From 75f5591fe05bdf7ea95cfb4c53f323f42f73e4d9 Mon Sep 17 00:00:00 2001
From: nielsandriesse <andriesseniels@gmail.com>
Date: Wed, 7 Apr 2021 09:25:45 +1000
Subject: [PATCH] Store certificates in DER format

---
 Session.xcodeproj/project.pbxproj                |  12 ++++++++++++
 .../Meta/Certificates/public-loki-foundation.der | Bin 0 -> 1051 bytes
 Session/Meta/Certificates/storage-seed-1.der     | Bin 0 -> 1013 bytes
 Session/Meta/Certificates/storage-seed-3.der     | Bin 0 -> 1013 bytes
 SessionSnodeKit/SnodeAPI.swift                   |   2 +-
 SessionUtilitiesKit/Networking/HTTP.swift        |   6 +++---
 6 files changed, 16 insertions(+), 4 deletions(-)
 create mode 100644 Session/Meta/Certificates/public-loki-foundation.der
 create mode 100644 Session/Meta/Certificates/storage-seed-1.der
 create mode 100644 Session/Meta/Certificates/storage-seed-3.der

diff --git a/Session.xcodeproj/project.pbxproj b/Session.xcodeproj/project.pbxproj
index b074e7c2a..917bce74b 100644
--- a/Session.xcodeproj/project.pbxproj
+++ b/Session.xcodeproj/project.pbxproj
@@ -676,6 +676,9 @@
 		C38EF40B255B6DF7007E1867 /* TappableStackView.swift in Sources */ = {isa = PBXBuildFile; fileRef = C38EF3ED255B6DF6007E1867 /* TappableStackView.swift */; };
 		C38EF40C255B6DF7007E1867 /* GradientView.swift in Sources */ = {isa = PBXBuildFile; fileRef = C38EF3EE255B6DF6007E1867 /* GradientView.swift */; };
 		C38EF48A255B7E3F007E1867 /* SessionUIKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = C331FF1B2558F9D300070591 /* SessionUIKit.framework */; };
+		C3A01E05261D24C400290BEB /* public-loki-foundation.der in Resources */ = {isa = PBXBuildFile; fileRef = C3A01E02261D24C400290BEB /* public-loki-foundation.der */; };
+		C3A01E06261D24C400290BEB /* storage-seed-1.der in Resources */ = {isa = PBXBuildFile; fileRef = C3A01E03261D24C400290BEB /* storage-seed-1.der */; };
+		C3A01E07261D24C400290BEB /* storage-seed-3.der in Resources */ = {isa = PBXBuildFile; fileRef = C3A01E04261D24C400290BEB /* storage-seed-3.der */; };
 		C3A3A08F256E1728004D228D /* FullTextSearchFinder.swift in Sources */ = {isa = PBXBuildFile; fileRef = C33FDB7F255A581100E217F9 /* FullTextSearchFinder.swift */; };
 		C3A3A0EC256E1949004D228D /* OWSRecipientIdentity.m in Sources */ = {isa = PBXBuildFile; fileRef = C33FDBEC255A581B00E217F9 /* OWSRecipientIdentity.m */; };
 		C3A3A0F5256E194C004D228D /* OWSRecipientIdentity.h in Headers */ = {isa = PBXBuildFile; fileRef = C33FDAA0255A57FF00E217F9 /* OWSRecipientIdentity.h */; settings = {ATTRIBUTES = (Public, ); }; };
@@ -1712,6 +1715,9 @@
 		C396469E2509D40400B0B9F5 /* vi-VN */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = "vi-VN"; path = "vi-VN.lproj/Localizable.strings"; sourceTree = "<group>"; };
 		C396469F2509D41100B0B9F5 /* id-ID */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = "id-ID"; path = "id-ID.lproj/Localizable.strings"; sourceTree = "<group>"; };
 		C39DD28724F3318C008590FC /* Colors.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Colors.xcassets; sourceTree = "<group>"; };
+		C3A01E02261D24C400290BEB /* public-loki-foundation.der */ = {isa = PBXFileReference; lastKnownFileType = file; path = "public-loki-foundation.der"; sourceTree = "<group>"; };
+		C3A01E03261D24C400290BEB /* storage-seed-1.der */ = {isa = PBXFileReference; lastKnownFileType = file; path = "storage-seed-1.der"; sourceTree = "<group>"; };
+		C3A01E04261D24C400290BEB /* storage-seed-3.der */ = {isa = PBXFileReference; lastKnownFileType = file; path = "storage-seed-3.der"; sourceTree = "<group>"; };
 		C3A3A170256E1D25004D228D /* SSKReachabilityManager.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SSKReachabilityManager.swift; sourceTree = "<group>"; };
 		C3A71D0A2558989C0043A11F /* MessageWrapper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = MessageWrapper.swift; sourceTree = "<group>"; };
 		C3A71D1C25589AC30043A11F /* WebSocketProto.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = WebSocketProto.swift; sourceTree = "<group>"; };
@@ -2194,8 +2200,11 @@
 			isa = PBXGroup;
 			children = (
 				B81D25B826157F20004D1FE1 /* public-loki-foundation.crt */,
+				C3A01E02261D24C400290BEB /* public-loki-foundation.der */,
 				B81D25B726157F20004D1FE1 /* storage-seed-1.crt */,
+				C3A01E03261D24C400290BEB /* storage-seed-1.der */,
 				B81D25B926157F20004D1FE1 /* storage-seed-3.crt */,
+				C3A01E04261D24C400290BEB /* storage-seed-3.der */,
 			);
 			path = Certificates;
 			sourceTree = "<group>";
@@ -4212,6 +4221,7 @@
 				B6F509971AA53F760068F56A /* Localizable.strings in Resources */,
 				B633C59D1A1D190B0059AC12 /* endcall@2x.png in Resources */,
 				FC5CDF391A3393DD00B47253 /* error_white@2x.png in Resources */,
+				C3A01E05261D24C400290BEB /* public-loki-foundation.der in Resources */,
 				B633C5D21A1D190B0059AC12 /* savephoto@2x.png in Resources */,
 				B10C9B611A7049EC00ECA2BF /* play_icon.png in Resources */,
 				AD83FF401A73426500B5C81A /* audio_pause_button_blue@2x.png in Resources */,
@@ -4241,6 +4251,7 @@
 				45B74A882044AAB600CD42F8 /* aurora.aifc in Resources */,
 				45B74A742044AAB600CD42F8 /* aurora-quiet.aifc in Resources */,
 				45B74A852044AAB600CD42F8 /* bamboo.aifc in Resources */,
+				C3A01E06261D24C400290BEB /* storage-seed-1.der in Resources */,
 				45B74A782044AAB600CD42F8 /* bamboo-quiet.aifc in Resources */,
 				45B74A7B2044AAB600CD42F8 /* chord.aifc in Resources */,
 				C33FD4E9255A149100E217F9 /* Colors.xcassets in Resources */,
@@ -4270,6 +4281,7 @@
 				C3CA3AC8255CDB2900F4C6D4 /* spanish.txt in Resources */,
 				34B6A90B218BA1D1007C4606 /* typing-animation.gif in Resources */,
 				B8FF8E6225C10DA5004D1F22 /* GeoLite2-Country-Blocks-IPv4 in Resources */,
+				C3A01E07261D24C400290BEB /* storage-seed-3.der in Resources */,
 				45B74A802044AAB600CD42F8 /* pulse-quiet.aifc in Resources */,
 				45B74A8B2044AAB600CD42F8 /* synth.aifc in Resources */,
 				45B74A752044AAB600CD42F8 /* synth-quiet.aifc in Resources */,
diff --git a/Session/Meta/Certificates/public-loki-foundation.der b/Session/Meta/Certificates/public-loki-foundation.der
new file mode 100644
index 0000000000000000000000000000000000000000..bf277ea9ac906538ec5ef0788f7dde65b980a993
GIT binary patch
literal 1051
zcmXqLVi7lJV*0;;nTe5!Nks0{x&CKQ^4a(Ge_vbMs`jb6dH-JnUN%mxHjlRNyo`+8
ztPBQ?vkbWnIN6v(S=fY`977ES4fsJE4jzuM%;b{%qRd1?Ap-%B5IYa2Z)#3berZu&
zs-dcZGDwVzN5;P*HBTX+D6=dvxl$n{H914UEx$A`C9xzkKhIF!Ko+EonMbUkG$|)D
zSuZC)J5w(Wp+Lq!3ho|GMls&3#NzxshkT%!dYSnKa^k#3h6W}Eh6V=4mZs)WK&~+o
zcW^ttiBSnTuo+nyn41{+84Q{jxtN+585yqM5Nq-O%(#o;O;Y#9^rop_DlOS3JmHzC
z&+E4#viMiU)MfofJ)LtWDL;{oHtiF=TFg|`p{mRnW4nG+>e(AFrt5x-54XLsbmvL0
z%Udiyom2~dw)M)S?Z(<BEW$_pU*`OCefPh%`c;6v#i8e!LNX~2en_|LDhVZSGCJD+
zaK%dbqJ&#B#A>e=a!OrD4i1#4h-r3vbWUgMSIHee#qVv{;=5J7_TPVAgN*M&K0W6a
zuUO|+kpDe0LBQg6KrX{a^*!IT3+EkC`>$KEjp>oNxkUI6qcSh;$rUWg<#+G@4qn^T
zrL_HM##uGR@|8{=XKj<7xk)qBEj_KD)xqOEyX=Jap8MrY%!~|-i-QdU!D&R6k420{
zWc|J=C;q*e^)|Uey!}!1=7+AgL_H1Ufk{YKnMJ}ttO2_MP>PimW@P-&!fL<_q>zIh
zn8ty@&d9*6uh0DbnC;p8{AV%#-`cr<ds@0}dzXIBy?}QQ(+{mEYbo1~KUVUSH}diP
zd~(H*U0{ND@SDV^8quy-veq*HyZ6@iu_Ock^?TJFJU?san`PVYdAsh4cZQCpiZ5Hl
znf|`_#e7ffgqW_FpX+~GQ?umHe%bWZF(w<P7Q`>DKfB!OL+T@e?>`gQ$yg;@6(m_`
ze~sQ9YkoZV(rvc&rl;04NS*riH(?d0tfBLIg)8wl53JgG%<fQ4j%?Ph_{)tile`u#
zSa82&`;`>u`rnzWW-;n>Ok_x^o_Bo{YwAUzzrUWXJ^gj{%><Wg|9`A370O-0b=$O$
V`PTb&SLWoII$oLY&mg8)0RWuQkY@k@

literal 0
HcmV?d00001

diff --git a/Session/Meta/Certificates/storage-seed-1.der b/Session/Meta/Certificates/storage-seed-1.der
new file mode 100644
index 0000000000000000000000000000000000000000..8c7f41f84559f602d3d48e73293660d336b20794
GIT binary patch
literal 1013
zcmXqLV*Y5*#B_53GZP~dlZXgI@cKqC&z-$}AFThcc338#=%--7%f_kI=F#?@mywa1
zmBFB~-H_XWlZ`o)g-w{rG1O4dfFH!+;Nb|%OfJbU%1ksAG7ta>vGZ{HrsgE&mloxv
z8VVTjfyB6Y*n?Axi!<}{43!NOK_bjNQpG@RiRr0&#i^+&hI%>q*_nEIsU_w4McIZ@
z1`=@VIT^*cvr|(Y@+(sF^fL1e<ivT63=K>S3=ND-EDX$|fLvn(V?z@tcM!R>iBSnT
z7#Ud^n41{+84Q{jxtN+585v$WzqRI1u30PDC@Ru)eZ7~x6yx<~tvwwzxowk}M0g8&
z>lP+-Y~=qrOLN8g*|XHum+_zaY#<z(IOE=enNvcmtD5S+oeNoXcmL1Y5Vk(EDT?|5
zEt{EU6l|S*yz`}o{<L}4Y)u?5Qsj${A7C*Pbc;)P@_uH}e^DNHMYq56oh}JCmtMON
zXj1Te_l39jifr%Mn03}pXV?<8xwJpVXWG#ReW&L(yyr+VJa#Ye(~Oh1w+O~Rd&CsX
z_x+<F<1CX_76yOqnU^)1AM9!W_wD*Qm-ow0uJ%k`@UyVRzV6Luo9A20RNq<@scf2l
z<v7<jWu{G!=C>BA&nnuoXUpnJ*QKWgcHfqjWnyMzU|bw*5NIF^OcJtuEMhDo8Z9k%
z!zAAw`hAe~XJx6iL$G?+9|L)iv@(l?fmj1}1)#JjE6m9FpM}+c8Au@qJ23SEgPoBf
zH$X#dR{690=Y3k|&k8i2%K1WCu2eze#VSRXRf*>7L>GOWCeF&z(v@)VHRIxDua}<l
z)-kU&2<3d|(9XEY;!pmxtgMAs@BHTGSnIvwugj+OMhh&CUz@%8-p3;yrEda$hUBbi
zX5Rc|+S*x;>6H%>tru@S61(|o(3HTp%JV;7Y-;2Bvitp;`Q6Pdf-_uFAOC*6H1LkY
zvqRTpn|CvR<i54qv3Jv{ZQO}J6@UKgX`i&Gdu94(wij2^T@2Qj@BDXUMbY&4o!(9-
zGbXLs&!(l%W$@AEtBlm#&b+hVxA!sK)jzMkBh}Pq*NU~8i(<5POSC9hH$P?m_?$_?
Pb82AFCueKj>f#mvcqxIt

literal 0
HcmV?d00001

diff --git a/Session/Meta/Certificates/storage-seed-3.der b/Session/Meta/Certificates/storage-seed-3.der
new file mode 100644
index 0000000000000000000000000000000000000000..3f50854a558e2efc6d4e6f12b3e9ee36c9ebcff4
GIT binary patch
literal 1013
zcmXqLV*Y5*#B_53GZP~dlZc1V>?HAa3-RuMGT$5%m9uzl?;bSZW#iOp^Jx3d%gD&h
z%3#pgZpdxG$;KSY!Y0h*7-}eJzz^bZ@Nk4>CYR(FWhNR583=%c*m*d8b5fJ?ON;VS
z4FwGNKw?}x?7^wU#hLkehROztAQ5IBsbZkE#Pn3X;?&d>W4)aG>`cA9)ROZ2qHIGc
z0|~hGoQz`J*{P`x`4y>odYSnKa^k#3h6W}Eh6YB)#s(HqK(4WYv7rf+JBVD`#HfTE
zjEt-d%uS5^3<gb%Tue=jj0}g0XYZ<$ow=|f%3^a)@&UVutV?G7b=%K7e+-<n$2;`W
zLvyBBeqIy9qxTO9w#)54(5D*RX7ysiOGaz|_J;xcryQL0f=eMr*lhWs!~@mYuhbu`
z-M`kqo?|~>c=e0+4Hq`A<mobMyE0ku3U9<!o=@j`FS)&nmga7?WLRC8s{gb5$_MxR
z4#pQR{pw|Xn=zrJOuyj4^LaB5%PyN{!M%F!o)s4~R{k_vyS3V6&b_Sx7I%V{Ju*LT
zemiwSouI_Oz1OzCd2nRv(ZHQvw!LrU%Q@^6%Bwk=^N$@{Yr)#mYsvI_aoVnPn%jeX
zUj$FxKY1GS>i(;1&e>hQ=4q;XI#!`@-LbhQnM}-#42+9|4FU~hfk{G^k420{WL2i{
z)b>oSg(j&s3~y#R=bdqVpk*Krl2&GsFc53Nt^kx4WrZ0T|Ff_fFas&%U<amNV6ZbX
zOzD}EaN(tY>jm#Pb$K;;=?kaNze^8OG*1n@&Y#b7!%uhFDt=j>;|YhCDlfaddTMa>
z)2*WadNpMGc-PH8-R=0}zwq~(qT=NJk?9ko^@D!;oj5(i<GM-p`fMf<yI=jP)8Bl0
z@aP)TKgkD~$3s&8E)-pQXYzdE1A$r<`y!8rFO}Q4>4H$R=S%mDX9b_R^dgRPe+)ga
zF2*p;dQw<kO8dq0s+|iz?@i?Ta`>`$cFFNK@0z~+VfJ?H3Y>Jr%X0Gt&r^o}wa+*0
zOg^GH*H19CT7ABLE60}!TXdEOq)Kd4dwP%e&ehL4hxQts$PIorPv?R_>FFc4^lH-9
P)jRLGd!3UnaI+i$gMEHx

literal 0
HcmV?d00001

diff --git a/SessionSnodeKit/SnodeAPI.swift b/SessionSnodeKit/SnodeAPI.swift
index f7f596646..8712ccaea 100644
--- a/SessionSnodeKit/SnodeAPI.swift
+++ b/SessionSnodeKit/SnodeAPI.swift
@@ -18,7 +18,7 @@ public final class SnodeAPI : NSObject {
     // MARK: Settings
     private static let maxRetryCount: UInt = 8
     private static let minimumSwarmSnodeCount = 3
-    private static let seedNodePool: Set<String> = [ "https://storage.seed1.loki.network", "https://storage.seed3.loki.network", "https://public.loki.foundation" ]
+    private static let seedNodePool: Set<String> = [ "https://storage.seed1.loki.network:4433", "https://storage.seed3.loki.network:4433", "https://public.loki.foundation:4433" ]
     private static let snodeFailureThreshold = 3
     private static let targetSwarmSnodeCount = 2
 
diff --git a/SessionUtilitiesKit/Networking/HTTP.swift b/SessionUtilitiesKit/Networking/HTTP.swift
index 793b298b4..78c7f1960 100644
--- a/SessionUtilitiesKit/Networking/HTTP.swift
+++ b/SessionUtilitiesKit/Networking/HTTP.swift
@@ -9,19 +9,19 @@ public enum HTTP {
 
     // MARK: Certificates
     private static let storageSeed1Cert: SecCertificate = {
-        let path = Bundle.main.path(forResource: "storage-seed-1", ofType: "crt")!
+        let path = Bundle.main.path(forResource: "storage-seed-1", ofType: "der")!
         let data = try! Data(contentsOf: URL(fileURLWithPath: path))
         return SecCertificateCreateWithData(nil, data as CFData)!
     }()
     
     private static let storageSeed3Cert: SecCertificate = {
-        let path = Bundle.main.path(forResource: "storage-seed-3", ofType: "crt")!
+        let path = Bundle.main.path(forResource: "storage-seed-3", ofType: "der")!
         let data = try! Data(contentsOf: URL(fileURLWithPath: path))
         return SecCertificateCreateWithData(nil, data as CFData)!
     }()
     
     private static let publicLokiFoundationCert: SecCertificate = {
-        let path = Bundle.main.path(forResource: "public-loki-foundation", ofType: "crt")!
+        let path = Bundle.main.path(forResource: "public-loki-foundation", ofType: "der")!
         let data = try! Data(contentsOf: URL(fileURLWithPath: path))
         return SecCertificateCreateWithData(nil, data as CFData)!
     }()