DCNSBasicAuthentication Class Reference

Inherits from NSObject
Conforms to DCNSConnectionDelegate
Declared in DCNSBasicAuthentication.h

Overview

The general idea of this object is that it will implement some basic access controls, which entail a username and password combo, along with providing some encryption to the payload of each message.

It is expected for the user to provide their own authentication modules, as this will allow for implementing more secure access controls; both to authenticate the client to the server, and the server’s responses to the client.

Warning: Be aware that authentication of access controls will occur for each message recieved/sent.

Warning: Passwords sent for access controls will NOT be one-way hashed. It is expected for the user to do this.

Initialisation

+ createAuthenticationModuleWithUsername:andPassword:

Creates a new authentication module that will have the username and password fields checked on the server.

+ (instancetype)createAuthenticationModuleWithUsername:(NSString *)username andPassword:(NSString *)password

Parameters

username

The username

password

The password; you are expected to one-way hash this before passing to this method.

Return Value

Initialised module

Declared In

DCNSBasicAuthentication.h

+ createAuthenticationModuleForServerWithUsernamesAndPasswords:

Creates a new authentication module that will utilise data about the current server for the client to authenticate, and will authenticate clients.

+ (instancetype)createAuthenticationModuleForServerWithUsernamesAndPasswords:(NSDictionary *)credentials

Parameters

credentials

Dictionary of plaintext usernames that map to passwords. You are expected be using one-way hashed passwords before passing them here.

Return Value

Initialised module

Declared In

DCNSBasicAuthentication.h

+ createAuthenticationModuleWithTransportEncryptionOnly:

Creates a new authentication module that will encrypt data sent between the two parties. This does not implement any form of access control, and the key used to encrypt data is the session key generated by the system.

+ (instancetype)createAuthenticationModuleWithTransportEncryptionOnly:(DCNSBasicEncryptionMode)mode

Parameters

mode

The mode of encryption to use.

Return Value

Initialised module

Declared In

DCNSBasicAuthentication.h

Configuration

  encryptionMode

Specifies which mode of encryption to use on messages. By default, this is ChaCha20.

@property (nonatomic, readwrite) DCNSBasicEncryptionMode encryptionMode

Declared In

DCNSBasicAuthentication.h

  useMessageAuthentication

Toggles the use of Poly1305 to authenticate decrypted messages. By default, this is enabled.

@property (nonatomic, readwrite) BOOL useMessageAuthentication

Declared In

DCNSBasicAuthentication.h