Hello,
We are doing TLS with mutual authentication.
To do this, we use the method didReceiveChallenge and after SecPKCS12Import, we have the requirements of the URLCredential constructor.
And everything works like a charm.
Now, we have a probleme : the private key cannot be export.
This private key is in a NFC document.
Finally, this is my question :
How to send the "Certificate Verify" message that contains a digitally signed copy of the previous handshake message.
This message is signed using the client certificate's private key. The server can validate the message digest of the digital signature by using the client's public key (which is found in the client certificate). Once the digital signature is validated, the server knows that the public key belonging to the client matches the private key used to create the signature.
We can ask to the card to sign data, we know how to do that, but I don't see a way to provide this data to the URLSession, except using URLCredential that needs the privateKey.
I've already take a look on the Network Framework
https://developer.apple.com/documentation/network?language=swift
https://developer.apple.com/documentation/network/nwprotocoltls
https://developer.apple.com/documentation/network/security_options?language=swift
But found nothing interesting.
Do you have any idea ?
Regards,
Greg.