Is it possible using the network framework to retrieve the list of certificates presented by the host alone, and not the reconstructed chain assembled by the system? For example, in OpenSSL one can call SSL_get_peer_cert_chain which will return exactly this - a list of the certificates presented by the server. This is useful for when you may want to manually reconstruct the chain, or if the server is misconfigured (for example, is missing an intermediate cert). Is something like this possible with the network framework? If I connect to a host that I know only returns 1 certificate, the trust ref already has the reconstructed chain by the time my code is called: sec_protocol_options_set_verify_block(tlsOptions.securityProtocolOptions, { metadata, trustRef, verifyComplete in let trust = sec_trust_copy_ref(trustRef).takeRetainedValue() let numberOfCertificates = SecTrustGetCertificateCount(trust) // Returns 3 even though the server only sent 1

I want to build a Swift library package that uses modified build of OpenSSL and Curl. I have already statically compiled both and verified I can use them in an Objective-C framework on my target platform (iOS & iOS Simulator). I'm using XCFramework files that contain the static library binaries and headers: openssl.xcframework/ ios-arm64/ openssl.framework/ Headers/ [...] openssl ios-arm64_x86_64-simulator/ openssl.framework/ Headers/ [...] openssl Info.plist I'm not sure how I'm supposed to set up my Swift package to import these libraries. I can use .systemLibrary but that seems to use the embedded copies of libssl and libcurl on my system, and I can't figure out how to use the path: parameter to that. I also tried using a .binaryTarget pointing to the XCFramework files, but that didn't seem to work as there is no module generated and I'm not sure how to make one myself. At a basic high level, this is what I'm trying to accomplish: where libcrypto & libssl come from the provided openssl.xcframework file, and libcurl from curl.xcframework

Running through the tutorial on how to sign data using security.framework, I was trying to understand the format Apple is using & wanting for signatures (as this isn't documented anywhere): https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/signing_and_verifying?language=objc I've learned the format of the signatures are just ASN.1 objects, with EC signatures being a sequence of the R and S coordinates as ASN.1 integers. However, I am noticing when using SecKeyCreateSignature that either the R or S value will always be prepended with an extra byte. For example: 30 45 02 20 66 B7 4C FB FC A0 26 E9 42 50 E8 B4 E3 A2 99 F1 8B A6 93 31 33 E8 7B 6F 95 D7 28 77 52 41 CC 28 02 21 00 E2 01 CB A1 4C AD 42 20 A2 ^^ why is this here? 66 A5 94 F7 B2 2F 96 13 A8 C5 8B 35 C8 D5 72 A0 3D 41 81 90 3D 5A 91 This is a ASN.1 sequence, first is a 32-byte integer and second is a 33-byte integer. Why is that 00 byte being prepended to the integer? Why is it sometimes the R and sometimes the S? Removing it causes SecKeyVerifySignature to fail, so obviously it's required, but I need to know the logic here as I'm having to hand-craft these ASN.1 objects as all I have are the raw R and S values.

I am trying to fix an annoying issue here a list of navigation links will shift if the user taps on one of the links after scrolling down. Notice how after I scroll down a bit and tap on item 60 - the entire list jumps down as the transition to the new view plays out. This is the source to reproduce the issue. Note that it only happens after you've scrolled down a bit. import SwiftUI struct ContentView: View { let items = generateItems() var body: some View { NavigationStack { List(items, id: \.self) { item in NavigationLink { Text(item) } label: { Text(item) } } .navigationTitle("Items") } } } #Preview { ContentView() } func generateItems() -> [String] { var items: [String] = [] for i in 1...1000 { items.append("\(i)") } return items }

My app depends on two frameworks that I don't want to check-in to source. Previously, when I was using traditional frameworks, I had a run script phase in the build steps that would compile the frameworks. This worked well as the first time one would try to build the app it would also build the needed frameworks. However, after switching to xcframeworks, this no longer works. Even though the run script phase is before the compile and link steps - the build still fails because the frameworks don't exist yet. Is there a workaround for this, or have I encountered a bug?

After updating to Xcode 14 I can no longer compile my app which targets iOS 9.3. Nothing in my source changed. The build fails because my project depends on the Swift package https://github.com/Wevah/IDNA-Cocoa, that package specifically support iOS 9 as indicated in the Package.swift file: platforms: [.macOS(.v10_11), .iOS(.v9), .tvOS(.v9), .watchOS(.v2)], However, when I build my app it fails with the following error: URL+Encode.swift:2:8: error build: Compiling for iOS 9.3, but module 'IDNA' has a minimum deployment target of iOS 11.0: <>/Build/Products/Debug-iphoneos/IDNA.swiftmodule/arm64-apple-ios.swiftmodule Which doesn't make sense, as it doesn't have a minimum target of iOS 11, and this worked just fine moments ago on Xcode 13. Removing the import and the app compiles just fine, even targeting iOS 9. Is this a bug?

Is it possible to extract the master key from a TLS session when using the network framework? libssl 1.1.1 and newer offers a native way using SSL_CTX_set_keylog_callback, does the network framework offer something similar? The master key is quite useful for debugging TLS connections as it can be fed into programs like Wireshark to decrypt captured messages.