4877

Implementing ssl pinning in a react-native application using TrustKit iOS

<h3>Question</h3>

I'm trying to implement SSL pinning in a react-native application (RN 0.60) and I'm using Trustkit.

Following the guide posted in https://github.com/datatheorem/TrustKit these are the step that I've done:

1) Install TrustKit pod using pod 'TrustKit' and pod install

2) Added to my AppDelegate.m this piece of code:

#import <TrustKit/TrustKit.h> //inside didFinishLaunchingWithOptions NSDictionary *trustKitConfig = @{ kTSKSwizzleNetworkDelegates: @YES, kTSKPinnedDomains: @{ @"www.datatheorem.com" : @{ kTSKEnforcePinning:@YES, kTSKIncludeSubdomains:@YES, //Using wrong hashes so it fails kTSKPublicKeyHashes : @[ @"Ca5gV6n7OVx4AxtEaIk8NI9qyKBTtKJjwqullb/v9hh=", @"YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihh=" ] }}}; [TrustKit initSharedInstanceWithConfiguration:trustKitConfig];

When i try to do

RNFetchBlob.fetch('GET', "https://www.datatheorem.com", {}) //tried using standard fetch() but gives same results .then(async(res) => { console.log('RES => ' ,res) }) // Something went wrong: .catch((err) => { console.log('ERROR =>', err); })

It goes inside then and doesn't give any error but responds with a 200 status code (using wrong Hashes).

Otherwise, using Android it works correctly, going inside the catch and saying:

Error: Pin verification failed
<h3>Answer1:</h3>

So, I've came back to this and tried it out again and got it working. The only difference from my current code to the one i posted some time ago is that i added kTSKPublicKeyAlgorithms : @[kTSKAlgorithmRsa2048] inside a specific pinned domain.

I've followed the same steps i posted in the question. The final AppDelegate looks like:

Inside didFinishLaunchingWithOptions before the return YES, i added:

[self initTrustKit];

Then after the enclosing parenthesis of the didFinishLaunchingWithOptions i added:

- (void)initTrustKit { NSDictionary *trustKitConfig = @{ kTSKSwizzleNetworkDelegates: @YES, kTSKPinnedDomains : @{ @"www.datatheorem.com" : @{ kTSKEnforcePinning : @YES, kTSKIncludeSubdomains:@YES, kTSKPublicKeyHashes : @[ @"Ca5gV6n7OVx4AxtEaIk8NI9qyKBTtKJjwqullb/v9hh=", @"YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihh=" ], kTSKPublicKeyAlgorithms : @[kTSKAlgorithmRsa2048], }, }}; [TrustKit initSharedInstanceWithConfiguration:trustKitConfig]; }

Not it works in iOS returning going in the catch and printing : ERROR => cancelled


<h3>Answer2:</h3>

I have configure the TrustKit in the Info.plist. Also I notice that even though you have only 1 PublicKeyHash, you have to provide a dummy one as well for Trustkit to work in iOS apps.

来源:https://stackoverflow.com/questions/57755446/implementing-ssl-pinning-in-a-react-native-application-using-trustkit-ios

Recommend

  • Implementing ssl pinning in a react-native application using TrustKit iOS
  • Implementing ssl pinning in a react-native application using TrustKit iOS
  • Implementing ssl pinning in a react-native application using TrustKit iOS
  • How to solve the “update was not wrapped in act()” warning in testing-library-react?
  • global state store don't create change-log topic what is the workaround if input topic to globa
  • How to get Javascript variable from an HTML page?
  • Manipulate app permissions on iOS 8 simulator
  • Counting number of digits in a double C++
  • GC.start has no effect in Pry, but does in IRB
  • Django: How to get the truncated portion of “truncatewords”
  • C# - when to call base.OnSomething?
  • How to create jQuery datatable with multiple child rows(nested table)?
  • I keep getting this error, XML Parsing error: syntax error but still the website runs fine
  • Multiple hostnames and multiple privileges?
  • Disabling Add to Cart Button for Specific WooCommerce Products
  • Difference between Canvas and Grid to Move, Resize, Rotate UIElements
  • Rxjs Observable Lifecycle
  • Backing up data volume containers off machine
  • Null Pointer Exception in CodeNameone
  • Variable amount of columns returned in mysqli prepared statement
  • twitter bootstrap for high resolution mobile displays
  • matching end of string
  • Angular4 - Nested route with params
  • Can a java classloader load a class more than once
  • How to send the client id and secret id of OAuth2 using Angular 2?
  • How to hide 'Add To Cart' for variable products, but keep product variations visible
  • How I can specify how rainbow color scheme should be converted to grayscale
  • Swift + Autolayout: Rotate UILabel, keep it next to UIView
  • build an API for streaming audio/video from GridFS mongodb
  • handlers inside a component invoking eachothers code by mistake
  • Move elements from a listbox to another
  • Is there a way to run c# forms application without showing a gui window (like a console application)
  • Dynamically change JavaFX css property
  • create circular Auto Horizontal Scroll View?
  • Splitting ReportLab table across PDF page (side by side)?
  • Julia 1.0 UndefVarError - Scope of Variable
  • How to merge objects within array based on attribute
  • how to get the location(lat/lng) on google maps v3 from the location(x,y)