Last active
October 28, 2017 15:43
-
-
Save ahadcove/798ad9578f22c5ecce74804adb9234b6 to your computer and use it in GitHub Desktop.
NEVPNManager Setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#define kKeychainServiceName @"me.app.vpn"; | |
#define kKeychainPassword @"mykeypass"; | |
#import "VpnLoad.h" | |
@import NetworkExtension; | |
@implementation VpnLoad | |
// This is how I save the pass to my keychain before hand. I don't think it works though or i'm setting it up wrong | |
- (void)saveToKey:(NSString *)identifier | |
{ | |
NSData *passData = [@"mypassword" dataUsingEncoding:NSUTF8StringEncoding]; // I'm not sure if I should be using the same pass here as when I load it or not | |
NSMutableDictionary *searchDictionary = [[NSMutableDictionary alloc] init]; | |
NSData *encodedIdentifier = [identifier dataUsingEncoding:NSUTF8StringEncoding]; // This is always null for some reason | |
searchDictionary[(__bridge id)kSecClass] = (__bridge id)kSecClassGenericPassword; | |
searchDictionary[(__bridge id)kSecAttrGeneric] = encodedIdentifier; | |
searchDictionary[(__bridge id)kSecAttrAccount] = encodedIdentifier; | |
searchDictionary[(__bridge id)kSecAttrService] = kKeychainServiceName; // This kKeycahinServiceName is at the top of the file | |
searchDictionary[(__bridge id)kSecMatchLimit] = (__bridge id)kSecMatchLimitOne; | |
searchDictionary[(__bridge id)kSecValueData] = passData; | |
CFTypeRef result = NULL; | |
OSStatus status = SecItemAdd((__bridge CFDictionaryRef)(searchDictionary), &result); | |
if (status != noErr) { NSLog(@"Fell into an error"); } | |
} | |
// This is where we search for the key we saved earlier and return it when found. It think my problem may have to do something | |
// with the encoded Identifier. I tried seeing if it returned anything and it was null | |
- (NSData *)searchKeychainCopyMatching:(NSString *)identifier | |
{ | |
NSMutableDictionary *searchDictionary = [[NSMutableDictionary alloc] init]; | |
NSData *encodedIdentifier = [identifier dataUsingEncoding:NSUTF8StringEncoding]; | |
searchDictionary[(__bridge id)kSecClass] = (__bridge id)kSecClassGenericPassword; | |
searchDictionary[(__bridge id)kSecAttrGeneric] = encodedIdentifier; | |
searchDictionary[(__bridge id)kSecAttrAccount] = encodedIdentifier; | |
searchDictionary[(__bridge id)kSecAttrService] = kKeychainServiceName; | |
searchDictionary[(__bridge id)kSecMatchLimit] = (__bridge id)kSecMatchLimitOne; | |
searchDictionary[(__bridge id)kSecReturnPersistentRef] = @YES; | |
CFTypeRef result = NULL; | |
SecItemCopyMatching((__bridge CFDictionaryRef)searchDictionary, &result); | |
return (__bridge_transfer NSData *)result; | |
} | |
// How I set up the connection with which calls the above search key at sharedSecretReference | |
- (void)setupIPSec: (NSDictionary *) config | |
{ | |
NEVPNProtocolIPSec *p = [[NEVPNProtocolIPSec alloc] init]; | |
p.username = [config objectForKey: @"username"]; | |
// Theres two ways to set up password reference, this way if by the keychain, but I used just a password below p.passwordReference = [self searchKeychainCopyMatching:kPasswordReference]; | |
p.passwordReference = [config objectForKey: @"password"]; | |
p.serverAddress = [config objectForKey: @"ip"]; | |
p.authenticationMethod = NEVPNIKEAuthenticationMethodSharedSecret; | |
p.sharedSecretReference = [self searchKeychainCopyMatching:[config objectForKey: @"psk"]]; // **** This is what's causing the problems | |
p.disconnectOnSleep = NO; | |
p.localIdentifier = @"myappLocal"; | |
p.remoteIdentifier = @"myappRemote"; | |
p.useExtendedAuthentication = YES; | |
[[NEVPNManager sharedManager] setProtocolConfiguration:p]; | |
[[NEVPNManager sharedManager] setOnDemandEnabled:NO]; | |
[[NEVPNManager sharedManager] setLocalizedDescription:@"My-VPN-App"]; | |
[[NEVPNManager sharedManager] setEnabled:YES]; | |
} | |
@end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment