.h; sourceTree = "<group>"; };
C915F21E1F6199E300B3DF23 /* keyfile-encrypted.3des */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "keyfile-encrypted.3des"; sourceTree = "<group>"; };
C915F2211F61B0E700B3DF23 /* keyfile-decrypted.3des */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "keyfile-decrypted.3des"; sourceTree = "<group>"; };
C915F2241F61B22300B3DF23 /* test-ca.crt */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "test-ca.crt"; sourceTree = "<group>"; };
C9354F431F1E49A500F4C935 /* OpenVPNReachabilityTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = OpenVPNReachabilityTests.swift; sourceTree = "<group>"; };
C93779D31EAE32670030A362 /* OpenVPNCredentials.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenVPNCredentials.h; sourceTree = "<group>"; };
C93779D41EAE32670030A362 /* OpenVPNCredentials.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = OpenVPNCredentials.mm; sourceTree = "<group>"; };
@@ -206,8 +237,13 @@
C9BCE25C1EB3C201009D6AC1 /* OpenVPNSessionToken+Internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "OpenVPNSessionToken+Internal.h"; sourceTree = "<group>"; };
C9BDB1331EBCC3B900C204FF /* OpenVPNTunnelSettings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenVPNTunnelSettings.h; sourceTree = "<group>"; };
C9BDB1341EBCC3B900C204FF /* OpenVPNTunnelSettings.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OpenVPNTunnelSettings.m; sourceTree = "<group>"; };
C9CA4DD11F602F7B00C4F184 /* OpenVPNCertificate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = OpenVPNCertificate.h; sourceTree = "<group>"; };
C9CA4DD21F602F7B00C4F184 /* OpenVPNCertificate.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = OpenVPNCertificate.m; sourceTree = "<group>"; };
C9CA4DE01F603A5300C4F184 /* OpenVPNCertificateTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = OpenVPNCertificateTests.swift; sourceTree = "<group>"; };
C9D2ABF01EA20F99007EDF9D /* OpenVPNAdapter.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = OpenVPNAdapter.framework; sourceTree = BUILT_PRODUCTS_DIR; };
C9D2ABFF1EA212A3007EDF9D /* OpenVPNAdapterTests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = OpenVPNAdapterTests.xctest; sourceTree = BUILT_PRODUCTS_DIR; };
C9E4401B1F6086A1001D7C41 /* NSError+Message.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "NSError+Message.h"; sourceTree = "<group>"; };
C9E4401C1F6086A1001D7C41 /* NSError+Message.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = "NSError+Message.m"; sourceTree = "<group>"; };
C9FD92181E9A667600374FC4 /* ovpncli.hpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.h; name = ovpncli.hpp; path = Vendors/openvpn/client/ovpncli.hpp; sourceTree = "<group>"; };
C9FD92191E9A667600374FC4 /* ovpncli.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = ovpncli.cpp; path = Vendors/openvpn/client/ovpncli.cpp; sourceTree = "<group>"; };
/* End PBXFileReference section */
@@ -346,6 +382,7 @@
C9657A631EB0D6AD00EFF210 /* OpenVPNCompressionMode.h */,
C9657A661EB0D73200EFF210 /* OpenVPNMinTLSVersion.h */,
C9657A691EB0D75700EFF210 /* OpenVPNTLSCertProfile.h */,
C915F1FD1F6164CF00B3DF23 /* OpenVPNKeyType.h */,
C9B795681F1D219C00CF35FE /* OpenVPNReachabilityStatus.h */,
);
name = "Types and Constants";
@@ -366,6 +403,7 @@
C9BB475D1E71663A00F3F98C /* OpenVPN Adapter */ = {
isa = PBXGroup;
children = (
C9CA4DD01F602D8300C4F184 /* Certificates and Keys */,
C9B7955B1F1D165700CF35FE /* Reachability */,
C9235AC41EB24F0100C7D303 /* Configuration */,
C9235AC51EB24F1100C7D303 /* Stats and Info */,
@@ -436,6 +474,9 @@
C9BB479A1E71836100F3F98C /* Resources */ = {
isa = PBXGroup;
children = (
C915F2241F61B22300B3DF23 /* test-ca.crt */,
C915F21E1F6199E300B3DF23 /* keyfile-encrypted.3des */,
C915F2211F61B0E700B3DF23 /* keyfile-decrypted.3des */,
C98467A11EAA559B00272A9A /* local_vpn_server.ovpn */,
);
path = Resources;
@@ -444,6 +485,8 @@
C9BB479D1E71837200F3F98C /* Adapter Tests */ = {
isa = PBXGroup;
children = (
C9CA4DE01F603A5300C4F184 /* OpenVPNCertificateTests.swift */,
C915F1F81F615BB400B3DF23 /* OpenVPNPrivateKeyTests.swift */,
C9354F431F1E49A500F4C935 /* OpenVPNReachabilityTests.swift */,
C94605E81EAA656B00971516 /* OpenVPNConfigurationTests.swift */,
C9BB47901E71821A00F3F98C /* OpenVPNAdapterTests.swift */,
@@ -476,10 +519,31 @@
name = Utils;
sourceTree = "<group>";
};
C9CA4DD01F602D8300C4F184 /* Certificates and Keys */ = {
isa = PBXGroup;
children = (
C9CA4DD11F602F7B00C4F184 /* OpenVPNCertificate.h */,
C9CA4DD21F602F7B00C4F184 /* OpenVPNCertificate.m */,
C915F1F21F612F3300B3DF23 /* OpenVPNPrivateKey.h */,
C915F1F31F612F3300B3DF23 /* OpenVPNPrivateKey.m */,
);
name = "Certificates and Keys";
sourceTree = "<group>";
};
C9E4401A1F6081FF001D7C41 /* Utils */ = {
isa = PBXGroup;
children = (
C9E4401B1F6086A1001D7C41 /* NSError+Message.h */,
C9E4401C1F6086A1001D7C41 /* NSError+Message.m */,
);
name = Utils;
sourceTree = "<group>";
};
C9FF73B71EB7421600E995AC /* Helpers */ = {
isa = PBXGroup;
children = (
C9235AC61EB24F2A00C7D303 /* Types and Constants */,
C9E4401A1F6081FF001D7C41 /* Utils */,
);
name = Helpers;
sourceTree = "<group>";
@@ -491,12 +555,14 @@
isa = PBXHeadersBuildPhase;
buildActionMask = 2147483647;
files = (
C9CA4DD31F602F7B00C4F184 /* OpenVPNCertificate.h in Headers */,
C9BB47791E7171ED00F3F98C /* OpenVPNClient.h in Headers */,
C9657A3A1EB0BAAB00EFF210 /* OpenVPNInterfaceStats+Internal.h in Headers */,
C9354F451F1E4A4500F4C935 /* OpenVPNReachabilityStatus.h in Headers */,
C9BCE25E1EB3C201009D6AC1 /* OpenVPNSessionToken+Internal.h in Headers */,
C9BB47721E7171A100F3F98C /* OpenVPNAdapterEvent.h in Headers */,
C9BB477F1E7173C700F3F98C /* OpenVPNAdapter.h in Headers */,
C915F1FE1F6164CF00B3DF23 /* OpenVPNKeyType.h in Headers */,
C9657A4C1EB0CD6C00EFF210 /* OpenVPNProperties.h in Headers */,
C9657A571EB0CDFB00EFF210 /* OpenVPNProperties+Internal.h in Headers */,
C9BCE2581EB3C0D9009D6AC1 /* OpenVPNSessionToken.h in Headers */,
@@ -511,11 +577,13 @@
C9657A5E1EB0D60700EFF210 /* OpenVPNTransportProtocol.h in Headers */,
C9657A1D1EB0A8D800EFF210 /* OpenVPNConnectionInfo+Internal.h in Headers */,
C9B7955E1F1D16AA00CF35FE /* OpenVPNReachability.h in Headers */,
C915F1F41F612F3300B3DF23 /* OpenVPNPrivateKey.h in Headers */,
C9657A171EB0A7F800EFF210 /* OpenVPNConnectionInfo.h in Headers */,
C9BB47811E7173C700F3F98C /* OpenVPNAdapter+Public.h in Headers */,
C9BB47711E7171A100F3F98C /* OpenVPNError.h in Headers */,
C9B795641F1D182500CF35FE /* OpenVPNReachabilityTracker.h in Headers */,
C9BB47801E7173C700F3F98C /* OpenVPNAdapter+Internal.h in Headers */,
C9E4401D1F6086A1001D7C41 /* NSError+Message.h in Headers */,
C9657A611EB0D64E00EFF210 /* OpenVPNIPv6Preference.h in Headers */,
C9657A671EB0D73200EFF210 /* OpenVPNMinTLSVersion.h in Headers */,
C93779D51EAE32670030A362 /* OpenVPNCredentials.h in Headers */,
@@ -532,12 +600,14 @@
isa = PBXHeadersBuildPhase;
buildActionMask = 2147483647;
files = (
C9CA4DD41F602F7B00C4F184 /* OpenVPNCertificate.h in Headers */,
C9D2ABE31EA20F99007EDF9D /* OpenVPNClient.h in Headers */,
C9657A3B1EB0BAAB00EFF210 /* OpenVPNInterfaceStats+Internal.h in Headers */,
C9354F461F1E4A4600F4C935 /* OpenVPNReachabilityStatus.h in Headers */,
C9BCE25F1EB3C201009D6AC1 /* OpenVPNSessionToken+Internal.h in Headers */,
C9D2ABE41EA20F99007EDF9D /* OpenVPNAdapterEvent.h in Headers */,
C9D2ABE51EA20F99007EDF9D /* OpenVPNAdapter.h in Headers */,
C915F1FF1F6164CF00B3DF23 /* OpenVPNKeyType.h in Headers */,
C9657A4D1EB0CD6C00EFF210 /* OpenVPNProperties.h in Headers */,
C9657A561EB0CDFA00EFF210 /* OpenVPNProperties+Internal.h in Headers */,
C9BCE2591EB3C0D9009D6AC1 /* OpenVPNSessionToken.h in Headers */,
@@ -552,11 +622,13 @@
C9657A5F1EB0D60700EFF210 /* OpenVPNTransportProtocol.h in Headers */,
C9657A1E1EB0A8D800EFF210 /* OpenVPNConnectionInfo+Internal.h in Headers */,
C9B7955F1F1D16AA00CF35FE /* OpenVPNReachability.h in Headers */,
C915F1F51F612F3300B3DF23 /* OpenVPNPrivateKey.h in Headers */,
C9657A181EB0A7F800EFF210 /* OpenVPNConnectionInfo.h in Headers */,
C9D2ABE71EA20F99007EDF9D /* OpenVPNAdapter+Public.h in Headers */,
C9D2ABE81EA20F99007EDF9D /* OpenVPNError.h in Headers */,
C9B795651F1D182500CF35FE /* OpenVPNReachabilityTracker.h in Headers */,
C9D2ABE91EA20F99007EDF9D /* OpenVPNAdapter+Internal.h in Headers */,
C9E4401E1F6086A1001D7C41 /* NSError+Message.h in Headers */,
C9657A621EB0D64E00EFF210 /* OpenVPNIPv6Preference.h in Headers */,
C9657A681EB0D73200EFF210 /* OpenVPNMinTLSVersion.h in Headers */,
C93779D61EAE32670030A362 /* OpenVPNCredentials.h in Headers */,
@@ -707,6 +779,9 @@
buildActionMask = 2147483647;
files = (
C98467A21EAA559B00272A9A /* local_vpn_server.ovpn in Resources */,
C915F2221F61B0E700B3DF23 /* keyfile-decrypted.3des in Resources */,
C915F2251F61B22300B3DF23 /* test-ca.crt in Resources */,
C915F21F1F6199E300B3DF23 /* keyfile-encrypted.3des in Resources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -722,6 +797,9 @@
buildActionMask = 2147483647;
files = (
C98467A31EAA559B00272A9A /* local_vpn_server.ovpn in Resources */,
C915F2231F61B0E700B3DF23 /* keyfile-decrypted.3des in Resources */,
C915F2261F61B22300B3DF23 /* test-ca.crt in Resources */,
C915F2201F6199E300B3DF23 /* keyfile-encrypted.3des in Resources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -767,10 +845,13 @@
C9BCE25A1EB3C0D9009D6AC1 /* OpenVPNSessionToken.mm in Sources */,
C9BB47821E7173C700F3F98C /* OpenVPNAdapter.mm in Sources */,
C98467A81EAA5B7700272A9A /* OpenVPNConfiguration.mm in Sources */,
C9E4401F1F6086A1001D7C41 /* NSError+Message.m in Sources */,
C9BDB1371EBCC3B900C204FF /* OpenVPNTunnelSettings.m in Sources */,
C9657A311EB0B7A900EFF210 /* OpenVPNTransportStats.mm in Sources */,
C9B795661F1D182500CF35FE /* OpenVPNReachabilityTracker.mm in Sources */,
C9657A581EB0CE1300EFF210 /* OpenVPNProperties.mm in Sources */,
C9CA4DD51F602F7B00C4F184 /* OpenVPNCertificate.m in Sources */,
C915F1F61F612F3300B3DF23 /* OpenVPNPrivateKey.m in Sources */,
C9BB477A1E7171ED00F3F98C /* OpenVPNClient.mm in Sources */,
C9FD921B1E9A667600374FC4 /* ovpncli.cpp in Sources */,
C9657A361EB0BA3900EFF210 /* OpenVPNInterfaceStats.mm in Sources */,
@@ -787,7 +868,9 @@
files = (
C94605E91EAA656B00971516 /* OpenVPNConfigurationTests.swift in Sources */,
C9BB47911E71821A00F3F98C /* OpenVPNAdapterTests.swift in Sources */,
C915F1F91F615BB400B3DF23 /* OpenVPNPrivateKeyTests.swift in Sources */,
C9B03A7C1EABA82200268B85 /* ProfileLoader.swift in Sources */,
C9CA4DE11F603A5300C4F184 /* OpenVPNCertificateTests.swift in Sources */,
C9BB47A21E7183DB00F3F98C /* Bundle.swift in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
@@ -800,10 +883,13 @@
C9BCE25B1EB3C0D9009D6AC1 /* OpenVPNSessionToken.mm in Sources */,
C9D2ABDB1EA20F99007EDF9D /* OpenVPNAdapter.mm in Sources */,
C98467A91EAA5B7700272A9A /* OpenVPNConfiguration.mm in Sources */,
C9E440201F6086A1001D7C41 /* NSError+Message.m in Sources */,
C9BDB1381EBCC3B900C204FF /* OpenVPNTunnelSettings.m in Sources */,
C9657A301EB0B7A600EFF210 /* OpenVPNTransportStats.mm in Sources */,
C9B795671F1D182500CF35FE /* OpenVPNReachabilityTracker.mm in Sources */,
C9657A591EB0CE1400EFF210 /* OpenVPNProperties.mm in Sources */,
C9CA4DD61F602F7B00C4F184 /* OpenVPNCertificate.m in Sources */,
C915F1F71F612F3300B3DF23 /* OpenVPNPrivateKey.m in Sources */,
C9D2ABDC1EA20F99007EDF9D /* OpenVPNClient.mm in Sources */,
C9D2ABDE1EA20F99007EDF9D /* ovpncli.cpp in Sources */,
C9657A371EB0BA3900EFF210 /* OpenVPNInterfaceStats.mm in Sources */,
@@ -820,7 +906,9 @@
files = (
C94605EA1EAA65F200971516 /* OpenVPNConfigurationTests.swift in Sources */,
C9D2ABF61EA212A3007EDF9D /* OpenVPNAdapterTests.swift in Sources */,
C9CA4DE21F603A5300C4F184 /* OpenVPNCertificateTests.swift in Sources */,
C9354F471F1E4AE200F4C935 /* OpenVPNReachabilityTests.swift in Sources */,
C915F1FA1F615BB400B3DF23 /* OpenVPNPrivateKeyTests.swift in Sources */,
C9B03A7D1EABA82300268B85 /* ProfileLoader.swift in Sources */,
C9D2ABF71EA212A3007EDF9D /* Bundle.swift in Sources */,
);

15
OpenVPN Adapter/NSError+Message.h Normal file
View File

@@ -0,0 +1,15 @@
//
// NSError+Message.h
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 06.09.17.
//
//
#import <Foundation/Foundation.h>
@interface NSError (Message)
+ (NSString *)reasonFromResult:(NSInteger)result;
@end

28
OpenVPN Adapter/NSError+Message.m Normal file
View File

@@ -0,0 +1,28 @@
//
// NSError+Message.m
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 06.09.17.
//
//
#import <mbedtls/error.h>
#import "NSError+Message.h"
@implementation NSError (Message)
+ (NSString *)reasonFromResult:(NSInteger)result {
size_t length = 1024;
char *buffer = malloc(length);
mbedtls_strerror(result, buffer, length);
NSString *reason = [NSString stringWithUTF8String:buffer];
free(buffer);
return reason;
}
@end

4
OpenVPN Adapter/OpenVPNAdapter.mm
View File

@@ -434,7 +434,7 @@ static void socketCallback(CFSocketRef socket, CFSocketCallBackType type, CFData
#pragma mark Client Configuration
- (OpenVPNProperties *)applyConfiguration:(nonnull OpenVPNConfiguration *)configuration error:(out NSError * __nullable * __nullable)error {
- (OpenVPNProperties *)applyConfiguration:(nonnull OpenVPNConfiguration *)configuration error:(out NSError **)error {
ClientAPI::EvalConfig eval = self.vpnClient->eval_config(configuration.config);
if (eval.error) {
NSString *errorReason = [self reasonForError:OpenVPNAdapterErrorConfigurationFailure];
@@ -451,7 +451,7 @@ static void socketCallback(CFSocketRef socket, CFSocketCallBackType type, CFData
return [[OpenVPNProperties alloc] initWithEvalConfig:eval];
}
- (BOOL)provideCredentials:(nonnull OpenVPNCredentials *)credentials error:(out NSError * __nullable * __nullable)error {
- (BOOL)provideCredentials:(nonnull OpenVPNCredentials *)credentials error:(out NSError **)error {
ClientAPI::Status status = self.vpnClient->provide_creds(credentials.credentials);
if (status.error) {
if (error) {

24
OpenVPN Adapter/OpenVPNCertificate.h Normal file
View File

@@ -0,0 +1,24 @@
//
// OpenVPNCertificate.h
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 06.09.17.
//
//
#import <Foundation/Foundation.h>
@interface OpenVPNCertificate : NSObject
+ (nullable OpenVPNCertificate *)certificateWithPEM:(nonnull NSData *)pemData
error:(out NSError * __nullable * __nullable)error;
+ (nullable OpenVPNCertificate *)certificateWithDER:(nonnull NSData *)derData
error:(out NSError * __nullable * __nullable)error;
- (nonnull instancetype) __unavailable init;
- (nullable NSData *)pemData:(out NSError * __nullable * __nullable)error;
- (nullable NSData *)derData:(out NSError * __nullable * __nullable)error;
@end

122
OpenVPN Adapter/OpenVPNCertificate.m Normal file
View File

@@ -0,0 +1,122 @@
//
// OpenVPNCertificate.m
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 06.09.17.
//
//
#import <mbedtls/x509_crt.h>
#import <mbedtls/pem.h>
#import "NSError+Message.h"
#import "OpenVPNError.h"
#import "OpenVPNCertificate.h"
@interface OpenVPNCertificate ()
@property (nonatomic, assign) mbedtls_x509_crt *crt;
@end
@implementation OpenVPNCertificate
- (instancetype)init
{
self = [super init];
if (self) {
self.crt = malloc(sizeof(mbedtls_x509_crt));
mbedtls_x509_crt_init(self.crt);
}
return self;
}
+ (OpenVPNCertificate *)certificateWithPEM:(NSData *)pemData error:(out NSError **)error {
OpenVPNCertificate *certificate = [OpenVPNCertificate new];
NSString *pemString = [[NSString alloc] initWithData:pemData encoding:NSUTF8StringEncoding];
int result = mbedtls_x509_crt_parse(certificate.crt, (const unsigned char *)pemString.UTF8String, pemData.length + 1);
if (result < 0) {
if (error) {
NSString *reason = [NSError reasonFromResult:result];
*error = [NSError errorWithDomain:OpenVPNIdentityErrorDomain code:result userInfo:@{
NSLocalizedDescriptionKey: @"Failed to read PEM data.",
NSLocalizedFailureReasonErrorKey: reason
}];
}
return nil;
}
return certificate;
}
+ (OpenVPNCertificate *)certificateWithDER:(NSData *)derData error:(out NSError **)error {
OpenVPNCertificate *certificate = [OpenVPNCertificate new];
int result = mbedtls_x509_crt_parse_der(certificate.crt, derData.bytes, derData.length);
if (result < 0) {
if (error) {
NSString *reason = [NSError reasonFromResult:result];
*error = [NSError errorWithDomain:OpenVPNIdentityErrorDomain code:result userInfo:@{
NSLocalizedDescriptionKey: @"Failed to read DER data.",
NSLocalizedFailureReasonErrorKey: reason
}];
}
return nil;
}
return certificate;
}
- (NSData *)pemData:(out NSError **)error {
NSString *header = @"-----BEGIN CERTIFICATE-----\n";
NSString *footer = @"-----END CERTIFICATE-----\n";
size_t buffer_length = self.crt->raw.len * 10;
unsigned char *pem_buffer = malloc(buffer_length);
size_t output_length = 0;
int result = mbedtls_pem_write_buffer(header.UTF8String, footer.UTF8String, self.crt->raw.p, self.crt->raw.len, pem_buffer, buffer_length, &output_length);
if (result < 0) {
if (error) {
NSString *reason = [NSError reasonFromResult:result];
*error = [NSError errorWithDomain:OpenVPNIdentityErrorDomain code:result userInfo:@{
NSLocalizedDescriptionKey: @"Failed to write PEM data.",
NSLocalizedFailureReasonErrorKey: reason
}];
}
free(pem_buffer);
return nil;
}
NSData *pemData = [NSData dataWithBytes:pem_buffer length:output_length - 1];
free(pem_buffer);
return pemData;
}
- (NSData *)derData:(out NSError **)error {
if (self.crt->raw.p == NULL || self.crt->raw.len == 0) {
NSString *reason = [NSError reasonFromResult:MBEDTLS_ERR_X509_BAD_INPUT_DATA];
*error = [NSError errorWithDomain:OpenVPNIdentityErrorDomain code:MBEDTLS_ERR_X509_BAD_INPUT_DATA userInfo:@{
NSLocalizedDescriptionKey: @"Failed to write DER data.",
NSLocalizedFailureReasonErrorKey:reason
}];
return nil;
}
return [NSData dataWithBytes:self.crt->raw.p length:self.crt->raw.len];
}
- (void)dealloc {
mbedtls_x509_crt_free(self.crt);
free(self.crt);
}
@end

1
OpenVPN Adapter/OpenVPNError.h
View File

@@ -9,6 +9,7 @@
#import <Foundation/Foundation.h>
FOUNDATION_EXPORT NSString * __nonnull const OpenVPNAdapterErrorDomain;
FOUNDATION_EXPORT NSString * __nonnull const OpenVPNIdentityErrorDomain;
FOUNDATION_EXPORT NSString * __nonnull const OpenVPNAdapterErrorFatalKey;
FOUNDATION_EXPORT NSString * __nonnull const OpenVPNAdapterErrorMessageKey;

1
OpenVPN Adapter/OpenVPNError.m
View File

@@ -9,6 +9,7 @@
#import <OpenVPNError.h>
NSString * const OpenVPNAdapterErrorDomain = @"me.ss-abramchuk.openvpn-adapter.error-domain";
NSString * const OpenVPNIdentityErrorDomain = @"me.ss-abramchuk.openvpn-identity.error-domain";
NSString * const OpenVPNAdapterErrorFatalKey = @"me.ss-abramchuk.openvpn-adapter.error-key.fatal";
NSString * const OpenVPNAdapterErrorMessageKey = @"me.ss-abramchuk.openvpn-adapter.error-key.message";

19
OpenVPN Adapter/OpenVPNKeyType.h Normal file
View File

@@ -0,0 +1,19 @@
//
// OpenVPNKeyType.h
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 07.09.17.
//
//
#import <Foundation/Foundation.h>
typedef NS_ENUM(NSInteger, OpenVPNKeyType) {
OpenVPNKeyTypeNone = 0,
OpenVPNKeyTypeRSA,
OpenVPNKeyTypeECKEY,
OpenVPNKeyTypeECKEYDH,
OpenVPNKeyTypeECDSA,
OpenVPNKeyTypeRSAALT,
OpenVPNKeyTypeRSASSAPSS,
};

31
OpenVPN Adapter/OpenVPNPrivateKey.h Normal file
View File

@@ -0,0 +1,31 @@
//
// OpenVPNPrivateKey.h
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 07.09.17.
//
//
#import <Foundation/Foundation.h>
#import "OpenVPNKeyType.h"
@interface OpenVPNPrivateKey : NSObject
+ (nullable OpenVPNPrivateKey *)keyWithPEM:(nonnull NSData *)pemData
password:(nullable NSString *)password
error:(out NSError * __nullable * __nullable)error;
+ (nullable OpenVPNPrivateKey *)keyWithDER:(nonnull NSData *)derData
password:(nullable NSString *)password
error:(out NSError * __nullable * __nullable)error;
- (nonnull instancetype) __unavailable init;
@property (nonatomic, readonly) NSInteger size;
@property (nonatomic, readonly) OpenVPNKeyType type;
- (nullable NSData *)pemData:(out NSError * __nullable * __nullable)error;
- (nullable NSData *)derData:(out NSError * __nullable * __nullable)error;
@end

141
OpenVPN Adapter/OpenVPNPrivateKey.m Normal file
View File

@@ -0,0 +1,141 @@
//
// OpenVPNPrivateKey.m
// OpenVPN Adapter
//
// Created by Sergey Abramchuk on 07.09.17.
//
//
#import <mbedtls/pk.h>
#import "NSError+Message.h"
#import "OpenVPNError.h"
#import "OpenVPNPrivateKey.h"
@interface OpenVPNPrivateKey ()
@property (nonatomic, assign) mbedtls_pk_context *ctx;
@end
@implementation OpenVPNPrivateKey
- (instancetype)init {
self = [super init];
if (self) {
self.ctx = malloc(sizeof(mbedtls_pk_context));
mbedtls_pk_init(self.ctx);
}
return self;
}
- (NSInteger)size {
return mbedtls_pk_get_bitlen(self.ctx);
}
- (OpenVPNKeyType)type {
return (OpenVPNKeyType)mbedtls_pk_get_type(self.ctx);
}
+ (nullable OpenVPNPrivateKey *)keyWithPEM:(NSData *)pemData password:(NSString *)password error:(out NSError **)error {
OpenVPNPrivateKey *key = [OpenVPNPrivateKey new];
NSString *pemString = [[NSString alloc] initWithData:pemData encoding:NSUTF8StringEncoding];
size_t pem_length = strlen(pemString.UTF8String) + 1;
size_t password_length = password != nil ? strlen(password.UTF8String) : 0;
int result = mbedtls_pk_parse_key(key.ctx, (const unsigned char *)pemString.UTF8String, pem_length, (const unsigned char *)password.UTF8String, password_length);
if (result < 0) {
if (error) {
NSString *reason = [NSError reasonFromResult:result];
*error = [NSError errorWithDomain:OpenVPNIdentityErrorDomain code:result userInfo:@{
NSLocalizedDescriptionKey: @"Failed to read PEM data.",
NSLocalizedFailureReasonErrorKey: reason
}];
}
return nil;
}
return key;
}
+ (nullable OpenVPNPrivateKey *)keyWithDER:(NSData *)derData password:(NSString *)password error:(out NSError **)error {
OpenVPNPrivateKey *key = [OpenVPNPrivateKey new];
size_t password_length = password != nil ? strlen(password.UTF8String) : 0;
int result = mbedtls_pk_parse_key(key.ctx, derData.bytes, derData.length, (const unsigned char *)password.UTF8String, password_length);
if (result < 0) {
if (error) {
NSString *reason = [NSError reasonFromResult:result];
*error = [NSError errorWithDomain:OpenVPNIdentityErrorDomain code:result userInfo:@{
NSLocalizedDescriptionKey: @"Failed to read DER data.",
NSLocalizedFailureReasonErrorKey: reason
}];
}
return nil;
}
return key;
}
- (NSData *)pemData:(out NSError **)error {
size_t buffer_length = mbedtls_pk_get_len(self.ctx) * 10;
unsigned char *pem_buffer = malloc(buffer_length);
int result = mbedtls_pk_write_key_pem(self.ctx, pem_buffer, buffer_length);
if (result < 0) {
if (error) {
NSString *reason = [NSError reasonFromResult:result];
*error = [NSError errorWithDomain:OpenVPNIdentityErrorDomain code:result userInfo:@{
NSLocalizedDescriptionKey: @"Failed to write PEM data.",
NSLocalizedFailureReasonErrorKey: reason
}];
}
free(pem_buffer);
return nil;
}
NSData *pemData = [[NSString stringWithCString:(const char *)pem_buffer encoding:NSUTF8StringEncoding] dataUsingEncoding:NSUTF8StringEncoding];
free(pem_buffer);
return pemData;
}
- (NSData *)derData:(out NSError **)error {
size_t buffer_length = mbedtls_pk_get_len(self.ctx) * 10;
unsigned char *der_buffer = malloc(buffer_length);
int result = mbedtls_pk_write_key_der(self.ctx, der_buffer, buffer_length);
if (result < 0) {
if (error) {
NSString *reason = [NSError reasonFromResult:result];
*error = [NSError errorWithDomain:OpenVPNIdentityErrorDomain code:result userInfo:@{
NSLocalizedDescriptionKey: @"Failed to write DER data.",
NSLocalizedFailureReasonErrorKey: reason
}];
}
free(der_buffer);
return nil;
}
NSUInteger location = buffer_length - result;
NSRange range = NSMakeRange(location, result);
NSData *derData = [[NSData dataWithBytes:der_buffer length:buffer_length] subdataWithRange:range];
free(der_buffer);
return derData;
}
- (void)dealloc {
mbedtls_pk_free(self.ctx);
free(self.ctx);
}
@end

3
OpenVPN Adapter/Umbrella-Header.h
View File

@@ -33,5 +33,8 @@ FOUNDATION_EXPORT const unsigned char OpenVPNAdapterVersionString[];
#import <OpenVPNAdapter/OpenVPNInterfaceStats.h>
#import <OpenVPNAdapter/OpenVPNAdapter.h>
#import <OpenVPNAdapter/OpenVPNAdapter+Public.h>
#import <OpenVPNAdapter/OpenVPNKeyType.h>
#import <OpenVPNAdapter/OpenVPNCertificate.h>
#import <OpenVPNAdapter/OpenVPNPrivateKey.h>
#import <OpenVPNAdapter/OpenVPNReachabilityStatus.h>
#import <OpenVPNAdapter/OpenVPNReachability.h>