stackoom
  简体   繁体   中英

AFHTTPRequestOperation with SSL Pinning not working

 原文  2017-04-17 13:03:12       ios/ objective-c/ iphone/ ssl/ pinning

Question

I am using AFHTTPRequestOperation for my iPhone app (Objective-C). I need to enable the SSL pinning for my app.

However, no matter the certificate that I have included in my app bundle is the correct or wrong, calling to my API is always successful.

Should the calling of my server API be failed if the certificate that I pinned in my app is the wrong cert?

This is the code that I have in the app: 

- (AFHTTPRequestOperation *)HTTPRequestOperationWithRequest:(NSURLRequest *)request
                                                    success:(void (^)(AFHTTPRequestOperation *operation, id responseObject))success
                                                    failure:(void (^)(AFHTTPRequestOperation *operation, NSError *error))failure{
    AFHTTPRequestOperation *operation = [[AFHTTPRequestOperation alloc] initWithRequest:request];

    operation.responseSerializer = self.responseSerializer;
    operation.shouldUseCredentialStorage = self.shouldUseCredentialStorage;
    operation.credential = self.credential;
    //operation.securityPolicy = self.securityPolicy;

    AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
    NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"wrong_cert" ofType:@"cer"];
    NSData *certData = [NSData dataWithContentsOfFile:cerPath];
    [securityPolicy setAllowInvalidCertificates:NO];
    [securityPolicy setValidatesDomainName:YES];
    [securityPolicy setPinnedCertificates:@[certData]];
    [operation setSecurityPolicy:securityPolicy];

    [operation setCompletionBlockWithSuccess:success failure:failure];
    operation.completionQueue = self.completionQueue;
    operation.completionGroup = self.completionGroup;

    return operation;

}

Please advise. Thank you.

1 answers

solution1
 0  2017-04-17 17:30:20

i implemented SSL Pinning succesfully with AFNetworking. Please ensure your certificate is valid before doing test. Look below code snippet. 

AFHTTPRequestOperationManager *manager = [AFHTTPRequestOperationManager sharedManager];
    manager.responseSerializer = [AFJSONResponseSerializer serializer];
    manager.responseSerializer.acceptableContentTypes = [NSSet setWithObject:@"text/html"];
    AFHTTPRequestOperation *post = [manager POST:[NSString stringWithFormat:@"%@",url] parameters:nil success:^(AFHTTPRequestOperation *operation, id responseObject) {
        NSLog(@"JSON: %@", responseObject);

        [delegate requestCompleted:responseObject];
    } failure:^(AFHTTPRequestOperation *operation, NSError *error) {

        if([error.domain isEqualToString:@"NSURLErrorDomain"] && error.code == -1012){
            //SSL Pinning request failed

        } else if (!operation.cancelled) {

        }
    }];

    [post start];

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SSL Pinning through Alamofire not working SSL Pinning using AFNetworking in iOS not working SSL pinning not working (Objective-C, using NSURLSession) react native ssl pinning SSL pinning client encryption ATS and SSL pinning SSL Pinning on iOS Security of SSL Pinning SSL Pinning with AFNetworking 3.0 SSL Pinning with AFNetworking
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM