Skip to content
Permalink
Browse files

Added test and implementation for self signed cert against AFSSLPinni…

…ngMo..

deNone

Without this change the whole library can default to letting certs
through with various settings that would suggest otherwise. And there
was not a test to check this.

Also corrected the note an adjacent test, which was incongruous with
the test and the title of the test.
  • Loading branch information...
duttski committed Mar 12, 2015
1 parent 4d635e3 commit 06de5bee405216027f75372aaba3798d2256b0af
Showing with 21 additions and 7 deletions.
  1. +11 −4 AFNetworking/AFSecurityPolicy.m
  2. +10 −3 Tests/Tests/AFSecurityPolicyTests.m
@@ -254,14 +254,21 @@ - (BOOL)evaluateServerTrust:(SecTrustRef)serverTrust

SecTrustSetPolicies(serverTrust, (__bridge CFArrayRef)policies);

if (self.SSLPinningMode != AFSSLPinningModeNone && !AFServerTrustIsValid(serverTrust) && !self.allowInvalidCertificates) {
if(self.SSLPinningMode == AFSSLPinningModeNone) {
//there are no pinned certificates or keys; we have to return at this point
if(self.allowInvalidCertificates || AFServerTrustIsValid(serverTrust)){
return YES;
} else {
return NO;
}
} else if(!AFServerTrustIsValid(serverTrust) && !self.allowInvalidCertificates) {
return NO;
}

NSArray *serverCertificates = AFCertificateTrustChainForServerTrust(serverTrust);
switch (self.SSLPinningMode) {
case AFSSLPinningModeNone:
return YES;
default:// -- we don't expect to reach here if we are AFSSLPinningModeNone
return NO;//as such, err on the side of caution
case AFSSLPinningModeCertificate: {
NSMutableArray *pinnedCertificates = [NSMutableArray array];
for (NSData *certificateData in self.pinnedCertificates) {
@@ -514,10 +514,17 @@ - (void)testDefaultPolicyIsSetToAFSSLPinningModePublicKey {
XCTAssert(policy.SSLPinningMode==AFSSLPinningModeNone, @"Default policy is not set to AFSSLPinningModePublicKey.");
}

- (void)testDefaultPolicyIsSetToNotAllowInvalidSSLCertificates {
AFSecurityPolicy *policy = [AFSecurityPolicy defaultPolicy];
- (void)testDefaultPolicySetToNoneValidatesDomainFailsWithBadCertificate {
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
SecTrustRef trust = AFUTTrustWithCertificate(AFUTSelfSignedCertificateWithoutDomain());
XCTAssert([policy evaluateServerTrust:trust forDomain:nil] == NO, @"Unmatched certificate and pinning mode None should fail");
CFRelease(trust);
}

XCTAssert(policy.allowInvalidCertificates == NO, @"Default policy should not allow invalid ssl certificates");
- (void)testDefaultPolicyIsSetToAFSSLPinningModeNone {
AFSecurityPolicy *policy = [AFSecurityPolicy defaultPolicy];

XCTAssert(policy.SSLPinningMode==AFSSLPinningModeNone, @"Default policy is not set to AFSSLPinningModeNone.");
}

- (void)testPolicyWithPinningModeIsSetToNotAllowInvalidSSLCertificates {

0 comments on commit 06de5be

Please sign in to comment.
You can’t perform that action at this time.