iOS Question Certificate pinning in iOS

JordiCP

Expert
Licensed User
Longtime User
My app makes Https requests against a server's API in order to work. Now I need to use certificate pinning to communicate with this server.

Searched the forum but only could find threads regarding pinning in B4A forum, but not B4I (perhaps I missed something)

Seems that it can be done with Trustkit, and I think that i can manage to add the needed initialization. But, according to this page, it is needed to add some code in the NSURLSessionDelegate 'didreceivechallenge'


After TrustKit has been initialized, a TSKPinningValidator instance can be retrieved from the TrustKit singleton, and can be used to perform SSL pinning validation in the App's network delegates. For example in an NSURLSessionDelegate::
- (void)URLSession:(NSURLSession *)session
              task:(NSURLSessionTask *)task
didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge
 completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler {
{
    TSKPinningValidator *pinningValidator = [[TrustKit sharedInstance] pinningValidator];
    // Pass the authentication challenge to the validator; if the validation fails, the connection will be blocked
    if (![pinningValidator handleChallenge:challenge completionHandler:completionHandler])
    {
        // TrustKit did not handle this challenge: perhaps it was not for server trust
        // or the domain was not pinned. Fall back to the default behavior
        completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
    }
}

So, my question is:

Is there any way to access this delegate event (in httpClient?) so that I can add code there?


Thanks in advance!
 

JordiCP

Expert
Licensed User
Longtime User
Thanks.
So I guess that the way to go for certificate pinning is to handle the requests natively, or are there other ways that I have missed?
 
Upvote 0
Top