Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrating TrustKit Framework #554

Merged
merged 11 commits into from
Aug 19, 2016
Merged

Integrating TrustKit Framework #554

merged 11 commits into from
Aug 19, 2016

Conversation

jleandroperez
Copy link
Contributor

@jleandroperez jleandroperez commented Aug 18, 2016
edited

Description:

This PR wires TrustKit into Simperium: we're replacing SocketRocket former pinning mechanism.

Testing scenarios below.

Needs Review: @roundhill @astralbodies

Thanks in advance!!!

Scenario: Pinning Disabled!

  1. Clone both, Simperium + Simplenote repositories
  2. Map Simplenote to your local Simperium checkout: pod 'Simperium', :path => '../simperium-ios/'
  3. Pod install please!
  4. Run Simplenote

Verify that no TrustKit legend shows up in the console. Sync'ing should work seamlessly.

Scenario: Pinning Enabled

  1. Repeat steps 1-3
  2. Open Simplenote's SPAppDelegate.m (method setupSimperium) and add this line: [_simperium setCertificatePinningEnabled:YES]
  3. Run Simplenote

Verify the console logs. TrustKit should get initialized, and sync'ing should be working fine.

Verify Signatures!

  1. Extract the PEM:
    openssl s_client -showcerts -host api.simperium.com -port 443
  2. Save the first certificate *.simperium.cominto a .pem file.
  3. Calculate the Public Key Hash
    ./External/TrustKit/get_pin_from_certificate.py certificate.pem
  4. Verify that the key included in SPEnvironment.m matches

@jleandroperez jleandroperez added this to the v0.8.17 milestone Aug 18, 2016
@astralbodies
Copy link

astralbodies commented Aug 19, 2016
edited

Appears to work wonderfully, @jleandroperez!

:shipit:

@astralbodies astralbodies self-assigned this Aug 19, 2016
@jleandroperez
Copy link
Contributor Author

Thank you sir!!

@jleandroperez jleandroperez merged commit 3e21c6c into develop Aug 19, 2016
@jleandroperez jleandroperez deleted the trustkit-integration branch August 19, 2016 14:18
This was referenced Aug 19, 2016
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@astralbodies astralbodies

Labels
None yet
Projects
None yet
Milestone
v0.8.17
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jleandroperez @astralbodies