From 473cbed6dd62adacdeb7f5e8e6372163ca133814 Mon Sep 17 00:00:00 2001 From: James Go Date: Tue, 3 Oct 2017 17:31:43 -0700 Subject: [PATCH] US399506 : [iOS] MQTT Integration MAS Connecta CA public Cert --- MASFoundation/Classes/MQTT/MASMQTTClient.m | 4 +- .../_private_/services/file/MASFileService.m | 4 +- .../services/model/MASModelService.m | 6 +-- .../services/security/MASSecurityService.h | 12 +++--- .../services/security/MASSecurityService.m | 37 ++++++++++--------- 5 files changed, 32 insertions(+), 31 deletions(-) diff --git a/MASFoundation/Classes/MQTT/MASMQTTClient.m b/MASFoundation/Classes/MQTT/MASMQTTClient.m index 732fc50a..66a40447 100644 --- a/MASFoundation/Classes/MQTT/MASMQTTClient.m +++ b/MASFoundation/Classes/MQTT/MASMQTTClient.m @@ -844,13 +844,13 @@ - (void)setupTLSWithServerCert:(NSString *)certPath withClientCert:(NSString *)c // if (!certPath) { - thisFile = [[MASSecurityService sharedService] getClientCertificate]; + thisFile = [[MASSecurityService sharedService] getServerCertificate]; certPath = [thisFile filePath]; //[[MASFile findFileWithName:@"MAS.crt"] filePath]; } if (!clientCertPath) { - thisFile = [[MASSecurityService sharedService] getSignedCertificate]; + thisFile = [[MASSecurityService sharedService] getDeviceClientCertificate]; clientCertPath = [thisFile filePath]; //[[MASFile findFileWithName:@"MASSigned.crt"] filePath]; } diff --git a/MASFoundation/Classes/_private_/services/file/MASFileService.m b/MASFoundation/Classes/_private_/services/file/MASFileService.m index e10ef761..8e0abe97 100644 --- a/MASFoundation/Classes/_private_/services/file/MASFileService.m +++ b/MASFoundation/Classes/_private_/services/file/MASFileService.m @@ -57,7 +57,7 @@ - (NSString *)debugDescription // // ServerCertificate // - MASFile *file = [[MASSecurityService sharedService] getClientCertificate]; //[self findFileWithName:MASCertificate]; + MASFile *file = [[MASSecurityService sharedService] getServerCertificate]; //[self findFileWithName:MASCertificate]; if(file) { filesFound = YES; @@ -68,7 +68,7 @@ - (NSString *)debugDescription // // SignedCertificate // - file = [[MASSecurityService sharedService] getSignedCertificate]; //[self findFileWithName:MASSignedCertificate]; + file = [[MASSecurityService sharedService] getDeviceClientCertificate]; //[self findFileWithName:MASSignedCertificate]; if(file) { filesFound = YES; diff --git a/MASFoundation/Classes/_private_/services/model/MASModelService.m b/MASFoundation/Classes/_private_/services/model/MASModelService.m index 92284303..c92d2796 100644 --- a/MASFoundation/Classes/_private_/services/model/MASModelService.m +++ b/MASFoundation/Classes/_private_/services/model/MASModelService.m @@ -1309,10 +1309,10 @@ - (void)renewClientCertificateWithCompletion:(MASCompletionErrorBlock)completion [[MASAccessService sharedService] setAccessValueNumber:[NSNumber numberWithInt:0] withAccessValueType:MASAccessValueTypeSignedPublicCertificateExpirationDate]; // - // Remove signedCertificate MASFile for re-generation + // Remove device's client MASFile for re-generation // - MASFile *signedCertificate = [[MASSecurityService sharedService] getSignedCertificate]; - [MASFile removeItemAtFilePath:[signedCertificate filePath]]; + MASFile *deviceClientCert = [[MASSecurityService sharedService] getDeviceClientCertificate]; + [MASFile removeItemAtFilePath:[deviceClientCert filePath]]; // // Updated with latest info diff --git a/MASFoundation/Classes/_private_/services/security/MASSecurityService.h b/MASFoundation/Classes/_private_/services/security/MASSecurityService.h index c252cfd1..a6f6d291 100644 --- a/MASFoundation/Classes/_private_/services/security/MASSecurityService.h +++ b/MASFoundation/Classes/_private_/services/security/MASSecurityService.h @@ -83,20 +83,20 @@ # pragma mark - MASFile Security /** - * Generate MASFile object for current gateway's signed certificate. + * Generate MASFile object for current device's client certificate. * - * @return Returns MASFile object of signed certificate for current configuration's gateway. + * @return Returns MASFile object of device's client for current configuration's gateway. */ -- (MASFile *)getSignedCertificate; +- (MASFile *)getDeviceClientCertificate; /** - * Generate MASFile object for current gateway's client certificate. + * Generate MASFile object for current gateway's server certificate. * - * @return Returns MASFile object of client certificate for current configuration's gateway. + * @return Returns MASFile object of server certificate for current configuration's gateway. */ -- (MASFile *)getClientCertificate; +- (MASFile *)getServerCertificate; diff --git a/MASFoundation/Classes/_private_/services/security/MASSecurityService.m b/MASFoundation/Classes/_private_/services/security/MASSecurityService.m index 594573c5..c3d46a1d 100644 --- a/MASFoundation/Classes/_private_/services/security/MASSecurityService.m +++ b/MASFoundation/Classes/_private_/services/security/MASSecurityService.m @@ -415,7 +415,7 @@ - (NSData *)publicKeyBits # pragma mark - MASFile Security -- (MASFile *)getSignedCertificate +- (MASFile *)getDeviceClientCertificate { NSString *gatewayIdentifier = [[[MASConfiguration currentConfiguration].gatewayUrl.absoluteString stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding] stringByReplacingOccurrencesOfString:@"https://" withString:@""]; MASFile *signedCert = [MASFile findFileWithName:[NSString stringWithFormat:@"%@.%@", gatewayIdentifier, MASSignedCertificate]]; @@ -435,7 +435,7 @@ - (MASFile *)getSignedCertificate } -- (MASFile *)getClientCertificate +- (MASFile *)getServerCertificate { NSString *gatewayIdentifier = [[[MASConfiguration currentConfiguration].gatewayUrl.absoluteString stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding] stringByReplacingOccurrencesOfString:@"https://" withString:@""]; MASFile *clientCert = [MASFile findFileWithName:[NSString stringWithFormat:@"%@.%@", gatewayIdentifier, MASCertificate]]; @@ -446,17 +446,18 @@ - (MASFile *)getClientCertificate // Create the public server certificate file // NSArray *certs = [[MASConfiguration currentConfiguration] gatewayCertificatesAsPEMData]; - if(certs.count > 0) + NSMutableData *certificateData = [NSMutableData data]; + + for (NSData *cert in certs) + { + [certificateData appendData:cert]; + [certificateData appendData:[@"\n" dataUsingEncoding:NSUTF8StringEncoding]]; + } + + if (certificateData) { - NSData *certificateData = certs[0]; - - //DLog(@"\n\nServer Certificate class is: %@\n\n and value: %@\n\n", [[certificateData class] debugDescription], certificateData); - - if(certificateData) - { - clientCert = [MASFile fileWithName:[NSString stringWithFormat:@"%@.%@", gatewayIdentifier, MASCertificate] contents:certificateData]; - [clientCert save]; - } + clientCert = [MASFile fileWithName:[NSString stringWithFormat:@"%@.%@", gatewayIdentifier, MASCertificate] contents:certificateData]; + [clientCert save]; } } @@ -496,22 +497,22 @@ - (MASFile *)getPrivateKey - (void)removeAllFiles { MASFile *privateKey = [self getPrivateKey]; - MASFile *clientCert = [self getClientCertificate]; - MASFile *signedCert = [self getSignedCertificate]; + MASFile *serverCert = [self getServerCertificate]; + MASFile *deviceClientCert = [self getDeviceClientCertificate]; if ([privateKey filePath]) { [MASFile removeItemAtFilePath:[privateKey filePath]]; } - if ([clientCert filePath]) + if ([serverCert filePath]) { - [MASFile removeItemAtFilePath:[clientCert filePath]]; + [MASFile removeItemAtFilePath:[serverCert filePath]]; } - if ([signedCert filePath]) + if ([deviceClientCert filePath]) { - [MASFile removeItemAtFilePath:[signedCert filePath]]; + [MASFile removeItemAtFilePath:[deviceClientCert filePath]]; } }