00004b0 ffff ffff ffff ffff ffff ffff ffff 00ff
00004c0 0000 fc01 ffff ffff ffff ffff ffff ffff
00004d0 ffff ffff 0089 0019 0801 0101 0000 0000
00004e0 0000 0000 0000 3130 0000 0009 ff02 00ff
00004f0 0000 0000 0000 ff00 ffff ffff ffff ffff
0000500 008b 001c 0a03 0001 0000 ffff ffff 94ff
0000510 b325 c55f 076f 000b ff02 acff ffa2 a733
0000520 fe19 28be 0000 ffff ffff ffff 008b 002a
0000530 0a05 0001 0000 001d df03 94e6 b325 c55f
0000540 076f 000b 0002 ac06 ffa2 a733 fe19 28be
0000550 0e00 0000 0000 0000 000b ff03 00ff 0000
0000560 0000 0000 ff00 ffff ffff ffff ffff 008b
0000570 002a 0a08 0001 0000 001d df03 94e6 b325
0000580 c55f 076f 000b 0002 ac09 ffa2 a733 fe19
0000590 28be 0e00 0000 0000 0000 000b ff03 00ff
00005a0 0000 b300 03b0 ff02 ffff ffff ffff ffff
00005b0 008b 002a 0a0b 0001 0000 001d df03 94e6
00005c0 b325 c55f 076f 000b 0002 ac0c ffa2 a733
00005d0 fe19 28be 0e00 0000 0000 0000 000b ff03
00005e0 00ff 0000 b300 03b0 ff02 ffff ffff ffff
00005f0 ffff ffff ffff ffff ffff ffff ffff ffff
I am actually having file like this how to convert into binary like 0x11 to 0001 0001
Here is an example of how to do it, using gmatch to select each byte in the string.
Then you convert the hex byte to it's number value and process that with a function to get the binary digits.
local hexfile = '0011 ffff'
local function bytetobin(n)
local t = {}
local d = 0
d = math.log(65535) / math.log(2)
for i = math.floor(d), 0, -1 do
t[#t + 1] = math.floor(n / 2^i)
n = n % 2^i
end
return table.concat(t)
end
local function hextobin(hex)
local num = tonumber(hex, 16)
local bin = bytetobin(num)
local result = bin:gsub("()", {[5]=" ", [9]=" ", [13]=" "})
return result
end
for line in hexfile:gmatch('([^\n]+)') do
local binarystring = ''
for v in line:gmatch("(%x+)") do
binarystring = binarystring .. hextobin(v) .. ' '
end
print(binarystring)
end
Output:
0000 0000 0001 0001 1111 1111 1111 1111
bytetobin function from:love2d user: Zorg modified to produce leading 0s
I am writing a home automation program using Tasmota devices.
I have a YTF IR Bridge working well with most of my remotes.
for example with an Apple TV I can send
{"Protocol":"NEC","Bits":32,"Data":0x77E14005}
to select the menu.
I have come up with a problem with the Foxtel remote.
I have found codes for this on the net.
e.g.
Vol +
0000 0073 0000 0012 000F 000A 0006 000A 0006 0016 0006 000A 0006 0010 0006 0016 0006 0016 0006 000A 0006 000A 0006 000A 0006 0016 0006 0010 0006 0016 0006 000A 0006 0010 0006 000A 0006 000A 0006 0CA0
Vol –
0000 0073 0000 0012 000F 000A 0006 000A 0006 0016 0006 000A 0006 0010 0006 0016 0006 0016 0006 000A 0006 000A 0006 000A 0006 0016 0006 0010 0006 0016 0006 000A 0006 0010 0006 000A 0006 0010 0006 0C9B
I then converted these to ascii from hex and sent
cmnd/ir-bridge/IRSend 0,115,0,18,15,10,6,10,6,22,6,10,6,16,6,22,6,22,6,10,6,10,6,10,6,22,6,16,6,22,6,10,6,16,6,10,6,10,6,3232
with no result from the Foxtel box.
Could anyone give some clues on how to send this raw data.
I had success with another group and found out how to decode this.
here is the Basic4Java code I use.
Dim sb As StringBuilder
sb.Initialize
Dim Spllited() As String
Spllited = Regex.Split(" ",payload)
Dim N As Int
N = Bit.ParseInt(Spllited(1), 16)
Dim Frequency As Int = (1000000/(N * .241246)/1000)
Dim pulse As Float = (1000/Frequency)
sb.Append(Frequency).Append(",") ' Add frequency
Dim OneTime As Int = Bit.ParseInt(Spllited(2), 16)
Dim Repeat As Int = Bit.ParseInt(Spllited(3), 16)
For z = 4 To Spllited.Length-1
Dim Int_Number As Int
Int_Number = Bit.ParseInt(Spllited(z), 16)
Dim t As Int = Int_Number * pulse
sb.Append(t)
If z <> Spllited.Length-1 Then sb.Append(",")
Next
payload = sb.ToString
Tom
I am working on a Ruby on Rails application which uses the WinRM library to access a remote Windows server. The transport supplied is :negotiate which will negotiate the authentication with the remote server.
The issue is the WinRM library expects a 401 HTTP status code so that it can send more data for authentication. However, a 200 HTTP status code is returned and the negotiate fails.
The backtrace is :
NoMethodError: undefined method `split' for nil:NilClass
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/http/transport.rb:226:in `init_auth'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/http/transport.rb:166:in `send_request'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/winrm_service.rb:489:in `send_message'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/winrm_service.rb:390:in `run_wql'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/command_executor.rb:186:in `os_version'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/command_executor.rb:145:in `code_page'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/command_executor.rb:72:in `block in open'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/command_executor.rb:218:in `retryable'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/winrm-1.7.3/lib/winrm/command_executor.rb:71:in `open'
from (irb):20
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/railties-4.2.1/lib/rails/commands/console.rb:110:in `start'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/railties-4.2.1/lib/rails/commands/console.rb:9:in `start'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/railties-4.2.1/lib/rails/commands/commands_tasks.rb:68:in `console'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/railties-4.2.1/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
from /home/cobalt/.rvm/gems/ruby-2.2.2/gems/railties-4.2.1/lib/rails/commands.rb:17:in `<top (required)>'
from bin/rails:4:in `require'
from bin/rails:4:in `<main>'2.2.2 :021 >
The TCP Dump shows the below package exchanges
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:04:08.372376 IP d8b5d56cba65.53166 > pokcpeusap02.corp.absc.local.wsman: Flags [S], seq 2899844066, win 29200, options [mss 1460,sackOK,TS val 1316187676 ecr 0,nop,wscale 7], length 0
0x0000: 4500 003c 75fe 4000 4006 d486 0400 0005 E..<u.#.#.......
0x0010: 0acd e165 cfae 1761 acd8 1be2 0000 0000 ...e...a........
0x0020: a002 7210 f065 0000 0204 05b4 0402 080a ..r..e..........
0x0030: 4e73 6e1c 0000 0000 0103 0307 Nsn.........
12:04:08.421019 IP pokcpeusap02.corp.absc.local.wsman > d8b5d56cba65.53166: Flags [S.], seq 3702856093, ack 2899844067, win 8192, options [mss 1351,nop,wscale 8,sackOK,TS val 79780711 ecr 1316187676],
length 0
0x0000: 4500 003c 7f04 4000 7d06 8e80 0acd e165 E..<..#.}......e
0x0010: 0400 0005 1761 cfae dcb5 199d acd8 1be3 .....a..........
0x0020: a012 2000 754e 0000 0204 0547 0103 0308 ....uN.....G....
0x0030: 0402 080a 04c1 5b67 4e73 6e1c ......[gNsn.
12:04:08.421047 IP d8b5d56cba65.53166 > pokcpeusap02.corp.absc.local.wsman: Flags [.], ack 1, win 229, options [nop,nop,TS val 1316187725 ecr 79780711], length 0
0x0000: 4500 0034 75ff 4000 4006 d48d 0400 0005 E..4u.#.#.......
0x0010: 0acd e165 cfae 1761 acd8 1be3 dcb5 199e ...e...a........
0x0020: 8010 00e5 f05d 0000 0101 080a 4e73 6e4d .....]......NsnM
0x0030: 04c1 5b67 ..[g
12:04:08.421368 IP d8b5d56cba65.53166 > pokcpeusap02.corp.absc.local.wsman: Flags [P.], seq 1:340, ack 1, win 229, options [nop,nop,TS val 1316187725 ecr 79780711], length 339
0x0000: 4500 0187 7600 4000 4006 d339 0400 0005 E...v.#.#..9....
0x0010: 0acd e165 cfae 1761 acd8 1be3 dcb5 199e ...e...a........
0x0020: 8018 00e5 f1b0 0000 0101 080a 4e73 6e4d ............NsnM
0x0030: 04c1 5b67 504f 5354 202f 7773 6d61 6e20 ..[gPOST./wsman.
0x0040: 4854 5450 2f31 2e31 0d0a 4175 7468 6f72 HTTP/1.1..Author
0x0050: 697a 6174 696f 6e3a 204e 6567 6f74 6961 ization:.Negotia
0x0060: 7465 2054 6c52 4d54 564e 5455 4141 4241 te.TlRMTVNTUAABA
0x0070: 4141 414e 3449 4934 4151 4142 4141 6741 AAAN4II4AQABAAgA
0x0080: 4141 4141 4141 4141 4351 4141 4142 4462 AAAAAAAACQAAABDb
0x0090: 334a 775a 4468 694e 5751 314e 6d4e 6959 3JwZDhiNWQ1NmNiY
0x00a0: 5459 310d 0a43 6f6e 7465 6e74 2d54 7970 TY1..Content-Typ
0x00b0: 653a 2061 7070 6c69 6361 7469 6f6e 2f73 e:.application/s
0x00c0: 6f61 702b 786d 6c3b 6368 6172 7365 743d oap+xml;charset=
0x00d0: 5554 462d 380d 0a55 7365 722d 4167 656e UTF-8..User-Agen
0x00e0: 743a 2052 7562 7920 5769 6e52 4d20 436c t:.Ruby.WinRM.Cl
0x00f0: 6965 6e74 2028 322e 372e 312c 2072 7562 ient.(2.7.1,.rub
0x0100: 7920 322e 322e 3220 2832 3031 352d 3034 y.2.2.2.(2015-04
0x0110: 2d31 3329 290d 0a41 6363 6570 743a 202a -13))..Accept:.*
0x0120: 2f2a 0d0a 4461 7465 3a20 5475 652c 2030 /*..Date:.Tue,.0
0x0130: 3720 4d61 7220 3230 3137 2031 323a 3034 7.Mar.2017.12:04
0x0140: 3a30 3820 474d 540d 0a43 6f6e 7465 6e74 :08.GMT..Content
0x0150: 2d4c 656e 6774 683a 2030 0d0a 486f 7374 -Length:.0..Host
0x0160: 3a20 706f 6b63 7065 7573 6170 3032 2e63 :.pokcpeusap02.c
0x0170: 6f72 702e 6162 7363 2e6c 6f63 616c 3a35 orp.absc.local:5
0x0180: 3938 350d 0a0d 0a 985....
12:04:08.516497 IP pokcpeusap02.corp.absc.local.wsman > d8b5d56cba65.53166: Flags [P.], seq 1:39, ack 340, win 256, options [nop,nop,TS val 79780721 ecr 1316187725], length 38
0x0000: 4500 005a 7f05 4000 7d06 8e61 0acd e165 E..Z..#.}..a...e
0x0010: 0400 0005 1761 cfae dcb5 199e acd8 1d36 .....a.........6
0x0020: 8018 0100 11f4 0000 0101 080a 04c1 5b71 ..............[q
0x0030: 4e73 6e4d 4854 5450 2f31 2e31 2032 3030 NsnMHTTP/1.1.200
0x0040: 204f 4b0d 0a43 6f6e 7465 6e74 2d4c 656e .OK..Content-Len
0x0050: 6774 683a 2030 0d0a 0d0a gth:.0....
12:04:08.516541 IP d8b5d56cba65.53166 > pokcpeusap02.corp.absc.local.wsman: Flags [.], ack 39, win 229, options [nop,nop,TS val 1316187821 ecr 79780721], length 0
0x0000: 4500 0034 7601 4000 4006 d48b 0400 0005 E..4v.#.#.......
0x0010: 0acd e165 cfae 1761 acd8 1d36 dcb5 19c4 ...e...a...6....
0x0020: 8010 00e5 f05d 0000 0101 080a 4e73 6ead .....]......Nsn.
0x0030: 04c1 5b71 ..[q
What would be the issue? Why I don't get a 401 HTTP status code?
I havae managed to found the root cause of the issue. It turns out there is another service instead of WinRM srevice is listening to port 5985. Hence when a request is sent to that port, that service responded with a respone requiring Basic Authentication and the status code 200. The issue is fixed after starting WinRM service and make it listen at port 5985.
The detailed analysis can be found at Ruby WinRM undefined method `split' for nil:NilClass. It's really a good lesson to learn. Sometimes the issue is very simple and stupid, but to find out the issue would take much effort.
Okay, I am new to the wide wonders of SSL certificates and authentication so I am probably doing something very very obviously wrong here. But I am trying to setup an NSURLSession to download a file from server proxied through an SSL Gateway. For reasons involved with the solution we are building we want to use a non-standard CA for signing the cert. As a result I have a CACert, server certificate and a server private key. These have been worked into a pkcs12 file which I load to get the identity from the file and I then try to do a security trust evaluation with that cert.
What I get is that if I connect to a server that uses a publicly signed cert then the server trust authentication works just fine and I get the callbacks I am expecting. So I know I've done the delegate hookup correctly.
However with the client certificate challenge on the test URL indicated in the code I get a -9802 error. Which suggests that either the cert is being evaluated properly or I have got something else wrong. Indeed the server tries to move on to ServerTrust and then curls everything up. (But curiously the didBecomeInvalidWithError callback doesn't get called, which I was expecting when everything goes wrong.)
I have turned CFNetworking diagnostics on and the device log ends up looking like this :-
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:2] 15:38:38.524 {
AddCookies Continue: request GET https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001 HTTP/1.1
HTTPProtocol: Task: 14dcc7c0
} [3:2]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:3] 15:38:38.526 {
Protocol Enqueue: request GET https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001 HTTP/1.1
Request: <CFURLRequest 0x14f48f60 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Message: GET https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001 HTTP/1.1
Sending: dict [4] {
Accept-Encoding: gzip, deflate
Accept-Language: en-us
Accept: */
}
} [3:3]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:4] 15:38:38.533 {
SocketStream IO Logging
} [3:4]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:5] 15:38:38.544 {
TCP Connection Created
conn: 0x14f53d10 for name 103.20.137.69, port 444
} [3:5]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:6] 15:38:38.548 {
TCP Connection Start
conn: 0x14f53d10
} [3:6]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:7] 15:38:38.610 {
SocketStream TCP Connection Complete
conn: 0x14f53d10
fd: 7
error: 0
} [3:7]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:8] 15:38:38.613 {
{ fd: 7, local 10.47.29.209:53929 => peer 103.20.137.69:444 } RAW-SENT 201
RAW-SENT (7) | > data [ 201 ] bytes {
RAW-SENT (7) | > 00000000: 1603 0300 c401 0000 c003 0358 1168 ae99 ...........X.h..
RAW-SENT (7) | > 00000010: 94f9 5ed2 d848 bb05 c846 5654 71c9 e3c9 ..^..H...FVTq...
RAW-SENT (7) | > 00000020: cd65 210b a324 dacc 75e2 a900 0018 00ff .e!..$..u.......
RAW-SENT (7) | > 00000030: c02c c02b c024 c00a c023 c009 c030 c02f .,.+.$.-.#...0./
RAW-SENT (7) | > 00000040: c028 c027 c013 0100 007f 0000 0012 0010 .(.'............
RAW-SENT (7) | > 00000050: 0000 0d31 3033 2e32 302e 3133 372e 3639 ..-103.20.137.69
RAW-SENT (7) | > 00000060: 000a 0008 0006 0017 0018 0019 000b 0002 .-..............
RAW-SENT (7) | > 00000070: 0100 000d 000e 000c 0501 0401 0201 0503 ...-............
RAW-SENT (7) | > 00000080: 0403 0203 3374 0000 0010 0030 002e 0268 ....3t.....0...h
RAW-SENT (7) | > 00000090: 3205 6832 2d31 3605 6832 2d31 3505 6832 2.h2-16.h2-15.h2
RAW-SENT (7) | > 000000a0: 2d31 3408 7370 6479 2f33 2e31 0673 7064 -14.spdy/3.1.spd
RAW-SENT (7) | > 000000b0: 792f 3308 6874 7470 2f31 2e31 0005 0005 y/3.http/1.1....
RAW-SENT (7) | > 000000c0: 0100 0000 0000 1200 00 .........
RAW-SENT (7) | > }
} [3:8]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:9] 15:38:38.617 {
ioLogger
logStruct: array [4] {
BEGIN SSL RECORD DECODE: SENT
decodeHandshake [0] # 0x14f5d915, version 303, length 196 (0xc4)
ClientHello (1, 0x1), length 192 (0xc0)
END SSL RECORD DECODE: SENT
}
} [3:9]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:10] 15:38:38.718 {
{ fd: 7, local 10.47.29.209:53929 => peer 103.20.137.69:444 } RAW-READ 1368
RAW-READ (7) | < data [ 1368 ] bytes {
RAW-READ (7) | < 00000000: 1603 0305 a002 0000 4d03 0358 1168 b65d ........M..X.h.]
RAW-READ (7) | < 00000010: 4b61 2b40 e5f7 65d5 bbea a3d1 ce5d 113f Ka+#..e......].?
RAW-READ (7) | < 00000020: 86be 2d04 9288 fd34 2a86 d620 5811 68b6 ..-....4*.. X.h.
RAW-READ (7) | < 00000030: 51f5 0beb 192f 0954 9556 c1f8 6d18 1f4b Q..../.T.V..m..K
RAW-READ (7) | < 00000040: 5304 638c a110 b2f6 09ab cff2 c030 0000 S.c..........0..
RAW-READ (7) | < 00000050: 05ff 0100 0100 0b00 042b 0004 2800 0242 .........+..(..B
RAW-READ (7) | < 00000060: 3082 023e 3082 01a7 a003 0201 0202 0821 0..>0..........!
RAW-READ (7) | < 00000070: 92e4 4931 8b9b ad30 0d06 092a 8648 86f7 ..I1...0-..*.H..
RAW-READ (7) | < 00000080: 0d01 0105 0500 3025 3123 3021 0603 5504 -.....0%1#0!..U.
RAW-READ (7) | < 00000090: 030c 1a66 692d 706f 696e 7379 732d 7372 ...fi-poinsys-sr
RAW-READ (7) | < 000000a0: 762d 7465 7374 2d30 3031 2d63 6130 2017 v-test-001-ca0 .
RAW-READ (7) | < 000000b0: 0d30 3830 3332 3631 3335 3035 305a 180f -080326135050Z..
RAW-READ (7) | < 000000c0: 3230 3538 3033 3236 3133 3530 3530 5a30 20580326135050Z0
RAW-READ (7) | < 000000d0: 2d31 2b30 2906 0355 0403 0c22 6669 2d70 -1+0)..U..."fi-p
RAW-READ (7) | < 000000e0: 6f69 6e73 7973 2d73 7276 2d74 6573 7467 oinsys-srv-testg
RAW-READ (7) | < 000000f0: 7731 2d30 3031 2d67 656e 6572 616c 3081 w1-001-general0.
RAW-READ (7) | < 00000100: 9f30 0d06 092a 8648 86f7 0d01 0101 0500 .0-..*.H..-.....
RAW-READ (7) | < 00000110: 0381 8d00 3081 8902 8181 00b4 1d0e 5f53 ....0........._S
RAW-READ (7) | < 00000120: 9179 2d45 80d2 4746 2164 1cac 8613 3e67 .y-E..GF!d....>g
RAW-READ (7) | < 00000130: 628c 2514 0036 e770 ca16 15ed 73da 5997 b.%..6.p....s.Y.
RAW-READ (7) | < 00000140: 2c10 5c5f ce84 4225 5857 20a5 04af 2879 ,.\_..B%XW ...(y
RAW-READ (7) | < 00000150: 661a b7c5 a9db b05c dd47 a996 63ed 58e6 f......\.G..c.X.
RAW-READ (7) | < 00000160: 4d7a 34f4 e4b7 26fb 87c8 a08b 48e9 b504 Mz4...&.....H...
RAW-READ (7) | < 00000170: 4e01 9aa9 aea4 fb02 93b6 0816 0a9b 1054 N...........-..T
RAW-READ (7) | < 00000180: 6d7b 2647 dd66 ade5 e0f4 79f1 3b01 7bbf m{&G.f....y.;.{.
RAW-READ (7) | < 00000190: 044a 6954 6be1 408a ce75 8302 0301 0001 .JiTk.#..u......
RAW-READ (7) | < 000001a0: a36d 306b 3009 0603 551d 1304 0230 0030 .m0k0...U....0.0
RAW-READ (7) | < 000001b0: 5e06 0355 1d1f 0457 3055 3053 a051 a04f ^..U...W0U0S.Q.O
RAW-READ (7) | < 000001c0: 864d 6874 7470 733a 2f2f 706f 696e 7473 .Mhttps://points
RAW-READ (7) | < 000001d0: 736c 7465 7374 3a38 3434 332f 6b6d 732f sltest:8443/kms/
RAW-READ (7) | < 000001e0: 6372 6c2f 6765 7463 726c 2e68 746d 6c3f crl/getcrl.html?
RAW-READ (7) | < 000001f0: 6e61 6d65 3d66 692d 706f 696e 7379 732d name=fi-poinsys-
RAW-READ (7) | < 00000200: 7372 762d 7465 7374 2d30 3031 2d63 6130 srv-test-001-ca0
RAW-READ (7) | < 00000210: 0d06 092a 8648 86f7 0d01 0105 0500 0381 -..*.H..-.......
RAW-READ (7) | < 00000220: 8100 13f7 5f61 4699 d11c 1199 87d6 964a ...._aF........J
RAW-READ (7) | < 00000230: 7e37 4454 94e6 3f8c 063f c560 68f3 4f89 ~7DT..?..?.`h.O.
RAW-READ (7) | < 00000240: 9f53 1521 5cf3 aa47 f57c 007a e54b 1b47 .S.!\..G.|.z.K.G
RAW-READ (7) | < 00000250: 8c98 eaaa 235b 3fcf 819a 3df9 5540 a67b ....#[?...=.U#.{
RAW-READ (7) | < 00000260: 02f1 013a c2c7 a523 a679 438f 58b3 af01 ...:...#.yC.X...
RAW-READ (7) | < 00000270: 8a9e f3fb de96 ac7e 2d38 4216 a794 502e .......~-8B...P.
RAW-READ (7) | < 00000280: 1b7d 9ad5 cf3b 1ebe 745e c976 bb03 90f0 .}...;..t^.v....
RAW-READ (7) | < 00000290: f8a7 4b81 5319 197f 221d 0d5f 504b c69a ..K.S...".-_PK..
RAW-READ (7) | < 000002a0: 10aa 0001 e030 8201 dc30 8201 45a0 0302 .....0...0..E...
RAW-READ (7) | < 000002b0: 0102 0208 6c89 815a 8bf7 15f5 300d 0609 ....l..Z....0-..
RAW-READ (7) | < 000002c0: 2a86 4886 f70d 0101 0505 0030 2531 2330 *.H..-.....0%1#0
RAW-READ (7) | < 000002d0: 2106 0355 0403 0c1a 6669 2d70 6f69 6e73 !..U....fi-poins
RAW-READ (7) | < 000002e0: 7973 2d73 7276 2d74 6573 742d 3030 312d ys-srv-test-001-
RAW-READ (7) | < 000002f0: 6361 3020 170d 3038 3033 3236 3133 3530 ca0 .-0803261350
RAW-READ (7) | < 00000300: 3530 5a18 0f32 3035 3830 3332 3631 3335 50Z..20580326135
RAW-READ (7) | < 00000310: 3035 305a 3025 3123 3021 0603 5504 030c 050Z0%1#0!..U...
RAW-READ (7) | < 00000320: 1a66 692d 706f 696e 7379 732d 7372 762d .fi-poinsys-srv-
RAW-READ (7) | < 00000330: 7465 7374 2d30 3031 2d63 6130 819f 300d test-001-ca0..0-
RAW-READ (7) | < 00000340: 0609 2a86 4886 f70d 0101 0105 0003 818d ..*.H..-........
RAW-READ (7) | < 00000350: 0030 8189 0281 8100 859a a533 e990 210b .0.........3..!.
RAW-READ (7) | < 00000360: 58c1 8b58 984a fd75 337c c021 d374 02d8 X..X.J.u3|.!.t..
RAW-READ (7) | < 00000370: f640 ff05 3efd a51a 9df7 f6eb 1023 52bc .#..>........#R.
RAW-READ (7) | < 00000380: ac59 a650 e4ad 9d1f 02e6 97db c914 a01b .Y.P............
RAW-READ (7) | < 00000390: cd30 4945 8d71 5178 44f8 b4d4 9cba 2b8a .0IE.qQxD.....+.
RAW-READ (7) | < 000003a0: 9077 1d85 9547 9c49 a043 7879 6899 2048 .w...G.I.Cxyh. H
RAW-READ (7) | < 000003b0: 6fa5 d537 0010 0591 9d61 e854 5613 3d1d o..7.....a.TV.=.
RAW-READ (7) | < 000003c0: 4677 5f8a ddb8 8d4d a885 3984 1cd9 7550 Fw_....M..9...uP
RAW-READ (7) | < 000003d0: 96f4 acef 2a9f 7633 0203 0100 01a3 1330 ....*.v3.......0
RAW-READ (7) | < 000003e0: 1130 0f06 0355 1d13 0408 3006 0101 ff02 .0...U....0.....
RAW-READ (7) | < 000003f0: 0101 300d 0609 2a86 4886 f70d 0101 0505 ..0-..*.H..-....
RAW-READ (7) | < 00000400: 0003 8181 007b a0cd 116b a28f b536 67bf .....{...k...6g.
RAW-READ (7) | < 00000410: f87e 7b61 7543 411a 6047 7ca9 e54a 1a36 .~{auCA.`G|..J.6
RAW-READ (7) | < 00000420: e688 cd15 e346 e519 3f46 f900 79a8 e027 .....F..?F..y..'
RAW-READ (7) | < 00000430: 43f9 b963 a0f6 81d0 26c5 f66d 9d88 017d C..c....&..m...}
RAW-READ (7) | < 00000440: 7c99 3168 2cf4 dced 64f8 5624 81d2 6dd2 |.1h,...d.V$..m.
RAW-READ (7) | < 00000450: aaf4 0a0f c21d e196 e557 196c 0686 d698 ..-......W.l....
RAW-READ (7) | < 00000460: 5f6a 2d12 996c 3157 0ba7 ee35 498c db3a _j-..l1W...5I..:
RAW-READ (7) | < 00000470: 2835 34cb b6e5 b941 7fac bf9f cfaa 5b98 (54....A......[.
RAW-READ (7) | < 00000480: d118 ca76 360c 0000 c903 0017 4104 bf45 ...v6.......A..E
RAW-READ (7) | < 00000490: 344f 7916 08d2 fa31 ec81 ac4e 7baf bfe1 4Oy....1...N{...
RAW-READ (7) | < 000004a0: e04e 459d 2043 f3f9 8208 fce6 35ef bc99 .NE. C......5...
RAW-READ (7) | < 000004b0: b606 a4f7 19eb 3c16 7131 ade6 4952 1dc5 ......<.q1..IR..
RAW-READ (7) | < 000004c0: 3b21 3cde ab1d c06f 870e 6580 9489 0501 ;!<....o..e.....
RAW-READ (7) | < 000004d0: 0080 9468 d320 2901 bcb4 07b9 691c c9b2 ...h. ).....i...
RAW-READ (7) | < 000004e0: feae 734a dbb5 a658 a03f 93cb c769 2588 ..sJ...X.?...i%.
RAW-READ (7) | < 000004f0: 5e5d 011c 89bb dc6e 7d72 054e b173 c8f5 ^].....n}r.N.s..
RAW-READ (7) | < 00000500: 90c1 c0db d0ee a59d c69e 8a0f 0195 3d7b ..............={
RAW-READ (7) | < 00000510: c4f1 b067 5cb8 131c a79d ad43 0bc9 1cbd ...g\......C....
RAW-READ (7) | < 00000520: c8f0 4f57 9fbb 4680 3afa 182f af23 bea9 ..OW..F.:../.#..
RAW-READ (7) | < 00000530: 03dd c86d eb5a fae3 c449 a0b2 688e 4b0a ...m.Z...I..h.K-
RAW-READ (7) | < 00000540: 2188 f37b a27e 5fa2 4221 d52c a98b 7e90 !..{.~_.B!.,..~.
RAW-READ (7) | < 00000550: 5d81 0d00 004b 0301 ].-..K..
RAW-READ (7) | < }
} [3:10]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:11] 15:38:38.730 {
{ fd: 7, local 10.47.29.209:53929 => peer 103.20.137.69:444 } RAW-READ 77
RAW-READ (7) | < data [ 77 ] bytes {
RAW-READ (7) | < 00000000: 0240 0016 0603 0601 0503 0501 0403 0401 .#..............
RAW-READ (7) | < 00000010: 0303 0301 0203 0201 0202 002d 002b 3029 ...........-.+0)
RAW-READ (7) | < 00000020: 3127 3025 0603 5504 030c 1e66 692d 706f 1'0%..U....fi-po
RAW-READ (7) | < 00000030: 696e 7379 732d 7465 7374 636c 742d 636d insys-testclt-cm
RAW-READ (7) | < 00000040: 7331 2d30 3031 2d63 610e 0000 00 s1-001-ca....
RAW-READ (7) | < }
} [3:11]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:12] 15:38:38.732 {
ioLogger
logStruct: array [12] {
BEGIN SSL RECORD DECODE: READ
decodeHandshake [0] # 0x15c62025, version 303, length 1440 (0x5a0)
ServerHello (2, 0x2), length 77 (0x4d)
decodeHandshake [1] # 0x15c62076, version 303, length 1440 (0x5a0)
Certificate (11, 0xb), length 1067 (0x42b)
decodeHandshake [2] # 0x15c624a5, version 303, length 1440 (0x5a0)
ServerKeyExchange (12, 0xc), length 201 (0xc9)
decodeHandshake [3] # 0x15c62572, version 303, length 1440 (0x5a0)
CertificateRequest (13, 0xd), length 75 (0x4b)
decodeHandshake [4] # 0x15c625c1, version 303, length 1440 (0x5a0)
ServerHelloDone (14, 0xe), length 0 (0x0)
END SSL RECORD DECODE: READ
}
} [3:12]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:13] 15:38:38.739 {
Client Cert Requested
Distinguished Names: 1
0: << DATA <CFData 0x14def8c0 [0x38002170]>{length = 43, capacity = 43, bytes = 0x30293127302506035504030c1e66692d ... 312d3030312d6361} >>
} [3:13]
Oct 27 15:38:38 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:14] 15:38:38.742 {
Authentication Challenge
Loader: <CFURLRequest 0x14dcb620 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Challenge: challenge space https://103.20.137.69:444/, ClientCertificateRequested (Hash c3626e29)
} [3:14]
Oct 27 15:38:38 Philip-Banks-ipod Unknown[791] <Error>:
Oct 27 15:38:43 Philip-Banks-ipod MPEtestApplication[793] <Error>: SecTrustEvaluate [leaf AnchorTrusted]
Oct 27 15:38:44 Philip-Banks-ipod MPEtestApplication[793] <Warning>: Certificates found: 1
Oct 27 15:38:44 Philip-Banks-ipod MPEtestApplication[793] <Error>: SecTrustEvaluate [leaf AnchorTrusted]
Oct 27 15:38:44 Philip-Banks-ipod MPEtestApplication[793] <Warning>: User: (null), certificates (
"<cert(0x160214f0) s: 400-133-738-MOB i: fi-poinsys-testclt-cms1-001-ca>"
) identity:<SecIdentityRef: 0x16020270>
Oct 27 15:38:46 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:15] 15:38:46.070 {
Use Credential
Loader: <CFURLRequest 0x14dcb620 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Credential: Name: 400-133-738-MOB, Persistence: permanent
} [3:15]
Oct 27 15:38:46 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:16] 15:38:46.074 {
touchConnection
Loader: <CFURLRequest 0x14dcb620 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Timeout Interval: 60.000 seconds
} [3:16]
Oct 27 15:38:46 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:17] 15:38:46.078 {
Peer certificate
Subject Sum: fi-poinsys-srv-testgw1-001-general
Summary: fi-poinsys-srv-test-001-ca
} [3:17]
Oct 27 15:38:46 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:18] 15:38:46.093 {
Authentication Challenge
Loader: <CFURLRequest 0x14dcb620 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Challenge: challenge space https://103.20.137.69:444/, ServerTrustEvaluationRequested (Hash c3626e29)
} [3:18]
Oct 27 15:38:47 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:19] 15:38:47.250 {
Use Credential
Loader: <CFURLRequest 0x14dcb620 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Credential: null
} [3:19]
Oct 27 15:38:47 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:20] 15:38:47.252 {
touchConnection
Loader: <CFURLRequest 0x14dcb620 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Timeout Interval: 60.000 seconds
} [3:20]
Oct 27 15:38:47 Philip-Banks-ipod MPEtestApplication[793] <Error>: SecTrustEvaluate [leaf SSLHostname] [root AnchorTrusted]
Oct 27 15:38:47 Philip-Banks-ipod MPEtestApplication[793] <Warning>: NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)
Oct 27 15:38:47 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:21] 15:38:47.255 {
Response Error
Request: <CFURLRequest 0x14f48f60 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Error: Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamPropertySSLClientCertificateState=2, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x14f76660>, _kCFStreamErrorDomainKey=3, kCFStreamPropertySSLPeerCertificates=<CFArray 0x160274c0 [0x38002170]>{type = immutable, count = 2, values = (
0 : <cert(0x14f70280) s: fi-poinsys-srv-testgw1-001-general i: fi-poinsys-srv-test-001-ca>
1 : <cert(0x14f70520) s: fi-poinsys-srv-test-001-ca i: fi-poinsys-srv-test-001-ca>
)}, _kCFStreamPropertySSLClientCertificates=<CFArray 0x14f74740 [0x38002170]>{type = mutable-small, count = 2, values = (
0 : <SecIdentityRef: 0x16020270>
1 : <cert(0x160214f0) s: 400-133-738-MOB i: fi-poinsys-testclt-cms1-001-ca>
)}}
} [3:21]
Oct 27 15:38:47 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:22] 15:38:47.258 {
Did Fail
Loader: <CFURLRequest 0x14dcb620 [0x38002170]> {url = https://103.20.137.69:444/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001, cs = 0x0}
Error: Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamPropertySSLClientCertificateState=2, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x14f76660>, _kCFStreamErrorDomainKey=3, kCFStreamPropertySSLPeerCertificates=<CFArray 0x160274c0 [0x38002170]>{type = immutable, count = 2, values = (
0 : <cert(0x14f70280) s: fi-poinsys-srv-testgw1-001-general i: fi-poinsys-srv-test-001-ca>
1 : <cert(0x14f70520) s: fi-poinsys-srv-test-001-ca i: fi-poinsys-srv-test-001-ca>
)}, _kCFStreamPropertySSLClientCertificates=<CFArray 0x14f74740 [0x38002170]>{type = mutable-small, count = 2, values = (
0 : <SecIdentityRef: 0x16020270>
1 : <cert(0x160214f0) s: 400-133-738-MOB i: fi-poinsys-testclt-cms1-001-ca>
)}}
init to origin load: 0.011323s
total time: 8.75724s
total bytes: 0
} [3:22]
Oct 27 15:38:47 Philip-Banks-ipod MPEtestApplication[793] <Notice>: CFNetwork Diagnostics [3:23] 15:38:47.275 {
~HTTPProtocol: nullptr request
Request: null
sent: 0
received: 0
cell sent: 0
cell received: 0
} [3:23]
Which seems to be pretty clear that the authentication failed, but not why it failed at. I'd appreciate any useful suggestions here as I am kinda stuck at this point.
This code is being build using XCode 8 building against the 10 SDK and deploying it onto an iOS 9.3.5 device.
Here is the code in question :-
#import "testSSLClass.h"
#interface testSSLClass()<NSURLConnectionDelegate, NSURLSessionDelegate, NSURLSessionDataDelegate> {
NSString* mDownloadURL;
NSURLSessionConfiguration* mDownloadConfiguration;
NSURLSession* mDownloadSession;
NSURLSessionDataTask* mDownloadTask;
NSMutableData* mDataReceived;
}
#end
#implementation testSSLClass
-(instancetype)init
{
if (self = [super init])
{
mDownloadURL = #"https://103.20.137.69:443/downloadfile.aspx?filename=MON___00DADDF5FFFF00&tspid=100581332001";
mDownloadConfiguration = [NSURLSessionConfiguration ephemeralSessionConfiguration];
}
return self;
}
-(void)doADownload
{
mDataReceived = [NSMutableData new];
NSURL* URLtoFetch = [NSURL URLWithString:mDownloadURL];
mDownloadSession = [NSURLSession sessionWithConfiguration:mDownloadConfiguration delegate:self delegateQueue:nil];
mDownloadTask = [mDownloadSession dataTaskWithURL:URLtoFetch];
[mDownloadTask resume];
}
-(void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential * _Nullable))completionHandler
{
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate]) {
[self willSendRequestForAuthenticationChallenge:challenge completionHandler:completionHandler];
} else {
completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
}
}
-(void)URLSession:(NSURLSession *)session dataTask:(NSURLSessionDataTask *)dataTask didReceiveData:(NSData *)data
{
[mDataReceived appendData:data];
}
-(void)URLSession:(NSURLSession *)session dataTask:(NSURLSessionDataTask *)dataTask willCacheResponse:(NSCachedURLResponse *)proposedResponse completionHandler:(void (^)(NSCachedURLResponse * _Nullable))completionHandler
{
[mDataReceived length];
}
-(void)URLSession:(NSURLSession *)session didBecomeInvalidWithError:(NSError *)error
{
NSLog(#"Error: %#", [error userInfo]);
}
-(void)URLSession:(NSURLSession *)session dataTask:(NSURLSessionDataTask *)dataTask didBecomeStreamTask:(NSURLSessionStreamTask *)streamTask
{
NSLog(#"Did Become Stream Task");
}
- (void)willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential * _Nullable))completionHandler
{
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate])
{
NSArray* paths = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES);
NSString* directoryPath = [paths objectAtIndex:0];
NSString* cacertPath = [directoryPath stringByAppendingPathComponent:#"client.p12"];
NSData *p12data = [NSData dataWithContentsOfFile:cacertPath];
CFDataRef inP12data = (__bridge CFDataRef)p12data;
SecIdentityRef myIdentity;
SecTrustRef myTrust;
extractIdentityAndTrust(inP12data, &myIdentity, &myTrust);
assert(myIdentity != nil);
assert(myTrust != nil);
long count = SecTrustGetCertificateCount(myTrust);
NSMutableArray* myCertificates = nil;
if(count > 0) {
myCertificates = [NSMutableArray arrayWithCapacity:count];
for(int i = 0; i < count; ++i) {
[myCertificates addObject:(__bridge id)SecTrustGetCertificateAtIndex(myTrust, i)];
}
}
SecTrustResultType trustResult;
OSStatus evalResult = SecTrustEvaluate(myTrust, &trustResult);
if (trustResult == kSecTrustResultRecoverableTrustFailure)
{
CFDataRef errDataRef = SecTrustCopyExceptions(myTrust);
SecTrustSetExceptions(myTrust, errDataRef);
evalResult = SecTrustEvaluate(myTrust, &trustResult);
}
NSURLCredential *credential = [NSURLCredential credentialWithIdentity:myIdentity certificates:myCertificates persistence:NSURLCredentialPersistencePermanent];
assert(credential != nil);
NSLog(#"User: %#, certificates %# identity:%#", [credential user], [credential certificates], [credential identity]);
[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
completionHandler(NSURLSessionAuthChallengeUseCredential,credential);
} else {
completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
}
}
OSStatus extractIdentityAndTrust(CFDataRef inP12data, SecIdentityRef *identity, SecTrustRef *trust)
{
OSStatus securityError = errSecSuccess;
CFStringRef password = CFSTR("password");
const void *keys[] = { kSecImportExportPassphrase };
const void *values[] = { password };
CFDictionaryRef options = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL);
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
securityError = SecPKCS12Import(inP12data, options, &items);
if (securityError == 0) {
CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex(items, 0);
const void *tempIdentity = NULL;
tempIdentity = CFDictionaryGetValue(myIdentityAndTrust, kSecImportItemIdentity);
*identity = (SecIdentityRef)tempIdentity;
const void *tempTrust = NULL;
tempTrust = CFDictionaryGetValue(myIdentityAndTrust, kSecImportItemTrust);
*trust = (SecTrustRef)tempTrust;
CFIndex count = CFArrayGetCount(items);
NSLog(#"Certificates found: %ld",count);
}
if (options) {
CFRelease(options);
}
return securityError;
}
#end
Any suggestions, tips or advice gratefully accepted.
Philip
Okay, after some back and forth with a helpful Apple employee and banging a few heads locally to do certs in a sensible way this is the solution I ended up with :-
#import "testSSLClass.h"
#interface testSSLClass()<NSURLConnectionDelegate, NSURLSessionDelegate, NSURLSessionDataDelegate> {
NSString* mDownloadURL;
NSURLSessionConfiguration* mDownloadConfiguration;
NSURLSession* mDownloadSession;
NSURLSessionDataTask* mDownloadTask;
NSMutableData* mDataReceived;
}
#end
#implementation testSSLClass
-(instancetype)init
{
if (self = [super init])
{
mDownloadURL = #"https://your.server.url";
mDownloadConfiguration = [NSURLSessionConfiguration ephemeralSessionConfiguration];
}
return self;
}
-(void)doADownload
{
mDataReceived = [NSMutableData new];
NSURL* URLtoFetch = [NSURL URLWithString:mDownloadURL];
mDownloadSession = [NSURLSession sessionWithConfiguration:mDownloadConfiguration delegate:self delegateQueue:nil];
mDownloadTask = [mDownloadSession dataTaskWithURL:URLtoFetch];
[mDownloadTask resume];
}
-(void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential * _Nullable))completionHandler
{
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate]) {
[self willSendRequestForAuthenticationChallenge:challenge completionHandler:completionHandler];
} else {
completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
}
}
-(void)URLSession:(NSURLSession *)session dataTask:(NSURLSessionDataTask *)dataTask didReceiveData:(NSData *)data
{
NSLog(#"Appending data: %lu bytes", (unsigned long)[data length]);
[mDataReceived appendData:data];
}
-(void)URLSession:(NSURLSession *)session dataTask:(NSURLSessionDataTask *)dataTask willCacheResponse:(NSCachedURLResponse *)proposedResponse completionHandler:(void (^)(NSCachedURLResponse * _Nullable))completionHandler
{
// We got the data.
NSLog(#"Download finished: %lu bytes", (unsigned long)[mDataReceived length]);
completionHandler(NULL);
}
-(void)URLSession:(NSURLSession *)session didBecomeInvalidWithError:(NSError *)error
{
NSLog(#"Error: %#", [error userInfo]);
}
-(void)URLSession:(NSURLSession *)session dataTask:(NSURLSessionDataTask *)dataTask didBecomeStreamTask:(NSURLSessionStreamTask *)streamTask
{
NSLog(#"Did Become Stream Task");
}
- (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task didCompleteWithError:(NSError *)error
{
NSLog(#"Download finished: %lu bytes", (unsigned long)[mDataReceived length]);
if (error) {
NSLog(#"Error: %#", [error userInfo]);
}
}
#pragma NSURLConnection delegate
-(void)connection:(NSURLConnection *)connection didFailWithError:(NSError *)error
{
NSLog(#"Error: %#", [error userInfo]);
}
- (void)willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential * _Nullable))completionHandler
{
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate])
{
NSArray* paths = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES);
NSString* directoryPath = [paths objectAtIndex:0];
NSString* cacertPath = [directoryPath stringByAppendingString:#"/client.p12"];
NSData *p12data = [NSData dataWithContentsOfFile:cacertPath];
CFDataRef inP12data = (__bridge CFDataRef)p12data;
SecIdentityRef myIdentity = nil;
extractIdentity(inP12data, &myIdentity);
assert(myIdentity != nil);
NSURLCredential* credential = [NSURLCredential credentialWithIdentity:myIdentity certificates:nil persistence:NSURLCredentialPersistenceNone];
assert(credential != nil);
NSLog(#"User: %#, certificates %# identity:%#", [credential user], [credential certificates], [credential identity]);
[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];
completionHandler(NSURLSessionAuthChallengeUseCredential,credential);
} else {
completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
}
}
OSStatus extractIdentity(CFDataRef inP12data, SecIdentityRef *identity)
{
OSStatus securityError = errSecSuccess;
CFStringRef password = CFSTR("password");
const void *keys[] = { kSecImportExportPassphrase };
const void *values[] = { password };
CFDictionaryRef options = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL);
CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
securityError = SecPKCS12Import(inP12data, options, &items);
if (securityError == errSecSuccess) {
CFDictionaryRef myIdentityAndTrust = CFArrayGetValueAtIndex(items, 0);
const void *tempIdentity = NULL;
tempIdentity = CFDictionaryGetValue(myIdentityAndTrust, kSecImportItemIdentity);
*identity = (SecIdentityRef)tempIdentity;
CFIndex count = CFArrayGetCount(items);
NSLog(#"Certificates found: %ld",count);
}
if (options) {
CFRelease(options);
}
return securityError;
}
#end
We use a locally downloaded pkcs12 format file which has the private key and the cert to establish an indentity. The cert is now being signed by a public CA which means iOS is all happy and things now work nicely. Hopefully this is useful for someone else banging their head a bit.
I am trying to include orika in my project.
I have BaseEntity & BaseEntityDAO classes which got only Id column.
And those inherited by BaseAuditEntity & BaseAuditEntityDTO classes respectively. These classes have audit columns like created by, created_date, updated_by, updated_datetime.
Then these classes inherited by actual Entity and DTO classes depened whether they got audit columns or not.
I have a BaseServiceBean which takes ParameterizedTypes and have base CRUD implementations. So here I have taken conside this example from orika documentation.
So my problem is I am getting following error message when it is actually mapping the data.....
javax.faces.el.EvaluationException: java.lang.VerifyError: Inconsistent args count operand in invokeinterface
Exception Details:
Location:
ma/glasnost/orika/generated/Orika_UsersDTO_Users_Mapper25974687500962$0.mapAtoB(Ljava/lang/Object;Ljava/lang/Object;Lma/glasnost/orika/MappingContext;)V #59: invokeinterface
Reason:
Error exists in the bytecode
Bytecode:
0000000: 2a2b 2c2d b700 0c2b c000 0e3a 042c c000
0000010: 103a 0519 04b6 0016 c000 1801 a500 2d19
0000020: 052a b400 1e03 32c0 0020 1904 b600 16c0
0000030: 0018 2ab4 0024 0332 c000 26b9 002a 0400
0000040: c000 2cb6 0032 a700 0919 0501 b600 3219
0000050: 04b6 0036 c000 3801 a500 2d19 052a b400
0000060: 1e04 32c0 0020 1904 b600 36c0 0038 2ab4
0000070: 0024 0432 c000 26b9 002a 0400 c000 38b6
0000080: 003c a700 0919 0501 b600 3c19 0519 04b6
0000090: 003f c000 18b6 0043 1905 1904 b600 46c0
00000a0: 0018 b600 4919 0519 04b6 004c c000 18b6
00000b0: 004f 1905 1904 b600 52c0 0018 b600 5519
00000c0: 0519 04b6 005b c000 2cb6 0060 1905 1904
00000d0: b600 63c0 0018 b600 6619 0519 04b6 0069
00000e0: c000 18b6 006c 1905 1904 b600 6fc0 0018
00000f0: b600 7219 0519 04b6 0075 c000 18b6 0078
0000100: 1905 1904 b600 7bc0 0018 b600 7e19 04b6
0000110: 0081 c000 1801 a500 2d19 052a b400 1e03
0000120: 32c0 0020 1904 b600 81c0 0018 2ab4 0024
0000130: 0332 c000 26b9 002a 0400 c000 2cb6 0084
0000140: a700 0919 0501 b600 8419 04b6 0087 c000
0000150: 3801 a500 2d19 052a b400 1e04 32c0 0020
0000160: 1904 b600 87c0 0038 2ab4 0024 0432 c000
0000170: 26b9 002a 0400 c000 38b6 008a a700 0919
0000180: 0501 b600 8a19 0519 04b6 008d c000 18b6
0000190: 0090 1905 1904 b600 93c0 0018 b600 962a
00001a0: b400 9a01 a500 112a b400 9a19 0419 052d
00001b0: b900 9d04 00b1
Stackmap Table:
append_frame(#73,Object[#14],Object[#16])
same_frame(#79)
same_frame(#133)
same_frame(#139)
same_frame_extended(#323)
same_frame(#329)
same_frame(#383)
same_frame(#389)
same_frame(#437)
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:101)
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
at javax.faces.component.UICommand.broadcast(UICommand.java:315)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:646)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1682)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:344)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
at org.apache.logging.log4j.core.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:66)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:357)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:260)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:188)
at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191)
at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168)
at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189)
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838)
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544)
at java.lang.Thread.run(Thread.java:724)
Caused by: java.lang.VerifyError: Inconsistent args count operand in invokeinterface
Exception Details:
Location:
ma/glasnost/orika/generated/Orika_UsersDTO_Users_Mapper25974687500962$0.mapAtoB(Ljava/lang/Object;Ljava/lang/Object;Lma/glasnost/orika/MappingContext;)V #59: invokeinterface
Reason:
Error exists in the bytecode
Bytecode:
0000000: 2a2b 2c2d b700 0c2b c000 0e3a 042c c000
0000010: 103a 0519 04b6 0016 c000 1801 a500 2d19
0000020: 052a b400 1e03 32c0 0020 1904 b600 16c0
0000030: 0018 2ab4 0024 0332 c000 26b9 002a 0400
0000040: c000 2cb6 0032 a700 0919 0501 b600 3219
0000050: 04b6 0036 c000 3801 a500 2d19 052a b400
0000060: 1e04 32c0 0020 1904 b600 36c0 0038 2ab4
0000070: 0024 0432 c000 26b9 002a 0400 c000 38b6
0000080: 003c a700 0919 0501 b600 3c19 0519 04b6
0000090: 003f c000 18b6 0043 1905 1904 b600 46c0
00000a0: 0018 b600 4919 0519 04b6 004c c000 18b6
00000b0: 004f 1905 1904 b600 52c0 0018 b600 5519
00000c0: 0519 04b6 005b c000 2cb6 0060 1905 1904
00000d0: b600 63c0 0018 b600 6619 0519 04b6 0069
00000e0: c000 18b6 006c 1905 1904 b600 6fc0 0018
00000f0: b600 7219 0519 04b6 0075 c000 18b6 0078
0000100: 1905 1904 b600 7bc0 0018 b600 7e19 04b6
0000110: 0081 c000 1801 a500 2d19 052a b400 1e03
0000120: 32c0 0020 1904 b600 81c0 0018 2ab4 0024
0000130: 0332 c000 26b9 002a 0400 c000 2cb6 0084
0000140: a700 0919 0501 b600 8419 04b6 0087 c000
0000150: 3801 a500 2d19 052a b400 1e04 32c0 0020
0000160: 1904 b600 87c0 0038 2ab4 0024 0432 c000
0000170: 26b9 002a 0400 c000 38b6 008a a700 0919
0000180: 0501 b600 8a19 0519 04b6 008d c000 18b6
0000190: 0090 1905 1904 b600 93c0 0018 b600 962a
00001a0: b400 9a01 a500 112a b400 9a19 0419 052d
00001b0: b900 9d04 00b1
Stackmap Table:
append_frame(#73,Object[#14],Object[#16])
same_frame(#79)
same_frame(#133)
same_frame(#139)
same_frame_extended(#323)
same_frame(#329)
same_frame(#383)
same_frame(#389)
same_frame(#437)
at java.lang.Class.getDeclaredConstructors0(Native Method)
at java.lang.Class.privateGetDeclaredConstructors(Class.java:2483)
at java.lang.Class.getConstructor0(Class.java:2793)
at java.lang.Class.newInstance(Class.java:345)
at ma.glasnost.orika.impl.generator.SourceCodeContext.getInstance(SourceCodeContext.java:264)
at ma.glasnost.orika.impl.generator.MapperGenerator.build(MapperGenerator.java:72)
at ma.glasnost.orika.impl.DefaultMapperFactory.buildMapper(DefaultMapperFactory.java:1190)
at ma.glasnost.orika.impl.DefaultMapperFactory.lookupMapper(DefaultMapperFactory.java:651)
at ma.glasnost.orika.impl.DefaultMapperFactory.lookupMapper(DefaultMapperFactory.java:609)
at ma.glasnost.orika.impl.MapperFacadeImpl.resolveMapper(MapperFacadeImpl.java:531)
at ma.glasnost.orika.impl.MapperFacadeImpl.resolveMappingStrategy(MapperFacadeImpl.java:206)
at ma.glasnost.orika.impl.MapperFacadeImpl.map(MapperFacadeImpl.java:694)
at ma.glasnost.orika.impl.MapperFacadeImpl.map(MapperFacadeImpl.java:675)
at za.co.insa.service.UsersServiceBean.getEntityDTO(UsersServiceBean.java:21)
at za.co.insa.service.UsersServiceBean.getEntityDTO(UsersServiceBean.java:15)
at za.co.insa.service.BaseServiceBean.findAll(BaseServiceBean.java:74)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy278.findAll(Unknown Source)
at za.co.insa.utils.LoginController.doLogin(LoginController.java:68)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.sun.el.parser.AstValue.invoke(AstValue.java:275)
at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304)
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40)
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87)
... 68 more
I am getting this error when I am trying to map from Entity to DTO after getting Entity from the DB.
I have found that orika has some dependencies and I have to add them in pom.xml.
<!-- Orika-->
<dependency>
<groupId>ma.glasnost.orika</groupId>
<artifactId>orika-core</artifactId>
<version>1.4.5-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>javassist</groupId>
<artifactId>javassist</artifactId>
<version>3.12.1.GA</version>
</dependency>
<dependency>
<groupId>com.thoughtworks.paranamer</groupId>
<artifactId>paranamer</artifactId>
<version>2.3</version>
</dependency>
<dependency>
<groupId>com.googlecode.concurrentlinkedhashmap</groupId>
<artifactId>concurrentlinkedhashmap-lru</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>com.carrotsearch</groupId>
<artifactId>java-sizeof</artifactId>
<version>0.0.4</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.5</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.5</version>
</dependency>
Abover mentioned are the dependecies. Don't know which one exactly solves the problem and doesn't know whether we need all these.
Thanks