堆栈内存溢出
  简体   繁体   English

使用SSL固定的AFHTTPRequestOperation无法正常工作

[英]AFHTTPRequestOperation with SSL Pinning not working

 原文  2017-04-17 13:03:12       ios/ objective-c/ iphone/ ssl/ pinning

问题描述

I am using AFHTTPRequestOperation for my iPhone app (Objective-C). 我正在为我的iPhone应用程序(Objective-C)使用AFHTTPRequestOperation I need to enable the SSL pinning for my app. 我需要为我的应用启用SSL固定。

However, no matter the certificate that I have included in my app bundle is the correct or wrong, calling to my API is always successful. 但是,无论我包含在应用程序捆绑包中的证书是正确的还是错误的,调用我的API始终会成功。

Should the calling of my server API be failed if the certificate that I pinned in my app is the wrong cert? 如果我在应用中固定的证书是错误的证书,则服务器API调用是否应该失败?

This is the code that I have in the app: 这是我在应用程序中拥有的代码: 

- (AFHTTPRequestOperation *)HTTPRequestOperationWithRequest:(NSURLRequest *)request
                                                    success:(void (^)(AFHTTPRequestOperation *operation, id responseObject))success
                                                    failure:(void (^)(AFHTTPRequestOperation *operation, NSError *error))failure{
    AFHTTPRequestOperation *operation = [[AFHTTPRequestOperation alloc] initWithRequest:request];

    operation.responseSerializer = self.responseSerializer;
    operation.shouldUseCredentialStorage = self.shouldUseCredentialStorage;
    operation.credential = self.credential;
    //operation.securityPolicy = self.securityPolicy;

    AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
    NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"wrong_cert" ofType:@"cer"];
    NSData *certData = [NSData dataWithContentsOfFile:cerPath];
    [securityPolicy setAllowInvalidCertificates:NO];
    [securityPolicy setValidatesDomainName:YES];
    [securityPolicy setPinnedCertificates:@[certData]];
    [operation setSecurityPolicy:securityPolicy];

    [operation setCompletionBlockWithSuccess:success failure:failure];
    operation.completionQueue = self.completionQueue;
    operation.completionGroup = self.completionGroup;

    return operation;

}

Please advise. 请指教。 Thank you. 谢谢。

1 个解决方案

解决方案1
 0  2017-04-17 17:30:20

i implemented SSL Pinning succesfully with AFNetworking. 我通过AFNetworking成功实现了SSL固定。 Please ensure your certificate is valid before doing test. 在进行测试之前,请确保您的证书有效。 Look below code snippet. 请看下面的代码片段。 

AFHTTPRequestOperationManager *manager = [AFHTTPRequestOperationManager sharedManager];
    manager.responseSerializer = [AFJSONResponseSerializer serializer];
    manager.responseSerializer.acceptableContentTypes = [NSSet setWithObject:@"text/html"];
    AFHTTPRequestOperation *post = [manager POST:[NSString stringWithFormat:@"%@",url] parameters:nil success:^(AFHTTPRequestOperation *operation, id responseObject) {
        NSLog(@"JSON: %@", responseObject);

        [delegate requestCompleted:responseObject];
    } failure:^(AFHTTPRequestOperation *operation, NSError *error) {

        if([error.domain isEqualToString:@"NSURLErrorDomain"] && error.code == -1012){
            //SSL Pinning request failed

        } else if (!operation.cancelled) {

        }
    }];

    [post start];

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 通过Alamofire进行SSL固定不起作用 - SSL Pinning through Alamofire not working 在 iOS 中使用 AFNetworking 进行 SSL 固定不起作用 - SSL Pinning using AFNetworking in iOS not working SSL 固定不起作用(Objective-C,使用 NSURLSession) - SSL pinning not working (Objective-C, using NSURLSession) 反应原生 ssl 固定 - react native ssl pinning SSL固定客户端加密 - SSL pinning client encryption ATS和SSL固定 - ATS and SSL pinning 在iOS上进行SSL固定 - SSL Pinning on iOS SSL固定的安全性 - Security of SSL Pinning 使用AFNetworking 3.0进行SSL固定 - SSL Pinning with AFNetworking 3.0 使用AFNetworking进行SSL固定 - SSL Pinning with AFNetworking
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM