Classes

The following classes are available globally.

  • A class that mainly acts as a namespace for HTTP-related functionality.

    See more

    Declaration

    Swift

    public class Http
    Show on GitHub

Encryption

  • This class offers a key-value storage, where the values are encrypted and the keys are hashed, with a private hashing function. The key-value storage backend cannot link keys or values with others, assuming there are multiple users, using the same backend. If a network is used, an anonymous communication network should be used in order to avoid linkability through traffic data.

    Warning

    The values are not protected by padding, meaning that the backend provider could still guess the content based on its size.

    Warning

    There is no access protection of the keys. The sole protection is, that nobody can get your keys. The values are protected by encryption, so confidentiality and integrity are protected, but availability is not. The backend provider, who knows which keys are stored in the backend, could delete or overwrite them.

    See more

    Declaration

    Swift

    public class SecureKeyValueStorage
    Show on GitHub

  • With this class you can connect to a target through a Shalon proxy. Connections to the proxy and connections to the target will each be encrypted using TLS. This means that your ISP or other people in your network cannot observe to which target you connect, because they only see connections to the proxy. The proxy itself does not see the content of your requests to the target. The target will only see the proxy’s IP address (except if the IP address is otherwise embedded into the request).

    This implementation supports multiple hops. Simply add other layers.

    In order to use Shalon proxies with your URLSession connections, please take look at ShalonURLProtocol.

    Examples

    let proxy1 = Target(withHostname: "shalon1.jondonym.net", andPort: 443)!
let proxy2 = Target(withHostname: "shalon2.jondonym.net", andPort: 443)!
let proxy3 = Target(withHostname: "shalon3.jondonym.net", andPort: 443)!
let target = Target(withHostname: "www.example.com", andPort: 443)!

let shalon = Shalon(withTarget: target)

shalon.addLayer(proxy3)
shalon.addLayer(proxy2)
shalon.addLayer(proxy1)

shalon.issue(request: Request(withMethod: .head, andUrl: url)!) {
    optionalResponse, optionalError in
    // TODO Do something
}

    This will establish a nested tunnel, where proxy1 cannot see what the client sends to proxy2, as depicted:

    client           proxy1           proxy2           proxy3          target
|                |                |                |               |
+----------------+                |                |               |
| CONNECT proxy2 |                |                |               |
+---------------------------------+                |               |
|                  CONNECT proxy3 |                |               |
+--------------------------------------------------+               |
|                                   CONNECT proxy4 |               |
+------------------------------------------------------------------+
|                                                    HEAD /        |
+------------------------------------------------------------------+
|                                                  |               |
+--------------------------------------------------+               |
|                                 |                |               |
+---------------------------------+                |               |
|                |                |                |               |
+----------------+                |                |               |
|                |                |                |               |
    See more

    Declaration

    Swift

    public class Shalon : NSObject, StreamDelegate
    Show on GitHub

  • A URLProtocol that adds support for Shalon by specifying URLs in the following format: httpss://proxy:port/target:port/index.html. To use more than one proxy (up to three), e.g., use httpssss://proxy1/proxy2/proxy3/target/index.html for connecting via three proxies.

    In order to support the protocol, it needs to be added to the URLSessionConfiguration first:

    let configuration = URLSessionConfiguration.ephemeral
configuration.protocolClasses?.append(ShalonURLProtocol.self)

    Examples

    let configuration = URLSessionConfiguration.ephemeral
configuration.protocolClasses?.append(ShalonURLProtocol.self)

let session = URLSession(configuration: configuration)
let url = URL(string: "httpss://shalon1.jondonym.net/example.com/")!
let task = session.dataTask(with: url) {
    optionalUrl, optionalResponse, optionalError in

    // Handle response
}
    See more

    Declaration

    Swift

    public class ShalonURLProtocol : URLProtocol
    Show on GitHub

  • This class can be used to share secrets with other devices. A cover image, that can be set using Interface builder will be displayed and the QR code will only be uncovered if the user taps or clicks on the image view and has authenticated himself.

    If the cover image is shown, then the user will be asked to authenticate himself as the owner of the device, e.g., by using Face/Touch ID or by asking for the device passcode. The authentication is performed by using the LocalAuthentication framework. Therefore the authentication credentials will be handled by the operating system an cannot be intercepted by the application.

    If the confidential value is shown, tapping on it will invalidate the authentication context. Therefore, in order to display the confidential value again, the user has to authenticate as the device owner anew.

    See more

    Declaration

    Swift

    public class ConfidentialQrCodeView : ImageView
    Show on GitHub